Examples with KeyStore java.security.KeyStore used on opensource projects

Search in sources :

Example 71 with KeyStore

use of java.security.KeyStore in project robovm by robovm.

the class DefaultSSLContextImpl method getTrustManagers.

// TODO javax.net.ssl.trustStoreProvider system property
TrustManager[] getTrustManagers() throws GeneralSecurityException, IOException {
    if (TRUST_MANAGERS != null) {
        return TRUST_MANAGERS;
    }
    // find TrustStore, TrustManagers
    String keystore = System.getProperty("javax.net.ssl.trustStore");
    if (keystore == null) {
        return null;
    }
    String keystorepwd = System.getProperty("javax.net.ssl.trustStorePassword");
    char[] pwd = (keystorepwd == null) ? null : keystorepwd.toCharArray();
    // TODO Defaults: jssecacerts; cacerts
    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
    InputStream is = null;
    try {
        is = new BufferedInputStream(new FileInputStream(keystore));
        ks.load(is, pwd);
    } finally {
        if (is != null) {
            is.close();
        }
    }
    String tmfAlg = TrustManagerFactory.getDefaultAlgorithm();
    TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlg);
    tmf.init(ks);
    TRUST_MANAGERS = tmf.getTrustManagers();
    return TRUST_MANAGERS;
}
Also used : BufferedInputStream(java.io.BufferedInputStream) BufferedInputStream(java.io.BufferedInputStream) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) KeyStore(java.security.KeyStore) FileInputStream(java.io.FileInputStream)

Example 72 with KeyStore

use of java.security.KeyStore in project robovm by robovm.

the class NativeCryptoTest method initCerts.

/**
     * Lazily create shared test certificates.
     */
private static synchronized void initCerts() {
    if (SERVER_PRIVATE_KEY != null) {
        return;
    }
    try {
        PrivateKeyEntry serverPrivateKeyEntry = TestKeyStore.getServer().getPrivateKey("RSA", "RSA");
        SERVER_PRIVATE_KEY = OpenSSLKey.fromPrivateKey(serverPrivateKeyEntry.getPrivateKey());
        SERVER_CERTIFICATES = NativeCrypto.encodeCertificates(serverPrivateKeyEntry.getCertificateChain());
        PrivateKeyEntry clientPrivateKeyEntry = TestKeyStore.getClientCertificate().getPrivateKey("RSA", "RSA");
        CLIENT_PRIVATE_KEY = OpenSSLKey.fromPrivateKey(clientPrivateKeyEntry.getPrivateKey());
        CLIENT_CERTIFICATES = NativeCrypto.encodeCertificates(clientPrivateKeyEntry.getCertificateChain());
        KeyStore ks = TestKeyStore.getClient().keyStore;
        String caCertAlias = ks.aliases().nextElement();
        X509Certificate certificate = (X509Certificate) ks.getCertificate(caCertAlias);
        X500Principal principal = certificate.getIssuerX500Principal();
        CA_PRINCIPALS = new byte[][] { principal.getEncoded() };
        initChannelIdKey();
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}
Also used : X500Principal(javax.security.auth.x500.X500Principal) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) TestKeyStore(libcore.java.security.TestKeyStore) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) SocketTimeoutException(java.net.SocketTimeoutException) SSLProtocolException(javax.net.ssl.SSLProtocolException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) ExecutionException(java.util.concurrent.ExecutionException) SSLException(javax.net.ssl.SSLException)

Example 73 with KeyStore

use of java.security.KeyStore in project robovm by robovm.

the class TrustManagerImplTest method trustManager.

private TrustManagerImpl trustManager(X509Certificate ca, String hostname, X509Certificate pin) throws Exception {
    // build the cert pin manager
    CertPinManager cm = certManager(hostname, pin);
    // insert it into the trust manager
    KeyStore keyStore = TestKeyStore.createKeyStore();
    keyStore.setCertificateEntry("alias", ca);
    return new TrustManagerImpl(keyStore, cm);
}
Also used : TestKeyStore(libcore.java.security.TestKeyStore) KeyStore(java.security.KeyStore)

Example 74 with KeyStore

use of java.security.KeyStore in project robovm by robovm.

the class TrustManagerImplTest method trustManager.

private X509TrustManager trustManager(X509Certificate ca) throws Exception {
    KeyStore keyStore = TestKeyStore.createKeyStore();
    keyStore.setCertificateEntry("alias", ca);
    String algorithm = TrustManagerFactory.getDefaultAlgorithm();
    TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);
    tmf.init(keyStore);
    return (X509TrustManager) tmf.getTrustManagers()[0];
}
Also used : X509TrustManager(javax.net.ssl.X509TrustManager) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) TestKeyStore(libcore.java.security.TestKeyStore) KeyStore(java.security.KeyStore)

Example 75 with KeyStore

use of java.security.KeyStore in project robovm by robovm.

the class KeyStoreTest method test_KeyStore_setKeyEntry_Key.

public void test_KeyStore_setKeyEntry_Key() throws Exception {
    for (KeyStore keyStore : keyStores()) {
        try {
            keyStore.setKeyEntry(null, null, null, null);
            fail(keyStore.getType());
        } catch (KeyStoreException expected) {
        }
    }
    for (KeyStore keyStore : keyStores()) {
        keyStore.load(null, null);
        if (isReadOnly(keyStore)) {
            try {
                keyStore.setKeyEntry(null, null, null, null);
                fail(keyStore.getType());
            } catch (UnsupportedOperationException expected) {
            }
            continue;
        }
        // test odd inputs
        try {
            keyStore.setKeyEntry(null, null, null, null);
            fail(keyStore.getType());
        } catch (Exception e) {
            if (e.getClass() != NullPointerException.class && e.getClass() != KeyStoreException.class) {
                throw e;
            }
        }
        try {
            keyStore.setKeyEntry(null, null, PASSWORD_KEY, null);
            fail(keyStore.getType());
        } catch (Exception e) {
            if (e.getClass() != NullPointerException.class && e.getClass() != KeyStoreException.class) {
                throw e;
            }
        }
        try {
            keyStore.setKeyEntry(ALIAS_PRIVATE, getPrivateKey().getPrivateKey(), PASSWORD_KEY, null);
            fail(keyStore.getType());
        } catch (Exception e) {
            if (e.getClass() != IllegalArgumentException.class && e.getClass() != KeyStoreException.class) {
                throw e;
            }
        }
    }
    for (KeyStore keyStore : keyStores()) {
        clearKeyStore(keyStore);
        // test case sensitive
        if (isKeyPasswordSupported(keyStore)) {
            assertNull(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
        }
        if (isNullPasswordAllowed(keyStore)) {
            assertNull(keyStore.getKey(ALIAS_NO_PASSWORD_PRIVATE, null));
        }
        if (isReadOnly(keyStore)) {
            try {
                keyStore.setKeyEntry(ALIAS_SECRET, getSecretKey(), PASSWORD_KEY, null);
                fail(keyStore.getType());
            } catch (UnsupportedOperationException expected) {
            }
            continue;
        }
        if (isKeyPasswordSupported(keyStore)) {
            setPrivateKey(keyStore);
            assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
            assertCertificateChain(keyStore.getCertificateChain(ALIAS_PRIVATE));
        }
        if (isNullPasswordAllowed(keyStore)) {
            setPrivateKeyNoPassword(keyStore, ALIAS_NO_PASSWORD_PRIVATE, getPrivateKey());
            assertPrivateKey(keyStore.getKey(ALIAS_NO_PASSWORD_PRIVATE, null));
            assertCertificateChain(keyStore.getCertificateChain(ALIAS_NO_PASSWORD_PRIVATE));
        }
        if (isSecretKeyEnabled(keyStore)) {
            assertNull(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
            setSecretKey(keyStore);
            assertSecretKey(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
        } else {
            try {
                keyStore.setKeyEntry(ALIAS_SECRET, getSecretKey(), PASSWORD_KEY, null);
                fail(keyStore.getType());
            } catch (Exception e) {
                if (e.getClass() != KeyStoreException.class && e.getClass() != NullPointerException.class) {
                    throw e;
                }
            }
        }
    }
    for (KeyStore keyStore : keyStores()) {
        populate(keyStore);
        if (isReadOnly(keyStore)) {
            assertNull(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
            assertNull(keyStore.getKey(ALIAS_ALT_CASE_PRIVATE, PASSWORD_KEY));
            assertNull(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
            assertNull(keyStore.getKey(ALIAS_ALT_CASE_SECRET, PASSWORD_KEY));
        } else if (isCaseSensitive(keyStore)) {
            if (isKeyPasswordSupported(keyStore)) {
                assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
                assertNull(keyStore.getKey(ALIAS_ALT_CASE_PRIVATE, PASSWORD_KEY));
                setPrivateKey(keyStore, ALIAS_ALT_CASE_PRIVATE, getPrivateKey2());
                assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
                assertPrivateKey2(keyStore.getKey(ALIAS_ALT_CASE_PRIVATE, PASSWORD_KEY));
            }
            if (isNullPasswordAllowed(keyStore)) {
                assertPrivateKey(keyStore.getKey(ALIAS_NO_PASSWORD_PRIVATE, null));
                assertNull(keyStore.getKey(ALIAS_ALT_CASE_NO_PASSWORD_PRIVATE, null));
                setPrivateKeyNoPassword(keyStore, ALIAS_ALT_CASE_NO_PASSWORD_PRIVATE, getPrivateKey2());
                assertPrivateKey(keyStore.getKey(ALIAS_NO_PASSWORD_PRIVATE, null));
                assertPrivateKey2(keyStore.getKey(ALIAS_ALT_CASE_NO_PASSWORD_PRIVATE, null));
            }
            if (isSecretKeyEnabled(keyStore)) {
                assertSecretKey(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
                assertNull(keyStore.getKey(ALIAS_ALT_CASE_SECRET, PASSWORD_KEY));
