📄 keyutil.java
字号:
/* * Copyright 2005,2006 WSO2, Inc. http://www.wso2.org * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */package org.wso2.solutions.identity.sts;import org.wso2.solutions.identity.IdentityProviderException;import org.wso2.utils.ServerConfiguration;import org.wso2.utils.security.CryptoUtil;import org.wso2.wsas.admin.service.CryptoAdmin;import org.wso2.wsas.admin.service.util.ServiceKeyStore;import org.wso2.wsas.persistence.PersistenceManager;import org.wso2.wsas.persistence.dataobject.KeyStoreDO;import org.wso2.wsas.util.KeyStoreUtil;import java.io.BufferedInputStream;import java.io.File;import java.io.FileInputStream;import java.security.Key;import java.security.KeyStore;import java.security.cert.Certificate;import java.security.cert.X509Certificate;public class KeyUtil { public static X509Certificate[] getServiceCertificateChain(String alias) throws IdentityProviderException { try { PersistenceManager pm = new PersistenceManager(); KeyStoreDO[] keystores = pm.getKeyStores(); if (keystores.length == 0 || keystores.length > 1) { throw new IdentityProviderException( "There should be only one keystore"); } KeyStore store = KeyStoreUtil.getKeyStore(keystores[0] .getKeyStoreName()); Certificate[] certChain = store.getCertificateChain(alias); X509Certificate[] certs = new X509Certificate[certChain.length]; for (int i = 0; i < certs.length; i++) { certs[i] = (X509Certificate) certChain[i]; } return certs; } catch (Exception e) { throw new IdentityProviderException(e.getMessage(), e); } } public static X509Certificate getCertificateToIncludeInMex( String serviceName) throws IdentityProviderException { X509Certificate cert = null; try { CryptoAdmin admin = new CryptoAdmin(); ServiceKeyStore[] stores = admin.getServiceKeyStores(serviceName); ServiceKeyStore privateStore = null; for (int i = 0; i < stores.length; i++) { ServiceKeyStore temp = stores[i]; if (temp.isPrivateKeyStore()) { privateStore = temp; break; } } if (privateStore != null) { // policy has a private key store KeyStore store = KeyStoreUtil.getKeyStore(privateStore .getKeyStoreName()); PersistenceManager pm = new PersistenceManager(); KeyStoreDO keyStoreDO = pm.getKeyStore(privateStore .getKeyStoreName()); String alias = keyStoreDO.getPrivateKeyAlias(); cert = (X509Certificate) store.getCertificate(alias); } else { // this is for UT token policy ServerConfiguration config = ServerConfiguration.getInstance(); String path = new File(config .getFirstProperty("Security.KeyStore.Location")) .getAbsolutePath(); String password = config .getFirstProperty("Security.KeyStore.Password"); String keyalias = config .getFirstProperty("Security.KeyStore.KeyAlias"); String storeType = config .getFirstProperty("Security.KeyStore.Type"); FileInputStream ksIn = new FileInputStream(path); BufferedInputStream ksbufin = new BufferedInputStream(ksIn); KeyStore store = KeyStore.getInstance(storeType); store.load(ksbufin, password.toCharArray()); cert = (X509Certificate) store.getCertificate(keyalias); } } catch (Exception e) { throw new IdentityProviderException("errorObtainingCertForService", new String[] { serviceName }); } return cert; } public static Key getPrivateKey(String alias) throws IdentityProviderException { try { PersistenceManager pm = new PersistenceManager(); KeyStoreDO[] keystores = pm.getKeyStores(); if (keystores.length == 0 || keystores.length > 1) { throw new IdentityProviderException( "There should be only one keystore"); } KeyStore store = KeyStoreUtil.getKeyStore(keystores[0] .getKeyStoreName()); ServerConfiguration config = ServerConfiguration.getInstance(); CryptoUtil cryptoUtil = new CryptoUtil(new File(config .getFirstProperty("Security.KeyStore.Location")) .getAbsolutePath(), config .getFirstProperty("Security.KeyStore.Password"), config .getFirstProperty("Security.KeyStore.KeyAlias"), config .getFirstProperty("Security.KeyStore.KeyPassword"), config .getFirstProperty("Security.KeyStore.Type")); return store.getKey(alias, new String(cryptoUtil .base64DecodeAndDecrypt(keystores[0] .getPrivateKeyPassword())).toCharArray()); } catch (Exception e) { throw new IdentityProviderException(e.getMessage(), e); } } public static X509Certificate getCertificate(String keyStoreName, String alais) throws IdentityProviderException { X509Certificate cert = null; try { KeyStore store = KeyStoreUtil.getKeyStore(keyStoreName); cert = (X509Certificate) store.getCertificate(alais); } catch (Exception e) { throw new IdentityProviderException("noCertInKeystore", new String[] { alais, keyStoreName }, e); } return cert; }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -