public static String toPem(final X509Certificate certificate) throws CertificateEncodingException { final StringBuilder builder = new StringBuilder(); builder.append(BEGIN_CERT); builder.append('\n'); builder.append(FlexBase64.encodeString(certificate.getEncoded(), true)); builder.append('\n'); builder.append(END_CERT); return builder.toString(); }
/** * Accepts a legacy {@link javax.security.cert.X509Certificate} and returns an {@link X509Certificate}. The {@code javax.*} package certificate classes are for legacy compatibility and should * not be used for new development. * * @param legacyCertificate the {@code javax.security.cert.X509Certificate} * @return a new {@code java.security.cert.X509Certificate} * @throws CertificateException if there is an error generating the new certificate */ public static X509Certificate convertLegacyX509Certificate(javax.security.cert.X509Certificate legacyCertificate) throws CertificateException { if (legacyCertificate == null) { throw new IllegalArgumentException("The X.509 certificate cannot be null"); } try { return formX509Certificate(legacyCertificate.getEncoded()); } catch (javax.security.cert.CertificateEncodingException e) { throw new CertificateException(e); } }
for (int i = 0; i < x509Certs.length; i++) { try { byte buffer[] = jsseCerts[i].getEncoded(); CertificateFactory cf = CertificateFactory.getInstance("X.509");
public java.security.cert.X509Certificate convert( javax.security.cert.X509Certificate cert) { try { byte[] encoded = cert.getEncoded(); ByteArrayInputStream bis = new ByteArrayInputStream(encoded); java.security.cert.CertificateFactory cf = java.security.cert.CertificateFactory .getInstance("X.509"); return (java.security.cert.X509Certificate) cf .generateCertificate(bis); } catch (java.security.cert.CertificateEncodingException e) { } catch (javax.security.cert.CertificateEncodingException e) { } catch (java.security.cert.CertificateException e) { } return null; }
public static String toPem(final X509Certificate certificate) throws CertificateEncodingException { final StringBuilder builder = new StringBuilder(); builder.append(BEGIN_CERT); builder.append('\n'); builder.append(FlexBase64.encodeString(certificate.getEncoded(), true)); builder.append('\n'); builder.append(END_CERT); return builder.toString(); }
public static String toPem(final X509Certificate certificate) throws CertificateEncodingException { final StringBuilder builder = new StringBuilder(); builder.append(BEGIN_CERT); builder.append('\n'); builder.append(FlexBase64.encodeString(certificate.getEncoded(), true)); builder.append('\n'); builder.append(END_CERT); return builder.toString(); }
/** * Converts a javax.security.cert.X509Certificate to java.security.cert.X509Certificate */ @SuppressWarnings("resource") public static X509Certificate convert(final javax.security.cert.X509Certificate cert) { if (cert == null) return null; try { final FastByteArrayInputStream bis = new FastByteArrayInputStream(cert.getEncoded()); return (X509Certificate) CERTIFICATE_FACTORY.generateCertificate(bis); } catch (final Exception ex) { throw new IllegalArgumentException("[cert] " + cert + " is not convertable!", ex); } }
/** * Accepts a legacy {@link javax.security.cert.X509Certificate} and returns an {@link X509Certificate}. The {@code javax.*} package certificate classes are for legacy compatibility and should * not be used for new development. * * @param legacyCertificate the {@code javax.security.cert.X509Certificate} * @return a new {@code java.security.cert.X509Certificate} * @throws CertificateException if there is an error generating the new certificate */ public static X509Certificate convertLegacyX509Certificate(javax.security.cert.X509Certificate legacyCertificate) throws CertificateException { if (legacyCertificate == null) { throw new IllegalArgumentException("The X.509 certificate cannot be null"); } try { return formX509Certificate(legacyCertificate.getEncoded()); } catch (javax.security.cert.CertificateEncodingException e) { throw new CertificateException(e); } }
/** * Accepts a legacy {@link javax.security.cert.X509Certificate} and returns an {@link X509Certificate}. The {@code javax.*} package certificate classes are for legacy compatibility and should * not be used for new development. * * @param legacyCertificate the {@code javax.security.cert.X509Certificate} * @return a new {@code java.security.cert.X509Certificate} * @throws CertificateException if there is an error generating the new certificate */ public static X509Certificate convertLegacyX509Certificate(javax.security.cert.X509Certificate legacyCertificate) throws CertificateException { if (legacyCertificate == null) { throw new IllegalArgumentException("The X.509 certificate cannot be null"); } try { return formX509Certificate(legacyCertificate.getEncoded()); } catch (javax.security.cert.CertificateEncodingException e) { throw new CertificateException(e); } }
/** * Return the chain of X509 certificates used to negotiate the SSL Session. * <p> * We convert JSSE's javax.security.cert.X509Certificate[] to servlet's java.security.cert.X509Certificate[] * * @param session the javax.net.ssl.SSLSession to use as the source of the cert chain. * @return the chain of java.security.cert.X509Certificates used to * negotiate the SSL connection. <br> * Will be null if the chain is missing or empty. */ private X509Certificate[] getCerts(SSLSessionInfo session) { try { javax.security.cert.X509Certificate[] javaxCerts = session.getPeerCertificateChain(); if (javaxCerts == null || javaxCerts.length == 0) { return null; } X509Certificate[] javaCerts = new X509Certificate[javaxCerts.length]; java.security.cert.CertificateFactory cf = java.security.cert.CertificateFactory.getInstance("X.509"); for (int i = 0; i < javaxCerts.length; i++) { byte[] bytes = javaxCerts[i].getEncoded(); ByteArrayInputStream stream = new ByteArrayInputStream(bytes); javaCerts[i] = (X509Certificate) cf.generateCertificate(stream); } return javaCerts; } catch (Exception e) { return null; } }
/** Convert certificates and create a certificate chain. * * @param certs array of javax.security.cert.X509Certificate[] s. * @return the converted array of java.security.cert.X509Certificate[] s. * @throws CertificateVerificationException If an error occurs while converting certificates * from java to javax */ private X509Certificate[] convert(javax.security.cert.X509Certificate[] certs) throws CertificateVerificationException { X509Certificate[] certChain = new X509Certificate[certs.length]; Throwable exceptionThrown; for (int i = 0; i < certs.length; i++) { try { byte[] encoded = certs[i].getEncoded(); ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(encoded); CertificateFactory certificateFactory = CertificateFactory.getInstance(Constants.X_509); certChain[i] = ((X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream)); continue; } catch (CertificateEncodingException | CertificateException e) { exceptionThrown = e; } throw new CertificateVerificationException("Cant Convert certificates from javax to java", exceptionThrown); } return certChain; } }
public static X509Certificate[] getCertChain(SSLSession sslSession) { try { javax.security.cert.X509Certificate javaxCerts[]=sslSession.getPeerCertificateChain(); if (javaxCerts==null||javaxCerts.length==0) return null; int length=javaxCerts.length; X509Certificate[] javaCerts=new X509Certificate[length]; java.security.cert.CertificateFactory cf=java.security.cert.CertificateFactory.getInstance("X.509"); for (int i=0; i<length; i++) { byte bytes[]=javaxCerts[i].getEncoded(); ByteArrayInputStream stream=new ByteArrayInputStream(bytes); javaCerts[i]=(X509Certificate)cf.generateCertificate(stream); } return javaCerts; } catch (SSLPeerUnverifiedException pue) { return null; } catch (Exception e) { LOG.warn(Log.EXCEPTION,e); return null; } }
public static X509Certificate[] getCertChain(SSLSession sslSession) { try { javax.security.cert.X509Certificate javaxCerts[]=sslSession.getPeerCertificateChain(); if (javaxCerts==null||javaxCerts.length==0) return null; int length=javaxCerts.length; X509Certificate[] javaCerts=new X509Certificate[length]; java.security.cert.CertificateFactory cf=java.security.cert.CertificateFactory.getInstance("X.509"); for (int i=0; i<length; i++) { byte bytes[]=javaxCerts[i].getEncoded(); ByteArrayInputStream stream=new ByteArrayInputStream(bytes); javaCerts[i]=(X509Certificate)cf.generateCertificate(stream); } return javaCerts; } catch (SSLPeerUnverifiedException pue) { return null; } catch (Exception e) { LOG.warn(Log.EXCEPTION,e); return null; } }
public static X509Certificate[] getCertChain(SSLSession sslSession) { try { javax.security.cert.X509Certificate javaxCerts[]=sslSession.getPeerCertificateChain(); if (javaxCerts==null||javaxCerts.length==0) return null; int length=javaxCerts.length; X509Certificate[] javaCerts=new X509Certificate[length]; java.security.cert.CertificateFactory cf=java.security.cert.CertificateFactory.getInstance("X.509"); for (int i=0; i<length; i++) { byte bytes[]=javaxCerts[i].getEncoded(); ByteArrayInputStream stream=new ByteArrayInputStream(bytes); javaCerts[i]=(X509Certificate)cf.generateCertificate(stream); } return javaCerts; } catch (SSLPeerUnverifiedException pue) { return null; } catch (Exception e) { LOG.warn(Log.EXCEPTION,e); return null; } }
public static X509Certificate[] getCertChain(SSLSession sslSession) { try { javax.security.cert.X509Certificate javaxCerts[]=sslSession.getPeerCertificateChain(); if (javaxCerts==null||javaxCerts.length==0) return null; int length=javaxCerts.length; X509Certificate[] javaCerts=new X509Certificate[length]; java.security.cert.CertificateFactory cf=java.security.cert.CertificateFactory.getInstance("X.509"); for (int i=0; i<length; i++) { byte bytes[]=javaxCerts[i].getEncoded(); ByteArrayInputStream stream=new ByteArrayInputStream(bytes); javaCerts[i]=(X509Certificate)cf.generateCertificate(stream); } return javaCerts; } catch (SSLPeerUnverifiedException pue) { return null; } catch (Exception e) { LOG.warn(Log.EXCEPTION,e); return null; } }
public static X509Certificate[] getCertChain(SSLSession sslSession) { try { javax.security.cert.X509Certificate javaxCerts[]=sslSession.getPeerCertificateChain(); if (javaxCerts==null||javaxCerts.length==0) return null; int length=javaxCerts.length; X509Certificate[] javaCerts=new X509Certificate[length]; java.security.cert.CertificateFactory cf=java.security.cert.CertificateFactory.getInstance("X.509"); for (int i=0; i<length; i++) { byte bytes[]=javaxCerts[i].getEncoded(); ByteArrayInputStream stream=new ByteArrayInputStream(bytes); javaCerts[i]=(X509Certificate)cf.generateCertificate(stream); } return javaCerts; } catch (SSLPeerUnverifiedException pue) { return null; } catch (Exception e) { LOG.warn(Log.EXCEPTION,e); return null; } }
public static X509Certificate[] getCertChain(SSLSession sslSession) { try { javax.security.cert.X509Certificate javaxCerts[]=sslSession.getPeerCertificateChain(); if (javaxCerts==null||javaxCerts.length==0) return null; int length=javaxCerts.length; X509Certificate[] javaCerts=new X509Certificate[length]; java.security.cert.CertificateFactory cf=java.security.cert.CertificateFactory.getInstance("X.509"); for (int i=0; i<length; i++) { byte bytes[]=javaxCerts[i].getEncoded(); ByteArrayInputStream stream=new ByteArrayInputStream(bytes); javaCerts[i]=(X509Certificate)cf.generateCertificate(stream); } return javaCerts; } catch (SSLPeerUnverifiedException pue) { return null; } catch (Exception e) { LOG.warn(Log.EXCEPTION,e); return null; } }
@Override public boolean verify(final String hostname, final SSLSession session) { try { final String peerCertificateHash = CipherUtils.getSHA256(session.getPeerCertificateChain()[0].getEncoded()); if (CERTIFICATE_PIN.equals(peerCertificateHash)) { return true; } else { UserError.Log.e(TAG, "Remote https certificate doesn't match! " + peerCertificateHash); return false; } } catch (Exception e) { UserError.Log.e(TAG, "Unable to verify host: " + e); return false; } } };
@Override public boolean verify(final String hostname, final SSLSession session) { try { final String peerCertificateHash = CipherUtils.getSHA256(session.getPeerCertificateChain()[0].getEncoded()); if (CERTIFICATE_PIN.equals(peerCertificateHash)) { return true; } else { UserError.Log.e(TAG, "Remote https certificate doesn't match! " + peerCertificateHash); return false; } } catch (Exception e) { UserError.Log.e(TAG, "Unable to verify host: " + e); return false; } } };
public CertificateMeta parse() throws IOException, CertificateException { X509Certificate certificate = X509Certificate.getInstance(Utils.toByteArray(in)); CertificateMeta.Builder builder = CertificateMeta.newCertificateMeta(); byte[] bytes = certificate.getEncoded(); String certMd5 = md5Digest(bytes); String publicKeyString = byteToHexString(bytes); String certBase64Md5 = md5Digest(publicKeyString); builder.data(bytes); builder.certBase64Md5(certBase64Md5); builder.certMd5(certMd5); builder.startDate(certificate.getNotBefore()); builder.endDate(certificate.getNotAfter()); builder.signAlgorithm(certificate.getSigAlgName()); builder.signAlgorithmOID(certificate.getSigAlgOID()); return builder.build(); }