Java Code Examples for java.security.KeyStore.aliases()

The following are Jave code examples for showing how to use aliases() of the java.security.KeyStore class. You can vote up the examples you like. Your votes will be used in our system to get more good examples.
+ Save this method
Example 1
Project: nutz-pay   File: CertUtil.java   View Source Code Vote up 7 votes
/**
 * 通过keystore获取私钥证书的certId值
 * @param keyStore
 * @return
 */
private static String getCertIdIdByStore(KeyStore keyStore) {
	Enumeration<String> aliasenum = null;
	try {
		aliasenum = keyStore.aliases();
		String keyAlias = null;
		if (aliasenum.hasMoreElements()) {
			keyAlias = aliasenum.nextElement();
		}
		X509Certificate cert = (X509Certificate) keyStore
				.getCertificate(keyAlias);
		return cert.getSerialNumber().toString();
	} catch (KeyStoreException e) {
		log.error("getCertIdIdByStore Error", e);
		return null;
	}
}
 
Example 2
Project: jetfuel   File: X509CertificateWithKey.java   View Source Code Vote up 6 votes
public void loadPfx(InputStream is, String password)
		throws NoSuchAlgorithmException,
			CertificateException,
			IOException,
			KeyStoreException,
			UnrecoverableEntryException {

	char[] pwd = password.toCharArray();
	KeyStore keyStore = KeyStore.getInstance("pkcs12");
	keyStore.load(is, pwd);
	PasswordProtection passwordProtection = new KeyStore.PasswordProtection(pwd);

	for (Enumeration<String> aliases = keyStore.aliases(); aliases.hasMoreElements();) {
		String alias = aliases.nextElement();
		KeyStore.PrivateKeyEntry entry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(alias, passwordProtection);
		Certificate cert = entry.getCertificate();
		if (cert.getType().equals("X.509")) {
			this.certificate = (X509Certificate) cert;
			this.privateKey = entry.getPrivateKey();
			return;
		}
	}
	throw new RuntimeException("Certificate of type X.509 was not found.");

}
 
Example 3
Project: jdk8u-jdk   File: PKIXParameters.java   View Source Code Vote up 6 votes
/**
 * Creates an instance of {@code PKIXParameters} that
 * populates the set of most-trusted CAs from the trusted
 * certificate entries contained in the specified {@code KeyStore}.
 * Only keystore entries that contain trusted {@code X509Certificates}
 * are considered; all other certificate types are ignored.
 *
 * @param keystore a {@code KeyStore} from which the set of
 * most-trusted CAs will be populated
 * @throws KeyStoreException if the keystore has not been initialized
 * @throws InvalidAlgorithmParameterException if the keystore does
 * not contain at least one trusted certificate entry
 * @throws NullPointerException if the keystore is {@code null}
 */
public PKIXParameters(KeyStore keystore)
    throws KeyStoreException, InvalidAlgorithmParameterException
{
    if (keystore == null)
        throw new NullPointerException("the keystore parameter must be " +
            "non-null");
    Set<TrustAnchor> hashSet = new HashSet<TrustAnchor>();
    Enumeration<String> aliases = keystore.aliases();
    while (aliases.hasMoreElements()) {
        String alias = aliases.nextElement();
        if (keystore.isCertificateEntry(alias)) {
            Certificate cert = keystore.getCertificate(alias);
            if (cert instanceof X509Certificate)
                hashSet.add(new TrustAnchor((X509Certificate)cert, null));
        }
    }
    setTrustAnchors(hashSet);
    this.unmodInitialPolicies = Collections.<String>emptySet();
    this.certPathCheckers = new ArrayList<PKIXCertPathChecker>();
    this.certStores = new ArrayList<CertStore>();
}
 
Example 4
Project: OpenJSharp   File: Main.java   View Source Code Vote up 6 votes
/**
 * Stores the (leaf) certificates of a keystore in a hashtable.
 * All certs belonging to the same CA are stored in a vector that
 * in turn is stored in the hashtable, keyed by the CA's subject DN
 */
private void keystorecerts2Hashtable(KeyStore ks,
            Hashtable<Principal, Vector<Certificate>> hash)
    throws Exception {

    for (Enumeration<String> aliases = ks.aliases();
                                    aliases.hasMoreElements(); ) {
        String alias = aliases.nextElement();
        Certificate cert = ks.getCertificate(alias);
        if (cert != null) {
            Principal subjectDN = ((X509Certificate)cert).getSubjectDN();
            Vector<Certificate> vec = hash.get(subjectDN);
            if (vec == null) {
                vec = new Vector<Certificate>();
                vec.addElement(cert);
            } else {
                if (!vec.contains(cert)) {
                    vec.addElement(cert);
                }
            }
            hash.put(subjectDN, vec);
        }
    }
}
 
