List of usage examples for java.security.cert CertificateFactory getInstance
public static final CertificateFactory getInstance(String type) throws CertificateException
From source file:org.apache.nifi.web.security.x509.ocsp.OcspCertificateValidator.java
/** * Loads the ocsp certificate if specified. Null otherwise. * * @param properties nifi properties//from ww w.ja va2s. co m * @return certificate */ private X509Certificate getOcspCertificate(final NiFiProperties properties) { X509Certificate validationAuthorityCertificate = null; final String validationAuthorityCertificatePath = properties .getProperty(NiFiProperties.SECURITY_OCSP_RESPONDER_CERTIFICATE); if (StringUtils.isNotBlank(validationAuthorityCertificatePath)) { try (final FileInputStream fis = new FileInputStream(validationAuthorityCertificatePath)) { final CertificateFactory cf = CertificateFactory.getInstance("X.509"); validationAuthorityCertificate = (X509Certificate) cf.generateCertificate(fis); } catch (final Exception e) { throw new IllegalStateException("Unable to load the validation authority certificate: " + e); } } return validationAuthorityCertificate; }
From source file:com.mytalentfolio.h_daforum.CconnectToServer.java
/** * Creates a new instance of {@code Certificate} * //from w w w .j a v a 2 s .com * @return the new {@code Certificate} instance. * @throws CertificateException * if the specified certificate type is not available at any * installed provider. * @throws IOException * if an error occurs while closing this stream */ private Certificate getServerCertificate() throws CertificateException, IOException { CertificateFactory cf = CertificateFactory.getInstance("X.509"); // deepak InputStream caInput = mContext.getResources().openRawResource(R.raw.server); // ankit // InputStream caInput = // mContext.getResources().openRawResource(R.raw.localhost); Certificate ca; try { ca = cf.generateCertificate(caInput); } finally { caInput.close(); } return ca; }
From source file:org.apache.xml.security.keys.keyresolver.implementations.RetrievalMethodResolver.java
private static X509Certificate getRawCertificate(XMLSignatureInput resource) throws CanonicalizationException, IOException, CertificateException { byte inputBytes[] = resource.getBytes(); // if the resource stores a raw certificate, we have to handle it CertificateFactory certFact = CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID); X509Certificate cert = (X509Certificate) certFact.generateCertificate(new ByteArrayInputStream(inputBytes)); return cert;//w ww. j av a2 s . c o m }
From source file:org.gluu.oxtrust.ldap.service.SSLService.java
/** * Load a CRL from the specified stream. * * @param is Stream to load CRL from/*from w w w.j a va2s . com*/ * @return The CRL * @throws Exception Problem encountered while loading the CRL */ public static X509CRL loadCRL(InputStream is) throws Exception { try { CertificateFactory cf = CertificateFactory.getInstance(X509_CERT_TYPE); X509CRL crl = (X509CRL) cf.generateCRL(is); return crl; } finally { IOUtils.closeQuietly(is); } }
From source file:com.torresbueno.RSAEncryptionDecryptionUtil.java
/** * Get a public key from a certificate.//ww w . j a v a2 s .com * @param certPath * @return * @throws Exception */ public PublicKey readPublicKeyFromCertificate(String certPath) throws Exception { FileInputStream fin = new FileInputStream(certPath); CertificateFactory f = CertificateFactory.getInstance("X.509"); X509Certificate certificate = (X509Certificate) f.generateCertificate(fin); return certificate.getPublicKey(); }
From source file:org.codice.ddf.security.crl.generator.CrlGenerator.java
/** * Validates the given CRL by attempting to create a {@link CRL} * * @param byteSource - CRL byte source//from ww w . jav a 2 s. c o m * @return - True if the CRL is valid. False if its invalid */ private boolean crlIsValid(ByteSource byteSource) { try (InputStream inputStream = byteSource.openStream()) { CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); certificateFactory.generateCRL(inputStream); } catch (CertificateException | CRLException | IOException e) { LOGGER.warn("An error occurred while validating the CRL. {}", e.getMessage()); return false; } return true; }
From source file:net.sf.dsig.verify.XmldsigVerifier.java
public boolean isCertificatePathValid() throws VerificationException { if (trustAnchors == null) { throw new ConfigurationException("TrustAnchors must be set"); }//w w w . j a v a2 s . co m try { PKIXParameters parameters = new PKIXParameters(trustAnchors); parameters.setRevocationEnabled(false); CertificateFactory cf = CertificateFactory.getInstance("X.509"); CertPath certPath = cf.generateCertPath(Arrays.asList(getCertificateChain())); CertPathValidator cpv = CertPathValidator.getInstance("PKIX"); PKIXCertPathValidatorResult res = (PKIXCertPathValidatorResult) cpv.validate(certPath, parameters); logger.debug("Certificate path validation succeeded; result=" + res.toString()); return true; } catch (CertPathValidatorException e) { logger.info("Certificate path validation failed", e); return false; } catch (InvalidAlgorithmParameterException e) { throw new ConfigurationException("PKIX algorithm not found; should not happen"); } catch (CertificateException e) { throw new ConfigurationException("X.509 certificate factory not found; should not happen"); } catch (NoSuchAlgorithmException e) { throw new ConfigurationException("PKIX algorithm not found; should not happen"); } }
From source file:org.codice.ddf.security.handler.pki.PKIHandlerTest.java
private X509Certificate[] getTestCerts() throws CertificateException { String certificateString = getTestCertString(); InputStream stream = new ByteArrayInputStream(Base64.decodeBase64(certificateString.getBytes())); CertificateFactory factory = CertificateFactory.getInstance("X.509"); X509Certificate cert = (X509Certificate) factory.generateCertificate(stream); X509Certificate[] certs = new X509Certificate[1]; certs[0] = cert;/* ww w. j a va2 s .c o m*/ return certs; }
From source file:org.codice.ddf.security.idp.client.SimpleSign.java
public boolean validateSignature(String queryParamsToValidate, String encodedSignature, String encodedPublicKey) throws SignatureException { try {/* w ww.ja va 2s. c o m*/ CertificateFactory certificateFactory = CertificateFactory.getInstance("X509"); Certificate certificate = certificateFactory .generateCertificate(new ByteArrayInputStream(Base64.decodeBase64(encodedPublicKey))); String jceSigAlgo = "SHA1withRSA"; if ("DSA".equalsIgnoreCase(certificate.getPublicKey().getAlgorithm())) { jceSigAlgo = "SHA1withDSA"; } java.security.Signature sig = java.security.Signature.getInstance(jceSigAlgo); sig.initVerify(certificate.getPublicKey()); sig.update(queryParamsToValidate.getBytes("UTF-8")); return sig.verify(Base64.decodeBase64(encodedSignature)); } catch (NoSuchAlgorithmException | InvalidKeyException | CertificateException | UnsupportedEncodingException | java.security.SignatureException e) { throw new SignatureException(e); } }