I am trying to install the certificate using keystore in my app. However I am getting an exception:
Throwable occurred: java.security.cert.CertificateException: com.android.org.conscrypt.OpenSSLX509CertificateFactory$ParsingException: com.android.org.conscrypt.OpenSSLX509CertificateFactory$ParsingException: java.lang.RuntimeException: error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long
Tried a few things (ex: getInstance("X.509", "BC");) to get rid off this error but it didn't work. Not quite sure, how to get rid of this.
I am new to development and have a fair idea how keystore works. Any help will be appreciated. Thanks in advance.
try{
String configString = config.getString("imcwingw-latest.cert");
String decodedCert = BASE64Decoder.decode(configString);
InputStream bis = new ByteArrayInputStream(decodedCert.getBytes());
KeyStore ks = KeyStore.getInstance("BKS");
ks.load(null, null);
String alias = "myalias";
CertificateFactory cf = CertificateFactory.getInstance( "X.509");
Certificate cert = cf.generateCertificate(bis);
ks.setCertificateEntry(alias, cert);
}
you can do the same task by using this way:
http://www.instructables.com/id/Publishing-an-Android-App-to-the-Google-Play-Store/?ALLSTEPS
it is easy and fast to work...
Related
I have recently implemented digital signing and validation of office documents using the apache POI library. I am now looking to add verification to this so I can prove that the document was signed by a trusted user. I have tried the following code but with no success I think as the call to "getSigningCertificateChain" is empty but im not sure how to get this to load properly so the signature will be there? this is my current code:
pkg = OPCPackage.open(Dir, PackageAccess.READ);
sic = new SignatureConfig();
sic.setOpcPackage(pkg);
SignatureInfo si = new SignatureInfo();
si.setSignatureConfig(sic);
isValid = si.verifySignature();
X509Certificate x509a = (X509Certificate) sic.getSigningCertificateChain().get(0);
FileInputStream fin = new FileInputStream("C:\myCer.cer");
CertificateFactory f = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate)f.generateCertificate(fin);
PublicKey pk = certificate.getPublicKey();
x509a.verify(pk);
anyone had any luck with implementing this.
You have to select the certificate from the chain based on the issuer Common Name = {myCer.cer} Common Name, then try to verify it
PublicKey pk = selectedIssuedCertificate.getPublicKey();
x509a.verify(pk);
I hope this could help
ACRA set up with standard options:
#ReportsCrashes(
formUri = "https://XXXXXXXXXX.php",
mode = ReportingInteractionMode.TOAST,
resToastText = R.string.str_acra_crash_report_info)
Tried to copy the server certificate to assets and create a custom KeyStore:
try {
KeyStore ksTrust = KeyStore.getInstance("BKS");
InputStream instream = new BufferedInputStream(getAssets().open("keystore.bks"));
ksTrust.load(instream, "ez24get".toCharArray());
ConfigurationBuilder configurationBuilder = new ConfigurationBuilder(this);
configurationBuilder.setKeyStore(ksTrust);
final ACRAConfiguration config = configurationBuilder.build();
ACRA.init(this, config);
} catch (KeyStoreException | IOException | NoSuchAlgorithmException | CertificateException e) {
e.printStackTrace();
}
or another way:
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream caInput = new BufferedInputStream(getAssets().open("ssl-cert-snakeoil.pem"));
Certificate ca = cf.generateCertificate(caInput);
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
Unfortunately after hours of tests, still no luck, still getting an exception:
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
Any hints?
EDIT: Created another certificate, with CA:TRUE (standard ssl-cert-snakeoil.pem had CA:FALSE), but still no luck.
EDIT 2: Certificates made as they should be: main CA cert. + server cert., but still the same exception.
#Matthew you will need to use the head of the ACRA's master as it has this https://github.com/ACRA/acra/pull/388 pull request added.
We'll probably cut another release within a week or so.
I've been mixing and matching code, trying to learn by example for using KeyStores.
