Examples with X500Principal javax.security.auth.x500.X500Principal used on opensource projects

Search in sources :

Example 66 with X500Principal

use of javax.security.auth.x500.X500Principal in project grpc-java by grpc.

the class TesterOkHttpChannelBuilder method getTrustManagers.

private static TrustManager[] getTrustManagers(InputStream testCa) throws Exception {
    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
    ks.load(null);
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    X509Certificate cert = (X509Certificate) cf.generateCertificate(testCa);
    X500Principal principal = cert.getSubjectX500Principal();
    ks.setCertificateEntry(principal.getName("RFC2253"), cert);
    // Set up trust manager factory to use our key store.
    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    trustManagerFactory.init(ks);
    return trustManagerFactory.getTrustManagers();
}
Also used : TrustManagerFactory(javax.net.ssl.TrustManagerFactory) X500Principal(javax.security.auth.x500.X500Principal) KeyStore(java.security.KeyStore) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate)

Example 67 with X500Principal

use of javax.security.auth.x500.X500Principal in project grpc-java by grpc.

the class OkHostnameVerifier method verifyHostName.

/**
   * Returns true if {@code certificate} matches {@code hostName}.
   */
private boolean verifyHostName(String hostName, X509Certificate certificate) {
    hostName = hostName.toLowerCase(Locale.US);
    boolean hasDns = false;
    List<String> altNames = getSubjectAltNames(certificate, ALT_DNS_NAME);
    for (int i = 0, size = altNames.size(); i < size; i++) {
        hasDns = true;
        if (verifyHostName(hostName, altNames.get(i))) {
            return true;
        }
    }
    if (!hasDns) {
        X500Principal principal = certificate.getSubjectX500Principal();
        // RFC 2818 advises using the most specific name for matching.
        String cn = new DistinguishedNameParser(principal).findMostSpecific("cn");
        if (cn != null) {
            return verifyHostName(hostName, cn);
        }
    }
    return false;
}
Also used : X500Principal(javax.security.auth.x500.X500Principal)

Example 68 with X500Principal

use of javax.security.auth.x500.X500Principal in project grpc-java by grpc.

the class TestUtils method newSslSocketFactoryForCa.

/**
   * Creates an SSLSocketFactory which contains {@code certChainFile} as its only root certificate.
   */
public static SSLSocketFactory newSslSocketFactoryForCa(Provider provider, File certChainFile) throws Exception {
    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
    ks.load(null, null);
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    X509Certificate cert = (X509Certificate) cf.generateCertificate(new BufferedInputStream(new FileInputStream(certChainFile)));
    X500Principal principal = cert.getSubjectX500Principal();
    ks.setCertificateEntry(principal.getName("RFC2253"), cert);
    // Set up trust manager factory to use our key store.
    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    trustManagerFactory.init(ks);
    SSLContext context = SSLContext.getInstance("TLS", provider);
    context.init(null, trustManagerFactory.getTrustManagers(), null);
    return context.getSocketFactory();
}
Also used : BufferedInputStream(java.io.BufferedInputStream) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) X500Principal(javax.security.auth.x500.X500Principal) SSLContext(javax.net.ssl.SSLContext) KeyStore(java.security.KeyStore) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) FileInputStream(java.io.FileInputStream)

Example 69 with X500Principal

use of javax.security.auth.x500.X500Principal in project XobotOS by xamarin.

the class X509CRLSelector method setIssuers.

/**
     * Sets the criterion for the issuer distinguished names.
     * <p>
     * The CRL issuer must match at least one of the specified distinguished
     * names.
     *
     * @param issuers
     *            the list of issuer distinguished names to match, or {@code
     *            null} if any issuer distinguished name will do.
     */
public void setIssuers(Collection<X500Principal> issuers) {
    if (issuers == null) {
        issuerNames = null;
        issuerPrincipals = null;
        return;
    }
    issuerNames = new ArrayList<String>(issuers.size());
    issuerPrincipals = new ArrayList<X500Principal>(issuers);
    for (X500Principal issuer : issuers) {
        issuerNames.add(issuer.getName(X500Principal.CANONICAL));
    }
}
Also used : X500Principal(javax.security.auth.x500.X500Principal) ASN1OctetString(org.apache.harmony.security.asn1.ASN1OctetString)

Example 70 with X500Principal

use of javax.security.auth.x500.X500Principal in project XobotOS by xamarin.

the class X509CRLSelector method addIssuer.

/**
     * Adds an issuer to the criterion for the issuer distinguished names.
     * <p>
     * The CRL issuer must match at least one of the specified distinguished
     * names.
     *
     * @param issuer
     *            the issuer to add to the criterion
     */
public void addIssuer(X500Principal issuer) {
    if (issuer == null) {
        throw new NullPointerException("issuer == null");
    }
    if (issuerNames == null) {
        issuerNames = new ArrayList<String>();
    }
    String name = issuer.getName(X500Principal.CANONICAL);
    if (!issuerNames.contains(name)) {
        issuerNames.add(name);
    }
    if (issuerPrincipals == null) {
        issuerPrincipals = new ArrayList<X500Principal>(issuerNames.size());
    }
    // extend the list of issuer Principals
    int size = issuerNames.size() - 1;
    for (int i = issuerPrincipals.size(); i < size; i++) {
        issuerPrincipals.add(new X500Principal(issuerNames.get(i)));
    }
    issuerPrincipals.add(issuer);
}
Also used : X500Principal(javax.security.auth.x500.X500Principal) ASN1OctetString(org.apache.harmony.security.asn1.ASN1OctetString)

Aggregations

X500Principal (javax.security.auth.x500.X500Principal)246 X509Certificate (java.security.cert.X509Certificate)68 IOException (java.io.IOException)52 ArrayList (java.util.ArrayList)39 List (java.util.List)25 Principal (java.security.Principal)21 PublicKey (java.security.PublicKey)21 TrustAnchor (java.security.cert.TrustAnchor)21 Certificate (java.security.cert.Certificate)20 X509CertSelector (java.security.cert.X509CertSelector)16 HashMap (java.util.HashMap)16 BigInteger (java.math.BigInteger)15 KeyPair (java.security.KeyPair)15 HashSet (java.util.HashSet)14 Test (org.junit.Test)14 KeyPairGenerator (java.security.KeyPairGenerator)13 CertPathValidatorException (java.security.cert.CertPathValidatorException)13 CertificateException (java.security.cert.CertificateException)13 GeneralSecurityException (java.security.GeneralSecurityException)12 CertificateParsingException (java.security.cert.CertificateParsingException)12
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial