List of usage examples for java.security.cert Certificate getPublicKey
public abstract PublicKey getPublicKey();
From source file:org.cesecore.certificates.util.AlgorithmTools.java
/** * Simple method that looks at the certificate and determines, from EJBCA's standpoint, which signature algorithm it is * // w ww . ja v a2 s. c o m * @param cert the cert to examine * @return Signature algorithm name from AlgorithmConstants.SIGALG_SHA1_WITH_RSA etc. */ public static String getSignatureAlgorithm(Certificate cert) { String signatureAlgorithm = null; String certSignatureAlgorithm = getCertSignatureAlgorithmNameAsString(cert); // The signature string returned from the certificate is often not usable as the signature algorithm we must // specify for a CA in EJBCA, for example SHA1WithECDSA is returned as only ECDSA, so we need some magic to fix it up. PublicKey publickey = cert.getPublicKey(); if (publickey instanceof RSAPublicKey) { if (certSignatureAlgorithm.indexOf("MGF1") == -1) { if (certSignatureAlgorithm.indexOf("MD5") != -1) { signatureAlgorithm = "MD5WithRSA"; } else if (certSignatureAlgorithm.indexOf("SHA1") != -1) { signatureAlgorithm = AlgorithmConstants.SIGALG_SHA1_WITH_RSA; } else if (certSignatureAlgorithm.indexOf("256") != -1) { signatureAlgorithm = AlgorithmConstants.SIGALG_SHA256_WITH_RSA; } else if (certSignatureAlgorithm.indexOf("384") != -1) { signatureAlgorithm = AlgorithmConstants.SIGALG_SHA384_WITH_RSA; } else if (certSignatureAlgorithm.indexOf("512") != -1) { signatureAlgorithm = AlgorithmConstants.SIGALG_SHA512_WITH_RSA; } } else { if (certSignatureAlgorithm.indexOf("SHA1") != -1) { signatureAlgorithm = AlgorithmConstants.SIGALG_SHA1_WITH_RSA_AND_MGF1; } else { signatureAlgorithm = AlgorithmConstants.SIGALG_SHA256_WITH_RSA_AND_MGF1; } } } else if (publickey instanceof DSAPublicKey) { signatureAlgorithm = AlgorithmConstants.SIGALG_SHA1_WITH_DSA; } else { if (certSignatureAlgorithm.indexOf("256") != -1) { signatureAlgorithm = AlgorithmConstants.SIGALG_SHA256_WITH_ECDSA; } else if (certSignatureAlgorithm.indexOf("224") != -1) { signatureAlgorithm = AlgorithmConstants.SIGALG_SHA224_WITH_ECDSA; } else if (certSignatureAlgorithm.indexOf("384") != -1) { signatureAlgorithm = AlgorithmConstants.SIGALG_SHA384_WITH_ECDSA; } else if (certSignatureAlgorithm.indexOf("512") != -1) { signatureAlgorithm = AlgorithmConstants.SIGALG_SHA512_WITH_ECDSA; } else if (certSignatureAlgorithm.indexOf("ECDSA") != -1) { // From x509cert.getSigAlgName(), SHA1withECDSA only returns name ECDSA signatureAlgorithm = AlgorithmConstants.SIGALG_SHA1_WITH_ECDSA; } else if (isGost3410Enabled() && certSignatureAlgorithm .equalsIgnoreCase(AlgorithmConstants.SIGALG_GOST3411_WITH_ECGOST3410)) { signatureAlgorithm = AlgorithmConstants.SIGALG_GOST3411_WITH_ECGOST3410; } else if (isDstu4145Enabled() && certSignatureAlgorithm.equalsIgnoreCase(AlgorithmConstants.SIGALG_GOST3411_WITH_DSTU4145)) { signatureAlgorithm = AlgorithmConstants.SIGALG_GOST3411_WITH_DSTU4145; } } if (log.isDebugEnabled()) { log.debug("getSignatureAlgorithm: " + signatureAlgorithm); } return signatureAlgorithm; }
From source file:se.curity.examples.oauth.jwt.JwtWithCertTest.java