I have this createKeyStore method:
private static KeyStore createKeyStore(String fileName, String pw) throws Exception
{
File file = new File(fileName);
final KeyStore keyStore = KeyStore.getInstance("JCEKS");
if (file.exists())
{
// .keystore file already exists => load it
keyStore.load(new FileInputStream(file), pw.toCharArray());
}
else
{
// .keystore file not created yet => create it
keyStore.load(null, null);
keyStore.store(new FileOutputStream(fileName), pw.toCharArray());
}
return keyStore;
}`
It seems to work, no errors are thrown.
I am then trying to access the code by:
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
keystore.load(new FileInputStream(keystorePath), pass.toCharArray());
String alias = "alias";
char[] password = pass.toCharArray();
Certificate cert = keystore.getCertificate(alias);
keystore.setCertificateEntry(alias, cert);
// Save the new keystore contents
FileOutputStream out = new FileOutputStream(keystoreFile);
keystore.store(out, password);
out.close();
But my call to keystore.load throws an Invalid Keystore Format exception.
I tried to replace the FileInputStream with null, but it seems to throw an error setting the certificate.
TL;DR: I am only trying to store a few encryption keys in this keystore, but I can't seem to access it correctly.
Thanks for reading!
You have:
final KeyStore keyStore = KeyStore.getInstance("JCEKS");
and
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
Change these so they agree.
This:
Certificate cert = keystore.getCertificate(alias);
keystore.setCertificateEntry(alias, cert);
is pointless. If there wasn't such a certificate in the keystore, it will fail, and if there was, it will just replace it with itself. What's the point exactly?
I tried to replace the FileInputStream with null
I cannot imagine why. There's nothing in the Javadoc that suggests that will work.
If you look at the documentation it says to create an empty keystore call the load() method with null as the file input parameter but not the password parameter. Passing null as the password parameter in your else clause causes null pointer exceptions when loading the keystore from file later.
keystore.load(null, pass.toCharArray());
I am getting the following exception when running my application in a different server. The code works in two different tomcat servers, but on a specific one it doesn't work.
java.lang.NoClassDefFoundError:
org/bouncycastle/asn1/pkcs/PrivateKeyInfo
org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi.engineGeneratePrivate(Unknown
Source) java.security.KeyFactory.generatePrivate(KeyFactory.java:372)
The part of the code when I am getting the error is the following on this line
> pk = kf.generatePrivate(ks);
PrivateKey pk = null;
X509Certificate cert = null;
Security.addProvider(new BouncyCastleProvider());
try{
byte [] key = Base64.decodeBase64(llave.getBytes());
byte [] cer = Base64.decodeBase64(certificado.getBytes());
KeyFactory kf = KeyFactory.getInstance("RSA");
PKCS8EncodedKeySpec ks = new PKCS8EncodedKeySpec(key);
pk = kf.generatePrivate(ks);
pk.getEncoded();
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
InputStream in = new ByteArrayInputStream(cer);
cert = (X509Certificate)certFactory.generateCertificate(in);
DateTime fechaDesde = new DateTime(cert.getNotBefore());
DateTime fechaHasta = new DateTime(cert.getNotAfter());
Does somebody knows why this happens?
java.lang.NoClassDefFoundError This exception is thrown when JVM is unable to find a particular class at runtime which was available during compile time.
This link will help you
I'm trying to obtain the public key of a Certificate using the method:
FileInputStream fin = new FileInputStream("PathToCertificate");
CertificateFactory f = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate)f.generateCertificate(fin);
PublicKey pk = certificate.getPublicKey();
but I receive the following error:
Exception in thread "main" java.lang.ClassCastException: sun.security.x509.X509CertImpl cannot be cast to codec.x509.X509Certificate
at sergas_testcertificates.Main.main(Main.java:54)
Does anyone know what this error is about?
Thanks in advance
You have the wrong class imported for X509Certificate.
You are likely looking for java.security.cert.X509Certificate not codec.x509.X509Certificate.
X509Certificate certificate = (X509Certificate)f.generateCertificate(fin);
PublicKey pk = certificate.getPublicKey();
since you are only pulling the public key, you can use the certificate class. The factory class will decide what type of a certificate to return.
Certificate certificate = f.generateCertificate(fin);
PublicKey pk = certificate.getPublicKey();
If you need to cast this for antoher reason, check your imports and change it, X509Certificate should be coming from javax.security.cert