|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(C) Add Private Key to Java KeystoreAdds a private key to an existing Java keystore.
#include <C_CkJavaKeyStore.h> #include <C_CkCert.h> #include <C_CkXmlCertVault.h> #include <C_CkPrivateKey.h> #include <C_CkPfx.h> void ChilkatSample(void) { HCkJavaKeyStore jks; const char *jksPassword; const char *jksPath; BOOL success; HCkCert cert; HCkXmlCertVault certVault; HCkPrivateKey privKey; const char *alias; HCkPfx pfx; // This requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. jks = CkJavaKeyStore_Create(); jksPassword = "myJksPassword"; jksPath = "/someDir/keyStore.jks"; // Load the Java keystore from a file. success = CkJavaKeyStore_LoadFile(jks,jksPassword,jksPath); if (success != TRUE) { printf("%s\n",CkJavaKeyStore_lastErrorText(jks)); CkJavaKeyStore_Dispose(jks); return; } // A JKS private key entry consists of both the private key, // it's associated certificate (which contains the matching public key // within the X.509 of the certificate), and the certificates in the // chain of authentication to the root. // // Therefore, to add a private key entry to a JKS requires // a Chilkat certificate object that has a private key and which also // has the certificate chain (up to the root) available. // There are many ways to get a Chilkat certificate object // that contains (within it) the private key and the certificate chain // This example will show two possibilities: // (1) Where the cert and issuing root are provided in PEM format in .crt files, // and the private key is also provided in unencrypted PEM format (.key file). // (2) Where the cert, private key, and issuing root are provided in a single PFX. // First for the .crt / .key files: cert = CkCert_Create(); // Chilkat will automatically determine the format of the cert file and load it correctly. success = CkCert_LoadFromFile(cert,"/mycerts/alice.crt"); if (success != TRUE) { printf("%s\n",CkCert_lastErrorText(cert)); CkJavaKeyStore_Dispose(jks); CkCert_Dispose(cert); return; } // Certificates required for building the chain of authentication can be // added to an XML certificate vault object, and then provided as // a source for obtaining certs when building the chain. certVault = CkXmlCertVault_Create(); success = CkXmlCertVault_AddCertFile(certVault,"/mycerts/ca.crt"); if (success != TRUE) { printf("%s\n",CkXmlCertVault_lastErrorText(certVault)); CkJavaKeyStore_Dispose(jks); CkCert_Dispose(cert); CkXmlCertVault_Dispose(certVault); return; } success = CkCert_UseCertVault(cert,certVault); if (success != TRUE) { printf("%s\n",CkCert_lastErrorText(cert)); CkJavaKeyStore_Dispose(jks); CkCert_Dispose(cert); CkXmlCertVault_Dispose(certVault); return; } // Now provide the associated private key to the certificate object. // The Chilkat private key class provides methods for loading from many formats (both // encrypted and unencrypted). privKey = CkPrivateKey_Create(); success = CkPrivateKey_LoadPemFile(privKey,"/mycerts/alice.key"); if (success != TRUE) { printf("%s\n",CkPrivateKey_lastErrorText(privKey)); CkJavaKeyStore_Dispose(jks); CkCert_Dispose(cert); CkXmlCertVault_Dispose(certVault); CkPrivateKey_Dispose(privKey); return; } // Provide the certificate object with the private key: success = CkCert_SetPrivateKey(cert,privKey); if (success != TRUE) { printf("%s\n",CkCert_lastErrorText(cert)); CkJavaKeyStore_Dispose(jks); CkCert_Dispose(cert); CkXmlCertVault_Dispose(certVault); CkPrivateKey_Dispose(privKey); return; } // Our certificate object now contains all that we need to add it as a private key entry // to the Java keystore: alias = "alice"; success = CkJavaKeyStore_AddPrivateKey(jks,cert,alias,jksPassword); if (success != TRUE) { printf("%s\n",CkJavaKeyStore_lastErrorText(jks)); CkJavaKeyStore_Dispose(jks); CkCert_Dispose(cert); CkXmlCertVault_Dispose(certVault); CkPrivateKey_Dispose(privKey); return; } // Write the updated JKS, which contains the new private key entry w/ certificate chain. success = CkJavaKeyStore_ToFile(jks,jksPassword,jksPath); if (success != TRUE) { printf("%s\n",CkJavaKeyStore_lastErrorText(jks)); CkJavaKeyStore_Dispose(jks); CkCert_Dispose(cert); CkXmlCertVault_Dispose(certVault); CkPrivateKey_Dispose(privKey); return; } printf("Added new private key entry (from .crt and .key files) to the JKS!\n"); // Now let's add a new private key entry from a PFX that contains a single // private key with associated cert and cert chain. pfx = CkPfx_Create(); success = CkPfx_LoadPfxFile(pfx,"/myPfxFiles/my.pfx","pfxPassword"); if (success != TRUE) { printf("%s\n",CkPfx_lastErrorText(pfx)); CkJavaKeyStore_Dispose(jks); CkCert_Dispose(cert); CkXmlCertVault_Dispose(certVault); CkPrivateKey_Dispose(privKey); CkPfx_Dispose(pfx); return; } // This is easy -- simply add the PFX to the JKS alias = "bob"; success = CkJavaKeyStore_AddPfx(jks,pfx,alias,jksPassword); if (success != TRUE) { printf("%s\n",CkJavaKeyStore_lastErrorText(jks)); CkJavaKeyStore_Dispose(jks); CkCert_Dispose(cert); CkXmlCertVault_Dispose(certVault); CkPrivateKey_Dispose(privKey); CkPfx_Dispose(pfx); return; } // Write the updated JKS, which contains the new private key entry w/ certificate chain // that came from the PFX. success = CkJavaKeyStore_ToFile(jks,jksPassword,jksPath); if (success != TRUE) { printf("%s\n",CkJavaKeyStore_lastErrorText(jks)); CkJavaKeyStore_Dispose(jks); CkCert_Dispose(cert); CkXmlCertVault_Dispose(certVault); CkPrivateKey_Dispose(privKey); CkPfx_Dispose(pfx); return; } printf("Added new private key entry (from PFX) to the JKS!\n"); CkJavaKeyStore_Dispose(jks); CkCert_Dispose(cert); CkXmlCertVault_Dispose(certVault); CkPrivateKey_Dispose(privKey); CkPfx_Dispose(pfx); } |
|||||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.