Example 5
Project: xitk   File: P12CertExportCmd.java   View Source Code Vote up 6 votes
@Override
protected Object execute0() throws Exception {
    KeyStore ks = getKeyStore();

    String keyname = null;
    Enumeration<String> aliases = ks.aliases();
    while (aliases.hasMoreElements()) {
        String alias = aliases.nextElement();
        if (ks.isKeyEntry(alias)) {
            keyname = alias;
            break;
        }
    }

    if (keyname == null) {
        throw new CmdFailure("could not find private key");
    }

    X509Certificate cert = (X509Certificate) ks.getCertificate(keyname);
    saveVerbose("saved certificate to file", new File(outFile), cert.getEncoded());

    return null;
}
 
Example 6
Project: OpenJSharp   File: Main.java   View Source Code Vote up 6 votes
/**
 * Locates a signer for a given certificate from a given keystore and
 * returns the signer's certificate.
 * @param cert the certificate whose signer is searched, not null
 * @param ks the keystore to search with, not null
 * @return <code>cert</code> itself if it's already inside <code>ks</code>,
 * or a certificate inside <code>ks</code> who signs <code>cert</code>,
 * or null otherwise.
 */
private static Certificate getTrustedSigner(Certificate cert, KeyStore ks)
        throws Exception {
    if (ks.getCertificateAlias(cert) != null) {
        return cert;
    }
    for (Enumeration<String> aliases = ks.aliases();
            aliases.hasMoreElements(); ) {
        String name = aliases.nextElement();
        Certificate trustedCert = ks.getCertificate(name);
        if (trustedCert != null) {
            try {
                cert.verify(trustedCert.getPublicKey());
                return trustedCert;
            } catch (Exception e) {
                // Not verified, skip to the next one
            }
        }
    }
    return null;
}
 
Example 7
Project: RISE-V2G   File: SecurityUtils.java   View Source Code Vote up 6 votes
/**
 * Iterates over the certificates stored in the truststore to verify the signature of the provided certificate
 * 
 * @param trustStoreFilename The relative path and file name of the truststore
 * @param certificate The certificate whose signature needs to be signed
 * @return True, if the provided certificate has been signed by one of the certificates in the 
 * 		   truststore, false otherwise
 */
public static boolean verifySignature(X509Certificate certificate, String trustStoreFilename) {
	KeyStore trustStore = SecurityUtils.getTrustStore(trustStoreFilename, GlobalValues.PASSPHRASE_FOR_CERTIFICATES_AND_KEYS.toString());
	X500Principal expectedIssuer = certificate.getIssuerX500Principal();
	
	try {
		Enumeration<String> aliases = trustStore.aliases();
		while (aliases.hasMoreElements()) {
			X509Certificate rootCA = (X509Certificate) trustStore.getCertificate(aliases.nextElement());
			if (rootCA.getSubjectX500Principal().getName().equals(expectedIssuer.getName()) &&
				verifySignature(certificate, rootCA)) return true;
		}
	} catch (KeyStoreException | NullPointerException e) {
		getLogger().error(e.getClass().getSimpleName() + " occurred while trying to verify trust " +
						  "status of certificate with distinguished name '" + 
						  certificate.getSubjectX500Principal().getName() + "' with truststore at " +
						  "location '" + trustStoreFilename + "'", e);
	}
	
	return false;
}
 
Example 8
Project: smart-id-java-client   File: AuthenticationResponseValidator.java   View Source Code Vote up 6 votes
private void initializeTrustedCACertificatesFromKeyStore() {
  try {
    InputStream is = AuthenticationResponseValidator.class.getResourceAsStream("/trusted_certificates.jks");
    KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
    keystore.load(is, "changeit".toCharArray());
    Enumeration<String> aliases = keystore.aliases();
    while (aliases.hasMoreElements()) {
      String alias = aliases.nextElement();
      X509Certificate certificate = (X509Certificate) keystore.getCertificate(alias);
      addTrustedCACertificate(certificate);
    }
  } catch (IOException | CertificateException | KeyStoreException | NoSuchAlgorithmException e) {
    logger.error("Error initializing trusted CA certificates", e);
    throw new TechnicalErrorException("Error initializing trusted CA certificates", e);
  }
}
 
