Pascal (Lazarus/Delphi)
Pascal (Lazarus/Delphi)
Create JCEKS Containing Secret Keys
See more Java KeyStore (JKS) Examples
Demonstrates how to create a JCEKS keystore file containing symmetric secret keys (for AES, Blowfish, HMAC SHA25, ChaCha20, etc.)This example requires Chilkat v9.5.0.66 or greater.
Chilkat Pascal (Lazarus/Delphi) Downloads
program ChilkatDemo;
// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.
{$IFDEF FPC}
{$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}
uses
{$IFDEF UNIX}
cthreads,
{$ENDIF}
SysUtils,
CkDllLoader,
Chilkat.JavaKeyStore,
Chilkat.Prng,
Chilkat.StringBuilder,
Chilkat.JsonObject;
// ---------------------------------------------------------------------------
procedure RunDemo;
var
success: Boolean;
jceks: TJavaKeyStore;
prng: TPrng;
aesKey: string;
blowfishKey: string;
hmacKey: string;
chachaKey: string;
encoding: string;
password: string;
filePassword: string;
sbJson: TStringBuilder;
json: TJsonObject;
begin
success := False;
// IMPORTANT: This example requires Chilkat v9.5.0.66 or greater.
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
jceks := TJavaKeyStore.Create;
// We'll need a pseudo-random number generator (PRNG) to generate symmetric keys.
prng := TPrng.Create;
// Generate some keys..
// 128-bit AES key (16 bytes)
aesKey := prng.GenRandom(16,'base64');
// 256-bit Blowfish key (32 bytes)
blowfishKey := prng.GenRandom(32,'base64');
// HMAC SHA256 key
// (An HMAC key can be anything, and any length. We'll use the following string:
hmacKey := 'This is my HMAC key';
// ChaCha20 256-bit
chachaKey := prng.GenRandom(32,'base64');
// Add each secret key to the JCEKS
encoding := 'base64';
password := 'secret';
jceks.AddSecretKey(aesKey,encoding,'AES','my aes key',password);
jceks.AddSecretKey(blowfishKey,encoding,'BLOWFISH','my blowfish key',password);
// For HMAC, we're using the us-ascii bytes for the key..
jceks.AddSecretKey(hmacKey,'ascii','HMAC_SHA256','my hmac key',password);
jceks.AddSecretKey(chachaKey,encoding,'CHACHA','my chacha20 key',password);
filePassword := 'password';
// Write the JCEKs to a file.
success := jceks.ToFile(filePassword,'qa_output/secretKeys.jceks');
if (success <> True) then
begin
WriteLn(jceks.LastErrorText);
Exit;
end;
// We can also emit as a JWK Set..
sbJson := TStringBuilder.Create;
success := jceks.ToJwkSet('secret',sbJson);
if (success <> True) then
begin
WriteLn(jceks.LastErrorText);
Exit;
end;
// Emit the JSON in pretty-printed (indented) form:
json := TJsonObject.Create;
json.LoadSb(sbJson);
json.EmitCompact := False;
WriteLn(json.Emit());
// Output is:
// {
// "keys": [
// {
// "kty": "oct",
// "alg": "AES",
// "k": "vHekQQB0Gc1NvppapUTW2g",
// "kid": "my aes key"
// },
// {
// "kty": "oct",
// "alg": "BLOWFISH",
// "k": "qHsdXaJsXicVCZbK8l8hJQpYOa0GkiO9gsRK9WLtht8",
// "kid": "my blowfish key"
// },
// {
// "kty": "oct",
// "alg": "HMAC_SHA256",
// "k": "VGhpcyBpcyBteSBITUFDIGtleQ",
// "kid": "my hmac key"
// },
// {
// "kty": "oct",
// "alg": "CHACHA",
// "k": "yNv832U43C9BcWvaQAH2_rG-GwfmpgT5JBRllWGQY1o",
// "kid": "my chacha20 key"
// }
// ]
// }
//
jceks.Free;
prng.Free;
sbJson.Free;
json.Free;
end;
// ---------------------------------------------------------------------------
begin
try
RunDemo;
except
on E: Exception do
WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
end;
WriteLn;
{$IFDEF MSWINDOWS}
WriteLn('Press Enter to exit...');
ReadLn;
{$ENDIF}
end.