Java Code Examples for java.security.KeyStore#size()
The following examples show how to use
java.security.KeyStore#size() .
These examples are extracted from open source projects.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source Project: dragonwell8_jdk File: ConvertP12Test.java License: GNU General Public License v2.0 | 6 votes |
|
private void compareKeyStore(KeyStore a, KeyStore b, String inKeyPass,
String outKeyPass, int keyStoreSize) throws Exception {
if (a.size() != keyStoreSize || b.size() != keyStoreSize) {
throw new RuntimeException("size not match or size not equal to "
+ keyStoreSize);
}
Enumeration<String> eA = a.aliases();
while (eA.hasMoreElements()) {
String aliasA = eA.nextElement();
if (!b.containsAlias(aliasA)) {
throw new RuntimeException("alias not match for alias:"
+ aliasA);
}
compareKeyEntry(a, b, inKeyPass, outKeyPass, aliasA);
}
}
Example 2
| Source Project: dremio-oss File: SSLEngineFactoryImpl.java License: Apache License 2.0 | 6 votes |
|
private KeyManagerFactory newKeyManagerFactory() throws GeneralSecurityException, IOException {
if (sslConfig.getKeyStorePath() == SSLConfig.UNSPECIFIED) {
return null;
}
final KeyStore keyStore = KeyStore.getInstance(sslConfig.getKeyStoreType());
try (InputStream stream = new FileInputStream(sslConfig.getKeyStorePath())) {
keyStore.load(stream, sslConfig.getKeyStorePassword().toCharArray());
}
if (keyStore.size() == 0) {
throw new IllegalArgumentException("Key store has no entries");
}
final KeyManagerFactory factory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
factory.init(keyStore, sslConfig.getKeyPassword().toCharArray());
return factory;
}
Example 3
| Source Project: jdk8u-jdk File: ConvertP12Test.java License: GNU General Public License v2.0 | 6 votes |
|
private void compareKeyStore(KeyStore a, KeyStore b, String inKeyPass,
String outKeyPass, int keyStoreSize) throws Exception {
if (a.size() != keyStoreSize || b.size() != keyStoreSize) {
throw new RuntimeException("size not match or size not equal to "
+ keyStoreSize);
}
Enumeration<String> eA = a.aliases();
while (eA.hasMoreElements()) {
String aliasA = eA.nextElement();
if (!b.containsAlias(aliasA)) {
throw new RuntimeException("alias not match for alias:"
+ aliasA);
}
compareKeyEntry(a, b, inKeyPass, outKeyPass, aliasA);
}
}
Example 4
| Source Project: openjdk-jdk8u File: ConvertP12Test.java License: GNU General Public License v2.0 | 6 votes |
|
private void compareKeyStore(KeyStore a, KeyStore b, String inKeyPass,
String outKeyPass, int keyStoreSize) throws Exception {
if (a.size() != keyStoreSize || b.size() != keyStoreSize) {
throw new RuntimeException("size not match or size not equal to "
+ keyStoreSize);
}
Enumeration<String> eA = a.aliases();
while (eA.hasMoreElements()) {
String aliasA = eA.nextElement();
if (!b.containsAlias(aliasA)) {
throw new RuntimeException("alias not match for alias:"
+ aliasA);
}
compareKeyEntry(a, b, inKeyPass, outKeyPass, aliasA);
}
}
Example 5
| Source Project: keystore-explorer File: KseFrame.java License: GNU General Public License v3.0 | 6 votes |
|
private String getKeyStoreStatusText(KeyStoreHistory history) {
// Status Text: 'KeyStore Type, Size, Path'
KeyStoreState currentState = history.getCurrentState();
KeyStore ksLoaded = currentState.getKeyStore();
int size;
try {
size = ksLoaded.size();
} catch (KeyStoreException ex) {
DError.displayError(frame, ex);
return "";
}
KeyStoreType keyStoreType = currentState.getType();
return MessageFormat.format(res.getString("KseFrame.entries.statusbar"),
keyStoreType.friendly(), size, history.getPath());
}
Example 6
| Source Project: openjdk-jdk8u-backup File: ConvertP12Test.java License: GNU General Public License v2.0 | 6 votes |
|
private void compareKeyStore(KeyStore a, KeyStore b, String inKeyPass,
String outKeyPass, int keyStoreSize) throws Exception {
if (a.size() != keyStoreSize || b.size() != keyStoreSize) {
throw new RuntimeException("size not match or size not equal to "
+ keyStoreSize);
}
Enumeration<String> eA = a.aliases();
while (eA.hasMoreElements()) {
String aliasA = eA.nextElement();
if (!b.containsAlias(aliasA)) {
throw new RuntimeException("alias not match for alias:"
+ aliasA);
}
compareKeyEntry(a, b, inKeyPass, outKeyPass, aliasA);
}
}
Example 7
| Source Project: SPDS File: KeystoreLongTest.java License: Eclipse Public License 2.0 | 5 votes |
|
@Test
public void catchClause() {
try {
final KeyStore keyStore = KeyStore.getInstance("JKS");
// ... Some code
int size = keyStore.size(); // Hit !
