se.litsec.opensaml.utils.KeyStoreUtils Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of opensaml3-ext Show documentation
Show all versions of opensaml3-ext Show documentation
OpenSAML 3.X utility extension library
/*
* The opensaml-ext project is an open-source package that extends OpenSAML
* with useful extensions and utilities.
*
* More details on
* Copyright (C) 2017 Litsec AB
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see getCertificateEntries(KeyStore keyStore) throws KeyStoreException {
List certificates = new ArrayList<>();
Enumeration e = keyStore.aliases();
while (e.hasMoreElements()) {
String alias = e.nextElement();
if (keyStore.isCertificateEntry(alias)) {
certificates.add((X509Certificate) keyStore.getCertificate(alias));
}
}
return certificates;
}
/**
* Loads a {@link KeyStore} instance that contains the trusted certificates that the running system has configured.
* using the following system properties:
*
* - {@code javax.net.ssl.trustStore} - the path to the keystore holding the system trusted certificates.
* - {@code javax.net.ssl.trustStorePassword} - the password to unlock the keystore.
* - {@code javax.net.ssl.trustStoreType} - the type of the keystore. If this system property is not set the default
* keystore type will be assumed.
*
*
* @return a {@code KeyStore} instance holding the system's trusted certificates
* @throws KeyStoreException
* for errors loading the system trust keystore
*/
public static KeyStore loadSystemTrustStore() throws KeyStoreException {
String locationProperty = System.getProperty("javax.net.ssl.trustStore");
if (locationProperty == null) {
throw new KeyStoreException("System property 'javax.net.ssl.trustStore' was not set - can not load system trust store");
}
try {
return loadKeyStore(locationProperty,
System.getProperty("javax.net.ssl.trustStorePassword"),
System.getProperty("javax.net.ssl.trustStoreType"));
}
catch (IOException e) {
throw new KeyStoreException(e);
}
}
/**
* Loads a {@link KeyStore} based on the given arguments.
*
* @param keyStorePath
* the path to the key store
* @param keyStorePassword
* the key store password
* @param keyStoreType
* the type of the keystore (if {@code null} the default keystore type will be assumed)
* @return a {@code KeyStore} instance
* @throws KeyStoreException
* for errors loading the keystore
* @throws IOException for IO errors
*/
public static KeyStore loadKeyStore(String keyStorePath, String keyStorePassword, String keyStoreType) throws KeyStoreException, IOException {
return loadKeyStore(new FileInputStream(keyStorePath), keyStorePassword, keyStoreType);
}
public static KeyStore loadKeyStore(InputStream keyStoreStream, String keyStorePassword, String keyStoreType) throws KeyStoreException, IOException {
try {
KeyStore keyStore = keyStoreType != null ? KeyStore.getInstance(keyStoreType) : KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(keyStoreStream, keyStorePassword.toCharArray());
return keyStore;
}
catch (NoSuchAlgorithmException | CertificateException e) {
throw new KeyStoreException(e);
}
}
// Hidden
private KeyStoreUtils() {
}
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy