PowerShell
PowerShell
Create JCEKS Containing Secret Keys
See more Java KeyStore (JKS) Examples
Demonstrates how to create a JCEKS keystore file containing symmetric secret keys (for AES, Blowfish, HMAC SHA25, ChaCha20, etc.)This example requires Chilkat v9.5.0.66 or greater.
Chilkat PowerShell Downloads
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"
$success = $false
# IMPORTANT: This example requires Chilkat v9.5.0.66 or greater.
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
$jceks = New-Object Chilkat.JavaKeyStore
# We'll need a pseudo-random number generator (PRNG) to generate symmetric keys.
$prng = New-Object Chilkat.Prng
# Generate some keys..
# 128-bit AES key (16 bytes)
$aesKey = $prng.GenRandom(16,"base64")
# 256-bit Blowfish key (32 bytes)
$blowfishKey = $prng.GenRandom(32,"base64")
# HMAC SHA256 key
# (An HMAC key can be anything, and any length. We'll use the following string:
$hmacKey = "This is my HMAC key"
# ChaCha20 256-bit
$chachaKey = $prng.GenRandom(32,"base64")
# Add each secret key to the JCEKS
$encoding = "base64"
$password = "secret"
$jceks.AddSecretKey($aesKey,$encoding,"AES","my aes key",$password)
$jceks.AddSecretKey($blowfishKey,$encoding,"BLOWFISH","my blowfish key",$password)
# For HMAC, we're using the us-ascii bytes for the key..
$jceks.AddSecretKey($hmacKey,"ascii","HMAC_SHA256","my hmac key",$password)
$jceks.AddSecretKey($chachaKey,$encoding,"CHACHA","my chacha20 key",$password)
$filePassword = "password"
# Write the JCEKs to a file.
$success = $jceks.ToFile($filePassword,"qa_output/secretKeys.jceks")
if ($success -ne $true) {
$($jceks.LastErrorText)
exit
}
# We can also emit as a JWK Set..
$sbJson = New-Object Chilkat.StringBuilder
$success = $jceks.ToJwkSet("secret",$sbJson)
if ($success -ne $true) {
$($jceks.LastErrorText)
exit
}
# Emit the JSON in pretty-printed (indented) form:
$json = New-Object Chilkat.JsonObject
$json.LoadSb($sbJson)
$json.EmitCompact = $false
$($json.Emit())
# Output is:
# {
# "keys": [
# {
# "kty": "oct",
# "alg": "AES",
# "k": "vHekQQB0Gc1NvppapUTW2g",
# "kid": "my aes key"
# },
# {
# "kty": "oct",
# "alg": "BLOWFISH",
# "k": "qHsdXaJsXicVCZbK8l8hJQpYOa0GkiO9gsRK9WLtht8",
# "kid": "my blowfish key"
# },
# {
# "kty": "oct",
# "alg": "HMAC_SHA256",
# "k": "VGhpcyBpcyBteSBITUFDIGtleQ",
# "kid": "my hmac key"
# },
# {
# "kty": "oct",
# "alg": "CHACHA",
# "k": "yNv832U43C9BcWvaQAH2_rG-GwfmpgT5JBRllWGQY1o",
# "kid": "my chacha20 key"
# }
# ]
# }
#