Example 41 with NHINDException
use of org.nhindirect.stagent.NHINDException in project nhin-d by DirectProject.
the class CertificateStore method getUsableCerts.
protected Collection<X509Certificate> getUsableCerts(InternetAddress address) {
Collection<X509Certificate> retVal;
if (address == null) {
throw new IllegalArgumentException();
}
// may need to do some parsing of the address because the some email clients may send real name information along with the address
int index = 0;
String theAddress = address.getAddress();
if ((index = theAddress.indexOf("<")) > -1 && theAddress.endsWith(">")) {
theAddress = theAddress.substring(index + 1);
theAddress = theAddress.substring(0, theAddress.length() - 1);
}
// search for "+" extension on the email address
if (theAddress.indexOf("+") > -1 && theAddress.indexOf("@") > -1) {
int startIndex = theAddress.indexOf("+");
int endIndex = theAddress.indexOf("@");
theAddress = theAddress.substring(0, startIndex) + theAddress.substring(endIndex);
}
Collection<X509Certificate> certs = getCertificates("EMAILADDRESS=" + theAddress);
if (certs == null || certs.size() == 0) {
if ((index = theAddress.indexOf("@")) > -1) {
theAddress = theAddress.substring(index + 1);
certs = getCertificates("EMAILADDRESS=" + theAddress);
} else
return null;
}
if (certs == null || certs.size() == 0)
return null;
retVal = filterUsable(certs);
if (retVal == null)
throw new NHINDException(AgentError.AllCertsInResolverInvalid);
return retVal;
}
Also used :
NHINDException(org.nhindirect.stagent.NHINDException)
X509Certificate(java.security.cert.X509Certificate)
Example 42 with NHINDException
use of org.nhindirect.stagent.NHINDException in project nhin-d by DirectProject.
the class CRLRevocationManager method getObject.
private static DERObject getObject(String oid, byte[] ext) throws AnnotatedException {
ASN1InputStream aIn = null;
try {
aIn = new ASN1InputStream(ext);
ASN1OctetString octs = (ASN1OctetString) aIn.readObject();
IOUtils.closeQuietly(aIn);
aIn = new ASN1InputStream(octs.getOctets());
return aIn.readObject();
} catch (Exception e) {
throw new NHINDException("exception processing extension " + oid, e);
} finally {
IOUtils.closeQuietly(aIn);
}
}
Also used :
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
NHINDException(org.nhindirect.stagent.NHINDException)
AnnotatedException(org.bouncycastle.jce.provider.AnnotatedException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
NHINDException(org.nhindirect.stagent.NHINDException)
CRLException(java.security.cert.CRLException)
NoSuchProviderException(java.security.NoSuchProviderException)
Example 43 with NHINDException
use of org.nhindirect.stagent.NHINDException in project nhin-d by DirectProject.
the class CertificateStore_getUsableCertsTest method testGetUsableCerts_allCertsInvalid_assertNoCerts.
public void testGetUsableCerts_allCertsInvalid_assertNoCerts() throws Exception {
final X509CertificateEx userCert = TestUtils.getInternalCert("user1");
final X509CertificateEx domainCert = TestUtils.getInternalCert("gm2552");
CertificateStore store = new CertificateStoreAdapter() {
protected Collection<X509Certificate> filterUsable(Collection<X509Certificate> certs) {
return null;
}
public Collection<X509Certificate> getCertificates(String subjectName) {
if (subjectName.contains("user1@domain.com"))
return Arrays.asList((X509Certificate) userCert);
else
return Arrays.asList((X509Certificate) domainCert);
}
};
boolean exceptionOccured = false;
try {
store.getCertificates(new InternetAddress("user1@domain.com"));
} catch (NHINDException e) {
assertEquals(e.getError(), AgentError.AllCertsInResolverInvalid);
exceptionOccured = true;
}
assertTrue(exceptionOccured);
}
Also used :
InternetAddress(javax.mail.internet.InternetAddress)
Collection(java.util.Collection)
NHINDException(org.nhindirect.stagent.NHINDException)
X509Certificate(java.security.cert.X509Certificate)
Example 44 with NHINDException
use of org.nhindirect.stagent.NHINDException in project nhin-d by DirectProject.
