Example 31 with CertPathBuilderException
use of java.security.cert.CertPathBuilderException in project robovm by robovm.
the class CertPathBuilderExceptionTest method testCertPathBuilderException01.
/**
* Test for <code>CertPathBuilderException()</code> constructor Assertion:
* constructs CertPathBuilderException with no detail message
*/
public void testCertPathBuilderException01() {
CertPathBuilderException tE = new CertPathBuilderException();
assertNull("getMessage() must return null.", tE.getMessage());
assertNull("getCause() must return null", tE.getCause());
}
Also used :
CertPathBuilderException(java.security.cert.CertPathBuilderException)
Example 32 with CertPathBuilderException
use of java.security.cert.CertPathBuilderException in project robovm by robovm.
the class CertPathBuilderSpiTest method testCertPathBuilderSpi01.
/**
* Test for <code>CertPathBuilderSpi</code> constructor Assertion:
* constructs CertPathBuilderSpi
*/
public void testCertPathBuilderSpi01() throws CertPathBuilderException, InvalidAlgorithmParameterException {
CertPathBuilderSpi certPathBuilder = new MyCertPathBuilderSpi();
CertPathParameters cpp = null;
try {
certPathBuilder.engineBuild(cpp);
fail("CertPathBuilderException must be thrown");
} catch (CertPathBuilderException e) {
}
CertPathBuilderResult cpbResult = certPathBuilder.engineBuild(cpp);
assertNull("Not null CertPathBuilderResult", cpbResult);
}
Also used :
MyCertPathBuilderSpi(org.apache.harmony.security.tests.support.cert.MyCertPathBuilderSpi)
CertPathBuilderSpi(java.security.cert.CertPathBuilderSpi)
MyCertPathBuilderSpi(org.apache.harmony.security.tests.support.cert.MyCertPathBuilderSpi)
CertPathBuilderException(java.security.cert.CertPathBuilderException)
CertPathBuilderResult(java.security.cert.CertPathBuilderResult)
CertPathParameters(java.security.cert.CertPathParameters)
Example 33 with CertPathBuilderException
use of java.security.cert.CertPathBuilderException in project robovm by robovm.
the class X509CertSelectorTest method buildCertPath.
private CertPath buildCertPath() throws InvalidAlgorithmParameterException {
PKIXCertPathBuilderResult result = null;
PKIXBuilderParameters buildParams = new PKIXBuilderParameters(Collections.singleton(new TrustAnchor(rootCertificate, null)), theCertSelector);
try {
result = (PKIXCertPathBuilderResult) builder.build(buildParams);
} catch (CertPathBuilderException e) {
return null;
}
return result.getCertPath();
}
Also used :
PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters)
CertPathBuilderException(java.security.cert.CertPathBuilderException)
PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult)
TrustAnchor(java.security.cert.TrustAnchor)
Example 34 with CertPathBuilderException
use of java.security.cert.CertPathBuilderException in project robovm by robovm.
the class PKIXCertPathBuilderSpi method engineBuild.
/**
* Build and validate a CertPath using the given parameter.
*
* @param params PKIXBuilderParameters object containing all information to
* build the CertPath
*/
public CertPathBuilderResult engineBuild(CertPathParameters params) throws CertPathBuilderException, InvalidAlgorithmParameterException {
if (!(params instanceof PKIXBuilderParameters) && !(params instanceof ExtendedPKIXBuilderParameters)) {
throw new InvalidAlgorithmParameterException("Parameters must be an instance of " + PKIXBuilderParameters.class.getName() + " or " + ExtendedPKIXBuilderParameters.class.getName() + ".");
}
ExtendedPKIXBuilderParameters pkixParams = null;
if (params instanceof ExtendedPKIXBuilderParameters) {
pkixParams = (ExtendedPKIXBuilderParameters) params;
} else {
pkixParams = (ExtendedPKIXBuilderParameters) ExtendedPKIXBuilderParameters.getInstance((PKIXBuilderParameters) params);
}
Collection targets;
Iterator targetIter;
List certPathList = new ArrayList();
X509Certificate cert;
// search target certificates
Selector certSelect = pkixParams.getTargetConstraints();
if (!(certSelect instanceof X509CertStoreSelector)) {
throw new CertPathBuilderException("TargetConstraints must be an instance of " + X509CertStoreSelector.class.getName() + " for " + this.getClass().getName() + " class.");
}
try {
targets = CertPathValidatorUtilities.findCertificates((X509CertStoreSelector) certSelect, pkixParams.getStores());
targets.addAll(CertPathValidatorUtilities.findCertificates((X509CertStoreSelector) certSelect, pkixParams.getCertStores()));
} catch (AnnotatedException e) {
throw new ExtCertPathBuilderException("Error finding target certificate.", e);
}
if (targets.isEmpty()) {
throw new CertPathBuilderException("No certificate found matching targetContraints.");
}
CertPathBuilderResult result = null;
// check all potential target certificates
targetIter = targets.iterator();
while (targetIter.hasNext() && result == null) {
cert = (X509Certificate) targetIter.next();
result = build(cert, pkixParams, certPathList);
}
if (result == null && certPathException != null) {
if (certPathException instanceof AnnotatedException) {
throw new CertPathBuilderException(certPathException.getMessage(), certPathException.getCause());
}
throw new CertPathBuilderException("Possible certificate chain could not be validated.", certPathException);
}
if (result == null && certPathException == null) {
throw new CertPathBuilderException("Unable to find certificate chain.");
}
return result;
}
Also used :
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
ExtendedPKIXBuilderParameters(org.bouncycastle.x509.ExtendedPKIXBuilderParameters)
ExtendedPKIXBuilderParameters(org.bouncycastle.x509.ExtendedPKIXBuilderParameters)
PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters)
X509CertStoreSelector(org.bouncycastle.x509.X509CertStoreSelector)
CertPathBuilderResult(java.security.cert.CertPathBuilderResult)
PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult)
ArrayList(java.util.ArrayList)
X509Certificate(java.security.cert.X509Certificate)
ExtCertPathBuilderException(org.bouncycastle.jce.exception.ExtCertPathBuilderException)
CertPathBuilderException(java.security.cert.CertPathBuilderException)
Iterator(java.util.Iterator)
ExtCertPathBuilderException(org.bouncycastle.jce.exception.ExtCertPathBuilderException)
Collection(java.util.Collection)
ArrayList(java.util.ArrayList)
List(java.util.List)
Selector(org.bouncycastle.util.Selector)
X509CertStoreSelector(org.bouncycastle.x509.X509CertStoreSelector)
Example 35 with CertPathBuilderException
use of java.security.cert.CertPathBuilderException in project cloudstack by apache.
the class CertServiceImpl method validateChain.
private void validateChain(final List<Certificate> chain, final Certificate cert) {
final List<Certificate> certs = new ArrayList<Certificate>();
final Set<TrustAnchor> anchors = new HashSet<TrustAnchor>();
// adding for self signed certs
certs.add(cert);
certs.addAll(chain);
for (final Certificate c : certs) {
if (!(c instanceof X509Certificate)) {
throw new IllegalArgumentException("Invalid chain format. Expected X509 certificate");
}
final X509Certificate xCert = (X509Certificate) c;
anchors.add(new TrustAnchor(xCert, null));
}
final X509CertSelector target = new X509CertSelector();
target.setCertificate((X509Certificate) cert);
PKIXBuilderParameters params = null;
try {
params = new PKIXBuilderParameters(anchors, target);
params.setRevocationEnabled(false);
params.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(certs)));
final CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "BC");
builder.build(params);
} catch (final InvalidAlgorithmParameterException | CertPathBuilderException | NoSuchAlgorithmException e) {
throw new IllegalStateException("Invalid certificate chain", e);
} catch (final NoSuchProviderException e) {
throw new CloudRuntimeException("No provider for certificate validation", e);
}
}
Also used :
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters)
ArrayList(java.util.ArrayList)
TrustAnchor(java.security.cert.TrustAnchor)
X509CertSelector(java.security.cert.X509CertSelector)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
X509Certificate(java.security.cert.X509Certificate)
CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters)
CertPathBuilderException(java.security.cert.CertPathBuilderException)
CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException)
CertPathBuilder(java.security.cert.CertPathBuilder)
NoSuchProviderException(java.security.NoSuchProviderException)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
HashSet(java.util.HashSet)
Aggregations
CertPathBuilderException (java.security.cert.CertPathBuilderException)41
X509Certificate (java.security.cert.X509Certificate)17
PKIXBuilderParameters (java.security.cert.PKIXBuilderParameters)12
CertPathBuilder (java.security.cert.CertPathBuilder)11
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)10
ArrayList (java.util.ArrayList)10
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)9
HashSet (java.util.HashSet)9
CollectionCertStoreParameters (java.security.cert.CollectionCertStoreParameters)8
TrustAnchor (java.security.cert.TrustAnchor)8
X509CertSelector (java.security.cert.X509CertSelector)8
GeneralSecurityException (java.security.GeneralSecurityException)7
PKIXCertPathBuilderResult (java.security.cert.PKIXCertPathBuilderResult)7
IOException (java.io.IOException)6
CertPath (java.security.cert.CertPath)6
CertPathBuilderResult (java.security.cert.CertPathBuilderResult)6
NoSuchProviderException (java.security.NoSuchProviderException)5
CertPathValidatorException (java.security.cert.CertPathValidatorException)5
Certificate (java.security.cert.Certificate)5
List (java.util.List)5
