Java Code Examples for java.security.cert.CertificateException.getMessage()

The following are Jave code examples for showing how to use getMessage() of the java.security.cert.CertificateException class. You can vote up the examples you like. Your votes will be used in our system to get more good examples.
+ Save this method
Example 1
Project: q-mail   File: KeyChainKeyManager.java   View Source Code Vote up 6 votes
private X509Certificate[] fetchCertificateChain(Context context, String alias)
        throws KeyChainException, InterruptedException, MessagingException {

    X509Certificate[] chain = KeyChain.getCertificateChain(context, alias);
    if (chain == null || chain.length == 0) {
        throw new MessagingException("No certificate chain found for: " + alias);
    }
    try {
        for (X509Certificate certificate : chain) {
            certificate.checkValidity();
        }
    } catch (CertificateException e) {
        throw new CertificateValidationException(e.getMessage(), Reason.Expired, alias);
    }

    return chain;
}
 
Example 2
Project: GitHub   File: Cache.java   View Source Code Vote up 6 votes
private List<Certificate> readCertificateList(BufferedSource source) throws IOException {
  int length = readInt(source);
  if (length == -1) return Collections.emptyList(); // OkHttp v1.2 used -1 to indicate null.

  try {
    CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
    List<Certificate> result = new ArrayList<>(length);
    for (int i = 0; i < length; i++) {
      String line = source.readUtf8LineStrict();
      Buffer bytes = new Buffer();
      bytes.write(ByteString.decodeBase64(line));
      result.add(certificateFactory.generateCertificate(bytes.inputStream()));
    }
    return result;
  } catch (CertificateException e) {
    throw new IOException(e.getMessage());
  }
}
 
Example 3
Project: GitHub   File: Cache.java   View Source Code Vote up 6 votes
private List<Certificate> readCertificateList(BufferedSource source) throws IOException {
  int length = readInt(source);
  if (length == -1) return Collections.emptyList(); // OkHttp v1.2 used -1 to indicate null.

  try {
    CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
    List<Certificate> result = new ArrayList<>(length);
    for (int i = 0; i < length; i++) {
      String line = source.readUtf8LineStrict();
      Buffer bytes = new Buffer();
      bytes.write(ByteString.decodeBase64(line));
      result.add(certificateFactory.generateCertificate(bytes.inputStream()));
    }
    return result;
  } catch (CertificateException e) {
    throw new IOException(e.getMessage());
  }
}
 
Example 4
Project: boohee_v5.6   File: Cache.java   View Source Code Vote up 6 votes
private List<Certificate> readCertificateList(BufferedSource source) throws IOException {
    int length = Cache.readInt(source);
    if (length == -1) {
        return Collections.emptyList();
    }
    try {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        List<Certificate> result = new ArrayList(length);
        for (int i = 0; i < length; i++) {
            String line = source.readUtf8LineStrict();
            Buffer bytes = new Buffer();
            bytes.write(ByteString.decodeBase64(line));
            result.add(certificateFactory.generateCertificate(bytes.inputStream()));
        }
        return result;
    } catch (CertificateException e) {
        throw new IOException(e.getMessage());
    }
}
 
Example 5
Project: LoRaWAN-Smart-Parking   File: HttpResponseCache.java   View Source Code Vote up 6 votes
private Certificate[] readCertArray(StrictLineReader reader) throws IOException {
  int length = reader.readInt();
  if (length == -1) {
    return null;
  }
  try {
    CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
    Certificate[] result = new Certificate[length];
    for (int i = 0; i < result.length; i++) {
      String line = reader.readLine();
      byte[] bytes = Base64.decode(line.getBytes("US-ASCII"));
      result[i] = certificateFactory.generateCertificate(new ByteArrayInputStream(bytes));
    }
    return result;
  } catch (CertificateException e) {
    throw new IOException(e.getMessage());
  }
}
 
Example 6
Project: LoRaWAN-Smart-Parking   File: HttpResponseCache.java   View Source Code Vote up 6 votes
private Certificate[] readCertArray(StrictLineReader reader) throws IOException {
  int length = reader.readInt();
  if (length == -1) {
    return null;
  }
  try {
    CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
    Certificate[] result = new Certificate[length];
    for (int i = 0; i < result.length; i++) {
      String line = reader.readLine();
      byte[] bytes = Base64.decode(line.getBytes("US-ASCII"));
      result[i] = certificateFactory.generateCertificate(new ByteArrayInputStream(bytes));
    }
    return result;
  } catch (CertificateException e) {
    throw new IOException(e.getMessage());
  }
}
 
Example 7
Project: keepass2android   File: DecoratedTrustManager.java   View Source Code Vote up 5 votes
private String getMessage(CertificateException e) {
        String msg = e.getLocalizedMessage();
if (msg == null)
msg = e.getMessage();
if (msg == null)
msg = e.toString();
return msg;
}
 
