List of usage examples for java.security KeyStore getEntry
public final Entry getEntry(String alias, ProtectionParameter protParam) throws NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException
From source file:org.apache.juddi.v3.tck.TckBusiness.java
private <T> T signJAXBObject(T jaxbObj) { DOMResult domResult = new DOMResult(); JAXB.marshal(jaxbObj, domResult); Document doc = ((Document) domResult.getNode()); Element docElement = doc.getDocumentElement(); try {/* w w w. j a va2s . c o m*/ KeyStore ks = KeyStore.getInstance(SIGNATURE_KEYSTORE_TYPE); URL url = Thread.currentThread().getContextClassLoader().getResource(SIGNATURE_KEYSTORE); ks.load(url.openStream(), SIGNATURE_KEYSTORE_PASSWORD.toCharArray()); KeyStore.PrivateKeyEntry keyEntry = (KeyStore.PrivateKeyEntry) ks.getEntry(SIGNATURE_KEYSTORE_ALIAS, new KeyStore.PasswordProtection(SIGNATURE_KEYSTORE_PASSWORD.toCharArray())); PrivateKey privateKey = keyEntry.getPrivateKey(); Certificate origCert = keyEntry.getCertificate(); PublicKey validatingKey = origCert.getPublicKey(); TckSigningUtil.signDOM(docElement, privateKey, origCert); DOMSource domSource = new DOMSource(doc); T result = (T) JAXB.unmarshal(domSource, jaxbObj.getClass()); return result; } catch (Exception e) { throw new RuntimeException("Signature failure due to: " + e.getMessage(), e); } }
From source file:org.wso2.identity.integration.test.oauth2.OAuth2RequestObjectSignatureValidationTestCase.java
private void initServiceProviderKeys() throws Exception { KeyStore keyStore = KeyStore.getInstance("JKS"); String jksPath = TestConfigurationProvider.getResourceLocation("IS") + File.separator + "sp" + File.separator + "keystores" + File.separator + "sp1KeyStore.jks"; String jksPassword = "wso2carbon"; keyStore.load(new FileInputStream(jksPath), jksPassword.toCharArray()); String alias = "wso2carbon"; KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(alias, new KeyStore.PasswordProtection(jksPassword.toCharArray())); sp1PrivateKey = (RSAPrivateKey) pkEntry.getPrivateKey(); // Load certificate chain Certificate[] chain = keyStore.getCertificateChain(alias); sp1X509PublicCert = (X509Certificate) chain[0]; // Use another keystore to get sp2 private key. jksPath = TestConfigurationProvider.getResourceLocation("IS") + File.separator + "sp" + File.separator + "keystores" + File.separator + "sp2KeyStore.jks"; keyStore.load(new FileInputStream(jksPath), jksPassword.toCharArray()); pkEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(alias, new KeyStore.PasswordProtection(jksPassword.toCharArray())); sp2PrivateKey = (RSAPrivateKey) pkEntry.getPrivateKey(); }
From source file:eu.europa.esig.dss.token.Pkcs12SignatureToken.java
@Override public List<DSSPrivateKeyEntry> getKeys() throws DSSException { List<DSSPrivateKeyEntry> list = new ArrayList<DSSPrivateKeyEntry>(); InputStream input = null;/* w w w . j av a 2 s . c o m*/ try { KeyStore keyStore = KeyStore.getInstance("PKCS12"); if (pkcs12Data != null) { input = new ByteArrayInputStream(pkcs12Data); } else { input = new FileInputStream(pkcs12File); } keyStore.load(input, password); PasswordProtection pp = new KeyStore.PasswordProtection(password); Enumeration<String> aliases = keyStore.aliases(); while (aliases.hasMoreElements()) { String alias = aliases.nextElement(); if (keyStore.isKeyEntry(alias)) { PrivateKeyEntry entry = (PrivateKeyEntry) keyStore.getEntry(alias, pp); final KSPrivateKeyEntry privateKeyEntry = new KSPrivateKeyEntry(entry); list.add(privateKeyEntry); } } } catch (Exception e) { if (e.getCause() instanceof BadPaddingException) { throw new DSSBadPasswordException(MSG.PKCS12_BAD_PASSWORD); } throw new DSSException("Can't initialize Sun PKCS#12 security provider. Reason: " + e.getMessage(), e); } finally { IOUtils.closeQuietly(input); } return list; }
From source file:org.apache.cxf.ws.security.sts.provider.operation.IssueDelegate.java
private PrivateKeyEntry getKeyEntry(KeyStoreInfo keyStoreInfo) throws Exception { KeyStore ks = KeyStore.getInstance(JKS_INSTANCE); ByteArrayInputStream is = new ByteArrayInputStream(keyStoreInfo.getContent()); ks.load(is, keyStoreInfo.getStorePassword().toCharArray()); KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection( keyStoreInfo.getKeyPassword().toCharArray()); KeyStore.PrivateKeyEntry keyEntry = (KeyStore.PrivateKeyEntry) ks.getEntry(keyStoreInfo.getAlias(), passwordProtection);//from w w w . j av a2 s . c om return keyEntry; }
From source file:com.polyvi.xface.view.XWebViewClient.java
/** * android4.0???SSLContext Android 4.x/*from w ww . j av a2 s . c o m*/ * WebView???WebKit?ClientCertRequestHandler * ?jar/cer.jar? */ @TargetApi(14) public void onReceivedClientCertRequest(WebView view, ClientCertRequestHandler handler, String host_and_port) { try { KeyStore store = XSSLManager.getInstace().getKeyStore(); // ? if (store == null) { return; } PrivateKey privateKey = null; X509Certificate[] certificates = null; Enumeration<String> e = store.aliases(); while (e.hasMoreElements()) { String alias = e.nextElement(); if (store.isKeyEntry(alias)) { KeyStore.PrivateKeyEntry entry = (KeyStore.PrivateKeyEntry) store.getEntry(alias, null); privateKey = entry.getPrivateKey(); certificates = (X509Certificate[]) entry.getCertificateChain(); break; } } handler.proceed(privateKey, certificates); } catch (Exception e) { e.printStackTrace(); XLog.e(CLASS_NAME, e.getMessage()); } }
From source file:eu.europa.ec.markt.dss.signature.token.Pkcs12SignatureToken.java
@Override public List<DSSPrivateKeyEntry> getKeys() throws KeyStoreException { List<DSSPrivateKeyEntry> list = new ArrayList<DSSPrivateKeyEntry>(); InputStream input = null;/*from ww w .j a v a 2s . c om*/ try { KeyStore keyStore = KeyStore.getInstance("PKCS12"); if (pkcs12Data != null) { input = new ByteArrayInputStream(pkcs12Data); } else { input = new FileInputStream(pkcs12File); } keyStore.load(input, password); PasswordProtection pp = new KeyStore.PasswordProtection(password); Enumeration<String> aliases = keyStore.aliases(); while (aliases.hasMoreElements()) { String alias = aliases.nextElement(); if (keyStore.isKeyEntry(alias)) { PrivateKeyEntry entry = (PrivateKeyEntry) keyStore.getEntry(alias, pp); list.add(new KSPrivateKeyEntry(entry)); } } } catch (Exception e) { if (e.getCause() instanceof BadPaddingException) { throw new BadPasswordException(MSG.PKCS12_BAD_PASSWORD); } throw new KeyStoreException( "Can't initialize Sun PKCS#12 security provider. Reason: " + getCauseMessage(e), e); } finally { DSSUtils.closeQuietly(input); } return list; }
From source file:org.hyperic.hq.agent.server.AgentDListProvider.java
protected String getKeyvalsPass() throws KeyStoreException, IOException, NoSuchAlgorithmException, UnrecoverableEntryException { KeystoreConfig keystoreConfig = new AgentKeystoreConfig(); KeyStore keystore = KeystoreManager.getKeystoreManager().getKeyStore(keystoreConfig); KeyStore.Entry e = keystore.getEntry(keystoreConfig.getAlias(), new KeyStore.PasswordProtection(keystoreConfig.getFilePassword().toCharArray())); if (e == null) { throw new UnrecoverableEntryException("Encryptor password generation failure: No such alias"); }/*from w w w . j a v a 2 s . co m*/ // XXX scottmf - I'm a bit concerned about this. I tested the upgrade path on the agent on the new code with the // ByteBuffer and it doesn't work, the agent throws a org.jasypt.exceptions.EncryptionOperationNotPossibleException. // When I put back the old code with the replaceAll() everything works. //final String p = ((PrivateKeyEntry)e).getPrivateKey().toString(); //return p.replaceAll("[^a-zA-Z0-9]", "_"); byte[] pk = ((PrivateKeyEntry) e).getPrivateKey().getEncoded(); ByteBuffer encryptionKey = Charset.forName("US-ASCII").encode(ByteBuffer.wrap(pk).toString()); return encryptionKey.toString(); }
From source file:org.wso2.identity.integration.test.oauth2.OAuth2IDTokenEncryptionTestCase.java
/** * Initiate service provider keys required for the tests. * * @throws Exception/*w w w . ja va 2 s .c o m*/ */ private void initServiceProviderKeys() throws Exception { KeyStore keyStore = KeyStore.getInstance("JKS"); String jksPath = TestConfigurationProvider.getResourceLocation("IS") + File.separator + "sp" + File.separator + "keystores" + File.separator + "sp1KeyStore.jks"; String jksPassword = "wso2carbon"; keyStore.load(new FileInputStream(jksPath), jksPassword.toCharArray()); String alias = "wso2carbon"; KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(alias, new KeyStore.PasswordProtection(jksPassword.toCharArray())); spPrivateKey = (RSAPrivateKey) pkEntry.getPrivateKey(); // Load certificate chain Certificate[] chain = keyStore.getCertificateChain(alias); spX509PublicCert = (X509Certificate) chain[0]; }