/** * Load the private Keymap with the x5t256 thumbprint and the public key * The map only contains a single key/*from w w w . j av a 2 s . c om*/ * @return * @throws Exception */ private Map<String, RSAPublicKey> prepareKeyMap() throws Exception { Map<String, RSAPublicKey> keys = new HashMap<>(); Certificate cert = getCertificate(); RSAPublicKey key = (RSAPublicKey) cert.getPublicKey(); byte[] x5tS256 = DigestUtils.sha256(cert.getEncoded()); String b64x5tS256 = org.apache.commons.codec.binary.Base64.encodeBase64URLSafeString(x5tS256); keys.put(b64x5tS256, key); return keys; }
From source file:org.hyperic.util.security.DbKeyStoreSpi.java
@Override public Key engineGetKey(String alias, char[] password) throws NoSuchAlgorithmException, UnrecoverableKeyException { Object[] objs = engineAliases.get(alias); if (objs == null) { log.warn("alias=" + alias + " has no associated certificate"); return null; }/* w ww. j av a 2 s . c om*/ Certificate cert = (Certificate) objs[1]; return cert.getPublicKey(); }
From source file:org.wso2.carbon.mss.security.JWTSecurityInterceptor.java
private PublicKey getPublicKey(String keyStorePath, String keyStorePassword, String alias) throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException { try (InputStream inputStream = getClass().getClassLoader().getResourceAsStream(keyStorePath)) { KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(inputStream, keyStorePassword.toCharArray()); Key key = keystore.getKey(alias, keyStorePassword.toCharArray()); if (key instanceof PrivateKey) { // Get certificate of public key java.security.cert.Certificate cert = keystore.getCertificate(alias); // Get public key return cert.getPublicKey(); }/*from www . jav a 2 s. c o m*/ } return null; }
From source file:nl.clockwork.mule.ebms.cxf.XMLSecSignatureInInterceptor.java
private boolean verify(KeyStore keyStore, Document document, List<EbMSDataSource> dataSources) throws XMLSignatureException, XMLSecurityException, CertificateExpiredException, CertificateNotYetValidException, KeyStoreException { NodeList nodeList = document.getElementsByTagNameNS(org.apache.xml.security.utils.Constants.SignatureSpecNS, org.apache.xml.security.utils.Constants._TAG_SIGNATURE); if (nodeList.getLength() > 0) { XMLSignature signature = new XMLSignature((Element) nodeList.item(0), org.apache.xml.security.utils.Constants.SignatureSpecNS); EbMSDataSourceResolver resolver = new EbMSDataSourceResolver(dataSources); signature.addResourceResolver(resolver); X509Certificate certificate = signature.getKeyInfo().getX509Certificate(); if (certificate != null) { certificate.checkValidity(); Enumeration<String> aliases = keyStore.aliases(); while (aliases.hasMoreElements()) { try { Certificate c = keyStore.getCertificate(aliases.nextElement()); certificate.verify(c.getPublicKey()); return signature.checkSignatureValue(certificate); } catch (KeyStoreException e) { throw e; } catch (Exception e) { }// w w w . ja va 2 s . c om } } else { PublicKey publicKey = signature.getKeyInfo().getPublicKey(); if (publicKey != null) return signature.checkSignatureValue(publicKey); } return false; } return true; }
From source file:com.springcryptoutils.core.key.PublicKeyFactoryBean.java
public void afterPropertiesSet() throws KeyStoreException { Certificate certificate = keystore.getCertificate(alias); if (certificate == null) { throw new PublicKeyException("no such public key with alias: " + alias); }//from w w w. ja v a 2s . c o m publicKey = certificate.getPublicKey(); }
From source file:org.apache.synapse.commons.security.wrappers.KeyStoreWrapper.java
