本文整理汇总了Java中java.security.KeyStore.PasswordProtection方法的典型用法代码示例。如果您正苦于以下问题:Java KeyStore.PasswordProtection方法的具体用法?Java KeyStore.PasswordProtection怎么用?Java KeyStore.PasswordProtection使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类java.security.KeyStore
的用法示例。
在下文中一共展示了KeyStore.PasswordProtection方法的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createJWT
import java.security.KeyStore; //导入方法依赖的package包/类
public String createJWT(String username, Set<String> groups)
throws GeneralSecurityException, IOException {
// Create and Base64 encode the header portion of the JWT
JsonObject headerObj =
Json.createObjectBuilder()
.add("alg", "RS256") /* Algorithm used */
.add("typ", "JWT") /* Type of token */
// .add("kid", "default") /* Hint about which key to use to sign, but the signature is
// invalid when I include this. */
.build();
String headerEnc = Base64Utility.encode(headerObj.toString().getBytes(), true);
// Create and Base64 encode the claims portion of the JWT
JsonObject claimsObj =
Json.createObjectBuilder()
.add("exp", (System.currentTimeMillis() / 1000) + 300) /* Expire time */
.add("iat", (System.currentTimeMillis() / 1000)) /* Issued time */
.add("aud", "acmeGifts") /* Audience */
.add("jti", Long.toHexString(System.nanoTime())) /* Unique value */
.add("sub", username) /* Subject */
.add("upn", username) /* Subject again */
.add("iss", JWT_ISSUER) /* Issuer */
.add("groups", getGroupArray(groups)) /* Group list */
.build();
String claimsEnc = Base64Utility.encode(claimsObj.toString().getBytes(), true);
String headerClaimsEnc = headerEnc + "." + claimsEnc;
// Open the keystore that the server will use to validate the JWT
KeyStore ks = KeyStore.getInstance("JCEKS");
InputStream ksStream = this.getClass().getResourceAsStream("/keystore.jceks");
char[] password = new String("secret").toCharArray();
ks.load(ksStream, password);
// Get the private key to use to sign the JWT. Normally we would not do this but
// we are pretending to be the user service here.
KeyStore.ProtectionParameter keyPassword = new KeyStore.PasswordProtection(password);
KeyStore.PrivateKeyEntry privateKeyEntry =
(KeyStore.PrivateKeyEntry) ks.getEntry("default", keyPassword);
PrivateKey privateKey = privateKeyEntry.getPrivateKey();
// Sign the JWT
Signature sig = Signature.getInstance(JWT_ALGORITHM);
sig.initSign(privateKey);
sig.update(headerClaimsEnc.getBytes());
String sigEnc = Base64Utility.encode(sig.sign(), true);
// Lets just check......
String jwtEnc = headerClaimsEnc + "." + sigEnc;
java.security.cert.Certificate cert = ks.getCertificate("default");
PublicKey publicKey = cert.getPublicKey();
validateJWT("Bearer " + jwtEnc, publicKey);
// Return the complete JWT (header, claims, signature).
return jwtEnc;
}
示例2: loadPfx
import java.security.KeyStore; //导入方法依赖的package包/类
public void loadPfx(InputStream is, String password)
throws NoSuchAlgorithmException,
CertificateException,
IOException,
KeyStoreException,
UnrecoverableEntryException {
char[] pwd = password.toCharArray();
KeyStore keyStore = KeyStore.getInstance("pkcs12");
keyStore.load(is, pwd);
PasswordProtection passwordProtection = new KeyStore.PasswordProtection(pwd);
for (Enumeration<String> aliases = keyStore.aliases(); aliases.hasMoreElements();) {
String alias = aliases.nextElement();
KeyStore.PrivateKeyEntry entry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(alias, passwordProtection);
Certificate cert = entry.getCertificate();
if (cert.getType().equals("X.509")) {
this.certificate = (X509Certificate) cert;
this.privateKey = entry.getPrivateKey();
return;
}
}
throw new RuntimeException("Certificate of type X.509 was not found.");
}
示例3: getKeyEntry
import java.security.KeyStore; //导入方法依赖的package包/类
public static KeyStore.Entry getKeyEntry( String keystorePath, String storePass, String keyName, String keyPass)
throws Exception
{
char[] keyPw = null;
KeyStore.PasswordProtection passwordProtection = null;
try {
KeyStore ks = loadKeyStore(keystorePath, storePass);
keyPw = PasswordObfuscator.getInstance().decodeAliasPassword( keystorePath, keyName, keyPass);
passwordProtection = new KeyStore.PasswordProtection(keyPw);
return ks.getEntry( keyName, passwordProtection);
}
finally {
if (keyPw != null) PasswordObfuscator.flush(keyPw);
if (passwordProtection != null) passwordProtection.destroy();
}
}
示例4: addPrivateKey
import java.security.KeyStore; //导入方法依赖的package包/类
/**
* Asymmetric cryptography - only the private key from generated pair is used.
* Pre-condition: #certificateAlias refers to existing certificate
*
* @throws {@link NullPointerException} when #certificateAlias is @code{null}
*/
public void addPrivateKey(String keyAlias, String certificateAlias, String password) {
keyAlias = String.format("%s (%s)", keyAlias, certificateAlias);
try {
Certificate[] certChain = keystore.getCertificateChain(certificateAlias);
if (certChain == null) {
LoggerFactory.getLogger(getClass()).warn("Could not find certificate");
certChain = new Certificate[0];
}
Entry entry = new PrivateKeyEntry(generateKeyPair().getPrivate(), certChain);
ProtectionParameter protParam = new KeyStore.PasswordProtection(password.toCharArray());
keystore.setEntry(keyAlias, entry, protParam);
} catch (KeyStoreException | NoSuchAlgorithmException ex) {
throw new RuntimeException("Unable to add new private key", ex);
}
}
示例5: run
import java.security.KeyStore; //导入方法依赖的package包/类
private void run(String keystoreType) throws Exception {
char[] pw = "password".toCharArray();
KeyStore ks = KeyStore.getInstance(keystoreType);
ks.load(null, pw);
KeyGenerator kg = KeyGenerator.getInstance("AES");
kg.init(128);
SecretKey key = kg.generateKey();
KeyStore.SecretKeyEntry ske = new KeyStore.SecretKeyEntry(key);
KeyStore.ProtectionParameter kspp = new KeyStore.PasswordProtection(pw);
ks.setEntry(ALIAS, ske, kspp);
File ksFile = File.createTempFile("test", ".test");
try (FileOutputStream fos = new FileOutputStream(ksFile)) {
ks.store(fos, pw);
fos.flush();
}
// now see if we can get it back
try (FileInputStream fis = new FileInputStream(ksFile)) {
KeyStore ks2 = KeyStore.getInstance(keystoreType);
ks2.load(fis, pw);
KeyStore.Entry entry = ks2.getEntry(ALIAS, kspp);
SecretKey keyIn = ((KeyStore.SecretKeyEntry)entry).getSecretKey();
if (Arrays.equals(key.getEncoded(), keyIn.getEncoded())) {
System.err.println("OK: worked just fine with " + keystoreType +
" keystore");
} else {
System.err.println("ERROR: keys are NOT equal after storing in "
+ keystoreType + " keystore");
}
}
}
示例6: checkSetEntry
import java.security.KeyStore; //导入方法依赖的package包/类
private void checkSetEntry(KeyStore ks, String alias,
KeyStore.PasswordProtection pw, KeyStore.Entry entry) throws Exception {
try {
ks.setEntry(alias, entry, pw);
throw new Exception(
"ERROR: expected KeyStore.setEntry to throw an exception");
} catch (KeyStoreException e) {
// ignore the expected exception
}
}
示例7: getSharedSecret
import java.security.KeyStore; //导入方法依赖的package包/类
public static byte[] getSharedSecret(String keyStorePath,
String keyStorePassword)
throws Exception {
if (keyStorePath == null) return null;
char[] password = keyStorePassword.toCharArray();
KeyStore.ProtectionParameter protParam =
new KeyStore.PasswordProtection(password);
KeyStore ks = readKeyStore(keyStorePath, password);
KeyStore.SecretKeyEntry entry = (KeyStore.SecretKeyEntry)
ks.getEntry(CHALLENGE_RESPONSE_SECRET, protParam);
SecretKey secretKey = entry.getSecretKey();
return secretKey.getEncoded();
}
示例8: bad7
import java.security.KeyStore; //导入方法依赖的package包/类
public void bad7() throws Exception {
byte[] bytes = new byte[2];
char[] pwd = "secret7".toCharArray();
new PBEKeySpec(pwd);
new PBEKeySpec(pwd, bytes, 1);
new PBEKeySpec(pwd, bytes, 1, 1);
PasswordAuthentication auth = new PasswordAuthentication("user", pwd);
PasswordCallback callback = new PasswordCallback("str", true);
callback.setPassword(pwd);
