Sample code for 30+ languages & platforms
PHP Extension

Create JCEKS Containing Secret Keys

See more Java KeyStore (JKS) Examples

Demonstrates how to create a JCEKS keystore file containing symmetric secret keys (for AES, Blowfish, HMAC SHA25, ChaCha20, etc.)

This example requires Chilkat v9.5.0.66 or greater.

Chilkat PHP Extension Downloads

PHP Extension
<?php

include("chilkat.php");

$success = false;

// IMPORTANT: This example requires Chilkat v9.5.0.66 or greater.

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

$jceks = new CkJavaKeyStore();

// We'll need a pseudo-random number generator (PRNG) to generate symmetric keys.
$prng = new CkPrng();

// Generate some keys..

// 128-bit AES key (16 bytes)
$aesKey = $prng->genRandom(16,'base64');

// 256-bit Blowfish key (32 bytes)
$blowfishKey = $prng->genRandom(32,'base64');

// HMAC SHA256 key
// (An HMAC key can be anything, and any length. We'll use the following string:
$hmacKey = 'This is my HMAC key';

// ChaCha20 256-bit
$chachaKey = $prng->genRandom(32,'base64');

// Add each secret key to the JCEKS
$encoding = 'base64';
$password = 'secret';
$jceks->AddSecretKey($aesKey,$encoding,'AES','my aes key',$password);
$jceks->AddSecretKey($blowfishKey,$encoding,'BLOWFISH','my blowfish key',$password);
// For HMAC, we're using the us-ascii bytes for the key..
$jceks->AddSecretKey($hmacKey,'ascii','HMAC_SHA256','my hmac key',$password);
$jceks->AddSecretKey($chachaKey,$encoding,'CHACHA','my chacha20 key',$password);

$filePassword = 'password';
// Write the JCEKs to a file.
$success = $jceks->ToFile($filePassword,'qa_output/secretKeys.jceks');
if ($success != true) {
    print $jceks->lastErrorText() . "\n";
    exit;
}

// We can also emit as a JWK Set..
$sbJson = new CkStringBuilder();
$success = $jceks->ToJwkSet('secret',$sbJson);
if ($success != true) {
    print $jceks->lastErrorText() . "\n";
    exit;
}

// Emit the JSON in pretty-printed (indented) form:
$json = new CkJsonObject();
$json->LoadSb($sbJson);
$json->put_EmitCompact(false);
print $json->emit() . "\n";

// Output is:

// { 
//   "keys": [
//     { 
//       "kty": "oct",
//       "alg": "AES",
//       "k": "vHekQQB0Gc1NvppapUTW2g",
//       "kid": "my aes key"
//     },
//     { 
//       "kty": "oct",
//       "alg": "BLOWFISH",
//       "k": "qHsdXaJsXicVCZbK8l8hJQpYOa0GkiO9gsRK9WLtht8",
//       "kid": "my blowfish key"
//     },
//     { 
//       "kty": "oct",
//       "alg": "HMAC_SHA256",
//       "k": "VGhpcyBpcyBteSBITUFDIGtleQ",
//       "kid": "my hmac key"
//     },
//     { 
//       "kty": "oct",
//       "alg": "CHACHA",
//       "k": "yNv832U43C9BcWvaQAH2_rG-GwfmpgT5JBRllWGQY1o",
//       "kid": "my chacha20 key"
//     }
//   ]
// }
// 

?>