package eu.europa.esig.dss.cookbook.example.keystore;
import java.io.FileOutputStream;
import java.io.OutputStream;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.Date;
import org.junit.Assert;
import org.junit.Test;
import eu.europa.esig.dss.SignatureAlgorithm;
import eu.europa.esig.dss.test.gen.CertificateService;
import eu.europa.esig.dss.test.mock.MockPrivateKeyEntry;
import eu.europa.esig.dss.token.AbstractSignatureTokenConnection;
import eu.europa.esig.dss.token.DSSPrivateKeyEntry;
import eu.europa.esig.dss.token.Pkcs12SignatureToken;
import eu.europa.esig.dss.utils.Utils;
import eu.europa.esig.dss.x509.CertificateToken;
public class PKCS12KeystoreWithKeyEntryGeneration {
private static final String KEYSTORE_TYPE = "PKCS12";
private static final String KEYSTORE_FILEPATH = "target/keystore.p12";
private static final String KEYSTORE_PASSWORD = "password";
@Test
public void generate() throws Exception {
CertificateService service = new CertificateService();
MockPrivateKeyEntry entry = service.generateCertificateChain(SignatureAlgorithm.RSA_SHA256);
KeyStore keystore = createKeyStore();
addCertificate(keystore, "certificate", entry.getCertificate(), entry);
OutputStream fos = new FileOutputStream(KEYSTORE_FILEPATH);
keystore.store(fos, KEYSTORE_PASSWORD.toCharArray());
AbstractSignatureTokenConnection signingToken = new Pkcs12SignatureToken(KEYSTORE_PASSWORD, KEYSTORE_FILEPATH);
Assert.assertEquals(1, signingToken.getKeys().size());
DSSPrivateKeyEntry privateEntry = signingToken.getKeys().get(0);
Assert.assertNotNull(privateEntry);
}
private static void addCertificate(KeyStore store, String alias, CertificateToken cert, MockPrivateKeyEntry entry) throws Exception {
if (cert.isExpiredOn(new Date())) {
throw new RuntimeException("Alias " + alias + " is expired");
}
store.setCertificateEntry(alias, cert.getCertificate());
Certificate[] chain = { store.getCertificate(alias) };
store.setKeyEntry(alias, entry.getPrivateKey(), KEYSTORE_PASSWORD.toCharArray(), chain);
}
private KeyStore createKeyStore() throws Exception {
KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
keyStore.load(null, KEYSTORE_PASSWORD.toCharArray());
OutputStream fos = new FileOutputStream(KEYSTORE_FILEPATH);
keyStore.store(fos, KEYSTORE_PASSWORD.toCharArray());
Utils.closeQuietly(fos);
return keyStore;
}
}