Java Code Examples for java.security.KeyStore#size()
The following examples show how to use
java.security.KeyStore#size() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: ConvertP12Test.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
|
private void compareKeyStore(KeyStore a, KeyStore b, String inKeyPass,
String outKeyPass, int keyStoreSize) throws Exception {
if (a.size() != keyStoreSize || b.size() != keyStoreSize) {
throw new RuntimeException("size not match or size not equal to "
+ keyStoreSize);
}
Enumeration<String> eA = a.aliases();
while (eA.hasMoreElements()) {
String aliasA = eA.nextElement();
if (!b.containsAlias(aliasA)) {
throw new RuntimeException("alias not match for alias:"
+ aliasA);
}
compareKeyEntry(a, b, inKeyPass, outKeyPass, aliasA);
}
}
Example 2
| Source File: ConvertP12Test.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
|
private void compareKeyStore(KeyStore a, KeyStore b, String inKeyPass,
String outKeyPass, int keyStoreSize) throws Exception {
if (a.size() != keyStoreSize || b.size() != keyStoreSize) {
throw new RuntimeException("size not match or size not equal to "
+ keyStoreSize);
}
Enumeration<String> eA = a.aliases();
while (eA.hasMoreElements()) {
String aliasA = eA.nextElement();
if (!b.containsAlias(aliasA)) {
throw new RuntimeException("alias not match for alias:"
+ aliasA);
}
compareKeyEntry(a, b, inKeyPass, outKeyPass, aliasA);
}
}
Example 3
| Source File: SSLEngineFactoryImpl.java From dremio-oss with Apache License 2.0 | 6 votes |
|
private KeyManagerFactory newKeyManagerFactory() throws GeneralSecurityException, IOException {
if (sslConfig.getKeyStorePath() == SSLConfig.UNSPECIFIED) {
return null;
}
final KeyStore keyStore = KeyStore.getInstance(sslConfig.getKeyStoreType());
try (InputStream stream = new FileInputStream(sslConfig.getKeyStorePath())) {
keyStore.load(stream, sslConfig.getKeyStorePassword().toCharArray());
}
if (keyStore.size() == 0) {
throw new IllegalArgumentException("Key store has no entries");
}
final KeyManagerFactory factory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
factory.init(keyStore, sslConfig.getKeyPassword().toCharArray());
return factory;
}
Example 4
| Source File: ConvertP12Test.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
private void compareKeyStore(KeyStore a, KeyStore b, String inKeyPass,
String outKeyPass, int keyStoreSize) throws Exception {
if (a.size() != keyStoreSize || b.size() != keyStoreSize) {
throw new RuntimeException("size not match or size not equal to "
+ keyStoreSize);
}
Enumeration<String> eA = a.aliases();
while (eA.hasMoreElements()) {
String aliasA = eA.nextElement();
if (!b.containsAlias(aliasA)) {
throw new RuntimeException("alias not match for alias:"
+ aliasA);
}
compareKeyEntry(a, b, inKeyPass, outKeyPass, aliasA);
}
}
Example 5
| Source File: ConvertP12Test.java From openjdk-jdk8u with GNU General Public License v2.0 | 6 votes |
|
private void compareKeyStore(KeyStore a, KeyStore b, String inKeyPass,
String outKeyPass, int keyStoreSize) throws Exception {
if (a.size() != keyStoreSize || b.size() != keyStoreSize) {
throw new RuntimeException("size not match or size not equal to "
+ keyStoreSize);
}
Enumeration<String> eA = a.aliases();
while (eA.hasMoreElements()) {
String aliasA = eA.nextElement();
if (!b.containsAlias(aliasA)) {
throw new RuntimeException("alias not match for alias:"
+ aliasA);
}
compareKeyEntry(a, b, inKeyPass, outKeyPass, aliasA);
}
}
Example 6
| Source File: KseFrame.java From keystore-explorer with GNU General Public License v3.0 | 6 votes |
|
private String getKeyStoreStatusText(KeyStoreHistory history) {
// Status Text: 'KeyStore Type, Size, Path'
KeyStoreState currentState = history.getCurrentState();
KeyStore ksLoaded = currentState.getKeyStore();
int size;
try {
size = ksLoaded.size();
} catch (KeyStoreException ex) {
DError.displayError(frame, ex);
return "";
}
KeyStoreType keyStoreType = currentState.getType();
return MessageFormat.format(res.getString("KseFrame.entries.statusbar"),
keyStoreType.friendly(), size, history.getPath());
}
Example 7
| Source File: KeystoreLongTest.java From SPDS with Eclipse Public License 2.0 | 5 votes |
|
@Test
public void catchClause() {
try {
final KeyStore keyStore = KeyStore.getInstance("JKS");
// ... Some code
int size = keyStore.size(); // Hit !
