Example 31 with X509Certificate
use of java.security.cert.X509Certificate in project OpenAttestation by OpenAttestation.
the class Pkcs12 method getRsaCredentialX509.
public RsaCredentialX509 getRsaCredentialX509(String keyAlias, String keyPassword) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException, FileNotFoundException, CertificateEncodingException {
// load the key pair
//NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException
KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry) keystore.getEntry(keyAlias, new KeyStore.PasswordProtection(keyPassword.toCharArray()));
if (pkEntry != null) {
PrivateKey myPrivateKey = pkEntry.getPrivateKey();
Certificate myCertificate = pkEntry.getCertificate();
if (myCertificate instanceof X509Certificate) {
//CertificateEncodingException, NoSuchAlgorithmException
return new RsaCredentialX509(myPrivateKey, (X509Certificate) myCertificate);
}
throw new IllegalArgumentException("Key has a certificate that is not X509: " + myCertificate.getType());
//PublicKey myPublicKey = pkEntry.getCertificate().getPublicKey();
//return new RsaCredential(myPrivateKey, myPublicKey);
}
// key pair not found
throw new FileNotFoundException("Keystore does not contain the specified key");
}
Also used :
PrivateKey(java.security.PrivateKey)
FileNotFoundException(java.io.FileNotFoundException)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
Example 32 with X509Certificate
use of java.security.cert.X509Certificate in project OpenAttestation by OpenAttestation.
the class SimpleKeystore method getX509CertificateWithPassword.
public X509Certificate getX509CertificateWithPassword(String certAlias, String password) throws NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException, CertificateEncodingException {
KeyStore.PrivateKeyEntry certEntry = (KeyStore.PrivateKeyEntry) keystore.getEntry(certAlias, new KeyStore.PasswordProtection(password.toCharArray()));
X509Certificate myCertificate = certificateIn(certEntry);
if (myCertificate != null) {
return myCertificate;
}
throw new KeyStoreException("Cannot load certificate with alias: " + certAlias);
}
Also used :
X509Certificate(java.security.cert.X509Certificate)
Example 33 with X509Certificate
use of java.security.cert.X509Certificate in project OpenAttestation by OpenAttestation.
the class SimpleKeystore method getRsaCredentialX509.
/**
*
* @param keyAlias
* @param keyPassword
* @return
* @throws FileNotFoundException if the keystore does not contain keyAlias
* @throws KeyStoreException if the keystore has not been initialized before calling this method
* @throws NoSuchAlgorithmException if the platform is missing the algorithm used to decrypt the key
* @throws UnrecoverableEntryException if the keyPassword is incorrect
* @throws CertificateEncodingException if there is an error in the X509 certificate associated with the key
*/
public RsaCredentialX509 getRsaCredentialX509(String keyAlias, String keyPassword) throws FileNotFoundException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException, CertificateEncodingException {
// load the key pair
//NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException
KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry) keystore.getEntry(keyAlias, new KeyStore.PasswordProtection(keyPassword.toCharArray()));
if (pkEntry != null) {
PrivateKey myPrivateKey = pkEntry.getPrivateKey();
Certificate myCertificate = pkEntry.getCertificate();
if (myCertificate instanceof X509Certificate) {
//CertificateEncodingException, NoSuchAlgorithmException
return new RsaCredentialX509(myPrivateKey, (X509Certificate) myCertificate);
}
throw new IllegalArgumentException("Key has a certificate that is not X509: " + myCertificate.getType());
//PublicKey myPublicKey = pkEntry.getCertificate().getPublicKey();
//return new RsaCredential(myPrivateKey, myPublicKey);
}
// key pair not found
throw new FileNotFoundException("Keystore does not contain the specified key");
}
Also used :
X509Certificate(java.security.cert.X509Certificate)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
Example 34 with X509Certificate
use of java.security.cert.X509Certificate in project OpenAttestation by OpenAttestation.
the class SimpleKeystore method addTrustedCertificate.
/**
* Saves a trusted SSL certificate into the keystore. In production
* you need to prompt the user to verify the fingerprint of the certificate
* ebfore you add it, in order to prevent man-in-the-middle attacks.
* The trusted purpose (SSL, etc) is added to the certificate's alias.
*
* If a different certificate already exists under the alias, it is replaced.
*
* @throws MalformedURLException
* @throws NoSuchAlgorithmException
* @throws KeyManagementException
* @throws IOException
*/
public void addTrustedCertificate(X509Certificate cert, String alias, String purpose) throws KeyManagementException {
try {
List<String> aliases = Collections.list(keystore.aliases());
String trustedAlias = purpose == null ? alias : String.format("%s (%s)", alias, purpose);
if (aliases.contains(trustedAlias)) {
// is it the same certificate? if so, we can ignore this request
X509Certificate existing = getX509Certificate(trustedAlias);
if (existing.equals(cert)) {
// certificate is already in keystore with same alias
return;
}
// a different certificate is already in the keystore with the same alias. we replace it:
keystore.deleteEntry(trustedAlias);
}
keystore.setCertificateEntry(trustedAlias, cert);
} catch (NoSuchAlgorithmException e) {
throw new KeyManagementException("Cannot add trusted certificate", e);
} catch (KeyStoreException e) {
throw new KeyManagementException("Cannot add trusted certificate", e);
} catch (CertificateException e) {
throw new KeyManagementException("Cannot add trusted certificate", e);
} catch (UnrecoverableEntryException e) {
throw new KeyManagementException("Cannot add trusted certificate", e);
}
}
Also used :
CertificateException(java.security.cert.CertificateException)
X509Certificate(java.security.cert.X509Certificate)
Example 35 with X509Certificate
use of java.security.cert.X509Certificate in project OpenAttestation by OpenAttestation.
the class SslUtil method createTrustedSslKeystore.
// just a convenience function for importing an array of certs into a java keystore
public static KeyStore createTrustedSslKeystore(X509Certificate[] certificates) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableEntryException {
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(null, null);
for (int i = 0; i < certificates.length; i++) {
X509Certificate cert = certificates[i];
ks.setCertificateEntry("cert" + i, cert);
}
return ks;
}
Also used :
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
Aggregations
X509Certificate (java.security.cert.X509Certificate)1706
IOException (java.io.IOException)336
CertificateException (java.security.cert.CertificateException)272
ByteArrayInputStream (java.io.ByteArrayInputStream)260
CertificateFactory (java.security.cert.CertificateFactory)251
ArrayList (java.util.ArrayList)232
Certificate (java.security.cert.Certificate)227
KeyStore (java.security.KeyStore)177
PrivateKey (java.security.PrivateKey)150
InputStream (java.io.InputStream)134
File (java.io.File)112
KeyStoreException (java.security.KeyStoreException)112
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)111
GeneralSecurityException (java.security.GeneralSecurityException)100
Test (org.junit.Test)90
List (java.util.List)89
PublicKey (java.security.PublicKey)88
X509TrustManager (javax.net.ssl.X509TrustManager)80
X500Principal (javax.security.auth.x500.X500Principal)76
HashSet (java.util.HashSet)64
