Package java.security.cert

Examples of java.security.cert.X509CertSelector

374
375
376
377
378
379
380
381
382
383
384
         PKIXBuilderParameters oldParams = (PKIXBuilderParameters) parameters.getParameters();

         PKIXBuilderParameters xparams = null;
         try
         {
            xparams = new PKIXBuilderParameters(trustStore, new X509CertSelector());
            xparams.setAnyPolicyInhibited(oldParams.isAnyPolicyInhibited());
            xparams.setCertPathCheckers(oldParams.getCertPathCheckers());
            xparams.setCertStores(oldParams.getCertStores());
            xparams.setDate(oldParams.getDate());
            xparams.setExplicitPolicyRequired(oldParams.isExplicitPolicyRequired());
View Full Code Here
636
637
638
639
640
641
642
643
644
645
646
                                                KeyStore trustStore)
        throws Exception {
        CertPathParameters params = null;
        if("PKIX".equalsIgnoreCase(algorithm)) {
            PKIXBuilderParameters xparams =
                new PKIXBuilderParameters(trustStore, new X509CertSelector());
            Collection<? extends CRL> crls = getCRLs(crlf);
            CertStoreParameters csp = new CollectionCertStoreParameters(crls);
            CertStore store = CertStore.getInstance("Collection", csp);
            xparams.addCertStore(store);
            xparams.setRevocationEnabled(true);
View Full Code Here
665
666
667
668
669
670
671
672
673
674
675
676
                            "] is not yet valid");
                }
                return false;
            }

            X509CertSelector certSelector = new X509CertSelector();
            certSelector.setCertificate(certificate);

            PKIXBuilderParameters parameters;
            CertPathBuilder builder;
            try {
              parameters = createBuilderParameters(trustStore, certSelector);
View Full Code Here
300
301
302
303
304
305
306
307
308
309
310
                } catch(IOException ioe) {
                    // Ignore
                }
            }

            PKIXBuilderParameters pkixParams = new PKIXBuilderParameters(ks, new X509CertSelector());

            if (caCrlFile.exists()) {
                log.log(Level.FINE, "read certificate revocation list from {0}", caCrlFile);
                in = new FileInputStream(caCrlFile);
View Full Code Here
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
    {
        TrustAnchor trust = null;
        PublicKey trustPublicKey = null;
        Exception invalidKeyEx = null;

        X509CertSelector certSelectX509 = new X509CertSelector();
        X500Principal certIssuer = getEncodedIssuerPrincipal(cert);

        try
        {
            certSelectX509.setSubject(certIssuer.getEncoded());
        }
        catch (IOException ex)
        {
            throw new AnnotatedException("Cannot set subject search criteria for trust anchor.", ex);
        }

        Iterator iter = trustAnchors.iterator();
        while (iter.hasNext() && trust == null)
        {
            trust = (TrustAnchor)iter.next();
            if (trust.getTrustedCert() != null)
            {
                if (certSelectX509.match(trust.getTrustedCert()))
                {
                    trustPublicKey = trust.getTrustedCert().getPublicKey();
                }
                else
                {
View Full Code Here
373
374
375
376
377
378
379
380
381
382
383
384
        try
        {
            CertPathBuilder _cpb = CertPathBuilder.getInstance("PKIX", "BC");
            X509Certificate _ee = decodeCertificate(_data[_data.length - 1]);
            X509CertSelector _select = new X509CertSelector();
            _select.setSubject(_ee.getSubjectX500Principal().getEncoded());

            PKIXBuilderParameters _param = new PKIXBuilderParameters(
                    trustedSet, _select);
            _param.setExplicitPolicyRequired(_explicit);
            _param.addCertStore(makeCertStore(_data));
View Full Code Here
230
231
232
233
234
235
236
237
238
239
240
241
        CertPathValidator cpv = CertPathValidator.getInstance("PKIX","BC");
        //PKIXParameters param = new PKIXParameters(trust);

        PKIXBuilderParameters param = new PKIXBuilderParameters(trust, null);
        X509CertSelector certSelector = new X509CertSelector();
        certSelector.setCertificate(crlCaCert);
        param.setTargetCertConstraints(certSelector);
        param.addCertStore(store);
        param.setRevocationEnabled(true);
        param.setDate(validDate.getTime());
View Full Code Here
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
    protected Collection getTrustAnchors(X509Certificate cert, Set trustanchors) throws CertPathReviewerException
    {
        Collection trustColl = new ArrayList();
        Iterator it = trustanchors.iterator();
       
        X509CertSelector certSelectX509 = new X509CertSelector();

        try
        {
            certSelectX509.setSubject(getEncodedIssuerPrincipal(cert).getEncoded());
            byte[] ext = cert.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());

            if (ext != null)
            {
                ASN1OctetString oct = (ASN1OctetString)ASN1Primitive.fromByteArray(ext);
                AuthorityKeyIdentifier authID = AuthorityKeyIdentifier.getInstance(ASN1Primitive.fromByteArray(oct.getOctets()));

                certSelectX509.setSerialNumber(authID.getAuthorityCertSerialNumber());
                byte[] keyID = authID.getKeyIdentifier();
                if (keyID != null)
                {
                    certSelectX509.setSubjectKeyIdentifier(new DEROctetString(keyID).getEncoded());
                }
            }
        }
        catch (IOException ex)
        {
            ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.trustAnchorIssuerError");
            throw new CertPathReviewerException(msg);
        }

        while (it.hasNext())
        {
            TrustAnchor trust = (TrustAnchor) it.next();
            if (trust.getTrustedCert() != null)
            {
                if (certSelectX509.match(trust.getTrustedCert()))
                {
                    trustColl.add(trust);
                }
            }
            else if (trust.getCAName() != null && trust.getCAPublicKey() != null)
View Full Code Here
55
56
57
58
59
60
61
62
63
64
65
66
            //Searching for rootCert by subjectDN without CRL
        Set trust = new HashSet();
        trust.add(new TrustAnchor(rootCert, null));

        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX","BC");
        X509CertSelector targetConstraints = new X509CertSelector();
        targetConstraints.setSubject(finalCert.getSubjectX500Principal().getEncoded());
        PKIXBuilderParameters params = new PKIXBuilderParameters(trust, targetConstraints);
        params.addCertStore(store);
        params.setDate(validDate.getTime());
        PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult) cpb.build(params);
        CertPath                  path = result.getCertPath();
View Full Code Here
99
100
101
102
103
104
105
106
107
108
109
110
111
        CollectionCertStoreParameters params = new CollectionCertStoreParameters(list);
        CertStore                     store = CertStore.getInstance("Collection", params);

        // build the path
        CertPathBuilder  builder = CertPathBuilder.getInstance("PKIX", "BC");
        X509CertSelector pathConstraints = new X509CertSelector();

        pathConstraints.setSubject(endCert.getSubjectX500Principal().getEncoded());

        PKIXBuilderParameters buildParams = new PKIXBuilderParameters(Collections.singleton(new TrustAnchor(rootCert, null)), pathConstraints);

        buildParams.addCertStore(store);
        buildParams.setDate(new Date());
View Full Code Here
TOP

Related Classes of java.security.cert.X509CertSelector

  • br.net.woodstock.rockframework.security.cert.impl.PKIXCertificateValidator
  • br.net.woodstock.rockframework.security.cert.impl.PKIXCertificateVerifier
  • com.facebook.presto.jdbc.internal.jetty.util.ssl.SslContextFactory
  • com.sun.xml.wss.impl.misc.DefaultCallbackHandler$X509CertificateValidatorImpl
  • com.sun.xml.wss.impl.misc.WSITProviderSecurityEnvironment
  • com.sun.xml.wss.impl.WssProviderSecurityEnvironment
  • gnu.java.security.OID
  • gnu.java.security.x509.ext.GeneralName
  • gnu.java.security.x509.ext.NameConstraints
  • org.apache.cloudstack.network.lb.CertServiceImpl
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.