java.security.KeyStore.ProtectionParameter Java Examples
The following examples show how to use
java.security.KeyStore.ProtectionParameter.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: AbstractKeyStoreKeyProvider.java From neoscada with Eclipse Public License 1.0 | 6 votes |
|
protected void performLoad ( final CallbackHandler callbackHandler ) throws Exception
{
this.list.clear ();
setLocked ( true );
this.keyStore.load ( new KeyStore.LoadStoreParameter () {
@Override
public ProtectionParameter getProtectionParameter ()
{
return new KeyStore.CallbackHandlerProtection ( new CallbackHandlerTranslator ( callbackHandler ) );
}
} );
setLocked ( false );
extractKeys ( null );
}
Example #2
| Source File: TestKeyStoreSpi.java From j2objc with Apache License 2.0 | 6 votes |
|
@Override
public void engineStore(LoadStoreParameter param) throws IOException,
NoSuchAlgorithmException, CertificateException {
if (param == null) {
throw new IOException();
}
ProtectionParameter pParam = param.getProtectionParameter();
if (pParam instanceof PasswordProtection) {
char[] password = ((PasswordProtection) pParam).getPassword();
if (password == null) {
throw new NoSuchAlgorithmException();
} else if (password.length == 0) {
throw new CertificateException();
}
return;
}
throw new UnsupportedOperationException();
}
Example #3
| Source File: TestKeyStoreSpi.java From j2objc with Apache License 2.0 | 6 votes |
|
@Override
public void engineLoad(LoadStoreParameter param) throws IOException,
NoSuchAlgorithmException, CertificateException {
if (param == null) {
engineLoad(null, null);
return;
}
ProtectionParameter pParam = param.getProtectionParameter();
if (pParam == null) {
throw new NoSuchAlgorithmException();
}
if (pParam instanceof PasswordProtection) {
char[] password = ((PasswordProtection) pParam).getPassword();
if (password == null) {
throw new NoSuchAlgorithmException();
} else {
return;
}
}
throw new CertificateException();
}
Example #4
| Source File: PKCS11KeyStoreKeyingDataProvider.java From xades4j with GNU Lesser General Public License v3.0 | 6 votes |
|
@Override
protected final KeyStore.ProtectionParameter getKeyProtection(
final String entryAlias,
final X509Certificate entryCert,
final KeyEntryPasswordProvider entryPasswordProvider)
{
if (null == entryPasswordProvider)
{
return null;
}
return new KeyStore.CallbackHandlerProtection(new CallbackHandler()
{
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
PasswordCallback c = (PasswordCallback) callbacks[0];
c.setPassword(entryPasswordProvider.getPassword(entryAlias, entryCert));
}
});
}
Example #5
| Source File: KeyStoreProvider.java From aws-encryption-sdk-java with Apache License 2.0 | 5 votes |
|
/**
* Creates an instance of this class using {@code wrappingAlgorithm} which will encrypt data to
* the keys specified by {@code aliasNames}.
*/
public KeyStoreProvider(final KeyStore keystore, final ProtectionParameter protection,
final String providerName, final String wrappingAlgorithm, final String... aliasNames) {
keystore_ = keystore;
protection_ = protection;
wrappingAlgorithm_ = wrappingAlgorithm;
aliasNames_ = Arrays.asList(aliasNames);
providerName_ = providerName;
keyAlgorithm_ = wrappingAlgorithm.split("/", 2)[0].toUpperCase();
}
Example #6
| Source File: KeyStoreMaterialsProvider.java From aws-dynamodb-encryption-java with Apache License 2.0 | 5 votes |
|
public KeyStoreMaterialsProvider(KeyStore keyStore, String encryptionAlias, String signingAlias,
ProtectionParameter encryptionProtection, ProtectionParameter signingProtection,
Map<String, String> description)
throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException {
super();
this.keyStore = keyStore;
this.encryptionAlias = encryptionAlias;
this.signingAlias = signingAlias;
this.encryptionProtection = encryptionProtection;
this.signingProtection = signingProtection;
this.description = Collections.unmodifiableMap(new HashMap<>(description));
validateKeys();
loadKeys();
}
Example #7
| Source File: KeyStoreMaterialsProvider.java From aws-dynamodb-encryption-java with Apache License 2.0 | 5 votes |
|
public KeyStoreMaterialsProvider(KeyStore keyStore, String encryptionAlias, String signingAlias,
ProtectionParameter encryptionProtection, ProtectionParameter signingProtection,
Map<String, String> description)
throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException {
super();
this.keyStore = keyStore;
this.encryptionAlias = encryptionAlias;
this.signingAlias = signingAlias;
this.encryptionProtection = encryptionProtection;
this.signingProtection = signingProtection;
this.description = Collections.unmodifiableMap(new HashMap<String, String>(description));
validateKeys();
loadKeys();
}
Example #8
| Source File: PKCS11KeyStoreKeyingDataProvider.java From xades4j with GNU Lesser General Public License v3.0 | 5 votes |
|
/**
* The provider name is used as a key to search for installed providers. If a
* provider exists with the same name, it will be used even if it relies on a
* different native library.
