Examples with X509CRLSelector java.security.cert.X509CRLSelector used on opensource projects

Example 11 with X509CRLSelector

use of java.security.cert.X509CRLSelector in project robovm by robovm.

the class X509CRLSelectorTest method testGetIssuersNamesCopy.

public void testGetIssuersNamesCopy() {
    X509CRLSelector crlSelector = new X509CRLSelector();
    crlSelector.addIssuer(PRINCIPAL);
    Collection<Object> issuers = crlSelector.getIssuerNames();
    assertEquals(1, issuers.size());
    issuers.clear();
    assertEquals(0, issuers.size());
}

Example 12 with X509CRLSelector

use of java.security.cert.X509CRLSelector in project jdk8u_jdk by JetBrains.

the class URICertStore method engineGetCRLs.

/**
     * Returns a <code>Collection</code> of <code>X509CRL</code>s that
     * match the specified selector. If no <code>X509CRL</code>s
     * match the selector, an empty <code>Collection</code> will be returned.
     *
     * @param selector A <code>CRLSelector</code> used to select which
     *  <code>X509CRL</code>s should be returned. Specify <code>null</code>
     *  to return all <code>X509CRL</code>s.
     * @return A <code>Collection</code> of <code>X509CRL</code>s that
     *         match the specified selector
     * @throws CertStoreException if an exception occurs
     */
@Override
@SuppressWarnings("unchecked")
public synchronized Collection<X509CRL> engineGetCRLs(CRLSelector selector) throws CertStoreException {
    // avoid LDAP DN matching issues (see LDAPCRLSelector for more info)
    if (ldap) {
        X509CRLSelector xsel = (X509CRLSelector) selector;
        try {
            xsel = ldapHelper.wrap(xsel, null, ldapPath);
        } catch (IOException ioe) {
            throw new CertStoreException(ioe);
        }
        // Safe cast since xsel is an X509 certificate selector.
        try {
            return (Collection<X509CRL>) ldapCertStore.getCRLs(xsel);
        } catch (CertStoreException cse) {
            throw new PKIX.CertStoreTypeException("LDAP", cse);
        }
    }
    // Return the CRLs for this entry. It returns the cached value
    // if it is still current and fetches the CRLs otherwise.
    // For the caching details, see the top of this class.
    long time = System.currentTimeMillis();
    if (time - lastChecked < CHECK_INTERVAL) {
        if (debug != null) {
            debug.println("Returning CRL from cache");
        }
        return getMatchingCRLs(crl, selector);
    }
    lastChecked = time;
    try {
        URLConnection connection = uri.toURL().openConnection();
        if (lastModified != 0) {
            connection.setIfModifiedSince(lastModified);
        }
        long oldLastModified = lastModified;
        connection.setConnectTimeout(CRL_CONNECT_TIMEOUT);
        try (InputStream in = connection.getInputStream()) {
            lastModified = connection.getLastModified();
            if (oldLastModified != 0) {
                if (oldLastModified == lastModified) {
                    if (debug != null) {
                        debug.println("Not modified, using cached copy");
                    }
                    return getMatchingCRLs(crl, selector);
                } else if (connection instanceof HttpURLConnection) {
                    // some proxy servers omit last modified
                    HttpURLConnection hconn = (HttpURLConnection) connection;
                    if (hconn.getResponseCode() == HttpURLConnection.HTTP_NOT_MODIFIED) {
                        if (debug != null) {
                            debug.println("Not modified, using cached copy");
                        }
                        return getMatchingCRLs(crl, selector);
                    }
                }
            }
            if (debug != null) {
                debug.println("Downloading new CRL...");
            }
            crl = (X509CRL) factory.generateCRL(in);
        }
        return getMatchingCRLs(crl, selector);
    } catch (IOException | CRLException e) {
        if (debug != null) {
            debug.println("Exception fetching CRL:");
            e.printStackTrace();
        }
        // exception, forget previous values
        lastModified = 0;
        crl = null;
        throw new PKIX.CertStoreTypeException("URI", new CertStoreException(e));
    }
}

Example 13 with X509CRLSelector

use of java.security.cert.X509CRLSelector in project robovm by robovm.

the class X509CRLSelector2Test method testGetCertificateCheckingLjava_X509Certificate.

/**
     * getCertificateChecking() method testing.
     */
public void testGetCertificateCheckingLjava_X509Certificate() throws CertificateException {
    X509CRLSelector selector = new X509CRLSelector();
    CertificateFactory certFact = CertificateFactory.getInstance("X509");
    X509Certificate cert = (X509Certificate) certFact.generateCertificate(new ByteArrayInputStream(TestUtils.getX509Certificate_v3()));
    selector.setCertificateChecking(cert);
    assertEquals(cert, selector.getCertificateChecking());
    selector.setCertificateChecking(null);
    assertNull(selector.getCertificateChecking());
}

Example 14 with X509CRLSelector

use of java.security.cert.X509CRLSelector in project robovm by robovm.

the class X509CRLSelector2Test method testSetMinCRLNumberLjava_math_BigInteger.

/**
     * setMinCRLNumber(BigInteger minCRL) method testing. Tests if CRLs with any
     * crl number value match the selector in the case of null crlNumber
     * criteria, if specified minCRL value matches the selector, and if CRL with
     * inappropriate crlNumber value does not match the selector.
     */
@AndroidOnly("Uses specific class: " + "org.apache.harmony.security.asn1.ASN1OctetString.")
public void testSetMinCRLNumberLjava_math_BigInteger() {
    X509CRLSelector selector = new X509CRLSelector();
    BigInteger minCRL = new BigInteger("10000");
    CRL crl = new TestCRL(minCRL);
    selector.setMinCRLNumber(null);
    assertTrue("Any CRL should match in the case of null minCRLNumber.", selector.match(crl));
    selector.setMinCRLNumber(minCRL);
    assertTrue("The CRL should match the selection criteria.", selector.match(crl));
    selector.setMinCRLNumber(new BigInteger("10001"));
    assertFalse("The CRL should not match the selection criteria.", selector.match(crl));
}

Example 15 with X509CRLSelector

use of java.security.cert.X509CRLSelector in project robovm by robovm.

the class X509CRLSelector2Test method testGetIssuers.

/**
     * getIssuers() method testing. Tests if the method return null in the case
     * of not specified issuers, if the returned collection corresponds to the
     * specified issuers and this collection is unmodifiable.
     */
public void testGetIssuers() {
    X509CRLSelector selector = new X509CRLSelector();
    X500Principal iss1 = new X500Principal("O=First Org.");
    X500Principal iss2 = new X500Principal("O=Second Org.");
    X500Principal iss3 = new X500Principal("O=Third Org.");
    assertNull("The collection should be null.", selector.getIssuers());
    selector.addIssuer(iss1);
    selector.addIssuer(iss2);
    Collection<X500Principal> result = selector.getIssuers();
    try {
        result.add(iss3);
        fail("The returned collection should be unmodifiable.");
    } catch (UnsupportedOperationException e) {
    }
    assertTrue("The collection should contain the specified DN.", result.contains(iss2));
}