List of usage examples for java.security.cert Certificate getClass
@HotSpotIntrinsicCandidate public final native Class<?> getClass();
From source file:Main.java
private static boolean isKnownRoot(X509Certificate root) throws NoSuchAlgorithmException, KeyStoreException { assert Thread.holdsLock(sLock); // Could not find the system key store. Conservatively report false. if (sSystemKeyStore == null) return false; // Check the in-memory cache first; avoid decoding the anchor from disk // if it has been seen before. Pair<X500Principal, PublicKey> key = new Pair<X500Principal, PublicKey>(root.getSubjectX500Principal(), root.getPublicKey());//www .j a va 2s .c o m if (sSystemTrustAnchorCache.contains(key)) return true; // Note: It is not sufficient to call sSystemKeyStore.getCertificiateAlias. If the server // supplies a copy of a trust anchor, X509TrustManagerExtensions returns the server's // version rather than the system one. getCertificiateAlias will then fail to find an anchor // name. This is fixed upstream in https://android-review.googlesource.com/#/c/91605/ // // TODO(davidben): When the change trickles into an Android release, query sSystemKeyStore // directly. // System trust anchors are stored under a hash of the principal. In case of collisions, // a number is appended. String hash = hashPrincipal(root.getSubjectX500Principal()); for (int i = 0; true; i++) { String alias = hash + '.' + i; if (!new File(sSystemCertificateDirectory, alias).exists()) break; Certificate anchor = sSystemKeyStore.getCertificate("system:" + alias); // It is possible for this to return null if the user deleted a trust anchor. In // that case, the certificate remains in the system directory but is also added to // another file. Continue iterating as there may be further collisions after the // deleted anchor. if (anchor == null) continue; if (!(anchor instanceof X509Certificate)) { // This should never happen. String className = anchor.getClass().getName(); Log.e(TAG, "Anchor " + alias + " not an X509Certificate: " + className); continue; } // If the subject and public key match, this is a system root. X509Certificate anchorX509 = (X509Certificate) anchor; if (root.getSubjectX500Principal().equals(anchorX509.getSubjectX500Principal()) && root.getPublicKey().equals(anchorX509.getPublicKey())) { sSystemTrustAnchorCache.add(key); return true; } } return false; }
From source file:no.difi.meldingsutveksling.domain.Sertifikat.java
public static Sertifikat fraKeyStore(KeyStore keyStore, String alias) { Certificate certificate; try {/*from w ww . j a va 2s . c o m*/ certificate = keyStore.getCertificate(alias); } catch (KeyStoreException e) { throw new MeldingsUtvekslingRuntimeException("Klarte ikke lese sertifikat fra keystore", e); } if (certificate == null) { throw new MeldingsUtvekslingRuntimeException( "Kunne ikke finne sertifikat i keystore. Er du sikker p at det er brukt keystore med et sertifikat og at du har oppgitt riktig alias?"); } if (!(certificate instanceof X509Certificate)) { throw new MeldingsUtvekslingRuntimeException( "Klienten sttter kun X509-sertifikater. Fikk sertifikat av typen " + certificate.getClass().getSimpleName()); } return new Sertifikat((X509Certificate) certificate); }
From source file:no.difi.sdp.client.domain.Sertifikat.java
public static Sertifikat fraKeyStore(KeyStore keyStore, String alias) { Certificate certificate; try {//from ww w . ja v a2 s . c o m certificate = keyStore.getCertificate(alias); } catch (KeyStoreException e) { throw new SertifikatException("Klarte ikke lese sertifikat fra keystore", e); } if (certificate == null) { throw new SertifikatException( "Kunne ikke finne sertifikat i keystore. Er du sikker p at det er brukt keystore med et sertifikat og at du har oppgitt riktig alias?"); } if (!(certificate instanceof X509Certificate)) { throw new SertifikatException("Klienten sttter kun X509-sertifikater. Fikk sertifikat av typen " + certificate.getClass().getSimpleName()); } return new Sertifikat((X509Certificate) certificate); }