Example 46 with CertificateFactory
use of java.security.cert.CertificateFactory in project robovm by robovm.
the class CertPathValidatorTestPKIX method setUp.
@Override
protected void setUp() throws Exception {
super.setUp();
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
X509Certificate selfSignedcertificate = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(selfSignedCert.getBytes()));
keyStore.setCertificateEntry("selfSignedCert", selfSignedcertificate);
X509CertSelector targetConstraints = new X509CertSelector();
targetConstraints.setCertificate(selfSignedcertificate);
List<Certificate> certList = new ArrayList<Certificate>();
certList.add(selfSignedcertificate);
CertStoreParameters storeParams = new CollectionCertStoreParameters(certList);
CertStore certStore = CertStore.getInstance("Collection", storeParams);
PKIXBuilderParameters parameters = new PKIXBuilderParameters(keyStore, targetConstraints);
parameters.addCertStore(certStore);
parameters.setRevocationEnabled(false);
CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX");
CertPathBuilderResult builderResult = pathBuilder.build(parameters);
certPath = builderResult.getCertPath();
params = new PKIXParameters(keyStore);
params.setRevocationEnabled(false);
}
Also used :
PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters)
CertPathBuilderResult(java.security.cert.CertPathBuilderResult)
ArrayList(java.util.ArrayList)
X509CertSelector(java.security.cert.X509CertSelector)
KeyStore(java.security.KeyStore)
CertificateFactory(java.security.cert.CertificateFactory)
X509Certificate(java.security.cert.X509Certificate)
CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters)
CertStoreParameters(java.security.cert.CertStoreParameters)
CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters)
ByteArrayInputStream(java.io.ByteArrayInputStream)
PKIXParameters(java.security.cert.PKIXParameters)
CertPathBuilder(java.security.cert.CertPathBuilder)
CertStore(java.security.cert.CertStore)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
Example 47 with CertificateFactory
use of java.security.cert.CertificateFactory in project robovm by robovm.
the class CipherTest method test_wrap_java_security_Key.
public void test_wrap_java_security_Key() throws Exception {
AlgorithmParameterSpec ap = new IvParameterSpec(IV);
Cipher c = Cipher.getInstance("DES/CBC/PKCS5Padding");
c.init(Cipher.WRAP_MODE, CIPHER_KEY_DES, ap, new SecureRandom());
assertNotNull(c.wrap(CIPHER_KEY_DES));
assertNotNull(c.wrap(CIPHER_KEY_3DES));
String certName = Support_Resources.getURL("test.cert");
InputStream is = new URL(certName).openConnection().getInputStream();
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate cert = cf.generateCertificate(is);
assertNotNull(c.wrap(cert.getPublicKey()));
c = Cipher.getInstance("DES/CBC/NoPadding");
c.init(Cipher.WRAP_MODE, CIPHER_KEY_DES, ap, new SecureRandom());
try {
assertNotNull(c.wrap(cert.getPublicKey()));
fail();
} catch (IllegalBlockSizeException expected) {
}
c.init(Cipher.DECRYPT_MODE, CIPHER_KEY_DES, ap, new SecureRandom());
try {
c.wrap(CIPHER_KEY_DES);
fail();
} catch (IllegalStateException expected) {
}
c.init(Cipher.WRAP_MODE, CIPHER_KEY_DES, ap, new SecureRandom());
try {
c.wrap(new Mock_Key());
fail();
} catch (InvalidKeyException expected) {
}
}
Also used :
InputStream(java.io.InputStream)
SecureRandom(java.security.SecureRandom)
IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException)
InvalidKeyException(java.security.InvalidKeyException)
CertificateFactory(java.security.cert.CertificateFactory)
URL(java.net.URL)
IvParameterSpec(javax.crypto.spec.IvParameterSpec)
Cipher(javax.crypto.Cipher)
MyCipher(org.apache.harmony.crypto.tests.support.MyCipher)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
Certificate(java.security.cert.Certificate)
Example 48 with CertificateFactory
use of java.security.cert.CertificateFactory in project robovm by robovm.
the class CipherTest method test_initWithCertificate.
public void test_initWithCertificate() throws Exception {
/* Certificate creation notes: certificate should be valid 37273 starting
* from 13 Nov 2008
* If it brcomes invalidated regenerate it using following commands:
* 1. openssl genrsa -des3 -out test.key 1024
* 2. openssl req -new -key test.key -out test.csr
* 3. cp test.key test.key.org
* 4. openssl rsa -in test.key.org -out test.key
* 5. openssl x509 -req -days 37273 -in test.csr -signkey test.key -out test.cert
* */
String certName = Support_Resources.getURL("test.cert");
InputStream is = new URL(certName).openConnection().getInputStream();
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate cert = cf.generateCertificate(is);
is.close();
Cipher c = Cipher.getInstance("RSA");
c.init(Cipher.ENCRYPT_MODE, cert);
c = Cipher.getInstance("DES/CBC/PKCS5Padding");
try {
c.init(Cipher.ENCRYPT_MODE, cert);
fail();
} catch (InvalidKeyException expected) {
}
}
Also used :
InputStream(java.io.InputStream)
Cipher(javax.crypto.Cipher)
MyCipher(org.apache.harmony.crypto.tests.support.MyCipher)
InvalidKeyException(java.security.InvalidKeyException)
CertificateFactory(java.security.cert.CertificateFactory)
URL(java.net.URL)
Certificate(java.security.cert.Certificate)
Example 49 with CertificateFactory
use of java.security.cert.CertificateFactory in project robovm by robovm.
the class X509Certificate method getInstance.