KeyStore.PasswordProtection protection = new KeyStore.PasswordProtection(pwd);
KerberosKey key = new KerberosKey(null, pwd, "alg");
KeyManagerFactory.getInstance("").init(null, pwd);
}
示例9: engineLoad
import java.security.KeyStore; //导入方法依赖的package包/类
/** {@inheritDoc} */
@Override
public void engineLoad(final KeyStore.LoadStoreParameter param) throws IOException {
if (param != null) {
final ProtectionParameter pp = param.getProtectionParameter();
if (pp instanceof KeyStore.CallbackHandlerProtection) {
if (((KeyStore.CallbackHandlerProtection) pp).getCallbackHandler() == null) {
throw new IllegalArgumentException("El CallbackHandler no puede ser nulo"); //$NON-NLS-1$
}
this.cryptoCard = new Ceres(
CeresProvider.getDefaultApduConnection(),
new JseCryptoHelper()
);
this.cryptoCard.setCallbackHandler(((KeyStore.CallbackHandlerProtection) pp).getCallbackHandler());
}
else if (pp instanceof KeyStore.PasswordProtection) {
final PasswordCallback pwc = new CeresPasswordCallback((PasswordProtection) pp);
this.cryptoCard = new Ceres(
CeresProvider.getDefaultApduConnection(),
new JseCryptoHelper()
);
this.cryptoCard.setPasswordCallback(pwc);
}
else {
Logger.getLogger("es.gob.jmulticard").warning( //$NON-NLS-1$
"Se ha proporcionado un LoadStoreParameter de tipo no soportado, se ignorara: " + (pp != null ? pp.getClass().getName() : "NULO") //$NON-NLS-1$ //$NON-NLS-2$
);
}
}
else {
this.cryptoCard = new Ceres(
CeresProvider.getDefaultApduConnection(),
new JseCryptoHelper()
);
}
userCertAliases = Arrays.asList(this.cryptoCard.getAliases());
}
示例10: setPassword
import java.security.KeyStore; //导入方法依赖的package包/类
public void setPassword(char[] password)
{
this.protectionParameter = new KeyStore.PasswordProtection(password);
}
示例11: PKCS12StoreParameter
import java.security.KeyStore; //导入方法依赖的package包/类
public PKCS12StoreParameter(OutputStream out, char[] password, boolean forDEREncoding)
{
this(out, new KeyStore.PasswordProtection(password), forDEREncoding);
}
示例12: engineSetKeyEntry
import java.security.KeyStore; //导入方法依赖的package包/类
/**
* Assigns the given key to the given alias, protecting it with the given
* password.
*
* <p>If the given key is of type <code>java.security.PrivateKey</code>,
* it must be accompanied by a certificate chain certifying the
* corresponding public key.
*
* <p>If the given alias already exists, the keystore information
* associated with it is overridden by the given key (and possibly
* certificate chain).
*
* @param alias the alias name
* @param key the key to be associated with the alias
* @param password the password to protect the key
* @param chain the certificate chain for the corresponding public
* key (only required if the given key is of type
* <code>java.security.PrivateKey</code>).
*
* @exception KeyStoreException if the given key cannot be protected, or
* this operation fails for some other reason
*/
public synchronized void engineSetKeyEntry(String alias, Key key,
char[] password, Certificate[] chain)
throws KeyStoreException
{
KeyStore.PasswordProtection passwordProtection =
new KeyStore.PasswordProtection(password);
try {
setKeyEntry(alias, key, passwordProtection, chain, null);
} finally {
try {
passwordProtection.destroy();
} catch (DestroyFailedException dfe) {
// ignore
}
}
}
示例13: engineSetEntry
import java.security.KeyStore; //导入方法依赖的package包/类
/**
* Saves a <code>KeyStore.Entry</code> under the specified alias.
* The specified protection parameter is used to protect the
* <code>Entry</code>.
*
* <p> If an entry already exists for the specified alias,
* it is overridden.
*
* @param alias save the <code>KeyStore.Entry</code> under this alias
* @param entry the <code>Entry</code> to save
* @param protParam the <code>ProtectionParameter</code>
* used to protect the <code>Entry</code>,
* which may be <code>null</code>
*
* @exception KeyStoreException if this operation fails
*
* @since 1.5
*/
@Override
public synchronized void engineSetEntry(String alias, KeyStore.Entry entry,
KeyStore.ProtectionParameter protParam) throws KeyStoreException {
// get password
if (protParam != null &&
!(protParam instanceof KeyStore.PasswordProtection)) {
throw new KeyStoreException("unsupported protection parameter");
}
KeyStore.PasswordProtection pProtect = null;
if (protParam != null) {
pProtect = (KeyStore.PasswordProtection)protParam;
}
// set entry
if (entry instanceof KeyStore.TrustedCertificateEntry) {
if (protParam != null && pProtect.getPassword() != null) {
// pre-1.5 style setCertificateEntry did not allow password
throw new KeyStoreException
("trusted certificate entries are not password-protected");
} else {
KeyStore.TrustedCertificateEntry tce =
(KeyStore.TrustedCertificateEntry)entry;
setCertEntry(alias, tce.getTrustedCertificate(),
tce.getAttributes());
return;
}
} else if (entry instanceof KeyStore.PrivateKeyEntry) {
if (pProtect == null || pProtect.getPassword() == null) {
// pre-1.5 style setKeyEntry required password
throw new KeyStoreException
("non-null password required to create PrivateKeyEntry");
} else {
KeyStore.PrivateKeyEntry pke = (KeyStore.PrivateKeyEntry)entry;
setKeyEntry(alias, pke.getPrivateKey(), pProtect,
pke.getCertificateChain(), pke.getAttributes());
return;
}
} else if (entry instanceof KeyStore.SecretKeyEntry) {
if (pProtect == null || pProtect.getPassword() == null) {
// pre-1.5 style setKeyEntry required password
throw new KeyStoreException
("non-null password required to create SecretKeyEntry");
} else {
KeyStore.SecretKeyEntry ske = (KeyStore.SecretKeyEntry)entry;
setKeyEntry(alias, ske.getSecretKey(), pProtect,
(Certificate[])null, ske.getAttributes());
return;
}
}
throw new KeyStoreException
("unsupported entry type: " + entry.getClass().getName());
}
示例14: writeSharedSecret
import java.security.KeyStore; //导入方法依赖的package包/类
public static void writeSharedSecret(String keyStorePath,
String keyStorePassword,
byte[] sharedSecret)
throws Exception {
char[] password = keyStorePassword.toCharArray();
KeyStore ks;
try {
ks = readKeyStore(keyStorePath, password);
} catch (FileNotFoundException e) {
ks = KeyStore.getInstance("JCEKS");
ks.load(null, password);
}
KeyStore.ProtectionParameter protParam =
new KeyStore.PasswordProtection(password);
SecretKeySpec signingKey =
new SecretKeySpec(sharedSecret, "HmacSHA1");
KeyStore.SecretKeyEntry skEntry =
new KeyStore.SecretKeyEntry(signingKey);
ks.setEntry(CHALLENGE_RESPONSE_SECRET, skEntry, protParam);
// store away the keystore
java.io.FileOutputStream fos = null;
File keyStoreFile = new File(keyStorePath);
File parent = keyStoreFile.getParentFile();
if (parent != null)
parent.mkdirs();
try {
fos = new java.io.FileOutputStream(keyStoreFile);
ks.store(fos, password);
keyStoreFile.setReadable(false, false);
keyStoreFile.setReadable(true, true);
keyStoreFile.setWritable(false, false);
keyStoreFile.setWritable(true, true);
keyStoreFile.setExecutable(false, false);
} finally {
if (fos != null) {
fos.close();
}
}
}