List of usage examples for java.security KeyStore aliases
public final Enumeration<String> aliases() throws KeyStoreException
From source file:org.eclipse.gyrex.http.jetty.internal.admin.CertificateDefinition.java
@Override public String getInfo() { try {/* w w w . jav a 2s . c o m*/ final StrBuilder certInfo = new StrBuilder(); final KeyStore ks = getKeyStore(); final Enumeration aliases = ks.aliases(); while (aliases.hasMoreElements()) { final String alias = (String) aliases.nextElement(); if (!certInfo.isEmpty()) { certInfo.append(", "); } // certInfo.append(alias).append(": "); if (ks.isKeyEntry(alias)) { Certificate[] chain = ks.getCertificateChain(alias); if (null == chain) { final Certificate certificate = ks.getCertificate(alias); chain = new Certificate[] { certificate }; } for (int i = 0; i < chain.length; i++) { if (i > 0) { certInfo.append(" "); } final Certificate certificate = chain[i]; if (certificate instanceof X509Certificate) { final X509Certificate x509 = (X509Certificate) certificate; final X500PrincipalHelper helper = new X500PrincipalHelper( x509.getSubjectX500Principal()); certInfo.append(helper.getCN()); certInfo.append(", valid till ").append(TO_STRING_FORMAT.format(x509.getNotAfter())); } else { certInfo.append("INVALID"); } } } else { certInfo.append("IGNORED"); } } return StringUtils.trim(certInfo.toString()); } catch (final Exception e) { return ExceptionUtils.getRootCauseMessage(e); } }
From source file:com.netscape.cmstools.pkcs11.PKCS11KeyFindCLI.java
public void execute(String[] args) throws Exception { CommandLine cmd = parser.parse(options, args); if (cmd.hasOption("help")) { printHelp();/*ww w.ja va 2 s. c o m*/ return; } if (cmd.hasOption("verbose")) { PKILogger.setLevel(PKILogger.Level.INFO); } else if (cmd.hasOption("debug")) { PKILogger.setLevel(PKILogger.Level.DEBUG); } String tokenName = getConfig().getTokenName(); CryptoToken token = CryptoUtil.getKeyStorageToken(tokenName); KeyStore ks = KeyStore.getInstance("pkcs11"); ks.load(new JSSLoadStoreParameter(token)); Enumeration<String> aliases = ks.aliases(); boolean first = true; while (aliases.hasMoreElements()) { String alias = aliases.nextElement(); if (ks.isCertificateEntry(alias)) { continue; } Key key = ks.getKey(alias, null); if (key == null) { continue; } if (first) { first = false; } else { System.out.println(); } PKCS11KeyCLI.printKeyInfo(alias, key); } }
From source file:test.integ.be.fedict.trust.ECCTest.java
/** * The CRL of the Entrust Demo ECC CA does not exist online. * //from w ww .j a va2s .c o m * @throws Exception */ @Test public void testEntrustDemoECCPKI() throws Exception { CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); X509Certificate rootCertificate = (X509Certificate) certificateFactory .generateCertificate(ECCTest.class.getResourceAsStream("/ecc/root.cer")); LOG.debug("Root CA: " + rootCertificate); KeyStore keyStore = KeyStore.getInstance("PKCS12"); keyStore.load(ECCTest.class.getResourceAsStream("/ecc/www.e-contract.be.p12"), "EntrustSSL".toCharArray()); String alias = keyStore.aliases().nextElement(); Certificate[] certificates = keyStore.getCertificateChain(alias); for (Certificate certificate : certificates) { LOG.debug("Certificate: " + certificate); } MemoryCertificateRepository repository = new MemoryCertificateRepository(); repository.addTrustPoint(rootCertificate); TrustValidator trustValidator = new TrustValidator(repository); TrustValidatorDecorator trustValidatorDecorator = new TrustValidatorDecorator(); trustValidatorDecorator.addDefaultTrustLinkerConfig(trustValidator); trustValidator.isTrusted(certificates); }
From source file:test.integ.be.fedict.hsm.PKCS11Test.java
@Test public void testEToken() throws Exception { File tmpConfigFile = File.createTempFile("pkcs11-", ".conf"); tmpConfigFile.deleteOnExit();//from w w w .j a v a 2 s .c o m PrintWriter configWriter = new PrintWriter(new FileOutputStream(tmpConfigFile)); configWriter.println("name=test"); configWriter.println("library=/usr/lib/libeTPkcs11.so"); configWriter.println("slotListIndex=0"); configWriter.close(); SunPKCS11 sunPKCS11 = new SunPKCS11(tmpConfigFile.getAbsolutePath()); Security.addProvider(sunPKCS11); Security.removeProvider(sunPKCS11.getName()); sunPKCS11 = new SunPKCS11(tmpConfigFile.getAbsolutePath()); Security.addProvider(sunPKCS11); Security.removeProvider(sunPKCS11.getName()); sunPKCS11 = new SunPKCS11(tmpConfigFile.getAbsolutePath()); Security.addProvider(sunPKCS11); Security.removeProvider(sunPKCS11.getName()); sunPKCS11 = new SunPKCS11(tmpConfigFile.getAbsolutePath()); Security.addProvider(sunPKCS11); Security.removeProvider(sunPKCS11.getName()); sunPKCS11 = new SunPKCS11(tmpConfigFile.getAbsolutePath()); Security.addProvider(sunPKCS11); KeyStore keyStore = KeyStore.getInstance("PKCS11", sunPKCS11); keyStore.load(null, "HSMProxy1234".toCharArray()); Enumeration<String> aliasesEnum = keyStore.aliases(); String alias = aliasesEnum.nextElement(); PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias, "HSMProxy1234".toCharArray()); final int TEST_COUNT = 50; int count = TEST_COUNT; while (count > 0) { Signature signature = Signature.getInstance("SHA1withRSA"); signature.initSign(privateKey); signature.update("to be signed".getBytes()); signature.sign(); count--; } }
From source file:KeystoreGeneratorTest.java
@Test public void test() throws Exception { File dir = null;// w w w.ja v a 2s. c o m FileInputStream fis = null; try { dir = Files.createTempDir(); File keystoreFile = new File(dir, KEYSTORE_NAME); String config = GSON.toJson(ImmutableMap.builder().put("password", KEYSTORE_PASSWORD) .put("entries", ImmutableList.builder() .add(ImmutableMap.builder().put("label", "rsatest1").put("algorithm", "SHA256WithRSA") .put("keyAlgorithm", "RSA").put("rsaKeySize", "2048").build()) .add(ImmutableMap.builder().put("label", "ecdsatest1") .put("algorithm", "SHA256WithECDSA").put("keyAlgorithm", "ECDSA") .put("ecdsaNamedCurve", "secp192r1").build()) .add(ImmutableMap.builder().put("label", "ecdsatest2") .put("algorithm", "SHA256WithECDSA").put("keyAlgorithm", "ECDSA") .put("ecdsaNamedCurve", "secp256r1").build()) .build()) .build()); // generate KeyStore store = new KeystoreGenerator().generate(GSON.fromJson(config, KeystoreConfig.class)); // write to disk try (FileOutputStream out = new FileOutputStream(keystoreFile)) { store.store(out, KEYSTORE_PASSWORD.toCharArray()); } // load fis = new FileInputStream(keystoreFile); KeyStore ks = KeyStore.getInstance("PKCS12", "SunJSSE"); ks.load(fis, KEYSTORE_PASSWORD.toCharArray()); Enumeration<String> aliases = ks.aliases(); while (aliases.hasMoreElements()) { String al = aliases.nextElement(); System.out.println("Label: [" + al + "]"); X509Certificate cert = (X509Certificate) ks.getCertificate(al); System.out.println(" Algorithm: [" + cert.getSigAlgName() + "]"); PublicKey key = cert.getPublicKey(); if (key instanceof ECKey) { ECKey eckey = (ECKey) key; ECParameterSpec spec = eckey.getParams(); System.out.println(" EC spec: [" + spec + "]"); } } } finally { closeQuietly(fis); FileUtils.deleteDirectory(dir); } }
