Example 11 with TlsServerCertificate
use of org.openecard.bouncycastle.tls.TlsServerCertificate in project open-ecard by ecsec.
the class TCTokenVerifier method determineRefreshAddress.
/**
* Determines the refresh URL.
*
* @param ex The exception which caused the abort of the TCToken verification.
* @throws InvalidRedirectUrlException If the CommunicationErrorAddress cant be determined.
* @throws InvalidTCTokenElement If a determination of a refresh or CommunicationError address was successful.
* @throws UserCancellationException Thrown in case {@code ex} is an instance of {@link UserCancellationException}.
*/
private void determineRefreshAddress(ActivationError ex) throws InvalidRedirectUrlException, InvalidTCTokenElement, UserCancellationException {
if (token.getRefreshAddress() != null) {
try {
CertificateValidator validator = new RedirectCertificateValidator(true);
ResourceContext newResCtx = ResourceContext.getStream(new URL(token.getRefreshAddress()), validator);
newResCtx.closeStream();
List<Pair<URL, TlsServerCertificate>> resultPoints = newResCtx.getCerts();
Pair<URL, TlsServerCertificate> last = resultPoints.get(resultPoints.size() - 1);
URL resAddr = last.p1;
String refreshUrl = resAddr.toString();
if (ex instanceof UserCancellationException) {
UserCancellationException uex = (UserCancellationException) ex;
URI refreshUrlAsUrl = createUrlWithErrorParams(refreshUrl, ResultMinor.CANCELLATION_BY_USER, ex.getMessage());
throw new UserCancellationException(refreshUrlAsUrl.toString(), ex);
}
URI refreshUrlAsUrl = createUrlWithErrorParams(refreshUrl, ResultMinor.TRUSTED_CHANNEL_ESTABLISCHMENT_FAILED, ex.getMessage());
throw new InvalidTCTokenElement(refreshUrlAsUrl.toString(), ex);
} catch (IOException | ResourceException | InvalidAddressException | ValidationError | URISyntaxException ex1) {
String errorUrl = token.getComErrorAddressWithParams(ResultMinor.COMMUNICATION_ERROR);
throw new InvalidTCTokenElement(errorUrl, INVALID_REFRESH_ADDRESS, ex1);
}
} else {
String errorUrl = token.getComErrorAddressWithParams(ResultMinor.COMMUNICATION_ERROR);
throw new InvalidTCTokenElement(errorUrl, NO_REFRESH_ADDRESS);
}
}
Also used :
IOException(java.io.IOException)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
URL(java.net.URL)
TlsServerCertificate(org.openecard.bouncycastle.tls.TlsServerCertificate)
UserCancellationException(org.openecard.binding.tctoken.ex.UserCancellationException)
InvalidTCTokenElement(org.openecard.binding.tctoken.ex.InvalidTCTokenElement)
InvalidAddressException(org.openecard.binding.tctoken.ex.InvalidAddressException)
Pair(org.openecard.common.util.Pair)
Aggregations
TlsServerCertificate (org.openecard.bouncycastle.tls.TlsServerCertificate)11
IOException (java.io.IOException)5
URL (java.net.URL)5
Pair (org.openecard.common.util.Pair)5
TlsCertificate (org.openecard.bouncycastle.tls.crypto.TlsCertificate)4
CertificateVerificationException (org.openecard.crypto.tls.CertificateVerificationException)4
Certificate (org.openecard.bouncycastle.asn1.x509.Certificate)3
ArrayList (java.util.ArrayList)2
InvalidAddressException (org.openecard.binding.tctoken.ex.InvalidAddressException)2
SecurityViolationException (org.openecard.binding.tctoken.ex.SecurityViolationException)2
DynamicContext (org.openecard.common.DynamicContext)2
CertificateVerifier (org.openecard.crypto.tls.CertificateVerifier)2
MalformedURLException (java.net.MalformedURLException)1
URI (java.net.URI)1
URISyntaxException (java.net.URISyntaxException)1
Certificate (java.security.cert.Certificate)1
CertificateFactory (java.security.cert.CertificateFactory)1
Date (java.util.Date)1
AuthServerException (org.openecard.binding.tctoken.ex.AuthServerException)1
InvalidRedirectUrlException (org.openecard.binding.tctoken.ex.InvalidRedirectUrlException)1
