Example 31 with CertificateException
use of java.security.cert.CertificateException in project okhttputils by hongyangAndroid.
the class HttpsUtils method prepareTrustManager.
private static TrustManager[] prepareTrustManager(InputStream... certificates) {
if (certificates == null || certificates.length <= 0)
return null;
try {
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null);
int index = 0;
for (InputStream certificate : certificates) {
String certificateAlias = Integer.toString(index++);
keyStore.setCertificateEntry(certificateAlias, certificateFactory.generateCertificate(certificate));
try {
if (certificate != null)
certificate.close();
} catch (IOException e) {
}
}
TrustManagerFactory trustManagerFactory = null;
trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
return trustManagers;
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (CertificateException e) {
e.printStackTrace();
} catch (KeyStoreException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
Also used :
InputStream(java.io.InputStream)
CertificateException(java.security.cert.CertificateException)
IOException(java.io.IOException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
KeyStoreException(java.security.KeyStoreException)
CertificateFactory(java.security.cert.CertificateFactory)
KeyStore(java.security.KeyStore)
IOException(java.io.IOException)
KeyManagementException(java.security.KeyManagementException)
KeyStoreException(java.security.KeyStoreException)
CertificateException(java.security.cert.CertificateException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
TrustManager(javax.net.ssl.TrustManager)
X509TrustManager(javax.net.ssl.X509TrustManager)
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
Example 32 with CertificateException
use of java.security.cert.CertificateException in project custom-cert-https by nelenkov.
the class MainActivity method readCertificate.
private static X509Certificate readCertificate(File file) {
if (!file.isFile()) {
return null;
}
InputStream is = null;
try {
CertificateFactory cf = CertificateFactory.getInstance("X509");
is = new BufferedInputStream(new FileInputStream(file));
return (X509Certificate) cf.generateCertificate(is);
} catch (IOException e) {
return null;
} catch (CertificateException e) {
throw new RuntimeException(e);
} finally {
try {
is.close();
} catch (IOException e) {
}
}
}
Also used :
BufferedInputStream(java.io.BufferedInputStream)
BufferedInputStream(java.io.BufferedInputStream)
FileInputStream(java.io.FileInputStream)
InputStream(java.io.InputStream)
CertificateException(java.security.cert.CertificateException)
IOException(java.io.IOException)
CertificateFactory(java.security.cert.CertificateFactory)
FileInputStream(java.io.FileInputStream)
X509Certificate(java.security.cert.X509Certificate)
Example 33 with CertificateException
use of java.security.cert.CertificateException in project netty by netty.
the class PemReader method readCertificates.
static ByteBuf[] readCertificates(InputStream in) throws CertificateException {
String content;
try {
content = readContent(in);
} catch (IOException e) {
throw new CertificateException("failed to read certificate input stream", e);
}
List<ByteBuf> certs = new ArrayList<ByteBuf>();
Matcher m = CERT_PATTERN.matcher(content);
int start = 0;
for (; ; ) {
if (!m.find(start)) {
break;
}
ByteBuf base64 = Unpooled.copiedBuffer(m.group(1), CharsetUtil.US_ASCII);
ByteBuf der = Base64.decode(base64);
base64.release();
certs.add(der);
start = m.end();
}
if (certs.isEmpty()) {
throw new CertificateException("found no certificates in input stream");
}
return certs.toArray(new ByteBuf[certs.size()]);
}
Also used :
Matcher(java.util.regex.Matcher)
ArrayList(java.util.ArrayList)
CertificateException(java.security.cert.CertificateException)
IOException(java.io.IOException)
ByteBuf(io.netty.buffer.ByteBuf)
Example 34 with CertificateException
use of java.security.cert.CertificateException in project netty by netty.
the class SslHandlerTest method testAlertProducedAndSend.
private void testAlertProducedAndSend(SslProvider provider) throws Exception {
SelfSignedCertificate ssc = new SelfSignedCertificate();
final SslContext sslServerCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).sslProvider(provider).trustManager(new SimpleTrustManagerFactory() {
@Override
protected void engineInit(KeyStore keyStore) {
}
@Override
protected void engineInit(ManagerFactoryParameters managerFactoryParameters) {
}
@Override
protected TrustManager[] engineGetTrustManagers() {
return new TrustManager[] { new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
// Fail verification which should produce an alert that is send back to the client.
throw new CertificateException();
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s) {
// NOOP
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return EmptyArrays.EMPTY_X509_CERTIFICATES;
}
} };
}
}).clientAuth(ClientAuth.REQUIRE).build();
final SslContext sslClientCtx = SslContextBuilder.forClient().trustManager(InsecureTrustManagerFactory.INSTANCE).keyManager(new File(getClass().getResource("test.crt").getFile()), new File(getClass().getResource("test_unencrypted.pem").getFile())).sslProvider(provider).build();
NioEventLoopGroup group = new NioEventLoopGroup();
Channel sc = null;
Channel cc = null;
try {
final Promise<Void> promise = group.next().newPromise();
sc = new ServerBootstrap().group(group).channel(NioServerSocketChannel.class).childHandler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) throws Exception {
ch.pipeline().addLast(sslServerCtx.newHandler(ch.alloc()));
ch.pipeline().addLast(new ChannelInboundHandlerAdapter() {
@Override
public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) {
// Just trigger a close
ctx.close();
}
});
}
}).bind(new InetSocketAddress(0)).syncUninterruptibly().channel();
cc = new Bootstrap().group(group).channel(NioSocketChannel.class).handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) throws Exception {
ch.pipeline().addLast(sslClientCtx.newHandler(ch.alloc()));
ch.pipeline().addLast(new ChannelInboundHandlerAdapter() {
@Override
public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) {
if (cause.getCause() instanceof SSLException) {
// We received the alert and so produce an SSLException.
promise.setSuccess(null);
}
}
});
}
}).connect(sc.localAddress()).syncUninterruptibly().channel();
promise.syncUninterruptibly();
} finally {
if (cc != null) {
cc.close().syncUninterruptibly();
}
if (sc != null) {
sc.close().syncUninterruptibly();
}
group.shutdownGracefully();
ReferenceCountUtil.release(sslServerCtx);
ReferenceCountUtil.release(sslClientCtx);
}
}
Also used :
SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate)
InetSocketAddress(java.net.InetSocketAddress)
CertificateException(java.security.cert.CertificateException)
ChannelHandlerContext(io.netty.channel.ChannelHandlerContext)
SSLException(javax.net.ssl.SSLException)
Bootstrap(io.netty.bootstrap.Bootstrap)
ServerBootstrap(io.netty.bootstrap.ServerBootstrap)
NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup)
NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel)
NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel)
NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel)
EmbeddedChannel(io.netty.channel.embedded.EmbeddedChannel)
Channel(io.netty.channel.Channel)
SimpleTrustManagerFactory(io.netty.handler.ssl.util.SimpleTrustManagerFactory)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
ServerBootstrap(io.netty.bootstrap.ServerBootstrap)
IllegalReferenceCountException(io.netty.util.IllegalReferenceCountException)
CodecException(io.netty.handler.codec.CodecException)
SSLProtocolException(javax.net.ssl.SSLProtocolException)
DecoderException(io.netty.handler.codec.DecoderException)
SSLException(javax.net.ssl.SSLException)
ClosedChannelException(java.nio.channels.ClosedChannelException)
CertificateException(java.security.cert.CertificateException)
ExecutionException(java.util.concurrent.ExecutionException)
UnsupportedMessageTypeException(io.netty.handler.codec.UnsupportedMessageTypeException)
NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel)
X509TrustManager(javax.net.ssl.X509TrustManager)
File(java.io.File)
ManagerFactoryParameters(javax.net.ssl.ManagerFactoryParameters)
ChannelInboundHandlerAdapter(io.netty.channel.ChannelInboundHandlerAdapter)
Example 35 with CertificateException
use of java.security.cert.CertificateException in project netty by netty.
the class SSLEngineTest method setupHandlers.
