import org.bouncycastle.jce.provider.BouncyCastleProvider;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.interfaces.RSAPrivateCrtKey;
import java.util.Enumeration;
public class BCMain {
public static void main(String[] args) {
//==============================
// Setup stuff
//==============================
//Input FileName, Alias and Password
String jksFileName = ".keystore";
String jksAlias = "dims";
char[] jksPassword = "security".toCharArray();
//Output FileName, Alias and Password
String pkcs12FileName = "keystore.p12";
String pkcs12Alias = "dims";
char[] pkcs12Password = "security".toCharArray();
//Plug the Provider into the JCA/JCE
Security.addProvider(new BouncyCastleProvider());
//================================
// JKS Stuff
//================================
InputStream jksInputStream = null;
try {
jksInputStream = new FileInputStream(jksFileName);
System.out.println("Establish JKS InputStream to " +
jksFileName);
} catch (FileNotFoundException e) {
e.printStackTrace();
System.exit(1);
}
KeyStore jksKeyStore = null;
try {
jksKeyStore = KeyStore.getInstance("JKS", "SUN");
System.out.println("Create JKS KeyStore Object.");
} catch (KeyStoreException e) {
e.printStackTrace();
System.exit(1);
} catch (NoSuchProviderException e) {
e.printStackTrace();
System.exit(1);
}
//Load the keystore
try {
jksKeyStore.load(jksInputStream, jksPassword);
System.out.println("Load JKS KeyStore.");
} catch (IOException e) {
e.printStackTrace();
System.exit(1);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
System.exit(1);
} catch (CertificateException e) {
e.printStackTrace();
System.exit(1);
}
//Fetch all aliases from the keystore.
Enumeration aliases = null;
try {
aliases = jksKeyStore.aliases();
System.out.println("Got KeyStore aliases.");
} catch (KeyStoreException e) {
e.printStackTrace();
System.exit(1);
}
//Shows all aliases from the keystore, only for info
while (aliases.hasMoreElements()) {
System.out.println("Has alias: " + aliases.nextElement());
}
//Get PrivateKey
RSAPrivateCrtKey jksPrivateCrtKey = null;
try {
jksPrivateCrtKey =
(RSAPrivateCrtKey) jksKeyStore.getKey(jksAlias, jksPassword);
System.out.println("Get PKCS#12 RSAPrivateCrtKey(" + jksPrivateCrtKey +
"): [Bit-Length: " + jksPrivateCrtKey.getModulus().bitLength() +
", Modulus: " + jksPrivateCrtKey.getModulus() +
", PublicExponent: " + jksPrivateCrtKey.getPublicExponent() +
", PrivateExponent: " + jksPrivateCrtKey.getPrivateExponent() +
", Prime-P: " + jksPrivateCrtKey.getPrimeP() +
", Prime-Q: " + jksPrivateCrtKey.getPrimeQ() +
", Prime-Exponent-P: " + jksPrivateCrtKey.getPrimeExponentP() +
", Prime-Exponent-Q: " + jksPrivateCrtKey.getPrimeExponentQ() +
", CRT-Coefficient: " + jksPrivateCrtKey.getCrtCoefficient()
);
} catch (KeyStoreException e) {
e.printStackTrace();
System.exit(1);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
System.exit(1);
} catch (UnrecoverableKeyException e) {
e.printStackTrace();
System.exit(1);
}
//Get Certificate
Certificate jksCert = null;
try {
jksCert = jksKeyStore.getCertificate(jksAlias);
System.out.println("Get Certificate from PKCS#12: " + jksCert);
} catch (KeyStoreException e) {
e.printStackTrace();
System.exit(1);
}
//Get Certificate Chain
Certificate[] jksCerts = null;
try {
jksCerts = jksKeyStore.getCertificateChain(jksAlias);
System.out.println("Get Certificate Chain from JKS, with " +
jksCerts.length + " certs.");
for (int i = 0; i < jksCerts.length; i++) {
System.out.println("Certificate " + (i + 1) +
" from JKS in the chain: " + jksCerts[i]);
}
} catch (KeyStoreException e) {
e.printStackTrace();
System.exit(1);
}
//=====================================
// PKCS#12 stuff
//=====================================
KeyStore pkcs12KeyStore = null;
try {
pkcs12KeyStore = KeyStore.getInstance("PKCS12", "BC");
System.out.println("Create PKCS#12 KeyStore Object.");
