Package java.security.cert

Examples of java.security.cert.CertPathValidator

154
155
156
157
158
159
160
161
162
163
164
165
            // Do not check a revocation list
            param.setRevocationEnabled(false);

            // Verify the trust path using the above settings           
            CertPathValidator certPathValidator = CertPathValidator.getInstance("PKIX");
            certPathValidator.validate(path, param);
        } catch (NoSuchAlgorithmException ex) {
            throw new WSSecurityException(WSSecurityException.FAILURE,
                    "certpath",
                    new Object[]{ex.getMessage()},
                    (Throwable) ex);
View Full Code Here
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
            param.setRevocationEnabled(false);

            // Verify the trust path using the above settings
            String provider = properties
                    .getProperty("org.apache.ws.security.crypto.merlin.cert.provider");
            CertPathValidator certPathValidator;
            if (provider == null || provider.length() == 0) {
                certPathValidator = CertPathValidator.getInstance("PKIX");
            } else {
                certPathValidator = CertPathValidator.getInstance("PKIX",
                        provider);
            }
            certPathValidator.validate(path, param);
        } catch (NoSuchProviderException ex) {
            throw new WSSecurityException(WSSecurityException.FAILURE,
                    "certpath", new Object[] { ex.getMessage() },
                    (Throwable) ex);
        } catch (NoSuchAlgorithmException ex) {
View Full Code Here
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
            // Do not check a revocation list
            param.setRevocationEnabled(false);

            // Verify the trust path using the above settings
            String provider = getCryptoProvider();
            CertPathValidator validator = null;
            if (provider == null || provider.length() == 0) {
                validator = CertPathValidator.getInstance("PKIX");
            } else {
                validator = CertPathValidator.getInstance("PKIX", provider);
            }
            validator.validate(path, param);
            return true;
        } catch (java.security.NoSuchProviderException e) {
                throw new WSSecurityException(
                    WSSecurityException.FAILURE, "certpath",
                    new Object[] { e.getMessage() }, e
View Full Code Here
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
            // Do not check a revocation list
            param.setRevocationEnabled(false);

            // Verify the trust path using the above settings
            String provider = getCryptoProvider();
            CertPathValidator validator = null;
            if (provider == null || provider.length() == 0) {
                validator = CertPathValidator.getInstance("PKIX");
            } else {
                validator = CertPathValidator.getInstance("PKIX", provider);
            }
            validator.validate(path, param);
            return true;
        } catch (java.security.NoSuchProviderException e) {
                throw new WSSecurityException(
                    WSSecurityException.FAILURE, "certpath",
                    new Object[] { e.getMessage() }, e
View Full Code Here
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
    protected static CertPathValidatorResult processAttrCert2(
        CertPath certPath, ExtendedPKIXParameters pkixParams)
        throws CertPathValidatorException
    {
        CertPathValidator validator = null;
        try
        {
            validator = CertPathValidator.getInstance("PKIX", "BC");
        }
        catch (NoSuchProviderException e)
        {
            throw new ExtCertPathValidatorException(
                "Support class could not be created.", e);
        }
        catch (NoSuchAlgorithmException e)
        {
            throw new ExtCertPathValidatorException(
                "Support class could not be created.", e);
        }
        try
        {
            return validator.validate(certPath, pkixParams);
        }
        catch (CertPathValidatorException e)
        {
            throw new ExtCertPathValidatorException(
                "Certification path for issuer certificate of attribute certificate could not be validated.",
View Full Code Here
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
        }

        tbvPath.add(tbvCert);

        CertificateFactory cFact;
        CertPathValidator validator;
        CertPathBuilderResult builderResult = null;

        try
        {
            cFact = CertificateFactory.getInstance("X.509", "BC");
            validator = CertPathValidator.getInstance("RFC3281", "BC");
        }
        catch (Exception e)
        {
            // cannot happen
            throw new RuntimeException(
                            "Exception creating support classes.");
        }

        try
        {
            // check whether the issuer of <tbvCert> is a TrustAnchor
            if (CertPathValidatorUtilities.findTrustAnchor(tbvCert, pkixParams.getTrustAnchors(),
                pkixParams.getSigProvider()) != null)
            {
                CertPath certPath;
                PKIXCertPathValidatorResult result;
                try
                {
                    certPath = cFact.generateCertPath(tbvPath);
                }
                catch (Exception e)
                {
                    throw new AnnotatedException(
                                            "Certification path could not be constructed from certificate list.",
                                            e);
                }

                try
                {
                    result = (PKIXCertPathValidatorResult) validator.validate(
                            certPath, pkixParams);
                }
                catch (Exception e)
                {
                    throw new AnnotatedException(
View Full Code Here
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
      List list = new ArrayList(1);
      list.add(cert);

      CertPath cp;
      CertPathValidator cpv;
      PKIXParameters parameters;

      try
      {
         cp = CertificateFactory.getInstance("X.509").generateCertPath(list);
         cpv = CertPathValidator.getInstance("PKIX");
         parameters = new PKIXParameters(trustStore);

         // We currently don't support CRLs
         parameters.setRevocationEnabled(false);
      }
      catch (Exception e)
      {
         throw new WSSecurityException("Problems setting up certificate validation", e);
      }

      try
      {
         cpv.validate(cp, parameters);
      }
      catch (CertPathValidatorException cpve)
      {
         log.debug("Certificate is invalid:", cpve);
         throw new FailedAuthenticationException();
View Full Code Here
117
118
119
120
121
122
123
124
125
      Security.setProperty(PKIXCertificateValidator.OSCP_SUBJECT_PROPERTY, ((X509Certificate) this.ocsp.getCertificate()).getSubjectX500Principal().getName());
    }

    CertPathBuilder builder = CertPathBuilder.getInstance(PKIXCertificateValidator.CERTPATH_TYPE);
    PKIXCertPathBuilderResult builderResult = (PKIXCertPathBuilderResult) builder.build(pkixParameters);
    CertPathValidator validator = CertPathValidator.getInstance(PKIXCertificateValidator.CERTPATH_TYPE);
    PKIXCertPathValidatorResult validatorResult = (PKIXCertPathValidatorResult) validator.validate(builderResult.getCertPath(), pkixParameters);
    return validatorResult;
  }
View Full Code Here
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
    }

    @SuppressWarnings("serial")
    @Test
    public void validCertificateShouldPassVerification() throws Exception {
        CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
        CertPath cp = certificateFactory
            .generateCertPath(new LinkedList<Certificate>() {
                {
                    add(certificatePath);
                }
            });
        // PKIXCertPathValidatorResult result = (PKIXCertPathValidatorResult)
        cpv.validate(cp, PKIXparams);

        assertEquals(
            "CN=Robert Paulson, OU=org unit, O=org, L=Halifax, ST=NS, C=CA",
            certificatePath.getSubjectDN().getName());
    }
View Full Code Here
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
    }

    @SuppressWarnings("serial")
    @Test(expected = CertPathValidatorException.class)
    public void invalidCertificateShouldFailVerification() throws Exception {
        CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
        CertPath cp = certificateFactory
            .generateCertPath(new LinkedList<Certificate>() {
                {
                    add(selfSignedCertificate);
                }
            });
        //PKIXCertPathValidatorResult result = (PKIXCertPathValidatorResult)
        cpv.validate(cp, PKIXparams);
    }
View Full Code Here
TOP

Related Classes of java.security.cert.CertPathValidator

  • br.net.woodstock.rockframework.security.cert.impl.PKIXCertificateValidator
  • br.net.woodstock.rockframework.security.cert.impl.PKIXCertificateVerifier
  • CertUtils
  • com.adito.boot.SSLTrustManager
  • com.alu.e3.gateway.security.PKIXTrustManager
  • com.google.step2.xmlsimplesign.CachedCertPathValidator
  • com.maverick.ssl.SSLTransportTrustManager
  • com.sun.xml.wss.impl.misc.DefaultCallbackHandler$X509CertificateValidatorImpl
  • com.sun.xml.wss.impl.misc.WSITProviderSecurityEnvironment
  • com.sun.xml.wss.impl.WssProviderSecurityEnvironment
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.