Example usage for java.security KeyStore store

List of usage examples for java.security KeyStore store

  1. HOME
  2. Java
  3. java
  4. java.security.*
  5. KeyStore
  6. store

Introduction

In this page you can find the example usage for java.security KeyStore store.

Prototype

public final void store(OutputStream stream, char[] password)
        throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException

Source Link

Document

Stores this keystore to the given output stream, and protects its integrity with the given password.

Usage

From source file:test.integ.be.agiv.security.IPSTSTest.java

private void persistKey(File pkcs12keyStore, PrivateKey privateKey, X509Certificate certificate,
        char[] keyStorePassword, char[] keyEntryPassword)
        throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
    KeyStore keyStore = KeyStore.getInstance("pkcs12");
    keyStore.load(null, keyStorePassword);
    keyStore.setKeyEntry("default", privateKey, keyEntryPassword, new Certificate[] { certificate });
    FileOutputStream keyStoreOut = new FileOutputStream(pkcs12keyStore);
    keyStore.store(keyStoreOut, keyStorePassword);
    keyStoreOut.close();//from   ww  w.j  ava  2  s.c o  m
}

From source file:nl.nikhef.eduroam.WiFiEduroam.java

@TargetApi(Build.VERSION_CODES.ICE_CREAM_SANDWICH)
// Step 3 for android 4.0 - 4.2
private void installClientCertificate() {
    try {/*from w  ww  . jav  a 2s  .  c  om*/
        updateStatus("Inputting client certificate.");

        // Parse the certificate that we got from the server
        CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
        InputStream in = new ByteArrayInputStream(
                Base64.decode(certificate.replaceAll("-----(BEGIN|END) CERTIFICATE-----", "")));
        X509Certificate cert = (X509Certificate) certFactory.generateCertificate(in);

        client_cert_name = ssid + " " + INT_CLIENT_CERT_NAME;

        // Create a pkcs12 certificate/private key combination
        Security.addProvider(new BouncyCastleProvider());
        KeyStore keystore = KeyStore.getInstance("PKCS12", "BC");
        keystore.load(null, null);
        Certificate chain[] = new Certificate[] { (Certificate) cert };
        keystore.setKeyEntry(client_cert_name, csr.getPrivate(), null, chain);

        ByteArrayOutputStream out = new ByteArrayOutputStream();
        keystore.store(out, ssid.toCharArray());
        out.flush();
        byte[] buffer = out.toByteArray();
        out.close();

        // Install the private key/client certificate combination
        Intent intent = KeyChain.createInstallIntent();
        intent.putExtra(KeyChain.EXTRA_NAME, ssid + " " + INT_CLIENT_CERT_NAME);
        intent.putExtra(KeyChain.EXTRA_PKCS12, buffer);
        startActivityForResult(intent, 3);
    } catch (CertificateException e) {
        e.printStackTrace();
        throw new RuntimeException("Certificate error.");
    } catch (KeyStoreException e) {
        e.printStackTrace();
        System.out.println(e.getMessage());
        throw new RuntimeException("Certificate error: KeyStore");
    } catch (NoSuchProviderException e) {
        e.printStackTrace();
        throw new RuntimeException("Certificate error: Provider");
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
        throw new RuntimeException("Certificate error: Algorithm");
    } catch (IOException e) {
        e.printStackTrace();
        throw new RuntimeException("Certificate error: IO");
    }
}

From source file:com.zacwolf.commons.crypto._CRYPTOfactory.java

public final void addCrypterToKeyStore(final File keyStoreFile, final char[] keystorepass, final String alias)
        throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException {
    final KeyStore ks = KeyStore.getInstance("JCEKS");
    final InputStream in = new FileInputStream(keyStoreFile);
    ks.load(in, keystorepass);/*  w ww.j  a  va2  s  .c o m*/
    in.close();
    addCrypterToKeyStore(ks, keystorepass, alias);
    final OutputStream out = new FileOutputStream(keyStoreFile);
    try {
        ks.store(out, keystorepass);
    } finally {
        out.close();
    }
}

