List of usage examples for java.security KeyStore aliases
public final Enumeration<String> aliases() throws KeyStoreException
From source file:org.ejbca.core.protocol.ocsp.OCSPUnidClient.java
/** * @param ksfilename String Filename of PKCS#12 keystore used to authenticate TLS client authentication, or null if TLS is not used * @param pwd String password for the key store,or null if no keystore is used * @param ocspurl String url to the OCSP server, or null if we should try to use the AIA extension from the cert; e.g. http://127.0.0.1:8080/ejbca/publicweb/status/ocsp (or https for TLS) * @return the client to use/*ww w .j a v a 2 s . co m*/ * @throws Exception */ public static OCSPUnidClient getOCSPUnidClient(String ksfilename, String pwd, String ocspurl, boolean doSignRequst, boolean getfnr) throws Exception { if (doSignRequst && ksfilename == null) { throw new Exception("You got to give the path name for a keystore to use when using signing."); } final KeyStore ks; if (ksfilename != null) { ks = KeyStore.getInstance("PKCS12", "BC"); ks.load(new FileInputStream(ksfilename), pwd.toCharArray()); Enumeration<String> en = ks.aliases(); String alias = null; // If this alias is a trusted certificate entry, we don't want to fetch that, we want the key entry while ((alias == null || ks.isCertificateEntry(alias)) && en.hasMoreElements()) { alias = en.nextElement(); } final Certificate[] certs = KeyTools.getCertChain(ks, alias); if (certs == null) { throw new IOException("Can not find a certificate entry in PKCS12 keystore for alias " + alias); } final PrivateKey privateKey = doSignRequst ? (PrivateKey) ks.getKey(alias, null) : null; return new OCSPUnidClient(ks, pwd, ocspurl, certs, privateKey, getfnr); } else { return new OCSPUnidClient(null, null, ocspurl, null, null, getfnr); } }
From source file:fr.inria.ucn.Helpers.java
/** * FIXME: remove once all servers have valid certificate * @return//www . j a va 2 s.c om */ public static boolean isCaCertInstalledHack(String match) { boolean res = false; try { KeyStore ks = KeyStore.getInstance("AndroidCAStore"); ks.load(null, null); Enumeration<String> aliases = ks.aliases(); while (aliases.hasMoreElements()) { String alias = aliases.nextElement(); X509Certificate cert = (X509Certificate) ks.getCertificate(alias); //Log.d(Constants.LOGTAG, "keystore: " + alias + "/" + cert.getIssuerDN().getName()); if (cert.getIssuerDN().getName().contains(match)) { res = true; break; } } } catch (KeyStoreException e) { Log.w(Constants.LOGTAG, "failed to check certificates", e); } catch (NoSuchAlgorithmException e) { } catch (CertificateException e) { } catch (IOException e) { } return res; }
From source file:net.sf.jsignpdf.utils.KeyStoreUtils.java
/** * Loads certificate names (aliases) from the given keystore * //from w ww .j a v a 2s.c o m * @return array of certificate aliases */ public static String[] getCertAliases(KeyStore tmpKs) { if (tmpKs == null) return null; final List<String> tmpResult = new ArrayList<String>(); try { final Enumeration<String> tmpAliases = tmpKs.aliases(); while (tmpAliases.hasMoreElements()) { final String tmpAlias = tmpAliases.nextElement(); if (tmpKs.isCertificateEntry(tmpAlias)) { tmpResult.add(tmpAlias); } } } catch (Exception e) { e.printStackTrace(); return null; } return tmpResult.toArray(new String[tmpResult.size()]); }
From source file:it.greenvulcano.gvesb.http.ssl.AuthSSLProtocolSocketFactory.java
private static TrustManager[] createTrustManagers(final KeyStore keystore) throws KeyStoreException, NoSuchAlgorithmException { if (keystore == null) { throw new IllegalArgumentException("Keystore may not be null"); }/*from w w w . j av a2s . co m*/ logger.debug("createTrustManagers - Initializing trust manager: " + keystore.aliases().nextElement()); logger.debug("Initializing trust manager"); TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmfactory.init(keystore); TrustManager[] trustmanagers = tmfactory.getTrustManagers(); for (int i = 0; i < trustmanagers.length; i++) { if (trustmanagers[i] instanceof X509TrustManager) { trustmanagers[i] = new AuthSSLX509TrustManager((X509TrustManager) trustmanagers[i]); } } return trustmanagers; }