From source file:test.integ.be.agiv.security.Config.java
public Config() throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, NoSuchProviderException { Properties properties = new Properties(); properties.load(Config.class.getResourceAsStream("/agiv.properties")); this.username = properties.getProperty("username"); this.password = properties.getProperty("password"); this.pkcs12Path = properties.getProperty("pkcs12.path"); this.pkcs12Password = properties.getProperty("pkcs12.password"); Provider[] providers = Security.getProviders(); for (Provider provider : providers) { LOG.debug("security provider: " + provider.getName()); }/* w ww . j av a 2s .com*/ if (null != this.pkcs12Path) { InputStream pkcs12InputStream = new FileInputStream(pkcs12Path); KeyStore keyStore = KeyStore.getInstance("PKCS12", "SunJSSE"); keyStore.load(pkcs12InputStream, pkcs12Password.toCharArray()); Enumeration<String> aliases = keyStore.aliases(); String alias = aliases.nextElement(); this.certificate = (X509Certificate) keyStore.getCertificate(alias); this.privateKey = (PrivateKey) keyStore.getKey(alias, this.pkcs12Password.toCharArray()); } else { this.certificate = null; this.privateKey = null; } }
From source file:org.lockss.util.TestKeyStoreUtil.java
public void testDefaults() throws Exception { Properties p = initProps();/* w ww .j a va2 s . c o m*/ KeyStore ks = KeyStoreUtil.createKeyStore(p); List aliases = ListUtil.fromIterator(new EnumerationIterator(ks.aliases())); assertIsomorphic(SetUtil.set("mykey", "mycert"), SetUtil.theSet(aliases)); assertNotNull(ks.getCertificate("mycert")); assertNull(ks.getCertificate("foocert")); assertEquals("JCEKS", ks.getType()); }
From source file:org.lockss.util.TestKeyStoreUtil.java
void assertPubKs(File file, String pass, List<String> hosts) throws Exception { KeyStore ks = loadKeyStore("jceks", file, pass); List aliases = ListUtil.fromIterator(new EnumerationIterator(ks.aliases())); assertEquals(hosts.size(), aliases.size()); for (String host : hosts) { String alias = host + ".crt"; Certificate cert = ks.getCertificate(alias); assertNotNull(cert);/* w w w. j av a 2 s .c om*/ assertEquals("X.509", cert.getType()); } }
From source file:org.lockss.util.TestKeyStoreUtil.java
void assertPrivateKs(File file, String pass, String alias) throws Exception { KeyStore ks = loadKeyStore("jceks", file, alias); List aliases = ListUtil.fromIterator(new EnumerationIterator(ks.aliases())); assertEquals(2, aliases.size());//w w w . ja v a2 s. c om Certificate cert = ks.getCertificate(alias + ".crt"); assertNotNull(cert); assertEquals("X.509", cert.getType()); assertTrue(ks.isKeyEntry(alias + ".key")); assertTrue(ks.isCertificateEntry(alias + ".crt")); Key key = ks.getKey(alias + ".key", pass.toCharArray()); assertNotNull(key); assertEquals("RSA", key.getAlgorithm()); }
From source file:org.apache.directory.studio.connection.core.io.StudioTrustManager.java
private X509TrustManager getTrustManager(KeyStore trustStore) throws CertificateException { try {/*from w w w . j av a2s . com*/ Enumeration<String> aliases = trustStore.aliases(); if (aliases.hasMoreElements()) { TrustManagerFactory factory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); factory.init(trustStore); TrustManager[] permanentTrustManagers = factory.getTrustManagers(); TrustManager permanentTrustManager = permanentTrustManagers[0]; return (X509TrustManager) permanentTrustManager; } } catch (Exception e) { throw new CertificateException(Messages.StudioTrustManager_CantCreateTrustManager, e); } return null; }