Examples with GeneralSecurityException java.security.GeneralSecurityException used on opensource projects

Example 71 with GeneralSecurityException

use of java.security.GeneralSecurityException in project pulsar by yahoo.

the class SecurityUtility method loadPrivateKeyFromPemFile.

public static PrivateKey loadPrivateKeyFromPemFile(String keyFilePath) throws KeyManagementException {
    PrivateKey privateKey = null;
    if (keyFilePath == null || keyFilePath.isEmpty()) {
        return privateKey;
    }
    try (BufferedReader reader = new BufferedReader(new FileReader(keyFilePath))) {
        StringBuilder sb = new StringBuilder();
        String previousLine = "";
        String currentLine = null;
        // Skip the first line (-----BEGIN RSA PRIVATE KEY-----)
        reader.readLine();
        while ((currentLine = reader.readLine()) != null) {
            sb.append(previousLine);
            previousLine = currentLine;
        }
        // Skip the last line (-----END RSA PRIVATE KEY-----)
        KeyFactory kf = KeyFactory.getInstance("RSA");
        KeySpec keySpec = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(sb.toString()));
        privateKey = kf.generatePrivate(keySpec);
    } catch (GeneralSecurityException | IOException e) {
        throw new KeyManagementException("Private key loading error", e);
    }
    return privateKey;
}

Example 72 with GeneralSecurityException

use of java.security.GeneralSecurityException in project pulsar by yahoo.

the class SecurityUtility method loadCertificatesFromPemFile.

public static X509Certificate[] loadCertificatesFromPemFile(String certFilePath) throws KeyManagementException {
    X509Certificate[] certificates = null;
    if (certFilePath == null || certFilePath.isEmpty()) {
        return certificates;
    }
    try (FileInputStream input = new FileInputStream(certFilePath)) {
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        Collection<X509Certificate> collection = (Collection<X509Certificate>) cf.generateCertificates(input);
        certificates = collection.toArray(new X509Certificate[collection.size()]);
    } catch (GeneralSecurityException | IOException e) {
        throw new KeyManagementException("Certificate loading error", e);
    }
    return certificates;
}

Example 73 with GeneralSecurityException

use of java.security.GeneralSecurityException in project platform_frameworks_base by android.

the class StrictJarVerifier method verifyBytes.

/**
     * Verifies that the signature computed from {@code sfBytes} matches
     * that specified in {@code blockBytes} (which is a PKCS7 block). Returns
     * certificates listed in the PKCS7 block. Throws a {@code GeneralSecurityException}
     * if something goes wrong during verification.
     */
static Certificate[] verifyBytes(byte[] blockBytes, byte[] sfBytes) throws GeneralSecurityException {
    Object obj = null;
    try {
        obj = Providers.startJarVerification();
        PKCS7 block = new PKCS7(blockBytes);
        SignerInfo[] verifiedSignerInfos = block.verify(sfBytes);
        if ((verifiedSignerInfos == null) || (verifiedSignerInfos.length == 0)) {
            throw new GeneralSecurityException("Failed to verify signature: no verified SignerInfos");
        }
        // Ignore any SignerInfo other than the first one, to be compatible with older Android
        // platforms which have been doing this for years. See
        // libcore/luni/src/main/java/org/apache/harmony/security/utils/JarUtils.java
        // verifySignature method of older platforms.
        SignerInfo verifiedSignerInfo = verifiedSignerInfos[0];
        List<X509Certificate> verifiedSignerCertChain = verifiedSignerInfo.getCertificateChain(block);
        if (verifiedSignerCertChain == null) {
            // Should never happen
            throw new GeneralSecurityException("Failed to find verified SignerInfo certificate chain");
        } else if (verifiedSignerCertChain.isEmpty()) {
            // Should never happen
            throw new GeneralSecurityException("Verified SignerInfo certificate chain is emtpy");
        }
        return verifiedSignerCertChain.toArray(new X509Certificate[verifiedSignerCertChain.size()]);
    } catch (IOException e) {
        throw new GeneralSecurityException("IO exception verifying jar cert", e);
    } finally {
        Providers.stopJarVerification(obj);
    }
}

Example 74 with GeneralSecurityException

use of java.security.GeneralSecurityException in project hadoop by apache.

the class JavaKeyStoreProvider method locateKeystore.

/**
   * Open up and initialize the keyStore.
   * @throws IOException If there is a problem reading the password file
   * or a problem reading the keystore.
   */
private void locateKeystore() throws IOException {
    try {
        password = ProviderUtils.locatePassword(KEYSTORE_PASSWORD_ENV_VAR, getConf().get(KEYSTORE_PASSWORD_FILE_KEY));
        if (password == null) {
            password = KEYSTORE_PASSWORD_DEFAULT;
        }
        Path oldPath = constructOldPath(path);
        Path newPath = constructNewPath(path);
        keyStore = KeyStore.getInstance(SCHEME_NAME);
        FsPermission perm = null;
        if (fs.exists(path)) {
            // _NEW should not exist
            if (fs.exists(newPath)) {
                throw new IOException(String.format("Keystore not loaded due to some inconsistency " + "('%s' and '%s' should not exist together)!!", path, newPath));
            }
            perm = tryLoadFromPath(path, oldPath);
        } else {
            perm = tryLoadIncompleteFlush(oldPath, newPath);
        }
        // Need to save off permissions in case we need to
        // rewrite the keystore in flush()
        permissions = perm;
    } catch (KeyStoreException e) {
        throw new IOException("Can't create keystore: " + e, e);
    } catch (GeneralSecurityException e) {
        throw new IOException("Can't load keystore " + path + " : " + e, e);
    }
}

Example 75 with GeneralSecurityException

use of java.security.GeneralSecurityException in project camel by apache.

the class CamelSSLIRCConnection method connect.

@Override
public void connect() throws IOException {
    if (sslContextParameters == null) {
        super.connect();
    } else {
        if (level != 0) {
            throw new SocketException("Socket closed or already open (" + level + ")");
        }
        IOException exception = null;
        final SSLContext sslContext;
        try {
            sslContext = sslContextParameters.createSSLContext(camelContext);
        } catch (GeneralSecurityException e) {
            throw new RuntimeCamelException("Error in SSLContextParameters configuration or instantiation.", e);
        }
        final SSLSocketFactory sf = sslContext.getSocketFactory();
        SSLSocket s = null;
        for (int i = 0; i < ports.length && s == null; i++) {
            try {
                s = (SSLSocket) sf.createSocket(host, ports[i]);
                s.startHandshake();
                exception = null;
            } catch (SSLNotSupportedException exc) {
                if (s != null) {
                    s.close();
                }
                s = null;
                throw exc;
            } catch (IOException exc) {
                if (s != null) {
                    s.close();
                }
                s = null;
                exception = exc;
            }
        }
        if (exception != null) {
            // connection wasn't successful at any port
            throw exception;
        }
        prepare(s);
    }
}