Java Code Examples for java.security.cert.CertPathValidator#getInstance()
The following examples show how to use
java.security.cert.CertPathValidator#getInstance() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: ValWithAnchorByName.java From openjdk-jdk9 with GNU General Public License v2.0 | 7 votes |
|
private static void runTest(CertificateFactory cf,
List<X509Certificate> certList, TrustAnchor anchor)
throws Exception {
CertPath path = cf.generateCertPath(certList);
CertPathValidator validator = CertPathValidator.getInstance("PKIX");
System.out.println(anchor);
// Attach the OCSP responses to a PKIXParameters object
PKIXRevocationChecker pkrev =
(PKIXRevocationChecker)validator.getRevocationChecker();
Map<X509Certificate, byte[]> responseMap = new HashMap<>();
responseMap.put(certList.get(0), DECODER.decode(EE_OCSP_RESP));
responseMap.put(certList.get(1), DECODER.decode(INT_CA_OCSP_RESP));
pkrev.setOcspResponses(responseMap);
PKIXParameters params =
new PKIXParameters(Collections.singleton(anchor));
params.addCertPathChecker(pkrev);
params.setDate(EVAL_DATE);
validator.validate(path, params);
}
Example 2
| Source File: CachedCertPathValidator.java From swellrt with Apache License 2.0 | 6 votes |
|
private void validateNoCache(List<? extends X509Certificate> certs)
throws SignatureException {
try {
CertPathValidator validator = CertPathValidator.getInstance(
VALIDATOR_TYPE);
PKIXParameters params = new PKIXParameters(trustRoots);
params.addCertPathChecker(WAVE_OID_CHECKER);
params.setDate(timeSource.now());
// turn off default revocation-checking mechanism
params.setRevocationEnabled(false);
// TODO: add a way for clients to add certificate revocation checks,
// perhaps by letting them pass in PKIXCertPathCheckers. This can also be
// useful to check for Wave-specific certificate extensions.
CertificateFactory certFactory = CertificateFactory.getInstance(
CERTIFICATE_TYPE);
CertPath certPath = certFactory.generateCertPath(certs);
validator.validate(certPath, params);
} catch (GeneralSecurityException e) {
throw new SignatureException("Certificate validation failure", e);
}
}
Example 3
| Source File: JKSValidator.java From knopflerfish.org with BSD 3-Clause "New" or "Revised" License | 5 votes |
|
/**
*
*/
private CertPathValidator getCertPathValidator()
throws GeneralSecurityException
{
if (certValidator == null) {
if (certProvider.length() > 0) {
certValidator = CertPathValidator.getInstance("PKIX", certProvider);
} else {
certValidator = CertPathValidator.getInstance("PKIX");
}
}
return certValidator;
}
Example 4
| Source File: ValidatePathWithParams.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
/**
* Constructor
*
* @param additionalTrustRoots trusted root certificates
* @throws IOException
* @throws CertificateException
* @throws NoSuchAlgorithmException
*/
public ValidatePathWithParams(String[] additionalTrustRoots)
throws IOException, CertificateException, NoSuchAlgorithmException {
cf = CertificateFactory.getInstance("X509");
certPathValidator = CertPathValidator.getInstance("PKIX");
certPathChecker
= (PKIXRevocationChecker) certPathValidator.getRevocationChecker();
if ((additionalTrustRoots == null) || (additionalTrustRoots[0] == null)) {
trustedRootCerts = null;
} else {
trustedRootCerts = additionalTrustRoots.clone();
}
}
Example 5
| Source File: DeviceCertificateValidator.java From hono with Eclipse Public License 2.0 | 5 votes |
|
/**
* {@inheritDoc}
*/
@Override
public Future<Void> validate(final List<X509Certificate> chain, final Set<TrustAnchor> trustAnchors) {
Objects.requireNonNull(chain);
Objects.requireNonNull(trustAnchors);
if (chain.isEmpty()) {
throw new IllegalArgumentException("certificate chain must not be empty");
} else if (trustAnchors.isEmpty()) {
throw new IllegalArgumentException("trust anchor list must not be empty");
}
final Promise<Void> result = Promise.promise();
try {
final PKIXParameters params = new PKIXParameters(trustAnchors);
// TODO do we need to check for revocation?
