Java Code Examples for org.apache.axiom.om.util.Base64#decode()

The following examples show how to use org.apache.axiom.om.util.Base64#decode() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: ReadCertStoreSampleUtil.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
public static PrivateKey getSamplePrivateKey() throws Exception {
    // Read in the key into a String
    StringBuilder pkcs8Lines = new StringBuilder();
    BufferedReader rdr = new BufferedReader(new StringReader(PRIVATE_KEY));
    String line;
    while ((line = rdr.readLine()) != null) {
        pkcs8Lines.append(line);
    }

    // Remove the "BEGIN" and "END" lines, as well as any whitespace

    String pkcs8Pem = pkcs8Lines.toString();
    pkcs8Pem = pkcs8Pem.replace("-----BEGIN PRIVATE KEY-----", "");
    pkcs8Pem = pkcs8Pem.replace("-----END PRIVATE KEY-----", "");
    pkcs8Pem = pkcs8Pem.replaceAll("\\s+", "");

    // Base64 decode the result

    byte[] pkcs8EncodedBytes = Base64.decode(pkcs8Pem);

    // extract the private key

    PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(pkcs8EncodedBytes);
    KeyFactory kf = KeyFactory.getInstance("RSA");
    return kf.generatePrivate(keySpec);
}
 
Example 2
Source File: IdentityApplicationManagementUtil.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
/**
 * @param encodedCert
 * @return
 * @throws CertificateException
 */
public static CertData getCertData(String encodedCert) throws CertificateException {

    if (encodedCert != null) {
        byte[] bytes = Base64.decode(encodedCert);
        CertificateFactory factory = CertificateFactory.getInstance("X.509");
        X509Certificate cert = (X509Certificate) factory
                .generateCertificate(new ByteArrayInputStream(bytes));
        Format formatter = new SimpleDateFormat("dd/MM/yyyy");
        return fillCertData(cert, formatter);
    } else {
        String errorMsg = "Invalid encoded certificate: \'NULL\'";
        log.debug(errorMsg);
        throw new IllegalArgumentException(errorMsg);
    }
}
 
Example 3
Source File: IdentityApplicationManagementUtil.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * Generate thumbprint of certificate
 *
 * @param encodedCert Base64 encoded certificate
 * @return Certificate thumbprint
 * @throws java.security.NoSuchAlgorithmException Unsupported hash algorithm
 */
public static String generateThumbPrint(String encodedCert) throws NoSuchAlgorithmException {

    if (encodedCert != null) {
        MessageDigest digestValue = null;
        digestValue = MessageDigest.getInstance("SHA-1");
        byte[] der = Base64.decode(encodedCert);
        digestValue.update(der);
        byte[] digestInBytes = digestValue.digest();
        String publicCertThumbprint = hexify(digestInBytes);
        return publicCertThumbprint;
    } else {
        String errorMsg = "Invalid encoded certificate: \'NULL\'";
        log.debug(errorMsg);
        throw new IllegalArgumentException(errorMsg);
    }
}
 
Example 4
Source File: IdentityApplicationManagementUtil.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
/**
 * Generate thumbprint of certificate
 *
 * @param encodedCert Base64 encoded certificate
 * @return Certificate thumbprint
 * @throws java.security.NoSuchAlgorithmException Unsupported hash algorithm
 */
public static String generateThumbPrint(String encodedCert) throws NoSuchAlgorithmException {

    if (encodedCert != null) {
        MessageDigest digestValue = null;
        digestValue = MessageDigest.getInstance("SHA-1");
        byte[] der = Base64.decode(encodedCert);
        digestValue.update(der);
        byte[] digestInBytes = digestValue.digest();
        String publicCertThumbprint = hexify(digestInBytes);
        return publicCertThumbprint;
    } else {
        String errorMsg = "Invalid encoded certificate: \'NULL\'";
        log.debug(errorMsg);
        throw new IllegalArgumentException(errorMsg);
    }
}
 
Example 5
Source File: IdentityApplicationManagementUtil.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
/**
 * Generate thumbprint of certificate
 *
 * @param encodedCert Base64 encoded certificate
 * @return Decoded <code>Certificate</code>
 * @throws java.security.cert.CertificateException Error when decoding certificate
 */
public static Certificate decodeCertificate(String encodedCert) throws CertificateException {

    if (encodedCert != null) {
        byte[] bytes = Base64.decode(encodedCert);
        CertificateFactory factory = CertificateFactory.getInstance(IdentityApplicationConstants.CERTIFICATE_TYPE);
        X509Certificate cert = (X509Certificate) factory
                .generateCertificate(new ByteArrayInputStream(bytes));
        return cert;
    } else {
        String errorMsg = "Invalid encoded certificate: \'NULL\'";
        log.debug(errorMsg);
        throw new IllegalArgumentException(errorMsg);
    }
}
 
Example 6
Source File: IdentityApplicationManagementUtil.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
private static CertData createCertData(String encodedCert) throws CertificateException {

        byte[] bytes = Base64.decode(encodedCert);
        CertificateFactory factory = CertificateFactory.getInstance(IdentityApplicationConstants.CERTIFICATE_TYPE);
        X509Certificate cert = (X509Certificate) factory
                .generateCertificate(new ByteArrayInputStream(bytes));
        Format formatter = new SimpleDateFormat(IdentityApplicationConstants.DATE_FORMAT);
        return fillCertData(cert, formatter);
    }
 
Example 7
Source File: UserStoreConfigXMLProcessor.java    From micro-integrator with Apache License 2.0 5 votes vote down vote up
/**
 * Function to decrypt given cipher text
 *
 * @param propValue base64encoded ciphertext
 * @return plaintext
 * @throws NoSuchPaddingException
 * @throws NoSuchAlgorithmException
 * @throws NoSuchProviderException
 * @throws org.wso2.micro.integrator.security.user.api.UserStoreException
 * @throws InvalidKeyException
 * @throws BadPaddingException
 * @throws IllegalBlockSizeException
 */
private String decryptProperty(String propValue)
        throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException,
        org.wso2.micro.integrator.security.user.api.UserStoreException, InvalidKeyException, BadPaddingException,
        IllegalBlockSizeException {

    Cipher keyStoreCipher;
    String cipherTransformation = System.getProperty(CIPHER_TRANSFORMATION_SYSTEM_PROPERTY);
    byte[] cipherTextBytes = Base64.decode(propValue.trim());

    privateKey = (privateKey == null) ? getPrivateKey() : privateKey;
    if (privateKey == null) {
        throw new org.wso2.micro.integrator.security.user.api.UserStoreException(
                "Private key initialization failed. Cannot decrypt the userstore password.");
    }

    if(cipherTransformation != null) {
        // extract the original cipher if custom transformation is used configured in carbon.properties.
        CipherHolder cipherHolder = cipherTextToCipherHolder(cipherTextBytes);
        if (cipherHolder != null) {
            // cipher with meta data.
            if (log.isDebugEnabled()) {
                log.debug("Cipher transformation for decryption : " + cipherHolder.getTransformation());
            }
            keyStoreCipher = Cipher.getInstance(cipherHolder.getTransformation(), "BC");
            cipherTextBytes = cipherHolder.getCipherBase64Decoded();
        } else {
            // If the ciphertext is not a self-contained, directly decrypt using transformation configured in
            // carbon.properties file
            keyStoreCipher = Cipher.getInstance(cipherTransformation, "BC");
        }
    } else {
        // If reach here, user have removed org.wso2.CipherTransformation property or carbon.properties file
        // hence RSA is considered as default transformation
        keyStoreCipher = Cipher.getInstance("RSA", "BC");
    }
    keyStoreCipher.init(Cipher.DECRYPT_MODE, privateKey);
    return new String(keyStoreCipher.doFinal(cipherTextBytes), Charset.defaultCharset());
}
 
Example 8
Source File: IdentityApplicationManagementUtil.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * Generate thumbprint of certificate
 *
 * @param encodedCert Base64 encoded certificate
 * @return Decoded <code>Certificate</code>
 * @throws java.security.cert.CertificateException Error when decoding certificate
 */
public static Certificate decodeCertificate(String encodedCert) throws CertificateException {

    if (encodedCert != null) {
        byte[] bytes = Base64.decode(encodedCert);
        CertificateFactory factory = CertificateFactory.getInstance("X.509");
        X509Certificate cert = (X509Certificate) factory
                .generateCertificate(new ByteArrayInputStream(bytes));
        return cert;
    } else {
        String errorMsg = "Invalid encoded certificate: \'NULL\'";
        log.debug(errorMsg);
        throw new IllegalArgumentException(errorMsg);
    }
}
 
Example 9
Source File: IdPManagementUIUtil.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
private static String handleCertificateDeletion(String oldCertificateValues, String deletedCertificateValues) {

        String decodedOldCertificate = new String(Base64.decode(oldCertificateValues), StandardCharsets.UTF_8);
        String decodedDeletedCertificate = new String(Base64.decode(deletedCertificateValues), StandardCharsets.UTF_8);

        Set<String> updatedCertificateSet = new LinkedHashSet<>(getExtractedCertificateValues(decodedOldCertificate));
        updatedCertificateSet.removeAll(getExtractedCertificateValues(decodedDeletedCertificate));
        return Base64.encode(String.join("", updatedCertificateSet).getBytes(StandardCharsets.UTF_8));
    }
 
Example 10
Source File: IdPManagementUIUtil.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up
private static String handleCertificateAddition(String oldCertValues, String newCertValues) {

