List of usage examples for java.security KeyStore containsAlias
public final boolean containsAlias(String alias) throws KeyStoreException
From source file:org.opendaylight.aaa.cert.impl.ODLMdsalKeyTool.java
public String getCertificate(final KeyStore keyStore, final String keyStorePwd, final String certAlias, final boolean withTag) { try {//from w w w .j av a2 s . c om if (keyStore.containsAlias(certAlias)) { final X509Certificate odlCert = (X509Certificate) keyStore.getCertificate(certAlias); final String cert = DatatypeConverter.printBase64Binary(odlCert.getEncoded()); if (withTag) { final StringBuilder sb = new StringBuilder(); sb.append(KeyStoreConstant.BEGIN_CERTIFICATE); sb.append("\n"); sb.append(cert); sb.append("\n"); sb.append(KeyStoreConstant.END_CERTIFICATE); return sb.toString(); } return cert; } LOG.info("KeyStore does not contain alias {}", certAlias); return null; } catch (final CertificateException | KeyStoreException e) { LOG.error("Failed to get Certificate", e); return null; } }
From source file:org.wso2.carbon.security.util.ServicePasswordCallbackHandler.java
private String getPrivateKeyPassword(String username) throws IOException, Exception { String password = null;/*from w w w .j a v a2s .c om*/ int tenantId = ((UserRegistry) registry).getTenantId(); UserRegistry govRegistry = SecurityServiceHolder.getRegistryService().getGovernanceSystemRegistry(tenantId); try { KeyStoreManager keyMan = KeyStoreManager.getInstance(tenantId); if (govRegistry.resourceExists(SecurityConstants.KEY_STORES)) { Collection collection = (Collection) govRegistry.get(SecurityConstants.KEY_STORES); String[] ks = collection.getChildren(); for (int i = 0; i < ks.length; i++) { String fullname = ks[i]; //get the primary keystore, only if it is super tenant. if (tenantId == MultitenantConstants.SUPER_TENANT_ID && fullname .equals(RegistryResources.SecurityManagement.PRIMARY_KEYSTORE_PHANTOM_RESOURCE)) { KeyStore store = keyMan.getPrimaryKeyStore(); if (store.containsAlias(username)) { password = keyMan.getPrimaryPrivateKeyPasssword(); break; } } else { String name = fullname.substring(fullname.lastIndexOf("/") + 1); KeyStore store = null; //Not all the keystores encrypted using primary keystore password. So, some of the keystores will fail while loading try { store = keyMan.getKeyStore(name); } catch (Exception e) { log.debug("Failed to load keystore " + name, e); } if (store.containsAlias(username)) { Resource resource = (Resource) govRegistry.get(ks[i]); CryptoUtil cryptoUtil = CryptoUtil.getDefaultCryptoUtil(); String encryptedPassword = resource .getProperty(SecurityConstants.PROP_PRIVATE_KEY_PASS); password = new String(cryptoUtil.base64DecodeAndDecrypt(encryptedPassword)); break; } } } } } catch (IOException e) { log.error("Error when getting PrivateKeyPassword.", e); throw e; } catch (Exception e) { log.error("Error when getting PrivateKeyPassword.", e); throw e; } return password; }
From source file:org.opendaylight.aaa.cert.impl.ODLMdsalKeyTool.java
public String generateCertificateReq(final KeyStore odlKeyStore, final String keyStorePwd, final String keyAlias, final String signAlg, final boolean withTag) { try {/* www. j av a2s. c o m*/ if (odlKeyStore.containsAlias(keyAlias)) { final X509Certificate odlCert = (X509Certificate) odlKeyStore.getCertificate(keyAlias); final PublicKey pubKey = odlCert.getPublicKey(); final PrivateKey privKey = (PrivateKey) odlKeyStore.getKey(keyAlias, keyStorePwd.toCharArray()); final String subject = odlCert.getSubjectDN().getName(); final X509Name xname = new X509Name(subject); final String signatureAlgorithm = signAlg; final PKCS10CertificationRequest csr = new PKCS10CertificationRequest(signatureAlgorithm, xname, pubKey, null, privKey); final String certReq = DatatypeConverter.printBase64Binary(csr.getEncoded()); if (withTag) { final StringBuilder sb = new StringBuilder(); sb.append(KeyStoreConstant.BEGIN_CERTIFICATE_REQUEST); sb.append("\n"); sb.append(certReq); sb.append("\n"); sb.append(KeyStoreConstant.END_CERTIFICATE_REQUEST); return sb.toString(); } return certReq; } LOG.info("KeyStore does not contain alias {}", keyAlias); return null; } catch (final NoSuchAlgorithmException | KeyStoreException | UnrecoverableKeyException | InvalidKeyException | NoSuchProviderException | SignatureException e) { LOG.error("Failed to generate certificate request", e); return null; } }
