@Nonnull public KeyStore createNewKeyStore (@Nonnull final IKeyStoreType aKeyStoreType) throws KeyStoreException, NoSuchProviderException { try { // Try with BouncyCastle first (e.g. PKCS12) // Important, because JDK PKCS12 is partially case insensitive return aKeyStoreType.getKeyStore (m_sSecurityProviderName); } catch (final Exception ex) { // Try native (e.g. for JKS) return aKeyStoreType.getKeyStore (); } }
@Nullable public static String getLoadError (@Nonnull final LoadedKey <?> aLK) { return aLK == null ? null : aLK.getErrorText (TextHelper.EN); } }
@Nullable public static String getLoadError (@Nonnull final LoadedKeyStore aLKS) { return aLKS == null ? null : aLKS.getErrorText (TextHelper.EN); }
final LoadedKeyStore aLoadedKeyStore = KeyStoreHelper.loadKeyStore (SMPServerConfiguration.getKeyStoreType (), SMPServerConfiguration.getKeyStorePath (), SMPServerConfiguration.getKeyStorePassword ()); if (aLoadedKeyStore.isFailure ()) _loadError (aLoadedKeyStore.getError (), PeppolKeyStoreHelper.getLoadError (aLoadedKeyStore)); throw new InitializationException (s_sInitError); m_aKeyStore = aLoadedKeyStore.getKeyStore (); final LoadedKey <KeyStore.PrivateKeyEntry> aLoadedKey = KeyStoreHelper.loadPrivateKey (m_aKeyStore, SMPServerConfiguration.getKeyStorePath (), SMPServerConfiguration.getKeyStoreKeyAlias (), SMPServerConfiguration.getKeyStoreKeyPassword ()); if (aLoadedKey.isFailure ()) _loadError (aLoadedKey.getError (), PeppolKeyStoreHelper.getLoadError (aLoadedKey)); throw new InitializationException (s_sInitError); m_aKeyEntry = aLoadedKey.getKeyEntry (); LOGGER.info ("SMPKeyManager successfully initialized with keystore '" + SMPServerConfiguration.getKeyStorePath () +
private void _loadCertificates () { // Reset every time _setCertValid (false); _loadError (null, null); m_aTrustStore = null; // Load the trust store final LoadedKeyStore aTrustStoreLoading = KeyStoreHelper.loadKeyStore (SMPServerConfiguration.getTrustStoreType (), SMPServerConfiguration.getTrustStorePath (), SMPServerConfiguration.getTrustStorePassword ()); if (aTrustStoreLoading.isFailure ()) { _loadError (aTrustStoreLoading.getError (), PeppolKeyStoreHelper.getLoadError (aTrustStoreLoading)); throw new InitializationException (s_sInitError); } m_aTrustStore = aTrustStoreLoading.getKeyStore (); LOGGER.info ("SMPTrustManager successfully initialized with truststore '" + SMPServerConfiguration.getTrustStorePath () + "'"); _setCertValid (true); }
/** * @return The type to the keystore. This is usually JKS. Property * <code>keystore.type</code>. */ @Nonnull public static EKeyStoreType getKeyStoreType () { final String sType = s_aConfigFile.getAsString ("keystore.type"); return EKeyStoreType.getFromIDCaseInsensitiveOrDefault (sType, EKeyStoreType.JKS); }
/** * @return A Key store object of this type. Never <code>null</code>. * @throws KeyStoreException * if no Provider supports a KeyStoreSpi implementation for the * specified type. */ @Nonnull default KeyStore getKeyStore () throws KeyStoreException { return KeyStore.getInstance (getID ()); }
/** * Get the error text * * @param aContentLocale * The locale to use. May not be <code>null</code>. * @return <code>null</code> if no error occurred, the error text otherwise. */ @Nullable public String getErrorText (@Nonnull final Locale aContentLocale) { return m_eError == null ? null : m_eError.getDisplayTextWithArgs (aContentLocale, (Object []) m_aErrorParams); }
@Nullable public String getDisplayText (@Nonnull final Locale aContentLocale) { return m_aDisplayText.getDisplayText (aContentLocale); } }
@Nullable public EKeyStoreType getKeyStoreType () { final String sProp = _getProperty ("org.apache.wss4j.crypto.merlin.keystore.type"); return EKeyStoreType.getFromIDOrNull (sProp); }
