Java Code Examples for java.security.KeyStore#setEntry()

The following examples show how to use java.security.KeyStore#setEntry() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: MetadataStoreLoadTest.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
private void storeAttrs() throws UnrecoverableEntryException,
        GeneralSecurityException, NoSuchAlgorithmException,
        KeyStoreException, IOException {
    KeyStore ksIn = Utils.loadKeyStore(KEYSTORE_PATH,
            Utils.KeyStoreType.pkcs12, PASSWORD);
    KeyStore ksAttr = KeyStore
            .getInstance(Utils.KeyStoreType.pkcs12.name());
    ksAttr.load(null);
    Key key = ksIn.getKey(ALIAS, PASSWORD);
    Certificate cert = ksIn.getCertificate(ALIAS);
    Set<KeyStore.Entry.Attribute> attrs =
            new HashSet<>(Arrays.asList(ATTR_SET));
    KeyStore.Entry e = new KeyStore.PrivateKeyEntry((PrivateKey) key,
            new Certificate[]{cert}, attrs);
    ksAttr.setEntry(ALIAS, e, new KeyStore.PasswordProtection(
            KEY_PASSWORD));

    out.println("Attributes before store:");
    e.getAttributes().stream().forEach((attr) -> {
        out.println(attr.getName() + ", '" + attr.getValue() + "'");
    });
    Utils.saveKeyStore(ksAttr, WORKING_DIRECTORY + File.separator
            + KESTORE_NEW, PASSWORD);
}
 
Example 2
Source File: MetadataStoreLoadTest.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
private void storeAttrs() throws UnrecoverableEntryException,
        GeneralSecurityException, NoSuchAlgorithmException,
        KeyStoreException, IOException {
    KeyStore ksIn = Utils.loadKeyStore(KEYSTORE_PATH,
            Utils.KeyStoreType.pkcs12, PASSWORD);
    KeyStore ksAttr = KeyStore
            .getInstance(Utils.KeyStoreType.pkcs12.name());
    ksAttr.load(null);
    Key key = ksIn.getKey(ALIAS, PASSWORD);
    Certificate cert = ksIn.getCertificate(ALIAS);
    Set<KeyStore.Entry.Attribute> attrs =
            new HashSet<>(Arrays.asList(ATTR_SET));
    KeyStore.Entry e = new KeyStore.PrivateKeyEntry((PrivateKey) key,
            new Certificate[]{cert}, attrs);
    ksAttr.setEntry(ALIAS, e, new KeyStore.PasswordProtection(
            KEY_PASSWORD));

    out.println("Attributes before store:");
    e.getAttributes().stream().forEach((attr) -> {
        out.println(attr.getName() + ", '" + attr.getValue() + "'");
    });
    Utils.saveKeyStore(ksAttr, WORKING_DIRECTORY + File.separator
            + KESTORE_NEW, PASSWORD);
}
 
Example 3
Source File: MetadataStoreLoadTest.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
private void storeAttrs() throws UnrecoverableEntryException,
        GeneralSecurityException, NoSuchAlgorithmException,
        KeyStoreException, IOException {
    KeyStore ksIn = Utils.loadKeyStore(KEYSTORE_PATH,
            Utils.KeyStoreType.pkcs12, PASSWORD);
    KeyStore ksAttr = KeyStore
            .getInstance(Utils.KeyStoreType.pkcs12.name());
    ksAttr.load(null);
    Key key = ksIn.getKey(ALIAS, PASSWORD);
    Certificate cert = ksIn.getCertificate(ALIAS);
    Set<KeyStore.Entry.Attribute> attrs =
            new HashSet<>(Arrays.asList(ATTR_SET));
    KeyStore.Entry e = new KeyStore.PrivateKeyEntry((PrivateKey) key,
            new Certificate[]{cert}, attrs);
    ksAttr.setEntry(ALIAS, e, new KeyStore.PasswordProtection(
            KEY_PASSWORD));

    out.println("Attributes before store:");
    e.getAttributes().stream().forEach((attr) -> {
        out.println(attr.getName() + ", '" + attr.getValue() + "'");
    });
    Utils.saveKeyStore(ksAttr, WORKING_DIRECTORY + File.separator
            + KESTORE_NEW, PASSWORD);
}
 
Example 4
Source File: MetadataStoreLoadTest.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
private void storeAttrs() throws UnrecoverableEntryException,
        GeneralSecurityException, NoSuchAlgorithmException,
        KeyStoreException, IOException {
    KeyStore ksIn = Utils.loadKeyStore(KEYSTORE_PATH,
            Utils.KeyStoreType.pkcs12, PASSWORD);
    KeyStore ksAttr = KeyStore
            .getInstance(Utils.KeyStoreType.pkcs12.name());
    ksAttr.load(null);
    Key key = ksIn.getKey(ALIAS, PASSWORD);
    Certificate cert = ksIn.getCertificate(ALIAS);
    Set<KeyStore.Entry.Attribute> attrs =
            new HashSet<>(Arrays.asList(ATTR_SET));
    KeyStore.Entry e = new KeyStore.PrivateKeyEntry((PrivateKey) key,
            new Certificate[]{cert}, attrs);
    ksAttr.setEntry(ALIAS, e, new KeyStore.PasswordProtection(
            KEY_PASSWORD));

    out.println("Attributes before store:");
    e.getAttributes().stream().forEach((attr) -> {
        out.println(attr.getName() + ", '" + attr.getValue() + "'");
    });
    Utils.saveKeyStore(ksAttr, WORKING_DIRECTORY + File.separator
            + KESTORE_NEW, PASSWORD);
}
 
Example 5
Source File: P12SecretKey.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
private void run(String keystoreType) throws Exception {
    char[] pw = "password".toCharArray();
    KeyStore ks = KeyStore.getInstance(keystoreType);
    ks.load(null, pw);

    KeyGenerator kg = KeyGenerator.getInstance("AES");
    kg.init(128);
    SecretKey key = kg.generateKey();

    KeyStore.SecretKeyEntry ske = new KeyStore.SecretKeyEntry(key);
    KeyStore.ProtectionParameter kspp = new KeyStore.PasswordProtection(pw);
    ks.setEntry(ALIAS, ske, kspp);

    File ksFile = File.createTempFile("test", ".test");
    try (FileOutputStream fos = new FileOutputStream(ksFile)) {
        ks.store(fos, pw);
        fos.flush();
    }

    // now see if we can get it back
    try (FileInputStream fis = new FileInputStream(ksFile)) {
        KeyStore ks2 = KeyStore.getInstance(keystoreType);
        ks2.load(fis, pw);
        KeyStore.Entry entry = ks2.getEntry(ALIAS, kspp);
        SecretKey keyIn = ((KeyStore.SecretKeyEntry)entry).getSecretKey();
        if (Arrays.equals(key.getEncoded(), keyIn.getEncoded())) {
            System.err.println("OK: worked just fine with " + keystoreType +
                               " keystore");
        } else {
            System.err.println("ERROR: keys are NOT equal after storing in "
                               + keystoreType + " keystore");
        }
    }
}
 
Example 6
Source File: JavaSecurityManagementServiceImpl.java    From rice with Educational Community License v2.0 5 votes vote down vote up
protected KeyStore generateKeyStore(Certificate cert, PrivateKey privateKey, String alias, String keyStorePassword) throws GeneralSecurityException, IOException {
    KeyStore ks = KeyStore.getInstance(getModuleKeyStoreType());
    ks.load(null, keyStorePassword.toCharArray());
    // set client private key on keyStore file
    ks.setEntry(alias, new KeyStore.PrivateKeyEntry(privateKey, new Certificate[]{cert}), new KeyStore.PasswordProtection(keyStorePassword.toCharArray()));
    return ks;
}
 
Example 7
Source File: P12SecretKey.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
private void run(String keystoreType) throws Exception {
    char[] pw = "password".toCharArray();
    KeyStore ks = KeyStore.getInstance(keystoreType);
    ks.load(null, pw);

