Example usage for java.security.cert X509CertSelector setIssuer

List of usage examples for java.security.cert X509CertSelector setIssuer

  1. HOME
  2. Java
  3. java
  4. java.security.cert.*
  5. X509CertSelector
  6. setIssuer

Introduction

In this page you can find the example usage for java.security.cert X509CertSelector setIssuer.

Prototype

public void setIssuer(byte[] issuerDN) throws IOException

Source Link

Document

Sets the issuer criterion.

Usage

From source file:MainClass.java

public static void main(String args[]) throws Exception {

    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    List mylist = new ArrayList();
    FileInputStream in = new FileInputStream(args[0]);
    Certificate c = cf.generateCertificate(in);
    mylist.add(c);/* w  w  w .j av  a 2  s .c o m*/

    CertStoreParameters cparam = new CollectionCertStoreParameters(mylist);
    CertStore cs = CertStore.getInstance("Collection", cparam);
    X509CertSelector selec = new X509CertSelector();
    selec.setIssuer("CN=YourName,OU=Network Center," + "O=University,L=ZB,ST=Toronto,C=CN");
    Set clct = (Set) cs.getCertificates(selec);
    Object o[] = clct.toArray();
    for (int i = 0; i < o.length; i++) {
        X509Certificate ct = (X509Certificate) o[i];
        System.out.println("Certificate " + i + " ");
        System.out.println(ct.getSubjectDN());

    }
}

From source file:MainClass.java

public static void main(String args[]) throws Exception {
    X509CertSelector selec = new X509CertSelector();
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    FileInputStream in = new FileInputStream(args[0]);
    Certificate c = cf.generateCertificate(in);
    System.out.println(selec.match(c));
    selec.setIssuer("CN=Peter,OU=Network Center," + "O=University,L=ZB,ST=Vancouver,C=CN");

    System.out.println(selec.match(c));

    Calendar cld = Calendar.getInstance();
    int year = Integer.parseInt(args[1]);
    int month = Integer.parseInt(args[2]) - 1;
    int day = Integer.parseInt(args[3]);
    cld.set(year, month, day);//from   w w  w . ja  v a  2s .c o m
    Date d = cld.getTime();
    selec.setCertificateValid(d);

    System.out.println(selec.match(c));
    BigInteger sn = new BigInteger("1039056963");
    selec.setSerialNumber(sn);

    System.out.println(selec.match(c));
}

From source file:mitm.common.security.cms.KeyTransRecipientIdImpl.java

@Override
public CertSelector getSelector() throws IOException {
    X509CertSelector selector = new X509CertSelector();

    selector.setIssuer(issuer);
    selector.setSerialNumber(serialNumber);

    if (subjectKeyIdentifier != null) {
        /* //w w  w .j  a  va2 s . c o  m
         * X509CertSelector expects a DER encoded subjectKeyIdentifier.
         */
        X509CertSelectorBuilder.setSubjectKeyIdentifier(selector, subjectKeyIdentifier);
    }

    return selector;
}

From source file:mitm.common.security.certpath.CertPathBuilderSpeedTest.java

@Test
public void testBuildPathManyCertificates() throws Exception {
    int tries = 1000;

    TrustAnchorBuilder trustAnchorBuilder = new CertStoreTrustAnchorBuilder(rootStoreParams.getCertStore(),
            10 * DateUtils.MILLIS_PER_SECOND);

    long start = System.currentTimeMillis();

    Set<TrustAnchor> trustAnchors = trustAnchorBuilder.getTrustAnchors();

    for (int i = 0; i < tries; i++) {
        X509CertSelector selector = new X509CertSelector();

        selector.setSerialNumber(BigIntegerUtils.hexDecode("116A448F117FF69FE4F2D4D38F689D7"));
        selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL");

        CertificatePathBuilder builder = new PKIXCertificatePathBuilder();

        //Set<TrustAnchor> trustAnchors = trustAnchorBuilder.getTrustAnchors(); 
        trustAnchors = trustAnchorBuilder.getTrustAnchors();
        builder.setTrustAnchors(trustAnchors);

        builder.addCertPathChecker(new SMIMEExtendedKeyUsageCertPathChecker());
        builder.addCertStore(certStore);
        builder.setRevocationEnabled(false);

        CertPathBuilderResult result = builder.buildPath(selector);

        assertEquals(2, result.getCertPath().getCertificates().size());
    }/*from   w  w w  .ja  v a 2s  .c  o  m*/

    long diff = System.currentTimeMillis() - start;

    double secondsPerBuild = diff * 0.001 / tries;

    System.out.println("Seconds / build: " + secondsPerBuild);

    if (secondsPerBuild > 0.03) {
        /***************************************************
         * Note: This might fail on slower systems!!
         ***************************************************/
        fail("Seconds / build too slow. Note: This might fail on slower systems!!!");
    }
}

From source file:mitm.common.security.certpath.CertPathBuilderTest.java

@Test
public void testBuildPathTargetNotFound() throws Exception {
    // add roots/*w  ww.j a v a 2 s.  co m*/
    addCertificates("mitm-test-root.cer", rootStoreParams.getCertStore());

    addCertificates("mitm-test-ca.cer", certStoreParams.getCertStore());
    addCertificates("testCertificates.p7b", certStoreParams.getCertStore());

    addCRL("test-ca.crl", certStoreParams.getCRLStore());
    addCRL("test-root-ca-not-revoked.crl", certStoreParams.getCRLStore());

    trustAnchors = getTrustAnchors();

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("123"));
    selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL");

    CertificatePathBuilder builder = new PKIXCertificatePathBuilder();

    builder.setTrustAnchors(trustAnchors);
    builder.addCertStore(certStore);

    try {
        builder.buildPath(selector);

        fail();
    } catch (CertPathBuilderException e) {
        assertEquals("No certificate found matching targetContraints.", e.getMessage());
    }
}

From source file:mitm.common.security.certpath.CertPathBuilderTest.java

@Test
public void testAlgorithmIdentifierComparisonFailed() throws Exception {
    addCertificates("AC_MINEFI_DPMA.cer", certStoreParams.getCertStore());
    addCertificates("MINEFI_AUTORITE_DE_CERTIFICATION_RACINE.cer", rootStoreParams.getCertStore());

    CertificatePathBuilder builder = new PKIXCertificatePathBuilder();
    builder.addCertStore(certStore);/*  www .  ja v a  2  s .  com*/
    builder.setTrustAnchors(getTrustAnchors());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("30303031303935373731383130383135"));
    selector.setIssuer("CN=MINEFI-AUTORITE DE CERTIFICATION RACINE, OU=AGENCE AUTORITE, O=MINEFI, C=FR");

    CertPathBuilderResult results = builder.buildPath(selector);

    assertNotNull(results.getCertPath());
    assertEquals(1, results.getCertPath().getCertificates().size());
}

From source file:mitm.common.security.certpath.CertPathBuilderTest.java

@Test
public void testNoTrustAnchors() throws Exception {
    addCertificates("windows-xp-all-intermediates.p7b", certStoreParams.getCertStore());
    addCertificates("mitm-test-ca.cer", certStoreParams.getCertStore());
    addCertificates("testCertificates.p7b", certStoreParams.getCertStore());

    CertificatePathBuilder builder = new PKIXCertificatePathBuilder();
    builder.addCertStore(certStore);/*from  w ww  .ja va  2s .  co  m*/

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("115FD110A82F742D0AE14A71B651962"));
    selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL");

    try {
        builder.buildPath(selector);

        fail("Should have failed");
    } catch (CertPathBuilderException e) {
        assertEquals(PKIXCertificatePathBuilder.NO_ROOTS_ERROR_MESSAGE, e.getMessage());
    }
}

From source file:mitm.common.security.certpath.CertPathBuilderTest.java

@Test
public void testBuildPathEKUCriticalCertPathCheckerAdded() throws Exception {
    // add roots/*  w  ww.  j a v a2  s  .com*/
    addCertificates("mitm-test-root.cer", rootStoreParams.getCertStore());

    addCertificates("mitm-test-ca.cer", certStoreParams.getCertStore());
    addCertificates("testCertificates.p7b", certStoreParams.getCertStore());

    addCRL("test-ca.crl", certStoreParams.getCRLStore());
    addCRL("test-root-ca-not-revoked.crl", certStoreParams.getCRLStore());

    trustAnchors = getTrustAnchors();

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("116A448F117FF69FE4F2D4D38F689D7"));
    selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL");

    CertificatePathBuilder builder = new PKIXCertificatePathBuilder();

    builder.setTrustAnchors(trustAnchors);
    builder.addCertPathChecker(new SMIMEExtendedKeyUsageCertPathChecker());
    builder.addCertStore(certStore);
    builder.setRevocationEnabled(true);

    CertPathBuilderResult result = builder.buildPath(selector);

    assertEquals(2, result.getCertPath().getCertificates().size());
}

From source file:mitm.common.security.certpath.CertPathBuilderTest.java

@Test
public void testBuildPathRootNotFound() throws Exception {
    // root store cannot be empty so we just load something
    addCertificates("dod-mega-crl.cer", rootStoreParams.getCertStore());

    addCertificates("mitm-test-ca.cer", certStoreParams.getCertStore());
    addCertificates("testCertificates.p7b", certStoreParams.getCertStore());

    addCRL("test-ca.crl", certStoreParams.getCRLStore());
    addCRL("test-root-ca-not-revoked.crl", certStoreParams.getCRLStore());

    trustAnchors = getTrustAnchors();/*from  ww  w .ja v  a 2  s  .  co  m*/

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("115FCD741088707366E9727452C9770"));
    selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL");

    CertificatePathBuilder builder = new PKIXCertificatePathBuilder();

    builder.setTrustAnchors(trustAnchors);
    builder.addCertStore(certStore);

    try {
        builder.buildPath(selector);

        fail();
    } catch (CertPathBuilderException e) {
        assertEquals("No issuer certificate for certificate in certification path found.", e.getMessage());
    }
}

From source file:mitm.common.security.certpath.CertPathBuilderTest.java

@Test
public void testBuildPathCRLSignedByIncorrectKeyAndCorrectKey() throws Exception {
    // add roots// ww  w  . j av  a2  s.  c  o m
    addCertificates("windows-xp-all-roots.p7b", rootStoreParams.getCertStore());
    addCertificates("mitm-test-root.cer", rootStoreParams.getCertStore());

    addCertificates("windows-xp-all-intermediates.p7b", certStoreParams.getCertStore());
    addCertificates("mitm-test-ca.cer", certStoreParams.getCertStore());
    addCertificates("testCertificates.p7b", certStoreParams.getCertStore());

    addCRL("test-root-ca-not-revoked.crl", certStoreParams.getCRLStore());
    addCRL("test-ca.crl", certStoreParams.getCRLStore());
    addCRL("test-ca-signed-incorrect-key.crl", certStoreParams.getCRLStore());

    trustAnchors = getTrustAnchors();

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("115FD110A82F742D0AE14A71B651962"));
    selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL");

    CertificatePathBuilder builder = new PKIXCertificatePathBuilder();

    builder.setTrustAnchors(trustAnchors);
    builder.addCertPathChecker(new SMIMEExtendedKeyUsageCertPathChecker());
    builder.addCertStore(certStore);
    builder.setRevocationEnabled(true);

    CertPathBuilderResult result = builder.buildPath(selector);

    assertEquals(2, result.getCertPath().getCertificates().size());
}