Examples with CertPathBuilderResult - java.security.cert.CertPathBuilderResult

Example 1 with CertPathBuilderResult

use of java.security.cert.CertPathBuilderResult in project XobotOS by xamarin.

the class PKIXCertPathBuilderSpi method build.

protected CertPathBuilderResult build(X509Certificate tbvCert, ExtendedPKIXBuilderParameters pkixParams, List tbvPath) {
    // PKI graph.
    if (tbvPath.contains(tbvCert)) {
        return null;
    }
    // chain.
    if (pkixParams.getExcludedCerts().contains(tbvCert)) {
        return null;
    }
    // test if certificate path exceeds maximum length
    if (pkixParams.getMaxPathLength() != -1) {
        if (tbvPath.size() - 1 > pkixParams.getMaxPathLength()) {
            return null;
        }
    }
    tbvPath.add(tbvCert);
    CertificateFactory cFact;
    CertPathValidator validator;
    CertPathBuilderResult builderResult = null;
    try {
        cFact = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
        validator = CertPathValidator.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
    } catch (Exception e) {
        // cannot happen
        throw new RuntimeException("Exception creating support classes.");
    }
    try {
        // check whether the issuer of <tbvCert> is a TrustAnchor
        if (CertPathValidatorUtilities.findTrustAnchor(tbvCert, pkixParams.getTrustAnchors(), pkixParams.getSigProvider()) != null) {
            // exception message from possibly later tried certification
            // chains
            CertPath certPath = null;
            PKIXCertPathValidatorResult result = null;
            try {
                certPath = cFact.generateCertPath(tbvPath);
            } catch (Exception e) {
                throw new AnnotatedException("Certification path could not be constructed from certificate list.", e);
            }
            try {
                result = (PKIXCertPathValidatorResult) validator.validate(certPath, pkixParams);
            } catch (Exception e) {
                throw new AnnotatedException("Certification path could not be validated.", e);
            }
            return new PKIXCertPathBuilderResult(certPath, result.getTrustAnchor(), result.getPolicyTree(), result.getPublicKey());
        } else {
            // add additional X.509 stores from locations in certificate
            try {
                CertPathValidatorUtilities.addAdditionalStoresFromAltNames(tbvCert, pkixParams);
            } catch (CertificateParsingException e) {
                throw new AnnotatedException("No additiontal X.509 stores can be added from certificate locations.", e);
            }
            Collection issuers = new HashSet();
            // of the stores
            try {
                issuers.addAll(CertPathValidatorUtilities.findIssuerCerts(tbvCert, pkixParams));
            } catch (AnnotatedException e) {
                throw new AnnotatedException("Cannot find issuer certificate for certificate in certification path.", e);
            }
            if (issuers.isEmpty()) {
                throw new AnnotatedException("No issuer certificate for certificate in certification path found.");
            }
            Iterator it = issuers.iterator();
            while (it.hasNext() && builderResult == null) {
                X509Certificate issuer = (X509Certificate) it.next();
                builderResult = build(issuer, pkixParams, tbvPath);
            }
        }
    } catch (AnnotatedException e) {
        certPathException = e;
    }
    if (builderResult == null) {
        tbvPath.remove(tbvCert);
    }
    return builderResult;
}

Also used : CertificateParsingException(java.security.cert.CertificateParsingException) CertPathBuilderResult(java.security.cert.CertPathBuilderResult) PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult) CertificateFactory(java.security.cert.CertificateFactory) CertificateParsingException(java.security.cert.CertificateParsingException) ExtCertPathBuilderException(org.bouncycastle.jce.exception.ExtCertPathBuilderException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) CertPathBuilderException(java.security.cert.CertPathBuilderException) X509Certificate(java.security.cert.X509Certificate) CertPathValidator(java.security.cert.CertPathValidator) PKIXCertPathValidatorResult(java.security.cert.PKIXCertPathValidatorResult) PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult) Iterator(java.util.Iterator) Collection(java.util.Collection) CertPath(java.security.cert.CertPath) HashSet(java.util.HashSet)

Example 2 with CertPathBuilderResult

use of java.security.cert.CertPathBuilderResult in project jdk8u_jdk by JetBrains.

the class BuildOddSel method build.

/**
     * Perform a PKIX build.
     *
     * @param params PKIXBuilderParameters to use in building
     * @throws Exception on error
     */
public static void build(PKIXBuilderParameters params) throws Exception {
    CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
    CertPathBuilderResult cpbr = builder.build(params);
}

Also used : CertPathBuilderResult(java.security.cert.CertPathBuilderResult) CertPathBuilder(java.security.cert.CertPathBuilder)

Example 3 with CertPathBuilderResult

use of java.security.cert.CertPathBuilderResult in project jdk8u_jdk by JetBrains.

the class ValidateNC method build.

