List of usage examples for java.security.cert X509CertSelector setIssuer
public void setIssuer(byte[] issuerDN) throws IOException
From source file:MainClass.java
public static void main(String args[]) throws Exception { CertificateFactory cf = CertificateFactory.getInstance("X.509"); List mylist = new ArrayList(); FileInputStream in = new FileInputStream(args[0]); Certificate c = cf.generateCertificate(in); mylist.add(c);/* w w w .j av a 2 s .c o m*/ CertStoreParameters cparam = new CollectionCertStoreParameters(mylist); CertStore cs = CertStore.getInstance("Collection", cparam); X509CertSelector selec = new X509CertSelector(); selec.setIssuer("CN=YourName,OU=Network Center," + "O=University,L=ZB,ST=Toronto,C=CN"); Set clct = (Set) cs.getCertificates(selec); Object o[] = clct.toArray(); for (int i = 0; i < o.length; i++) { X509Certificate ct = (X509Certificate) o[i]; System.out.println("Certificate " + i + " "); System.out.println(ct.getSubjectDN()); } }
From source file:MainClass.java
public static void main(String args[]) throws Exception { X509CertSelector selec = new X509CertSelector(); CertificateFactory cf = CertificateFactory.getInstance("X.509"); FileInputStream in = new FileInputStream(args[0]); Certificate c = cf.generateCertificate(in); System.out.println(selec.match(c)); selec.setIssuer("CN=Peter,OU=Network Center," + "O=University,L=ZB,ST=Vancouver,C=CN"); System.out.println(selec.match(c)); Calendar cld = Calendar.getInstance(); int year = Integer.parseInt(args[1]); int month = Integer.parseInt(args[2]) - 1; int day = Integer.parseInt(args[3]); cld.set(year, month, day);//from w w w . ja v a 2s .c o m Date d = cld.getTime(); selec.setCertificateValid(d); System.out.println(selec.match(c)); BigInteger sn = new BigInteger("1039056963"); selec.setSerialNumber(sn); System.out.println(selec.match(c)); }
From source file:mitm.common.security.cms.KeyTransRecipientIdImpl.java
@Override public CertSelector getSelector() throws IOException { X509CertSelector selector = new X509CertSelector(); selector.setIssuer(issuer); selector.setSerialNumber(serialNumber); if (subjectKeyIdentifier != null) { /* //w w w .j a va2 s . c o m * X509CertSelector expects a DER encoded subjectKeyIdentifier. */ X509CertSelectorBuilder.setSubjectKeyIdentifier(selector, subjectKeyIdentifier); } return selector; }
From source file:mitm.common.security.certpath.CertPathBuilderSpeedTest.java
@Test public void testBuildPathManyCertificates() throws Exception { int tries = 1000; TrustAnchorBuilder trustAnchorBuilder = new CertStoreTrustAnchorBuilder(rootStoreParams.getCertStore(), 10 * DateUtils.MILLIS_PER_SECOND); long start = System.currentTimeMillis(); Set<TrustAnchor> trustAnchors = trustAnchorBuilder.getTrustAnchors(); for (int i = 0; i < tries; i++) { X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("116A448F117FF69FE4F2D4D38F689D7")); selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL"); CertificatePathBuilder builder = new PKIXCertificatePathBuilder(); //Set<TrustAnchor> trustAnchors = trustAnchorBuilder.getTrustAnchors(); trustAnchors = trustAnchorBuilder.getTrustAnchors(); builder.setTrustAnchors(trustAnchors); builder.addCertPathChecker(new SMIMEExtendedKeyUsageCertPathChecker()); builder.addCertStore(certStore); builder.setRevocationEnabled(false); CertPathBuilderResult result = builder.buildPath(selector); assertEquals(2, result.getCertPath().getCertificates().size()); }/*from w w w .ja v a 2s .c o m*/ long diff = System.currentTimeMillis() - start; double secondsPerBuild = diff * 0.001 / tries; System.out.println("Seconds / build: " + secondsPerBuild); if (secondsPerBuild > 0.03) { /*************************************************** * Note: This might fail on slower systems!! ***************************************************/ fail("Seconds / build too slow. Note: This might fail on slower systems!!!"); } }
From source file:mitm.common.security.certpath.CertPathBuilderTest.java
@Test public void testBuildPathTargetNotFound() throws Exception { // add roots/*w ww.j a v a 2 s. co m*/ addCertificates("mitm-test-root.cer", rootStoreParams.getCertStore()); addCertificates("mitm-test-ca.cer", certStoreParams.getCertStore()); addCertificates("testCertificates.p7b", certStoreParams.getCertStore()); addCRL("test-ca.crl", certStoreParams.getCRLStore()); addCRL("test-root-ca-not-revoked.crl", certStoreParams.getCRLStore()); trustAnchors = getTrustAnchors(); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("123")); selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL"); CertificatePathBuilder builder = new PKIXCertificatePathBuilder(); builder.setTrustAnchors(trustAnchors); builder.addCertStore(certStore); try { builder.buildPath(selector); fail(); } catch (CertPathBuilderException e) { assertEquals("No certificate found matching targetContraints.", e.getMessage()); } }
From source file:mitm.common.security.certpath.CertPathBuilderTest.java
@Test public void testAlgorithmIdentifierComparisonFailed() throws Exception { addCertificates("AC_MINEFI_DPMA.cer", certStoreParams.getCertStore()); addCertificates("MINEFI_AUTORITE_DE_CERTIFICATION_RACINE.cer", rootStoreParams.getCertStore()); CertificatePathBuilder builder = new PKIXCertificatePathBuilder(); builder.addCertStore(certStore);/* www . ja v a 2 s . com*/ builder.setTrustAnchors(getTrustAnchors()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("30303031303935373731383130383135")); selector.setIssuer("CN=MINEFI-AUTORITE DE CERTIFICATION RACINE, OU=AGENCE AUTORITE, O=MINEFI, C=FR"); CertPathBuilderResult results = builder.buildPath(selector); assertNotNull(results.getCertPath()); assertEquals(1, results.getCertPath().getCertificates().size()); }
From source file:mitm.common.security.certpath.CertPathBuilderTest.java
@Test public void testNoTrustAnchors() throws Exception { addCertificates("windows-xp-all-intermediates.p7b", certStoreParams.getCertStore()); addCertificates("mitm-test-ca.cer", certStoreParams.getCertStore()); addCertificates("testCertificates.p7b", certStoreParams.getCertStore()); CertificatePathBuilder builder = new PKIXCertificatePathBuilder(); builder.addCertStore(certStore);/*from w ww .ja va 2s . co m*/ X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("115FD110A82F742D0AE14A71B651962")); selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL"); try { builder.buildPath(selector); fail("Should have failed"); } catch (CertPathBuilderException e) { assertEquals(PKIXCertificatePathBuilder.NO_ROOTS_ERROR_MESSAGE, e.getMessage()); } }
From source file:mitm.common.security.certpath.CertPathBuilderTest.java
@Test public void testBuildPathEKUCriticalCertPathCheckerAdded() throws Exception { // add roots/* w ww. j a v a2 s .com*/ addCertificates("mitm-test-root.cer", rootStoreParams.getCertStore()); addCertificates("mitm-test-ca.cer", certStoreParams.getCertStore()); addCertificates("testCertificates.p7b", certStoreParams.getCertStore()); addCRL("test-ca.crl", certStoreParams.getCRLStore()); addCRL("test-root-ca-not-revoked.crl", certStoreParams.getCRLStore()); trustAnchors = getTrustAnchors(); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("116A448F117FF69FE4F2D4D38F689D7")); selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL"); CertificatePathBuilder builder = new PKIXCertificatePathBuilder(); builder.setTrustAnchors(trustAnchors); builder.addCertPathChecker(new SMIMEExtendedKeyUsageCertPathChecker()); builder.addCertStore(certStore); builder.setRevocationEnabled(true); CertPathBuilderResult result = builder.buildPath(selector); assertEquals(2, result.getCertPath().getCertificates().size()); }
From source file:mitm.common.security.certpath.CertPathBuilderTest.java
@Test public void testBuildPathRootNotFound() throws Exception { // root store cannot be empty so we just load something addCertificates("dod-mega-crl.cer", rootStoreParams.getCertStore()); addCertificates("mitm-test-ca.cer", certStoreParams.getCertStore()); addCertificates("testCertificates.p7b", certStoreParams.getCertStore()); addCRL("test-ca.crl", certStoreParams.getCRLStore()); addCRL("test-root-ca-not-revoked.crl", certStoreParams.getCRLStore()); trustAnchors = getTrustAnchors();/*from ww w .ja v a 2 s . co m*/ X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("115FCD741088707366E9727452C9770")); selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL"); CertificatePathBuilder builder = new PKIXCertificatePathBuilder(); builder.setTrustAnchors(trustAnchors); builder.addCertStore(certStore); try { builder.buildPath(selector); fail(); } catch (CertPathBuilderException e) { assertEquals("No issuer certificate for certificate in certification path found.", e.getMessage()); } }
From source file:mitm.common.security.certpath.CertPathBuilderTest.java
@Test public void testBuildPathCRLSignedByIncorrectKeyAndCorrectKey() throws Exception { // add roots// ww w . j av a2 s. c o m addCertificates("windows-xp-all-roots.p7b", rootStoreParams.getCertStore()); addCertificates("mitm-test-root.cer", rootStoreParams.getCertStore()); addCertificates("windows-xp-all-intermediates.p7b", certStoreParams.getCertStore()); addCertificates("mitm-test-ca.cer", certStoreParams.getCertStore()); addCertificates("testCertificates.p7b", certStoreParams.getCertStore()); addCRL("test-root-ca-not-revoked.crl", certStoreParams.getCRLStore()); addCRL("test-ca.crl", certStoreParams.getCRLStore()); addCRL("test-ca-signed-incorrect-key.crl", certStoreParams.getCRLStore()); trustAnchors = getTrustAnchors(); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("115FD110A82F742D0AE14A71B651962")); selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL"); CertificatePathBuilder builder = new PKIXCertificatePathBuilder(); builder.setTrustAnchors(trustAnchors); builder.addCertPathChecker(new SMIMEExtendedKeyUsageCertPathChecker()); builder.addCertStore(certStore); builder.setRevocationEnabled(true); CertPathBuilderResult result = builder.buildPath(selector); assertEquals(2, result.getCertPath().getCertificates().size()); }