Example 6 with X509Certificate
use of javax.security.cert.X509Certificate in project perun by CESNET.
the class urn_perun_user_attribute_def_virt_userCertExpirations method getAttributeValue.
@Override
public Attribute getAttributeValue(PerunSessionImpl sess, User user, AttributeDefinition attributeDefinition) throws InternalErrorException {
Attribute attribute = new Attribute(attributeDefinition);
HashMap<String, String> certsExpirations = new LinkedHashMap<String, String>();
try {
Attribute userCertsAttribute = getUserCertsAttribute(sess, user);
HashMap<String, String> certs = (LinkedHashMap<String, String>) userCertsAttribute.getValue();
if (certs != null) {
for (String certDN : certs.keySet()) {
String cert = certs.get(certDN);
// Remove --- BEGIN --- and --- END ----
String certWithoutBegin = cert.replaceFirst("-----BEGIN CERTIFICATE-----", "");
String rawCert = certWithoutBegin.replaceFirst("-----END CERTIFICATE-----", "");
X509Certificate x509 = X509Certificate.getInstance(Base64.decodeBase64(rawCert.getBytes()));
// TODO use some defined date/time format
DateFormat dateFormat = DateFormat.getDateInstance();
certsExpirations.put(certDN, dateFormat.format(x509.getNotAfter()));
}
attribute = Utils.copyAttributeToViAttributeWithoutValue(userCertsAttribute, attribute);
}
} catch (AttributeNotExistsException ex) {
// FIXME throw new WrongReferenceAttributeValueException("User " + user + " doesn't have assigned urn:perun:user:attribute-def:def:userCertificates attribute", ex);
} catch (CertificateException e) {
throw new InternalErrorException("CertificateException - user: " + user + ".", e);
}
attribute.setValue(certsExpirations);
return attribute;
}
Also used :
Attribute(cz.metacentrum.perun.core.api.Attribute)
DateFormat(java.text.DateFormat)
AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)
CertificateException(javax.security.cert.CertificateException)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
X509Certificate(javax.security.cert.X509Certificate)
LinkedHashMap(java.util.LinkedHashMap)
Example 7 with X509Certificate
use of javax.security.cert.X509Certificate in project j2objc by google.
the class X509CertificateTest method testGetInstance2.
/**
* getInstance(byte[] certData) method testing.
* @throws CertificateEncodingException
* @throws java.security.cert.CertificateEncodingException
*/
public void testGetInstance2() throws java.security.cert.CertificateEncodingException, CertificateEncodingException {
boolean certificateException = false;
X509Certificate c = null;
if (this.cert == null) {
// Test can not be applied.
return;
}
try {
c = X509Certificate.getInstance(cert.getEncoded());
} catch (java.security.cert.CertificateEncodingException e) {
fail("Unexpected CertificateEncodingException was thrown.");
} catch (CertificateException e) {
// The requested certificate type is not available.
// Test pass..
certificateException = true;
}
if (!certificateException) {
assertNotNull(c);
assertTrue(Arrays.equals(c.getEncoded(), cert.getEncoded()));
}
try {
X509Certificate.getInstance(new byte[] { (byte) 1 });
} catch (CertificateException e) {
//ok
}
// Regression for HARMONY-756
try {
X509Certificate.getInstance((byte[]) null);
fail("No expected CertificateException");
} catch (CertificateException e) {
// expected;
}
}
Also used :
CertificateException(javax.security.cert.CertificateException)
X509Certificate(javax.security.cert.X509Certificate)
Example 8 with X509Certificate
use of javax.security.cert.X509Certificate in project camel by apache.
the class NettyEndpoint method enrichWithClientCertInformation.
/**
* Enriches the message with client certificate details such as subject name, serial number etc.
* <p/>
* If the certificate is unverified then the headers is not enriched.
*
* @param sslSession the SSL session
* @param message the message to enrich
*/
protected void enrichWithClientCertInformation(SSLSession sslSession, Message message) {
try {
X509Certificate[] certificates = sslSession.getPeerCertificateChain();
if (certificates != null && certificates.length > 0) {
X509Certificate cert = certificates[0];
Principal subject = cert.getSubjectDN();
if (subject != null) {
message.setHeader(NettyConstants.NETTY_SSL_CLIENT_CERT_SUBJECT_NAME, subject.getName());
}
Principal issuer = cert.getIssuerDN();
if (issuer != null) {
message.setHeader(NettyConstants.NETTY_SSL_CLIENT_CERT_ISSUER_NAME, issuer.getName());
}
BigInteger serial = cert.getSerialNumber();
if (serial != null) {
message.setHeader(NettyConstants.NETTY_SSL_CLIENT_CERT_SERIAL_NO, serial.toString());
}
message.setHeader(NettyConstants.NETTY_SSL_CLIENT_CERT_NOT_BEFORE, cert.getNotBefore());
message.setHeader(NettyConstants.NETTY_SSL_CLIENT_CERT_NOT_AFTER, cert.getNotAfter());
}
} catch (SSLPeerUnverifiedException e) {
// ignore
}
}
Also used :
SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException)
BigInteger(java.math.BigInteger)
X509Certificate(javax.security.cert.X509Certificate)
Principal(java.security.Principal)
Example 9 with X509Certificate
use of javax.security.cert.X509Certificate in project robovm by robovm.
the class X509CertificateTest method testGetInstance2.
/**
* getInstance(byte[] certData) method testing.
* @throws CertificateEncodingException
* @throws java.security.cert.CertificateEncodingException
*/
public void testGetInstance2() throws java.security.cert.CertificateEncodingException, CertificateEncodingException {
boolean certificateException = false;
X509Certificate c = null;
if (this.cert == null) {
// Test can not be applied.
return;
}
try {
c = X509Certificate.getInstance(cert.getEncoded());
} catch (java.security.cert.CertificateEncodingException e) {
fail("Unexpected CertificateEncodingException was thrown.");
} catch (CertificateException e) {
// The requested certificate type is not available.
// Test pass..
certificateException = true;
}
if (!certificateException) {
assertNotNull(c);
assertTrue(Arrays.equals(c.getEncoded(), cert.getEncoded()));
}
try {
X509Certificate.getInstance(new byte[] { (byte) 1 });
} catch (CertificateException e) {
//ok
}
// Regression for HARMONY-756
try {
X509Certificate.getInstance((byte[]) null);
fail("No expected CertificateException");
} catch (CertificateException e) {
// expected;
}
}
Also used :
CertificateException(javax.security.cert.CertificateException)
X509Certificate(javax.security.cert.X509Certificate)
Example 10 with X509Certificate
use of javax.security.cert.X509Certificate in project undertow by undertow-io.
the class SslClientCertAttribute method readAttribute.
@Override
public String readAttribute(HttpServerExchange exchange) {
SSLSessionInfo ssl = exchange.getConnection().getSslSessionInfo();
if (ssl == null) {
return null;
}
X509Certificate[] certificates;
try {
certificates = ssl.getPeerCertificateChain();
if (certificates.length > 0) {
return Certificates.toPem(certificates[0]);
}
return null;
} catch (SSLPeerUnverifiedException e) {
return null;
} catch (CertificateEncodingException e) {
return null;
} catch (RenegotiationRequiredException e) {
return null;
}
}
Also used :
SSLSessionInfo(io.undertow.server.SSLSessionInfo)
SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException)
CertificateEncodingException(javax.security.cert.CertificateEncodingException)
X509Certificate(javax.security.cert.X509Certificate)
RenegotiationRequiredException(io.undertow.server.RenegotiationRequiredException)
Aggregations
X509Certificate (javax.security.cert.X509Certificate)10
SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)6
ByteArrayInputStream (java.io.ByteArrayInputStream)2
Certificate (java.security.cert.Certificate)2
HandshakeCompletedEvent (javax.net.ssl.HandshakeCompletedEvent)2
SSLSocket (javax.net.ssl.SSLSocket)2
CertificateException (javax.security.cert.CertificateException)2
org.apache.harmony.xnet.tests.support.mySSLSession (org.apache.harmony.xnet.tests.support.mySSLSession)2
Test (org.junit.Test)2
Attribute (cz.metacentrum.perun.core.api.Attribute)1
AttributeNotExistsException (cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)1
InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)1
Bootstrap (io.netty.bootstrap.Bootstrap)1
ServerBootstrap (io.netty.bootstrap.ServerBootstrap)1
Channel (io.netty.channel.Channel)1
ChannelHandlerContext (io.netty.channel.ChannelHandlerContext)1
ChannelInboundHandlerAdapter (io.netty.channel.ChannelInboundHandlerAdapter)1
NioEventLoopGroup (io.netty.channel.nio.NioEventLoopGroup)1
SocketChannel (io.netty.channel.socket.SocketChannel)1
NioServerSocketChannel (io.netty.channel.socket.nio.NioServerSocketChannel)1
