Example 6 with SecretKeyEntry
use of java.security.KeyStore.SecretKeyEntry in project android_frameworks_base by AOSPA.
the class AndroidKeyStoreSpi method engineSetEntry.
@Override
public void engineSetEntry(String alias, Entry entry, ProtectionParameter param) throws KeyStoreException {
if (entry == null) {
throw new KeyStoreException("entry == null");
}
Credentials.deleteAllTypesForAlias(mKeyStore, alias, mUid);
if (entry instanceof java.security.KeyStore.TrustedCertificateEntry) {
java.security.KeyStore.TrustedCertificateEntry trE = (java.security.KeyStore.TrustedCertificateEntry) entry;
engineSetCertificateEntry(alias, trE.getTrustedCertificate());
return;
}
if (entry instanceof PrivateKeyEntry) {
PrivateKeyEntry prE = (PrivateKeyEntry) entry;
setPrivateKeyEntry(alias, prE.getPrivateKey(), prE.getCertificateChain(), param);
} else if (entry instanceof SecretKeyEntry) {
SecretKeyEntry secE = (SecretKeyEntry) entry;
setSecretKeyEntry(alias, secE.getSecretKey(), param);
} else {
throw new KeyStoreException("Entry must be a PrivateKeyEntry, SecretKeyEntry or TrustedCertificateEntry" + "; was " + entry);
}
}
Also used :
KeyStoreException(java.security.KeyStoreException)
SecretKeyEntry(java.security.KeyStore.SecretKeyEntry)
KeyStore(android.security.KeyStore)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
Example 7 with SecretKeyEntry
use of java.security.KeyStore.SecretKeyEntry in project android_frameworks_base by ResurrectionRemix.
the class AndroidKeyStoreSpi method engineSetEntry.
@Override
public void engineSetEntry(String alias, Entry entry, ProtectionParameter param) throws KeyStoreException {
if (entry == null) {
throw new KeyStoreException("entry == null");
}
Credentials.deleteAllTypesForAlias(mKeyStore, alias, mUid);
if (entry instanceof java.security.KeyStore.TrustedCertificateEntry) {
java.security.KeyStore.TrustedCertificateEntry trE = (java.security.KeyStore.TrustedCertificateEntry) entry;
engineSetCertificateEntry(alias, trE.getTrustedCertificate());
return;
}
if (entry instanceof PrivateKeyEntry) {
PrivateKeyEntry prE = (PrivateKeyEntry) entry;
setPrivateKeyEntry(alias, prE.getPrivateKey(), prE.getCertificateChain(), param);
} else if (entry instanceof SecretKeyEntry) {
SecretKeyEntry secE = (SecretKeyEntry) entry;
setSecretKeyEntry(alias, secE.getSecretKey(), param);
} else {
throw new KeyStoreException("Entry must be a PrivateKeyEntry, SecretKeyEntry or TrustedCertificateEntry" + "; was " + entry);
}
}
Also used :
KeyStoreException(java.security.KeyStoreException)
SecretKeyEntry(java.security.KeyStore.SecretKeyEntry)
KeyStore(android.security.KeyStore)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
Example 8 with SecretKeyEntry
use of java.security.KeyStore.SecretKeyEntry in project midpoint by Evolveum.
the class KeyStoreDumper method execute.
public void execute() {
try {
ApplicationContext context = new ClassPathXmlApplicationContext(CONTEXTS);
Protector protector = context.getBean("protector", Protector.class);
KeyStore keyStore = protector.getKeyStore();
System.out.println("###################################################");
System.out.println("Printing keys from key store");
if (protector instanceof ProtectorImpl) {
ProtectorImpl aesProtector = (ProtectorImpl) protector;
System.out.println("Using key store from location: " + aesProtector.getKeyStorePath());
// System.out.println("Cipher: " + aesProtector.getXmlCipher());
}
Enumeration<String> aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
System.out.println("===== ALIAS: " + alias + "=====");
System.out.println("Creation date: " + keyStore.getCreationDate(alias));
System.out.println("Type: " + keyStore.getType());
if (keyStore.getCertificate(alias) != null) {
System.out.println("Certificate: " + keyStore.getCertificate(alias));
}
if (keyStore.getCertificateChain(alias) != null) {
System.out.println("Certificate chain: " + keyStore.getCertificateChain(alias));
}
ProtectionParameter protParam = new KeyStore.PasswordProtection("midpoint".toCharArray());
Entry entry = keyStore.getEntry(alias, protParam);
if (entry instanceof SecretKeyEntry) {
System.out.println("Secret key entry: ");
SecretKeyEntry skEntry = (SecretKeyEntry) entry;
SecretKey key = skEntry.getSecretKey();
System.out.println(" Algorithm: " + key.getAlgorithm());
System.out.println(" Format: " + key.getFormat());
System.out.println(" Key length: " + key.getEncoded().length * 8);
if (protector instanceof ProtectorImpl) {
System.out.println(" Key name: " + ((ProtectorImpl) protector).getSecretKeyDigest(key));
}
// Cipher cipher = Cipher.getInstance(key.getAlgorithm());
// System.out.println(" Cipher algorithm" + cipher.getAlgorithm());
}
//TODO: add dump also for other types of keys
Provider provider = keyStore.getProvider();
System.out.println("Provder name: " + provider.getName() + "\n");
}
System.out.println("###################################################");
} catch (KeyStoreException ex) {
System.out.println("Failed to print information about keyStore. Reason: " + ex.getMessage());
return;
} catch (UnrecoverableEntryException ex) {
System.out.println("Failed to print information about keyStore. Reason: " + ex.getMessage());
return;
} catch (NoSuchAlgorithmException ex) {
System.out.println("Failed to print information about keyStore. Reason: " + ex.getMessage());
return;
} catch (EncryptionException ex) {
System.out.println("Failed to print information about keyStore. Reason: " + ex.getMessage());
return;
}
}
Also used :
ProtectorImpl(com.evolveum.midpoint.prism.crypto.ProtectorImpl)
SecretKeyEntry(java.security.KeyStore.SecretKeyEntry)
KeyStoreException(java.security.KeyStoreException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
KeyStore(java.security.KeyStore)
Provider(java.security.Provider)
ApplicationContext(org.springframework.context.ApplicationContext)
ClassPathXmlApplicationContext(org.springframework.context.support.ClassPathXmlApplicationContext)
SecretKeyEntry(java.security.KeyStore.SecretKeyEntry)
Entry(java.security.KeyStore.Entry)
SecretKey(javax.crypto.SecretKey)
ClassPathXmlApplicationContext(org.springframework.context.support.ClassPathXmlApplicationContext)
EncryptionException(com.evolveum.midpoint.prism.crypto.EncryptionException)
UnrecoverableEntryException(java.security.UnrecoverableEntryException)
Protector(com.evolveum.midpoint.prism.crypto.Protector)
ProtectionParameter(java.security.KeyStore.ProtectionParameter)
Example 9 with SecretKeyEntry
use of java.security.KeyStore.SecretKeyEntry in project robovm by robovm.
the class KeyStoreTest method test_KeyStore_setEntry.
public void test_KeyStore_setEntry() throws Exception {
for (KeyStore keyStore : keyStores()) {
