List of usage examples for java.security KeyException getMessage
public String getMessage()
From source file:com.vangent.hieos.services.sts.util.STSUtil.java
/** * * @param keyInfo/*from w ww . j a v a 2 s . c o m*/ * @return * @throws STSException */ static public List<PublicKey> getPublicKeys(KeyInfo keyInfo) throws STSException { try { return KeyInfoHelper.getPublicKeys(keyInfo); } catch (KeyException ex) { throw new STSException("Unable to get public keys from KeyInfo: " + ex.getMessage()); } }
From source file:be.fedict.eid.applet.service.signer.facets.KeyInfoSignatureFacet.java
public void postSign(Element signatureElement, List<X509Certificate> signingCertificateChain) { LOG.debug("postSign"); String signatureNamespacePrefix = signatureElement.getPrefix(); /*//from w ww .j a v a2 s. co m * Make sure we insert right after the ds:SignatureValue element, just * before the first ds:Object element. */ Node nextSibling; NodeList objectNodeList = signatureElement.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Object"); if (0 == objectNodeList.getLength()) { nextSibling = null; } else { nextSibling = objectNodeList.item(0); } /* * Construct the ds:KeyInfo element using JSR 105. */ KeyInfoFactory keyInfoFactory = KeyInfoFactory.getInstance("DOM", new XMLDSigRI()); List<Object> x509DataObjects = new LinkedList<Object>(); X509Certificate signingCertificate = signingCertificateChain.get(0); List<Object> keyInfoContent = new LinkedList<Object>(); if (this.includeKeyValue) { KeyValue keyValue; try { keyValue = keyInfoFactory.newKeyValue(signingCertificate.getPublicKey()); } catch (KeyException e) { throw new RuntimeException("key exception: " + e.getMessage(), e); } keyInfoContent.add(keyValue); } if (this.includeIssuerSerial) { x509DataObjects.add(keyInfoFactory.newX509IssuerSerial( signingCertificate.getIssuerX500Principal().toString(), signingCertificate.getSerialNumber())); } if (this.includeEntireCertificateChain) { for (X509Certificate certificate : signingCertificateChain) { x509DataObjects.add(certificate); } } else { x509DataObjects.add(signingCertificate); } if (false == x509DataObjects.isEmpty()) { X509Data x509Data = keyInfoFactory.newX509Data(x509DataObjects); keyInfoContent.add(x509Data); } KeyInfo keyInfo = keyInfoFactory.newKeyInfo(keyInfoContent); DOMKeyInfo domKeyInfo = (DOMKeyInfo) keyInfo; Key key = new Key() { private static final long serialVersionUID = 1L; public String getAlgorithm() { return null; } public byte[] getEncoded() { return null; } public String getFormat() { return null; } }; XMLSignContext xmlSignContext = new DOMSignContext(key, signatureElement); DOMCryptoContext domCryptoContext = (DOMCryptoContext) xmlSignContext; try { domKeyInfo.marshal(signatureElement, nextSibling, signatureNamespacePrefix, domCryptoContext); } catch (MarshalException e) { throw new RuntimeException("marshall error: " + e.getMessage(), e); } }
From source file:be.fedict.eid.tsl.TrustServiceList.java
private void xmlSign(PrivateKey privateKey, X509Certificate certificate, String tslId) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, MarshalException, XMLSignatureException {/*from w w w . j a v a 2 s. c om*/ XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new org.jcp.xml.dsig.internal.dom.XMLDSigRI()); LOG.debug("xml signature factory: " + signatureFactory.getClass().getName()); LOG.debug("loader: " + signatureFactory.getClass().getClassLoader()); XMLSignContext signContext = new DOMSignContext(privateKey, this.tslDocument.getDocumentElement()); signContext.putNamespacePrefix(XMLSignature.XMLNS, "ds"); DigestMethod digestMethod = signatureFactory.newDigestMethod(DigestMethod.SHA256, null); List<Reference> references = new LinkedList<Reference>(); List<Transform> transforms = new LinkedList<Transform>(); transforms.add(signatureFactory.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)); Transform exclusiveTransform = signatureFactory.newTransform(CanonicalizationMethod.EXCLUSIVE, (TransformParameterSpec) null); transforms.add(exclusiveTransform); Reference reference = signatureFactory.newReference("#" + tslId, digestMethod, transforms, null, null); references.add(reference); String signatureId = "xmldsig-" + UUID.randomUUID().toString(); List<XMLObject> objects = new LinkedList<XMLObject>(); addXadesBes(signatureFactory, this.tslDocument, signatureId, certificate, references, objects); SignatureMethod signatureMethod; if (isJava6u18OrAbove()) { signatureMethod = signatureFactory .newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", null); } else { signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null); } CanonicalizationMethod canonicalizationMethod = signatureFactory .newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null); SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod, references); List<Object> keyInfoContent = new LinkedList<Object>(); KeyInfoFactory keyInfoFactory = KeyInfoFactory.getInstance(); List<Object> x509DataObjects = new LinkedList<Object>(); x509DataObjects.add(certificate); x509DataObjects.add(keyInfoFactory.newX509IssuerSerial(certificate.getIssuerX500Principal().toString(), certificate.getSerialNumber())); X509Data x509Data = keyInfoFactory.newX509Data(x509DataObjects); keyInfoContent.add(x509Data); KeyValue keyValue; try { keyValue = keyInfoFactory.newKeyValue(certificate.getPublicKey()); } catch (KeyException e) { throw new RuntimeException("key exception: " + e.getMessage(), e); } keyInfoContent.add(keyValue); KeyInfo keyInfo = keyInfoFactory.newKeyInfo(keyInfoContent); String signatureValueId = signatureId + "-signature-value"; XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, keyInfo, objects, signatureId, signatureValueId); xmlSignature.sign(signContext); }
From source file:org.ow2.proactive.resourcemanager.utils.console.ResourceManagerController.java
public void load(String[] args) { Options options = new Options(); Option help = new Option("h", "help", false, "Display this help"); help.setRequired(false);//from ww w. j a v a 2 s. c om options.addOption(help); Option username = new Option("l", "login", true, "The username to join the Resource Manager"); username.setArgName("login"); username.setArgs(1); username.setRequired(false); options.addOption(username); Option rmURL = new Option("u", "rmURL", true, "The Resource manager URL (default " + RM_DEFAULT_URL + ")"); rmURL.setArgName("rmURL"); rmURL.setArgs(1); rmURL.setRequired(false); options.addOption(rmURL); Option visual = new Option("g", "gui", false, "Start the console in a graphical view"); rmURL.setRequired(false); options.addOption(visual); addCommandLineOptions(options); boolean displayHelp = false; try { String pwdMsg = null; Parser parser = new GnuParser(); cmd = parser.parse(options, args); if (cmd.hasOption("h")) { displayHelp = true; } else { if (cmd.hasOption("environment")) { model.setInitEnv(cmd.getOptionValue("environment")); } String url; if (cmd.hasOption("u")) { url = cmd.getOptionValue("u"); } else { url = RM_DEFAULT_URL; } logger.info("Connecting to the RM on " + url); auth = RMConnection.join(url); logger.info("\t-> Connection established on " + url); if (cmd.hasOption("l")) { user = cmd.getOptionValue("l"); } if (cmd.hasOption("credentials")) { if (cmd.getOptionValues("credentials").length == 1) { System.setProperty(Credentials.credentialsPathProperty, cmd.getOptionValue("credentials")); } try { this.credentials = Credentials.getCredentials(); } catch (KeyException e) { logger.error("Could not retreive credentials... Try to adjust the System property: " + Credentials.credentialsPathProperty); throw e; } } else { ConsoleReader console = new ConsoleReader(System.in, new PrintWriter(System.out)); if (cmd.hasOption("l")) { pwdMsg = user + "'s password: "; } else { user = console.readLine("login: "); pwdMsg = "password: "; } //ask password to User try { console.setDefaultPrompt(pwdMsg); pwd = console.readLine('*'); } catch (IOException ioe) { logger.error("" + ioe); logger.debug("", ioe); } PublicKey pubKey = null; try { // first attempt at getting the pubkey : ask the RM RMAuthentication auth = RMConnection.join(url); pubKey = auth.getPublicKey(); logger.info("Retrieved public key from Resource Manager at " + url); } catch (Exception e) { try { // second attempt : try default location pubKey = Credentials.getPublicKey(Credentials.getPubKeyPath()); logger.info("Using public key at " + Credentials.getPubKeyPath()); } catch (Exception exc) { logger.error( "Could not find a public key. Contact the administrator of the Resource Manager."); logger.debug("", exc); System.exit(1); } } try { this.credentials = Credentials.createCredentials( new CredData(CredData.parseLogin(user), CredData.parseDomain(user), pwd), pubKey); } catch (KeyException e) { logger.error("Could not create credentials... " + e); throw e; } } //connect to the scheduler connect(); //connect JMX service connectJMXClient(); //start the command line or the interactive mode start(); } } catch (MissingArgumentException e) { logger.error(e.getLocalizedMessage()); logger.debug("", e); displayHelp = true; } catch (MissingOptionException e) { logger.error("Missing option: " + e.getLocalizedMessage()); logger.debug("", e); displayHelp = true; } catch (UnrecognizedOptionException e) { logger.error(e.getLocalizedMessage()); logger.debug("", e); displayHelp = true; } catch (AlreadySelectedException e) { logger.error(e.getClass().getSimpleName() + " : " + e.getLocalizedMessage()); logger.debug("", e); displayHelp = true; } catch (ParseException e) { logger.debug("", e); displayHelp = true; } catch (RMException e) { logger.error( "Error at connection : " + e.getMessage() + newline + "Shutdown the controller." + newline); logger.debug("", e); System.exit(2); } catch (LoginException e) { logger.error(e.getMessage() + newline + "Shutdown the controller." + newline); logger.debug("", e); System.exit(3); } catch (Exception e) { logger.error( "An error has occurred : " + e.getMessage() + newline + "Shutdown the controller." + newline, e); logger.debug("", e); System.exit(4); } if (displayHelp) { logger.info(""); HelpFormatter hf = new HelpFormatter(); hf.setWidth(160); String note = newline + "NOTE : if no " + control + " command is specified, the controller will start in interactive mode."; hf.printHelp(commandName + shellExtension(), "", options, note, true); System.exit(5); } // if execution reaches this point this means it must exit System.exit(0); }
From source file:org.ow2.proactive.scheduler.smartproxy.SmartProxyImpl.java
@Override public void init(ConnectionInfo connectionInfo) throws SchedulerException, LoginException { this.connectionInfo = connectionInfo; if (connectionInfo.getCredentialFile() != null) { try {/* w w w . ja v a 2 s. co m*/ Credentials credentials = Credentials .getCredentials(connectionInfo.getCredentialFile().getAbsolutePath()); init(connectionInfo.getUrl(), credentials); } catch (KeyException e) { throw new LoginException(e.getMessage()); } } else { CredData cred = new CredData(CredData.parseLogin(connectionInfo.getLogin()), CredData.parseDomain(connectionInfo.getLogin()), connectionInfo.getPassword()); init(connectionInfo.getUrl(), cred); } }
From source file:org.pepstock.jem.node.security.loginprotocol.ServerLoginProtocol.java
/** * /*w ww . j ava 2 s. co m*/ * @param requestParm is the request from client encoded in Base64 * @see org.pepstock.jem.node.security.loginprotocol.LoginRequest * * @return the response that the server must send to the client after * receiving a specified request. * @throws LoginProtocolException if any exception occur during the * generation of the Request and the parsing of the Response * @see org.pepstock.jem.node.security.loginprotocol.LoginRequest * @see org.pepstock.jem.node.security.loginprotocol.Operation * @see org.pepstock.jem.node.security.loginprotocol.RequestOperation * @see org.pepstock.jem.node.security.loginprotocol.ResponseOperation */ public String getResponseFromRequest(String requestParm) throws LoginProtocolException { LoginResponse jemResponse = null; try { String request = new String(Base64.decodeBase64(requestParm), CharSet.DEFAULT); LoginRequest jemRequest = LoginRequest.unmarshall(request); String subjectId = jemRequest.getSubjectId(); if (cryptographicKey == null) { if (subjectId.equals(LoginRequest.JEM_NODE_USER) || subjectId.equals(LoginRequest.JEM_WEB_USER)) { this.cryptographicKey = KeysUtil.getSymmetricKey(keystoresInfo.getClusterKeystoreInfo()); } else { this.cryptographicKey = KeysUtil.getPublicKeyByAlias(keystoresInfo.getUserKeystoreInfo(), subjectId); } } // if the request operation is get password, generate a one time // password, memorized it and send it to the cilent if (jemRequest.getOperation().getName().equals(Operation.GETPASSWORD.toString())) { jemResponse = new LoginResponse(); String randomPassword = UUID.randomUUID().toString(); jemResponse.setAddress(jemRequest.getAddress()); jemResponse.setSubjectId(jemRequest.getSubjectId()); ResponseOperation op = new ResponseOperation(); op.setName(Operation.GETPASSWORD.toString()); op.setResult(randomPassword); jemResponse.setOperation(op); authorizedSubject.put(jemRequest.getAddress(), randomPassword); // if the request operation is login, verify user password to // allow or not the client to participate to the cluster and // send the response back } else if (jemRequest.getOperation().getName().equals(Operation.LOGIN.toString())) { jemResponse = new LoginResponse(); String address = jemRequest.getAddress(); String clearPassword = null; clearPassword = new String( Crypto.decrypt(Base64.decodeBase64(jemRequest.getPassword()), this.cryptographicKey), CharSet.DEFAULT); jemResponse.setAddress(address); jemResponse.setSubjectId(jemRequest.getSubjectId()); ResponseOperation op = new ResponseOperation(); op.setName(Operation.LOGIN.toString()); if (authorizedSubject.containsKey(address) && authorizedSubject.get(address).equals(clearPassword)) { op.setResult(ResponseOperation.LOGIN_ACCEPTED); conversationTerminated = true; } else { LogAppl.getInstance().emit(NodeMessage.JEMC109W, "Wrong password"); LogAppl.getInstance().emit(NodeMessage.JEMC106W); op.setResult(ResponseOperation.LOGIN_DENIED); serverException = true; } jemResponse.setOperation(op); } else { LogAppl.getInstance().emit(NodeMessage.JEMC109W, request); LogAppl.getInstance().emit(NodeMessage.JEMC106W); jemResponse = new LoginResponse(); jemResponse.setException(LoginResponse.EXCEPTION_MESSAGE); serverException = true; } } catch (KeyException e) { // ignore LogAppl.getInstance().ignore(e.getMessage(), e); jemResponse = createResponseWithException(e); } catch (MessageException e) { // ignore LogAppl.getInstance().ignore(e.getMessage(), e); jemResponse = createResponseWithException(e); } String xmlResponse = LoginResponse.marshall(jemResponse); return Base64.encodeBase64String(xmlResponse.getBytes(CharSet.DEFAULT)); }