Examples with CertificateFactory - java.security.cert.CertificateFactory

Example 6 with CertificateFactory

use of java.security.cert.CertificateFactory in project Libraries-for-Android-Developers by eoecn.

the class MySSLSocketFactory method getKeystoreOfCA.

/**
     * Gets a KeyStore containing the Certificate
     * 
     * @param cert InputStream of the Certificate
     * @return KeyStore
     */
public static KeyStore getKeystoreOfCA(InputStream cert) {
    // Load CAs from an InputStream
    InputStream caInput = null;
    Certificate ca = null;
    try {
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        caInput = new BufferedInputStream(cert);
        ca = (Certificate) cf.generateCertificate(caInput);
    } catch (CertificateException e1) {
        e1.printStackTrace();
    } finally {
        try {
            caInput.close();
        } catch (IOException e) {
            e.printStackTrace();
        }
    }
    // Create a KeyStore containing our trusted CAs
    String keyStoreType = KeyStore.getDefaultType();
    KeyStore keyStore = null;
    try {
        keyStore = KeyStore.getInstance(keyStoreType);
        keyStore.load(null, null);
        keyStore.setCertificateEntry("ca", (java.security.cert.Certificate) ca);
    } catch (Exception e) {
        e.printStackTrace();
    }
    return keyStore;
}

Also used : BufferedInputStream(java.io.BufferedInputStream) BufferedInputStream(java.io.BufferedInputStream) InputStream(java.io.InputStream) CertificateException(java.security.cert.CertificateException) IOException(java.io.IOException) CertificateFactory(java.security.cert.CertificateFactory) KeyStore(java.security.KeyStore) KeyStoreException(java.security.KeyStoreException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) IOException(java.io.IOException) KeyManagementException(java.security.KeyManagementException) CertificateException(java.security.cert.CertificateException) UnknownHostException(java.net.UnknownHostException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 7 with CertificateFactory

use of java.security.cert.CertificateFactory in project android_frameworks_base by ParanoidAndroid.

the class RecoverySystem method getTrustedCerts.

/** @return the set of certs that can be used to sign an OTA package. */
private static HashSet<Certificate> getTrustedCerts(File keystore) throws IOException, GeneralSecurityException {
    HashSet<Certificate> trusted = new HashSet<Certificate>();
    if (keystore == null) {
        keystore = DEFAULT_KEYSTORE;
    }
    ZipFile zip = new ZipFile(keystore);
    try {
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        Enumeration<? extends ZipEntry> entries = zip.entries();
        while (entries.hasMoreElements()) {
            ZipEntry entry = entries.nextElement();
            InputStream is = zip.getInputStream(entry);
            try {
                trusted.add(cf.generateCertificate(is));
            } finally {
                is.close();
            }
        }
    } finally {
        zip.close();
    }
    return trusted;
}

Also used : ZipFile(java.util.zip.ZipFile) BerInputStream(org.apache.harmony.security.asn1.BerInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) ZipEntry(java.util.zip.ZipEntry) CertificateFactory(java.security.cert.CertificateFactory) HashSet(java.util.HashSet) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 8 with CertificateFactory

use of java.security.cert.CertificateFactory in project android_frameworks_base by ParanoidAndroid.

the class SslCertificate method restoreState.

/**
     * Restores the certificate stored in the bundle
     * @param bundle The bundle with the certificate state stored in it
     * @return The SSL certificate stored in the bundle or null if fails
     */
public static SslCertificate restoreState(Bundle bundle) {
    if (bundle == null) {
        return null;
    }
    X509Certificate x509Certificate;
    byte[] bytes = bundle.getByteArray(X509_CERTIFICATE);
    if (bytes == null) {
        x509Certificate = null;
    } else {
        try {
            CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
            Certificate cert = certFactory.generateCertificate(new ByteArrayInputStream(bytes));
            x509Certificate = (X509Certificate) cert;
        } catch (CertificateException e) {
            x509Certificate = null;
        }
    }
    return new SslCertificate(bundle.getString(ISSUED_TO), bundle.getString(ISSUED_BY), parseDate(bundle.getString(VALID_NOT_BEFORE)), parseDate(bundle.getString(VALID_NOT_AFTER)), x509Certificate);
}

Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) CertificateException(java.security.cert.CertificateException) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 9 with CertificateFactory

use of java.security.cert.CertificateFactory in project android_frameworks_base by ParanoidAndroid.

the class BrowserFrame method setCertificate.

