Example 51 with X509CertSelector
use of java.security.cert.X509CertSelector in project jdk8u_jdk by JetBrains.
the class X509CertSelectorTest method testCertificateValid.
/*
* Tests matching on the certificate validity component contained in the
* certificate.
*/
private void testCertificateValid() {
System.out.println("X.509 Certificate Match on certificateValid");
// bad match
X509CertSelector selector = new X509CertSelector();
Calendar cal = Calendar.getInstance();
cal.set(1968, 12, 31);
selector.setCertificateValid(cal.getTime());
checkMatch(selector, cert, false);
// good match
selector.setCertificateValid(cert.getNotBefore());
checkMatch(selector, cert, true);
}
Also used :
Calendar(java.util.Calendar)
X509CertSelector(java.security.cert.X509CertSelector)
Example 52 with X509CertSelector
use of java.security.cert.X509CertSelector in project jdk8u_jdk by JetBrains.
the class X509CertSelectorTest method testNameConstraints.
// Tests matching on the name constraints contained in the certificate.
private void testNameConstraints() throws IOException {
System.out.println("X.509 Certificate Match on name constraints");
// bad match
GeneralSubtrees subjectTree = new GeneralSubtrees();
subjectTree.add(getGeneralSubtree((X500Name) cert.getSubjectDN()));
NameConstraintsExtension ext = new NameConstraintsExtension((GeneralSubtrees) null, subjectTree);
X509CertSelector selector = new X509CertSelector();
selector.setNameConstraints(ext.getExtensionValue());
checkMatch(selector, cert, false);
// good match
ext = new NameConstraintsExtension(subjectTree, null);
selector.setNameConstraints(ext.getExtensionValue());
checkMatch(selector, cert, true);
}
Also used :
GeneralSubtrees(sun.security.x509.GeneralSubtrees)
X509CertSelector(java.security.cert.X509CertSelector)
X500Name(sun.security.x509.X500Name)
NameConstraintsExtension(sun.security.x509.NameConstraintsExtension)
Example 53 with X509CertSelector
use of java.security.cert.X509CertSelector in project jdk8u_jdk by JetBrains.
the class X509CertSelectorTest method testSubjectPublicKeyAlgID.
/*
* Tests matching on the subject public key algorithm ID component contained
* in the certificate.
*/
private void testSubjectPublicKeyAlgID() throws IOException {
System.out.println("X.509 Certificate Match on subjectPublicKeyAlgID");
// bad match
X509CertSelector selector = new X509CertSelector();
selector.setSubjectPublicKeyAlgID("2.5.29.14");
checkMatch(selector, cert, false);
// good match
selector.setSubjectPublicKeyAlgID(getCertPubKeyAlgOID(cert).toString());
checkMatch(selector, cert, true);
}
Also used :
X509CertSelector(java.security.cert.X509CertSelector)
Example 54 with X509CertSelector
use of java.security.cert.X509CertSelector in project jdk8u_jdk by JetBrains.
the class X509CertSelectorTest method testAuthorityKeyIdentifier.
/*
* Tests matching on the authority key identifier contained in the
* certificate.
*/
private void testAuthorityKeyIdentifier() throws IOException {
System.out.println("X.509 Certificate Match on authorityKeyIdentifier");
// bad match
X509CertSelector selector = new X509CertSelector();
byte[] b = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
AuthorityKeyIdentifierExtension a = new AuthorityKeyIdentifierExtension(new KeyIdentifier(b), null, null);
selector.setAuthorityKeyIdentifier(a.getExtensionValue());
checkMatch(selector, cert, false);
// good match
DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.35"));
byte[] encoded = in.getOctetString();
selector.setAuthorityKeyIdentifier(encoded);
checkMatch(selector, cert, true);
}
Also used :
KeyIdentifier(sun.security.x509.KeyIdentifier)
AuthorityKeyIdentifierExtension(sun.security.x509.AuthorityKeyIdentifierExtension)
X509CertSelector(java.security.cert.X509CertSelector)
DerInputStream(sun.security.util.DerInputStream)
Example 55 with X509CertSelector
use of java.security.cert.X509CertSelector in project jdk8u_jdk by JetBrains.
the class X509CertSelectorTest method testKeyUsage.
// Tests matching on the key usage extension contained in the certificate.
private void testKeyUsage() {
System.out.println("X.509 Certificate Match on keyUsage");
// bad match
X509CertSelector selector = new X509CertSelector();
boolean[] keyUsage = { true, false, true, false, true, false, true, false };
selector.setKeyUsage(keyUsage);
System.out.println("Selector = " + selector.toString());
checkMatch(selector, cert, false);
// good match
selector.setKeyUsage(cert.getKeyUsage());
System.out.println("Selector = " + selector.toString());
checkMatch(selector, cert, true);
}
Also used :
X509CertSelector(java.security.cert.X509CertSelector)
Aggregations
X509CertSelector (java.security.cert.X509CertSelector)116
PKIXBuilderParameters (java.security.cert.PKIXBuilderParameters)29
X509Certificate (java.security.cert.X509Certificate)23
IOException (java.io.IOException)18
CollectionCertStoreParameters (java.security.cert.CollectionCertStoreParameters)17
X500Principal (javax.security.auth.x500.X500Principal)16
ArrayList (java.util.ArrayList)14
TrustAnchor (java.security.cert.TrustAnchor)13
CertificateFactory (java.security.cert.CertificateFactory)11
HashSet (java.util.HashSet)11
ByteArrayInputStream (java.io.ByteArrayInputStream)10
KeyStore (java.security.KeyStore)10
CertPathBuilder (java.security.cert.CertPathBuilder)10
CertStore (java.security.cert.CertStore)10
PublicKey (java.security.PublicKey)9
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)8
CertificateException (java.security.cert.CertificateException)8
ASN1OctetString (org.apache.harmony.security.asn1.ASN1OctetString)8
BigInteger (java.math.BigInteger)7
Date (java.util.Date)7
