Java Code Examples for java.security.KeyStore#isKeyEntry()

The following examples show how to use java.security.KeyStore#isKeyEntry() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: MSKeyStoreLoader.java    From signer with GNU Lesser General Public License v3.0 6 votes vote down vote up
private boolean verifyKeyEntry(KeyStore ks) {

	boolean isKeyEntry = false;
	String alias = "";
	Enumeration<String> e;
	try {
		e = ks.aliases();
		while (e.hasMoreElements()) {
			alias = e.nextElement();
			if(ks.isKeyEntry(alias)) {
				isKeyEntry = true;
			}
			
		}

	} catch (Exception ex) {
		ex.printStackTrace();
	}
	return isKeyEntry;
}
 
Example 2
Source File: P12Actions.java    From xipki with Apache License 2.0 6 votes vote down vote up
@Override
protected Object execute0() throws Exception {
  KeyStore ks = getKeyStore();

  String keyname = null;
  Enumeration<String> aliases = ks.aliases();
  while (aliases.hasMoreElements()) {
    String alias = aliases.nextElement();
    if (ks.isKeyEntry(alias)) {
      keyname = alias;
      break;
    }
  }

  if (keyname == null) {
    throw new CmdFailure("could not find private key");
  }

  X509Certificate cert = (X509Certificate) ks.getCertificate(keyname);
  saveVerbose("saved certificate to file", outFile, encodeCert(cert.getEncoded(), outform));

  return null;
}
 
Example 3
Source File: AzureKeyVaultClientAuthenticator.java    From ranger with Apache License 2.0 5 votes vote down vote up
private KeyCert readPfx(String path, String password) throws NoSuchProviderException, KeyStoreException,
		IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
	try (FileInputStream stream = new FileInputStream(path)) {
		KeyCert keyCert = new KeyCert();
		boolean isAliasWithPrivateKey = false;
		final KeyStore store = KeyStore.getInstance("pkcs12", "SunJSSE");
		store.load((InputStream) stream, password.toCharArray());

		// Iterate over all aliases to find the private key
		Enumeration<String> aliases = store.aliases();
		String alias = "";
		while (aliases.hasMoreElements()) {
			alias = aliases.nextElement();
			// Break if alias refers to a private key because we want to use that
			// certificate
			if (isAliasWithPrivateKey = store.isKeyEntry(alias)) {
				break;
			}
		}
		if (isAliasWithPrivateKey) {
			// Retrieves the certificate from the Java keystore
			X509Certificate certificate = (X509Certificate) store.getCertificate(alias);
			PrivateKey key = (PrivateKey) store.getKey(alias, password.toCharArray());
			keyCert.setCertificate(certificate);
			keyCert.setKey(key);
		}
		return keyCert;
	}
}
 
Example 4
Source File: FPortecle.java    From portecle with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Get the keystore entry's head certificate.
 *
 * @param sEntryAlias Entry alias
 * @return The keystore entry's head certificate
 * @throws CryptoException Problem getting head certificate
 */
private X509Certificate getHeadCert(String sEntryAlias)
    throws CryptoException
{
	try
	{
		// Get keystore
		KeyStore keyStore = m_keyStoreWrap.getKeyStore();

		// Get the entry's head certificate
		X509Certificate cert;
		if (keyStore.isKeyEntry(sEntryAlias))
		{
			cert = X509CertUtil.orderX509CertChain(
			    X509CertUtil.convertCertificates(keyStore.getCertificateChain(sEntryAlias)))[0];
		}
		else
		{
			cert = X509CertUtil.convertCertificate(keyStore.getCertificate(sEntryAlias));
		}

		return cert;
	}
	catch (KeyStoreException ex)
	{
		String sMessage = MessageFormat.format(RB.getString("FPortecle.NoAccessEntry.message"), sEntryAlias);
		throw new CryptoException(sMessage, ex);
	}
}
 
Example 5
Source File: JSSESocketFactory.java    From Tomcat7.0.67 with Apache License 2.0 5 votes vote down vote up
/**
 * Gets the initialized key managers.
 */
protected KeyManager[] getKeyManagers(String keystoreType,
                                      String keystoreProvider,
                                      String algorithm,
                                      String keyAlias)
            throws Exception {

    KeyManager[] kms = null;

    String keystorePass = getKeystorePassword();

    KeyStore ks = getKeystore(keystoreType, keystoreProvider, keystorePass);
    if (keyAlias != null && !ks.isKeyEntry(keyAlias)) {
        throw new IOException(
                sm.getString("jsse.alias_no_key_entry", keyAlias));
    }

    KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
    String keyPass = endpoint.getKeyPass();
    if (keyPass == null) {
        keyPass = keystorePass;
    }
    kmf.init(ks, keyPass.toCharArray());

    kms = kmf.getKeyManagers();
    if (keyAlias != null) {
        String alias = keyAlias;
        if (JSSESocketFactory.defaultKeystoreType.equals(keystoreType)) {
            alias = alias.toLowerCase(Locale.ENGLISH);
        }
        for(int i=0; i<kms.length; i++) {
            kms[i] = new JSSEKeyManager((X509KeyManager)kms[i], alias);
        }
    }

    return kms;
}
 
Example 6
Source File: ConvertP12Test.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
private void run(KeyStore inputKeyStore, KeyStore outputKeyStore,
        String inKeyPass, String outKeyPass) throws Exception {
    Enumeration<String> e = inputKeyStore.aliases();
    String alias;
    while (e.hasMoreElements()) {
        alias = e.nextElement();
        Certificate[] certs = inputKeyStore.getCertificateChain(alias);

        boolean isCertEntry = inputKeyStore.isCertificateEntry(alias);
        // Test KeyStore only contain key pair entries.
        if (isCertEntry == true) {
            throw new RuntimeException(
                    "inputKeystore should not be certEntry because test"
                            + " keystore only contain key pair entries"
                            + " for alias:" + alias);
        }

        boolean isKeyEntry = inputKeyStore.isKeyEntry(alias);
        Key key = null;
        if (isKeyEntry) {
            key = inputKeyStore.getKey(alias, inKeyPass.toCharArray());
        } else {
            throw new RuntimeException("Entry type unknown for alias:"
                    + alias);
        }
        outputKeyStore.setKeyEntry(alias, key, outKeyPass.toCharArray(),
                certs);
    }
}
 
Example 7
Source File: SSLContextManager.java    From PADListener with GNU General Public License v2.0 5 votes vote down vote up
private String[] getAliases(KeyStore ks) {
    List aliases = new ArrayList();
    try {
        Enumeration en = ks.aliases();
        while (en.hasMoreElements()) {
            String alias = (String) en.nextElement();
            if (ks.isKeyEntry(alias))
                aliases.add(alias);
        }
    } catch (KeyStoreException kse) {
        kse.printStackTrace();
    }
    return (String[]) aliases.toArray(new String[0]);
}
 
Example 8
Source File: RSAUtil.java    From littleca with Apache License 2.0 5 votes vote down vote up
public static RSAPublicKey getPublicKey(KeyStore keyStore) throws Exception {
    String key_aliases = null;
    Enumeration<String> enumeration = keyStore.aliases();
    key_aliases = enumeration.nextElement();
    if (keyStore.isKeyEntry(key_aliases)) {
        RSAPublicKey publicKey = (RSAPublicKey) keyStore.getCertificate(key_aliases).getPublicKey();
        return publicKey;
    }
    return null;
}
 
Example 9
Source File: ApkSignerUtil.java    From mollyim-android with GNU General Public License v3.0 5 votes vote down vote up
private ApkSigner.SignerConfig loadKeyStore(String keyStoreType, String keyStorePassword) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException {
  KeyStore keyStoreEntity = KeyStore.getInstance(keyStoreType == null ? KeyStore.getDefaultType() : keyStoreType);
  char[]   password       = getPassword(keyStorePassword);
  keyStoreEntity.load(null, password);

  Enumeration<String> aliases  = keyStoreEntity.aliases();
  String              keyAlias = null;

  while (aliases != null && aliases.hasMoreElements()) {
    String alias = aliases.nextElement();
    if (keyStoreEntity.isKeyEntry(alias)) {
      keyAlias = alias;
      break;
    }
  }

  if (keyAlias == null) {
    throw new IllegalArgumentException("Keystore has no key entries!");
  }