/**
* Creates a new {@code X509Certificate} and initializes it from the
* specified input stream.
*
* @param inStream
* input stream containing data to initialize the certificate.
* @return the certificate initialized from the specified input stream
* @throws CertificateException
* if the certificate cannot be created or initialized.
*/
public static final X509Certificate getInstance(InputStream inStream) throws CertificateException {
if (inStream == null) {
throw new CertificateException("inStream == null");
}
if (constructor != null) {
try {
return (X509Certificate) constructor.newInstance(new Object[] { inStream });
} catch (Throwable e) {
throw new CertificateException(e.getMessage());
}
}
final java.security.cert.X509Certificate cert;
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
cert = (java.security.cert.X509Certificate) cf.generateCertificate(inStream);
} catch (java.security.cert.CertificateException e) {
throw new CertificateException(e.getMessage());
}
return new X509Certificate() {
public byte[] getEncoded() throws CertificateEncodingException {
try {
return cert.getEncoded();
} catch (java.security.cert.CertificateEncodingException e) {
throw new CertificateEncodingException(e.getMessage());
}
}
public void verify(PublicKey key) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
try {
cert.verify(key);
} catch (java.security.cert.CertificateException e) {
throw new CertificateException(e.getMessage());
}
}
public void verify(PublicKey key, String sigProvider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
try {
cert.verify(key, sigProvider);
} catch (java.security.cert.CertificateException e) {
throw new CertificateException(e.getMessage());
}
}
public String toString() {
return cert.toString();
}
public PublicKey getPublicKey() {
return cert.getPublicKey();
}
public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
try {
cert.checkValidity();
} catch (java.security.cert.CertificateNotYetValidException e) {
throw new CertificateNotYetValidException(e.getMessage());
} catch (java.security.cert.CertificateExpiredException e) {
throw new CertificateExpiredException(e.getMessage());
}
}
public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
try {
cert.checkValidity(date);
} catch (java.security.cert.CertificateNotYetValidException e) {
throw new CertificateNotYetValidException(e.getMessage());
} catch (java.security.cert.CertificateExpiredException e) {
throw new CertificateExpiredException(e.getMessage());
}
}
public int getVersion() {
return 2;
}
public BigInteger getSerialNumber() {
return cert.getSerialNumber();
}
public Principal getIssuerDN() {
return cert.getIssuerDN();
}
public Principal getSubjectDN() {
return cert.getSubjectDN();
}
public Date getNotBefore() {
return cert.getNotBefore();
}
public Date getNotAfter() {
return cert.getNotAfter();
}
public String getSigAlgName() {
return cert.getSigAlgName();
}
public String getSigAlgOID() {
return cert.getSigAlgOID();
}
public byte[] getSigAlgParams() {
return cert.getSigAlgParams();
}
};
}
Also used :
PublicKey(java.security.PublicKey)
CertificateFactory(java.security.cert.CertificateFactory)
Date(java.util.Date)
Example 50 with CertificateFactory
use of java.security.cert.CertificateFactory in project robovm by robovm.
the class X509CertificateTest method setUp.
@Override
protected void setUp() throws Exception {
try {
ByteArrayInputStream bais = new ByteArrayInputStream(base64cert.getBytes());
CertificateFactory cf = CertificateFactory.getInstance("X.509");
this.cert = (java.security.cert.X509Certificate) cf.generateCertificate(bais);
this.tbt_cert = X509Certificate.getInstance(cert.getEncoded());
// non self signed cert
this.javaCert = (java.security.cert.X509Certificate) cf.generateCertificate(new ByteArrayInputStream(selfSignedCert.getBytes()));
this.javaxCert = X509Certificate.getInstance(javaCert.getEncoded());
myProvider = cf.getProvider();
Security.addProvider(myProvider);
// self signed cert
this.javaSSCert = cf.generateCertificate(new ByteArrayInputStream(selfSignedCert.getBytes()));
this.javaxSSCert = X509Certificate.getInstance(javaCert.getEncoded());
mySSProvider = cf.getProvider();
Security.addProvider(mySSProvider);
} catch (java.security.cert.CertificateException e) {
// The requested certificate type is not available.
// Test pass..
this.cert = null;
Logger.global.warning("Error in test setup: Certificate type not supported");
} catch (javax.security.cert.CertificateException e) {
// The requested certificate type is not available.
// Test pass..
this.cert = null;
Logger.global.warning("Error in test setup: Certificate type not supported");
}
}
Also used :
ByteArrayInputStream(java.io.ByteArrayInputStream)
CertificateException(javax.security.cert.CertificateException)
CertificateFactory(java.security.cert.CertificateFactory)
Aggregations
CertificateFactory (java.security.cert.CertificateFactory)550
X509Certificate (java.security.cert.X509Certificate)409
ByteArrayInputStream (java.io.ByteArrayInputStream)372
Certificate (java.security.cert.Certificate)272
CertificateException (java.security.cert.CertificateException)120
KeyFactory (java.security.KeyFactory)103
PrivateKey (java.security.PrivateKey)93
InputStream (java.io.InputStream)92
PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)86
IOException (java.io.IOException)80
KeyStore (java.security.KeyStore)77
PrivateKeyEntry (java.security.KeyStore.PrivateKeyEntry)67
Entry (java.security.KeyStore.Entry)59
TrustedCertificateEntry (java.security.KeyStore.TrustedCertificateEntry)59
KeyStoreException (java.security.KeyStoreException)49
ArrayList (java.util.ArrayList)49
FileInputStream (java.io.FileInputStream)47
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)35
File (java.io.File)23
HashSet (java.util.HashSet)21
