List of usage examples for java.security KeyStore getKey
public final Key getKey(String alias, char[] password) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException
From source file:org.roda.core.plugins.plugins.characterization.OOXMLSignatureUtils.java
public static Path runDigitalSignatureSign(Path input, String keystore, String alias, String password, String fileFormat) throws IOException, GeneralSecurityException, InvalidFormatException, XMLSignatureException, MarshalException { Path output = Files.createTempFile("signed", "." + fileFormat); CopyOption[] copyOptions = new CopyOption[] { StandardCopyOption.REPLACE_EXISTING }; Files.copy(input, output, copyOptions); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); try (InputStream is = new FileInputStream(keystore)) { ks.load(is, password.toCharArray()); PrivateKey pk = (PrivateKey) ks.getKey(alias, password.toCharArray()); X509Certificate x509 = (X509Certificate) ks.getCertificate(alias); SignatureConfig signatureConfig = new SignatureConfig(); signatureConfig.setKey(pk);// ww w . j a va2s. c o m signatureConfig.setSigningCertificateChain(Collections.singletonList(x509)); try (OPCPackage pkg = OPCPackage.open(output.toString(), PackageAccess.READ_WRITE)) { signatureConfig.setOpcPackage(pkg); SignatureInfo si = new SignatureInfo(); si.setSignatureConfig(signatureConfig); si.confirmSignature(); // boolean b = si.verifySignature(); } } return output; }
From source file:at.gv.egovernment.moa.id.protocols.oauth20.json.OAuth20SignatureUtil.java
public static OAuthSigner loadSigner(String issuer) throws OAuth20Exception { OAuth20Configuration globalConfig = OAuth20Configuration.getInstance(); if (StringUtils.isEmpty(globalConfig.getJWTKeyStore())) { throw new OAuth20CertificateErrorException("keystore"); }//w ww . j av a 2s. com if (StringUtils.isEmpty(globalConfig.getJWTKeyName())) { throw new OAuth20CertificateErrorException("key name"); } try { KeyStore ks = KeyStoreUtils.loadKeyStore(globalConfig.getJWTKeyStore(), globalConfig.getJWTKeyStorePassword()); X509Certificate certificate = (X509Certificate) ks.getCertificate(globalConfig.getJWTKeyName()); PrivateKey privateKey = (PrivateKey) ks.getKey(globalConfig.getJWTKeyName(), globalConfig.getJWTKeyPassword().toCharArray()); BasicX509Credential credential = new BasicX509Credential(); credential.setEntityCertificate(certificate); credential.setPrivateKey(privateKey); // Logger.debug("Going to use X509Certificate:"); // Logger.debug(certificate); // Logger.debug("Going to use private key:"); // Logger.debug(privateKey); return new OAuth20SHA256Signer(issuer, globalConfig.getJWTKeyName(), credential.getPrivateKey()); } catch (Exception e) { Logger.error(e.getMessage(), e); throw new OAuth20CertificateErrorException("keystore"); } }
From source file:org.soyatec.windowsazure.internal.util.ssl.SslUtil.java
/** * Create SSLContext by given// w ww. j av a2 s. c o m * keyStoreUrl,keyStorePassword,trustStoreUrl,trustStorePassword,certAlias * * @param keyStoreUrl * the keyStore URL * @param keyStorePassword * the keyStore password * @param trustStoreUrl * the trustStore URL * @param trustStorePassword * the trustStore password * @param certAlias * the alias name * @return the new SSLContext object * @throws Exception */ @SuppressWarnings("deprecation") public static SSLContext createSSLContext(String keyStoreUrl, String keyStorePassword, String trustStoreUrl, String trustStorePassword, String certAlias) throws Exception { KeyManager[] keymanagers = null; TrustManager[] trustmanagers = null; KeyStore keystore = getKeyStore(new File(keyStoreUrl).toURL(), keyStorePassword); PrivateKey privateKey = (PrivateKey) keystore.getKey(certAlias, keyStorePassword.toCharArray()); X509Certificate cert = (X509Certificate) keystore.getCertificate(certAlias); keymanagers = createKeyManagers(keystore, keyStorePassword); for (int i = 0; i < keymanagers.length; i++) { if (keymanagers[i] instanceof X509ExtendedKeyManager) { keymanagers[i] = new HttpsX509KeyManager((X509ExtendedKeyManager) keymanagers[i], certAlias, privateKey, cert); } } SSLContext sslcontext = SSLContext.getInstance("TLS"); KeyStore trustStore = getKeyStore(new File(trustStoreUrl).toURL(), trustStorePassword); trustmanagers = createTrustManagers(trustStore); for (int i = 0; i < trustmanagers.length; i++) { if (trustmanagers[i] instanceof X509TrustManager) { trustmanagers[i] = new HttpsX509TrustManager((X509TrustManager) trustmanagers[i]); } } sslcontext.init(keymanagers, trustmanagers, null); return sslcontext; }
