Java Code Examples for java.security.KeyStore#entryInstanceOf()
The following examples show how to use
java.security.KeyStore#entryInstanceOf() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: TrustUtil.java From browserup-proxy with Apache License 2.0 | 6 votes |
|
/**
* Extracts the {@link java.security.KeyStore.TrustedCertificateEntry}s from the specified KeyStore. All other entry
* types, including private keys, will be ignored.
*
* @param trustStore keystore containing trusted certificate entries
* @return the trusted certificate entries in the specified keystore
*/
public static List<X509Certificate> extractTrustedCertificateEntries(KeyStore trustStore) {
try {
Enumeration<String> aliases = trustStore.aliases();
List<String> keyStoreAliases = Collections.list(aliases);
List<X509Certificate> trustedCertificates = new ArrayList<>(keyStoreAliases.size());
for (String alias : keyStoreAliases) {
if (trustStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
Certificate certificate = trustStore.getCertificate(alias);
if (!(certificate instanceof X509Certificate)) {
log.debug("Skipping non-X509Certificate in KeyStore. Certificate type: {}", certificate.getType());
continue;
}
trustedCertificates.add((X509Certificate) certificate);
}
}
return trustedCertificates;
} catch (KeyStoreException e) {
throw new KeyStoreAccessException("Error occurred while retrieving trusted CAs from KeyStore", e);
}
}
Example 2
| Source File: TrustUtil.java From CapturePacket with MIT License | 6 votes |
|
/**
* Extracts the {@link KeyStore.TrustedCertificateEntry}s from the specified KeyStore. All other entry
* types, including private keys, will be ignored.
*
* @param trustStore keystore containing trusted certificate entries
* @return the trusted certificate entries in the specified keystore
*/
public static List<X509Certificate> extractTrustedCertificateEntries(KeyStore trustStore) {
try {
Enumeration<String> aliases = trustStore.aliases();
List<String> keyStoreAliases = Collections.list(aliases);
List<X509Certificate> trustedCertificates = new ArrayList<>(keyStoreAliases.size());
for (String alias : keyStoreAliases) {
if (trustStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
Certificate certificate = trustStore.getCertificate(alias);
if (!(certificate instanceof X509Certificate)) {
log.debug("Skipping non-X509Certificate in KeyStore. Certificate type: {}", certificate.getType());
continue;
}
trustedCertificates.add((X509Certificate) certificate);
}
}
return trustedCertificates;
} catch (KeyStoreException e) {
throw new KeyStoreAccessException("Error occurred while retrieving trusted CAs from KeyStore", e);
}
}
Example 3
| Source File: QpidBestFitX509KeyManager.java From qpid-broker-j with Apache License 2.0 | 6 votes |
|
public QpidBestFitX509KeyManager(String defaultAlias,
URL keyStoreUrl, String keyStoreType,
String keyStorePassword, String keyManagerFactoryAlgorithmName) throws GeneralSecurityException, IOException
{
KeyStore ks = SSLUtil.getInitializedKeyStore(keyStoreUrl,keyStorePassword,keyStoreType);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(keyManagerFactoryAlgorithmName);
kmf.init(ks, keyStorePassword.toCharArray());
List<String> aliases = new ArrayList<>();
for(String alias : Collections.list(ks.aliases()))
{
if(ks.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class))
{
aliases.add(alias);
}
}
_aliases = Collections.unmodifiableList(aliases);
_delegate = (X509ExtendedKeyManager)kmf.getKeyManagers()[0];
_defaultAlias = defaultAlias;
}
Example 4
| Source File: TrustUtil.java From Dream-Catcher with MIT License | 6 votes |
|
/**
* Extracts the {@link KeyStore.TrustedCertificateEntry}s from the specified KeyStore. All other entry
* types, including private keys, will be ignored.
*
* @param trustStore keystore containing trusted certificate entries
* @return the trusted certificate entries in the specified keystore
*/
public static List<X509Certificate> extractTrustedCertificateEntries(KeyStore trustStore) {
try {
Enumeration<String> aliases = trustStore.aliases();
List<String> keyStoreAliases = Collections.list(aliases);
List<X509Certificate> trustedCertificates = new ArrayList<>(keyStoreAliases.size());
for (String alias : keyStoreAliases) {
if (trustStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
Certificate certificate = trustStore.getCertificate(alias);
if (!(certificate instanceof X509Certificate)) {
log.debug("Skipping non-X509Certificate in KeyStore. Certificate type: {}", certificate.getType());
continue;
}
trustedCertificates.add((X509Certificate) certificate);
}
}
return trustedCertificates;
} catch (KeyStoreException e) {
throw new KeyStoreAccessException("Error occurred while retrieving trusted CAs from KeyStore", e);
}
}
Example 5
| Source File: TrustUtil.java From AndroidHttpCapture with MIT License | 6 votes |
|
/**
* Extracts the {@link java.security.KeyStore.TrustedCertificateEntry}s from the specified KeyStore. All other entry
* types, including private keys, will be ignored.
*
* @param trustStore keystore containing trusted certificate entries
* @return the trusted certificate entries in the specified keystore
*/
public static List<X509Certificate> extractTrustedCertificateEntries(KeyStore trustStore) {
try {
Enumeration<String> aliases = trustStore.aliases();
List<String> keyStoreAliases = Collections.list(aliases);
List<X509Certificate> trustedCertificates = new ArrayList<>(keyStoreAliases.size());
for (String alias : keyStoreAliases) {
if (trustStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
Certificate certificate = trustStore.getCertificate(alias);
if (!(certificate instanceof X509Certificate)) {
log.debug("Skipping non-X509Certificate in KeyStore. Certificate type: {}", certificate.getType());
continue;
}
trustedCertificates.add((X509Certificate) certificate);
}
}
return trustedCertificates;
} catch (KeyStoreException e) {
throw new KeyStoreAccessException("Error occurred while retrieving trusted CAs from KeyStore", e);
}
}
Example 6
| Source File: Main.java From fido2 with GNU Lesser General Public License v2.1 | 5 votes |
|
private static void listaccesskeys(String keystorelocation, String password) throws Exception {
KeyStore keystore = KeyStore.getInstance("BCFKS", BC_FIPS_PROVIDER);
keystore.load(new FileInputStream(keystorelocation), password.toCharArray());
java.util.SortedSet<String> hsmobj = new java.util.TreeSet<>();
for (Enumeration<String> e = keystore.aliases(); e.hasMoreElements();) {
hsmobj.add(e.nextElement());
}
System.out.println("===> Objects in keystore:");
for (String s : hsmobj) {
if (keystore.entryInstanceOf(s, SecretKeyEntry.class)) {
System.out.println(String.format("%-24s %-20s %-48s", s, "SecretKey", "created on " + keystore.getCreationDate(s)));
}
}
}
Example 7
| Source File: KeyStoreHelper.java From mollyim-android with GNU General Public License v3.0 | 5 votes |
|
@RequiresApi(Build.VERSION_CODES.M)
private static boolean hasKeyStoreEntry() {
try {
KeyStore ks = KeyStore.getInstance(ANDROID_KEY_STORE);
ks.load(null);
return ks.containsAlias(KEY_ALIAS) && ks.entryInstanceOf(KEY_ALIAS, KeyStore.SecretKeyEntry.class);
} catch (KeyStoreException | IOException | NoSuchAlgorithmException | CertificateException e) {
throw new AssertionError(e);
}
}
Example 8
| Source File: DefaultCassandanaSslContextCreator.java From cassandana with Apache License 2.0 | 5 votes |
|
/**
* The OpenSSL provider does not support the {@link KeyManagerFactory}, so we have to lookup the integration
* certificate and key in order to provide it to OpenSSL.
* <p>
* TODO: SNI is currently not supported, we use only the first found private key.
*/
private static SslContextBuilder builderWithOpenSSLProvider(KeyStore ks, String keyPassword)
throws GeneralSecurityException {
for (String alias : Collections.list(ks.aliases())) {
if (ks.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) {
PrivateKey key = (PrivateKey) ks.getKey(alias, keyPassword.toCharArray());
Certificate[] chain = ks.getCertificateChain(alias);
X509Certificate[] certChain = new X509Certificate[chain.length];
System.arraycopy(chain, 0, certChain, 0, chain.length);
return SslContextBuilder.forServer(key, certChain);
}
}
throw new KeyManagementException("the SSL key-store does not contain a private key");
}
Example 9
| Source File: ModifiableKeyStoreDecorator.java From wildfly-core with GNU Lesser General Public License v2.1 | 5 votes |
|
private String getEntryType(KeyStore keyStore, String alias) throws KeyStoreException {
if (keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) {
return KeyStore.PrivateKeyEntry.class.getSimpleName();
} else if (keyStore.entryInstanceOf(alias, KeyStore.SecretKeyEntry.class)) {
return KeyStore.SecretKeyEntry.class.getSimpleName();
} else if (keyStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
return KeyStore.TrustedCertificateEntry.class.getSimpleName();
} else if (keyStore.entryInstanceOf(alias, PasswordEntry.class)) {
return PasswordEntry.class.getSimpleName();
} else {
return "Other";
}
}
Example 10
| Source File: JavaSecurityManagementServiceImpl.java From rice with Educational Community License v2.0 | 5 votes |
|
public void removeClientCertificate(String alias) throws KeyStoreException {
KeyStore moduleKeyStore = getModuleKeyStore();
if (!moduleKeyStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
throw new RuntimeException("Only entries of type " + KeyStoreEntryDataContainer.DISPLAYABLE_ENTRY_TYPES.get(KeyStore.TrustedCertificateEntry.class) + " can be removed");
}
getModuleKeyStore().deleteEntry(alias);
}