mustBeInErrorState(keyStore);
} catch (KeyStoreException e) {
e.printStackTrace();
}
}
Example 8
| Source File: YouTrackClient.java From vk-java-sdk with MIT License | 5 votes |
|
private SSLConnectionSocketFactory initSslContext(String keyStoreType, String keyStorePath, String keyStorePassword, String keyPassword,
String trustStoreType, String trustStorePath, String trustStorePassword)
throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, UnrecoverableKeyException, KeyManagementException {
SSLContextBuilder sslContextBuilder = SSLContexts.custom();
if (StringUtils.isNoneBlank(keyStorePath)) {
KeyStore keyStore = SslUtils.getStore(keyStoreType, keyStorePath, keyStorePassword);
if (keyStore.size() == 0) {
throw new IllegalStateException("Key store has no keys");
}
sslContextBuilder.loadKeyMaterial(keyStore, keyPassword.toCharArray());
}
if (StringUtils.isNoneBlank(trustStorePath)) {
KeyStore trustStore = SslUtils.getStore(trustStoreType, trustStorePath, trustStorePassword);
if (trustStore.size() == 0) {
throw new IllegalStateException("Trust store has no keys");
}
sslContextBuilder.loadTrustMaterial(trustStore, new TrustSelfSignedStrategy());
}
return new SSLConnectionSocketFactory(
sslContextBuilder.build(),
SSLConnectionSocketFactory.getDefaultHostnameVerifier());
}
Example 9
| Source File: FPortecle.java From portecle with GNU General Public License v2.0 | 4 votes |
|
/**
* Set the text in the staus bar to reflect the status of the currently loaded keystore.
*/
@Override
public void setDefaultStatusBarText()
{
// No keystore loaded...
if (m_keyStoreWrap == null)
{
setStatusBarText(RB.getString("FPortecle.noKeyStore.statusbar"));
}
// keystore loaded...
else
{
// Get the keystore and display information on its type and size
KeyStore ksLoaded = m_keyStoreWrap.getKeyStore();
int iSize;
try
{
iSize = ksLoaded.size();
}
catch (KeyStoreException ex)
{
setStatusBarText("");
DThrowable.showAndWait(this, null, ex);
return;
}
String sType = KeyStoreType.valueOfType(ksLoaded.getType()).toString();
String sProv = ksLoaded.getProvider().getName();
if (iSize == 1)
{
setStatusBarText(MessageFormat.format(RB.getString("FPortecle.entry.statusbar"), sType, sProv));
}
else
{
setStatusBarText(
MessageFormat.format(RB.getString("FPortecle.entries.statusbar"), sType, sProv, iSize));
}
}
}
Example 10
| Source File: WriteP12Test.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
|
private void testKeyStore(KeyStore inputKeyStore, char[] keypass)
throws KeyStoreException, UnrecoverableKeyException,
NoSuchAlgorithmException {
out.println("========== Key Store ==========");
out.println("getProvider : " + inputKeyStore.getProvider());
out.println("getType : " + inputKeyStore.getType());
out.println("getDefaultType : " + KeyStore.getDefaultType());
int idx = 0;
Enumeration<String> e = inputKeyStore.aliases();
String alias;
while (e.hasMoreElements()) {
alias = e.nextElement();
if (!inputKeyStore.containsAlias(alias)) {
throw new RuntimeException("Alias not found");
}
out.println("Alias " + idx + " : " + alias);
out.println("getCreationDate : "
+ inputKeyStore.getCreationDate(alias));
X509Certificate cert = (X509Certificate) inputKeyStore
.getCertificate(alias);
out.println("getCertificate : " + cert.getSubjectDN());
String retAlias = inputKeyStore.getCertificateAlias(cert);
if (!retAlias.equals(alias)) {
throw new RuntimeException("Alias mismatch, actually "
+ retAlias + ", expected " + alias);
}
out.println("getCertificateAlias : " + retAlias);
Certificate[] certs = inputKeyStore.getCertificateChain(alias);
int i = 0;
for (Certificate certification : certs) {
out.println("getCertificateChain " + i
+ ((X509Certificate) certification).getSubjectDN());
i++;
}
if (inputKeyStore.isCertificateEntry(alias)) {
throw new RuntimeException(
"inputKeystore should not be certEntry because this"
+ " keystore only contain key pair entries.");
}
if (!inputKeyStore.isKeyEntry(alias)) {
throw new RuntimeException("Entry type unknown.");
}
idx++;
}
int size = inputKeyStore.size();
if (idx != size) {
throw new RuntimeException("Size not match, actually " + idx
+ ", expected " + size);
}
}
Example 11
| Source File: DKSTest.java From hottub with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
/*
* domain keystore: system
*/
URI config = new URI(CONFIG + "#system");
int cacertsCount;
int expected;
KeyStore keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
cacertsCount = expected = keystore.size();
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: system_plus
*/
config = new URI(CONFIG + "#system_plus");
expected = cacertsCount + 1;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: system_env
*/
config = new URI(CONFIG + "#system_env");
expected = 1 + cacertsCount;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(
new DomainLoadStoreParameter(config,
Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: empty
*/
KeyStore empty = KeyStore.getInstance("JKS");
empty.load(null, null);
try (OutputStream outStream =
new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
empty.store(outStream, "passphrase".toCharArray());
}
config = new URI(CONFIG + "#empty");
expected = 0;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: keystores
*/
config = new URI(CONFIG + "#keystores");
expected = 2 + 1 + 1 + 1;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
// set a new trusted certificate entry
Certificate cert = loadCertificate(CERT);
String alias = "pw_keystore tmp-cert";
System.out.println("Setting new trusted certificate entry: " + alias);
keystore.setEntry(alias,
new KeyStore.TrustedCertificateEntry(cert), null);
expected++;
// store entries
config = new URI(CONFIG + "#keystores_tmp");
System.out.println("Storing domain keystore: " + config + "\t[" +
expected + " entries]");
keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
keystore = KeyStore.getInstance("DKS");
// reload entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("Reloading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
// get the new trusted certificate entry
System.out.println("Getting new trusted certificate entry: " + alias);
if (!keystore.isCertificateEntry(alias)) {
throw new Exception("Error: cannot retrieve certificate entry: " +
alias);
}
keystore.setEntry(alias,
new KeyStore.TrustedCertificateEntry(cert), null);
}
Example 12
| Source File: AddPrivateKey.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
|
private static void test(Provider p, PrivateKeyEntry entry) throws Exception {
PrivateKey key = entry.getPrivateKey();
X509Certificate[] chain = (X509Certificate[])entry.getCertificateChain();
PublicKey publicKey = chain[0].getPublicKey();
System.out.println(toString(key));
sign(p, key, publicKey);
KeyStore ks = KeyStore.getInstance("PKCS11", p);
ks.load(null, null);
if (ks.size() != 0) {
throw new Exception("KeyStore not empty");
}
List<String> aliases;
// test 1: add entry
ks.setKeyEntry(ALIAS1, key, null, chain);
aliases = aliases(ks);
if (aliases.size() != 1) {
throw new Exception("size not 1: " + aliases);
}
if (aliases.get(0).equals(ALIAS1) == false) {
throw new Exception("alias mismatch: " + aliases);
}
PrivateKey key2 = (PrivateKey)ks.getKey(ALIAS1, null);
System.out.println(toString(key2));
X509Certificate[] chain2 =
(X509Certificate[]) ks.getCertificateChain(ALIAS1);
if (Arrays.equals(chain, chain2) == false) {
throw new Exception("chain mismatch");
}
sign(p, key2, publicKey);
ks.deleteEntry(ALIAS1);
if (ks.size() != 0) {
throw new Exception("KeyStore not empty");
}
// test 2: translate to session object, then add entry
KeyFactory kf = KeyFactory.getInstance(key.getAlgorithm(), p);
PrivateKey key3 = (PrivateKey)kf.translateKey(key);
System.out.println(toString(key3));
sign(p, key3, publicKey);
ks.setKeyEntry(ALIAS2, key3, null, chain);
aliases = aliases(ks);
if (aliases.size() != 1) {
throw new Exception("size not 1");
}
if (aliases.get(0).equals(ALIAS2) == false) {
throw new Exception("alias mismatch: " + aliases);
}
PrivateKey key4 = (PrivateKey)ks.getKey(ALIAS2, null);
System.out.println(toString(key4));
X509Certificate[] chain4 = (X509Certificate[])
ks.getCertificateChain(ALIAS2);