* @param nativeLibraryPath the path for the native library of the specific PKCS#11 provider
* @param providerName this string is concatenated with the prefix SunPKCS11- to produce this provider instance's name
* @param slotId the id of the slot that this provider instance is to be associated with (can be {@code null})
* @param certificateSelector the selector of signing certificate
* @param keyStorePasswordProvider the provider of the keystore loading password (can be {@code null})
* @param entryPasswordProvider the provider of entry passwords (may be {@code null})
* @param returnFullChain indicates if the full certificate chain should be returned, if available
* @throws KeyStoreException
*/
public PKCS11KeyStoreKeyingDataProvider(
final String nativeLibraryPath,
final String providerName,
final Integer slotId,
SigningCertSelector certificateSelector,
KeyStorePasswordProvider keyStorePasswordProvider,
KeyEntryPasswordProvider entryPasswordProvider,
boolean returnFullChain) throws KeyStoreException
{
super(new KeyStoreBuilderCreator()
{
@Override
public Builder getBuilder(ProtectionParameter loadProtection)
{
Provider p = getInstalledProvider(providerName);
if (p == null)
{
StringBuilder config = new StringBuilder("name = ").append(providerName);
config.append(System.getProperty("line.separator"));
config.append("library = ").append(nativeLibraryPath);
if(slotId != null)
{
config.append(System.getProperty("line.separator"));
config.append("slot = ").append(slotId);
}
ByteArrayInputStream configStream = new ByteArrayInputStream(config.toString().getBytes());
p = createPkcs11Provider(configStream);
Security.addProvider(p);
}
return KeyStore.Builder.newInstance("PKCS11", p, loadProtection);
}
}, certificateSelector, keyStorePasswordProvider, entryPasswordProvider, returnFullChain);
}
Example #9
| Source File: FileSystemKeyStoreKeyingDataProvider.java From xades4j with GNU Lesser General Public License v3.0 | 5 votes |
|
/**
*
* @param keyStoreType the type of the keystore (jks, pkcs12, etc)
* @param keyStorePath the file-system path of the keystore
* @param certificateSelector the selector of signing certificate
* @param keyStorePasswordProvider the provider of the keystore loading password
* @param entryPasswordProvider the provider of entry passwords
* @param returnFullChain indicates of the full certificate chain should be returned, if available
* @param provider provider for parsing this store type, if it is passed <i>null</i> will be used default provider
* @throws KeyStoreException
*/
public FileSystemKeyStoreKeyingDataProvider(
final String keyStoreType,
final String keyStorePath,
SigningCertSelector certificateSelector,
KeyStorePasswordProvider keyStorePasswordProvider,
KeyEntryPasswordProvider entryPasswordProvider,
boolean returnFullChain,
final Provider provider) throws KeyStoreException
{
super(new KeyStoreBuilderCreator()
{
@Override
public Builder getBuilder(ProtectionParameter loadProtection)
{
return KeyStore.Builder.newInstance(
keyStoreType,
provider,
new File(keyStorePath),
loadProtection);
}
},
certificateSelector,
keyStorePasswordProvider,
entryPasswordProvider,
returnFullChain);
}
Example #10
| Source File: FileSystemKeyStoreKeyingDataProvider.java From xades4j with GNU Lesser General Public License v3.0 | 5 votes |
|
@Override
protected KeyStore.ProtectionParameter getKeyProtection(
String entryAlias,
X509Certificate entryCert,
KeyEntryPasswordProvider entryPasswordProvider)
{
return new KeyStore.PasswordProtection(entryPasswordProvider.getPassword(entryAlias, entryCert));
}
Example #11
| Source File: Pkcs11SignatureToken.java From dss with GNU Lesser General Public License v2.1 | 5 votes |
|
@Override
KeyStore getKeyStore() throws DSSException {
try {
