Java Code Examples for java.security.cert.CertPathValidator#validate()
The following examples show how to use
java.security.cert.CertPathValidator#validate() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: ValWithAnchorByName.java From openjdk-jdk9 with GNU General Public License v2.0 | 7 votes |
|
private static void runTest(CertificateFactory cf,
List<X509Certificate> certList, TrustAnchor anchor)
throws Exception {
CertPath path = cf.generateCertPath(certList);
CertPathValidator validator = CertPathValidator.getInstance("PKIX");
System.out.println(anchor);
// Attach the OCSP responses to a PKIXParameters object
PKIXRevocationChecker pkrev =
(PKIXRevocationChecker)validator.getRevocationChecker();
Map<X509Certificate, byte[]> responseMap = new HashMap<>();
responseMap.put(certList.get(0), DECODER.decode(EE_OCSP_RESP));
responseMap.put(certList.get(1), DECODER.decode(INT_CA_OCSP_RESP));
pkrev.setOcspResponses(responseMap);
PKIXParameters params =
new PKIXParameters(Collections.singleton(anchor));
params.addCertPathChecker(pkrev);
params.setDate(EVAL_DATE);
validator.validate(path, params);
}
Example 2
| Source File: SigningCertificate.java From libsignal-service-java with GNU General Public License v3.0 | 6 votes |
|
public SigningCertificate(String certificateChain, KeyStore trustStore)
throws CertificateException, CertPathValidatorException
{
try {
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Collection<X509Certificate> certificatesCollection = (Collection<X509Certificate>) certificateFactory.generateCertificates(new ByteArrayInputStream(URLDecoder.decode(certificateChain).getBytes()));
List<X509Certificate> certificates = new LinkedList<>(certificatesCollection);
PKIXParameters pkixParameters = new PKIXParameters(trustStore);
CertPathValidator validator = CertPathValidator.getInstance("PKIX");
this.path = certificateFactory.generateCertPath(certificates);
pkixParameters.setRevocationEnabled(false);
validator.validate(path, pkixParameters);
verifyDistinguishedName(path);
} catch (KeyStoreException | InvalidAlgorithmParameterException | NoSuchAlgorithmException e) {
throw new AssertionError(e);
}
}
Example 3
| Source File: ServerCrypto.java From carbon-identity with Apache License 2.0 | 5 votes |
|
private boolean validateCertPath(KeyStore ks, Certificate[] certs) throws WSSecurityException {
try {
// Generate cert path
java.util.List certList = java.util.Arrays.asList(certs);
CertPath path = this.getCertificateFactory().generateCertPath(certList);
// Use the certificates in the keystore as TrustAnchors
PKIXParameters param = new PKIXParameters(ks);
// Do not check a revocation list
param.setRevocationEnabled(false);
// Verify the trust path using the above settings
String provider = properties
.getProperty("org.apache.ws.security.crypto.merlin.cert.provider");
CertPathValidator certPathValidator;
if (provider == null || provider.length() == 0) {
certPathValidator = CertPathValidator.getInstance("PKIX");
} else {
certPathValidator = CertPathValidator.getInstance("PKIX", provider);
}
certPathValidator.validate(path, param);
} catch (NoSuchProviderException | NoSuchAlgorithmException | CertificateException |
InvalidAlgorithmParameterException | CertPathValidatorException | KeyStoreException ex) {
throw new WSSecurityException(WSSecurityException.FAILURE, "certpath",
new Object[]{ex.getMessage()}, ex);
}
return true;
}
Example 4
| Source File: PKIXChainValidation.java From fido2 with GNU Lesser General Public License v2.1 | 5 votes |
|
public static boolean pkixvalidate(CertPath cp, Set<TrustAnchor> trustAnchorSet,
boolean isRevocationChecked, boolean isPolicyQualifiersRejected) {
try {
CertPathValidator cpv = CertPathValidator.getInstance("PKIX"); //TODO use BCFIPS when "Support for PKIXRevocationChecker
//in the CertPath implementation" is added
PKIXParameters pkix = new PKIXParameters(trustAnchorSet);
if(isRevocationChecked){
PKIXRevocationChecker prc = (PKIXRevocationChecker) cpv.getRevocationChecker();
prc.setOptions(EnumSet.of(PKIXRevocationChecker.Option.PREFER_CRLS, PKIXRevocationChecker.Option.NO_FALLBACK));
pkix.addCertPathChecker(prc);
}
else{
pkix.setRevocationEnabled(false);
}
pkix.setPolicyQualifiersRejected(isPolicyQualifiersRejected);
pkix.setDate(null);
CertPathValidatorResult cpvr = cpv.validate(cp, pkix);
if (cpvr != null) {
System.out.println("Certificate validated");
return true;
} else {
System.out.println("Certificate not valid");
return false;
}
} catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException | CertPathValidatorException ex) {
