PureBasic
PureBasic
Load Java KeyStore and Access Contents
See more Java KeyStore (JKS) Examples
Loads a Java keystore file and iterates over the contents. A Java keystore (.jks) file can contain one or more trusted root certificate entries and/or one or more private key entries. Each private key entry includes an associated certificate chain.Chilkat PureBasic Downloads
IncludeFile "CkCert.pb"
IncludeFile "CkJavaKeyStore.pb"
IncludeFile "CkCertChain.pb"
IncludeFile "CkPrivateKey.pb"
Procedure ChilkatExample()
success.i = 0
; This requires the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
jks.i = CkJavaKeyStore::ckCreate()
If jks.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
; Load the Java keystore from a file. The JKS file password is used
; to verify the keyed digest that is found at the very end of the keystore.
; It verifies there has been no tampering with the file.
success = CkJavaKeyStore::ckLoadFile(jks,"jksFilePassword","/someDir/keyStore.jks")
If success = 0
Debug CkJavaKeyStore::ckLastErrorText(jks)
CkJavaKeyStore::ckDispose(jks)
ProcedureReturn
EndIf
; Find out how many of each type of entry:
numTrustedCerts.i = CkJavaKeyStore::ckNumTrustedCerts(jks)
numPrivateKeys.i = CkJavaKeyStore::ckNumPrivateKeys(jks)
cert.i = CkCert::ckCreate()
If cert.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
alias.s
; For each trusted certificate, access it by getting
; it as a cert object. Also get the alias associated with the certificate.
Debug "Trusted Certs:"
i.i = 0
While i < numTrustedCerts
success = CkJavaKeyStore::ckTrustedCertAt(jks,i,cert)
Debug CkJavaKeyStore::ckGetTrustedCertAlias(jks,i) + ": " + CkCert::ckSubjectDN(cert)
i = i + 1
Wend
privKey.i = CkPrivateKey::ckCreate()
If privKey.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
certChain.i = CkCertChain::ckCreate()
If certChain.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
; For each private key entry, get the private key and
; the associated certificate chain.
; Each private key is password protected. Usually it is the same
; password as used for the keyed digest of the entire JKS.
; However, this does not have to be. The password is passed
; here to handle the possibility of each private key requiring
; a different password.
Debug "Private Keys:"
i = 0
While i < numPrivateKeys
CkJavaKeyStore::ckPrivateKeyAt(jks,"jksFilePassword",i,privKey)
Debug CkJavaKeyStore::ckGetPrivateKeyAlias(jks,i)
CkJavaKeyStore::ckCertChainAt(jks,i,certChain)
; The 1st certificate in the chain is the one associated with the private key.
CkCertChain::ckCertAt(certChain,0,cert)
Debug CkCert::ckSubjectDN(cert)
i = i + 1
Wend
CkJavaKeyStore::ckDispose(jks)
CkCert::ckDispose(cert)
CkPrivateKey::ckDispose(privKey)
CkCertChain::ckDispose(certChain)
ProcedureReturn
EndProcedure