List of usage examples for java.security KeyStore getDefaultType
public static final String getDefaultType()
From source file:com.longle1.facedetection.TimedAsyncHttpResponseHandler.java
public void executePut(String putURL, RequestParams params, byte[] bb) { try {//from w w w . ja v a 2 s.c om AsyncHttpClient client = new AsyncHttpClient(); ByteArrayEntity bae = null; bae = new ByteArrayEntity(bb); bae.setContentType(new BasicHeader(HTTP.CONTENT_TYPE, "application/octet-stream")); // Add SSL KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(mContext.getResources().openRawResource(R.raw.truststore), "changeit".toCharArray()); SSLSocketFactory sf = new SSLSocketFactory(trustStore); client.setSSLSocketFactory(sf); client.setTimeout(30000); client.put(null, putURL + "?" + params.toString(), bae, null, this); } catch (Exception e) { e.printStackTrace(); } Log.i("executePut", "done"); }
From source file:com.shalzz.attendance.wrapper.MySSLSocketFactory.java
/** * Gets a KeyStore containing the Certificate * // w ww. j av a 2 s . c om * @param cert InputStream of the Certificate * @return KeyStore */ public static KeyStore getKeystoreOfCA(InputStream cert) { // Load CAs from an InputStream InputStream caInput = null; Certificate ca = null; try { CertificateFactory cf = CertificateFactory.getInstance("X.509"); caInput = new BufferedInputStream(cert); ca = cf.generateCertificate(caInput); } catch (CertificateException e1) { e1.printStackTrace(); } finally { try { caInput.close(); } catch (IOException e) { e.printStackTrace(); } } // Create a KeyStore containing our trusted CAs String keyStoreType = KeyStore.getDefaultType(); KeyStore keyStore = null; try { keyStore = KeyStore.getInstance(keyStoreType); keyStore.load(null, null); keyStore.setCertificateEntry("ca", ca); } catch (Exception e) { e.printStackTrace(); } return keyStore; }
From source file:org.ops4j.pax.web.itest.base.client.HttpComponentsWrapper.java
private CloseableHttpClient createHttpClient() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, KeyManagementException { HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); SSLConnectionSocketFactory sslsf = null; try {/* www . jav a 2s .co m*/ FileInputStream instream = new FileInputStream(new File(keyStore)); try { trustStore.load(instream, "password".toCharArray()); } finally { // CHECKSTYLE:OFF try { instream.close(); } catch (Exception ignore) { } // CHECKSTYLE:ON } SSLContext sslContext = SSLContexts.custom().useTLS().loadTrustMaterial(trustStore).build(); sslsf = new SSLConnectionSocketFactory(sslContext, (X509HostnameVerifier) hostnameVerifier); } catch (FileNotFoundException e) { LOG.error("Error preparing SSL for testing. Https will not be available.", e); } PlainConnectionSocketFactory plainsf = PlainConnectionSocketFactory.getSocketFactory(); RegistryBuilder<ConnectionSocketFactory> rb = RegistryBuilder.<ConnectionSocketFactory>create() .register("http", plainsf); if (sslsf != null) { rb.register("https", sslsf); } Registry<ConnectionSocketFactory> registry = rb.build(); PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(registry); return HttpClients.custom().setConnectionManager(cm).build(); }
From source file:com.brobwind.brodm.NetworkUtils.java
public static synchronized HttpClient getHttpClient(int port, int securePort, Callback callback) { try {//from w w w. j av a2 s . c o m KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(null, null); SSLSocketFactory factory = new MySSLSocketFactory(trustStore, callback); factory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); HttpParams params = new BasicHttpParams(); HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); HttpProtocolParams.setContentCharset(params, HTTP.DEFAULT_CONTENT_CHARSET); HttpProtocolParams.setUseExpectContinue(params, true); ConnManagerParams.setTimeout(params, 10000); HttpConnectionParams.setConnectionTimeout(params, 10000); HttpConnectionParams.setSoTimeout(params, 100000); SchemeRegistry reg = new SchemeRegistry(); reg.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), port)); reg.register(new Scheme("https", factory, securePort)); ClientConnectionManager connManager = new ThreadSafeClientConnManager(params, reg); return new DefaultHttpClient(connManager, params); } catch (Exception e) { e.printStackTrace(); } return new DefaultHttpClient(); }
From source file:org.commonjava.indy.httprox.ProxyHttpsTest.java
protected KeyStore getTrustStore(File jks) throws Exception { KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); try (FileInputStream instream = new FileInputStream(jks)) { trustStore.load(instream, "passwd".toCharArray()); }/*from w w w .j av a 2s .c o m*/ return trustStore; }
From source file:org.kontalk.client.ClientHTTPConnection.java
public static SSLSocketFactory setupSSLSocketFactory(Context context, PrivateKey privateKey, X509Certificate certificate, boolean acceptAnyCertificate) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, KeyManagementException, UnrecoverableKeyException, NoSuchProviderException { // in-memory keystore KeyManager[] km = null;/*ww w. j ava2s . c om*/ if (privateKey != null && certificate != null) { KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(null, null); keystore.setKeyEntry("private", privateKey, null, new Certificate[] { certificate }); // key managers KeyManagerFactory kmFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmFactory.init(keystore, null); km = kmFactory.getKeyManagers(); } // trust managers TrustManager[] tm; if (acceptAnyCertificate) { tm = new TrustManager[] { new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } } }; } else { // load merged truststore (system + internal) KeyStore trustStore = InternalTrustStore.getTrustStore(context); // builtin keystore TrustManagerFactory tmFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmFactory.init(trustStore); tm = tmFactory.getTrustManagers(); } SSLContext ctx = SSLContext.getInstance("TLSv1"); ctx.init(km, tm, null); return new TlsOnlySocketFactory(ctx.getSocketFactory(), true); }
From source file:org.computerist.ssltools.zap.ZapSslCertificateUtils.java
/** * Creates a new Root CA certificate and returns private and public key as * {@link KeyStore}. The {@link KeyStore#getDefaultType()} is used. * * @return/*from w ww . j a va2s . com*/ * @throws NoSuchAlgorithmException If no providers are found * for 'RSA' key pair generator * or 'SHA1PRNG' Secure random number generator * @throws IllegalStateException in case of errors during assembling {@link KeyStore} */ public static final KeyStore createRootCA() throws NoSuchAlgorithmException { final Date startDate = Calendar.getInstance().getTime(); final Date expireDate = new Date(startDate.getTime() + (DEFAULT_VALID_DAYS * 24L * 60L * 60L * 1000L)); final KeyPairGenerator g = KeyPairGenerator.getInstance("RSA"); g.initialize(2048, SecureRandom.getInstance("SHA1PRNG")); final KeyPair keypair = g.genKeyPair(); final PrivateKey privKey = keypair.getPrivate(); final PublicKey pubKey = keypair.getPublic(); Random rnd = new Random(); // using the hash code of the user's name and home path, keeps anonymity // but also gives user a chance to distinguish between each other X500NameBuilder namebld = new X500NameBuilder(BCStyle.INSTANCE); namebld.addRDN(BCStyle.CN, "OWASP Zed Attack Proxy Root CA"); namebld.addRDN(BCStyle.L, Integer.toHexString(System.getProperty("user.name").hashCode()) + Integer.toHexString(System.getProperty("user.home").hashCode())); namebld.addRDN(BCStyle.O, "OWASP Root CA"); namebld.addRDN(BCStyle.OU, "OWASP ZAP Root CA"); namebld.addRDN(BCStyle.C, "xx"); X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(namebld.build(), BigInteger.valueOf(rnd.nextInt()), startDate, expireDate, namebld.build(), pubKey); KeyStore ks = null; try { certGen.addExtension(X509Extension.subjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(pubKey)); certGen.addExtension(X509Extension.basicConstraints, true, new BasicConstraints(true)); certGen.addExtension(X509Extension.keyUsage, false, new KeyUsage(KeyUsage.keyCertSign | KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment | KeyUsage.cRLSign)); Vector<DERObject> eku = new Vector<>(3, 1); eku.add(KeyPurposeId.id_kp_serverAuth); eku.add(KeyPurposeId.id_kp_clientAuth); eku.add(KeyPurposeId.anyExtendedKeyUsage); certGen.addExtension(X509Extension.extendedKeyUsage, false, new ExtendedKeyUsage(eku)); final ContentSigner sigGen = new JcaContentSignerBuilder("SHA1WithRSAEncryption").setProvider("BC") .build(privKey); final X509Certificate cert = new JcaX509CertificateConverter().setProvider("BC") .getCertificate(certGen.build(sigGen)); ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null, null); ks.setKeyEntry(FixedSslCertificateService.ZAPROXY_JKS_ALIAS, privKey, FixedSslCertificateService.PASSPHRASE, new Certificate[] { cert }); } catch (final Exception e) { throw new IllegalStateException("Errors during assembling root CA.", e); } return ks; }
From source file:org.kontalk.client.KontalkConnection.java
@SuppressLint("AllowAllHostnameVerifier") private static void setupSSL(XMPPTCPConnectionConfiguration.Builder builder, boolean direct, PrivateKey privateKey, X509Certificate bridgeCert, boolean acceptAnyCertificate, KeyStore trustStore) { try {//from ww w .j a v a 2 s . co m SSLContext ctx = SSLContext.getInstance("TLS"); KeyManager[] km = null; if (privateKey != null && bridgeCert != null) { // in-memory keystore KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(null, null); keystore.setKeyEntry("private", privateKey, null, new Certificate[] { bridgeCert }); // key managers KeyManagerFactory kmFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmFactory.init(keystore, null); km = kmFactory.getKeyManagers(); // disable PLAIN mechanism if not upgrading from legacy if (!LegacyAuthentication.isUpgrading()) { // blacklist PLAIN mechanism SASLAuthentication.blacklistSASLMechanism("PLAIN"); } } // trust managers TrustManager[] tm; if (acceptAnyCertificate) { tm = new TrustManager[] { new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return null; } @SuppressLint("TrustAllX509TrustManager") @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @SuppressLint("TrustAllX509TrustManager") @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } } }; builder.setHostnameVerifier(new AllowAllHostnameVerifier()); } else { // builtin keystore TrustManagerFactory tmFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmFactory.init(trustStore); tm = tmFactory.getTrustManagers(); } ctx.init(km, tm, null); builder.setCustomSSLContext(ctx); if (direct) builder.setSocketFactory(ctx.getSocketFactory()); // SASL EXTERNAL is already enabled in Smack } catch (Exception e) { Log.w(TAG, "unable to setup SSL connection", e); } }
From source file:org.mycontroller.restclient.core.RestHttpClient.java
private CloseableHttpClient getHttpClientTrustAll() { SSLContextBuilder builder = new SSLContextBuilder(); try {/*from www.ja v a2 s. co m*/ KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); builder.loadTrustMaterial(keyStore, new TrustStrategy() { @Override public boolean isTrusted(X509Certificate[] trustedCert, String nameConstraints) throws CertificateException { return true; } }); SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(builder.build(), new AnyHostnameVerifier()); return HttpClients.custom().setSSLSocketFactory(sslsf).setDefaultRequestConfig(customRequestConfig) .build(); } catch (Exception ex) { _logger.error("Exception, ", ex); throw new RuntimeException("Unable to create trust ANY http client. Error: " + ex.getMessage()); } }
From source file:org.codice.ddf.spatial.ogc.catalog.common.TestTrustedRemoteSource.java
private static KeyStore createKeyStore(String path, String password) { KeyStore keyStore = null;/*from w ww. jav a 2 s. com*/ File keyStoreFile = new File(path); FileInputStream fis = null; if (StringUtils.isNotBlank(password)) { try { keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); fis = new FileInputStream(keyStoreFile); keyStore.load(fis, password.toCharArray()); } catch (Exception e) { LOGGER.warn("Could not load keystore from {} with password {}", path, password); } finally { IOUtils.closeQuietly(fis); } } return keyStore; }