本文整理了Java中java.security.KeyStore
类的一些代码示例,展示了KeyStore
类的具体用法。这些代码示例主要来源于Github
/Stackoverflow
/Maven
等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。KeyStore
类的具体详情如下:
包路径:java.security.KeyStore
类名称:KeyStore
[英]KeyStore is responsible for maintaining cryptographic keys and their owners.
The type of the system key store can be changed by setting the 'keystore.type' property in the file named JAVA_HOME/lib/security/java.security.
[中]密钥库负责维护加密密钥及其所有者。
通过设置“密钥库”,可以更改系统密钥库的类型。在名为JAVA_HOME/lib/security/JAVA的文件中键入'property'。安全
代码示例来源:origin: square/okhttp
private static SSLContext sslContext(String keystoreFile, String password)
throws GeneralSecurityException, IOException {
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
try (InputStream in = new FileInputStream(keystoreFile)) {
keystore.load(in, password.toCharArray());
}
KeyManagerFactory keyManagerFactory =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keystore, password.toCharArray());
TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keystore);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(
keyManagerFactory.getKeyManagers(),
trustManagerFactory.getTrustManagers(),
new SecureRandom());
return sslContext;
}
}
代码示例来源:origin: apache/kafka
static List<CertificateEntries> create(KeyStore keystore) throws GeneralSecurityException {
Enumeration<String> aliases = keystore.aliases();
List<CertificateEntries> entries = new ArrayList<>();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
Certificate cert = keystore.getCertificate(alias);
if (cert instanceof X509Certificate)
entries.add(new CertificateEntries((X509Certificate) cert));
}
return entries;
}
代码示例来源:origin: stackoverflow.com
InputStream is = new FileInputStream("cacert.crt");
// You could get a resource as a stream instead.
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate caCert = (X509Certificate)cf.generateCertificate(is);
TrustManagerFactory tmf = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(null); // You don't need the KeyStore instance to come from a file.
ks.setCertificateEntry("caCert", caCert);
tmf.init(ks);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, tmf.getTrustManagers(), null);
代码示例来源:origin: square/okhttp
private KeyStore newEmptyKeyStore(char[] password) throws GeneralSecurityException {
try {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
InputStream in = null; // By convention, 'null' creates an empty key store.
keyStore.load(in, password);
return keyStore;
} catch (IOException e) {
throw new AssertionError(e);
}
}
代码示例来源:origin: redisson/redisson
/**
* Generates a new {@link KeyStore}.
*
* @param certChain a X.509 certificate chain
* @param key a PKCS#8 private key
* @param keyPasswordChars the password of the {@code keyFile}.
* {@code null} if it's not password-protected.
* @return generated {@link KeyStore}.
*/
static KeyStore buildKeyStore(X509Certificate[] certChain, PrivateKey key, char[] keyPasswordChars)
throws KeyStoreException, NoSuchAlgorithmException,
CertificateException, IOException {
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(null, null);
ks.setKeyEntry(ALIAS, key, keyPasswordChars, certChain);
return ks;
}
代码示例来源:origin: stackoverflow.com
protected org.apache.http.conn.ssl.SSLSocketFactory createAdditionalCertsSSLSocketFactory() {
try {
final KeyStore ks = KeyStore.getInstance("BKS");
// the bks file we generated above
final InputStream in = context.getResources().openRawResource( R.raw.mystore);
try {
// don't forget to put the password used above in strings.xml/mystore_password
ks.load(in, context.getString( R.string.mystore_password ).toCharArray());
} finally {
in.close();
}
return new AdditionalKeyStoresSSLSocketFactory(ks);
} catch( Exception e ) {
throw new RuntimeException(e);
}
}
代码示例来源:origin: apache/geode
private void populateMap() {
try {
final KeyStore keyStore = KeyStore.getInstance("JKS");
