Java Code Examples for java.security.cert.CertificateFactory#generateCertPath()
The following examples show how to use
java.security.cert.CertificateFactory#generateCertPath() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: ValidateTargetConstraints.java From jdk8u_jdk with GNU General Public License v2.0 | 6 votes |
|
public static void createPath(String[] certs) throws Exception {
TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
Set anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
X509CertSelector sel = new X509CertSelector();
sel.setSerialNumber(new BigInteger("1427"));
params.setTargetCertConstraints(sel);
}
Example 2
| Source File: SSLService.java From oxTrust with MIT License | 6 votes |
|
private static X509Certificate[] loadCertificatesAsPkiPathEncoded(InputStream is) throws Exception {
try {
CertificateFactory cf = getCertificateFactoryInstance();
CertPath certPath = cf.generateCertPath(is, PKI_PATH_ENCODING);
List<? extends Certificate> certs = certPath.getCertificates();
ArrayList<X509Certificate> loadedCerts = new ArrayList<X509Certificate>();
for (Iterator<? extends Certificate> itr = certs.iterator(); itr.hasNext();) {
X509Certificate cert = (X509Certificate) itr.next();
if (cert != null) {
loadedCerts.add(cert);
}
}
return loadedCerts.toArray(new X509Certificate[loadedCerts.size()]);
} finally {
IOUtils.closeQuietly(is);
}
}
Example 3
| Source File: ValidateNC.java From hottub with GNU General Public License v2.0 | 6 votes |
|
public static void createPath(String[] certs) throws Exception {
X509Certificate anchorCert = getCertFromFile(certs[0]);
byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
if (nameConstraints != null) {
DerInputStream in = new DerInputStream(nameConstraints);
nameConstraints = in.getOctetString();
}
TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
}
Example 4
| Source File: ValidateNC.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
|
public static void createPath(String[] certs) throws Exception {
X509Certificate anchorCert = getCertFromFile(certs[0]);
byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
if (nameConstraints != null) {
DerInputStream in = new DerInputStream(nameConstraints);
nameConstraints = in.getOctetString();
}
TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
}
Example 5
| Source File: CachedCertPathValidator.java From swellrt with Apache License 2.0 | 6 votes |
|
private void validateNoCache(List<? extends X509Certificate> certs)
throws SignatureException {
try {
CertPathValidator validator = CertPathValidator.getInstance(
VALIDATOR_TYPE);
PKIXParameters params = new PKIXParameters(trustRoots);
params.addCertPathChecker(WAVE_OID_CHECKER);
params.setDate(timeSource.now());
// turn off default revocation-checking mechanism
params.setRevocationEnabled(false);
// TODO: add a way for clients to add certificate revocation checks,
// perhaps by letting them pass in PKIXCertPathCheckers. This can also be
// useful to check for Wave-specific certificate extensions.
CertificateFactory certFactory = CertificateFactory.getInstance(
CERTIFICATE_TYPE);
CertPath certPath = certFactory.generateCertPath(certs);
validator.validate(certPath, params);
} catch (GeneralSecurityException e) {
throw new SignatureException("Certificate validation failure", e);
}
}
Example 6
| Source File: CertPathEncodingTest.java From TencentKona-8 with GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
// Make the CertPath whose encoded form has already been stored
CertificateFactory certFac = CertificateFactory.getInstance("X509");
final List<Certificate> certs = new ArrayList<>();
certs.add(certFac.generateCertificate(new ByteArrayInputStream(cert1.getBytes())));
certs.add(certFac.generateCertificate(new ByteArrayInputStream(cert2.getBytes())));
CertPath cp = certFac.generateCertPath(certs);
// Get the encoded form of the CertPath we made
byte[] encoded = cp.getEncoded("PKCS7");
// check if it matches the encoded value
if (!Arrays.equals(encoded, Base64.getMimeDecoder().decode(pkcs7path.getBytes()))) {
throw new RuntimeException("PKCS#7 encoding doesn't match stored value");
}
// Generate a CertPath from the encoded value and check if it equals
// the CertPath generated from the certificates
CertPath decodedCP = certFac.generateCertPath(new ByteArrayInputStream(encoded), "PKCS7");
if (!decodedCP.equals(cp)) {
throw new RuntimeException("CertPath decoded from PKCS#7 isn't equal to original");
}
}
Example 7
| Source File: CertPathEncodingTest.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
// Make the CertPath whose encoded form has already been stored
CertificateFactory certFac = CertificateFactory.getInstance("X509");
final List<Certificate> certs = new ArrayList<>();
certs.add(certFac.generateCertificate(new ByteArrayInputStream(cert1.getBytes())));
certs.add(certFac.generateCertificate(new ByteArrayInputStream(cert2.getBytes())));
CertPath cp = certFac.generateCertPath(certs);
// Get the encoded form of the CertPath we made
byte[] encoded = cp.getEncoded("PKCS7");
// check if it matches the encoded value
if (!Arrays.equals(encoded, Base64.getMimeDecoder().decode(pkcs7path.getBytes()))) {
throw new RuntimeException("PKCS#7 encoding doesn't match stored value");
}
// Generate a CertPath from the encoded value and check if it equals
// the CertPath generated from the certificates
CertPath decodedCP = certFac.generateCertPath(new ByteArrayInputStream(encoded), "PKCS7");
if (!decodedCP.equals(cp)) {
throw new RuntimeException("CertPath decoded from PKCS#7 isn't equal to original");
}
}
Example 8
| Source File: ValidateTargetConstraints.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
|
public static void createPath(String[] certs) throws Exception {
TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
Set anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
X509CertSelector sel = new X509CertSelector();
sel.setSerialNumber(new BigInteger("1427"));
params.setTargetCertConstraints(sel);
}
Example 9
| Source File: ValidateNC.java From openjdk-8-source with GNU General Public License v2.0 | 6 votes |
|
public static void createPath(String[] certs) throws Exception {
X509Certificate anchorCert = getCertFromFile(certs[0]);
byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
if (nameConstraints != null) {
DerInputStream in = new DerInputStream(nameConstraints);
nameConstraints = in.getOctetString();
}
TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
}
Example 10
| Source File: ValidateNC.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
public static void createPath(String[] certs) throws Exception {
X509Certificate anchorCert = getCertFromFile(certs[0]);
byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
if (nameConstraints != null) {
DerInputStream in = new DerInputStream(nameConstraints);
nameConstraints = in.getOctetString();
}
TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
}
Example 11
| Source File: ValidateTargetConstraints.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
public static void createPath(String[] certs) throws Exception {
TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
Set anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
X509CertSelector sel = new X509CertSelector();
sel.setSerialNumber(new BigInteger("1427"));
params.setTargetCertConstraints(sel);
}
Example 12
| Source File: CertUtils.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
|
/**
* Read a bunch of certs from files and create a CertPath from them.
