Examples with TrustedCertificateEntry java.security.KeyStore.TrustedCertificateEntry used on opensource projects

Search in sources :

Example 11 with TrustedCertificateEntry

use of java.security.KeyStore.TrustedCertificateEntry in project android_frameworks_base by ParanoidAndroid.

the class AndroidKeyStoreTest method testKeyStore_SetEntry_CAEntry_Overwrites_CAEntry_Encrypted_Success.

public void testKeyStore_SetEntry_CAEntry_Overwrites_CAEntry_Encrypted_Success() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    // Insert TrustedCertificateEntry
    {
        final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1));
        TrustedCertificateEntry expectedCertEntry = new TrustedCertificateEntry(caCert);
        mKeyStore.setEntry(TEST_ALIAS_1, expectedCertEntry, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type TrustedCertificateEntry", actualEntry instanceof TrustedCertificateEntry);
        TrustedCertificateEntry actualCertEntry = (TrustedCertificateEntry) actualEntry;
        assertEquals("Stored and retrieved certificates should be the same", expectedCertEntry.getTrustedCertificate(), actualCertEntry.getTrustedCertificate());
    }
    // Replace with TrustedCertificateEntry of USER
    {
        final Certificate userCert = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1));
        TrustedCertificateEntry expectedUserEntry = new TrustedCertificateEntry(userCert);
        mKeyStore.setEntry(TEST_ALIAS_1, expectedUserEntry, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type TrustedCertificateEntry", actualEntry instanceof TrustedCertificateEntry);
        TrustedCertificateEntry actualUserEntry = (TrustedCertificateEntry) actualEntry;
        assertEquals("Stored and retrieved certificates should be the same", expectedUserEntry.getTrustedCertificate(), actualUserEntry.getTrustedCertificate());
    }
}
Also used : TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) Entry(java.security.KeyStore.Entry) ByteArrayInputStream(java.io.ByteArrayInputStream) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate) TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry)

Example 12 with TrustedCertificateEntry

use of java.security.KeyStore.TrustedCertificateEntry in project android_frameworks_base by ParanoidAndroid.

the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_CAEntry_Encrypted_Success.

public void testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_CAEntry_Encrypted_Success() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_CA_1));
    // Start with PrivateKeyEntry
    {
        KeyFactory keyFact = KeyFactory.getInstance("RSA");
        PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_KEY_1));
        final Certificate[] expectedChain = new Certificate[2];
        expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_USER_1));
        expectedChain[1] = caCert;
        PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain);
        mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
        PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry;
        assertPrivateKeyEntryEquals(actualPrivEntry, FAKE_KEY_1, FAKE_USER_1, FAKE_CA_1);
    }
    // Replace with TrustedCertificateEntry
    {
        TrustedCertificateEntry expectedCertEntry = new TrustedCertificateEntry(caCert);
        mKeyStore.setEntry(TEST_ALIAS_1, expectedCertEntry, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type TrustedCertificateEntry", actualEntry instanceof TrustedCertificateEntry);
        TrustedCertificateEntry actualCertEntry = (TrustedCertificateEntry) actualEntry;
        assertEquals("Stored and retrieved certificates should be the same", expectedCertEntry.getTrustedCertificate(), actualCertEntry.getTrustedCertificate());
    }
}
Also used : TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) Entry(java.security.KeyStore.Entry) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) PrivateKey(java.security.PrivateKey) ByteArrayInputStream(java.io.ByteArrayInputStream) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) CertificateFactory(java.security.cert.CertificateFactory) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) KeyFactory(java.security.KeyFactory) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate) TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry)

Example 13 with TrustedCertificateEntry

use of java.security.KeyStore.TrustedCertificateEntry in project platform_frameworks_base by android.

the class AndroidKeyStoreTest method testKeyStore_SetEntry_CAEntry_Overwrites_PrivateKeyEntry_Encrypted_Success.

public void testKeyStore_SetEntry_CAEntry_Overwrites_PrivateKeyEntry_Encrypted_Success() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    // Start with TrustedCertificateEntry
    {
        final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
        TrustedCertificateEntry expectedCertEntry = new TrustedCertificateEntry(caCert);
        mKeyStore.setEntry(TEST_ALIAS_1, expectedCertEntry, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type TrustedCertificateEntry", actualEntry instanceof TrustedCertificateEntry);
        TrustedCertificateEntry actualCertEntry = (TrustedCertificateEntry) actualEntry;
        assertEquals("Stored and retrieved certificates should be the same", expectedCertEntry.getTrustedCertificate(), actualCertEntry.getTrustedCertificate());
    }
    // Replace with PrivateKeyEntry
    {
        KeyFactory keyFact = KeyFactory.getInstance("RSA");
        PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
        final Certificate[] expectedChain = new Certificate[2];
        expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
        expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
        PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain);
        mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
        PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry;
        assertPrivateKeyEntryEquals(actualPrivEntry, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
    }
}
Also used : TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) Entry(java.security.KeyStore.Entry) PrivateKey(java.security.PrivateKey) ByteArrayInputStream(java.io.ByteArrayInputStream) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) CertificateFactory(java.security.cert.CertificateFactory) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) KeyFactory(java.security.KeyFactory) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate) TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry)