From source file:com.linkage.crm.csb.sign.CtSignature.java
/** * .//from w w w . j a v a2s.c o m * * @param pwd String * @param alias String * @param priKeyFile * @return Signature */ public static Signature createSignatureForSign(String pwd, String alias, String priKeyFile) { try { logger.debug("keypath=============" + priKeyFile); KeyStore ks = KeyStore.getInstance("JKS"); FileInputStream ksfis = new FileInputStream(priKeyFile); BufferedInputStream ksbufin = new BufferedInputStream(ksfis); char[] kpass = pwd.toCharArray(); ks.load(ksbufin, kpass); PrivateKey priKey = (PrivateKey) ks.getKey(alias, kpass); Signature rsa = Signature.getInstance("SHA1withDSA"); rsa.initSign(priKey); return rsa; } catch (Exception ex) { logger.error("errors appeared while trying to signature", ex); return null; } }
From source file:com.linkage.crm.csb.sign.CtSignature.java
/** * @param originalText String //from w ww .j ava 2 s . c o m * @param pwd String * @param alias String * @param priKeyFile * @return String */ public static String signature(String originalText, String pwd, String alias, String priKeyFile) { try { KeyStore ks = KeyStore.getInstance("JKS"); FileInputStream ksfis = new FileInputStream(priKeyFile); BufferedInputStream ksbufin = new BufferedInputStream(ksfis); char[] kpass = pwd.toCharArray(); ks.load(ksbufin, kpass); PrivateKey priKey = (PrivateKey) ks.getKey(alias, kpass); Signature rsa = Signature.getInstance("SHA1withDSA"); rsa.initSign(priKey); rsa.update(originalText.getBytes()); byte[] signedText = rsa.sign(); return HexUtils.toHexString(signedText); } catch (Exception ex) { logger.error("errors appeared while trying to signature", ex); return null; } }
From source file:com.microsoft.aad.adal4j.AsymmetricKeyCredential.java
/** * Static method to create KeyCredential instance. * // w w w. j a v a 2 s. c om * @param clientId * Identifier of the client requesting the token. * @param pkcs12Certificate * PKCS12 certificate stream containing public and private key. * Caller is responsible for handling the input stream. * @param password * certificate password * @return KeyCredential instance * @throws KeyStoreException * @throws NoSuchProviderException * @throws NoSuchAlgorithmException * @throws CertificateException * @throws FileNotFoundException * @throws IOException * @throws UnrecoverableKeyException */ public static AsymmetricKeyCredential create(final String clientId, final InputStream pkcs12Certificate, final String password) throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, UnrecoverableKeyException { final KeyStore keystore = KeyStore.getInstance("PKCS12", "SunJSSE"); keystore.load(pkcs12Certificate, password.toCharArray()); final Enumeration<String> aliases = keystore.aliases(); final String alias = aliases.nextElement(); final PrivateKey key = (PrivateKey) keystore.getKey(alias, password.toCharArray()); final X509Certificate publicCertificate = (X509Certificate) keystore.getCertificate(alias); return create(clientId, key, publicCertificate); }
From source file:com.microsoft.aad.adal4j.MSCAPIAsymmetricKeyCredential.java
