use of java.security.cert.CertSelector in project XobotOS by xamarin.
the class TrustedCertificateStore method isTrustAnchor.
/**
* This non-{@code KeyStoreSpi} public interface is used by {@code
* TrustManagerImpl} to locate a CA certificate with the same name
* and public key as the provided {@code X509Certificate}. We
* match on the name and public key and not the entire certificate
* since a CA may be reissued with the same name and PublicKey but
* with other differences (for example when switching signature
* from md2WithRSAEncryption to SHA1withRSA)
*/
public boolean isTrustAnchor(final X509Certificate c) {
// compare X509Certificate.getPublicKey values
CertSelector selector = new CertSelector() {
@Override
public boolean match(X509Certificate ca) {
return ca.getPublicKey().equals(c.getPublicKey());
}
};
boolean user = findCert(addedDir, c.getSubjectX500Principal(), selector, Boolean.class);
if (user) {
return true;
}
X509Certificate system = findCert(systemDir, c.getSubjectX500Principal(), selector, X509Certificate.class);
return system != null && !isDeletedSystemCertificate(system);
}
use of java.security.cert.CertSelector in project robovm by robovm.
the class CertStoreSpiTest method testCertStoreSpi01.
/**
* Test for <code>CertStoreSpi</code> constructor Assertion: constructs
* CertStoreSpi
*/
public void testCertStoreSpi01() throws InvalidAlgorithmParameterException, CertStoreException {
CertStoreSpi certStoreSpi = null;
//new
CertSelector certSelector = new tmpCertSelector();
// X509CertSelector();
//new X509CRLSelector();
CRLSelector crlSelector = new tmpCRLSelector();
try {
certStoreSpi = new MyCertStoreSpi(null);
fail("InvalidAlgorithmParameterException must be thrown");
} catch (InvalidAlgorithmParameterException e) {
}
certStoreSpi = new MyCertStoreSpi(new MyCertStoreParameters());
assertNull("Not null collection", certStoreSpi.engineGetCertificates(certSelector));
assertNull("Not null collection", certStoreSpi.engineGetCRLs(crlSelector));
}
use of java.security.cert.CertSelector in project XobotOS by xamarin.
the class TrustedCertificateStore method findIssuer.
/**
* This non-{@code KeyStoreSpi} public interface is used by {@code
* TrustManagerImpl} to locate the CA certificate that signed the
* provided {@code X509Certificate}.
*/
public X509Certificate findIssuer(final X509Certificate c) {
// match on verified issuer of Certificate
CertSelector selector = new CertSelector() {
@Override
public boolean match(X509Certificate ca) {
try {
c.verify(ca.getPublicKey());
return true;
} catch (Exception e) {
return false;
}
}
};
X500Principal issuer = c.getIssuerX500Principal();
X509Certificate user = findCert(addedDir, issuer, selector, X509Certificate.class);
if (user != null) {
return user;
}
X509Certificate system = findCert(systemDir, issuer, selector, X509Certificate.class);
if (system != null && !isDeletedSystemCertificate(system)) {
return system;
}
return null;
}
Aggregations