java.security.cert.CertStoreException Java Examples
The following examples show how to use
java.security.cert.CertStoreException.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: CertStoreHelper.java From openjdk-jdk8u with GNU General Public License v2.0 | 6 votes |
static boolean isCausedByNetworkIssue(String type, CertStoreException cse) { switch (type) { case "LDAP": case "SSLServer": try { CertStoreHelper csh = CertStoreHelper.getInstance(type); return csh.isCausedByNetworkIssue(cse); } catch (NoSuchAlgorithmException nsae) { return false; } case "URI": Throwable t = cse.getCause(); return (t != null && t instanceof IOException); default: // we don't know about any other remote CertStore types return false; } }
Example #2
Source File: MultiCertStoreSpi.java From RipplePower with Apache License 2.0 | 6 votes |
public Collection engineGetCertificates(CertSelector certSelector) throws CertStoreException { boolean searchAllStores = params.getSearchAllStores(); Iterator iter = params.getCertStores().iterator(); List allCerts = searchAllStores ? new ArrayList() : Collections.EMPTY_LIST; while (iter.hasNext()) { CertStore store = (CertStore)iter.next(); Collection certs = store.getCertificates(certSelector); if (searchAllStores) { allCerts.addAll(certs); } else if (!certs.isEmpty()) { return certs; } } return allCerts; }
Example #3
Source File: PKIXCRLStoreSelector.java From RipplePower with Apache License 2.0 | 6 votes |
public static Collection<? extends CRL> getCRLs(final PKIXCRLStoreSelector selector, CertStore certStore) throws CertStoreException { return certStore.getCRLs(new CRLSelector() { public boolean match(CRL crl) { return selector.match(crl); } public Object clone() { return this; } }); }
Example #4
Source File: CertStoreHelper.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
static boolean isCausedByNetworkIssue(String type, CertStoreException cse) { switch (type) { case "LDAP": case "SSLServer": try { CertStoreHelper csh = CertStoreHelper.getInstance(type); return csh.isCausedByNetworkIssue(cse); } catch (NoSuchAlgorithmException nsae) { return false; } case "URI": Throwable t = cse.getCause(); return (t != null && t instanceof IOException); default: // we don't know about any other remote CertStore types return false; } }
Example #5
Source File: ReverseBuilder.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 6 votes |
/** * Retrieves all certs from the specified CertStores that satisfy the * requirements specified in the parameters and the current * PKIX state (name constraints, policy constraints, etc). * * @param currentState the current state. * Must be an instance of <code>ReverseState</code> * @param certStores list of CertStores */ @Override Collection<X509Certificate> getMatchingCerts (State currState, List<CertStore> certStores) throws CertStoreException, CertificateException, IOException { ReverseState currentState = (ReverseState) currState; if (debug != null) debug.println("In ReverseBuilder.getMatchingCerts."); /* * The last certificate could be an EE or a CA certificate * (we may be building a partial certification path or * establishing trust in a CA). * * Try the EE certs before the CA certs. It will be more * common to build a path to an end entity. */ Collection<X509Certificate> certs = getMatchingEECerts(currentState, certStores); certs.addAll(getMatchingCACerts(currentState, certStores)); return certs; }
Example #6
Source File: CertStoreHelper.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
static boolean isCausedByNetworkIssue(String type, CertStoreException cse) { switch (type) { case "LDAP": case "SSLServer": try { CertStoreHelper csh = CertStoreHelper.getInstance(type); return csh.isCausedByNetworkIssue(cse); } catch (NoSuchAlgorithmException nsae) { return false; } case "URI": Throwable t = cse.getCause(); return (t != null && t instanceof IOException); default: // we don't know about any other remote CertStore types return false; } }
Example #7
Source File: CertStoreHelper.java From openjdk-8 with GNU General Public License v2.0 | 6 votes |
static boolean isCausedByNetworkIssue(String type, CertStoreException cse) { switch (type) { case "LDAP": case "SSLServer": try { CertStoreHelper csh = CertStoreHelper.getInstance(type); return csh.isCausedByNetworkIssue(cse); } catch (NoSuchAlgorithmException nsae) { return false; } case "URI": Throwable t = cse.getCause(); return (t != null && t instanceof IOException); default: // we don't know about any other remote CertStore types return false; } }
Example #8
Source File: ReverseBuilder.java From jdk8u60 with GNU General Public License v2.0 | 6 votes |
/** * Retrieves all certs from the specified CertStores that satisfy the * requirements specified in the parameters and the current * PKIX state (name constraints, policy constraints, etc). * * @param currentState the current state. * Must be an instance of <code>ReverseState</code> * @param certStores list of CertStores */ @Override Collection<X509Certificate> getMatchingCerts (State currState, List<CertStore> certStores) throws CertStoreException, CertificateException, IOException { ReverseState currentState = (ReverseState) currState; if (debug != null) debug.println("In ReverseBuilder.getMatchingCerts."); /* * The last certificate could be an EE or a CA certificate * (we may be building a partial certification path or * establishing trust in a CA). * * Try the EE certs before the CA certs. It will be more * common to build a path to an end entity. */ Collection<X509Certificate> certs = getMatchingEECerts(currentState, certStores); certs.addAll(getMatchingCACerts(currentState, certStores)); return certs; }
Example #9
Source File: CertPathPKIXTrustEvaluator.java From lams with GNU General Public License v2.0 | 6 votes |
/** * Determine whether there are any CRL's in the {@link CertStore} that is to be used. * * @param certStore the cert store that will be used for validation * @return true if the store contains at least 1 CRL instance, false otherwise */ protected boolean storeContainsCRLs(CertStore certStore) { Collection<? extends CRL> crls = null; try { //Save some cycles and memory: Collection cert store allows null as specifier to return all. //crls = certStore.getCRLs( new X509CRLSelector() ); crls = certStore.getCRLs(null); } catch (CertStoreException e) { log.error("Error examining cert store for CRL's, treating as if no CRL's present", e); return false; } if (crls != null && !crls.isEmpty()) { return true; } return false; }
Example #10
Source File: CertStoreHelper.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
static boolean isCausedByNetworkIssue(String type, CertStoreException cse) { switch (type) { case "LDAP": case "SSLServer": try { CertStoreHelper csh = CertStoreHelper.getInstance(type); return csh.isCausedByNetworkIssue(cse); } catch (NoSuchAlgorithmException nsae) { return false; } case "URI": Throwable t = cse.getCause(); return (t != null && t instanceof IOException); default: // we don't know about any other remote CertStore types return false; } }
Example #11
Source File: SdsSslContextProvider.java From grpc-java with Apache License 2.0 | 6 votes |
private void updateSslContext() { try { CertificateValidationContext localCertValidationContext = mergeStaticAndDynamicCertContexts(); SslContextBuilder sslContextBuilder = getSslContextBuilder(localCertValidationContext); CommonTlsContext commonTlsContext = getCommonTlsContext(); if (commonTlsContext != null && commonTlsContext.getAlpnProtocolsCount() > 0) { List<String> alpnList = commonTlsContext.getAlpnProtocolsList(); ApplicationProtocolConfig apn = new ApplicationProtocolConfig( ApplicationProtocolConfig.Protocol.ALPN, ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE, ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT, alpnList); sslContextBuilder.applicationProtocolConfig(apn); } SslContext sslContextCopy = sslContextBuilder.build(); sslContext = sslContextCopy; makePendingCallbacks(sslContextCopy); } catch (CertificateException | IOException | CertStoreException e) { logger.log(Level.SEVERE, "exception in updateSslContext", e); } }
Example #12
Source File: PKIXCRLStoreSelector.java From ripple-lib-java with ISC License | 6 votes |
public static Collection<? extends CRL> getCRLs(final PKIXCRLStoreSelector selector, CertStore certStore) throws CertStoreException { return certStore.getCRLs(new CRLSelector() { public boolean match(CRL crl) { return selector.match(crl); } public Object clone() { return this; } }); }
Example #13
Source File: CertStoreHelper.java From j2objc with Apache License 2.0 | 6 votes |
static boolean isCausedByNetworkIssue(String type, CertStoreException cse) { switch (type) { // case "LDAP": case "SSLServer": try { CertStoreHelper csh = CertStoreHelper.getInstance(type); return csh.isCausedByNetworkIssue(cse); } catch (NoSuchAlgorithmException nsae) { return false; } case "URI": Throwable t = cse.getCause(); return (t != null && t instanceof IOException); default: // we don't know about any other remote CertStore types return false; } }