if (Arrays.equals(chain, chain4) == false) {
throw new Exception("chain mismatch");
}
sign(p, key4, publicKey);
// test 3: change alias
ks.setKeyEntry(ALIAS3, key3, null, chain);
aliases = aliases(ks);
if (aliases.size() != 1) {
throw new Exception("size not 1");
}
if (aliases.get(0).equals(ALIAS3) == false) {
throw new Exception("alias mismatch: " + aliases);
}
PrivateKey key5 = (PrivateKey)ks.getKey(ALIAS3, null);
System.out.println(toString(key5));
X509Certificate[] chain5 = (X509Certificate[])
ks.getCertificateChain(ALIAS3);
if (Arrays.equals(chain, chain5) == false) {
throw new Exception("chain mismatch");
}
sign(p, key5, publicKey);
ks.deleteEntry(ALIAS3);
if (ks.size() != 0) {
throw new Exception("KeyStore not empty");
}
System.out.println("OK");
}
Example 13
| Source File: WriteP12Test.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 4 votes |
|
private void testKeyStore(KeyStore inputKeyStore, char[] keypass)
throws KeyStoreException, UnrecoverableKeyException,
NoSuchAlgorithmException {
out.println("========== Key Store ==========");
out.println("getProvider : " + inputKeyStore.getProvider());
out.println("getType : " + inputKeyStore.getType());
out.println("getDefaultType : " + KeyStore.getDefaultType());
int idx = 0;
Enumeration<String> e = inputKeyStore.aliases();
String alias;
while (e.hasMoreElements()) {
alias = e.nextElement();
if (!inputKeyStore.containsAlias(alias)) {
throw new RuntimeException("Alias not found");
}
out.println("Alias " + idx + " : " + alias);
out.println("getCreationDate : "
+ inputKeyStore.getCreationDate(alias));
X509Certificate cert = (X509Certificate) inputKeyStore
.getCertificate(alias);
out.println("getCertificate : " + cert.getSubjectDN());
String retAlias = inputKeyStore.getCertificateAlias(cert);
if (!retAlias.equals(alias)) {
throw new RuntimeException("Alias mismatch, actually "
+ retAlias + ", expected " + alias);
}
out.println("getCertificateAlias : " + retAlias);
Certificate[] certs = inputKeyStore.getCertificateChain(alias);
int i = 0;
for (Certificate certification : certs) {
out.println("getCertificateChain " + i
+ ((X509Certificate) certification).getSubjectDN());
i++;
}
if (inputKeyStore.isCertificateEntry(alias)) {
throw new RuntimeException(
"inputKeystore should not be certEntry because this"
+ " keystore only contain key pair entries.");
}
if (!inputKeyStore.isKeyEntry(alias)) {
throw new RuntimeException("Entry type unknown.");
}
idx++;
}
int size = inputKeyStore.size();
if (idx != size) {
throw new RuntimeException("Size not match, actually " + idx
+ ", expected " + size);
}
}
Example 14
| Source File: DKSTest.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
/*
* domain keystore: system
*/
URI config = new URI(CONFIG + "#system");
int cacertsCount;
int expected;
KeyStore keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
cacertsCount = expected = keystore.size();
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: system_plus
*/
config = new URI(CONFIG + "#system_plus");
expected = cacertsCount + 1;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: system_env
*/
config = new URI(CONFIG + "#system_env");
expected = 1 + cacertsCount;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(
new DomainLoadStoreParameter(config,
Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: empty
*/
KeyStore empty = KeyStore.getInstance("JKS");
empty.load(null, null);
try (OutputStream outStream =
new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
empty.store(outStream, "passphrase".toCharArray());
}
config = new URI(CONFIG + "#empty");
expected = 0;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: keystores
*/
config = new URI(CONFIG + "#keystores");
expected = 2 + 1 + 1 + 1;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
// set a new trusted certificate entry
Certificate cert = loadCertificate(CERT);
String alias = "pw_keystore tmp-cert";
System.out.println("Setting new trusted certificate entry: " + alias);
keystore.setEntry(alias,
new KeyStore.TrustedCertificateEntry(cert), null);
expected++;
