Search in sources :

Example 26 with PKIXBuilderParameters

use of java.security.cert.PKIXBuilderParameters in project robovm by robovm.

the class PKIXBuilderParametersTest method testPKIXBuilderParametersKeyStoreCertSelector02.

/**
     * Test #2 for <code>PKIXBuilderParameters(KeyStore, CertSelector)</code>
     * constructor<br>
     * Assertion: <code>KeyStoreException</code> - if the
     * <code>keystore</code> has not been initialized
     */
public final void testPKIXBuilderParametersKeyStoreCertSelector02() throws Exception {
    KeyStore keyTest = KeyStore.getInstance(KeyStore.getDefaultType());
    try {
        new PKIXBuilderParameters(keyTest, null);
        fail("KeyStoreException expected");
    } catch (KeyStoreException e) {
    // expected
    }
}
Also used : PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) KeyStoreException(java.security.KeyStoreException) KeyStore(java.security.KeyStore)

Example 27 with PKIXBuilderParameters

use of java.security.cert.PKIXBuilderParameters in project robovm by robovm.

the class PKIXBuilderParametersTest method testSetMaxPathLength.

/**
     * Test for <code>setMaxPathLength()</code>
     */
public final void testSetMaxPathLength() throws Exception {
    KeyStore keyTest = KeyStore.getInstance(KeyStore.getDefaultType());
    keyTest.load(null, null);
    ByteArrayInputStream certArray = new ByteArrayInputStream(certificate.getBytes());
    ByteArrayInputStream certArray2 = new ByteArrayInputStream(certificate2.getBytes());
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    X509Certificate[] cert = new X509Certificate[2];
    cert[0] = (X509Certificate) cf.generateCertificate(certArray);
    cert[1] = (X509Certificate) cf.generateCertificate(certArray2);
    keyTest.setCertificateEntry("alias1", cert[0]);
    keyTest.setCertificateEntry("alias2", cert[0]);
    keyTest.setCertificateEntry("alias3", cert[1]);
    PKIXBuilderParameters p = new PKIXBuilderParameters(keyTest, new X509CertSelector());
    assertEquals(5, p.getMaxPathLength());
    p.setMaxPathLength(10);
    assertEquals(10, p.getMaxPathLength());
    p.setMaxPathLength(0);
    assertEquals(0, p.getMaxPathLength());
    p.setMaxPathLength(-1);
    assertEquals(-1, p.getMaxPathLength());
    int[] maxPathLength = { -2, -10, Integer.MIN_VALUE };
    for (int i = 0; i < maxPathLength.length; i++) {
        try {
            p.setMaxPathLength(maxPathLength[i]);
            fail("InvalidParameterException expected ");
        } catch (InvalidParameterException e) {
        // expected
        }
    }
}
Also used : InvalidParameterException(java.security.InvalidParameterException) ByteArrayInputStream(java.io.ByteArrayInputStream) PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) X509CertSelector(java.security.cert.X509CertSelector) KeyStore(java.security.KeyStore) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate)

Example 28 with PKIXBuilderParameters

use of java.security.cert.PKIXBuilderParameters in project robovm by robovm.

the class TestUtils method getCertPathParameters.

public static CertPathParameters getCertPathParameters() throws InvalidAlgorithmParameterException {
    if ((rootCertificateSS == null) || (theCertSelector == null) || (builder == null)) {
        throw new RuntimeException("Call initCertPathSSCertChain prior to buildCertPath");
    }
    PKIXBuilderParameters buildParams = new PKIXBuilderParameters(Collections.singleton(new TrustAnchor(rootCertificateSS, null)), theCertSelector);
    buildParams.addCertStore(store);
    buildParams.setRevocationEnabled(false);
    return buildParams;
}
Also used : PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) TrustAnchor(java.security.cert.TrustAnchor)

Example 29 with PKIXBuilderParameters

use of java.security.cert.PKIXBuilderParameters in project XobotOS by xamarin.

the class ExtendedPKIXBuilderParameters method setParams.

/**
     * Can alse handle <code>ExtendedPKIXBuilderParameters</code> and
     * <code>PKIXBuilderParameters</code>.
     * 
     * @param params Parameters to set.
     * @see org.bouncycastle.x509.ExtendedPKIXParameters#setParams(java.security.cert.PKIXParameters)
     */
protected void setParams(PKIXParameters params) {
    super.setParams(params);
    if (params instanceof ExtendedPKIXBuilderParameters) {
        ExtendedPKIXBuilderParameters _params = (ExtendedPKIXBuilderParameters) params;
        maxPathLength = _params.maxPathLength;
        excludedCerts = new HashSet(_params.excludedCerts);
    }
    if (params instanceof PKIXBuilderParameters) {
        PKIXBuilderParameters _params = (PKIXBuilderParameters) params;
        maxPathLength = _params.getMaxPathLength();
    }
}
Also used : PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) HashSet(java.util.HashSet)

Example 30 with PKIXBuilderParameters

use of java.security.cert.PKIXBuilderParameters in project XobotOS by xamarin.

the class PKIXCertPathBuilderSpi method engineBuild.

/**
     * Build and validate a CertPath using the given parameter.
     * 
     * @param params PKIXBuilderParameters object containing all information to
     *            build the CertPath
     */
public CertPathBuilderResult engineBuild(CertPathParameters params) throws CertPathBuilderException, InvalidAlgorithmParameterException {
    if (!(params instanceof PKIXBuilderParameters) && !(params instanceof ExtendedPKIXBuilderParameters)) {
        throw new InvalidAlgorithmParameterException("Parameters must be an instance of " + PKIXBuilderParameters.class.getName() + " or " + ExtendedPKIXBuilderParameters.class.getName() + ".");
    }
    ExtendedPKIXBuilderParameters pkixParams = null;
    if (params instanceof ExtendedPKIXBuilderParameters) {
        pkixParams = (ExtendedPKIXBuilderParameters) params;
    } else {
        pkixParams = (ExtendedPKIXBuilderParameters) ExtendedPKIXBuilderParameters.getInstance((PKIXBuilderParameters) params);
    }
    Collection targets;
    Iterator targetIter;
    List certPathList = new ArrayList();
    X509Certificate cert;
    // search target certificates
    Selector certSelect = pkixParams.getTargetConstraints();
    if (!(certSelect instanceof X509CertStoreSelector)) {
        throw new CertPathBuilderException("TargetConstraints must be an instance of " + X509CertStoreSelector.class.getName() + " for " + this.getClass().getName() + " class.");
    }
    try {
        targets = CertPathValidatorUtilities.findCertificates((X509CertStoreSelector) certSelect, pkixParams.getStores());
        targets.addAll(CertPathValidatorUtilities.findCertificates((X509CertStoreSelector) certSelect, pkixParams.getCertStores()));
    } catch (AnnotatedException e) {
        throw new ExtCertPathBuilderException("Error finding target certificate.", e);
    }
    if (targets.isEmpty()) {
        throw new CertPathBuilderException("No certificate found matching targetContraints.");
    }
    CertPathBuilderResult result = null;
    // check all potential target certificates
    targetIter = targets.iterator();
    while (targetIter.hasNext() && result == null) {
        cert = (X509Certificate) targetIter.next();
        result = build(cert, pkixParams, certPathList);
    }
    if (result == null && certPathException != null) {
        if (certPathException instanceof AnnotatedException) {
            throw new CertPathBuilderException(certPathException.getMessage(), certPathException.getCause());
        }
        throw new CertPathBuilderException("Possible certificate chain could not be validated.", certPathException);
    }
    if (result == null && certPathException == null) {
        throw new CertPathBuilderException("Unable to find certificate chain.");
    }
    return result;
}
Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) ExtendedPKIXBuilderParameters(org.bouncycastle.x509.ExtendedPKIXBuilderParameters) ExtendedPKIXBuilderParameters(org.bouncycastle.x509.ExtendedPKIXBuilderParameters) PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) X509CertStoreSelector(org.bouncycastle.x509.X509CertStoreSelector) CertPathBuilderResult(java.security.cert.CertPathBuilderResult) PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult) ArrayList(java.util.ArrayList) X509Certificate(java.security.cert.X509Certificate) ExtCertPathBuilderException(org.bouncycastle.jce.exception.ExtCertPathBuilderException) CertPathBuilderException(java.security.cert.CertPathBuilderException) Iterator(java.util.Iterator) ExtCertPathBuilderException(org.bouncycastle.jce.exception.ExtCertPathBuilderException) Collection(java.util.Collection) ArrayList(java.util.ArrayList) List(java.util.List) Selector(org.bouncycastle.util.Selector) X509CertStoreSelector(org.bouncycastle.x509.X509CertStoreSelector)

Aggregations

PKIXBuilderParameters (java.security.cert.PKIXBuilderParameters)34 X509CertSelector (java.security.cert.X509CertSelector)24 X509Certificate (java.security.cert.X509Certificate)18 CollectionCertStoreParameters (java.security.cert.CollectionCertStoreParameters)13 TrustAnchor (java.security.cert.TrustAnchor)13 ArrayList (java.util.ArrayList)10 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)9 KeyStore (java.security.KeyStore)9 CertPathBuilder (java.security.cert.CertPathBuilder)9 HashSet (java.util.HashSet)9 CertStore (java.security.cert.CertStore)8 CertPathBuilderException (java.security.cert.CertPathBuilderException)7 CertPathBuilderResult (java.security.cert.CertPathBuilderResult)7 PKIXCertPathBuilderResult (java.security.cert.PKIXCertPathBuilderResult)7 ByteArrayInputStream (java.io.ByteArrayInputStream)6 CertificateFactory (java.security.cert.CertificateFactory)6 IOException (java.io.IOException)5 KeyStoreException (java.security.KeyStoreException)5 Certificate (java.security.cert.Certificate)5 CertificateException (java.security.cert.CertificateException)5