List of usage examples for java.security KeyStore getCertificateChain
public final Certificate[] getCertificateChain(String alias) throws KeyStoreException
From source file:net.sf.keystore_explorer.crypto.keystore.KeyStoreUtil.java
/** * Is the named entry in the KeyStore a key pair entry? * * @param alias/*from www.j av a 2 s. c o m*/ * Alias * @param keyStore * KeyStore * @return True if it is, false otherwise * @throws KeyStoreException * If there was a problem accessing the KeyStore. */ public static boolean isKeyPairEntry(String alias, KeyStore keyStore) throws KeyStoreException { return keyStore.isKeyEntry(alias) && keyStore.getCertificateChain(alias) != null && keyStore.getCertificateChain(alias).length != 0; }
From source file:net.sf.keystore_explorer.crypto.keystore.KeyStoreUtil.java
/** * Is the named entry in the KeyStore a key entry? * * @param alias//ww w .j a va2 s . c om * Alias * @param keyStore * KeyStore * @return True if it is, false otherwise * @throws KeyStoreException * If there was a problem accessing the KeyStore. */ public static boolean isKeyEntry(String alias, KeyStore keyStore) throws KeyStoreException { return keyStore.isKeyEntry(alias) && (keyStore.getCertificateChain(alias) == null || keyStore.getCertificateChain(alias).length == 0); }
From source file:org.tolven.gatekeeper.CertificateHelper.java
public static void changeKeyStorePassword(KeyStore keyStore, String alias, char[] oldPassword, char[] newPassword) { try {/* ww w.j av a 2s. c om*/ PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias, oldPassword); keyStore.setKeyEntry(alias, privateKey, newPassword, keyStore.getCertificateChain(alias)); } catch (GeneralSecurityException ex) { throw new RuntimeException("Could not change the keystore password for with alias: " + alias, ex); } }
From source file:com.vmware.identity.idm.IdmDataCreator.java
private static KeyPair readKeyStore(CredentialDescriptor cd) throws IOException { KeyPair kp = null;/*from w w w .j av a2 s . co m*/ InputStream is = null; try { KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); char[] stsKeystorePassword = cd.getPassword().toCharArray(); is = getInputStream(cd.getFilename()); ks.load(is, stsKeystorePassword); kp = new KeyPair(); kp.setCertificateChain(Arrays.asList(ks.getCertificateChain(cd.getAlias()))); kp.setPrivateKey((PrivateKey) ks.getKey(cd.getAlias(), stsKeystorePassword)); } catch (Exception e) { logger.debug("Caught exception while reading keystore {}", e.toString()); } finally { if (is != null) { is.close(); } } return kp; }
From source file:org.tolven.gatekeeper.CertificateHelper.java
/** * Return the X509Certificate of the first alias in the keyStore * //from ww w.j ava2 s. c o m * @param keyStore * @return */ public static X509Certificate getX509Certificate(KeyStore keyStore) { String alias = null; try { Enumeration<String> aliases = keyStore.aliases(); if (!aliases.hasMoreElements()) { throw new RuntimeException("KeyStore contains no aliases"); } alias = aliases.nextElement(); } catch (KeyStoreException ex) { throw new RuntimeException("Could obtain alias: " + alias + " in the userPKCS12 keystore", ex); } try { Certificate[] certificateChain = keyStore.getCertificateChain(alias); if (certificateChain == null || certificateChain.length == 0) { throw new RuntimeException("KeyStore contains no certificate with alias " + alias); } return (X509Certificate) certificateChain[0]; } catch (KeyStoreException ex) { throw new RuntimeException( "Could not obtain X509Certificate from userPKCS12 keystore using alias: " + alias, ex); } }
From source file:net.sf.jsignpdf.utils.KeyStoreUtils.java
/** * Returns PrivateKey and its certificate chain * /*from ww w. j a va 2 s . com*/ * @param options * @return * @throws NoSuchAlgorithmException * @throws KeyStoreException * @throws UnrecoverableKeyException */ public static PrivateKeyInfo getPkInfo(BasicSignerOptions options) throws UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException { LOGGER.info("ksType " + options.getKsType() + " ksFile " + options.getKsFile() + " ksPasswd " + options.getKsPasswd()); final KeyStore tmpKs = loadKeyStore(options.getKsType(), options.getKsFile(), options.getKsPasswd()); String tmpAlias = getKeyAliasInternal(options, tmpKs); LOGGER.info(RES.get("console.getPrivateKey")); final PrivateKey tmpPk = (PrivateKey) tmpKs.getKey(tmpAlias, options.getKeyPasswdX()); LOGGER.info(RES.get("console.getCertChain")); final Certificate[] tmpChain = tmpKs.getCertificateChain(tmpAlias); PrivateKeyInfo tmpResult = new PrivateKeyInfo(tmpPk, tmpChain); return tmpResult; }
From source file:org.panbox.core.pairing.file.PanboxFilePairingUtils.java
public static PanboxFilePairingLoadReturnContainer loadPairingFile(File inputFile, char[] password) throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException, UnrecoverableKeyException, IllegalArgumentException { ZipArchiveInputStream in = new ZipArchiveInputStream(new FileInputStream(inputFile)); try {//from w w w .j a v a 2 s . c om byte[] buffer = new byte[1048576]; //1MB ArchiveEntry entry; ByteArrayOutputStream baos = new ByteArrayOutputStream(); int len = 0; // ENTRY 1: devicename entry = in.getNextEntry(); if (entry == null) { logger.error("PanboxClient : loadPairingFile : Could not find entry for device name."); throw new IllegalArgumentException("Could not find entry for device name."); } baos = new ByteArrayOutputStream(); len = 0; while ((len = in.read(buffer)) > 0) { baos.write(buffer, 0, len); } String devicename = new String(baos.toByteArray()); // ENTRY 2: eMail entry = in.getNextEntry(); if (entry == null) { logger.error("PanboxClient : loadPairingFile : Could not find entry for eMail."); throw new IllegalArgumentException("Could not find entry for eMail."); } baos = new ByteArrayOutputStream(); len = 0; while ((len = in.read(buffer)) > 0) { baos.write(buffer, 0, len); } String eMail = new String(baos.toByteArray()); // ENTRY 3: firstName entry = in.getNextEntry(); if (entry == null) { logger.error("PanboxClient : loadPairingFile : Could not find entry for first name."); throw new IllegalArgumentException("Could not find entry for first name."); } baos = new ByteArrayOutputStream(); len = 0; while ((len = in.read(buffer)) > 0) { baos.write(buffer, 0, len); } String firstName = new String(baos.toByteArray()); // ENTRY 4: lastName entry = in.getNextEntry(); if (entry == null) { logger.error("PanboxClient : loadPairingFile : Could not find entry for last name."); throw new IllegalArgumentException("Could not find entry for last name."); } baos = new ByteArrayOutputStream(); len = 0; while ((len = in.read(buffer)) > 0) { baos.write(buffer, 0, len); } String lastName = new String(baos.toByteArray()); // ENTRY 5: devKeyStore.p12 entry = in.getNextEntry(); if (entry == null) { logger.error("PanboxClient : loadPairingFile : Could not find entry for device key store."); throw new IllegalArgumentException("Could not find entry for device key store."); } KeyStore devKeyStore = KeyStore.getInstance("PKCS12"); devKeyStore.load(in, password); PrivateKey devPKey = (PrivateKey) devKeyStore.getKey(devicename.toLowerCase(), password); Certificate[] devCert = devKeyStore.getCertificateChain(devicename.toLowerCase()); // ENTRY 6: knownDevices.list/knownDevices.bks entry = in.getNextEntry(); // knownDevices.list if (entry == null) { logger.error("PanboxClient : loadPairingFile : Could not find entry for knownDevices.list."); throw new IllegalArgumentException("Could not find entry for knownDevices.list."); } Map<String, X509Certificate> devices = new HashMap<String, X509Certificate>(); BufferedReader br = new BufferedReader(new InputStreamReader(in)); Map<String, String> deviceNames = new HashMap<String, String>(); String line; while ((line = br.readLine()) != null) { String[] values = line.split(DELIMITER); deviceNames.put(values[0], values[1]); } entry = in.getNextEntry(); // knownDevices.bks if (entry == null) { logger.error("PanboxClient : loadPairingFile : Could not find entry for knownDevices.bks."); throw new IllegalArgumentException("Could not find entry for knownDevices.bks."); } KeyStore devicesStore = KeyStore.getInstance("BKS"); devicesStore.load(in, password); for (Entry<String, String> device : deviceNames.entrySet()) { X509Certificate deviceCert = (X509Certificate) devicesStore.getCertificate(device.getKey()); devices.put(device.getValue(), deviceCert); } // ENTRY 7: contacts.vcard entry = in.getNextEntry(); if (entry == null) { logger.error("PanboxClient : loadPairingFile : Could not find entry for contacts."); throw new IllegalArgumentException("Could not find entry for contacts."); } File contacts = File.createTempFile("panbox" + (new Random().nextInt(65536) - 32768), null); FileOutputStream fos = new FileOutputStream(contacts); len = 0; while ((len = in.read(buffer)) > 0) { fos.write(buffer, 0, len); } fos.flush(); fos.close(); // ENTRY 8: ownerKeyStore/ownerCertStore.jks entry = in.getNextEntry(); ByteArrayOutputStream tmp = new ByteArrayOutputStream(); IOUtils.copy(in, tmp); ByteArrayInputStream buf = new ByteArrayInputStream(tmp.toByteArray()); if (entry == null) { logger.error("PanboxClient : loadPairingFile : Could not find entry for owner key store."); throw new IllegalArgumentException("Could not find entry for owner key store."); } KeyStore ownerKeyStore = null; try { // Check if pairing is MASTER ownerKeyStore = KeyStore.getInstance("PKCS12"); ownerKeyStore.load(buf, password); // At this point we know it's a PKCS11 file! PrivateKey ownerEncKey = (PrivateKey) ownerKeyStore.getKey("ownerEncKey", password); Certificate[] ownerEncCert = ownerKeyStore.getCertificateChain("ownerEncKey"); PrivateKey ownerSignKey = (PrivateKey) ownerKeyStore.getKey("ownerSignKey", password); Certificate[] ownerSignCert = ownerKeyStore.getCertificateChain("ownerSignKey"); in.close(); removeInputFile(inputFile); return new PanboxFilePairingLoadReturnContainer(eMail, firstName, lastName, password, devicename, devPKey, devCert[0], ownerSignKey, ownerSignCert[0], ownerEncKey, ownerEncCert[0], devices, contacts); } catch (Exception e) { // SLAVE try { buf = new ByteArrayInputStream(tmp.toByteArray()); ownerKeyStore = KeyStore.getInstance("BKS"); ownerKeyStore.load(buf, password); Certificate ownerEncCert = ownerKeyStore.getCertificate("ownerEncCert"); Certificate ownerSignCert = ownerKeyStore.getCertificate("ownerSignCert"); in.close(); removeInputFile(inputFile); return new PanboxFilePairingLoadReturnContainer(eMail, firstName, lastName, password, devicename, devPKey, devCert[0], null, ownerSignCert, null, ownerEncCert, devices, contacts); } catch (Exception ex) { logger.error( "PanboxClient : loadPairingFile : Could not determine if pairing file was master or slave."); throw new IllegalArgumentException("Pairing type was unknown. Broken file?"); } } } catch (IOException | NoSuchAlgorithmException | CertificateException | KeyStoreException | UnrecoverableKeyException | IllegalArgumentException e) { in.close(); throw e; } }
From source file:com.yodlee.sampleapps.helper.OpenSamlHelper.java
/** * Initilize the Keystore.// ww w .j a va 2 s . com */ private static void initKeyStore() { InputStream fileInput = null; try { fileInput = new FileInputStream(keystoreFilename); } catch (FileNotFoundException e) { e.printStackTrace(); throw new RuntimeException(e.getMessage()); } KeyStore keystore = null; try { keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(fileInput, keystorePassword.toCharArray()); privateKey = (PrivateKey) keystore.getKey(keystoreAlias, keystorePassword.toCharArray()); } catch (Exception e) { e.printStackTrace(); throw new RuntimeException(e.getMessage()); } if (privateKey == null) throw new RuntimeException(keystoreAlias + " key not found in keystore " + keystoreFilename); X509Certificate cert = null; Certificate[] certificates = new Certificate[0]; try { cert = (X509Certificate) keystore.getCertificate(keystoreAlias); certificates = keystore.getCertificateChain(keystoreAlias); } catch (KeyStoreException e) { e.printStackTrace(); throw new RuntimeException(e.getMessage()); } if (cert == null) throw new RuntimeException(keystoreAlias + " cert not found in keystore " + keystoreFilename); if (certificates == null) throw new RuntimeException(keystoreAlias + " cert chain not found in keystore " + keystoreFilename); certs = new X509Certificate[certificates.length]; System.arraycopy(certificates, 0, certs, 0, certs.length); }
From source file:test.integ.be.fedict.trust.cxf.ProviderTest.java
@Test public void testXKMS2Client() throws Exception { LOG.debug("loading eID certificate chain..."); Security.addProvider(new BeIDProvider()); KeyStore keyStore = KeyStore.getInstance("BeID"); keyStore.load(null);//ww w .j a v a2 s. c om Certificate[] certificateChain = keyStore.getCertificateChain("Authentication"); LOG.debug("creating XKMS client..."); //String xkms2Url = "https://www.e-contract.be/eid-trust-service-ws/xkms2"; String xkms2Url = "http://localhost/eid-trust-service-ws/xkms2"; XKMS2Client xkms2Client = new XKMS2Client(xkms2Url); //xkms2Client.setProxy("proxy.yourict.net", 8080); LOG.debug("invoking XKMS client..."); xkms2Client.validate(certificateChain); LOG.debug("done"); }
From source file:test.integ.be.fedict.trust.BelgianIdentityCardTrustValidatorTest.java
@Test public void testWriteSignatureCertificateToFile() throws Exception { Security.addProvider(new BeIDProvider()); KeyStore keyStore = KeyStore.getInstance("BeID"); keyStore.load(null);/*w w w .j a v a 2 s.c o m*/ Certificate[] certificateChain = keyStore.getCertificateChain("Signature"); File tmpFile = File.createTempFile("sign-cert-", ".der"); FileUtils.writeByteArrayToFile(tmpFile, certificateChain[0].getEncoded()); LOG.debug("sign cert file: " + tmpFile.getAbsolutePath()); }