diff --git a/modules/gplazma2/src/main/java/org/dcache/gplazma/monitor/LoginResultPrinter.java b/modules/gplazma2/src/main/java/org/dcache/gplazma/monitor/LoginResultPrinter.java index 1550519657e..f7887aab6b7 100644 --- a/modules/gplazma2/src/main/java/org/dcache/gplazma/monitor/LoginResultPrinter.java +++ b/modules/gplazma2/src/main/java/org/dcache/gplazma/monitor/LoginResultPrinter.java @@ -10,6 +10,7 @@ import org.glite.voms.ac.AttributeCertificate; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import sun.security.rsa.RSAPublicKeyImpl; import javax.security.auth.x500.X500Principal; @@ -17,6 +18,7 @@ import java.io.IOException; import java.io.InputStream; import java.security.Principal; +import java.security.PublicKey; import java.security.cert.CertPath; import java.security.cert.CertificateParsingException; import java.security.cert.X509Certificate; @@ -240,6 +242,7 @@ private String print(X509Certificate certificate) } sb.append(" +--Validity: ").append(validityStatementFor(certificate)).append('\n'); sb.append(" +--Algorithm: ").append(nameForOid(certificate.getSigAlgOID())).append('\n'); + sb.append(" +--Public key: ").append(describePublicKey(certificate.getPublicKey())).append('\n'); String sanInfo = subjectAlternateNameInfoFor(certificate); if(!sanInfo.isEmpty()) { @@ -285,6 +288,23 @@ private String print(X509Certificate certificate) return sb.toString(); } + private static String describePublicKey(PublicKey key) + { + StringBuilder sb = new StringBuilder(); + + sb.append(key.getAlgorithm()); + + if (key instanceof RSAPublicKeyImpl) { + int bits = (((RSAPublicKeyImpl)key).getModulus().bitLength() + 7) & ~7; + sb.append(' ').append(bits).append(" bits"); + } else { + sb.append(" (unknown ").append(key.getClass().getCanonicalName()). + append(")"); + } + + return sb.toString(); + } + private static String subjectAlternateNameInfoFor(X509Certificate certificate) { StringBuilder sb = new StringBuilder();