java.security.cert.CertPathValidatorException.Reason Java Examples
The following examples show how to use
java.security.cert.CertPathValidatorException.Reason.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: CertificateMessage.java From openjsse with GNU General Public License v2.0 | 6 votes |
|
/**
* When a failure happens during certificate checking from an
* {@link X509TrustManager}, determine what TLS alert description
* to use.
*
* @param cexc The exception thrown by the {@link X509TrustManager}
*
* @return A byte value corresponding to a TLS alert description number.
*/
private static Alert getCertificateAlert(
ClientHandshakeContext chc, CertificateException cexc) {
// The specific reason for the failure will determine how to
// set the alert description value
Alert alert = Alert.CERTIFICATE_UNKNOWN;
Throwable baseCause = cexc.getCause();
if (baseCause instanceof CertPathValidatorException) {
CertPathValidatorException cpve =
(CertPathValidatorException)baseCause;
Reason reason = cpve.getReason();
if (reason == BasicReason.REVOKED) {
alert = chc.staplingActive ?
Alert.BAD_CERT_STATUS_RESPONSE :
Alert.CERTIFICATE_REVOKED;
} else if (
reason == BasicReason.UNDETERMINED_REVOCATION_STATUS) {
alert = chc.staplingActive ?
Alert.BAD_CERT_STATUS_RESPONSE :
Alert.CERTIFICATE_UNKNOWN;
}
}
return alert;
}
Example #2
| Source File: CertificateMessage.java From Bytecoder with Apache License 2.0 | 6 votes |
|
/**
* When a failure happens during certificate checking from an
* {@link X509TrustManager}, determine what TLS alert description
* to use.
*
* @param cexc The exception thrown by the {@link X509TrustManager}
*
* @return A byte value corresponding to a TLS alert description number.
*/
private static Alert getCertificateAlert(
ClientHandshakeContext chc, CertificateException cexc) {
// The specific reason for the failure will determine how to
// set the alert description value
Alert alert = Alert.CERTIFICATE_UNKNOWN;
Throwable baseCause = cexc.getCause();
if (baseCause instanceof CertPathValidatorException) {
CertPathValidatorException cpve =
(CertPathValidatorException)baseCause;
Reason reason = cpve.getReason();
if (reason == BasicReason.REVOKED) {
alert = chc.staplingActive ?
Alert.BAD_CERT_STATUS_RESPONSE :
Alert.CERTIFICATE_REVOKED;
} else if (
reason == BasicReason.UNDETERMINED_REVOCATION_STATUS) {
alert = chc.staplingActive ?
Alert.BAD_CERT_STATUS_RESPONSE :
Alert.CERTIFICATE_UNKNOWN;
}
}
return alert;
}
Example #3
| Source File: ClientHandshaker.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
/**
* When a failure happens during certificate checking from an
* {@link X509TrustManager}, determine what TLS alert description to use.
*
* @param cexc The exception thrown by the {@link X509TrustManager}
*
* @return A byte value corresponding to a TLS alert description number.
*/
private byte getCertificateAlert(CertificateException cexc) {
// The specific reason for the failure will determine how to
// set the alert description value
byte alertDesc = Alerts.alert_certificate_unknown;
Throwable baseCause = cexc.getCause();
if (baseCause instanceof CertPathValidatorException) {
CertPathValidatorException cpve =
(CertPathValidatorException)baseCause;
Reason reason = cpve.getReason();
if (reason == BasicReason.REVOKED) {
alertDesc = staplingActive ?
Alerts.alert_bad_certificate_status_response :
Alerts.alert_certificate_revoked;
} else if (reason == BasicReason.UNDETERMINED_REVOCATION_STATUS) {
alertDesc = staplingActive ?
Alerts.alert_bad_certificate_status_response :
Alerts.alert_certificate_unknown;
}
}
return alertDesc;
}
Example #4
| Source File: CertificateMessage.java From openjsse with GNU General Public License v2.0 | 5 votes |
|
/**
* When a failure happens during certificate checking from an
* {@link X509TrustManager}, determine what TLS alert description
* to use.
*
* @param cexc The exception thrown by the {@link X509TrustManager}
*
* @return A byte value corresponding to a TLS alert description number.
*/
private static Alert getCertificateAlert(
ClientHandshakeContext chc, CertificateException cexc) {
// The specific reason for the failure will determine how to
// set the alert description value
Alert alert = Alert.CERTIFICATE_UNKNOWN;
Throwable baseCause = cexc.getCause();
if (baseCause instanceof CertPathValidatorException) {
CertPathValidatorException cpve =
(CertPathValidatorException)baseCause;
Reason reason = cpve.getReason();
if (reason == BasicReason.REVOKED) {
alert = chc.staplingActive ?
Alert.BAD_CERT_STATUS_RESPONSE :
Alert.CERTIFICATE_REVOKED;
} else if (
reason == BasicReason.UNDETERMINED_REVOCATION_STATUS) {
alert = chc.staplingActive ?
Alert.BAD_CERT_STATUS_RESPONSE :
Alert.CERTIFICATE_UNKNOWN;
} else if (reason == BasicReason.ALGORITHM_CONSTRAINED) {
alert = Alert.UNSUPPORTED_CERTIFICATE;
} else if (reason == BasicReason.EXPIRED) {
alert = Alert.CERTIFICATE_EXPIRED;
} else if (reason == BasicReason.INVALID_SIGNATURE ||
reason == BasicReason.NOT_YET_VALID) {
alert = Alert.BAD_CERTIFICATE;
}
}
return alert;
}
Example #5
| Source File: LdapTlsHandshakeFailCause.java From directory-ldap-api with Apache License 2.0 | 5 votes |
|
public LdapTlsHandshakeFailCause( Throwable cause, Throwable rootCause, Reason reason, String reasonPhrase )
{
this.cause = cause;
this.rootCause = rootCause;
this.reason = reason;
this.reasonPhrase = reasonPhrase;
}
Example #6
| Source File: LdapTlsHandshakeExceptionClassifierTest.java From directory-ldap-api with Apache License 2.0 | 5 votes |
|
@Test
public void testClassifyNull()
{
LdapTlsHandshakeFailCause classification = LdapTlsHandshakeExceptionClassifier.classify( null );
assertThat( classification.getReason(), equalTo( ( Reason ) BasicReason.UNSPECIFIED ) );
assertThat( classification.getReasonPhrase(), equalTo( "Unspecified" ) );
assertThat( classification.getRootCause(), equalTo( null ) );
}
Example #7
| Source File: LdapTlsHandshakeExceptionClassifierTest.java From directory-ldap-api with Apache License 2.0 | 5 votes |
|
@Test
public void testClassifyOther()
{
LdapTlsHandshakeFailCause classification = LdapTlsHandshakeExceptionClassifier
.classify( new IOException( "foo" ) );
assertThat( classification.getReason(), equalTo( ( Reason ) BasicReason.UNSPECIFIED ) );
assertThat( classification.getReasonPhrase(), equalTo( "Unspecified" ) );
assertThat( classification.getRootCause(), instanceOf( IOException.class ) );
}
Example #8
| Source File: LdapTlsHandshakeExceptionClassifierTest.java From directory-ldap-api with Apache License 2.0 | 5 votes |
|
@Test
public void testClassifyCertificateExpiredException()
{
LdapTlsHandshakeFailCause classification = LdapTlsHandshakeExceptionClassifier
.classify( new CertificateExpiredException( "foo" ) );
assertThat( classification.getReason(), equalTo( ( Reason ) BasicReason.EXPIRED ) );
assertThat( classification.getReasonPhrase(), equalTo( "Certificate expired" ) );
assertThat( classification.getRootCause(), instanceOf( CertificateExpiredException.class ) );
}
Example #9
| Source File: LdapTlsHandshakeExceptionClassifierTest.java From directory-ldap-api with Apache License 2.0 | 5 votes |
|
@Test
public void testClassifyCertificateNotYetValidException()
{
LdapTlsHandshakeFailCause classification = LdapTlsHandshakeExceptionClassifier
.classify( new CertificateNotYetValidException( "foo" ) );
assertThat( classification.getReason(), equalTo( ( Reason ) BasicReason.NOT_YET_VALID ) );
assertThat( classification.getReasonPhrase(), equalTo( "Certificate not yet valid" ) );
assertThat( classification.getRootCause(), instanceOf( CertificateNotYetValidException.class ) );
}
Example #10
| Source File: LdapTlsHandshakeExceptionClassifierTest.java From directory-ldap-api with Apache License 2.0 | 5 votes |
|
@Test
public void testClassifyCertPathBuilderException()
{
LdapTlsHandshakeFailCause classification = LdapTlsHandshakeExceptionClassifier
.classify( new Exception( new CertPathBuilderException( "foo" ) ) );
assertThat( classification.getReason(), equalTo( ( Reason ) LdapApiReason.NO_VALID_CERTIFICATION_PATH ) );
assertThat( classification.getReasonPhrase(), equalTo( "Failed to build certification path" ) );
assertThat( classification.getRootCause(), instanceOf( CertPathBuilderException.class ) );
}
Example #11
| Source File: LdapTlsHandshakeExceptionClassifierTest.java From directory-ldap-api with Apache License 2.0 | 5 votes |
|
@Test
public void testClassifyCertPathValidatorException()
{
LdapTlsHandshakeFailCause classification = LdapTlsHandshakeExceptionClassifier.classify(
new Exception( new Exception( new Exception( new Exception(
new CertPathValidatorException( "foo", null, null, -1, BasicReason.ALGORITHM_CONSTRAINED ) ) ) ) ) );
assertThat( classification.getReason(), equalTo( ( Reason ) BasicReason.ALGORITHM_CONSTRAINED ) );
assertThat( classification.getReasonPhrase(), equalTo( "Failed to verify certification path" ) );
assertThat( classification.getRootCause(), instanceOf( CertPathValidatorException.class ) );
}
Example #12
| Source File: CertificateMessage.java From Bytecoder with Apache License 2.0 | 5 votes |
|
/**
* When a failure happens during certificate checking from an
* {@link X509TrustManager}, determine what TLS alert description
* to use.
*
* @param cexc The exception thrown by the {@link X509TrustManager}
*
* @return A byte value corresponding to a TLS alert description number.
*/
private static Alert getCertificateAlert(
ClientHandshakeContext chc, CertificateException cexc) {
// The specific reason for the failure will determine how to
// set the alert description value
Alert alert = Alert.CERTIFICATE_UNKNOWN;
Throwable baseCause = cexc.getCause();
if (baseCause instanceof CertPathValidatorException) {
CertPathValidatorException cpve =
(CertPathValidatorException)baseCause;
Reason reason = cpve.getReason();
if (reason == BasicReason.REVOKED) {
alert = chc.staplingActive ?
Alert.BAD_CERT_STATUS_RESPONSE :
Alert.CERTIFICATE_REVOKED;
} else if (
reason == BasicReason.UNDETERMINED_REVOCATION_STATUS) {
alert = chc.staplingActive ?
Alert.BAD_CERT_STATUS_RESPONSE :
Alert.CERTIFICATE_UNKNOWN;
} else if (reason == BasicReason.ALGORITHM_CONSTRAINED) {
alert = Alert.UNSUPPORTED_CERTIFICATE;
} else if (reason == BasicReason.EXPIRED) {
alert = Alert.CERTIFICATE_EXPIRED;
} else if (reason == BasicReason.INVALID_SIGNATURE ||
reason == BasicReason.NOT_YET_VALID) {
alert = Alert.BAD_CERTIFICATE;
}
}
return alert;
}
Example #13
| Source File: LdapTlsHandshakeFailCause.java From directory-ldap-api with Apache License 2.0 | 4 votes |
|
public Reason getReason()
{
return reason;
}
Example #14
| Source File: LdapTlsHandshakeFailCause.java From directory-ldap-api with Apache License 2.0 | 4 votes |
|
public void setReason( Reason reason )
{
this.reason = reason;
}
