本文整理汇总了Java中java.security.KeyStore.getCertificate方法的典型用法代码示例。如果您正苦于以下问题:Java KeyStore.getCertificate方法的具体用法?Java KeyStore.getCertificate怎么用?Java KeyStore.getCertificate使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类java.security.KeyStore的用法示例。
在下文中一共展示了KeyStore.getCertificate方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getCertIdIdByStore
import java.security.KeyStore; //导入方法依赖的package包/类
/**
* 通过keystore获取私钥证书的certId值
* @param keyStore
* @return
*/
private static String getCertIdIdByStore(KeyStore keyStore) {
Enumeration<String> aliasenum = null;
try {
aliasenum = keyStore.aliases();
String keyAlias = null;
if (aliasenum.hasMoreElements()) {
keyAlias = aliasenum.nextElement();
}
X509Certificate cert = (X509Certificate) keyStore
.getCertificate(keyAlias);
return cert.getSerialNumber().toString();
} catch (KeyStoreException e) {
log.error("getCertIdIdByStore Error", e);
return null;
}
}
示例2: signWithJarSignerAPI
import java.security.KeyStore; //导入方法依赖的package包/类
private static void signWithJarSignerAPI(String jarName)
throws Throwable {
// Get JarSigner
try (FileInputStream fis = new FileInputStream(KEYSTORE)) {
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(fis, STOREPASS.toCharArray());
PrivateKey pk = (PrivateKey)ks.getKey(ALIAS, KEYPASS.toCharArray());
Certificate cert = ks.getCertificate(ALIAS);
JarSigner signer = new JarSigner.Builder(pk,
CertificateFactory.getInstance("X.509").generateCertPath(
Collections.singletonList(cert)))
.build();
// Sign jar
try (ZipFile src = new JarFile(jarName);
FileOutputStream out = new FileOutputStream(SIGNED_JAR)) {
signer.sign(src,out);
}
}
}
示例3: PKIXParameters
import java.security.KeyStore; //导入方法依赖的package包/类
/**
* Creates an instance of {@code PKIXParameters} that
* populates the set of most-trusted CAs from the trusted
* certificate entries contained in the specified {@code KeyStore}.
* Only keystore entries that contain trusted {@code X509Certificates}
* are considered; all other certificate types are ignored.
*
* @param keystore a {@code KeyStore} from which the set of
* most-trusted CAs will be populated
* @throws KeyStoreException if the keystore has not been initialized
* @throws InvalidAlgorithmParameterException if the keystore does
* not contain at least one trusted certificate entry
* @throws NullPointerException if the keystore is {@code null}
*/
public PKIXParameters(KeyStore keystore)
throws KeyStoreException, InvalidAlgorithmParameterException
{
if (keystore == null)
throw new NullPointerException("the keystore parameter must be " +
"non-null");
Set<TrustAnchor> hashSet = new HashSet<TrustAnchor>();
Enumeration<String> aliases = keystore.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (keystore.isCertificateEntry(alias)) {
Certificate cert = keystore.getCertificate(alias);
if (cert instanceof X509Certificate)
hashSet.add(new TrustAnchor((X509Certificate)cert, null));
}
}
setTrustAnchors(hashSet);
this.unmodInitialPolicies = Collections.<String>emptySet();
this.certPathCheckers = new ArrayList<PKIXCertPathChecker>();
this.certStores = new ArrayList<CertStore>();
}
示例4: keystorecerts2Hashtable
import java.security.KeyStore; //导入方法依赖的package包/类
/**
* Stores the (leaf) certificates of a keystore in a hashtable.
* All certs belonging to the same CA are stored in a vector that
* in turn is stored in the hashtable, keyed by the CA's subject DN
*/
private void keystorecerts2Hashtable(KeyStore ks,
Hashtable<Principal, Vector<Certificate>> hash)
throws Exception {
for (Enumeration<String> aliases = ks.aliases();
aliases.hasMoreElements(); ) {
String alias = aliases.nextElement();
Certificate cert = ks.getCertificate(alias);
if (cert != null) {
Principal subjectDN = ((X509Certificate)cert).getSubjectDN();
Vector<Certificate> vec = hash.get(subjectDN);
if (vec == null) {
vec = new Vector<Certificate>();
vec.addElement(cert);
} else {
if (!vec.contains(cert)) {
vec.addElement(cert);
}
}
hash.put(subjectDN, vec);
}
}
}
示例5: getCertificateThumbprint
import java.security.KeyStore; //导入方法依赖的package包/类
private String getCertificateThumbprint(String pfxPath, String password) {
try {
InputStream inStream = new FileInputStream(pfxPath);
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(inStream, password.toCharArray());
String alias = ks.aliases().nextElement();
X509Certificate certificate = (X509Certificate) ks.getCertificate(alias);
inStream.close();
MessageDigest sha = MessageDigest.getInstance("SHA-1");
return BaseEncoding.base16().encode(sha.digest(certificate.getEncoded()));
} catch (KeyStoreException | CertificateException | NoSuchAlgorithmException | IOException ex) {
throw new RuntimeException(ex);
}
}
示例6: verifyCRL
import java.security.KeyStore; //导入方法依赖的package包/类
private static String verifyCRL(KeyStore ks, CRL crl)
throws Exception {
X509CRLImpl xcrl = (X509CRLImpl)crl;
X500Principal issuer = xcrl.getIssuerX500Principal();
for (String s: e2i(ks.aliases())) {
Certificate cert = ks.getCertificate(s);
if (cert instanceof X509Certificate) {
X509Certificate xcert = (X509Certificate)cert;
if (xcert.getSubjectX500Principal().equals(issuer)) {
try {
((X509CRLImpl)crl).verify(cert.getPublicKey());
return s;
} catch (Exception e) {
}
}
}
}
return null;
}
示例7: runTest
import java.security.KeyStore; //导入方法依赖的package包/类
private void runTest() throws IOException, KeyStoreException,
NoSuchAlgorithmException, CertificateException,
UnrecoverableKeyException {
KeyStore ks = Utils.loadKeyStore(KEYSTORE_PATH,
Utils.KeyStoreType.pkcs12, PASSWORD);
Key key = ks.getKey(ALIAS, PASSWORD);
Certificate cert = ks
.getCertificate(ALIAS);
KeyStore.Entry entry = new KeyStore.PrivateKeyEntry(
(PrivateKey) key,
new Certificate[]{cert});
if (!entry.getAttributes().isEmpty()) {
throw new RuntimeException("Entry's attributes set "
+ "must be empty");
}
out.println("Test Passed");
}
示例8: execute0
import java.security.KeyStore; //导入方法依赖的package包/类
@Override
protected Object execute0() throws Exception {
KeyStore ks = getKeyStore();
String keyname = null;
Enumeration<String> aliases = ks.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (ks.isKeyEntry(alias)) {
keyname = alias;
break;
}
}
if (keyname == null) {
throw new CmdFailure("could not find private key");
}
X509Certificate cert = (X509Certificate) ks.getCertificate(keyname);
saveVerbose("saved certificate to file", new File(outFile), cert.getEncoded());
return null;
}
示例9: run
import java.security.KeyStore; //导入方法依赖的package包/类
private static void run(String keyAlg, int keySize,
String expectedSigAlg, String sigAlg) throws Exception {
String alias = keyAlg + keySize + System.currentTimeMillis();
String cmd = "-keystore ks -storepass changeit" +
" -keypass changeit -alias " + alias +
" -keyalg " + keyAlg + " -keysize " + keySize +
" -genkeypair -dname CN=" + alias + " -debug";
if (sigAlg != null) {
cmd += " -sigalg " + sigAlg;
}
Main.main(cmd.split(" "));
KeyStore ks = KeyStore.getInstance(
new File("ks"), "changeit".toCharArray());
X509Certificate cert = (X509Certificate)ks.getCertificate(alias);
String actualSigAlg = cert.getSigAlgName();
if (!actualSigAlg.equals(expectedSigAlg)) {
throw new Exception("Failure at " + alias + ": expected "
+ expectedSigAlg + ", actually " + actualSigAlg);
}
}
示例10: verifySignature
import java.security.KeyStore; //导入方法依赖的package包/类
/**
* Iterates over the certificates stored in the truststore to verify the signature of the provided certificate
*
* @param trustStoreFilename The relative path and file name of the truststore
* @param certificate The certificate whose signature needs to be signed
* @return True, if the provided certificate has been signed by one of the certificates in the
* truststore, false otherwise
*/
public static boolean verifySignature(X509Certificate certificate, String trustStoreFilename) {
KeyStore trustStore = SecurityUtils.getTrustStore(trustStoreFilename, GlobalValues.PASSPHRASE_FOR_CERTIFICATES_AND_KEYS.toString());
X500Principal expectedIssuer = certificate.getIssuerX500Principal();
try {
Enumeration<String> aliases = trustStore.aliases();
while (aliases.hasMoreElements()) {
X509Certificate rootCA = (X509Certificate) trustStore.getCertificate(aliases.nextElement());
if (rootCA.getSubjectX500Principal().getName().equals(expectedIssuer.getName()) &&
verifySignature(certificate, rootCA)) return true;
}
} catch (KeyStoreException | NullPointerException e) {
getLogger().error(e.getClass().getSimpleName() + " occurred while trying to verify trust " +
"status of certificate with distinguished name '" +
certificate.getSubjectX500Principal().getName() + "' with truststore at " +
"location '" + trustStoreFilename + "'", e);
}
return false;
}
示例11: getIssueDate
import java.security.KeyStore; //导入方法依赖的package包/类
static Date getIssueDate(String alias) throws Exception {
KeyStore ks = KeyStore.getInstance("jks");
try (FileInputStream fis = new FileInputStream("jks")) {
ks.load(fis, "changeit".toCharArray());
}
X509Certificate cert = (X509Certificate)ks.getCertificate(alias);
return cert.getNotBefore();
}
示例12: getServerCertificate
import java.security.KeyStore; //导入方法依赖的package包/类
public X509Certificate getServerCertificate() {
try {
KeyStore keyStore = loadKeyStore();
return (X509Certificate) keyStore.getCertificate(SERVER_CERTIFICATE_ALIAS);
} catch (KeyStoreException e) {
throw new RuntimeException(e);
}
}
示例13: keystorecerts2Hashtable
import java.security.KeyStore; //导入方法依赖的package包/类
/**
* Stores the (leaf) certificates of a keystore in a hashtable.
