List of usage examples for java.security.cert CertificateFactory getInstance
public static final CertificateFactory getInstance(String type) throws CertificateException
From source file:Main.java
/** * Extracts certificate from APK/* w w w. j a v a2s . com*/ * * @param jar * @param entry * rsa or dsa jar item * @return * @throws IOException * I/O problem to read jar * @throws CertificateException * certificate has problems */ private static List<Certificate> extractCertificate(JarFile jar, JarEntry entry) throws IOException, CertificateException { List<Certificate> certList = new ArrayList<Certificate>(); InputStream inStream = null; try { CertificateFactory cf = CertificateFactory.getInstance("X.509"); inStream = jar.getInputStream(entry); Collection<? extends Certificate> c = cf.generateCertificates(inStream); Iterator<? extends Certificate> i = c.iterator(); while (i.hasNext()) { Certificate cert = i.next(); certList.add(cert); } } finally { if (inStream != null) { inStream.close(); } } return certList; }
From source file:com.oneis.common.utils.SSLCertificates.java
public static SSLContext load(String keysDirectory, String certsName, String clientCAName, boolean quiet) throws Exception { // For some indiciation of what's going on early in the boot process if (!quiet) { System.out.println("Loading " + certsName + " SSL certificates from " + keysDirectory); }// ww w .j a v a 2 s .com // Get filenames String keyPathname = keysDirectory + "/" + certsName + ".key"; String certPathname = keysDirectory + "/" + certsName + ".crt"; final String intermediateCertPathnameBase = keysDirectory + "/" + certsName + "-intermediate"; String clientCAPathname = null; if (clientCAName != null) { clientCAPathname = keysDirectory + "/" + clientCAName + ".crt"; } if (!new File(keyPathname).exists()) { System.out.println("Doesn't exist: " + keyPathname); return null; } if (!new File(certPathname).exists()) { System.out.println("Doesn't exist: " + certPathname); return null; } if (clientCAPathname != null) { if (!new File(clientCAPathname).exists()) { System.out.println("Doesn't exist: " + clientCAPathname); return null; } } char[] nullPassword = {}; PrivateKey privateKey = readPEMPrivateKey(keyPathname); CertificateFactory cf = CertificateFactory.getInstance("X.509"); // Server certificate ArrayList<java.security.cert.Certificate> certList = new ArrayList<java.security.cert.Certificate>(4); java.security.cert.Certificate cert = cf.generateCertificate(readPEM(certPathname)); certList.add(cert); // Optional intermediate certificates int intermediateCounter = 1; while (true) { String intermediateCertPathname = intermediateCertPathnameBase; if (intermediateCounter != 1) { intermediateCertPathname += "-" + intermediateCounter; } intermediateCounter++; intermediateCertPathname += ".crt"; if (new File(intermediateCertPathname).exists()) { certList.add(cf.generateCertificate(readPEM(intermediateCertPathname))); } else { // End of cert list break; } } // Optional client CA certificate java.security.cert.Certificate clientCACert = null; if (clientCAPathname != null) { clientCACert = cf.generateCertificate(readPEM(clientCAPathname)); } if (clientCAName != null && clientCACert == null) { throw new RuntimeException("Logic error, failed to load client CA cert when required"); } KeyStore ks = KeyStore.getInstance("JKS", "SUN"); ks.load(null, nullPassword); ks.setKeyEntry("ONEIS", (Key) privateKey, "".toCharArray(), certList.toArray(new java.security.cert.Certificate[certList.size()])); if (clientCACert != null) { KeyStore.TrustedCertificateEntry tce = new KeyStore.TrustedCertificateEntry(clientCACert); ks.setEntry("CLIENTCA", tce, null); } // Generate some random Java API stuff, just for entertainment KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks, nullPassword); TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); tmf.init(ks); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); if (!quiet) { System.out.println(" - server cert chain length " + certList.size() + (clientCACert != null ? ", requires client cert" : ", public server")); } return sslContext; }
From source file:org.openanzo.rdf.utils.KeystoreUtils.java
/** * //ww w .ja va 2 s . c o m * @param keyStoreFile * @param keystoreType * @param password * @param alias * @param in * @throws AnzoException */ public static void addTrustedCert(String keyStoreFile, String keystoreType, String password, String alias, InputStream in) throws AnzoException { try { CertificateFactory cf = CertificateFactory.getInstance("X509"); X509Certificate cert = (X509Certificate) cf.generateCertificate(in); if (cert.getSubjectDN().equals(cert.getIssuerDN())) { cert.verify(cert.getPublicKey()); } addTrustedCert(keyStoreFile, keystoreType, password, alias, cert); } catch (Exception cce) { throw new AnzoException(ExceptionConstants.OSGI.INTERNAL_COMPONENT_ERROR, cce); } }
