Examples with TrustAnchor - java.security.cert.TrustAnchor

Example 56 with TrustAnchor

use of java.security.cert.TrustAnchor in project robovm by robovm.

the class PKIXCertPathBuilderResultTest method testPKIXCertPathBuilderResult02.

/**
     * Test #2 for <code>PKIXCertPathBuilderResult(CertPath, TrustAnchor,
     *   PolicyNode, PublicKey)</code> constructor<br>
     * Assertion: policy tree parameter may be <code>null</code>
     * @throws NoSuchAlgorithmException
     * @throws InvalidKeySpecException
     */
public final void testPKIXCertPathBuilderResult02() throws InvalidKeySpecException, NoSuchAlgorithmException {
    TrustAnchor ta = TestUtils.getTrustAnchor();
    if (ta == null) {
        fail(getName() + ": not performed (could not create test TrustAnchor)");
    }
    CertPathBuilderResult r = new PKIXCertPathBuilderResult(new MyCertPath(testEncoding), ta, null, testPublicKey);
    assertTrue(r instanceof PKIXCertPathBuilderResult);
}

Also used : MyCertPath(org.apache.harmony.security.tests.support.cert.MyCertPath) PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult) CertPathBuilderResult(java.security.cert.CertPathBuilderResult) PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult) TrustAnchor(java.security.cert.TrustAnchor)

Example 57 with TrustAnchor

use of java.security.cert.TrustAnchor in project robovm by robovm.

the class PKIXCertPathBuilderResultTest method testPKIXCertPathBuilderResult03.

/**
     * Test #3 for <code>PKIXCertPathBuilderResult(CertPath, TrustAnchor,
     *   PolicyNode, PublicKey)</code> constructor<br>
     * Assertion: <code>NullPointerException</code>
     * if certPath is <code>null</code>
     */
public final void testPKIXCertPathBuilderResult03() {
    TrustAnchor ta = TestUtils.getTrustAnchor();
    if (ta == null) {
        fail(getName() + ": not performed (could not create test TrustAnchor)");
    }
    try {
        // pass null
        new PKIXCertPathBuilderResult(null, ta, TestUtils.getPolicyTree(), testPublicKey);
        fail("NPE expected");
    } catch (NullPointerException e) {
    }
}

Also used : PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult) TrustAnchor(java.security.cert.TrustAnchor)

Example 58 with TrustAnchor

use of java.security.cert.TrustAnchor in project robovm by robovm.

the class TestUtils method getTrustAnchor.

/**
     * Creates <code>TrustAnchor</code> instance
     * constructed using self signed test certificate
     *
     * @return <code>TrustAnchor</code> instance
     */
public static TrustAnchor getTrustAnchor() {
    CertificateFactory cf = null;
    try {
        cf = CertificateFactory.getInstance(certType);
    } catch (CertificateException e) {
        // that were searched
        throw new RuntimeException(e);
    }
    BufferedInputStream bis = null;
    try {
        bis = new BufferedInputStream(new ByteArrayInputStream(getEncodedX509Certificate()));
        X509Certificate c1 = (X509Certificate) cf.generateCertificate(bis);
        return new TrustAnchor(c1, null);
    } catch (Exception e) {
        // all failures are fatal
        throw new RuntimeException(e);
    } finally {
        if (bis != null) {
            try {
                bis.close();
            } catch (IOException ign) {
            }
        }
    }
}

Also used : BufferedInputStream(java.io.BufferedInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) CertificateException(java.security.cert.CertificateException) TrustAnchor(java.security.cert.TrustAnchor) IOException(java.io.IOException) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) CertPathBuilderException(java.security.cert.CertPathBuilderException) CertPathValidatorException(java.security.cert.CertPathValidatorException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)

Example 59 with TrustAnchor

use of java.security.cert.TrustAnchor in project robovm by robovm.

the class TestUtils method getCertPathParameters.

public static CertPathParameters getCertPathParameters() throws InvalidAlgorithmParameterException {
    if ((rootCertificateSS == null) || (theCertSelector == null) || (builder == null)) {
        throw new RuntimeException("Call initCertPathSSCertChain prior to buildCertPath");
    }
    PKIXBuilderParameters buildParams = new PKIXBuilderParameters(Collections.singleton(new TrustAnchor(rootCertificateSS, null)), theCertSelector);
    buildParams.addCertStore(store);
    buildParams.setRevocationEnabled(false);
    return buildParams;
}

Also used : PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) TrustAnchor(java.security.cert.TrustAnchor)

Example 60 with TrustAnchor

use of java.security.cert.TrustAnchor in project XobotOS by xamarin.

the class CertPathValidatorUtilities method findTrustAnchor.

/**
     * Search the given Set of TrustAnchor's for one that is the
     * issuer of the given X509 certificate. Uses the specified
     * provider for signature verification, or the default provider
     * if null.
     *
     * @param cert the X509 certificate
     * @param trustAnchors a Set of TrustAnchor's
     * @param sigProvider the provider to use for signature verification
     *
     * @return the <code>TrustAnchor</code> object if found or
     * <code>null</code> if not.
     *
     * @exception AnnotatedException
     *                if a TrustAnchor was found but the signature verification
     *                on the given certificate has thrown an exception.
     */
protected static TrustAnchor findTrustAnchor(X509Certificate cert, Set trustAnchors, String sigProvider) throws AnnotatedException {
    TrustAnchor trust = null;
    PublicKey trustPublicKey = null;
    Exception invalidKeyEx = null;
    X509CertSelector certSelectX509 = new X509CertSelector();
    X500Principal certIssuer = getEncodedIssuerPrincipal(cert);
    try {
        certSelectX509.setSubject(certIssuer.getEncoded());
    } catch (IOException ex) {
        throw new AnnotatedException("Cannot set subject search criteria for trust anchor.", ex);
    }
    Iterator iter = trustAnchors.iterator();
    while (iter.hasNext() && trust == null) {
        trust = (TrustAnchor) iter.next();
        if (trust.getTrustedCert() != null) {
            if (certSelectX509.match(trust.getTrustedCert())) {
                trustPublicKey = trust.getTrustedCert().getPublicKey();
            } else {
                trust = null;
            }
        } else if (trust.getCAName() != null && trust.getCAPublicKey() != null) {
            try {
                X500Principal caName = new X500Principal(trust.getCAName());
                if (certIssuer.equals(caName)) {
                    trustPublicKey = trust.getCAPublicKey();
                } else {
                    trust = null;
                }
            } catch (IllegalArgumentException ex) {
                trust = null;
            }
        } else {
            trust = null;
        }
        if (trustPublicKey != null) {
            try {
                verifyX509Certificate(cert, trustPublicKey, sigProvider);
            } catch (Exception ex) {
                invalidKeyEx = ex;
                trust = null;
            }
        }
    }
    if (trust == null && invalidKeyEx != null) {
        throw new AnnotatedException("TrustAnchor found but certificate validation failed.", invalidKeyEx);
    }
    return trust;
}

Also used : PublicKey(java.security.PublicKey) DSAPublicKey(java.security.interfaces.DSAPublicKey) Iterator(java.util.Iterator) X500Principal(javax.security.auth.x500.X500Principal) TrustAnchor(java.security.cert.TrustAnchor) X509CertSelector(java.security.cert.X509CertSelector) IOException(java.io.IOException) GeneralSecurityException(java.security.GeneralSecurityException) CertPathValidatorException(java.security.cert.CertPathValidatorException) ParseException(java.text.ParseException) ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException) CertStoreException(java.security.cert.CertStoreException) CertificateParsingException(java.security.cert.CertificateParsingException) StoreException(org.bouncycastle.util.StoreException) IOException(java.io.IOException)

Aggregations

TrustAnchor (java.security.cert.TrustAnchor)103 X509Certificate (java.security.cert.X509Certificate)47 PublicKey (java.security.PublicKey)26 HashSet (java.util.HashSet)25 X500Principal (javax.security.auth.x500.X500Principal)23 PKIXParameters (java.security.cert.PKIXParameters)20 PKIXBuilderParameters (java.security.cert.PKIXBuilderParameters)19 X509CertSelector (java.security.cert.X509CertSelector)18 TestKeyPair (org.apache.harmony.security.tests.support.TestKeyPair)16 CertificateFactory (java.security.cert.CertificateFactory)15 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)14 CertPathValidatorException (java.security.cert.CertPathValidatorException)14 PKIXCertPathValidatorResult (java.security.cert.PKIXCertPathValidatorResult)14 ArrayList (java.util.ArrayList)14 CollectionCertStoreParameters (java.security.cert.CollectionCertStoreParameters)13 PKIXCertPathBuilderResult (java.security.cert.PKIXCertPathBuilderResult)13 IOException (java.io.IOException)12 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)10 CertPathBuilder (java.security.cert.CertPathBuilder)10 CertificateException (java.security.cert.CertificateException)10