Example 14 with TrustedCertificateEntry

use of java.security.KeyStore.TrustedCertificateEntry in project platform_frameworks_base by android.

the class AndroidKeyStoreTest method testKeyStore_SetEntry_CAEntry_Overwrites_CAEntry_Encrypted_Success.

public void testKeyStore_SetEntry_CAEntry_Overwrites_CAEntry_Encrypted_Success() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    // Insert TrustedCertificateEntry
    {
        final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
        TrustedCertificateEntry expectedCertEntry = new TrustedCertificateEntry(caCert);
        mKeyStore.setEntry(TEST_ALIAS_1, expectedCertEntry, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type TrustedCertificateEntry", actualEntry instanceof TrustedCertificateEntry);
        TrustedCertificateEntry actualCertEntry = (TrustedCertificateEntry) actualEntry;
        assertEquals("Stored and retrieved certificates should be the same", expectedCertEntry.getTrustedCertificate(), actualCertEntry.getTrustedCertificate());
    }
    // Replace with TrustedCertificateEntry of USER
    {
        final Certificate userCert = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
        TrustedCertificateEntry expectedUserEntry = new TrustedCertificateEntry(userCert);
        mKeyStore.setEntry(TEST_ALIAS_1, expectedUserEntry, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type TrustedCertificateEntry", actualEntry instanceof TrustedCertificateEntry);
        TrustedCertificateEntry actualUserEntry = (TrustedCertificateEntry) actualEntry;
        assertEquals("Stored and retrieved certificates should be the same", expectedUserEntry.getTrustedCertificate(), actualUserEntry.getTrustedCertificate());
    }
}
Also used : TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) Entry(java.security.KeyStore.Entry) ByteArrayInputStream(java.io.ByteArrayInputStream) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate) TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry)

Example 15 with TrustedCertificateEntry

use of java.security.KeyStore.TrustedCertificateEntry in project robovm by robovm.

the class TestKeyStore method rootCertificate.

/**
     * Return the only self-signed root certificate in a keystore for
     * the given algorithm. Throws IllegalStateException if there are
     * are more or less than one.
     */
public static X509Certificate rootCertificate(KeyStore keyStore, String algorithm) {
    try {
        X509Certificate found = null;
        for (String alias : Collections.list(keyStore.aliases())) {
            if (!keyStore.entryInstanceOf(alias, TrustedCertificateEntry.class)) {
                continue;
            }
            TrustedCertificateEntry certificateEntry = (TrustedCertificateEntry) keyStore.getEntry(alias, null);
            Certificate certificate = certificateEntry.getTrustedCertificate();
            if (!certificate.getPublicKey().getAlgorithm().equals(algorithm)) {
                continue;
            }
            if (!(certificate instanceof X509Certificate)) {
                continue;
            }
            X509Certificate x = (X509Certificate) certificate;
            if (!x.getIssuerDN().equals(x.getSubjectDN())) {
                continue;
            }
            if (found != null) {
                throw new IllegalStateException("KeyStore has more than one root CA for " + algorithm + "\nfirst: " + found + "\nsecond: " + certificate);
            }
            found = x;
        }
        if (found == null) {
            throw new IllegalStateException("KeyStore contained no root CA for " + algorithm);
        }
        return found;
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}
Also used : DEROctetString(com.android.org.bouncycastle.asn1.DEROctetString) X509Certificate(java.security.cert.X509Certificate) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) UnknownHostException(java.net.UnknownHostException) TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Aggregations

TrustedCertificateEntry (java.security.KeyStore.TrustedCertificateEntry)22 X509Certificate (java.security.cert.X509Certificate)21 Certificate (java.security.cert.Certificate)20 Entry (java.security.KeyStore.Entry)19 PrivateKeyEntry (java.security.KeyStore.PrivateKeyEntry)19 ByteArrayInputStream (java.io.ByteArrayInputStream)18 CertificateFactory (java.security.cert.CertificateFactory)18 PrivateKey (java.security.PrivateKey)13 KeyFactory (java.security.KeyFactory)12 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)12 DEROctetString (com.android.org.bouncycastle.asn1.DEROctetString)2 KeyStore (java.security.KeyStore)2 KeyStoreException (java.security.KeyStoreException)2 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2 UnrecoverableKeyException (java.security.UnrecoverableKeyException)2 RSAPrivateKey (java.security.interfaces.RSAPrivateKey)2 File (java.io.File)1 IOException (java.io.IOException)1 UnknownHostException (java.net.UnknownHostException)1 ProtectionParameter (java.security.KeyStore.ProtectionParameter)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial