1 /* 2 * Copyright (c) 2005, 2015, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /** 25 * @see AccessKeyStore.sh 26 */ 27 28 import java.security.Provider; 29 import java.security.*; 30 import java.security.cert.*; 31 import java.security.cert.Certificate; 32 import java.security.interfaces.RSAKey; 33 import java.util.Enumeration; 34 35 public class AccessKeyStore { 36 37 public static void main(String[] args) throws Exception { 38 39 // Check that a security manager has been installed 40 if (System.getSecurityManager() == null) { 41 throw new Exception("A security manager has not been installed"); 42 } 43 44 Provider p = Security.getProvider("SunMSCAPI"); 45 46 System.out.println("SunMSCAPI provider classname is " + 47 p.getClass().getName()); 48 49 KeyStore keyStore = KeyStore.getInstance("Windows-MY", p); 50 51 /* 52 * If a SecurityManager exists then this will trigger a 53 * SecurityException if the following permission has not 54 * been granted: 55 * 56 * SecurityPermission("authProvider.SunMSCAPI") 57 */ 58 try { 59 60 keyStore.load(null, null); 61 62 if (args.length > 0 && "-deny".equals(args[0])) { 63 throw new Exception( 64 "Expected KeyStore.load to throw a SecurityException"); 65 } 66 67 } catch (SecurityException se) { 68 69 if (args.length > 0 && "-deny".equals(args[0])) { 70 System.out.println("Caught the expected exception: " + se); 71 return; 72 } else { 73 throw se; 74 } 75 } 76 77 int i = 0; 78 for (Enumeration<String> e = keyStore.aliases(); e.hasMoreElements(); ) { 79 String alias = e.nextElement(); 80 displayEntry(keyStore, alias, i++); 81 } 82 } 83 84 private static void displayEntry(KeyStore keyStore, String alias, 85 int index) throws KeyStoreException, NoSuchAlgorithmException { 86 87 if (keyStore.isKeyEntry(alias)) { 88 System.out.println("[" + index + "]\n " + alias + 89 " [key-entry]\n"); 90 91 try { 92 93 Key key = keyStore.getKey(alias, null); 94 95 if (key instanceof RSAKey) { 96 System.out.println(" Key type: " + key.getAlgorithm() + 97 " (" + ((RSAKey)key).getModulus().bitLength() + 98 " bit)\n"); 99 } else { 100 System.out.println(" Key type: " + key.getAlgorithm() + 101 "\n"); 102 } 103 104 } catch (UnrecoverableKeyException e) { 105 System.out.println(" Key type: Unknown\n"); 106 } 107 108 Certificate[] chain = keyStore.getCertificateChain(alias); 109 if (chain != null) { 110 System.out.println(" Certificate chain: "); 111 for (int i = 0; i < chain.length; i ++) { 112 System.out.println(" ["+ (i + 1) + "]"); 113 displayCert(chain[i], " "); 114 } 115 } 116 117 } else { 118 System.out.println("[" + index + "]\n " + alias + 119 " [trusted-cert-entry]\n"); 120 Certificate[] chain = keyStore.getCertificateChain(alias); 121 if (chain != null) { 122 System.out.println(" Certificate chain: "); 123 for (int i = 0; i < chain.length; i ++) { 124 System.out.println(" ["+ (i + 1) + "]"); 125 displayCert(chain[i], " "); 126 } 127 } 128 } 129 System.out.println("-------------------------------------------------"); 130 } 131 132 private static void displayCert(Certificate cert, String tab) { 133 if (cert instanceof X509Certificate) { 134 X509Certificate x = (X509Certificate) cert; 135 System.out.println( 136 tab + "Owner: " + x.getSubjectDN().toString() + "\n" + 137 tab + "Issuer: " + x.getIssuerDN().toString() + "\n" + 138 tab + "Serial number: " + x.getSerialNumber().toString(16) + 139 "\n"+ 140 tab + "Valid from: " + x.getNotBefore().toString() + "\n" + 141 tab + " until: " + x.getNotAfter().toString()); 142 } else { 143 System.out.println(tab + "[unknown certificate format]"); 144 } 145 System.out.println(); 146 } 147 }