Examples with PKCS8EncodedKeySpec java.security.spec.PKCS8EncodedKeySpec used on opensource projects

Search in sources :

Example 66 with PKCS8EncodedKeySpec

use of java.security.spec.PKCS8EncodedKeySpec in project jdk8u_jdk by JetBrains.

the class TestKeyStoreBasic method runTest.

public void runTest(String provider) throws Exception {
    // load private key
    // all keystore types should support private keys
    KeySpec spec = new PKCS8EncodedKeySpec(Base64.getMimeDecoder().decode(PRIVATE_KEY_PKCS8_BASE64));
    PrivateKey privateKey = KeyFactory.getInstance("RSA").generatePrivate(spec);
    // load x509 certificate
    Certificate cert;
    try (InputStream is = new BufferedInputStream(new ByteArrayInputStream(CERTIFICATE.getBytes()))) {
        cert = CertificateFactory.getInstance("X.509").generateCertificate(is);
    }
    int numEntries = 5;
    String type = null;
    for (int i = 0; i < PROVIDERS.length; i++) {
        if (provider.compareTo(PROVIDERS[i]) == 0) {
            type = KS_Type[i];
            break;
        }
    }
    System.out.printf("Test %s provider and %s keystore%n", provider, type);
    KeyStore ks = KeyStore.getInstance(type, provider);
    KeyStore ks2 = KeyStore.getInstance(type, ks.getProvider().getName());
    // create an empty key store
    ks.load(null, null);
    // store the secret keys
    for (int j = 0; j < numEntries; j++) {
        ks.setKeyEntry(ALIAS_HEAD + j, privateKey, PASSWDK, new Certificate[] { cert });
    }
    // initialize the 2nd key store object with the 1st one
    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ks.store(baos, PASSWDK);
    byte[] bArr = baos.toByteArray();
    ByteArrayInputStream bais = new ByteArrayInputStream(bArr);
    ks2.load(bais, null);
    // check 2nd key store type
    checkType(ks2, type);
    // check the existing aliases for the 2nd key store
    checkAlias(ks2, numEntries);
    // compare the creation date of the 2 key stores for all aliases
    compareCreationDate(ks, ks2, numEntries);
    // remove the last entry from the 2nd key store
    numEntries--;
    ks2.deleteEntry(ALIAS_HEAD + numEntries);
    // re-initialize the 1st key store with the 2nd key store
    baos.reset();
    ks2.store(baos, PASSWD2);
    bais = new ByteArrayInputStream(baos.toByteArray());
    try {
        // expect an exception since the password is incorrect
        ks.load(bais, PASSWDK);
        throw new RuntimeException("ERROR: passed the loading with incorrect password");
    } catch (IOException ex) {
        System.out.println("Expected exception: " + ex);
        if (!causedBy(ex, UnrecoverableKeyException.class)) {
            ex.printStackTrace(System.out);
            throw new RuntimeException("Unexpected cause");
        }
        System.out.println("Expected cause: " + UnrecoverableKeyException.class.getName());
        bais.reset();
        ks.load(bais, PASSWD2);
        bais.reset();
        ks.load(bais, null);
    }
    // check key store type
    checkType(ks, type);
    // check the existing aliases
    checkAlias(ks, numEntries);
    // compare the creation date of the 2 key stores for all aliases
    compareCreationDate(ks, ks2, numEntries);
}
Also used : PrivateKey(java.security.PrivateKey) BufferedInputStream(java.io.BufferedInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) KeySpec(java.security.spec.KeySpec) ByteArrayOutputStream(java.io.ByteArrayOutputStream) IOException(java.io.IOException) KeyStore(java.security.KeyStore) UnrecoverableKeyException(java.security.UnrecoverableKeyException) BufferedInputStream(java.io.BufferedInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) Certificate(java.security.cert.Certificate)

Example 67 with PKCS8EncodedKeySpec

use of java.security.spec.PKCS8EncodedKeySpec in project jdk8u_jdk by JetBrains.

the class TestLeadingZeros method main.

public static void main(String[] argv) throws Exception {
    KeyFactory factory = KeyFactory.getInstance("DSA", "SUN");
    for (String encodings : PKCS8_ENCODINGS) {
        byte[] encodingBytes = hexToBytes(encodings);
        PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(encodingBytes);
        DSAPrivateKey privKey2 = (DSAPrivateKey) factory.generatePrivate(encodedKeySpec);
        System.out.println("key: " + privKey2);
    }
    System.out.println("Test Passed");
}
Also used : PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)

Example 68 with PKCS8EncodedKeySpec

use of java.security.spec.PKCS8EncodedKeySpec in project android_frameworks_base by AOSPA.

