List of usage examples for org.bouncycastle.cert CertException CertException
public CertException(String msg)
From source file:com.vvote.datafiles.wbb.CertEntry.java
License:Open Source License
/** * Constructor for a <code>CertEntry</code> * //from ww w .ja v a 2 s . com * @param identifier * @param cert * @throws CertException */ public CertEntry(String identifier, JSONObject cert) throws CertException { if (identifier != null) { this.id = identifier; } else { logger.error("A cert entry must be provided with a valid identifier"); throw new CertException("A cert entry must be provided with a valid identifier"); } if (cert != null) { if (cert.has(CertsConstants.PUBLIC_KEY_ENTRY)) { try { this.cert = cert.getJSONObject(CertsConstants.PUBLIC_KEY_ENTRY); } catch (JSONException e) { logger.error("A cert entry must be provided with a valid certificate"); throw new CertException("A cert entry must be provided with a valid certificate"); } } else { logger.error("A cert entry must be provided with a valid certificate"); throw new CertException("A cert entry must be provided with a valid certificate"); } } else { logger.error("A cert entry must be provided with a valid certificate"); throw new CertException("A cert entry must be provided with a valid certificate"); } }
From source file:com.vvote.datafiles.wbb.CertificatesFile.java
License:Open Source License
/** * Gets the peer string from the identifier * //from www . j ava 2s .c o m * @param id * @return the peer string * @throws CertException */ private String getPeerString(String id) throws CertException { if (id.contains(CertsConstants.SIGNING_SK2)) { return id.replace(CertsConstants.SIGNING_SK2, ""); } logger.error("A peer string must contain: {}", CertsConstants.SIGNING_SK2); throw new CertException("A peer string must contain: " + CertsConstants.SIGNING_SK2); }
From source file:com.vvote.datafiles.wbb.CertificatesFile.java
License:Open Source License
/** * Gets the sequence number for an existing peer * /*from w w w . j av a 2s . c om*/ * @param peer * @return the sequence number for the peer * @throws CertException */ public int getSequenceNumberForPeer(String peer) throws CertException { if (this.peerMapping.containsKey(peer)) { return this.peerMapping.get(peer); } logger.error("Peer does not exist: {}", peer); throw new CertException("Peer does not exist: " + peer); }
From source file:com.vvote.datafiles.wbb.PeerPublicKeyEntry.java
License:Open Source License
/** * Constructor for a <code>PublicKeyEntry</code> * //w ww . j ava 2s . co m * @param entry * @throws CertException */ public PeerPublicKeyEntry(JSONObject entry) throws CertException { super(entry); try { // get and set the partial public key if (this.getJsonEntry().has(CertsConstants.PeerPublicKeyEntry.PARTIAL_PUBLIC_KEY)) { this.partialPublicKey = this.getJsonEntry() .getString(CertsConstants.PeerPublicKeyEntry.PARTIAL_PUBLIC_KEY); } else { logger.error("partial public key must be provided for a peer public key entry"); throw new CertException("partial public key must be provided for a peer public key entry"); } // get and set the sequence number if (this.getJsonEntry().has(CertsConstants.PeerPublicKeyEntry.SEQUENCE_NUMBER)) { this.sequenceNumber = this.getJsonEntry().getInt(CertsConstants.PeerPublicKeyEntry.SEQUENCE_NUMBER); } else { logger.error("sequence value must be provided for a public key entry"); throw new CertException("sequence value must be provided for a public key entry"); } // Create a pairing object which will be used for loading the key Pairing pairing = CurveParams.getInstance().getPairing(); // Construct new element this.partialPublicKeyElem = pairing.getG2().newElement(); // Set the element value from the bytes decoded as base 64 this.partialPublicKeyElem.setFromBytes(Utils.decodeBase64Data(this.partialPublicKey)); } catch (JSONException e) { logger.error("Unable to create a PeerPublicKeyEntry. Error: {}", e); throw new CertException("Unable to create a PeerPublicKeyEntry.", e); } catch (BLSSignatureException e) { logger.error("Unable to create a PeerPublicKeyEntry. Error: {}", e); throw new CertException("Unable to create a PeerPublicKeyEntry.", e); } }
From source file:com.vvote.datafiles.wbb.PublicKeyEntry.java
License:Open Source License
/** * Constructor for a <code>PublicKeyEntry</code> * /* w w w .j ava2 s . c o m*/ * @param entry * @throws CertException */ public PublicKeyEntry(JSONObject entry) throws CertException { // set the json entry this.jsonEntry = entry; // check that the JSON entry is not null if (this.getJsonEntry() != null) { try { // get and set the public key if (this.getJsonEntry().has(CertsConstants.PublicKeyEntry.PUBLIC_KEY)) { this.publicKey = this.getJsonEntry().getString(CertsConstants.PublicKeyEntry.PUBLIC_KEY); } else { logger.error("public key must be provided for a public key entry"); throw new CertException("public key must be provided for a public key entry"); } // get and set the generator if (this.getJsonEntry().has(CertsConstants.PublicKeyEntry.G)) { this.g = this.getJsonEntry().getString(CertsConstants.PublicKeyEntry.G); } else { logger.error("Generator value must be provided for a public key entry"); throw new CertException("Generator value must be provided for a public key entry"); } // Create a pairing object which will be used for loading the key Pairing pairing = CurveParams.getInstance().getPairing(); // Construct new element this.publicKeyElem = pairing.getG2().newElement(); // Set the element value from the bytes decoded as base 64 this.publicKeyElem.setFromBytes(Utils.decodeBase64Data(this.publicKey)); // Construct new element this.gElem = pairing.getG2().newElement(); // Set the element value from the bytes decoded as base 64 this.gElem.setFromBytes(Utils.decodeBase64Data(this.g)); } catch (JSONException e) { logger.error("Unable to create a PublicKeyEntry. Error: {}", e); throw new CertException("Unable to create a PublicKeyEntry.", e); } catch (BLSSignatureException e) { logger.error("Unable to create a PublicKeyEntry. Error: {}", e); throw new CertException("Unable to create a PublicKeyEntry.", e); } } else { logger.error("A PublicKeyEntry object must be a valid JSON entry"); throw new CertException("A PublicKeyEntry object must be a valid JSON entry"); } }
From source file:com.vvote.verifierlibrary.utils.crypto.certs.CertFactory.java
License:Open Source License
/** * Factory method for creating certs from an identifier and a json cert * entry/*from w ww .jav a 2s . c om*/ * * @param identifier * @param cert * @return the relevant cert entry * @throws CertException */ public static CertEntry constructCertEntry(String identifier, JSONObject cert) throws CertException { if (identifier.equals(CertsConstants.WBB_CERT)) { return new WBBCert(identifier, cert); } else if (identifier.contains(CertsConstants.SIGNING_SK2)) { return new PeerCert(identifier, cert); } else { logger.error("Unable to create certificate for identifier: {}, cert: {}", identifier, cert); throw new CertException( "Unable to create certificate for identifier: " + identifier + ", cert: " + cert); } }
From source file:net.wstech2.me.httpsclient.CertificateValidatorUtils.java
License:Apache License
/** * Validates the certificate signature (hash). * // ww w . ja v a2 s .c om * @param cert * The certificate to be validated. * @param issuerCert * the issuer (normally a C.A.) certificate corresponding to the * key used to sign the certificate indicated at the previous * parameter. * * @param errors * a list to be filled - if needed - with errors detected during * the validation process. See * {@link CertificateValidationException#setErrors(List)}. * * @return True if the certificate signature is valid. False otherwise. * @throws IOException * @throws InvalidCipherTextException * @throws CertException * @throws OperatorCreationException * */ public static boolean verifySignature(org.bouncycastle.asn1.x509.Certificate cert, org.bouncycastle.asn1.x509.Certificate issuerCert, List errors) throws OperatorCreationException, CertException, IOException { boolean retval = false; if (!CertificateValidatorUtils.isAlgIdEqual(cert.getTBSCertificate().getSignature(), cert.getSignatureAlgorithm())) { throw new CertException("signature invalid - algorithm identifier mismatch"); } ContentVerifierProvider verifierProvider = new BcRSAContentVerifierProviderBuilder( new DefaultDigestAlgorithmIdentifierFinder()).build( PublicKeyFactory.createKey(issuerCert.getTBSCertificate().getSubjectPublicKeyInfo())); ContentVerifier verifier; try { verifier = verifierProvider.get((cert.getTBSCertificate().getSignature())); OutputStream sOut = verifier.getOutputStream(); DEROutputStream dOut = new DEROutputStream(sOut); dOut.writeObject(cert.getTBSCertificate()); sOut.close(); } catch (Exception e) { throw new CertException("unable to process signature: " + e.getMessage(), e); } retval = verifier.verify(cert.getSignature().getBytes()); if (retval == false) { String error = "Invalid certificate signature for [[" + extractCommonName(cert, true) + "]] validated against the Signer Certificate [[" + extractCommonName(issuerCert, true) + "]]."; HttpsConnectionUtils.logError(error); errors.add(error); } return retval; }