Example 16 with CertificateParsingException
use of java.security.cert.CertificateParsingException in project robovm by robovm.
the class X509CertificateObject method getExtendedKeyUsage.
public List getExtendedKeyUsage() throws CertificateParsingException {
byte[] bytes = this.getExtensionBytes("2.5.29.37");
if (bytes != null) {
try {
ASN1InputStream dIn = new ASN1InputStream(bytes);
ASN1Sequence seq = (ASN1Sequence) dIn.readObject();
List list = new ArrayList();
for (int i = 0; i != seq.size(); i++) {
list.add(((ASN1ObjectIdentifier) seq.getObjectAt(i)).getId());
}
return Collections.unmodifiableList(list);
} catch (Exception e) {
throw new CertificateParsingException("error processing extended key usage extension");
}
}
return null;
}
Also used :
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
CertificateParsingException(java.security.cert.CertificateParsingException)
ArrayList(java.util.ArrayList)
List(java.util.List)
ArrayList(java.util.ArrayList)
CertificateExpiredException(java.security.cert.CertificateExpiredException)
SignatureException(java.security.SignatureException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException)
CertificateParsingException(java.security.cert.CertificateParsingException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
UnknownHostException(java.net.UnknownHostException)
NoSuchProviderException(java.security.NoSuchProviderException)
Example 17 with CertificateParsingException
use of java.security.cert.CertificateParsingException in project XobotOS by xamarin.
the class X509ExtensionUtil method getAlternativeNames.
private static Collection getAlternativeNames(byte[] extVal) throws CertificateParsingException {
if (extVal == null) {
return Collections.EMPTY_LIST;
}
try {
Collection temp = new ArrayList();
Enumeration it = DERSequence.getInstance(fromExtensionValue(extVal)).getObjects();
while (it.hasMoreElements()) {
GeneralName genName = GeneralName.getInstance(it.nextElement());
List list = new ArrayList();
// BEGIN android-changed
list.add(Integer.valueOf(genName.getTagNo()));
// END android-changed
switch(genName.getTagNo()) {
case GeneralName.ediPartyName:
case GeneralName.x400Address:
case GeneralName.otherName:
list.add(genName.getName().getDERObject());
break;
case GeneralName.directoryName:
list.add(X509Name.getInstance(genName.getName()).toString());
break;
case GeneralName.dNSName:
case GeneralName.rfc822Name:
case GeneralName.uniformResourceIdentifier:
list.add(((ASN1String) genName.getName()).getString());
break;
case GeneralName.registeredID:
list.add(DERObjectIdentifier.getInstance(genName.getName()).getId());
break;
case GeneralName.iPAddress:
list.add(DEROctetString.getInstance(genName.getName()).getOctets());
break;
default:
throw new IOException("Bad tag number: " + genName.getTagNo());
}
temp.add(list);
}
return Collections.unmodifiableCollection(temp);
} catch (Exception e) {
throw new CertificateParsingException(e.getMessage());
}
}
Also used :
Enumeration(java.util.Enumeration)
CertificateParsingException(java.security.cert.CertificateParsingException)
ArrayList(java.util.ArrayList)
Collection(java.util.Collection)
ArrayList(java.util.ArrayList)
List(java.util.List)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
IOException(java.io.IOException)
CertificateParsingException(java.security.cert.CertificateParsingException)
IOException(java.io.IOException)
Example 18 with CertificateParsingException
use of java.security.cert.CertificateParsingException in project XobotOS by xamarin.
the class X509V1CertificateGenerator method generateJcaObject.
