Java Code Examples for java.security.KeyStore#setEntry()
The following examples show how to use
java.security.KeyStore#setEntry() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: MetadataStoreLoadTest.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
private void storeAttrs() throws UnrecoverableEntryException, GeneralSecurityException, NoSuchAlgorithmException, KeyStoreException, IOException { KeyStore ksIn = Utils.loadKeyStore(KEYSTORE_PATH, Utils.KeyStoreType.pkcs12, PASSWORD); KeyStore ksAttr = KeyStore .getInstance(Utils.KeyStoreType.pkcs12.name()); ksAttr.load(null); Key key = ksIn.getKey(ALIAS, PASSWORD); Certificate cert = ksIn.getCertificate(ALIAS); Set<KeyStore.Entry.Attribute> attrs = new HashSet<>(Arrays.asList(ATTR_SET)); KeyStore.Entry e = new KeyStore.PrivateKeyEntry((PrivateKey) key, new Certificate[]{cert}, attrs); ksAttr.setEntry(ALIAS, e, new KeyStore.PasswordProtection( KEY_PASSWORD)); out.println("Attributes before store:"); e.getAttributes().stream().forEach((attr) -> { out.println(attr.getName() + ", '" + attr.getValue() + "'"); }); Utils.saveKeyStore(ksAttr, WORKING_DIRECTORY + File.separator + KESTORE_NEW, PASSWORD); }
Example 2
Source File: MetadataStoreLoadTest.java From TencentKona-8 with GNU General Public License v2.0 | 6 votes |
private void storeAttrs() throws UnrecoverableEntryException, GeneralSecurityException, NoSuchAlgorithmException, KeyStoreException, IOException { KeyStore ksIn = Utils.loadKeyStore(KEYSTORE_PATH, Utils.KeyStoreType.pkcs12, PASSWORD); KeyStore ksAttr = KeyStore .getInstance(Utils.KeyStoreType.pkcs12.name()); ksAttr.load(null); Key key = ksIn.getKey(ALIAS, PASSWORD); Certificate cert = ksIn.getCertificate(ALIAS); Set<KeyStore.Entry.Attribute> attrs = new HashSet<>(Arrays.asList(ATTR_SET)); KeyStore.Entry e = new KeyStore.PrivateKeyEntry((PrivateKey) key, new Certificate[]{cert}, attrs); ksAttr.setEntry(ALIAS, e, new KeyStore.PasswordProtection( KEY_PASSWORD)); out.println("Attributes before store:"); e.getAttributes().stream().forEach((attr) -> { out.println(attr.getName() + ", '" + attr.getValue() + "'"); }); Utils.saveKeyStore(ksAttr, WORKING_DIRECTORY + File.separator + KESTORE_NEW, PASSWORD); }
Example 3
Source File: MetadataStoreLoadTest.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
private void storeAttrs() throws UnrecoverableEntryException, GeneralSecurityException, NoSuchAlgorithmException, KeyStoreException, IOException { KeyStore ksIn = Utils.loadKeyStore(KEYSTORE_PATH, Utils.KeyStoreType.pkcs12, PASSWORD); KeyStore ksAttr = KeyStore .getInstance(Utils.KeyStoreType.pkcs12.name()); ksAttr.load(null); Key key = ksIn.getKey(ALIAS, PASSWORD); Certificate cert = ksIn.getCertificate(ALIAS); Set<KeyStore.Entry.Attribute> attrs = new HashSet<>(Arrays.asList(ATTR_SET)); KeyStore.Entry e = new KeyStore.PrivateKeyEntry((PrivateKey) key, new Certificate[]{cert}, attrs); ksAttr.setEntry(ALIAS, e, new KeyStore.PasswordProtection( KEY_PASSWORD)); out.println("Attributes before store:"); e.getAttributes().stream().forEach((attr) -> { out.println(attr.getName() + ", '" + attr.getValue() + "'"); }); Utils.saveKeyStore(ksAttr, WORKING_DIRECTORY + File.separator + KESTORE_NEW, PASSWORD); }
Example 4
Source File: MetadataStoreLoadTest.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
private void storeAttrs() throws UnrecoverableEntryException, GeneralSecurityException, NoSuchAlgorithmException, KeyStoreException, IOException { KeyStore ksIn = Utils.loadKeyStore(KEYSTORE_PATH, Utils.KeyStoreType.pkcs12, PASSWORD); KeyStore ksAttr = KeyStore .getInstance(Utils.KeyStoreType.pkcs12.name()); ksAttr.load(null); Key key = ksIn.getKey(ALIAS, PASSWORD); Certificate cert = ksIn.getCertificate(ALIAS); Set<KeyStore.Entry.Attribute> attrs = new HashSet<>(Arrays.asList(ATTR_SET)); KeyStore.Entry e = new KeyStore.PrivateKeyEntry((PrivateKey) key, new Certificate[]{cert}, attrs); ksAttr.setEntry(ALIAS, e, new KeyStore.PasswordProtection( KEY_PASSWORD)); out.println("Attributes before store:"); e.getAttributes().stream().forEach((attr) -> { out.println(attr.getName() + ", '" + attr.getValue() + "'"); }); Utils.saveKeyStore(ksAttr, WORKING_DIRECTORY + File.separator + KESTORE_NEW, PASSWORD); }
Example 5
Source File: P12SecretKey.java From jdk8u_jdk with GNU General Public License v2.0 | 5 votes |
private void run(String keystoreType) throws Exception { char[] pw = "password".toCharArray(); KeyStore ks = KeyStore.getInstance(keystoreType); ks.load(null, pw); KeyGenerator kg = KeyGenerator.getInstance("AES"); kg.init(128); SecretKey key = kg.generateKey(); KeyStore.SecretKeyEntry ske = new KeyStore.SecretKeyEntry(key); KeyStore.ProtectionParameter kspp = new KeyStore.PasswordProtection(pw); ks.setEntry(ALIAS, ske, kspp); File ksFile = File.createTempFile("test", ".test"); try (FileOutputStream fos = new FileOutputStream(ksFile)) { ks.store(fos, pw); fos.flush(); } // now see if we can get it back try (FileInputStream fis = new FileInputStream(ksFile)) { KeyStore ks2 = KeyStore.getInstance(keystoreType); ks2.load(fis, pw); KeyStore.Entry entry = ks2.getEntry(ALIAS, kspp); SecretKey keyIn = ((KeyStore.SecretKeyEntry)entry).getSecretKey(); if (Arrays.equals(key.getEncoded(), keyIn.getEncoded())) { System.err.println("OK: worked just fine with " + keystoreType + " keystore"); } else { System.err.println("ERROR: keys are NOT equal after storing in " + keystoreType + " keystore"); } } }
Example 6
Source File: JavaSecurityManagementServiceImpl.java From rice with Educational Community License v2.0 | 5 votes |
protected KeyStore generateKeyStore(Certificate cert, PrivateKey privateKey, String alias, String keyStorePassword) throws GeneralSecurityException, IOException { KeyStore ks = KeyStore.getInstance(getModuleKeyStoreType()); ks.load(null, keyStorePassword.toCharArray()); // set client private key on keyStore file ks.setEntry(alias, new KeyStore.PrivateKeyEntry(privateKey, new Certificate[]{cert}), new KeyStore.PasswordProtection(keyStorePassword.toCharArray())); return ks; }
Example 7
Source File: P12SecretKey.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
private void run(String keystoreType) throws Exception { char[] pw = "password".toCharArray(); KeyStore ks = KeyStore.getInstance(keystoreType); ks.load(null, pw); KeyGenerator kg = KeyGenerator.getInstance("AES"); kg.init(128); SecretKey key = kg.generateKey(); KeyStore.SecretKeyEntry ske = new KeyStore.SecretKeyEntry(key); KeyStore.ProtectionParameter kspp = new KeyStore.PasswordProtection(pw); ks.setEntry(ALIAS, ske, kspp); File ksFile = File.createTempFile("test", ".test"); try (FileOutputStream fos = new FileOutputStream(ksFile)) { ks.store(fos, pw); fos.flush(); } // now see if we can get it back try (FileInputStream fis = new FileInputStream(ksFile)) { KeyStore ks2 = KeyStore.getInstance(keystoreType); ks2.load(fis, pw); KeyStore.Entry entry = ks2.getEntry(ALIAS, kspp); SecretKey keyIn = ((KeyStore.SecretKeyEntry)entry).getSecretKey(); if (Arrays.equals(key.getEncoded(), keyIn.getEncoded())) { System.err.println("OK: worked just fine with " + keystoreType + " keystore"); } else { System.err.println("ERROR: keys are NOT equal after storing in " + keystoreType + " keystore"); } } }
Example 8
Source File: TestKeyStoreBasic.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
private void checkSetEntry(KeyStore ks, String alias, KeyStore.PasswordProtection pw, KeyStore.Entry entry) throws Exception { try { ks.setEntry(alias, entry, pw); throw new Exception( "ERROR: expected KeyStore.setEntry to throw an exception"); } catch (KeyStoreException e) { // ignore the expected exception } }
Example 9
Source File: P12SecretKey.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 5 votes |