                setSecretKey(keyStore, ALIAS_ALT_CASE_SECRET, getSecretKey2());
                assertSecretKey(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
                assertSecretKey2(keyStore.getKey(ALIAS_ALT_CASE_SECRET, PASSWORD_KEY));
            }
        } else {
            if (isKeyPasswordSupported(keyStore)) {
                assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
                assertPrivateKey(keyStore.getKey(ALIAS_ALT_CASE_PRIVATE, PASSWORD_KEY));
                setPrivateKey(keyStore, ALIAS_ALT_CASE_PRIVATE, getPrivateKey2());
                assertPrivateKey2(keyStore.getKey(ALIAS_PRIVATE, PASSWORD_KEY));
                assertPrivateKey2(keyStore.getKey(ALIAS_ALT_CASE_PRIVATE, PASSWORD_KEY));
            }
            if (isNullPasswordAllowed(keyStore)) {
                assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, null));
                assertPrivateKey(keyStore.getKey(ALIAS_ALT_CASE_NO_PASSWORD_PRIVATE, null));
                setPrivateKey(keyStore, ALIAS_ALT_CASE_NO_PASSWORD_PRIVATE, getPrivateKey2());
                assertPrivateKey2(keyStore.getKey(ALIAS_PRIVATE, null));
                assertPrivateKey2(keyStore.getKey(ALIAS_ALT_CASE_NO_PASSWORD_PRIVATE, null));
            }
            if (isSecretKeyEnabled(keyStore)) {
                assertSecretKey(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
                assertSecretKey(keyStore.getKey(ALIAS_ALT_CASE_SECRET, PASSWORD_KEY));
                setSecretKey(keyStore, ALIAS_ALT_CASE_PRIVATE, getSecretKey2());
                assertSecretKey(keyStore.getKey(ALIAS_SECRET, PASSWORD_KEY));
                assertSecretKey(keyStore.getKey(ALIAS_ALT_CASE_SECRET, PASSWORD_KEY));
            }
        }
    }
    for (KeyStore keyStore : keyStores()) {
        keyStore.load(null, null);
        if (isReadOnly(keyStore)) {
            try {
                keyStore.setKeyEntry(ALIAS_PRIVATE, getPrivateKey().getPrivateKey(), null, getPrivateKey().getCertificateChain());
                fail(keyStore.getType());
            } catch (UnsupportedOperationException expected) {
            }
            continue;
        }
        // test with null passwords
        if (isNullPasswordAllowed(keyStore) || isKeyPasswordIgnored(keyStore)) {
            keyStore.setKeyEntry(ALIAS_PRIVATE, getPrivateKey().getPrivateKey(), null, getPrivateKey().getCertificateChain());
            assertPrivateKey(keyStore.getKey(ALIAS_PRIVATE, null));
        } else {
            try {
                keyStore.setKeyEntry(ALIAS_PRIVATE, getPrivateKey().getPrivateKey(), null, getPrivateKey().getCertificateChain());
                fail(keyStore.getType());
            } catch (Exception e) {
                if (e.getClass() != UnrecoverableKeyException.class && e.getClass() != IllegalArgumentException.class && e.getClass() != KeyStoreException.class) {
                    throw e;
                }
            }
        }
        if (isSecretKeyEnabled(keyStore)) {
            if (isNullPasswordAllowed(keyStore) || isKeyPasswordIgnored(keyStore)) {
                keyStore.setKeyEntry(ALIAS_SECRET, getSecretKey(), null, null);
                assertSecretKey(keyStore.getKey(ALIAS_SECRET, null));
            } else {
                try {
                    keyStore.setKeyEntry(ALIAS_SECRET, getSecretKey(), null, null);
                    fail(keyStore.getType());
                } catch (Exception e) {
                    if (e.getClass() != UnrecoverableKeyException.class && e.getClass() != IllegalArgumentException.class && e.getClass() != KeyStoreException.class) {
                        throw e;
                    }
                }
            }
        }
    }
}
Also used : UnrecoverableKeyException(java.security.UnrecoverableKeyException) KeyStoreException(java.security.KeyStoreException) KeyStore(java.security.KeyStore) KeyStoreException(java.security.KeyStoreException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) IOException(java.io.IOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)

Aggregations

KeyStore (java.security.KeyStore)738 IOException (java.io.IOException)190 X509Certificate (java.security.cert.X509Certificate)189 FileInputStream (java.io.FileInputStream)163 KeyStoreException (java.security.KeyStoreException)151 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)138 InputStream (java.io.InputStream)125 Certificate (java.security.cert.Certificate)124 TrustManagerFactory (javax.net.ssl.TrustManagerFactory)119 KeyManagerFactory (javax.net.ssl.KeyManagerFactory)114 SSLContext (javax.net.ssl.SSLContext)112 PrivateKey (java.security.PrivateKey)94 CertificateException (java.security.cert.CertificateException)94 File (java.io.File)82 ByteArrayInputStream (java.io.ByteArrayInputStream)75 CertificateFactory (java.security.cert.CertificateFactory)75 Key (java.security.Key)61 UnrecoverableKeyException (java.security.UnrecoverableKeyException)55 TrustManager (javax.net.ssl.TrustManager)47 KeyManagementException (java.security.KeyManagementException)40
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial