List of usage examples for java.security.cert CertificateFactory generateCertPath
public final CertPath generateCertPath(List<? extends Certificate> certificates) throws CertificateException
From source file:MainClass.java
public static void main(String args[]) throws Exception { String storename = args[0];/*from w w w . j av a 2s.co m*/ char[] storepass = args[1].toCharArray(); String alias = args[2]; KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream(storename), storepass); java.security.cert.Certificate[] cchain = ks.getCertificateChain(alias); List mylist = new ArrayList(); for (int i = 0; i < cchain.length; i++) { mylist.add(cchain[i]); } CertificateFactory cf = CertificateFactory.getInstance("X.509"); CertPath cp = cf.generateCertPath(mylist); System.out.println(cp); }
From source file:Main.java
public static void main(String[] argv) throws Exception { FileInputStream is = new FileInputStream("your.keystore"); KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(is, "my-keystore-password".toCharArray()); String alias = "myalias"; Certificate cert = keystore.getCertificate(alias); CertificateFactory certFact = CertificateFactory.getInstance("X.509"); CertPath path = certFact.generateCertPath(Arrays.asList(new Certificate[] { cert })); }
From source file:MainClass.java
public static void main(String args[]) throws Exception { SSLSocketFactory factory = HttpsURLConnection.getDefaultSSLSocketFactory(); SSLSocket socket = (SSLSocket) factory.createSocket("127.0.0.1", 9999); socket.startHandshake();/* ww w . j av a 2 s . c o m*/ SSLSession session = socket.getSession(); java.security.cert.Certificate[] servercerts = session.getPeerCertificates(); List mylist = new ArrayList(); for (int i = 0; i < servercerts.length; i++) { mylist.add(servercerts[i]); } CertificateFactory cf = CertificateFactory.getInstance("X.509"); CertPath cp = cf.generateCertPath(mylist); FileOutputStream f = new FileOutputStream("CertPath.dat"); ObjectOutputStream b = new ObjectOutputStream(f); b.writeObject(cp); }
From source file:MainClass.java
public static void main(String args[]) throws Exception { CertificateFactory cf = CertificateFactory.getInstance("X.509"); List mylist = new ArrayList(); FileInputStream in = new FileInputStream(args[0]); Certificate c = cf.generateCertificate(in); mylist.add(c);/*from www . j a va2s. c o m*/ CertPath cp = cf.generateCertPath(mylist); Certificate trust = cf.generateCertificate(in); TrustAnchor anchor = new TrustAnchor((X509Certificate) trust, null); PKIXParameters params = new PKIXParameters(Collections.singleton(anchor)); params.setRevocationEnabled(false); CertPathValidator cpv = CertPathValidator.getInstance("PKIX"); PKIXCertPathValidatorResult result = (PKIXCertPathValidatorResult) cpv.validate(cp, params); System.out.println(result); }
From source file:MainClass.java
public static void main(String args[]) throws Exception { CertificateFactory cf = CertificateFactory.getInstance("X.509"); List mylist = new ArrayList(); FileInputStream in = new FileInputStream(args[0]); Certificate c = cf.generateCertificate(in); mylist.add(c);/* w w w .ja v a 2 s . c om*/ CertPath cp = cf.generateCertPath(mylist); FileInputStream kin = new FileInputStream(args[0]); KeyStore ks = KeyStore.getInstance("JKS"); ks.load(kin, args[1].toCharArray()); PKIXParameters params = new PKIXParameters(ks); params.setRevocationEnabled(false); CertPathValidator cpv = CertPathValidator.getInstance("PKIX"); PKIXCertPathValidatorResult result = (PKIXCertPathValidatorResult) cpv.validate(cp, params); PublicKey pbk = result.getPublicKey(); byte[] pkenc = pbk.getEncoded(); BigInteger pk = new BigInteger(pkenc); System.out.println(pk.toString(16)); TrustAnchor anc = result.getTrustAnchor(); X509Certificate xc = anc.getTrustedCert(); System.out.println(xc.getSubjectDN()); System.out.println(xc.getIssuerDN()); }
From source file:MainClass.java
public static void main(String args[]) throws Exception { CertificateFactory cf = CertificateFactory.getInstance("X.509"); List mylist = new ArrayList(); for (int i = 0; i < args.length; i++) { FileInputStream in = new FileInputStream(args[i]); Certificate c = cf.generateCertificate(in); mylist.add(c);/* w w w. jav a2 s .com*/ } CertPath cp = cf.generateCertPath(mylist); System.out.println(cp); }
From source file:MainClass.java
public static void main(String args[]) throws Exception { CertificateFactory cf = CertificateFactory.getInstance("X.509"); List mylist = new ArrayList(); for (int i = 0; i < args.length; i++) { FileInputStream in = new FileInputStream(args[i]); Certificate c = cf.generateCertificate(in); mylist.add(c);//from ww w. j a v a 2 s . c o m } CertPath cp = cf.generateCertPath(mylist); List cplist = cp.getCertificates(); Object[] o = cplist.toArray(); for (int i = 0; i < o.length; i++) { X509Certificate c = (X509Certificate) o[i]; System.out.println(c.getSubjectDN()); byte[] pbk = c.getPublicKey().getEncoded(); for (int j = 0; j < pbk.length; j++) { System.out.print(pbk[j] + ","); } System.out.println("\nIssued by " + c.getIssuerDN()); } }
