Java Code Examples for java.security.cert.CertificateException#getCause()

The following examples show how to use java.security.cert.CertificateException#getCause() . These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may want to check out the right sidebar which shows the related API usage.
Example 1
/**
 * When a failure happens during certificate checking from an
 * {@link X509TrustManager}, determine what TLS alert description
 * to use.
 *
 * @param cexc The exception thrown by the {@link X509TrustManager}
 *
 * @return A byte value corresponding to a TLS alert description number.
 */
private static Alert getCertificateAlert(
        ClientHandshakeContext chc, CertificateException cexc) {
    // The specific reason for the failure will determine how to
    // set the alert description value
    Alert alert = Alert.CERTIFICATE_UNKNOWN;

    Throwable baseCause = cexc.getCause();
    if (baseCause instanceof CertPathValidatorException) {
        CertPathValidatorException cpve =
                (CertPathValidatorException)baseCause;
        Reason reason = cpve.getReason();
        if (reason == BasicReason.REVOKED) {
            alert = chc.staplingActive ?
                    Alert.BAD_CERT_STATUS_RESPONSE :
                    Alert.CERTIFICATE_REVOKED;
        } else if (
                reason == BasicReason.UNDETERMINED_REVOCATION_STATUS) {
            alert = chc.staplingActive ?
                    Alert.BAD_CERT_STATUS_RESPONSE :
                    Alert.CERTIFICATE_UNKNOWN;
        }
    }

    return alert;
}
 
Example 2
Source Project: Bytecoder   File: CertificateMessage.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * When a failure happens during certificate checking from an
 * {@link X509TrustManager}, determine what TLS alert description
 * to use.
 *
 * @param cexc The exception thrown by the {@link X509TrustManager}
 *
 * @return A byte value corresponding to a TLS alert description number.
 */
private static Alert getCertificateAlert(
        ClientHandshakeContext chc, CertificateException cexc) {
    // The specific reason for the failure will determine how to
    // set the alert description value
    Alert alert = Alert.CERTIFICATE_UNKNOWN;

    Throwable baseCause = cexc.getCause();
    if (baseCause instanceof CertPathValidatorException) {
        CertPathValidatorException cpve =
                (CertPathValidatorException)baseCause;
        Reason reason = cpve.getReason();
        if (reason == BasicReason.REVOKED) {
            alert = chc.staplingActive ?
                    Alert.BAD_CERT_STATUS_RESPONSE :
                    Alert.CERTIFICATE_REVOKED;
        } else if (
                reason == BasicReason.UNDETERMINED_REVOCATION_STATUS) {
            alert = chc.staplingActive ?
                    Alert.BAD_CERT_STATUS_RESPONSE :
                    Alert.CERTIFICATE_UNKNOWN;
        }
    }

    return alert;
}
 
Example 3
/**
 * When a failure happens during certificate checking from an
 * {@link X509TrustManager}, determine what TLS alert description to use.
 *
 * @param cexc The exception thrown by the {@link X509TrustManager}
 *
 * @return A byte value corresponding to a TLS alert description number.
 */
private byte getCertificateAlert(CertificateException cexc) {
    // The specific reason for the failure will determine how to
    // set the alert description value
    byte alertDesc = Alerts.alert_certificate_unknown;

    Throwable baseCause = cexc.getCause();
    if (baseCause instanceof CertPathValidatorException) {
        CertPathValidatorException cpve =
                (CertPathValidatorException)baseCause;
        Reason reason = cpve.getReason();
        if (reason == BasicReason.REVOKED) {
            alertDesc = staplingActive ?
                    Alerts.alert_bad_certificate_status_response :
                    Alerts.alert_certificate_revoked;
        } else if (reason == BasicReason.UNDETERMINED_REVOCATION_STATUS) {
            alertDesc = staplingActive ?
                    Alerts.alert_bad_certificate_status_response :
                    Alerts.alert_certificate_unknown;
        }
    }

    return alertDesc;
}
 
Example 4
/**
 * When a failure happens during certificate checking from an
 * {@link X509TrustManager}, determine what TLS alert description
 * to use.
 *
 * @param cexc The exception thrown by the {@link X509TrustManager}
 *
 * @return A byte value corresponding to a TLS alert description number.
 */
private static Alert getCertificateAlert(
        ClientHandshakeContext chc, CertificateException cexc) {
    // The specific reason for the failure will determine how to
    // set the alert description value
    Alert alert = Alert.CERTIFICATE_UNKNOWN;

    Throwable baseCause = cexc.getCause();
    if (baseCause instanceof CertPathValidatorException) {
        CertPathValidatorException cpve =
                (CertPathValidatorException)baseCause;
        Reason reason = cpve.getReason();
        if (reason == BasicReason.REVOKED) {
            alert = chc.staplingActive ?
                    Alert.BAD_CERT_STATUS_RESPONSE :
                    Alert.CERTIFICATE_REVOKED;
        } else if (
                reason == BasicReason.UNDETERMINED_REVOCATION_STATUS) {
            alert = chc.staplingActive ?
                    Alert.BAD_CERT_STATUS_RESPONSE :
                    Alert.CERTIFICATE_UNKNOWN;
        } else if (reason == BasicReason.ALGORITHM_CONSTRAINED) {
            alert = Alert.UNSUPPORTED_CERTIFICATE;
        } else if (reason == BasicReason.EXPIRED) {
            alert = Alert.CERTIFICATE_EXPIRED;
        } else if (reason == BasicReason.INVALID_SIGNATURE ||
                reason == BasicReason.NOT_YET_VALID) {
            alert = Alert.BAD_CERTIFICATE;
        }
    }

    return alert;
}
 
Example 5
public void setX509Certificate(InputStream crtInputStream) {
    try {
        this.key = (X509Certificate)
                CertificateFactory.getInstance("X.509").generateCertificate(crtInputStream);
    } catch (CertificateException e) {
        throw new KeyException("Error al obtener el certificado x.509. La codificación puede ser incorrecta.", e.getCause());
    }
}
 
Example 6
Source Project: Bytecoder   File: CertificateMessage.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * When a failure happens during certificate checking from an
 * {@link X509TrustManager}, determine what TLS alert description
 * to use.
 *
 * @param cexc The exception thrown by the {@link X509TrustManager}
 *
 * @return A byte value corresponding to a TLS alert description number.
 */
private static Alert getCertificateAlert(
        ClientHandshakeContext chc, CertificateException cexc) {
    // The specific reason for the failure will determine how to
    // set the alert description value
    Alert alert = Alert.CERTIFICATE_UNKNOWN;

    Throwable baseCause = cexc.getCause();
    if (baseCause instanceof CertPathValidatorException) {
        CertPathValidatorException cpve =
                (CertPathValidatorException)baseCause;
        Reason reason = cpve.getReason();
        if (reason == BasicReason.REVOKED) {
            alert = chc.staplingActive ?
                    Alert.BAD_CERT_STATUS_RESPONSE :
                    Alert.CERTIFICATE_REVOKED;
        } else if (
                reason == BasicReason.UNDETERMINED_REVOCATION_STATUS) {
            alert = chc.staplingActive ?
                    Alert.BAD_CERT_STATUS_RESPONSE :
                    Alert.CERTIFICATE_UNKNOWN;
        } else if (reason == BasicReason.ALGORITHM_CONSTRAINED) {
            alert = Alert.UNSUPPORTED_CERTIFICATE;
        } else if (reason == BasicReason.EXPIRED) {
            alert = Alert.CERTIFICATE_EXPIRED;
        } else if (reason == BasicReason.INVALID_SIGNATURE ||
                reason == BasicReason.NOT_YET_VALID) {
            alert = Alert.BAD_CERTIFICATE;
        }
    }

    return alert;
}