public void storeCACertificate(File storeFile, String password, Certificate caCertificate, Registration entry) throws Exception { lazyLoadedStore = KeyStore.getInstance(KEYSTORE_TYPE); loadStore(lazyLoadedStore); lazyLoadedStore.setCertificateEntry("ca-cert", caCertificate); lazyLoadedStore.setEntry("ca-intermediate", entry.asKeyStoreEntry(), new KeyStore.PasswordProtection(password.toCharArray())); writeStore(storeFile, password); }
private static KeyStore loadKeyCert(List<Buffer> keyValue, List<Buffer> certValue) throws Exception { if (keyValue.size() < certValue.size()) { throw new VertxException("Missing private key"); } else if (keyValue.size() > certValue.size()) { throw new VertxException("Missing X.509 certificate"); } final KeyStore keyStore = createEmptyKeyStore(); Iterator<Buffer> keyValueIt = keyValue.iterator(); Iterator<Buffer> certValueIt = certValue.iterator(); int index = 0; while (keyValueIt.hasNext() && certValueIt.hasNext()) { PrivateKey key = loadPrivateKey(keyValueIt.next()); Certificate[] chain = loadCerts(certValueIt.next()); keyStore.setEntry("dummy-entry-" + index++, new KeyStore.PrivateKeyEntry(key, chain), new KeyStore.PasswordProtection(DUMMY_PASSWORD.toCharArray())); } return keyStore; }
public void setSecureSetting(String alias, String key) throws EsHadoopSecurityException { SecretKey spec = new SecretKeySpec(key.getBytes(), AES); KeyStore.SecretKeyEntry entry = new KeyStore.SecretKeyEntry(spec); try { keyStore.setEntry(alias, entry, protection); } catch (KeyStoreException e) { throw new EsHadoopSecurityException(String.format("Could not store secret key (alias : [%s]) in keystore", alias), e); } }
public void engineSetEntry(final String alias, final KeyStore.Entry entry, final KeyStore.ProtectionParameter protParam) throws KeyStoreException { if (entry instanceof PasswordEntry) try { delegate.setEntry(alias, new KeyStore.SecretKeyEntry(encoded(((PasswordEntry) entry).getPassword())), protParam); } catch (InvalidKeyException e) { throw new KeyStoreException(e); }else { delegate.setEntry(alias, entry, protParam); } }
private void loadSecretKey(ObjectInputStream ois) throws IOException, GeneralSecurityException { byte[] encryptedData = readBytes(ois); byte[] iv = readBytes(ois); decrypt.init(Cipher.DECRYPT_MODE, storageSecretKey, new IvParameterSpec(iv)); Assert.checkMaximumParameter("cipher block size", 256, decrypt.getBlockSize()); byte[] unPadded = pkcs7UnPad(decrypt.doFinal(encryptedData)); ObjectInputStream entryOis = new ObjectInputStream(new ByteArrayInputStream(unPadded)); String ksAlias = entryOis.readUTF(); byte[] encodedSecretKey = readBytes(entryOis); KeyStore.Entry entry = new KeyStore.SecretKeyEntry(new SecretKeySpec(encodedSecretKey, DATA_OID)); dataKeyStore.setEntry(ksAlias, entry, convertParameter(protectionParameter)); }
for (int i = 0; i < length; i++) { Certificate certificate = certificates[i]; keyStore.setEntry(String.valueOf(i), new KeyStore.TrustedCertificateEntry(certificate), null);
/** * Generate a set of AES keys for the store. The key ids will simple be (startOffset ... startOffset + numKeys). * @param numKeys Number of keys to generate * @param startOffset ID to start generating keys with * @throws IOException If there is an error serializing the keystore back to disk * @throws KeyStoreException If there is an error serializing the keystore back to disk */ public void generateAesKeys(int numKeys, int startOffset) throws IOException, KeyStoreException { for (int i = 1; i <= numKeys; i++) { SecretKey key = generateKey(); ks.setEntry(String.valueOf(i + startOffset), new KeyStore.SecretKeyEntry(key), new KeyStore.PasswordProtection(password)); } saveKeystore(); }
@Override public void setSecretKey(String alias, char[] key) throws IOException { assertActivatedKeyStore(); SecretKey mySecretKey = new SecretKeySpec(toBytes(key), "PBE"); KeyStore.SecretKeyEntry skEntry = new KeyStore.SecretKeyEntry(mySecretKey); char[] passwd = securityManager.getMasterPassword(); try { ks.setEntry(alias, skEntry, new KeyStore.PasswordProtection(passwd)); } catch (KeyStoreException e) { throw new IOException(e); } finally { securityManager.disposePassword(passwd); } }
ks.setEntry( DEFAULT_MASTER_KEY_NAME, new KeyStore.SecretKeyEntry(key),
+ " class: " + key.getClass().getName()); else newKS.setEntry(alias, entry, protectionparam);
store.setEntry(ALIAS, new KeyStore.SecretKeyEntry(new SecretKeySpec(KEY, "AES")), new KeyStore.PasswordProtection(PASSWORD.toCharArray()));
keyStore.setEntry(ksAlias, entry, convertParameter(protectionParameter)); final TopEntry topEntry = cache.computeIfAbsent(toLowercase(credentialAlias), TopEntry::new); final MidEntry midEntry = topEntry.getMap().computeIfAbsent(credentialClass, c -> new MidEntry(topEntry, c));
