Sample code for 30+ languages & platforms
DataFlex

Create JCEKS Containing Secret Keys

See more Java KeyStore (JKS) Examples

Demonstrates how to create a JCEKS keystore file containing symmetric secret keys (for AES, Blowfish, HMAC SHA25, ChaCha20, etc.)

This example requires Chilkat v9.5.0.66 or greater.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Handle hoJceks
    Handle hoPrng
    String sAesKey
    String sBlowfishKey
    String sHmacKey
    String sChachaKey
    String sEncoding
    String sPassword
    String sFilePassword
    Variant vSbJson
    Handle hoSbJson
    Handle hoJson
    String sTemp1

    Move False To iSuccess

    // IMPORTANT: This example requires Chilkat v9.5.0.66 or greater.

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    Get Create (RefClass(cComChilkatJavaKeyStore)) To hoJceks
    If (Not(IsComObjectCreated(hoJceks))) Begin
        Send CreateComObject of hoJceks
    End

    // We'll need a pseudo-random number generator (PRNG) to generate symmetric keys.
    Get Create (RefClass(cComChilkatPrng)) To hoPrng
    If (Not(IsComObjectCreated(hoPrng))) Begin
        Send CreateComObject of hoPrng
    End

    // Generate some keys..

    // 128-bit AES key (16 bytes)
    Get ComGenRandom Of hoPrng 16 "base64" To sAesKey

    // 256-bit Blowfish key (32 bytes)
    Get ComGenRandom Of hoPrng 32 "base64" To sBlowfishKey

    // HMAC SHA256 key
    // (An HMAC key can be anything, and any length. We'll use the following string:
    Move "This is my HMAC key" To sHmacKey

    // ChaCha20 256-bit
    Get ComGenRandom Of hoPrng 32 "base64" To sChachaKey

    // Add each secret key to the JCEKS
    Move "base64" To sEncoding
    Move "secret" To sPassword
    Get ComAddSecretKey Of hoJceks sAesKey sEncoding "AES" "my aes key" sPassword To iSuccess
    Get ComAddSecretKey Of hoJceks sBlowfishKey sEncoding "BLOWFISH" "my blowfish key" sPassword To iSuccess
    // For HMAC, we're using the us-ascii bytes for the key..
    Get ComAddSecretKey Of hoJceks sHmacKey "ascii" "HMAC_SHA256" "my hmac key" sPassword To iSuccess
    Get ComAddSecretKey Of hoJceks sChachaKey sEncoding "CHACHA" "my chacha20 key" sPassword To iSuccess

    Move "password" To sFilePassword
    // Write the JCEKs to a file.
    Get ComToFile Of hoJceks sFilePassword "qa_output/secretKeys.jceks" To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoJceks To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // We can also emit as a JWK Set..
    Get Create (RefClass(cComChilkatStringBuilder)) To hoSbJson
    If (Not(IsComObjectCreated(hoSbJson))) Begin
        Send CreateComObject of hoSbJson
    End
    Get pvComObject of hoSbJson to vSbJson
    Get ComToJwkSet Of hoJceks "secret" vSbJson To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoJceks To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Emit the JSON in pretty-printed (indented) form:
    Get Create (RefClass(cComChilkatJsonObject)) To hoJson
    If (Not(IsComObjectCreated(hoJson))) Begin
        Send CreateComObject of hoJson
    End
    Get pvComObject of hoSbJson to vSbJson
    Get ComLoadSb Of hoJson vSbJson To iSuccess
    Set ComEmitCompact Of hoJson To False
    Get ComEmit Of hoJson To sTemp1
    Showln sTemp1

    // Output is:

    // { 
    //   "keys": [
    //     { 
    //       "kty": "oct",
    //       "alg": "AES",
    //       "k": "vHekQQB0Gc1NvppapUTW2g",
    //       "kid": "my aes key"
    //     },
    //     { 
    //       "kty": "oct",
    //       "alg": "BLOWFISH",
    //       "k": "qHsdXaJsXicVCZbK8l8hJQpYOa0GkiO9gsRK9WLtht8",
    //       "kid": "my blowfish key"
    //     },
    //     { 
    //       "kty": "oct",
    //       "alg": "HMAC_SHA256",
    //       "k": "VGhpcyBpcyBteSBITUFDIGtleQ",
    //       "kid": "my hmac key"
    //     },
    //     { 
    //       "kty": "oct",
    //       "alg": "CHACHA",
    //       "k": "yNv832U43C9BcWvaQAH2_rG-GwfmpgT5JBRllWGQY1o",
    //       "kid": "my chacha20 key"
    //     }
    //   ]
    // }
    // 


End_Procedure