java.security.KeyStore.getCertificate()方法的使用及代码示例

x33g5p2x  于2022-01-23 转载在 其他  
字(13.3k)|赞(0)|评价(0)|浏览(238)

本文整理了Java中java.security.KeyStore.getCertificate()方法的一些代码示例,展示了KeyStore.getCertificate()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。KeyStore.getCertificate()方法的具体详情如下:
包路径:java.security.KeyStore
类名称:KeyStore
方法名:getCertificate

KeyStore.getCertificate介绍

[英]Returns the trusted certificate for the entry with the given alias.
[中]返回具有给定别名的项的受信任证书。

代码示例

代码示例来源:origin: apache/kafka

static List<CertificateEntries> create(KeyStore keystore) throws GeneralSecurityException {
  Enumeration<String> aliases = keystore.aliases();
  List<CertificateEntries> entries = new ArrayList<>();
  while (aliases.hasMoreElements()) {
    String alias = aliases.nextElement();
    Certificate cert  = keystore.getCertificate(alias);
    if (cert instanceof X509Certificate)
      entries.add(new CertificateEntries((X509Certificate) cert));
  }
  return entries;
}

代码示例来源:origin: igniterealtime/Openfire

/**
 * Returns a collection of all x.509 certificates in this store. Certificates returned by this method can be of any
 * state (eg: invalid, on a revocation list, etc).
 *
 * @return A collection (possibly empty, never null) of all certificates in this store, mapped by their alias.
 */
public Map<String, X509Certificate> getAllCertificates() throws KeyStoreException
{
  final Map<String, X509Certificate> results = new HashMap<>();
  for ( final String alias : Collections.list( store.aliases() ) )
  {
    final Certificate certificate = store.getCertificate( alias );
    if ( !( certificate instanceof X509Certificate ) )
    {
      continue;
    }
    results.put( alias, (X509Certificate) certificate );
  }
  return results;
}

代码示例来源:origin: stackoverflow.com

public class TestClass {
  public static void main(String[] args) throws Exception {

    KeyStore p12 = KeyStore.getInstance("pkcs12");
    p12.load(new FileInputStream("pkcs.p12"), "password".toCharArray());
    Enumeration e = p12.aliases();
    while (e.hasMoreElements()) {
      String alias = (String) e.nextElement();
      X509Certificate c = (X509Certificate) p12.getCertificate(alias);
      Principal subject = c.getSubjectDN();
      String subjectArray[] = subject.toString().split(",");
      for (String s : subjectArray) {
        String[] str = s.trim().split("=");
        String key = str[0];
        String value = str[1];
        System.out.println(key + " - " + value);
      }
    }
  }
}

代码示例来源:origin: apache/geode

/**
 * Load the private key of the server. This method is not thread safe.
 */
public static void initPrivateKey(Properties props) throws Exception {
 String privateKeyFilePath = props.getProperty(PRIVATE_KEY_FILE_PROP);
 privateKeyAlias = "";
 privateKeyEncrypt = null;
 if (privateKeyFilePath != null && privateKeyFilePath.length() > 0) {
  KeyStore ks = KeyStore.getInstance("PKCS12");
  privateKeyAlias = props.getProperty(PRIVATE_KEY_ALIAS_PROP);
  if (privateKeyAlias == null) {
   privateKeyAlias = "";
  }
  String keyStorePass = props.getProperty(PRIVATE_KEY_PASSWD_PROP);
  char[] passPhrase = (keyStorePass != null ? keyStorePass.toCharArray() : null);
  FileInputStream privateKeyFile = new FileInputStream(privateKeyFilePath);
  try {
   ks.load(privateKeyFile, passPhrase);
  } finally {
   privateKeyFile.close();
  }
  Key key = ks.getKey(privateKeyAlias, passPhrase);
  Certificate keyCert = ks.getCertificate(privateKeyAlias);
  if (key instanceof PrivateKey && keyCert instanceof X509Certificate) {
   privateKeyEncrypt = (PrivateKey) key;
   privateKeySignAlgo = ((X509Certificate) keyCert).getSigAlgName();
   privateKeySubject = ((X509Certificate) keyCert).getSubjectDN().getName();
  }
 }
}

