[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [iaik-jce] Help on Pkcs#12 and Keystore



 Hello,
 
read keys and certs from the PKCS#12 file as shown in demo.pkcs.PKCS12Create and put it into a keystore in a way like:
 
         char[] password = ...;
         // create a new KeyStore:
         KeyStore keyStore = KeyStore.getInstance("IAIKKeyStore", "IAIK");
         keyStore.load(null, null);
        
         System.out.println("Store private key + cert chain...");
         keyStore.setKeyEntry("myEntryName", privateKey, password, certs);
        
         System.out.println("Save keystore to file ...");
         FileOutputStream os = new FileOutputStream("...");
         keyStore.store(os, password);
         os.close();
         // clear password
         for (int i = 0; i < password.length; i++)
           password[i] = (char)0;
Reading back from a keystore may be done like:

         System.out.println("Reading in key store...");
         FileInputStream is = new FileInputStream("...");
         KeyStore keyStore1 = KeyStore.getInstance("IAIKKeyStore", "IAIK");
         keyStore1.load(is, password);
         is.close();
         // get key
         System.out.println("Fetching key...");
         try {
            Key key = keyStore1.getKey("myEntryName", password);
            if (key != null) {
               System.out.println("Got key: " + key);  
            } else {
               System.out.println("Missing key!");  
            }   
         } catch (UnrecoverableKeyException ex) {
            System.out.println("Error in getting key: " + ex.getMessage());
         }
        
        
         // get certificates
         System.out.println("Fetching certificates...");
        
         Certificate[] chain = keyStore1.getCertificateChain("myEntryName");
           
         if (chain != null) {
            iaik.x509.X509Certificate[] x509Chain = Util.convertCertificateChain(chain);
            System.out.println("Got certificates: ");  
            for (int i = 0; i < x509Chain.length; i++)
              System.out.println(x509Chain[i].toString(true));
         } else {
            System.out.println("Missing certificates!");  
         }    
     
         // clear password
         for (int i = 0; i < password.length; i++)
           password[i] = (char)0;
 
Regards,
Dieter Bratko
 
-----Ursprüngliche Nachricht-----
Von: iaik-jce-owner@iaik.tu-graz.ac.at [mailto:iaik-jce-owner@iaik.tu-graz.ac.at]Im Auftrag von tito santini
Gesendet: Dienstag, 13. März 2001 09:52
An: iaik-jce@iaik.tu-graz.ac.at
Betreff: [iaik-jce] Help on Pkcs#12 and Keystore

Hi.
 
Newbie question:
How can I import a private RSA key and its associate certificate, both stored in a PKCS#12 file generated by IE5.5, into a keystore?
 
Thanks in advance for your help.
 
 
Tito Santini
----------------------------------------
NetIkos S.p.A.
http://www.netikos.it
56124 Pisa - via Matteucci, 34/b
Tel: 050 968.111
Fax: 050 968.525
email: t.santini@netikos.it
-----------------------------------------

smime.p7s