private X509Certificate generateJcaObject(TBSCertificateStructure tbsCert, byte[] signature) throws CertificateEncodingException {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(tbsCert);
v.add(sigAlgId);
v.add(new DERBitString(signature));
try {
return new X509CertificateObject(new X509CertificateStructure(new DERSequence(v)));
} catch (CertificateParsingException e) {
throw new ExtCertificateEncodingException("exception producing certificate object", e);
}
}
Also used :
DERSequence(org.bouncycastle.asn1.DERSequence)
CertificateParsingException(java.security.cert.CertificateParsingException)
X509CertificateObject(org.bouncycastle.jce.provider.X509CertificateObject)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
DERBitString(org.bouncycastle.asn1.DERBitString)
X509CertificateStructure(org.bouncycastle.asn1.x509.X509CertificateStructure)
Example 19 with CertificateParsingException
use of java.security.cert.CertificateParsingException in project robovm by robovm.
the class PKIXCertPathBuilderSpi method build.
protected CertPathBuilderResult build(X509Certificate tbvCert, ExtendedPKIXBuilderParameters pkixParams, List tbvPath) {
// PKI graph.
if (tbvPath.contains(tbvCert)) {
return null;
}
// chain.
if (pkixParams.getExcludedCerts().contains(tbvCert)) {
return null;
}
// test if certificate path exceeds maximum length
if (pkixParams.getMaxPathLength() != -1) {
if (tbvPath.size() - 1 > pkixParams.getMaxPathLength()) {
return null;
}
}
tbvPath.add(tbvCert);
CertificateFactory cFact;
CertPathValidator validator;
CertPathBuilderResult builderResult = null;
try {
cFact = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
validator = CertPathValidator.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
} catch (Exception e) {
// cannot happen
throw new RuntimeException("Exception creating support classes.");
}
try {
// check whether the issuer of <tbvCert> is a TrustAnchor
if (CertPathValidatorUtilities.findTrustAnchor(tbvCert, pkixParams.getTrustAnchors(), pkixParams.getSigProvider()) != null) {
// exception message from possibly later tried certification
// chains
CertPath certPath = null;
PKIXCertPathValidatorResult result = null;
try {
certPath = cFact.generateCertPath(tbvPath);
} catch (Exception e) {
throw new AnnotatedException("Certification path could not be constructed from certificate list.", e);
}
try {
result = (PKIXCertPathValidatorResult) validator.validate(certPath, pkixParams);
} catch (Exception e) {
throw new AnnotatedException("Certification path could not be validated.", e);
}
return new PKIXCertPathBuilderResult(certPath, result.getTrustAnchor(), result.getPolicyTree(), result.getPublicKey());
} else {
// add additional X.509 stores from locations in certificate
try {
CertPathValidatorUtilities.addAdditionalStoresFromAltNames(tbvCert, pkixParams);
} catch (CertificateParsingException e) {
throw new AnnotatedException("No additiontal X.509 stores can be added from certificate locations.", e);
}
Collection issuers = new HashSet();
// of the stores
try {
issuers.addAll(CertPathValidatorUtilities.findIssuerCerts(tbvCert, pkixParams));
} catch (AnnotatedException e) {
throw new AnnotatedException("Cannot find issuer certificate for certificate in certification path.", e);
}
if (issuers.isEmpty()) {
throw new AnnotatedException("No issuer certificate for certificate in certification path found.");
}
Iterator it = issuers.iterator();
while (it.hasNext() && builderResult == null) {
X509Certificate issuer = (X509Certificate) it.next();
builderResult = build(issuer, pkixParams, tbvPath);
}
}
} catch (AnnotatedException e) {
certPathException = e;
}
if (builderResult == null) {
tbvPath.remove(tbvCert);
}
return builderResult;
}
Also used :
CertificateParsingException(java.security.cert.CertificateParsingException)
CertPathBuilderResult(java.security.cert.CertPathBuilderResult)
PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult)
CertificateFactory(java.security.cert.CertificateFactory)
CertificateParsingException(java.security.cert.CertificateParsingException)
ExtCertPathBuilderException(org.bouncycastle.jce.exception.ExtCertPathBuilderException)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
CertPathBuilderException(java.security.cert.CertPathBuilderException)
X509Certificate(java.security.cert.X509Certificate)
CertPathValidator(java.security.cert.CertPathValidator)
PKIXCertPathValidatorResult(java.security.cert.PKIXCertPathValidatorResult)
PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult)
Iterator(java.util.Iterator)
Collection(java.util.Collection)
CertPath(java.security.cert.CertPath)
HashSet(java.util.HashSet)
Example 20 with CertificateParsingException
use of java.security.cert.CertificateParsingException in project robovm by robovm.
