Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   * Licensed to the Apache Software Foundation (ASF) under one or more
   * contributor license agreements.  See the NOTICE file distributed with
   * this work for additional information regarding copyright ownership.
   * The ASF licenses this file to You under the Apache License, Version 2.0
   * (the "License"); you may not use this file except in compliance with
   * the License.  You may obtain a copy of the License at
   *
   *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
  */
 
 package org.apache.commons.net.util;
 
 import java.io.File;
 
 
 import  org.apache.commons.net.io.Util;

General KeyManager utilities

How to use with a client certificate:

 KeyManager km = KeyManagerUtils.createClientKeyManager("JKS",
     "/path/to/privatekeystore.jks","storepassword",
     "privatekeyalias", "keypassword");
 FTPSClient cl = new FTPSClient();
 cl.setKeyManager(km);
 cl.connect(...);
 
If using the default store type and the key password is the same as the store password, these parameters can be omitted.
If the desired key is the first or only key in the keystore, the keyAlias parameter can be omitted, in which case the code becomes:
 KeyManager km = KeyManagerUtils.createClientKeyManager(
     "/path/to/privatekeystore.jks","storepassword");
 FTPSClient cl = new FTPSClient();
 cl.setKeyManager(km);
 cl.connect(...);
 

Since:
3.0
 
 public final class KeyManagerUtils {
 
     private static final String DEFAULT_STORE_TYPE = KeyStore.getDefaultType();
 
     private KeyManagerUtils(){
         // Not instantiable
     }

    
Create a client key manager which returns a particular key. Does not handle server keys.

Parameters:
ks the keystore to use
keyAlias the alias of the key to use, may be null in which case the first key entry alias is used
keyPass the password of the key to use
Returns:
the customised KeyManager
 
     public static KeyManager createClientKeyManager(KeyStore ksString keyAliasString keyPass)
         throws GeneralSecurityException
     {
         ClientKeyStore cks = new ClientKeyStore(kskeyAlias != null ? keyAlias : findAlias(ks), keyPass);
         return new X509KeyManager(cks);
     }

    
Create a client key manager which returns a particular key. Does not handle server keys.

Parameters:
storeType the type of the keyStore, e.g. "JKS"
storePath the path to the keyStore
storePass the keyStore password
keyAlias the alias of the key to use, may be null in which case the first key entry alias is used
keyPass the password of the key to use
Returns:
the customised KeyManager
 
    public static KeyManager createClientKeyManager(String storeTypeFile storePathString storePassString keyAliasString keyPass)
        throws IOExceptionGeneralSecurityException
    {
        KeyStore ks = loadStore(storeTypestorePathstorePass);
        return createClientKeyManager(kskeyAliaskeyPass);
    }

    
Create a client key manager which returns a particular key. Does not handle server keys. Uses the default store type and assumes the key password is the same as the store password

Parameters:
storePath the path to the keyStore
storePass the keyStore password
keyAlias the alias of the key to use, may be null in which case the first key entry alias is used
Returns:
the customised KeyManager
    public static KeyManager createClientKeyManager(File storePathString storePassString keyAlias)
        throws IOExceptionGeneralSecurityException
    {
        return createClientKeyManager(storePathstorePasskeyAliasstorePass);
    }

    
Create a client key manager which returns a particular key. Does not handle server keys. Uses the default store type and assumes the key password is the same as the store password. The key alias is found by searching the keystore for the first private key entry

Parameters:
storePath the path to the keyStore
storePass the keyStore password
Returns:
the customised KeyManager
    public static KeyManager createClientKeyManager(File storePathString storePass)
        throws IOExceptionGeneralSecurityException
    {
        return createClientKeyManager(storePathstorePassnullstorePass);
    }
    private static KeyStore loadStore(String storeTypeFile storePathString storePass)
        KeyStore ks = KeyStore.getInstance(storeType);
        FileInputStream stream = null;
        try {
            stream = new FileInputStream(storePath);
            ks.load(streamstorePass.toCharArray());
        } finally {
            Util.closeQuietly(stream);
        }
        return ks;
    }
    private static String findAlias(KeyStore ksthrows KeyStoreException {
        Enumeration<Stringe = ks.aliases();
        while(e.hasMoreElements()) {
            String entry = e.nextElement();
            if (ks.isKeyEntry(entry)) {
                return entry;
            }
        }
        throw new KeyStoreException("Cannot find a private key entry");
    }
    private static class ClientKeyStore {
        private final X509Certificate[] certChain;
        private final PrivateKey key;
        private final String keyAlias;
        ClientKeyStore(KeyStore ksString keyAliasString keyPassthrows GeneralSecurityException
        {
            this. = keyAlias;
            this. = (PrivateKeyks.getKey(this.keyPass.toCharArray());
            Certificate[] certs = ks.getCertificateChain(this.);
            X509Certificate[] X509certs = new X509Certificate[certs.length];
            for (int i=0; i < certs.lengthi++) {
                X509certs[i] = (X509Certificatecerts[i];
            }
            this. = X509certs;
        }
        final X509Certificate[] getCertificateChain() {
            return this.;
        }
        final PrivateKey getPrivateKey() {
            return this.;
        }
        final String getAlias() {
            return this.;
        }
    }
    private static class X509KeyManager extends X509ExtendedKeyManager  {
        private final ClientKeyStore keyStore;
        X509KeyManager(final ClientKeyStore keyStore) {
            this. = keyStore;
        }
        // Call sequence: 1
//        @Override
        public String chooseClientAlias(String[] keyTypePrincipal[] issuers,
                Socket socket) {
            return .getAlias();
        }
        // Call sequence: 2
//        @Override
        public X509Certificate[] getCertificateChain(String alias) {
            return .getCertificateChain();
        }
//        @Override
        public String[] getClientAliases(String keyTypePrincipal[] issuers) {
            return new String[]{ .getAlias()};
        }
        // Call sequence: 3
//        @Override
        public PrivateKey getPrivateKey(String alias) {
            return .getPrivateKey();
        }
//        @Override
        public String[] getServerAliases(String keyTypePrincipal[] issuers) {
            return null;
        }
//        @Override
        public String chooseServerAlias(String keyTypePrincipal[] issuersSocket socket) {
            return null;
        }
    }
New to GrepCode? Check out our FAQ X