final char[] passPhrase = this.pubKeyPass != null ? this.pubKeyPass.toCharArray() : null;
final FileInputStream keyStoreFile = new FileInputStream(this.pubKeyFilePath);
try {
keyStore.load(keyStoreFile, passPhrase);
} finally {
keyStoreFile.close();
}
for (Enumeration e = keyStore.aliases(); e.hasMoreElements();) {
final Object alias = e.nextElement();
final Certificate cert = keyStore.getCertificate((String) alias);
if (cert instanceof X509Certificate) {
this.aliasCertificateMap.put(alias, cert);
}
}
} catch (Exception e) {
throw new AuthenticationFailedException(
"Exception while getting public keys: " + e.getMessage(), e);
}
}
代码示例来源:origin: google/data-transfer-project
private SSLSocketFactory getSocketFactory() throws GeneralSecurityException, IOException {
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
KeyStore keyStore = KeyStore.getInstance("PKCS12");
InputStream keyInput = new FileInputStream(pathToPkcs12File);
keyStore.load(keyInput, password.toCharArray());
keyInput.close();
keyManagerFactory.init(keyStore, password.toCharArray());
SSLContext context = SSLContext.getInstance("TLS");
context.init(keyManagerFactory.getKeyManagers(), null, new SecureRandom());
return context.getSocketFactory();
}
代码示例来源:origin: rapidoid/rapidoid
private static KeyManager[] initKeyManagers(String keystore, char[] keystorePassword, char[] keyManagerPassword) throws Exception {
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(new FileInputStream(keystore), keystorePassword);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
keyManagerFactory.init(keyStore, keyManagerPassword);
return keyManagerFactory.getKeyManagers();
}
代码示例来源:origin: apache/usergrid
InputStream in = new FileInputStream( file );
KeyStore ks = KeyStore.getInstance( KeyStore.getDefaultType() );
ks.load( in, passphrase );
in.close();
SSLContext context = SSLContext.getInstance( "TLS" );
TrustManagerFactory tmf = TrustManagerFactory.getInstance( TrustManagerFactory.getDefaultAlgorithm() );
tmf.init( ks );
X509TrustManager defaultTrustManager = ( X509TrustManager ) tmf.getTrustManagers()[0];
SavingTrustManager tm = new SavingTrustManager( defaultTrustManager );
context.init( null, new TrustManager[] { tm }, null );
SSLSocketFactory factory = context.getSocketFactory();
ks.setCertificateEntry( host, cert );
ks.store( out, passphrase );
out.close();
代码示例来源:origin: Tencent/tinker
private String getSignatureAlgorithm() throws Exception {
InputStream is = null;
try {
is = new BufferedInputStream(new FileInputStream(config.mSignatureFile));
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(is, config.mStorePass.toCharArray());
Key key = keyStore.getKey(config.mStoreAlias, config.mKeyPass.toCharArray());
String keyAlgorithm = key.getAlgorithm();
String signatureAlgorithm;
if (keyAlgorithm.equalsIgnoreCase("DSA")) {
signatureAlgorithm = "SHA1withDSA";
} else if (keyAlgorithm.equalsIgnoreCase("RSA")) {
signatureAlgorithm = "SHA1withRSA";
} else if (keyAlgorithm.equalsIgnoreCase("EC")) {
signatureAlgorithm = "SHA1withECDSA";
} else {
throw new RuntimeException("private key is not a DSA or "
+ "RSA key");
}
return signatureAlgorithm;
} finally {
StreamUtil.closeQuietly(is);
}
}
代码示例来源:origin: stackoverflow.com
KeyStore ks = KeyStore.getInstance("JKS");
InputStream ksIs = new FileInputStream("...");
try {
ks.load(ksIs, "password".toCharArray());
} finally {
if (ksIs != null) {
ksIs.close();
}
}
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory
.getDefaultAlgorithm());
kmf.init(ks, "keypassword".toCharArray());
代码示例来源:origin: apache/usergrid
InputStream in = new FileInputStream( file );
KeyStore ks = KeyStore.getInstance( KeyStore.getDefaultType() );
ks.load( in, passphrase );
in.close();
ks.setCertificateEntry( hostname, cert );
LOG.debug( "Added certificate to keystore 'jssecacerts' using alias '" + hostname + "'" );
ks.store( out, passphrase );
out.close();
代码示例来源:origin: apache/hbase
protected void load(URI uri) throws IOException {
String path = uri.getPath();
if (path == null || path.isEmpty()) {
throw new RuntimeException("KeyProvider parameters should specify a path");
}
InputStream is = new FileInputStream(new File(path));
try {
store.load(is, password);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
} catch (CertificateException e) {
throw new RuntimeException(e);
} finally {
is.close();
}
}
代码示例来源:origin: stackoverflow.com
KeyStore ks = KeyStore.getInstance("JKS");
// get user password and file input stream
char[] password = ("mykspassword")).toCharArray();
ClassLoader cl = this.getClass().getClassLoader();
InputStream stream = cl.getResourceAsStream("myjks.jks");
ks.load(stream, password);
stream.close();
SSLContext sc = SSLContext.getInstance("TLS");
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
kmf.init(ks, password);
tmf.init(ks);
sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(),null);
return sc.getSocketFactory();
代码示例来源:origin: gocd/gocd
KeyStore agentTruststore() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
KeyStore trustStore = null;
List<X509Certificate> certificates = new CertificateFileParser().certificates(rootCertFile);
for (X509Certificate certificate : certificates) {
if (trustStore == null) {
trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(null, null);
}
trustStore.setCertificateEntry(certificate.getSubjectX500Principal().getName(), certificate);
}
return trustStore;
}
代码示例来源:origin: apache/geode
private TrustManager[] getTrustManagers()
throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
if (Objects.isNull(trustStorePath)) {
return new TrustManager[0];
}
String trustStoreType = "jks";
KeyStore keyStore = KeyStore.getInstance(trustStoreType);
FileInputStream fileInputStream = new FileInputStream(trustStorePath);
char[] password = "password".toCharArray();
keyStore.load(fileInputStream, password);
TrustManagerFactory tmf =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(keyStore);
return tmf.getTrustManagers();
}
代码示例来源:origin: apache/geode
private KeyManager[] getKeyManagers(SSLConfig sslConfig) throws Exception {
FileInputStream keyStoreStream = null;
KeyManagerFactory keyManagerFactory = null;
try {
if (StringUtils.isNotBlank(sslConfig.getKeystore())) {
KeyStore clientKeys = KeyStore.getInstance(sslConfig.getKeystoreType());
keyStoreStream = new FileInputStream(sslConfig.getKeystore());
clientKeys.load(keyStoreStream, sslConfig.getKeystorePassword().toCharArray());
keyManagerFactory =
KeyManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(clientKeys, sslConfig.getKeystorePassword().toCharArray());
}
} finally {
if (keyStoreStream != null) {
keyStoreStream.close();
}
}
return keyManagerFactory != null ? keyManagerFactory.getKeyManagers() : null;
}
代码示例来源:origin: rhuss/jolokia
/**
* Update a keystore with a CA certificate
*
* @param pTrustStore the keystore to update
* @param pCaCert CA cert as PEM used for the trust store
*/
public static void updateWithCaPem(KeyStore pTrustStore, File pCaCert)
throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
InputStream is = new FileInputStream(pCaCert);
try {
CertificateFactory certFactory = CertificateFactory.getInstance("X509");
X509Certificate cert = (X509Certificate) certFactory.generateCertificate(is);
String alias = cert.getSubjectX500Principal().getName();
pTrustStore.setCertificateEntry(alias, cert);
} finally {
is.close();
}
}
代码示例来源:origin: apache/zookeeper
@Override
public KeyStore loadKeyStore() throws IOException, GeneralSecurityException {
KeyStore ks = KeyStore.getInstance(JKS_KEY_STORE_TYPE);
InputStream inputStream = null;
try {
inputStream = new FileInputStream(new File(keyStorePath));
ks.load(inputStream, passwordStringToCharArray(keyStorePassword));
return ks;
} finally {
forceClose(inputStream);
}
}
内容来源于网络,如有侵权,请联系作者删除!