Sample code for 30+ languages & platforms
DataFlex

Read JCEKS Containing Secret Keys

See more Java KeyStore (JKS) Examples

Demonstrates how to read a JCEKS keystore file containing symmetric secret keys (for AES, Blowfish, HMAC SHA25, ChaCha, etc.)

This example uses the jceks sample file that you may download from Sample JCEKS with Secret Keys

The file password is "filePassword". The password for each secret key contained in the JCEKS is "secret".

This example requires Chilkat v9.5.0.66 or greater.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Handle hoJceks
    String sKeyPassword
    Integer i
    Integer iNumSecretKeys
    String sTemp1

    Move False To iSuccess

    // IMPORTANT: This example requires Chilkat v9.5.0.66 or greater.

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    Get Create (RefClass(cComChilkatJavaKeyStore)) To hoJceks
    If (Not(IsComObjectCreated(hoJceks))) Begin
        Send CreateComObject of hoJceks
    End

    Get ComLoadFile Of hoJceks "filePassword" "qa_data/jks/secretKeys_filePassword.jceks" To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoJceks To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Move "secret" To sKeyPassword

    // Iterate over each secret key and get the key bytes and aliases..
    Move 0 To i
    Get ComNumSecretKeys Of hoJceks To iNumSecretKeys
    While (i < iNumSecretKeys)

        Showln "---- Secret Key " i
        Get ComGetSecretKeyAlias Of hoJceks i To sTemp1
        Showln "Alias: " sTemp1
        // Get the secret key bytes in a desired encoding (base64, hex, base64url, etc.)
        Get ComGetSecretKey Of hoJceks sKeyPassword i "hex" To sTemp1
        Showln "Key Bytes (hex): " sTemp1
        Get ComGetSecretKey Of hoJceks sKeyPassword i "base64" To sTemp1
        Showln "Key Bytes (base64): " sTemp1

        Move (i + 1) To i
    Loop

    // The output:

    // ---- Secret Key 0
    // Alias: aes_key
    // Key Bytes (hex): CB3632FD12FF3256E0048C100DDE8DEF
    // Key Bytes (base64): yzYy/RL/MlbgBIwQDd6N7w==
    // ---- Secret Key 1
    // Alias: chacha_key
    // Key Bytes (hex): B37C73871C7B8F8D488DDE2F1A78CF51B6D74FFAF0E9B338B9609510A4688136
    // Key Bytes (base64): s3xzhxx7j41Ijd4vGnjPUbbXT/rw6bM4uWCVEKRogTY=
    // ---- Secret Key 2
    // Alias: hmac_sha256_key
    // Key Bytes (hex): 3C644B53F904A3BF161D3EAD1364E52EAE6C6EC8C61133B974A2484B894539C0
    // Key Bytes (base64): PGRLU/kEo78WHT6tE2TlLq5sbsjGETO5dKJIS4lFOcA=
    // ---- Secret Key 3
    // Alias: blowfish_key
    // Key Bytes (hex): FFE0574DE04B50F1E2FE79B4160B3B2183ACFF41721C46BFF9764CF24CA40E3C
    // Key Bytes (base64): /+BXTeBLUPHi/nm0Fgs7IYOs/0FyHEa/+XZM8kykDjw=


End_Procedure