java.security.cert.CertPathBuilder

Here are the examples of the java api class java.security.cert.CertPathBuilder taken from open source projects.

1. CertUtils#build()

Project: openjdk
File: CertUtils.java
/**
     * Perform a PKIX path build. On failure, throw an exception.
     *
     * @param params PKIXBuilderParameters to use in validation
     * @throws Exception on error
     */
public static PKIXCertPathBuilderResult build(PKIXBuilderParameters params) throws Exception {
    CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
    return (PKIXCertPathBuilderResult) builder.build(params);
}

2. ValidateNC#build()

Project: openjdk
File: ValidateNC.java
/**
     * Perform a PKIX build.
     *
     * @param params PKIXBuilderParameters to use in the build
     * @throws Exception on error
     */
public static void build(PKIXBuilderParameters params) throws Exception {
    CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "SUN");
    CertPathBuilderResult cpbr = builder.build(params);
}

3. BuildOddSel#build()

Project: openjdk
File: BuildOddSel.java
/**
     * Perform a PKIX build.
     *
     * @param params PKIXBuilderParameters to use in building
     * @throws Exception on error
     */
public static void build(PKIXBuilderParameters params) throws Exception {
    CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
    CertPathBuilderResult cpbr = builder.build(params);
}

4. NoExtensions#doBuild()

Project: openjdk
File: NoExtensions.java
private void doBuild(X509Certificate userCert) throws Exception {
    // get the set of trusted CA certificates (only one in this instance)
    HashSet trustAnchors = new HashSet();
    X509Certificate trustedCert = getTrustedCertificate();
    trustAnchors.add(new TrustAnchor(trustedCert, null));
    // put together a CertStore (repository of the certificates and CRLs)
    ArrayList certs = new ArrayList();
    certs.add(trustedCert);
    certs.add(userCert);
    CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs);
    CertStore certStore = CertStore.getInstance("Collection", certStoreParams);
    // specify the target certificate via a CertSelector
    X509CertSelector certSelector = new X509CertSelector();
    certSelector.setCertificate(userCert);
    // seems to be required
    certSelector.setSubject(userCert.getSubjectDN().getName());
    // build a valid cerificate path
    CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN");
    PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector);
    certPathBuilderParams.addCertStore(certStore);
    certPathBuilderParams.setRevocationEnabled(false);
    CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams);
    // get and show cert path
    CertPath certPath = result.getCertPath();
//        System.out.println(certPath.toString());
}

5. GetInstance#main()

Project: openjdk
File: GetInstance.java
public static void main(String[] argv) throws Exception {
    Provider stubProvider = new StubProvider();
    CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX", stubProvider);
    System.out.println("Test passed.");
}

6. CertUtils#build()

Project: jdk7u-jdk
File: CertUtils.java
/**
     * Perform a PKIX path build. On failure, throw an exception.
     *
     * @param params PKIXBuilderParameters to use in validation
     * @throws Exception on error
     */
public static PKIXCertPathBuilderResult build(PKIXBuilderParameters params) throws Exception {
    CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
    return (PKIXCertPathBuilderResult) builder.build(params);
}

7. ValidateNC#build()

Project: jdk7u-jdk
File: ValidateNC.java
/**
     * Perform a PKIX build.
     *
     * @param params PKIXBuilderParameters to use in the build
     * @throws Exception on error
     */
public static void build(PKIXBuilderParameters params) throws Exception {
    CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "SUN");
    CertPathBuilderResult cpbr = builder.build(params);
}

8. BuildOddSel#build()

Project: jdk7u-jdk
File: BuildOddSel.java
/**
     * Perform a PKIX build.
     *
     * @param params PKIXBuilderParameters to use in building
     * @throws Exception on error
     */
public static void build(PKIXBuilderParameters params) throws Exception {
    CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
    CertPathBuilderResult cpbr = builder.build(params);
}

9. NoExtensions#doBuild()

Project: jdk7u-jdk
File: NoExtensions.java
private void doBuild(X509Certificate userCert) throws Exception {
    // get the set of trusted CA certificates (only one in this instance)
    HashSet trustAnchors = new HashSet();
    X509Certificate trustedCert = getTrustedCertificate();
    trustAnchors.add(new TrustAnchor(trustedCert, null));
    // put together a CertStore (repository of the certificates and CRLs)
    ArrayList certs = new ArrayList();
    certs.add(trustedCert);
    certs.add(userCert);
    CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs);
    CertStore certStore = CertStore.getInstance("Collection", certStoreParams);
    // specify the target certificate via a CertSelector
    X509CertSelector certSelector = new X509CertSelector();
    certSelector.setCertificate(userCert);
    // seems to be required
    certSelector.setSubject(userCert.getSubjectDN().getName());
    // build a valid cerificate path
    CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN");
    PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector);
    certPathBuilderParams.addCertStore(certStore);
    certPathBuilderParams.setRevocationEnabled(false);
    CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams);
    // get and show cert path
    CertPath certPath = result.getCertPath();
//        System.out.println(certPath.toString());
}

10. GetInstance#main()

Project: jdk7u-jdk
File: GetInstance.java
public static void main(String[] argv) throws Exception {
    Provider stubProvider = new StubProvider();
    CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX", stubProvider);
    System.out.println("Test passed.");
}

11. PKIXPolicyMappingTest#testPolicies()

Project: bc-java
File: PKIXPolicyMappingTest.java
private String testPolicies(int index, X509Certificate trustCert, X509Certificate intCert, X509Certificate endCert, Set requirePolicies, boolean okay) throws IOException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException {
    Set trust = new HashSet();
    trust.add(new TrustAnchor(trustCert, null));
    X509CertSelector targetConstraints = new X509CertSelector();
    targetConstraints.setSubject(endCert.getSubjectX500Principal().getEncoded());
    PKIXBuilderParameters params = new PKIXBuilderParameters(trust, targetConstraints);
    Set certs = new HashSet();
    certs.add(intCert);
    certs.add(endCert);
    CollectionCertStoreParameters pr = new CollectionCertStoreParameters(certs);
    CertStore store = CertStore.getInstance("Collection", pr);
    params.addCertStore(store);
    params.setRevocationEnabled(false);
    if (requirePolicies != null) {
        params.setExplicitPolicyRequired(true);
        params.setInitialPolicies(requirePolicies);
    }
    CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX", "BC");
    //      CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX","SUN");  
    PKIXCertPathBuilderResult result = null;
    try {
        result = (PKIXCertPathBuilderResult) cpb.build(params);
        if (!okay) {
            fail(index + ": path validated when failure expected.");
        }
        return "";
    } catch (TestFailedException e) {
        throw e;
    } catch (Exception e) {
        if (okay) {
            fail(index + ": path failed to validate when success expected.");
        }
        Throwable ee = e.getCause();
        if (ee != null) {
            return ee.getMessage();
        }
        return e.getMessage();
    }
}

12. NistCertPathTest#doBuilderTest()

Project: bc-java
File: NistCertPathTest.java
private PKIXCertPathBuilderResult doBuilderTest(String trustAnchor, String[] certs, String[] crls, Set initialPolicies, boolean policyMappingInhibited, boolean anyPolicyInhibited) throws Exception {
    Set trustedSet = Collections.singleton(getTrustAnchor(trustAnchor));
    List certsAndCrls = new ArrayList();
    X509Certificate endCert = loadCert(certs[certs.length - 1]);
    for (int i = 0; i != certs.length - 1; i++) {
        certsAndCrls.add(loadCert(certs[i]));
    }
    certsAndCrls.add(endCert);
    for (int i = 0; i != crls.length; i++) {
        certsAndCrls.add(loadCrl(crls[i]));
    }
    CertStore store = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certsAndCrls), "BC");
    CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "BC");
    X509CertSelector endSelector = new X509CertSelector();
    endSelector.setCertificate(endCert);
    PKIXBuilderParameters builderParams = new PKIXBuilderParameters(trustedSet, endSelector);
    if (initialPolicies != null) {
        builderParams.setInitialPolicies(initialPolicies);
        builderParams.setExplicitPolicyRequired(true);
    }
    if (policyMappingInhibited) {
        builderParams.setPolicyMappingInhibited(policyMappingInhibited);
    }
    if (anyPolicyInhibited) {
        builderParams.setAnyPolicyInhibited(anyPolicyInhibited);
    }
    builderParams.addCertStore(store);
    builderParams.setDate(new GregorianCalendar(2010, 1, 1).getTime());
    try {
        return (PKIXCertPathBuilderResult) builder.build(builderParams);
    } catch (CertPathBuilderException e) {
        throw (Exception) e.getCause();
    }
}

13. CertPathTest#testExceptions()

Project: bc-java
File: CertPathTest.java
private void testExceptions() throws Exception {
    byte[] enc = { (byte) 0, (byte) 2, (byte) 3, (byte) 4, (byte) 5 };
    MyCertPath mc = new MyCertPath(enc);
    ByteArrayOutputStream os = new ByteArrayOutputStream();
    ByteArrayInputStream is;
    byte[] arr;
    ObjectOutputStream oOut = new ObjectOutputStream(os);
    oOut.writeObject(mc);
    oOut.flush();
    oOut.close();
    try {
        CertificateFactory cFac = CertificateFactory.getInstance("X.509", "BC");
        arr = os.toByteArray();
        is = new ByteArrayInputStream(arr);
        cFac.generateCertPath(is);
    } catch (CertificateException e) {
    }
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    List certCol = new ArrayList();
    certCol.add(cf.generateCertificate(new ByteArrayInputStream(certA)));
    certCol.add(cf.generateCertificate(new ByteArrayInputStream(certB)));
    certCol.add(cf.generateCertificate(new ByteArrayInputStream(certC)));
    certCol.add(cf.generateCertificate(new ByteArrayInputStream(certD)));
    CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX", "BC");
    X509CertSelector select = new X509CertSelector();
    select.setSubject(((X509Certificate) certCol.get(0)).getSubjectX500Principal().getEncoded());
    Set trustanchors = new HashSet();
    trustanchors.add(new TrustAnchor((X509Certificate) cf.generateCertificate(new ByteArrayInputStream(rootCertBin)), null));
    CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certCol));
    PKIXBuilderParameters params = new PKIXBuilderParameters(trustanchors, select);
    params.addCertStore(certStore);
    try {
        CertPathBuilderResult result = pathBuilder.build(params);
        CertPath path = result.getCertPath();
        fail("found cert path in circular set");
    } catch (CertPathBuilderException e) {
    }
}

14. CertPathBuilderTest#v0Test()

Project: bc-java
File: CertPathBuilderTest.java
private void v0Test() throws Exception {
    // create certificates and CRLs
    KeyPair rootPair = TestUtils.generateRSAKeyPair();
    KeyPair interPair = TestUtils.generateRSAKeyPair();
    KeyPair endPair = TestUtils.generateRSAKeyPair();
    X509Certificate rootCert = TestUtils.generateRootCert(rootPair);
    X509Certificate interCert = TestUtils.generateIntermediateCert(interPair.getPublic(), rootPair.getPrivate(), rootCert);
    X509Certificate endCert = TestUtils.generateEndEntityCert(endPair.getPublic(), interPair.getPrivate(), interCert);
    BigInteger revokedSerialNumber = BigInteger.valueOf(2);
    X509CRL rootCRL = TestUtils.createCRL(rootCert, rootPair.getPrivate(), revokedSerialNumber);
    X509CRL interCRL = TestUtils.createCRL(interCert, interPair.getPrivate(), revokedSerialNumber);
    // create CertStore to support path building
    List list = new ArrayList();
    list.add(rootCert);
    list.add(interCert);
    list.add(endCert);
    list.add(rootCRL);
    list.add(interCRL);
    CollectionCertStoreParameters params = new CollectionCertStoreParameters(list);
    CertStore store = CertStore.getInstance("Collection", params);
    // build the path
    CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "BC");
    X509CertSelector pathConstraints = new X509CertSelector();
    pathConstraints.setSubject(endCert.getSubjectX500Principal().getEncoded());
    PKIXBuilderParameters buildParams = new PKIXBuilderParameters(Collections.singleton(new TrustAnchor(rootCert, null)), pathConstraints);
    buildParams.addCertStore(store);
    buildParams.setDate(new Date());
    PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult) builder.build(buildParams);
    CertPath path = result.getCertPath();
    if (path.getCertificates().size() != 2) {
        fail("wrong number of certs in v0Test path");
    }
}

15. CertPathBuilderTest#baseTest()

Project: bc-java
File: CertPathBuilderTest.java
private void baseTest() throws Exception {
    CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
    // initialise CertStore
    X509Certificate rootCert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(CertPathTest.rootCertBin));
    X509Certificate interCert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(CertPathTest.interCertBin));
    X509Certificate finalCert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(CertPathTest.finalCertBin));
    X509CRL rootCrl = (X509CRL) cf.generateCRL(new ByteArrayInputStream(CertPathTest.rootCrlBin));
    X509CRL interCrl = (X509CRL) cf.generateCRL(new ByteArrayInputStream(CertPathTest.interCrlBin));
    List list = new ArrayList();
    list.add(rootCert);
    list.add(interCert);
    list.add(finalCert);
    list.add(rootCrl);
    list.add(interCrl);
    CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
    CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
    Date validDate = new Date(rootCrl.getThisUpdate().getTime() + 60 * 60 * 1000);
    //Searching for rootCert by subjectDN without CRL
    Set trust = new HashSet();
    trust.add(new TrustAnchor(rootCert, null));
    CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX", "BC");
    X509CertSelector targetConstraints = new X509CertSelector();
    targetConstraints.setSubject(finalCert.getSubjectX500Principal().getEncoded());
    PKIXBuilderParameters params = new PKIXBuilderParameters(trust, targetConstraints);
    params.addCertStore(store);
    params.setDate(validDate);
    PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult) cpb.build(params);
    CertPath path = result.getCertPath();
    if (path.getCertificates().size() != 2) {
        fail("wrong number of certs in baseTest path");
    }
}

16. CertPathTest#testExceptions()

Project: bc-java
File: CertPathTest.java
private void testExceptions() throws Exception {
    byte[] enc = { (byte) 0, (byte) 2, (byte) 3, (byte) 4, (byte) 5 };
    MyCertPath mc = new MyCertPath(enc);
    ByteArrayOutputStream os = new ByteArrayOutputStream();
    ByteArrayInputStream is;
    byte[] arr;
    ObjectOutputStream oOut = new ObjectOutputStream(os);
    oOut.writeObject(mc);
    oOut.flush();
    oOut.close();
    try {
        CertificateFactory cFac = CertificateFactory.getInstance("X.509", "BC");
        arr = os.toByteArray();
        is = new ByteArrayInputStream(arr);
        cFac.generateCertPath(is);
    } catch (CertificateException e) {
    }
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    List certCol = new ArrayList();
    certCol.add(cf.generateCertificate(new ByteArrayInputStream(certA)));
    certCol.add(cf.generateCertificate(new ByteArrayInputStream(certB)));
    certCol.add(cf.generateCertificate(new ByteArrayInputStream(certC)));
    certCol.add(cf.generateCertificate(new ByteArrayInputStream(certD)));
    CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX", "BC");
    X509CertSelector select = new X509CertSelector();
    select.setSubject(PrincipalUtil.getSubjectX509Principal(((X509Certificate) certCol.get(0))).getEncoded());
    Set trustanchors = new HashSet();
    trustanchors.add(new TrustAnchor((X509Certificate) cf.generateCertificate(new ByteArrayInputStream(rootCertBin)), null));
    CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certCol));
    PKIXBuilderParameters params = new PKIXBuilderParameters(trustanchors, select);
    params.addCertStore(certStore);
    try {
        CertPathBuilderResult result = pathBuilder.build(params);
        CertPath path = result.getCertPath();
        fail("found cert path in circular set");
    } catch (CertPathBuilderException e) {
    }
}

17. CertPathTest#testExceptions()

Project: bc-java
File: CertPathTest.java
private void testExceptions() throws Exception {
    byte[] enc = { (byte) 0, (byte) 2, (byte) 3, (byte) 4, (byte) 5 };
    MyCertPath mc = new MyCertPath(enc);
    ByteArrayOutputStream os = new ByteArrayOutputStream();
    ByteArrayInputStream is;
    byte[] arr;
    ObjectOutputStream oOut = new ObjectOutputStream(os);
    oOut.writeObject(mc);
    oOut.flush();
    oOut.close();
    try {
        CertificateFactory cFac = CertificateFactory.getInstance("X.509", "BC");
        arr = os.toByteArray();
        is = new ByteArrayInputStream(arr);
        cFac.generateCertPath(is);
    } catch (CertificateException e) {
    }
    CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
    List certCol = new ArrayList();
    certCol.add(cf.generateCertificate(new ByteArrayInputStream(certA)));
    certCol.add(cf.generateCertificate(new ByteArrayInputStream(certB)));
    certCol.add(cf.generateCertificate(new ByteArrayInputStream(certC)));
    certCol.add(cf.generateCertificate(new ByteArrayInputStream(certD)));
    CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX", "BC");
    X509CertSelector select = new X509CertSelector();
    select.setSubject(((X509Certificate) certCol.get(0)).getSubjectX500Principal().getEncoded());
    Set trustanchors = new HashSet();
    trustanchors.add(new TrustAnchor((X509Certificate) cf.generateCertificate(new ByteArrayInputStream(rootCertBin)), null));
    CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certCol));
    PKIXBuilderParameters params = new PKIXBuilderParameters(trustanchors, select);
    params.addCertStore(certStore);
    try {
        CertPathBuilderResult result = pathBuilder.build(params);
        CertPath path = result.getCertPath();
        fail("found cert path in circular set");
    } catch (CertPathBuilderException e) {
    }
}