/**
     * Perform a PKIX build.
     *
     * @param params PKIXBuilderParameters to use in the build
     * @throws Exception on error
     */
public static void build(PKIXBuilderParameters params) throws Exception {
    CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "SUN");
    CertPathBuilderResult cpbr = builder.build(params);
}

Also used : CertPathBuilderResult(java.security.cert.CertPathBuilderResult) CertPathBuilder(java.security.cert.CertPathBuilder)

Example 4 with CertPathBuilderResult

use of java.security.cert.CertPathBuilderResult in project robovm by robovm.

the class CertPathBuilder2Test method checkResult.

private void checkResult(CertPathBuilder certBuild) throws InvalidAlgorithmParameterException, CertPathBuilderException {
    String dt = CertPathBuilder.getDefaultType();
    String propName = CertPathBuilder1Test.DEFAULT_TYPE_PROPERTY;
    String dtN;
    for (int i = 0; i < invalidValues.length; i++) {
        Security.setProperty(propName, invalidValues[i]);
        dtN = CertPathBuilder.getDefaultType();
        if (!dtN.equals(invalidValues[i]) && !dtN.equals(dt)) {
            fail("Incorrect default type: ".concat(dtN));
        }
    }
    Security.setProperty(propName, dt);
    assertEquals("Incorrect default type", CertPathBuilder.getDefaultType(), dt);
    try {
        certBuild.build(null);
        fail("CertPathBuilderException must be thrown");
    } catch (CertPathBuilderException e) {
    }
    CertPathBuilderResult cpbResult = certBuild.build(null);
    assertNull("Not null CertPathBuilderResult", cpbResult);
}

Also used : CertPathBuilderException(java.security.cert.CertPathBuilderException) CertPathBuilderResult(java.security.cert.CertPathBuilderResult)

Example 5 with CertPathBuilderResult

use of java.security.cert.CertPathBuilderResult in project robovm by robovm.

the class myCertPathBuilder method testBuild.

// Test passed on RI
@KnownFailure(value = "expired certificate bug 2322662")
public void testBuild() throws Exception {
    TestUtils.initCertPathSSCertChain();
    CertPathParameters params = TestUtils.getCertPathParameters();
    CertPathBuilder builder = TestUtils.getCertPathBuilder();
    try {
        CertPathBuilderResult result = builder.build(params);
        assertNotNull("builder result is null", result);
        CertPath certPath = result.getCertPath();
        assertNotNull("certpath of builder result is null", certPath);
    } catch (InvalidAlgorithmParameterException e) {
        fail("unexpected Exception: " + e);
    }
}

Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) CertPathBuilderResult(java.security.cert.CertPathBuilderResult) CertPathParameters(java.security.cert.CertPathParameters) CertPathBuilder(java.security.cert.CertPathBuilder) CertPath(java.security.cert.CertPath) KnownFailure(dalvik.annotation.KnownFailure)

Aggregations

CertPathBuilderResult (java.security.cert.CertPathBuilderResult)23 X509Certificate (java.security.cert.X509Certificate)11 CertPath (java.security.cert.CertPath)10 CertPathBuilder (java.security.cert.CertPathBuilder)10 PKIXBuilderParameters (java.security.cert.PKIXBuilderParameters)10 CertPathBuilderException (java.security.cert.CertPathBuilderException)8 PKIXCertPathBuilderResult (java.security.cert.PKIXCertPathBuilderResult)8 X509CertSelector (java.security.cert.X509CertSelector)8 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)6 ArrayList (java.util.ArrayList)6 CertPathValidator (java.security.cert.CertPathValidator)5 CertificateException (java.security.cert.CertificateException)5 CollectionCertStoreParameters (java.security.cert.CollectionCertStoreParameters)5 PKIXCertPathValidatorResult (java.security.cert.PKIXCertPathValidatorResult)5 TrustAnchor (java.security.cert.TrustAnchor)5 Collection (java.util.Collection)4 Iterator (java.util.Iterator)4 MyCertPath (org.apache.harmony.security.tests.support.cert.MyCertPath)4 ExtCertPathBuilderException (org.bouncycastle.jce.exception.ExtCertPathBuilderException)4 CertPathParameters (java.security.cert.CertPathParameters)3