From source file:Main.java
public static PKIXCertPathValidatorResult validateCertificate(X509Certificate entity, X509Certificate intermediate, X509Certificate CA) throws Exception { /* KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null, null);//from ww w. jav a2 s . c o m String alias = "validationCA"; ks.setCertificateEntry(alias, CA); */ /* KeyStore intermediatesStore = KeyStore.getInstance(KeyStore.getDefaultType()); intermediatesStore.load(null, null); String alias_intermediate = "validationIntermediate"; intermediatesStore.setCertificateEntry(alias_intermediate, intermediate);*//* X509CertSelector target = new X509CertSelector(); target.setCertificate(entity); PKIXBuilderParameters params = new PKIXBuilderParameters(ks, target); ArrayList<X509Certificate> chain = new ArrayList<>(); chain.add(intermediate); chain.add(intermediate); CertStoreParameters intermediates = new CollectionCertStoreParameters(chain); params.addCertStore(CertStore.getInstance("Collection", intermediates)); CertPathBuilder builder = CertPathBuilder.getInstance("PKIX"); *//* * If build() returns successfully, the certificate is valid. More details * about the valid path can be obtained through the PKIXBuilderResult. * If no valid path can be found, a CertPathBuilderException is thrown. *//* PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult)builder.build(params); return result;*/ CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); CertPath certPath = certificateFactory .generateCertPath(Arrays.asList(new X509Certificate[] { entity, intermediate })); TrustAnchor trustAnchor = new TrustAnchor(CA, null); CertPathValidator cpv = CertPathValidator.getInstance("PKIX"); PKIXParameters pkixParams = new PKIXParameters(Collections.singleton(trustAnchor)); pkixParams.setRevocationEnabled(true); return (PKIXCertPathValidatorResult) cpv.validate(certPath, pkixParams); }
From source file:com.vmware.identity.samlservice.SamlServiceTest.java
@BeforeClass public static void setUp() throws Exception { SharedUtils.bootstrap(false); // use real data String tenantName = ServerConfig.getTenant(0); String rpName = ServerConfig.getRelyingParty(tenantName, 0); String issuerUrl = ServerConfig.getRelyingPartyUrl(rpName); String acsName = ServerConfig.getAssertionConsumerService(rpName, 0); acsUrl = ServerConfig.getServiceEndpoint(acsName); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); InputStream is = new FileInputStream(SamlServiceTest.class.getResource("/sts-store.jks").getFile()); char[] stsKeystorePassword = "ca$hc0w".toCharArray(); ks.load(is, stsKeystorePassword);//ww w . j ava 2 s.com String stsAlias = "stskey"; Certificate certificate = ks.getCertificate(stsAlias); Key key = ks.getKey(stsAlias, stsKeystorePassword); List<X509Certificate> certificates = new ArrayList<X509Certificate>(); certificates.add((X509Certificate) certificate); CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); CertPath certPath = certFactory.generateCertPath(certificates); privateKey = (PrivateKey) key; x509Certificate = (X509Certificate) certificate; SamlServiceFactory factory = new DefaultSamlServiceFactory(); service = factory.createSamlService(privateKey, SignatureAlgorithm.RSA_SHA256, SignatureAlgorithm.RSA_SHA256, issuerUrl, certPath); }
From source file:com.vangent.hieos.services.sts.util.STSUtil.java
/** * * @param cert// w ww . j av a 2 s.c o m * @param trustStore * @throws STSException */ public static void validateCertificate(X509Certificate cert, KeyStore trustStore) throws STSException { try { // To check the validity of the dates cert.checkValidity(); } catch (CertificateExpiredException ex) { throw new STSException("Certificate expired: " + ex.getMessage()); } catch (CertificateNotYetValidException ex) { throw new STSException("Certificate not yet valid: " + ex.getMessage()); } // Check the chain. try { CertificateFactory cf = CertificateFactory.getInstance("X.509"); List<X509Certificate> mylist = new ArrayList<X509Certificate>(); mylist.add(cert); CertPath cp = cf.generateCertPath(mylist); PKIXParameters params = new PKIXParameters(trustStore); // FIXME: Add revocation checking. params.setRevocationEnabled(false); CertPathValidator cpv = CertPathValidator.getInstance(CertPathValidator.getDefaultType()); PKIXCertPathValidatorResult pkixCertPathValidatorResult = (PKIXCertPathValidatorResult) cpv.validate(cp, params); if (logger.isDebugEnabled()) { logger.debug(pkixCertPathValidatorResult); } } catch (Exception ex) { throw new STSException("Exception while validating Certificate: " + ex.getMessage()); } }