keyStore.load(null, null);
try {
keyStore.setEntry(null, null, null);
fail(keyStore.getType());
} catch (NullPointerException expected) {
}
}
for (KeyStore keyStore : keyStores()) {
keyStore.load(null, null);
try {
keyStore.setEntry(ALIAS_PRIVATE, getPrivateKey(), new FakeProtectionParameter());
fail("Should not accept unknown ProtectionParameter: " + keyStore.getProvider());
} catch (KeyStoreException expected) {
}
}
for (KeyStore keyStore : keyStores()) {
keyStore.load(null, null);
// test odd inputs
try {
keyStore.setEntry(null, null, null);
fail(keyStore.getType());
} catch (Exception e) {
if (e.getClass() != NullPointerException.class && e.getClass() != KeyStoreException.class) {
throw e;
}
}
try {
keyStore.setEntry(null, null, PARAM_KEY);
fail(keyStore.getType());
} catch (Exception e) {
if (e.getClass() != NullPointerException.class && e.getClass() != KeyStoreException.class) {
throw e;
}
}
try {
keyStore.setEntry("", null, PARAM_KEY);
fail(keyStore.getType());
} catch (NullPointerException expected) {
}
}
for (KeyStore keyStore : keyStores()) {
clearKeyStore(keyStore);
// test case sensitive
assertNull(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
if (isReadOnly(keyStore)) {
try {
keyStore.setEntry(ALIAS_PRIVATE, getPrivateKey(), PARAM_KEY);
fail(keyStore.getType());
} catch (UnsupportedOperationException expected) {
}
continue;
}
if (isKeyPasswordSupported(keyStore)) {
keyStore.setEntry(ALIAS_PRIVATE, getPrivateKey(), PARAM_KEY);
assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
assertCertificateChain(keyStore.getCertificateChain(ALIAS_PRIVATE));
}
if (isNullPasswordAllowed(keyStore)) {
keyStore.setEntry(ALIAS_NO_PASSWORD_PRIVATE, getPrivateKey(), null);
assertPrivateKey(keyStore.getKey(ALIAS_NO_PASSWORD_PRIVATE, null));
assertCertificateChain(keyStore.getCertificateChain(ALIAS_NO_PASSWORD_PRIVATE));
}
if (isSecretKeyEnabled(keyStore)) {
assertNull(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
keyStore.setEntry(ALIAS_SECRET, new SecretKeyEntry(getSecretKey()), PARAM_KEY);
assertSecretKey(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
} else {
try {
keyStore.setKeyEntry(ALIAS_SECRET, getSecretKey(), PASSWORD_KEY, null);
fail(keyStore.getType());
} catch (KeyStoreException expected) {
}
}
if (isCertificateEnabled(keyStore)) {
assertNull(keyStore.getCertificate(ALIAS_CERTIFICATE));
keyStore.setEntry(ALIAS_CERTIFICATE, new TrustedCertificateEntry(getPrivateKey().getCertificate()), null);
assertCertificate(keyStore.getCertificate(ALIAS_CERTIFICATE));
} else {
try {
keyStore.setEntry(ALIAS_CERTIFICATE, new TrustedCertificateEntry(getPrivateKey().getCertificate()), null);
fail(keyStore.getType());
} catch (KeyStoreException expected) {
}
}
if (isKeyPasswordSupported(keyStore)) {
keyStore.setEntry(ALIAS_UNICODE_PRIVATE, getPrivateKey(), PARAM_KEY);
assertPrivateKey(keyStore.getKey(ALIAS_UNICODE_PRIVATE, PASSWORD_KEY));
assertCertificateChain(keyStore.getCertificateChain(ALIAS_UNICODE_PRIVATE));
}
if (isNullPasswordAllowed(keyStore)) {
keyStore.setEntry(ALIAS_UNICODE_NO_PASSWORD_PRIVATE, getPrivateKey(), null);
assertPrivateKey(keyStore.getKey(ALIAS_UNICODE_NO_PASSWORD_PRIVATE, null));
assertCertificateChain(keyStore.getCertificateChain(ALIAS_UNICODE_NO_PASSWORD_PRIVATE));
}
if (isSecretKeyEnabled(keyStore)) {
assertNull(keyStore.getKey(ALIAS_UNICODE_SECRET, PASSWORD_KEY));
keyStore.setEntry(ALIAS_UNICODE_SECRET, new SecretKeyEntry(getSecretKey()), PARAM_KEY);
assertSecretKey(keyStore.getKey(ALIAS_UNICODE_SECRET, PASSWORD_KEY));
} else {
try {
keyStore.setKeyEntry(ALIAS_UNICODE_SECRET, getSecretKey(), PASSWORD_KEY, null);
fail(keyStore.getType());
} catch (KeyStoreException expected) {
}
}
}
for (KeyStore keyStore : keyStores()) {
populate(keyStore);
if (isReadOnly(keyStore)) {
assertNull(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
assertNull(keyStore.getKey(ALIAS_ALT_CASE_PRIVATE, PASSWORD_KEY));
