下面列出了java.security.KeyStore.PrivateKeyEntry#getCertificate ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
private KeyInfo getKeyInfo(XMLSignatureFactory fac, PrivateKeyEntry keyEntry) throws Exception {
String keyInfoChoice = (String) includeKeyInfo.getSelectedItem();
if( Boolean.parseBoolean(keyInfoChoice) ) {
KeyInfo keyInfo;
X509Certificate cert = (X509Certificate)keyEntry.getCertificate();
KeyInfoFactory keyInfoFac = fac.getKeyInfoFactory();
List<Object> x509Content = new ArrayList<Object>();
if( this.subject.isSelected() ) {
x509Content.add(cert.getSubjectX500Principal().getName());
}
if( this.serialIssuer.isSelected() ) {
x509Content.add(keyInfoFac.newX509IssuerSerial(cert.getIssuerX500Principal().getName(),cert.getSerialNumber()));
}
if( this.issuer.isSelected() ) {
x509Content.add(cert.getIssuerX500Principal().getName());
}
if( this.certificate.isSelected() ) {
x509Content.add(cert);
}
X509Data xd = keyInfoFac.newX509Data(x509Content);
keyInfo = keyInfoFac.newKeyInfo(Collections.singletonList(xd));
return keyInfo;
}
return (KeyInfo)null;
}
protected KeyInfo getKeyInfo() throws Exception {
PrivateKeyEntry keyEntry = this.selectedEntry;
String keyInfoChoice = (String) includeKeyInfo.getSelectedItem();
if( Boolean.parseBoolean(keyInfoChoice) ) {
X509Certificate cert = (X509Certificate)keyEntry.getCertificate();
KeyInfoFactory keyInfoFac = signatureFac.getKeyInfoFactory();
List<Object> x509Content = new ArrayList<Object>();
if( this.subject.isSelected() ) {
x509Content.add(cert.getSubjectX500Principal().getName());
}
if( this.serialIssuer.isSelected() ) {
x509Content.add(keyInfoFac.newX509IssuerSerial(cert.getIssuerX500Principal().getName(),cert.getSerialNumber()));
}
if( this.issuer.isSelected() ) {
x509Content.add(cert.getIssuerX500Principal().getName());
}
if( this.certificate.isSelected() ) {
x509Content.add(cert);
}
X509Data xd = keyInfoFac.newX509Data(x509Content);
return keyInfoFac.newKeyInfo(Collections.singletonList(xd));
}
return (KeyInfo)null;
}
public PatchBuilder(File outFile, File dexFile, PrivateKeyEntry key,
PrintStream verboseStream) {
try {
if (null != key) {
mBuilder = new SignedJarBuilder(
new FileOutputStream(outFile, false), key.getPrivateKey(),
(X509Certificate) key.getCertificate());
} else {
mBuilder = new SignedJarBuilder(
new FileOutputStream(outFile, false), null,
null);
}
mBuilder.writeFile(dexFile, "classes.dex");
} catch (Exception e) {
e.printStackTrace();
}
}
private static KeyPair entry2Pair(Entry entry) {
PublicKey pub = null;
PrivateKey priv = null;
if (entry instanceof PrivateKeyEntry) {
PrivateKeyEntry pk = (PrivateKeyEntry) entry;
if (pk.getCertificate() != null) {
pub = pk.getCertificate().getPublicKey();
}
priv = pk.getPrivateKey();
} else if (entry instanceof TrustedCertificateEntry) {
TrustedCertificateEntry tc = (TrustedCertificateEntry) entry;
pub = tc.getTrustedCertificate().getPublicKey();
} else {
throw new IllegalArgumentException(
"Only entry types PrivateKeyEntry and TrustedCertificateEntry are supported.");
}
return new KeyPair(pub, priv);
}
private static KeyPair entry2Pair(Entry entry) {
PublicKey pub = null;
PrivateKey priv = null;
if (entry instanceof PrivateKeyEntry) {
PrivateKeyEntry pk = (PrivateKeyEntry) entry;
if (pk.getCertificate() != null) {
pub = pk.getCertificate().getPublicKey();
}
priv = pk.getPrivateKey();
} else if (entry instanceof TrustedCertificateEntry) {
TrustedCertificateEntry tc = (TrustedCertificateEntry) entry;
pub = tc.getTrustedCertificate().getPublicKey();
} else {
throw new IllegalArgumentException(
"Only entry types PrivateKeyEntry and TrustedCertificateEntry are supported.");
}
return new KeyPair(pub, priv);
}
/**
* The default constructor for KSPrivateKeyEntry.
*
* @param alias
* the given alias
* @param privateKeyEntry
* the keystore private key entry
*/
public KSPrivateKeyEntry(final String alias, final PrivateKeyEntry privateKeyEntry) {
this.alias = alias;
certificate = new CertificateToken((X509Certificate) privateKeyEntry.getCertificate());
final List<CertificateToken> x509CertificateList = new ArrayList<>();
final Certificate[] simpleCertificateChain = privateKeyEntry.getCertificateChain();
for (final Certificate currentCertificate : simpleCertificateChain) {
x509CertificateList.add(new CertificateToken((X509Certificate) currentCertificate));
}
final CertificateToken[] certificateChain_ = new CertificateToken[x509CertificateList.size()];
certificateChain = x509CertificateList.toArray(certificateChain_);
privateKey = privateKeyEntry.getPrivateKey();
}
/**
* Signs and returns the w3c representation of the document containing the SAML assertion.
*
* @param document
* w3c document to be signed.
* @return w3c representation of the signed document.
* @throws TransformerException
* @throws NoSuchAlgorithmException
* @throws InvalidAlgorithmParameterException
* @throws KeyException
* @throws MarshalException
* @throws XMLSignatureException
*/
public Document signSamlAssertion(Document document) throws TransformerException, NoSuchAlgorithmException,
InvalidAlgorithmParameterException, KeyException, MarshalException, XMLSignatureException {
if (document != null) {
PrivateKeyEntry entry = getPrivateKeyEntryFromKeystore();
PrivateKey privateKey = entry.getPrivateKey();
X509Certificate certificate = (X509Certificate) entry.getCertificate();
Element signedElement = signSamlAssertion(document, privateKey, certificate);
return signedElement.getOwnerDocument();
}
return null;
}