    KeyGenerator kg = KeyGenerator.getInstance("AES");
    kg.init(128);
    SecretKey key = kg.generateKey();

    KeyStore.SecretKeyEntry ske = new KeyStore.SecretKeyEntry(key);
    KeyStore.ProtectionParameter kspp = new KeyStore.PasswordProtection(pw);
    ks.setEntry(ALIAS, ske, kspp);

    File ksFile = File.createTempFile("test", ".test");
    try (FileOutputStream fos = new FileOutputStream(ksFile)) {
        ks.store(fos, pw);
        fos.flush();
    }

    // now see if we can get it back
    try (FileInputStream fis = new FileInputStream(ksFile)) {
        KeyStore ks2 = KeyStore.getInstance(keystoreType);
        ks2.load(fis, pw);
        KeyStore.Entry entry = ks2.getEntry(ALIAS, kspp);
        SecretKey keyIn = ((KeyStore.SecretKeyEntry)entry).getSecretKey();
        if (Arrays.equals(key.getEncoded(), keyIn.getEncoded())) {
            System.err.println("OK: worked just fine with " + keystoreType +
                               " keystore");
        } else {
            System.err.println("ERROR: keys are NOT equal after storing in "
                               + keystoreType + " keystore");
        }
    }
}
 
Example 8
Source File: TestKeyStoreBasic.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
private void checkSetEntry(KeyStore ks, String alias,
    KeyStore.PasswordProtection pw, KeyStore.Entry entry) throws Exception {
    try {
        ks.setEntry(alias, entry, pw);
        throw new Exception(
            "ERROR: expected KeyStore.setEntry to throw an exception");
    } catch (KeyStoreException e) {
        // ignore the expected exception
    }
}
 
Example 9
Source File: P12SecretKey.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 5 votes vote down vote up
private void run(String keystoreType) throws Exception {
    char[] pw = "password".toCharArray();
    KeyStore ks = KeyStore.getInstance(keystoreType);
    ks.load(null, pw);

    KeyGenerator kg = KeyGenerator.getInstance("AES");
    kg.init(128);
    SecretKey key = kg.generateKey();

    KeyStore.SecretKeyEntry ske = new KeyStore.SecretKeyEntry(key);
    KeyStore.ProtectionParameter kspp = new KeyStore.PasswordProtection(pw);
    ks.setEntry(ALIAS, ske, kspp);

    File ksFile = File.createTempFile("test", ".test");
    try (FileOutputStream fos = new FileOutputStream(ksFile)) {
        ks.store(fos, pw);
        fos.flush();
    }

    // now see if we can get it back
    try (FileInputStream fis = new FileInputStream(ksFile)) {
        KeyStore ks2 = KeyStore.getInstance(keystoreType);
        ks2.load(fis, pw);
        KeyStore.Entry entry = ks2.getEntry(ALIAS, kspp);
        SecretKey keyIn = ((KeyStore.SecretKeyEntry)entry).getSecretKey();
        if (Arrays.equals(key.getEncoded(), keyIn.getEncoded())) {
            System.err.println("OK: worked just fine with " + keystoreType +
                               " keystore");
        } else {
            System.err.println("ERROR: keys are NOT equal after storing in "
                               + keystoreType + " keystore");
        }
    }
}
 
Example 10
Source File: SyntheticPasswordCrypto.java    From android_9.0.0_r45 with Apache License 2.0 5 votes vote down vote up
public static byte[] createBlob(String keyAlias, byte[] data, byte[] applicationId, long sid) {
    try {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES);
        keyGenerator.init(new SecureRandom());
        SecretKey secretKey = keyGenerator.generateKey();
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        KeyProtection.Builder builder = new KeyProtection.Builder(KeyProperties.PURPOSE_DECRYPT)
                .setBlockModes(KeyProperties.BLOCK_MODE_GCM)
                .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
                .setCriticalToDeviceEncryption(true);
        if (sid != 0) {
            builder.setUserAuthenticationRequired(true)
                    .setBoundToSpecificSecureUserId(sid)
                    .setUserAuthenticationValidityDurationSeconds(USER_AUTHENTICATION_VALIDITY);
        }

