/** * Returns an integer hash code for the certificate. Any two objects which * return {@code true} when passed to {@code equals} must return the same * value for this method. * * @return the certificate's hash * @see #equals */ public int hashCode() { try { byte[] encoded = getEncoded(); int hash = 0; for (int i=0; i<encoded.length; i++) { hash += i*encoded[i]; } return hash; } catch (CertificateEncodingException e) { throw new RuntimeException(e); } }
private boolean check(File path, Certificate[] certs) { if (certs.length > 0) { for (int i = certs.length - 1; i >= 0; i--) { try { if (mPublicKeyMd5.equals(SharePatchFileUtil.getMD5(certs[i].getEncoded()))) { return true; } } catch (Exception e) { Log.e(TAG, path.getAbsolutePath(), e); } } } return false; }
/** * Compares the argument to the certificate, and returns {@code true} if they * represent the <em>same</em> object using a class specific comparison. The * implementation in Object returns {@code true} only if the argument is the * exact same object as the callee (==). * * @param other * the object to compare with this object. * @return {@code true} if the object is the same as this object, {@code * false} if it is different from this object. * @see #hashCode */ public boolean equals(Object other) { // obj equal to itself if (this == other) { return true; } if (other instanceof Certificate) { try { // check that encoded forms match return Arrays.equals(this.getEncoded(), ((Certificate)other).getEncoded()); } catch (CertificateEncodingException e) { throw new RuntimeException(e); } } return false; }
public static String getCertFingerPrint(Certificate cert) { byte [] digest = null; try { byte[] encCertInfo = cert.getEncoded(); MessageDigest md = MessageDigest.getInstance("SHA-1"); digest = md.digest(encCertInfo); } catch (Exception e) { logger.error("Exception:", e); } return toHexString(digest); } }
/** * Accepts an abstract {@link java.security.cert.Certificate} and returns an {@link X509Certificate}. Because {@code sslSocket.getSession().getPeerCertificates()} returns an array of the * abstract certificates, they must be translated to X.509 to replace the functionality of {@code sslSocket.getSession().getPeerCertificateChain()}. * * @param abstractCertificate the {@code java.security.cert.Certificate} * @return a new {@code java.security.cert.X509Certificate} * @throws CertificateException if there is an error generating the new certificate */ public static X509Certificate convertAbstractX509Certificate(java.security.cert.Certificate abstractCertificate) throws CertificateException { if (abstractCertificate == null || !(abstractCertificate instanceof X509Certificate)) { throw new IllegalArgumentException("The certificate cannot be null and must be an X.509 certificate"); } try { return formX509Certificate(abstractCertificate.getEncoded()); } catch (java.security.cert.CertificateEncodingException e) { throw new CertificateException(e); } }
private void writeCertList(BufferedSink sink, List<Certificate> certificates) throws IOException { try { sink.writeDecimalLong(certificates.size()) .writeByte('\n'); for (int i = 0, size = certificates.size(); i < size; i++) { byte[] bytes = certificates.get(i).getEncoded(); String line = ByteString.of(bytes).base64(); sink.writeUtf8(line) .writeByte('\n'); } } catch (CertificateEncodingException e) { throw new IOException(e.getMessage()); } }
final byte[] certificateDerEncoded = certificate.getEncoded(); messageDigest.update(certificateDerEncoded); return messageDigest.digest();
private void logKeyStore(KeyStore ks, String ksLocation, char[] ksPwd) { if (log.isInfoEnabled()) { log.info("Loaded cluster key store from: {}", ksLocation); try { for (Enumeration<String> e = ks.aliases(); e.hasMoreElements();) { String alias = e.nextElement(); Key key = ks.getKey(alias, ksPwd); Certificate[] certs = ks.getCertificateChain(alias); log.debug("{} -> {}", alias, certs); final byte[] encodedKey; if (certs != null && certs.length > 0) { encodedKey = certs[0].getEncoded(); } else { log.info("Could not find cert chain for {}, using fingerprint of key instead...", alias); encodedKey = key.getEncoded(); } // Compute the certificate's fingerprint (use the key if certificate cannot be found) MessageDigest digest = MessageDigest.getInstance("SHA1"); digest.update(encodedKey); StringJoiner fingerprint = new StringJoiner(":"); for (byte b : digest.digest()) { fingerprint.add(String.format("%02X", b)); } log.info("{} -> {}", alias, fingerprint); } } catch (Exception e) { log.warn("Unable to print contents of key store: {}", ksLocation, e); } } }
public static String toJson(Registration registration) { Map<String, Object> ret = new HashMap<>(); if (registration.isValid()) { ret.put("agentPrivateKey", serialize("RSA PRIVATE KEY", registration.getPrivateKey().getEncoded())); StringBuilder builder = new StringBuilder(); for (Certificate c : registration.getChain()) { try { builder.append(serialize("CERTIFICATE", c.getEncoded())); } catch (CertificateEncodingException e) { throw bomb(e); } } ret.put("agentCertificate", builder.toString()); } return GSON.toJson(ret); }
/** * Returns an alternate object to be serialized. * * @return the object to serialize. * @throws ObjectStreamException * if the creation of the alternate object fails. */ protected Object writeReplace() throws ObjectStreamException { try { return new CertificateRep(getType(), getEncoded()); } catch (CertificateEncodingException e) { throw new NotSerializableException("Could not create serialization object: " + e); } }
