Here are the examples of the java api class java.security.cert.CertPathBuilder taken from open source projects.
1. CertUtils#build()
Project: openjdk
File: CertUtils.java
File: CertUtils.java
/** * Perform a PKIX path build. On failure, throw an exception. * * @param params PKIXBuilderParameters to use in validation * @throws Exception on error */ public static PKIXCertPathBuilderResult build(PKIXBuilderParameters params) throws Exception { CertPathBuilder builder = CertPathBuilder.getInstance("PKIX"); return (PKIXCertPathBuilderResult) builder.build(params); }
2. ValidateNC#build()
Project: openjdk
File: ValidateNC.java
File: ValidateNC.java
/** * Perform a PKIX build. * * @param params PKIXBuilderParameters to use in the build * @throws Exception on error */ public static void build(PKIXBuilderParameters params) throws Exception { CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "SUN"); CertPathBuilderResult cpbr = builder.build(params); }
3. BuildOddSel#build()
Project: openjdk
File: BuildOddSel.java
File: BuildOddSel.java
/** * Perform a PKIX build. * * @param params PKIXBuilderParameters to use in building * @throws Exception on error */ public static void build(PKIXBuilderParameters params) throws Exception { CertPathBuilder builder = CertPathBuilder.getInstance("PKIX"); CertPathBuilderResult cpbr = builder.build(params); }
4. NoExtensions#doBuild()
Project: openjdk
File: NoExtensions.java
File: NoExtensions.java
private void doBuild(X509Certificate userCert) throws Exception { // get the set of trusted CA certificates (only one in this instance) HashSet trustAnchors = new HashSet(); X509Certificate trustedCert = getTrustedCertificate(); trustAnchors.add(new TrustAnchor(trustedCert, null)); // put together a CertStore (repository of the certificates and CRLs) ArrayList certs = new ArrayList(); certs.add(trustedCert); certs.add(userCert); CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs); CertStore certStore = CertStore.getInstance("Collection", certStoreParams); // specify the target certificate via a CertSelector X509CertSelector certSelector = new X509CertSelector(); certSelector.setCertificate(userCert); // seems to be required certSelector.setSubject(userCert.getSubjectDN().getName()); // build a valid cerificate path CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN"); PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector); certPathBuilderParams.addCertStore(certStore); certPathBuilderParams.setRevocationEnabled(false); CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams); // get and show cert path CertPath certPath = result.getCertPath(); // System.out.println(certPath.toString()); }
5. GetInstance#main()
Project: openjdk
File: GetInstance.java
File: GetInstance.java
public static void main(String[] argv) throws Exception { Provider stubProvider = new StubProvider(); CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX", stubProvider); System.out.println("Test passed."); }
6. CertUtils#build()
Project: jdk7u-jdk
File: CertUtils.java
File: CertUtils.java
/** * Perform a PKIX path build. On failure, throw an exception. * * @param params PKIXBuilderParameters to use in validation * @throws Exception on error */ public static PKIXCertPathBuilderResult build(PKIXBuilderParameters params) throws Exception { CertPathBuilder builder = CertPathBuilder.getInstance("PKIX"); return (PKIXCertPathBuilderResult) builder.build(params); }
7. ValidateNC#build()
Project: jdk7u-jdk
File: ValidateNC.java
File: ValidateNC.java
/** * Perform a PKIX build. * * @param params PKIXBuilderParameters to use in the build * @throws Exception on error */ public static void build(PKIXBuilderParameters params) throws Exception { CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "SUN"); CertPathBuilderResult cpbr = builder.build(params); }
8. BuildOddSel#build()
Project: jdk7u-jdk
File: BuildOddSel.java
File: BuildOddSel.java
/** * Perform a PKIX build. * * @param params PKIXBuilderParameters to use in building * @throws Exception on error */ public static void build(PKIXBuilderParameters params) throws Exception { CertPathBuilder builder = CertPathBuilder.getInstance("PKIX"); CertPathBuilderResult cpbr = builder.build(params); }
9. NoExtensions#doBuild()
Project: jdk7u-jdk
File: NoExtensions.java
File: NoExtensions.java
private void doBuild(X509Certificate userCert) throws Exception { // get the set of trusted CA certificates (only one in this instance) HashSet trustAnchors = new HashSet(); X509Certificate trustedCert = getTrustedCertificate(); trustAnchors.add(new TrustAnchor(trustedCert, null)); // put together a CertStore (repository of the certificates and CRLs) ArrayList certs = new ArrayList(); certs.add(trustedCert); certs.add(userCert); CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs); CertStore certStore = CertStore.getInstance("Collection", certStoreParams); // specify the target certificate via a CertSelector X509CertSelector certSelector = new X509CertSelector(); certSelector.setCertificate(userCert); // seems to be required certSelector.setSubject(userCert.getSubjectDN().getName()); // build a valid cerificate path CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN"); PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector); certPathBuilderParams.addCertStore(certStore); certPathBuilderParams.setRevocationEnabled(false); CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams); // get and show cert path CertPath certPath = result.getCertPath(); // System.out.println(certPath.toString()); }
10. GetInstance#main()
Project: jdk7u-jdk
File: GetInstance.java
File: GetInstance.java
public static void main(String[] argv) throws Exception { Provider stubProvider = new StubProvider(); CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX", stubProvider); System.out.println("Test passed."); }
11. PKIXPolicyMappingTest#testPolicies()
Project: bc-java
File: PKIXPolicyMappingTest.java
File: PKIXPolicyMappingTest.java
private String testPolicies(int index, X509Certificate trustCert, X509Certificate intCert, X509Certificate endCert, Set requirePolicies, boolean okay) throws IOException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException { Set trust = new HashSet(); trust.add(new TrustAnchor(trustCert, null)); X509CertSelector targetConstraints = new X509CertSelector(); targetConstraints.setSubject(endCert.getSubjectX500Principal().getEncoded()); PKIXBuilderParameters params = new PKIXBuilderParameters(trust, targetConstraints); Set certs = new HashSet(); certs.add(intCert); certs.add(endCert); CollectionCertStoreParameters pr = new CollectionCertStoreParameters(certs); CertStore store = CertStore.getInstance("Collection", pr); params.addCertStore(store); params.setRevocationEnabled(false); if (requirePolicies != null) { params.setExplicitPolicyRequired(true); params.setInitialPolicies(requirePolicies); } CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX", "BC"); // CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX","SUN"); PKIXCertPathBuilderResult result = null; try { result = (PKIXCertPathBuilderResult) cpb.build(params); if (!okay) { fail(index + ": path validated when failure expected."); } return ""; } catch (TestFailedException e) { throw e; } catch (Exception e) { if (okay) { fail(index + ": path failed to validate when success expected."); } Throwable ee = e.getCause(); if (ee != null) { return ee.getMessage(); } return e.getMessage(); } }
12. NistCertPathTest#doBuilderTest()
Project: bc-java
File: NistCertPathTest.java
File: NistCertPathTest.java
private PKIXCertPathBuilderResult doBuilderTest(String trustAnchor, String[] certs, String[] crls, Set initialPolicies, boolean policyMappingInhibited, boolean anyPolicyInhibited) throws Exception { Set trustedSet = Collections.singleton(getTrustAnchor(trustAnchor)); List certsAndCrls = new ArrayList(); X509Certificate endCert = loadCert(certs[certs.length - 1]); for (int i = 0; i != certs.length - 1; i++) { certsAndCrls.add(loadCert(certs[i])); } certsAndCrls.add(endCert); for (int i = 0; i != crls.length; i++) { certsAndCrls.add(loadCrl(crls[i])); } CertStore store = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certsAndCrls), "BC"); CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "BC"); X509CertSelector endSelector = new X509CertSelector(); endSelector.setCertificate(endCert); PKIXBuilderParameters builderParams = new PKIXBuilderParameters(trustedSet, endSelector); if (initialPolicies != null) { builderParams.setInitialPolicies(initialPolicies); builderParams.setExplicitPolicyRequired(true); } if (policyMappingInhibited) { builderParams.setPolicyMappingInhibited(policyMappingInhibited); } if (anyPolicyInhibited) { builderParams.setAnyPolicyInhibited(anyPolicyInhibited); } builderParams.addCertStore(store); builderParams.setDate(new GregorianCalendar(2010, 1, 1).getTime()); try { return (PKIXCertPathBuilderResult) builder.build(builderParams); } catch (CertPathBuilderException e) { throw (Exception) e.getCause(); } }
13. CertPathTest#testExceptions()
Project: bc-java
File: CertPathTest.java
File: CertPathTest.java
private void testExceptions() throws Exception { byte[] enc = { (byte) 0, (byte) 2, (byte) 3, (byte) 4, (byte) 5 }; MyCertPath mc = new MyCertPath(enc); ByteArrayOutputStream os = new ByteArrayOutputStream(); ByteArrayInputStream is; byte[] arr; ObjectOutputStream oOut = new ObjectOutputStream(os); oOut.writeObject(mc); oOut.flush(); oOut.close(); try { CertificateFactory cFac = CertificateFactory.getInstance("X.509", "BC"); arr = os.toByteArray(); is = new ByteArrayInputStream(arr); cFac.generateCertPath(is); } catch (CertificateException e) { } CertificateFactory cf = CertificateFactory.getInstance("X.509"); List certCol = new ArrayList(); certCol.add(cf.generateCertificate(new ByteArrayInputStream(certA))); certCol.add(cf.generateCertificate(new ByteArrayInputStream(certB))); certCol.add(cf.generateCertificate(new ByteArrayInputStream(certC))); certCol.add(cf.generateCertificate(new ByteArrayInputStream(certD))); CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX", "BC"); X509CertSelector select = new X509CertSelector(); select.setSubject(((X509Certificate) certCol.get(0)).getSubjectX500Principal().getEncoded()); Set trustanchors = new HashSet(); trustanchors.add(new TrustAnchor((X509Certificate) cf.generateCertificate(new ByteArrayInputStream(rootCertBin)), null)); CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certCol)); PKIXBuilderParameters params = new PKIXBuilderParameters(trustanchors, select); params.addCertStore(certStore); try { CertPathBuilderResult result = pathBuilder.build(params); CertPath path = result.getCertPath(); fail("found cert path in circular set"); } catch (CertPathBuilderException e) { } }
14. CertPathBuilderTest#v0Test()
Project: bc-java
File: CertPathBuilderTest.java
File: CertPathBuilderTest.java
private void v0Test() throws Exception { // create certificates and CRLs KeyPair rootPair = TestUtils.generateRSAKeyPair(); KeyPair interPair = TestUtils.generateRSAKeyPair(); KeyPair endPair = TestUtils.generateRSAKeyPair(); X509Certificate rootCert = TestUtils.generateRootCert(rootPair); X509Certificate interCert = TestUtils.generateIntermediateCert(interPair.getPublic(), rootPair.getPrivate(), rootCert); X509Certificate endCert = TestUtils.generateEndEntityCert(endPair.getPublic(), interPair.getPrivate(), interCert); BigInteger revokedSerialNumber = BigInteger.valueOf(2); X509CRL rootCRL = TestUtils.createCRL(rootCert, rootPair.getPrivate(), revokedSerialNumber); X509CRL interCRL = TestUtils.createCRL(interCert, interPair.getPrivate(), revokedSerialNumber); // create CertStore to support path building List list = new ArrayList(); list.add(rootCert); list.add(interCert); list.add(endCert); list.add(rootCRL); list.add(interCRL); CollectionCertStoreParameters params = new CollectionCertStoreParameters(list); CertStore store = CertStore.getInstance("Collection", params); // build the path CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "BC"); X509CertSelector pathConstraints = new X509CertSelector(); pathConstraints.setSubject(endCert.getSubjectX500Principal().getEncoded()); PKIXBuilderParameters buildParams = new PKIXBuilderParameters(Collections.singleton(new TrustAnchor(rootCert, null)), pathConstraints); buildParams.addCertStore(store); buildParams.setDate(new Date()); PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult) builder.build(buildParams); CertPath path = result.getCertPath(); if (path.getCertificates().size() != 2) { fail("wrong number of certs in v0Test path"); } }
15. CertPathBuilderTest#baseTest()
Project: bc-java
File: CertPathBuilderTest.java
File: CertPathBuilderTest.java
private void baseTest() throws Exception { CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC"); // initialise CertStore X509Certificate rootCert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(CertPathTest.rootCertBin)); X509Certificate interCert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(CertPathTest.interCertBin)); X509Certificate finalCert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(CertPathTest.finalCertBin)); X509CRL rootCrl = (X509CRL) cf.generateCRL(new ByteArrayInputStream(CertPathTest.rootCrlBin)); X509CRL interCrl = (X509CRL) cf.generateCRL(new ByteArrayInputStream(CertPathTest.interCrlBin)); List list = new ArrayList(); list.add(rootCert); list.add(interCert); list.add(finalCert); list.add(rootCrl); list.add(interCrl); CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list); CertStore store = CertStore.getInstance("Collection", ccsp, "BC"); Date validDate = new Date(rootCrl.getThisUpdate().getTime() + 60 * 60 * 1000); //Searching for rootCert by subjectDN without CRL Set trust = new HashSet(); trust.add(new TrustAnchor(rootCert, null)); CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX", "BC"); X509CertSelector targetConstraints = new X509CertSelector(); targetConstraints.setSubject(finalCert.getSubjectX500Principal().getEncoded()); PKIXBuilderParameters params = new PKIXBuilderParameters(trust, targetConstraints); params.addCertStore(store); params.setDate(validDate); PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult) cpb.build(params); CertPath path = result.getCertPath(); if (path.getCertificates().size() != 2) { fail("wrong number of certs in baseTest path"); } }
16. CertPathTest#testExceptions()
Project: bc-java
File: CertPathTest.java
File: CertPathTest.java
private void testExceptions() throws Exception { byte[] enc = { (byte) 0, (byte) 2, (byte) 3, (byte) 4, (byte) 5 }; MyCertPath mc = new MyCertPath(enc); ByteArrayOutputStream os = new ByteArrayOutputStream(); ByteArrayInputStream is; byte[] arr; ObjectOutputStream oOut = new ObjectOutputStream(os); oOut.writeObject(mc); oOut.flush(); oOut.close(); try { CertificateFactory cFac = CertificateFactory.getInstance("X.509", "BC"); arr = os.toByteArray(); is = new ByteArrayInputStream(arr); cFac.generateCertPath(is); } catch (CertificateException e) { } CertificateFactory cf = CertificateFactory.getInstance("X.509"); List certCol = new ArrayList(); certCol.add(cf.generateCertificate(new ByteArrayInputStream(certA))); certCol.add(cf.generateCertificate(new ByteArrayInputStream(certB))); certCol.add(cf.generateCertificate(new ByteArrayInputStream(certC))); certCol.add(cf.generateCertificate(new ByteArrayInputStream(certD))); CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX", "BC"); X509CertSelector select = new X509CertSelector(); select.setSubject(PrincipalUtil.getSubjectX509Principal(((X509Certificate) certCol.get(0))).getEncoded()); Set trustanchors = new HashSet(); trustanchors.add(new TrustAnchor((X509Certificate) cf.generateCertificate(new ByteArrayInputStream(rootCertBin)), null)); CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certCol)); PKIXBuilderParameters params = new PKIXBuilderParameters(trustanchors, select); params.addCertStore(certStore); try { CertPathBuilderResult result = pathBuilder.build(params); CertPath path = result.getCertPath(); fail("found cert path in circular set"); } catch (CertPathBuilderException e) { } }
17. CertPathTest#testExceptions()
Project: bc-java
File: CertPathTest.java
File: CertPathTest.java
private void testExceptions() throws Exception { byte[] enc = { (byte) 0, (byte) 2, (byte) 3, (byte) 4, (byte) 5 }; MyCertPath mc = new MyCertPath(enc); ByteArrayOutputStream os = new ByteArrayOutputStream(); ByteArrayInputStream is; byte[] arr; ObjectOutputStream oOut = new ObjectOutputStream(os); oOut.writeObject(mc); oOut.flush(); oOut.close(); try { CertificateFactory cFac = CertificateFactory.getInstance("X.509", "BC"); arr = os.toByteArray(); is = new ByteArrayInputStream(arr); cFac.generateCertPath(is); } catch (CertificateException e) { } CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC"); List certCol = new ArrayList(); certCol.add(cf.generateCertificate(new ByteArrayInputStream(certA))); certCol.add(cf.generateCertificate(new ByteArrayInputStream(certB))); certCol.add(cf.generateCertificate(new ByteArrayInputStream(certC))); certCol.add(cf.generateCertificate(new ByteArrayInputStream(certD))); CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX", "BC"); X509CertSelector select = new X509CertSelector(); select.setSubject(((X509Certificate) certCol.get(0)).getSubjectX500Principal().getEncoded()); Set trustanchors = new HashSet(); trustanchors.add(new TrustAnchor((X509Certificate) cf.generateCertificate(new ByteArrayInputStream(rootCertBin)), null)); CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certCol)); PKIXBuilderParameters params = new PKIXBuilderParameters(trustanchors, select); params.addCertStore(certStore); try { CertPathBuilderResult result = pathBuilder.build(params); CertPath path = result.getCertPath(); fail("found cert path in circular set"); } catch (CertPathBuilderException e) { } }