Logger.getLogger(PKIXChainValidation.class.getName()).log(Level.SEVERE, null, ex);
return false;
}
}
Example 5
| Source File: VerifyNameConstraints.java From jdk8u60 with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On success, print the
* CertPathValidatorResult on System.out. On failure,
* throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 6
| Source File: VerifyNameConstraints.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On success, print the
* CertPathValidatorResult on System.out. On failure,
* throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 7
| Source File: CertUtils.java From openjdk-jdk8u with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On failure, throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static PKIXCertPathValidatorResult validate
(CertPath path, PKIXParameters params) throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
return (PKIXCertPathValidatorResult) validator.validate(path, params);
}
Example 8
| Source File: ValidateNC.java From openjdk-jdk8u with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX", "SUN");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 9
| Source File: VerifyNameConstraints.java From jdk8u_jdk with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On success, print the
* CertPathValidatorResult on System.out. On failure,
* throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 10
| Source File: CertUtils.java From openjdk-8 with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On failure, throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static PKIXCertPathValidatorResult validate
(CertPath path, PKIXParameters params) throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
return (PKIXCertPathValidatorResult) validator.validate(path, params);
}
Example 11
| Source File: VerifyNameConstraints.java From openjdk-8-source with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On success, print the
* CertPathValidatorResult on System.out. On failure,
* throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 12
| Source File: CertUtils.java From openjdk-jdk9 with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On failure, throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static PKIXCertPathValidatorResult validate
(CertPath path, PKIXParameters params) throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
return (PKIXCertPathValidatorResult) validator.validate(path, params);
}
Example 13
| Source File: ValidateTargetConstraints.java From jdk8u60 with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 14
| Source File: VerifyNameConstraints.java From openjdk-8 with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On success, print the
* CertPathValidatorResult on System.out. On failure,
* throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 15
| Source File: ValidateTargetConstraints.java From jdk8u-jdk with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 16
| Source File: VerifyNameConstraints.java From TencentKona-8 with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On success, print the
* CertPathValidatorResult on System.out. On failure,
* throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 17
| Source File: ValidateNC.java From jdk8u-jdk with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX", "SUN");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 18
| Source File: ValidateNC.java From openjdk-jdk9 with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX", "SUN");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
Example 19
| Source File: CertUtils.java From hottub with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation. On failure, throw an exception.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static PKIXCertPathValidatorResult validate
(CertPath path, PKIXParameters params) throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
return (PKIXCertPathValidatorResult) validator.validate(path, params);
}
Example 20
| Source File: ValidateTargetConstraints.java From jdk8u-jdk with GNU General Public License v2.0 | 3 votes |
|
/**
* Perform a PKIX validation.
*
* @param path CertPath to validate
* @param params PKIXParameters to use in validation
* @throws Exception on error
*/
public static void validate(CertPath path, PKIXParameters params)
throws Exception {
CertPathValidator validator =
CertPathValidator.getInstance("PKIX");
CertPathValidatorResult cpvr = validator.validate(path, params);
}