*
* @param relPath relative path containing certs (must end in
* file.separator)
* @param fileNames an array of <code>String</code>s that are file names
* @throws Exception on error
*/
public static CertPath buildPath(String relPath, String [] fileNames)
throws Exception {
List<X509Certificate> list = new ArrayList<X509Certificate>();
for (int i = 0; i < fileNames.length; i++) {
list.add(0, getCertFromFile(relPath + fileNames[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
return(cf.generateCertPath(list));
}
Example 13
| Source File: VerifyNameConstraints.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
|
public static void createPath(String[] certs) throws Exception {
TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
Set anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
}
Example 14
| Source File: VerifyNameConstraints.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
public static void createPath(String[] certs) throws Exception {
TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
Set anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
}
Example 15
| Source File: CertUtils.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
/**
* Read a bunch of certs from files and create a CertPath from them.
*
* @param relPath relative path containing certs (must end in
* file.separator)
* @param fileNames an array of <code>String</code>s that are file names
* @throws Exception on error
*/
public static CertPath buildPath(String relPath, String [] fileNames)
throws Exception {
List<X509Certificate> list = new ArrayList<X509Certificate>();
for (int i = 0; i < fileNames.length; i++) {
list.add(0, getCertFromFile(relPath + fileNames[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
return(cf.generateCertPath(list));
}
Example 16
| Source File: Base64Utils.java From signer with GNU Lesser General Public License v3.0 | 5 votes |
|
/**
*
* Performs the encoding of a certificate chain to base64
*
* @param aCertificationChain certificate chain
* @return ASN.1 DER encoded on Base64, for X.509 certificate
* @throws CertificateException exception
*/
public static String encodeX509CertChainToBase64(Certificate[] aCertificationChain) throws CertificateException {
List<Certificate> certList = Arrays.asList(aCertificationChain);
CertificateFactory certFactory = CertificateFactory.getInstance(X509_CERTIFICATE_TYPE);
CertPath certPath = certFactory.generateCertPath(certList);
byte[] certPathEncoded = certPath.getEncoded(CERTIFICATION_CHAIN_ENCODING);
String base64encodedCertChain = Base64Utils.base64Encode(certPathEncoded);
return base64encodedCertChain;
}
Example 17
| Source File: CertUtils.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
/**
* Read a bunch of certs from files and create a CertPath from them.
*
* @param relPath relative path containing certs (must end in
* file.separator)
* @param fileNames an array of <code>String</code>s that are file names
* @throws Exception on error
*/
public static CertPath buildPath(String relPath, String [] fileNames)
throws Exception {
List<X509Certificate> list = new ArrayList<X509Certificate>();
for (int i = 0; i < fileNames.length; i++) {
list.add(0, getCertFromFile(relPath + fileNames[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
return(cf.generateCertPath(list));
}
Example 18
| Source File: CertUtils.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 5 votes |
|
/**
* Read a bunch of certs from files and create a CertPath from them.
*
* @param relPath relative path containing certs (must end in
* file.separator)
* @param fileNames an array of <code>String</code>s that are file names
* @throws Exception on error
*/
public static CertPath buildPath(String relPath, String [] fileNames)
throws Exception {
List<X509Certificate> list = new ArrayList<X509Certificate>();
for (int i = 0; i < fileNames.length; i++) {
list.add(0, getCertFromFile(relPath + fileNames[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
return(cf.generateCertPath(list));
}
Example 19
| Source File: CertUtils.java From hottub with GNU General Public License v2.0 | 5 votes |
|
/**
* Read a bunch of certs from files and create a CertPath from them.
*
* @param relPath relative path containing certs (must end in
* file.separator)
* @param fileNames an array of <code>String</code>s that are file names
* @throws Exception on error
*/
public static CertPath buildPath(String relPath, String [] fileNames)
throws Exception {
List<X509Certificate> list = new ArrayList<X509Certificate>();
for (int i = 0; i < fileNames.length; i++) {
list.add(0, getCertFromFile(relPath + fileNames[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
return(cf.generateCertPath(list));
}
Example 20
| Source File: VerifyNameConstraints.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
|
public static void createPath(String[] certs) throws Exception {
TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
Set anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
}
