Examples with KeyStoreException java.security.KeyStoreException used on opensource projects

Example 16 with KeyStoreException

use of java.security.KeyStoreException in project OpenAM by OpenRock.

the class CreateSoapSTSDeployment method addAgentPasswordKeystore.

/*
    Adds the keystore used to store the secret used to encrypt the agent secret. This method will:
    1. create an empty keystore
    2. Obtain the keystore password (either hard-coded or obtained from user-specified parameters)
    3. add a secret key entry to the keystore specifying the password encryption key, which will be protected by the keystore password
    4. store the keystore in the updated .war file
     */
private void addAgentPasswordKeystore(JarOutputStream modifiedSoapSTSServerWar, String agentPasswordEncryptionKey) throws WorkflowException {
    try {
        final KeyStore soapSTSKeystore = initializeKeyStore();
        final char[] keystorePassword = getKeystorePassword();
        setAgentPasswordEncryptionKeyEntry(soapSTSKeystore, keystorePassword, agentPasswordEncryptionKey);
        storeKeystoreInWar(soapSTSKeystore, keystorePassword, modifiedSoapSTSServerWar);
    } catch (KeyStoreException | CertificateException | IOException | NoSuchAlgorithmException | IllegalStateException e) {
        throw new WorkflowException("soap.sts.deployment.workflow.error.exception.generating.internal.keystore", e.toString());
    }
}

Example 17 with KeyStoreException

use of java.security.KeyStoreException in project OpenAM by OpenRock.

the class STSCryptoProviderBase method loadKeystore.

private KeyStore loadKeystore() throws TokenCreationException {
    InputStream inputStream;
    try {
        inputStream = getKeystoreInputStream();
    } catch (FileNotFoundException e) {
        throw new TokenCreationException(ResourceException.BAD_REQUEST, "Could not find keystore file at location " + keystoreLocation + " neither on the filesystem, nor on the classpath.");
    }
    KeyStore keyStore;
    try {
        keyStore = KeyStore.getInstance(keystoreType);
    } catch (KeyStoreException e) {
        throw new TokenCreationException(ResourceException.INTERNAL_ERROR, "Could not get JKS keystore: " + e.getMessage(), e);
    }
    try {
        keyStore.load(inputStream, new String(keystorePassword, AMSTSConstants.UTF_8_CHARSET_ID).toCharArray());
        return keyStore;
    } catch (IOException | NoSuchAlgorithmException | CertificateException e) {
        throw new TokenCreationException(ResourceException.CONFLICT, "Could not load keystore at location " + keystoreLocation + ": " + e.getMessage(), e);
    }
}

Example 18 with KeyStoreException

use of java.security.KeyStoreException in project OpenAM by OpenRock.

the class AMKeyProvider method getPublicKey.

/**
     * Return java.security.PublicKey for the specified keyAlias.
     * @param keyAlias Key alias name
     * @return PublicKey which matches the keyAlias, return null if the PublicKey could not be found.
     */
public java.security.PublicKey getPublicKey(String keyAlias) {
    if (keyAlias == null || keyAlias.length() == 0) {
        return null;
    }
    java.security.PublicKey pkey = null;
    try {
        X509Certificate cert = (X509Certificate) ks.getCertificate(keyAlias);
        if (cert == null) {
            logger.error("Unable to retrieve certificate with alias '" + keyAlias + "' from keystore " + "'" + this.keystoreFile + "'");
            return null;
        }
        pkey = cert.getPublicKey();
    } catch (KeyStoreException e) {
        logger.error("Unable to get public key:" + keyAlias, e);
    }
    return pkey;
}

Example 19 with KeyStoreException

use of java.security.KeyStoreException in project OpenAM by OpenRock.

the class AMKeyProvider method getPrivateKey.

/**
     * Return the {@link java.security.PrivateKey} for the specified certAlias and encrypted private key password.
     * @param certAlias Certificate alias name
     * @param encryptedKeyPass The encrypted key password to use when getting the private certificate
     * @return PrivateKey which matches the certAlias, return null if the private key could not be found.
     */
public PrivateKey getPrivateKey(String certAlias, String encryptedKeyPass) {
    PrivateKey key = null;
    String keyPass = decodePassword(encryptedKeyPass);
    if (keyPass != null) {
        try {
            key = (PrivateKey) ks.getKey(certAlias, keyPass.toCharArray());
        } catch (KeyStoreException e) {
            logger.error(e.getMessage());
        } catch (NoSuchAlgorithmException e) {
            logger.error(e.getMessage());
        } catch (UnrecoverableKeyException e) {
            logger.error(e.getMessage());
        }
    } else {
        logger.error("AMKeyProvider.getPrivateKey: " + "null key password returned from decryption for certificate alias:" + certAlias + " The password maybe incorrect.");
    }
    return key;
}

Example 20 with KeyStoreException

use of java.security.KeyStoreException in project OpenAM by OpenRock.

the class AMKeyProvider method store.

/**
     * Store the keystore changes.
     *
     * @throws IOException If an error occurs when saving the keystore.
     * @throws CertificateException If an error occurs when saving the keystore.
     * @throws NoSuchAlgorithmException If an error occurs when saving the keystore.
     * @throws KeyStoreException If an error occurs when saving the keystore.
     */
public void store() throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException {
    try {
        //            Save keystore to file.
        FileOutputStream keyStoreOStream = new FileOutputStream(keystoreFile);
        ks.store(keyStoreOStream, keystorePass.toCharArray());
        keyStoreOStream.close();
        keyStoreOStream = null;
        if (logger.messageEnabled()) {
            logger.message("Keystore saved in " + keystoreFile);
        }
    } catch (KeyStoreException e) {
        logger.error(e.getMessage());
        throw e;
    }
}