params.setRevocationEnabled(false);
final CertificateFactory factory = CertificateFactory.getInstance("X.509");
final CertPath path = factory.generateCertPath(chain);
final CertPathValidator validator = CertPathValidator.getInstance("PKIX");
validator.validate(path, params);
LOG.debug("validation of device certificate [subject DN: {}] succeeded",
chain.get(0).getSubjectX500Principal().getName());
result.complete();
} catch (GeneralSecurityException e) {
LOG.debug("validation of device certificate [subject DN: {}] failed",
chain.get(0).getSubjectX500Principal().getName(), e);
if (e instanceof CertificateException) {
result.fail(e);
} else {
result.fail(new CertificateException("validation of device certificate failed", e));
}
}
return result.future();
}
Example 6
| Source File: ExportControlled.java From lams with GNU General Public License v2.0 | 3 votes |
|
public X509TrustManagerWrapper(X509TrustManager tm, boolean verifyServerCertificate, String hostName) throws CertificateException {
this.origTm = tm;
this.verifyServerCert = verifyServerCertificate;
this.hostName = hostName;
if (verifyServerCertificate) {
try {
Set<TrustAnchor> anch = Arrays.stream(tm.getAcceptedIssuers()).map(c -> new TrustAnchor(c, null)).collect(Collectors.toSet());
this.validatorParams = new PKIXParameters(anch);
this.validatorParams.setRevocationEnabled(false);
this.validator = CertPathValidator.getInstance("PKIX");
this.certFactory = CertificateFactory.getInstance("X.509");
} catch (Exception e) {
throw new CertificateException(e);
}
}
}
Example 7
| Source File: CertUtils.java From jdk8u-jdk with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On failure, throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static PKIXCertPathValidatorResult validate
(CertPath path, PKIXParameters params) throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
return (PKIXCertPathValidatorResult) validator.validate(path, params);
}
Example 8
| Source File: ValidateNC.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX", "SUN");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 9
| Source File: ValidateTargetConstraints.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 10
| Source File: CertUtils.java From jdk8u60 with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On failure, throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static PKIXCertPathValidatorResult validate
(CertPath path, PKIXParameters params) throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
return (PKIXCertPathValidatorResult) validator.validate(path, params);
}
Example 11
| Source File: VerifyNameConstraints.java From openjdk-8-source with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On success, print the
* CertPathValidatorResult on System.out. On failure,
* throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 12
| Source File: CertUtils.java From TencentKona-8 with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On failure, throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static PKIXCertPathValidatorResult validate
(CertPath path, PKIXParameters params) throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
return (PKIXCertPathValidatorResult) validator.validate(path, params);
}
Example 13
| Source File: ValidateTargetConstraints.java From openjdk-8 with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 14
| Source File: CertUtils.java From openjdk-8-source with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On failure, throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static PKIXCertPathValidatorResult validate
(CertPath path, PKIXParameters params) throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
return (PKIXCertPathValidatorResult) validator.validate(path, params);
}
Example 15
| Source File: VerifyNameConstraints.java From TencentKona-8 with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On success, print the
* CertPathValidatorResult on System.out. On failure,
* throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 16
| Source File: CertUtils.java From jdk8u-jdk with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On failure, throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static PKIXCertPathValidatorResult validate
(CertPath path, PKIXParameters params) throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
return (PKIXCertPathValidatorResult) validator.validate(path, params);
}
Example 17
| Source File: ValidateTargetConstraints.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 18
| Source File: ValidateNC.java From jdk8u_jdk with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX", "SUN");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 19
| Source File: CertUtils.java From openjdk-jdk8u with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On failure, throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static PKIXCertPathValidatorResult validate
(CertPath path, PKIXParameters params) throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
return (PKIXCertPathValidatorResult) validator.validate(path, params);
}
Example 20
| Source File: ValidateTargetConstraints.java From openjdk-8-source with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
