Examples of CertPathValidator

java.security.cert.CertPathValidator
@com.intel.drl.spec_ref

Examples of java.security.cert.CertPathValidator


            // Do not check a revocation list
            param.setRevocationEnabled(false);


            // Verify the trust path using the above settings            
            CertPathValidator certPathValidator = CertPathValidator.getInstance("PKIX");
            certPathValidator.validate(path, param);
        } catch (NoSuchAlgorithmException ex) {
            throw new WSSecurityException(WSSecurityException.FAILURE,
                    "certpath",
                    new Object[]{ex.getMessage()},
                    (Throwable) ex);

View Full Code Here

Examples of java.security.cert.CertPathValidator


    protected static CertPathValidatorResult processAttrCert2(
        CertPath certPath, ExtendedPKIXParameters pkixParams)
        throws CertPathValidatorException
    {
        CertPathValidator validator = null;
        try
        {
            validator = CertPathValidator.getInstance("PKIX", "BC");
        }
        catch (NoSuchProviderException e)
        {
            throw new ExtCertPathValidatorException(
                "Support class could not be created.", e);
        }
        catch (NoSuchAlgorithmException e)
        {
            throw new ExtCertPathValidatorException(
                "Support class could not be created.", e);
        }
        try
        {
            return validator.validate(certPath, pkixParams);
        }
        catch (CertPathValidatorException e)
        {
            throw new ExtCertPathValidatorException(
                "Certification path for issuer certificate of attribute certificate could not be validated.",

View Full Code Here

Examples of java.security.cert.CertPathValidator

        }


        tbvPath.add(tbvCert);


        CertificateFactory cFact;
        CertPathValidator validator;
        CertPathBuilderResult builderResult = null;


        try
        {
            cFact = CertificateFactory.getInstance("X.509", "BC");
            validator = CertPathValidator.getInstance("PKIX", "BC");
        }
        catch (Exception e)
        {
            // cannot happen
            throw new RuntimeException("Exception creating support classes.");
        }


        try
        {
            // check whether the issuer of <tbvCert> is a TrustAnchor
            if (CertPathValidatorUtilities.findTrustAnchor(tbvCert, pkixParams.getTrustAnchors(),
                pkixParams.getSigProvider()) != null)
            {
                // exception message from possibly later tried certification
                // chains
                CertPath certPath = null;
                PKIXCertPathValidatorResult result = null;
                try
                {
                    certPath = cFact.generateCertPath(tbvPath);
                }
                catch (Exception e)
                {
                    throw new AnnotatedException(
                        "Certification path could not be constructed from certificate list.",
                        e);
                }


                try
                {
                    result = (PKIXCertPathValidatorResult) validator.validate(
                        certPath, pkixParams);
                }
                catch (Exception e)
                {
                    throw new AnnotatedException(

View Full Code Here

Examples of java.security.cert.CertPathValidator

        }


        tbvPath.add(tbvCert);


        CertificateFactory cFact;
        CertPathValidator validator;
        CertPathBuilderResult builderResult = null;


        try
        {
            cFact = CertificateFactory.getInstance("X.509", "BC");
            validator = CertPathValidator.getInstance("RFC3281", "BC");
        }
        catch (Exception e)
        {
            // cannot happen
            throw new RuntimeException(
                            "Exception creating support classes.");
        }


        try
        {
            // check whether the issuer of <tbvCert> is a TrustAnchor
            if (CertPathValidatorUtilities.findTrustAnchor(tbvCert, pkixParams.getTrustAnchors(),
                pkixParams.getSigProvider()) != null)
            {
                CertPath certPath;
                PKIXCertPathValidatorResult result;
                try
                {
                    certPath = cFact.generateCertPath(tbvPath);
                }
                catch (Exception e)
                {
                    throw new AnnotatedException(
                                            "Certification path could not be constructed from certificate list.",
                                            e);
                }


                try
                {
                    result = (PKIXCertPathValidatorResult) validator.validate(
                            certPath, pkixParams);
                }
                catch (Exception e)
                {
                    throw new AnnotatedException(

View Full Code Here

Examples of java.security.cert.CertPathValidator

        certchain.add(interCert);
        CertPath cp = CertificateFactory.getInstance("X.509","BC").generateCertPath(certchain);
        Set trust = new HashSet();
        trust.add(new TrustAnchor(rootCert, null));


        CertPathValidator cpv = CertPathValidator.getInstance("PKIX","BC");
        PKIXParameters param = new PKIXParameters(trust);
        param.addCertStore(store);
        param.setDate(validDate.getTime());
        PKIXCertPathValidatorResult result =
            (PKIXCertPathValidatorResult) cpv.validate(cp, param);
        PolicyNode policyTree = result.getPolicyTree();
        PublicKey subjectPublicKey = result.getPublicKey();


        if (!subjectPublicKey.equals(finalCert.getPublicKey()))
        {
            fail("wrong public key returned");
        }


