List of usage examples for java.security KeyStore aliases
public final Enumeration<String> aliases() throws KeyStoreException
From source file:com.dbay.apns4j.tools.ApnsTools.java
public final static SocketFactory createSocketFactory(InputStream keyStore, String password, String keystoreType, String algorithm, String protocol) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException, KeyManagementException, CertificateExpiredException { char[] pwdChars = password.toCharArray(); KeyStore ks = KeyStore.getInstance(keystoreType); ks.load(keyStore, pwdChars);/*from ww w . j a va 2 s .c o m*/ // ?? Enumeration<String> enums = ks.aliases(); String alias = ""; if (enums.hasMoreElements()) { alias = enums.nextElement(); } if (StringUtils.isNotEmpty(alias)) { X509Certificate certificate = (X509Certificate) ks.getCertificate(alias); if (null != certificate) { String type = certificate.getType(); int ver = certificate.getVersion(); String name = certificate.getSubjectDN().getName(); String serialNumber = certificate.getSerialNumber().toString(16); String issuerDN = certificate.getIssuerDN().getName(); String sigAlgName = certificate.getSigAlgName(); String publicAlgorithm = certificate.getPublicKey().getAlgorithm(); Date before = certificate.getNotBefore(); Date after = certificate.getNotAfter(); String beforeStr = DateFormatUtils.format(before, "yyyy-MM-dd HH:mm:ss"); String afterStr = DateFormatUtils.format(after, "yyyy-MM-dd HH:mm:ss"); // ?? long expire = DateUtil.getNumberOfDaysBetween(new Date(), after); if (expire <= 0) { if (LOG.isErrorEnabled()) { LOG.error( "?[{}], [{}], ?[{}], ??[{}], ?[{}], ??[{}], [{}], [{}][{}], ?[{}]", name, type, ver, serialNumber, issuerDN, sigAlgName, publicAlgorithm, beforeStr, afterStr, Math.abs(expire)); } throw new CertificateExpiredException("??[" + Math.abs(expire) + "]"); } if (LOG.isInfoEnabled()) { LOG.info( "?[{}], [{}], ?[{}], ??[{}], ?[{}], ??[{}], [{}], [{}][{}], ?[{}]?", name, type, ver, serialNumber, issuerDN, sigAlgName, publicAlgorithm, beforeStr, afterStr, expire); } } } KeyManagerFactory kf = KeyManagerFactory.getInstance(algorithm); kf.init(ks, pwdChars); TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm); tmf.init((KeyStore) null); SSLContext context = SSLContext.getInstance(protocol); context.init(kf.getKeyManagers(), tmf.getTrustManagers(), null); return context.getSocketFactory(); }
From source file:org.soyatec.windowsazure.internal.util.ssl.SslUtil.java
@SuppressWarnings("unused") private static void loadWindowsCert() throws Exception { KeyStore ks = KeyStore.getInstance("Windows-MY");// "Windows-ROOT" ks.load(null, null);// ww w . j a v a2 s . co m Enumeration<String> en = ks.aliases(); while (en.hasMoreElements()) { String key = en.nextElement(); Certificate[] certs = ks.getCertificateChain(key); X509Certificate cert = (X509Certificate) certs[0]; } }
From source file:org.panlab.tgw.restclient.PtmInfoParser.java
private static void processCertificate(String alias, X509Certificate x509, URL url) { try {// w ww . j a va 2s .c om String store = System.getProperty("javax.net.ssl.trustStore"); String password = System.getProperty("javax.net.ssl.trustStorePassword"); KeyStore keystore = KeyStore.getInstance("JKS"); keystore.load(new FileInputStream(store), password.toCharArray()); Enumeration<String> en = keystore.aliases(); while (en.hasMoreElements()) { log.info(en.nextElement()); } if (!keystore.containsAlias(alias)) { ByteArrayInputStream bais = new ByteArrayInputStream(x509.getEncoded()); Certificate cert = CertificateFactory.getInstance("x509").generateCertificate(bais); keystore.setCertificateEntry(alias, cert); storeNewPTM(alias, url, x509.getSubjectDN().toString().replace(", ", ",")); en = keystore.aliases(); while (en.hasMoreElements()) { log.info(en.nextElement()); } keystore.store(new FileOutputStream(store), password.toCharArray()); TrustManagerFactory.getInstance("PKIX").init(keystore); } } catch (Exception error) { log.error(error.getMessage()); } }
From source file:org.apache.accumulo.test.util.CertUtils.java
static PrivateKey findPrivateKey(KeyStore keyStore, char[] keystorePassword) throws UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException { Enumeration<String> aliases = keyStore.aliases(); PrivateKey key = null;/*from w w w. j ava2s . c om*/ while (aliases.hasMoreElements()) { String alias = aliases.nextElement(); if (keyStore.isKeyEntry(alias)) { if (key == null) { key = (PrivateKey) keyStore.getKey(alias, keystorePassword); } else { log.warn("Found multiple keys in keystore. Ignoring " + alias); } } } if (key == null) { throw new KeyStoreException("Could not find private key in keystore"); } return key; }
From source file:org.tolven.gatekeeper.CertificateHelper.java
/** * Return the X509Certificate of the first alias in the keyStore * //from w ww . j av a 2 s.c om * @param keyStore * @return */ public static X509Certificate getX509Certificate(KeyStore keyStore) { String alias = null; try { Enumeration<String> aliases = keyStore.aliases(); if (!aliases.hasMoreElements()) { throw new RuntimeException("KeyStore contains no aliases"); } alias = aliases.nextElement(); } catch (KeyStoreException ex) { throw new RuntimeException("Could obtain alias: " + alias + " in the userPKCS12 keystore", ex); } try { Certificate[] certificateChain = keyStore.getCertificateChain(alias); if (certificateChain == null || certificateChain.length == 0) { throw new RuntimeException("KeyStore contains no certificate with alias " + alias); } return (X509Certificate) certificateChain[0]; } catch (KeyStoreException ex) { throw new RuntimeException( "Could not obtain X509Certificate from userPKCS12 keystore using alias: " + alias, ex); } }
From source file:org.globus.gsi.util.CertificateLoadUtil.java
public static Collection<X509Certificate> getTrustedCertificates(KeyStore keyStore, X509CertSelector selector) throws KeyStoreException { Vector<X509Certificate> certificates = new Vector<X509Certificate>(); Enumeration<String> aliases = keyStore.aliases(); while (aliases.hasMoreElements()) { String alias = aliases.nextElement(); if (keyStore.isCertificateEntry(alias)) { // If a specific impl of keystore requires refresh, this would be a // good place to add it. Certificate certificate = keyStore.getCertificate(alias); if (certificate instanceof X509Certificate) { X509Certificate x509Cert = (X509Certificate) certificate; if (selector == null) { certificates.add(x509Cert); } else if (selector.match(certificate)) { certificates.add(x509Cert); }/*from w ww .j av a2s. c o m*/ } } } return certificates; }
From source file:org.tolven.gatekeeper.CertificateHelper.java
public static void changeKeyStorePassword(KeyStore keyStore, char[] oldPassword, char[] newPassword) { String alias = null;/*from w ww . j a v a 2 s . c o m*/ try { Enumeration<String> aliases = keyStore.aliases(); if (!aliases.hasMoreElements()) { throw new RuntimeException("KeyStore contains no aliases"); } alias = aliases.nextElement(); } catch (KeyStoreException ex) { throw new RuntimeException("Could obtain alias: " + alias + " in the userPKCS12 keystore", ex); } changeKeyStorePassword(keyStore, alias, oldPassword, newPassword); }
From source file:org.opendatakit.aggregate.externalservice.GoogleOauth2ExternalService.java
