sohalloran · May 14, 2019 12:59
diff --git a/App.java b/App.java
 package com.salesforce.app;

 import java.io.IOException;
 import java.net.URISyntaxException;
 import java.nio.file.Files;
 import java.nio.file.Paths;
 import java.security.KeyFactory;
 import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.security.interfaces.RSAPublicKey;
 import java.security.spec.InvalidKeySpecException;
 import java.security.spec.PKCS8EncodedKeySpec;
 import java.security.spec.X509EncodedKeySpec;
 import java.security.cert.X509Certificate;
 import java.security.cert.CertificateFactory;
 import java.util.Base64;
 import java.util.Base64.Encoder;
 import java.util.Base64.Decoder;
 import java.util.HashMap;
 import java.util.Map;
 import java.io.FileInputStream;
 import javax.xml.bind.DatatypeConverter;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import com.google.gson.*;
 import java.security.cert.X509Certificate;
 import com.nimbusds.jose.jwk.RSAKey;
 import com.nimbusds.jose.util.X509CertUtils;
 import java.security.*;
 import java.security.interfaces.*;
 import java.util.*;
 import com.nimbusds.jose.jwk.*;
 import com.nimbusds.jose.jwk.gen.*;

 public class App 
 {
    public static void main(String[] args) {
        System.out.println("JWKS Generator");
      try{
        Gson gson = new Gson();
        System.out.println( generateJWK(args[0],args[0]));
        System.out.println();
        System.out.println( gson.toJson(generateJWK(args[0],args[0])));

        FileInputStream fin = new FileInputStream(args[0]);
        CertificateFactory f = CertificateFactory.getInstance("X.509");
        X509Certificate certificate = (X509Certificate)f.generateCertificate(fin);
        X509Certificate cert = X509CertUtils.parse(certificate.getEncoded());
        RSAKey rsaJWK = RSAKey.parse(cert);
        System.out.println("-------rsaJWK-");
        System.out.println(rsaJWK.toPublicJWK());
        System.out.println("-------rsaJWK-");


      } catch(Exception e){
        e.printStackTrace();
      }
    }
  
  private static Map<String, Object> generateJWK(String env, String location){
    Map<String, Object> values = new HashMap<>();
    try{
      FileInputStream fin = new FileInputStream(location);
      CertificateFactory f = CertificateFactory.getInstance("X.509");
      X509Certificate certificate = (X509Certificate)f.generateCertificate(fin);
      String thumbprint = getThumbprint(certificate);
      
        System.out.println("Subject DN : " + certificate.getSubjectDN().getName());
        System.out.println("Issuer : " + certificate.getIssuerDN().getName());
        System.out.println("Not After: " + certificate.getNotAfter());
        System.out.println("Not Before: " + certificate.getNotBefore());
        System.out.println("version: " + certificate.getVersion());
        System.out.println("serial number : " + certificate.getSerialNumber());
         
      PublicKey pk = certificate.getPublicKey();
          //System.out.println("PublicKey : \n" + pk);
      RSAPublicKey rsa = (RSAPublicKey) pk;
      values.put("kty", rsa.getAlgorithm()); // getAlgorithm() returns kty not algorithm
      values.put("kid", env);
      values.put("x5t", thumbprint);
      values.put("n", Base64.getUrlEncoder().encodeToString(rsa.getModulus().toByteArray()));
      values.put("e", Base64.getUrlEncoder().encodeToString(rsa.getPublicExponent().toByteArray()));
      values.put("alg", "RS256");
      values.put("use", "sig");
      } catch(Exception e){
        e.printStackTrace();
      }
      return values;
    }
  
    private static String getThumbprint(X509Certificate cert)
    throws NoSuchAlgorithmException, CertificateEncodingException {
  MessageDigest md = MessageDigest.getInstance("SHA-1");
  byte[] der = cert.getEncoded();
  md.update(der);
  byte[] digest = md.digest();
  String digestHex = DatatypeConverter.printHexBinary(digest);
  return digestHex.toLowerCase();
  }
  
 }
	package com.salesforce.app;

	import java.io.IOException;
	import java.net.URISyntaxException;
	import java.nio.file.Files;
	import java.nio.file.Paths;
	import java.security.KeyFactory;
	import java.security.NoSuchAlgorithmException;
	import java.security.PrivateKey;
	import java.security.PublicKey;
	import java.security.interfaces.RSAPublicKey;
	import java.security.spec.InvalidKeySpecException;
	import java.security.spec.PKCS8EncodedKeySpec;
	import java.security.spec.X509EncodedKeySpec;
	import java.security.cert.X509Certificate;
	import java.security.cert.CertificateFactory;
	import java.util.Base64;
	import java.util.Base64.Encoder;
	import java.util.Base64.Decoder;
	import java.util.HashMap;
	import java.util.Map;
	import java.io.FileInputStream;
	import javax.xml.bind.DatatypeConverter;
	import java.security.MessageDigest;
	import java.security.NoSuchAlgorithmException;
	import java.security.cert.CertificateEncodingException;
	import java.security.cert.CertificateException;
	import java.security.cert.CertificateFactory;
	import com.google.gson.*;
	import java.security.cert.X509Certificate;
	import com.nimbusds.jose.jwk.RSAKey;
	import com.nimbusds.jose.util.X509CertUtils;
	import java.security.*;
	import java.security.interfaces.*;
	import java.util.*;
	import com.nimbusds.jose.jwk.*;
	import com.nimbusds.jose.jwk.gen.*;

	public class App
	{
	public static void main(String[] args) {
	System.out.println("JWKS Generator");
	try{
	Gson gson = new Gson();
	System.out.println( generateJWK(args[0],args[0]));
	System.out.println();
	System.out.println( gson.toJson(generateJWK(args[0],args[0])));

	FileInputStream fin = new FileInputStream(args[0]);
	CertificateFactory f = CertificateFactory.getInstance("X.509");
	X509Certificate certificate = (X509Certificate)f.generateCertificate(fin);
	X509Certificate cert = X509CertUtils.parse(certificate.getEncoded());
	RSAKey rsaJWK = RSAKey.parse(cert);
	System.out.println("-------rsaJWK-");
	System.out.println(rsaJWK.toPublicJWK());
	System.out.println("-------rsaJWK-");


	} catch(Exception e){
	e.printStackTrace();
	}
	}

	private static Map<String, Object> generateJWK(String env, String location){
	Map<String, Object> values = new HashMap<>();
	try{
	FileInputStream fin = new FileInputStream(location);
	CertificateFactory f = CertificateFactory.getInstance("X.509");
	X509Certificate certificate = (X509Certificate)f.generateCertificate(fin);
	String thumbprint = getThumbprint(certificate);

	System.out.println("Subject DN : " + certificate.getSubjectDN().getName());
	System.out.println("Issuer : " + certificate.getIssuerDN().getName());
	System.out.println("Not After: " + certificate.getNotAfter());
	System.out.println("Not Before: " + certificate.getNotBefore());
	System.out.println("version: " + certificate.getVersion());
	System.out.println("serial number : " + certificate.getSerialNumber());

	PublicKey pk = certificate.getPublicKey();
	//System.out.println("PublicKey : \n" + pk);
	RSAPublicKey rsa = (RSAPublicKey) pk;
	values.put("kty", rsa.getAlgorithm()); // getAlgorithm() returns kty not algorithm
	values.put("kid", env);
	values.put("x5t", thumbprint);
	values.put("n", Base64.getUrlEncoder().encodeToString(rsa.getModulus().toByteArray()));
	values.put("e", Base64.getUrlEncoder().encodeToString(rsa.getPublicExponent().toByteArray()));
	values.put("alg", "RS256");
	values.put("use", "sig");
	} catch(Exception e){
	e.printStackTrace();
	}
	return values;
	}

	private static String getThumbprint(X509Certificate cert)
	throws NoSuchAlgorithmException, CertificateEncodingException {
	MessageDigest md = MessageDigest.getInstance("SHA-1");
	byte[] der = cert.getEncoded();
	md.update(der);
	byte[] digest = md.digest();
	String digestHex = DatatypeConverter.printHexBinary(digest);
	return digestHex.toLowerCase();
	}

	}