Package java.security.cert

Examples of java.security.cert.PKIXParameters


   
        CertStore  store = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certsAndCrls), "BC");
       
        //CertPathValidator validator = CertPathValidator.getInstance("PKIX","BC");
        PKIXCertPathReviewer reviewer;
        PKIXParameters    params = new PKIXParameters(trustedSet);
       
        params.addCertStore(store);
        params.setRevocationEnabled(true);
       
        if (policies != null)
        {
            params.setExplicitPolicyRequired(true);
            params.setInitialPolicies(policies);
        }
       
        reviewer = new PKIXCertPathReviewer(certPath,params);
       
        return reviewer;
View Full Code Here


        }
   
        CertStore  store = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certsAndCrls), "BC");
       
        CertPathValidator validator = CertPathValidator.getInstance("PKIX","BC");
        PKIXParameters    params = new PKIXParameters(trustedSet);
       
        params.addCertStore(store);
        params.setRevocationEnabled(true);
       
        if (policies != null)
        {
            params.setExplicitPolicyRequired(true);
            params.setInitialPolicies(policies);
        }
       
        return (PKIXCertPathValidatorResult)validator.validate(certPath, params);
    }
View Full Code Here

                Certificate cert = getCertificate(aliases[i]);
                if (cert instanceof X509Certificate) {
                    hashSet.add(new TrustAnchor((X509Certificate) cert, null));
                }
            }
            PKIXParameters param = new PKIXParameters(hashSet);
            // Do not check a revocation list
            param.setRevocationEnabled(false);
            // Verify the trust path using the above settings
            CertPathValidator certPathValidator;
            if (provider == null || provider.length() == 0) {
                certPathValidator = CertPathValidator.getInstance("PKIX");
            } else {
View Full Code Here

  private void validateNoCache(List<? extends X509Certificate> certs)
      throws SignatureException {
    try {
      CertPathValidator validator = CertPathValidator.getInstance(
          VALIDATOR_TYPE);
      PKIXParameters params = new PKIXParameters(trustRoots);
      params.addCertPathChecker(WAVE_OID_CHECKER);
      params.setDate(timeSource.now());

      // turn off default revocation-checking mechanism
      params.setRevocationEnabled(false);

      // TODO: add a way for clients to add certificate revocation checks,
      // perhaps by letting them pass in PKIXCertPathCheckers. This can also be
      // useful to check for Wave-specific certificate extensions.
View Full Code Here

                        set.add(anchor);
                    }
                }
            }

            PKIXParameters param = new PKIXParameters(set);
            param.setRevocationEnabled(enableRevocation);
            if (enableRevocation && crlCertStore != null) {
                param.addCertStore(crlCertStore);
            }

            // Verify the trust path using the above settings
            String provider = getCryptoProvider();
            CertPathValidator validator = null;
View Full Code Here

            // Generate cert path
            java.util.List certList = java.util.Arrays.asList(certs);
            CertPath path = this.getCertificateFactory().generateCertPath(certList);

            // Use the certificates in the keystore as TrustAnchors
            PKIXParameters param = new PKIXParameters(this.keystore);

            // Do not check a revocation list
            param.setRevocationEnabled(false);

            // Verify the trust path using the above settings           
            CertPathValidator certPathValidator = CertPathValidator.getInstance("PKIX");
            certPathValidator.validate(path, param);
        } catch (NoSuchAlgorithmException ex) {
View Full Code Here

            Set<TrustAnchor> trust = new HashSet<TrustAnchor>();
            trust.add(new TrustAnchor(rootCert, null));

            CertPathValidator cpv = CertPathValidator.getInstance("PKIX","BC");
            PKIXParameters param = new PKIXParameters(trust);
            param.addCertStore(store);
            param.setDate(new Date());                 
            param.setRevocationEnabled(false);

            cpv.validate(cp, param);
          }else{
            throw new XKMSResponseSignatureException("Error XKMS request signature doesn't verify.");           
          }
View Full Code Here

          TrustAnchor trustanchor = null;
          trustanchor = new TrustAnchor((X509Certificate)rootcert, null);
          trustancors.add(trustanchor);

          // Create the parameters for the validator
          PKIXParameters params = new PKIXParameters(trustancors);

          // Disable CRL checking since we are not supplying any CRLs
          params.setRevocationEnabled(false);
          params.setDate( new Date() );

          // Create the validator and validate the path
          CertPathValidator certPathValidator = CertPathValidator.getInstance(CertPathValidator.getDefaultType(), "BC");
          CertificateFactory fact = CertTools.getCertificateFactory();
          CertPath certpath = fact.generateCertPath(calist);
View Full Code Here

            (PKIXCertPathBuilderResult) cpb.build(cpbParams);
        CertPath certPath = cpbResult.getCertPath();

        // Validate path
        final CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
        final PKIXParameters params = new PKIXParameters(anchors);
        params.setSigProvider("BC");
        params.setRevocationEnabled(false);
//                X509CertSelector targetCertConstraints = new X509CertSelector();
//                targetCertConstraints.setKeyUsage(keyUsage)
//                params.setTargetCertConstraints(targetCertConstraints);

        PKIXCertPathValidatorResult result =
View Full Code Here

              Set trust = new HashSet();
              trust.add(new TrustAnchor(rootCert, null));

              CertPathValidator cpv = CertPathValidator.getInstance("PKIX","BC");
              PKIXParameters param = new PKIXParameters(trust);
              param.addCertStore(store);
              param.setDate(new Date());                 
              param.setRevocationEnabled(false);

              cpv.validate(cp, param);

              // Check revocation status
              boolean revoked = certificateStoreSession.isRevoked(CertTools.getIssuerDN(verCert), verCert.getSerialNumber());
View Full Code Here

TOP

Related Classes of java.security.cert.PKIXParameters

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.