private static KeyStore loadKeyCert(List<Buffer> keyValue, List<Buffer> certValue) throws Exception { if (keyValue.size() < certValue.size()) { throw new VertxException("Missing private key"); } else if (keyValue.size() > certValue.size()) { throw new VertxException("Missing X.509 certificate"); } final KeyStore keyStore = createEmptyKeyStore(); Iterator<Buffer> keyValueIt = keyValue.iterator(); Iterator<Buffer> certValueIt = certValue.iterator(); int index = 0; while (keyValueIt.hasNext() && certValueIt.hasNext()) { PrivateKey key = loadPrivateKey(keyValueIt.next()); Certificate[] chain = loadCerts(certValueIt.next()); keyStore.setEntry("dummy-entry-" + index++, new KeyStore.PrivateKeyEntry(key, chain), new KeyStore.PasswordProtection(DUMMY_PASSWORD.toCharArray())); } return keyStore; }
if (key instanceof PrivateKey) entry = new KeyStore.PrivateKeyEntry( (PrivateKey) key, oldKS.getCertificateChain(alias)); if (key instanceof PublicKey)
@SuppressWarnings("ConstantConditions") X509CertificateChainPrivateCredential cred = (X509CertificateChainPrivateCredential) credential; entry = new KeyStore.PrivateKeyEntry(cred.getPrivateKey(), cred.getCertificateChain()); } else if (credentialClass == BearerTokenCredential.class) { entry = new KeyStore.SecretKeyEntry(new SecretKeySpec(credential.castAndApply(BearerTokenCredential.class, c -> c.getToken().getBytes(StandardCharsets.UTF_8)), DATA_OID));
/** * Creates a JKS key store on disk initialized with the given private key and * certificate, at the given location and with the given password. * * @param path the full path (directory and file name) where the key store is created * @param password the password used to protect the key store * @param privateKey the key used to initialize the key store * @param certificate the certificate used to initialize the key store */ public static void createJKSKeyStore(Path path, char[] password, PrivateKey privateKey, X509Certificate certificate) { try { KeyStore keyStore = KeyStore.getInstance("jks"); keyStore.load(null, null); keyStore.setEntry( "omniKey", new PrivateKeyEntry(privateKey, new Certificate[] { certificate }), new PasswordProtection(password)); keyStore.store(new FileOutputStream(path.toFile()), password); } catch (Exception ex) { ex.printStackTrace(); } }
/** * Based on a public certificate, private key, alias and password, this method will load the certificate and * private key as an entry into the keystore, and it will set the provided alias and password to the keystore entry. * * @param keyStore * @param cert * @param privateKey * @param alias * @param password */ @SneakyThrows public void addKeyToKeystore(KeyStore keyStore, X509Certificate cert, RSAPrivateKey privateKey, String alias, String password) { KeyStore.PasswordProtection pass = new KeyStore.PasswordProtection(password.toCharArray()); Certificate[] certificateChain = {cert}; keyStore.setEntry(alias, new KeyStore.PrivateKeyEntry(privateKey, certificateChain), pass); }
private static byte[] initializeKeyStore(String pemCertificate, String pemKey) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { PEMReader reader = new PEMReader(new InputStreamReader(new ByteArrayInputStream(pemCertificate.getBytes()))); X509Certificate certificate = (X509Certificate) reader.readObject(); Certificate[] certificateChain = {certificate}; reader = new PEMReader(new InputStreamReader(new ByteArrayInputStream(pemKey.getBytes()))); KeyPair keyPair = (KeyPair) reader.readObject(); KeyStore keyStore = KeyStore.getInstance("pkcs12"); keyStore.load(null); keyStore.setEntry("apn", new KeyStore.PrivateKeyEntry(keyPair.getPrivate(), certificateChain), new KeyStore.PasswordProtection("insecure".toCharArray())); ByteArrayOutputStream baos = new ByteArrayOutputStream(); keyStore.store(baos, "insecure".toCharArray()); return baos.toByteArray(); }
public void createKeyStore(String keyStorePwd, String keyStoreFile, PrivateKey privateKey, X509Certificate certificate) throws Exception { char[] pwd = keyStorePwd.toCharArray(); KeyStore ks = KeyStore.getInstance("PKCS12"); ks.load(null, pwd); KeyStore.ProtectionParameter protParam = new KeyStore.PasswordProtection(pwd); Certificate[] certChain = new Certificate[]{ certificate }; KeyStore.PrivateKeyEntry pkEntry = new KeyStore.PrivateKeyEntry(privateKey, certChain); ks.setEntry("keypair", pkEntry, protParam); FileOutputStream fos = new FileOutputStream(keyStoreFile); ks.store(fos, pwd); fos.close(); }
public KeyStore exportCaKeyPair( char[] password, KeyStoreType keyStoreType ) { if ( keyStoreType == KeyStoreType.PKCS11 ) { throw new UnsupportedOperationException( "Export in PKCS#11 format is not supported, cannot continue." ); } try { CA ca = context.role( CA.class ); CryptIO cryptio = context.role( CryptIO.class ); KeyStore keystore = cryptio.createEmptyKeyStore( keyStoreType ); keystore.setEntry( ca.name().get(), new KeyStore.PrivateKeyEntry( ca.privateKey(), new Certificate[]{ ca.certificate() } ), new KeyStore.PasswordProtection( password ) ); return keystore; } catch ( KeyStoreException ex ) { throw new CryptoFailure( "Unable to store CA KeyPair for KeyStore export", ex ); } }
@Override public void storeCertifiedKeyPair( String slotId, PrivateKey privateKey, Certificate... certChain ) { try { KeyStore ks = loadKeyStore(); ks.setEntry( slotId, new KeyStore.PrivateKeyEntry( privateKey, certChain ), new KeyStore.PasswordProtection( meAsCryptoStore.password().get() ) ); cryptIO.writeKeyStore( ks, meAsCryptoStore.password().get(), meAsHasUoWFile.managedFile() ); } catch ( KeyStoreException ex ) { throw new CryptoFailure( "Unable to store certified keypair in " + meAsCryptoStore.name().get() + "/" + slotId, ex ); } }
@Override public Entry engineGetEntry(String alias, ProtectionParameter protParam) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException { if (protParam != null) { Logger.getLogger(this.getClass().getName()+" engineGetEntry()").warning("Parametro ProtectionParameter é ignorado, utilize null"); } if (engineContainsAlias(alias)) { return new PrivateKeyEntry((PrivateKey) engineGetKey(alias, null), engineGetCertificateChain(alias)); } return null; }
@SneakyThrows public void addKeyToKeystore(KeyStore keyStore, X509Certificate cert, RSAPrivateKey privateKey, String alias, String password) { KeyStore.PasswordProtection pass = new KeyStore.PasswordProtection(password.toCharArray()); Certificate[] certificateChain = {cert}; keyStore.setEntry(alias, new KeyStore.PrivateKeyEntry(privateKey, certificateChain), pass); }
@Override public KeyStore.PrivateKeyEntry get() { return new KeyStore.PrivateKeyEntry( privateKey, new Certificate[]{certificate} ); } }
protected KeyStore generateKeyStore(Certificate cert, PrivateKey privateKey, String alias, String keyStorePassword) throws GeneralSecurityException, IOException { KeyStore ks = KeyStore.getInstance(getModuleKeyStoreType()); ks.load(null, keyStorePassword.toCharArray()); // set client private key on keyStore file ks.setEntry(alias, new KeyStore.PrivateKeyEntry(privateKey, new Certificate[]{cert}), new KeyStore.PasswordProtection(keyStorePassword.toCharArray())); return ks; }
@Provides @Singleton protected KeyStore.PrivateKeyEntry getPrivateKey(PrivateKey privateKey, X509Certificate certificate) throws Exception { return new KeyStore.PrivateKeyEntry( privateKey, new Certificate[]{certificate} ); } }
@Provides @Singleton protected KeyStore.PrivateKeyEntry getPrivateKey(PrivateKey privateKey, X509Certificate certificate) { return new KeyStore.PrivateKeyEntry( privateKey, new Certificate[]{certificate} ); } }
@Provides @Singleton protected KeyStore.PrivateKeyEntry getPrivateKey(PrivateKey privateKey, X509Certificate certificate) throws Exception { return new KeyStore.PrivateKeyEntry( privateKey, new Certificate[]{certificate} ); } }
@Provides @Singleton protected KeyStore.PrivateKeyEntry getPrivateKey(PrivateKey privateKey, X509Certificate certificate) throws Exception { return new KeyStore.PrivateKeyEntry( privateKey, new Certificate[]{certificate} ); } }
private static KeyStore loadKeyCert(List<Buffer> keyValue, List<Buffer> certValue) throws Exception { if (keyValue.size() < certValue.size()) { throw new VertxException("Missing private key"); } else if (keyValue.size() > certValue.size()) { throw new VertxException("Missing X.509 certificate"); } final KeyStore keyStore = createEmptyKeyStore(); Iterator<Buffer> keyValueIt = keyValue.iterator(); Iterator<Buffer> certValueIt = certValue.iterator(); int index = 0; while (keyValueIt.hasNext() && certValueIt.hasNext()) { PrivateKey key = loadPrivateKey(keyValueIt.next()); Certificate[] chain = loadCerts(certValueIt.next()); keyStore.setEntry("dummy-entry-" + index++, new KeyStore.PrivateKeyEntry(key, chain), new KeyStore.PasswordProtection(DUMMY_PASSWORD.toCharArray())); } return keyStore; }
Key key = engineGetKey(alias, passW); if (key instanceof PrivateKey) { return new KeyStore.PrivateKeyEntry((PrivateKey) key, engineGetCertificateChain(alias));
public KeyStore.PrivateKeyEntry asKeyStoreEntry() { return new KeyStore.PrivateKeyEntry(privateKey, chain); }