Package java.security.cert

Examples of java.security.cert.CertStore

451
452
453
454
455
456
457
458
459
460
461
    }
  }

  private void checkDistributionPoints(final String profile)
      throws ClientException {
    CertStore store = getCaCertificate(profile);
    CertStoreInspector certs = CertStoreInspector.getInstance(store);
    final X509Certificate ca = certs.getIssuer();
    if (ca.getExtensionValue(X509Extension.cRLDistributionPoints.getId()) != null) {
      LOGGER.warn("CA supports distribution points");
    }
View Full Code Here
513
514
515
516
517
518
519
520
521
522
523
      BigInteger serial, String profile)
      throws OperationFailureException, ClientException {
    LOGGER.debug("Retriving certificate from CA");
    // TRANSACTIONAL
    // Certificate query
    final CertStore store = getCaCertificate(profile);
    CertStoreInspector certs = CertStoreInspector.getInstance(store);
    final X509Certificate ca = certs.getIssuer();

    X500Name name = new X500Name(ca.getIssuerX500Principal().toString());
    IssuerAndSerialNumber iasn = new IssuerAndSerialNumber(name, serial);
View Full Code Here
654
655
656
657
658
659
660
661
662
663
664
  public EnrollmentResponse poll(X509Certificate identity,
      PrivateKey identityKey, X500Principal subject,
      TransactionId transId, String profile) throws ClientException,
      TransactionException {
    final Transport transport = createTransport(profile);
    CertStore store = getCaCertificate(profile);
    CertStoreInspector certStore = CertStoreInspector.getInstance(store);
    X509Certificate issuer = certStore.getIssuer();

    PkiMessageEncoder encoder = getEncoder(identity, identityKey, profile);
    PkiMessageDecoder decoder = getDecoder(identity, identityKey, profile);
View Full Code Here
684
685
686
687
688
689
690
691
692
693
694
    }
  }

  private PkiMessageEncoder getEncoder(X509Certificate identity,
      PrivateKey priKey, String profile) throws ClientException {
    CertStore store = getCaCertificate(profile);
    Capabilities caps = getCaCapabilities(profile);
    CertStoreInspector certs = CertStoreInspector.getInstance(store);
    X509Certificate recipientCertificate = certs.getRecipient();
    PkcsPkiEnvelopeEncoder envEncoder = new PkcsPkiEnvelopeEncoder(
        recipientCertificate, caps.getStrongestCipher());
View Full Code Here
697
698
699
700
701
702
703
704
705
706
707
    return new PkiMessageEncoder(priKey, identity, envEncoder, sigAlg);
  }

  private PkiMessageDecoder getDecoder(X509Certificate identity,
      PrivateKey key, String profile) throws ClientException {
    final CertStore store = getCaCertificate(profile);
    CertStoreInspector certs = CertStoreInspector.getInstance(store);
    X509Certificate signer = certs.getSigner();
    PkcsPkiEnvelopeDecoder envDecoder = new PkcsPkiEnvelopeDecoder(
        identity, key);
View Full Code Here
49
50
51
52
53
54
55
56
57
58
59
            list.add(interCert);
            list.add(finalCert);
            list.add(rootCrl);
            list.add(interCrl);
            CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
            CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
            Calendar validDate = Calendar.getInstance();
            validDate.set(2002,2,21,2,21,10);

                //Searching for rootCert by subjectDN without CRL
            Set trust = new HashSet();
View Full Code Here
106
107
108
109
110
111
112
113
114
115
116
            list.add(endCert);
            list.add(rootCRL);
            list.add(interCRL);
           
            CollectionCertStoreParameters params = new CollectionCertStoreParameters(list);
            CertStore                     store = CertStore.getInstance("Collection", params);
   
            // build the path
            CertPathBuilder  builder = CertPathBuilder.getInstance("PKIX", "BC");
            X509CertSelector pathConstraints = new X509CertSelector();
           
View Full Code Here
151
152
153
154
155
156
157
158
159
160
161
        list.add(interCert);
        list.add(finalCert);
        list.add(rootCrl);
        list.add(interCrl);
        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
        CertStore store = CertStore.getInstance("Collection", ccsp);
        Calendar validDate = Calendar.getInstance();
        validDate.set(2002,2,21,2,21,10);

            //validating path
        List certchain = new ArrayList();
View Full Code Here
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
        List      list = new ArrayList();
       
        list.add(sCert);
       
        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
        CertStore store = CertStore.getInstance("Collection", ccsp);
       
        Collection certs = store.getCertificates(aCert.getIssuer());
        if (certs.size() != 1 || !certs.contains(sCert))
        {
            fail("sCert not found by issuer");
        }
       
        X509Attribute[] attrs = aCert.getAttributes("1.3.6.1.4.1.6760.8.1.1");
        if (attrs == null || attrs.length != 1)
        {
            fail("attribute not found");
        }

        //
        // reencode test
        //
        aCert = new X509V2AttributeCertificate(aCert.getEncoded());
       
        aCert.verify(sCert.getPublicKey(), "BC");
       
        X509AttributeCertificate saCert = new X509V2AttributeCertificate(new ByteArrayInputStream(aCert.getEncoded()));
       
        if (!aCert.getNotAfter().equals(saCert.getNotAfter()))
        {
            fail("failed date comparison");
        }
       
        // base generator test
       
        //
        // a sample key pair.
        //
        RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
            new BigInteger("11", 16));

        RSAPrivateCrtKeySpec privKeySpec = RSA_PRIVATE_KEY_SPEC;

        //
        // set up the keys
        //
        PrivateKey          privKey;
        PublicKey           pubKey;

        KeyFactory  kFact = KeyFactory.getInstance("RSA", "BC");

        privKey = kFact.generatePrivate(privKeySpec);
        pubKey = kFact.generatePublic(pubKeySpec);
       
        X509V2AttributeCertificateGenerator gen = new X509V2AttributeCertificateGenerator();
       
        gen.addAttribute(attrs[0]);
        gen.setHolder(aCert.getHolder());
        gen.setIssuer(aCert.getIssuer());
        gen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        gen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        gen.setSerialNumber(aCert.getSerialNumber());
        gen.setSignatureAlgorithm("SHA1WithRSAEncryption");
       
        aCert = gen.generateCertificate(privKey, "BC");
       
        aCert.checkValidity();
       
        aCert.verify(pubKey, "BC");
       
        // as the issuer is the same this should still work (even though it is not
        // technically correct
       
        certs = store.getCertificates(aCert.getIssuer());
        if (certs.size() != 1 || !certs.contains(sCert))
        {
            fail("sCert not found by issuer");
        }
       
View Full Code Here
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
            list.add(finalCert);
            list.add(rootCrl);
            list.add(interCrl);
            CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(
                    list);
            CertStore store = CertStore.getInstance("Collection", ccsp);

            // Searching for rootCert by subjectDN
            X509CertSelector targetConstraints = new X509CertSelector();
            targetConstraints.setSubject(rootCert.getSubjectX500Principal()
                    .getName());
            Collection certs = store.getCertificates(targetConstraints);
            if (certs.size() != 1 || !certs.contains(rootCert))
            {
                return new SimpleTestResult(false, this.getName()
                        + ": rootCert not found by subjectDN");
            }

            // Searching for rootCert by subjectDN encoded as byte
            targetConstraints = new X509CertSelector();
            targetConstraints.setSubject(rootCert.getSubjectX500Principal()
                    .getEncoded());
            certs = store.getCertificates(targetConstraints);
            if (certs.size() != 1 || !certs.contains(rootCert))
            {
                return new SimpleTestResult(false, this.getName()
                        + ": rootCert not found by encoded subjectDN");
            }

            // Searching for rootCert by public key encoded as byte
            targetConstraints = new X509CertSelector();
            targetConstraints.setSubjectPublicKey(rootCert.getPublicKey()
                    .getEncoded());
            certs = store.getCertificates(targetConstraints);
            if (certs.size() != 1 || !certs.contains(rootCert))
            {
                return new SimpleTestResult(false, this.getName()
                        + ": rootCert not found by encoded public key");
            }

            // Searching for interCert by issuerDN
            targetConstraints = new X509CertSelector();
            targetConstraints.setIssuer(rootCert.getSubjectX500Principal()
                    .getEncoded());
            certs = store.getCertificates(targetConstraints);
            if (certs.size() != 2)
            {
                return new SimpleTestResult(false, this.getName()
                        + ": did not found 2 certs");
            }
            if (!certs.contains(rootCert))
            {
                return new SimpleTestResult(false, this.getName()
                        + ": rootCert not found");
            }
            if (!certs.contains(interCert))
            {
                return new SimpleTestResult(false, this.getName()
                        + ": interCert not found");
            }

            // Searching for rootCrl by issuerDN
            X509CRLSelector targetConstraintsCRL = new X509CRLSelector();
            targetConstraintsCRL.addIssuerName(rootCrl.getIssuerX500Principal()
                    .getEncoded());
            Collection crls = store.getCRLs(targetConstraintsCRL);
            if (crls.size() != 1 || !crls.contains(rootCrl))
            {
                return new SimpleTestResult(false, this.getName()
                        + ": rootCrl not found");
            }
View Full Code Here
TOP

Related Classes of java.security.cert.CertStore

  • br.net.woodstock.rockframework.security.cert.impl.PKIXCertificateValidator
  • br.net.woodstock.rockframework.security.cert.impl.PKIXCertificateVerifier
  • com.sun.enterprise.security.jmac.callback.BaseContainerCallbackHandler
  • com.sun.grid.security.login.GECATrustManager
  • com.sun.xml.wss.impl.misc.DefaultCallbackHandler$X509CertificateValidatorImpl
  • com.sun.xml.wss.impl.misc.WSITProviderSecurityEnvironment
  • com.sun.xml.wss.impl.WssProviderSecurityEnvironment
  • de.netsysit.policymanager.PolicyUtilities
  • demo.sts.provider.cert.CertificateVerifier
  • edu.illinois.ncsa.BCGSS.GlobusTlsClient$GlobusTlsAuth
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.