private void run(String keystoreType) throws Exception { char[] pw = "password".toCharArray(); KeyStore ks = KeyStore.getInstance(keystoreType); ks.load(null, pw); KeyGenerator kg = KeyGenerator.getInstance("AES"); kg.init(128); SecretKey key = kg.generateKey(); KeyStore.SecretKeyEntry ske = new KeyStore.SecretKeyEntry(key); KeyStore.ProtectionParameter kspp = new KeyStore.PasswordProtection(pw); ks.setEntry(ALIAS, ske, kspp); File ksFile = File.createTempFile("test", ".test"); try (FileOutputStream fos = new FileOutputStream(ksFile)) { ks.store(fos, pw); fos.flush(); } // now see if we can get it back try (FileInputStream fis = new FileInputStream(ksFile)) { KeyStore ks2 = KeyStore.getInstance(keystoreType); ks2.load(fis, pw); KeyStore.Entry entry = ks2.getEntry(ALIAS, kspp); SecretKey keyIn = ((KeyStore.SecretKeyEntry)entry).getSecretKey(); if (Arrays.equals(key.getEncoded(), keyIn.getEncoded())) { System.err.println("OK: worked just fine with " + keystoreType + " keystore"); } else { System.err.println("ERROR: keys are NOT equal after storing in " + keystoreType + " keystore"); } } }
Example 10
Source File: SyntheticPasswordCrypto.java From android_9.0.0_r45 with Apache License 2.0 | 5 votes |
public static byte[] createBlob(String keyAlias, byte[] data, byte[] applicationId, long sid) { try { KeyGenerator keyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES); keyGenerator.init(new SecureRandom()); SecretKey secretKey = keyGenerator.generateKey(); KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore"); keyStore.load(null); KeyProtection.Builder builder = new KeyProtection.Builder(KeyProperties.PURPOSE_DECRYPT) .setBlockModes(KeyProperties.BLOCK_MODE_GCM) .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE) .setCriticalToDeviceEncryption(true); if (sid != 0) { builder.setUserAuthenticationRequired(true) .setBoundToSpecificSecureUserId(sid) .setUserAuthenticationValidityDurationSeconds(USER_AUTHENTICATION_VALIDITY); } keyStore.setEntry(keyAlias, new KeyStore.SecretKeyEntry(secretKey), builder.build()); byte[] intermediate = encrypt(applicationId, APPLICATION_ID_PERSONALIZATION, data); return encrypt(secretKey, intermediate); } catch (CertificateException | IOException | BadPaddingException | IllegalBlockSizeException | KeyStoreException | NoSuchPaddingException | NoSuchAlgorithmException | InvalidKeyException e) { e.printStackTrace(); throw new RuntimeException("Failed to encrypt blob", e); } }
Example 11
Source File: CloudSqlInstance.java From cloud-sql-jdbc-socket-factory with Apache License 2.0 | 5 votes |
/** * Creates a new SSLContext based on the provided parameters. This SSLContext will be used to * provide new SSLSockets that are authorized to connect to a Cloud SQL instance. */ private SSLContext createSslContext( KeyPair keyPair, Metadata metadata, Certificate ephemeralCertificate) { try { KeyStore authKeyStore = KeyStore.getInstance(KeyStore.getDefaultType()); authKeyStore.load(null, null); KeyStore.PrivateKeyEntry privateKey = new PrivateKeyEntry(keyPair.getPrivate(), new Certificate[] {ephemeralCertificate}); authKeyStore.setEntry("ephemeral", privateKey, new PasswordProtection(new char[0])); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(authKeyStore, new char[0]); KeyStore trustedKeyStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustedKeyStore.load(null, null); trustedKeyStore.setCertificateEntry("instance", metadata.getInstanceCaCertificate()); TrustManagerFactory tmf = TrustManagerFactory.getInstance("X.509"); tmf.init(trustedKeyStore); SSLContext sslContext = SSLContext.getInstance("TLSv1.2"); sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new SecureRandom()); return sslContext; } catch (GeneralSecurityException | IOException ex) { throw new RuntimeException( String.format( "[%s] Unable to create a SSLContext for the Cloud SQL instance.", connectionName), ex); } }
Example 12
Source File: P12SecretKey.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
private void run(String keystoreType) throws Exception { char[] pw = "password".toCharArray(); KeyStore ks = KeyStore.getInstance(keystoreType); ks.load(null, pw); KeyGenerator kg = KeyGenerator.getInstance("AES"); kg.init(128); SecretKey key = kg.generateKey(); KeyStore.SecretKeyEntry ske = new KeyStore.SecretKeyEntry(key); KeyStore.ProtectionParameter kspp = new KeyStore.PasswordProtection(pw); ks.setEntry(ALIAS, ske, kspp); File ksFile = File.createTempFile("test", ".test"); try (FileOutputStream fos = new FileOutputStream(ksFile)) { ks.store(fos, pw); fos.flush(); } // now see if we can get it back try (FileInputStream fis = new FileInputStream(ksFile)) { KeyStore ks2 = KeyStore.getInstance(keystoreType); ks2.load(fis, pw); KeyStore.Entry entry = ks2.getEntry(ALIAS, kspp); SecretKey keyIn = ((KeyStore.SecretKeyEntry)entry).getSecretKey(); if (Arrays.equals(key.getEncoded(), keyIn.getEncoded())) { System.err.println("OK: worked just fine with " + keystoreType + " keystore"); } else { System.err.println("ERROR: keys are NOT equal after storing in " + keystoreType + " keystore"); } } }
Example 13
Source File: P12SecretKey.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
private void run(String keystoreType) throws Exception { char[] pw = "password".toCharArray(); KeyStore ks = KeyStore.getInstance(keystoreType); ks.load(null, pw); KeyGenerator kg = KeyGenerator.getInstance("AES"); kg.init(128); SecretKey key = kg.generateKey(); KeyStore.SecretKeyEntry ske = new KeyStore.SecretKeyEntry(key); KeyStore.ProtectionParameter kspp = new KeyStore.PasswordProtection(pw); ks.setEntry(ALIAS, ske, kspp); File ksFile = File.createTempFile("test", ".test"); try (FileOutputStream fos = new FileOutputStream(ksFile)) { ks.store(fos, pw); fos.flush(); } // now see if we can get it back try (FileInputStream fis = new FileInputStream(ksFile)) { KeyStore ks2 = KeyStore.getInstance(keystoreType); ks2.load(fis, pw); KeyStore.Entry entry = ks2.getEntry(ALIAS, kspp); SecretKey keyIn = ((KeyStore.SecretKeyEntry)entry).getSecretKey(); if (Arrays.equals(key.getEncoded(), keyIn.getEncoded())) { System.err.println("OK: worked just fine with " + keystoreType + " keystore"); } else { System.err.println("ERROR: keys are NOT equal after storing in " + keystoreType + " keystore"); } } }
Example 14
Source File: KeystoreFactory.java From spring-boot-security-saml-samples with MIT License | 4 votes |
@SneakyThrows public void addKeyToKeystore(KeyStore keyStore, X509Certificate cert, RSAPrivateKey privateKey, String alias, String password) { KeyStore.PasswordProtection pass = new KeyStore.PasswordProtection(password.toCharArray()); Certificate[] certificateChain = {cert}; keyStore.setEntry(alias, new KeyStore.PrivateKeyEntry(privateKey, certificateChain), pass); }
Example 15
Source File: DKSTest.java From openjdk-8-source with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { /* * domain keystore: system */ URI config = new URI(CONFIG + "#system"); int cacertsCount; int expected; KeyStore keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); cacertsCount = expected = keystore.size(); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: system_plus */ config = new URI(CONFIG + "#system_plus"); expected = cacertsCount + 1; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: system_env */ config = new URI(CONFIG + "#system_env"); expected = 1 + cacertsCount; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load( new DomainLoadStoreParameter(config, Collections.<String, KeyStore.ProtectionParameter>emptyMap())); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: empty */ KeyStore empty = KeyStore.getInstance("JKS"); empty.load(null, null); try (OutputStream outStream = new FileOutputStream(new File(USER_DIR, "empty.jks"))) { empty.store(outStream, "passphrase".toCharArray()); } config = new URI(CONFIG + "#empty"); expected = 0; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: keystores */ config = new URI(CONFIG + "#keystores"); expected = 2 + 1 + 1 + 1; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); // set a new trusted certificate entry Certificate cert = loadCertificate(CERT); String alias = "pw_keystore tmp-cert"; System.out.println("Setting new trusted certificate entry: " + alias); keystore.setEntry(alias, new KeyStore.TrustedCertificateEntry(cert), null); expected++; // store entries config = new URI(CONFIG + "#keystores_tmp"); System.out.println("Storing domain keystore: " + config + "\t[" + expected + " entries]"); keystore.store(new DomainLoadStoreParameter(config, PASSWORDS)); keystore = KeyStore.getInstance("DKS"); // reload entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("Reloading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); // get the new trusted certificate entry System.out.println("Getting new trusted certificate entry: " + alias); if (!keystore.isCertificateEntry(alias)) { throw new Exception("Error: cannot retrieve certificate entry: " + alias); } keystore.setEntry(alias, new KeyStore.TrustedCertificateEntry(cert), null); }
Example 16
Source File: CryptoUtil.java From floodlight_with_topoguard with Apache License 2.0 | 4 votes |
public static void writeSharedSecret(String keyStorePath, String keyStorePassword, byte[] sharedSecret) throws Exception { char[] password = keyStorePassword.toCharArray(); KeyStore ks; try { ks = readKeyStore(keyStorePath, password); } catch (FileNotFoundException e) { ks = KeyStore.getInstance("JCEKS"); ks.load(null, password); } KeyStore.ProtectionParameter protParam = new KeyStore.PasswordProtection(password); SecretKeySpec signingKey = new SecretKeySpec(sharedSecret, "HmacSHA1"); KeyStore.SecretKeyEntry skEntry = new KeyStore.SecretKeyEntry(signingKey); ks.setEntry(CHALLENGE_RESPONSE_SECRET, skEntry, protParam); // store away the keystore java.io.FileOutputStream fos = null; File keyStoreFile = new File(keyStorePath); File parent = keyStoreFile.getParentFile(); if (parent != null) parent.mkdirs(); try { fos = new java.io.FileOutputStream(keyStoreFile); ks.store(fos, password); keyStoreFile.setReadable(false, false); keyStoreFile.setReadable(true, true); keyStoreFile.setWritable(false, false); keyStoreFile.setWritable(true, true); keyStoreFile.setExecutable(false, false); } finally { if (fos != null) { fos.close(); } } }
Example 17
Source File: DKSTest.java From jdk8u60 with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { /* * domain keystore: system */ URI config = new URI(CONFIG + "#system"); int cacertsCount; int expected; KeyStore keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); cacertsCount = expected = keystore.size(); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: system_plus */ config = new URI(CONFIG + "#system_plus"); expected = cacertsCount + 1; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: system_env */ config = new URI(CONFIG + "#system_env"); expected = 1 + cacertsCount; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load( new DomainLoadStoreParameter(config, Collections.<String, KeyStore.ProtectionParameter>emptyMap())); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: empty */ KeyStore empty = KeyStore.getInstance("JKS"); empty.load(null, null); try (OutputStream outStream = new FileOutputStream(new File(USER_DIR, "empty.jks"))) { empty.store(outStream, "passphrase".toCharArray()); } config = new URI(CONFIG + "#empty"); expected = 0; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: keystores */ config = new URI(CONFIG + "#keystores"); expected = 2 + 1 + 1 + 1; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); // set a new trusted certificate entry Certificate cert = loadCertificate(CERT); String alias = "pw_keystore tmp-cert"; System.out.println("Setting new trusted certificate entry: " + alias); keystore.setEntry(alias, new KeyStore.TrustedCertificateEntry(cert), null); expected++; // store entries config = new URI(CONFIG + "#keystores_tmp"); System.out.println("Storing domain keystore: " + config + "\t[" + expected + " entries]"); keystore.store(new DomainLoadStoreParameter(config, PASSWORDS)); keystore = KeyStore.getInstance("DKS"); // reload entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("Reloading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); // get the new trusted certificate entry System.out.println("Getting new trusted certificate entry: " + alias); if (!keystore.isCertificateEntry(alias)) { throw new Exception("Error: cannot retrieve certificate entry: " + alias); } keystore.setEntry(alias, new KeyStore.TrustedCertificateEntry(cert), null); }
Example 18
Source File: DKSTest.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { /* * domain keystore: system */ URI config = new URI(CONFIG + "#system"); int cacertsCount; int expected; KeyStore keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); cacertsCount = expected = keystore.size(); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: system_plus */ config = new URI(CONFIG + "#system_plus"); expected = cacertsCount + 1; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: system_env */ config = new URI(CONFIG + "#system_env"); expected = 1 + cacertsCount; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load( new DomainLoadStoreParameter(config, Collections.<String, KeyStore.ProtectionParameter>emptyMap())); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: empty */ KeyStore empty = KeyStore.getInstance("JKS"); empty.load(null, null); try (OutputStream outStream = new FileOutputStream(new File(USER_DIR, "empty.jks"))) { empty.store(outStream, "passphrase".toCharArray()); } config = new URI(CONFIG + "#empty"); expected = 0; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: keystores */ config = new URI(CONFIG + "#keystores"); expected = 2 + 1 + 1 + 1; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); // set a new trusted certificate entry Certificate cert = loadCertificate(CERT); String alias = "pw_keystore tmp-cert"; System.out.println("Setting new trusted certificate entry: " + alias); keystore.setEntry(alias, new KeyStore.TrustedCertificateEntry(cert), null); expected++; // store entries config = new URI(CONFIG + "#keystores_tmp"); System.out.println("Storing domain keystore: " + config + "\t[" + expected + " entries]"); keystore.store(new DomainLoadStoreParameter(config, PASSWORDS)); keystore = KeyStore.getInstance("DKS"); // reload entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("Reloading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); // get the new trusted certificate entry System.out.println("Getting new trusted certificate entry: " + alias); if (!keystore.isCertificateEntry(alias)) { throw new Exception("Error: cannot retrieve certificate entry: " + alias); } keystore.setEntry(alias, new KeyStore.TrustedCertificateEntry(cert), null); }
Example 19
Source File: DKSTest.java From openjdk-8 with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { /* * domain keystore: system */ URI config = new URI(CONFIG + "#system"); int cacertsCount; int expected; KeyStore keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); cacertsCount = expected = keystore.size(); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: system_plus */ config = new URI(CONFIG + "#system_plus"); expected = cacertsCount + 1; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: system_env */ config = new URI(CONFIG + "#system_env"); expected = 1 + cacertsCount; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load( new DomainLoadStoreParameter(config, Collections.