当前位置: 首页>>代码示例>>Java>>正文


Java KeyStore.getCertificateChain方法代码示例

本文整理汇总了Java中java.security.KeyStore.getCertificateChain方法的典型用法代码示例。如果您正苦于以下问题:Java KeyStore.getCertificateChain方法的具体用法?Java KeyStore.getCertificateChain怎么用?Java KeyStore.getCertificateChain使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在java.security.KeyStore的用法示例。


在下文中一共展示了KeyStore.getCertificateChain方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: main

import java.security.KeyStore; //导入方法依赖的package包/类
public static void main(String[] args) throws Exception {
    if (initSecmod() == false) {
        return;
    }

    String configName = BASE + SEP + "nss.cfg";
    Provider p = getSunPKCS11(configName);

    System.out.println(p);
    Security.addProvider(p);

    if (args.length > 1 && "sm".equals(args[0])) {
        System.setProperty("java.security.policy",
                BASE + File.separator + args[1]);
        System.setSecurityManager(new SecurityManager());
    }

    KeyStore ks = KeyStore.getInstance(PKCS11, p);
    ks.load(null, password);
    Collection<String> aliases = new TreeSet<>(
            Collections.list(ks.aliases()));
    System.out.println("entries: " + aliases.size());
    System.out.println(aliases);

    PrivateKey privateKey = (PrivateKey)ks.getKey(keyAlias, password);
    System.out.println(privateKey);

    byte[] data = generateData(1024);

    System.out.println("Signing...");
    Signature signature = Signature.getInstance("MD5withRSA");
    signature.initSign(privateKey);
    signature.update(data);
    byte[] sig = signature.sign();

    X509Certificate[] chain =
            (X509Certificate[]) ks.getCertificateChain(keyAlias);
    signature.initVerify(chain[0].getPublicKey());
    signature.update(data);
    boolean ok = signature.verify(sig);
    if (ok == false) {
        throw new Exception("Signature verification error");
    }

    System.out.println("OK");

}
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:48,代码来源:GetPrivateKey.java

示例2: getMOSubCA2Certificate

import java.security.KeyStore; //导入方法依赖的package包/类
/**
 * Returns the mobility operator Sub-CA 2 certificate (MOSubCA2 certificate) which can verify the signature of the  
 * contract certificate from the given keystore. The public key of the MOSub2Certificate is then used to verify 
 * the signature of sales tariffs.
 * 
 * @param keyStoreFileName The relative path and file name of the keystore
 * @return The X.509 mobility operator Sub-CA2 certificate (a certificate from a Sub-CA)
 */
public static X509Certificate getMOSubCA2Certificate(String keyStoreFileName) {
	KeyStore keystore = getKeyStore(keyStoreFileName, GlobalValues.PASSPHRASE_FOR_CERTIFICATES_AND_KEYS.toString());
	X509Certificate moSubCA2Certificate = null;
	
	try {
		Certificate[] certChain = keystore.getCertificateChain(GlobalValues.ALIAS_CONTRACT_CERTIFICATE.toString());
		X509Certificate contractCertificate = getLeafCertificate(certChain);
		SubCertificatesType subCertificates = getSubCertificates(certChain); 
		
		for (byte[] certificate : subCertificates.getCertificate()) {
			X509Certificate x509Cert = getCertificate(certificate);
			if (contractCertificate.getIssuerX500Principal().getName().equals(
				x509Cert.getSubjectX500Principal().getName())) {
				moSubCA2Certificate = x509Cert;
				break;
			}
		}
	} catch (KeyStoreException e) {
		getLogger().error("KeyStoreException occurred while trying to get MOSubCA2 certificate");
	}
	
	return moSubCA2Certificate;
}
 
开发者ID:V2GClarity,项目名称:RISE-V2G,代码行数:32,代码来源:SecurityUtils.java

示例3: compareKeyEntry

import java.security.KeyStore; //导入方法依赖的package包/类
private void compareKeyEntry(KeyStore a, KeyStore b, String aPass,
        String bPass, String alias) throws KeyStoreException,
        UnrecoverableKeyException, NoSuchAlgorithmException {
    Certificate[] certsA = a.getCertificateChain(alias);
    Certificate[] certsB = b.getCertificateChain(alias);

    if (!Arrays.equals(certsA, certsB)) {
        throw new RuntimeException("Certs don't match for alias:" + alias);
    }

    Key keyA = a.getKey(alias, aPass.toCharArray());
    Key keyB = b.getKey(alias, bPass.toCharArray());

    if (!keyA.equals(keyB)) {
        throw new RuntimeException(
                "Key don't match for alias:" + alias);
    }
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:19,代码来源:ConvertP12Test.java

示例4: getCertificates

import java.security.KeyStore; //导入方法依赖的package包/类
public static Collection<Certificate> getCertificates (KeyStore keyStore) throws KeyStoreException {
    Set<Certificate> certs = new HashSet<Certificate> ();
    for (String alias: Collections.list (keyStore.aliases ())) {
        Certificate[] certificateChain = keyStore.getCertificateChain(alias);
        if (certificateChain != null) {
            certs.addAll(Arrays.asList(certificateChain));
        }
        certs.add(keyStore.getCertificate(alias));
    }
    return certs;
}
 
开发者ID:apache,项目名称:incubator-netbeans,代码行数:12,代码来源:Utilities.java

示例5: execute0

import java.security.KeyStore; //导入方法依赖的package包/类
@Override
protected Object execute0() throws Exception {
    File realInFile = new File(IoUtil.expandFilepath(inFile));
    File realOutFile = new File(IoUtil.expandFilepath(outFile));

    if (CompareUtil.equalsObject(realInFile, realOutFile)) {
        throw new IllegalCmdParamException("in and out cannot be the same");
    }

    KeyStore inKs = KeyStore.getInstance(inType);
    KeyStore outKs = KeyStore.getInstance(outType);
    outKs.load(null);

    char[] inPassword = readPasswordIfNotSet("password of the source keystore", inPwd);
    FileInputStream inStream = new FileInputStream(realInFile);
    try {
        inKs.load(inStream, inPassword);
    } finally {
        inStream.close();
    }

    char[] outPassword = readPasswordIfNotSet("password of the destination keystore", outPwd);
    Enumeration<String> aliases = inKs.aliases();
    while (aliases.hasMoreElements()) {
        String alias = aliases.nextElement();
        if (inKs.isKeyEntry(alias)) {
            Certificate[] certs = inKs.getCertificateChain(alias);
            Key key = inKs.getKey(alias, inPassword);
            outKs.setKeyEntry(alias, key, outPassword, certs);
        } else {
            Certificate cert = inKs.getCertificate(alias);
            outKs.setCertificateEntry(alias, cert);
        }
    }

    ByteArrayOutputStream bout = new ByteArrayOutputStream(4096);
    outKs.store(bout, outPassword);
    saveVerbose("saved destination keystore to file", realOutFile, bout.toByteArray());
    return null;
}
 
开发者ID:xipki,项目名称:xitk,代码行数:41,代码来源:ConvertKeystoreCmd.java

示例6: getCertificateChain

import java.security.KeyStore; //导入方法依赖的package包/类
/**
 * Returns the certificate chain from a PKCS#12 container holding credentials such as private key,
 * leaf certificate and zero or more intermediate certificates.
 * 
 * @param pkcs12Resource The PKCS#12 container
 * @return The certificate chain
 */
public static CertificateChainType getCertificateChain(String pkcs12Resource) {
	CertificateChainType certChain = new CertificateChainType();
	
	/*
	 * For testing purposes, the respective PKCS12 container file has already been put in the 
	 * resources folder. However, when implementing a real interface to a secondary actor's backend, 
	 * the retrieval of a certificate must be done via some other online mechanism.
	 */
	KeyStore contractCertificateKeystore = getPKCS12KeyStore(pkcs12Resource, GlobalValues.PASSPHRASE_FOR_CERTIFICATES_AND_KEYS.toString());
	
	if (contractCertificateKeystore == null) {
		getLogger().error("Unable to access certificate chain because no PKCS#12 container found at " +
						  "location '" + pkcs12Resource + "'");
		return null;
	}
	
	try {
		Enumeration<String> aliases = contractCertificateKeystore.aliases();
		Certificate[] tempCertChain = null;
		// Only one certificate chain (and therefore alias) should be available
		while (aliases.hasMoreElements()) {
			tempCertChain = contractCertificateKeystore.getCertificateChain(aliases.nextElement());
			certChain.setCertificate(getLeafCertificate(tempCertChain).getEncoded());
			certChain.setSubCertificates(getSubCertificates(tempCertChain));
		}
	} catch (KeyStoreException | CertificateEncodingException | NullPointerException e) {
		getLogger().error(e.getClass().getSimpleName() + " occurred while  trying to get " +
						  "certificate chain from resource '" + pkcs12Resource + "'", e);
	}
	
	return certChain;
}
 
开发者ID:V2GClarity,项目名称:RISE-V2G,代码行数:40,代码来源:SecurityUtils.java

示例7: run

import java.security.KeyStore; //导入方法依赖的package包/类
private void run(KeyStore inputKeyStore, KeyStore outputKeyStore,
        String inKeyPass, String outKeyPass) throws Exception {
    Enumeration<String> e = inputKeyStore.aliases();
    String alias;
    while (e.hasMoreElements()) {
        alias = e.nextElement();
        Certificate[] certs = inputKeyStore.getCertificateChain(alias);

        boolean isCertEntry = inputKeyStore.isCertificateEntry(alias);
        // Test KeyStore only contain key pair entries.
        if (isCertEntry == true) {
            throw new RuntimeException(
                    "inputKeystore should not be certEntry because test"
                            + " keystore only contain key pair entries"
                            + " for alias:" + alias);
        }

        boolean isKeyEntry = inputKeyStore.isKeyEntry(alias);
        Key key = null;
        if (isKeyEntry) {
            key = inputKeyStore.getKey(alias, inKeyPass.toCharArray());
        } else {
            throw new RuntimeException("Entry type unknown for alias:"
                    + alias);
        }
        outputKeyStore.setKeyEntry(alias, key, outKeyPass.toCharArray(),
                certs);
    }
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:30,代码来源:ConvertP12Test.java

示例8: create

import java.security.KeyStore; //导入方法依赖的package包/类
public static Signer create(
        final File keystoreFile,
        final String keystorePassword,
        final String signingAlias,
        final String keyPassword) throws IOException,
                                         KeyStoreException,
                                         NoSuchAlgorithmException,
                                         CertificateException,
                                         UnrecoverableKeyException,
                                         OperatorCreationException,
                                         CMSException,
                                         InvalidNameException {
    final KeyStore jksKeyStore = KeyStore.getInstance("JKS");
    final InputStream is = new FileInputStream(keystoreFile);
    try {
        jksKeyStore.load(is, keystorePassword.toCharArray());
    } finally {
        is.close();
    }

    final PrivateKey privateKey =
            (PrivateKey) jksKeyStore.getKey(signingAlias,
                                            keyPassword.toCharArray());
    final Certificate[] certChain =
            jksKeyStore.getCertificateChain(signingAlias);
    if (certChain == null) {
        throw new CertificateException(
                "Certificate chain not found under \"" + signingAlias
                                                       + "\"");
    }

    final X509Certificate signingCert = (X509Certificate) certChain[0];
    final String subjectName = getSubjectName(signingCert);

    Certificate[] certChain2;
    if (certChain.length == 3) { //re-order to match the same order in codesign
        certChain2 = new Certificate[3];
        certChain2[0] = certChain[1];
        certChain2[1] = certChain[2];
        certChain2[2] = certChain[0];
    } else {
        certChain2 = certChain;
    }
    final Store certs = new JcaCertStore(Arrays.asList(certChain2));
    final CMSSignedDataGenerator signatureGenerator =
            new CMSSignedDataGenerator();

    signatureGenerator.addSignerInfoGenerator(
            new JcaSimpleSignerInfoGeneratorBuilder()
                        .setProvider("BC")
                        .build("SHA1withRSA", privateKey, signingCert));
    signatureGenerator.addCertificates(certs);

    return new Signer(signatureGenerator, subjectName);
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:56,代码来源:Signer.java

示例9: init

import java.security.KeyStore; //导入方法依赖的package包/类
private static void init() throws Exception {

        // first write policy files

        PolicyParser pp = new PolicyParser();
        pp.read(new StringReader(POLICY_NO_STORE));
        pp.write(new FileWriter(NO_STORE_FILE, false));

        pp = new PolicyParser();
        pp.read(new StringReader(POLICY_URL));
        pp.write(new FileWriter(URL_FILE, false));

        pp = new PolicyParser();
        pp.read(new StringReader(POLICY_URL_T));
        pp.write(new FileWriter(URL_T_FILE, false));

        pp = new PolicyParser();
        pp.read(new StringReader(POLICY_URL_T_P));
        pp.write(new FileWriter(URL_T_P_FILE, false));

        pp = new PolicyParser();
        pp.read(new StringReader(POLICY_URL_PWD));
        pp.write(new FileWriter(URL_PWD_FILE, false));

        pp = new PolicyParser();
        pp.read(new StringReader(POLICY_URL_T_P_PWD));
        pp.write(new FileWriter(URL_T_P_PWD_FILE, false));

        pp = new PolicyParser();
        pp.read(new StringReader(POLICY_BADPASS));
        pp.write(new FileWriter(BADPASS_FILE, false));

        // next load keystore data to build PD's

        KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
        ks.load(new FileInputStream
                        (System.getProperty("test.src", ".") +
                        File.separatorChar +
                        "TokenStore.keystore"),
                storePassword);

        NO_STORE_DOMAIN = new ProtectionDomain
                        (new CodeSource(new URL("file:/foo"),
                            (java.security.cert.Certificate[]) null),
                        null,  // perms
                        null,  // class loader
                        null);  // principals

        Certificate[] chain = (Certificate[])
                        ks.getCertificateChain("POLICY_URL");
        URL_DOMAIN = new ProtectionDomain
                        (new CodeSource(new URL("file:/foo"), chain),
                        null,  // perms
                        null,  // class loader
                        null);  // principals

        chain = (Certificate[])
                        ks.getCertificateChain("POLICY_URL_T");
        URL_T_DOMAIN = new ProtectionDomain
                        (new CodeSource(new URL("file:/foo"), chain),
                        null,  // perms
                        null,  // class loader
                        null);  // principals

        chain = (Certificate[])
                        ks.getCertificateChain("POLICY_URL_T_P");
        URL_T_P_DOMAIN = new ProtectionDomain
                        (new CodeSource(new URL("file:/foo"), chain),
                        null,  // perms
                        null,  // class loader
                        null);  // principals
    }
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:73,代码来源:TokenStore.java

示例10: main

import java.security.KeyStore; //导入方法依赖的package包/类
public static void main(String[] args) throws Exception {

        // Prepare a JKS keystore with many entries
        new File(JKSFILE).delete();
        for (int i=0; i<SIZE; i++) {
            System.err.print(".");
            String cmd = "-keystore " + JKSFILE
                    + " -storepass changeit -keypass changeit -keyalg rsa "
                    + "-genkeypair -alias p" + i + " -dname CN=" + i;
            sun.security.tools.keytool.Main.main(cmd.split(" "));
        }

        // Prepare EncryptedPrivateKeyInfo parameters, copied from various
        // places in PKCS12KeyStore.java
        AlgorithmParameters algParams =
                AlgorithmParameters.getInstance("PBEWithSHA1AndDESede");
        algParams.init(new PBEParameterSpec("12345678".getBytes(), 1024));
        AlgorithmId algid = new AlgorithmId(
                new ObjectIdentifier("1.2.840.113549.1.12.1.3"), algParams);

        PBEKeySpec keySpec = new PBEKeySpec(PASSWORD);
        SecretKeyFactory skFac = SecretKeyFactory.getInstance("PBE");
        SecretKey skey = skFac.generateSecret(keySpec);

        Cipher cipher = Cipher.getInstance("PBEWithSHA1AndDESede");
        cipher.init(Cipher.ENCRYPT_MODE, skey, algParams);

        // Pre-calculated keys and certs and aliases
        byte[][] keys = new byte[SIZE][];
        Certificate[][] certChains = new Certificate[SIZE][];
        String[] aliases = new String[SIZE];

        // Reads from JKS keystore and pre-calculate
        KeyStore ks = KeyStore.getInstance("jks");
        try (FileInputStream fis = new FileInputStream(JKSFILE)) {
            ks.load(fis, PASSWORD);
        }
        for (int i=0; i<SIZE; i++) {
            aliases[i] = "p" + i;
            byte[] enckey = cipher.doFinal(
                    ks.getKey(aliases[i], PASSWORD).getEncoded());
            keys[i] = new EncryptedPrivateKeyInfo(algid, enckey).getEncoded();
            certChains[i] = ks.getCertificateChain(aliases[i]);
        }

        // Write into PKCS12 keystore. Use this overloaded version of
        // setKeyEntry() to be as fast as possible, so that they would
        // have same localKeyId.
        KeyStore p12 = KeyStore.getInstance("pkcs12");
        p12.load(null, PASSWORD);
        for (int i=0; i<SIZE; i++) {
            p12.setKeyEntry(aliases[i], keys[i], certChains[i]);
        }
        try (FileOutputStream fos = new FileOutputStream(P12FILE)) {
            p12.store(fos, PASSWORD);
        }

        // Check private keys still match certs
        p12 = KeyStore.getInstance("pkcs12");
        try (FileInputStream fis = new FileInputStream(P12FILE)) {
            p12.load(fis, PASSWORD);
        }
        for (int i=0; i<SIZE; i++) {
            String a = "p" + i;
            X509Certificate x = (X509Certificate)p12.getCertificate(a);
            X500Name name = (X500Name)x.getSubjectDN();
            if (!name.getCommonName().equals(""+i)) {
                throw new Exception(a + "'s cert is " + name);
            }
        }
    }
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:72,代码来源:PKCS12SameKeyId.java

示例11: test

import java.security.KeyStore; //导入方法依赖的package包/类
private void test(Certificate certs[], String inKeyStorePath,
        String userAlias, String outStorePass, String outKeyPass)
        throws KeyStoreException, NoSuchProviderException, IOException,
        CertificateException, UnrecoverableKeyException,
        NoSuchAlgorithmException {
    // init output key store
    KeyStore outputKeyStore = KeyStore.getInstance("pkcs12", "SunJSSE");
    outputKeyStore.load(null, null);
    try (FileOutputStream fout = new FileOutputStream(OUT_KEYSTORE)) {
        // KeyStore have encoded by Base64.getMimeEncoder().encode(),need
        // decode first.
        byte[] input = Files.readAllBytes(Paths.get(CERT_PATH,
                inKeyStorePath));
        ByteArrayInputStream arrayIn = new ByteArrayInputStream(Base64
                .getMimeDecoder().decode(input));
        // input key store
        KeyStore inputKeyStore = KeyStore.getInstance(IN_KEYSTORE_TYPE,
                IN_KEYSTORE_PRV);
        inputKeyStore.load(arrayIn, IN_STORE_PASS.toCharArray());
        // add key/certificate to output key store
        Key key = inputKeyStore
                .getKey(userAlias, IN_KEY_PASS.toCharArray());
        out.println("Input Key Algorithm " + key.getAlgorithm());
        out.println("====Input Certs=====");
        if (certs == null) {
            certs = new Certificate[] { inputKeyStore
                    .getCertificate(userAlias) };
        }
        for (Certificate cert : certs) {
            out.println(((X509Certificate) cert).getSubjectDN());
        }
        outputKeyStore.setKeyEntry(userAlias, key,
                outKeyPass.toCharArray(), certs);
        Certificate retCerts[] = outputKeyStore
                .getCertificateChain(userAlias);
        out.println("====Output Certs=====");
        for (Certificate retCert : retCerts) {
            out.println(((X509Certificate) retCert).getSubjectDN());
        }
        out.println("====Output Key Algorithm=====");
        Key outKey = outputKeyStore.getKey(userAlias,
                outKeyPass.toCharArray());
        out.println(outKey.getAlgorithm());

        if (!key.equals(outKey)) {
            throw new RuntimeException("key don't match");
        }
        if (!Arrays.equals(certs, retCerts)) {
            throw new RuntimeException("certs don't match");
        }
        // save output
        outputKeyStore.store(fout, outStorePass.toCharArray());
        // test output
        testKeyStore(outputKeyStore, outKeyPass.toCharArray());
    }
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:57,代码来源:WriteP12Test.java

示例12: testKeyStore

import java.security.KeyStore; //导入方法依赖的package包/类
private void testKeyStore(KeyStore inputKeyStore, char[] keypass)
        throws KeyStoreException, UnrecoverableKeyException,
        NoSuchAlgorithmException {
    out.println("========== Key Store ==========");
    out.println("getProvider : " + inputKeyStore.getProvider());
    out.println("getType : " + inputKeyStore.getType());
    out.println("getDefaultType : " + KeyStore.getDefaultType());

    int idx = 0;
    Enumeration<String> e = inputKeyStore.aliases();
    String alias;
    while (e.hasMoreElements()) {
        alias = e.nextElement();
        if (!inputKeyStore.containsAlias(alias)) {
            throw new RuntimeException("Alias not found");
        }
        out.println("Alias " + idx + " : " + alias);
        out.println("getCreationDate : "
                + inputKeyStore.getCreationDate(alias));
        X509Certificate cert = (X509Certificate) inputKeyStore
                .getCertificate(alias);
        out.println("getCertificate : " + cert.getSubjectDN());
        String retAlias = inputKeyStore.getCertificateAlias(cert);
        if (!retAlias.equals(alias)) {
            throw new RuntimeException("Alias mismatch, actually "
                    + retAlias + ", expected " + alias);
        }
        out.println("getCertificateAlias : " + retAlias);
        Certificate[] certs = inputKeyStore.getCertificateChain(alias);
        int i = 0;
        for (Certificate certification : certs) {
            out.println("getCertificateChain " + i
                    + ((X509Certificate) certification).getSubjectDN());
            i++;
        }
        if (inputKeyStore.isCertificateEntry(alias)) {
            throw new RuntimeException(
                    "inputKeystore should not be certEntry because this"
                            + " keystore only contain key pair entries.");
        }
        if (!inputKeyStore.isKeyEntry(alias)) {
            throw new RuntimeException("Entry type unknown.");
        }
        idx++;
    }
    int size = inputKeyStore.size();
    if (idx != size) {
        throw new RuntimeException("Size not match, actually " + idx
                + ", expected " + size);
    }
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:52,代码来源:WriteP12Test.java

示例13: readTest

import java.security.KeyStore; //导入方法依赖的package包/类
private void readTest(String inKeyStore) throws Exception {

        KeyStore inputKeyStore;

        // Initialize KeyStore
        String dir = System.getProperty("test.src", ".");
        String keystorePath = dir + File.separator + "certs" + File.separator
                + "readP12";
        inputKeyStore = KeyStore
                .getInstance(IN_KETYSTORE_TYPE, IN_KEYSTORE_PRV);
        // KeyStore have encoded by Base64.getMimeEncoder().encode(),need decode
        // first.
        byte[] input = Files.readAllBytes(Paths.get(keystorePath, inKeyStore));
        ByteArrayInputStream arrayIn = new ByteArrayInputStream(Base64
                .getMimeDecoder().decode(input));
        inputKeyStore.load(arrayIn, IN_STORE_PASS.toCharArray());
        out.println("Initialize KeyStore : " + inKeyStore + " success");

        out.println("getProvider : " + inputKeyStore.getProvider());
        out.println("getType : " + inputKeyStore.getType());
        out.println("getDefaultType : " + KeyStore.getDefaultType());

        int idx = 0;
        Enumeration<String> e = inputKeyStore.aliases();
        String alias;
        while (e.hasMoreElements()) {
            alias = e.nextElement();
            out.println("Alias " + idx + " : " + alias);
            if (inputKeyStore.containsAlias(alias) == false) {
                throw new RuntimeException("Alias not found");
            }

            out.println("getCreationDate : "
                    + inputKeyStore.getCreationDate(alias));

            X509Certificate cert = (X509Certificate) inputKeyStore
                    .getCertificate(alias);
            out.println("getCertificate : " + cert.getSubjectDN());
            String retAlias = inputKeyStore.getCertificateAlias(cert);
            if (!retAlias.equals(alias)) {
                throw new RuntimeException("Alias mismatch");
            }
            out.println("getCertificateAlias : " + retAlias);

            Certificate[] certs = inputKeyStore.getCertificateChain(alias);
            for (int i = 0; i < certs.length; i++) {
                out.println("getCertificateChain " + i + " : "
                        + ((X509Certificate) certs[i]).getSubjectDN());
            }

            boolean isCertEntry = inputKeyStore.isCertificateEntry(alias);
            // test KeyStore only contain key pair entries.
            if (isCertEntry == true) {
                throw new RuntimeException(
                        "inputKeystore should not be certEntry because test keystore only contain key pair entries.");
            }

            boolean isKeyEntry = inputKeyStore.isKeyEntry(alias);
            if (isKeyEntry) {
                Key key = inputKeyStore.getKey(alias,
                        IN_STORE_PASS.toCharArray());
                out.println("Key : " + key.toString());
            } else {
                throw new RuntimeException("Entry type unknown\n");
            }
            idx++;
        }

        int size = inputKeyStore.size();
        if (idx != size) {
            throw new RuntimeException("Size not match");
        }

    }
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:75,代码来源:ReadP12Test.java

示例14: getKeyDetails

import java.security.KeyStore; //导入方法依赖的package包/类
public SEKeyDetails
getKeyDetails(
	String		alias )

	throws Exception
{
	// Create the key manager factory used to extract the server key

	KeyStore key_store = loadKeyStore();

	final Key key = key_store.getKey( alias, SESecurityManager.SSL_PASSWORD.toCharArray());

	if ( key == null ){

		return( null );
	}

	java.security.cert.Certificate[]	chain = key_store.getCertificateChain( alias );

	final X509Certificate[]	res = new X509Certificate[chain.length];

	for (int i=0;i<chain.length;i++){

		if ( !( chain[i] instanceof X509Certificate )){

			throw( new Exception( "Certificate chain must be comprised of X509Certificate entries"));
		}

		res[i] = (X509Certificate)chain[i];
	}

	return( new SEKeyDetails()
			{
				@Override
				public Key
				getKey()
				{
					return( key );
				}

				@Override
				public X509Certificate[]
				getCertificateChain()
				{
					return( res );
				}
			});
}
 
开发者ID:BiglySoftware,项目名称:BiglyBT,代码行数:49,代码来源:SESecurityManagerImpl.java

示例15: readTest

import java.security.KeyStore; //导入方法依赖的package包/类
private void readTest(String inKeyStore) throws Exception {

        KeyStore inputKeyStore;

        // Initialize KeyStore
        String dir = System.getProperty("test.src", ".");
        String keystorePath = dir + File.separator + "certs" + File.separator
                + "readP12";
        inputKeyStore = KeyStore.getInstance(IN_KEYSTORE_TYPE);
        // KeyStore have encoded by Base64.getMimeEncoder().encode(),need decode
        // first.
        byte[] input = Files.readAllBytes(Paths.get(keystorePath, inKeyStore));
        ByteArrayInputStream arrayIn = new ByteArrayInputStream(Base64
                .getMimeDecoder().decode(input));
        inputKeyStore.load(arrayIn, IN_STORE_PASS.toCharArray());
        out.println("Initialize KeyStore : " + inKeyStore + " success");

        out.println("getProvider : " + inputKeyStore.getProvider());
        out.println("getType : " + inputKeyStore.getType());
        out.println("getDefaultType : " + KeyStore.getDefaultType());

        int idx = 0;
        Enumeration<String> e = inputKeyStore.aliases();
        String alias;
        while (e.hasMoreElements()) {
            alias = e.nextElement();
            out.println("Alias " + idx + " : " + alias);
            if (inputKeyStore.containsAlias(alias) == false) {
                throw new RuntimeException("Alias not found");
            }

            out.println("getCreationDate : "
                    + inputKeyStore.getCreationDate(alias));

            X509Certificate cert = (X509Certificate) inputKeyStore
                    .getCertificate(alias);
            out.println("getCertificate : " + cert.getSubjectDN());
            String retAlias = inputKeyStore.getCertificateAlias(cert);
            if (!retAlias.equals(alias)) {
                throw new RuntimeException("Alias mismatch");
            }
            out.println("getCertificateAlias : " + retAlias);

            Certificate[] certs = inputKeyStore.getCertificateChain(alias);
            for (int i = 0; i < certs.length; i++) {
                out.println("getCertificateChain " + i + " : "
                        + ((X509Certificate) certs[i]).getSubjectDN());
            }

            boolean isCertEntry = inputKeyStore.isCertificateEntry(alias);
            // test KeyStore only contain key pair entries.
            if (isCertEntry == true) {
                throw new RuntimeException(
                        "inputKeystore should not be certEntry because test keystore only contain key pair entries.");
            }

            boolean isKeyEntry = inputKeyStore.isKeyEntry(alias);
            if (isKeyEntry) {
                Key key = inputKeyStore.getKey(alias,
                        IN_STORE_PASS.toCharArray());
                out.println("Key : " + key.toString());
            } else {
                throw new RuntimeException("Entry type unknown\n");
            }
            idx++;
        }

        int size = inputKeyStore.size();
        if (idx != size) {
            throw new RuntimeException("Size not match");
        }

    }
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:74,代码来源:ReadP12Test.java


注:本文中的java.security.KeyStore.getCertificateChain方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。