        //
        // invalid path containing a valid one test
        //
        try
        {
                // initialise CertStore
            rootCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(AC_RAIZ_ICPBRASIL));
            interCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(AC_PR));
            finalCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(schefer));
    
            list = new ArrayList();
            list.add(rootCert);
            list.add(interCert);
            list.add(finalCert);


            ccsp = new CollectionCertStoreParameters(list);
            store = CertStore.getInstance("Collection", ccsp);
            validDate = Calendar.getInstance();
            validDate.set(2004,2,21,2,21,10);
    
                //validating path
            certchain = new ArrayList();
            certchain.add(finalCert);
            certchain.add(interCert);
            cp = CertificateFactory.getInstance("X.509","BC").generateCertPath(certchain);
            trust = new HashSet();
            trust.add(new TrustAnchor(rootCert, null));


            cpv = CertPathValidator.getInstance("PKIX","BC");
            param = new PKIXParameters(trust);
            param.addCertStore(store);
            param.setRevocationEnabled(false);
            param.setDate(validDate.getTime());
            
            result =(PKIXCertPathValidatorResult) cpv.validate(cp, param);
            policyTree = result.getPolicyTree();
            subjectPublicKey = result.getPublicKey();
            
            fail("Invalid path validated");
        }

View Full Code Here

Examples of java.security.cert.CertPathValidator

            certsAndCrls.add(loadCrl(crls[i]));
        }
    
        CertStore  store = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certsAndCrls), "BC");
        
        CertPathValidator validator = CertPathValidator.getInstance("PKIX","BC");
        PKIXParameters    params = new PKIXParameters(trustedSet);
        
        params.addCertStore(store);
        params.setRevocationEnabled(true);
        
        if (policies != null)
        {
            params.setExplicitPolicyRequired(true);
            params.setInitialPolicies(policies);
        }
        
        return (PKIXCertPathValidatorResult)validator.validate(certPath, params);
    }

View Full Code Here

Examples of java.security.cert.CertPathValidator

                    CertStoreParameters crlParams = new CollectionCertStoreParameters(crls);
                    pkixParams.addCertStore(CertStore.getInstance("Collection", crlParams));
                }
            }
                
            CertPathValidator validator = CertPathValidator.getInstance("PKIX");
            validator.validate(certPath, pkixParams);
        } catch (InvalidAlgorithmParameterException e) {
            LOG.log(Level.SEVERE,
                    "Invalid algorithm parameter by certificate chain validation. "
                        + "It is likely that issuer certificates are not found in XKMS trusted storage. "
                        + e.getMessage(), e);

View Full Code Here

Examples of java.security.cert.CertPathValidator

            }
            PKIXParameters param = new PKIXParameters(hashSet);
            // Do not check a revocation list
            param.setRevocationEnabled(false);
            // Verify the trust path using the above settings
            CertPathValidator certPathValidator;
            if (provider == null || provider.length() == 0) {
                certPathValidator = CertPathValidator.getInstance("PKIX");
            } else {
                certPathValidator = CertPathValidator.getInstance("PKIX", provider);
            }
            certPathValidator.validate(path, param);
        } catch (NoSuchProviderException ex) {
                throw new WSSecurityException(WSSecurityException.FAILURE,
                                "certpath", new Object[] { ex.getMessage() },
                                (Throwable) ex);
        } catch (NoSuchAlgorithmException ex) {

View Full Code Here

Examples of java.security.cert.CertPathValidator

  private static WaveOidChecker WAVE_OID_CHECKER = new WaveOidChecker();


  private void validateNoCache(List<? extends X509Certificate> certs)
      throws SignatureException {
    try {
      CertPathValidator validator = CertPathValidator.getInstance(
          VALIDATOR_TYPE);
      PKIXParameters params = new PKIXParameters(trustRoots);
      params.addCertPathChecker(WAVE_OID_CHECKER);
      params.setDate(timeSource.now());


      // turn off default revocation-checking mechanism
      params.setRevocationEnabled(false);


      // TODO: add a way for clients to add certificate revocation checks,
      // perhaps by letting them pass in PKIXCertPathCheckers. This can also be
      // useful to check for Wave-specific certificate extensions.


      CertificateFactory certFactory = CertificateFactory.getInstance(
          CERTIFICATE_TYPE);
      CertPath certPath = certFactory.generateCertPath(certs);
      validator.validate(certPath, params);
    } catch (GeneralSecurityException e) {
      throw new SignatureException("Certificate validation failure", e);
    }
  }

View Full Code Here

Examples of java.security.cert.CertPathValidator

                param.addCertStore(crlCertStore);
            }


            // Verify the trust path using the above settings
            String provider = getCryptoProvider();
            CertPathValidator validator = null;
            if (provider == null || provider.length() == 0) {
                validator = CertPathValidator.getInstance("PKIX");
            } else {
                validator = CertPathValidator.getInstance("PKIX", provider);
            }
            validator.validate(path, param);
        } catch (NoSuchProviderException e) {
                throw new WSSecurityException(
                    WSSecurityException.ErrorCode.FAILURE, "certpath", e
                );
        } catch (NoSuchAlgorithmException e) {

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.