* All certs belonging to the same CA are stored in a vector that
* in turn is stored in the hashtable, keyed by the CA's subject DN.
* Each cert comes with a string label that shows its origin and alias.
*/
private void keystorecerts2Hashtable(KeyStore ks,
Hashtable<Principal, Vector<Pair<String,X509Certificate>>> hash)
throws Exception {
for (Enumeration<String> aliases = ks.aliases();
aliases.hasMoreElements(); ) {
String alias = aliases.nextElement();
Certificate cert = ks.getCertificate(alias);
if (cert != null) {
Principal subjectDN = ((X509Certificate)cert).getSubjectDN();
Pair<String,X509Certificate> pair = new Pair<>(
String.format(
rb.getString(ks == caks ?
"alias.in.cacerts" :
"alias.in.keystore"),
alias),
(X509Certificate)cert);
Vector<Pair<String,X509Certificate>> vec = hash.get(subjectDN);
if (vec == null) {
vec = new Vector<>();
vec.addElement(pair);
} else {
if (!vec.contains(pair)) {
vec.addElement(pair);
}
}
hash.put(subjectDN, vec);
}
}
}
示例14: execute0
import java.security.KeyStore; //导入方法依赖的package包/类
@Override
protected Object execute0() throws Exception {
KeyStore ks = KeyStore.getInstance("PKCS11", XiSecurityConstants.PROVIDER_NAME_XIPKI);
ks.load(null, null);
if (verbose.booleanValue()) {
println("available aliases:");
Enumeration<?> aliases = ks.aliases();
while (aliases.hasMoreElements()) {
String alias2 = (String) aliases.nextElement();
println(" " + alias2);
}
}
String alias = getAlias();
println("alias: " + alias);
PrivateKey key = (PrivateKey) ks.getKey(alias, null);
if (key == null) {
println("could not find key with alias '" + alias + "'");
return null;
}
Certificate cert = ks.getCertificate(alias);
if (cert == null) {
println("could not find certificate to verify signature");
return null;
}
PublicKey pubKey = cert.getPublicKey();
String sigAlgo = getSignatureAlgo(pubKey);
println("signature algorithm: " + sigAlgo);
Signature sig = Signature.getInstance(sigAlgo, XiSecurityConstants.PROVIDER_NAME_XIPKI);
sig.initSign(key);
byte[] data = new byte[]{1, 2, 3, 4, 5, 6, 7, 8, 9, 10};
sig.update(data);
byte[] signature = sig.sign(); // CHECKSTYLE:SKIP
println("signature created successfully");
Signature ver = Signature.getInstance(sigAlgo, "BC");
ver.initVerify(pubKey);
ver.update(data);
boolean valid = ver.verify(signature);
println("signature valid: " + valid);
return null;
}
示例15: execute0
import java.security.KeyStore; //导入方法依赖的package包/类
@Override
protected Object execute0() throws Exception {
File realInFile = new File(IoUtil.expandFilepath(inFile));
File realOutFile = new File(IoUtil.expandFilepath(outFile));
if (CompareUtil.equalsObject(realInFile, realOutFile)) {
throw new IllegalCmdParamException("in and out cannot be the same");
}
KeyStore inKs = KeyStore.getInstance(inType);
KeyStore outKs = KeyStore.getInstance(outType);
outKs.load(null);
char[] inPassword = readPasswordIfNotSet("password of the source keystore", inPwd);
FileInputStream inStream = new FileInputStream(realInFile);
try {
inKs.load(inStream, inPassword);
} finally {
inStream.close();
}
char[] outPassword = readPasswordIfNotSet("password of the destination keystore", outPwd);
Enumeration<String> aliases = inKs.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (inKs.isKeyEntry(alias)) {
Certificate[] certs = inKs.getCertificateChain(alias);
Key key = inKs.getKey(alias, inPassword);
outKs.setKeyEntry(alias, key, outPassword, certs);
} else {
Certificate cert = inKs.getCertificate(alias);
outKs.setCertificateEntry(alias, cert);
}
}
ByteArrayOutputStream bout = new ByteArrayOutputStream(4096);
outKs.store(bout, outPassword);
saveVerbose("saved destination keystore to file", realOutFile, bout.toByteArray());
return null;
}