final KeyStore.CallbackHandlerProtection chp = new KeyStore.CallbackHandlerProtection(handler);
CallbackHandler handler = ((KeyStore.CallbackHandlerProtection)protParam).getCallbackHandler();
if (storePasswordProvider != null) storeLoadProtec = new KeyStore.CallbackHandlerProtection(new CallbackHandler() storeLoadProtec = new KeyStore.CallbackHandlerProtection(new CallbackHandler()
/** * Converts a protection parameter into a password protection parameter for the private key. */ private PasswordProtection privateKeyPassword(ProtectionParameter protection) throws KeyStoreException, UnsupportedCallbackException, IOException { if (protection instanceof PasswordProtection) { return (PasswordProtection) protection; } else if (protection instanceof CallbackHandlerProtection) { // Use the callback handler to resolve a password // TODO i18n? PasswordCallback callback = new PasswordCallback("Password for key " + keyFile.getFileName(), false); try { ((CallbackHandlerProtection) protection).getCallbackHandler().handle(new Callback[] { callback }); char[] password = callback.getPassword(); if (password != null) { return new PasswordProtection(password); } else { throw new KeyStoreException("No password provided"); } } finally { callback.clearPassword(); } } else { throw new IllegalArgumentException("Protection must be PasswordProtection or CallbackHandlerProtection"); } } }
private KeyStore.ProtectionParameter getProtectionParameter(String password) { if (password != null && password.length() > 0) { // password provided: create a PasswordProtection return new KeyStore.PasswordProtection(password.toCharArray()); } else { // request password at runtime through a callback return new KeyStore.CallbackHandlerProtection(new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { if (callbacks.length > 0 && callbacks[0] instanceof PasswordCallback) { if (Settings.getBooleanProperty("davmail.server") || GraphicsEnvironment.isHeadless()) { // headless or server mode System.out.print(((PasswordCallback) callbacks[0]).getPrompt()+": "); String password = new BufferedReader(new InputStreamReader(System.in)).readLine(); ((PasswordCallback) callbacks[0]).setPassword(password.toCharArray()); } else { PasswordPromptDialog passwordPromptDialog = new PasswordPromptDialog(((PasswordCallback) callbacks[0]).getPrompt()); ((PasswordCallback) callbacks[0]).setPassword(passwordPromptDialog.getPassword()); } } } }); } }
import java.io.File; import java.security.KeyStore; import java.security.Provider; import java.util.Enumeration; public class KeyStoreCallbackSample { public static void main(String args[]) throws Exception { // instantiate a keystore to get the provider for specific type KeyStore ks = KeyStore.getInstance("JKS"); // create the callback handler to get the password KeyStore.CallbackHandlerProtection cbhp = new KeyStore.CallbackHandlerProtection(new YourImplementationCallbackHander()); // create the builder passing keystoreType, provider, keystore file, and callbackhandler KeyStore.Builder builder = KeyStore.Builder.newInstance("JKS", ks.getProvider(), new File("/path/YourKeyStore.jks"), cbhp); // create the keystore ks = builder.getKeyStore(); // print the keystores alias to check if all it's load correctly Enumeration<String> aliases = ks.aliases(); while(aliases.hasMoreElements()){ System.out.println(aliases.nextElement()); } } }
@Override protected final KeyStore.ProtectionParameter getKeyProtection( final String entryAlias, final X509Certificate entryCert, final KeyEntryPasswordProvider entryPasswordProvider) { if (null == entryPasswordProvider) { return null; } return new KeyStore.CallbackHandlerProtection(new CallbackHandler() { @Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { PasswordCallback c = (PasswordCallback) callbacks[0]; c.setPassword(entryPasswordProvider.getPassword(entryAlias, entryCert)); } }); }
@Override public ProtectionParameter getProtectionParameter() { return new KeyStore.CallbackHandlerProtection(new CallbackHandler() { @Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback c : callbacks) { if (c instanceof PasswordCallback) { ((PasswordCallback) c).setPassword(callback.getPassword()); return; } } throw new DSSException("No password callback"); } }); } });
@Override public ProtectionParameter getProtectionParameter() { return new KeyStore.CallbackHandlerProtection(new CallbackHandler() { @Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback c : callbacks) { if (c instanceof PasswordCallback) { ((PasswordCallback) c).setPassword(callback.getPassword()); return; } } throw new RuntimeException("No password callback"); } }); } });
Builder builder = Builder.newInstance("PKCS11", provider, new KeyStore.CallbackHandlerProtection(/*PIN callback handler instance*/)); KeyManagerFactory kmf = KeyManagerFactory.getInstance("X509"); kmf.init(new KeyStoreBuilderParameters(builder));
// YourCallbackHandler must implements javax.security.auth.callback.CallbackHandler KeyStore.CallbackHandlerProtection cbhp = new KeyStore.CallbackHandlerProtection(new YourCallbackHandler()); KeyStore.Builder builder = KeyStore.Builder.newInstance("PKCS11", pkcs11Provider, cbhp); KeyStore myPKCS11KS = builder.getKeyStore();
@Override public ProtectionParameter getProtectionParameter() { return new KeyStore.CallbackHandlerProtection(callbackHandler); } };
KeyStore keyStore = KeyStore.getInstance(storeType, provider); LoadStoreParameter param = new LoadStoreParameter() { @Override public ProtectionParameter getProtectionParameter() { return new KeyStore.CallbackHandlerProtection(... put your callback handler here...); } }; keyStore.load(param);
/** * Configures the key store builder for creating token stores. */ protected void configureKeyStoreBuilder() { final KeyStore.CallbackHandlerProtection chp = new KeyStore.CallbackHandlerProtection(handler); keyStoreBuilder = KeyStore.Builder.newInstance(keyStoreType, null, chp); }
Provider p = new SunPKCS11(new ByteArrayInputStream(config.getBytes())); Security.insertProviderAt(p, 1); KeyStore.Builder builder = null; builder = KeyStore.Builder.newInstance("PKCS11", p, new KeyStore.CallbackHandlerProtection(new UtilTarjetas().new CustomCallbackHandler())); cardKeyStore = builder.getKeyStore();
/** * Configures the key store builder for creating token stores. */ protected void configureKeyStoreBuilder() { final KeyStore.CallbackHandlerProtection chp = new KeyStore.CallbackHandlerProtection(handler); keyStoreBuilder = KeyStore.Builder.newInstance(keyStoreType, null, chp); }
CallbackHandler callBackHandler = new yourImplementedHandler(); KeyStore.ProtectionParameter protection = new KeyStore.CallbackHandlerProtection(callBackHandler); KeyStore.Builder keystoreBuilder = KeyStore.Builder.newInstance("Windows-MY", provider, protection); KeyStore keystore = keystoreBuilder.getKeyStore();
ByteArrayInputStream confStream = ...// your configuration SunPKCS11 pkcs11 = new SunPKCS11(confStream); Security.addProvider(pkcs11); KeyStore.CallbackHandlerProtection cbhp = new KeyStore.CallbackHandlerProtection(new PinInputHandler(msg)); KeyStore.Builder builder = KeyStore.Builder.newInstance("PKCS11", pkcs11, cbhp); builder.getKeyStore();
Provider provider = Security.getProvider("SunMSCAPI"); CallbackHandler cbh = // your implementation KeyStore.ProtectionParameter protection = new KeyStore.CallbackHandlerProtection(cbh); //get a handle of the CAPI KeyStore as before KeyStore.Builder keystoreBuilder = KeyStore.Builder.newInstance("Windows-MY", provider, protection); KeyStore store = keystoreBuilder.getKeyStore();