本文整理汇总了Java中java.security.cert.CertificateException类的典型用法代码示例。如果您正苦于以下问题:Java CertificateException类的具体用法?Java CertificateException怎么用?Java CertificateException使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
CertificateException类属于java.security.cert包,在下文中一共展示了CertificateException类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createSslSocketFactory
import java.security.cert.CertificateException; //导入依赖的package包/类
private SSLSocketFactory createSslSocketFactory() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, KeyManagementException {
// load up the key store
String STORETYPE = "JKS";
String KEYSTORE = "keystore.jks";
String STOREPASSWORD = "storepassword";
String KEYPASSWORD = "keypassword";
KeyStore ks = KeyStore.getInstance(STORETYPE);
ks.load(MattermostClient.class.getResourceAsStream(KEYSTORE), STOREPASSWORD.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, KEYPASSWORD.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(ks);
SSLContext sslContext = null;
sslContext = SSLContext.getInstance("TLS");
// sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
sslContext.init(null, null, null); // will use java's default key and trust store which is sufficient unless you deal with self-signed certificates
return sslContext.getSocketFactory();// (SSLSocketFactory) SSLSocketFactory.getDefault();
}
示例2: buildClient
import java.security.cert.CertificateException; //导入依赖的package包/类
@SuppressWarnings("deprecation")
static CloseableHttpClient buildClient(boolean ignoreSSL) throws Exception {
SSLSocketFactory sslsf = new SSLSocketFactory(new TrustStrategy() {
public boolean isTrusted(
final X509Certificate[] chain, String authType) throws CertificateException {
// Oh, I am easy...
return true;
}
});
if (ignoreSSL) {
return HttpClients.custom().setSSLSocketFactory(sslsf).build();
} else {
return HttpClients.createDefault();
}
}
示例3: SignatureFileVerifier
import java.security.cert.CertificateException; //导入依赖的package包/类
/**
* Create the named SignatureFileVerifier.
*
* @param name the name of the signature block file (.DSA/.RSA/.EC)
*
* @param rawBytes the raw bytes of the signature block file
*/
public SignatureFileVerifier(ArrayList<CodeSigner[]> signerCache,
ManifestDigester md,
String name,
byte rawBytes[])
throws IOException, CertificateException
{
// new PKCS7() calls CertificateFactory.getInstance()
// need to use local providers here, see Providers class
Object obj = null;
try {
obj = Providers.startJarVerification();
block = new PKCS7(rawBytes);
sfBytes = block.getContentInfo().getData();
certificateFactory = CertificateFactory.getInstance("X509");
} finally {
Providers.stopJarVerification(obj);
}
this.name = name.substring(0, name.lastIndexOf("."))
.toUpperCase(Locale.ENGLISH);
this.md = md;
this.signerCache = signerCache;
}
示例4: createX509CertificateFromFile
import java.security.cert.CertificateException; //导入依赖的package包/类
private static X509Certificate createX509CertificateFromFile(
final String certificateFileName) throws IOException, CertificateException
{
// Load an X509 certificate from the specified certificate file name
final File file = new java.io.File(certificateFileName);
if (!file.isFile()) {
throw new IOException(
String.format("The certificate file %s doesn't exist.", certificateFileName));
}
final CertificateFactory certificateFactoryX509 = CertificateFactory.getInstance("X.509");
final InputStream inputStream = new FileInputStream(file);
final X509Certificate certificate = (X509Certificate) certificateFactoryX509.generateCertificate(inputStream);
inputStream.close();
return certificate;
}
开发者ID:PacktPublishing,项目名称:MQTT-Essentials-A-Lightweight-IoT-Protocol,代码行数:17,代码来源:SecurityHelper.java
示例5: if
import java.security.cert.CertificateException; //导入依赖的package包/类
/**
* Retrieves all certs from the specified CertStores that satisfy the
* requirements specified in the parameters and the current
* PKIX state (name constraints, policy constraints, etc).
*
* @param currentState the current state.
* Must be an instance of <code>ReverseState</code>
* @param certStores list of CertStores
*/
@Override
Collection<X509Certificate> getMatchingCerts
(State currState, List<CertStore> certStores)
throws CertStoreException, CertificateException, IOException
{
ReverseState currentState = (ReverseState) currState;
if (debug != null)
debug.println("In ReverseBuilder.getMatchingCerts.");
/*
* The last certificate could be an EE or a CA certificate
* (we may be building a partial certification path or
* establishing trust in a CA).
