Examples with CertificateException - java.security.cert.CertificateException

Example 36 with CertificateException

use of java.security.cert.CertificateException in project netty by netty.

the class SslContextTrustManagerTest method runTests.

/**
     *
     * @param caResources
     *            an array of paths to CA Certificates in PEM format to load
     *            from the classpath (relative to this class).
     * @param eecResources
     *            an array of paths to Server Certificates in PEM format in to
     *            load from the classpath (relative to this class).
     * @param expectations
     *            an array of expecting results for each EEC Server Certificate
     *            (the array is expected to have the same length the previous
     *            argument, and be arrange in matching order: true means
     *            expected to be valid, false otherwise.
     */
private static void runTests(String[] caResources, String[] eecResources, boolean[] expectations) throws Exception {
    X509TrustManager tm = getTrustManager(caResources);
    X509Certificate[] eecCerts = loadCertCollection(eecResources);
    for (int i = 0; i < eecResources.length; i++) {
        X509Certificate eecCert = eecCerts[i];
        assertNotNull("Cannot use cert " + eecResources[i], eecCert);
        try {
            tm.checkServerTrusted(new X509Certificate[] { eecCert }, "RSA");
            if (!expectations[i]) {
                fail(String.format("Certificate %s was expected not to be valid when using CAs %s, but its " + "verification passed.", eecResources[i], Arrays.asList(caResources)));
            }
        } catch (CertificateException e) {
            if (expectations[i]) {
                fail(String.format("Certificate %s was expected to be valid when using CAs %s, but its " + "verification failed.", eecResources[i], Arrays.asList(caResources)));
            }
        }
    }
}

Also used : X509TrustManager(javax.net.ssl.X509TrustManager) CertificateException(java.security.cert.CertificateException) X509Certificate(java.security.cert.X509Certificate)

Example 37 with CertificateException

use of java.security.cert.CertificateException in project openhab1-addons by openhab.

the class AirConditioner method connect.

private void connect() throws Exception {
    if (isConnected()) {
        return;
    } else {
        logger.debug("Disconnected so we'll try again");
        disconnect();
    }
    if (CERTIFICATE_FILE_NAME != null && new File(CERTIFICATE_FILE_NAME).isFile()) {
        if (CERTIFICATE_PASSWORD == null) {
            CERTIFICATE_PASSWORD = "";
        }
        try {
            SSLClient client = new SSLClient();
            client.addTrustMaterial(TrustMaterial.DEFAULT);
            client.setCheckHostname(false);
            client.setKeyMaterial(new KeyMaterial(CERTIFICATE_FILE_NAME, CERTIFICATE_PASSWORD.toCharArray()));
            client.setConnectTimeout(10000);
            socket = (SSLSocket) client.createSocket(IP, PORT);
            socket.setSoTimeout(2000);
            socket.startHandshake();
        } catch (Exception e) {
            throw new Exception("Could not connect using certificate: " + CERTIFICATE_FILE_NAME, e);
        }
    } else {
        try {
            SSLContext ctx = SSLContext.getInstance("TLS");
            final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {

                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }

                public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
                }

                public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
                }
            } };
            ctx.init(null, trustAllCerts, null);
            socket = (SSLSocket) ctx.getSocketFactory().createSocket(IP, PORT);
            socket.setSoTimeout(2000);
            socket.startHandshake();
        } catch (Exception e) {
            throw new Exception("Cannot connect to " + IP + ":" + PORT, e);
        }
    }
    handleResponse();
}

Also used : SSLClient(org.apache.commons.ssl.SSLClient) KeyMaterial(org.apache.commons.ssl.KeyMaterial) X509TrustManager(javax.net.ssl.X509TrustManager) SSLContext(javax.net.ssl.SSLContext) File(java.io.File) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) SSLException(javax.net.ssl.SSLException) SocketTimeoutException(java.net.SocketTimeoutException) X509Certificate(java.security.cert.X509Certificate) TrustManager(javax.net.ssl.TrustManager) X509TrustManager(javax.net.ssl.X509TrustManager)

Example 38 with CertificateException

use of java.security.cert.CertificateException in project nutz by nutzam.

the class Http method nopSSLSocketFactory.

