Java PasswordProtection类代码示例

import java.security.KeyStore.PasswordProtection; //导入依赖的package包/类
public void loadPfx(InputStream is, String password)
		throws NoSuchAlgorithmException,
			CertificateException,
			IOException,
			KeyStoreException,
			UnrecoverableEntryException {

	char[] pwd = password.toCharArray();
	KeyStore keyStore = KeyStore.getInstance("pkcs12");
	keyStore.load(is, pwd);
	PasswordProtection passwordProtection = new KeyStore.PasswordProtection(pwd);

	for (Enumeration<String> aliases = keyStore.aliases(); aliases.hasMoreElements();) {
		String alias = aliases.nextElement();
		KeyStore.PrivateKeyEntry entry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(alias, passwordProtection);
		Certificate cert = entry.getCertificate();
		if (cert.getType().equals("X.509")) {
			this.certificate = (X509Certificate) cert;
			this.privateKey = entry.getPrivateKey();
			return;
		}
	}
	throw new RuntimeException("Certificate of type X.509 was not found.");

}
 

import java.security.KeyStore.PasswordProtection; //导入依赖的package包/类
public void printAliasesList(String keyPasswd) {
	try {
		System.out.println("trustStoreType=" + trustStore.getType());
		System.out.println("size=" + trustStore.size());

		// --- Get All TrustStore's Certificates Alias -----------
		Enumeration<String> enumeration = trustStore.aliases();
		while (enumeration.hasMoreElements()) {
			String alias = enumeration.nextElement();
			System.out.println("alias=" + alias);
			// Entry entry = trustStore.getEntry(alias, null);

			Entry entry = trustStore.getEntry(alias, new PasswordProtection(keyPasswd.toCharArray()));

			System.out.println("entryClass=" + entry.getClass());
		}
	} catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e) {
		e.printStackTrace();
	}
}
 

import java.security.KeyStore.PasswordProtection; //导入依赖的package包/类
public void addSelfSignedCertificate(String certificateAlias, String dn, String password) {
	try {
		KeyPair keys = generateKeyPair();

		Calendar start = Calendar.getInstance();
		Calendar expiry = Calendar.getInstance();
		expiry.add(Calendar.YEAR, 1);
		X500Name name = new X500Name(dn);
		X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(name, BigInteger.ONE,
				start.getTime(), expiry.getTime(), name, SubjectPublicKeyInfo.getInstance(keys.getPublic().getEncoded()));
		ContentSigner signer = new JcaContentSignerBuilder("SHA1WithRSA").setProvider(new BouncyCastleProvider()).build(keys.getPrivate());
		X509CertificateHolder holder = certificateBuilder.build(signer);
		Certificate cert = new JcaX509CertificateConverter().setProvider(new BouncyCastleProvider()).getCertificate(holder);

		Entry entry = new PrivateKeyEntry(keys.getPrivate(), new Certificate[]{ cert });
		keystore.setEntry(certificateAlias, entry, new PasswordProtection(password.toCharArray()));
	} catch (GeneralSecurityException | OperatorCreationException ex) {
		throw new RuntimeException("Unable to generate self-signed certificate", ex);
	}
}
 

import java.security.KeyStore.PasswordProtection; //导入依赖的package包/类
/**
 * Asymmetric cryptography - only the private key from generated pair is used.
 * Pre-condition: #certificateAlias refers to existing certificate
 *
 * @throws {@link NullPointerException} when #certificateAlias is @code{null}
 */
public void addPrivateKey(String keyAlias, String certificateAlias, String password) {
	keyAlias = String.format("%s (%s)", keyAlias, certificateAlias);

	try {
		Certificate[] certChain = keystore.getCertificateChain(certificateAlias);
		if (certChain == null) {
			LoggerFactory.getLogger(getClass()).warn("Could not find certificate");
			certChain = new Certificate[0];
		}
		Entry entry = new PrivateKeyEntry(generateKeyPair().getPrivate(), certChain);
		ProtectionParameter protParam = new KeyStore.PasswordProtection(password.toCharArray());
		keystore.setEntry(keyAlias, entry, protParam);
	} catch (KeyStoreException | NoSuchAlgorithmException ex) {
		throw new RuntimeException("Unable to add new private key", ex);
	}
}
 

import java.security.KeyStore.PasswordProtection; //导入依赖的package包/类
/** {@inheritDoc} */
  @Override
  public KeyStore.Entry engineGetEntry(final String alias,
  		                             final ProtectionParameter protParam) {
  	if (protParam instanceof KeyStore.PasswordProtection) {
   	final PasswordCallback pwc = new CachePasswordCallback(((KeyStore.PasswordProtection)protParam).getPassword());
	this.cryptoCard.setPasswordCallback(pwc);
  	}
  	if (!engineContainsAlias(alias)) {
  		return null;
  	}
  	final PrivateKey key = (PrivateKey) engineGetKey(
	alias,
	null // Le pasamos null porque ya hemos establecido el PasswordCallback o el CallbackHander antes
);
  	return new PrivateKeyEntry(key, engineGetCertificateChain(alias));
  }
 

import java.security.KeyStore.PasswordProtection; //导入依赖的package包/类
private static void setKey(KeyStore keyStore, String keyName, String keyPassword, String keyValue) {
	if (StringUtils.isBlank(keyName)) {
		keyName = DEFAULT_KEY_NAME;
	}
	if (keyPassword == null) {
		keyPassword = DEFAULT_KEY_PASSWORD;
	}
	try {
		SecretKey secretKey = new SecretKeySpec(keyValue.getBytes(KEY_VALUE_ENCODING), KEY_TYPE);

		KeyStore.SecretKeyEntry keyStoreEntry = new KeyStore.SecretKeyEntry(secretKey);
		PasswordProtection _keyPassword = new PasswordProtection(keyPassword.toCharArray());
		keyStore.setEntry(keyName, keyStoreEntry, _keyPassword);

	} catch (Exception e) {
		throw new PaxmlRuntimeException(e);
	}

}
 

import java.security.KeyStore.PasswordProtection; //导入依赖的package包/类
@Override
public void engineLoad(LoadStoreParameter param) throws IOException,
        NoSuchAlgorithmException, CertificateException {
    if (param == null) {
        engineLoad(null, null);
        return;
    }

    ProtectionParameter pParam = param.getProtectionParameter();
    if (pParam == null) {
        throw new NoSuchAlgorithmException();
    }

    if (pParam instanceof PasswordProtection) {
        char[] password = ((PasswordProtection) pParam).getPassword();
        if (password == null) {
            throw new NoSuchAlgorithmException();
        } else {
            return;
        }
    }
    throw new CertificateException();
}
 

import java.security.KeyStore.PasswordProtection; //导入依赖的package包/类
@Override
public void engineStore(LoadStoreParameter param) throws IOException,
        NoSuchAlgorithmException, CertificateException {
    if (param == null) {
        throw new IOException();
    }

    ProtectionParameter pParam = param.getProtectionParameter();
    if (pParam instanceof PasswordProtection) {
        char[] password = ((PasswordProtection) pParam).getPassword();
        if (password == null) {
            throw new NoSuchAlgorithmException();
        } else if (password.length == 0) {
            throw new CertificateException();
        }
        return;
    }
    throw new UnsupportedOperationException();
}
 

import java.security.KeyStore.PasswordProtection; //导入依赖的package包/类
public void test_getKeyStore() throws KeyStoreException,
        NoSuchAlgorithmException, CertificateException,
        FileNotFoundException, IOException {

    String alias = "BKS";
    char[] pwd = new char[] { '1', '2', '3', '4', '5', '6' };
    InputStream fis = KeyStore2Test.class
            .getResourceAsStream("builderimpl.ks");
    KeyStore ks = KeyStore.getInstance(alias);
    ks.load(fis, pwd);
    Builder b = Builder.newInstance(ks, new PasswordProtection(pwd));
    KeyStore firstKeyStore = b.getKeyStore();
    ProtectionParameter firstProtParameter = b
            .getProtectionParameter(alias);
    assertSame(firstKeyStore, b.getKeyStore());
    assertSame(firstProtParameter, b.getProtectionParameter(alias));

    b = Builder.newInstance(alias, ks.getProvider(),
            new KeyStore.PasswordProtection(pwd));
    firstKeyStore = b.getKeyStore();
    firstProtParameter = b.getProtectionParameter(alias);
    assertNotSame(firstKeyStore, b.getKeyStore());
    assertSame(firstProtParameter, b.getProtectionParameter(alias));
}
 

import java.security.KeyStore.PasswordProtection; //导入依赖的package包/类
private PrivateKeyEntry loadCAKeyEntry() throws IOException,
        GeneralSecurityException {
    final KeyStore keystore = loadKeyStore();
    final Entry entry = keystore.getEntry(this.alias,
            new PasswordProtection(this.password.toCharArray()));
    return (PrivateKeyEntry) entry;
}
 

import java.security.KeyStore.PasswordProtection; //导入依赖的package包/类
private void loadPrivateKeyEntry() throws GeneralSecurityException {
    rootPrivateKeyEntry = (PrivateKeyEntry) rootCaKeystore.getEntry(
            rootCaAlias,
            new PasswordProtection(rootCaPassword.toCharArray()));

    if (rootPrivateKeyEntry == null) {
        throw new RuntimeException(
                "Could not read private key entry from rootca keystore with alias "
                        + rootCaAlias);
    }
}
 

import java.security.KeyStore.PasswordProtection; //导入依赖的package包/类
public void addSignedCertificate(final XTFKeyStore signerKeyStore, final String signerAlias, final String signerPassword, final String dn, final String certificateAlias, final String password) {
	try {
		final X509Certificate caCert = (X509Certificate) signerKeyStore.keystore.getCertificate(signerAlias);
		final PrivateKey caKey = (PrivateKey) signerKeyStore.keystore.getKey(signerAlias, signerPassword.toCharArray());
		final Calendar start = Calendar.getInstance();
		final Calendar expiry = Calendar.getInstance();
		expiry.add(Calendar.YEAR, 1);
		final KeyPair keyPair = generateKeyPair();
		final X500Name certName = new X500Name(dn);
		final X500Name issuerName = new X500Name(caCert.getSubjectDN().getName());
		X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(
				issuerName,
				BigInteger.valueOf(System.nanoTime()),
				start.getTime(),
				expiry.getTime(),
				certName,
				SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded()));
		final JcaX509ExtensionUtils u = new JcaX509ExtensionUtils();
		certificateBuilder.addExtension(Extension.authorityKeyIdentifier, false,
				u.createAuthorityKeyIdentifier(caCert));
		certificateBuilder.addExtension(Extension.subjectKeyIdentifier, false,
				u.createSubjectKeyIdentifier(keyPair.getPublic()));
		ContentSigner signer = new JcaContentSignerBuilder("SHA256WithRSA").setProvider(new BouncyCastleProvider()).build(caKey);
		X509CertificateHolder holder = certificateBuilder.build(signer);
		Certificate cert = new JcaX509CertificateConverter().setProvider(new BouncyCastleProvider()).getCertificate(holder);

		Entry entry = new PrivateKeyEntry(keyPair.getPrivate(), new Certificate[] {cert, caCert});
		keystore.setEntry(certificateAlias, entry, new PasswordProtection(password.toCharArray()));
	} catch (GeneralSecurityException | OperatorCreationException | CertIOException ex) {
		throw new RuntimeException("Unable to generate signed certificate", ex);
	}
}
 

import java.security.KeyStore.PasswordProtection; //导入依赖的package包/类
/** Callback para solicitar la constrasena.
 * @param pp PasswordProtection para solicitar la constrasena.
 */
CeresPasswordCallback(final PasswordProtection pp) {
	super("Por favor, introduzca el PIN de la tarjeta CERES", false); //$NON-NLS-1$
	if (pp == null) {
		throw new IllegalArgumentException(
			"El PasswordProtection no puede ser nulo" //$NON-NLS-1$
		);
	}
	this.passp = pp;
}
 

import java.security.KeyStore.PasswordProtection; //导入依赖的package包/类
/** {@inheritDoc} */
 @Override
 public void engineLoad(final KeyStore.LoadStoreParameter param) throws IOException {
 	if (param != null) {
 		final ProtectionParameter pp = param.getProtectionParameter();
 		if (pp instanceof KeyStore.CallbackHandlerProtection) {
 			if (((KeyStore.CallbackHandlerProtection) pp).getCallbackHandler() == null) {
 				throw new IllegalArgumentException("El CallbackHandler no puede ser nulo"); //$NON-NLS-1$
 			}
 			this.cryptoCard = new Ceres(
 					CeresProvider.getDefaultApduConnection(),
 					new JseCryptoHelper()
 				);
 			this.cryptoCard.setCallbackHandler(((KeyStore.CallbackHandlerProtection) pp).getCallbackHandler());
 		}
 		else if (pp instanceof KeyStore.PasswordProtection) {
 			final PasswordCallback pwc = new CeresPasswordCallback((PasswordProtection) pp);
 			this.cryptoCard = new Ceres(
 					CeresProvider.getDefaultApduConnection(),
 					new JseCryptoHelper()
 				);
 			this.cryptoCard.setPasswordCallback(pwc);
 		}
 		else {
     		Logger.getLogger("es.gob.jmulticard").warning( //$NON-NLS-1$
 				"Se ha proporcionado un LoadStoreParameter de tipo no soportado, se ignorara: " + (pp != null ? pp.getClass().getName() : "NULO") //$NON-NLS-1$ //$NON-NLS-2$
	);
 		}
 	}
 	else {
  	this.cryptoCard = new Ceres(
	CeresProvider.getDefaultApduConnection(),
	new JseCryptoHelper()
);
 	}

 	userCertAliases = Arrays.asList(this.cryptoCard.getAliases());
 }
 

import java.security.KeyStore.PasswordProtection; //导入依赖的package包/类
/**
 * @param pp PasswordProtection para solicitar la contraseña
 */
DniePasswordCallback(final PasswordProtection pp) {
	super("Por favor, introduzca el PIN del DNIe", false); //$NON-NLS-1$
	if (pp == null) {
		throw new IllegalArgumentException(
			"El PasswordProtection no puede ser nulo" //$NON-NLS-1$
		);
	}
	this.passp = pp;
}