protected void setupHandlers(SslContext serverCtx, SslContext clientCtx) throws InterruptedException, SSLException, CertificateException {
serverSslCtx = serverCtx;
clientSslCtx = clientCtx;
serverConnectedChannel = null;
sb = new ServerBootstrap();
cb = new Bootstrap();
sb.group(new NioEventLoopGroup(), new NioEventLoopGroup());
sb.channel(NioServerSocketChannel.class);
sb.childHandler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) throws Exception {
ch.config().setAllocator(new TestByteBufAllocator(ch.config().getAllocator(), type));
ChannelPipeline p = ch.pipeline();
p.addLast(serverSslCtx.newHandler(ch.alloc()));
p.addLast(new MessageDelegatorChannelHandler(serverReceiver, serverLatch));
p.addLast(new ChannelInboundHandlerAdapter() {
@Override
public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception {
if (cause.getCause() instanceof SSLHandshakeException) {
serverException = cause.getCause();
serverLatch.countDown();
} else {
ctx.fireExceptionCaught(cause);
}
}
});
serverConnectedChannel = ch;
}
});
cb.group(new NioEventLoopGroup());
cb.channel(NioSocketChannel.class);
cb.handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) throws Exception {
ch.config().setAllocator(new TestByteBufAllocator(ch.config().getAllocator(), type));
ChannelPipeline p = ch.pipeline();
p.addLast(clientSslCtx.newHandler(ch.alloc()));
p.addLast(new MessageDelegatorChannelHandler(clientReceiver, clientLatch));
p.addLast(new ChannelInboundHandlerAdapter() {
@Override
public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception {
if (cause.getCause() instanceof SSLHandshakeException) {
clientException = cause.getCause();
clientLatch.countDown();
} else {
ctx.fireExceptionCaught(cause);
}
}
});
}
});
serverChannel = sb.bind(new InetSocketAddress(0)).syncUninterruptibly().channel();
ChannelFuture ccf = cb.connect(serverChannel.localAddress());
assertTrue(ccf.syncUninterruptibly().isSuccess());
clientChannel = ccf.channel();
}
Also used :
ChannelFuture(io.netty.channel.ChannelFuture)
InetSocketAddress(java.net.InetSocketAddress)
SocketChannel(io.netty.channel.socket.SocketChannel)
NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel)
NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel)
Channel(io.netty.channel.Channel)
ChannelHandlerContext(io.netty.channel.ChannelHandlerContext)
ServerBootstrap(io.netty.bootstrap.ServerBootstrap)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
SSLException(javax.net.ssl.SSLException)
ClosedChannelException(java.nio.channels.ClosedChannelException)
CertificateException(java.security.cert.CertificateException)
ExecutionException(java.util.concurrent.ExecutionException)
ChannelPipeline(io.netty.channel.ChannelPipeline)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
Bootstrap(io.netty.bootstrap.Bootstrap)
ServerBootstrap(io.netty.bootstrap.ServerBootstrap)
NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup)
ChannelInboundHandlerAdapter(io.netty.channel.ChannelInboundHandlerAdapter)
Aggregations
CertificateException (java.security.cert.CertificateException)456
IOException (java.io.IOException)221
X509Certificate (java.security.cert.X509Certificate)215
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)141
KeyStoreException (java.security.KeyStoreException)123
CertificateFactory (java.security.cert.CertificateFactory)103
ByteArrayInputStream (java.io.ByteArrayInputStream)97
Certificate (java.security.cert.Certificate)75
KeyStore (java.security.KeyStore)58
InputStream (java.io.InputStream)55
UnrecoverableKeyException (java.security.UnrecoverableKeyException)53
ArrayList (java.util.ArrayList)49
InvalidKeyException (java.security.InvalidKeyException)44
X509TrustManager (javax.net.ssl.X509TrustManager)41
SSLContext (javax.net.ssl.SSLContext)36
FileInputStream (java.io.FileInputStream)34
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)34
RemoteException (android.os.RemoteException)33
FileNotFoundException (java.io.FileNotFoundException)30
KeyManagementException (java.security.KeyManagementException)30
