Java Code Examples for java.security.KeyStore#entryInstanceOf()
The following examples show how to use
java.security.KeyStore#entryInstanceOf() .
These examples are extracted from open source projects.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source Project: browserup-proxy File: TrustUtil.java License: Apache License 2.0 | 6 votes |
|
/**
* Extracts the {@link java.security.KeyStore.TrustedCertificateEntry}s from the specified KeyStore. All other entry
* types, including private keys, will be ignored.
*
* @param trustStore keystore containing trusted certificate entries
* @return the trusted certificate entries in the specified keystore
*/
public static List<X509Certificate> extractTrustedCertificateEntries(KeyStore trustStore) {
try {
Enumeration<String> aliases = trustStore.aliases();
List<String> keyStoreAliases = Collections.list(aliases);
List<X509Certificate> trustedCertificates = new ArrayList<>(keyStoreAliases.size());
for (String alias : keyStoreAliases) {
if (trustStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
Certificate certificate = trustStore.getCertificate(alias);
if (!(certificate instanceof X509Certificate)) {
log.debug("Skipping non-X509Certificate in KeyStore. Certificate type: {}", certificate.getType());
continue;
}
trustedCertificates.add((X509Certificate) certificate);
}
}
return trustedCertificates;
} catch (KeyStoreException e) {
throw new KeyStoreAccessException("Error occurred while retrieving trusted CAs from KeyStore", e);
}
}
Example 2
| Source Project: CapturePacket File: TrustUtil.java License: MIT License | 6 votes |
|
/**
* Extracts the {@link KeyStore.TrustedCertificateEntry}s from the specified KeyStore. All other entry
* types, including private keys, will be ignored.
*
* @param trustStore keystore containing trusted certificate entries
* @return the trusted certificate entries in the specified keystore
*/
public static List<X509Certificate> extractTrustedCertificateEntries(KeyStore trustStore) {
try {
Enumeration<String> aliases = trustStore.aliases();
List<String> keyStoreAliases = Collections.list(aliases);
List<X509Certificate> trustedCertificates = new ArrayList<>(keyStoreAliases.size());
for (String alias : keyStoreAliases) {
if (trustStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
Certificate certificate = trustStore.getCertificate(alias);
if (!(certificate instanceof X509Certificate)) {
log.debug("Skipping non-X509Certificate in KeyStore. Certificate type: {}", certificate.getType());
continue;
}
trustedCertificates.add((X509Certificate) certificate);
}
}
return trustedCertificates;
} catch (KeyStoreException e) {
throw new KeyStoreAccessException("Error occurred while retrieving trusted CAs from KeyStore", e);
}
}
Example 3
| Source Project: qpid-broker-j File: QpidBestFitX509KeyManager.java License: Apache License 2.0 | 6 votes |
|
public QpidBestFitX509KeyManager(String defaultAlias,
URL keyStoreUrl, String keyStoreType,
String keyStorePassword, String keyManagerFactoryAlgorithmName) throws GeneralSecurityException, IOException
{
KeyStore ks = SSLUtil.getInitializedKeyStore(keyStoreUrl,keyStorePassword,keyStoreType);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(keyManagerFactoryAlgorithmName);
kmf.init(ks, keyStorePassword.toCharArray());
List<String> aliases = new ArrayList<>();
for(String alias : Collections.list(ks.aliases()))
{
if(ks.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class))
{
aliases.add(alias);
}
}
_aliases = Collections.unmodifiableList(aliases);
_delegate = (X509ExtendedKeyManager)kmf.getKeyManagers()[0];
_defaultAlias = defaultAlias;
}
Example 4
| Source Project: Dream-Catcher File: TrustUtil.java License: MIT License | 6 votes |
|
/**
* Extracts the {@link KeyStore.TrustedCertificateEntry}s from the specified KeyStore. All other entry
* types, including private keys, will be ignored.
*
* @param trustStore keystore containing trusted certificate entries
* @return the trusted certificate entries in the specified keystore
*/
public static List<X509Certificate> extractTrustedCertificateEntries(KeyStore trustStore) {
try {
Enumeration<String> aliases = trustStore.aliases();
List<String> keyStoreAliases = Collections.list(aliases);
List<X509Certificate> trustedCertificates = new ArrayList<>(keyStoreAliases.size());
for (String alias : keyStoreAliases) {
if (trustStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
Certificate certificate = trustStore.getCertificate(alias);
if (!(certificate instanceof X509Certificate)) {
log.debug("Skipping non-X509Certificate in KeyStore. Certificate type: {}", certificate.getType());
continue;
}
trustedCertificates.add((X509Certificate) certificate);
}
}
return trustedCertificates;
} catch (KeyStoreException e) {
throw new KeyStoreAccessException("Error occurred while retrieving trusted CAs from KeyStore", e);
}
}
Example 5
| Source Project: AndroidHttpCapture File: TrustUtil.java License: MIT License | 6 votes |
|
/**
* Extracts the {@link java.security.KeyStore.TrustedCertificateEntry}s from the specified KeyStore. All other entry
* types, including private keys, will be ignored.
