List of usage examples for java.security KeyStore getCreationDate
public final Date getCreationDate(String alias) throws KeyStoreException
From source file:Main.java
public static boolean isCACertificateInstalled(File fileCA, String type, char[] password) throws KeyStoreException { KeyStore keyStoreCA = null; try {//from w w w . j a v a 2s . com keyStoreCA = KeyStore.getInstance(type/*, "BC"*/); } catch (Exception e) { e.printStackTrace(); } if (fileCA.exists() && fileCA.canRead()) { try { FileInputStream fileCert = new FileInputStream(fileCA); keyStoreCA.load(fileCert, password); fileCert.close(); } catch (FileNotFoundException e) { e.printStackTrace(); } catch (java.security.cert.CertificateException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } Enumeration ex = keyStoreCA.aliases(); Date exportFilename = null; String caAliasValue = ""; while (ex.hasMoreElements()) { String is = (String) ex.nextElement(); Date lastStoredDate = keyStoreCA.getCreationDate(is); if (exportFilename == null || lastStoredDate.after(exportFilename)) { exportFilename = lastStoredDate; caAliasValue = is; } } try { return keyStoreCA.getKey(caAliasValue, password) != null; } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (UnrecoverableKeyException e) { e.printStackTrace(); } } return false; }
From source file:edu.vt.middleware.crypt.KeyStoreCli.java
/** * Lists keystore contents on STDOUT. Output is similar to keytool -list -v. * * @param line Parsed command line arguments container. * * @throws Exception On errors./* www.j a v a2 s. c o m*/ */ protected void list(final CommandLine line) throws Exception { validateOptions(line); final KeyStore store = readKeyStore(line); final Enumeration<String> aliases = store.aliases(); System.out.println(""); while (aliases.hasMoreElements()) { final String alias = aliases.nextElement(); System.out.println("Alias name: " + alias); System.out.println("Creation date: " + store.getCreationDate(alias)); if (store.isKeyEntry(alias)) { System.out.println("Entry type: keyEntry"); final Certificate[] chain = store.getCertificateChain(alias); System.out.println("Certificate chain length: " + chain.length); for (int i = 0; i < chain.length; i++) { System.out.println("===== Certificate [" + i + "] ====="); printCertificate(chain[i]); } } else { System.out.println("Entry type: trustedCertEntry"); System.out.println("Certificate details:"); printCertificate(store.getCertificate(alias)); } System.out.println(""); System.out.println(""); } }
From source file:org.globus.security.provider.TestPEMFileBasedKeyStore.java
@Test public void testCreationDate() throws Exception { KeyStore store = KeyStore.getInstance("PEMFilebasedKeyStore", "Globus"); // Parameters in properties file Properties properties = new Properties(); properties.setProperty(PEMKeyStore.DEFAULT_DIRECTORY_KEY, "file:" + this.defaultTrustedDirectory.getTempDirectoryName() + "/*.0"); properties.setProperty(PEMKeyStore.DIRECTORY_LIST_KEY, "file:" + this.trustedDirectory.getTempDirectoryName() + "/*.0"); InputStream ins = null;/*from ww w. j av a 2 s . c o m*/ try { ins = getProperties(properties); store.load(ins, null); } finally { if (ins != null) { ins.close(); } } Enumeration<String> aliases = store.aliases(); if (aliases.hasMoreElements()) { String alias = aliases.nextElement(); assertNotNull(store.getCreationDate(alias)); } assertNull(store.getCreationDate("FakeAlias")); }
From source file:org.globus.gsi.provider.TestPEMFileBasedKeyStore.java