From source file:org.openanzo.security.keystore.TestSecretKeyEncoder.java
@Override protected void setUp() throws Exception { super.setUp(); // Load up a keystore from the src/text/resources. We'd rather load up a saved key // rather than create a new one every time so that the test is deterministic. KeyStore keyStore = KeyStore.getInstance(KEY_STORE_ENCODING); InputStream keystoreStream = Thread.currentThread().getContextClassLoader() .getResourceAsStream("testKeystore"); if (keystoreStream == null) { throw new Exception("Could not find keystore."); }//from ww w . jav a 2 s . c o m keyStore.load(keystoreStream, TEST_KEYSTORE_PASSWORD); Key key; if (keyStore.containsAlias(KEY_NAME)) { key = keyStore.getKey(KEY_NAME, TEST_KEYSTORE_PASSWORD); } else { throw new Exception("Could not find test key in test key store."); } SecretKeyStore encoder = new SecretKeyStore(null, (File) null); encoder.initialize((SecretKey) key, ALGORITHM); this.encoder = encoder; }
From source file:org.opendaylight.aaa.cert.impl.ODLKeyTool.java
public String getCertificate(final String keyStoreName, final String keyStorePwd, final String certAlias, final boolean withTag) { try {/* w ww. j av a2 s .c o m*/ final KeyStore ctlKeyStore = KeyStore.getInstance("JKS"); final FileInputStream fInputStream = new FileInputStream(workingDir + keyStoreName); ctlKeyStore.load(fInputStream, keyStorePwd.toCharArray()); if (ctlKeyStore.containsAlias(certAlias)) { final X509Certificate odlCert = (X509Certificate) ctlKeyStore.getCertificate(certAlias); final String cert = DatatypeConverter.printBase64Binary(odlCert.getEncoded()); if (withTag) { final StringBuilder sb = new StringBuilder(); sb.append(KeyStoreConstant.BEGIN_CERTIFICATE); sb.append("\n"); sb.append(cert); sb.append("\n"); sb.append(KeyStoreConstant.END_CERTIFICATE); return sb.toString(); } return cert; } LOG.info("{} KeyStore does not contain alias {}", keyStoreName, certAlias); return null; } catch (NoSuchAlgorithmException | CertificateException | IOException | KeyStoreException e) { LOG.error("Failed to get Certificate {}", e.getMessage()); return null; } }
From source file:org.opendaylight.aaa.cert.impl.ODLKeyTool.java
public String generateCertificateReq(final String keyStoreName, final String keyStorePwd, final String keyAlias, final String signAlg, final boolean withTag) { try {//from w ww . j ava 2 s . co m final KeyStore ctlKeyStore = KeyStore.getInstance("JKS"); final FileInputStream fInputStream = new FileInputStream(workingDir + keyStoreName); ctlKeyStore.load(fInputStream, keyStorePwd.toCharArray()); if (ctlKeyStore.containsAlias(keyAlias)) { final X509Certificate odlCert = (X509Certificate) ctlKeyStore.getCertificate(keyAlias); final PublicKey pubKey = odlCert.getPublicKey(); final PrivateKey privKey = (PrivateKey) ctlKeyStore.getKey(keyAlias, keyStorePwd.toCharArray()); final String subject = odlCert.getSubjectDN().getName(); final X509Name xname = new X509Name(subject); final String signatureAlgorithm = signAlg; final PKCS10CertificationRequest csr = new PKCS10CertificationRequest(signatureAlgorithm, xname, pubKey, null, privKey); final String certReq = DatatypeConverter.printBase64Binary(csr.getEncoded()); if (withTag) { final StringBuilder sb = new StringBuilder(); sb.append(KeyStoreConstant.BEGIN_CERTIFICATE_REQUEST); sb.append("\n"); sb.append(certReq); sb.append("\n"); sb.append(KeyStoreConstant.END_CERTIFICATE_REQUEST); return sb.toString(); } return certReq; } LOG.info("{} KeyStore does not contain alias {}", keyStoreName, keyAlias); return null; } catch (NoSuchAlgorithmException | CertificateException | IOException | KeyStoreException | UnrecoverableKeyException | InvalidKeyException | NoSuchProviderException | SignatureException e) { LOG.error("Failed to generate certificate request {}", e.getMessage()); return null; } }
From source file:org.openanzo.security.keystore.SecretKeyStore.java
/** * Loads the secret key to use for encryption and decryption. It will read the key from the keystore if it exists. Otherwise it will create a new randomly * generated key and save it in a keystore at the given file. It will use the algorithm defined in the <code>algorithm</code> member. * /*w w w . j a va 2 s . c o m*/ * @param keyStoreStream * stream from which to read the keystore which holds the secret key. If null, a new keystore is created. * @param password * password used to protect the and integrity-check the secret key. * @param keyStoreDestination * File path to which to save the keystore in case it is newly created or a new key was added. If null, then nothing is written out. * @return the loaded or newly generated secret key. * @throws AnzoException */ private SecretKey loadKey(InputStream keyStoreStream, String password, File keyStoreDestination, String keystoreType) throws AnzoException { try { KeyStore keyStore = KeyStore.getInstance(keystoreType); keyStore.load(keyStoreStream, password.toCharArray()); Key key = null; if (keyStore.containsAlias(KEY_NAME)) { key = keyStore.getKey(KEY_NAME, password.toCharArray()); } else { log.warn("Could not find key '{}' within keystore. Generating a new key.", KEY_NAME); KeyGenerator kgen = KeyGenerator.getInstance(algorithm); key = kgen.generateKey(); keyStore.setKeyEntry(KEY_NAME, key, password.toCharArray(), new Certificate[0]); if (keyStoreDestination != null) { log.warn("Storing new key in the keystore."); OutputStream outputStream = null; try { outputStream = FileUtils.openOutputStream(keyStoreDestination); keyStore.store(outputStream, password.toCharArray()); } finally { if (outputStream != null) { outputStream.close(); } } } } if (!(key instanceof SecretKey)) throw new AnzoException(ExceptionConstants.OSGI.INTERNAL_COMPONENT_ERROR, "key must be of type SecretKey: " + key); return (SecretKey) key; } catch (GeneralSecurityException e) { throw new AnzoException(ExceptionConstants.OSGI.INTERNAL_COMPONENT_ERROR, e); } catch (IOException e) { throw new AnzoException(ExceptionConstants.OSGI.INTERNAL_COMPONENT_ERROR, e); } }
From source file:org.nuxeo.ecm.platform.signature.core.pki.CertServiceImpl.java
@Override public KeyPair getKeyPair(KeyStore ks, String keyAlias, String certAlias, String keyPassword) throws CertException { KeyPair keyPair = null;/*w w w . j a v a 2 s. co m*/ try { if (!ks.containsAlias(keyAlias)) { throw new CertException("Missing keystore key entry for key alias:" + keyAlias); } if (!ks.containsAlias(certAlias)) { throw new CertException("Missing keystore certificate entry for :" + certAlias); } PrivateKey privateKey = (PrivateKey) ks.getKey(keyAlias, keyPassword.toCharArray()); X509Certificate cert = (X509Certificate) ks.getCertificate(certAlias); PublicKey publicKey = cert.getPublicKey(); keyPair = new KeyPair(publicKey, privateKey); } catch (UnrecoverableKeyException e) { throw new CertException(e); } catch (KeyStoreException e) { throw new CertException(e); } catch (NoSuchAlgorithmException e) { throw new CertException(e); } return keyPair; }
From source file:org.nuxeo.ecm.platform.signature.core.pki.CertServiceImpl.java
@Override public X509Certificate getCertificate(KeyStore ks, String certificateAlias) throws CertException { X509Certificate certificate = null; try {/*from www . j a v a 2s .c om*/ if (ks == null) { throw new CertException("Keystore missing for " + certificateAlias); } if (ks.containsAlias(certificateAlias)) { certificate = (X509Certificate) ks.getCertificate(certificateAlias); } else { throw new CertException("Certificate not found"); } } catch (KeyStoreException e) { throw new CertException(e); } return certificate; }
From source file:nl.afas.cordova.plugin.secureLocalStorage.SecureLocalStorage.java
private void checkValidity() throws SecureLocalStorageException { try {/*from ww w .j a v a2 s.c o m*/ KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore"); keyStore.load(null); if (keyStore.containsAlias(SECURELOCALSTORAGEALIAS)) { Certificate c = keyStore.getCertificate(SECURELOCALSTORAGEALIAS); if (c.getType().equals("X.509")) { ((X509Certificate) c).checkValidity(); } } } catch (Exception e) { throw new SecureLocalStorageException(e.getMessage(), e); } }