Example 1 with CertStoreHelper
use of sun.security.provider.certpath.CertStoreHelper in project jdk8u_jdk by JetBrains.
the class Pair method doPrintCert.
private void doPrintCert(final PrintStream out) throws Exception {
if (jarfile != null) {
JarFile jf = new JarFile(jarfile, true);
Enumeration<JarEntry> entries = jf.entries();
Set<CodeSigner> ss = new HashSet<>();
byte[] buffer = new byte[8192];
int pos = 0;
while (entries.hasMoreElements()) {
JarEntry je = entries.nextElement();
try (InputStream is = jf.getInputStream(je)) {
while (is.read(buffer) != -1) {
// we just read. this will throw a SecurityException
// if a signature/digest check fails. This also
// populate the signers
}
}
CodeSigner[] signers = je.getCodeSigners();
if (signers != null) {
for (CodeSigner signer : signers) {
if (!ss.contains(signer)) {
ss.add(signer);
out.printf(rb.getString("Signer.d."), ++pos);
out.println();
out.println();
out.println(rb.getString("Signature."));
out.println();
for (Certificate cert : signer.getSignerCertPath().getCertificates()) {
X509Certificate x = (X509Certificate) cert;
if (rfc) {
out.println(rb.getString("Certificate.owner.") + x.getSubjectDN() + "\n");
dumpCert(x, out);
} else {
printX509Cert(x, out);
}
out.println();
}
Timestamp ts = signer.getTimestamp();
if (ts != null) {
out.println(rb.getString("Timestamp."));
out.println();
for (Certificate cert : ts.getSignerCertPath().getCertificates()) {
X509Certificate x = (X509Certificate) cert;
if (rfc) {
out.println(rb.getString("Certificate.owner.") + x.getSubjectDN() + "\n");
dumpCert(x, out);
} else {
printX509Cert(x, out);
}
out.println();
}
}
}
}
}
}
jf.close();
if (ss.isEmpty()) {
out.println(rb.getString("Not.a.signed.jar.file"));
}
} else if (sslserver != null) {
// Lazily load SSLCertStoreHelper if present
CertStoreHelper helper = CertStoreHelper.getInstance("SSLServer");
CertStore cs = helper.getCertStore(new URI("https://" + sslserver));
Collection<? extends Certificate> chain;
try {
chain = cs.getCertificates(null);
if (chain.isEmpty()) {
// even if the URL connection is successful.
throw new Exception(rb.getString("No.certificate.from.the.SSL.server"));
}
} catch (CertStoreException cse) {
if (cse.getCause() instanceof IOException) {
throw new Exception(rb.getString("No.certificate.from.the.SSL.server"), cse.getCause());
} else {
throw cse;
}
}
int i = 0;
for (Certificate cert : chain) {
try {
if (rfc) {
dumpCert(cert, out);
} else {
out.println("Certificate #" + i++);
out.println("====================================");
printX509Cert((X509Certificate) cert, out);
out.println();
}
} catch (Exception e) {
if (debug) {
e.printStackTrace();
}
}
}
} else {
if (filename != null) {
try (FileInputStream inStream = new FileInputStream(filename)) {
printCertFromStream(inStream, out);
}
} else {
printCertFromStream(System.in, out);
}
}
}
Also used :
CertStoreException(java.security.cert.CertStoreException)
JarFile(java.util.jar.JarFile)
JarEntry(java.util.jar.JarEntry)
Timestamp(java.security.Timestamp)
URI(java.net.URI)
X509Certificate(java.security.cert.X509Certificate)
KeyStoreException(java.security.KeyStoreException)
UnrecoverableEntryException(java.security.UnrecoverableEntryException)
CertStoreException(java.security.cert.CertStoreException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
CertificateException(java.security.cert.CertificateException)
CertStoreHelper(sun.security.provider.certpath.CertStoreHelper)
CertStore(java.security.cert.CertStore)
CodeSigner(java.security.CodeSigner)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
Example 2 with CertStoreHelper
use of sun.security.provider.certpath.CertStoreHelper in project jdk8u_jdk by JetBrains.
the class Pair method loadCRLs.
/**
* Loads CRLs from a source. This method is also called in JarSigner.
* @param src the source, which means System.in if null, or a URI,
* or a bare file path name
*/
public static Collection<? extends CRL> loadCRLs(String src) throws Exception {
InputStream in = null;
URI uri = null;
if (src == null) {
in = System.in;
} else {
try {
uri = new URI(src);
if (uri.getScheme().equals("ldap")) {
// No input stream for LDAP
} else {
in = uri.toURL().openStream();
}
} catch (Exception e) {
try {
in = new FileInputStream(src);
} catch (Exception e2) {
if (uri == null || uri.getScheme() == null) {
// More likely a bare file path
throw e2;
} else {
// More likely a protocol or network problem
throw e;
}
}
}
}
if (in != null) {
try {
// Read the full stream before feeding to X509Factory,
// otherwise, keytool -gencrl | keytool -printcrl
// might not work properly, since -gencrl is slow
// and there's no data in the pipe at the beginning.
ByteArrayOutputStream bout = new ByteArrayOutputStream();
byte[] b = new byte[4096];
while (true) {
int len = in.read(b);
if (len < 0)
break;
bout.write(b, 0, len);
}
return CertificateFactory.getInstance("X509").generateCRLs(new ByteArrayInputStream(bout.toByteArray()));
} finally {
if (in != System.in) {
in.close();
}
}
} else {
// must be LDAP, and uri is not null
// Lazily load LDAPCertStoreHelper if present
CertStoreHelper helper = CertStoreHelper.getInstance("LDAP");
String path = uri.getPath();
if (path.charAt(0) == '/')
path = path.substring(1);
CertStore s = helper.getCertStore(uri);
X509CRLSelector sel = helper.wrap(new X509CRLSelector(), null, path);
return s.getCRLs(sel);
}
}
Also used :
CertStoreHelper(sun.security.provider.certpath.CertStoreHelper)
URI(java.net.URI)
CertStore(java.security.cert.CertStore)
KeyStoreException(java.security.KeyStoreException)
UnrecoverableEntryException(java.security.UnrecoverableEntryException)
CertStoreException(java.security.cert.CertStoreException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
CertificateException(java.security.cert.CertificateException)
X509CRLSelector(java.security.cert.X509CRLSelector)
Aggregations
URI (java.net.URI)2
KeyStoreException (java.security.KeyStoreException)2
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2
UnrecoverableEntryException (java.security.UnrecoverableEntryException)2
UnrecoverableKeyException (java.security.UnrecoverableKeyException)2
CertStore (java.security.cert.CertStore)2
CertStoreException (java.security.cert.CertStoreException)2
CertificateException (java.security.cert.CertificateException)2
CertStoreHelper (sun.security.provider.certpath.CertStoreHelper)2
CodeSigner (java.security.CodeSigner)1
Timestamp (java.security.Timestamp)1
Certificate (java.security.cert.Certificate)1
X509CRLSelector (java.security.cert.X509CRLSelector)1
X509Certificate (java.security.cert.X509Certificate)1
JarEntry (java.util.jar.JarEntry)1
JarFile (java.util.jar.JarFile)1
