Search in sources :

Example 21 with CollectionCertStoreParameters

use of java.security.cert.CollectionCertStoreParameters in project MonjaDB by Kanatoko.

the class MSecurityUtil method isValidChain.

// --------------------------------------------------------------------------------
public static boolean isValidChain(List chain) {
    // root, im, leaf�̏��Ԃ�chain�ł��邱�Ƃ�����
    if (chain.size() < 2) {
        return false;
    }
    try {
        X509Certificate root = null;
        X509Certificate leaf = null;
        List imList = new ArrayList();
        for (int i = 0; i < chain.size(); ++i) {
            if (i == 0) {
                // root
                root = (X509Certificate) chain.get(i);
            } else if (i == chain.size() - 1) {
                leaf = (X509Certificate) chain.get(i);
            } else {
                imList.add(chain.get(i));
            }
        }
        KeyStore ks = KeyStore.getInstance("JKS");
        ks.load(null, null);
        ks.setCertificateEntry("root", root);
        X509CertSelector target = new X509CertSelector();
        target.setCertificate(leaf);
        PKIXBuilderParameters params = new PKIXBuilderParameters(ks, target);
        CertStoreParameters intermediates = new CollectionCertStoreParameters(imList);
        params.addCertStore(CertStore.getInstance("Collection", intermediates));
        params.setRevocationEnabled(false);
        CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
        CertPathBuilderResult result = builder.build(params);
        return true;
    } catch (Exception e) {
        return false;
    }
}
Also used : CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters) CertStoreParameters(java.security.cert.CertStoreParameters) CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters) PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) CertPathBuilderResult(java.security.cert.CertPathBuilderResult) X509CertSelector(java.security.cert.X509CertSelector) CertPathBuilder(java.security.cert.CertPathBuilder) X509Certificate(java.security.cert.X509Certificate) CertificateException(java.security.cert.CertificateException)

Example 22 with CollectionCertStoreParameters

use of java.security.cert.CollectionCertStoreParameters in project SKMCLauncher by SKCraft.

the class X509KeyStore method verify.

/**
 * Verify that a given certificate is trusted.
 *
 * @param chain certificate chain
 * @throws CertPathBuilderException thrown on verification error
 * @throws CertificateVerificationException thrown on any error
 */
public void verify(X509Certificate[] chain) throws CertificateVerificationException, CertPathBuilderException {
    try {
        X509CertSelector selector = new X509CertSelector();
        selector.setCertificate(chain[0]);
        // Root certificates
        Set<TrustAnchor> trustAnchors = new HashSet<TrustAnchor>();
        for (X509Certificate rootCert : rootCerts) {
            trustAnchors.add(new TrustAnchor(rootCert, null));
        }
        PKIXBuilderParameters pkixParams = new PKIXBuilderParameters(trustAnchors, selector);
        pkixParams.setRevocationEnabled(true);
        // Built-in intermediate certificates
        pkixParams.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(intermediateCerts)));
        // Additional intermediate certificates
        pkixParams.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(Arrays.asList(chain))));
        CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
        // Will error on failure to verify
        builder.build(pkixParams);
    } catch (InvalidAlgorithmParameterException e) {
        throw new CertificateVerificationException(e);
    } catch (NoSuchAlgorithmException e) {
        throw new CertificateVerificationException(e);
    }
}
Also used : CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) X509CertSelector(java.security.cert.X509CertSelector) TrustAnchor(java.security.cert.TrustAnchor) CertPathBuilder(java.security.cert.CertPathBuilder) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) X509Certificate(java.security.cert.X509Certificate) HashSet(java.util.HashSet)

Example 23 with CollectionCertStoreParameters

use of java.security.cert.CollectionCertStoreParameters in project j2objc by google.

the class CollectionCertStoreParametersTest method testToString02.

/**
 * Test #2 for <code>toString()</code> method<br>
 */
public final void testToString02() {
    Vector<Certificate> certificates = new Vector<Certificate>();
    certificates.add(new MyCertificate("TEST", new byte[] { (byte) 4 }));
    CollectionCertStoreParameters cp = new CollectionCertStoreParameters(certificates);
    assertNotNull(cp.toString());
}
Also used : MyCertificate(org.apache.harmony.security.tests.support.cert.MyCertificate) CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters) Vector(java.util.Vector) Certificate(java.security.cert.Certificate) MyCertificate(org.apache.harmony.security.tests.support.cert.MyCertificate)

Example 24 with CollectionCertStoreParameters

use of java.security.cert.CollectionCertStoreParameters in project j2objc by google.

the class CollectionCertStoreParametersTest method testGetCollection01.

/**
 * Test #1 for <code>getCollection()</code> method<br>
 */
public final void testGetCollection01() {
    CollectionCertStoreParameters cp = new CollectionCertStoreParameters();
    assertNotNull(cp.getCollection());
}
Also used : CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters)

Example 25 with CollectionCertStoreParameters

use of java.security.cert.CollectionCertStoreParameters in project j2objc by google.

the class CollectionCertStoreParametersTest method testCollectionCertStoreParameters01.

// 
// Tests
// 
/**
 * Test #1 for <code>CollectionCertStoreParameters()</code> constructor<br>
 */
public final void testCollectionCertStoreParameters01() {
    CertStoreParameters cp = new CollectionCertStoreParameters();
    assertTrue("isCollectionCertStoreParameters", cp instanceof CollectionCertStoreParameters);
}
Also used : CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters) CertStoreParameters(java.security.cert.CertStoreParameters) CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters)

Aggregations

CollectionCertStoreParameters (java.security.cert.CollectionCertStoreParameters)64 X509CertSelector (java.security.cert.X509CertSelector)31 PKIXBuilderParameters (java.security.cert.PKIXBuilderParameters)30 X509Certificate (java.security.cert.X509Certificate)27 CertStore (java.security.cert.CertStore)23 Certificate (java.security.cert.Certificate)21 ArrayList (java.util.ArrayList)18 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)15 CertPathBuilder (java.security.cert.CertPathBuilder)15 HashSet (java.util.HashSet)14 TrustAnchor (java.security.cert.TrustAnchor)13 Vector (java.util.Vector)12 CertStoreParameters (java.security.cert.CertStoreParameters)11 IOException (java.io.IOException)10 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)10 MyCertificate (org.apache.harmony.security.tests.support.cert.MyCertificate)10 KeyStoreException (java.security.KeyStoreException)8 PKIXCertPathBuilderResult (java.security.cert.PKIXCertPathBuilderResult)8 CertPath (java.security.cert.CertPath)7 CertPathBuilderException (java.security.cert.CertPathBuilderException)7