public static SSLSocketFactory nopSSLSocketFactory() throws Exception {
    SSLContext sc = SSLContext.getInstance("SSL");
    TrustManager[] tmArr = { new X509TrustManager() {

        public void checkClientTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException {
        }

        public void checkServerTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException {
        }

        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    } };
    sc.init(null, tmArr, new SecureRandom());
    return sc.getSocketFactory();
}

Also used : X509TrustManager(javax.net.ssl.X509TrustManager) SecureRandom(java.security.SecureRandom) CertificateException(java.security.cert.CertificateException) SSLContext(javax.net.ssl.SSLContext) X509Certificate(java.security.cert.X509Certificate) TrustManager(javax.net.ssl.TrustManager) X509TrustManager(javax.net.ssl.X509TrustManager)

Example 39 with CertificateException

use of java.security.cert.CertificateException in project android by owncloud.

the class SsoWebViewClient method getX509CertificateFromError.

/**
     * Obtain the X509Certificate from SslError
     * @param   error     SslError
     * @return  X509Certificate from error
     */
public X509Certificate getX509CertificateFromError(SslError error) {
    Bundle bundle = SslCertificate.saveState(error.getCertificate());
    X509Certificate x509Certificate;
    byte[] bytes = bundle.getByteArray("x509-certificate");
    if (bytes == null) {
        x509Certificate = null;
    } else {
        try {
            CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
            Certificate cert = certFactory.generateCertificate(new ByteArrayInputStream(bytes));
            x509Certificate = (X509Certificate) cert;
        } catch (CertificateException e) {
            x509Certificate = null;
        }
    }
    return x509Certificate;
}

Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) Bundle(android.os.Bundle) CertificateException(java.security.cert.CertificateException) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate) SslCertificate(android.net.http.SslCertificate)

Example 40 with CertificateException

use of java.security.cert.CertificateException in project scdl by passy.

the class PinningTrustManagerImpl method checkServerTrusted.

@Override
public void checkServerTrusted(final X509Certificate[] chain, final String authType) throws CertificateException {
    Log.d(TAG, "Checking if server is trusted");
    for (final TrustManager systemTrustManager : systemTrustManagers) {
        ((X509TrustManager) systemTrustManager).checkServerTrusted(chain, authType);
    }
    Log.d(TAG, "Getting trust root");
    final X509Certificate anchor = systemKeyStore.getTrustRoot(chain);
    Log.d(TAG, "checking certs for valid pin");
    for (final X509Certificate certificate : chain) {
        if (isValidPin(certificate)) {
            Log.d(TAG, "Success!");
            return;
        }
    }
    Log.d(TAG, "checking anchor for valid pin");
    if (anchor != null && isValidPin(anchor)) {
        Log.d(TAG, "Success!");
        return;
    }
    throw new CertificateException("No valid Pins found in Certificate Chain!");
}

Also used : X509TrustManager(javax.net.ssl.X509TrustManager) CertificateException(java.security.cert.CertificateException) X509Certificate(java.security.cert.X509Certificate) TrustManager(javax.net.ssl.TrustManager) X509TrustManager(javax.net.ssl.X509TrustManager)

Aggregations

CertificateException (java.security.cert.CertificateException)456 IOException (java.io.IOException)221 X509Certificate (java.security.cert.X509Certificate)215 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)141 KeyStoreException (java.security.KeyStoreException)123 CertificateFactory (java.security.cert.CertificateFactory)103 ByteArrayInputStream (java.io.ByteArrayInputStream)97 Certificate (java.security.cert.Certificate)75 KeyStore (java.security.KeyStore)58 InputStream (java.io.InputStream)55 UnrecoverableKeyException (java.security.UnrecoverableKeyException)53 ArrayList (java.util.ArrayList)49 InvalidKeyException (java.security.InvalidKeyException)44 X509TrustManager (javax.net.ssl.X509TrustManager)41 SSLContext (javax.net.ssl.SSLContext)36 FileInputStream (java.io.FileInputStream)34 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)34 RemoteException (android.os.RemoteException)33 FileNotFoundException (java.io.FileNotFoundException)30 KeyManagementException (java.security.KeyManagementException)30