protected static GoogleCredential getCredential(String scopes, CallingContext cc) throws ODKExternalServiceCredentialsException { try {//from w w w .jav a 2s.c o m String serviceAccountUser = ServerPreferencesProperties.getServerPreferencesProperty(cc, ServerPreferencesProperties.GOOGLE_API_SERVICE_ACCOUNT_EMAIL); String privateKeyString = ServerPreferencesProperties.getServerPreferencesProperty(cc, ServerPreferencesProperties.PRIVATE_KEY_FILE_CONTENTS); if (serviceAccountUser == null || privateKeyString == null || serviceAccountUser.length() == 0 || privateKeyString.length() == 0) { throw new ODKExternalServiceCredentialsException( "No OAuth2 credentials. Have you supplied any OAuth2 credentials on the Site Admin / Preferences page?"); } byte[] privateKeyBytes = Base64.decodeBase64(privateKeyString.getBytes(UTF_CHARSET)); // TODO: CHANGE TO MORE OPTIMAL METHOD KeyStore ks = null; ks = KeyStore.getInstance("PKCS12"); ks.load(new ByteArrayInputStream(privateKeyBytes), "notasecret".toCharArray()); Enumeration<String> aliasEnum = null; aliasEnum = ks.aliases(); Key key = null; while (aliasEnum.hasMoreElements()) { String keyName = (String) aliasEnum.nextElement(); key = ks.getKey(keyName, "notasecret".toCharArray()); break; } PrivateKey serviceAccountPrivateKey = (PrivateKey) key; HttpClientFactory httpClientFactory = (HttpClientFactory) cc.getBean(BeanDefs.HTTP_CLIENT_FACTORY); HttpTransport httpTransport = httpClientFactory.getGoogleOAuth2Transport(); GoogleCredential credential = new GoogleCredential.Builder().setTransport(httpTransport) .setJsonFactory(jsonFactory).setServiceAccountId(serviceAccountUser) .setServiceAccountScopes(Collections.singleton(scopes)) .setServiceAccountPrivateKey(serviceAccountPrivateKey).build(); credential.refreshToken(); return credential; } catch (Exception e) { e.printStackTrace(); throw new ODKExternalServiceCredentialsException(e); } }
From source file:org.viafirma.nucleo.validacion.KeyStoreLoader.java
/** * Retora el listado de certificados almacenados dentro del keystore * indicado./*from w ww . java 2 s . c om*/ * * @param ks * the keystore * @return list of certificates kept in the keystore */ @SuppressWarnings("unchecked") private static List<Certificate> getKeystoreCerts(KeyStore ks) { List<Certificate> list = new ArrayList<Certificate>(); StringBuffer certificadosIgnorados = new StringBuffer(); try { Enumeration aliases = ks.aliases(); while (aliases.hasMoreElements()) { String alias = (String) aliases.nextElement(); // FILTRA LOS CERTIFICADOS QUE NO QUEREMOS O NO SON NECESARIOS. if (!alias.contains(Nucleo.IDENTIFICADOR_CERTIFICADO_VIAFIRMA_KEYSTORE)) { certificadosIgnorados.append(alias + ","); } else { if (!(ks.isCertificateEntry(alias))) continue; Certificate c = ks.getCertificate(alias); if (c instanceof X509Certificate) { log.info("Detectado certificado de confianza: Alias=" + alias + ", DN=" + ((X509Certificate) c).getSubjectDN()); } list.add(c); } } log.debug("Certificados ignorados :" + certificadosIgnorados); return list; } catch (KeyStoreException e) { throw new RuntimeException("Keystore not loaded", e); } }
From source file:cn.mrdear.pay.util.RSAUtils.java
/** * ?/* www .j a v a 2 s. c o m*/ * * @param type * * @param inputStream * ? * @param password * ? * @return */ public static Key getKey(String type, InputStream inputStream, String password) { Assert.isNotEmpty(type); Assert.notNull(inputStream); try { KeyStore keyStore = KeyStore.getInstance(type, PROVIDER); keyStore.load(inputStream, password != null ? password.toCharArray() : null); String alias = keyStore.aliases().hasMoreElements() ? keyStore.aliases().nextElement() : null; return keyStore.getKey(alias, password != null ? password.toCharArray() : null); } catch (KeyStoreException e) { throw new RuntimeException(e.getMessage(), e); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e.getMessage(), e); } catch (CertificateException e) { throw new RuntimeException(e.getMessage(), e); } catch (IOException e) { throw new RuntimeException(e.getMessage(), e); } catch (UnrecoverableKeyException e) { throw new RuntimeException(e.getMessage(), e); } }