From source file:be.fedict.trust.service.KeyStoreUtils.java
public static PrivateKeyEntry loadPrivateKeyEntry(KeyStoreType type, String path, String storePassword, String entryPassword, String alias) throws KeyStoreLoadException { LOG.debug("load keystore"); InputStream keyStoreStream = null; if (type.equals(KeyStoreType.PKCS11)) { Security.addProvider(new SunPKCS11(path)); } else {/* ww w. j a v a 2s . c o m*/ try { keyStoreStream = new FileInputStream(path); } catch (FileNotFoundException e) { throw new KeyStoreLoadException("Can't load keystore from config-specified location: " + path, e); } } /* Find the keystore. */ KeyStore keyStore; try { keyStore = KeyStore.getInstance(type.name()); } catch (Exception e) { throw new KeyStoreLoadException("keystore instance not available: " + e.getMessage(), e); } /* Open the keystore and find the key entry. */ try { keyStore.load(keyStoreStream, storePassword.toCharArray()); } catch (Exception e) { throw new KeyStoreLoadException("keystore load error: " + e.getMessage(), e); } Enumeration<String> aliases; try { aliases = keyStore.aliases(); } catch (KeyStoreException e) { throw new KeyStoreLoadException("could not get aliases: " + e.getMessage(), e); } if (!aliases.hasMoreElements()) { throw new KeyStoreLoadException("keystore is empty"); } if (null == alias || alias.isEmpty()) { alias = aliases.nextElement(); LOG.debug("alias: " + alias); } try { if (!keyStore.isKeyEntry(alias)) throw new KeyStoreLoadException("not key entry: " + alias); } catch (KeyStoreException e) { throw new KeyStoreLoadException("key store error: " + e.getMessage(), e); } /* Get the private key entry. */ try { PrivateKeyEntry privateKeyEntry = (PrivateKeyEntry) keyStore.getEntry(alias, new KeyStore.PasswordProtection(entryPassword.toCharArray())); return privateKeyEntry; } catch (Exception e) { throw new KeyStoreLoadException("error retrieving key: " + e.getMessage(), e); } }
From source file:org.roda.common.certification.ODFSignatureUtils.java
public static Path runDigitalSignatureSign(Path input, String ks, String alias, String password, String fileFormat) throws Exception { Security.addProvider(new BouncyCastleProvider()); Path output = Files.createTempFile("odfsigned", "." + fileFormat); KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); InputStream storeStream = new FileInputStream(ks); keystore.load(storeStream, password.toCharArray()); X509Certificate certificate = (X509Certificate) keystore.getCertificate(keystore.aliases().nextElement()); Key key = keystore.getKey(alias, password.toCharArray()); IOUtils.closeQuietly(storeStream);/*from ww w. ja v a2 s .c o m*/ ByteArrayInputStream bais = createSignature(input.toString(), certificate, key); File file = output.toFile(); if (file != null) { byte[] buffer = new byte[2048]; int length = 0; FileOutputStream fos = new FileOutputStream(file); while ((length = bais.read(buffer)) >= 0) { fos.write(buffer, 0, length); } IOUtils.closeQuietly(fos); } return output; }
From source file:org.signserver.client.cli.defaultimpl.KeyStoreOptions.java
