1 /*
   2  * Copyright (c) 2005, 2015, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 /**
  25  * @see AccessKeyStore.sh
  26  */
  27 
  28 import java.security.Provider;
  29 import java.security.*;
  30 import java.security.cert.*;
  31 import java.security.cert.Certificate;
  32 import java.security.interfaces.RSAKey;
  33 import java.util.Enumeration;
  34 
  35 public class AccessKeyStore {
  36 
  37     public static void main(String[] args) throws Exception {
  38 
  39         // Check that a security manager has been installed
  40         if (System.getSecurityManager() == null) {
  41             throw new Exception("A security manager has not been installed");
  42         }
  43 
  44         Provider p = Security.getProvider("SunMSCAPI");
  45 
  46         System.out.println("SunMSCAPI provider classname is " +
  47             p.getClass().getName());
  48 
  49         KeyStore keyStore = KeyStore.getInstance("Windows-MY", p);
  50 
  51         /*
  52          * If a SecurityManager exists then this will trigger a
  53          * SecurityException if the following permission has not
  54          * been granted:
  55          *
  56          *     SecurityPermission("authProvider.SunMSCAPI")
  57          */
  58         try {
  59 
  60             keyStore.load(null, null);
  61 
  62             if (args.length > 0 && "-deny".equals(args[0])) {
  63                 throw new Exception(
  64                     "Expected KeyStore.load to throw a SecurityException");
  65             }
  66 
  67         } catch (SecurityException se) {
  68 
  69             if (args.length > 0 && "-deny".equals(args[0])) {
  70                 System.out.println("Caught the expected exception: " + se);
  71                 return;
  72             } else {
  73                 throw se;
  74             }
  75         }
  76 
  77         int i = 0;
  78         for (Enumeration<String> e = keyStore.aliases(); e.hasMoreElements(); ) {
  79             String alias = e.nextElement();
  80             displayEntry(keyStore, alias, i++);
  81         }
  82     }
  83 
  84     private static void displayEntry(KeyStore keyStore, String alias,
  85         int index) throws KeyStoreException, NoSuchAlgorithmException  {
  86 
  87         if (keyStore.isKeyEntry(alias)) {
  88             System.out.println("[" + index + "]\n    " + alias +
  89                 " [key-entry]\n");
  90 
  91             try {
  92 
  93                 Key key = keyStore.getKey(alias, null);
  94 
  95                 if (key instanceof RSAKey) {
  96                     System.out.println("    Key type: " + key.getAlgorithm() +
  97                         " (" + ((RSAKey)key).getModulus().bitLength() +
  98                         " bit)\n");
  99                 } else {
 100                     System.out.println("    Key type: " + key.getAlgorithm() +
 101                         "\n");
 102                 }
 103 
 104             } catch (UnrecoverableKeyException e) {
 105                 System.out.println("    Key type: Unknown\n");
 106             }
 107 
 108             Certificate[] chain = keyStore.getCertificateChain(alias);
 109             if (chain != null) {
 110                 System.out.println("    Certificate chain: ");
 111                 for (int i = 0; i < chain.length; i ++) {
 112                     System.out.println("        ["+ (i + 1) + "]");
 113                     displayCert(chain[i], "            ");
 114                 }
 115             }
 116 
 117         } else {
 118             System.out.println("[" + index + "]\n    " + alias +
 119                 " [trusted-cert-entry]\n");
 120             Certificate[] chain = keyStore.getCertificateChain(alias);
 121             if (chain != null) {
 122                 System.out.println("    Certificate chain: ");
 123                 for (int i = 0; i < chain.length; i ++) {
 124                     System.out.println("        ["+ (i + 1) + "]");
 125                     displayCert(chain[i], "            ");
 126                 }
 127             }
 128         }
 129         System.out.println("-------------------------------------------------");
 130     }
 131 
 132     private static void displayCert(Certificate cert, String tab) {
 133         if (cert instanceof X509Certificate) {
 134             X509Certificate x = (X509Certificate) cert;
 135             System.out.println(
 136                 tab + "Owner: " + x.getSubjectDN().toString() + "\n" +
 137                 tab + "Issuer: " + x.getIssuerDN().toString() + "\n" +
 138                 tab + "Serial number: " + x.getSerialNumber().toString(16) +
 139                 "\n"+
 140                 tab + "Valid from: " + x.getNotBefore().toString() + "\n" +
 141                 tab + "     until: " + x.getNotAfter().toString());
 142         } else {
 143             System.out.println(tab + "[unknown certificate format]");
 144         }
 145         System.out.println();
 146     }
 147 }