List of usage examples for java.security KeyStore aliases
public final Enumeration<String> aliases() throws KeyStoreException
From source file:org.commonjava.util.jhttpc.INTERNAL.util.SSLUtils.java
public static KeyStore readKeyAndCert(final String pemContent, final String keyPass) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, InvalidKeySpecException, JHttpCException { Logger logger = LoggerFactory.getLogger(SSLUtils.class); boolean bcEnabled = true; for (String bctestName : BC_TEST_NAMES) { try {/*from ww w . j av a 2 s . c o m*/ Class.forName(bctestName); } catch (ClassNotFoundException e) { logger.warn( "One or more BouncyCastle jars (bcprov-jdk15on, bcpkix-jdk15on) are missing from the classpath! PEM SSL client keys are not supported!"); bcEnabled = false; break; } } if (!bcEnabled) { return null; } KeyStore ks = BouncyCastleUtils.readKeyAndCertFromPem(pemContent, keyPass); Enumeration<String> aliases = ks.aliases(); while (aliases.hasMoreElements()) { String alias = aliases.nextElement(); logger.trace("Got alias: {}. Is Cert? {} Is Private key? {}", alias, ks.isCertificateEntry(alias), ks.isKeyEntry(alias)); } return ks; }
From source file:com.microsoft.aad.adal4j.AsymmetricKeyCredential.java
/** * Static method to create KeyCredential instance. * /*from w w w. j ava 2 s . c o m*/ * @param clientId * Identifier of the client requesting the token. * @param pkcs12Certificate * PKCS12 certificate stream containing public and private key. * Caller is responsible for handling the input stream. * @param password * certificate password * @return KeyCredential instance * @throws KeyStoreException * @throws NoSuchProviderException * @throws NoSuchAlgorithmException * @throws CertificateException * @throws FileNotFoundException * @throws IOException * @throws UnrecoverableKeyException */ public static AsymmetricKeyCredential create(final String clientId, final InputStream pkcs12Certificate, final String password) throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, UnrecoverableKeyException { final KeyStore keystore = KeyStore.getInstance("PKCS12", "SunJSSE"); keystore.load(pkcs12Certificate, password.toCharArray()); final Enumeration<String> aliases = keystore.aliases(); final String alias = aliases.nextElement(); final PrivateKey key = (PrivateKey) keystore.getKey(alias, password.toCharArray()); final X509Certificate publicCertificate = (X509Certificate) keystore.getCertificate(alias); return create(clientId, key, publicCertificate); }
From source file:com.hhi.bigdata.platform.push.client.RegisterUtil.java
/** * <pre>//from w w w.j ava 2 s. com * create a SSLSocketFactory instance with given parameters * </pre> * @param keystore * @param password * @return * @throws IOException */ private static PrivateKey getPrivateKey(KeyStore keystore, String password) throws Exception { Key key = null; // List the aliases Enumeration<String> aliases = keystore.aliases(); while (aliases.hasMoreElements()) { String alias = (String) aliases.nextElement(); if (keystore.isKeyEntry(alias)) { key = keystore.getKey(alias, password.toCharArray()); } } return (PrivateKey) key; }
From source file:com.microsoft.aad.adal4j.MSCAPIAsymmetricKeyCredential.java
/** * Static method to create KeyCredential instance. * /*from w w w .j a v a2s . c o m*/ * @param clientId * Identifier of the client requesting the token. * @param pkcs12Certificate * PKCS12 certificate stream containing public and private key. * Caller is responsible to handling the inputstream. * @param password * certificate password * @return KeyCredential instance * @throws KeyStoreException * @throws NoSuchProviderException * @throws NoSuchAlgorithmException * @throws CertificateException * @throws FileNotFoundException * @throws IOException * @throws UnrecoverableKeyException */ public static MSCAPIAsymmetricKeyCredential create(final String clientId, final InputStream pkcs12Certificate, final String password) throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, UnrecoverableKeyException { final KeyStore keystore = KeyStore.getInstance("PKCS12", "SunJSSE"); keystore.load(pkcs12Certificate, password.toCharArray()); final Enumeration<String> aliases = keystore.aliases(); final String alias = aliases.nextElement(); final PrivateKey key = (PrivateKey) keystore.getKey(alias, password.toCharArray()); final X509Certificate publicCertificate = (X509Certificate) keystore.getCertificate(alias); return create(clientId, key, publicCertificate); }
From source file:org.lealone.cluster.security.SSLFactory.java
public static SSLContext createSSLContext(EncryptionOptions options, boolean buildTruststore) throws IOException { FileInputStream tsf = null;//from ww w. j a v a2s .c om FileInputStream ksf = null; SSLContext ctx; try { ctx = SSLContext.getInstance(options.protocol); TrustManager[] trustManagers = null; if (buildTruststore) { tsf = new FileInputStream(options.truststore); TrustManagerFactory tmf = TrustManagerFactory.getInstance(options.algorithm); KeyStore ts = KeyStore.getInstance(options.store_type); ts.load(tsf, options.truststore_password.toCharArray()); tmf.init(ts); trustManagers = tmf.getTrustManagers(); } ksf = new FileInputStream(options.keystore); KeyManagerFactory kmf = KeyManagerFactory.getInstance(options.algorithm); KeyStore ks = KeyStore.getInstance(options.store_type); ks.load(ksf, options.keystore_password.toCharArray()); if (!checkedExpiry) { for (Enumeration<String> aliases = ks.aliases(); aliases.hasMoreElements();) { String alias = aliases.nextElement(); if (ks.getCertificate(alias).getType().equals("X.509")) { Date expires = ((X509Certificate) ks.getCertificate(alias)).getNotAfter(); if (expires.before(new Date())) logger.warn("Certificate for {} expired on {}", alias, expires); } } checkedExpiry = true; } kmf.init(ks, options.keystore_password.toCharArray()); ctx.init(kmf.getKeyManagers(), trustManagers, null); } catch (Exception e) { throw new IOException("Error creating the initializing the SSL Context", e); } finally { FileUtils.closeQuietly(tsf); FileUtils.closeQuietly(ksf); } return ctx; }
