use of java.security.cert.CertStoreParameters in project robovm by robovm.
the class LDAPCertStoreParametersTest method testLDAPCertStoreParametersStringint01.
/**
* Test #1 for <code>LDAPCertStoreParameters(String, int)</code> constructor<br>
* Assertion: Creates an instance of <code>LDAPCertStoreParameters</code>
* with the specified parameter values
*/
public final void testLDAPCertStoreParametersStringint01() {
CertStoreParameters cp = new LDAPCertStoreParameters("myhost", 1098);
assertTrue("isLDAPCertStoreParameters", cp instanceof LDAPCertStoreParameters);
}
use of java.security.cert.CertStoreParameters in project robovm by robovm.
the class LDAPCertStoreParametersTest method testLDAPCertStoreParametersString01.
/**
* Test #1 for <code>LDAPCertStoreParameters(String)</code> constructor<br>
* Assertion: Creates an instance of <code>LDAPCertStoreParameters</code>
* with the specified server name and a default port of 389
*/
public final void testLDAPCertStoreParametersString01() {
CertStoreParameters cp = new LDAPCertStoreParameters("myhost");
assertTrue("isLDAPCertStoreParameters", cp instanceof LDAPCertStoreParameters);
}
use of java.security.cert.CertStoreParameters in project robovm by robovm.
the class CertPathBuilderTestPKIX method getCertPathParameters.
@Override
public CertPathParameters getCertPathParameters() throws Exception {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
X509Certificate selfSignedcertificate = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(selfSignedCert.getBytes()));
keyStore.setCertificateEntry("selfSignedCert", selfSignedcertificate);
X509CertSelector targetConstraints = new X509CertSelector();
targetConstraints.setCertificate(selfSignedcertificate);
List<Certificate> certList = new ArrayList<Certificate>();
certList.add(selfSignedcertificate);
CertStoreParameters storeParams = new CollectionCertStoreParameters(certList);
CertStore certStore = CertStore.getInstance("Collection", storeParams);
PKIXBuilderParameters parameters = new PKIXBuilderParameters(keyStore, targetConstraints);
parameters.addCertStore(certStore);
parameters.setRevocationEnabled(false);
return parameters;
}
use of java.security.cert.CertStoreParameters in project robovm by robovm.
the class CertPathValidatorTestPKIX method setUp.
@Override
protected void setUp() throws Exception {
super.setUp();
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
X509Certificate selfSignedcertificate = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(selfSignedCert.getBytes()));
keyStore.setCertificateEntry("selfSignedCert", selfSignedcertificate);
X509CertSelector targetConstraints = new X509CertSelector();
targetConstraints.setCertificate(selfSignedcertificate);
List<Certificate> certList = new ArrayList<Certificate>();
certList.add(selfSignedcertificate);
CertStoreParameters storeParams = new CollectionCertStoreParameters(certList);
CertStore certStore = CertStore.getInstance("Collection", storeParams);
PKIXBuilderParameters parameters = new PKIXBuilderParameters(keyStore, targetConstraints);
parameters.addCertStore(certStore);
parameters.setRevocationEnabled(false);
CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX");
CertPathBuilderResult builderResult = pathBuilder.build(parameters);
certPath = builderResult.getCertPath();
params = new PKIXParameters(keyStore);
params.setRevocationEnabled(false);
}
use of java.security.cert.CertStoreParameters in project cxf by apache.
the class TrustedAuthorityValidator method isCertificateChainValid.
/**
* Checks if a certificate is signed by a trusted authority.
*
* @param x509Certificate to check
* @return the validity state of the certificate
*/
boolean isCertificateChainValid(List<X509Certificate> certificates) {
X509Certificate targetCert = certificates.get(0);
X509CertSelector selector = new X509CertSelector();
selector.setCertificate(targetCert);
try {
List<X509Certificate> intermediateCerts = certRepo.getCaCerts();
List<X509Certificate> trustedAuthorityCerts = certRepo.getTrustedCaCerts();
Set<TrustAnchor> trustAnchors = asTrustAnchors(trustedAuthorityCerts);
CertStoreParameters intermediateParams = new CollectionCertStoreParameters(intermediateCerts);
CertStoreParameters certificateParams = new CollectionCertStoreParameters(certificates);
PKIXBuilderParameters pkixParams = new PKIXBuilderParameters(trustAnchors, selector);
pkixParams.addCertStore(CertStore.getInstance("Collection", intermediateParams));
pkixParams.addCertStore(CertStore.getInstance("Collection", certificateParams));
pkixParams.setRevocationEnabled(false);
CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
CertPath certPath = builder.build(pkixParams).getCertPath();
// Now validate the CertPath (including CRL checking)
if (enableRevocation) {
List<X509CRL> crls = certRepo.getCRLs();
if (!crls.isEmpty()) {
pkixParams.setRevocationEnabled(true);
CertStoreParameters crlParams = new CollectionCertStoreParameters(crls);
pkixParams.addCertStore(CertStore.getInstance("Collection", crlParams));
}
}
CertPathValidator validator = CertPathValidator.getInstance("PKIX");
validator.validate(certPath, pkixParams);
} catch (InvalidAlgorithmParameterException e) {
LOG.log(Level.WARNING, "Invalid algorithm parameter by certificate chain validation. " + "It is likely that issuer certificates are not found in XKMS trusted storage. " + e.getMessage(), e);
return false;
} catch (NoSuchAlgorithmException e) {
LOG.log(Level.WARNING, "Unknown algorithm by trust chain validation: " + e.getMessage(), e);
return false;
} catch (CertPathBuilderException e) {
LOG.log(Level.WARNING, "Cannot build certification path: " + e.getMessage(), e);
return false;
} catch (CertPathValidatorException e) {
LOG.log(Level.WARNING, "Cannot vaidate certification path: " + e.getMessage(), e);
return false;
}
return true;
}
Aggregations