• Home
• com.sap.cloud.sjb
• xs-hdb-conn-options
• 2.11.0
• source code
• KeyStoreInitializer.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.sap.xs.hdb.utils.KeyStoreInitializer Maven / Gradle / Ivy

package com.sap.xs.hdb.utils;

import static java.nio.file.StandardOpenOption.CREATE;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;

public class KeyStoreInitializer {
	private static final String BEGIN_CERTIFICATE = "-----BEGIN CERTIFICATE-----";
	private static final String END_CERTIFICATE = "-----END CERTIFICATE-----";
	private static final String BEGIN_PRIVATE_KEY = "-----BEGIN PRIVATE KEY-----";
	private static final String END_PRIVATE_KEY = "-----END PRIVATE KEY-----";

	private final String keyAlias;
	private final String privateKey;
	private final String privateKeyCertificate;

	/**
	 * @param keyAlias
	 *            key alias
	 * @param privateKey
	 *            private key
	 * @param privateKeyCertificate
	 *            private key certificate
	 */
	public KeyStoreInitializer(final String keyAlias, final String privateKey, final String privateKeyCertificate) {
		this.keyAlias = keyAlias;
		this.privateKey = privateKey;
		this.privateKeyCertificate = privateKeyCertificate;
	}

	/**
	 * Initialize and store key store with password and key store path.
	 * 
	 * @param password
	 *            key store password
	 * @param keyStorePath
	 *            key store path
	 * @throws KeyStoreException
	 *             KeyStoreException
	 * @throws NoSuchAlgorithmException
	 *             NoSuchAlgorithmException
	 * @throws CertificateException
	 *             CertificateException
	 * @throws IOException
	 *             IOException
	 * @throws InvalidKeySpecException
	 *             InvalidKeySpecException
	 */
	public void initAndStore(final char[] password, final Path keyStorePath) throws KeyStoreException,
			NoSuchAlgorithmException, CertificateException, IOException, InvalidKeySpecException {
		KeyStore ks = init(password);
		Files.createDirectories(keyStorePath.getParent());
		ks.store(Files.newOutputStream(keyStorePath, CREATE), password);
	}

	/**
	 * Initialize key store with password.
	 * 
	 * @param password
	 *            key store password
	 * @return the initialized key store
	 * @throws KeyStoreException
	 *             KeyStoreException
	 * @throws InvalidKeySpecException
	 *             InvalidKeySpecException
	 * @throws NoSuchAlgorithmException
	 *             NoSuchAlgorithmException
	 * @throws CertificateException
	 *             CertificateException
	 * @throws IOException
	 *             IOException
	 */
	public KeyStore init(final char[] password) throws KeyStoreException, InvalidKeySpecException,
			NoSuchAlgorithmException, CertificateException, IOException {
		KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
		keyStore.load(null);
		keyStore.setKeyEntry(keyAlias, createPrivateKey(), password, new Certificate[] { createCertificate() });
		return keyStore;
	}

	private PrivateKey createPrivateKey() throws InvalidKeySpecException, NoSuchAlgorithmException {
		final byte[] privateKeyBytes = Base64.getDecoder().decode(getPrivateKeyContent());
		final PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(privateKeyBytes);
		return KeyFactory.getInstance("RSA").generatePrivate(keySpec);
	}

	private String getPrivateKeyContent() {
		return privateKey.replace(BEGIN_PRIVATE_KEY, "").replace(END_PRIVATE_KEY, "").replace("\n", "");
	}

	private Certificate createCertificate() throws CertificateException {
		final byte[] certificateBytes = Base64.getDecoder().decode(getCertificateContent());
		return CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(certificateBytes));
	}

	private String getCertificateContent() {
		return privateKeyCertificate.replace(BEGIN_CERTIFICATE, "").replace(END_CERTIFICATE, "").replace("\n",
				"");
	}
}