From source file:nl.afas.cordova.plugin.secureLocalStorage.SecureLocalStorage.java
private SecretKey getSecretKey(KeyStore keyStore) throws NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IOException, ClassNotFoundException {// w ww . j a v a 2s.c om if (_key != null) { return _key; } KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore .getEntry(SECURELOCALSTORAGEALIAS, null); SecretKey key; FileInputStream fis = _cordova.getActivity().openFileInput(SECURELOCALSTORAGEKEY); try { Cipher output = Cipher.getInstance("RSA/ECB/PKCS1Padding"); output.init(Cipher.DECRYPT_MODE, privateKeyEntry.getPrivateKey()); CipherInputStream cipherInputStream = new CipherInputStream(fis, output); try { ObjectInputStream ois = new ObjectInputStream(cipherInputStream); key = (SecretKey) ois.readObject(); } finally { cipherInputStream.close(); } } finally { fis.close(); } // store key for the lifetime for the app _key = key; return key; }
From source file:org.apache.nifi.toolkit.tls.standalone.TlsToolkitStandaloneTest.java
private Properties checkHostDirAndReturnNifiProperties(String hostname, String dnPrefix, String dnSuffix, X509Certificate rootCert) throws Exception { File hostDir = new File(tempDir, hostname); Properties nifiProperties = new Properties(); try (InputStream inputStream = new FileInputStream( new File(hostDir, TlsToolkitStandalone.NIFI_PROPERTIES))) { nifiProperties.load(inputStream); }/*w w w .j a va 2s . com*/ String trustStoreType = nifiProperties.getProperty(NiFiProperties.SECURITY_TRUSTSTORE_TYPE); assertEquals(KeystoreType.JKS.toString().toLowerCase(), trustStoreType.toLowerCase()); KeyStore trustStore = KeyStoreUtils.getTrustStore(trustStoreType); try (InputStream inputStream = new FileInputStream(new File(hostDir, "truststore." + trustStoreType))) { trustStore.load(inputStream, nifiProperties.getProperty(NiFiProperties.SECURITY_TRUSTSTORE_PASSWD).toCharArray()); } String trustStoreFilename = BaseCommandLine.TRUSTSTORE + trustStoreType; assertEquals("./conf/" + trustStoreFilename, nifiProperties.getProperty(NiFiProperties.SECURITY_TRUSTSTORE)); Certificate certificate = trustStore.getCertificate(TlsToolkitStandalone.NIFI_CERT); assertEquals(rootCert, certificate); String keyStoreType = nifiProperties.getProperty(NiFiProperties.SECURITY_KEYSTORE_TYPE); String keyStoreFilename = BaseCommandLine.KEYSTORE + keyStoreType; File keyStoreFile = new File(hostDir, keyStoreFilename); assertEquals("./conf/" + keyStoreFilename, nifiProperties.getProperty(NiFiProperties.SECURITY_KEYSTORE)); KeyStore keyStore = KeyStoreUtils.getKeyStore(keyStoreType); char[] keyStorePassword = nifiProperties.getProperty(NiFiProperties.SECURITY_KEYSTORE_PASSWD).toCharArray(); try (InputStream inputStream = new FileInputStream(keyStoreFile)) { keyStore.load(inputStream, keyStorePassword); } char[] keyPassword = nifiProperties.getProperty(NiFiProperties.SECURITY_KEY_PASSWD).toCharArray(); if (keyPassword == null || keyPassword.length == 0) { keyPassword = keyStorePassword; } KeyStore.Entry entry = keyStore.getEntry(TlsToolkitStandalone.NIFI_KEY, new KeyStore.PasswordProtection(keyPassword)); assertEquals(KeyStore.PrivateKeyEntry.class, entry.getClass()); KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry; Certificate[] certificateChain = privateKeyEntry.getCertificateChain(); assertEquals(2, certificateChain.length); assertEquals(rootCert, certificateChain[1]); certificateChain[1].verify(rootCert.getPublicKey()); certificateChain[0].verify(rootCert.getPublicKey()); TlsConfig tlsConfig = new TlsConfig(); tlsConfig.setDnPrefix(dnPrefix); tlsConfig.setDnSuffix(dnSuffix); assertEquals(tlsConfig.calcDefaultDn(hostname), CertificateUtils .convertAbstractX509Certificate(certificateChain[0]).getSubjectX500Principal().getName()); TlsCertificateAuthorityTest.assertPrivateAndPublicKeyMatch(privateKeyEntry.getPrivateKey(), certificateChain[0].getPublicKey()); return nifiProperties; }