Search in sources :

Example 31 with CertPathBuilderException

use of java.security.cert.CertPathBuilderException in project robovm by robovm.

the class CertPathBuilderExceptionTest method testCertPathBuilderException01.

/**
     * Test for <code>CertPathBuilderException()</code> constructor Assertion:
     * constructs CertPathBuilderException with no detail message
     */
public void testCertPathBuilderException01() {
    CertPathBuilderException tE = new CertPathBuilderException();
    assertNull("getMessage() must return null.", tE.getMessage());
    assertNull("getCause() must return null", tE.getCause());
}
Also used : CertPathBuilderException(java.security.cert.CertPathBuilderException)

Example 32 with CertPathBuilderException

use of java.security.cert.CertPathBuilderException in project robovm by robovm.

the class CertPathBuilderSpiTest method testCertPathBuilderSpi01.

/**
     * Test for <code>CertPathBuilderSpi</code> constructor Assertion:
     * constructs CertPathBuilderSpi
     */
public void testCertPathBuilderSpi01() throws CertPathBuilderException, InvalidAlgorithmParameterException {
    CertPathBuilderSpi certPathBuilder = new MyCertPathBuilderSpi();
    CertPathParameters cpp = null;
    try {
        certPathBuilder.engineBuild(cpp);
        fail("CertPathBuilderException must be thrown");
    } catch (CertPathBuilderException e) {
    }
    CertPathBuilderResult cpbResult = certPathBuilder.engineBuild(cpp);
    assertNull("Not null CertPathBuilderResult", cpbResult);
}
Also used : MyCertPathBuilderSpi(org.apache.harmony.security.tests.support.cert.MyCertPathBuilderSpi) CertPathBuilderSpi(java.security.cert.CertPathBuilderSpi) MyCertPathBuilderSpi(org.apache.harmony.security.tests.support.cert.MyCertPathBuilderSpi) CertPathBuilderException(java.security.cert.CertPathBuilderException) CertPathBuilderResult(java.security.cert.CertPathBuilderResult) CertPathParameters(java.security.cert.CertPathParameters)

Example 33 with CertPathBuilderException

use of java.security.cert.CertPathBuilderException in project robovm by robovm.

the class X509CertSelectorTest method buildCertPath.

private CertPath buildCertPath() throws InvalidAlgorithmParameterException {
    PKIXCertPathBuilderResult result = null;
    PKIXBuilderParameters buildParams = new PKIXBuilderParameters(Collections.singleton(new TrustAnchor(rootCertificate, null)), theCertSelector);
    try {
        result = (PKIXCertPathBuilderResult) builder.build(buildParams);
    } catch (CertPathBuilderException e) {
        return null;
    }
    return result.getCertPath();
}
Also used : PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) CertPathBuilderException(java.security.cert.CertPathBuilderException) PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult) TrustAnchor(java.security.cert.TrustAnchor)

Example 34 with CertPathBuilderException

use of java.security.cert.CertPathBuilderException in project robovm by robovm.

the class PKIXCertPathBuilderSpi method engineBuild.

/**
     * Build and validate a CertPath using the given parameter.
     * 
     * @param params PKIXBuilderParameters object containing all information to
     *            build the CertPath
     */
public CertPathBuilderResult engineBuild(CertPathParameters params) throws CertPathBuilderException, InvalidAlgorithmParameterException {
    if (!(params instanceof PKIXBuilderParameters) && !(params instanceof ExtendedPKIXBuilderParameters)) {
        throw new InvalidAlgorithmParameterException("Parameters must be an instance of " + PKIXBuilderParameters.class.getName() + " or " + ExtendedPKIXBuilderParameters.class.getName() + ".");
    }
    ExtendedPKIXBuilderParameters pkixParams = null;
    if (params instanceof ExtendedPKIXBuilderParameters) {
        pkixParams = (ExtendedPKIXBuilderParameters) params;
    } else {
        pkixParams = (ExtendedPKIXBuilderParameters) ExtendedPKIXBuilderParameters.getInstance((PKIXBuilderParameters) params);
    }
    Collection targets;
    Iterator targetIter;
    List certPathList = new ArrayList();
    X509Certificate cert;
    // search target certificates
    Selector certSelect = pkixParams.getTargetConstraints();
    if (!(certSelect instanceof X509CertStoreSelector)) {
        throw new CertPathBuilderException("TargetConstraints must be an instance of " + X509CertStoreSelector.class.getName() + " for " + this.getClass().getName() + " class.");
    }
    try {
        targets = CertPathValidatorUtilities.findCertificates((X509CertStoreSelector) certSelect, pkixParams.getStores());
        targets.addAll(CertPathValidatorUtilities.findCertificates((X509CertStoreSelector) certSelect, pkixParams.getCertStores()));
    } catch (AnnotatedException e) {
        throw new ExtCertPathBuilderException("Error finding target certificate.", e);
    }
    if (targets.isEmpty()) {
        throw new CertPathBuilderException("No certificate found matching targetContraints.");
    }
    CertPathBuilderResult result = null;
    // check all potential target certificates
    targetIter = targets.iterator();
    while (targetIter.hasNext() && result == null) {
        cert = (X509Certificate) targetIter.next();
        result = build(cert, pkixParams, certPathList);
    }
    if (result == null && certPathException != null) {
        if (certPathException instanceof AnnotatedException) {
            throw new CertPathBuilderException(certPathException.getMessage(), certPathException.getCause());
        }
        throw new CertPathBuilderException("Possible certificate chain could not be validated.", certPathException);
    }
    if (result == null && certPathException == null) {
        throw new CertPathBuilderException("Unable to find certificate chain.");
    }
    return result;
}
Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) ExtendedPKIXBuilderParameters(org.bouncycastle.x509.ExtendedPKIXBuilderParameters) ExtendedPKIXBuilderParameters(org.bouncycastle.x509.ExtendedPKIXBuilderParameters) PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) X509CertStoreSelector(org.bouncycastle.x509.X509CertStoreSelector) CertPathBuilderResult(java.security.cert.CertPathBuilderResult) PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult) ArrayList(java.util.ArrayList) X509Certificate(java.security.cert.X509Certificate) ExtCertPathBuilderException(org.bouncycastle.jce.exception.ExtCertPathBuilderException) CertPathBuilderException(java.security.cert.CertPathBuilderException) Iterator(java.util.Iterator) ExtCertPathBuilderException(org.bouncycastle.jce.exception.ExtCertPathBuilderException) Collection(java.util.Collection) ArrayList(java.util.ArrayList) List(java.util.List) Selector(org.bouncycastle.util.Selector) X509CertStoreSelector(org.bouncycastle.x509.X509CertStoreSelector)

Example 35 with CertPathBuilderException

use of java.security.cert.CertPathBuilderException in project cloudstack by apache.

the class CertServiceImpl method validateChain.

private void validateChain(final List<Certificate> chain, final Certificate cert) {
    final List<Certificate> certs = new ArrayList<Certificate>();
    final Set<TrustAnchor> anchors = new HashSet<TrustAnchor>();
    // adding for self signed certs
    certs.add(cert);
    certs.addAll(chain);
    for (final Certificate c : certs) {
        if (!(c instanceof X509Certificate)) {
            throw new IllegalArgumentException("Invalid chain format. Expected X509 certificate");
        }
        final X509Certificate xCert = (X509Certificate) c;
        anchors.add(new TrustAnchor(xCert, null));
    }
    final X509CertSelector target = new X509CertSelector();
    target.setCertificate((X509Certificate) cert);
    PKIXBuilderParameters params = null;
    try {
        params = new PKIXBuilderParameters(anchors, target);
        params.setRevocationEnabled(false);
        params.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(certs)));
        final CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "BC");
        builder.build(params);
    } catch (final InvalidAlgorithmParameterException | CertPathBuilderException | NoSuchAlgorithmException e) {
        throw new IllegalStateException("Invalid certificate chain", e);
    } catch (final NoSuchProviderException e) {
        throw new CloudRuntimeException("No provider for certificate validation", e);
    }
}
Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) ArrayList(java.util.ArrayList) TrustAnchor(java.security.cert.TrustAnchor) X509CertSelector(java.security.cert.X509CertSelector) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) X509Certificate(java.security.cert.X509Certificate) CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters) CertPathBuilderException(java.security.cert.CertPathBuilderException) CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException) CertPathBuilder(java.security.cert.CertPathBuilder) NoSuchProviderException(java.security.NoSuchProviderException) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate) HashSet(java.util.HashSet)

Aggregations

CertPathBuilderException (java.security.cert.CertPathBuilderException)41 X509Certificate (java.security.cert.X509Certificate)17 PKIXBuilderParameters (java.security.cert.PKIXBuilderParameters)12 CertPathBuilder (java.security.cert.CertPathBuilder)11 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)10 ArrayList (java.util.ArrayList)10 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)9 HashSet (java.util.HashSet)9 CollectionCertStoreParameters (java.security.cert.CollectionCertStoreParameters)8 TrustAnchor (java.security.cert.TrustAnchor)8 X509CertSelector (java.security.cert.X509CertSelector)8 GeneralSecurityException (java.security.GeneralSecurityException)7 PKIXCertPathBuilderResult (java.security.cert.PKIXCertPathBuilderResult)7 IOException (java.io.IOException)6 CertPath (java.security.cert.CertPath)6 CertPathBuilderResult (java.security.cert.CertPathBuilderResult)6 NoSuchProviderException (java.security.NoSuchProviderException)5 CertPathValidatorException (java.security.cert.CertPathValidatorException)5 Certificate (java.security.cert.Certificate)5 List (java.util.List)5