*
* @param trustStore keystore containing trusted certificate entries
* @return the trusted certificate entries in the specified keystore
*/
public static List<X509Certificate> extractTrustedCertificateEntries(KeyStore trustStore) {
try {
Enumeration<String> aliases = trustStore.aliases();
List<String> keyStoreAliases = Collections.list(aliases);
List<X509Certificate> trustedCertificates = new ArrayList<>(keyStoreAliases.size());
for (String alias : keyStoreAliases) {
if (trustStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
Certificate certificate = trustStore.getCertificate(alias);
if (!(certificate instanceof X509Certificate)) {
log.debug("Skipping non-X509Certificate in KeyStore. Certificate type: {}", certificate.getType());
continue;
}
trustedCertificates.add((X509Certificate) certificate);
}
}
return trustedCertificates;
} catch (KeyStoreException e) {
throw new KeyStoreAccessException("Error occurred while retrieving trusted CAs from KeyStore", e);
}
}
Example 6
| Source Project: fido2 File: Main.java License: GNU Lesser General Public License v2.1 | 5 votes |
|
private static void listaccesskeys(String keystorelocation, String password) throws Exception {
KeyStore keystore = KeyStore.getInstance("BCFKS", BC_FIPS_PROVIDER);
keystore.load(new FileInputStream(keystorelocation), password.toCharArray());
java.util.SortedSet<String> hsmobj = new java.util.TreeSet<>();
for (Enumeration<String> e = keystore.aliases(); e.hasMoreElements();) {
hsmobj.add(e.nextElement());
}
System.out.println("===> Objects in keystore:");
for (String s : hsmobj) {
if (keystore.entryInstanceOf(s, SecretKeyEntry.class)) {
System.out.println(String.format("%-24s %-20s %-48s", s, "SecretKey", "created on " + keystore.getCreationDate(s)));
}
}
}
Example 7
| Source Project: mollyim-android File: KeyStoreHelper.java License: GNU General Public License v3.0 | 5 votes |
|
@RequiresApi(Build.VERSION_CODES.M)
private static boolean hasKeyStoreEntry() {
try {
KeyStore ks = KeyStore.getInstance(ANDROID_KEY_STORE);
ks.load(null);
return ks.containsAlias(KEY_ALIAS) && ks.entryInstanceOf(KEY_ALIAS, KeyStore.SecretKeyEntry.class);
} catch (KeyStoreException | IOException | NoSuchAlgorithmException | CertificateException e) {
throw new AssertionError(e);
}
}
Example 8
| Source Project: cassandana File: DefaultCassandanaSslContextCreator.java License: Apache License 2.0 | 5 votes |
|
/**
* The OpenSSL provider does not support the {@link KeyManagerFactory}, so we have to lookup the integration
* certificate and key in order to provide it to OpenSSL.
* <p>
* TODO: SNI is currently not supported, we use only the first found private key.
*/
private static SslContextBuilder builderWithOpenSSLProvider(KeyStore ks, String keyPassword)
throws GeneralSecurityException {
for (String alias : Collections.list(ks.aliases())) {
if (ks.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) {
PrivateKey key = (PrivateKey) ks.getKey(alias, keyPassword.toCharArray());
Certificate[] chain = ks.getCertificateChain(alias);
X509Certificate[] certChain = new X509Certificate[chain.length];
System.arraycopy(chain, 0, certChain, 0, chain.length);
return SslContextBuilder.forServer(key, certChain);
}
}
throw new KeyManagementException("the SSL key-store does not contain a private key");
}
Example 9
| Source Project: wildfly-core File: ModifiableKeyStoreDecorator.java License: GNU Lesser General Public License v2.1 | 5 votes |
|
private String getEntryType(KeyStore keyStore, String alias) throws KeyStoreException {
if (keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) {
return KeyStore.PrivateKeyEntry.class.getSimpleName();
} else if (keyStore.entryInstanceOf(alias, KeyStore.SecretKeyEntry.class)) {
return KeyStore.SecretKeyEntry.class.getSimpleName();
} else if (keyStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
return KeyStore.TrustedCertificateEntry.class.getSimpleName();
} else if (keyStore.entryInstanceOf(alias, PasswordEntry.class)) {
return PasswordEntry.class.getSimpleName();
} else {
return "Other";
}
}
Example 10
| Source Project: rice File: JavaSecurityManagementServiceImpl.java License: Educational Community License v2.0 | 5 votes |
|
public void removeClientCertificate(String alias) throws KeyStoreException {
KeyStore moduleKeyStore = getModuleKeyStore();
if (!moduleKeyStore.entryInstanceOf(alias, KeyStore.TrustedCertificateEntry.class)) {
throw new RuntimeException("Only entries of type " + KeyStoreEntryDataContainer.DISPLAYABLE_ENTRY_TYPES.get(KeyStore.TrustedCertificateEntry.class) + " can be removed");
}
getModuleKeyStore().deleteEntry(alias);
}