From source file:org.apache.hadoop.yarn.server.resourcemanager.security.TestX509SecurityHandler.java

private void createTrustStore(String filename, String password, String alias, Certificate cert)
        throws GeneralSecurityException, IOException {
    KeyStore ks = KeyStore.getInstance("JKS");
    ks.load(null, null);//from w  w w. j a  v a2 s .  c om
    ks.setCertificateEntry(alias, cert);
    FileOutputStream out = new FileOutputStream(filename);
    try {
        ks.store(out, password.toCharArray());
    } finally {
        out.close();
    }
}

From source file:test.unit.be.fedict.eid.idp.protocol.openid.OpenIDSSLProtocolServiceTest.java

private void persistKey(File pkcs12keyStore, PrivateKey privateKey, X509Certificate certificate,
        char[] keyStorePassword, char[] keyEntryPassword) throws KeyStoreException, NoSuchAlgorithmException,
        CertificateException, IOException, NoSuchProviderException {
    KeyStore keyStore = KeyStore.getInstance("pkcs12", BouncyCastleProvider.PROVIDER_NAME);
    keyStore.load(null, keyStorePassword);
    keyStore.setKeyEntry("default", privateKey, keyEntryPassword, new Certificate[] { certificate });
    FileOutputStream keyStoreOut = new FileOutputStream(pkcs12keyStore);
    keyStore.store(keyStoreOut, keyStorePassword);
    keyStoreOut.close();//from   w  ww.j  a v a 2  s .co m
}

From source file:de.sub.goobi.helper.ldap.Ldap.java

private void loadCertificates(String path, String passwd) {
    /* wenn die Zertifikate noch nicht im Keystore sind, jetzt einlesen */
    File myPfad = new File(path);
    if (!myPfad.exists()) {
        try (FileOutputStream ksos = (FileOutputStream) serviceManager.getFileService().write(myPfad.toURI());
                // TODO: Rename parameters to something more meaningful,
                // this is quite specific for the GDZ
                FileInputStream cacertFile = new FileInputStream(ConfigCore.getParameter("ldap_cert_root"));
                FileInputStream certFile2 = new FileInputStream(ConfigCore.getParameter("ldap_cert_pdc"))) {

            CertificateFactory cf = CertificateFactory.getInstance("X.509");
            X509Certificate cacert = (X509Certificate) cf.generateCertificate(cacertFile);
            X509Certificate servercert = (X509Certificate) cf.generateCertificate(certFile2);

            KeyStore ks = KeyStore.getInstance("jks");
            char[] password = passwd.toCharArray();

            // TODO: Let this method really load a keystore if configured
            // initialize the keystore, if file is available, load the
            // keystore
            ks.load(null);/*from   w  w  w  .j ava  2 s . com*/

            ks.setCertificateEntry("ROOTCERT", cacert);
            ks.setCertificateEntry("PDC", servercert);
            ks.store(ksos, password);
        } catch (Exception e) {
            logger.error(e);
        }

    }
}

From source file:org.tolven.config.model.CredentialManager.java

private byte[] toByteArray(KeyStore keyStore, char[] password) throws IOException, GeneralSecurityException {
    ByteArrayOutputStream baos = null;
    try {/*from  www.ja  v a  2 s.  co  m*/
        baos = new ByteArrayOutputStream();
        keyStore.store(baos, password);
        byte[] byteArr = baos.toByteArray();
        return byteArr;
    } finally {
        if (baos != null)
            baos.close();
    }
}

From source file:org.xwiki.contrib.encryption.internal.DefaultEncryptionTool.java

