Examples with KeyStoreException java.security.KeyStoreException used on opensource projects

Example 61 with KeyStoreException

use of java.security.KeyStoreException in project OpenAM by OpenRock.

the class AMKeyProvider method store.

/**
     * Store the keystore changes.
     *
     * @throws IOException If an error occurs when saving the keystore.
     * @throws CertificateException If an error occurs when saving the keystore.
     * @throws NoSuchAlgorithmException If an error occurs when saving the keystore.
     * @throws KeyStoreException If an error occurs when saving the keystore.
     */
public void store() throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException {
    try {
        //            Save keystore to file.
        FileOutputStream keyStoreOStream = new FileOutputStream(keystoreFile);
        ks.store(keyStoreOStream, keystorePass.toCharArray());
        keyStoreOStream.close();
        keyStoreOStream = null;
        if (logger.messageEnabled()) {
            logger.message("Keystore saved in " + keystoreFile);
        }
    } catch (KeyStoreException e) {
        logger.error(e.getMessage());
        throw e;
    }
}

Example 62 with KeyStoreException

use of java.security.KeyStoreException in project OpenAM by OpenRock.

the class WebServicesClients method getValidValues.

/**
     * Returns certificate subject DNs in the KeyStore as possible values. 
     *
     * @param token the <code>SSOToken</code>
     * @param pattern the pattern to match with valid values.
     *
     * @return <code>ValidValues</code> object wiht certificate subject DNs.
     *
     * @exception SSOException if SSO token is not valid
     * @exception PolicyException if unable to get the list of valid names.
     */
public ValidValues getValidValues(SSOToken token, String pattern) throws SSOException, PolicyException {
    // TODO: ignoring the pattern for now. Do we need to take care of it?
    // probably we can ignore for this subject.
    Set subjects = new HashSet();
    try {
        KeyProvider kp = null;
        try {
            kp = (KeyProvider) Class.forName(SystemConfigurationUtil.getProperty(SAMLConstants.KEY_PROVIDER_IMPL_CLASS, SAMLConstants.JKS_KEY_PROVIDER)).newInstance();
        } catch (ClassNotFoundException cnfe) {
            debug.error("WebServicesClients.getValidValues(): " + " Couldn't find the class.", cnfe);
            kp = null;
        } catch (InstantiationException ie) {
            debug.error("WebServicesClients.getValidValues(): " + " Couldn't instantiate the key provider instance.", ie);
            kp = null;
        } catch (IllegalAccessException iae) {
            debug.error("WebServicesClients.getValidValues(): " + " Couldn't access the default constructor.", iae);
            kp = null;
        }
        if (kp != null) {
            KeyStore ks = kp.getKeyStore();
            if (ks != null) {
                Enumeration aliases = ks.aliases();
                while (aliases.hasMoreElements()) {
                    String alias = (String) aliases.nextElement();
                    if (debug.messageEnabled()) {
                        debug.message("WSClient.getValidValues: alias=" + alias);
                    }
                    // TODO: need to take care of certificate chaining
                    if (ks.isCertificateEntry(alias)) {
                        debug.message("WSClient.getValidValues: " + "alias is trusted.");
                        X509Certificate cert = (X509Certificate) ks.getCertificate(alias);
                        if (cert != null) {
                            debug.message("WSClient.getValidValues:cert " + "not null");
                            String name = CertUtils.getSubjectName(cert);
                            if (name != null && name.length() != 0) {
                                subjects.add(name);
                            }
                        } else {
                            debug.message("WSClient.getValidValues: " + "cert is null");
                        }
                    } else {
                        debug.message("WSClient.getValidValues:alias " + "not trusted.");
                    }
                }
            }
        }
    } catch (KeyStoreException kse) {
        if (debug.warningEnabled()) {
            debug.warning("WebServicesClients: couldn't get subjects", kse);
        }
        String[] objs = { kse.getMessage() };
        throw (new PolicyException(ResBundleUtils.rbName, "can_not_get_subject_values", objs, kse));
    }
    return (new ValidValues(ValidValues.SUCCESS, subjects));
}

Example 63 with KeyStoreException

use of java.security.KeyStoreException in project android_frameworks_base by ResurrectionRemix.

the class AndroidKeyStoreTest method testKeyStore_SetCertificate_PrivateKeyExists_Encrypted_Failure.

public void testKeyStore_SetCertificate_PrivateKeyExists_Encrypted_Failure() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    assertTrue(mAndroidKeyStore.importKey(Credentials.USER_PRIVATE_KEY + TEST_ALIAS_1, FAKE_RSA_KEY_1, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED));
    assertTrue(mAndroidKeyStore.put(Credentials.USER_CERTIFICATE + TEST_ALIAS_1, FAKE_RSA_USER_1, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED));
    assertTrue(mAndroidKeyStore.put(Credentials.CA_CERTIFICATE + TEST_ALIAS_1, FAKE_RSA_CA_1, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED));
    assertAliases(new String[] { TEST_ALIAS_1 });
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    final Certificate cert = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
    try {
        mKeyStore.setCertificateEntry(TEST_ALIAS_1, cert);
        fail("Should throw when trying to overwrite a PrivateKey entry with a Certificate");
    } catch (KeyStoreException success) {
    }
}

Example 64 with KeyStoreException

use of java.security.KeyStoreException in project android_frameworks_base by ResurrectionRemix.

the class OSUManager method deleteCerts.

private static int deleteCerts(KeyStore keyStore, String fqdn, String... prefixes) {
    int count = 0;
    for (String prefix : prefixes) {
        try {
            String alias = prefix + fqdn;
            Certificate cert = keyStore.getCertificate(alias);
            if (cert != null) {
                keyStore.deleteEntry(alias);
                count++;
            }
        } catch (KeyStoreException kse) {
        /**/
        }
    }
    return count;
}

Example 65 with KeyStoreException

use of java.security.KeyStoreException in project OpenAM by OpenRock.

the class SoapSTSAgentCredentialsAccessImpl method decryptAgentPassword.

private String decryptAgentPassword(String encryptedAgentPassword, KeyStore soapSTSInternalKeystore) throws STSInitializationException {
    try {
        KeyStore.SecretKeyEntry entry = (KeyStore.SecretKeyEntry) soapSTSInternalKeystore.getEntry(SharedSTSConstants.AM_INTERNAL_PEK_ALIAS, new KeyStore.PasswordProtection(SharedSTSConstants.AM_INTERNAL_SOAP_STS_KEYSTORE_PW.toCharArray()));
        JCEEncryption jceEncryption = new JCEEncryption();
        final byte[] decodedPassword = Base64.decode(encryptedAgentPassword);
        try {
            jceEncryption.setPassword(new String(entry.getSecretKey().getEncoded(), StandardCharsets.UTF_8));
            final byte[] decryptedPassword = jceEncryption.decrypt(decodedPassword);
            return new String(decryptedPassword, StandardCharsets.UTF_8);
        } catch (Exception e) {
            throw new STSInitializationException(ResourceException.INTERNAL_ERROR, e.getMessage(), e);
        }
    } catch (NoSuchAlgorithmException | UnrecoverableEntryException | KeyStoreException e) {
        throw new STSInitializationException(ResourceException.INTERNAL_ERROR, e.getMessage(), e);
    }
}