  PrivateKey    privateKey   = (PrivateKey) keyStoreEntity.getKey(keyAlias, password);
  Certificate[] certificates = keyStoreEntity.getCertificateChain(keyAlias);

  if (certificates == null || certificates.length == 0) {
    throw new IllegalArgumentException("Unable to load certificates!");
  }

  List<X509Certificate> results = new LinkedList<>();

  for (Certificate certificate : certificates) {
    results.add((X509Certificate)certificate);
  }


  return new ApkSigner.SignerConfig.Builder("Signal Signer", privateKey, results).build();
}
 
Example 10
Source File: KeyManagerUtils.java    From Aria with Apache License 2.0 5 votes vote down vote up
private static String findAlias(KeyStore ks) throws KeyStoreException {
  Enumeration<String> e = ks.aliases();
  while (e.hasMoreElements()) {
    String entry = e.nextElement();
    if (ks.isKeyEntry(entry)) {
      return entry;
    }
  }
  throw new KeyStoreException("Cannot find a private key entry");
}
 
Example 11
Source File: ConvertP12Test.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 5 votes vote down vote up
private void run(KeyStore inputKeyStore, KeyStore outputKeyStore,
        String inKeyPass, String outKeyPass) throws Exception {
    Enumeration<String> e = inputKeyStore.aliases();
    String alias;
    while (e.hasMoreElements()) {
        alias = e.nextElement();
        Certificate[] certs = inputKeyStore.getCertificateChain(alias);

        boolean isCertEntry = inputKeyStore.isCertificateEntry(alias);
        // Test KeyStore only contain key pair entries.
        if (isCertEntry == true) {
            throw new RuntimeException(
                    "inputKeystore should not be certEntry because test"
                            + " keystore only contain key pair entries"
                            + " for alias:" + alias);
        }

        boolean isKeyEntry = inputKeyStore.isKeyEntry(alias);
        Key key = null;
        if (isKeyEntry) {
            key = inputKeyStore.getKey(alias, inKeyPass.toCharArray());
        } else {
            throw new RuntimeException("Entry type unknown for alias:"
                    + alias);
        }
        outputKeyStore.setKeyEntry(alias, key, outKeyPass.toCharArray(),
                certs);
    }
}
 
Example 12
Source File: ConvertP12Test.java    From dragonwell8_jdk with GNU General Public License v2.0 5 votes vote down vote up
private void run(KeyStore inputKeyStore, KeyStore outputKeyStore,
        String inKeyPass, String outKeyPass) throws Exception {
    Enumeration<String> e = inputKeyStore.aliases();
    String alias;
    while (e.hasMoreElements()) {
        alias = e.nextElement();
        Certificate[] certs = inputKeyStore.getCertificateChain(alias);

        boolean isCertEntry = inputKeyStore.isCertificateEntry(alias);
        // Test KeyStore only contain key pair entries.
        if (isCertEntry == true) {
            throw new RuntimeException(
                    "inputKeystore should not be certEntry because test"
                            + " keystore only contain key pair entries"
                            + " for alias:" + alias);
        }

        boolean isKeyEntry = inputKeyStore.isKeyEntry(alias);
        Key key = null;
        if (isKeyEntry) {
            key = inputKeyStore.getKey(alias, inKeyPass.toCharArray());
        } else {
            throw new RuntimeException("Entry type unknown for alias:"
                    + alias);
        }
        outputKeyStore.setKeyEntry(alias, key, outKeyPass.toCharArray(),
                certs);
    }
}
 
Example 13
Source File: FileKeystore.java    From wildfly-core with GNU Lesser General Public License v2.1 5 votes vote down vote up
private void assertContainsKey(final KeyStore keyStore) throws StartException, KeyStoreException {
    Enumeration<String> aliases = keyStore.aliases();
    while (aliases.hasMoreElements()) {
        if (keyStore.isKeyEntry(aliases.nextElement())) {
            return;
        }
    }

    throw DomainManagementLogger.ROOT_LOGGER.noKey(path);
}
 
Example 14
Source File: ClientKey.java    From eet-client with MIT License 5 votes vote down vote up
/**
  * Create new ClientKey instance based on data provided in the stream together with the password
  * @deprecated use
  * @param inputStream expects a stream to the pk12 keystore with one pair of key/cert. Will be closed automatically
  */
 public ClientKey(final InputStream inputStream, final String password) throws InvalidKeystoreException {

     if(inputStream == null) {
         throw new InvalidKeystoreException("Input stream of ClientKey cannot be NULL");
     }

     JavaCryptographyExtension.validateInstallation();

     this.password = password;
     String tempAlias = null;
     final KeyStore keystore = getKeyStore(inputStream, password);
     final Enumeration<String> aliases = getAliases(keystore);
     while (aliases.hasMoreElements()) {
         final String alias = aliases.nextElement();
         try {
	if (keystore.isKeyEntry(alias)) {
		tempAlias = alias;
                 String certificateInfo = CertificateUtils.getCertificateInfo(keystore, alias);
                 logger.info(certificateInfo);
                 CertExpirationChecker.of(keystore, alias)
                         .whenExpiresIn(30, TimeUnit.DAYS)
                         .printWarningTo(logger);
             }
} catch (final KeyStoreException e) {
	logger.error(String.format("cannot check isKeyEntry(%s) - %s : %s", alias, e.getClass().getName(), e.getMessage()));
}
     }
     if (tempAlias == null) {
         throw new InvalidKeystoreException("Keystore doesn't contain any keys!");
     }
     this.alias = tempAlias;
     this.keyStore = keystore;
     this.clientPasswordCallback = new ClientPasswordCallback(alias, password);
 }
 
Example 15
Source File: SunX509KeyManagerImpl.java    From Bytecoder with Apache License 2.0 5 votes vote down vote up
SunX509KeyManagerImpl(KeyStore ks, char[] password)
        throws KeyStoreException,
        NoSuchAlgorithmException, UnrecoverableKeyException {

    credentialsMap = new HashMap<String,X509Credentials>();
    serverAliasCache = Collections.synchronizedMap(
                        new HashMap<String,String[]>());
    if (ks == null) {
        return;
    }

    for (Enumeration<String> aliases = ks.aliases();
                                    aliases.hasMoreElements(); ) {
        String alias = aliases.nextElement();
        if (!ks.isKeyEntry(alias)) {
            continue;
        }
        Key key = ks.getKey(alias, password);
        if (key instanceof PrivateKey == false) {
            continue;
        }
        Certificate[] certs = ks.getCertificateChain(alias);
        if ((certs == null) || (certs.length == 0) ||
                !(certs[0] instanceof X509Certificate)) {
            continue;
        }
        if (!(certs instanceof X509Certificate[])) {
            Certificate[] tmp = new X509Certificate[certs.length];
            System.arraycopy(certs, 0, tmp, 0, certs.length);
            certs = tmp;
        }

        X509Credentials cred = new X509Credentials((PrivateKey)key,
            (X509Certificate[])certs);
        credentialsMap.put(alias, cred);
        if (SSLLogger.isOn && SSLLogger.isOn("keymanager")) {
            SSLLogger.fine("found key for : " + alias, (Object[])certs);
        }
    }
}
 
Example 16
Source File: ReadP12Test.java    From jdk8u-jdk with GNU General Public License v2.0 4 votes vote down vote up
private void readTest(String inKeyStore) throws Exception {

        KeyStore inputKeyStore;

        // Initialize KeyStore
        String dir = System.getProperty("test.src", ".");
        String keystorePath = dir + File.separator + "certs" + File.separator
                + "readP12";
        inputKeyStore = KeyStore
                .getInstance(IN_KETYSTORE_TYPE, IN_KEYSTORE_PRV);
        // KeyStore have encoded by Base64.getMimeEncoder().encode(),need decode
        // first.
        byte[] input = Files.readAllBytes(Paths.get(keystorePath, inKeyStore));
        ByteArrayInputStream arrayIn = new ByteArrayInputStream(Base64
                .getMimeDecoder().decode(input));
        inputKeyStore.load(arrayIn, IN_STORE_PASS.toCharArray());
        out.println("Initialize KeyStore : " + inKeyStore + " success");

        out.println("getProvider : " + inputKeyStore.getProvider());
        out.println("getType : " + inputKeyStore.getType());
        out.println("getDefaultType : " + KeyStore.getDefaultType());

        int idx = 0;
        Enumeration<String> e = inputKeyStore.aliases();
        String alias;
        while (e.hasMoreElements()) {
            alias = e.nextElement();
            out.println("Alias " + idx + " : " + alias);
            if (inputKeyStore.containsAlias(alias) == false) {
                throw new RuntimeException("Alias not found");
            }

            out.println("getCreationDate : "
                    + inputKeyStore.getCreationDate(alias));

            X509Certificate cert = (X509Certificate) inputKeyStore
                    .getCertificate(alias);
            out.println("getCertificate : " + cert.getSubjectDN());
            String retAlias = inputKeyStore.getCertificateAlias(cert);
            if (!retAlias.equals(alias)) {
                throw new RuntimeException("Alias mismatch");
            }
            out.println("getCertificateAlias : " + retAlias);

            Certificate[] certs = inputKeyStore.getCertificateChain(alias);
            for (int i = 0; i < certs.length; i++) {
                out.println("getCertificateChain " + i + " : "
                        + ((X509Certificate) certs[i]).getSubjectDN());
            }

            boolean isCertEntry = inputKeyStore.isCertificateEntry(alias);
            // test KeyStore only contain key pair entries.
            if (isCertEntry == true) {
                throw new RuntimeException(
                        "inputKeystore should not be certEntry because test keystore only contain key pair entries.");
            }

            boolean isKeyEntry = inputKeyStore.isKeyEntry(alias);
            if (isKeyEntry) {
                Key key = inputKeyStore.getKey(alias,
                        IN_STORE_PASS.toCharArray());
                out.println("Key : " + key.toString());
            } else {
                throw new RuntimeException("Entry type unknown\n");
            }
            idx++;
        }

        int size = inputKeyStore.size();
        if (idx != size) {
            throw new RuntimeException("Size not match");
        }

    }
 
Example 17
Source File: KeypairWithCert.java    From xipki with Apache License 2.0 4 votes vote down vote up
public static KeypairWithCert fromKeystore(KeyStore keystore,
    String keyname, char[] keyPassword, X509Cert[] certchain)
        throws XiSecurityException {
  Args.notNull(keyPassword, "keyPassword");

  try {

    String tmpKeyname = keyname;
    if (tmpKeyname == null) {
      Enumeration<String> aliases = keystore.aliases();
      while (aliases.hasMoreElements()) {
        String alias = aliases.nextElement();
        if (keystore.isKeyEntry(alias)) {
          tmpKeyname = alias;
          break;
        }
      }
    } else {
      if (!keystore.isKeyEntry(tmpKeyname)) {
        throw new XiSecurityException("unknown key named " + tmpKeyname);
      }
    }

    PrivateKey key = (PrivateKey) keystore.getKey(tmpKeyname, keyPassword);

    if (!(key instanceof RSAPrivateKey || key instanceof DSAPrivateKey
        || key instanceof ECPrivateKey
        || key instanceof EdDSAKey || key instanceof XDHKey)) {
      throw new XiSecurityException("unsupported key " + key.getClass().getName());
    }

    Set<X509Cert> caCerts = new HashSet<>();

    X509Cert cert;
    if (certchain != null && certchain.length > 0) {
      cert = certchain[0];
      final int n = certchain.length;
      if (n > 1) {
        for (int i = 1; i < n; i++) {
          caCerts.add(certchain[i]);
        }
      }
    } else {
      cert = new X509Cert((X509Certificate) keystore.getCertificate(tmpKeyname));
    }

    Certificate[] certsInKeystore = keystore.getCertificateChain(tmpKeyname);
    if (certsInKeystore.length > 1) {
      for (int i = 1; i < certsInKeystore.length; i++) {
        caCerts.add(new X509Cert((X509Certificate) certsInKeystore[i]));
      }
    }

    X509Cert[] certificateChain = X509Util.buildCertPath(cert, caCerts);

    return new KeypairWithCert(key, certificateChain);
  } catch (KeyStoreException | NoSuchAlgorithmException
      | UnrecoverableKeyException | ClassCastException | CertPathBuilderException ex) {
    throw new XiSecurityException(ex.getMessage(), ex);
  }
}
 
Example 18
Source File: TestKeyStoreEntry.java    From dragonwell8_jdk with GNU General Public License v2.0 4 votes vote down vote up
public void runTest(Provider p) throws Exception {
    try (FileOutputStream fos = new FileOutputStream("jceks");
            FileInputStream fis = new FileInputStream("jceks");) {

        KeyStore ks = KeyStore.getInstance("jceks", p);
        // create an empty key store
        ks.load(null, null);

        // store the secret keys
        String aliasHead = new String("secretKey");
        for (int j = 0; j < NUM_ALGOS; j++) {
            ks.setKeyEntry(aliasHead + j, sks[j], PASSWDK, null);
        }

        // write the key store out to a file
        ks.store(fos, PASSWDF);
        // wipe clean the existing key store
        for (int k = 0; k < NUM_ALGOS; k++) {
            ks.deleteEntry(aliasHead + k);
        }
        if (ks.size() != 0) {
            throw new RuntimeException("ERROR: re-initialization failed");
        }

        // reload the key store with the file
        ks.load(fis, PASSWDF);

        // check the integrity/validaty of the key store
        Key temp = null;
        String alias = null;
        if (ks.size() != NUM_ALGOS) {
            throw new RuntimeException("ERROR: wrong number of key"
                    + " entries");
        }

        for (int m = 0; m < ks.size(); m++) {
            alias = aliasHead + m;
            temp = ks.getKey(alias, PASSWDK);
            // compare the keys
            if (!temp.equals(sks[m])) {
                throw new RuntimeException("ERROR: key comparison (" + m
                        + ") failed");
            }
            // check the type of key
            if (ks.isCertificateEntry(alias) || !ks.isKeyEntry(alias)) {
                throw new RuntimeException("ERROR: type identification ("
                        + m + ") failed");
            }
        }
    }
}
 
Example 19
Source File: SslUtils.java    From ats-framework with Apache License 2.0 4 votes vote down vote up
private static void createKeyStoreFromPemKey(
                                              String clientCert,
                                              String clientPass,
                                              KeyStore store ) throws Exception {

    try {
        // Load CA Chain file
        // CertificateFactory cf = CertificateFactory.getInstance("X.509");
        // X509Certificate cert = (X509Certificate) cf.generateCertificate(new FileInputStream(caCert));
        store.load(null);

        // Load client's public and private keys from PKCS12 certificate
        KeyStore inputKeyStore = KeyStore.getInstance("PKCS12");
        FileInputStream fis = new FileInputStream(clientCert);
        char[] nPassword = null;
        if ( (clientPass == null) || "".equals(clientPass.trim())) {
            nPassword = null;
        } else {
            nPassword = clientPass.toCharArray();
        }
        inputKeyStore.load(fis, nPassword);
        fis.close();
        store.load(null, ( (clientPass != null)
                                                ? clientPass.toCharArray()
                                                : null));
        Enumeration<String> en = inputKeyStore.aliases();
        while (en.hasMoreElements()) { // we are reading just one certificate.
            String keyAlias = en.nextElement();
            if (inputKeyStore.isKeyEntry(keyAlias)) {
                Key key = inputKeyStore.getKey(keyAlias, nPassword);
                Certificate[] certChain = inputKeyStore.getCertificateChain(keyAlias);
                store.setKeyEntry("outkey",
                                  key,
                                  ( (clientPass != null)
                                                         ? clientPass.toCharArray()
                                                         : null),
                                  certChain);
            }
        }

    } catch (Exception e) {
        throw new RuntimeException("Error creating keystore from Pem key", e);
    }
}
 
Example 20
Source File: KeyStoreUtil.java    From keystore-explorer with GNU General Public License v3.0 2 votes vote down vote up
/**
 * Is the named entry in the KeyStore a key pair entry?
 *
 * @param alias
 *            Alias
 * @param keyStore
 *            KeyStore
 * @return True if it is, false otherwise
 * @throws KeyStoreException
 *             If there was a problem accessing the KeyStore.
 */
public static boolean isKeyPairEntry(String alias, KeyStore keyStore) throws KeyStoreException {
	return keyStore.isKeyEntry(alias)
			&& keyStore.getCertificateChain(alias) != null && keyStore.getCertificateChain(alias).length != 0;
}