mustBeInErrorState(keyStore);
} catch (KeyStoreException e) {
e.printStackTrace();
}
}
Example 8
| Source Project: vk-java-sdk File: YouTrackClient.java License: MIT License | 5 votes |
|
private SSLConnectionSocketFactory initSslContext(String keyStoreType, String keyStorePath, String keyStorePassword, String keyPassword,
String trustStoreType, String trustStorePath, String trustStorePassword)
throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, UnrecoverableKeyException, KeyManagementException {
SSLContextBuilder sslContextBuilder = SSLContexts.custom();
if (StringUtils.isNoneBlank(keyStorePath)) {
KeyStore keyStore = SslUtils.getStore(keyStoreType, keyStorePath, keyStorePassword);
if (keyStore.size() == 0) {
throw new IllegalStateException("Key store has no keys");
}
sslContextBuilder.loadKeyMaterial(keyStore, keyPassword.toCharArray());
}
if (StringUtils.isNoneBlank(trustStorePath)) {
KeyStore trustStore = SslUtils.getStore(trustStoreType, trustStorePath, trustStorePassword);
if (trustStore.size() == 0) {
throw new IllegalStateException("Trust store has no keys");
}
sslContextBuilder.loadTrustMaterial(trustStore, new TrustSelfSignedStrategy());
}
return new SSLConnectionSocketFactory(
sslContextBuilder.build(),
SSLConnectionSocketFactory.getDefaultHostnameVerifier());
}
Example 9
| Source Project: openjdk-8-source File: DKSTest.java License: GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
/*
* domain keystore: system
*/
URI config = new URI(CONFIG + "#system");
int cacertsCount;
int expected;
KeyStore keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
cacertsCount = expected = keystore.size();
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: system_plus
*/
config = new URI(CONFIG + "#system_plus");
expected = cacertsCount + 1;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: system_env
*/
config = new URI(CONFIG + "#system_env");
expected = 1 + cacertsCount;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(
new DomainLoadStoreParameter(config,
Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: empty
*/
KeyStore empty = KeyStore.getInstance("JKS");
empty.load(null, null);
try (OutputStream outStream =
new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
empty.store(outStream, "passphrase".toCharArray());
}
config = new URI(CONFIG + "#empty");
expected = 0;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: keystores
*/
config = new URI(CONFIG + "#keystores");
expected = 2 + 1 + 1 + 1;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
// set a new trusted certificate entry
Certificate cert = loadCertificate(CERT);
String alias = "pw_keystore tmp-cert";
System.out.println("Setting new trusted certificate entry: " + alias);
keystore.setEntry(alias,
new KeyStore.TrustedCertificateEntry(cert), null);
expected++;
// store entries
config = new URI(CONFIG + "#keystores_tmp");
System.out.println("Storing domain keystore: " + config + "\t[" +
expected + " entries]");
keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
keystore = KeyStore.getInstance("DKS");
// reload entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("Reloading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
// get the new trusted certificate entry
System.out.println("Getting new trusted certificate entry: " + alias);
if (!keystore.isCertificateEntry(alias)) {
throw new Exception("Error: cannot retrieve certificate entry: " +
alias);
}
keystore.setEntry(alias,
new KeyStore.TrustedCertificateEntry(cert), null);
}
Example 10
| Source Project: dragonwell8_jdk File: WriteP12Test.java License: GNU General Public License v2.0 | 4 votes |
|
private void testKeyStore(KeyStore inputKeyStore, char[] keypass)
throws KeyStoreException, UnrecoverableKeyException,
NoSuchAlgorithmException {
out.println("========== Key Store ==========");
out.println("getProvider : " + inputKeyStore.getProvider());
out.println("getType : " + inputKeyStore.getType());
out.println("getDefaultType : " + KeyStore.getDefaultType());
int idx = 0;
Enumeration<String> e = inputKeyStore.aliases();
String alias;
while (e.hasMoreElements()) {
alias = e.nextElement();
if (!inputKeyStore.containsAlias(alias)) {
throw new RuntimeException("Alias not found");
}
out.println("Alias " + idx + " : " + alias);
out.println("getCreationDate : "
+ inputKeyStore.getCreationDate(alias));
X509Certificate cert = (X509Certificate) inputKeyStore
.getCertificate(alias);
out.println("getCertificate : " + cert.getSubjectDN());
String retAlias = inputKeyStore.getCertificateAlias(cert);
if (!retAlias.equals(alias)) {
throw new RuntimeException("Alias mismatch, actually "
+ retAlias + ", expected " + alias);
}
out.println("getCertificateAlias : " + retAlias);
Certificate[] certs = inputKeyStore.getCertificateChain(alias);
int i = 0;
for (Certificate certification : certs) {
out.println("getCertificateChain " + i
+ ((X509Certificate) certification).getSubjectDN());
i++;
}
if (inputKeyStore.isCertificateEntry(alias)) {
throw new RuntimeException(
"inputKeystore should not be certEntry because this"
+ " keystore only contain key pair entries.");
}
if (!inputKeyStore.isKeyEntry(alias)) {
throw new RuntimeException("Entry type unknown.");
}
idx++;
}
int size = inputKeyStore.size();
if (idx != size) {
throw new RuntimeException("Size not match, actually " + idx
+ ", expected " + size);
}
}
Example 11
| Source Project: jdk8u_jdk File: WriteP12Test.java License: GNU General Public License v2.0 | 4 votes |
|
private void testKeyStore(KeyStore inputKeyStore, char[] keypass)
throws KeyStoreException, UnrecoverableKeyException,
NoSuchAlgorithmException {
out.println("========== Key Store ==========");
out.println("getProvider : " + inputKeyStore.getProvider());
out.println("getType : " + inputKeyStore.getType());
out.println("getDefaultType : " + KeyStore.getDefaultType());
int idx = 0;
Enumeration<String> e = inputKeyStore.aliases();
String alias;
while (e.hasMoreElements()) {
alias = e.nextElement();
if (!inputKeyStore.containsAlias(alias)) {
throw new RuntimeException("Alias not found");
}
out.println("Alias " + idx + " : " + alias);
out.println("getCreationDate : "
+ inputKeyStore.getCreationDate(alias));
X509Certificate cert = (X509Certificate) inputKeyStore
.getCertificate(alias);
out.println("getCertificate : " + cert.getSubjectDN());
String retAlias = inputKeyStore.getCertificateAlias(cert);
if (!retAlias.equals(alias)) {
throw new RuntimeException("Alias mismatch, actually "
+ retAlias + ", expected " + alias);
}
out.println("getCertificateAlias : " + retAlias);
Certificate[] certs = inputKeyStore.getCertificateChain(alias);
int i = 0;
for (Certificate certification : certs) {
out.println("getCertificateChain " + i
+ ((X509Certificate) certification).getSubjectDN());
i++;
}
if (inputKeyStore.isCertificateEntry(alias)) {
throw new RuntimeException(
"inputKeystore should not be certEntry because this"
+ " keystore only contain key pair entries.");
}
if (!inputKeyStore.isKeyEntry(alias)) {
throw new RuntimeException("Entry type unknown.");
}
idx++;
}
int size = inputKeyStore.size();
if (idx != size) {
throw new RuntimeException("Size not match, actually " + idx
+ ", expected " + size);
}
}
Example 12
| Source Project: TencentKona-8 File: WriteP12Test.java License: GNU General Public License v2.0 | 4 votes |
|
private void testKeyStore(KeyStore inputKeyStore, char[] keypass)
throws KeyStoreException, UnrecoverableKeyException,
NoSuchAlgorithmException {
out.println("========== Key Store ==========");
out.println("getProvider : " + inputKeyStore.getProvider());
out.println("getType : " + inputKeyStore.getType());
out.println("getDefaultType : " + KeyStore.getDefaultType());
int idx = 0;
Enumeration<String> e = inputKeyStore.aliases();
String alias;
while (e.hasMoreElements()) {
alias = e.nextElement();
if (!inputKeyStore.containsAlias(alias)) {
throw new RuntimeException("Alias not found");
}
out.println("Alias " + idx + " : " + alias);
out.println("getCreationDate : "
+ inputKeyStore.getCreationDate(alias));
X509Certificate cert = (X509Certificate) inputKeyStore
.getCertificate(alias);
out.println("getCertificate : " + cert.getSubjectDN());
String retAlias = inputKeyStore.getCertificateAlias(cert);
if (!retAlias.equals(alias)) {
throw new RuntimeException("Alias mismatch, actually "
+ retAlias + ", expected " + alias);
}
out.println("getCertificateAlias : " + retAlias);
Certificate[] certs = inputKeyStore.getCertificateChain(alias);
int i = 0;
for (Certificate certification : certs) {
out.println("getCertificateChain " + i
+ ((X509Certificate) certification).getSubjectDN());