the class X509CertificateObject method getAlternativeNames.
private static Collection getAlternativeNames(byte[] extVal) throws CertificateParsingException {
if (extVal == null) {
return null;
}
try {
Collection temp = new ArrayList();
Enumeration it = ASN1Sequence.getInstance(extVal).getObjects();
while (it.hasMoreElements()) {
GeneralName genName = GeneralName.getInstance(it.nextElement());
List list = new ArrayList();
list.add(Integers.valueOf(genName.getTagNo()));
switch(genName.getTagNo()) {
case GeneralName.ediPartyName:
case GeneralName.x400Address:
case GeneralName.otherName:
list.add(genName.getEncoded());
break;
case GeneralName.directoryName:
// BEGIN android-changed
list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols));
// END android-changed
break;
case GeneralName.dNSName:
case GeneralName.rfc822Name:
case GeneralName.uniformResourceIdentifier:
list.add(((ASN1String) genName.getName()).getString());
break;
case GeneralName.registeredID:
list.add(ASN1ObjectIdentifier.getInstance(genName.getName()).getId());
break;
case GeneralName.iPAddress:
byte[] addrBytes = DEROctetString.getInstance(genName.getName()).getOctets();
final String addr;
try {
addr = InetAddress.getByAddress(addrBytes).getHostAddress();
} catch (UnknownHostException e) {
continue;
}
list.add(addr);
break;
default:
throw new IOException("Bad tag number: " + genName.getTagNo());
}
temp.add(Collections.unmodifiableList(list));
}
if (temp.size() == 0) {
return null;
}
return Collections.unmodifiableCollection(temp);
} catch (Exception e) {
throw new CertificateParsingException(e.getMessage());
}
}
Also used :
Enumeration(java.util.Enumeration)
CertificateParsingException(java.security.cert.CertificateParsingException)
UnknownHostException(java.net.UnknownHostException)
ArrayList(java.util.ArrayList)
Collection(java.util.Collection)
List(java.util.List)
ArrayList(java.util.ArrayList)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
DERBitString(org.bouncycastle.asn1.DERBitString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
ASN1String(org.bouncycastle.asn1.ASN1String)
IOException(java.io.IOException)
CertificateExpiredException(java.security.cert.CertificateExpiredException)
SignatureException(java.security.SignatureException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException)
CertificateParsingException(java.security.cert.CertificateParsingException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
UnknownHostException(java.net.UnknownHostException)
NoSuchProviderException(java.security.NoSuchProviderException)
Aggregations
CertificateParsingException (java.security.cert.CertificateParsingException)72
List (java.util.List)25
IOException (java.io.IOException)18
ArrayList (java.util.ArrayList)18
X509Certificate (java.security.cert.X509Certificate)15
CertificateException (java.security.cert.CertificateException)13
Collection (java.util.Collection)12
X500Principal (javax.security.auth.x500.X500Principal)11
BigInteger (java.math.BigInteger)8
InvalidKeyException (java.security.InvalidKeyException)7
HashMap (java.util.HashMap)7
DERIA5String (org.bouncycastle.asn1.DERIA5String)7
DEROctetString (org.bouncycastle.asn1.DEROctetString)7
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)6
NoSuchProviderException (java.security.NoSuchProviderException)6
SignatureException (java.security.SignatureException)6
CertificateEncodingException (java.security.cert.CertificateEncodingException)6
CertificateExpiredException (java.security.cert.CertificateExpiredException)6
CertificateNotYetValidException (java.security.cert.CertificateNotYetValidException)6
GeneralName (org.bouncycastle.asn1.x509.GeneralName)6
