Java 类java.security.cert.CertificateException 实例源码

项目:intellij-mattermost-plugin    文件:MattermostClient.java   
private SSLSocketFactory createSslSocketFactory() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, KeyManagementException {
    // load up the key store
    String STORETYPE = "JKS";
    String KEYSTORE = "keystore.jks";
    String STOREPASSWORD = "storepassword";
    String KEYPASSWORD = "keypassword";

    KeyStore ks = KeyStore.getInstance(STORETYPE);
    ks.load(MattermostClient.class.getResourceAsStream(KEYSTORE), STOREPASSWORD.toCharArray());

    KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
    kmf.init(ks, KEYPASSWORD.toCharArray());
    TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
    tmf.init(ks);

    SSLContext sslContext = null;
    sslContext = SSLContext.getInstance("TLS");
    //      sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
    sslContext.init(null, null, null); // will use java's default key and trust store which is sufficient unless you deal with self-signed certificates

    return sslContext.getSocketFactory();// (SSLSocketFactory) SSLSocketFactory.getDefault();
}
项目:dcos-maven-plugin    文件:DcosPluginHelper.java   
@SuppressWarnings("deprecation")
static CloseableHttpClient buildClient(boolean ignoreSSL) throws Exception {
  SSLSocketFactory sslsf = new SSLSocketFactory(new TrustStrategy() {

    public boolean isTrusted(
        final X509Certificate[] chain, String authType) throws CertificateException {
      // Oh, I am easy...
      return true;
    }

  });
  if (ignoreSSL) {
    return HttpClients.custom().setSSLSocketFactory(sslsf).build();
  } else {
    return HttpClients.createDefault();
  }
}
项目:OpenJSharp    文件:SignatureFileVerifier.java   
/**
 * Create the named SignatureFileVerifier.
 *
 * @param name the name of the signature block file (.DSA/.RSA/.EC)
 *
 * @param rawBytes the raw bytes of the signature block file
 */
public SignatureFileVerifier(ArrayList<CodeSigner[]> signerCache,
                             ManifestDigester md,
                             String name,
                             byte rawBytes[])
    throws IOException, CertificateException
{
    // new PKCS7() calls CertificateFactory.getInstance()
    // need to use local providers here, see Providers class
    Object obj = null;
    try {
        obj = Providers.startJarVerification();
        block = new PKCS7(rawBytes);
        sfBytes = block.getContentInfo().getData();
        certificateFactory = CertificateFactory.getInstance("X509");
    } finally {
        Providers.stopJarVerification(obj);
    }
    this.name = name.substring(0, name.lastIndexOf("."))
                                               .toUpperCase(Locale.ENGLISH);
    this.md = md;
    this.signerCache = signerCache;
}
项目:MQTT-Essentials-A-Lightweight-IoT-Protocol    文件:SecurityHelper.java   
private static X509Certificate createX509CertificateFromFile(
    final String certificateFileName) throws IOException, CertificateException 
  {
      // Load an X509 certificate from the specified certificate file name
final File file = new java.io.File(certificateFileName);
if (!file.isFile()) {
    throw new IOException(
        String.format("The certificate file %s doesn't exist.", certificateFileName));
}
    final CertificateFactory certificateFactoryX509 = CertificateFactory.getInstance("X.509");
    final InputStream inputStream = new FileInputStream(file);
      final X509Certificate certificate = (X509Certificate) certificateFactoryX509.generateCertificate(inputStream);
      inputStream.close();

      return certificate;
  }
项目:OpenJSharp    文件:ReverseBuilder.java   
/**
 * Retrieves all certs from the specified CertStores that satisfy the
 * requirements specified in the parameters and the current
 * PKIX state (name constraints, policy constraints, etc).
 *
 * @param currentState the current state.
 *        Must be an instance of <code>ReverseState</code>
 * @param certStores list of CertStores
 */
@Override
Collection<X509Certificate> getMatchingCerts
    (State currState, List<CertStore> certStores)
    throws CertStoreException, CertificateException, IOException
{
    ReverseState currentState = (ReverseState) currState;

    if (debug != null)
        debug.println("In ReverseBuilder.getMatchingCerts.");

    /*
     * The last certificate could be an EE or a CA certificate
     * (we may be building a partial certification path or
     * establishing trust in a CA).
     *
     * Try the EE certs before the CA certs. It will be more
     * common to build a path to an end entity.
     */
    Collection<X509Certificate> certs =
        getMatchingEECerts(currentState, certStores);
    certs.addAll(getMatchingCACerts(currentState, certStores));

    return certs;
}
项目:openjdk-jdk10    文件:SimpleOCSPServer.java   
/**
 * Construct a {@code LocalOcspRequest} from its DER encoding.
 *
 * @param requestBytes the DER-encoded bytes
 *
 * @throws IOException if decoding errors occur
 * @throws CertificateException if certificates are found in the
 * OCSP request and they do not parse correctly.
 */
private LocalOcspRequest(byte[] requestBytes) throws IOException,
        CertificateException {
    Objects.requireNonNull(requestBytes, "Received null input");

    DerInputStream dis = new DerInputStream(requestBytes);

    // Parse the top-level structure, it should have no more than
    // two elements.
    DerValue[] topStructs = dis.getSequence(2);
    for (DerValue dv : topStructs) {
        if (dv.tag == DerValue.tag_Sequence) {
            parseTbsRequest(dv);
        } else if (dv.isContextSpecific((byte)0)) {
            parseSignature(dv);
        } else {
            throw new IOException("Unknown tag at top level: " +
                    dv.tag);
        }
    }
}
项目:azure-libraries-for-java    文件:HostNameSslBindingImpl.java   
private String getCertificateThumbprint(String pfxPath, String password) {
    try {
        InputStream inStream = new FileInputStream(pfxPath);

        KeyStore ks = KeyStore.getInstance("PKCS12");
        ks.load(inStream, password.toCharArray());

        String alias = ks.aliases().nextElement();
        X509Certificate certificate = (X509Certificate) ks.getCertificate(alias);
        inStream.close();
        MessageDigest sha = MessageDigest.getInstance("SHA-1");
        return BaseEncoding.base16().encode(sha.digest(certificate.getEncoded()));
    } catch (KeyStoreException | CertificateException | NoSuchAlgorithmException | IOException ex) {
        throw new RuntimeException(ex);
    }
}
项目:jdk8u-jdk    文件:PrivateKeyUsageExtension.java   
/**
 * Set the attribute value.
 * @exception CertificateException on attribute handling errors.
 */
public void set(String name, Object obj)
throws CertificateException, IOException {
    if (!(obj instanceof Date)) {
        throw new CertificateException("Attribute must be of type Date.");
    }
    if (name.equalsIgnoreCase(NOT_BEFORE)) {
        notBefore = (Date)obj;
    } else if (name.equalsIgnoreCase(NOT_AFTER)) {
        notAfter = (Date)obj;
    } else {
      throw new CertificateException("Attribute name not recognized by"
                       + " CertAttrSet:PrivateKeyUsage.");
    }
    encodeThis();
}
项目:xm-ms-entity    文件:MicroserviceSecurityConfiguration.java   
private String getKeyFromConfigServer(RestTemplate keyUriRestTemplate) throws CertificateException {
    // Load available UAA servers
    discoveryClient.getServices();
    HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
    String content = keyUriRestTemplate
        .exchange("http://config/api/token_key", HttpMethod.GET, request, String.class).getBody();

    if (StringUtils.isBlank(content)) {
        throw new CertificateException("Received empty certificate from config.");
    }

    InputStream fin = new ByteArrayInputStream(content.getBytes());

    CertificateFactory f = CertificateFactory.getInstance(Constants.CERTIFICATE);
    X509Certificate certificate = (X509Certificate)f.generateCertificate(fin);
    PublicKey pk = certificate.getPublicKey();
    return String.format(Constants.PUBLIC_KEY, new String(Base64.encode(pk.getEncoded())));
}
项目:openjdk-jdk10    文件:UntrustedCertificates.java   
/**
 * Checks if a certificate is untrusted.
 *
 * @param cert the certificate to check
 * @return true if the certificate is untrusted.
 */
public static boolean isUntrusted(X509Certificate cert) {
    if (algorithm == null) {
        return false;
    }
    String key;
    if (cert instanceof X509CertImpl) {
        key = ((X509CertImpl)cert).getFingerprint(algorithm);
    } else {
        try {
            key = new X509CertImpl(cert.getEncoded()).getFingerprint(algorithm);
        } catch (CertificateException cee) {
            return false;
        }
    }
    return props.containsKey(key);
}
项目:openjdk-jdk10    文件:IllegalCertiticates.java   
public static void main(String[] args) throws Exception {
    List certs = new Vector();
    certs.add("The 1st certificate");
    certs.add("The 2nd certificate");
    certs.add("The 3rd certificate");
    certs.add("The 4th certificate");

    try {
        X509CertPath cp = new X509CertPath(certs);
        throw new Exception("No expected CertificateException thrown");
    } catch (CertificateException ce) {
        // get the expected exception
    } catch (Exception e) {
        throw new Exception("No expected CertificateException thrown", e);
    }

}
项目:openjdk-jdk10    文件:P11KeyStore.java   
private X509Certificate loadCert(Session session, long oHandle)
            throws PKCS11Exception, CertificateException {

    CK_ATTRIBUTE[] attrs = new CK_ATTRIBUTE[]
                    { new CK_ATTRIBUTE(CKA_VALUE) };
    token.p11.C_GetAttributeValue(session.id(), oHandle, attrs);

    byte[] bytes = attrs[0].getByteArray();
    if (bytes == null) {
        throw new CertificateException
                    ("unexpectedly retrieved null byte array");
    }
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    return (X509Certificate)cf.generateCertificate
                    (new ByteArrayInputStream(bytes));
}
项目:openjdk-jdk10    文件:X509CertSelectorTest.java   
private void testPrivateKeyValid() throws IOException, CertificateException {
    System.out.println("X.509 Certificate Match on privateKeyValid");
    // bad match
    X509CertSelector selector = new X509CertSelector();
    Calendar cal = Calendar.getInstance();
    cal.set(1968, 12, 31);
    selector.setPrivateKeyValid(cal.getTime());
    checkMatch(selector, cert, false);

    // good match
    DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.16"));
    byte[] encoded = in.getOctetString();
    PrivateKeyUsageExtension ext = new PrivateKeyUsageExtension(false, encoded);
    Date validDate = (Date) ext.get(PrivateKeyUsageExtension.NOT_BEFORE);
    selector.setPrivateKeyValid(validDate);
    checkMatch(selector, cert, true);

}
项目:AgentWorkbench    文件:SimpleOIDCClient.java   
/**
     * Retrieve provider metadata.
     * Provider configuration information
     * Obtaining the provider configuration information can be done either out-of-band or using the optional discovery process:
     *
     * @throws IOException Signals that an I/O exception has occurred.
     * @throws ParseException the parse exception
     * @throws KeyStoreException
     * @throws CertificateException
     * @throws NoSuchAlgorithmException
     * @throws KeyManagementException
     */
    public void retrieveProviderMetadata() throws IOException, ParseException, KeyManagementException, NoSuchAlgorithmException, CertificateException, KeyStoreException {

        URL providerConfigurationURL = issuerURI.resolve(URLPATH_WELL_KNOWN_OPENID).toURL();
//      System.out.println(providerConfigurationURL);
        URLConnection conn = providerConfigurationURL.openConnection();

        if (trustStoreFile != null) {
            Trust.trustSpecific((HttpsURLConnection) conn, trustStoreFile);
        }
        InputStream stream = conn.getInputStream();
        // Read all data from URL
        String providerInfo = null;
        try (java.util.Scanner s = new java.util.Scanner(stream)) {
            providerInfo = s.useDelimiter("\\A").hasNext() ? s.next() : "";
        }
        setProviderMetadata(OIDCProviderMetadata.parse(providerInfo));
    }
项目:citizen-sdk-android    文件:CryptoService.java   
public PublicKey getPublicKey(String keyName) throws CryptoException
{
    PublicKey publicKey = null;

    try {
        KeyStore mKeyStore = KeyStore.getInstance(REST_AUTH_KEYSTORE_NAME);
        mKeyStore.load(null);

        Certificate certificate = mKeyStore.getCertificate(keyName);
        if (certificate != null)
            publicKey = certificate.getPublicKey();
    } catch (KeyStoreException | CertificateException | NoSuchAlgorithmException | IOException e) {
        throw new CryptoException(e.getMessage());
    }

    return publicKey;
}
项目:AgentWorkbench    文件:OIDCAuthorization.java   
/**
 * Connect to the authorization server and get a valid token.
 *
 * @param username the username
 * @param password the password
 * @return true, if successful
 * @throws IOException
 * @throws URISyntaxException
 * @throws ParseException
 * @throws KeyStoreException 
 * @throws CertificateException 
 * @throws NoSuchAlgorithmException 
 * @throws KeyManagementException 
 */
public boolean authorizeByUserAndPW(String username, String password) throws URISyntaxException, IOException, KeyManagementException, NoSuchAlgorithmException, CertificateException, KeyStoreException {

    String authRedirection = "";
    if (!inited) {
        this.init();
    }

    oidcClient.setResourceOwnerCredentials(username, password);
    oidcClient.requestToken();

    urlProcessor.setAccessToken(oidcClient.getAccessToken());

    authRedirection = urlProcessor.prepare(oidcClient.getRedirectURI().toURL()).process();
    if (authRedirection == null) {  // authenticated
        lastSuccessfulUser = username;
        if (availabilityHandler != null) {
            availabilityHandler.onResourceAvailable(urlProcessor);
        }
        return true;
    } else {
        System.err.println("OIDC authorization failed");
        System.err.println("authRedirection=" + authRedirection);
        return false;
    }
}
项目:ARCLib    文件:SSLHelper.java   
private KeyStore getKeyStore(Resource resource, String password) throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException {

        try (InputStream stream = resource.getInputStream()) {
            KeyStore keyStore;

            String filename = resource.getFilename().toLowerCase();
            if (filename.endsWith("pfx") || filename.endsWith("p12")) {
                keyStore = KeyStore.getInstance("PKCS12");
            } else {
                keyStore = KeyStore.getInstance("JKS");
            }

            keyStore.load(stream,password.toCharArray());

            return keyStore;
        }
    }
项目:ssl-provider-jvm16    文件:BouncyCastleDefaultTlsClient.java   
@Override
public TlsAuthentication getAuthentication()
        throws IOException {
    return new TlsAuthentication() {


        @Override
        public void notifyServerCertificate(Certificate serverCertificate) throws IOException {
            try {
                CertificateFactory cf = CertificateFactory.getInstance("X.509");
                List<java.security.cert.Certificate> certs = new LinkedList<java.security.cert.Certificate>();
                for (org.bouncycastle.asn1.x509.Certificate c : serverCertificate.getCertificateList()) {
                    certs.add(cf.generateCertificate(new ByteArrayInputStream(c.getEncoded())));
                }
                peertCerts = certs.toArray(new java.security.cert.Certificate[0]);
            } catch (CertificateException e) {
                System.out.println("Failed to cache server certs" + e);
                throw new IOException(e);
            }

        }

        @Override
        public TlsCredentials getClientCredentials(CertificateRequest arg0)
                throws IOException {
            return null;
        }

    };

}
项目:q-mail    文件:Account.java   
/**
 * Add a new certificate for the incoming or outgoing server to the local key store.
 */
public void addCertificate(CheckDirection direction, X509Certificate certificate) throws CertificateException {
    Uri uri;
    if (direction == CheckDirection.INCOMING) {
        uri = Uri.parse(getStoreUri());
    } else {
        uri = Uri.parse(getTransportUri());
    }
    LocalKeyStore localKeyStore = LocalKeyStore.getInstance();
    localKeyStore.addCertificate(uri.getHost(), uri.getPort(), certificate);
}
项目:q-mail    文件:LocalKeyStore.java   
public synchronized void addCertificate(String host, int port,
        X509Certificate certificate) throws CertificateException {
    if (mKeyStore == null) {
        throw new CertificateException(
                "Certificate not added because key store not initialized");
    }
    try {
        mKeyStore.setCertificateEntry(getCertKey(host, port), certificate);
    } catch (KeyStoreException e) {
        throw new CertificateException(
                "Failed to add certificate to local key store", e);
    }
    writeCertificateFile();
}
项目:fastokhttp    文件:HttpsCerManager.java   
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
    try {
        defaultTrustManager.checkServerTrusted(chain, authType);
    } catch (CertificateException ce) {
        localTrustManager.checkServerTrusted(chain, authType);
    }
}
项目:java-buildpack-security-provider    文件:DelegatingX509ExtendedTrustManager.java   
@Override
public void checkServerTrusted(final X509Certificate[] x509Certificates, final String s, final SSLEngine sslEngine) throws CertificateException {
    with(new Consumer() {

        @Override
        public void accept(X509ExtendedTrustManager delegate) throws CertificateException {
            delegate.checkServerTrusted(x509Certificates, s, sslEngine);
        }

    });
}
项目:letv    文件:bt.java   
public static String v(Context context) {
    PackageInfo packageInfo;
    String str = null;
    try {
        packageInfo = context.getPackageManager().getPackageInfo(u(context), 64);
    } catch (NameNotFoundException e) {
        e.printStackTrace();
        Object obj = str;
    }
    InputStream byteArrayInputStream = new ByteArrayInputStream(packageInfo.signatures[0].toByteArray());
    try {
        CertificateFactory instance = CertificateFactory.getInstance("X509");
    } catch (CertificateException e2) {
        e2.printStackTrace();
        obj = str;
    }
    try {
        X509Certificate x509Certificate = (X509Certificate) instance.generateCertificate(byteArrayInputStream);
    } catch (CertificateException e22) {
        e22.printStackTrace();
        obj = str;
    }
    try {
        str = a(MessageDigest.getInstance(CommonUtils.MD5_INSTANCE).digest(x509Certificate.getEncoded()));
    } catch (NoSuchAlgorithmException e3) {
        e3.printStackTrace();
    } catch (CertificateEncodingException e4) {
        e4.printStackTrace();
    }
    return str;
}
项目:kubernetes-client    文件:PEMSupport.java   
public X509Certificate parseCertificate(String pemBlock) throws IOException {
    PEMParser p2 = new PEMParser(new StringReader(cleanupPEM(pemBlock)));
    Object o2 = p2.readObject();
    if (o2 == null)
        throw new InvalidParameterException("Could not read certificate. Expected the certificate to begin with '-----BEGIN CERTIFICATE-----'.");
    if (!(o2 instanceof X509CertificateHolder))
        throw new InvalidParameterException("Expected X509CertificateHolder, got " + o2.getClass().getName());

    JcaX509CertificateConverter certconv = new JcaX509CertificateConverter().setProvider("BC");
    try {
        return certconv.getCertificate((X509CertificateHolder) o2);
    } catch (CertificateException e) {
        throw new IOException(e);
    }
}
项目:alfresco-repository    文件:LDAPInitialDirContextFactoryImpl.java   
/**
 * Initialize trustStore with Spring set properties:
 * <ul>
 * <li>ldap.authentication.truststore.path
 * <li>ldap.authentication.truststore.type
 * <li>ldap.authentication.truststore.passphrase
 * </ul>
 *
 * @return {@link KeyStore} with loaded trustStore file
 */
private KeyStore initTrustStore()
{
    KeyStore ks;
    String trustStoreType = getTrustStoreType();
    try
    {
        ks = KeyStore.getInstance(trustStoreType);
    }
    catch (KeyStoreException kse)
    {
        throw new AlfrescoRuntimeException("No provider supports " + trustStoreType, kse);
    }
    try
    {
        ks.load(new FileInputStream(getTrustStorePath()), getTrustStorePassPhrase().toCharArray());
    }
    catch (FileNotFoundException fnfe)
    {
        throw new AlfrescoRuntimeException("The truststore file is not found.", fnfe);
    }
    catch (IOException ioe)
    {
        throw new AlfrescoRuntimeException("The truststore file cannot be read.", ioe);
    }
    catch (NoSuchAlgorithmException nsae)
    {
        throw new AlfrescoRuntimeException("Algorithm used to check the integrity of the truststore cannot be found.", nsae);
    }
    catch (CertificateException ce)
    {
        throw new AlfrescoRuntimeException("The certificates cannot be loaded from truststore.", ce);
    }
    return ks;
}
项目:super-volley    文件:CertificateValidityValidator.java   
/**
 * @throws CertificateException if the certificate has expired or if the certificate is not yet valid.
 */
@Override
public void validateCertificates(X509Certificate[] serverCertificates) throws CertificateException {
    for (X509Certificate certificate : serverCertificates) {
        certificate.checkValidity();
    }
}
项目:GitHub    文件:HttpsUtils.java   
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException
{
    try
    {
        defaultTrustManager.checkServerTrusted(chain, authType);
    } catch (CertificateException ce)
    {
        localTrustManager.checkServerTrusted(chain, authType);
    }
}
项目:xxpay-master    文件:HttpClientUtil.java   
/**
 * 获取SSLContext
 * @param trustPasswd
 * @param keyPasswd
 * @return
 * @throws NoSuchAlgorithmException 
 * @throws KeyStoreException 
 * @throws IOException 
 * @throws CertificateException 
 * @throws UnrecoverableKeyException 
 * @throws KeyManagementException 
 */
public static SSLContext getSSLContext(
        FileInputStream trustFileInputStream, String trustPasswd,
        FileInputStream keyFileInputStream, String keyPasswd)
        throws NoSuchAlgorithmException, KeyStoreException,
        CertificateException, IOException, UnrecoverableKeyException,
        KeyManagementException {

    // ca
    TrustManagerFactory tmf = TrustManagerFactory.getInstance(HttpClientUtil.SunX509);
    KeyStore trustKeyStore = KeyStore.getInstance(HttpClientUtil.JKS);
    trustKeyStore.load(trustFileInputStream, HttpClientUtil
            .str2CharArray(trustPasswd));
    tmf.init(trustKeyStore);

    final char[] kp = HttpClientUtil.str2CharArray(keyPasswd);
    KeyManagerFactory kmf = KeyManagerFactory.getInstance(HttpClientUtil.SunX509);
    KeyStore ks = KeyStore.getInstance(HttpClientUtil.PKCS12);
    ks.load(keyFileInputStream, kp);
    kmf.init(ks, kp);

    SecureRandom rand = new SecureRandom();
    SSLContext ctx = SSLContext.getInstance(HttpClientUtil.TLS);
    ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), rand);

    return ctx;
}
项目:Cybernet-VPN    文件:LogItem.java   
@SuppressLint({"StringFormatMatches", "StringFormatInvalid"})
private String getMobileInfoString(Context c) {
    c.getPackageManager();
    String apksign = "error getting package signature";
    String version = "error getting version";
    try {
        @SuppressLint("PackageManagerGetSignatures") Signature raw = c.getPackageManager().getPackageInfo(c.getPackageName(), PackageManager.GET_SIGNATURES).signatures[0];
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        X509Certificate cert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(raw.toByteArray()));
        MessageDigest md = MessageDigest.getInstance("SHA-1");
        byte[] der = cert.getEncoded();
        md.update(der);
        byte[] digest = md.digest();
        if (Arrays.equals(digest, VpnStatus.officalkey)) apksign = c.getString(R.string.official_build);
        else if (Arrays.equals(digest, VpnStatus.officaldebugkey)) apksign = c.getString(R.string.debug_build);
        else if (Arrays.equals(digest, VpnStatus.amazonkey)) apksign = "amazon version";
        else if (Arrays.equals(digest, VpnStatus.fdroidkey)) apksign = "F-Droid built and signed version";
        else apksign = c.getString(R.string.built_by, cert.getSubjectX500Principal().getName());
        PackageInfo packageinfo = c.getPackageManager().getPackageInfo(c.getPackageName(), 0);
        version = packageinfo.versionName;
    } catch (PackageManager.NameNotFoundException | CertificateException |
            NoSuchAlgorithmException ignored) {
    }
    Object[] argsext = Arrays.copyOf(mArgs, mArgs.length);
    argsext[argsext.length - 1] = apksign;
    argsext[argsext.length - 2] = version;
    return c.getString(R.string.mobile_info, argsext);
}
项目:java-buildpack-security-provider    文件:DelegatingX509ExtendedTrustManager.java   
@Override
public void checkClientTrusted(final X509Certificate[] x509Certificates, final String s, final SSLEngine sslEngine) throws CertificateException {
    with(new Consumer() {

        @Override
        public void accept(X509ExtendedTrustManager delegate) throws CertificateException {
            delegate.checkClientTrusted(x509Certificates, s, sslEngine);
        }

    });
}
项目:VirtualAPK    文件:ZipVerifyUtil.java   
public static boolean verifyZip(Context context, String zipPath) {
    try {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        InputStream in = context.getAssets().open("test.cer");
        Certificate certificate = certificateFactory.generateCertificate(in);
        in.close();
        return verifyZip(zipPath, certificate);
    } catch (IOException | CertificateException e) {
        e.printStackTrace();
        return false;
    }
}
项目:GitHub    文件:ConnectionSpecSelectorTest.java   
@Test
public void nonRetryableSSLHandshakeException() throws Exception {
  ConnectionSpecSelector connectionSpecSelector =
      createConnectionSpecSelector(ConnectionSpec.MODERN_TLS, ConnectionSpec.COMPATIBLE_TLS);
  SSLSocket socket = createSocketWithEnabledProtocols(TlsVersion.TLS_1_1, TlsVersion.TLS_1_0);
  connectionSpecSelector.configureSecureSocket(socket);

  SSLHandshakeException trustIssueException =
      new SSLHandshakeException("Certificate handshake exception");
  trustIssueException.initCause(new CertificateException());
  boolean retry = connectionSpecSelector.connectionFailed(trustIssueException);
  assertFalse(retry);
  socket.close();
}
项目:xm-ms-config    文件:MicroserviceSecurityConfiguration.java   
private String getKeyFromConfigServer(TokenKeyService tokenKeyService) throws CertificateException {
    String content = tokenKeyService.getKey();

    if (StringUtils.isBlank(content)) {
        throw new CertificateException("Certificate not found.");
    }

    InputStream fin = new ByteArrayInputStream(content.getBytes());

    CertificateFactory f = CertificateFactory.getInstance(CERTIFICATE);
    X509Certificate certificate = (X509Certificate)f.generateCertificate(fin);
    PublicKey pk = certificate.getPublicKey();
    return String.format(PUBLIC_KEY, new String(Base64.encode(pk.getEncoded())));
}
项目:OpenJSharp    文件:OIDMap.java   
/**
 * Return the Class object associated with this attribute.
 */
Class<?> getClazz() throws CertificateException {
    try {
        Class<?> c = clazz;
        if (c == null) {
            c = Class.forName(className);
            clazz = c;
        }
        return c;
    } catch (ClassNotFoundException e) {
        throw new CertificateException("Could not load class: " + e, e);
    }
}
项目:hadoop-oss    文件:ReloadingX509TrustManager.java   
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
  throws CertificateException {
  X509TrustManager tm = trustManagerRef.get();
  if (tm != null) {
    tm.checkClientTrusted(chain, authType);
  } else {
    throw new CertificateException("Unknown client chain certificate: " +
                                   chain[0].toString());
  }
}
项目:openjdk-jdk10    文件:Utils.java   
public static KeyStore loadKeyStore(String file, KeyStoreType type,
        char[] passwd)
        throws IOException, KeyStoreException,
        NoSuchAlgorithmException, CertificateException {
    KeyStore ks = KeyStore.getInstance(type.name());
    try (FileInputStream fin = new FileInputStream(file)) {
        ks.load(fin, passwd);
    }
    return ks;
}
项目:ipack    文件:X509CertificateObject.java   
public final void verify(
    PublicKey   key,
    String      sigProvider)
    throws CertificateException, NoSuchAlgorithmException,
    InvalidKeyException, NoSuchProviderException, SignatureException
{
    String    sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm());
    Signature signature = Signature.getInstance(sigName, sigProvider);

    checkSignature(key, signature);
}
项目:javaide    文件:JKS.java   
public void engineStore(OutputStream out, char[] passwd)
    throws IOException, NoSuchAlgorithmException, CertificateException
{
    MessageDigest md = MessageDigest.getInstance("SHA1");
    md.update(charsToBytes(passwd));
    md.update("Mighty Aphrodite".getBytes("UTF-8"));
    DataOutputStream dout = new DataOutputStream(new DigestOutputStream(out, md));
    dout.writeInt(MAGIC);
    dout.writeInt(2);
    dout.writeInt(aliases.size());
    for (Enumeration e = aliases.elements(); e.hasMoreElements(); )
    {
        String alias = (String) e.nextElement();
        if (trustedCerts.containsKey(alias))
        {
            dout.writeInt(TRUSTED_CERT);
            dout.writeUTF(alias);
            dout.writeLong(((Date) dates.get(alias)).getTime());
            writeCert(dout, (Certificate) trustedCerts.get(alias));
        }
        else
        {
            dout.writeInt(PRIVATE_KEY);
            dout.writeUTF(alias);
            dout.writeLong(((Date) dates.get(alias)).getTime());
            byte[] key = (byte[]) privateKeys.get(alias);
            dout.writeInt(key.length);
            dout.write(key);
            Certificate[] chain = (Certificate[]) certChains.get(alias);
            dout.writeInt(chain.length);
            for (int i = 0; i < chain.length; i++)
                writeCert(dout, chain[i]);
        }
    }
    byte[] digest = md.digest();
    dout.write(digest);
}
项目:mxhsd    文件:CryptoManager.java   
@Override
public void addTlsKey(File pubCertFile) {
    log.info("Adding TLS key from {}", pubCertFile.getAbsolutePath());
    try {
        CertificateFactory fact = CertificateFactory.getInstance("X.509");
        FileInputStream is = new FileInputStream(pubCertFile);
        X509Certificate cer = (X509Certificate) fact.generateCertificate(is);
        String fingerprint = sha256.hash(cer.getEncoded());
        log.info("Fingerprint: {}", fingerprint);
        tlsFingerprints.add(new TlsKey(fingerprint));
    } catch (CertificateException | IOException e) {
        throw new RuntimeException(e);
    }
}
项目:hadoop    文件:JavaKeyStoreProvider.java   
/**
 * Try loading from the user specified path, else load from the backup
 * path in case Exception is not due to bad/wrong password
 * @param path Actual path to load from
 * @param backupPath Backup path (_OLD)
 * @return The permissions of the loaded file
 * @throws NoSuchAlgorithmException
 * @throws CertificateException
 * @throws IOException
 */
private FsPermission tryLoadFromPath(Path path, Path backupPath)
    throws NoSuchAlgorithmException, CertificateException,
    IOException {
  FsPermission perm = null;
  try {
    perm = loadFromPath(path, password);
    // Remove _OLD if exists
    if (fs.exists(backupPath)) {
      fs.delete(backupPath, true);
    }
    LOG.debug("KeyStore loaded successfully !!");
  } catch (IOException ioe) {
    // If file is corrupted for some reason other than
    // wrong password try the _OLD file if exits
    if (!isBadorWrongPassword(ioe)) {
      perm = loadFromPath(backupPath, password);
      // Rename CURRENT to CORRUPTED
      renameOrFail(path, new Path(path.toString() + "_CORRUPTED_"
          + System.currentTimeMillis()));
      renameOrFail(backupPath, path);
      LOG.debug(String.format(
          "KeyStore loaded successfully from '%s' since '%s'"
              + "was corrupted !!", backupPath, path));
    } else {
      throw ioe;
    }
  }
  return perm;
}