Search in sources :

Example 1 with CertStoreParameters

use of java.security.cert.CertStoreParameters in project tomcat by apache.

the class JSSEUtil method getParameters.

/**
     * Return the initialization parameters for the TrustManager.
     * Currently, only the default <code>PKIX</code> is supported.
     *
     * @param crlf The path to the CRL file.
     * @param trustStore The configured TrustStore.
     * @param revocationEnabled Should the JSSE provider perform revocation
     *                          checks? Ignored if {@code crlf} is non-null.
     *                          Configuration of revocation checks are expected
     *                          to be via proprietary JSSE provider methods.
     * @return The parameters including the CRLs and TrustStore.
     * @throws Exception An error occurred
     */
protected CertPathParameters getParameters(String crlf, KeyStore trustStore, boolean revocationEnabled) throws Exception {
    PKIXBuilderParameters xparams = new PKIXBuilderParameters(trustStore, new X509CertSelector());
    if (crlf != null && crlf.length() > 0) {
        Collection<? extends CRL> crls = getCRLs(crlf);
        CertStoreParameters csp = new CollectionCertStoreParameters(crls);
        CertStore store = CertStore.getInstance("Collection", csp);
        xparams.addCertStore(store);
        xparams.setRevocationEnabled(true);
    } else {
        xparams.setRevocationEnabled(revocationEnabled);
    }
    xparams.setMaxPathLength(sslHostConfig.getCertificateVerificationDepth());
    return xparams;
}
Also used : CertStoreParameters(java.security.cert.CertStoreParameters) CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters) CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters) PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) X509CertSelector(java.security.cert.X509CertSelector) CertStore(java.security.cert.CertStore)

Example 2 with CertStoreParameters

use of java.security.cert.CertStoreParameters in project robovm by robovm.

the class CertPathBuilderTestPKIX method getCertPathParameters.

@Override
public CertPathParameters getCertPathParameters() throws Exception {
    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    keyStore.load(null, null);
    CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
    X509Certificate selfSignedcertificate = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(selfSignedCert.getBytes()));
    keyStore.setCertificateEntry("selfSignedCert", selfSignedcertificate);
    X509CertSelector targetConstraints = new X509CertSelector();
    targetConstraints.setCertificate(selfSignedcertificate);
    List<Certificate> certList = new ArrayList<Certificate>();
    certList.add(selfSignedcertificate);
    CertStoreParameters storeParams = new CollectionCertStoreParameters(certList);
    CertStore certStore = CertStore.getInstance("Collection", storeParams);
    PKIXBuilderParameters parameters = new PKIXBuilderParameters(keyStore, targetConstraints);
    parameters.addCertStore(certStore);
    parameters.setRevocationEnabled(false);
    return parameters;
}
Also used : CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters) CertStoreParameters(java.security.cert.CertStoreParameters) CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters) ByteArrayInputStream(java.io.ByteArrayInputStream) PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) ArrayList(java.util.ArrayList) X509CertSelector(java.security.cert.X509CertSelector) KeyStore(java.security.KeyStore) CertificateFactory(java.security.cert.CertificateFactory) CertStore(java.security.cert.CertStore) X509Certificate(java.security.cert.X509Certificate) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 3 with CertStoreParameters

use of java.security.cert.CertStoreParameters in project robovm by robovm.

the class CertPathValidatorTestPKIX method setUp.

@Override
protected void setUp() throws Exception {
    super.setUp();
    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    keyStore.load(null, null);
    CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
    X509Certificate selfSignedcertificate = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(selfSignedCert.getBytes()));
    keyStore.setCertificateEntry("selfSignedCert", selfSignedcertificate);
    X509CertSelector targetConstraints = new X509CertSelector();
    targetConstraints.setCertificate(selfSignedcertificate);
    List<Certificate> certList = new ArrayList<Certificate>();
    certList.add(selfSignedcertificate);
    CertStoreParameters storeParams = new CollectionCertStoreParameters(certList);
    CertStore certStore = CertStore.getInstance("Collection", storeParams);
    PKIXBuilderParameters parameters = new PKIXBuilderParameters(keyStore, targetConstraints);
    parameters.addCertStore(certStore);
    parameters.setRevocationEnabled(false);
    CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX");
    CertPathBuilderResult builderResult = pathBuilder.build(parameters);
    certPath = builderResult.getCertPath();
    params = new PKIXParameters(keyStore);
    params.setRevocationEnabled(false);
}
Also used : PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) CertPathBuilderResult(java.security.cert.CertPathBuilderResult) ArrayList(java.util.ArrayList) X509CertSelector(java.security.cert.X509CertSelector) KeyStore(java.security.KeyStore) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters) CertStoreParameters(java.security.cert.CertStoreParameters) CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters) ByteArrayInputStream(java.io.ByteArrayInputStream) PKIXParameters(java.security.cert.PKIXParameters) CertPathBuilder(java.security.cert.CertPathBuilder) CertStore(java.security.cert.CertStore) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 4 with CertStoreParameters

use of java.security.cert.CertStoreParameters in project robovm by robovm.

the class LDAPCertStoreParametersTest method testLDAPCertStoreParameters01.

//
// Tests
//
/**
     * Test #1 for <code>LDAPCertStoreParameters()</code> constructor<br>
     * Assertion: Creates an instance of <code>LDAPCertStoreParameters</code>
     * with the default parameter values (server name "localhost", port 389)
     */
public final void testLDAPCertStoreParameters01() {
    CertStoreParameters cp = new LDAPCertStoreParameters();
    assertTrue("isLDAPCertStoreParameters", cp instanceof LDAPCertStoreParameters);
}
Also used : CertStoreParameters(java.security.cert.CertStoreParameters) LDAPCertStoreParameters(java.security.cert.LDAPCertStoreParameters) LDAPCertStoreParameters(java.security.cert.LDAPCertStoreParameters)

Example 5 with CertStoreParameters

use of java.security.cert.CertStoreParameters in project robovm by robovm.

the class LDAPCertStoreParametersTest method testLDAPCertStoreParametersStringint01.

/**
     * Test #1 for <code>LDAPCertStoreParameters(String, int)</code> constructor<br>
     * Assertion: Creates an instance of <code>LDAPCertStoreParameters</code>
     * with the specified parameter values
     */
public final void testLDAPCertStoreParametersStringint01() {
    CertStoreParameters cp = new LDAPCertStoreParameters("myhost", 1098);
    assertTrue("isLDAPCertStoreParameters", cp instanceof LDAPCertStoreParameters);
}
Also used : CertStoreParameters(java.security.cert.CertStoreParameters) LDAPCertStoreParameters(java.security.cert.LDAPCertStoreParameters) LDAPCertStoreParameters(java.security.cert.LDAPCertStoreParameters)

Aggregations

CertStoreParameters (java.security.cert.CertStoreParameters)11 CertStore (java.security.cert.CertStore)6 CollectionCertStoreParameters (java.security.cert.CollectionCertStoreParameters)5 PKIXBuilderParameters (java.security.cert.PKIXBuilderParameters)4 X509CertSelector (java.security.cert.X509CertSelector)4 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3 LDAPCertStoreParameters (java.security.cert.LDAPCertStoreParameters)3 X509Certificate (java.security.cert.X509Certificate)3 ByteArrayInputStream (java.io.ByteArrayInputStream)2 KeyStore (java.security.KeyStore)2 CertPathBuilder (java.security.cert.CertPathBuilder)2 CertPathBuilderResult (java.security.cert.CertPathBuilderResult)2 Certificate (java.security.cert.Certificate)2 CertificateFactory (java.security.cert.CertificateFactory)2 ArrayList (java.util.ArrayList)2 NoSuchProviderException (java.security.NoSuchProviderException)1 CertificateException (java.security.cert.CertificateException)1 PKIXParameters (java.security.cert.PKIXParameters)1