java.security.cert.PKIXParameters Java Examples

The following examples show how to use java.security.cert.PKIXParameters. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ValWithAnchorByName.java    From openjdk-jdk9 with GNU General Public License v2.0 7 votes vote down vote up
private static void runTest(CertificateFactory cf,
        List<X509Certificate> certList, TrustAnchor anchor)
        throws Exception {
    CertPath path = cf.generateCertPath(certList);
    CertPathValidator validator = CertPathValidator.getInstance("PKIX");

    System.out.println(anchor);

    // Attach the OCSP responses to a PKIXParameters object
    PKIXRevocationChecker pkrev =
            (PKIXRevocationChecker)validator.getRevocationChecker();
    Map<X509Certificate, byte[]> responseMap = new HashMap<>();
    responseMap.put(certList.get(0), DECODER.decode(EE_OCSP_RESP));
    responseMap.put(certList.get(1), DECODER.decode(INT_CA_OCSP_RESP));
    pkrev.setOcspResponses(responseMap);
    PKIXParameters params =
            new PKIXParameters(Collections.singleton(anchor));
    params.addCertPathChecker(pkrev);
    params.setDate(EVAL_DATE);

    validator.validate(path, params);
}
 
Example #2
Source File: ValidateNC.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
 
Example #3
Source File: ValidateTargetConstraints.java    From jdk8u-dev-jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
 
Example #4
Source File: ValidateTargetConstraints.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
 
Example #5
Source File: ValidateTargetConstraints.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
 
Example #6
Source File: ExtendedPKIXBuilderParameters.java    From RipplePower with Apache License 2.0 6 votes vote down vote up
/**
 * Returns an instance of <code>ExtendedPKIXParameters</code> which can be
 * safely casted to <code>ExtendedPKIXBuilderParameters</code>.
 * <p>
 * This method can be used to get a copy from other
 * <code>PKIXBuilderParameters</code>, <code>PKIXParameters</code>,
 * and <code>ExtendedPKIXParameters</code> instances.
 * 
 * @param pkixParams The PKIX parameters to create a copy of.
 * @return An <code>ExtendedPKIXBuilderParameters</code> instance.
 */
public static ExtendedPKIXParameters getInstance(PKIXParameters pkixParams)
{
    ExtendedPKIXBuilderParameters params;
    try
    {
        params = new ExtendedPKIXBuilderParameters(pkixParams
                .getTrustAnchors(), X509CertStoreSelector
                .getInstance((X509CertSelector) pkixParams
                        .getTargetCertConstraints()));
    }
    catch (Exception e)
    {
        // cannot happen
        throw new RuntimeException(e.getMessage());
    }
    params.setParams(pkixParams);
    return params;
}
 
Example #7
Source File: GenericX509TrustManager.java    From Android-Application-ZJB with Apache License 2.0 6 votes vote down vote up
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
    try {
        this.mOriginalX509TrustManager.checkServerTrusted(chain, authType);
    } catch (CertificateException e1) {
        try {
            X509Certificate[] ex = this.reorderCertificateChain(chain);
            CertPathValidator validator = CertPathValidator.getInstance("PKIX");
            CertificateFactory factory = CertificateFactory.getInstance("X509");
            CertPath certPath = factory.generateCertPath(Arrays.asList(ex));
            PKIXParameters params = new PKIXParameters(this.mTrustStore);
            params.setRevocationEnabled(false);
            validator.validate(certPath, params);
        } catch (Exception e) {
            throw e1;
        }
    }

}
 
Example #8
Source File: ValidateTargetConstraints.java    From jdk8u60 with GNU General Public License v2.0 6 votes vote down vote up
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
 
Example #9
Source File: ValidateNC.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
 
Example #10
Source File: CachedCertPathValidator.java    From incubator-retired-wave with Apache License 2.0 6 votes vote down vote up
private void validateNoCache(List<? extends X509Certificate> certs)
    throws SignatureException {
  try {
    CertPathValidator validator = CertPathValidator.getInstance(
        VALIDATOR_TYPE);
    PKIXParameters params = new PKIXParameters(trustRoots);
    params.addCertPathChecker(WAVE_OID_CHECKER);
    params.setDate(timeSource.now());

    // turn off default revocation-checking mechanism
    params.setRevocationEnabled(false);

    // TODO: add a way for clients to add certificate revocation checks,
    // perhaps by letting them pass in PKIXCertPathCheckers. This can also be
    // useful to check for Wave-specific certificate extensions.

