<%@ page language="java" contentType="application/jspon; charset=UTF-8" import="java.security.KeyStore" import="java.security.PublicKey" import="java.security.cert.Certificate" import="java.security.interfaces.ECPublicKey" import="java.security.interfaces.RSAPublicKey" import="java.security.MessageDigest" import="java.util.Enumeration" import="org.jose4j.jwk.JsonWebKey" import="org.jose4j.jwk.JsonWebKeySet" import="org.jose4j.base64url.Base64Url" %> <% KeyStore ks = KeyStore.getInstance("JKS"); ks.load(this.getClass().getClassLoader().getResourceAsStream("key.jks"), "Liberty".toCharArray()); JsonWebKeySet jwks = new JsonWebKeySet(); Enumeration aliases = ks.aliases(); while (aliases.hasMoreElements()) { String alias = aliases.nextElement(); Certificate cert = ks.getCertificate(alias); PublicKey pk = cert.getPublicKey(); if (pk instanceof RSAPublicKey || pk instanceof ECPublicKey) { JsonWebKey jwk = JsonWebKey.Factory.newJwk(pk); jwk.setUse("sig"); //jwk.setKeyId(alias); jwk.setKeyId(Base64Url.encode(MessageDigest.getInstance("SHA-256").digest(cert.getEncoded()))); jwks.addJsonWebKey(jwk); } else { // don't know how to deal with thisPublicKey } } %> <%=jwks.toJson()%>