Search in sources :

Example 1 with CertSelector

use of java.security.cert.CertSelector in project XobotOS by xamarin.

the class TrustedCertificateStore method isTrustAnchor.

/**
     * This non-{@code KeyStoreSpi} public interface is used by {@code
     * TrustManagerImpl} to locate a CA certificate with the same name
     * and public key as the provided {@code X509Certificate}. We
     * match on the name and public key and not the entire certificate
     * since a CA may be reissued with the same name and PublicKey but
     * with other differences (for example when switching signature
     * from md2WithRSAEncryption to SHA1withRSA)
     */
public boolean isTrustAnchor(final X509Certificate c) {
    // compare X509Certificate.getPublicKey values
    CertSelector selector = new CertSelector() {

        @Override
        public boolean match(X509Certificate ca) {
            return ca.getPublicKey().equals(c.getPublicKey());
        }
    };
    boolean user = findCert(addedDir, c.getSubjectX500Principal(), selector, Boolean.class);
    if (user) {
        return true;
    }
    X509Certificate system = findCert(systemDir, c.getSubjectX500Principal(), selector, X509Certificate.class);
    return system != null && !isDeletedSystemCertificate(system);
}
Also used : CertSelector(java.security.cert.CertSelector) X509Certificate(java.security.cert.X509Certificate)

Example 2 with CertSelector

use of java.security.cert.CertSelector in project robovm by robovm.

the class CertStoreSpiTest method testCertStoreSpi01.

/**
     * Test for <code>CertStoreSpi</code> constructor Assertion: constructs
     * CertStoreSpi
     */
public void testCertStoreSpi01() throws InvalidAlgorithmParameterException, CertStoreException {
    CertStoreSpi certStoreSpi = null;
    //new
    CertSelector certSelector = new tmpCertSelector();
    // X509CertSelector();
    //new X509CRLSelector();
    CRLSelector crlSelector = new tmpCRLSelector();
    try {
        certStoreSpi = new MyCertStoreSpi(null);
        fail("InvalidAlgorithmParameterException must be thrown");
    } catch (InvalidAlgorithmParameterException e) {
    }
    certStoreSpi = new MyCertStoreSpi(new MyCertStoreParameters());
    assertNull("Not null collection", certStoreSpi.engineGetCertificates(certSelector));
    assertNull("Not null collection", certStoreSpi.engineGetCRLs(crlSelector));
}
Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) MyCertStoreSpi(org.apache.harmony.security.tests.support.cert.MyCertStoreSpi) CertStoreSpi(java.security.cert.CertStoreSpi) CertSelector(java.security.cert.CertSelector) MyCertStoreSpi(org.apache.harmony.security.tests.support.cert.MyCertStoreSpi) CRLSelector(java.security.cert.CRLSelector) MyCertStoreParameters(org.apache.harmony.security.tests.support.cert.MyCertStoreParameters)

Example 3 with CertSelector

use of java.security.cert.CertSelector in project XobotOS by xamarin.

the class TrustedCertificateStore method findIssuer.

/**
     * This non-{@code KeyStoreSpi} public interface is used by {@code
     * TrustManagerImpl} to locate the CA certificate that signed the
     * provided {@code X509Certificate}.
     */
public X509Certificate findIssuer(final X509Certificate c) {
    // match on verified issuer of Certificate
    CertSelector selector = new CertSelector() {

        @Override
        public boolean match(X509Certificate ca) {
            try {
                c.verify(ca.getPublicKey());
                return true;
            } catch (Exception e) {
                return false;
            }
        }
    };
    X500Principal issuer = c.getIssuerX500Principal();
    X509Certificate user = findCert(addedDir, issuer, selector, X509Certificate.class);
    if (user != null) {
        return user;
    }
    X509Certificate system = findCert(systemDir, issuer, selector, X509Certificate.class);
    if (system != null && !isDeletedSystemCertificate(system)) {
        return system;
    }
    return null;
}
Also used : X500Principal(javax.security.auth.x500.X500Principal) CertSelector(java.security.cert.CertSelector) X509Certificate(java.security.cert.X509Certificate) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException)

Aggregations

CertSelector (java.security.cert.CertSelector)3 X509Certificate (java.security.cert.X509Certificate)2 IOException (java.io.IOException)1 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)1 CRLSelector (java.security.cert.CRLSelector)1 CertStoreSpi (java.security.cert.CertStoreSpi)1 CertificateException (java.security.cert.CertificateException)1 X500Principal (javax.security.auth.x500.X500Principal)1 MyCertStoreParameters (org.apache.harmony.security.tests.support.cert.MyCertStoreParameters)1 MyCertStoreSpi (org.apache.harmony.security.tests.support.cert.MyCertStoreSpi)1