*
* Try the EE certs before the CA certs. It will be more
* common to build a path to an end entity.
*/
Collection<X509Certificate> certs =
getMatchingEECerts(currentState, certStores);
certs.addAll(getMatchingCACerts(currentState, certStores));
return certs;
}
示例6: LocalOcspRequest
import java.security.cert.CertificateException; //导入依赖的package包/类
/**
* Construct a {@code LocalOcspRequest} from its DER encoding.
*
* @param requestBytes the DER-encoded bytes
*
* @throws IOException if decoding errors occur
* @throws CertificateException if certificates are found in the
* OCSP request and they do not parse correctly.
*/
private LocalOcspRequest(byte[] requestBytes) throws IOException,
CertificateException {
Objects.requireNonNull(requestBytes, "Received null input");
DerInputStream dis = new DerInputStream(requestBytes);
// Parse the top-level structure, it should have no more than
// two elements.
DerValue[] topStructs = dis.getSequence(2);
for (DerValue dv : topStructs) {
if (dv.tag == DerValue.tag_Sequence) {
parseTbsRequest(dv);
} else if (dv.isContextSpecific((byte)0)) {
parseSignature(dv);
} else {
throw new IOException("Unknown tag at top level: " +
dv.tag);
}
}
}
示例7: getCertificateThumbprint
import java.security.cert.CertificateException; //导入依赖的package包/类
private String getCertificateThumbprint(String pfxPath, String password) {
try {
InputStream inStream = new FileInputStream(pfxPath);
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(inStream, password.toCharArray());
String alias = ks.aliases().nextElement();
X509Certificate certificate = (X509Certificate) ks.getCertificate(alias);
inStream.close();
MessageDigest sha = MessageDigest.getInstance("SHA-1");
return BaseEncoding.base16().encode(sha.digest(certificate.getEncoded()));
} catch (KeyStoreException | CertificateException | NoSuchAlgorithmException | IOException ex) {
throw new RuntimeException(ex);
}
}
示例8: set
import java.security.cert.CertificateException; //导入依赖的package包/类
/**
* Set the attribute value.
* @exception CertificateException on attribute handling errors.
*/
public void set(String name, Object obj)
throws CertificateException, IOException {
if (!(obj instanceof Date)) {
throw new CertificateException("Attribute must be of type Date.");
}
if (name.equalsIgnoreCase(NOT_BEFORE)) {
notBefore = (Date)obj;
} else if (name.equalsIgnoreCase(NOT_AFTER)) {
notAfter = (Date)obj;
} else {
throw new CertificateException("Attribute name not recognized by"
+ " CertAttrSet:PrivateKeyUsage.");
}
encodeThis();
}
示例9: getKeyFromConfigServer
import java.security.cert.CertificateException; //导入依赖的package包/类
private String getKeyFromConfigServer(RestTemplate keyUriRestTemplate) throws CertificateException {
// Load available UAA servers
discoveryClient.getServices();
HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
String content = keyUriRestTemplate
.exchange("http://config/api/token_key", HttpMethod.GET, request, String.class).getBody();
if (StringUtils.isBlank(content)) {
throw new CertificateException("Received empty certificate from config.");
}
InputStream fin = new ByteArrayInputStream(content.getBytes());
CertificateFactory f = CertificateFactory.getInstance(Constants.CERTIFICATE);
X509Certificate certificate = (X509Certificate)f.generateCertificate(fin);
PublicKey pk = certificate.getPublicKey();
return String.format(Constants.PUBLIC_KEY, new String(Base64.encode(pk.getEncoded())));
}
示例10: isUntrusted
import java.security.cert.CertificateException; //导入依赖的package包/类
/**
* Checks if a certificate is untrusted.
*
* @param cert the certificate to check
* @return true if the certificate is untrusted.
*/
public static boolean isUntrusted(X509Certificate cert) {
if (algorithm == null) {
return false;
}
String key;
if (cert instanceof X509CertImpl) {
key = ((X509CertImpl)cert).getFingerprint(algorithm);
} else {
try {
key = new X509CertImpl(cert.getEncoded()).getFingerprint(algorithm);
} catch (CertificateException cee) {
return false;
}
}
return props.containsKey(key);
}
示例11: main
import java.security.cert.CertificateException; //导入依赖的package包/类
public static void main(String[] args) throws Exception {
List certs = new Vector();
certs.add("The 1st certificate");
certs.add("The 2nd certificate");
certs.add("The 3rd certificate");
certs.add("The 4th certificate");
try {
X509CertPath cp = new X509CertPath(certs);
throw new Exception("No expected CertificateException thrown");
} catch (CertificateException ce) {
// get the expected exception
} catch (Exception e) {
throw new Exception("No expected CertificateException thrown", e);
}
}
示例12: loadCert
import java.security.cert.CertificateException; //导入依赖的package包/类
private X509Certificate loadCert(Session session, long oHandle)
throws PKCS11Exception, CertificateException {
CK_ATTRIBUTE[] attrs = new CK_ATTRIBUTE[]
{ new CK_ATTRIBUTE(CKA_VALUE) };
token.p11.C_GetAttributeValue(session.id(), oHandle, attrs);
byte[] bytes = attrs[0].getByteArray();
if (bytes == null) {
throw new CertificateException
("unexpectedly retrieved null byte array");
}
CertificateFactory cf = CertificateFactory.getInstance("X.509");
return (X509Certificate)cf.generateCertificate
(new ByteArrayInputStream(bytes));
}
示例13: testPrivateKeyValid
import java.security.cert.CertificateException; //导入依赖的package包/类
private void testPrivateKeyValid() throws IOException, CertificateException {
System.out.println("X.509 Certificate Match on privateKeyValid");
// bad match
X509CertSelector selector = new X509CertSelector();
Calendar cal = Calendar.getInstance();
cal.set(1968, 12, 31);
selector.setPrivateKeyValid(cal.getTime());
checkMatch(selector, cert, false);
// good match
DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.16"));
byte[] encoded = in.getOctetString();
PrivateKeyUsageExtension ext = new PrivateKeyUsageExtension(false, encoded);
Date validDate = (Date) ext.get(PrivateKeyUsageExtension.NOT_BEFORE);
selector.setPrivateKeyValid(validDate);
checkMatch(selector, cert, true);
}
示例14: retrieveProviderMetadata
import java.security.cert.CertificateException; //导入依赖的package包/类
/**
* Retrieve provider metadata.
* Provider configuration information
* Obtaining the provider configuration information can be done either out-of-band or using the optional discovery process:
*
* @throws IOException Signals that an I/O exception has occurred.
* @throws ParseException the parse exception
* @throws KeyStoreException
* @throws CertificateException
* @throws NoSuchAlgorithmException
* @throws KeyManagementException
*/
public void retrieveProviderMetadata() throws IOException, ParseException, KeyManagementException, NoSuchAlgorithmException, CertificateException, KeyStoreException {
URL providerConfigurationURL = issuerURI.resolve(URLPATH_WELL_KNOWN_OPENID).toURL();
// System.out.println(providerConfigurationURL);
URLConnection conn = providerConfigurationURL.openConnection();
if (trustStoreFile != null) {
Trust.trustSpecific((HttpsURLConnection) conn, trustStoreFile);
}
InputStream stream = conn.getInputStream();
// Read all data from URL
String providerInfo = null;
try (java.util.Scanner s = new java.util.Scanner(stream)) {
providerInfo = s.useDelimiter("\\A").hasNext() ? s.next() : "";
}
setProviderMetadata(OIDCProviderMetadata.parse(providerInfo));
}
示例15: getPublicKey
import java.security.cert.CertificateException; //导入依赖的package包/类
public PublicKey getPublicKey(String keyName) throws CryptoException
{
PublicKey publicKey = null;
try {
KeyStore mKeyStore = KeyStore.getInstance(REST_AUTH_KEYSTORE_NAME);
mKeyStore.load(null);
Certificate certificate = mKeyStore.getCertificate(keyName);
if (certificate != null)
publicKey = certificate.getPublicKey();
} catch (KeyStoreException | CertificateException | NoSuchAlgorithmException | IOException e) {
throw new CryptoException(e.getMessage());
}
return publicKey;
}