1
/*
2
 * Copyright (c) 2005, 2015, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
/**
25
 * @see AccessKeyStore.sh
26
 */
27

28
import java.security.Provider;
29
import java.security.*;
30
import java.security.cert.*;
31
import java.security.cert.Certificate;
32
import java.security.interfaces.RSAKey;
33
import java.util.Enumeration;
34

35
public class AccessKeyStore {
36

37
    public static void main(String[] args) throws Exception {
38

39
        // Check that a security manager has been installed
40
        if (System.getSecurityManager() == null) {
41
            throw new Exception("A security manager has not been installed");
42
        }
43

44
        Provider p = Security.getProvider("SunMSCAPI");
45

46
        System.out.println("SunMSCAPI provider classname is " +
47
            p.getClass().getName());
48

49
        KeyStore keyStore = KeyStore.getInstance("Windows-MY", p);
50

51
        /*
52
         * If a SecurityManager exists then this will trigger a
53
         * SecurityException if the following permission has not
54
         * been granted:
55
         *
56
         *     SecurityPermission("authProvider.SunMSCAPI")
57
         */
58
        try {
59

60
            keyStore.load(null, null);
61

62
            if (args.length > 0 && "-deny".equals(args[0])) {
63
                throw new Exception(
64
                    "Expected KeyStore.load to throw a SecurityException");
65
            }
66

67
        } catch (SecurityException se) {
68

69
            if (args.length > 0 && "-deny".equals(args[0])) {
70
                System.out.println("Caught the expected exception: " + se);
71
                return;
72
            } else {
73
                throw se;
74
            }
75
        }
76

77
        int i = 0;
78
        for (Enumeration<String> e = keyStore.aliases(); e.hasMoreElements(); ) {
79
            String alias = e.nextElement();
80
            displayEntry(keyStore, alias, i++);
81
        }
82
    }
83

84
    private static void displayEntry(KeyStore keyStore, String alias,
85
        int index) throws KeyStoreException, NoSuchAlgorithmException  {
86

87
        if (keyStore.isKeyEntry(alias)) {
88
            System.out.println("[" + index + "]\n    " + alias +
89
                " [key-entry]\n");
90

91
            try {
92

93
                Key key = keyStore.getKey(alias, null);
94

95
                if (key instanceof RSAKey) {
96
                    System.out.println("    Key type: " + key.getAlgorithm() +
97
                        " (" + ((RSAKey)key).getModulus().bitLength() +
98
                        " bit)\n");
99
                } else {
100
                    System.out.println("    Key type: " + key.getAlgorithm() +
101
                        "\n");
102
                }
103

104
            } catch (UnrecoverableKeyException e) {
105
                System.out.println("    Key type: Unknown\n");
106
            }
107

108
            Certificate[] chain = keyStore.getCertificateChain(alias);
109
            if (chain != null) {
110
                System.out.println("    Certificate chain: ");
111
                for (int i = 0; i < chain.length; i ++) {
112
                    System.out.println("        ["+ (i + 1) + "]");
113
                    displayCert(chain[i], "            ");
114
                }
115
            }
116

117
        } else {
118
            System.out.println("[" + index + "]\n    " + alias +
119
                " [trusted-cert-entry]\n");
120
            Certificate[] chain = keyStore.getCertificateChain(alias);
121
            if (chain != null) {
122
                System.out.println("    Certificate chain: ");
123
                for (int i = 0; i < chain.length; i ++) {
124
                    System.out.println("        ["+ (i + 1) + "]");
125
                    displayCert(chain[i], "            ");
126
                }
127
            }
128
        }
129
        System.out.println("-------------------------------------------------");
130
    }
131

132
    private static void displayCert(Certificate cert, String tab) {
133
        if (cert instanceof X509Certificate) {
134
            X509Certificate x = (X509Certificate) cert;
135
            System.out.println(
136
                tab + "Owner: " + x.getSubjectDN().toString() + "\n" +
137
                tab + "Issuer: " + x.getIssuerDN().toString() + "\n" +
138
                tab + "Serial number: " + x.getSerialNumber().toString(16) +
139
                "\n"+
140
                tab + "Valid from: " + x.getNotBefore().toString() + "\n" +
141
                tab + "     until: " + x.getNotAfter().toString());
142
        } else {
143
            System.out.println(tab + "[unknown certificate format]");
144
        }
145
        System.out.println();
146
    }
147
}
148

149