<String, KeyStore.ProtectionParameter>emptyMap())); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: empty */ KeyStore empty = KeyStore.getInstance("JKS"); empty.load(null, null); try (OutputStream outStream = new FileOutputStream(new File(USER_DIR, "empty.jks"))) { empty.store(outStream, "passphrase".toCharArray()); } config = new URI(CONFIG + "#empty"); expected = 0; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: keystores */ config = new URI(CONFIG + "#keystores"); expected = 2 + 1 + 1 + 1; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); // set a new trusted certificate entry Certificate cert = loadCertificate(CERT); String alias = "pw_keystore tmp-cert"; System.out.println("Setting new trusted certificate entry: " + alias); keystore.setEntry(alias, new KeyStore.TrustedCertificateEntry(cert), null); expected++; // store entries config = new URI(CONFIG + "#keystores_tmp"); System.out.println("Storing domain keystore: " + config + "\t[" + expected + " entries]"); keystore.store(new DomainLoadStoreParameter(config, PASSWORDS)); keystore = KeyStore.getInstance("DKS"); // reload entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("Reloading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); // get the new trusted certificate entry System.out.println("Getting new trusted certificate entry: " + alias); if (!keystore.isCertificateEntry(alias)) { throw new Exception("Error: cannot retrieve certificate entry: " + alias); } keystore.setEntry(alias, new KeyStore.TrustedCertificateEntry(cert), null); }
Example 20
Source File: DKSTest.java From hottub with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { /* * domain keystore: system */ URI config = new URI(CONFIG + "#system"); int cacertsCount; int expected; KeyStore keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); cacertsCount = expected = keystore.size(); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: system_plus */ config = new URI(CONFIG + "#system_plus"); expected = cacertsCount + 1; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: system_env */ config = new URI(CONFIG + "#system_env"); expected = 1 + cacertsCount; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load( new DomainLoadStoreParameter(config, Collections.<String, KeyStore.ProtectionParameter>emptyMap())); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: empty */ KeyStore empty = KeyStore.getInstance("JKS"); empty.load(null, null); try (OutputStream outStream = new FileOutputStream(new File(USER_DIR, "empty.jks"))) { empty.store(outStream, "passphrase".toCharArray()); } config = new URI(CONFIG + "#empty"); expected = 0; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); /* * domain keystore: keystores */ config = new URI(CONFIG + "#keystores"); expected = 2 + 1 + 1 + 1; keystore = KeyStore.getInstance("DKS"); // load entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("\nLoading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); // set a new trusted certificate entry Certificate cert = loadCertificate(CERT); String alias = "pw_keystore tmp-cert"; System.out.println("Setting new trusted certificate entry: " + alias); keystore.setEntry(alias, new KeyStore.TrustedCertificateEntry(cert), null); expected++; // store entries config = new URI(CONFIG + "#keystores_tmp"); System.out.println("Storing domain keystore: " + config + "\t[" + expected + " entries]"); keystore.store(new DomainLoadStoreParameter(config, PASSWORDS)); keystore = KeyStore.getInstance("DKS"); // reload entries keystore.load(new DomainLoadStoreParameter(config, PASSWORDS)); System.out.println("Reloading domain keystore: " + config + "\t[" + expected + " entries]"); checkEntries(keystore, expected); // get the new trusted certificate entry System.out.println("Getting new trusted certificate entry: " + alias); if (!keystore.isCertificateEntry(alias)) { throw new Exception("Error: cannot retrieve certificate entry: " + alias); } keystore.setEntry(alias, new KeyStore.TrustedCertificateEntry(cert), null); }