Example 9
Project: jdk8u-jdk   File: IterateWindowsRootStore.java   View Source Code Vote up 6 votes
public static void main(String[] args) throws Exception {
    // Try to register a JCE provider from property sun.security.mscapi.testprovider in the first slot
    // otherwise register a dummy provider which would provoke the issue of bug 8139436
    boolean providerPrepended = false;
    String testprovider = System.getProperty("sun.security.mscapi.testprovider");
    if (testprovider != null && !testprovider.isEmpty()) {
        try {
            System.out.println("Trying to prepend external JCE provider " + testprovider);
            Class<?> providerclass = Class.forName(testprovider);
            Object provider = providerclass.newInstance();
            Security.insertProviderAt((Provider)provider, 1);
        } catch (Exception e) {
            System.out.println("Could not load JCE provider " + testprovider +". Exception is:");
            e.printStackTrace(System.out);
        }
        providerPrepended = true;
        System.out.println("Sucessfully prepended JCE provider " + testprovider);
    }
    if (!providerPrepended) {
        System.out.println("Trying to prepend dummy JCE provider");
        Security.insertProviderAt(new TestProvider(), 1);
        System.out.println("Sucessfully prepended dummy JCE provider");
    }

    // load Windows-ROOT KeyStore
    KeyStore keyStore = KeyStore.getInstance("Windows-ROOT", "SunMSCAPI");
    keyStore.load(null, null);

    // iterate KeyStore
    Enumeration<String> aliases = keyStore.aliases();
    while (aliases.hasMoreElements()) {
        String alias = aliases.nextElement();
        System.out.print("Reading certificate for alias: " + alias + "...");
        keyStore.getCertificate(alias);
        System.out.println(" done.");
    }
}
 
Example 10
Project: openjdk-jdk10   File: Main.java   View Source Code Vote up 5 votes
/**
 * Stores the (leaf) certificates of a keystore in a hashtable.
 * All certs belonging to the same CA are stored in a vector that
 * in turn is stored in the hashtable, keyed by the CA's subject DN.
 * Each cert comes with a string label that shows its origin and alias.
 */
private void keystorecerts2Hashtable(KeyStore ks,
            Hashtable<Principal, Vector<Pair<String,X509Certificate>>> hash)
    throws Exception {

    for (Enumeration<String> aliases = ks.aliases();
                                    aliases.hasMoreElements(); ) {
        String alias = aliases.nextElement();
        Certificate cert = ks.getCertificate(alias);
        if (cert != null) {
            Principal subjectDN = ((X509Certificate)cert).getSubjectDN();
            Pair<String,X509Certificate> pair = new Pair<>(
                    String.format(
                            rb.getString(ks == caks ?
                                    "alias.in.cacerts" :
                                    "alias.in.keystore"),
                            alias),
                    (X509Certificate)cert);
            Vector<Pair<String,X509Certificate>> vec = hash.get(subjectDN);
            if (vec == null) {
                vec = new Vector<>();
                vec.addElement(pair);
            } else {
                if (!vec.contains(pair)) {
                    vec.addElement(pair);
                }
            }
            hash.put(subjectDN, vec);
        }
    }
}
 
Example 11
Project: jdk8u-jdk   File: KeyStoreResolver.java   View Source Code Vote up 5 votes
/**
 * Constructor KeyStoreResolver
 *
 * @param keyStore is the keystore which contains the Certificates
 * @throws StorageResolverException
 */
public KeyStoreResolver(KeyStore keyStore) throws StorageResolverException {
    this.keyStore = keyStore;
    // Do a quick check on the keystore
    try {
        keyStore.aliases();
    } catch (KeyStoreException ex) {
        throw new StorageResolverException("generic.EmptyMessage", ex);
    }
}
 