/**
     * Called by JNI when we recieve a certificate for the page's main resource.
     * Used by the Chromium HTTP stack only.
     */
private void setCertificate(byte[] cert_der) {
    try {
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        X509Certificate cert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(cert_der));
        mCallbackProxy.onReceivedCertificate(new SslCertificate(cert));
    } catch (Exception e) {
        // Can't get the certificate, not much to do.
        Log.e(LOGTAG, "Can't get the certificate from WebKit, canceling");
        return;
    }
}

Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) SslCertificate(android.net.http.SslCertificate) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) ParseException(android.net.ParseException) IOException(java.io.IOException) NotFoundException(android.content.res.Resources.NotFoundException)

Example 10 with CertificateFactory

use of java.security.cert.CertificateFactory in project android_frameworks_base by ParanoidAndroid.

the class BrowserFrame method reportSslCertError.

/**
     * Called by JNI when the Chromium HTTP stack gets an invalid certificate chain.
     *
     * We delegate the request to CallbackProxy, and route its response to
     * {@link #nativeSslCertErrorProceed(int)} or
     * {@link #nativeSslCertErrorCancel(int, int)}.
     */
private void reportSslCertError(final int handle, final int certError, byte[] certDER, String url) {
    final SslError sslError;
    try {
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        X509Certificate cert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(certDER));
        SslCertificate sslCert = new SslCertificate(cert);
        sslError = SslError.SslErrorFromChromiumErrorCode(certError, sslCert, url);
    } catch (Exception e) {
        // Can't get the certificate, not much to do.
        Log.e(LOGTAG, "Can't get the certificate from WebKit, canceling");
        nativeSslCertErrorCancel(handle, certError);
        return;
    }
    if (SslCertLookupTable.getInstance().isAllowed(sslError)) {
        nativeSslCertErrorProceed(handle);
        mCallbackProxy.onProceededAfterSslError(sslError);
        return;
    }
    SslErrorHandler handler = new SslErrorHandler() {

        @Override
        public void proceed() {
            SslCertLookupTable.getInstance().setIsAllowed(sslError);
            post(new Runnable() {

                public void run() {
                    nativeSslCertErrorProceed(handle);
                }
            });
        }

        @Override
        public void cancel() {
            post(new Runnable() {

                public void run() {
                    nativeSslCertErrorCancel(handle, certError);
                }
            });
        }
    };
    mCallbackProxy.onReceivedSslError(handler, sslError);
}

Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) SslCertificate(android.net.http.SslCertificate) SslError(android.net.http.SslError) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) ParseException(android.net.ParseException) IOException(java.io.IOException) NotFoundException(android.content.res.Resources.NotFoundException)

Aggregations

CertificateFactory (java.security.cert.CertificateFactory)550 X509Certificate (java.security.cert.X509Certificate)409 ByteArrayInputStream (java.io.ByteArrayInputStream)372 Certificate (java.security.cert.Certificate)272 CertificateException (java.security.cert.CertificateException)120 KeyFactory (java.security.KeyFactory)103 PrivateKey (java.security.PrivateKey)93 InputStream (java.io.InputStream)92 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)86 IOException (java.io.IOException)80 KeyStore (java.security.KeyStore)77 PrivateKeyEntry (java.security.KeyStore.PrivateKeyEntry)67 Entry (java.security.KeyStore.Entry)59 TrustedCertificateEntry (java.security.KeyStore.TrustedCertificateEntry)59 KeyStoreException (java.security.KeyStoreException)49 ArrayList (java.util.ArrayList)49 FileInputStream (java.io.FileInputStream)47 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)35 File (java.io.File)23 HashSet (java.util.HashSet)21