private static KeyStore loadKeyCert(List<Buffer> keyValue, List<Buffer> certValue) throws Exception { if (keyValue.size() < certValue.size()) { throw new VertxException("Missing private key"); } else if (keyValue.size() > certValue.size()) { throw new VertxException("Missing X.509 certificate"); } final KeyStore keyStore = createEmptyKeyStore(); Iterator<Buffer> keyValueIt = keyValue.iterator(); Iterator<Buffer> certValueIt = certValue.iterator(); int index = 0; while (keyValueIt.hasNext() && certValueIt.hasNext()) { PrivateKey key = loadPrivateKey(keyValueIt.next()); Certificate[] chain = loadCerts(certValueIt.next()); keyStore.setEntry("dummy-entry-" + index++, new KeyStore.PrivateKeyEntry(key, chain), new KeyStore.PasswordProtection(DUMMY_PASSWORD.toCharArray())); } return keyStore; }
private SecretKey storeKeyIntoKeyStoreFile(final String keyPhrase) throws CertificateException, NoSuchAlgorithmException, IOException, KeyStoreException, InvalidKeyException, InvalidKeySpecException { final KeyStore keyStore = KeyStore.getInstance("JCEKS"); keyStore.load(null, KEYSTORE_SERVER_PASSWORD.toCharArray()); final SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("DES"); final SecretKey mySecretKey = secretKeyFactory.generateSecret(new DESKeySpec(keyPhrase.getBytes())); final KeyStore.SecretKeyEntry skEntry = new KeyStore.SecretKeyEntry(mySecretKey); keyStore.setEntry(KEY_ALIAS, skEntry, new KeyStore.PasswordProtection(KEY_PASSWORD.toCharArray())); try (FileOutputStream fos = new java.io.FileOutputStream(KEYSTORE_JCEKS_FILENAME, false)) { keyStore.store(fos, KEYSTORE_SERVER_PASSWORD.toCharArray()); } return mySecretKey; } }
public void setSecureSetting(String alias, String key) throws EsHadoopSecurityException { SecretKey spec = new SecretKeySpec(key.getBytes(), AES); KeyStore.SecretKeyEntry entry = new KeyStore.SecretKeyEntry(spec); try { keyStore.setEntry(alias, entry, protection); } catch (KeyStoreException e) { throw new EsHadoopSecurityException(String.format("Could not store secret key (alias : [%s]) in keystore", alias), e); } }
public void setSecureSetting(String alias, String key) throws EsHadoopSecurityException { SecretKey spec = new SecretKeySpec(key.getBytes(), AES); KeyStore.SecretKeyEntry entry = new KeyStore.SecretKeyEntry(spec); try { keyStore.setEntry(alias, entry, protection); } catch (KeyStoreException e) { throw new EsHadoopSecurityException(String.format("Could not store secret key (alias : [%s]) in keystore", alias), e); } }
public void engineSetEntry(final String alias, final KeyStore.Entry entry, final KeyStore.ProtectionParameter protParam) throws KeyStoreException { if (entry instanceof PasswordEntry) try { delegate.setEntry(alias, new KeyStore.SecretKeyEntry(encoded(((PasswordEntry) entry).getPassword())), protParam); } catch (InvalidKeyException e) { throw new KeyStoreException(e); }else { delegate.setEntry(alias, entry, protParam); } }
private void loadSecretKey(ObjectInputStream ois) throws IOException, GeneralSecurityException { byte[] encryptedData = readBytes(ois); byte[] iv = readBytes(ois); decrypt.init(Cipher.DECRYPT_MODE, storageSecretKey, new IvParameterSpec(iv)); Assert.checkMaximumParameter("cipher block size", 256, decrypt.getBlockSize()); byte[] unPadded = pkcs7UnPad(decrypt.doFinal(encryptedData)); ObjectInputStream entryOis = new ObjectInputStream(new ByteArrayInputStream(unPadded)); String ksAlias = entryOis.readUTF(); byte[] encodedSecretKey = readBytes(entryOis); KeyStore.Entry entry = new KeyStore.SecretKeyEntry(new SecretKeySpec(encodedSecretKey, DATA_OID)); dataKeyStore.setEntry(ksAlias, entry, convertParameter(protectionParameter)); }
private void loadSecretKey(ObjectInputStream ois) throws IOException, GeneralSecurityException { byte[] encryptedData = readBytes(ois); byte[] iv = readBytes(ois); decrypt.init(Cipher.DECRYPT_MODE, storageSecretKey, new IvParameterSpec(iv)); Assert.checkMaximumParameter("cipher block size", 256, decrypt.getBlockSize()); byte[] unPadded = pkcs7UnPad(decrypt.doFinal(encryptedData)); ObjectInputStream entryOis = new ObjectInputStream(new ByteArrayInputStream(unPadded)); String ksAlias = entryOis.readUTF(); byte[] encodedSecretKey = readBytes(entryOis); KeyStore.Entry entry = new KeyStore.SecretKeyEntry(new SecretKeySpec(encodedSecretKey, DATA_OID)); dataKeyStore.setEntry(ksAlias, entry, convertParameter(protectionParameter)); }
@Override public void storeKey(String keyName, byte[] secretKey) throws Exception { SimpleSecretKey secretKeyEntry = new SimpleSecretKey(secretKey); this.ks.setEntry(keyName, new KeyStore.SecretKeyEntry(secretKeyEntry), getProtection(keyName)); }