代码示例来源:origin: apache/pdfbox

/**
 * Returns the certificate contained in the keystore.
 *
 * @return The certificate that will be used to try to open the document.
 *
 * @throws KeyStoreException If there is an error accessing the certificate.
 */
public X509Certificate getCertificate() throws KeyStoreException
{
  if(keyStore.size() == 1)
  {
    Enumeration<String> aliases = keyStore.aliases();
    String keyStoreAlias = aliases.nextElement();
    return (X509Certificate)keyStore.getCertificate(keyStoreAlias);
  }
  else
  {
    if(keyStore.containsAlias(alias))
    {
      return (X509Certificate)keyStore.getCertificate(alias);
    }
    throw new KeyStoreException("the keystore does not contain the given alias");
  }
}

代码示例来源:origin: stackoverflow.com

/**
 * Android Central Keystore repo usually located on /data/misc/keychain 
 * including the system trusted anchors located on /system/etc/security
 */
KeyStore keyStore = KetStore.getInstance("AndroidCAStore");
keyStore.load(null, null); //Load default system keystore
Enumeration<String> keyAliases = keyStore.aliases();

while(keyAliases.hasMoreElements()){
  String alias = aliases.nextElement();
  X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);

  //<User cert in whatever way you want>
}

代码示例来源:origin: cloudfoundry/uaa

@Test
public void keystore_impls_is_not_a_singleton() throws KeyStoreException {
  assertNotSame(KeyStore.getInstance("JKS"), KeyStore.getInstance("JKS"));
  JKSKeyManager manager1 = (JKSKeyManager) SamlKeyManagerFactory.getKeyManager(config);
  config.setKeys(EMPTY_MAP);
  config.setPrivateKey(key1);
  config.setPrivateKeyPassword("password");
  config.setCertificate(certificate1);
  JKSKeyManager manager2 = (JKSKeyManager) SamlKeyManagerFactory.getKeyManager(config);
  KeyStore ks1 = (KeyStore) ReflectionTestUtils.getField(manager1, JKSKeyManager.class, "keyStore");
  KeyStore ks2 = (KeyStore) ReflectionTestUtils.getField(manager2, JKSKeyManager.class, "keyStore");
  String alias = SamlConfig.LEGACY_KEY_ID;
  assertNotEquals(ks1.getCertificate(alias), ks2.getCertificate(alias));
  assertEquals(ks1.getCertificate(alias), ks1.getCertificate(alias));
}

代码示例来源:origin: groupon/odo

private void reloadKeystore() throws FileNotFoundException, IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException, UnrecoverableKeyException {
  InputStream is = new FileInputStream(new File(root, _caPrivateKeystore));
  if (is != null)	{
    _ks.load(is, _keystorepass);
    _caCert = (X509Certificate)_ks.getCertificate(_caCertAlias);
    _caPrivKey = (PrivateKey)_ks.getKey(_caPrivKeyAlias, _keypassword);
  }
}

代码示例来源:origin: apache/geode

private void populateMap() {
 try {
  final KeyStore keyStore = KeyStore.getInstance("JKS");
  final char[] passPhrase = this.pubKeyPass != null ? this.pubKeyPass.toCharArray() : null;
  final FileInputStream keyStoreFile = new FileInputStream(this.pubKeyFilePath);
  try {
   keyStore.load(keyStoreFile, passPhrase);
  } finally {
   keyStoreFile.close();
  }
  for (Enumeration e = keyStore.aliases(); e.hasMoreElements();) {
   final Object alias = e.nextElement();
   final Certificate cert = keyStore.getCertificate((String) alias);
   if (cert instanceof X509Certificate) {
    this.aliasCertificateMap.put(alias, cert);
   }
  }
 } catch (Exception e) {
  throw new AuthenticationFailedException(
    "Exception while getting public keys: " + e.getMessage(), e);
 }
}

代码示例来源:origin: igniterealtime/Openfire

public OpenfireX509TrustManager( KeyStore trustStore, boolean acceptSelfSigned, boolean checkValidity ) throws NoSuchAlgorithmException, KeyStoreException
{
  this.acceptSelfSigned = acceptSelfSigned;
  this.checkValidity = checkValidity;
  // Retrieve all trusted certificates from the store, but don't validate them just yet!
  final Set<X509Certificate> trusted = new HashSet<>();
  final Enumeration<String> aliases = trustStore.aliases();
  while ( aliases.hasMoreElements() )
  {
    final String alias = aliases.nextElement();
    if ( trustStore.isCertificateEntry( alias ) )
    {
      final Certificate certificate = trustStore.getCertificate( alias );
      if ( certificate instanceof X509Certificate )
      {
        trusted.add( (X509Certificate) certificate );
      }
    }
  }
  trustedIssuers = Collections.unmodifiableSet( trusted );
  Log.debug( "Constructed trust manager. Number of trusted issuers: {}, accepts self-signed: {}, checks validity: {}", trustedIssuers.size(), acceptSelfSigned, checkValidity );
}

代码示例来源:origin: wildfly/wildfly

/**
   * Used during setup to get the certification from the keystore and encrypt the auth_value with
   * the private key
   */
  public void setCertificate() throws KeyStoreException, IOException, NoSuchAlgorithmException,
          CertificateException, NoSuchPaddingException, InvalidKeyException,
          IllegalBlockSizeException, BadPaddingException, UnrecoverableEntryException {
    KeyStore store = KeyStore.getInstance(this.keystore_type);
    InputStream inputStream=Thread.currentThread().getContextClassLoader().getResourceAsStream(this.keystore_path);
    if(inputStream == null)
      inputStream=new FileInputStream(this.keystore_path);
    store.load(inputStream, this.keystore_password);

    this.cipher = Cipher.getInstance(this.cipher_type);
    this.certificate = (X509Certificate) store.getCertificate(this.cert_alias);

    log.debug("certificate = " + this.certificate.toString());

    this.cipher.init(Cipher.ENCRYPT_MODE, this.certificate);
    this.encryptedToken = this.cipher.doFinal(this.auth_value.getBytes());

    KeyStore.PrivateKeyEntry privateKey = (KeyStore.PrivateKeyEntry) store.getEntry(
            this.cert_alias, new KeyStore.PasswordProtection(this.cert_password));
    this.certPrivateKey = privateKey.getPrivateKey();

    this.valueSet=true;
  }
}

代码示例来源:origin: stackoverflow.com

KeyStore ks = KeyStore.getInstance("jks");
/* Load the key store. */
...
char[] password = ...;
/* Save the private key. */
FileOutputStream kos = new FileOutputStream("tmpkey.der");
Key pvt = ks.getKey("your_alias", password);
kos.write(pvt.getEncoded());
kos.flush();
kos.close();
/* Save the certificate. */
FileOutputStream cos = new FileOutputStream("tmpcert.der");
Certificate pub = ks.getCertificate("your_alias");
cos.write(pub.getEncoded());
cos.flush();
cos.close();

代码示例来源:origin: benoberkfell/android-fingerprint-demo

public PublicKey getVerificationPublicKey() {
  try {
    KeyStore keyStore = getKeyStore();
    keyStore.load(null);
    return keyStore.getCertificate(KEY_NAME).getPublicKey();
  } catch (KeyStoreException | CertificateException | NoSuchAlgorithmException |
      IOException e) {
    throw new RuntimeException("Failed to get public key", e);
  }
}

代码示例来源:origin: prestodb/presto

private static void validateCertificates(KeyStore keyStore)
    throws GeneralSecurityException
{
  for (String alias : list(keyStore.aliases())) {
    if (!keyStore.isKeyEntry(alias)) {
      continue;
    }
    Certificate certificate = keyStore.getCertificate(alias);
    if (!(certificate instanceof X509Certificate)) {
      continue;
    }
    try {
      ((X509Certificate) certificate).checkValidity();
    }
    catch (CertificateExpiredException e) {
      throw new CertificateExpiredException("KeyStore certificate is expired: " + e.getMessage());
    }
    catch (CertificateNotYetValidException e) {
      throw new CertificateNotYetValidException("KeyStore certificate is not yet valid: " + e.getMessage());
    }
  }
}