the class CryptographerTest method testEncryptWithSingleCert_wrongDecryptCert_assertFailDecrypt.
public void testEncryptWithSingleCert_wrongDecryptCert_assertFailDecrypt() throws Exception {
X509Certificate cert = TestUtils.getExternalCert("user1");
SMIMECryptographerImpl cryptographer = new SMIMECryptographerImpl();
MimeEntity entity = new MimeEntity();
entity.setText("Hello world.");
entity.setHeader(MimeStandard.ContentTypeHeader, "text/plain");
entity.setHeader(MimeStandard.ContentTransferEncodingHeader, "7bit");
MimeEntity encEntity = cryptographer.encrypt(entity, cert);
assertNotNull(encEntity);
X509CertificateEx certex = TestUtils.getInternalCert("altnameonly");
boolean exceptionOccured = false;
try {
cryptographer.decrypt(encEntity, certex);
} catch (NHINDException e) {
if (e.getError().equals(MimeError.Unexpected))
;
exceptionOccured = true;
}
assertTrue(exceptionOccured);
}
Also used :
SMIMECryptographerImpl(org.nhindirect.stagent.cryptography.SMIMECryptographerImpl)
X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx)
MimeEntity(org.nhindirect.stagent.mail.MimeEntity)
NHINDException(org.nhindirect.stagent.NHINDException)
X509Certificate(java.security.cert.X509Certificate)
Example 45 with NHINDException
use of org.nhindirect.stagent.NHINDException in project nhin-d by DirectProject.
the class TrustChainValidator_crlCheckTest method certFromData.
private X509Certificate certFromData(byte[] data) {
X509Certificate retVal = null;
try {
ByteArrayInputStream bais = new ByteArrayInputStream(data);
// lets try this a as a PKCS12 data stream first
try {
KeyStore localKeyStore = KeyStore.getInstance("PKCS12", CryptoExtensions.getJCEProviderName());
localKeyStore.load(bais, "".toCharArray());
Enumeration<String> aliases = localKeyStore.aliases();
// we are really expecting only one alias
if (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
X509Certificate cert = (X509Certificate) localKeyStore.getCertificate(alias);
// check if there is private key
Key key = localKeyStore.getKey(alias, "".toCharArray());
if (key != null && key instanceof PrivateKey) {
retVal = X509CertificateEx.fromX509Certificate(cert, (PrivateKey) key);
} else
retVal = cert;
}
} catch (Exception e) {
// must not be a PKCS12 stream, go on to next step
}
if (retVal == null) {
//try X509 certificate factory next
bais.reset();
bais = new ByteArrayInputStream(data);
retVal = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(bais);
}
bais.close();
} catch (Exception e) {
throw new NHINDException("Data cannot be converted to a valid X.509 Certificate", e);
}
return retVal;
}
Also used :
PrivateKey(java.security.PrivateKey)
ByteArrayInputStream(java.io.ByteArrayInputStream)
KeyStore(java.security.KeyStore)
NHINDException(org.nhindirect.stagent.NHINDException)
X509Certificate(java.security.cert.X509Certificate)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
NHINDException(org.nhindirect.stagent.NHINDException)
Aggregations
NHINDException (org.nhindirect.stagent.NHINDException)45
X509Certificate (java.security.cert.X509Certificate)30
ArrayList (java.util.ArrayList)14
ByteArrayInputStream (java.io.ByteArrayInputStream)13
IOException (java.io.IOException)11
Key (java.security.Key)10
PrivateKey (java.security.PrivateKey)10
KeyStore (java.security.KeyStore)9
CacheException (org.apache.jcs.access.exception.CacheException)7
X509CertificateEx (org.nhindirect.stagent.cert.X509CertificateEx)7
MessagingException (javax.mail.MessagingException)6
Collection (java.util.Collection)4
UnknownHostException (java.net.UnknownHostException)3
PrivateKeyEntry (java.security.KeyStore.PrivateKeyEntry)3
Certificate (java.security.cert.Certificate)3
InternetHeaders (javax.mail.internet.InternetHeaders)3
ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)3
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)3
MutableKeyStoreProtectionManager (org.nhindirect.common.crypto.MutableKeyStoreProtectionManager)3
File (java.io.File)2