        String decodedOldCertificate = new String(Base64.decode(oldCertValues), StandardCharsets.UTF_8);
        String decodedNewCertificate = new String(Base64.decode(newCertValues), StandardCharsets.UTF_8);

        Set<String> updatedCertificateSet = new LinkedHashSet<>(getExtractedCertificateValues
                (decodedOldCertificate));

        updatedCertificateSet.addAll(getExtractedCertificateValues(decodedNewCertificate));
        return Base64.encode(String.join("", updatedCertificateSet).getBytes(StandardCharsets.UTF_8));
    }
 
Example 11
Source File: KeyStoreAdmin.java    From carbon-identity-framework with Apache License 2.0 4 votes vote down vote up
public void addKeyStore(String fileData, String filename, String password, String provider,
                        String type, String pvtkeyPass) throws SecurityConfigException {
    byte[] content = Base64.decode(fileData);
    addKeyStore(content, filename, password, provider, type, pvtkeyPass);
}
 
Example 12
Source File: KeyStoreAdmin.java    From carbon-identity with Apache License 2.0 4 votes vote down vote up
public void addTrustStore(String fileData, String filename, String password, String provider,
                          String type) throws SecurityConfigException {
    byte[] content = Base64.decode(fileData);
    addTrustStore(content, filename, password, provider, type);
}
 
Example 13
Source File: KeyStoreAdmin.java    From carbon-identity with Apache License 2.0 4 votes vote down vote up
public void addKeyStore(String fileData, String filename, String password, String provider,
                        String type, String pvtkeyPass) throws SecurityConfigException {
    byte[] content = Base64.decode(fileData);
    addKeyStore(content, filename, password, provider, type, pvtkeyPass);
}
 
Example 14
Source File: KeyStoreAdmin.java    From carbon-identity-framework with Apache License 2.0 4 votes vote down vote up
public void addTrustStore(String fileData, String filename, String password, String provider,
                          String type) throws SecurityConfigException {
    byte[] content = Base64.decode(fileData);
    addTrustStore(content, filename, password, provider, type);
}
 
Example 15
Source File: BasicAuthHandler.java    From carbon-identity-framework with Apache License 2.0 4 votes vote down vote up
public boolean isAuthenticated(ContainerRequestContext message) {
    // extract authorization header and authenticate.

    // get the value for Authorization Header
    List authzHeaders = message.getHeaders().get(EntitlementEndpointConstants.AUTHORIZATION_HEADER);
    if (authzHeaders != null) {
        // get the authorization header value, if provided
        String authzHeader = (String) authzHeaders.get(0);

        // decode it and extract username and password
        byte[] decodedAuthHeader = Base64.decode(authzHeader.split(" ")[1]);
        String authHeader = new String(decodedAuthHeader);
        String userName = authHeader.split(":")[0];
        String password = authHeader.split(":")[1];
        if (userName != null && password != null) {
            String tenantDomain = MultitenantUtils.getTenantDomain(userName);
            String tenantLessUserName = MultitenantUtils.getTenantAwareUsername(userName);

            try {
                // get super tenant context and get realm service which is an osgi service
                RealmService realmService = (RealmService) PrivilegedCarbonContext
                        .getThreadLocalCarbonContext().getOSGiService(RealmService.class);
                if (realmService != null) {
                    int tenantId = realmService.getTenantManager().getTenantId(tenantDomain);
                    if (tenantId == -1) {
                        log.error("Invalid tenant domain " + tenantDomain);
                        return false;
                    }
                    // get tenant's user realm
                    UserRealm userRealm = realmService.getTenantUserRealm(tenantId);
                    boolean authenticated = userRealm.getUserStoreManager().authenticate(
                            tenantLessUserName, password);
                    if (authenticated) {
                        // authentication success. set the username for authorization header and
                        // proceed the REST call
                        authzHeaders.set(0, userName);
                        return true;
                    } else {
                        log.error("Authentication failed for the user: " + tenantLessUserName
                                + "@" + tenantDomain);
                        return false;
                    }
                } else {
                    log.error("Error in getting Realm Service for user: " + userName);
                    return false;
                }
            } catch (UserStoreException e) {
                log.error("Internal server error while authenticating the user.");
                return false;
            }
        } else {
            log.error("Authentication required for this resource. " +
                            "Username or password not provided.");
            return false;
        }
    } else {
        log.error("Authentication required for this resource. " +
                      "Authorization header not present in the request.");
        return false;
    }

}
 
Example 16
Source File: CipherHolder.java    From micro-integrator with Apache License 2.0 4 votes vote down vote up
public byte[] getCipherBase64Decoded() {
    return Base64.decode(cipherText);
}
 
Example 17
Source File: UserStoreConfigXMLProcessor.java    From micro-integrator with Apache License 2.0 4 votes vote down vote up
public byte[] getCipherBase64Decoded() {
    return Base64.decode(c);
}