@Test public void testCreationDate() throws Exception { KeyStore store = KeyStore.getInstance("PEMFilebasedKeyStore", "Globus"); // Parameters in properties file Properties properties = new Properties(); properties.setProperty(PEMKeyStore.DEFAULT_DIRECTORY_KEY, "file:" + this.defaultTrustedDirectory.getTempDirectoryName()); properties.setProperty(PEMKeyStore.DIRECTORY_LIST_KEY, "file:" + this.trustedDirectory.getTempDirectoryName() + "/*.0"); InputStream ins = null;/*from w ww . jav a2 s . c o m*/ try { ins = getProperties(properties); store.load(ins, null); } finally { if (ins != null) { ins.close(); } } Enumeration<String> aliases = store.aliases(); if (aliases.hasMoreElements()) { String alias = aliases.nextElement(); assertNotNull(store.getCreationDate(alias)); } assertNull(store.getCreationDate("FakeAlias")); }
From source file:org.kuali.rice.ksb.security.admin.service.impl.JavaSecurityManagementServiceImpl.java
public List<KeyStoreEntryDataContainer> getListOfModuleKeyStoreEntries() { List<KeyStoreEntryDataContainer> keyStoreEntries = new ArrayList<KeyStoreEntryDataContainer>(); try {//from w ww .j av a 2s . c om KeyStore moduleKeyStore = getModuleKeyStore(); // List the aliases for (Enumeration<String> enumer = moduleKeyStore.aliases(); enumer.hasMoreElements();) { String alias = (String) enumer.nextElement(); KeyStoreEntryDataContainer dataContainer = new KeyStoreEntryDataContainer(alias, moduleKeyStore.getCreationDate(alias)); KeyStore.PasswordProtection passwordProtection = null; if (moduleKeyStore.isKeyEntry(alias)) { passwordProtection = new KeyStore.PasswordProtection(getModuleKeyStorePassword().toCharArray()); } KeyStore.Entry entry = moduleKeyStore.getEntry(alias, passwordProtection); dataContainer.setType(entry.getClass()); keyStoreEntries.add(dataContainer); } } catch (KeyStoreException e) { e.printStackTrace(); throw new RuntimeException(e); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); throw new RuntimeException(e); } catch (UnrecoverableEntryException e) { e.printStackTrace(); throw new RuntimeException(e); } return keyStoreEntries; }
From source file:org.signserver.server.cryptotokens.CryptoTokenHelper.java
public static TokenSearchResults searchTokenEntries(final KeyStore keyStore, final int startIndex, final int max, final QueryCriteria qc, final boolean includeData) throws CryptoTokenOfflineException, QueryException { final TokenSearchResults result; try {// www. ja v a 2s .co m final ArrayList<TokenEntry> tokenEntries = new ArrayList<TokenEntry>(); final Enumeration<String> e = keyStore.aliases(); // We assume the order is the same for every call unless entries has been added or removed final long maxIndex = (long) startIndex + max; for (int i = 0; i < maxIndex && e.hasMoreElements();) { final String keyAlias = e.nextElement(); final String type; if (keyStore.entryInstanceOf(keyAlias, KeyStore.PrivateKeyEntry.class)) { type = TokenEntry.TYPE_PRIVATEKEY_ENTRY; } else if (keyStore.entryInstanceOf(keyAlias, KeyStore.SecretKeyEntry.class)) { type = TokenEntry.TYPE_SECRETKEY_ENTRY; } else if (keyStore.entryInstanceOf(keyAlias, KeyStore.TrustedCertificateEntry.class)) { type = TokenEntry.TYPE_TRUSTED_ENTRY; } else { type = null; } TokenEntry entry = new TokenEntry(keyAlias, type); if (shouldBeIncluded(entry, qc)) { if (i < startIndex) { i++; continue; } if (LOG.isDebugEnabled()) { LOG.debug("checking keyAlias: " + keyAlias); } // Add additional data if (includeData) { Map<String, String> info = new HashMap<String, String>(); try { Date creationDate = keyStore.getCreationDate(keyAlias); entry.setCreationDate(creationDate); } catch (ProviderException ex) { } // NOPMD: We ignore if it is not supported if (TokenEntry.TYPE_PRIVATEKEY_ENTRY.equals(type)) { final Certificate[] chain = keyStore.getCertificateChain(keyAlias); if (chain.length > 0) { info.put(INFO_KEY_ALGORITHM, AlgorithmTools.getKeyAlgorithm(chain[0].getPublicKey())); info.put(INFO_KEY_SPECIFICATION, AlgorithmTools.getKeySpecification(chain[0].getPublicKey())); } try { entry.setParsedChain(chain); } catch (CertificateEncodingException ex) { info.put("Error", ex.getMessage()); LOG.error("Certificate could not be encoded for alias: " + keyAlias, ex); } } else if (TokenEntry.TYPE_TRUSTED_ENTRY.equals(type)) { Certificate certificate = keyStore.getCertificate(keyAlias); try { entry.setParsedTrustedCertificate(certificate); } catch (CertificateEncodingException ex) { info.put("Error", ex.getMessage()); LOG.error("Certificate could not be encoded for alias: " + keyAlias, ex); } } else if (TokenEntry.TYPE_SECRETKEY_ENTRY.equals(type)) { try { KeyStore.Entry entry1 = keyStore.getEntry(keyAlias, null); SecretKey secretKey = ((KeyStore.SecretKeyEntry) entry1).getSecretKey(); info.put(INFO_KEY_ALGORITHM, secretKey.getAlgorithm()); //info.put(INFO_KEY_SPECIFICATION, AlgorithmTools.getKeySpecification(chain[0].getPublicKey())); // TODO: Key specification support for secret keys } catch (NoSuchAlgorithmException ex) { info.put("Error", ex.getMessage()); LOG.error("Unable to get secret key for alias: " + keyAlias, ex); } catch (UnrecoverableEntryException ex) { info.put("Error", ex.getMessage()); LOG.error("Unable to get secret key for alias: " + keyAlias, ex); } } entry.setInfo(info); } tokenEntries.add(entry); // Increase index i++; } } result = new TokenSearchResults(tokenEntries, e.hasMoreElements()); } catch (KeyStoreException ex) { throw new CryptoTokenOfflineException(ex); } return result; }
From source file:test.integ.be.fedict.commons.eid.client.JCATest.java
@Test public void testBeIDSignature() throws Exception { Security.addProvider(new BeIDProvider()); final KeyStore keyStore = KeyStore.getInstance("BeID"); final BeIDKeyStoreParameter keyStoreParameter = new BeIDKeyStoreParameter(); final BeIDCard beIDCard = getBeIDCard(); keyStoreParameter.setBeIDCard(beIDCard); keyStoreParameter.setLogoff(true);/* w ww. j a v a 2s .co m*/ keyStore.load(keyStoreParameter); final Enumeration<String> aliases = keyStore.aliases(); while (aliases.hasMoreElements()) { final String alias = aliases.nextElement(); LOG.debug("alias: " + alias); } assertEquals(2, keyStore.size()); assertTrue(keyStore.containsAlias("Signature")); assertTrue(keyStore.containsAlias("Authentication")); assertNotNull(keyStore.getCreationDate("Signature")); assertNotNull(keyStore.getCreationDate("Authentication")); assertTrue(keyStore.isKeyEntry("Signature")); final X509Certificate signCertificate = (X509Certificate) keyStore.getCertificate("Signature"); assertNotNull(signCertificate); assertTrue(keyStore.isKeyEntry("Authentication")); final X509Certificate authnCertificate = (X509Certificate) keyStore.getCertificate("Authentication"); assertNotNull(authnCertificate); assertNotNull(keyStore.getCertificateChain("Signature")); assertNotNull(keyStore.getCertificateChain("Authentication")); assertTrue(keyStore.isKeyEntry("Authentication")); final PrivateKey authnPrivateKey = (PrivateKey) keyStore.getKey("Authentication", null); assertNotNull(authnPrivateKey); assertTrue(keyStore.isKeyEntry("Signature")); final PrivateKey signPrivateKey = (PrivateKey) keyStore.getKey("Signature", null); assertNotNull(signPrivateKey); verifySignatureAlgorithm("SHA1withRSA", authnPrivateKey, authnCertificate.getPublicKey()); verifySignatureAlgorithm("SHA256withRSA", signPrivateKey, signCertificate.getPublicKey()); verifySignatureAlgorithm("SHA384withRSA", authnPrivateKey, authnCertificate.getPublicKey()); verifySignatureAlgorithm("SHA512withRSA", authnPrivateKey, authnCertificate.getPublicKey()); Security.addProvider(new BouncyCastleProvider()); verifySignatureAlgorithm("SHA1withRSAandMGF1", authnPrivateKey, authnCertificate.getPublicKey()); verifySignatureAlgorithm("SHA256withRSAandMGF1", authnPrivateKey, authnCertificate.getPublicKey()); }