KeyStore keyStore = KeyStore.getInstance(SUN_PKCS11_KEYSTORE_TYPE, getProvider());
keyStore.load(new KeyStore.LoadStoreParameter() {
@Override
public ProtectionParameter getProtectionParameter() {
return new KeyStore.CallbackHandlerProtection(new CallbackHandler() {
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback c : callbacks) {
if (c instanceof PasswordCallback) {
((PasswordCallback) c).setPassword(callback.getPassword());
return;
}
}
throw new DSSException("No password callback");
}
});
}
});
return keyStore;
} catch (Exception e) {
if ("CKR_PIN_INCORRECT".equals(e.getMessage())) {
throw new DSSException("Bad password for PKCS11", e);
}
throw new DSSException("Can't initialize Sun PKCS#11 security provider. Reason: " + e.getMessage(), e);
}
}
Example #12
| Source File: PKCS12StoreParameter.java From RipplePower with Apache License 2.0 | 4 votes |
|
public ProtectionParameter getProtectionParameter()
{
return protectionParameter;
}
Example #13
| Source File: PKCS12KeyStoreSpi.java From ripple-lib-java with ISC License | 4 votes |
|
public void engineStore(LoadStoreParameter param)
throws IOException,
NoSuchAlgorithmException, CertificateException
{
if (param == null)
{
throw new IllegalArgumentException("'param' arg cannot be null");
}
if (!(param instanceof PKCS12StoreParameter || param instanceof JDKPKCS12StoreParameter))
{
throw new IllegalArgumentException(
"No support for 'param' of type " + param.getClass().getName());
}
PKCS12StoreParameter bcParam;
if (param instanceof PKCS12StoreParameter)
{
bcParam = (PKCS12StoreParameter)param;
}
else
{
bcParam = new PKCS12StoreParameter(((JDKPKCS12StoreParameter)param).getOutputStream(),
param.getProtectionParameter(), ((JDKPKCS12StoreParameter)param).isUseDEREncoding());
}
char[] password;
ProtectionParameter protParam = param.getProtectionParameter();
if (protParam == null)
{
password = null;
}
else if (protParam instanceof KeyStore.PasswordProtection)
{
password = ((KeyStore.PasswordProtection)protParam).getPassword();
}
else
{
throw new IllegalArgumentException(
"No support for protection parameter of type " + protParam.getClass().getName());
}
doStore(bcParam.getOutputStream(), password, bcParam.isForDEREncoding());
}
Example #14
| Source File: PKCS12StoreParameter.java From RipplePower with Apache License 2.0 | 4 votes |
|
public PKCS12StoreParameter(OutputStream out, ProtectionParameter protectionParameter)
{
super(out, protectionParameter, false);
}
Example #15
| Source File: PKCS12StoreParameter.java From RipplePower with Apache License 2.0 | 4 votes |
|
public PKCS12StoreParameter(OutputStream out, ProtectionParameter protectionParameter, boolean forDEREncoding)
{
super(out, protectionParameter, forDEREncoding);
}
Example #16
| Source File: PKCS12KeyStoreSpi.java From RipplePower with Apache License 2.0 | 4 votes |
|
public void engineStore(LoadStoreParameter param)
throws IOException,
NoSuchAlgorithmException, CertificateException
{
if (param == null)
{
throw new IllegalArgumentException("'param' arg cannot be null");
}
if (!(param instanceof PKCS12StoreParameter || param instanceof JDKPKCS12StoreParameter))
{
throw new IllegalArgumentException(
"No support for 'param' of type " + param.getClass().getName());
}
PKCS12StoreParameter bcParam;
if (param instanceof PKCS12StoreParameter)
{
bcParam = (PKCS12StoreParameter)param;
}
else
{
bcParam = new PKCS12StoreParameter(((JDKPKCS12StoreParameter)param).getOutputStream(),
param.getProtectionParameter(), ((JDKPKCS12StoreParameter)param).isUseDEREncoding());
}
char[] password;
ProtectionParameter protParam = param.getProtectionParameter();
if (protParam == null)
{
password = null;
}
else if (protParam instanceof KeyStore.PasswordProtection)
{
password = ((KeyStore.PasswordProtection)protParam).getPassword();
}
else
{