代码示例来源:origin: apache/geode

/**
 * Populate the available server public keys into a local static HashMap. This method is not
 * thread safe.
 */
public static void initCertsMap(Properties props) throws Exception {
 certificateMap = new HashMap();
 certificateFilePath = props.getProperty(PUBLIC_KEY_FILE_PROP);
 if (certificateFilePath != null && certificateFilePath.length() > 0) {
  KeyStore ks = KeyStore.getInstance("JKS");
  String keyStorePass = props.getProperty(PUBLIC_KEY_PASSWD_PROP);
  char[] passPhrase = (keyStorePass != null ? keyStorePass.toCharArray() : null);
  FileInputStream keystorefile = new FileInputStream(certificateFilePath);
  try {
   ks.load(keystorefile, passPhrase);
  } finally {
   keystorefile.close();
  }
  Enumeration aliases = ks.aliases();
  while (aliases.hasMoreElements()) {
   String alias = (String) aliases.nextElement();
   Certificate cert = ks.getCertificate(alias);
   if (cert instanceof X509Certificate) {
    String subject = ((X509Certificate) cert).getSubjectDN().getName();
    certificateMap.put(subject, cert);
   }
  }
 }
}

代码示例来源:origin: Javen205/IJPay

/**
 * 获取配置文件acp_sdk.properties中配置的签名私钥证书certId
 * 
 * @return 证书的物理编号
 */
public static String getSignCertId() {
  try {
    Enumeration<String> aliasenum = keyStore.aliases();
    String keyAlias = null;
    if (aliasenum.hasMoreElements()) {
      keyAlias = aliasenum.nextElement();
    }
    X509Certificate cert = (X509Certificate) keyStore
        .getCertificate(keyAlias);
    return cert.getSerialNumber().toString();
  } catch (Exception e) {
    e.printStackTrace();
    LogUtil.writeErrorLog("getSignCertId Error", e);
    return null;
  }
}

代码示例来源:origin: internetarchive/heritrix3

KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
InputStream inStream = new ByteArrayInputStream(
    FileUtils.readFileToByteArray(keystoreFile));
keystore.load(inStream, ADHOC_PASSWORD.toCharArray());
Certificate cert = keystore.getCertificate("adhoc");
byte[] certBytes = cert.getEncoded();
byte[] sha1 = MessageDigest.getInstance("SHA1").digest(certBytes);

代码示例来源:origin: prestodb/presto

private static void validateCertificates(KeyStore keyStore)
    throws GeneralSecurityException
{
  for (String alias : list(keyStore.aliases())) {
    if (!keyStore.isKeyEntry(alias)) {
      continue;
    }
    Certificate certificate = keyStore.getCertificate(alias);
    if (!(certificate instanceof X509Certificate)) {
      continue;
    }
    try {
      ((X509Certificate) certificate).checkValidity();
    }
    catch (CertificateExpiredException e) {
      throw new CertificateExpiredException("KeyStore certificate is expired: " + e.getMessage());
    }
    catch (CertificateNotYetValidException e) {
      throw new CertificateNotYetValidException("KeyStore certificate is not yet valid: " + e.getMessage());
    }
  }
}

代码示例来源:origin: stackoverflow.com

KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
String password = "password";
keystore.load(is, password.toCharArray());
Enumeration enumeration = keystore.aliases();
while(enumeration.hasMoreElements()) {
  String alias = (String)enumeration.nextElement();
  System.out.println("alias name: " + alias);
  Certificate certificate = keystore.getCertificate(alias);
  System.out.println(certificate.toString());

代码示例来源:origin: Javen205/IJPay

/**
 * 通过keystore获取私钥证书的certId值
 * @param keyStore
 * @return
 */
private static String getCertIdIdByStore(KeyStore keyStore) {
  Enumeration<String> aliasenum = null;
  try {
    aliasenum = keyStore.aliases();
    String keyAlias = null;
    if (aliasenum.hasMoreElements()) {
      keyAlias = aliasenum.nextElement();
    }
    X509Certificate cert = (X509Certificate) keyStore
        .getCertificate(keyAlias);
    return cert.getSerialNumber().toString();
  } catch (KeyStoreException e) {
    LogUtil.writeErrorLog("getCertIdIdByStore Error", e);
    return null;
  }
}

相关文章