/** * * @param sessionId The SSL session ID * @param cypherSuite The cypher suite name * @param certificate A string representation of the client certificate * @throws java.security.cert.CertificateException If the client cert could not be decoded * @throws CertificateException If the client cert could not be decoded */ public BasicSSLSessionInfo(byte[] sessionId, String cypherSuite, String certificate) throws java.security.cert.CertificateException, CertificateException { this.sessionId = sessionId; this.cypherSuite = cypherSuite; if (certificate != null) { java.security.cert.CertificateFactory cf = java.security.cert.CertificateFactory.getInstance("X.509"); byte[] certificateBytes = certificate.getBytes(StandardCharsets.US_ASCII); ByteArrayInputStream stream = new ByteArrayInputStream(certificateBytes); Collection<? extends java.security.cert.Certificate> certCol = cf.generateCertificates(stream); this.peerCertificate = new java.security.cert.Certificate[certCol.size()]; this.certificate = new X509Certificate[certCol.size()]; int i=0; for(java.security.cert.Certificate cert : certCol) { this.peerCertificate[i] = cert; this.certificate[i++] = X509Certificate.getInstance(cert.getEncoded()); } } else { this.peerCertificate = null; this.certificate = null; } } /**
@Override public String engineGetCertificateAlias(Certificate cert) { try { byte[] certBytes = cert.getEncoded(); Attributes attributes = obtainAliasOrCertificateAttributes(null, certBytes, new String[]{aliasAttribute}); Attribute attribute = attributes == null ? null : attributes.get(aliasAttribute); if (attribute == null) { log.tracef("Certificate not found in LDAP: [%s]", cert); return null; } return (String) attribute.get(); } catch (CertificateException | NamingException e) { throw log.ldapKeyStoreFailedToObtainAliasByCertificate(e); } }
keystore.load(inStream, ADHOC_PASSWORD.toCharArray()); Certificate cert = keystore.getCertificate("adhoc"); byte[] certBytes = cert.getEncoded(); byte[] sha1 = MessageDigest.getInstance("SHA1").digest(certBytes); startupOut.print("Using ad-hoc HTTPS certificate with fingerprint...\nSHA1");
private void writeCertList(BufferedSink sink, List<Certificate> certificates) throws IOException { try { sink.writeDecimalLong(certificates.size()) .writeByte('\n'); for (int i = 0, size = certificates.size(); i < size; i++) { byte[] bytes = certificates.get(i).getEncoded(); String line = ByteString.of(bytes).base64(); sink.writeUtf8(line) .writeByte('\n'); } } catch (CertificateEncodingException e) { throw new IOException(e.getMessage()); } }
@Override public void engineSetCertificateEntry(String alias, Certificate cert) throws KeyStoreException { List<ModificationItem> items = new LinkedList<>(); try { BasicAttribute attribute = new BasicAttribute(certificateAttribute); attribute.add(cert.getEncoded()); items.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE, attribute)); } catch (CertificateEncodingException e) { throw log.ldapKeyStoreFailedToSerializeCertificate(alias, e); } storeAttributes(alias, items); }
private void writeCertList(BufferedSink sink, List<Certificate> certificates) throws IOException { try { sink.writeDecimalLong(certificates.size()) .writeByte('\n'); for (int i = 0, size = certificates.size(); i < size; i++) { byte[] bytes = certificates.get(i).getEncoded(); String line = ByteString.of(bytes).base64(); sink.writeUtf8(line) .writeByte('\n'); } } catch (CertificateEncodingException e) { throw new IOException(e.getMessage()); } }
private void writeCertList(BufferedSink sink, List<Certificate> certificates) throws IOException { try { sink.writeDecimalLong(certificates.size()) .writeByte('\n'); for (int i = 0, size = certificates.size(); i < size; i++) { byte[] bytes = certificates.get(i).getEncoded(); String line = ByteString.of(bytes).base64(); sink.writeUtf8(line) .writeByte('\n'); } } catch (CertificateEncodingException e) { throw new IOException(e.getMessage()); } }
@Override public void engineSetKeyEntry(String alias, byte[] keystoreBytes, Certificate[] chain) throws KeyStoreException { try { List<ModificationItem> items = new LinkedList<>(); items.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(keyAttribute, keystoreBytes))); CertificateFactory certFactory = CertificateFactory.getInstance(certificateType); CertPath certPath = certFactory.generateCertPath(Arrays.asList(chain)); BasicAttribute chainAttr = new BasicAttribute(certificateChainAttribute, certPath.getEncoded(certificateChainEncoding)); items.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE, chainAttr)); BasicAttribute certificateAttr = new BasicAttribute(certificateAttribute, chain[0].getEncoded()); items.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE, certificateAttr)); storeAttributes(alias, items); } catch (CertificateException e) { throw log.ldapKeyStoreFailedToSerializeCertificate(alias, e); } }
X500Name issuer = new X509CertificateHolder(caCert.getEncoded()) .getSubject(); BigInteger serial = BigInteger.valueOf(initRandomSerial());
inStream.reset(); Certificate res = new X509CertImpl(inStream); CERT_CACHE.put(hash, res.getEncoded(), res); return res;