Example #14
Source File: CertStoreHelper.java From jdk8u_jdk with GNU General Public License v2.0 | 6 votes |
static boolean isCausedByNetworkIssue(String type, CertStoreException cse) { switch (type) { case "LDAP": case "SSLServer": try { CertStoreHelper csh = CertStoreHelper.getInstance(type); return csh.isCausedByNetworkIssue(cse); } catch (NoSuchAlgorithmException nsae) { return false; } case "URI": Throwable t = cse.getCause(); return (t != null && t instanceof IOException); default: // we don't know about any other remote CertStore types return false; } }
Example #15
Source File: MultiCertStoreSpi.java From RipplePower with Apache License 2.0 | 6 votes |
public Collection engineGetCRLs(CRLSelector crlSelector) throws CertStoreException { boolean searchAllStores = params.getSearchAllStores(); Iterator iter = params.getCertStores().iterator(); List allCRLs = searchAllStores ? new ArrayList() : Collections.EMPTY_LIST; while (iter.hasNext()) { CertStore store = (CertStore)iter.next(); Collection crls = store.getCRLs(crlSelector); if (searchAllStores) { allCRLs.addAll(crls); } else if (!crls.isEmpty()) { return crls; } } return allCRLs; }
Example #16
Source File: CertStoreHelper.java From hottub with GNU General Public License v2.0 | 6 votes |
static boolean isCausedByNetworkIssue(String type, CertStoreException cse) { switch (type) { case "LDAP": case "SSLServer": try { CertStoreHelper csh = CertStoreHelper.getInstance(type); return csh.isCausedByNetworkIssue(cse); } catch (NoSuchAlgorithmException nsae) { return false; } case "URI": Throwable t = cse.getCause(); return (t != null && t instanceof IOException); default: // we don't know about any other remote CertStore types return false; } }
Example #17
Source File: MultiCertStoreSpi.java From ripple-lib-java with ISC License | 6 votes |
public Collection engineGetCRLs(CRLSelector crlSelector) throws CertStoreException { boolean searchAllStores = params.getSearchAllStores(); Iterator iter = params.getCertStores().iterator(); List allCRLs = searchAllStores ? new ArrayList() : Collections.EMPTY_LIST; while (iter.hasNext()) { CertStore store = (CertStore)iter.next(); Collection crls = store.getCRLs(crlSelector); if (searchAllStores) { allCRLs.addAll(crls); } else if (!crls.isEmpty()) { return crls; } } return allCRLs; }
Example #18
Source File: ReverseBuilder.java From openjdk-8-source with GNU General Public License v2.0 | 6 votes |
/** * Retrieves all certs from the specified CertStores that satisfy the * requirements specified in the parameters and the current * PKIX state (name constraints, policy constraints, etc). * * @param currentState the current state. * Must be an instance of <code>ReverseState</code> * @param certStores list of CertStores */ @Override Collection<X509Certificate> getMatchingCerts (State currState, List<CertStore> certStores) throws CertStoreException, CertificateException, IOException { ReverseState currentState = (ReverseState) currState; if (debug != null) debug.println("In ReverseBuilder.getMatchingCerts."); /* * The last certificate could be an EE or a CA certificate * (we may be building a partial certification path or * establishing trust in a CA). * * Try the EE certs before the CA certs. It will be more * common to build a path to an end entity. */ Collection<X509Certificate> certs = getMatchingEECerts(currentState, certStores); certs.addAll(getMatchingCACerts(currentState, certStores)); return certs; }
Example #19
Source File: SecretVolumeServerSslContextProvider.java From grpc-java with Apache License 2.0 | 5 votes |
@VisibleForTesting SslContext buildSslContextFromSecrets() throws IOException, CertificateException, CertStoreException { SslContextBuilder sslContextBuilder = GrpcSslContexts.forServer( new File(certificateChain), new File(privateKey), privateKeyPassword); setClientAuthValues(sslContextBuilder, certContext); return sslContextBuilder.build(); }
Example #20
Source File: SdsServerSslContextProvider.java From grpc-java with Apache License 2.0 | 5 votes |
@Override SslContextBuilder getSslContextBuilder( CertificateValidationContext localCertValidationContext) throws CertificateException, IOException, CertStoreException { SslContextBuilder sslContextBuilder = GrpcSslContexts.forServer( tlsCertificate.getCertificateChain().getInlineBytes().newInput(), tlsCertificate.getPrivateKey().getInlineBytes().newInput(), tlsCertificate.hasPassword() ? tlsCertificate.getPassword().getInlineString() : null); setClientAuthValues(sslContextBuilder, localCertValidationContext); return sslContextBuilder; }