Example 12
Project: xitk   File: SoftTokenMacContentSignerBuilder.java   View Source Code Vote up 5 votes
public SoftTokenMacContentSignerBuilder(String keystoreType, InputStream keystoreStream,
        char[] keystorePassword, String keyname, char[] keyPassword)
        throws XiSecurityException {
    if (!"JCEKS".equalsIgnoreCase(keystoreType)) {
        throw new IllegalArgumentException("unsupported keystore type: " + keystoreType);
    }
    ParamUtil.requireNonNull("keystoreStream", keystoreStream);
    ParamUtil.requireNonNull("keystorePassword", keystorePassword);
    ParamUtil.requireNonNull("keyPassword", keyPassword);

    try {
        KeyStore ks = KeyUtil.getKeyStore(keystoreType);
        ks.load(keystoreStream, keystorePassword);

        String tmpKeyname = keyname;
        if (tmpKeyname == null) {
            Enumeration<String> aliases = ks.aliases();
            while (aliases.hasMoreElements()) {
                String alias = aliases.nextElement();
                if (ks.isKeyEntry(alias)) {
                    tmpKeyname = alias;
                    break;
                }
            }
        } else {
            if (!ks.isKeyEntry(tmpKeyname)) {
                throw new XiSecurityException("unknown key named " + tmpKeyname);
            }
        }

        this.key = (SecretKey) ks.getKey(tmpKeyname, keyPassword);
    } catch (KeyStoreException | NoSuchProviderException | NoSuchAlgorithmException
            | CertificateException | IOException | UnrecoverableKeyException
            | ClassCastException ex) {
        throw new XiSecurityException(ex.getMessage(), ex);
    }
}
 
Example 13
Project: xitk   File: P12CertUpdateCmd.java   View Source Code Vote up 5 votes
@Override
protected Object execute0() throws Exception {
    KeyStore ks = getKeyStore();

    char[] pwd = getPassword();
    X509Certificate newCert = X509Util.parseCert(certFile);

    assertMatch(newCert, new String(pwd));

    String keyname = null;
    Enumeration<String> aliases = ks.aliases();
    while (aliases.hasMoreElements()) {
        String alias = aliases.nextElement();
        if (ks.isKeyEntry(alias)) {
            keyname = alias;
            break;
        }
    }

    if (keyname == null) {
        throw new XiSecurityException("could not find private key");
    }

    Key key = ks.getKey(keyname, pwd);
    Set<X509Certificate> caCerts = new HashSet<>();
    if (isNotEmpty(caCertFiles)) {
        for (String caCertFile : caCertFiles) {
            caCerts.add(X509Util.parseCert(caCertFile));
        }
    }
    X509Certificate[] certChain = X509Util.buildCertPath(newCert, caCerts);
    ks.setKeyEntry(keyname, key, pwd, certChain);

    try (FileOutputStream out = new FileOutputStream(p12File)) {
        ks.store(out, pwd);
        println("updated certificate");
        return null;
    }
}
 
Example 14
Project: jdk8u-jdk   File: AnchorCertificates.java   View Source Code Vote up 5 votes
@Override
public Void run() {
    File f = new File(System.getProperty("java.home"),
            "lib/security/cacerts");
    KeyStore cacerts;
    try {
        cacerts = KeyStore.getInstance("JKS");
        try (FileInputStream fis = new FileInputStream(f)) {
            cacerts.load(fis, null);
            certs = new HashSet<>();
            Enumeration<String> list = cacerts.aliases();
            String alias;
            while (list.hasMoreElements()) {
                alias = list.nextElement();
                // Check if this cert is labeled a trust anchor.
                if (alias.contains(" [jdk")) {
                    X509Certificate cert = (X509Certificate) cacerts
                            .getCertificate(alias);
                    certs.add(X509CertImpl.getFingerprint(HASH, cert));
                }
            }
        }
    } catch (Exception e) {
        if (debug != null) {
            debug.println("Error parsing cacerts");
        }
        e.printStackTrace();
    }
    return null;
}
 
Example 15
Project: ideal   File: KeyStoreTarget2.java   View Source Code Vote up 5 votes
public static void main(String... args)
    throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
  KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
  ks.aliases();
}
 
Example 16
Project: xitk   File: ImportCertCmd.java   View Source Code Vote up 5 votes
@Override
protected Object execute0() throws Exception {
    File realKsFile = new File(IoUtil.expandFilepath(ksFile));
    KeyStore ks = KeyStore.getInstance(ksType);
    char[] password = readPasswordIfNotSet(ksPwd);