From source file:com.google.u2f.TestUtils.java
public static X509Certificate[] parseCertificateChainBase64(String encodedDerCertificates) { try {/*from w w w.ja va 2s . c o m*/ Collection<? extends Certificate> certCollection = CertificateFactory.getInstance("X.509") .generateCertificates(new ByteArrayInputStream(parseBase64(encodedDerCertificates))); return certCollection.toArray(new X509Certificate[0]); } catch (CertificateException e) { throw new RuntimeException(e); } }
From source file:fi.vm.kapa.identification.shibboleth.extauthn.util.CertificateUtil.java
public static X509Certificate getCertificate(String pemCertificate) { X509Certificate newCert = null; try {//from ww w . ja v a 2s . c om // Add \r after cert header field, Cert API needs this (Legacy method, Apache2-provided cert) pemCertificate = pemCertificate.replaceFirst(X509_PEM_HEADER, X509_PEM_HEADER + "\r"); // Add X509 header and footer, Cert API needs this (SCS method, SCS-provided certificate) if (!pemCertificate.contains(X509_PEM_HEADER)) { pemCertificate = X509_PEM_HEADER + "\r" + pemCertificate + "\r" + X509_PEM_FOOTER; } if (StringUtils.isNotBlank(pemCertificate)) { InputStream in = new ByteArrayInputStream(pemCertificate.getBytes()); CertificateFactory cf = CertificateFactory.getInstance("X.509"); newCert = (X509Certificate) cf.generateCertificate(in); } } catch (final CertificateException | NullPointerException e) { logger.warn("Error getting client certificate from request", e); } return newCert; }
From source file:com.vmware.certificate.Client.java
/** * Creates a Certificate from a PEM encoded String * * @param certificateString// w w w.j a v a 2s . c o m * @return * @throws Exception */ public static X509Certificate getCertificateFromString(String certificateString) throws Exception { InputStream is = new ByteArrayInputStream(certificateString.getBytes()); CertificateFactory cf = CertificateFactory.getInstance("X509"); X509Certificate c = (X509Certificate) cf.generateCertificate(is); return c; }
From source file:be.fedict.hsm.ws.impl.WSSecurityCrypto.java
public WSSecurityCrypto() { try {// w ww .j a v a 2s .c om this.certificateFactory = CertificateFactory.getInstance("X.509"); } catch (CertificateException e) { throw new RuntimeException("X.509 algo not available: " + e.getMessage()); } }
From source file:com.axway.ebxml.CertificateChain.java
/** * Constructor/* ww w. j av a 2 s.c om*/ * @param certificatePath path to a p7b or DER encoded file * @return Array of X509Certificate * @throws java.io.FileNotFoundException * @throws java.security.cert.CertificateException */ public CertificateChain(String certificatePath) throws CertificateException, IOException { if (certificatePath == null) throw new IllegalArgumentException("certificatePath expected"); logger.debug("Loading certificate from: " + certificatePath); LinkedList<X509Certificate> returnList = new LinkedList<X509Certificate>(); FileInputStream fis = new FileInputStream(certificatePath); try { CertificateFactory cf = CertificateFactory.getInstance("X.509"); Collection certificates = cf.generateCertificates(fis); for (Object cert : certificates) { returnList.add((X509Certificate) cert); logger.debug("Certificate: " + cert); } } finally { fis.close(); } chain = returnList.toArray(new X509Certificate[returnList.size()]); }
From source file:Main.java
private static X509Certificate generateX509CertificateFromSignature(final Signature signature) throws CertificateException { CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); ByteArrayInputStream inputStream = new ByteArrayInputStream(signature.toByteArray()); X509Certificate certificate = (X509Certificate) certificateFactory.generateCertificate(inputStream); return certificate; }
From source file:org.globus.gsi.trustmanager.TrustedCertPathFinder.java
private static CertPath isTrustedCert(KeyStore keyStore, X509Certificate x509Certificate, List<X509Certificate> trustedCertPath) throws CertPathValidatorException { X509CertSelector certSelector = new X509CertSelector(); certSelector.setCertificate(x509Certificate); Collection<? extends Certificate> caCerts; try {//www .jav a 2 s . c o m caCerts = KeyStoreUtil.getTrustedCertificates(keyStore, certSelector); } catch (KeyStoreException e) { throw new CertPathValidatorException("Error accessing trusted certificate store", e); } if ((caCerts.size() > 0) && (x509Certificate.getBasicConstraints() != -1)) { trustedCertPath.add(x509Certificate); // JGLOBUS-92 try { CertificateFactory certFac = CertificateFactory.getInstance("X.509"); return certFac.generateCertPath(trustedCertPath); } catch (CertificateException e) { throw new CertPathValidatorException("Error generating trusted certificate path", e); } } return null; }