/** * Returns the key based on certificate of the owner to who given alias belong * * @param alias The alias of the certificate in the specified keyStore * @return Key , if there is a one , otherwise null *///from w ww . j a v a 2 s . com protected Key getKey(String alias) { try { Certificate certificate = keyStore.getCertificate(alias); if (certificate != null) { return certificate.getPublicKey(); } } catch (KeyStoreException e) { handleException("Error loading key for alias : " + alias, e); } return null; }
From source file:org.mitre.jwt.encryption.impl.KeyStore.java
/** * Returns a KeyPair for the alias given the password * /*from ww w . j a v a2s .c o m*/ * @param alias * the alias name * @param password * the password for recovering the key pair * @return the key pair * @throws GeneralSecurityException */ public KeyPair getKeyPairForAlias(String alias, String password) throws GeneralSecurityException { Key key = keystore.getKey(alias, password.toCharArray()); if (key instanceof PrivateKey) { // Get certificate of public key java.security.cert.Certificate cert = keystore.getCertificate(alias); // Get public key PublicKey publicKey = cert.getPublicKey(); return new KeyPair(publicKey, (PrivateKey) key); } return null; }
From source file:org.springframework.security.oauth.common.signature.TestRSA_SHA1SignatureMethod.java
/** * tests how to instantiate a public key from text. *//* w w w.j a va 2 s.co m*/ public void testInstantiatePublicKey() throws Exception { String googleOAuthCert = "-----BEGIN CERTIFICATE-----\n" + "MIIDBDCCAm2gAwIBAgIJAK8dGINfkSTHMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV\n" + "BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzETMBEG\n" + "A1UEChMKR29vZ2xlIEluYzEXMBUGA1UEAxMOd3d3Lmdvb2dsZS5jb20wHhcNMDgx\n" + "MDA4MDEwODMyWhcNMDkxMDA4MDEwODMyWjBgMQswCQYDVQQGEwJVUzELMAkGA1UE\n" + "CBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxEzARBgNVBAoTCkdvb2dsZSBJ\n" + "bmMxFzAVBgNVBAMTDnd3dy5nb29nbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" + "ADCBiQKBgQDQUV7ukIfIixbokHONGMW9+ed0E9X4m99I8upPQp3iAtqIvWs7XCbA\n" + "bGqzQH1qX9Y00hrQ5RRQj8OI3tRiQs/KfzGWOdvLpIk5oXpdT58tg4FlYh5fbhIo\n" + "VoVn4GvtSjKmJFsoM8NRtEJHL1aWd++dXzkQjEsNcBXwQvfDb0YnbQIDAQABo4HF\n" + "MIHCMB0GA1UdDgQWBBSm/h1pNY91bNfW08ac9riYzs3cxzCBkgYDVR0jBIGKMIGH\n" + "gBSm/h1pNY91bNfW08ac9riYzs3cx6FkpGIwYDELMAkGA1UEBhMCVVMxCzAJBgNV\n" + "BAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUg\n" + "SW5jMRcwFQYDVQQDEw53d3cuZ29vZ2xlLmNvbYIJAK8dGINfkSTHMAwGA1UdEwQF\n" + "MAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAYpHTr3vQNsHHHUm4MkYcDB20a5KvcFoX\n" + "gCcYtmdyd8rh/FKeZm2me7eQCXgBfJqQ4dvVLJ4LgIQiU3R5ZDe0WbW7rJ3M9ADQ\n" + "FyQoRJP8OIMYW3BoMi0Z4E730KSLRh6kfLq4rK6vw7lkH9oynaHHWZSJLDAp17cP\n" + "j+6znWkN9/g=\n" + "-----END CERTIFICATE-----"; Certificate cert = CertificateFactory.getInstance("X.509") .generateCertificate(new ByteArrayInputStream(googleOAuthCert.getBytes("utf-8"))); RSAKeySecret secret = new RSAKeySecret(cert.getPublicKey()); }
From source file:org.apache.synapse.securevault.keystore.KeyStoreWrapper.java
/** * Returns the key based on certificate of the owner to who given alias belong * * @param alias The alias of the certificate in the specified keyStore * @return Key , if there is a one , otherwise null *//*from ww w. j a v a2s .c o m*/ protected Key getPublicKeyFromCertificate(String alias) { try { Certificate certificate = keyStore.getCertificate(alias); if (certificate != null) { return certificate.getPublicKey(); } } catch (KeyStoreException e) { throw new SecureVaultException("Error loading key for alias : " + alias, e, log); } return null; }