Examples of java.security.KeyStore.PrivateKeyEntry

java.security.KeyStore.PrivateKeyEntry

    while (aliases.hasMoreElements()) {
      String alias = aliases.nextElement();


      if (keyStore.isKeyEntry(alias)) {
        Entry entry = keyStore.getEntry(alias, protParam);
        PrivateKeyEntry privateKeyEntry = (PrivateKeyEntry) entry;


        {
          X509Certificate[] certificateChain = toX509(privateKeyEntry.getCertificateChain());
          String encoded = CertificateUtils.toPem(certificateChain);
          File out = new File(dest, alias + ".crt");
          Files.write(encoded, out, Charsets.UTF_8);
        }


        {
          PrivateKey key = privateKeyEntry.getPrivateKey();
          String encoded = PrivateKeys.toPem(key);
          File out = new File(dest, alias + ".key");
          Files.write(encoded, out, Charsets.UTF_8);
        }
      }

View Full Code Here

        PrivateKeyCallback.Request req = privKeyCallback.getRequest();
        PrivateKey privKey = null;
        Certificate[] certs = null;
        if (req == null) {
            // no request type - set default key
            PrivateKeyEntry pke = getDefaultPrivateKeyEntry(
                    kstores, passwords);
            if (pke != null) {
                privKey = pke.getPrivateKey();
                certs = pke.getCertificateChain();
            }
            privKeyCallback.setKey(privKey, certs);
            passwords = null;
            return;
        }


        // find key based on request type
        try {
            if (req instanceof PrivateKeyCallback.AliasRequest) {
                PrivateKeyCallback.AliasRequest aReq =
                        (PrivateKeyCallback.AliasRequest)req;


                String alias = aReq.getAlias();
                PrivateKeyEntry privKeyEntry = null;
                if (alias == null) {
                    // use default key
                    privKeyEntry = getDefaultPrivateKeyEntry(kstores, passwords);
                } else {
                    privKeyEntry = SSLUtils.getPrivateKeyEntryFromTokenAlias(alias);
                }


                if (privKeyEntry != null) {
                    privKey = privKeyEntry.getPrivateKey();
                    certs = privKeyEntry.getCertificateChain();
                }
            } else if (req instanceof PrivateKeyCallback.IssuerSerialNumRequest) {
                PrivateKeyCallback.IssuerSerialNumRequest isReq =
                        (PrivateKeyCallback.IssuerSerialNumRequest)req;
                X500Principal issuer = isReq.getIssuer();
                BigInteger serialNum = isReq.getSerialNum();
                if (issuer != null && serialNum != null) {
                    boolean found = false;
                    for (int i = 0; i < kstores.length && !found; i++) {
                        Enumeration aliases = kstores[i].aliases();
                        while (aliases.hasMoreElements() && !found) {
                            String nextAlias = (String)aliases.nextElement();
                            Key key = kstores[i].getKey(nextAlias, passwords[i].toCharArray());
                            if (key != null && (key instanceof PrivateKey)) {
                                Certificate[] certificates =
                                        kstores[i].getCertificateChain(nextAlias);
                                // check issuer/serial
                                X509Certificate eeCert = (X509Certificate)certificates[0];
                                if (eeCert.getIssuerX500Principal().equals(issuer) &&
                                        eeCert.getSerialNumber().equals(serialNum)) {
                                    privKey = (PrivateKey)key;
                                    certs = certificates;
                                    found = true;
                                }
                            }
                        }
                    }
                }
            } else if (req instanceof PrivateKeyCallback.SubjectKeyIDRequest) {
                PrivateKeyCallback.SubjectKeyIDRequest skReq = 
                        (PrivateKeyCallback.SubjectKeyIDRequest)req;
                byte[] subjectKeyID = skReq.getSubjectKeyID();
                if (subjectKeyID != null) {
                    boolean found = false;
                    // In DER, subjectKeyID will be an OCTET STRING of OCTET STRING
                    DerValue derValue1 = new DerValue(
                        DerValue.tag_OctetString, subjectKeyID);
                    DerValue derValue2 = new DerValue(
                        DerValue.tag_OctetString, derValue1.toByteArray());
                    byte[] derSubjectKeyID = derValue2.toByteArray();


                    for (int i = 0; i < kstores.length && !found; i++) {
                        Enumeration aliases = kstores[i].aliases();
                        while (aliases.hasMoreElements() && !found) {
                            String nextAlias = (String)aliases.nextElement();
                            Key key = kstores[i].getKey(nextAlias, passwords[i].toCharArray());
                            if (key != null && (key instanceof PrivateKey)) {
                                Certificate[] certificates =
                                        kstores[i].getCertificateChain(nextAlias);
                                X509Certificate eeCert = (X509Certificate)certificates[0];
                                // Extension: SubjectKeyIdentifier
                                byte[] derSubKeyID = eeCert.getExtensionValue(SUBJECT_KEY_IDENTIFIER_OID);
                                if (derSubKeyID != null &&
                                        Arrays.equals(derSubKeyID, derSubjectKeyID)) {
                                    privKey = (PrivateKey)key;
                                    certs = certificates;
                                    found = true;
                                }
                            }
                        }
                    }
                }
            } else if (req instanceof PrivateKeyCallback.DigestRequest) {
                PrivateKeyCallback.DigestRequest dReq =
                        (PrivateKeyCallback.DigestRequest)req;
                byte[] digest = dReq.getDigest();
                String algorithm = dReq.getAlgorithm();


                PrivateKeyEntry privKeyEntry = null;
                if (digest == null) {
                    // get default key
                    privKeyEntry = getDefaultPrivateKeyEntry(kstores, passwords);
                } else {
                    if (algorithm == null) {
                        algorithm = DEFAULT_DIGEST_ALGORITHM;
                    }
                    MessageDigest md = MessageDigest.getInstance(algorithm);
                    privKeyEntry = getPrivateKeyEntry(kstores, passwords, md, digest);
                }


                if (privKeyEntry != null) {
                    privKey = privKeyEntry.getPrivateKey();
                    certs = privKeyEntry.getCertificateChain();
                }
            } else {
                if (_logger.isLoggable(Level.FINE)) {
                    _logger.log(Level.FINE,
                         "invalid request type: " + req.getClass().getName());

View Full Code Here

                _logger.log(Level.FINE,
                    "Exception in getDefaultPrivateKeyEntry", e);
            }
        }
      
        return new PrivateKeyEntry(privKey, certs);
    }

View Full Code Here

                _logger.log(Level.FINE,
                    "Exception in getPrivateKeyEntry for Digest", e);
            }
        }
      
        return new PrivateKeyEntry(privKey, certs);
    }

View Full Code Here

        // Load keystore
        KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
        keystore.load(input, storePass.toCharArray());


        // Retrieve private key
        PrivateKeyEntry entry = (PrivateKeyEntry)keystore.getEntry(keyAlias, new PasswordProtection(keyPass.toCharArray()));
        return entry.getPrivateKey();
    }

View Full Code Here

        // Load keystore
        KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
        keystore.load(input, storePass.toCharArray());


        // Retrieve private key
        PrivateKeyEntry entry = (PrivateKeyEntry)keystore.getEntry(keyAlias, new PasswordProtection(keyPass.toCharArray()));
        return entry.getPrivateKey();
    }

View Full Code Here

                String propertyName = event.getPropertyName();
                if (propertyName.equals(SamlCertificateRepository.SELECTED_KEY)) {
                    String fingerprint = (String) event.getNewValue();
                    SamlPanel.this.keyTextField.setText(fingerprint);
                } else if (propertyName.equals(SamlCertificateRepository.SELECTED_KEY_ENTRY)) {
                    PrivateKeyEntry privateKeyEntry = (PrivateKeyEntry) event.getNewValue();
                    SamlPanel.this.saml.getSamlProxy().setPrivateKeyEntry(privateKeyEntry);
                }
            }
        });
        this.certificateManager = new CertificateManager(this.samlCertificateRepository);

View Full Code Here

        this.propertyChangeSupport.firePropertyChange(SELECTED_KEY, null, fingerprint);
        
        KeyStore keyStore = (KeyStore) this._keyStores.get(keystoreIndex);
        String alias = getAliasAt(keystoreIndex, aliasIndex);
        try {
            PrivateKeyEntry privateKeyEntry = (PrivateKeyEntry) keyStore.getEntry(alias, null);
            this.propertyChangeSupport.firePropertyChange(SELECTED_KEY_ENTRY, null, privateKeyEntry);
        } catch (NoSuchAlgorithmException ex) {
            Logger.getLogger(SamlCertificateRepository.class.getName()).log(Level.SEVERE, null, ex);
        } catch (UnrecoverableEntryException ex) {
            Logger.getLogger(SamlCertificateRepository.class.getName()).log(Level.SEVERE, null, ex);

View Full Code Here

            keyStore.load(fis, signingConfig.getStorePassword().toCharArray());
            fis.close();


            //noinspection ConstantConditions
            char[] keyPassword = signingConfig.getKeyPassword().toCharArray();
            PrivateKeyEntry entry = (KeyStore.PrivateKeyEntry)keyStore.getEntry(
                    signingConfig.getKeyAlias(),
                    new KeyStore.PasswordProtection(keyPassword));


            if (entry != null) {
                return new CertificateInfo(entry.getPrivateKey(),
                        (X509Certificate) entry.getCertificate());
            }
        } catch (FileNotFoundException e) {
            throw e;
        } catch (Exception e) {
            throw new KeytoolException(

View Full Code Here

        PrivateKeyCallback.Request req = privKeyCallback.getRequest();
        PrivateKey privKey = null;
        Certificate[] certs = null;
        if (req == null) {
            // no request type - set default key
            PrivateKeyEntry pke = getDefaultPrivateKeyEntry(kstores);
            if (pke != null) {
                privKey = pke.getPrivateKey();
                certs = pke.getCertificateChain();
            }
            privKeyCallback.setKey(privKey, certs);
            return;
        }


        // find key based on request type
        try {
            if (req instanceof PrivateKeyCallback.AliasRequest) {
                PrivateKeyCallback.AliasRequest aReq =
                        (PrivateKeyCallback.AliasRequest)req;


                String alias = aReq.getAlias();
                PrivateKeyEntry privKeyEntry;
                if (alias == null) {
                    // use default key
                    privKeyEntry = getDefaultPrivateKeyEntry(kstores);
                } else {
                    privKeyEntry = sslUtils.getPrivateKeyEntryFromTokenAlias(alias);
                }


                if (privKeyEntry != null) {
                    privKey = privKeyEntry.getPrivateKey();
                    certs = privKeyEntry.getCertificateChain();
                }
            } else if (req instanceof PrivateKeyCallback.IssuerSerialNumRequest) {
                PrivateKeyCallback.IssuerSerialNumRequest isReq =
                        (PrivateKeyCallback.IssuerSerialNumRequest)req;
                X500Principal issuer = isReq.getIssuer();
                BigInteger serialNum = isReq.getSerialNum();
                if (issuer != null && serialNum != null) {
                    boolean found = false;
                    for (int i = 0; i < kstores.length && !found; i++) {
                        Enumeration aliases = kstores[i].aliases();
                        while (aliases.hasMoreElements() && !found) {
                            String nextAlias = (String)aliases.nextElement();
                            PrivateKey key = secSup.getPrivateKeyForAlias(nextAlias, i);
                            if (key != null) {
                                Certificate[] certificates =
                                        kstores[i].getCertificateChain(nextAlias);
                                // check issuer/serial
                                X509Certificate eeCert = (X509Certificate)certificates[0];
                                if (eeCert.getIssuerX500Principal().equals(issuer) &&
                                        eeCert.getSerialNumber().equals(serialNum)) {
                                    privKey = key;
                                    certs = certificates;
                                    found = true;
                                }
                            }
                        }
                    }
                }
            } else if (req instanceof PrivateKeyCallback.SubjectKeyIDRequest) {
                PrivateKeyCallback.SubjectKeyIDRequest skReq = 
                        (PrivateKeyCallback.SubjectKeyIDRequest)req;
                byte[] subjectKeyID = skReq.getSubjectKeyID();
                if (subjectKeyID != null) {
                    boolean found = false;
                    // In DER, subjectKeyID will be an OCTET STRING of OCTET STRING
                    DerValue derValue1 = new DerValue(
                        DerValue.tag_OctetString, subjectKeyID);
                    DerValue derValue2 = new DerValue(
                        DerValue.tag_OctetString, derValue1.toByteArray());
                    byte[] derSubjectKeyID = derValue2.toByteArray();


                    for (int i = 0; i < kstores.length && !found; i++) {
                        Enumeration aliases = kstores[i].aliases();
                        while (aliases.hasMoreElements() && !found) {
                            String nextAlias = (String)aliases.nextElement();
                            PrivateKey key = secSup.getPrivateKeyForAlias(nextAlias, i);
                            if (key != null) {
                                Certificate[] certificates =
                                        kstores[i].getCertificateChain(nextAlias);
                                X509Certificate eeCert = (X509Certificate)certificates[0];
                                // Extension: SubjectKeyIdentifier
                                byte[] derSubKeyID = eeCert.getExtensionValue(SUBJECT_KEY_IDENTIFIER_OID);
                                if (derSubKeyID != null &&
                                        Arrays.equals(derSubKeyID, derSubjectKeyID)) {
                                    privKey = key;
                                    certs = certificates;
                                    found = true;
                                }
                            }
                        }
                    }
                }
            } else if (req instanceof PrivateKeyCallback.DigestRequest) {
                PrivateKeyCallback.DigestRequest dReq =
                        (PrivateKeyCallback.DigestRequest)req;
                byte[] digest = dReq.getDigest();
                String algorithm = dReq.getAlgorithm();


                PrivateKeyEntry privKeyEntry = null;
                if (digest == null) {
                    // get default key
                    privKeyEntry = getDefaultPrivateKeyEntry(kstores);
                } else {
                    if (algorithm == null) {
                        algorithm = DEFAULT_DIGEST_ALGORITHM;
                    }
                    MessageDigest md = MessageDigest.getInstance(algorithm);
                    privKeyEntry = getPrivateKeyEntry(kstores, md, digest);
                }


                if (privKeyEntry != null) {
                    privKey = privKeyEntry.getPrivateKey();
                    certs = privKeyEntry.getCertificateChain();
                }
            } else {
                if (_logger.isLoggable(Level.FINE)) {
                    _logger.log(Level.FINE,
                         "invalid request type: " + req.getClass().getName());

View Full Code Here

0 1 2

TOP

Related Classes of java.security.KeyStore.PrivateKeyEntry

com.android.builder.signing.KeystoreHelper

com.sun.enterprise.security.jmac.callback.BaseContainerCallbackHandler

com.sun.enterprise.security.ssl.SSLUtils

com.sun.enterprise.security.SSLUtils

org.apache.camel.component.gae.auth.GAuthJksLoader

org.owasp.webscarab.plugin.saml.SamlCertificateRepository

org.owasp.webscarab.plugin.saml.swing.SamlPanel

org.platformlayer.crypto.KeyStoreEncryptionStore

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.