        keyStore.setEntry(keyAlias,
                new KeyStore.SecretKeyEntry(secretKey),
                builder.build());
        byte[] intermediate = encrypt(applicationId, APPLICATION_ID_PERSONALIZATION, data);
        return encrypt(secretKey, intermediate);
    } catch (CertificateException | IOException | BadPaddingException
            | IllegalBlockSizeException
            | KeyStoreException | NoSuchPaddingException | NoSuchAlgorithmException
            | InvalidKeyException e) {
        e.printStackTrace();
        throw new RuntimeException("Failed to encrypt blob", e);
    }
}
 
Example 11
Source File: CloudSqlInstance.java    From cloud-sql-jdbc-socket-factory with Apache License 2.0 5 votes vote down vote up
/**
 * Creates a new SSLContext based on the provided parameters. This SSLContext will be used to
 * provide new SSLSockets that are authorized to connect to a Cloud SQL instance.
 */
private SSLContext createSslContext(
    KeyPair keyPair, Metadata metadata, Certificate ephemeralCertificate) {
  try {
    KeyStore authKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    authKeyStore.load(null, null);
    KeyStore.PrivateKeyEntry privateKey =
        new PrivateKeyEntry(keyPair.getPrivate(), new Certificate[] {ephemeralCertificate});
    authKeyStore.setEntry("ephemeral", privateKey, new PasswordProtection(new char[0]));
    KeyManagerFactory kmf =
        KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    kmf.init(authKeyStore, new char[0]);

    KeyStore trustedKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    trustedKeyStore.load(null, null);
    trustedKeyStore.setCertificateEntry("instance", metadata.getInstanceCaCertificate());
    TrustManagerFactory tmf = TrustManagerFactory.getInstance("X.509");
    tmf.init(trustedKeyStore);

    SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
    sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new SecureRandom());

    return sslContext;
  } catch (GeneralSecurityException | IOException ex) {
    throw new RuntimeException(
        String.format(
            "[%s] Unable to create a SSLContext for the Cloud SQL instance.", connectionName),
        ex);
  }
}
 
Example 12
Source File: P12SecretKey.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
private void run(String keystoreType) throws Exception {
    char[] pw = "password".toCharArray();
    KeyStore ks = KeyStore.getInstance(keystoreType);
    ks.load(null, pw);

    KeyGenerator kg = KeyGenerator.getInstance("AES");
    kg.init(128);
    SecretKey key = kg.generateKey();

    KeyStore.SecretKeyEntry ske = new KeyStore.SecretKeyEntry(key);
    KeyStore.ProtectionParameter kspp = new KeyStore.PasswordProtection(pw);
    ks.setEntry(ALIAS, ske, kspp);

    File ksFile = File.createTempFile("test", ".test");
    try (FileOutputStream fos = new FileOutputStream(ksFile)) {
        ks.store(fos, pw);
        fos.flush();
    }

    // now see if we can get it back
    try (FileInputStream fis = new FileInputStream(ksFile)) {
        KeyStore ks2 = KeyStore.getInstance(keystoreType);
        ks2.load(fis, pw);
        KeyStore.Entry entry = ks2.getEntry(ALIAS, kspp);
        SecretKey keyIn = ((KeyStore.SecretKeyEntry)entry).getSecretKey();
        if (Arrays.equals(key.getEncoded(), keyIn.getEncoded())) {
            System.err.println("OK: worked just fine with " + keystoreType +
                               " keystore");
        } else {
            System.err.println("ERROR: keys are NOT equal after storing in "
                               + keystoreType + " keystore");
        }
    }
}
 
Example 13
Source File: P12SecretKey.java    From dragonwell8_jdk with GNU General Public License v2.0 5 votes vote down vote up
private void run(String keystoreType) throws Exception {
    char[] pw = "password".toCharArray();
    KeyStore ks = KeyStore.getInstance(keystoreType);
    ks.load(null, pw);

    KeyGenerator kg = KeyGenerator.getInstance("AES");
    kg.init(128);
    SecretKey key = kg.generateKey();

    KeyStore.SecretKeyEntry ske = new KeyStore.SecretKeyEntry(key);
    KeyStore.ProtectionParameter kspp = new KeyStore.PasswordProtection(pw);
    ks.setEntry(ALIAS, ske, kspp);

    File ksFile = File.createTempFile("test", ".test");
    try (FileOutputStream fos = new FileOutputStream(ksFile)) {
        ks.store(fos, pw);
        fos.flush();
    }

    // now see if we can get it back
    try (FileInputStream fis = new FileInputStream(ksFile)) {
        KeyStore ks2 = KeyStore.getInstance(keystoreType);
        ks2.load(fis, pw);
        KeyStore.Entry entry = ks2.getEntry(ALIAS, kspp);
        SecretKey keyIn = ((KeyStore.SecretKeyEntry)entry).getSecretKey();
        if (Arrays.equals(key.getEncoded(), keyIn.getEncoded())) {
            System.err.println("OK: worked just fine with " + keystoreType +
                               " keystore");
        } else {
            System.err.println("ERROR: keys are NOT equal after storing in "
                               + keystoreType + " keystore");
        }
    }
}
 
Example 14
Source File: KeystoreFactory.java    From spring-boot-security-saml-samples with MIT License 4 votes vote down vote up
@SneakyThrows
public void addKeyToKeystore(KeyStore keyStore, X509Certificate cert, RSAPrivateKey privateKey, String alias, String password) {
    KeyStore.PasswordProtection pass = new KeyStore.PasswordProtection(password.toCharArray());
    Certificate[] certificateChain = {cert};
    keyStore.setEntry(alias, new KeyStore.PrivateKeyEntry(privateKey, certificateChain), pass);
}
 
Example 15
Source File: DKSTest.java    From openjdk-8-source with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {
    /*
     * domain keystore: system
     */
    URI config = new URI(CONFIG + "#system");
    int cacertsCount;
    int expected;
    KeyStore keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    cacertsCount = expected = keystore.size();
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_plus
     */
    config = new URI(CONFIG + "#system_plus");
    expected = cacertsCount + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_env
     */
    config = new URI(CONFIG + "#system_env");
    expected = 1 + cacertsCount;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(
        new DomainLoadStoreParameter(config,
            Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: empty
     */
    KeyStore empty = KeyStore.getInstance("JKS");
    empty.load(null, null);

    try (OutputStream outStream =
        new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
        empty.store(outStream, "passphrase".toCharArray());
    }
    config = new URI(CONFIG + "#empty");
    expected = 0;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: keystores
     */
    config = new URI(CONFIG + "#keystores");
    expected = 2 + 1 + 1 + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // set a new trusted certificate entry
    Certificate cert = loadCertificate(CERT);
    String alias = "pw_keystore tmp-cert";
    System.out.println("Setting new trusted certificate entry: " + alias);
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
    expected++;
    // store entries
    config = new URI(CONFIG + "#keystores_tmp");
    System.out.println("Storing domain keystore: " + config + "\t[" +
        expected + " entries]");
    keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
    keystore = KeyStore.getInstance("DKS");
    // reload entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("Reloading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // get the new trusted certificate entry
    System.out.println("Getting new trusted certificate entry: " + alias);
    if (!keystore.isCertificateEntry(alias)) {
        throw new Exception("Error: cannot retrieve certificate entry: " +
            alias);
    }
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
}
 
Example 16
Source File: CryptoUtil.java    From floodlight_with_topoguard with Apache License 2.0 4 votes vote down vote up
public static void writeSharedSecret(String keyStorePath,
                                     String keyStorePassword,
                                     byte[] sharedSecret) 
                                               throws Exception {
    char[] password = keyStorePassword.toCharArray();
    KeyStore ks;
    try {
        ks = readKeyStore(keyStorePath, password);
    } catch (FileNotFoundException e) {
        ks = KeyStore.getInstance("JCEKS");
        ks.load(null, password);
    } 

    KeyStore.ProtectionParameter protParam =
            new KeyStore.PasswordProtection(password);
    SecretKeySpec signingKey = 
            new SecretKeySpec(sharedSecret, "HmacSHA1");
    KeyStore.SecretKeyEntry skEntry =
            new KeyStore.SecretKeyEntry(signingKey);
    ks.setEntry(CHALLENGE_RESPONSE_SECRET, skEntry, protParam);

    // store away the keystore
    java.io.FileOutputStream fos = null;
    File keyStoreFile = new File(keyStorePath);
    File parent = keyStoreFile.getParentFile();
    if (parent != null)
        parent.mkdirs();
    try {
        fos = new java.io.FileOutputStream(keyStoreFile);
        ks.store(fos, password);
        keyStoreFile.setReadable(false, false);
        keyStoreFile.setReadable(true, true);
        keyStoreFile.setWritable(false, false);
        keyStoreFile.setWritable(true, true);
        keyStoreFile.setExecutable(false, false);
    } finally {
        if (fos != null) {
            fos.close();
        }
    }
}
 
Example 17
Source File: DKSTest.java    From jdk8u60 with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {
    /*
     * domain keystore: system
     */
    URI config = new URI(CONFIG + "#system");
    int cacertsCount;
    int expected;
    KeyStore keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    cacertsCount = expected = keystore.size();
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_plus
     */
    config = new URI(CONFIG + "#system_plus");
    expected = cacertsCount + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_env
     */
    config = new URI(CONFIG + "#system_env");
    expected = 1 + cacertsCount;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(
        new DomainLoadStoreParameter(config,
            Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: empty
     */
    KeyStore empty = KeyStore.getInstance("JKS");
    empty.load(null, null);

    try (OutputStream outStream =
        new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
        empty.store(outStream, "passphrase".toCharArray());
    }
    config = new URI(CONFIG + "#empty");
    expected = 0;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: keystores
     */
    config = new URI(CONFIG + "#keystores");
    expected = 2 + 1 + 1 + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // set a new trusted certificate entry
    Certificate cert = loadCertificate(CERT);
    String alias = "pw_keystore tmp-cert";
    System.out.println("Setting new trusted certificate entry: " + alias);
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
    expected++;
    // store entries
    config = new URI(CONFIG + "#keystores_tmp");
    System.out.println("Storing domain keystore: " + config + "\t[" +
        expected + " entries]");
    keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
    keystore = KeyStore.getInstance("DKS");
    // reload entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("Reloading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // get the new trusted certificate entry
    System.out.println("Getting new trusted certificate entry: " + alias);
    if (!keystore.isCertificateEntry(alias)) {
        throw new Exception("Error: cannot retrieve certificate entry: " +
            alias);
    }
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
}
 
Example 18
Source File: DKSTest.java    From jdk8u-dev-jdk with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {
    /*
     * domain keystore: system
     */
    URI config = new URI(CONFIG + "#system");
    int cacertsCount;
    int expected;
    KeyStore keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    cacertsCount = expected = keystore.size();
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_plus
     */
    config = new URI(CONFIG + "#system_plus");
    expected = cacertsCount + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_env
     */
    config = new URI(CONFIG + "#system_env");
    expected = 1 + cacertsCount;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(
        new DomainLoadStoreParameter(config,
            Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: empty
     */
    KeyStore empty = KeyStore.getInstance("JKS");
    empty.load(null, null);

    try (OutputStream outStream =
        new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
        empty.store(outStream, "passphrase".toCharArray());
    }
    config = new URI(CONFIG + "#empty");
    expected = 0;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: keystores
     */
    config = new URI(CONFIG + "#keystores");
    expected = 2 + 1 + 1 + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // set a new trusted certificate entry
    Certificate cert = loadCertificate(CERT);
    String alias = "pw_keystore tmp-cert";
    System.out.println("Setting new trusted certificate entry: " + alias);
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
    expected++;
    // store entries
    config = new URI(CONFIG + "#keystores_tmp");
    System.out.println("Storing domain keystore: " + config + "\t[" +
        expected + " entries]");
    keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
    keystore = KeyStore.getInstance("DKS");
    // reload entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("Reloading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // get the new trusted certificate entry
    System.out.println("Getting new trusted certificate entry: " + alias);
    if (!keystore.isCertificateEntry(alias)) {
        throw new Exception("Error: cannot retrieve certificate entry: " +
            alias);
    }
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
}
 
Example 19
Source File: DKSTest.java    From openjdk-8 with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {
    /*
     * domain keystore: system
     */
    URI config = new URI(CONFIG + "#system");
    int cacertsCount;
    int expected;
    KeyStore keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    cacertsCount = expected = keystore.size();
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_plus
     */
    config = new URI(CONFIG + "#system_plus");
    expected = cacertsCount + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_env
     */
    config = new URI(CONFIG + "#system_env");
    expected = 1 + cacertsCount;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(
        new DomainLoadStoreParameter(config,
            Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: empty
     */
    KeyStore empty = KeyStore.getInstance("JKS");
    empty.load(null, null);

    try (OutputStream outStream =
        new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
        empty.store(outStream, "passphrase".toCharArray());
    }
    config = new URI(CONFIG + "#empty");
    expected = 0;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: keystores
     */
    config = new URI(CONFIG + "#keystores");
    expected = 2 + 1 + 1 + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // set a new trusted certificate entry
    Certificate cert = loadCertificate(CERT);
    String alias = "pw_keystore tmp-cert";
    System.out.println("Setting new trusted certificate entry: " + alias);
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
    expected++;
    // store entries
    config = new URI(CONFIG + "#keystores_tmp");
    System.out.println("Storing domain keystore: " + config + "\t[" +
        expected + " entries]");
    keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
    keystore = KeyStore.getInstance("DKS");
    // reload entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("Reloading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // get the new trusted certificate entry
    System.out.println("Getting new trusted certificate entry: " + alias);
    if (!keystore.isCertificateEntry(alias)) {
        throw new Exception("Error: cannot retrieve certificate entry: " +
            alias);
    }
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
}
 
Example 20
Source File: DKSTest.java    From hottub with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {
    /*
     * domain keystore: system
     */
    URI config = new URI(CONFIG + "#system");
    int cacertsCount;
    int expected;
    KeyStore keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    cacertsCount = expected = keystore.size();
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_plus
     */
    config = new URI(CONFIG + "#system_plus");
    expected = cacertsCount + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: system_env
     */
    config = new URI(CONFIG + "#system_env");
    expected = 1 + cacertsCount;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(
        new DomainLoadStoreParameter(config,
            Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: empty
     */
    KeyStore empty = KeyStore.getInstance("JKS");
    empty.load(null, null);

    try (OutputStream outStream =
        new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
        empty.store(outStream, "passphrase".toCharArray());
    }
    config = new URI(CONFIG + "#empty");
    expected = 0;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);

    /*
     * domain keystore: keystores
     */
    config = new URI(CONFIG + "#keystores");
    expected = 2 + 1 + 1 + 1;
    keystore = KeyStore.getInstance("DKS");
    // load entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("\nLoading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // set a new trusted certificate entry
    Certificate cert = loadCertificate(CERT);
    String alias = "pw_keystore tmp-cert";
    System.out.println("Setting new trusted certificate entry: " + alias);
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
    expected++;
    // store entries
    config = new URI(CONFIG + "#keystores_tmp");
    System.out.println("Storing domain keystore: " + config + "\t[" +
        expected + " entries]");
    keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
    keystore = KeyStore.getInstance("DKS");
    // reload entries
    keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
    System.out.println("Reloading domain keystore: " + config + "\t[" +
        expected + " entries]");
    checkEntries(keystore, expected);
    // get the new trusted certificate entry
    System.out.println("Getting new trusted certificate entry: " + alias);
    if (!keystore.isCertificateEntry(alias)) {
        throw new Exception("Error: cannot retrieve certificate entry: " +
            alias);
    }
    keystore.setEntry(alias,
        new KeyStore.TrustedCertificateEntry(cert), null);
}