/** * Load the specified private key entry from the provided key store. * * @param aKeyStore * The key store to load the key from. May not be <code>null</code>. * @param sKeyStorePath * Key store path. For nice error messages only. May be * <code>null</code>. * @param sKeyStoreKeyAlias * The alias to be resolved in the key store. Must be non- * <code>null</code> to succeed. * @param aKeyStoreKeyPassword * The key password for the key store. Must be non-<code>null</code> to * succeed. * @return The key loading result. Never <code>null</code>. */ @Nonnull public static LoadedKey <KeyStore.PrivateKeyEntry> loadPrivateKey (@Nonnull final KeyStore aKeyStore, @Nonnull final String sKeyStorePath, @Nullable final String sKeyStoreKeyAlias, @Nullable final char [] aKeyStoreKeyPassword) { return _loadKey (aKeyStore, sKeyStorePath, sKeyStoreKeyAlias, aKeyStoreKeyPassword, KeyStore.PrivateKeyEntry.class); }
private void _loadCertificates () { // Reset every time _setCertValid (false); _loadError (null, null); m_aTrustStore = null; // Load the trust store final LoadedKeyStore aTrustStoreLoading = KeyStoreHelper.loadKeyStore (SMPServerConfiguration.getTrustStoreType (), SMPServerConfiguration.getTrustStorePath (), SMPServerConfiguration.getTrustStorePassword ()); if (aTrustStoreLoading.isFailure ()) { _loadError (aTrustStoreLoading.getError (), PeppolKeyStoreHelper.getLoadError (aTrustStoreLoading)); throw new InitializationException (s_sInitError); } m_aTrustStore = aTrustStoreLoading.getKeyStore (); LOGGER.info ("SMPTrustManager successfully initialized with truststore '" + SMPServerConfiguration.getTrustStorePath () + "'"); _setCertValid (true); }
/** * @return The type to the truststore. This is usually JKS. Property * <code>truststore.type</code>. * @since 0.6.0 */ @Nonnull public static EKeyStoreType getTrustStoreType () { final String sType = s_aConfigFile.getAsString ("truststore.type"); return EKeyStoreType.getFromIDCaseInsensitiveOrDefault (sType, DEFAULT_TRUSTSTORE_TYPE); }
/** * @param aProvider * Security provider to be used. E.g. for BouncyCastle. May not be * <code>null</code>. * @return A Key store object of this type. Never <code>null</code>. * @throws KeyStoreException * if no Provider supports a KeyStoreSpi implementation for the * specified type. */ @Nonnull default KeyStore getKeyStore (@Nonnull final Provider aProvider) throws KeyStoreException { return KeyStore.getInstance (getID (), aProvider); } }
/** * Get the error text * * @param aContentLocale * The locale to use. May not be <code>null</code>. * @return <code>null</code> if no error occurred, the error text otherwise. */ @Nullable public String getErrorText (@Nonnull final Locale aContentLocale) { return m_eError == null ? null : m_eError.getDisplayTextWithArgs (aContentLocale, (Object []) m_aErrorParams); }
/** * @return The truststore type as specified in the configuration file by the * key <code>truststore.type</code>. If none is present * {@link PeppolKeyStoreHelper#TRUSTSTORE_TYPE} is returned as a * default. * @since 6.0.0 */ @Nonnull public static EKeyStoreType getTrustStoreType () { final String sType = s_aConfigFile.getAsString ("truststore.type"); return EKeyStoreType.getFromIDCaseInsensitiveOrDefault (sType, PeppolKeyStoreHelper.TRUSTSTORE_TYPE); }
/** * @return The type to the keystore. This is usually JKS. Property * <code>smp.keystore.type</code>. * @since 5.0.4 */ @Nonnull public static EKeyStoreType getKeyStoreType () { final String sType = getConfigFile ().getAsString (KEY_SMP_KEYSTORE_TYPE); return EKeyStoreType.getFromIDCaseInsensitiveOrDefault (sType, EKeyStoreType.JKS); }
/** * @return The type to the truststore. This is usually JKS. Property * <code>smp.truststore.type</code>. */ @Nonnull public static EKeyStoreType getTrustStoreType () { final String sType = getConfigFile ().getAsString (KEY_SMP_TRUSTSTORE_TYPE); return EKeyStoreType.getFromIDCaseInsensitiveOrDefault (sType, EKeyStoreType.JKS); }
/** * @return The type to the keystore. This is usually JKS. Property * <code>smp.keystore.type</code>. * @since 5.0.4 */ @Nonnull public static EKeyStoreType getKeyStoreType () { final String sType = getConfigFile ().getAsString (KEY_SMP_KEYSTORE_TYPE); return EKeyStoreType.getFromIDCaseInsensitiveOrDefault (sType, EKeyStoreType.JKS); }
/** * @return The type to the truststore. This is usually JKS. Property * <code>smp.truststore.type</code>. */ @Nonnull public static EKeyStoreType getTrustStoreType () { final String sType = getConfigFile ().getAsString (KEY_SMP_TRUSTSTORE_TYPE); return EKeyStoreType.getFromIDCaseInsensitiveOrDefault (sType, EKeyStoreType.JKS); }