private void handleSslException(SSLException e) throws CertificateValidationException, SSLException { if (e.getCause() instanceof CertificateException) { throw new CertificateValidationException(e.getMessage(), e); } else { throw e; } }
/** * @param alias Must not be null nor empty * @throws MessagingException * Indicates an error in retrieving the certificate for the alias * (likely because the alias is invalid or the certificate was deleted) */ public KeyChainKeyManager(Context context, String alias) throws MessagingException { mAlias = alias; try { mChain = fetchCertificateChain(context, alias); mPrivateKey = fetchPrivateKey(context, alias); } catch (KeyChainException e) { // The certificate was possibly deleted. Notify user of error. throw new CertificateValidationException(e.getMessage(), RetrievalFailure, alias); } catch (InterruptedException e) { throw new CertificateValidationException(e.getMessage(), RetrievalFailure, alias); } }
private void upgradeToTls() throws IOException, MessagingException, GeneralSecurityException { if (!hasCapability(Capabilities.STARTTLS)) { /* * This exception triggers a "Certificate error" * notification that takes the user to the incoming * server settings for review. This might be needed if * the account was configured with an obsolete * "STARTTLS (if available)" setting. */ throw new CertificateValidationException("STARTTLS connection security not available"); } startTLS(); }
private X509Certificate[] fetchCertificateChain(Context context, String alias) throws KeyChainException, InterruptedException, MessagingException { X509Certificate[] chain = KeyChain.getCertificateChain(context, alias); if (chain == null || chain.length == 0) { throw new MessagingException("No certificate chain found for: " + alias); } try { for (X509Certificate certificate : chain) { certificate.checkValidity(); } } catch (CertificateException e) { throw new CertificateValidationException(e.getMessage(), Reason.Expired, alias); } return chain; }
private void performStartTlsUpgrade(TrustedSocketFactory trustedSocketFactory, String host, int port, String clientCertificateAlias) throws MessagingException, NoSuchAlgorithmException, KeyManagementException, IOException { if (capabilities.stls) { executeSimpleCommand(STLS_COMMAND); socket = trustedSocketFactory.createSocket( socket, host, port, clientCertificateAlias); socket.setSoTimeout(RemoteStore.SOCKET_READ_TIMEOUT); in = new BufferedInputStream(socket.getInputStream(), 1024); out = new BufferedOutputStream(socket.getOutputStream(), 512); if (!isOpen()) { throw new MessagingException("Unable to connect socket"); } capabilities = getCapabilities(); } else { throw new CertificateValidationException( "STARTTLS connection security not available"); } }
private void authExternal() throws MessagingException { try { executeSimpleCommand( String.format("AUTH EXTERNAL %s", Base64.encode(settings.getUsername())), false); } catch (Pop3ErrorResponse e) { /* * Provide notification to the user of a problem authenticating * using client certificates. We don't use an * AuthenticationFailedException because that would trigger a * "Username or password incorrect" notification in * AccountSetupCheckSettings. */ throw new CertificateValidationException( "POP3 client certificate authentication failed: " + e.getMessage(), e); } }
private List<ImapResponse> saslAuthExternal() throws IOException, MessagingException { try { String command = Commands.AUTHENTICATE_EXTERNAL + " " + Base64.encode(settings.getUsername()); return executeSimpleCommand(command, false); } catch (NegativeImapResponseException e) { /* * Provide notification to the user of a problem authenticating * using client certificates. We don't use an * AuthenticationFailedException because that would trigger a * "Username or password incorrect" notification in * AccountSetupCheckSettings. */ throw new CertificateValidationException(e.getMessage()); } }
throw new CertificateValidationException(e.getMessage(), e); } catch (IOException ioe) { Timber.e(ioe, "IOException during initial connection");
@Test public void sendPendingMessagesSynchronous_withCertificateFailure_shouldNotify() throws MessagingException { setupAccountWithMessageToSend(); doThrow(new CertificateValidationException("Test")).when(backend).sendMessage(localMessageToSend1); controller.sendPendingMessagesSynchronous(account); verify(notificationController).showCertificateErrorNotification(account, false); }
throw new CertificateValidationException( "STARTTLS connection security not available"); throw new CertificateValidationException(MissingCapability); } catch (SSLException e) { close(); throw new CertificateValidationException(e.getMessage(), e); } catch (GeneralSecurityException gse) { close();
} catch (SSLException e) { if (e.getCause() instanceof CertificateException) { throw new CertificateValidationException(e.getMessage(), e); } else { throw new MessagingException("Unable to connect", e);
private void performAuthentication(AuthType authType, String serverGreeting) throws MessagingException { switch (authType) { case PLAIN: if (capabilities.authPlain) { authPlain(); } else { login(); } break; case CRAM_MD5: if (capabilities.cramMD5) { authCramMD5(); } else { authAPOP(serverGreeting); } break; case EXTERNAL: if (capabilities.external) { authExternal(); } else { // Provide notification to user of a problem authenticating using client certificates throw new CertificateValidationException(MissingCapability); } break; default: throw new MessagingException( "Unhandled authentication method: "+authType+" found in the server settings (bug)."); } }
} else { throw new CertificateValidationException(CertificateValidationException.Reason.MissingCapability);