Java Code Examples for java.security.KeyStore#size()

The following examples show how to use java.security.KeyStore#size() . These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
private void compareKeyStore(KeyStore a, KeyStore b, String inKeyPass,
        String outKeyPass, int keyStoreSize) throws Exception {
    if (a.size() != keyStoreSize || b.size() != keyStoreSize) {
        throw new RuntimeException("size not match or size not equal to "
                + keyStoreSize);
    }

    Enumeration<String> eA = a.aliases();
    while (eA.hasMoreElements()) {
        String aliasA = eA.nextElement();

        if (!b.containsAlias(aliasA)) {
            throw new RuntimeException("alias not match for alias:"
                    + aliasA);
        }

        compareKeyEntry(a, b, inKeyPass, outKeyPass, aliasA);
    }
}
 
Example 2
Source Project: dremio-oss   File: SSLEngineFactoryImpl.java    License: Apache License 2.0 6 votes vote down vote up
private KeyManagerFactory newKeyManagerFactory() throws GeneralSecurityException, IOException {
  if (sslConfig.getKeyStorePath() == SSLConfig.UNSPECIFIED) {
    return null;
  }

  final KeyStore keyStore = KeyStore.getInstance(sslConfig.getKeyStoreType());
  try (InputStream stream = new FileInputStream(sslConfig.getKeyStorePath())) {
    keyStore.load(stream, sslConfig.getKeyStorePassword().toCharArray());
  }

  if (keyStore.size() == 0) {
    throw new IllegalArgumentException("Key store has no entries");
  }

  final KeyManagerFactory factory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
  factory.init(keyStore, sslConfig.getKeyPassword().toCharArray());
  return factory;
}
 
Example 3
private void compareKeyStore(KeyStore a, KeyStore b, String inKeyPass,
        String outKeyPass, int keyStoreSize) throws Exception {
    if (a.size() != keyStoreSize || b.size() != keyStoreSize) {
        throw new RuntimeException("size not match or size not equal to "
                + keyStoreSize);
    }

    Enumeration<String> eA = a.aliases();
    while (eA.hasMoreElements()) {
        String aliasA = eA.nextElement();

        if (!b.containsAlias(aliasA)) {
            throw new RuntimeException("alias not match for alias:"
                    + aliasA);
        }

        compareKeyEntry(a, b, inKeyPass, outKeyPass, aliasA);
    }
}
 
Example 4
private void compareKeyStore(KeyStore a, KeyStore b, String inKeyPass,
        String outKeyPass, int keyStoreSize) throws Exception {
    if (a.size() != keyStoreSize || b.size() != keyStoreSize) {
        throw new RuntimeException("size not match or size not equal to "
                + keyStoreSize);
    }

    Enumeration<String> eA = a.aliases();
    while (eA.hasMoreElements()) {
        String aliasA = eA.nextElement();

        if (!b.containsAlias(aliasA)) {
            throw new RuntimeException("alias not match for alias:"
                    + aliasA);
        }

        compareKeyEntry(a, b, inKeyPass, outKeyPass, aliasA);
    }
}
 
Example 5
private String getKeyStoreStatusText(KeyStoreHistory history) {
	// Status Text: 'KeyStore Type, Size, Path'
	KeyStoreState currentState = history.getCurrentState();

	KeyStore ksLoaded = currentState.getKeyStore();

	int size;
	try {
		size = ksLoaded.size();
	} catch (KeyStoreException ex) {
		DError.displayError(frame, ex);
		return "";
	}

	KeyStoreType keyStoreType = currentState.getType();

	return MessageFormat.format(res.getString("KseFrame.entries.statusbar"),
			keyStoreType.friendly(), size, history.getPath());
}
 
Example 6
private void compareKeyStore(KeyStore a, KeyStore b, String inKeyPass,
        String outKeyPass, int keyStoreSize) throws Exception {
    if (a.size() != keyStoreSize || b.size() != keyStoreSize) {
        throw new RuntimeException("size not match or size not equal to "
                + keyStoreSize);
    }

    Enumeration<String> eA = a.aliases();
    while (eA.hasMoreElements()) {
        String aliasA = eA.nextElement();

        if (!b.containsAlias(aliasA)) {
            throw new RuntimeException("alias not match for alias:"
                    + aliasA);
        }

        compareKeyEntry(a, b, inKeyPass, outKeyPass, aliasA);
    }
}
 
Example 7
Source Project: SPDS   File: KeystoreLongTest.java    License: Eclipse Public License 2.0 5 votes vote down vote up
@Test
public void catchClause() {
    try {
        final KeyStore keyStore = KeyStore.getInstance("JKS");
        // ... Some code
        int size = keyStore.size(); // Hit !
        mustBeInErrorState(keyStore);
    } catch (KeyStoreException e) {
        e.printStackTrace();
    }
}
 
Example 8
Source Project: vk-java-sdk   File: YouTrackClient.java    License: MIT License 5 votes vote down vote up
private SSLConnectionSocketFactory initSslContext(String keyStoreType, String keyStorePath, String keyStorePassword, String keyPassword,
                                                  String trustStoreType, String trustStorePath, String trustStorePassword)
        throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, UnrecoverableKeyException, KeyManagementException {

    SSLContextBuilder sslContextBuilder = SSLContexts.custom();

    if (StringUtils.isNoneBlank(keyStorePath)) {
        KeyStore keyStore = SslUtils.getStore(keyStoreType, keyStorePath, keyStorePassword);
        if (keyStore.size() == 0) {
            throw new IllegalStateException("Key store has no keys");
        }

        sslContextBuilder.loadKeyMaterial(keyStore, keyPassword.toCharArray());
    }

    if (StringUtils.isNoneBlank(trustStorePath)) {
        KeyStore trustStore = SslUtils.getStore(trustStoreType, trustStorePath, trustStorePassword);
        if (trustStore.size() == 0) {
            throw new IllegalStateException("Trust store has no keys");
        }

        sslContextBuilder.loadTrustMaterial(trustStore, new TrustSelfSignedStrategy());
    }

    return new SSLConnectionSocketFactory(
            sslContextBuilder.build(),
            SSLConnectionSocketFactory.getDefaultHostnameVerifier());
}
 
Example 9
public static void main(String[] args) throws Exception {
    /*
     * domain keystore: system
     */
    URI config = new URI(CONFIG + "#system");
    int cacertsCount;
    int expected;
    KeyStore keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    cacertsCount = expected = keystore.size();
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_plus
     */
    config = new URI(CONFIG + "#system_plus");
    expected = cacertsCount + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_env
     */
    config = new URI(CONFIG + "#system_env");
    expected = 1 + cacertsCount;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(
        new DomainLoadStoreParameter(config,
            Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: empty
     */
    KeyStore empty = KeyStore.getInstance("JKS");
    empty.load(null, null);

    try (OutputStream outStream =
        new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
        empty.store(outStream, "passphrase".toCharArray());
    }
    config = new URI(CONFIG + "#empty");
    expected = 0;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: keystores
     */
    config = new URI(CONFIG + "#keystores");
    expected = 2 + 1 + 1 + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // set a new trusted certificate entry
    Certificate cert = loadCertificate(CERT);
    String alias = "pw_keystore tmp-cert";
    System.out.println("Setting new trusted certificate entry: " + alias);
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
    expected++;
    // store entries
    config = new URI(CONFIG + "#keystores_tmp");
    System.out.println("Storing domain keystore: " + config + "\t[" +
        expected + " entries]");
    keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
    keystore = KeyStore.getInstance("DKS");
    // reload entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("Reloading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // get the new trusted certificate entry
    System.out.println("Getting new trusted certificate entry: " + alias);
    if (!keystore.isCertificateEntry(alias)) {
        throw new Exception("Error: cannot retrieve certificate entry: " +
            alias);
    }
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
}
 
Example 10
private void testKeyStore(KeyStore inputKeyStore, char[] keypass)
        throws KeyStoreException, UnrecoverableKeyException,
        NoSuchAlgorithmException {
    out.println("========== Key Store ==========");
    out.println("getProvider : " + inputKeyStore.getProvider());
    out.println("getType : " + inputKeyStore.getType());
    out.println("getDefaultType : " + KeyStore.getDefaultType());

    int idx = 0;
    Enumeration<String> e = inputKeyStore.aliases();
    String alias;
    while (e.hasMoreElements()) {
        alias = e.nextElement();
        if (!inputKeyStore.containsAlias(alias)) {
            throw new RuntimeException("Alias not found");
        }
        out.println("Alias " + idx + " : " + alias);
        out.println("getCreationDate : "
                + inputKeyStore.getCreationDate(alias));
        X509Certificate cert = (X509Certificate) inputKeyStore
                .getCertificate(alias);
        out.println("getCertificate : " + cert.getSubjectDN());
        String retAlias = inputKeyStore.getCertificateAlias(cert);
        if (!retAlias.equals(alias)) {
            throw new RuntimeException("Alias mismatch, actually "
                    + retAlias + ", expected " + alias);
        }
        out.println("getCertificateAlias : " + retAlias);
        Certificate[] certs = inputKeyStore.getCertificateChain(alias);
        int i = 0;
        for (Certificate certification : certs) {
            out.println("getCertificateChain " + i
                    + ((X509Certificate) certification).getSubjectDN());
            i++;
        }
        if (inputKeyStore.isCertificateEntry(alias)) {
            throw new RuntimeException(
                    "inputKeystore should not be certEntry because this"
                            + " keystore only contain key pair entries.");
        }
        if (!inputKeyStore.isKeyEntry(alias)) {
            throw new RuntimeException("Entry type unknown.");
        }
        idx++;
    }
    int size = inputKeyStore.size();
    if (idx != size) {
        throw new RuntimeException("Size not match, actually " + idx
                + ", expected " + size);
    }
}
 
Example 11
private void testKeyStore(KeyStore inputKeyStore, char[] keypass)
        throws KeyStoreException, UnrecoverableKeyException,
        NoSuchAlgorithmException {
    out.println("========== Key Store ==========");
    out.println("getProvider : " + inputKeyStore.getProvider());
    out.println("getType : " + inputKeyStore.getType());
    out.println("getDefaultType : " + KeyStore.getDefaultType());

    int idx = 0;
    Enumeration<String> e = inputKeyStore.aliases();
    String alias;
    while (e.hasMoreElements()) {
        alias = e.nextElement();
        if (!inputKeyStore.containsAlias(alias)) {
            throw new RuntimeException("Alias not found");
        }
        out.println("Alias " + idx + " : " + alias);
        out.println("getCreationDate : "
                + inputKeyStore.getCreationDate(alias));
        X509Certificate cert = (X509Certificate) inputKeyStore
                .getCertificate(alias);
        out.println("getCertificate : " + cert.getSubjectDN());
        String retAlias = inputKeyStore.getCertificateAlias(cert);
        if (!retAlias.equals(alias)) {
            throw new RuntimeException("Alias mismatch, actually "
                    + retAlias + ", expected " + alias);
        }
        out.println("getCertificateAlias : " + retAlias);
        Certificate[] certs = inputKeyStore.getCertificateChain(alias);
        int i = 0;
        for (Certificate certification : certs) {
            out.println("getCertificateChain " + i
                    + ((X509Certificate) certification).getSubjectDN());
            i++;
        }
        if (inputKeyStore.isCertificateEntry(alias)) {
            throw new RuntimeException(
                    "inputKeystore should not be certEntry because this"
                            + " keystore only contain key pair entries.");
        }
        if (!inputKeyStore.isKeyEntry(alias)) {
            throw new RuntimeException("Entry type unknown.");
        }
        idx++;
    }
    int size = inputKeyStore.size();
    if (idx != size) {
        throw new RuntimeException("Size not match, actually " + idx
                + ", expected " + size);
    }
}
 
Example 12
private void testKeyStore(KeyStore inputKeyStore, char[] keypass)
        throws KeyStoreException, UnrecoverableKeyException,
        NoSuchAlgorithmException {
    out.println("========== Key Store ==========");
    out.println("getProvider : " + inputKeyStore.getProvider());
    out.println("getType : " + inputKeyStore.getType());
    out.println("getDefaultType : " + KeyStore.getDefaultType());

    int idx = 0;
    Enumeration<String> e = inputKeyStore.aliases();
    String alias;
    while (e.hasMoreElements()) {
        alias = e.nextElement();
        if (!inputKeyStore.containsAlias(alias)) {
            throw new RuntimeException("Alias not found");
        }
        out.println("Alias " + idx + " : " + alias);
        out.println("getCreationDate : "
                + inputKeyStore.getCreationDate(alias));
        X509Certificate cert = (X509Certificate) inputKeyStore
                .getCertificate(alias);
        out.println("getCertificate : " + cert.getSubjectDN());
        String retAlias = inputKeyStore.getCertificateAlias(cert);
        if (!retAlias.equals(alias)) {
            throw new RuntimeException("Alias mismatch, actually "
                    + retAlias + ", expected " + alias);
        }
        out.println("getCertificateAlias : " + retAlias);
        Certificate[] certs = inputKeyStore.getCertificateChain(alias);
        int i = 0;
        for (Certificate certification : certs) {
            out.println("getCertificateChain " + i
                    + ((X509Certificate) certification).getSubjectDN());
            i++;
        }
        if (inputKeyStore.isCertificateEntry(alias)) {
            throw new RuntimeException(
                    "inputKeystore should not be certEntry because this"
                            + " keystore only contain key pair entries.");
        }
        if (!inputKeyStore.isKeyEntry(alias)) {
            throw new RuntimeException("Entry type unknown.");
        }
        idx++;
    }
    int size = inputKeyStore.size();
    if (idx != size) {
        throw new RuntimeException("Size not match, actually " + idx
                + ", expected " + size);
    }
}
 
Example 13
public void runTest(Provider p) throws Exception {
    try (FileOutputStream fos = new FileOutputStream("jceks");
            FileInputStream fis = new FileInputStream("jceks");) {

        KeyStore ks = KeyStore.getInstance("jceks", p);
        // create an empty key store
        ks.load(null, null);

        // store the secret keys
        String aliasHead = new String("secretKey");
        for (int j = 0; j < NUM_ALGOS; j++) {
            ks.setKeyEntry(aliasHead + j, sks[j], PASSWDK, null);
        }

        // write the key store out to a file
        ks.store(fos, PASSWDF);
        // wipe clean the existing key store
        for (int k = 0; k < NUM_ALGOS; k++) {
            ks.deleteEntry(aliasHead + k);
        }
        if (ks.size() != 0) {
            throw new RuntimeException("ERROR: re-initialization failed");
        }

        // reload the key store with the file
        ks.load(fis, PASSWDF);

        // check the integrity/validaty of the key store
        Key temp = null;
        String alias = null;
        if (ks.size() != NUM_ALGOS) {
            throw new RuntimeException("ERROR: wrong number of key"
                    + " entries");
        }

        for (int m = 0; m < ks.size(); m++) {
            alias = aliasHead + m;
            temp = ks.getKey(alias, PASSWDK);
            // compare the keys
            if (!temp.equals(sks[m])) {
                throw new RuntimeException("ERROR: key comparison (" + m
                        + ") failed");
            }
            // check the type of key
            if (ks.isCertificateEntry(alias) || !ks.isKeyEntry(alias)) {
                throw new RuntimeException("ERROR: type identification ("
                        + m + ") failed");
            }
        }
    }
}
 
Example 14
Source Project: jdk8u60   File: DKSTest.java    License: GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {
    /*
     * domain keystore: system
     */
    URI config = new URI(CONFIG + "#system");
    int cacertsCount;
    int expected;
    KeyStore keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    cacertsCount = expected = keystore.size();
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_plus
     */
    config = new URI(CONFIG + "#system_plus");
    expected = cacertsCount + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_env
     */
    config = new URI(CONFIG + "#system_env");
    expected = 1 + cacertsCount;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(
        new DomainLoadStoreParameter(config,
            Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: empty
     */
    KeyStore empty = KeyStore.getInstance("JKS");
    empty.load(null, null);

    try (OutputStream outStream =
        new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
        empty.store(outStream, "passphrase".toCharArray());
    }
    config = new URI(CONFIG + "#empty");
    expected = 0;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: keystores
     */
    config = new URI(CONFIG + "#keystores");
    expected = 2 + 1 + 1 + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // set a new trusted certificate entry
    Certificate cert = loadCertificate(CERT);
    String alias = "pw_keystore tmp-cert";
    System.out.println("Setting new trusted certificate entry: " + alias);
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
    expected++;
    // store entries
    config = new URI(CONFIG + "#keystores_tmp");
    System.out.println("Storing domain keystore: " + config + "\t[" +
        expected + " entries]");
    keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
    keystore = KeyStore.getInstance("DKS");
    // reload entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("Reloading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // get the new trusted certificate entry
    System.out.println("Getting new trusted certificate entry: " + alias);
    if (!keystore.isCertificateEntry(alias)) {
        throw new Exception("Error: cannot retrieve certificate entry: " +
            alias);
    }
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
}
 
Example 15
Source Project: portecle   File: FPortecle.java    License: GNU General Public License v2.0 4 votes vote down vote up
/**
 * Set the text in the staus bar to reflect the status of the currently loaded keystore.
 */
@Override
public void setDefaultStatusBarText()
{
	// No keystore loaded...
	if (m_keyStoreWrap == null)
	{
		setStatusBarText(RB.getString("FPortecle.noKeyStore.statusbar"));
	}
	// keystore loaded...
	else
	{
		// Get the keystore and display information on its type and size
		KeyStore ksLoaded = m_keyStoreWrap.getKeyStore();

		int iSize;
		try
		{
			iSize = ksLoaded.size();
		}
		catch (KeyStoreException ex)
		{
			setStatusBarText("");
			DThrowable.showAndWait(this, null, ex);
			return;
		}

		String sType = KeyStoreType.valueOfType(ksLoaded.getType()).toString();
		String sProv = ksLoaded.getProvider().getName();

		if (iSize == 1)
		{
			setStatusBarText(MessageFormat.format(RB.getString("FPortecle.entry.statusbar"), sType, sProv));
		}
		else
		{
			setStatusBarText(
			    MessageFormat.format(RB.getString("FPortecle.entries.statusbar"), sType, sProv, iSize));
		}
	}
}
 
Example 16
public static void main(String[] args) throws Exception {
    /*
     * domain keystore: system
     */
    URI config = new URI(CONFIG + "#system");
    int cacertsCount;
    int expected;
    KeyStore keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    cacertsCount = expected = keystore.size();
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_plus
     */
    config = new URI(CONFIG + "#system_plus");
    expected = cacertsCount + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_env
     */
    config = new URI(CONFIG + "#system_env");
    expected = 1 + cacertsCount;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(
        new DomainLoadStoreParameter(config,
            Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: empty
     */
    KeyStore empty = KeyStore.getInstance("JKS");
    empty.load(null, null);

    try (OutputStream outStream =
        new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
        empty.store(outStream, "passphrase".toCharArray());
    }
    config = new URI(CONFIG + "#empty");
    expected = 0;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: keystores
     */
    config = new URI(CONFIG + "#keystores");
    expected = 2 + 1 + 1 + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // set a new trusted certificate entry
    Certificate cert = loadCertificate(CERT);
    String alias = "pw_keystore tmp-cert";
    System.out.println("Setting new trusted certificate entry: " + alias);
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
    expected++;
    // store entries
    config = new URI(CONFIG + "#keystores_tmp");
    System.out.println("Storing domain keystore: " + config + "\t[" +
        expected + " entries]");
    keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
    keystore = KeyStore.getInstance("DKS");
    // reload entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("Reloading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // get the new trusted certificate entry
    System.out.println("Getting new trusted certificate entry: " + alias);
    if (!keystore.isCertificateEntry(alias)) {
        throw new Exception("Error: cannot retrieve certificate entry: " +
            alias);
    }
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
}
 
Example 17
private void testKeyStore(KeyStore inputKeyStore, char[] keypass)
        throws KeyStoreException, UnrecoverableKeyException,
        NoSuchAlgorithmException {
    out.println("========== Key Store ==========");
    out.println("getProvider : " + inputKeyStore.getProvider());
    out.println("getType : " + inputKeyStore.getType());
    out.println("getDefaultType : " + KeyStore.getDefaultType());

    int idx = 0;
    Enumeration<String> e = inputKeyStore.aliases();
    String alias;
    while (e.hasMoreElements()) {
        alias = e.nextElement();
        if (!inputKeyStore.containsAlias(alias)) {
            throw new RuntimeException("Alias not found");
        }
        out.println("Alias " + idx + " : " + alias);
        out.println("getCreationDate : "
                + inputKeyStore.getCreationDate(alias));
        X509Certificate cert = (X509Certificate) inputKeyStore
                .getCertificate(alias);
        out.println("getCertificate : " + cert.getSubjectDN());
        String retAlias = inputKeyStore.getCertificateAlias(cert);
        if (!retAlias.equals(alias)) {
            throw new RuntimeException("Alias mismatch, actually "
                    + retAlias + ", expected " + alias);
        }
        out.println("getCertificateAlias : " + retAlias);
        Certificate[] certs = inputKeyStore.getCertificateChain(alias);
        int i = 0;
        for (Certificate certification : certs) {
            out.println("getCertificateChain " + i
                    + ((X509Certificate) certification).getSubjectDN());
            i++;
        }
        if (inputKeyStore.isCertificateEntry(alias)) {
            throw new RuntimeException(
                    "inputKeystore should not be certEntry because this"
                            + " keystore only contain key pair entries.");
        }
        if (!inputKeyStore.isKeyEntry(alias)) {
            throw new RuntimeException("Entry type unknown.");
        }
        idx++;
    }
    int size = inputKeyStore.size();
    if (idx != size) {
        throw new RuntimeException("Size not match, actually " + idx
                + ", expected " + size);
    }
}
 
Example 18
private static void test(Provider p, PrivateKeyEntry entry) throws Exception {
    PrivateKey key = entry.getPrivateKey();
    X509Certificate[] chain = (X509Certificate[])entry.getCertificateChain();
    PublicKey publicKey = chain[0].getPublicKey();
    System.out.println(toString(key));
    sign(p, key, publicKey);

    KeyStore ks = KeyStore.getInstance("PKCS11", p);
    ks.load(null, null);
    if (ks.size() != 0) {
        throw new Exception("KeyStore not empty");
    }
    List<String> aliases;

    // test 1: add entry
    ks.setKeyEntry(ALIAS1, key, null, chain);
    aliases = aliases(ks);
    if (aliases.size() != 1) {
        throw new Exception("size not 1: " + aliases);
    }
    if (aliases.get(0).equals(ALIAS1) == false) {
        throw new Exception("alias mismatch: " + aliases);
    }

    PrivateKey key2 = (PrivateKey)ks.getKey(ALIAS1, null);
    System.out.println(toString(key2));
    X509Certificate[] chain2 =
            (X509Certificate[]) ks.getCertificateChain(ALIAS1);
    if (Arrays.equals(chain, chain2) == false) {
        throw new Exception("chain mismatch");
    }
    sign(p, key2, publicKey);

    ks.deleteEntry(ALIAS1);
    if (ks.size() != 0) {
        throw new Exception("KeyStore not empty");
    }

    // test 2: translate to session object, then add entry
    KeyFactory kf = KeyFactory.getInstance(key.getAlgorithm(), p);
    PrivateKey key3 = (PrivateKey)kf.translateKey(key);
    System.out.println(toString(key3));
    sign(p, key3, publicKey);

    ks.setKeyEntry(ALIAS2, key3, null, chain);
    aliases = aliases(ks);
    if (aliases.size() != 1) {
        throw new Exception("size not 1");
    }
    if (aliases.get(0).equals(ALIAS2) == false) {
        throw new Exception("alias mismatch: " + aliases);
    }

    PrivateKey key4 = (PrivateKey)ks.getKey(ALIAS2, null);
    System.out.println(toString(key4));
    X509Certificate[] chain4 = (X509Certificate[])
            ks.getCertificateChain(ALIAS2);
    if (Arrays.equals(chain, chain4) == false) {
        throw new Exception("chain mismatch");
    }
    sign(p, key4, publicKey);

    // test 3: change alias
    ks.setKeyEntry(ALIAS3, key3, null, chain);
    aliases = aliases(ks);
    if (aliases.size() != 1) {
        throw new Exception("size not 1");
    }
    if (aliases.get(0).equals(ALIAS3) == false) {
        throw new Exception("alias mismatch: " + aliases);
    }

    PrivateKey key5 = (PrivateKey)ks.getKey(ALIAS3, null);
    System.out.println(toString(key5));
    X509Certificate[] chain5 = (X509Certificate[])
            ks.getCertificateChain(ALIAS3);
    if (Arrays.equals(chain, chain5) == false) {
        throw new Exception("chain mismatch");
    }
    sign(p, key5, publicKey);

    ks.deleteEntry(ALIAS3);
    if (ks.size() != 0) {
        throw new Exception("KeyStore not empty");
    }

    System.out.println("OK");
}
 
Example 19
Source Project: hottub   File: DKSTest.java    License: GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {
    /*
     * domain keystore: system
     */
    URI config = new URI(CONFIG + "#system");
    int cacertsCount;
    int expected;
    KeyStore keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    cacertsCount = expected = keystore.size();
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_plus
     */
    config = new URI(CONFIG + "#system_plus");
    expected = cacertsCount + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_env
     */
    config = new URI(CONFIG + "#system_env");
    expected = 1 + cacertsCount;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(
        new DomainLoadStoreParameter(config,
            Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: empty
     */
    KeyStore empty = KeyStore.getInstance("JKS");
    empty.load(null, null);

    try (OutputStream outStream =
        new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
        empty.store(outStream, "passphrase".toCharArray());
    }
    config = new URI(CONFIG + "#empty");
    expected = 0;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: keystores
     */
    config = new URI(CONFIG + "#keystores");
    expected = 2 + 1 + 1 + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // set a new trusted certificate entry
    Certificate cert = loadCertificate(CERT);
    String alias = "pw_keystore tmp-cert";
    System.out.println("Setting new trusted certificate entry: " + alias);
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
    expected++;
    // store entries
    config = new URI(CONFIG + "#keystores_tmp");
    System.out.println("Storing domain keystore: " + config + "\t[" +
        expected + " entries]");
    keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
    keystore = KeyStore.getInstance("DKS");
    // reload entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("Reloading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // get the new trusted certificate entry
    System.out.println("Getting new trusted certificate entry: " + alias);
    if (!keystore.isCertificateEntry(alias)) {
        throw new Exception("Error: cannot retrieve certificate entry: " +
            alias);
    }
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
}
 
Example 20
private void testKeyStore(KeyStore inputKeyStore, char[] keypass)
        throws KeyStoreException, UnrecoverableKeyException,
        NoSuchAlgorithmException {
    out.println("========== Key Store ==========");
    out.println("getProvider : " + inputKeyStore.getProvider());
    out.println("getType : " + inputKeyStore.getType());
    out.println("getDefaultType : " + KeyStore.getDefaultType());

    int idx = 0;
    Enumeration<String> e = inputKeyStore.aliases();
    String alias;
    while (e.hasMoreElements()) {
        alias = e.nextElement();
        if (!inputKeyStore.containsAlias(alias)) {
            throw new RuntimeException("Alias not found");
        }
        out.println("Alias " + idx + " : " + alias);
        out.println("getCreationDate : "
                + inputKeyStore.getCreationDate(alias));
        X509Certificate cert = (X509Certificate) inputKeyStore
                .getCertificate(alias);
        out.println("getCertificate : " + cert.getSubjectDN());
        String retAlias = inputKeyStore.getCertificateAlias(cert);
        if (!retAlias.equals(alias)) {
            throw new RuntimeException("Alias mismatch, actually "
                    + retAlias + ", expected " + alias);
        }
        out.println("getCertificateAlias : " + retAlias);
        Certificate[] certs = inputKeyStore.getCertificateChain(alias);
        int i = 0;
        for (Certificate certification : certs) {
            out.println("getCertificateChain " + i
                    + ((X509Certificate) certification).getSubjectDN());
            i++;
        }
        if (inputKeyStore.isCertificateEntry(alias)) {
            throw new RuntimeException(
                    "inputKeystore should not be certEntry because this"
                            + " keystore only contain key pair entries.");
        }
        if (!inputKeyStore.isKeyEntry(alias)) {
            throw new RuntimeException("Entry type unknown.");
        }
        idx++;
    }
    int size = inputKeyStore.size();
    if (idx != size) {
        throw new RuntimeException("Size not match, actually " + idx
                + ", expected " + size);
    }
}