/** java.security.KeyStore#getCertificateAlias(java.security.cert.Certificate) */
public void test_getCertificateAliasLjava_security_cert_Certificate() throws Exception {
// Test for method java.lang.String
// java.security.KeyStore.getCertificateAlias(java.security.cert.Certificate)
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate cert[] = new X509Certificate[2];
cert[0] = (X509Certificate) cf.generateCertificate(certArray);
cert[1] = (X509Certificate) cf.generateCertificate(certArray2);
KeyStore keyTest = KeyStore.getInstance(KeyStore.getDefaultType());
keyTest.load(null, null);
// certificate entry
keyTest.setCertificateEntry("alias1", cert[1]);
String alias = keyTest.getCertificateAlias(cert[1]);
assertEquals(
"certificate entry - the alias returned for this certificate was wrong", "alias1", alias);
// key entry
keyTest.setKeyEntry("alias2", getPrivateKey(), pssWord, cert);
alias = keyTest.getCertificateAlias(cert[0]);
assertEquals("key entry - the alias returned for this certificate was wrong", "alias2", alias);
// testing case with a nonexistent certificate
X509Certificate cert2 = (X509Certificate) cf.generateCertificate(certArray3);
String aliasNull = keyTest.getCertificateAlias(cert2);
assertNull("the alias returned for the nonexist certificate was NOT null", aliasNull);
}
// if the certificate is stored in the app key store, it is considered "known"
private boolean isCertKnown(X509Certificate cert) {
try {
return appKeyStore.getCertificateAlias(cert) != null;
} catch (KeyStoreException e) {
return false;
}
}
public void removeCertificate(@Nonnull final X509Certificate aCert) throws OpenAS2Exception {
ValueEnforcer.notNull(aCert, "Cert");
final KeyStore aKeyStore = getKeyStore();
try {
final String sAlias = aKeyStore.getCertificateAlias(aCert);
if (sAlias == null) throw new CertificateNotFoundException(aCert);
removeCertificate(sAlias);
} catch (final GeneralSecurityException ex) {
throw WrappedOpenAS2Exception.wrap(ex);
}
}
@Nonnull
public PrivateKey getPrivateKey(@Nullable final X509Certificate aCert) throws OpenAS2Exception {
final KeyStore aKeyStore = getKeyStore();
String sAlias = null;
try {
// This method heuristically scans the keystore and delivery the first
// result.
sAlias = aKeyStore.getCertificateAlias(aCert);
if (sAlias == null) throw new KeyNotFoundException(aCert);
final PrivateKey aKey = (PrivateKey) aKeyStore.getKey(sAlias, getPassword());
if (aKey == null) throw new KeyNotFoundException(aCert, sAlias);
return aKey;
} catch (final GeneralSecurityException ex) {
throw new KeyNotFoundException(aCert, sAlias, ex);
}
}
/**
* Returns the ID of the provided certificate or null if the certificate is not found in the
* keystore.
*
* @param cert The certificate who's ID is desired.
* @return The ID of the certificate or <tt>null</tt> if no matching Certificate was found.
* @throws KeyStoreException When the wrong keystore has been provided.
* @throws IOException For errors related to processing the keystore.
*/
public ID getTrustedCertificateID(X509Certificate cert) throws KeyStoreException, IOException {
String anAlias = null;
synchronized (keystore_manager) {
KeyStore store = keystore_manager.loadKeyStore(keystore_password);
anAlias = store.getCertificateAlias(cert);
}
// not found.
if (null == anAlias) {
return null;
}
try {
URI id = new URI(anAlias);
return IDFactory.fromURI(id);
} catch (URISyntaxException badID) {
return null;
}
}
private void readTest(String inKeyStore) throws Exception {
KeyStore inputKeyStore;
// Initialize KeyStore
String dir = System.getProperty("test.src", ".");
String keystorePath = dir + File.separator + "certs" + File.separator + "readP12";
inputKeyStore = KeyStore.getInstance(IN_KEYSTORE_TYPE);
// KeyStore have encoded by Base64.getMimeEncoder().encode(),need decode
// first.
byte[] input = Files.readAllBytes(Paths.get(keystorePath, inKeyStore));
ByteArrayInputStream arrayIn = new ByteArrayInputStream(Base64.getMimeDecoder().decode(input));
inputKeyStore.load(arrayIn, IN_STORE_PASS.toCharArray());
out.println("Initialize KeyStore : " + inKeyStore + " success");
out.println("getProvider : " + inputKeyStore.getProvider());
out.println("getType : " + inputKeyStore.getType());
out.println("getDefaultType : " + KeyStore.getDefaultType());
int idx = 0;
Enumeration<String> e = inputKeyStore.aliases();
String alias;
while (e.hasMoreElements()) {
alias = e.nextElement();
out.println("Alias " + idx + " : " + alias);
if (inputKeyStore.containsAlias(alias) == false) {
throw new RuntimeException("Alias not found");
}
out.println("getCreationDate : " + inputKeyStore.getCreationDate(alias));
X509Certificate cert = (X509Certificate) inputKeyStore.getCertificate(alias);
out.println("getCertificate : " + cert.getSubjectDN());
String retAlias = inputKeyStore.getCertificateAlias(cert);
if (!retAlias.equals(alias)) {
throw new RuntimeException("Alias mismatch");
}
out.println("getCertificateAlias : " + retAlias);
Certificate[] certs = inputKeyStore.getCertificateChain(alias);
for (int i = 0; i < certs.length; i++) {
out.println(
"getCertificateChain " + i + " : " + ((X509Certificate) certs[i]).getSubjectDN());
}
boolean isCertEntry = inputKeyStore.isCertificateEntry(alias);
// test KeyStore only contain key pair entries.
if (isCertEntry == true) {
throw new RuntimeException(
"inputKeystore should not be certEntry because test keystore only contain key pair entries.");
}
boolean isKeyEntry = inputKeyStore.isKeyEntry(alias);
if (isKeyEntry) {
Key key = inputKeyStore.getKey(alias, IN_STORE_PASS.toCharArray());
out.println("Key : " + key.toString());
} else {
throw new RuntimeException("Entry type unknown\n");
}
idx++;
}
int size = inputKeyStore.size();
if (idx != size) {
throw new RuntimeException("Size not match");
}
}
public boolean contains(Certificate certificate) throws KeyStoreException {
// a certificate alias is only returned when there is a match
String alias = keyStore.getCertificateAlias(certificate);
return alias != null;
}
public void remove(Certificate certificate) throws KeyStoreException {
String alias = keyStore.getCertificateAlias(certificate);
if (alias != null) {
keyStore.deleteEntry(alias);
}
}
