Java Code Examples for sun.security.provider.certpath.AlgorithmChecker

Following code examples demonstrate how to use sun.security.provider.certpath.AlgorithmCheckerfrom android. These examples are extracted from various highly rated open source projects. You can directly use these code snippets or view their entire linked source code. These snippets are extracted to provide contextual information about how to use this class in the real world. These samples also let you understand some good practices on how to use sun.security.provider.certpath.AlgorithmCheckerand various code implementation of this class.

    private void checkAlgorithmConstraints(X509Certificate[] chain, AlgorithmConstraints constraints) throws CertificateException {
        try {
            int checkedLength = chain.length - 1;
            Collection<X509Certificate> trustedCerts = new HashSet();
            X509Certificate[] certs = this.tm.getAcceptedIssuers();
            if (certs != null && certs.length > 0) {
                Collections.addAll(trustedCerts, certs);
            }
            if (trustedCerts.contains(chain[checkedLength])) {
                checkedLength--;
            }
            if (checkedLength >= 0) {
                AlgorithmChecker checker = new AlgorithmChecker(constraints);
                checker.init(false);
                for (int i = checkedLength; i >= 0; i--) {
                    checker.check(chain[i], Collections.emptySet());
                }
            }
        } catch (CertPathValidatorException e) {
            throw new CertificateException("Certificates does not conform to algorithm constraints");
        }
    } 


    private void setDefaultParameters(String variant) {
        if ((variant == Validator.VAR_TLS_SERVER) ||
                (variant == Validator.VAR_TLS_CLIENT)) {
            parameterTemplate.setRevocationEnabled(checkTLSRevocation);
        } else {
            parameterTemplate.setRevocationEnabled(false);
        }
    } 

Advertisement
Javadoc
A PKIXCertPathChecker implementation to check whether a specified certificate contains the required

algorithm constraints.

Certificate fields such as the subject public key, the signature algorithm, key usage, extended key usage, etc. need to conform to the specified algorithm constraints. @see PKIXCertPathChecker @see PKIXParameters

Read More
Advertisement