/** * Static method to create KeyCredential instance. * /*from w w w . ja v a2s . c om*/ * @param clientId * Identifier of the client requesting the token. * @param pkcs12Certificate * PKCS12 certificate stream containing public and private key. * Caller is responsible to handling the inputstream. * @param password * certificate password * @return KeyCredential instance * @throws KeyStoreException * @throws NoSuchProviderException * @throws NoSuchAlgorithmException * @throws CertificateException * @throws FileNotFoundException * @throws IOException * @throws UnrecoverableKeyException */ public static MSCAPIAsymmetricKeyCredential create(final String clientId, final InputStream pkcs12Certificate, final String password) throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, UnrecoverableKeyException { final KeyStore keystore = KeyStore.getInstance("PKCS12", "SunJSSE"); keystore.load(pkcs12Certificate, password.toCharArray()); final Enumeration<String> aliases = keystore.aliases(); final String alias = aliases.nextElement(); final PrivateKey key = (PrivateKey) keystore.getKey(alias, password.toCharArray()); final X509Certificate publicCertificate = (X509Certificate) keystore.getCertificate(alias); return create(clientId, key, publicCertificate); }
From source file:org.roda.common.certification.PDFSignatureUtils.java
public static Path runDigitalSignatureSign(Path input, String keystore, String alias, String password, String reason, String location, String contact) throws IOException, GeneralSecurityException, DocumentException { Security.addProvider(new BouncyCastleProvider()); Path signedPDF = Files.createTempFile("signed", ".pdf"); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); InputStream is = new FileInputStream(keystore); ks.load(is, password.toCharArray()); PrivateKey pk = (PrivateKey) ks.getKey(alias, password.toCharArray()); Certificate[] chain = ks.getCertificateChain(alias); IOUtils.closeQuietly(is);//from ww w.ja v a 2 s . c o m PdfReader reader = new PdfReader(input.toString()); FileOutputStream os = new FileOutputStream(signedPDF.toFile()); PdfStamper stamper = PdfStamper.createSignature(reader, os, '\0'); PdfSignatureAppearance appearance = stamper.getSignatureAppearance(); appearance.setReason(reason); appearance.setLocation(location); appearance.setContact(contact); appearance.setVisibleSignature(new Rectangle(36, 748, 144, 780), 1, "RODASignature"); ExternalDigest digest = new BouncyCastleDigest(); ExternalSignature signature = new PrivateKeySignature(pk, DigestAlgorithms.SHA256, "BC"); MakeSignature.signDetached(appearance, digest, signature, chain, null, null, null, 0, null); IOUtils.closeQuietly(os); reader.close(); return signedPDF; }
From source file:com.glaf.core.security.SecurityUtils.java
/** * keystore?/*from www . j a v a 2 s . c o m*/ * * @return key ? */ public static Key getPrivateKeyFromKeystore(InputStream ksInputStream, String password, String alias) { try { KeyStore ks = KeyStore.getInstance("JKS", "SUN"); ks.load(ksInputStream, password.toCharArray()); Key privateKey = (PrivateKey) ks.getKey(alias, password.toCharArray()); return privateKey; } catch (Exception ex) { throw new SecurityException(ex); } }
From source file:com.yodlee.sampleapps.helper.OpenSamlHelper.java
/** * Initilize the Keystore.//from ww w . jav a 2s . co m */ private static void initKeyStore() { InputStream fileInput = null; try { fileInput = new FileInputStream(keystoreFilename); } catch (FileNotFoundException e) { e.printStackTrace(); throw new RuntimeException(e.getMessage()); } KeyStore keystore = null; try { keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(fileInput, keystorePassword.toCharArray()); privateKey = (PrivateKey) keystore.getKey(keystoreAlias, keystorePassword.toCharArray()); } catch (Exception e) { e.printStackTrace(); throw new RuntimeException(e.getMessage()); } if (privateKey == null) throw new RuntimeException(keystoreAlias + " key not found in keystore " + keystoreFilename); X509Certificate cert = null; Certificate[] certificates = new Certificate[0]; try { cert = (X509Certificate) keystore.getCertificate(keystoreAlias); certificates = keystore.getCertificateChain(keystoreAlias); } catch (KeyStoreException e) { e.printStackTrace(); throw new RuntimeException(e.getMessage()); } if (cert == null) throw new RuntimeException(keystoreAlias + " cert not found in keystore " + keystoreFilename); if (certificates == null) throw new RuntimeException(keystoreAlias + " cert chain not found in keystore " + keystoreFilename); certs = new X509Certificate[certificates.length]; System.arraycopy(certificates, 0, certs, 0, certs.length); }