/**
 * Store the encryption key./*from  w  w w .  j  a  va  2  s .  c o m*/
 * 
 * @param ks Keystore where the key should be stored
 */
private void storeEncryptionKey(KeyStore ks) {
    try {
        logger.debug("Start storing password");
        String storePassword = KEYSTORE_PASSWORD;
        String protection = ENCRYPTION_KEY_PROTECTION;
        SecretKeySpec key = generateRandomKey();
        logger.debug("Encryption key generated : " + key);
        KeyStore.SecretKeyEntry skEntry = new KeyStore.SecretKeyEntry(key);
        ks.setEntry("encryptionKey", skEntry, new KeyStore.PasswordProtection(protection.toCharArray()));
        File file = this.getEncryptionFile();
        if (!file.exists()) {
            file.createNewFile();
        }
        FileOutputStream fos = new FileOutputStream(file);
        ks.store(fos, storePassword.toCharArray());
        logger.debug("Finish storing encryption key");
    } catch (Exception e) {
        logger.warn("Exception encountered while trying to store the key : " + e.getMessage());
    }
}

From source file:org.kitodo.services.data.LdapServerService.java

private void loadCertificates(String path, String passwd, LdapServer ldapServer) {
    /* wenn die Zertifikate noch nicht im Keystore sind, jetzt einlesen */
    File myPfad = new File(path);
    if (!myPfad.exists()) {
        try (FileOutputStream ksos = (FileOutputStream) serviceManager.getFileService().write(myPfad.toURI());
                // TODO: Rename parameters to something more meaningful,
                // this is quite specific for the GDZ
                FileInputStream cacertFile = new FileInputStream(ldapServer.getRootCertificate());
                FileInputStream certFile2 = new FileInputStream(ldapServer.getPdcCertificate())) {

            CertificateFactory cf = CertificateFactory.getInstance("X.509");
            X509Certificate cacert = (X509Certificate) cf.generateCertificate(cacertFile);
            X509Certificate servercert = (X509Certificate) cf.generateCertificate(certFile2);

            KeyStore ks = KeyStore.getInstance("jks");
            char[] password = passwd.toCharArray();

            // TODO: Let this method really load a keystore if configured
            // initialize the keystore, if file is available, load the
            // keystore
            ks.load(null);//w w  w  . jav a 2s.  c om

            ks.setCertificateEntry("ROOTCERT", cacert);
            ks.setCertificateEntry("PDC", servercert);
            ks.store(ksos, password);
        } catch (IOException | CertificateException | KeyStoreException | NoSuchAlgorithmException
                | RuntimeException e) {
            logger.error(e.getMessage(), e);
        }

    }
}

From source file:org.kitodo.production.services.data.LdapServerService.java

private void loadCertificates(String path, String passwd, LdapServer ldapServer) {
    /* wenn die Zertifikate noch nicht im Keystore sind, jetzt einlesen */
    File myPfad = new File(path);
    if (!myPfad.exists()) {
        try (FileOutputStream ksos = (FileOutputStream) ServiceManager.getFileService().write(myPfad.toURI());
                // TODO: Rename parameters to something more meaningful,
                // this is quite specific for the GDZ
                FileInputStream cacertFile = new FileInputStream(ldapServer.getRootCertificate());
                FileInputStream certFile2 = new FileInputStream(ldapServer.getPdcCertificate())) {

            CertificateFactory cf = CertificateFactory.getInstance("X.509");
            X509Certificate cacert = (X509Certificate) cf.generateCertificate(cacertFile);
            X509Certificate servercert = (X509Certificate) cf.generateCertificate(certFile2);

            KeyStore ks = KeyStore.getInstance("jks");
            char[] password = passwd.toCharArray();

            // TODO: Let this method really load a keystore if configured
            // initialize the keystore, if file is available, load the
            // keystore
            ks.load(null);/*w w  w .  ja  va  2  s .  c o  m*/

            ks.setCertificateEntry("ROOTCERT", cacert);
            ks.setCertificateEntry("PDC", servercert);
            ks.store(ksos, password);
        } catch (IOException | CertificateException | KeyStoreException | NoSuchAlgorithmException
                | RuntimeException e) {
            logger.error(e.getMessage(), e);
        }

    }
}