Java Code Examples for java.security.KeyStore#entryInstanceOf()

The following examples show how to use java.security.KeyStore#entryInstanceOf() . These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: browserup-proxy   File: TrustUtil.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Extracts the {@link java.security.KeyStore.TrustedCertificateEntry}s from the specified KeyStore. All other entry
 * types, including private keys, will be ignored.
 *
 * @param trustStore keystore containing trusted certificate entries
 * @return the trusted certificate entries in the specified keystore
 */
public static List<X509Certificate> extractTrustedCertificateEntries(KeyStore trustStore) {
    try {
        Enumeration<String> aliases = trustStore.aliases();
        List<String> keyStoreAliases = Collections.list(aliases);

        List<X509Certificate> trustedCertificates = new ArrayList<>(keyStoreAliases.size());

        for (String alias : keyStoreAliases) {
            if (trustStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
                Certificate certificate = trustStore.getCertificate(alias);
                if (!(certificate instanceof X509Certificate)) {
                    log.debug("Skipping non-X509Certificate in KeyStore. Certificate type: {}", certificate.getType());
                    continue;
                }

                trustedCertificates.add((X509Certificate) certificate);
            }
        }

        return trustedCertificates;
    } catch (KeyStoreException e) {
        throw new KeyStoreAccessException("Error occurred while retrieving trusted CAs from KeyStore", e);
    }
}
 
Example 2
Source Project: CapturePacket   File: TrustUtil.java    License: MIT License 6 votes vote down vote up
/**
 * Extracts the {@link KeyStore.TrustedCertificateEntry}s from the specified KeyStore. All other entry
 * types, including private keys, will be ignored.
 *
 * @param trustStore keystore containing trusted certificate entries
 * @return the trusted certificate entries in the specified keystore
 */
public static List<X509Certificate> extractTrustedCertificateEntries(KeyStore trustStore) {
    try {
        Enumeration<String> aliases = trustStore.aliases();
        List<String> keyStoreAliases = Collections.list(aliases);

        List<X509Certificate> trustedCertificates = new ArrayList<>(keyStoreAliases.size());

        for (String alias : keyStoreAliases) {
            if (trustStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
                Certificate certificate = trustStore.getCertificate(alias);
                if (!(certificate instanceof X509Certificate)) {
                    log.debug("Skipping non-X509Certificate in KeyStore. Certificate type: {}", certificate.getType());
                    continue;
                }

                trustedCertificates.add((X509Certificate) certificate);
            }
        }

        return trustedCertificates;
    } catch (KeyStoreException e) {
        throw new KeyStoreAccessException("Error occurred while retrieving trusted CAs from KeyStore", e);
    }
}
 
Example 3
public QpidBestFitX509KeyManager(String defaultAlias,
                                 URL keyStoreUrl, String keyStoreType,
                                 String keyStorePassword, String keyManagerFactoryAlgorithmName) throws GeneralSecurityException, IOException
{
    KeyStore ks = SSLUtil.getInitializedKeyStore(keyStoreUrl,keyStorePassword,keyStoreType);
    KeyManagerFactory kmf = KeyManagerFactory.getInstance(keyManagerFactoryAlgorithmName);
    kmf.init(ks, keyStorePassword.toCharArray());
    List<String> aliases = new ArrayList<>();
    for(String alias : Collections.list(ks.aliases()))
    {
        if(ks.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class))
        {
            aliases.add(alias);
        }
    }
    _aliases = Collections.unmodifiableList(aliases);
    _delegate = (X509ExtendedKeyManager)kmf.getKeyManagers()[0];
    _defaultAlias = defaultAlias;
}
 
Example 4
Source Project: Dream-Catcher   File: TrustUtil.java    License: MIT License 6 votes vote down vote up
/**
 * Extracts the {@link KeyStore.TrustedCertificateEntry}s from the specified KeyStore. All other entry
 * types, including private keys, will be ignored.
 *
 * @param trustStore keystore containing trusted certificate entries
 * @return the trusted certificate entries in the specified keystore
 */
public static List<X509Certificate> extractTrustedCertificateEntries(KeyStore trustStore) {
    try {
        Enumeration<String> aliases = trustStore.aliases();
        List<String> keyStoreAliases = Collections.list(aliases);

        List<X509Certificate> trustedCertificates = new ArrayList<>(keyStoreAliases.size());

        for (String alias : keyStoreAliases) {
            if (trustStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
                Certificate certificate = trustStore.getCertificate(alias);
                if (!(certificate instanceof X509Certificate)) {
                    log.debug("Skipping non-X509Certificate in KeyStore. Certificate type: {}", certificate.getType());
                    continue;
                }

                trustedCertificates.add((X509Certificate) certificate);
            }
        }

        return trustedCertificates;
    } catch (KeyStoreException e) {
        throw new KeyStoreAccessException("Error occurred while retrieving trusted CAs from KeyStore", e);
    }
}
 
Example 5
Source Project: AndroidHttpCapture   File: TrustUtil.java    License: MIT License 6 votes vote down vote up
/**
 * Extracts the {@link java.security.KeyStore.TrustedCertificateEntry}s from the specified KeyStore. All other entry
 * types, including private keys, will be ignored.
 *
 * @param trustStore keystore containing trusted certificate entries
 * @return the trusted certificate entries in the specified keystore
 */
public static List<X509Certificate> extractTrustedCertificateEntries(KeyStore trustStore) {
    try {
        Enumeration<String> aliases = trustStore.aliases();
        List<String> keyStoreAliases = Collections.list(aliases);

        List<X509Certificate> trustedCertificates = new ArrayList<>(keyStoreAliases.size());

        for (String alias : keyStoreAliases) {
            if (trustStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
                Certificate certificate = trustStore.getCertificate(alias);
                if (!(certificate instanceof X509Certificate)) {
                    log.debug("Skipping non-X509Certificate in KeyStore. Certificate type: {}", certificate.getType());
                    continue;
                }

                trustedCertificates.add((X509Certificate) certificate);
            }
        }

        return trustedCertificates;
    } catch (KeyStoreException e) {
        throw new KeyStoreAccessException("Error occurred while retrieving trusted CAs from KeyStore", e);
    }
}
 
Example 6
Source Project: fido2   File: Main.java    License: GNU Lesser General Public License v2.1 5 votes vote down vote up
private static void listaccesskeys(String keystorelocation, String password) throws Exception {
    KeyStore keystore = KeyStore.getInstance("BCFKS", BC_FIPS_PROVIDER);
    keystore.load(new FileInputStream(keystorelocation), password.toCharArray());
    java.util.SortedSet<String> hsmobj = new java.util.TreeSet<>();
    for (Enumeration<String> e = keystore.aliases(); e.hasMoreElements();) {
        hsmobj.add(e.nextElement());
    }
    System.out.println("===> Objects in keystore:");
    for (String s : hsmobj) {
        if (keystore.entryInstanceOf(s, SecretKeyEntry.class)) {
            System.out.println(String.format("%-24s %-20s %-48s", s, "SecretKey", "created on " + keystore.getCreationDate(s)));
        }
    }
}
 
Example 7
@RequiresApi(Build.VERSION_CODES.M)
private static boolean hasKeyStoreEntry() {
  try {
    KeyStore ks = KeyStore.getInstance(ANDROID_KEY_STORE);
    ks.load(null);

    return ks.containsAlias(KEY_ALIAS) && ks.entryInstanceOf(KEY_ALIAS, KeyStore.SecretKeyEntry.class);
  } catch (KeyStoreException | IOException | NoSuchAlgorithmException | CertificateException e) {
    throw new AssertionError(e);
  }
}
 
Example 8
/**
 * The OpenSSL provider does not support the {@link KeyManagerFactory}, so we have to lookup the integration
 * certificate and key in order to provide it to OpenSSL.
 * <p>
 * TODO: SNI is currently not supported, we use only the first found private key.
 */
private static SslContextBuilder builderWithOpenSSLProvider(KeyStore ks, String keyPassword)
        throws GeneralSecurityException {
    for (String alias : Collections.list(ks.aliases())) {
        if (ks.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) {
            PrivateKey key = (PrivateKey) ks.getKey(alias, keyPassword.toCharArray());
            Certificate[] chain = ks.getCertificateChain(alias);
            X509Certificate[] certChain = new X509Certificate[chain.length];
            System.arraycopy(chain, 0, certChain, 0, chain.length);
            return SslContextBuilder.forServer(key, certChain);
        }
    }
    throw new KeyManagementException("the SSL key-store does not contain a private key");
}
 
Example 9
private String getEntryType(KeyStore keyStore, String alias) throws KeyStoreException {
    if (keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) {
        return KeyStore.PrivateKeyEntry.class.getSimpleName();
    } else if (keyStore.entryInstanceOf(alias, KeyStore.SecretKeyEntry.class)) {
        return KeyStore.SecretKeyEntry.class.getSimpleName();
    } else if (keyStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
        return KeyStore.TrustedCertificateEntry.class.getSimpleName();
    } else if (keyStore.entryInstanceOf(alias, PasswordEntry.class)) {
        return PasswordEntry.class.getSimpleName();
    } else {
        return "Other";
    }
}
 
Example 10
public void removeClientCertificate(String alias) throws KeyStoreException {
    KeyStore moduleKeyStore = getModuleKeyStore();
    if (!moduleKeyStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
        throw new RuntimeException("Only entries of type " + KeyStoreEntryDataContainer.DISPLAYABLE_ENTRY_TYPES.get(KeyStore.TrustedCertificateEntry.class) + " can be removed");
    }
    getModuleKeyStore().deleteEntry(alias);
}