subject:"\[Dev\] Get the private and public keys of a user"

Re: [Dev] Get the private and public keys of a user

2016-10-07 Thread Tharindu Edirisinghe

Hi Niranda,

I've attached a sample Java class here that you can refer to get the
private key and public key. I've written this for signing a JWT but you can
use the same code segments for your scenario as well.

Thanks,
TharinduE

On Fri, Oct 7, 2016 at 8:54 AM, Danushka Fernando 
wrote:

> AFAIK SAML Token is signed using the tenant keystore. You can use the
> org.wso2.carbon.core.util.KeyStoreManager to achieve that. There are
> getDefaultPrivateKey and getDefaultPublicKey which will give you the
> default keys of the keystore.
>
> Thanks & Regards
> Danushka Fernando
> Senior Software Engineer
> WSO2 inc. http://wso2.com/
> Mobile : +94716332729
>
> On Thu, Oct 6, 2016 at 5:38 PM, Niranda Perera  wrote:
>
>> Hi,
>>
>> I am trying to create a SAML response manually. This is a special type of
>> SAML response named SAML NameIdResponse and I am trying to set a signature
>> in it.
>>
>> I am trying to create a signature element, as mentioned here [1].
>>
>> For me to do this, I need to access the private and public keys
>> programatically.
>>
>> Could you please point me to a place where I could extract these
>> information?
>>
>> Best
>>
>> [1] http://www.programcreek.com/java-api-examples/index.php?
>> source_dir=saml-generator-master/src/main/java/com/rackspace
>> /saml/SamlAssertionProducer.java
>>
>> --
>> *Niranda Perera*
>> Software Engineer, WSO2 Inc.
>> Mobile: +94-71-554-8430
>> Twitter: @n1r44 
>> https://pythagoreanscript.wordpress.com/
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 

Tharindu Edirisinghe
Senior Software Engineer | WSO2 Inc
Platform Security Team
Blog : tharindue.blogspot.com
mobile : +94 775181586
package org.wso2.carbon.jwt.helper;

import org.apache.axiom.util.base64.Base64Utils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.core.util.KeyStoreManager;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.service.RealmService;

import java.security.*;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.util.Calendar;
import java.util.concurrent.ConcurrentHashMap;

public class JWTHelper {

private static Log log = LogFactory.getLog(JWTHelper.class);

private static final String SHA256_WITH_RSA = "SHA256withRSA";
private static String signatureAlgorithm = SHA256_WITH_RSA;
private static final String NONE = "NONE";
private static volatile long ttl = -1L;

private static ConcurrentHashMap privateKeys = new ConcurrentHashMap();
private static ConcurrentHashMap publicCerts = new ConcurrentHashMap();


public static String generateJWT(String tenantDomain) throws Exception {

String jwt = buildJWT(tenantDomain);

log.info("JWT  = " + jwt);

return jwt;
}


/**
 * Method that generates the JWT.
 *
 * @return signed JWT token
 * @throws Exception
 */
private static String buildJWT(String tenantDomain) throws Exception {

//generating expiring timestamp
long currentTime = Calendar.getInstance().getTimeInMillis();
long expireIn = currentTime + 1000 * 60 * getTTL();

String jwtBody;
String issuer = "wso2.org/appserver";
int tenantId = getTenantId(tenantDomain);

//Sample JWT body
//{"iss":"wso2.org/appserver","exp":1448299984841,"tenant_domain":"wso2.com","tenant_id":"1"}

StringBuilder jwtBuilder = new StringBuilder();
jwtBuilder.append("{");
jwtBuilder.append("\"iss\":\"");
jwtBuilder.append(issuer);
jwtBuilder.append("\",");

jwtBuilder.append("\"exp\":");
jwtBuilder.append(String.valueOf(expireIn));
jwtBuilder.append(",");

jwtBuilder.append("\"tenant_domain\":\"");
jwtBuilder.append(tenantDomain);
jwtBuilder.append("\",");

jwtBuilder.append("\"tenant_id\":\"");
jwtBuilder.append(String.valueOf(tenantId));
jwtBuilder.append("\"");

jwtBuilder.append("}");
jwtBody = jwtBuilder.toString();

String jwtHeader = null;

//if signature algo==NONE, header without cert
if (signatureAlgorithm.equals(NONE)) {
jwtHeader = "{\"typ\":\"JWT\"}";
} else if (signatureAlgorithm.equals(SHA256_WITH_RSA)) {
jwtHeader = addCertToHeader(tenantDomain);
}

String base64EncodedHeader = Base64Utils.encode(jwtHeader.getBytes());
String base64EncodedBody = Base64Utils.encode(jwtBody.getBytes());
if (signatureAlgorithm.equals(SHA256_WITH_RSA)) {
String assertion = base64EncodedHeader

Re: [Dev] Get the private and public keys of a user

2016-10-06 Thread Danushka Fernando

AFAIK SAML Token is signed using the tenant keystore. You can use the
org.wso2.carbon.core.util.KeyStoreManager to achieve that. There are
getDefaultPrivateKey and getDefaultPublicKey which will give you the
default keys of the keystore.

Thanks & Regards
Danushka Fernando
Senior Software Engineer
WSO2 inc. http://wso2.com/
Mobile : +94716332729

On Thu, Oct 6, 2016 at 5:38 PM, Niranda Perera  wrote:

> Hi,
>
> I am trying to create a SAML response manually. This is a special type of
> SAML response named SAML NameIdResponse and I am trying to set a signature
> in it.
>
> I am trying to create a signature element, as mentioned here [1].
>
> For me to do this, I need to access the private and public keys
> programatically.
>
> Could you please point me to a place where I could extract these
> information?
>
> Best
>
> [1] http://www.programcreek.com/java-api-examples/index.
> php?source_dir=saml-generator-master/src/main/java/com/rackspace/saml/
> SamlAssertionProducer.java
>
> --
> *Niranda Perera*
> Software Engineer, WSO2 Inc.
> Mobile: +94-71-554-8430
> Twitter: @n1r44 
> https://pythagoreanscript.wordpress.com/
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Get the private and public keys of a user

2016-10-06 Thread Niranda Perera

Hi,

I am trying to create a SAML response manually. This is a special type of
SAML response named SAML NameIdResponse and I am trying to set a signature
in it.

I am trying to create a signature element, as mentioned here [1].

For me to do this, I need to access the private and public keys
programatically.

Could you please point me to a place where I could extract these
information?

Best

[1]
http://www.programcreek.com/java-api-examples/index.php?source_dir=saml-generator-master/src/main/java/com/rackspace/saml/SamlAssertionProducer.java

-- 
*Niranda Perera*
Software Engineer, WSO2 Inc.
Mobile: +94-71-554-8430
Twitter: @n1r44 
https://pythagoreanscript.wordpress.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Get the private and public keys of a user

Re: [Dev] Get the private and public keys of a user

[Dev] Get the private and public keys of a user

3 matches

Site Navigation

Mail list logo

Footer information