    Set<String> aliases = new HashSet<>(10);
    if (realKsFile.exists()) {
        FileInputStream inStream = new FileInputStream(realKsFile);
        try {
            ks.load(inStream, password);
        } finally {
            inStream.close();
        }

        Enumeration<String> strs = ks.aliases();
        while (strs.hasMoreElements()) {
            aliases.add(strs.nextElement());
        }
    } else {
        ks.load(null);
    }

    for (String certFile : certFiles) {
        X509Certificate cert = X509Util.parseCert(certFile);
        String baseAlias = X509Util.getCommonName(cert.getSubjectX500Principal());
        String alias = baseAlias;
        int idx = 2;
        while (aliases.contains(alias)) {
            alias = baseAlias + "-" + (idx++);
        }
        ks.setCertificateEntry(alias, cert);
        aliases.add(alias);
    }

    ByteArrayOutputStream bout = new ByteArrayOutputStream(4096);
    ks.store(bout, password);
    saveVerbose("saved keystore to file", realKsFile, bout.toByteArray());
    return null;
}
 
Example 17
Project: xitk   File: ConvertKeystoreCmd.java   View Source Code Vote up 5 votes
@Override
protected Object execute0() throws Exception {
    File realInFile = new File(IoUtil.expandFilepath(inFile));
    File realOutFile = new File(IoUtil.expandFilepath(outFile));

    if (CompareUtil.equalsObject(realInFile, realOutFile)) {
        throw new IllegalCmdParamException("in and out cannot be the same");
    }

    KeyStore inKs = KeyStore.getInstance(inType);
    KeyStore outKs = KeyStore.getInstance(outType);
    outKs.load(null);

    char[] inPassword = readPasswordIfNotSet("password of the source keystore", inPwd);
    FileInputStream inStream = new FileInputStream(realInFile);
    try {
        inKs.load(inStream, inPassword);
    } finally {
        inStream.close();
    }

    char[] outPassword = readPasswordIfNotSet("password of the destination keystore", outPwd);
    Enumeration<String> aliases = inKs.aliases();
    while (aliases.hasMoreElements()) {
        String alias = aliases.nextElement();
        if (inKs.isKeyEntry(alias)) {
            Certificate[] certs = inKs.getCertificateChain(alias);
            Key key = inKs.getKey(alias, inPassword);
            outKs.setKeyEntry(alias, key, outPassword, certs);
        } else {
            Certificate cert = inKs.getCertificate(alias);
            outKs.setCertificateEntry(alias, cert);
        }
    }

    ByteArrayOutputStream bout = new ByteArrayOutputStream(4096);
    outKs.store(bout, outPassword);
    saveVerbose("saved destination keystore to file", realOutFile, bout.toByteArray());
    return null;
}
 
Example 18
Project: RISE-V2G   File: SecurityUtils.java   View Source Code Vote up 5 votes
/**
 * Returns the certificate chain from a PKCS#12 container holding credentials such as private key,
 * leaf certificate and zero or more intermediate certificates.
 * 
 * @param pkcs12Resource The PKCS#12 container
 * @return The certificate chain
 */
public static CertificateChainType getCertificateChain(String pkcs12Resource) {
	CertificateChainType certChain = new CertificateChainType();
	
	/*
	 * For testing purposes, the respective PKCS12 container file has already been put in the 
	 * resources folder. However, when implementing a real interface to a secondary actor's backend, 
	 * the retrieval of a certificate must be done via some other online mechanism.
	 */
	KeyStore contractCertificateKeystore = getPKCS12KeyStore(pkcs12Resource, GlobalValues.PASSPHRASE_FOR_CERTIFICATES_AND_KEYS.toString());
	
	if (contractCertificateKeystore == null) {
		getLogger().error("Unable to access certificate chain because no PKCS#12 container found at " +
						  "location '" + pkcs12Resource + "'");
		return null;
	}
	
	try {
		Enumeration<String> aliases = contractCertificateKeystore.aliases();
		Certificate[] tempCertChain = null;
		// Only one certificate chain (and therefore alias) should be available
		while (aliases.hasMoreElements()) {
			tempCertChain = contractCertificateKeystore.getCertificateChain(aliases.nextElement());
			certChain.setCertificate(getLeafCertificate(tempCertChain).getEncoded());
			certChain.setSubCertificates(getSubCertificates(tempCertChain));
		}
	} catch (KeyStoreException | CertificateEncodingException | NullPointerException e) {
		getLogger().error(e.getClass().getSimpleName() + " occurred while  trying to get " +
						  "certificate chain from resource '" + pkcs12Resource + "'", e);
	}
	
	return certChain;
}
 
Example 19
Project: java-coap   File: DeviceEmulator.java   View Source Code Vote up 5 votes
static SSLContext sslContextFromKeystore(String resource, char[] secret) {
    try {
        KeyStore ks = KeyStore.getInstance("JKS");
        ks.load(new FileInputStream(resource), secret);

        final KeyManagerFactory kmf;
        kmf = KeyManagerFactory.getInstance("SunX509");
        kmf.init(ks, secret);
        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
        tmf.init(ks);

        SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
        sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

        //print all certificates subject
        Enumeration<String> aliases = ks.aliases();
        while (aliases.hasMoreElements()) {
            String alias = aliases.nextElement();
            String certCN = ((X509Certificate) ks.getCertificate(alias)).getSubjectDN().toString();

            if (ks.isKeyEntry(alias)) {
                LOGGER.info("Using certificate CN: " + certCN);
            } else {
                LOGGER.info("Using trusted certificate CN: " + certCN);
            }
        }

        return sslContext;
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}
 
Example 20
Project: openjdk-jdk10   File: ReadP12Test.java   View Source Code Vote up 4 votes
private void readTest(String inKeyStore) throws Exception {

        KeyStore inputKeyStore;

        // Initialize KeyStore
        String dir = System.getProperty("test.src", ".");
        String keystorePath = dir + File.separator + "certs" + File.separator
                + "readP12";
        inputKeyStore = KeyStore.getInstance(IN_KEYSTORE_TYPE);
        // KeyStore have encoded by Base64.getMimeEncoder().encode(),need decode
        // first.
        byte[] input = Files.readAllBytes(Paths.get(keystorePath, inKeyStore));
        ByteArrayInputStream arrayIn = new ByteArrayInputStream(Base64
                .getMimeDecoder().decode(input));
        inputKeyStore.load(arrayIn, IN_STORE_PASS.toCharArray());
        out.println("Initialize KeyStore : " + inKeyStore + " success");

        out.println("getProvider : " + inputKeyStore.getProvider());
        out.println("getType : " + inputKeyStore.getType());
        out.println("getDefaultType : " + KeyStore.getDefaultType());

        int idx = 0;
        Enumeration<String> e = inputKeyStore.aliases();
        String alias;
        while (e.hasMoreElements()) {
            alias = e.nextElement();
            out.println("Alias " + idx + " : " + alias);
            if (inputKeyStore.containsAlias(alias) == false) {
                throw new RuntimeException("Alias not found");
            }

            out.println("getCreationDate : "
                    + inputKeyStore.getCreationDate(alias));

            X509Certificate cert = (X509Certificate) inputKeyStore
                    .getCertificate(alias);
            out.println("getCertificate : " + cert.getSubjectDN());
            String retAlias = inputKeyStore.getCertificateAlias(cert);
            if (!retAlias.equals(alias)) {
                throw new RuntimeException("Alias mismatch");
            }
            out.println("getCertificateAlias : " + retAlias);

            Certificate[] certs = inputKeyStore.getCertificateChain(alias);
            for (int i = 0; i < certs.length; i++) {
                out.println("getCertificateChain " + i + " : "
                        + ((X509Certificate) certs[i]).getSubjectDN());
            }

            boolean isCertEntry = inputKeyStore.isCertificateEntry(alias);
            // test KeyStore only contain key pair entries.
            if (isCertEntry == true) {
                throw new RuntimeException(
                        "inputKeystore should not be certEntry because test keystore only contain key pair entries.");
            }

            boolean isKeyEntry = inputKeyStore.isKeyEntry(alias);
            if (isKeyEntry) {
                Key key = inputKeyStore.getKey(alias,
                        IN_STORE_PASS.toCharArray());
                out.println("Key : " + key.toString());
            } else {
                throw new RuntimeException("Entry type unknown\n");
            }
            idx++;
        }

        int size = inputKeyStore.size();
        if (idx != size) {
            throw new RuntimeException("Size not match");
        }

    }