Examples with X509Certificate - java.security.cert.X509Certificate

Example 11 with X509Certificate

use of java.security.cert.X509Certificate in project cas by apereo.

the class SimpleHttpClientTests method getFriendlyToAllSSLSocketFactory.

private static SSLConnectionSocketFactory getFriendlyToAllSSLSocketFactory() throws Exception {
    final TrustManager trm = new X509TrustManager() {

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        @Override
        public void checkClientTrusted(final X509Certificate[] certs, final String authType) {
        }

        @Override
        public void checkServerTrusted(final X509Certificate[] certs, final String authType) {
        }
    };
    final SSLContext sc = SSLContext.getInstance("SSL");
    sc.init(null, new TrustManager[] { trm }, null);
    return new SSLConnectionSocketFactory(sc, new NoopHostnameVerifier());
}

Also used : NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier) X509TrustManager(javax.net.ssl.X509TrustManager) SSLContext(javax.net.ssl.SSLContext) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) X509Certificate(java.security.cert.X509Certificate) X509TrustManager(javax.net.ssl.X509TrustManager) TrustManager(javax.net.ssl.TrustManager)

Example 12 with X509Certificate

use of java.security.cert.X509Certificate in project cw-omnibus by commonsguy.

the class SignatureFragment method show.

void show(byte[] raw) {
    CertificateFactory cf = null;
    try {
        cf = CertificateFactory.getInstance("X509");
    } catch (CertificateException e) {
        Log.e(getClass().getSimpleName(), "Exception getting CertificateFactory", e);
        return;
    }
    X509Certificate c = null;
    ByteArrayInputStream bin = new ByteArrayInputStream(raw);
    try {
        c = (X509Certificate) cf.generateCertificate(bin);
    } catch (CertificateException e) {
        Log.e(getClass().getSimpleName(), "Exception getting X509Certificate", e);
        return;
    }
    TextView tv = (TextView) getView().findViewById(R.id.subject);
    tv.setText(c.getSubjectDN().toString());
    tv = (TextView) getView().findViewById(R.id.issuer);
    tv.setText(c.getIssuerDN().toString());
    tv = (TextView) getView().findViewById(R.id.valid);
    tv.setText(fmt.format(c.getNotBefore()) + " to " + fmt.format(c.getNotAfter()));
}

Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) CertificateException(java.security.cert.CertificateException) TextView(android.widget.TextView) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate)

Example 13 with X509Certificate

use of java.security.cert.X509Certificate in project UltimateAndroid by cymcsg.

the class HttpsUtils method getX509CertifaceteFromCrtFile.

/**
     * Get X509 Certificate
     *
     * @param certFilePath
     * @return Certificate
     */
public static Certificate getX509CertifaceteFromCrtFile(String certFilePath) {
    InputStream inStream = null;
    X509Certificate cert = null;
    try {
        inStream = new FileInputStream(certFilePath);
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        cert = (X509Certificate) cf.generateCertificate(inStream);
        inStream.close();
    } catch (Exception e) {
        e.printStackTrace();
        Logs.e(e, "");
    } finally {
        return cert;
    }
}

Also used : CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) KeyManagementException(java.security.KeyManagementException) KeyStoreException(java.security.KeyStoreException) CertificateException(java.security.cert.CertificateException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)

Example 14 with X509Certificate

use of java.security.cert.X509Certificate in project jetty.project by eclipse.

the class SecureRequestCustomizer method customize.

/**
     * <p>
     * Customizes the request attributes to be set for SSL requests.
     * </p>
     * <p>
     * The requirements of the Servlet specs are:
     * </p>
     * <ul>
     * <li>an attribute named "javax.servlet.request.ssl_session_id" of type String (since Servlet Spec 3.0).</li>
     * <li>an attribute named "javax.servlet.request.cipher_suite" of type String.</li>
     * <li>an attribute named "javax.servlet.request.key_size" of type Integer.</li>
     * <li>an attribute named "javax.servlet.request.X509Certificate" of type java.security.cert.X509Certificate[]. This
     * is an array of objects of type X509Certificate, the order of this array is defined as being in ascending order of
     * trust. The first certificate in the chain is the one set by the client, the next is the one used to authenticate
     * the first, and so on.</li>
     * </ul>
     * 
     * @param sslEngine
     *            the sslEngine to be customized.
     * @param request
     *            HttpRequest to be customized.
     */
protected void customize(SSLEngine sslEngine, Request request) {
    SSLSession sslSession = sslEngine.getSession();
    if (_sniHostCheck) {
        String name = request.getServerName();
        X509 x509 = (X509) sslSession.getValue(SniX509ExtendedKeyManager.SNI_X509);
        if (x509 != null && !x509.matches(name)) {
            LOG.warn("Host {} does not match SNI {}", name, x509);
            throw new BadMessageException(400, "Host does not match SNI");
        }
        if (LOG.isDebugEnabled())
            LOG.debug("Host {} matched SNI {}", name, x509);
    }
    try {
        String cipherSuite = sslSession.getCipherSuite();
        Integer keySize;
        X509Certificate[] certs;
        String idStr;
        CachedInfo cachedInfo = (CachedInfo) sslSession.getValue(CACHED_INFO_ATTR);
        if (cachedInfo != null) {
            keySize = cachedInfo.getKeySize();
            certs = cachedInfo.getCerts();
            idStr = cachedInfo.getIdStr();
        } else {
            keySize = SslContextFactory.deduceKeyLength(cipherSuite);
            certs = SslContextFactory.getCertChain(sslSession);
            byte[] bytes = sslSession.getId();
            idStr = TypeUtil.toHexString(bytes);
            cachedInfo = new CachedInfo(keySize, certs, idStr);
            sslSession.putValue(CACHED_INFO_ATTR, cachedInfo);
        }
        if (certs != null)
            request.setAttribute("javax.servlet.request.X509Certificate", certs);
        request.setAttribute("javax.servlet.request.cipher_suite", cipherSuite);
        request.setAttribute("javax.servlet.request.key_size", keySize);
        request.setAttribute("javax.servlet.request.ssl_session_id", idStr);
        String sessionAttribute = getSslSessionAttribute();
        if (sessionAttribute != null && !sessionAttribute.isEmpty())
            request.setAttribute(sessionAttribute, sslSession);
    } catch (Exception e) {
        LOG.warn(Log.EXCEPTION, e);
    }
}

Also used : BadMessageException(org.eclipse.jetty.http.BadMessageException) SSLSession(javax.net.ssl.SSLSession) X509(org.eclipse.jetty.util.ssl.X509) X509Certificate(java.security.cert.X509Certificate) BadMessageException(org.eclipse.jetty.http.BadMessageException)

Example 15 with X509Certificate

use of java.security.cert.X509Certificate in project jetty.project by eclipse.

the class SslContextFactory method getCertChain.

public static X509Certificate[] getCertChain(SSLSession sslSession) {
    try {
        Certificate[] javaxCerts = sslSession.getPeerCertificates();
        if (javaxCerts == null || javaxCerts.length == 0)
            return null;
        int length = javaxCerts.length;
        X509Certificate[] javaCerts = new X509Certificate[length];
        java.security.cert.CertificateFactory cf = java.security.cert.CertificateFactory.getInstance("X.509");
        for (int i = 0; i < length; i++) {
            byte[] bytes = javaxCerts[i].getEncoded();
            ByteArrayInputStream stream = new ByteArrayInputStream(bytes);
            javaCerts[i] = (X509Certificate) cf.generateCertificate(stream);
        }
        return javaCerts;
    } catch (SSLPeerUnverifiedException pue) {
        return null;
    } catch (Exception e) {
        LOG.warn(Log.EXCEPTION, e);
        return null;
    }
}

Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException) X509Certificate(java.security.cert.X509Certificate) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Aggregations

X509Certificate (java.security.cert.X509Certificate)1706 IOException (java.io.IOException)336 CertificateException (java.security.cert.CertificateException)272 ByteArrayInputStream (java.io.ByteArrayInputStream)260 CertificateFactory (java.security.cert.CertificateFactory)251 ArrayList (java.util.ArrayList)232 Certificate (java.security.cert.Certificate)227 KeyStore (java.security.KeyStore)177 PrivateKey (java.security.PrivateKey)150 InputStream (java.io.InputStream)134 File (java.io.File)112 KeyStoreException (java.security.KeyStoreException)112 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)111 GeneralSecurityException (java.security.GeneralSecurityException)100 Test (org.junit.Test)90 List (java.util.List)89 PublicKey (java.security.PublicKey)88 X509TrustManager (javax.net.ssl.X509TrustManager)80 X500Principal (javax.security.auth.x500.X500Principal)76 HashSet (java.util.HashSet)64