Example #21
Source File: CertStoreExceptionTest.java From j2objc with Apache License 2.0 | 5 votes |
/** * Test for <code>CertStoreException(String)</code> constructor Assertion: * constructs CertStoreException when <code>msg</code> is null */ public void testCertStoreException03() { String msg = null; CertStoreException tE = new CertStoreException(msg); assertNull("getMessage() must return null.", tE.getMessage()); assertNull("getCause() must return null", tE.getCause()); }
Example #22
Source File: MyCertStoreSpi.java From j2objc with Apache License 2.0 | 5 votes |
public Collection<Certificate> engineGetCertificates(CertSelector selector) throws CertStoreException { if (selector == null) { throw new CertStoreException("Parameter is null"); } return null; }
Example #23
Source File: ForwardBuilder.java From Bytecoder with Apache License 2.0 | 5 votes |
/** * Download Certificates from the given AIA and add them to the * specified Collection. */ // cs.getCertificates(caSelector) returns a collection of X509Certificate's // because of the selector, so the cast is safe @SuppressWarnings("unchecked") private boolean getCerts(AuthorityInfoAccessExtension aiaExt, Collection<X509Certificate> certs) { if (Builder.USE_AIA == false) { return false; } List<AccessDescription> adList = aiaExt.getAccessDescriptions(); if (adList == null || adList.isEmpty()) { return false; } boolean add = false; for (AccessDescription ad : adList) { CertStore cs = URICertStore.getInstance(ad); if (cs != null) { try { if (certs.addAll((Collection<X509Certificate>) cs.getCertificates(caSelector))) { add = true; if (!searchAllCertStores) { return true; } } } catch (CertStoreException cse) { if (debug != null) { debug.println("exception getting certs from CertStore:"); cse.printStackTrace(); } } } } return add; }
Example #24
Source File: ForwardBuilder.java From Bytecoder with Apache License 2.0 | 5 votes |
/** * Retrieves all certs from the specified CertStores that satisfy the * requirements specified in the parameters and the current * PKIX state (name constraints, policy constraints, etc). * * @param currentState the current state. * Must be an instance of <code>ForwardState</code> * @param certStores list of CertStores */ @Override Collection<X509Certificate> getMatchingCerts(State currentState, List<CertStore> certStores) throws CertStoreException, CertificateException, IOException { if (debug != null) { debug.println("ForwardBuilder.getMatchingCerts()..."); } ForwardState currState = (ForwardState) currentState; /* * We store certs in a Set because we don't want duplicates. * As each cert is added, it is sorted based on the PKIXCertComparator * algorithm. */ Comparator<X509Certificate> comparator = new PKIXCertComparator(trustedSubjectDNs, currState.cert); Set<X509Certificate> certs = new TreeSet<>(comparator); /* * Only look for EE certs if search has just started. */ if (currState.isInitial()) { getMatchingEECerts(currState, certStores, certs); } getMatchingCACerts(currState, certStores, certs); return certs; }
Example #25
Source File: CertStoreExceptionTest.java From j2objc with Apache License 2.0 | 5 votes |
/** * Test for <code>CertStoreException(String, Throwable)</code> constructor * Assertion: constructs CertStoreException when <code>cause</code> is not * null <code>msg</code> is null */ public void testCertStoreException08() { CertStoreException tE = new CertStoreException(null, tCause); if (tE.getMessage() != null) { String toS = tCause.toString(); String getM = tE.getMessage(); assertTrue("getMessage() must should ".concat(toS), (getM .indexOf(toS) != -1)); } assertNotNull("getCause() must not return null", tE.getCause()); assertEquals("getCause() must return ".concat(tCause.toString()), tE .getCause(), tCause); }
Example #26
Source File: SdsX509TrustManagerTest.java From grpc-java with Apache License 2.0 | 5 votes |
@Test public void checkServerTrustedSslEngine() throws CertificateException, IOException, CertStoreException { TestSslEngine sslEngine = buildTrustManagerAndGetSslEngine(); X509Certificate[] serverCerts = CertificateUtils.toX509Certificates(TestUtils.loadCert(SERVER_1_PEM_FILE)); trustManager.checkServerTrusted(serverCerts, "ECDHE_ECDSA", sslEngine); verify(sslEngine, times(1)).getHandshakeSession(); }
Example #27
Source File: ForwardBuilder.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
