Swift
Swift
Create JCEKS Containing Secret Keys
See more Java KeyStore (JKS) Examples
Demonstrates how to create a JCEKS keystore file containing symmetric secret keys (for AES, Blowfish, HMAC SHA25, ChaCha20, etc.)This example requires Chilkat v9.5.0.66 or greater.
Chilkat Swift Downloads
func chilkatTest() {
var success: Bool = false
// IMPORTANT: This example requires Chilkat v9.5.0.66 or greater.
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
let jceks = CkoJavaKeyStore()!
// We'll need a pseudo-random number generator (PRNG) to generate symmetric keys.
let prng = CkoPrng()!
// Generate some keys..
// 128-bit AES key (16 bytes)
var aesKey: String? = prng.genRandom(numBytes: 16, encoding: "base64")
// 256-bit Blowfish key (32 bytes)
var blowfishKey: String? = prng.genRandom(numBytes: 32, encoding: "base64")
// HMAC SHA256 key
// (An HMAC key can be anything, and any length. We'll use the following string:
var hmacKey: String? = "This is my HMAC key"
// ChaCha20 256-bit
var chachaKey: String? = prng.genRandom(numBytes: 32, encoding: "base64")
// Add each secret key to the JCEKS
var encoding: String? = "base64"
var password: String? = "secret"
jceks.addSecretKey(encodedKeyBytes: aesKey, encoding: encoding, algorithm: "AES", alias: "my aes key", password: password)
jceks.addSecretKey(encodedKeyBytes: blowfishKey, encoding: encoding, algorithm: "BLOWFISH", alias: "my blowfish key", password: password)
// For HMAC, we're using the us-ascii bytes for the key..
jceks.addSecretKey(encodedKeyBytes: hmacKey, encoding: "ascii", algorithm: "HMAC_SHA256", alias: "my hmac key", password: password)
jceks.addSecretKey(encodedKeyBytes: chachaKey, encoding: encoding, algorithm: "CHACHA", alias: "my chacha20 key", password: password)
var filePassword: String? = "password"
// Write the JCEKs to a file.
success = jceks.toFile(password: filePassword, path: "qa_output/secretKeys.jceks")
if success != true {
print("\(jceks.lastErrorText!)")
return
}
// We can also emit as a JWK Set..
let sbJson = CkoStringBuilder()!
success = jceks.toJwkSet(password: "secret", sbJwkSet: sbJson)
if success != true {
print("\(jceks.lastErrorText!)")
return
}
// Emit the JSON in pretty-printed (indented) form:
let json = CkoJsonObject()!
json.loadSb(sb: sbJson)
json.emitCompact = false
print("\(json.emit()!)")
// Output is:
// {
// "keys": [
// {
// "kty": "oct",
// "alg": "AES",
// "k": "vHekQQB0Gc1NvppapUTW2g",
// "kid": "my aes key"
// },
// {
// "kty": "oct",
// "alg": "BLOWFISH",
// "k": "qHsdXaJsXicVCZbK8l8hJQpYOa0GkiO9gsRK9WLtht8",
// "kid": "my blowfish key"
// },
// {
// "kty": "oct",
// "alg": "HMAC_SHA256",
// "k": "VGhpcyBpcyBteSBITUFDIGtleQ",
// "kid": "my hmac key"
// },
// {
// "kty": "oct",
// "alg": "CHACHA",
// "k": "yNv832U43C9BcWvaQAH2_rG-GwfmpgT5JBRllWGQY1o",
// "kid": "my chacha20 key"
// }
// ]
// }
//
}