throw new IllegalArgumentException(
"No support for protection parameter of type " + protParam.getClass().getName());
}
doStore(bcParam.getOutputStream(), password, bcParam.isForDEREncoding());
}
Example #17
| Source File: JDKPKCS12StoreParameter.java From ripple-lib-java with ISC License | 4 votes |
|
public ProtectionParameter getProtectionParameter()
{
return protectionParameter;
}
Example #18
| Source File: JDKPKCS12StoreParameter.java From ripple-lib-java with ISC License | 4 votes |
|
public void setProtectionParameter(ProtectionParameter protectionParameter)
{
this.protectionParameter = protectionParameter;
}
Example #19
| Source File: PKCS12StoreParameter.java From ripple-lib-java with ISC License | 4 votes |
|
public PKCS12StoreParameter(OutputStream out, ProtectionParameter protectionParameter)
{
this(out, protectionParameter, false);
}
Example #20
| Source File: PKCS12StoreParameter.java From ripple-lib-java with ISC License | 4 votes |
|
public PKCS12StoreParameter(OutputStream out, ProtectionParameter protectionParameter, boolean forDEREncoding)
{
this.out = out;
this.protectionParameter = protectionParameter;
this.forDEREncoding = forDEREncoding;
}
Example #21
| Source File: PKCS12StoreParameter.java From ripple-lib-java with ISC License | 4 votes |
|
public ProtectionParameter getProtectionParameter()
{
return protectionParameter;
}
Example #22
| Source File: PKCS12StoreParameter.java From ripple-lib-java with ISC License | 4 votes |
|
public PKCS12StoreParameter(OutputStream out, ProtectionParameter protectionParameter)
{
super(out, protectionParameter, false);
}
Example #23
| Source File: PKCS12StoreParameter.java From ripple-lib-java with ISC License | 4 votes |
|
public PKCS12StoreParameter(OutputStream out, ProtectionParameter protectionParameter, boolean forDEREncoding)
{
super(out, protectionParameter, forDEREncoding);
}
Example #24
| Source File: DistributedKeyLoadStoreParam.java From freehealth-connector with GNU Affero General Public License v3.0 | 4 votes |
|
public ProtectionParameter getProtectionParameter() {
return null;
}
Example #25
| Source File: PKCS12StoreParameter.java From RipplePower with Apache License 2.0 | 4 votes |
|
public PKCS12StoreParameter(OutputStream out, ProtectionParameter protectionParameter, boolean forDEREncoding)
{
this.out = out;
this.protectionParameter = protectionParameter;
this.forDEREncoding = forDEREncoding;
}
Example #26
| Source File: PKCS12StoreParameter.java From RipplePower with Apache License 2.0 | 4 votes |
|
public PKCS12StoreParameter(OutputStream out, ProtectionParameter protectionParameter)
{
this(out, protectionParameter, false);
}
Example #27
| Source File: JDKPKCS12StoreParameter.java From RipplePower with Apache License 2.0 | 4 votes |
|
public void setProtectionParameter(ProtectionParameter protectionParameter)
{
this.protectionParameter = protectionParameter;
}
Example #28
| Source File: JDKPKCS12StoreParameter.java From RipplePower with Apache License 2.0 | 4 votes |
|
public ProtectionParameter getProtectionParameter()
{
return protectionParameter;
}
Example #29
| Source File: CopyKeyTask.java From development with Apache License 2.0 | 4 votes |
|
private ProtectionParameter createProtection(final EntryDescriptor descr) {
return new PasswordProtection(descr.getPassword().toCharArray());
}
Example #30
| Source File: KeyStoreProvider.java From aws-encryption-sdk-java with Apache License 2.0 | 4 votes |
|
/**
* Creates an instance of this class using {@code wrappingAlgorithm} which will work
* <em>for decrypt only</em>.
*/
public KeyStoreProvider(final KeyStore keystore, final ProtectionParameter protection,
final String providerName, final String wrappingAlgorithm) {
this(keystore, protection, providerName, wrappingAlgorithm, new String[0]);
}
