List of usage examples for java.security Key getFormat
public String getFormat();
From source file:org.forgerock.openidm.security.impl.SecurityResourceProvider.java
/** * Returns a JsonValue map representing key * //from w w w .ja v a2s.c o m * @param key The key * @return a JsonValue map representing the key * @throws Exception */ protected Map<String, Object> getKeyMap(Key key) throws Exception { Map<String, Object> keyMap = new HashMap<>(); keyMap.put("algorithm", key.getAlgorithm()); keyMap.put("format", key.getFormat()); keyMap.put("encoded", toPem(key)); return keyMap; }
From source file:org.forgerock.openidm.security.impl.SecurityResourceProvider.java
/** * Returns a JsonValue map representing key * * @param key The key/* w w w. j av a 2s. com*/ * @return a JsonValue map representing the key * @throws Exception */ protected Map<String, Object> getSecretKeyMap(Key key) throws Exception { Map<String, Object> keyMap = new HashMap<>(); keyMap.put("algorithm", key.getAlgorithm()); keyMap.put("format", key.getFormat()); keyMap.put("encoded", Base64.encode(key.getEncoded())); return keyMap; }
From source file:org.lockss.protocol.BlockingStreamComm.java
private void logKeyStore(KeyStore ks, char[] privateKeyPassWord) { log.debug3("start of key store"); try {// w w w . ja v a 2 s . c o m for (Enumeration en = ks.aliases(); en.hasMoreElements();) { String alias = (String) en.nextElement(); log.debug3("Next alias " + alias); if (ks.isCertificateEntry(alias)) { log.debug3("About to Certificate"); java.security.cert.Certificate cert = ks.getCertificate(alias); if (cert == null) { log.debug3(alias + " null cert chain"); } else { log.debug3("Cert for " + alias + " is " + cert.toString()); } } else if (ks.isKeyEntry(alias)) { log.debug3("About to getKey"); Key privateKey = ks.getKey(alias, privateKeyPassWord); log.debug3(alias + " key " + privateKey.getAlgorithm() + "/" + privateKey.getFormat()); } else { log.debug3(alias + " neither key nor cert"); } } log.debug3("end of key store"); } catch (Exception ex) { log.error("logKeyStore() threw " + ex); } }
From source file:org.lockss.util.KeyStoreUtil.java
private static void initializeKeyStore(KeyStore keyStore, Configuration config) throws CertificateException, IOException, InvalidKeyException, KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, UnrecoverableKeyException { String keyAlias = config.get(PROP_KEY_ALIAS, DEFAULT_KEY_ALIAS); String certAlias = config.get(PROP_CERT_ALIAS, DEFAULT_CERT_ALIAS); String keyAlgName = config.get(PROP_KEY_ALGORITHM, DEFAULT_KEY_ALGORITHM); String sigAlgName = config.get(PROP_SIG_ALGORITHM, DEFAULT_SIG_ALGORITHM); String keyStorePassword = config.get(PROP_KEYSTORE_PASSWORD); String keyPassword = config.get(PROP_KEY_PASSWORD); int keyBits = config.getInt(PROP_KEY_BITS, DEFAULT_KEY_BITS); long expireIn = config.getTimeInterval(PROP_EXPIRE_IN, DEFAULT_EXPIRE_IN); String x500String = config.get(PROP_X500_NAME, DEFAULT_X500_NAME); CertAndKeyGen keypair = new CertAndKeyGen(keyAlgName, sigAlgName); keypair.generate(keyBits);/*w ww.j av a2 s.c om*/ PrivateKey privKey = keypair.getPrivateKey(); log.debug3("PrivKey: " + privKey.getAlgorithm() + " " + privKey.getFormat()); X509Certificate[] chain = new X509Certificate[1]; X500Name x500Name = new X500Name(x500String); chain[0] = keypair.getSelfCertificate(x500Name, expireIn); log.debug3("Certificate: " + chain[0].toString()); keyStore.load(null, keyStorePassword.toCharArray()); keyStore.setCertificateEntry(certAlias, chain[0]); keyStore.setKeyEntry(keyAlias, privKey, keyPassword.toCharArray(), chain); Key myKey = keyStore.getKey(keyAlias, keyPassword.toCharArray()); log.debug("MyKey: " + myKey.getAlgorithm() + " " + myKey.getFormat()); }
From source file:org.lockss.util.KeyStoreUtil.java
