diff options
Diffstat (limited to 'netx/net/sourceforge/jnlp/security/CertificateUtils.java')
-rw-r--r-- | netx/net/sourceforge/jnlp/security/CertificateUtils.java | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/netx/net/sourceforge/jnlp/security/CertificateUtils.java b/netx/net/sourceforge/jnlp/security/CertificateUtils.java index fb7ecef..a4dfeae 100644 --- a/netx/net/sourceforge/jnlp/security/CertificateUtils.java +++ b/netx/net/sourceforge/jnlp/security/CertificateUtils.java @@ -38,12 +38,15 @@ exception statement from your version. package net.sourceforge.jnlp.security; import java.io.BufferedInputStream; +import java.io.BufferedOutputStream; import java.io.File; import java.io.FileInputStream; +import java.io.FileOutputStream; import java.io.IOException; import java.io.PrintStream; import java.math.BigInteger; import java.security.InvalidKeyException; +import java.security.Key; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; @@ -117,6 +120,41 @@ public class CertificateUtils { ks.setCertificateEntry(alias, cert); } + public static void addPKCS12ToKeyStore(File file, KeyStore ks, char[] password) + throws Exception { + BufferedInputStream bis = new BufferedInputStream(new FileInputStream(file)); + KeyStore keyStore = KeyStore.getInstance("PKCS12"); + keyStore.load(bis, password); + + Enumeration<String> aliasList = keyStore.aliases(); + + while (aliasList.hasMoreElements()) { + String alias = aliasList.nextElement(); + Certificate[] certChain = keyStore.getCertificateChain(alias); + Key key = keyStore.getKey(alias, password); + addPKCS12ToKeyStore(certChain, key, ks); + } + } + + public static void addPKCS12ToKeyStore(Certificate[] certChain, Key key, KeyStore ks) + throws KeyStoreException { + String alias = null; + + // does this certificate already exist? + alias = ks.getCertificateAlias(certChain[0]); + if (alias != null) { + return; + } + + // create a unique alias for this new certificate + Random random = new Random(); + do { + alias = new BigInteger(20, random).toString(); + } while (ks.getCertificate(alias) != null); + + ks.setKeyEntry(alias, key, KeyStores.getPassword(), certChain); + } + /** * Checks whether an X509Certificate is already in one of the keystores * @param c the certificate @@ -177,4 +215,15 @@ public class CertificateUtils { encoder.encodeBuffer(cert.getEncoded(), out); out.println(X509Factory.END_CERT); } + + public static void dumpPKCS12(String alias, File file, KeyStore ks, char[] password) + throws Exception { + Certificate[] certChain = ks.getCertificateChain(alias); + Key key = ks.getKey(alias, KeyStores.getPassword()); + BufferedOutputStream bos = new BufferedOutputStream(new FileOutputStream(file)); + KeyStore keyStore = KeyStore.getInstance("PKCS12"); + keyStore.load(null, null); + keyStore.setKeyEntry(alias, key, password, certChain); + keyStore.store(bos, password); + } } |