@Override public String toString() { return mDelegate.toString(); }
public String toString() { return cert.toString(); }
@Override public String toString() { return unwrap().toString(); }
@Override public void checkClient( X509Certificate[] chain, String authType, SSLEngine engine, X509ExtendedTrustManager baseTrustManager ) throws CertificateException { // only the integration test client with "thisisprobablynottherighthostname" cert is allowed to talk to me if (!chain[0].toString().contains("thisisprobablynottherighthostname") || !engine.getPeerHost().contains("172.172.172.1")) { throw new CertificateException("Custom check rejected request from client."); } }
@Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { X509TrustManager tm = trustManagerRef.get(); if (tm != null) { tm.checkServerTrusted(chain, authType); } else { throw new CertificateException("Unknown server chain certificate: " + chain[0].toString()); } }
@Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { X509TrustManager tm = trustManagerRef.get(); if (tm != null) { tm.checkClientTrusted(chain, authType); } else { throw new CertificateException("Unknown client chain certificate: " + chain[0].toString()); } }
@Override public void checkServer( X509Certificate[] chain, String authType, SSLEngine engine, X509ExtendedTrustManager baseTrustManager ) throws CertificateException { baseTrustManager.checkServerTrusted(chain, authType, engine); // fail intentionally when trying to talk to the broker if (chain[0].toString().contains("172.172.172.8")) { throw new CertificateException("Custom check intentionally terminated request to broker."); } } }
@Override public String toString() { return unwrap().toString(); }
@Override public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { try { trustManager.checkClientTrusted(x509Certificates, s); } catch (Exception e) { LOGGER.error("Client certificate was found to be invalid", e); LOGGER.error("Client certificate chain:"); for (int i = 0; i < x509Certificates.length; i++) { X509Certificate x509Certificate = x509Certificates[i]; LOGGER.error("chain[{}]: {}", i, x509Certificate); } X509Certificate[] acceptedIssuers = getAcceptedIssuers(); if (acceptedIssuers == null || acceptedIssuers.length == 0) { LOGGER.error("There are no accepted issuers."); } else { LOGGER.error("The accepted certificates are:"); for (X509Certificate acceptedIssuer : acceptedIssuers) { LOGGER.error("{}", acceptedIssuer.toString()); } } throw e; } }
/** * Used during setup to get the certification from the keystore and encrypt the auth_value with * the private key */ public void setCertificate() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, UnrecoverableEntryException { KeyStore store = KeyStore.getInstance(this.keystore_type); InputStream inputStream=Thread.currentThread().getContextClassLoader().getResourceAsStream(this.keystore_path); if(inputStream == null) inputStream=new FileInputStream(this.keystore_path); store.load(inputStream, this.keystore_password); this.cipher = Cipher.getInstance(this.cipher_type); this.certificate = (X509Certificate) store.getCertificate(this.cert_alias); log.debug("certificate = " + this.certificate.toString()); this.cipher.init(Cipher.ENCRYPT_MODE, this.certificate); this.encryptedToken = this.cipher.doFinal(this.auth_value.getBytes()); KeyStore.PrivateKeyEntry privateKey = (KeyStore.PrivateKeyEntry) store.getEntry( this.cert_alias, new KeyStore.PasswordProtection(this.cert_password)); this.certPrivateKey = privateKey.getPrivateKey(); this.valueSet=true; } }
@Override public String toString() { return unwrap().toString(); }
@Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { X509TrustManager tm = trustManagerRef.get(); if (tm != null) { tm.checkClientTrusted(chain, authType); } else { throw new CertificateException("Unknown client chain certificate: " + chain[0].toString()); } }
protected void accept(final List<X509Certificate> certs) { if(log.isTraceEnabled()) { for(X509Certificate cert : certs) { log.trace(String.format("Certificate %s trusted", cert.toString())); } } accepted.clear(); accepted.addAll(certs); }
@Override public boolean display(final List<X509Certificate> certificates) { for(X509Certificate c : certificates) { console.printf("%n%s", c.toString()); } return true; }
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { for (int i = 0; i < chain.length; i++) { String descr = chain[i].toString(); int hash = chain[i].hashCode(); if (!this.validateCertificate(hash, descr)) { throw new CertificateException("Conflicting certificate found with hash " + Integer.toString(hash)); } } }
public static String makeDetailText( final X509Certificate x509Certificate ) throws CertificateEncodingException, PwmUnrecoverableException { return x509Certificate.toString() + "\n:MD5 checksum: " + SecureEngine.hash( new ByteArrayInputStream( x509Certificate.getEncoded() ), PwmHashAlgorithm.MD5 ) + "\n:SHA1 checksum: " + SecureEngine.hash( new ByteArrayInputStream( x509Certificate.getEncoded() ), PwmHashAlgorithm.SHA1 ) + "\n:SHA2-256 checksum: " + SecureEngine.hash( new ByteArrayInputStream( x509Certificate.getEncoded() ), PwmHashAlgorithm.SHA256 ) + "\n:SHA2-512 checksum: " + SecureEngine.hash( new ByteArrayInputStream( x509Certificate.getEncoded() ), PwmHashAlgorithm.SHA512 ); }
public void extractCertInfo(File f) throws IOException { //Link data to appropiate currentProject PKCS7 p7 = new PKCS7(new FileInputStream(f)); X509Certificate[] cert = p7.getCertificates(); for (X509Certificate c : cert) { System.out.println(c.toString()); certInfo = new CertificateModel(c); } }
@Test public void certV1Creation() throws Exception { KeyPair keyPair = KeyCodec.generate(); X509Certificate x509Certificate = X509.generateV1Cert(keyPair); assertNotNull(x509Certificate); logger.info("V1 : "+x509Certificate.toString()); logger.info("Base64 of DER encoding : "+ Base64.encodeBase64URLSafeString(x509Certificate.getEncoded())); logger.info("Pub : "+Base64.encodeBase64URLSafeString(keyPair.getPublic().getEncoded())); logger.info("Priv : "+Base64.encodeBase64URLSafeString(keyPair.getPrivate().getEncoded())); }
@Test public void certFromAssertionExample() throws IOException, CertificateException { Tags tags = p.parse(TestAssertions.getExampleRegAssertions()); X509Certificate x509Certificate = X509.parseDer(tags.getTags().get(TagsEnum.TAG_ATTESTATION_CERT.id).value); assertNotNull(x509Certificate); logger.info("Base64 of DER encoding : "+ Base64.encodeBase64URLSafeString(x509Certificate.getEncoded())); logger.info("From spec example: "+x509Certificate.toString()); }
@Test public void loadRootCA2NotSelfSign() throws Exception { String certBase64 = "MIIDjjCCAnagAwIBAgIIKv++n6Lw6YcwDQYJKoZIhvcNAQEFBQAwKDELMAkGA1UEBhMCQkUxGTAXBgNVBAMTEEJlbGdpdW0gUm9vdCBDQTIwHhcNMDcxMDA0MTAwMDAwWhcNMjExMjE1MDgwMDAwWjAoMQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMZzQh6S/3UPi790hqc/7bIYLS2X+an7mEoj39WN4IzGMhwWLQdC1i22bi+n9fzGhYJdld61IgDMqFNAn68KNaJ6x+HK92AQZw6nUHMXU5WfIp8MXW+2QbyM69odRr2nlL/zGsvU+40OHjPIltfsjFPekx40HopQcSZYtF3CiInaYNKJIT/e1wEYNm7hLHADBGXvmAYrXR5i3FVr/mZkIV/4L+HXmymvb82fqgxG0YjFnaKVn6w/Fa7yYd/vw2uaItgscf1YHewApDgglVrH1Tdjuk+bqv5WRi5j2Qsj1Yr6tSPwiRuhFA0m2kHwOI8w7QUmecFLTqG4flVSOmlGhHUCAwEAAaOBuzCBuDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBCBgNVHSAEOzA5MDcGBWA4CQEBMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBSFiuv0xbu+DlkDlN7WgAEV4xCcOTARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUhYrr9MW7vg5ZA5Te1oABFeMQnDkwDQYJKoZIhvcNAQEFBQADggEBAFHYhd27V2/MoGy1oyCcUwnzSgEMdL8rs5qauhjyC4isHLMzr87lEwEnkoRYmhC598wUkmt0FoqW6FHvv/pKJaeJtmMrXZRY0c8RcrYeuTlBFk0pvDVTC9rejg7NqZV3JcqUWumyaa7YwBO+mPyWnIR/VRPmPIfjvCCkpDZoa01gZhz5v6yAlGYuuUGK02XThIAC71AdXkbc98m6tTR8KvPG2F9fVJ3bTc0R5/0UAoNmXsimABKgX77OFP67H6dh96tK8QYUn8pJQsKpvO2FsauBQeYNxUJpU4c5nUwfAA4+Bw11V0SoU7Q2dmSZ3G7rPUZuFF1eR1ONeE3gJ7uOhXY="; CertificateToken rootCA2 = DSSUtils.loadCertificateFromBase64EncodedString(certBase64); logger.info(rootCA2.toString()); logger.info(rootCA2.getCertificate().toString()); // assertFalse(rootCA2.isSelfSigned()); assertTrue(rootCA2.isCA()); X509Certificate certificate = rootCA2.getCertificate(); certificate.verify(certificate.getPublicKey()); }