private static void initializeKeyStore(KeyStore keyStore, String domainName, String password) throws IOException, CertificateException, InvalidKeyException, SignatureException, NoSuchAlgorithmException, NoSuchProviderException, KeyStoreException, UnrecoverableKeyException { String keyAlias = domainName + keySuffix; String certAlias = domainName + crtSuffix; String keyStorePassword = domainName; String keyStoreFileName = domainName + ".jceks"; File keyStoreFile = new File(keyStoreFileName); if (keyStoreFile.exists()) { log.debug("Key store file " + keyStoreFileName + " exists"); throw new IOException("Key store file " + keyStoreFileName + " exists"); }//from ww w . j a v a2 s . c o m String keyAlgName = "RSA"; String sigAlgName = "MD5WithRSA"; log.debug("About to create a CertAndKeyGen: " + keyAlgName + " " + sigAlgName); CertAndKeyGen keypair; try { keypair = new CertAndKeyGen(keyAlgName, sigAlgName); } catch (NoSuchAlgorithmException e) { log.debug("new CertAndKeyGen(" + keyAlgName + "," + sigAlgName + ") threw " + e); throw e; } log.debug("About to generate a key pair"); try { keypair.generate(1024); } catch (InvalidKeyException e) { log.debug("keypair.generate(1024) threw " + e); throw e; } log.debug("About to get a PrivateKey"); PrivateKey privKey = keypair.getPrivateKey(); log.debug("MyKey: " + privKey.getAlgorithm() + " " + privKey.getFormat()); log.debug("About to get a self-signed certificate"); X509Certificate[] chain = new X509Certificate[1]; X500Name x500Name = new X500Name( "CN=" + domainName + ", " + "OU=LOCKSS Team, O=Stanford, " + "L=Stanford, S=California, C=US"); chain[0] = keypair.getSelfCertificate(x500Name, 365 * 24 * 60 * 60); log.debug("Certificate: " + chain[0].toString()); log.debug("About to keyStore.load(null)"); try { keyStore.load(null, keyStorePassword.toCharArray()); } catch (IOException e) { log.debug("keyStore.load() threw " + e); throw e; } catch (CertificateException e) { log.debug("keyStore.load() threw " + e); throw e; } catch (NoSuchAlgorithmException e) { log.debug("keyStore.load() threw " + e); throw e; } log.debug("About to store " + certAlias + " in key store"); try { keyStore.setCertificateEntry(certAlias, chain[0]); } catch (KeyStoreException e) { log.debug("keyStore.setCertificateEntry() threw " + e); throw e; } log.debug("About to store " + keyAlias + " in key store"); try { keyStore.setKeyEntry(keyAlias, privKey, password.toCharArray(), chain); } catch (KeyStoreException e) { log.debug("keyStore.setKeyEntry() threw " + e); throw e; } log.debug("About to getKeyEntry()"); Key myKey = keyStore.getKey(keyAlias, password.toCharArray()); log.debug("MyKey: " + myKey.getAlgorithm() + " " + myKey.getFormat()); log.debug("Done storing"); }
From source file:org.lockss.util.KeyStoreUtil.java
private static void listKeyStore(String domainNames[], KeyStore kss[], String passwords[], int i) { log.debug("start of key store for " + domainNames[i]); try {/*w w w . j av a2 s. c o m*/ for (Enumeration en = kss[i].aliases(); en.hasMoreElements();) { String alias = (String) en.nextElement(); log.debug("Next alias " + alias); if (kss[i].isCertificateEntry(alias)) { log.debug("About to getCertificate"); java.security.cert.Certificate cert = kss[i].getCertificate(alias); if (cert == null) { log.debug(alias + " null cert chain"); } else { log.debug("Cert for " + alias + " is " + cert.toString()); } } else if (kss[i].isKeyEntry(alias)) { log.debug("About to getKey"); Key privateKey = kss[i].getKey(alias, passwords[i].toCharArray()); log.debug(alias + " key " + privateKey.getAlgorithm() + "/" + privateKey.getFormat()); } else { log.error(alias + " neither key nor cert"); } } log.debug("end of key store for " + domainNames[i]); } catch (Exception ex) { log.error("listKeyStore() threw " + ex); } }
From source file:org.opensaml.xml.security.SecurityHelper.java
/** * Get the key length in bits of the specified key. * /*from ww w. jav a 2s . com*/ * @param key the key to evaluate * @return length of the key in bits, or null if the length can not be determined */ public static Integer getKeyLength(Key key) { // TODO investigate techniques (and use cases) to determine length in other cases, // e.g. RSA and DSA keys, and non-RAW format symmetric keys if (key instanceof SecretKey && "RAW".equals(key.getFormat())) { return key.getEncoded().length * 8; } log.debug("Unable to determine length in bits of specified Key instance"); return null; }