Examples of java.security.cert.X509Certificate.verify()

Class java.security.cert.X509Certificate

Examples of java.security.cert.X509Certificate.verify()

java.security.cert.X509Certificate.verify()
Verifies that this certificate was signed using the private key that corresponds to the specified public key. This method uses the signature verification engine supplied by the specified provider. Note that the specified Provider object does not have to be registered in the provider list. This method was added to version 1.8 of the Java Platform Standard Edition. In order to maintain backwards compatibility with existing service providers, this method is not {@code abstract}and it provides a default implementation. @param key the PublicKey used to carry out the verification. @param sigProvider the signature provider. @exception NoSuchAlgorithmException on unsupported signaturealgorithms. @exception InvalidKeyException on incorrect key. @exception SignatureException on signature errors. @exception CertificateException on encoding errors. @exception UnsupportedOperationException if the method is not supported @since 1.8

            for (int k = 0; k < oc.size(); ++k) {
                try {
                    if (provider == null)
                        v.verify(((X509Certificate)oc.get(k)).getPublicKey());
                    else
                        v.verify(((X509Certificate)oc.get(k)).getPublicKey(), provider);
                    found = true;
                    cc.add(oc.get(k));
                    oc.remove(k);
                    break;
                }

View Full Code Here

        throw new Exception("RootCA certificate not self-signed, issuerDN: "+CertTools.getIssuerDN(rootcert)+", subjectDN: "+CertTools.getSubjectDN(rootcert));
      }
        // Verify that the user-certificate is signed by our CA
      Certificate cacert = cachain[0];
      try {
        cert.verify(cacert.getPublicKey());
      } catch (GeneralSecurityException se) {
        throw new Exception("Generated certificate does not verify using CA-certificate, issuerDN: "+CertTools.getIssuerDN(cert)+", subjectDN: "+CertTools.getSubjectDN(cert)+
            "caIssuerDN: "+CertTools.getIssuerDN(cacert)+", caSubjectDN: "+CertTools.getSubjectDN(cacert));
      }
      if (savekeys) {

View Full Code Here

         if (log.isTraceEnabled()) {
           log.trace("<certgen.generate");
         }
        
        // Verify before returning
        cert.verify(caPublicKey);
        
        // If we have a CA-certificate, verify that we have all path verification stuff correct
        if (cacert != null) {
          byte[] aki = CertTools.getAuthorityKeyId(cert);
          byte[] ski = CertTools.getSubjectKeyId( isRootCA ? cert : cacert);

View Full Code Here


        X509Certificate cert = v1CertGen.generateX509Certificate(privKey);


        cert.checkValidity(new Date());


        cert.verify(pubKey);


        PKCS12BagAttributeCarrier   bagAttr = (PKCS12BagAttributeCarrier)cert;


        //
        // this is actually optional - but if you want to have control

View Full Code Here


        X509Certificate cert = v3CertGen.generateX509Certificate(caPrivKey);


        cert.checkValidity(new Date());


        cert.verify(caCert.getPublicKey());


        PKCS12BagAttributeCarrier   bagAttr = (PKCS12BagAttributeCarrier)cert;


        //
        // this is actually optional - but if you want to have control

View Full Code Here


        X509Certificate cert = v3CertGen.generateX509Certificate(caPrivKey);


        cert.checkValidity(new Date());


        cert.verify(caPubKey);


        PKCS12BagAttributeCarrier   bagAttr = (PKCS12BagAttributeCarrier)cert;


        //
        // this is also optional - in the sense that if you leave this

View Full Code Here

        certGenerator.addExtension(X509Extensions.SubjectAlternativeName, critical, subjectAltNames);


        X509Certificate cert =
                certGenerator.generateX509Certificate(privKey, "BC", new SecureRandom());
        cert.checkValidity(new Date());
        cert.verify(pubKey);


        return cert;
    }


    /**

View Full Code Here

                // if generated self-signed certificate
                if (p == 0) {
                    // check if the issuer and subject equal
                    assertEquals(errMsgPrefix + "unexpected principal. ", prnc,
                            issuerPrnc);
                    cert.verify(cert.getPublicKey());
                } else { // if signed with certificate chain
                    // check if issuer name is "CN=selfSigned"
                    assertEquals(errMsgPrefix + "unexpected issuer name. ",
                            genKeyNoIssuerArgs[18], issuerPrnc.getName());
                    cert.verify(keyStore.getCertificate(genKeyNoIssuerArgs[8])

View Full Code Here

                    cert.verify(cert.getPublicKey());
                } else { // if signed with certificate chain
                    // check if issuer name is "CN=selfSigned"
                    assertEquals(errMsgPrefix + "unexpected issuer name. ",
                            genKeyNoIssuerArgs[18], issuerPrnc.getName());
                    cert.verify(keyStore.getCertificate(genKeyNoIssuerArgs[8])
                            .getPublicKey());
                }
    
                // check validity period
                // 86400000 milliseconds in one day

View Full Code Here

            new BasicConstraints(0));


    // X509Certificate cert = v3CertGen.generateX509Certificate(caPrivKey);
    final X509Certificate cert = v3CertGen.generate(caPriKey, "BC");
    cert.checkValidity(new Date());
    cert.verify(caCert.getPublicKey());


    // cert.verify(caCert.getPublicKey());
    // cert.getEncoded();


    return cert;

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.