i++;
}
if (inputKeyStore.isCertificateEntry(alias)) {
throw new RuntimeException(
"inputKeystore should not be certEntry because this"
+ " keystore only contain key pair entries.");
}
if (!inputKeyStore.isKeyEntry(alias)) {
throw new RuntimeException("Entry type unknown.");
}
idx++;
}
int size = inputKeyStore.size();
if (idx != size) {
throw new RuntimeException("Size not match, actually " + idx
+ ", expected " + size);
}
}
Example 13
| Source Project: TencentKona-8 File: TestKeyStoreEntry.java License: GNU General Public License v2.0 | 4 votes |
|
public void runTest(Provider p) throws Exception {
try (FileOutputStream fos = new FileOutputStream("jceks");
FileInputStream fis = new FileInputStream("jceks");) {
KeyStore ks = KeyStore.getInstance("jceks", p);
// create an empty key store
ks.load(null, null);
// store the secret keys
String aliasHead = new String("secretKey");
for (int j = 0; j < NUM_ALGOS; j++) {
ks.setKeyEntry(aliasHead + j, sks[j], PASSWDK, null);
}
// write the key store out to a file
ks.store(fos, PASSWDF);
// wipe clean the existing key store
for (int k = 0; k < NUM_ALGOS; k++) {
ks.deleteEntry(aliasHead + k);
}
if (ks.size() != 0) {
throw new RuntimeException("ERROR: re-initialization failed");
}
// reload the key store with the file
ks.load(fis, PASSWDF);
// check the integrity/validaty of the key store
Key temp = null;
String alias = null;
if (ks.size() != NUM_ALGOS) {
throw new RuntimeException("ERROR: wrong number of key"
+ " entries");
}
for (int m = 0; m < ks.size(); m++) {
alias = aliasHead + m;
temp = ks.getKey(alias, PASSWDK);
// compare the keys
if (!temp.equals(sks[m])) {
throw new RuntimeException("ERROR: key comparison (" + m
+ ") failed");
}
// check the type of key
if (ks.isCertificateEntry(alias) || !ks.isKeyEntry(alias)) {
throw new RuntimeException("ERROR: type identification ("
+ m + ") failed");
}
}
}
}
Example 14
| Source Project: jdk8u60 File: DKSTest.java License: GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
/*
* domain keystore: system
*/
URI config = new URI(CONFIG + "#system");
int cacertsCount;
int expected;
KeyStore keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
cacertsCount = expected = keystore.size();
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: system_plus
*/
config = new URI(CONFIG + "#system_plus");
expected = cacertsCount + 1;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: system_env
*/
config = new URI(CONFIG + "#system_env");
expected = 1 + cacertsCount;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(
new DomainLoadStoreParameter(config,
Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: empty
*/
KeyStore empty = KeyStore.getInstance("JKS");
empty.load(null, null);
try (OutputStream outStream =
new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
empty.store(outStream, "passphrase".toCharArray());
}
config = new URI(CONFIG + "#empty");
expected = 0;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: keystores
*/
config = new URI(CONFIG + "#keystores");
expected = 2 + 1 + 1 + 1;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
// set a new trusted certificate entry
Certificate cert = loadCertificate(CERT);
String alias = "pw_keystore tmp-cert";
System.out.println("Setting new trusted certificate entry: " + alias);
keystore.setEntry(alias,
new KeyStore.TrustedCertificateEntry(cert), null);
expected++;
// store entries
config = new URI(CONFIG + "#keystores_tmp");
System.out.println("Storing domain keystore: " + config + "\t[" +
expected + " entries]");
keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
keystore = KeyStore.getInstance("DKS");
// reload entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("Reloading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
// get the new trusted certificate entry
System.out.println("Getting new trusted certificate entry: " + alias);
if (!keystore.isCertificateEntry(alias)) {
throw new Exception("Error: cannot retrieve certificate entry: " +
alias);
}
keystore.setEntry(alias,
new KeyStore.TrustedCertificateEntry(cert), null);
}
Example 15
| Source Project: portecle File: FPortecle.java License: GNU General Public License v2.0 | 4 votes |
|
/**
* Set the text in the staus bar to reflect the status of the currently loaded keystore.
*/
@Override
public void setDefaultStatusBarText()
{
// No keystore loaded...
if (m_keyStoreWrap == null)
{
setStatusBarText(RB.getString("FPortecle.noKeyStore.statusbar"));
}
// keystore loaded...
else
{
// Get the keystore and display information on its type and size
KeyStore ksLoaded = m_keyStoreWrap.getKeyStore();
int iSize;
try
{
iSize = ksLoaded.size();
}
catch (KeyStoreException ex)
{
setStatusBarText("");
DThrowable.showAndWait(this, null, ex);
return;
}
String sType = KeyStoreType.valueOfType(ksLoaded.getType()).toString();
String sProv = ksLoaded.getProvider().getName();
if (iSize == 1)
{
setStatusBarText(MessageFormat.format(RB.getString("FPortecle.entry.statusbar"), sType, sProv));
}
else
{
setStatusBarText(
MessageFormat.format(RB.getString("FPortecle.entries.statusbar"), sType, sProv, iSize));
}
}
}
Example 16
| Source Project: jdk8u-dev-jdk File: DKSTest.java License: GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
/*
* domain keystore: system
*/
URI config = new URI(CONFIG + "#system");
int cacertsCount;
int expected;
KeyStore keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
cacertsCount = expected = keystore.size();
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: system_plus
*/
config = new URI(CONFIG + "#system_plus");
expected = cacertsCount + 1;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: system_env
*/
config = new URI(CONFIG + "#system_env");
expected = 1 + cacertsCount;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(
new DomainLoadStoreParameter(config,
Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: empty
*/
KeyStore empty = KeyStore.getInstance("JKS");
empty.load(null, null);
try (OutputStream outStream =
new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
empty.store(outStream, "passphrase".toCharArray());
}
config = new URI(CONFIG + "#empty");
expected = 0;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: keystores
*/
config = new URI(CONFIG + "#keystores");
expected = 2 + 1 + 1 + 1;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
// set a new trusted certificate entry
Certificate cert = loadCertificate(CERT);
String alias = "pw_keystore tmp-cert";
System.out.println("Setting new trusted certificate entry: " + alias);
keystore.setEntry(alias,
new KeyStore.TrustedCertificateEntry(cert), null);
expected++;
// store entries
config = new URI(CONFIG + "#keystores_tmp");
System.out.println("Storing domain keystore: " + config + "\t[" +
expected + " entries]");
keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
keystore = KeyStore.getInstance("DKS");
// reload entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("Reloading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
// get the new trusted certificate entry
System.out.println("Getting new trusted certificate entry: " + alias);
if (!keystore.isCertificateEntry(alias)) {
throw new Exception("Error: cannot retrieve certificate entry: " +
alias);
}
keystore.setEntry(alias,
new KeyStore.TrustedCertificateEntry(cert), null);
}
Example 17
| Source Project: openjdk-jdk8u-backup File: WriteP12Test.java License: GNU General Public License v2.0 | 4 votes |
|
private void testKeyStore(KeyStore inputKeyStore, char[] keypass)
throws KeyStoreException, UnrecoverableKeyException,
NoSuchAlgorithmException {
out.println("========== Key Store ==========");
out.println("getProvider : " + inputKeyStore.getProvider());
out.println("getType : " + inputKeyStore.getType());
out.println("getDefaultType : " + KeyStore.getDefaultType());
int idx = 0;
Enumeration<String> e = inputKeyStore.aliases();
String alias;
while (e.hasMoreElements()) {
alias = e.nextElement();
if (!inputKeyStore.containsAlias(alias)) {
throw new RuntimeException("Alias not found");
}
out.println("Alias " + idx + " : " + alias);
out.println("getCreationDate : "
+ inputKeyStore.getCreationDate(alias));
X509Certificate cert = (X509Certificate) inputKeyStore
.getCertificate(alias);
out.println("getCertificate : " + cert.getSubjectDN());
String retAlias = inputKeyStore.getCertificateAlias(cert);
if (!retAlias.equals(alias)) {
throw new RuntimeException("Alias mismatch, actually "
+ retAlias + ", expected " + alias);
}
out.println("getCertificateAlias : " + retAlias);
Certificate[] certs = inputKeyStore.getCertificateChain(alias);
int i = 0;
for (Certificate certification : certs) {
out.println("getCertificateChain " + i
+ ((X509Certificate) certification).getSubjectDN());
i++;
}
if (inputKeyStore.isCertificateEntry(alias)) {
throw new RuntimeException(
"inputKeystore should not be certEntry because this"
+ " keystore only contain key pair entries.");
}
if (!inputKeyStore.isKeyEntry(alias)) {
throw new RuntimeException("Entry type unknown.");
}
idx++;
}
int size = inputKeyStore.size();
if (idx != size) {
throw new RuntimeException("Size not match, actually " + idx
+ ", expected " + size);
}
}
Example 18
| Source Project: openjdk-jdk9 File: AddPrivateKey.java License: GNU General Public License v2.0 | 4 votes |
|
private static void test(Provider p, PrivateKeyEntry entry) throws Exception {
PrivateKey key = entry.getPrivateKey();
X509Certificate[] chain = (X509Certificate[])entry.getCertificateChain();
PublicKey publicKey = chain[0].getPublicKey();
System.out.println(toString(key));
sign(p, key, publicKey);
KeyStore ks = KeyStore.getInstance("PKCS11", p);
ks.load(null, null);
if (ks.size() != 0) {
throw new Exception("KeyStore not empty");
}
List<String> aliases;
// test 1: add entry
ks.setKeyEntry(ALIAS1, key, null, chain);
aliases = aliases(ks);
if (aliases.size() != 1) {
throw new Exception("size not 1: " + aliases);
}
if (aliases.get(0).equals(ALIAS1) == false) {
throw new Exception("alias mismatch: " + aliases);
}
PrivateKey key2 = (PrivateKey)ks.getKey(ALIAS1, null);
System.out.println(toString(key2));
X509Certificate[] chain2 =
(X509Certificate[]) ks.getCertificateChain(ALIAS1);
if (Arrays.equals(chain, chain2) == false) {
throw new Exception("chain mismatch");
}
sign(p, key2, publicKey);
ks.deleteEntry(ALIAS1);
if (ks.size() != 0) {
throw new Exception("KeyStore not empty");
}
// test 2: translate to session object, then add entry
KeyFactory kf = KeyFactory.getInstance(key.getAlgorithm(), p);
PrivateKey key3 = (PrivateKey)kf.translateKey(key);
System.out.println(toString(key3));
sign(p, key3, publicKey);
ks.setKeyEntry(ALIAS2, key3, null, chain);
aliases = aliases(ks);
if (aliases.size() != 1) {
throw new Exception("size not 1");
}
if (aliases.get(0).equals(ALIAS2) == false) {
throw new Exception("alias mismatch: " + aliases);
}
PrivateKey key4 = (PrivateKey)ks.getKey(ALIAS2, null);
System.out.println(toString(key4));
X509Certificate[] chain4 = (X509Certificate[])
ks.getCertificateChain(ALIAS2);
if (Arrays.equals(chain, chain4) == false) {
throw new Exception("chain mismatch");
}
sign(p, key4, publicKey);
// test 3: change alias
ks.setKeyEntry(ALIAS3, key3, null, chain);
aliases = aliases(ks);
if (aliases.size() != 1) {
throw new Exception("size not 1");
}
if (aliases.get(0).equals(ALIAS3) == false) {
throw new Exception("alias mismatch: " + aliases);
}
PrivateKey key5 = (PrivateKey)ks.getKey(ALIAS3, null);
System.out.println(toString(key5));
X509Certificate[] chain5 = (X509Certificate[])
ks.getCertificateChain(ALIAS3);
if (Arrays.equals(chain, chain5) == false) {
throw new Exception("chain mismatch");
}
sign(p, key5, publicKey);
ks.deleteEntry(ALIAS3);
if (ks.size() != 0) {
throw new Exception("KeyStore not empty");
}
System.out.println("OK");
}
Example 19
| Source Project: hottub File: DKSTest.java License: GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
/*
* domain keystore: system
*/
URI config = new URI(CONFIG + "#system");
int cacertsCount;
int expected;
KeyStore keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
cacertsCount = expected = keystore.size();
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: system_plus
*/
config = new URI(CONFIG + "#system_plus");
expected = cacertsCount + 1;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: system_env
*/
config = new URI(CONFIG + "#system_env");
expected = 1 + cacertsCount;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(
new DomainLoadStoreParameter(config,
Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: empty
*/
KeyStore empty = KeyStore.getInstance("JKS");
empty.load(null, null);
try (OutputStream outStream =
new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
empty.store(outStream, "passphrase".toCharArray());
}
config = new URI(CONFIG + "#empty");
expected = 0;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: keystores
*/
config = new URI(CONFIG + "#keystores");
expected = 2 + 1 + 1 + 1;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
// set a new trusted certificate entry
Certificate cert = loadCertificate(CERT);
String alias = "pw_keystore tmp-cert";
System.out.println("Setting new trusted certificate entry: " + alias);
keystore.setEntry(alias,
new KeyStore.TrustedCertificateEntry(cert), null);
expected++;
// store entries
config = new URI(CONFIG + "#keystores_tmp");
System.out.println("Storing domain keystore: " + config + "\t[" +
expected + " entries]");
keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
keystore = KeyStore.getInstance("DKS");
// reload entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("Reloading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
// get the new trusted certificate entry
System.out.println("Getting new trusted certificate entry: " + alias);
if (!keystore.isCertificateEntry(alias)) {
throw new Exception("Error: cannot retrieve certificate entry: " +
alias);
}
keystore.setEntry(alias,
new KeyStore.TrustedCertificateEntry(cert), null);
}
Example 20
| Source Project: openjdk-jdk9 File: WriteP12Test.java License: GNU General Public License v2.0 | 4 votes |
|
private void testKeyStore(KeyStore inputKeyStore, char[] keypass)
throws KeyStoreException, UnrecoverableKeyException,
NoSuchAlgorithmException {
out.println("========== Key Store ==========");
out.println("getProvider : " + inputKeyStore.getProvider());
out.println("getType : " + inputKeyStore.getType());
out.println("getDefaultType : " + KeyStore.getDefaultType());
int idx = 0;
Enumeration<String> e = inputKeyStore.aliases();
String alias;
while (e.hasMoreElements()) {
alias = e.nextElement();
if (!inputKeyStore.containsAlias(alias)) {
throw new RuntimeException("Alias not found");
}
out.println("Alias " + idx + " : " + alias);
out.println("getCreationDate : "
+ inputKeyStore.getCreationDate(alias));
X509Certificate cert = (X509Certificate) inputKeyStore
.getCertificate(alias);
out.println("getCertificate : " + cert.getSubjectDN());
String retAlias = inputKeyStore.getCertificateAlias(cert);
if (!retAlias.equals(alias)) {
throw new RuntimeException("Alias mismatch, actually "
+ retAlias + ", expected " + alias);
}
out.println("getCertificateAlias : " + retAlias);
Certificate[] certs = inputKeyStore.getCertificateChain(alias);
int i = 0;
for (Certificate certification : certs) {
out.println("getCertificateChain " + i
+ ((X509Certificate) certification).getSubjectDN());
i++;
}
if (inputKeyStore.isCertificateEntry(alias)) {
throw new RuntimeException(
"inputKeystore should not be certEntry because this"
+ " keystore only contain key pair entries.");
}
if (!inputKeyStore.isKeyEntry(alias)) {
throw new RuntimeException("Entry type unknown.");
}
idx++;
}
int size = inputKeyStore.size();
if (idx != size) {
throw new RuntimeException("Size not match, actually " + idx
+ ", expected " + size);
}
}