Example 8
Project: xitk   File: ProxyP11Slot.java   View Source Code Vote up 5 votes
private X509Cert getCertificate(P11ObjectIdentifier certId) throws P11TokenException {
    P11EntityIdentifier entityId = new P11EntityIdentifier(slotId, certId);
    byte[] resp = module.send(P11ProxyConstants.ACTION_GET_CERT,
            new Asn1P11EntityIdentifier(entityId));
    if (resp == null) {
        return null;
    }

    try {
        return new X509Cert(X509Util.parseCert(resp), resp);
    } catch (CertificateException ex) {
        throw new P11TokenException("could not parse certificate:" + ex.getMessage(), ex);
    }
}
 
Example 9
Project: xitk   File: IaikP11Slot.java   View Source Code Vote up 5 votes
private static X509Cert parseCert(X509PublicKeyCertificate p11Cert) throws P11TokenException {
    try {
        byte[] encoded = p11Cert.getValue().getByteArrayValue();
        return new X509Cert(X509Util.parseCert(encoded), encoded);
    } catch (CertificateException ex) {
        throw new P11TokenException("could not parse certificate: " + ex.getMessage(), ex);
    }
}
 
Example 10
Project: smart-id-java-client   File: CertificateParser.java   View Source Code Vote up 5 votes
public static X509Certificate parseX509Certificate(String certificateValue) {
  logger.debug("Parsing X509 certificate");
  String certificateString = BEGIN_CERT + "\n" + certificateValue + "\n" + END_CERT;
  try {
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    return (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(certificateString.getBytes()));
  } catch (CertificateException e) {
    logger.error("Failed to parse X509 certificate from " + certificateString + ". Error " + e.getMessage());
    throw new TechnicalErrorException("Failed to parse X509 certificate from " + certificateString + ". Error " + e.getMessage(), e);
  }
}
 
Example 11
Project: OpenJSharp   File: NameConstraintsExtension.java   View Source Code Vote up 4 votes
/**
 * check whether a certificate conforms to these NameConstraints.
 * This involves verifying that the subject name and subjectAltName
 * extension (critical or noncritical) is consistent with the permitted
 * subtrees state variables.  Also verify that the subject name and
 * subjectAltName extension (critical or noncritical) is consistent with
 * the excluded subtrees state variables.
 *
 * @param cert X509Certificate to be verified
 * @returns true if certificate verifies successfully
 * @throws IOException on error
 */
public boolean verify(X509Certificate cert) throws IOException {

    if (cert == null) {
        throw new IOException("Certificate is null");
    }

    // Calculate hasMin and hasMax booleans (if necessary)
    if (!minMaxValid) {
        calcMinMax();
    }

    if (hasMin) {
        throw new IOException("Non-zero minimum BaseDistance in"
                            + " name constraints not supported");
    }

    if (hasMax) {
        throw new IOException("Maximum BaseDistance in"
                            + " name constraints not supported");
    }

    X500Principal subjectPrincipal = cert.getSubjectX500Principal();
    X500Name subject = X500Name.asX500Name(subjectPrincipal);

    if (subject.isEmpty() == false) {
        if (verify(subject) == false) {
            return false;
        }
    }

    GeneralNames altNames = null;
    // extract altNames
    try {
        // extract extensions, if any, from certInfo
        // following returns null if certificate contains no extensions
        X509CertImpl certImpl = X509CertImpl.toImpl(cert);
        SubjectAlternativeNameExtension altNameExt =
            certImpl.getSubjectAlternativeNameExtension();
        if (altNameExt != null) {
            // extract altNames from extension; this call does not
            // return an IOException on null altnames
            altNames = altNameExt.get(
                    SubjectAlternativeNameExtension.SUBJECT_NAME);
        }
    } catch (CertificateException ce) {
        throw new IOException("Unable to extract extensions from " +
                    "certificate: " + ce.getMessage());
    }

    // If there are no subjectAlternativeNames, perform the special-case
    // check where if the subjectName contains any EMAILADDRESS
    // attributes, they must be checked against RFC822 constraints.
    // If that passes, we're fine.
    if (altNames == null) {
        return verifyRFC822SpecialCase(subject);
    }

    // verify each subjectAltName
    for (int i = 0; i < altNames.size(); i++) {
        GeneralNameInterface altGNI = altNames.get(i).getName();
        if (!verify(altGNI)) {
            return false;
        }
    }

    // All tests passed.
    return true;
}
 
Example 12
Project: jdk8u-jdk   File: NameConstraintsExtension.java   View Source Code Vote up 4 votes
/**
 * check whether a certificate conforms to these NameConstraints.
 * This involves verifying that the subject name and subjectAltName
 * extension (critical or noncritical) is consistent with the permitted
 * subtrees state variables.  Also verify that the subject name and
 * subjectAltName extension (critical or noncritical) is consistent with
 * the excluded subtrees state variables.
 *
 * @param cert X509Certificate to be verified
 * @returns true if certificate verifies successfully
 * @throws IOException on error
 */
public boolean verify(X509Certificate cert) throws IOException {

    if (cert == null) {
        throw new IOException("Certificate is null");
    }

    // Calculate hasMin and hasMax booleans (if necessary)
    if (!minMaxValid) {
        calcMinMax();
    }

    if (hasMin) {
        throw new IOException("Non-zero minimum BaseDistance in"
                            + " name constraints not supported");
    }

    if (hasMax) {
        throw new IOException("Maximum BaseDistance in"
                            + " name constraints not supported");
    }

    X500Principal subjectPrincipal = cert.getSubjectX500Principal();
    X500Name subject = X500Name.asX500Name(subjectPrincipal);

    if (subject.isEmpty() == false) {
        if (verify(subject) == false) {
            return false;
        }
    }

    GeneralNames altNames = null;
    // extract altNames
    try {
        // extract extensions, if any, from certInfo
        // following returns null if certificate contains no extensions
        X509CertImpl certImpl = X509CertImpl.toImpl(cert);
        SubjectAlternativeNameExtension altNameExt =
            certImpl.getSubjectAlternativeNameExtension();
        if (altNameExt != null) {
            // extract altNames from extension; this call does not
            // return an IOException on null altnames
            altNames = altNameExt.get(
                    SubjectAlternativeNameExtension.SUBJECT_NAME);
        }
    } catch (CertificateException ce) {
        throw new IOException("Unable to extract extensions from " +
                    "certificate: " + ce.getMessage());
    }

    // If there are no subjectAlternativeNames, perform the special-case
    // check where if the subjectName contains any EMAILADDRESS
    // attributes, they must be checked against RFC822 constraints.
    // If that passes, we're fine.
    if (altNames == null) {
        return verifyRFC822SpecialCase(subject);
    }

    // verify each subjectAltName
    for (int i = 0; i < altNames.size(); i++) {
        GeneralNameInterface altGNI = altNames.get(i).getName();
        if (!verify(altGNI)) {
            return false;
        }
    }

    // All tests passed.
    return true;
}
 
Example 13
Project: openjdk-jdk10   File: NameConstraintsExtension.java   View Source Code Vote up 4 votes
/**
 * check whether a certificate conforms to these NameConstraints.
 * This involves verifying that the subject name and subjectAltName
 * extension (critical or noncritical) is consistent with the permitted
 * subtrees state variables.  Also verify that the subject name and
 * subjectAltName extension (critical or noncritical) is consistent with
 * the excluded subtrees state variables.
 *
 * @param cert X509Certificate to be verified
 * @return true if certificate verifies successfully
 * @throws IOException on error
 */
public boolean verify(X509Certificate cert) throws IOException {

    if (cert == null) {
        throw new IOException("Certificate is null");
    }

    // Calculate hasMin and hasMax booleans (if necessary)
    if (!minMaxValid) {
        calcMinMax();
    }

    if (hasMin) {
        throw new IOException("Non-zero minimum BaseDistance in"
                            + " name constraints not supported");
    }

    if (hasMax) {
        throw new IOException("Maximum BaseDistance in"
                            + " name constraints not supported");
    }

    X500Principal subjectPrincipal = cert.getSubjectX500Principal();
    X500Name subject = X500Name.asX500Name(subjectPrincipal);

    if (subject.isEmpty() == false) {
        if (verify(subject) == false) {
            return false;
        }
    }

    GeneralNames altNames = null;
    // extract altNames
    try {
        // extract extensions, if any, from certInfo
        // following returns null if certificate contains no extensions
        X509CertImpl certImpl = X509CertImpl.toImpl(cert);
        SubjectAlternativeNameExtension altNameExt =
            certImpl.getSubjectAlternativeNameExtension();
        if (altNameExt != null) {
            // extract altNames from extension; this call does not
            // return an IOException on null altnames
            altNames = altNameExt.get(
                    SubjectAlternativeNameExtension.SUBJECT_NAME);
        }
    } catch (CertificateException ce) {
        throw new IOException("Unable to extract extensions from " +
                    "certificate: " + ce.getMessage());
    }

    // If there are no subjectAlternativeNames, perform the special-case
    // check where if the subjectName contains any EMAILADDRESS
    // attributes, they must be checked against RFC822 constraints.
    // If that passes, we're fine.
    if (altNames == null) {
        return verifyRFC822SpecialCase(subject);
    }

    // verify each subjectAltName
    for (int i = 0; i < altNames.size(); i++) {
        GeneralNameInterface altGNI = altNames.get(i).getName();
        if (!verify(altGNI)) {
            return false;
        }
    }

    // All tests passed.
    return true;
}