private static void setDefaultSocketFactory(final KeyStore truststore, final KeyStore keystore, String keyAlias, char[] keystorePassword) throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException, UnrecoverableKeyException { final TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); tmf.init(truststore);//from w ww . j ava 2s. c o m final KeyManager[] keyManagers; if (keystore == null) { keyManagers = null; } else { if (keyAlias == null) { keyAlias = keystore.aliases().nextElement(); } final KeyManagerFactory kKeyManagerFactory = KeyManagerFactory.getInstance("SunX509"); kKeyManagerFactory.init(keystore, keystorePassword); keyManagers = kKeyManagerFactory.getKeyManagers(); for (int i = 0; i < keyManagers.length; i++) { if (keyManagers[i] instanceof X509KeyManager) { keyManagers[i] = new AliasKeyManager((X509KeyManager) keyManagers[i], keyAlias); } } } final SSLContext context = SSLContext.getInstance("TLS"); context.init(keyManagers, tmf.getTrustManagers(), new SecureRandom()); SSLSocketFactory factory = context.getSocketFactory(); HttpsURLConnection.setDefaultSSLSocketFactory(factory); }
From source file:org.roda.core.plugins.plugins.characterization.ODFSignatureUtils.java
public static Path runDigitalSignatureSign(Path input, String ks, String alias, String password, String fileFormat) throws IOException, GeneralSecurityException, DocumentException { Security.addProvider(new BouncyCastleProvider()); Path output = Files.createTempFile("odfsigned", "." + fileFormat); KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); try (InputStream storeStream = new FileInputStream(ks)) { keystore.load(storeStream, password.toCharArray()); X509Certificate certificate = (X509Certificate) keystore .getCertificate(keystore.aliases().nextElement()); Key key = keystore.getKey(alias, password.toCharArray()); try (ByteArrayInputStream bais = createSignature(input.toString(), certificate, key)) { File file = output.toFile(); if (file != null && bais != null) { byte[] buffer = new byte[2048]; int length = 0; try (FileOutputStream fos = new FileOutputStream(file)) { while ((length = bais.read(buffer)) >= 0) { fos.write(buffer, 0, length); }/*from w w w. j a v a 2 s . c om*/ } } } } return output; }
From source file:br.gov.serpro.cert.AuthSSLProtocolSocketFactory.java
private static KeyStore createKeyStore(final URL[] urls, final String[] passwords) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException { KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(null);/*from www. j ava 2 s. co m*/ if (urls == null) { throw new IllegalArgumentException("Keystore urls may not be null"); } if (passwords != null && passwords.length != urls.length) { throw new IllegalArgumentException("Urls and passwords arrays must have the same size"); } LOG.debug("Initializing key store"); for (int i = 0; i < urls.length; i++) { LOG.debug("Adding " + urls[i].toString() + " to internal keystore"); KeyStore ks = KeyStore.getInstance("jks"); InputStream is = null; try { is = urls[i].openStream(); if (passwords == null) { ks.load(is, null); } else { ks.load(is, passwords[i] != null ? passwords[i].toCharArray() : null); } for (Enumeration<String> e = ks.aliases(); e.hasMoreElements();) { X509Certificate cert = (X509Certificate) ks.getCertificate(e.nextElement()); keystore.setCertificateEntry(cert.getSubjectX500Principal().getName(), cert); } } catch (IOException e) { if (AuthSSLProtocolSocketFactory.setup.getParameter("debug").equalsIgnoreCase("true")) { System.out.println("Erro ao abrir URL: " + urls[i].toExternalForm()); } } finally { if (is != null) is.close(); } } return keystore; }
From source file:org.apache.ws.security.components.crypto.CryptoBase.java
protected static String createKeyStoreErrorMessage(KeyStore keystore) throws KeyStoreException { Enumeration aliases = keystore.aliases(); StringBuffer sb = new StringBuffer(keystore.size() * 7); boolean firstAlias = true; while (aliases.hasMoreElements()) { if (!firstAlias) { sb.append(", "); }/*from ww w .j a v a 2s. c om*/ sb.append(aliases.nextElement()); firstAlias = false; } String msg = " in keystore of type [" + keystore.getType() + "] from provider [" + keystore.getProvider() + "] with size [" + keystore.size() + "] and aliases: {" + sb.toString() + "}"; return msg; }