akhabali · August 28, 2017 08:37
diff --git a/AzureKeyCredentialsGen.java b/AzureKeyCredentialsGen.java

 package io.khabali;

 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
 import java.io.FileWriter;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.PrintWriter;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
 import java.security.UnrecoverableKeyException;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
 import java.util.Base64;
 import java.util.UUID;

 import org.junit.Ignore;
 import org.junit.Test;

 public class AzureKeyCredentialsGen {

    @Ignore
    public void testGenerateKeyCredentials() throws KeyStoreException {

        String certFile = getClass().getClassLoader().getResource("keystore.jks").getPath();
        System.out.printf("Generating keyCredentials entry from %s\n", certFile);

        try {

            KeyStore keystore = KeyStore.getInstance("JKS");
            keystore.load(new FileInputStream(certFile), "keyStorePasswd".toCharArray());
            Certificate cert = keystore.getCertificate("keyAlias");

            // Generate base64-encoded version of the cert's data
            // for the "value" property of the "keyCredentials" entry
            byte[] certData = cert.getEncoded();
            String certValue = Base64.getEncoder().encodeToString(certData);
            System.out.println("Cert value: " + certValue);

            // Generate the SHA1-hash of the cert for the "customKeyIdentifier"
            // property of the "keyCredentials" entry
            MessageDigest md = MessageDigest.getInstance("SHA-1");
            md.update(certData);
            String certCustomKeyId = Base64.getEncoder().encodeToString(md.digest());
            System.out.println("Cert custom key ID: " + certCustomKeyId);

            FileWriter fw = new FileWriter("keycredentials.txt", false);
            PrintWriter pw = new PrintWriter(fw);

            pw.println("\"keyCredentials\": [");
            pw.println("  {");
            pw.println("    \"customKeyIdentifier\": \"" + certCustomKeyId + "\",");
            pw.println("    \"keyId\": \"" + UUID.randomUUID().toString() + "\",");
            pw.println("    \"type\": \"AsymmetricX509Cert\",");
            pw.println("    \"usage\": \"Verify\",");
            pw.println("    \"value\": \"" + certValue + "\"");
            pw.println("  }");
            pw.println("],");

            pw.close();

            System.out.println("Key credentials written to keycredentials.txt");
        } catch (FileNotFoundException e) {
            System.out.printf("ERROR: Cannot find %s\n", certFile);
        } catch (CertificateException e) {
            System.out.println("ERROR: Cannot instantiate X.509 certificate");
        } catch (NoSuchAlgorithmException e) {
            System.out.println("ERROR: Cannot instantiate SHA-1 algorithm");
        } catch (IOException e) {
            System.out.println("ERROR: Cannot write to keycredentials.txt");
        }
    }

    @Test
    public void getCertInfo() {

        try (InputStream certStore = new FileInputStream(
                getClass().getClassLoader().getResource("keyStore.jks").getPath())) {

            KeyStore keystore = KeyStore.getInstance("JKS");
            keystore.load(certStore, "keyPassword".toCharArray());
            PrivateKey privateKey = (PrivateKey) keystore.getKey("keyAlias", "keyPassword".toCharArray());
            X509Certificate cert = (X509Certificate) keystore.getCertificate("keyAlias");

            String thumbprint = getThumbPrint(cert);
            System.out.println(thumbprint);

        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException
                | UnrecoverableKeyException e) {
            e.printStackTrace();
        }
    }

    public static String getThumbPrint(X509Certificate cert) throws NoSuchAlgorithmException, CertificateEncodingException {
        MessageDigest md = MessageDigest.getInstance("SHA-1");
        byte[] der = cert.getEncoded();
        md.update(der);
        byte[] digest = md.digest();
        return hexify(digest);
    }

    public static String hexify(byte bytes[]) {

        char[] hexDigits = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
        StringBuffer buf = new StringBuffer(bytes.length * 2);
        for (int i = 0; i < bytes.length; ++i) {
            buf.append(hexDigits[(bytes[i] & 0xf0) >> 4]);
            buf.append(hexDigits[bytes[i] & 0x0f]);
        }

        return buf.toString();
    }

 }

	package io.khabali;

	import java.io.FileInputStream;
	import java.io.FileNotFoundException;
	import java.io.FileWriter;
	import java.io.IOException;
	import java.io.InputStream;
	import java.io.PrintWriter;
	import java.security.KeyStore;
	import java.security.KeyStoreException;
	import java.security.MessageDigest;
	import java.security.NoSuchAlgorithmException;
	import java.security.PrivateKey;
	import java.security.UnrecoverableKeyException;
	import java.security.cert.Certificate;
	import java.security.cert.CertificateEncodingException;
	import java.security.cert.CertificateException;
	import java.security.cert.X509Certificate;
	import java.util.Base64;
	import java.util.UUID;

	import org.junit.Ignore;
	import org.junit.Test;

	public class AzureKeyCredentialsGen {

	@Ignore
	public void testGenerateKeyCredentials() throws KeyStoreException {

	String certFile = getClass().getClassLoader().getResource("keystore.jks").getPath();
	System.out.printf("Generating keyCredentials entry from %s\n", certFile);

	try {

	KeyStore keystore = KeyStore.getInstance("JKS");
	keystore.load(new FileInputStream(certFile), "keyStorePasswd".toCharArray());
	Certificate cert = keystore.getCertificate("keyAlias");

	// Generate base64-encoded version of the cert's data
	// for the "value" property of the "keyCredentials" entry
	byte[] certData = cert.getEncoded();
	String certValue = Base64.getEncoder().encodeToString(certData);
	System.out.println("Cert value: " + certValue);

	// Generate the SHA1-hash of the cert for the "customKeyIdentifier"
	// property of the "keyCredentials" entry
	MessageDigest md = MessageDigest.getInstance("SHA-1");
	md.update(certData);
	String certCustomKeyId = Base64.getEncoder().encodeToString(md.digest());
	System.out.println("Cert custom key ID: " + certCustomKeyId);

	FileWriter fw = new FileWriter("keycredentials.txt", false);
	PrintWriter pw = new PrintWriter(fw);

	pw.println("\"keyCredentials\": [");
	pw.println(" {");
	pw.println(" \"customKeyIdentifier\": \"" + certCustomKeyId + "\",");
	pw.println(" \"keyId\": \"" + UUID.randomUUID().toString() + "\",");
	pw.println(" \"type\": \"AsymmetricX509Cert\",");
	pw.println(" \"usage\": \"Verify\",");
	pw.println(" \"value\": \"" + certValue + "\"");
	pw.println(" }");
	pw.println("],");

	pw.close();

	System.out.println("Key credentials written to keycredentials.txt");
	} catch (FileNotFoundException e) {
	System.out.printf("ERROR: Cannot find %s\n", certFile);
	} catch (CertificateException e) {
	System.out.println("ERROR: Cannot instantiate X.509 certificate");
	} catch (NoSuchAlgorithmException e) {
	System.out.println("ERROR: Cannot instantiate SHA-1 algorithm");
	} catch (IOException e) {
	System.out.println("ERROR: Cannot write to keycredentials.txt");
	}
	}

	@Test
	public void getCertInfo() {

	try (InputStream certStore = new FileInputStream(
	getClass().getClassLoader().getResource("keyStore.jks").getPath())) {

	KeyStore keystore = KeyStore.getInstance("JKS");
	keystore.load(certStore, "keyPassword".toCharArray());
	PrivateKey privateKey = (PrivateKey) keystore.getKey("keyAlias", "keyPassword".toCharArray());
	X509Certificate cert = (X509Certificate) keystore.getCertificate("keyAlias");

	String thumbprint = getThumbPrint(cert);
	System.out.println(thumbprint);

	} catch (IOException \| KeyStoreException \| NoSuchAlgorithmException \| CertificateException
	\| UnrecoverableKeyException e) {
	e.printStackTrace();
	}
	}

	public static String getThumbPrint(X509Certificate cert) throws NoSuchAlgorithmException, CertificateEncodingException {
	MessageDigest md = MessageDigest.getInstance("SHA-1");
	byte[] der = cert.getEncoded();
	md.update(der);
	byte[] digest = md.digest();
	return hexify(digest);
	}

	public static String hexify(byte bytes[]) {

	char[] hexDigits = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
	StringBuffer buf = new StringBuffer(bytes.length * 2);
	for (int i = 0; i < bytes.length; ++i) {
	buf.append(hexDigits[(bytes[i] & 0xf0) >> 4]);
	buf.append(hexDigits[bytes[i] & 0x0f]);
	}

	return buf.toString();
	}

	}