DataFlex
DataFlex
Create JCEKS Containing Secret Keys
See more Java KeyStore (JKS) Examples
Demonstrates how to create a JCEKS keystore file containing symmetric secret keys (for AES, Blowfish, HMAC SHA25, ChaCha20, etc.)This example requires Chilkat v9.5.0.66 or greater.
Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Handle hoJceks
Handle hoPrng
String sAesKey
String sBlowfishKey
String sHmacKey
String sChachaKey
String sEncoding
String sPassword
String sFilePassword
Variant vSbJson
Handle hoSbJson
Handle hoJson
String sTemp1
Move False To iSuccess
// IMPORTANT: This example requires Chilkat v9.5.0.66 or greater.
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
Get Create (RefClass(cComChilkatJavaKeyStore)) To hoJceks
If (Not(IsComObjectCreated(hoJceks))) Begin
Send CreateComObject of hoJceks
End
// We'll need a pseudo-random number generator (PRNG) to generate symmetric keys.
Get Create (RefClass(cComChilkatPrng)) To hoPrng
If (Not(IsComObjectCreated(hoPrng))) Begin
Send CreateComObject of hoPrng
End
// Generate some keys..
// 128-bit AES key (16 bytes)
Get ComGenRandom Of hoPrng 16 "base64" To sAesKey
// 256-bit Blowfish key (32 bytes)
Get ComGenRandom Of hoPrng 32 "base64" To sBlowfishKey
// HMAC SHA256 key
// (An HMAC key can be anything, and any length. We'll use the following string:
Move "This is my HMAC key" To sHmacKey
// ChaCha20 256-bit
Get ComGenRandom Of hoPrng 32 "base64" To sChachaKey
// Add each secret key to the JCEKS
Move "base64" To sEncoding
Move "secret" To sPassword
Get ComAddSecretKey Of hoJceks sAesKey sEncoding "AES" "my aes key" sPassword To iSuccess
Get ComAddSecretKey Of hoJceks sBlowfishKey sEncoding "BLOWFISH" "my blowfish key" sPassword To iSuccess
// For HMAC, we're using the us-ascii bytes for the key..
Get ComAddSecretKey Of hoJceks sHmacKey "ascii" "HMAC_SHA256" "my hmac key" sPassword To iSuccess
Get ComAddSecretKey Of hoJceks sChachaKey sEncoding "CHACHA" "my chacha20 key" sPassword To iSuccess
Move "password" To sFilePassword
// Write the JCEKs to a file.
Get ComToFile Of hoJceks sFilePassword "qa_output/secretKeys.jceks" To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoJceks To sTemp1
Showln sTemp1
Procedure_Return
End
// We can also emit as a JWK Set..
Get Create (RefClass(cComChilkatStringBuilder)) To hoSbJson
If (Not(IsComObjectCreated(hoSbJson))) Begin
Send CreateComObject of hoSbJson
End
Get pvComObject of hoSbJson to vSbJson
Get ComToJwkSet Of hoJceks "secret" vSbJson To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoJceks To sTemp1
Showln sTemp1
Procedure_Return
End
// Emit the JSON in pretty-printed (indented) form:
Get Create (RefClass(cComChilkatJsonObject)) To hoJson
If (Not(IsComObjectCreated(hoJson))) Begin
Send CreateComObject of hoJson
End
Get pvComObject of hoSbJson to vSbJson
Get ComLoadSb Of hoJson vSbJson To iSuccess
Set ComEmitCompact Of hoJson To False
Get ComEmit Of hoJson To sTemp1
Showln sTemp1
// Output is:
// {
// "keys": [
// {
// "kty": "oct",
// "alg": "AES",
// "k": "vHekQQB0Gc1NvppapUTW2g",
// "kid": "my aes key"
// },
// {
// "kty": "oct",
// "alg": "BLOWFISH",
// "k": "qHsdXaJsXicVCZbK8l8hJQpYOa0GkiO9gsRK9WLtht8",
// "kid": "my blowfish key"
// },
// {
// "kty": "oct",
// "alg": "HMAC_SHA256",
// "k": "VGhpcyBpcyBteSBITUFDIGtleQ",
// "kid": "my hmac key"
// },
// {
// "kty": "oct",
// "alg": "CHACHA",
// "k": "yNv832U43C9BcWvaQAH2_rG-GwfmpgT5JBRllWGQY1o",
// "kid": "my chacha20 key"
// }
// ]
// }
//
End_Procedure