java.security.cert.PKIXParameters#setDate()源码实例Demo

下面列出了java.security.cert.PKIXParameters#setDate() 实例代码，或者点击链接到github查看源代码，也可以在右侧发表评论。

源代码1 项目： openjdk-jdk9 文件： ValWithAnchorByName.java

private static void runTest(CertificateFactory cf,
        List<X509Certificate> certList, TrustAnchor anchor)
        throws Exception {
    CertPath path = cf.generateCertPath(certList);
    CertPathValidator validator = CertPathValidator.getInstance("PKIX");

    System.out.println(anchor);

    // Attach the OCSP responses to a PKIXParameters object
    PKIXRevocationChecker pkrev =
            (PKIXRevocationChecker)validator.getRevocationChecker();
    Map<X509Certificate, byte[]> responseMap = new HashMap<>();
    responseMap.put(certList.get(0), DECODER.decode(EE_OCSP_RESP));
    responseMap.put(certList.get(1), DECODER.decode(INT_CA_OCSP_RESP));
    pkrev.setOcspResponses(responseMap);
    PKIXParameters params =
            new PKIXParameters(Collections.singleton(anchor));
    params.addCertPathChecker(pkrev);
    params.setDate(EVAL_DATE);

    validator.validate(path, params);
}

源代码2 项目： knopflerfish.org 文件： JKSValidator.java

/**
 * 
 */
private CertPathParameters getCertPathParameters(KeyStore keystore)
  throws GeneralSecurityException
{
  HashSet<TrustAnchor> tas = new HashSet<TrustAnchor>();
  for (Enumeration<String> e = keystore.aliases(); e.hasMoreElements(); ) {
    String name = e.nextElement();
    Certificate c = keystore.getCertificate(name);
    if (c != null) {
      if (trustKeys || keystore.isCertificateEntry(name)) {
        tas.add(new TrustAnchor((X509Certificate)c, null)); 
      }
    }
  }
  PKIXParameters p = new PKIXParameters(tas);
  // NYI! Handle CRLs
  p.setRevocationEnabled(false);
  if (validationDate != null) {
    p.setDate(validationDate);
  }
  return p;
}

源代码3 项目： swellrt 文件： CachedCertPathValidator.java

private void validateNoCache(List<? extends X509Certificate> certs)
    throws SignatureException {
  try {
    CertPathValidator validator = CertPathValidator.getInstance(
        VALIDATOR_TYPE);
    PKIXParameters params = new PKIXParameters(trustRoots);
    params.addCertPathChecker(WAVE_OID_CHECKER);
    params.setDate(timeSource.now());

    // turn off default revocation-checking mechanism
    params.setRevocationEnabled(false);

    // TODO: add a way for clients to add certificate revocation checks,
    // perhaps by letting them pass in PKIXCertPathCheckers. This can also be
    // useful to check for Wave-specific certificate extensions.

    CertificateFactory certFactory = CertificateFactory.getInstance(
        CERTIFICATE_TYPE);
    CertPath certPath = certFactory.generateCertPath(certs);
    validator.validate(certPath, params);
  } catch (GeneralSecurityException e) {
    throw new SignatureException("Certificate validation failure", e);
  }
}

源代码4 项目： incubator-retired-wave 文件： CachedCertPathValidator.java

private void validateNoCache(List<? extends X509Certificate> certs)
    throws SignatureException {
  try {
    CertPathValidator validator = CertPathValidator.getInstance(
        VALIDATOR_TYPE);
    PKIXParameters params = new PKIXParameters(trustRoots);
    params.addCertPathChecker(WAVE_OID_CHECKER);
    params.setDate(timeSource.now());

    // turn off default revocation-checking mechanism
    params.setRevocationEnabled(false);

    // TODO: add a way for clients to add certificate revocation checks,
    // perhaps by letting them pass in PKIXCertPathCheckers. This can also be
    // useful to check for Wave-specific certificate extensions.

    CertificateFactory certFactory = CertificateFactory.getInstance(
        CERTIFICATE_TYPE);
    CertPath certPath = certFactory.generateCertPath(certs);
    validator.validate(certPath, params);
  } catch (GeneralSecurityException e) {
    throw new SignatureException("Certificate validation failure", e);
  }
}

源代码5 项目： fido2 文件： PKIXChainValidation.java

public static boolean pkixvalidate(CertPath cp, Set<TrustAnchor> trustAnchorSet,
        boolean isRevocationChecked, boolean isPolicyQualifiersRejected) {
    try {
        CertPathValidator cpv = CertPathValidator.getInstance("PKIX");  //TODO use BCFIPS when "Support for PKIXRevocationChecker
                                                                        //in the CertPath implementation" is added

        PKIXParameters pkix = new PKIXParameters(trustAnchorSet);

        if(isRevocationChecked){
            PKIXRevocationChecker prc = (PKIXRevocationChecker) cpv.getRevocationChecker();
            prc.setOptions(EnumSet.of(PKIXRevocationChecker.Option.PREFER_CRLS, PKIXRevocationChecker.Option.NO_FALLBACK));
            pkix.addCertPathChecker(prc);
        }
        else{
            pkix.setRevocationEnabled(false);
        }

        pkix.setPolicyQualifiersRejected(isPolicyQualifiersRejected);
        pkix.setDate(null);
        CertPathValidatorResult cpvr = cpv.validate(cp, pkix);
        if (cpvr != null) {
            System.out.println("Certificate validated");
            return true;
        } else {
            System.out.println("Certificate not valid");
            return false;
        }
    } catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException | CertPathValidatorException ex) {
        Logger.getLogger(PKIXChainValidation.class.getName()).log(Level.SEVERE, null, ex);
        return false;
    }
}

方法所在类

java.security.cert.PKIXParameters