java.security.KeyStore类的使用及代码示例

x33g5p2x  于2022-01-23 转载在 其他  
字(11.7k)|赞(0)|评价(0)|浏览(412)

本文整理了Java中java.security.KeyStore类的一些代码示例,展示了KeyStore类的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。KeyStore类的具体详情如下:
包路径:java.security.KeyStore
类名称:KeyStore

KeyStore介绍

[英]KeyStore is responsible for maintaining cryptographic keys and their owners.

The type of the system key store can be changed by setting the 'keystore.type' property in the file named JAVA_HOME/lib/security/java.security.
[中]密钥库负责维护加密密钥及其所有者。
通过设置“密钥库”,可以更改系统密钥库的类型。在名为JAVA_HOME/lib/security/JAVA的文件中键入'property'。安全

代码示例

代码示例来源:origin: square/okhttp

private static SSLContext sslContext(String keystoreFile, String password)
   throws GeneralSecurityException, IOException {
  KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
  try (InputStream in = new FileInputStream(keystoreFile)) {
   keystore.load(in, password.toCharArray());
  }
  KeyManagerFactory keyManagerFactory =
    KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
  keyManagerFactory.init(keystore, password.toCharArray());

  TrustManagerFactory trustManagerFactory =
    TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
  trustManagerFactory.init(keystore);

  SSLContext sslContext = SSLContext.getInstance("TLS");
  sslContext.init(
    keyManagerFactory.getKeyManagers(),
    trustManagerFactory.getTrustManagers(),
    new SecureRandom());

  return sslContext;
 }
}

代码示例来源:origin: apache/kafka

static List<CertificateEntries> create(KeyStore keystore) throws GeneralSecurityException {
  Enumeration<String> aliases = keystore.aliases();
  List<CertificateEntries> entries = new ArrayList<>();
  while (aliases.hasMoreElements()) {
    String alias = aliases.nextElement();
    Certificate cert  = keystore.getCertificate(alias);
    if (cert instanceof X509Certificate)
      entries.add(new CertificateEntries((X509Certificate) cert));
  }
  return entries;
}

代码示例来源:origin: stackoverflow.com

InputStream is = new FileInputStream("cacert.crt");
// You could get a resource as a stream instead.

CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate caCert = (X509Certificate)cf.generateCertificate(is);

TrustManagerFactory tmf = TrustManagerFactory
  .getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(null); // You don't need the KeyStore instance to come from a file.
ks.setCertificateEntry("caCert", caCert);

tmf.init(ks);

SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, tmf.getTrustManagers(), null);

代码示例来源:origin: square/okhttp

private KeyStore newEmptyKeyStore(char[] password) throws GeneralSecurityException {
 try {
  KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
  InputStream in = null; // By convention, 'null' creates an empty key store.
  keyStore.load(in, password);
  return keyStore;
 } catch (IOException e) {
  throw new AssertionError(e);
 }
}

代码示例来源:origin: redisson/redisson

/**
 * Generates a new {@link KeyStore}.
 *
 * @param certChain a X.509 certificate chain
 * @param key a PKCS#8 private key
 * @param keyPasswordChars the password of the {@code keyFile}.
 *                    {@code null} if it's not password-protected.
 * @return generated {@link KeyStore}.
 */
static KeyStore buildKeyStore(X509Certificate[] certChain, PrivateKey key, char[] keyPasswordChars)
    throws KeyStoreException, NoSuchAlgorithmException,
        CertificateException, IOException {
  KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
  ks.load(null, null);
  ks.setKeyEntry(ALIAS, key, keyPasswordChars, certChain);
  return ks;
}

代码示例来源:origin: stackoverflow.com

protected org.apache.http.conn.ssl.SSLSocketFactory createAdditionalCertsSSLSocketFactory() {
  try {
    final KeyStore ks = KeyStore.getInstance("BKS");

    // the bks file we generated above
    final InputStream in = context.getResources().openRawResource( R.raw.mystore);  
    try {
      // don't forget to put the password used above in strings.xml/mystore_password
      ks.load(in, context.getString( R.string.mystore_password ).toCharArray());
    } finally {
      in.close();
    }

    return new AdditionalKeyStoresSSLSocketFactory(ks);

  } catch( Exception e ) {
    throw new RuntimeException(e);
  }
}

代码示例来源:origin: apache/geode

private void populateMap() {
 try {
  final KeyStore keyStore = KeyStore.getInstance("JKS");
  final char[] passPhrase = this.pubKeyPass != null ? this.pubKeyPass.toCharArray() : null;
  final FileInputStream keyStoreFile = new FileInputStream(this.pubKeyFilePath);
  try {
   keyStore.load(keyStoreFile, passPhrase);
  } finally {
   keyStoreFile.close();
  }
  for (Enumeration e = keyStore.aliases(); e.hasMoreElements();) {
   final Object alias = e.nextElement();
   final Certificate cert = keyStore.getCertificate((String) alias);
   if (cert instanceof X509Certificate) {
    this.aliasCertificateMap.put(alias, cert);
   }
  }
 } catch (Exception e) {
  throw new AuthenticationFailedException(
    "Exception while getting public keys: " + e.getMessage(), e);
 }
}

代码示例来源:origin: google/data-transfer-project

private SSLSocketFactory getSocketFactory() throws GeneralSecurityException, IOException {
 KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
 KeyStore keyStore = KeyStore.getInstance("PKCS12");
 InputStream keyInput = new FileInputStream(pathToPkcs12File);
 keyStore.load(keyInput, password.toCharArray());
 keyInput.close();
 keyManagerFactory.init(keyStore, password.toCharArray());
 SSLContext context = SSLContext.getInstance("TLS");
 context.init(keyManagerFactory.getKeyManagers(), null, new SecureRandom());
 return context.getSocketFactory();
}

代码示例来源:origin: rapidoid/rapidoid

private static KeyManager[] initKeyManagers(String keystore, char[] keystorePassword, char[] keyManagerPassword) throws Exception {
  KeyStore keyStore = KeyStore.getInstance("JKS");
  keyStore.load(new FileInputStream(keystore), keystorePassword);
  KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
  keyManagerFactory.init(keyStore, keyManagerPassword);
  return keyManagerFactory.getKeyManagers();
}

代码示例来源:origin: apache/usergrid

InputStream in = new FileInputStream( file );
KeyStore ks = KeyStore.getInstance( KeyStore.getDefaultType() );
ks.load( in, passphrase );
in.close();
SSLContext context = SSLContext.getInstance( "TLS" );
TrustManagerFactory tmf = TrustManagerFactory.getInstance( TrustManagerFactory.getDefaultAlgorithm() );
tmf.init( ks );
X509TrustManager defaultTrustManager = ( X509TrustManager ) tmf.getTrustManagers()[0];
SavingTrustManager tm = new SavingTrustManager( defaultTrustManager );
context.init( null, new TrustManager[] { tm }, null );
SSLSocketFactory factory = context.getSocketFactory();
ks.setCertificateEntry( host, cert );
ks.store( out, passphrase );
out.close();

代码示例来源:origin: Tencent/tinker

private String getSignatureAlgorithm() throws Exception {
  InputStream is = null;
  try {
    is = new BufferedInputStream(new FileInputStream(config.mSignatureFile));
    KeyStore keyStore = KeyStore.getInstance("JKS");
    keyStore.load(is, config.mStorePass.toCharArray());
    Key key = keyStore.getKey(config.mStoreAlias, config.mKeyPass.toCharArray());
    String keyAlgorithm = key.getAlgorithm();
    String signatureAlgorithm;
    if (keyAlgorithm.equalsIgnoreCase("DSA")) {
      signatureAlgorithm = "SHA1withDSA";
    } else if (keyAlgorithm.equalsIgnoreCase("RSA")) {
      signatureAlgorithm = "SHA1withRSA";
    } else if (keyAlgorithm.equalsIgnoreCase("EC")) {
      signatureAlgorithm = "SHA1withECDSA";
    } else {
      throw new RuntimeException("private key is not a DSA or "
          + "RSA key");
    }
    return signatureAlgorithm;
  } finally {
    StreamUtil.closeQuietly(is);
  }
}

代码示例来源:origin: stackoverflow.com

KeyStore ks = KeyStore.getInstance("JKS");
 InputStream ksIs = new FileInputStream("...");
 try {
   ks.load(ksIs, "password".toCharArray());
 } finally {
   if (ksIs != null) {
     ksIs.close();
   }
 }
 KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory
     .getDefaultAlgorithm());
 kmf.init(ks, "keypassword".toCharArray());

代码示例来源:origin: apache/usergrid

InputStream in = new FileInputStream( file );
KeyStore ks = KeyStore.getInstance( KeyStore.getDefaultType() );
ks.load( in, passphrase );
in.close();
  ks.setCertificateEntry( hostname, cert );
  LOG.debug( "Added certificate to keystore 'jssecacerts' using alias '" + hostname + "'" );
ks.store( out, passphrase );
out.close();

代码示例来源:origin: apache/hbase

protected void load(URI uri) throws IOException {
 String path = uri.getPath();
 if (path == null || path.isEmpty()) {
  throw new RuntimeException("KeyProvider parameters should specify a path");
 }
 InputStream is = new FileInputStream(new File(path));
 try {
  store.load(is, password);
 } catch (NoSuchAlgorithmException e) {
  throw new RuntimeException(e);
 } catch (CertificateException e) {
  throw new RuntimeException(e);
 } finally {
  is.close();
 }
}

代码示例来源:origin: stackoverflow.com

KeyStore ks = KeyStore.getInstance("JKS");
 // get user password and file input stream
 char[] password = ("mykspassword")).toCharArray();
 ClassLoader cl = this.getClass().getClassLoader();
 InputStream stream = cl.getResourceAsStream("myjks.jks");
 ks.load(stream, password);
 stream.close();
 SSLContext sc = SSLContext.getInstance("TLS");
 KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
 TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
 kmf.init(ks, password);
 tmf.init(ks);
 sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(),null);
 return sc.getSocketFactory();

代码示例来源:origin: gocd/gocd

KeyStore agentTruststore() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
  KeyStore trustStore = null;
  List<X509Certificate> certificates = new CertificateFileParser().certificates(rootCertFile);
  for (X509Certificate certificate : certificates) {
    if (trustStore == null) {
      trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
      trustStore.load(null, null);
    }
    trustStore.setCertificateEntry(certificate.getSubjectX500Principal().getName(), certificate);
  }
  return trustStore;
}

代码示例来源:origin: apache/geode

private TrustManager[] getTrustManagers()
  throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
 if (Objects.isNull(trustStorePath)) {
  return new TrustManager[0];
 }
 String trustStoreType = "jks";
 KeyStore keyStore = KeyStore.getInstance(trustStoreType);
 FileInputStream fileInputStream = new FileInputStream(trustStorePath);
 char[] password = "password".toCharArray();
 keyStore.load(fileInputStream, password);
 TrustManagerFactory tmf =
   TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
 tmf.init(keyStore);
 return tmf.getTrustManagers();
}

代码示例来源:origin: apache/geode

private KeyManager[] getKeyManagers(SSLConfig sslConfig) throws Exception {
 FileInputStream keyStoreStream = null;
 KeyManagerFactory keyManagerFactory = null;
 try {
  if (StringUtils.isNotBlank(sslConfig.getKeystore())) {
   KeyStore clientKeys = KeyStore.getInstance(sslConfig.getKeystoreType());
   keyStoreStream = new FileInputStream(sslConfig.getKeystore());
   clientKeys.load(keyStoreStream, sslConfig.getKeystorePassword().toCharArray());
   keyManagerFactory =
     KeyManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
   keyManagerFactory.init(clientKeys, sslConfig.getKeystorePassword().toCharArray());
  }
 } finally {
  if (keyStoreStream != null) {
   keyStoreStream.close();
  }
 }
 return keyManagerFactory != null ? keyManagerFactory.getKeyManagers() : null;
}

代码示例来源:origin: rhuss/jolokia

/**
 * Update a keystore with a CA certificate
 *
 * @param pTrustStore the keystore to update
 * @param pCaCert     CA cert as PEM used for the trust store
 */
public static void updateWithCaPem(KeyStore pTrustStore, File pCaCert)
    throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
  InputStream is = new FileInputStream(pCaCert);
  try {
    CertificateFactory certFactory = CertificateFactory.getInstance("X509");
    X509Certificate cert = (X509Certificate) certFactory.generateCertificate(is);
    String alias = cert.getSubjectX500Principal().getName();
    pTrustStore.setCertificateEntry(alias, cert);
  } finally {
    is.close();
  }
}

代码示例来源:origin: apache/zookeeper

@Override
public KeyStore loadKeyStore() throws IOException, GeneralSecurityException {
  KeyStore ks = KeyStore.getInstance(JKS_KEY_STORE_TYPE);
  InputStream inputStream = null;
  try {
    inputStream = new FileInputStream(new File(keyStorePath));
    ks.load(inputStream, passwordStringToCharArray(keyStorePassword));
    return ks;
  } finally {
    forceClose(inputStream);
  }
}

相关文章