/** * Download Certificates from the given AIA and add them to the * specified Collection. */ // cs.getCertificates(caSelector) returns a collection of X509Certificate's // because of the selector, so the cast is safe @SuppressWarnings("unchecked") private boolean getCerts(AuthorityInfoAccessExtension aiaExt, Collection<X509Certificate> certs) { if (Builder.USE_AIA == false) { return false; } List<AccessDescription> adList = aiaExt.getAccessDescriptions(); if (adList == null || adList.isEmpty()) { return false; } boolean add = false; for (AccessDescription ad : adList) { CertStore cs = URICertStore.getInstance(ad); if (cs != null) { try { if (certs.addAll((Collection<X509Certificate>) cs.getCertificates(caSelector))) { add = true; if (!searchAllCertStores) { return true; } } } catch (CertStoreException cse) { if (debug != null) { debug.println("exception getting certs from CertStore:"); cse.printStackTrace(); } } } } return add; }
Example #28
Source File: ForwardBuilder.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
/** * Retrieves all certs from the specified CertStores that satisfy the * requirements specified in the parameters and the current * PKIX state (name constraints, policy constraints, etc). * * @param currentState the current state. * Must be an instance of <code>ForwardState</code> * @param certStores list of CertStores */ @Override Collection<X509Certificate> getMatchingCerts(State currentState, List<CertStore> certStores) throws CertStoreException, CertificateException, IOException { if (debug != null) { debug.println("ForwardBuilder.getMatchingCerts()..."); } ForwardState currState = (ForwardState) currentState; /* * We store certs in a Set because we don't want duplicates. * As each cert is added, it is sorted based on the PKIXCertComparator * algorithm. */ Comparator<X509Certificate> comparator = new PKIXCertComparator(trustedSubjectDNs, currState.cert); Set<X509Certificate> certs = new TreeSet<>(comparator); /* * Only look for EE certs if search has just started. */ if (currState.isInitial()) { getMatchingEECerts(currState, certStores, certs); } getMatchingCACerts(currState, certStores, certs); return certs; }
Example #29
Source File: ForwardBuilder.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
/** * Retrieves all certs from the specified CertStores that satisfy the * requirements specified in the parameters and the current * PKIX state (name constraints, policy constraints, etc). * * @param currentState the current state. * Must be an instance of <code>ForwardState</code> * @param certStores list of CertStores */ @Override Collection<X509Certificate> getMatchingCerts(State currentState, List<CertStore> certStores) throws CertStoreException, CertificateException, IOException { if (debug != null) { debug.println("ForwardBuilder.getMatchingCerts()..."); } ForwardState currState = (ForwardState) currentState; /* * We store certs in a Set because we don't want duplicates. * As each cert is added, it is sorted based on the PKIXCertComparator * algorithm. */ Set<X509Certificate> certs = new TreeSet<>(comparator); /* * Only look for EE certs if search has just started. */ if (currState.isInitial()) { getMatchingEECerts(currState, certStores, certs); } getMatchingCACerts(currState, certStores, certs); return certs; }
Example #30
Source File: ForwardBuilder.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
/** * Retrieves all certs from the specified CertStores that satisfy the * requirements specified in the parameters and the current * PKIX state (name constraints, policy constraints, etc). * * @param currentState the current state. * Must be an instance of <code>ForwardState</code> * @param certStores list of CertStores */ @Override Collection<X509Certificate> getMatchingCerts(State currentState, List<CertStore> certStores) throws CertStoreException, CertificateException, IOException { if (debug != null) { debug.println("ForwardBuilder.getMatchingCerts()..."); } ForwardState currState = (ForwardState) currentState; /* * We store certs in a Set because we don't want duplicates. * As each cert is added, it is sorted based on the PKIXCertComparator * algorithm. */ Comparator<X509Certificate> comparator = new PKIXCertComparator(trustedSubjectDNs, currState.cert); Set<X509Certificate> certs = new TreeSet<>(comparator); /* * Only look for EE certs if search has just started. */ if (currState.isInitial()) { getMatchingEECerts(currState, certStores, certs); } getMatchingCACerts(currState, certStores, certs); return certs; }