the class AndroidKeyStoreTest method testKeyStore_SetEntry_CAEntry_Overwrites_PrivateKeyEntry_Encrypted_Success.

public void testKeyStore_SetEntry_CAEntry_Overwrites_PrivateKeyEntry_Encrypted_Success() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    // Start with TrustedCertificateEntry
    {
        final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
        TrustedCertificateEntry expectedCertEntry = new TrustedCertificateEntry(caCert);
        mKeyStore.setEntry(TEST_ALIAS_1, expectedCertEntry, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type TrustedCertificateEntry", actualEntry instanceof TrustedCertificateEntry);
        TrustedCertificateEntry actualCertEntry = (TrustedCertificateEntry) actualEntry;
        assertEquals("Stored and retrieved certificates should be the same", expectedCertEntry.getTrustedCertificate(), actualCertEntry.getTrustedCertificate());
    }
    // Replace with PrivateKeyEntry
    {
        KeyFactory keyFact = KeyFactory.getInstance("RSA");
        PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
        final Certificate[] expectedChain = new Certificate[2];
        expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
        expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
        PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain);
        mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null);
        Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
        assertNotNull("Retrieved entry should exist", actualEntry);
        assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
        PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry;
        assertPrivateKeyEntryEquals(actualPrivEntry, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
    }
}
Also used : TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) Entry(java.security.KeyStore.Entry) PrivateKey(java.security.PrivateKey) ByteArrayInputStream(java.io.ByteArrayInputStream) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) CertificateFactory(java.security.cert.CertificateFactory) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) KeyFactory(java.security.KeyFactory) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate) TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry)

Example 69 with PKCS8EncodedKeySpec

use of java.security.spec.PKCS8EncodedKeySpec in project android_frameworks_base by AOSPA.

the class AndroidKeyStoreTest method testKeyStore_SetKeyEntry_ProtectedKey_Encrypted_Failure.

public void testKeyStore_SetKeyEntry_ProtectedKey_Encrypted_Failure() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
    KeyFactory keyFact = KeyFactory.getInstance("RSA");
    PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
    final Certificate[] chain = new Certificate[2];
    chain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
    chain[1] = caCert;
    try {
        mKeyStore.setKeyEntry(TEST_ALIAS_1, privKey, "foo".toCharArray(), chain);
        fail("Should fail when a password is specified");
    } catch (KeyStoreException success) {
    }
}
Also used : PrivateKey(java.security.PrivateKey) ByteArrayInputStream(java.io.ByteArrayInputStream) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) KeyStoreException(java.security.KeyStoreException) CertificateFactory(java.security.cert.CertificateFactory) KeyFactory(java.security.KeyFactory) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 70 with PKCS8EncodedKeySpec

use of java.security.spec.PKCS8EncodedKeySpec in project android_frameworks_base by AOSPA.

the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_EC_Unencrypted_Success.

public void testKeyStore_SetEntry_PrivateKeyEntry_EC_Unencrypted_Success() throws Exception {
    mKeyStore.load(null, null);
    KeyFactory keyFact = KeyFactory.getInstance("EC");
    PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_EC_KEY_1));
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    final Certificate[] expectedChain = new Certificate[2];
    expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_EC_USER_1));
    expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_EC_CA_1));
    PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
    mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
    Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
    assertNotNull("Retrieved entry should exist", actualEntry);
    assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
    PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
    assertPrivateKeyEntryEquals(actual, "EC", FAKE_EC_KEY_1, FAKE_EC_USER_1, FAKE_EC_CA_1);
}
Also used : TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) Entry(java.security.KeyStore.Entry) PrivateKey(java.security.PrivateKey) ByteArrayInputStream(java.io.ByteArrayInputStream) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) CertificateFactory(java.security.cert.CertificateFactory) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) KeyFactory(java.security.KeyFactory) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Aggregations

PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)218 KeyFactory (java.security.KeyFactory)172 PrivateKey (java.security.PrivateKey)144 CertificateFactory (java.security.cert.CertificateFactory)86 ByteArrayInputStream (java.io.ByteArrayInputStream)85 Certificate (java.security.cert.Certificate)72 X509Certificate (java.security.cert.X509Certificate)71 PrivateKeyEntry (java.security.KeyStore.PrivateKeyEntry)59 Entry (java.security.KeyStore.Entry)53 TrustedCertificateEntry (java.security.KeyStore.TrustedCertificateEntry)53 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)45 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)42 X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)37 PublicKey (java.security.PublicKey)36 RSAPrivateKey (java.security.interfaces.RSAPrivateKey)29 IOException (java.io.IOException)28 SecretKey (javax.crypto.SecretKey)27 InvalidKeyException (java.security.InvalidKeyException)25 Key (java.security.Key)24 KeyStoreException (java.security.KeyStoreException)15
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial