Refine search
public List<String> getExtendedKeyUsage() throws CertificateParsingException { if (extensions == null) { return null; } try { return extensions.valueOfExtendedKeyUsage(); } catch (IOException e) { throw new CertificateParsingException(e); } }
Collection<List<?>> c = null; try { c = cert.getSubjectAlternativeNames(); cpe.printStackTrace();
X509CertificateAttribute ver = new X509CertificateAttribute(SecurityUIMsg.CERTPROP_X509_VERSION, new Integer(theCert.getVersion()).toString()); elements.add(ver); X509CertificateAttribute serialNum = new X509CertificateAttribute(SecurityUIMsg.CERTPROP_X509_SERIAL_NUM, theCert.getSerialNumber().toString()); elements.add(serialNum); X509CertificateAttribute validFrom = new X509CertificateAttribute(SecurityUIMsg.CERTPROP_X509_VALID_FROM, _df.format(theCert.getNotBefore()), theCert.getNotBefore()); elements.add(validFrom); e1.printStackTrace(); int basicCnstrnts = theCert.getBasicConstraints(); e.printStackTrace();
X509Certificate tempCert = new JcaX509CertificateConverter() .setProvider("BC").getCertificate(certHolder); X500Name respName = new X500Name(tempCert.getSubjectX500Principal().getName()); if (responderName.equals(respName)) { signingCert = tempCert; logger.log(Level.INFO, "Found a certificate whose principal \"{0}\" matches the responder name \"{1}\"", new Object[] {tempCert.getSubjectDN().getName(), responderName.toString()}); break; new Object[] {tempCert.getSubjectDN().getName(), Arrays.toString(subjectKeyIdentifier.getKeyIdentifier())}); logger.log(Level.FINE, "Failed to get certificate's extended key usage extension\n{0}", e.getMessage());
if (certificate.getVersion() != 3) SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(certificate.getPublicKey().getEncoded()); info, new GeneralNames(genName), certificate.getSerialNumber()).toASN1Primitive(); throw new CertificateParsingException("Exception extracting certificate details: " + e.toString());
if (proxyCert.getBasicConstraints() >= 0) errors.add(new ValidationError(proxyChain, position, ValidationErrorCode.proxyCASet)); if (proxyCert.getIssuerAlternativeNames() != null) errors.add(new ValidationError(proxyChain, position, ValidationErrorCode.proxyIssuerAltNameSet)); if (proxyCert.getSubjectAlternativeNames() != null) errors.add(new ValidationError(proxyChain, position, ValidationErrorCode.proxySubjectAltNameSet)); } catch (IOException e) throw new CertificateParsingException("Can't establish whether the proxy is limited", e);
List<X509Certificate> signerCerts = signerConfig.certificates; X509Certificate signerCert = signerCerts.get(0); PublicKey signerPublicKey = signerCert.getPublicKey(); DigestAlgorithm digestAlgorithm = signerConfig.signatureDigestAlgorithm; Pair<String, AlgorithmId> signatureAlgs = issuerName = new X500Name(signerCert.getIssuerX500Principal().getName()); } catch (IOException e) { throw new CertificateParsingException( "Failed to parse signer certificate issuer name", e); new SignerInfo( issuerName, signerCert.getSerialNumber(), digestAlgorithmId, signatureAlgs.getSecond(),
public AttributeCertificateHolder(X509Certificate cert) throws CertificateParsingException { X509Principal name; try { name = PrincipalUtil.getIssuerX509Principal(cert); } catch (Exception e) { throw new CertificateParsingException(e.getMessage()); } holder = new Holder(new IssuerSerial(generateGeneralNames(name), new ASN1Integer(cert.getSerialNumber()))); }
si.append("\n\n"); try { Collection<List<?>> sans = cert.getSubjectAlternativeNames(); if (sans == null) { si.append(cert.getSubjectDN()); si.append("\n"); } else for (List<?> altName : sans) { e.printStackTrace(); si.append("<Parsing error: "); si.append(e.getLocalizedMessage()); si.append(">\n");
private String getCertCN(X509Certificate x509) throws CertificateParsingException { X500Principal principal = x509.getSubjectX500Principal(); String subjectName = principal.getName(); String[] fields = subjectName.split(","); for (String field : fields) { if (field.startsWith("CN=")) { String serverName = field.substring(3); return serverName.toLowerCase(); } } throw new CertificateParsingException("Certificate CN not found"); }
public static void verifyHostname(final String hostnameExpected, final X509Certificate cert) Principal p = cert.getSubjectDN(); if(cert.getSubjectAlternativeNames() != null) for (List<?> entry : cert.getSubjectAlternativeNames()) throw new TransportException("SSL hostname verification failed. Could not parse certificate: " + e.getMessage(), e);
X500Principal subjectPrincipal = cert.getSubjectX500Principal(); String cn = extractCommonName(subjectPrincipal.getName(X500Principal.RFC2253)); throw new SSLException("certificate parsing error : " + cpe.getMessage());
public static void verifyHostname(final String hostnameExpected, final X509Certificate cert) { try { SortedSet<String> names = getNamesFromCert(cert); if (names.isEmpty()) { throw new TransportException("SSL hostname verification failed. Certificate for did not contain CN or DNS subjectAlt"); } boolean match = verifyHostname(hostnameExpected, names); if (!match) { throw new TransportException("SSL hostname verification failed." + " Expected : " + hostnameExpected + " Found in cert : " + names); } } catch (InvalidNameException e) { Principal p = cert.getSubjectDN(); String dn = p.getName(); throw new TransportException("SSL hostname verification failed. Could not parse name " + dn, e); } catch (CertificateParsingException e) { throw new TransportException("SSL hostname verification failed. Could not parse certificate: " + e.getMessage(), e); } }
private ASN1Sequence getAttestationSequence(X509Certificate x509Cert) throws CertificateParsingException { byte[] attestationExtensionBytes = x509Cert.getExtensionValue(KEY_DESCRIPTION_OID); if (attestationExtensionBytes == null || attestationExtensionBytes.length == 0) { throw new CertificateParsingException( "Did not find extension with OID " + KEY_DESCRIPTION_OID); } return Asn1Utils.getAsn1SequenceFromBytes(attestationExtensionBytes); }
public static List<URI> getWebIdFromSubjectAlternativeNames(final X509Certificate cert) throws CertificateParsingException { List<URI> webIDs = new ArrayList<URI>(); Collection<List<?>> alternativeNames = cert.getSubjectAlternativeNames(); if (alternativeNames != null) { for (List<?> alternativeName : alternativeNames) { Integer id = (Integer) alternativeName.get(0); // according to https://tools.ietf.org/html/rfc3280#page-33 // index 6 is used to provide URI in subject alternative names, represented as IA5String. // This is how subject's webID is represented in the certificate. if (id == 6) { try { URI webID = new URI((String) alternativeName.get(1)); webIDs.add(webID); } catch (URISyntaxException e) { throw new CertificateParsingException("Could not retrieve webID from SAN", e); } } } } return webIDs; }
if (certificate.getSubjectAlternativeNames() == null) { return; for (List<?> list : certificate.getSubjectAlternativeNames()) { if (list.size() != 2) { throw new Exception("O tamanho das informações extras do certificado está incorreto"); LOGGER.info(ex.getMessage()); } catch (Exception ex) { LOGGER.info(ex.getMessage());
private void buildCertificate(X509Certificate issuingCert, PrivateKey privateKey) throws CertificateParsingException, InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, IOException { AlgorithmIdentifier sigAlg; try { sigAlg = X509v3CertificateBuilder.extractAlgorithmId( issuingCert); } catch (IOException e) { throw new CertificateParsingException("Can not parse parameters of the " + "public key contained in the issuer certificate", e); } String sigAlgName = issuingCert.getSigAlgName(); proxy = certBuilder.build(privateKey, sigAlg, sigAlgName, null, null); }
private String extendedKeyUsageFor(X509Certificate certificate) { List<String> labels = new LinkedList<>(); try { boolean usageAllowed[] = certificate.getKeyUsage(); if(usageAllowed != null) { int i = 0; for(String usageLabel : BASIC_KEY_USAGE_LABELS) { if(usageAllowed[i]) { labels.add(usageLabel); } i++; } } List<String> extendedUses = certificate.getExtendedKeyUsage(); if(extendedUses != null) { for(String use : extendedUses) { labels.add(nameForOid(use)); } } return Joiner.on(", ").join(labels); } catch (CertificateParsingException e) { return "parsing problem (" + e.getMessage() + ")"; } }
" and algorithm " + cert.getSigAlgName()); } else if (certFingerprint.equals(fingerprint)) { tmSecurityName = mapCertToTSN(cert, mappingType, data); } catch (CertificateParsingException e) { LOGGER.warn("Failed to parse client certificate: " + e.getMessage());
public List<String> getExtendedKeyUsage() { List<String> extendedKeyUsage = new LinkedList<>(); try { if (certificate.getExtendedKeyUsage() == null) { return extendedKeyUsage; } for (String i : certificate.getExtendedKeyUsage()) { extendedKeyUsage.add(ObjectIdentifier.getExtendedKeyUsage(i)); } } catch (CertificateParsingException e) { e.printStackTrace(); } return extendedKeyUsage; }