下面列出了java.security.KeyStoreException#printStackTrace ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
private String getAlias(KeyStore ks) {
Certificate[] certificates = null;
String alias = "";
Enumeration<String> e;
try {
e = ks.aliases();
while (e.hasMoreElements()) {
alias = e.nextElement();
System.out.println("alias..............: {}" + alias);
certificates = ks.getCertificateChain(alias);
}
} catch (KeyStoreException e1) {
e1.printStackTrace();
}
X509Certificate c = (X509Certificate) certificates[0];
System.out.println("Número de série....: {}" + c.getSerialNumber().toString());
return alias;
}
public static DatabaseClient getDatabaseClient(String user, String password, Authentication authType)
throws KeyManagementException, NoSuchAlgorithmException, IOException {
DatabaseClient client = null;
try {
SSLContext sslcontext = null;
if (IsSecurityEnabled()) {
sslcontext = getSslContext();
client = DatabaseClientFactory.newClient(getRestServerHostName(), getRestServerPort(), user, password,
authType, sslcontext, SSLHostnameVerifier.ANY);
} else
client = DatabaseClientFactory.newClient(getRestServerHostName(), getRestServerPort(), user, password,
authType);
} catch (CertificateException certEx) {
// TODO Auto-generated catch block
certEx.printStackTrace();
} catch (KeyStoreException ksEx) {
// TODO Auto-generated catch block
ksEx.printStackTrace();
} catch (UnrecoverableKeyException unReovkeyEx) {
// TODO Auto-generated catch block
unReovkeyEx.printStackTrace();
}
return client;
}
private static KeyManager[] prepareKeyManager(InputStream bksFile, String password) {
KeyManager[] keyManagerArr = null;
if (bksFile == null || password == null) {
return keyManagerArr;
}
try {
KeyStore clientKeyStore = KeyStore.getInstance("BKS");
clientKeyStore.load(bksFile, password.toCharArray());
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(clientKeyStore, password.toCharArray());
return keyManagerFactory.getKeyManagers();
} catch (KeyStoreException e) {
e.printStackTrace();
return keyManagerArr;
} catch (NoSuchAlgorithmException e2) {
e2.printStackTrace();
return keyManagerArr;
} catch (UnrecoverableKeyException e3) {
e3.printStackTrace();
return keyManagerArr;
} catch (CertificateException e4) {
e4.printStackTrace();
return keyManagerArr;
} catch (IOException e5) {
e5.printStackTrace();
return keyManagerArr;
} catch (Exception e6) {
e6.printStackTrace();
return keyManagerArr;
}
}
/**
* This methods can be used to add a self-signed SSL certificate to be trusted when establishing
* connection.
* @param alias is a unique alias for the certificate
* @param cert is the certificate object
*/
@SuppressWarnings("unused")
public void addTrustedCertificate(String alias, Certificate cert){
try {
keyStore.setCertificateEntry(alias, cert);
} catch (KeyStoreException e) {
e.printStackTrace();
}
}
public X509Certificate[] getCertificateChain(String alias) {
try {
Certificate[] certs = _ks.getCertificateChain(alias);
if (certs == null) return null;
X509Certificate[] x509certs = new X509Certificate[certs.length];
for (int i=0; i<certs.length; i++) {
x509certs[i]=(X509Certificate) certs[i];
}
return x509certs;
} catch (KeyStoreException kse) {
kse.printStackTrace();
return null;
}
}
public PrivateKey getPrivateKey(String alias) {
try {
return (PrivateKey) _ks.getKey(alias, _keyPassword.toCharArray());
} catch (KeyStoreException kse) {
kse.printStackTrace();
return null;
} catch (NoSuchAlgorithmException nsao) {
nsao.printStackTrace();
return null;
} catch (UnrecoverableKeyException uke) {
uke.printStackTrace();
return null;
}
}
/**
* Delete key from KeyStore.
* @param alias KeyStore alias.
* @throws PFSecurityException throw Exception if something went wrong.
*/
@Override
public void deleteKey(String alias) throws PFSecurityException {
final KeyStore keyStore = loadKeyStore();
try {
keyStore.deleteEntry(alias);
} catch (KeyStoreException e) {
e.printStackTrace();
throw new PFSecurityException(
"Can not delete key: " + e.getMessage(),
PFSecurityUtilsErrorCodes.ERROR_DELETE_KEY
);
}
}
private String[] getAliases(KeyStore ks) {
List aliases = new ArrayList();
try {
Enumeration en = ks.aliases();
while (en.hasMoreElements()) {
String alias = (String) en.nextElement();
if (ks.isKeyEntry(alias))
aliases.add(alias);
}
} catch (KeyStoreException kse) {
kse.printStackTrace();
}
return (String[]) aliases.toArray(new String[0]);
}
@Override
public boolean isKeystoreContainAlias(String alias) throws PFSecurityException {
final KeyStore keyStore = loadKeyStore();
try {
return keyStore.containsAlias(alias);
} catch (KeyStoreException e) {
e.printStackTrace();
throw new PFSecurityException(
e.getMessage(),
PFSecurityUtilsErrorCodes.ERROR_KEY_STORE
);
}
}
/**
* Delete key from KeyStore.
* @param alias KeyStore alias.
* @throws PFSecurityException throw Exception if something went wrong.
*/
@Override
public void deleteKey(String alias) throws PFSecurityException {
final KeyStore keyStore = loadKeyStore();
try {
keyStore.deleteEntry(alias);
} catch (KeyStoreException e) {
e.printStackTrace();
throw new PFSecurityException(
"Can not delete key: " + e.getMessage(),
PFSecurityUtilsErrorCodes.ERROR_DELETE_KEY
);
}
}
@SuppressWarnings("restriction")
public void carregarCertificados() {
try {
this.getCertificadoKeyStore();
} catch (KeyStoreException e) {
e.printStackTrace();
}
System.clearProperty("javax.net.ssl.keyStore");
System.clearProperty("javax.net.ssl.keyStorePassword");
System.clearProperty("javax.net.ssl.trustStore");
if (this.getTipoCertificado().equals(TipoCertificado.A1)) {
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
System.setProperty("javax.net.ssl.keyStore", this.getCaminhoParaCertificado());
System.setProperty("javax.net.ssl.keyStorePassword", this.getSenhaCertificado());
} else if (this.getTipoCertificado().equals(TipoCertificado.A3_CARD)) {
System.setProperty("javax.net.ssl.keyStore", "NONE");
System.setProperty("javax.net.ssl.keyStoreType", "PKCS11");
System.setProperty("javax.net.ssl.keyStoreProvider", "SunPKCS11-SmartCard");
} else if (this.getTipoCertificado().equals(TipoCertificado.A3_TOKEN)) {
System.setProperty("javax.net.ssl.keyStore", "NONE");
System.setProperty("javax.net.ssl.keyStoreType", "PKCS11");
System.setProperty("javax.net.ssl.keyStoreProvider", "SunPKCS11-eToken");
}
System.setProperty("javax.net.ssl.trustStoreType", "JKS");
System.setProperty("javax.net.ssl.trustStore", this.getCaminhoParaCadeiaCertificado());
}
/**
* Check if a keystore type is available.
*
* @param keyStoreType the keystore type
* @return true if the keystore type is available, false otherwise
*/
public static boolean isAvailable(KeyStoreType keyStoreType) {
Boolean available;
if ((available = AVAILABLE_TYPES.get(keyStoreType)) != null) {
return available;
}
try {
// Populate AVAILABLE_TYPES
getKeyStoreImpl(keyStoreType);
} catch (KeyStoreException e) {
// Ignore
e.printStackTrace();
}
return AVAILABLE_TYPES.get(keyStoreType);
}
public static void main(String[] args) throws CertificateException,
UnrecoverableKeyException, KeyStoreException,
NoSuchProviderException, NoSuchAlgorithmException, IOException {
WriteP12Test jstest = new WriteP12Test();
out.println("test WriteP12CertChain");
/*
* WriteP12CertChain: This test creates a p12 keystore contains one
* entry with private key and a certificate chains contains three
* certificates in the order of user->lead->ca. This case expects to
* pass.
*/
jstest.test(new Certificate[] { jstest.testerCert, jstest.testLeadCert,
jstest.caCert }, IN_KEYSTORE_ENDUSER, "pkcs12testenduser1",
"pass", "pass");
/*
* WriteP12CertChainBad: same as WriteP12CertChain but chains order is
* user-ca-lead, the order is wrong so expects to fail.
*/
out.println("test WriteP12CertChainBad");
try {
jstest.test(new Certificate[] { jstest.testerCert, jstest.caCert,
jstest.testLeadCert }, IN_KEYSTORE_ENDUSER,
"pkcs12testenduser1", "pass", "pass");
throw new RuntimeException(
" Certificate chain is not valid, test should not pass."
+ " Test failed.");
} catch (KeyStoreException e) {
e.printStackTrace();
out.println(" Certificate chain is not valid,exception is"
+ " expected. Test passed.");
}
/*
* WriteP12PrivateKey:This test creates a p12 contains a self-signed
* cert and private key,expects no exception
*/
out.println("test WriteP12PrivateKey");
jstest.test(null, IN_KEYSTORE_ENDUSER, "pkcs12testenduser1", "pass",
"pass");
/*
* WriteP12TwoEntry: This test creates a p12 keystore with different
* storepass and keypass, and contains two entries.
*/
out.println("test WriteP12TwoEntry");
jstest.testTwoEntry(IN_KEYSTORE_ENDUSER, IN_KEYSTORE_CA,
"pkcs12testenduser1", "pass", "pass");
/*
* WriteP12TwoPass: This test creates a p12 keystore with different
* storepass and keypass, and contains one entry with private key and a
* certificate
*/
out.println("test WriteP12TwoPass");
jstest.test(null, IN_KEYSTORE_CA, "pkcs12testCA", "storepass",
"keypass");
}
public static void main(String[] args) throws CertificateException,
UnrecoverableKeyException, KeyStoreException,
NoSuchProviderException, NoSuchAlgorithmException, IOException {
WriteP12Test jstest = new WriteP12Test();
out.println("test WriteP12CertChain");
/*
* WriteP12CertChain: This test creates a p12 keystore contains one
* entry with private key and a certificate chains contains three
* certificates in the order of user->lead->ca. This case expects to
* pass.
*/
jstest.test(new Certificate[] { jstest.testerCert, jstest.testLeadCert,
jstest.caCert }, IN_KEYSTORE_ENDUSER, "pkcs12testenduser1",
"pass", "pass");
/*
* WriteP12CertChainBad: same as WriteP12CertChain but chains order is
* user-ca-lead, the order is wrong so expects to fail.
*/
out.println("test WriteP12CertChainBad");
try {
jstest.test(new Certificate[] { jstest.testerCert, jstest.caCert,
jstest.testLeadCert }, IN_KEYSTORE_ENDUSER,
"pkcs12testenduser1", "pass", "pass");
throw new RuntimeException(
" Certificate chain is not valid, test should not pass."
+ " Test failed.");
} catch (KeyStoreException e) {
e.printStackTrace();
out.println(" Certificate chain is not valid,exception is"
+ " expected. Test passed.");
}
/*
* WriteP12PrivateKey:This test creates a p12 contains a self-signed
* cert and private key,expects no exception
*/
out.println("test WriteP12PrivateKey");
jstest.test(null, IN_KEYSTORE_ENDUSER, "pkcs12testenduser1", "pass",
"pass");
/*
* WriteP12TwoEntry: This test creates a p12 keystore with different
* storepass and keypass, and contains two entries.
*/
out.println("test WriteP12TwoEntry");
jstest.testTwoEntry(IN_KEYSTORE_ENDUSER, IN_KEYSTORE_CA,
"pkcs12testenduser1", "pass", "pass");
/*
* WriteP12TwoPass: This test creates a p12 keystore with different
* storepass and keypass, and contains one entry with private key and a
* certificate
*/
out.println("test WriteP12TwoPass");
jstest.test(null, IN_KEYSTORE_CA, "pkcs12testCA", "storepass",
"keypass");
}
public static void main(String[] args) throws CertificateException,
UnrecoverableKeyException, KeyStoreException,
NoSuchProviderException, NoSuchAlgorithmException, IOException {
WriteP12Test jstest = new WriteP12Test();
out.println("test WriteP12CertChain");
/*
* WriteP12CertChain: This test creates a p12 keystore contains one
* entry with private key and a certificate chains contains three
* certificates in the order of user->lead->ca. This case expects to
* pass.
*/
jstest.test(new Certificate[] { jstest.testerCert, jstest.testLeadCert,
jstest.caCert }, IN_KEYSTORE_ENDUSER, "pkcs12testenduser1",
"pass", "pass");
/*
* WriteP12CertChainBad: same as WriteP12CertChain but chains order is
* user-ca-lead, the order is wrong so expects to fail.
*/
out.println("test WriteP12CertChainBad");
try {
jstest.test(new Certificate[] { jstest.testerCert, jstest.caCert,
jstest.testLeadCert }, IN_KEYSTORE_ENDUSER,
"pkcs12testenduser1", "pass", "pass");
throw new RuntimeException(
" Certificate chain is not valid, test should not pass."
+ " Test failed.");
} catch (KeyStoreException e) {
e.printStackTrace();
out.println(" Certificate chain is not valid,exception is"
+ " expected. Test passed.");
}
/*
* WriteP12PrivateKey:This test creates a p12 contains a self-signed
* cert and private key,expects no exception
*/
out.println("test WriteP12PrivateKey");
jstest.test(null, IN_KEYSTORE_ENDUSER, "pkcs12testenduser1", "pass",
"pass");
/*
* WriteP12TwoEntry: This test creates a p12 keystore with different
* storepass and keypass, and contains two entries.
*/
out.println("test WriteP12TwoEntry");
jstest.testTwoEntry(IN_KEYSTORE_ENDUSER, IN_KEYSTORE_CA,
"pkcs12testenduser1", "pass", "pass");
/*
* WriteP12TwoPass: This test creates a p12 keystore with different
* storepass and keypass, and contains one entry with private key and a
* certificate
*/
out.println("test WriteP12TwoPass");
jstest.test(null, IN_KEYSTORE_CA, "pkcs12testCA", "storepass",
"keypass");
}
public static void main(String[] args) throws CertificateException,
UnrecoverableKeyException, KeyStoreException,
NoSuchProviderException, NoSuchAlgorithmException, IOException {
WriteP12Test jstest = new WriteP12Test();
out.println("test WriteP12CertChain");
/*
* WriteP12CertChain: This test creates a p12 keystore contains one
* entry with private key and a certificate chains contains three
* certificates in the order of user->lead->ca. This case expects to
* pass.
*/
jstest.test(new Certificate[] { jstest.testerCert, jstest.testLeadCert,
jstest.caCert }, IN_KEYSTORE_ENDUSER, "pkcs12testenduser1",
"pass", "pass");
/*
* WriteP12CertChainBad: same as WriteP12CertChain but chains order is
* user-ca-lead, the order is wrong so expects to fail.
*/
out.println("test WriteP12CertChainBad");
try {
jstest.test(new Certificate[] { jstest.testerCert, jstest.caCert,
jstest.testLeadCert }, IN_KEYSTORE_ENDUSER,
"pkcs12testenduser1", "pass", "pass");
throw new RuntimeException(
" Certificate chain is not valid, test should not pass."
+ " Test failed.");
} catch (KeyStoreException e) {
e.printStackTrace();
out.println(" Certificate chain is not valid,exception is"
+ " expected. Test passed.");
}
/*
* WriteP12PrivateKey:This test creates a p12 contains a self-signed
* cert and private key,expects no exception
*/
out.println("test WriteP12PrivateKey");
jstest.test(null, IN_KEYSTORE_ENDUSER, "pkcs12testenduser1", "pass",
"pass");
/*
* WriteP12TwoEntry: This test creates a p12 keystore with different
* storepass and keypass, and contains two entries.
*/
out.println("test WriteP12TwoEntry");
jstest.testTwoEntry(IN_KEYSTORE_ENDUSER, IN_KEYSTORE_CA,
"pkcs12testenduser1", "pass", "pass");
/*
* WriteP12TwoPass: This test creates a p12 keystore with different
* storepass and keypass, and contains one entry with private key and a
* certificate
*/
out.println("test WriteP12TwoPass");
jstest.test(null, IN_KEYSTORE_CA, "pkcs12testCA", "storepass",
"keypass");
}
public static void main(String[] args) throws CertificateException,
UnrecoverableKeyException, KeyStoreException,
NoSuchProviderException, NoSuchAlgorithmException, IOException {
WriteP12Test jstest = new WriteP12Test();
out.println("test WriteP12CertChain");
/*
* WriteP12CertChain: This test creates a p12 keystore contains one
* entry with private key and a certificate chains contains three
* certificates in the order of user->lead->ca. This case expects to
* pass.
*/
jstest.test(new Certificate[] { jstest.testerCert, jstest.testLeadCert,
jstest.caCert }, IN_KEYSTORE_ENDUSER, "pkcs12testenduser1",
"pass", "pass");
/*
* WriteP12CertChainBad: same as WriteP12CertChain but chains order is
* user-ca-lead, the order is wrong so expects to fail.
*/
out.println("test WriteP12CertChainBad");
try {
jstest.test(new Certificate[] { jstest.testerCert, jstest.caCert,
jstest.testLeadCert }, IN_KEYSTORE_ENDUSER,
"pkcs12testenduser1", "pass", "pass");
throw new RuntimeException(
" Certificate chain is not valid, test should not pass."
+ " Test failed.");
} catch (KeyStoreException e) {
e.printStackTrace();
out.println(" Certificate chain is not valid,exception is"
+ " expected. Test passed.");
}
/*
* WriteP12PrivateKey:This test creates a p12 contains a self-signed
* cert and private key,expects no exception
*/
out.println("test WriteP12PrivateKey");
jstest.test(null, IN_KEYSTORE_ENDUSER, "pkcs12testenduser1", "pass",
"pass");
/*
* WriteP12TwoEntry: This test creates a p12 keystore with different
* storepass and keypass, and contains two entries.
*/
out.println("test WriteP12TwoEntry");
jstest.testTwoEntry(IN_KEYSTORE_ENDUSER, IN_KEYSTORE_CA,
"pkcs12testenduser1", "pass", "pass");
/*
* WriteP12TwoPass: This test creates a p12 keystore with different
* storepass and keypass, and contains one entry with private key and a
* certificate
*/
out.println("test WriteP12TwoPass");
jstest.test(null, IN_KEYSTORE_CA, "pkcs12testCA", "storepass",
"keypass");
}
public static void main(String[] args) throws CertificateException,
UnrecoverableKeyException, KeyStoreException,
NoSuchProviderException, NoSuchAlgorithmException, IOException {
WriteP12Test jstest = new WriteP12Test();
out.println("test WriteP12CertChain");
/*
* WriteP12CertChain: This test creates a p12 keystore contains one
* entry with private key and a certificate chains contains three
* certificates in the order of user->lead->ca. This case expects to
* pass.
*/
jstest.test(new Certificate[] { jstest.testerCert, jstest.testLeadCert,
jstest.caCert }, IN_KEYSTORE_ENDUSER, "pkcs12testenduser1",
"pass", "pass");
/*
* WriteP12CertChainBad: same as WriteP12CertChain but chains order is
* user-ca-lead, the order is wrong so expects to fail.
*/
out.println("test WriteP12CertChainBad");
try {
jstest.test(new Certificate[] { jstest.testerCert, jstest.caCert,
jstest.testLeadCert }, IN_KEYSTORE_ENDUSER,
"pkcs12testenduser1", "pass", "pass");
throw new RuntimeException(
" Certificate chain is not valid, test should not pass."
+ " Test failed.");
} catch (KeyStoreException e) {
e.printStackTrace();
out.println(" Certificate chain is not valid,exception is"
+ " expected. Test passed.");
}
/*
* WriteP12PrivateKey:This test creates a p12 contains a self-signed
* cert and private key,expects no exception
*/
out.println("test WriteP12PrivateKey");
jstest.test(null, IN_KEYSTORE_ENDUSER, "pkcs12testenduser1", "pass",
"pass");
/*
* WriteP12TwoEntry: This test creates a p12 keystore with different
* storepass and keypass, and contains two entries.
*/
out.println("test WriteP12TwoEntry");
jstest.testTwoEntry(IN_KEYSTORE_ENDUSER, IN_KEYSTORE_CA,
"pkcs12testenduser1", "pass", "pass");
/*
* WriteP12TwoPass: This test creates a p12 keystore with different
* storepass and keypass, and contains one entry with private key and a
* certificate
*/
out.println("test WriteP12TwoPass");
jstest.test(null, IN_KEYSTORE_CA, "pkcs12testCA", "storepass",
"keypass");
}
public static void main(String[] args) throws CertificateException,
UnrecoverableKeyException, KeyStoreException,
NoSuchProviderException, NoSuchAlgorithmException, IOException {
WriteP12Test jstest = new WriteP12Test();
out.println("test WriteP12CertChain");
/*
* WriteP12CertChain: This test creates a p12 keystore contains one
* entry with private key and a certificate chains contains three
* certificates in the order of user->lead->ca. This case expects to
* pass.
*/
jstest.test(new Certificate[] { jstest.testerCert, jstest.testLeadCert,
jstest.caCert }, IN_KEYSTORE_ENDUSER, "pkcs12testenduser1",
"pass", "pass");
/*
* WriteP12CertChainBad: same as WriteP12CertChain but chains order is
* user-ca-lead, the order is wrong so expects to fail.
*/
out.println("test WriteP12CertChainBad");
try {
jstest.test(new Certificate[] { jstest.testerCert, jstest.caCert,
jstest.testLeadCert }, IN_KEYSTORE_ENDUSER,
"pkcs12testenduser1", "pass", "pass");
throw new RuntimeException(
" Certificate chain is not valid, test should not pass."
+ " Test failed.");
} catch (KeyStoreException e) {
e.printStackTrace();
out.println(" Certificate chain is not valid,exception is"
+ " expected. Test passed.");
}
/*
* WriteP12PrivateKey:This test creates a p12 contains a self-signed
* cert and private key,expects no exception
*/
out.println("test WriteP12PrivateKey");
jstest.test(null, IN_KEYSTORE_ENDUSER, "pkcs12testenduser1", "pass",
"pass");
/*
* WriteP12TwoEntry: This test creates a p12 keystore with different
* storepass and keypass, and contains two entries.
*/
out.println("test WriteP12TwoEntry");
jstest.testTwoEntry(IN_KEYSTORE_ENDUSER, IN_KEYSTORE_CA,
"pkcs12testenduser1", "pass", "pass");
/*
* WriteP12TwoPass: This test creates a p12 keystore with different
* storepass and keypass, and contains one entry with private key and a
* certificate
*/
out.println("test WriteP12TwoPass");
jstest.test(null, IN_KEYSTORE_CA, "pkcs12testCA", "storepass",
"keypass");
}
/**
* <p>
* get a Certificate from keyStore
* </p>
*
* @param keyStore
* @param alias Certificate alias name
* @return
* @throws Exception
*/
public static Certificate getCertificate(KeyStore keyStore, String alias) {
Certificate certificate = null;
try {
certificate = keyStore.getCertificate(alias);
} catch (KeyStoreException e) {
e.printStackTrace();
}
return certificate;
}