Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Read JCEKS Containing Secret Keys

See more Java KeyStore (JKS) Examples

Demonstrates how to read a JCEKS keystore file containing symmetric secret keys (for AES, Blowfish, HMAC SHA25, ChaCha, etc.)

This example uses the jceks sample file that you may download from Sample JCEKS with Secret Keys

The file password is "filePassword". The password for each secret key contained in the JCEKS is "secret".

This example requires Chilkat v9.5.0.66 or greater.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.JavaKeyStore;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  jceks: TJavaKeyStore;
  keyPassword: string;
  i: Integer;
  numSecretKeys: Integer;

begin
  success := False;

  //  IMPORTANT: This example requires Chilkat v9.5.0.66 or greater.

  //  This example requires the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  jceks := TJavaKeyStore.Create;

  success := jceks.LoadFile('filePassword','qa_data/jks/secretKeys_filePassword.jceks');
  if (success <> True) then
    begin
      WriteLn(jceks.LastErrorText);
      Exit;
    end;

  keyPassword := 'secret';

  //  Iterate over each secret key and get the key bytes and aliases..
  i := 0;
  numSecretKeys := jceks.NumSecretKeys;
  while i < numSecretKeys do
    begin

      WriteLn('---- Secret Key ' + i);
      WriteLn('Alias: ' + jceks.GetSecretKeyAlias(i));
      //  Get the secret key bytes in a desired encoding (base64, hex, base64url, etc.)
      WriteLn('Key Bytes (hex): ' + jceks.GetSecretKey(keyPassword,i,'hex'));
      WriteLn('Key Bytes (base64): ' + jceks.GetSecretKey(keyPassword,i,'base64'));

      i := i + 1;
    end;

  //  The output:

  //  ---- Secret Key 0
  //  Alias: aes_key
  //  Key Bytes (hex): CB3632FD12FF3256E0048C100DDE8DEF
  //  Key Bytes (base64): yzYy/RL/MlbgBIwQDd6N7w==
  //  ---- Secret Key 1
  //  Alias: chacha_key
  //  Key Bytes (hex): B37C73871C7B8F8D488DDE2F1A78CF51B6D74FFAF0E9B338B9609510A4688136
  //  Key Bytes (base64): s3xzhxx7j41Ijd4vGnjPUbbXT/rw6bM4uWCVEKRogTY=
  //  ---- Secret Key 2
  //  Alias: hmac_sha256_key
  //  Key Bytes (hex): 3C644B53F904A3BF161D3EAD1364E52EAE6C6EC8C61133B974A2484B894539C0
  //  Key Bytes (base64): PGRLU/kEo78WHT6tE2TlLq5sbsjGETO5dKJIS4lFOcA=
  //  ---- Secret Key 3
  //  Alias: blowfish_key
  //  Key Bytes (hex): FFE0574DE04B50F1E2FE79B4160B3B2183ACFF41721C46BFF9764CF24CA40E3C
  //  Key Bytes (base64): /+BXTeBLUPHi/nm0Fgs7IYOs/0FyHEa/+XZM8kykDjw=


  jceks.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.