    CertificateFactory certFactory = CertificateFactory.getInstance(
        CERTIFICATE_TYPE);
    CertPath certPath = certFactory.generateCertPath(certs);
    validator.validate(certPath, params);
  } catch (GeneralSecurityException e) {
    throw new SignatureException("Certificate validation failure", e);
  }
}
 
Example #11
Source File: ExportControlled.java    From FoxTelem with GNU General Public License v3.0 6 votes vote down vote up
public X509TrustManagerWrapper(X509TrustManager tm, boolean verifyServerCertificate, String hostName) throws CertificateException {
    this.origTm = tm;
    this.verifyServerCert = verifyServerCertificate;
    this.hostName = hostName;

    if (verifyServerCertificate) {
        try {
            Set<TrustAnchor> anch = Arrays.stream(tm.getAcceptedIssuers()).map(c -> new TrustAnchor(c, null)).collect(Collectors.toSet());
            this.validatorParams = new PKIXParameters(anch);
            this.validatorParams.setRevocationEnabled(false);
            this.validator = CertPathValidator.getInstance("PKIX");
            this.certFactory = CertificateFactory.getInstance("X.509");
        } catch (Exception e) {
            throw new CertificateException(e);
        }
    }

}
 
Example #12
Source File: ValidateNC.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
 
Example #13
Source File: PKIXCRLUtil.java    From RipplePower with Apache License 2.0 6 votes vote down vote up
public Set findCRLs(X509CRLStoreSelector crlselect, PKIXParameters paramsPKIX)
    throws AnnotatedException
{
    Set completeSet = new HashSet();

    // get complete CRL(s)
    try
    {
        completeSet.addAll(findCRLs(crlselect, paramsPKIX.getCertStores()));
    }
    catch (AnnotatedException e)
    {
        throw new AnnotatedException("Exception obtaining complete CRLs.", e);
    }

    return completeSet;
}
 
Example #14
Source File: ValidateNC.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
 
Example #15
Source File: ValidateTargetConstraints.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
 
Example #16
Source File: ExtendedPKIXBuilderParameters.java    From ripple-lib-java with ISC License 6 votes vote down vote up
/**
 * Returns an instance of <code>ExtendedPKIXParameters</code> which can be
 * safely casted to <code>ExtendedPKIXBuilderParameters</code>.
 * <p>
 * This method can be used to get a copy from other
 * <code>PKIXBuilderParameters</code>, <code>PKIXParameters</code>,
 * and <code>ExtendedPKIXParameters</code> instances.
 * 
 * @param pkixParams The PKIX parameters to create a copy of.
 * @return An <code>ExtendedPKIXBuilderParameters</code> instance.
 */
public static ExtendedPKIXParameters getInstance(PKIXParameters pkixParams)
{
    ExtendedPKIXBuilderParameters params;
    try
    {
        params = new ExtendedPKIXBuilderParameters(pkixParams
                .getTrustAnchors(), X509CertStoreSelector
                .getInstance((X509CertSelector) pkixParams
                        .getTargetCertConstraints()));
    }
    catch (Exception e)
    {
        // cannot happen
        throw new RuntimeException(e.getMessage());
    }
    params.setParams(pkixParams);
    return params;
}
 
Example #17
Source File: PKIXCRLUtil.java    From ripple-lib-java with ISC License 6 votes vote down vote up
public Set findCRLs(X509CRLStoreSelector crlselect, PKIXParameters paramsPKIX)
    throws AnnotatedException
{
    Set completeSet = new HashSet();

    // get complete CRL(s)
    try
    {
        completeSet.addAll(findCRLs(crlselect, paramsPKIX.getCertStores()));
    }
    catch (AnnotatedException e)
    {
        throw new AnnotatedException("Exception obtaining complete CRLs.", e);
    }

    return completeSet;
}
 
Example #18
Source File: ValidateNC.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
 
Example #19
Source File: ValidateTargetConstraints.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
 
Example #20
Source File: JKSValidator.java    From knopflerfish.org with BSD 3-Clause "New" or "Revised" License 6 votes vote down vote up
/**
 * 
 */
private CertPathParameters getCertPathParameters(KeyStore keystore)
  throws GeneralSecurityException
{
  HashSet<TrustAnchor> tas = new HashSet<TrustAnchor>();
  for (Enumeration<String> e = keystore.aliases(); e.hasMoreElements(); ) {
    String name = e.nextElement();
    Certificate c = keystore.getCertificate(name);
    if (c != null) {
      if (trustKeys || keystore.isCertificateEntry(name)) {
        tas.add(new TrustAnchor((X509Certificate)c, null)); 
      }
    }
  }
  PKIXParameters p = new PKIXParameters(tas);
  // NYI! Handle CRLs
  p.setRevocationEnabled(false);
  if (validationDate != null) {
    p.setDate(validationDate);
  }
  return p;
}
 
Example #21
Source File: ValidateNC.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
 
Example #22
Source File: CachedCertPathValidator.java    From swellrt with Apache License 2.0 6 votes vote down vote up
private void validateNoCache(List<? extends X509Certificate> certs)
    throws SignatureException {
  try {
    CertPathValidator validator = CertPathValidator.getInstance(
        VALIDATOR_TYPE);
    PKIXParameters params = new PKIXParameters(trustRoots);
    params.addCertPathChecker(WAVE_OID_CHECKER);
    params.setDate(timeSource.now());

    // turn off default revocation-checking mechanism
    params.setRevocationEnabled(false);

    // TODO: add a way for clients to add certificate revocation checks,
    // perhaps by letting them pass in PKIXCertPathCheckers. This can also be
    // useful to check for Wave-specific certificate extensions.

    CertificateFactory certFactory = CertificateFactory.getInstance(
        CERTIFICATE_TYPE);
    CertPath certPath = certFactory.generateCertPath(certs);
    validator.validate(certPath, params);
  } catch (GeneralSecurityException e) {
    throw new SignatureException("Certificate validation failure", e);
  }
}
 
Example #23
Source File: ExportControlled.java    From r-course with MIT License 6 votes vote down vote up
public X509TrustManagerWrapper(X509TrustManager tm, boolean verifyServerCertificate) throws CertificateException {
    this.origTm = tm;
    this.verifyServerCert = verifyServerCertificate;

    if (verifyServerCertificate) {
        try {
            Set<TrustAnchor> anch = new HashSet<TrustAnchor>();
            for (X509Certificate cert : tm.getAcceptedIssuers()) {
                anch.add(new TrustAnchor(cert, null));
            }
            this.validatorParams = new PKIXParameters(anch);
            this.validatorParams.setRevocationEnabled(false);
            this.validator = CertPathValidator.getInstance("PKIX");
            this.certFactory = CertificateFactory.getInstance("X.509");
        } catch (Exception e) {
            throw new CertificateException(e);
        }
    }
}
 
Example #24
Source File: ValidateNC.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
 
Example #25
Source File: ValidateTargetConstraints.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
 
Example #26
Source File: ValidateTargetConstraints.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
 
Example #27
Source File: VerifyNameConstraints.java    From openjdk-8 with GNU General Public License v2.0 5 votes vote down vote up
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
}
 
Example #28
Source File: PKIXExtendedParameters.java    From ripple-lib-java with ISC License 5 votes vote down vote up
public Builder(PKIXParameters baseParameters)
{
    this.baseParameters = (PKIXParameters)baseParameters.clone();
    CertSelector constraints = baseParameters.getTargetCertConstraints();
    if (constraints != null)
    {
        this.targetConstraints = new PKIXCertStoreSelector.Builder(constraints).build();
    }
    Date checkDate = baseParameters.getDate();
    this.date = (checkDate == null) ? new Date() : checkDate;
    this.revocationEnabled = baseParameters.isRevocationEnabled();
    this.trustAnchors = baseParameters.getTrustAnchors();
}
 
Example #29
Source File: VerifyNameConstraints.java    From jdk8u-dev-jdk with GNU General Public License v2.0 5 votes vote down vote up
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
}
 
Example #30
Source File: VerifyNameConstraints.java    From dragonwell8_jdk with GNU General Public License v2.0 5 votes vote down vote up
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
}