// store entries
config = new URI(CONFIG + "#keystores_tmp");
System.out.println("Storing domain keystore: " + config + "\t[" +
expected + " entries]");
keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
keystore = KeyStore.getInstance("DKS");
// reload entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("Reloading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
// get the new trusted certificate entry
System.out.println("Getting new trusted certificate entry: " + alias);
if (!keystore.isCertificateEntry(alias)) {
throw new Exception("Error: cannot retrieve certificate entry: " +
alias);
}
keystore.setEntry(alias,
new KeyStore.TrustedCertificateEntry(cert), null);
}
Example 15
| Source File: DKSTest.java From openjdk-8-source with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
/*
* domain keystore: system
*/
URI config = new URI(CONFIG + "#system");
int cacertsCount;
int expected;
KeyStore keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
cacertsCount = expected = keystore.size();
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: system_plus
*/
config = new URI(CONFIG + "#system_plus");
expected = cacertsCount + 1;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: system_env
*/
config = new URI(CONFIG + "#system_env");
expected = 1 + cacertsCount;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(
new DomainLoadStoreParameter(config,
Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: empty
*/
KeyStore empty = KeyStore.getInstance("JKS");
empty.load(null, null);
try (OutputStream outStream =
new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
empty.store(outStream, "passphrase".toCharArray());
}
config = new URI(CONFIG + "#empty");
expected = 0;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: keystores
*/
config = new URI(CONFIG + "#keystores");
expected = 2 + 1 + 1 + 1;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
// set a new trusted certificate entry
Certificate cert = loadCertificate(CERT);
String alias = "pw_keystore tmp-cert";
System.out.println("Setting new trusted certificate entry: " + alias);
keystore.setEntry(alias,
new KeyStore.TrustedCertificateEntry(cert), null);
expected++;
// store entries
config = new URI(CONFIG + "#keystores_tmp");
System.out.println("Storing domain keystore: " + config + "\t[" +
expected + " entries]");
keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
keystore = KeyStore.getInstance("DKS");
// reload entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("Reloading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
// get the new trusted certificate entry
System.out.println("Getting new trusted certificate entry: " + alias);
if (!keystore.isCertificateEntry(alias)) {
throw new Exception("Error: cannot retrieve certificate entry: " +
alias);
}
keystore.setEntry(alias,
new KeyStore.TrustedCertificateEntry(cert), null);
}
Example 16
| Source File: DKSTest.java From jdk8u60 with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
/*
* domain keystore: system
*/
URI config = new URI(CONFIG + "#system");
int cacertsCount;
int expected;
KeyStore keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
cacertsCount = expected = keystore.size();
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: system_plus
*/
config = new URI(CONFIG + "#system_plus");
expected = cacertsCount + 1;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: system_env
*/
config = new URI(CONFIG + "#system_env");
expected = 1 + cacertsCount;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(
new DomainLoadStoreParameter(config,
Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: empty
*/
KeyStore empty = KeyStore.getInstance("JKS");
empty.load(null, null);
try (OutputStream outStream =
new FileOutputStream(new File(USER_DIR, "empty.jks"))) {
empty.store(outStream, "passphrase".toCharArray());
}
config = new URI(CONFIG + "#empty");
expected = 0;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
/*
* domain keystore: keystores
*/
config = new URI(CONFIG + "#keystores");
expected = 2 + 1 + 1 + 1;
keystore = KeyStore.getInstance("DKS");
// load entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("\nLoading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
// set a new trusted certificate entry
Certificate cert = loadCertificate(CERT);
String alias = "pw_keystore tmp-cert";
System.out.println("Setting new trusted certificate entry: " + alias);
keystore.setEntry(alias,
new KeyStore.TrustedCertificateEntry(cert), null);
expected++;
// store entries
config = new URI(CONFIG + "#keystores_tmp");
System.out.println("Storing domain keystore: " + config + "\t[" +
expected + " entries]");
keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
keystore = KeyStore.getInstance("DKS");
// reload entries
keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
System.out.println("Reloading domain keystore: " + config + "\t[" +
expected + " entries]");
checkEntries(keystore, expected);
// get the new trusted certificate entry
System.out.println("Getting new trusted certificate entry: " + alias);
if (!keystore.isCertificateEntry(alias)) {
throw new Exception("Error: cannot retrieve certificate entry: " +
alias);
}
keystore.setEntry(alias,
new KeyStore.TrustedCertificateEntry(cert), null);
}
Example 17
| Source File: TestKeyStoreEntry.java From TencentKona-8 with GNU General Public License v2.0 | 4 votes |
|
public void runTest(Provider p) throws Exception {
try (FileOutputStream fos = new FileOutputStream("jceks");
FileInputStream fis = new FileInputStream("jceks");) {
KeyStore ks = KeyStore.getInstance("jceks", p);
// create an empty key store
ks.load(null, null);
// store the secret keys
String aliasHead = new String("secretKey");
for (int j = 0; j < NUM_ALGOS; j++) {
ks.setKeyEntry(aliasHead + j, sks[j], PASSWDK, null);
}
// write the key store out to a file
ks.store(fos, PASSWDF);
// wipe clean the existing key store
for (int k = 0; k < NUM_ALGOS; k++) {
ks.deleteEntry(aliasHead + k);
}
if (ks.size() != 0) {
throw new RuntimeException("ERROR: re-initialization failed");
}
// reload the key store with the file
ks.load(fis, PASSWDF);
// check the integrity/validaty of the key store
Key temp = null;
String alias = null;
if (ks.size() != NUM_ALGOS) {
throw new RuntimeException("ERROR: wrong number of key"
+ " entries");
}
for (int m = 0; m < ks.size(); m++) {
alias = aliasHead + m;
temp = ks.getKey(alias, PASSWDK);
// compare the keys
if (!temp.equals(sks[m])) {
throw new RuntimeException("ERROR: key comparison (" + m
+ ") failed");
}
// check the type of key
if (ks.isCertificateEntry(alias) || !ks.isKeyEntry(alias)) {
throw new RuntimeException("ERROR: type identification ("
+ m + ") failed");
}
}
}
}
Example 18
| Source File: WriteP12Test.java From TencentKona-8 with GNU General Public License v2.0 | 4 votes |
|
private void testKeyStore(KeyStore inputKeyStore, char[] keypass)
throws KeyStoreException, UnrecoverableKeyException,
NoSuchAlgorithmException {
out.println("========== Key Store ==========");
out.println("getProvider : " + inputKeyStore.getProvider());
out.println("getType : " + inputKeyStore.getType());
out.println("getDefaultType : " + KeyStore.getDefaultType());
int idx = 0;
Enumeration<String> e = inputKeyStore.aliases();
String alias;
while (e.hasMoreElements()) {
alias = e.nextElement();
if (!inputKeyStore.containsAlias(alias)) {
throw new RuntimeException("Alias not found");
}
out.println("Alias " + idx + " : " + alias);
out.println("getCreationDate : "
+ inputKeyStore.getCreationDate(alias));
X509Certificate cert = (X509Certificate) inputKeyStore
.getCertificate(alias);
out.println("getCertificate : " + cert.getSubjectDN());
String retAlias = inputKeyStore.getCertificateAlias(cert);
if (!retAlias.equals(alias)) {
throw new RuntimeException("Alias mismatch, actually "
+ retAlias + ", expected " + alias);
}
out.println("getCertificateAlias : " + retAlias);
Certificate[] certs = inputKeyStore.getCertificateChain(alias);
int i = 0;
for (Certificate certification : certs) {
out.println("getCertificateChain " + i
+ ((X509Certificate) certification).getSubjectDN());
i++;
}
if (inputKeyStore.isCertificateEntry(alias)) {
throw new RuntimeException(
"inputKeystore should not be certEntry because this"
+ " keystore only contain key pair entries.");
}
if (!inputKeyStore.isKeyEntry(alias)) {
throw new RuntimeException("Entry type unknown.");
}
idx++;
}
int size = inputKeyStore.size();
if (idx != size) {
throw new RuntimeException("Size not match, actually " + idx
+ ", expected " + size);
}
}
Example 19
| Source File: WriteP12Test.java From jdk8u_jdk with GNU General Public License v2.0 | 4 votes |
|
private void testKeyStore(KeyStore inputKeyStore, char[] keypass)
throws KeyStoreException, UnrecoverableKeyException,
NoSuchAlgorithmException {
out.println("========== Key Store ==========");
out.println("getProvider : " + inputKeyStore.getProvider());
out.println("getType : " + inputKeyStore.getType());
out.println("getDefaultType : " + KeyStore.getDefaultType());
int idx = 0;
Enumeration<String> e = inputKeyStore.aliases();
String alias;
while (e.hasMoreElements()) {
alias = e.nextElement();
if (!inputKeyStore.containsAlias(alias)) {
throw new RuntimeException("Alias not found");
}
out.println("Alias " + idx + " : " + alias);
out.println("getCreationDate : "
+ inputKeyStore.getCreationDate(alias));
X509Certificate cert = (X509Certificate) inputKeyStore
.getCertificate(alias);
out.println("getCertificate : " + cert.getSubjectDN());
String retAlias = inputKeyStore.getCertificateAlias(cert);
if (!retAlias.equals(alias)) {
throw new RuntimeException("Alias mismatch, actually "
+ retAlias + ", expected " + alias);
}
out.println("getCertificateAlias : " + retAlias);
Certificate[] certs = inputKeyStore.getCertificateChain(alias);
int i = 0;
for (Certificate certification : certs) {
out.println("getCertificateChain " + i
+ ((X509Certificate) certification).getSubjectDN());
i++;
}
if (inputKeyStore.isCertificateEntry(alias)) {
throw new RuntimeException(
"inputKeystore should not be certEntry because this"
+ " keystore only contain key pair entries.");
}
if (!inputKeyStore.isKeyEntry(alias)) {
throw new RuntimeException("Entry type unknown.");
}
idx++;
}
int size = inputKeyStore.size();
if (idx != size) {
throw new RuntimeException("Size not match, actually " + idx
+ ", expected " + size);
}
}
Example 20
| Source File: WriteP12Test.java From dragonwell8_jdk with GNU General Public License v2.0 | 4 votes |
|
private void testKeyStore(KeyStore inputKeyStore, char[] keypass)
throws KeyStoreException, UnrecoverableKeyException,
NoSuchAlgorithmException {
out.println("========== Key Store ==========");
out.println("getProvider : " + inputKeyStore.getProvider());
out.println("getType : " + inputKeyStore.getType());
out.println("getDefaultType : " + KeyStore.getDefaultType());
int idx = 0;
Enumeration<String> e = inputKeyStore.aliases();
String alias;
while (e.hasMoreElements()) {
alias = e.nextElement();
if (!inputKeyStore.containsAlias(alias)) {
throw new RuntimeException("Alias not found");
}
out.println("Alias " + idx + " : " + alias);
out.println("getCreationDate : "
+ inputKeyStore.getCreationDate(alias));
X509Certificate cert = (X509Certificate) inputKeyStore
.getCertificate(alias);
out.println("getCertificate : " + cert.getSubjectDN());
String retAlias = inputKeyStore.getCertificateAlias(cert);
if (!retAlias.equals(alias)) {
throw new RuntimeException("Alias mismatch, actually "
+ retAlias + ", expected " + alias);
}
out.println("getCertificateAlias : " + retAlias);
Certificate[] certs = inputKeyStore.getCertificateChain(alias);
int i = 0;
for (Certificate certification : certs) {
out.println("getCertificateChain " + i
+ ((X509Certificate) certification).getSubjectDN());
i++;
}
if (inputKeyStore.isCertificateEntry(alias)) {
throw new RuntimeException(
"inputKeystore should not be certEntry because this"
+ " keystore only contain key pair entries.");
}
if (!inputKeyStore.isKeyEntry(alias)) {
throw new RuntimeException("Entry type unknown.");
}
idx++;
}
int size = inputKeyStore.size();
if (idx != size) {
throw new RuntimeException("Size not match, actually " + idx
+ ", expected " + size);
}
}