From source file:org.apache.cassandra.security.SSLFactory.java
@SuppressWarnings("resource") public static SSLContext createSSLContext(EncryptionOptions options, boolean buildTruststore) throws IOException { FileInputStream tsf = null;/*w w w . j a va2 s . co m*/ FileInputStream ksf = null; SSLContext ctx; try { ctx = SSLContext.getInstance(options.protocol); TrustManager[] trustManagers = null; if (buildTruststore) { tsf = new FileInputStream(options.truststore); TrustManagerFactory tmf = TrustManagerFactory.getInstance(options.algorithm); KeyStore ts = KeyStore.getInstance(options.store_type); ts.load(tsf, options.truststore_password.toCharArray()); tmf.init(ts); trustManagers = tmf.getTrustManagers(); } ksf = new FileInputStream(options.keystore); KeyManagerFactory kmf = KeyManagerFactory.getInstance(options.algorithm); KeyStore ks = KeyStore.getInstance(options.store_type); ks.load(ksf, options.keystore_password.toCharArray()); if (!checkedExpiry) { for (Enumeration<String> aliases = ks.aliases(); aliases.hasMoreElements();) { String alias = aliases.nextElement(); if (ks.getCertificate(alias).getType().equals("X.509")) { Date expires = ((X509Certificate) ks.getCertificate(alias)).getNotAfter(); if (expires.before(new Date())) logger.warn("Certificate for {} expired on {}", alias, expires); } } checkedExpiry = true; } kmf.init(ks, options.keystore_password.toCharArray()); ctx.init(kmf.getKeyManagers(), trustManagers, null); } catch (Exception e) { throw new IOException("Error creating the initializing the SSL Context", e); } finally { FileUtils.closeQuietly(tsf); FileUtils.closeQuietly(ksf); } return ctx; }
From source file:it.geosolutions.sfs.web.Start.java
private static boolean keyStoreContainsCertificate(KeyStore ks, String hostname) throws Exception { // SubjectDnX509PrincipalExtractor ex = new SubjectDnX509PrincipalExtractor(); Enumeration<String> e = ks.aliases(); while (e.hasMoreElements()) { String alias = e.nextElement(); if (ks.isCertificateEntry(alias)) { Certificate c = ks.getCertificate(alias); if (c instanceof X509Certificate) { X500Principal p = (X500Principal) ((X509Certificate) c).getSubjectX500Principal(); if (p.getName().contains(hostname)) return true; }/*from w w w. j a v a 2 s . com*/ } } return false; }
From source file:eidassaml.starterkit.Utils.java
/** * /*from w w w . ja va 2 s . c om*/ * @param stream * @param password * @param alias * @return * @throws KeyStoreException * @throws NoSuchAlgorithmException * @throws CertificateException * @throws IOException * @throws UnrecoverableKeyException * @throws NoSuchProviderException */ public static X509KeyPair ReadPKCS12(InputStream stream, char[] password, String alias) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException, NoSuchProviderException { KeyStore p12 = KeyStore.getInstance("pkcs12", "BC"); p12.load(stream, password); Enumeration<String> e = p12.aliases(); PrivateKey key = null; X509Certificate cert = null; StringBuffer aliasBuf = new StringBuffer(); while (e.hasMoreElements()) { String currentalias = (String) e.nextElement(); aliasBuf.append(currentalias); aliasBuf.append(" ||| "); cert = (X509Certificate) p12.getCertificate(currentalias); key = (PrivateKey) p12.getKey(currentalias, password); if (Utils.IsNullOrEmpty(alias) && key != null) { //take the first one break; } else if (currentalias.equals(alias) && key != null) { break; } } if (key != null) { return new X509KeyPair(key, cert); } else { StringBuffer errbuf = new StringBuffer(); errbuf.append("keystore does not contains alias " + alias + ". Try alias " + aliasBuf.toString()); throw new KeyStoreException(errbuf.toString()); } }
From source file:org.apache.accumulo.test.util.CertUtils.java
static Certificate findCert(KeyStore keyStore) throws KeyStoreException { Enumeration<String> aliases = keyStore.aliases(); Certificate cert = null;//from w w w .j av a 2 s. c om while (aliases.hasMoreElements()) { String alias = aliases.nextElement(); if (keyStore.isCertificateEntry(alias)) { if (cert == null) { cert = keyStore.getCertificate(alias); } else { log.warn("Found multiple certificates in keystore. Ignoring " + alias); } } } if (cert == null) { throw new KeyStoreException("Could not find cert in keystore"); } return cert; }
From source file:org.glite.slcs.httpclient.ssl.ExtendedX509TrustManager.java
static protected List createTrustedIssuers(KeyStore truststore) throws KeyStoreException { List trustedcerts = new ArrayList(); Enumeration aliases = truststore.aliases(); while (aliases.hasMoreElements()) { String alias = (String) aliases.nextElement(); Certificate trustedcert = truststore.getCertificate(alias); if (trustedcert != null && trustedcert instanceof X509Certificate) { X509Certificate cert = (X509Certificate) trustedcert; trustedcerts.add(cert);// www . jav a2 s .c om } } return trustedcerts; }