assertNull(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
assertNull(keyStore.getKey(ALIAS_ALT_CASE_SECRET, PASSWORD_KEY));
} else if (isCaseSensitive(keyStore)) {
if (isKeyPasswordSupported(keyStore)) {
assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
assertNull(keyStore.getKey(ALIAS_ALT_CASE_PRIVATE, PASSWORD_KEY));
keyStore.setEntry(ALIAS_ALT_CASE_PRIVATE, getPrivateKey2(), PARAM_KEY);
assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
assertPrivateKey2(keyStore.getKey(ALIAS_ALT_CASE_PRIVATE, PASSWORD_KEY));
}
if (isNullPasswordAllowed(keyStore)) {
assertPrivateKey(keyStore.getKey(ALIAS_NO_PASSWORD_PRIVATE, null));
assertNull(keyStore.getKey(ALIAS_ALT_CASE_NO_PASSWORD_PRIVATE, null));
keyStore.setEntry(ALIAS_ALT_CASE_NO_PASSWORD_PRIVATE, getPrivateKey2(), null);
assertPrivateKey(keyStore.getKey(ALIAS_NO_PASSWORD_PRIVATE, null));
assertPrivateKey2(keyStore.getKey(ALIAS_ALT_CASE_NO_PASSWORD_PRIVATE, null));
}
if (isSecretKeyEnabled(keyStore)) {
assertSecretKey(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
assertNull(keyStore.getKey(ALIAS_ALT_CASE_SECRET, PASSWORD_KEY));
keyStore.setEntry(ALIAS_ALT_CASE_SECRET, new SecretKeyEntry(getSecretKey2()), PARAM_KEY);
assertSecretKey(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
assertSecretKey2(keyStore.getKey(ALIAS_ALT_CASE_SECRET, PASSWORD_KEY));
}
if (isCertificateEnabled(keyStore)) {
assertCertificate(keyStore.getCertificate(ALIAS_CERTIFICATE));
assertNull(keyStore.getCertificate(ALIAS_ALT_CASE_CERTIFICATE));
keyStore.setEntry(ALIAS_ALT_CASE_CERTIFICATE, new TrustedCertificateEntry(getPrivateKey2().getCertificate()), null);
assertCertificate(keyStore.getCertificate(ALIAS_CERTIFICATE));
assertCertificate2(keyStore.getCertificate(ALIAS_ALT_CASE_CERTIFICATE));
keyStore.setEntry(ALIAS_UNICODE_CERTIFICATE, new TrustedCertificateEntry(getPrivateKey().getCertificate()), null);
assertCertificate(keyStore.getCertificate(ALIAS_UNICODE_CERTIFICATE));
}
} else {
assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
assertPrivateKey(keyStore.getKey(ALIAS_ALT_CASE_PRIVATE, PASSWORD_KEY));
keyStore.setEntry(ALIAS_ALT_CASE_PRIVATE, getPrivateKey2(), PARAM_KEY);
assertPrivateKey2(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
assertPrivateKey2(keyStore.getKey(ALIAS_ALT_CASE_PRIVATE, PASSWORD_KEY));
if (isSecretKeyEnabled(keyStore)) {
assertSecretKey(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
assertSecretKey(keyStore.getKey(ALIAS_ALT_CASE_SECRET, PASSWORD_KEY));
keyStore.setEntry(ALIAS_ALT_CASE_SECRET, new SecretKeyEntry(getSecretKey2()), PARAM_KEY);
assertSecretKey2(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
assertSecretKey2(keyStore.getKey(ALIAS_ALT_CASE_SECRET, PASSWORD_KEY));
}
if (isCertificateEnabled(keyStore)) {
assertCertificate(keyStore.getCertificate(ALIAS_CERTIFICATE));
assertCertificate(keyStore.getCertificate(ALIAS_ALT_CASE_CERTIFICATE));
keyStore.setEntry(ALIAS_ALT_CASE_CERTIFICATE, new TrustedCertificateEntry(getPrivateKey2().getCertificate()), null);
assertCertificate2(keyStore.getCertificate(ALIAS_CERTIFICATE));
assertCertificate2(keyStore.getCertificate(ALIAS_ALT_CASE_CERTIFICATE));
keyStore.setEntry(ALIAS_UNICODE_CERTIFICATE, new TrustedCertificateEntry(getPrivateKey().getCertificate()), null);
assertCertificate(keyStore.getCertificate(ALIAS_UNICODE_CERTIFICATE));
}
}
}
for (KeyStore keyStore : keyStores()) {
keyStore.load(null, null);
// test with null/non-null passwords
if (isReadOnly(keyStore)) {
try {
keyStore.setEntry(ALIAS_PRIVATE, getPrivateKey(), null);
fail(keyStore.getType());
} catch (UnsupportedOperationException expected) {
}
try {
keyStore.setEntry(ALIAS_SECRET, new SecretKeyEntry(getSecretKey()), null);
fail(keyStore.getType());
} catch (UnsupportedOperationException expected) {
}
try {