} catch (KeyStoreException e) {
e.printStackTrace();
System.exit(1);
} catch (NoSuchProviderException e) {
e.printStackTrace();
System.exit(1);
}
try {
pkcs12KeyStore.load(null, pkcs12Password);
System.out.println(
"Load a new fresh PKCS#12 KeyStore from scratch.");
} catch (IOException e) {
e.printStackTrace();
System.exit(1);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
System.exit(1);
} catch (CertificateException e) {
e.printStackTrace();
System.exit(1);
}
try {
pkcs12KeyStore.setKeyEntry(pkcs12Alias, jksPrivateCrtKey,
pkcs12Password, jksCerts);
System.out.println("Add the RSA Private Crt Key and the " +
"Certificate Chain to the PKCS#12 KeyStore.");
} catch (KeyStoreException e) {
e.printStackTrace();
System.exit(1);
}
OutputStream pkcs12OutputStream = null;
try {
pkcs12OutputStream = new FileOutputStream(pkcs12FileName);
System.out.println(
"Establish PKCS#12 OutputStream to " + pkcs12FileName);
} catch (FileNotFoundException e) {
e.printStackTrace();
System.exit(1);
}
try {
pkcs12KeyStore.store(pkcs12OutputStream, pkcs12Password);
pkcs12OutputStream.close();
System.out.println("Store PKCS#12 KeyStore: " + pkcs12FileName);
} catch (IOException e) {
e.printStackTrace();
System.exit(1);
} catch (KeyStoreException e) {
e.printStackTrace();
System.exit(1);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
System.exit(1);
} catch (CertificateException e) {
e.printStackTrace();
System.exit(1);
}
//=====================================
// Reread the pkcs12KeyStore
//=====================================
InputStream pkcs12InputStream = null;
try {
pkcs12InputStream = new FileInputStream(pkcs12FileName);
System.out.println(
"Establish PKCS#12 InputStream to " + pkcs12FileName);
} catch (FileNotFoundException e) {
e.printStackTrace();
System.exit(1);
}
try {
pkcs12KeyStore.load(pkcs12InputStream, pkcs12Password);
System.out.println("Re-read the PKCS#12 KeyStore.");
} catch (IOException e) {
e.printStackTrace();
System.exit(1);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
System.exit(1);
} catch (CertificateException e) {
e.printStackTrace();
System.exit(1);
}
//Get PrivateKey
RSAPrivateCrtKey pkcs12PrivateCrtKey = null;
try {
pkcs12PrivateCrtKey =
(RSAPrivateCrtKey) pkcs12KeyStore.getKey(pkcs12Alias, pkcs12Password);
System.out.println(
"Get PKCS#12 RSAPrivateCrtKey(" + pkcs12PrivateCrtKey +
"): [Bit-Length: " + pkcs12PrivateCrtKey.getModulus().bitLength() +
", Modulus: " + pkcs12PrivateCrtKey.getModulus() +
", PublicExponent: " + pkcs12PrivateCrtKey.getPublicExponent() +
", PrivateExponent: " + pkcs12PrivateCrtKey.getPrivateExponent() +
", Prime-P: " + pkcs12PrivateCrtKey.getPrimeP() +
", Prime-Q: " + pkcs12PrivateCrtKey.getPrimeQ() +
", Prime-Exponent-P: " + pkcs12PrivateCrtKey.getPrimeExponentP() +
", Prime-Exponent-Q: " + pkcs12PrivateCrtKey.getPrimeExponentQ() +
", CRT-Coefficient: " + pkcs12PrivateCrtKey.getCrtCoefficient()
);
} catch (KeyStoreException e) {
e.printStackTrace();
System.exit(1);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
System.exit(1);
} catch (UnrecoverableKeyException e) {
e.printStackTrace();
System.exit(1);
}
//Get Certificate
Certificate pkcs12Cert = null;
try {
pkcs12Cert = pkcs12KeyStore.getCertificate(pkcs12Alias);
System.out.println("Get Certificate from PKCS#12: " + pkcs12Cert);
} catch (KeyStoreException e) {
e.printStackTrace();
System.exit(1);
}
//Get Certificate Chain
Certificate[] pkcs12Certs = null;
try {
pkcs12Certs = pkcs12KeyStore.getCertificateChain(pkcs12Alias);
System.out.println("Get Certificate Chain from PKCS#12, with " +
pkcs12Certs.length + " certs.");
for (int i = 0; i < pkcs12Certs.length; i++) {
System.out.println("Certificate " + (i + 1) +
" from PKCS#12 in the chain: " + pkcs12Certs[i]);
}
} catch (KeyStoreException e) {
e.printStackTrace();
System.exit(1);
}
}
}