keyStore.setEntry(ALIAS_CERTIFICATE, new TrustedCertificateEntry(getPrivateKey().getCertificate()), null);
fail(keyStore.getType());
} catch (UnsupportedOperationException expected) {
}
continue;
}
if (isNullPasswordAllowed(keyStore) || isKeyPasswordIgnored(keyStore)) {
keyStore.setEntry(ALIAS_PRIVATE, getPrivateKey(), null);
assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, null));
} else {
try {
keyStore.setEntry(ALIAS_PRIVATE, getPrivateKey(), null);
fail(keyStore.getType());
} catch (Exception e) {
if (e.getClass() != UnrecoverableKeyException.class && e.getClass() != IllegalArgumentException.class && e.getClass() != KeyStoreException.class) {
throw e;
}
}
}
if (isSecretKeyEnabled(keyStore)) {
if (isNullPasswordAllowed(keyStore) || isKeyPasswordIgnored(keyStore)) {
keyStore.setEntry(ALIAS_SECRET, new SecretKeyEntry(getSecretKey()), null);
assertSecretKey(keyStore.getKey(ALIAS_SECRET, null));
} else {
try {
keyStore.setEntry(ALIAS_SECRET, new SecretKeyEntry(getSecretKey()), null);
fail(keyStore.getType());
} catch (Exception e) {
if (e.getClass() != UnrecoverableKeyException.class && e.getClass() != IllegalArgumentException.class && e.getClass() != KeyStoreException.class) {
throw e;
}
}
}
}
if (isCertificateEnabled(keyStore)) {
if (isNullPasswordAllowed(keyStore) || isKeyPasswordIgnored(keyStore)) {
keyStore.setEntry(ALIAS_CERTIFICATE, new TrustedCertificateEntry(getPrivateKey().getCertificate()), PARAM_KEY);
assertCertificate(keyStore.getCertificate(ALIAS_CERTIFICATE));
} else {
try {
keyStore.setEntry(ALIAS_CERTIFICATE, new TrustedCertificateEntry(getPrivateKey().getCertificate()), PARAM_KEY);
fail(keyStore.getType());
} catch (KeyStoreException expected) {
}
}
}
}
}
Also used :
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
KeyStoreException(java.security.KeyStoreException)
SecretKeyEntry(java.security.KeyStore.SecretKeyEntry)
KeyStore(java.security.KeyStore)
KeyStoreException(java.security.KeyStoreException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
IOException(java.io.IOException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry)
Example 10 with SecretKeyEntry
use of java.security.KeyStore.SecretKeyEntry in project nhin-d by DirectProject.
the class BootstrappedKeyStoreProtectionManager method setKeyStoreProtectionKey.
/**
* Sets the pass phrase that protects the key store as a whole as a String.
* @param keyStoreProtectionKey The pass phrase that protects the key store as a whole as a String.
*/
public void setKeyStoreProtectionKey(String keyStoreProtectionKey) {
this.keyStoreProtectionKey = new SecretKeySpec(keyStoreProtectionKey.getBytes(), "");
keyEntries.put(KeyStoreProtKey, new SecretKeyEntry((SecretKey) this.keyStoreProtectionKey));
}
Also used :
SecretKey(javax.crypto.SecretKey)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
SecretKeyEntry(java.security.KeyStore.SecretKeyEntry)
Aggregations
SecretKeyEntry (java.security.KeyStore.SecretKeyEntry)12
KeyStoreException (java.security.KeyStoreException)7
SecretKey (javax.crypto.SecretKey)6
KeyStore (android.security.KeyStore)5
PrivateKeyEntry (java.security.KeyStore.PrivateKeyEntry)5
SecretKeySpec (javax.crypto.spec.SecretKeySpec)5
KeyStore (java.security.KeyStore)2
Entry (java.security.KeyStore.Entry)2
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2
EncryptionException (com.evolveum.midpoint.prism.crypto.EncryptionException)1
Protector (com.evolveum.midpoint.prism.crypto.Protector)1
ProtectorImpl (com.evolveum.midpoint.prism.crypto.ProtectorImpl)1
IOException (java.io.IOException)1
ProtectionParameter (java.security.KeyStore.ProtectionParameter)1
TrustedCertificateEntry (java.security.KeyStore.TrustedCertificateEntry)1
Provider (java.security.Provider)1
UnrecoverableEntryException (java.security.UnrecoverableEntryException)1
UnrecoverableKeyException (java.security.UnrecoverableKeyException)1
HashMap (java.util.HashMap)1
Test (org.junit.Test)1
