List of usage examples for java.security KeyStore getDefaultType
public static final String getDefaultType()
From source file:iracing.webapi.IracingWebApi.java
private void installCerts() throws Exception { String host = "members.iracing.com"; int port = 443; char[] password = CERT_STORE_PASSWORD.toCharArray(); File file = new File("jssecacerts"); if (!file.isFile()) { char seperator = File.separatorChar; File dir = new File(System.getProperty("java.home") + seperator + "lib" + seperator + "security"); file = new File(dir, "jssecacerts"); if (!file.isFile()) { file = new File(dir, "cacerts"); }// www .jav a 2 s.c om } KeyStore ks; InputStream in = new FileInputStream(file); ks = KeyStore.getInstance(KeyStore.getDefaultType()); try { ks.load(in, password); } catch (Exception e) { } in.close(); SSLContext context = SSLContext.getInstance("TLS"); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(ks); X509TrustManager defaultTrustManager = (X509TrustManager) tmf.getTrustManagers()[0]; SavingTrustManager tm = new SavingTrustManager(defaultTrustManager); context.init(null, new TrustManager[] { tm }, null); SSLSocketFactory factory = context.getSocketFactory(); SSLSocket socket = null; try { socket = (SSLSocket) factory.createSocket(host, port); socket.setSoTimeout(10000); socket.startHandshake(); } catch (Exception e) { //e.printStackTrace(); } finally { if (socket != null) socket.close(); } X509Certificate[] chain = tm.chain; if (chain == null) return; MessageDigest sha1 = MessageDigest.getInstance("SHA1"); MessageDigest md5 = MessageDigest.getInstance("MD5"); for (int i = 0; i < chain.length; i++) { X509Certificate cert = chain[i]; sha1.update(cert.getEncoded()); md5.update(cert.getEncoded()); } for (int count = 0; count < chain.length; count++) { X509Certificate cert = chain[count]; String alias = host + "-" + (count + 1); ks.setCertificateEntry(alias, cert); OutputStream out = new FileOutputStream("jssecacerts"); try { ks.store(out, password); } finally { out.close(); } } }
From source file:org.wso2.extension.siddhi.store.mongodb.util.MongoTableUtils.java
private static SocketFactory extractSocketFactory(String trustStore, String trustStorePassword, String keyStore, String keyStorePassword) { TrustManager[] trustManagers; KeyManager[] keyManagers;//from w ww .ja v a2s . co m try (InputStream trustStream = new FileInputStream(trustStore)) { char[] trustStorePass = trustStorePassword.toCharArray(); KeyStore trustStoreJKS = KeyStore.getInstance(KeyStore.getDefaultType()); trustStoreJKS.load(trustStream, trustStorePass); TrustManagerFactory trustFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustFactory.init(trustStoreJKS); trustManagers = trustFactory.getTrustManagers(); } catch (FileNotFoundException e) { throw new MongoTableException("Trust store file not found for secure connections to mongodb. " + "Trust Store file path : '" + trustStore + "'.", e); } catch (IOException e) { throw new MongoTableException( "I/O Exception in creating trust store for secure connections to mongodb. " + "Trust Store file path : '" + trustStore + "'.", e); } catch (CertificateException e) { throw new MongoTableException("Certificates in the trust store could not be loaded for secure " + "connections to mongodb. Trust Store file path : '" + trustStore + "'.", e); } catch (NoSuchAlgorithmException e) { throw new MongoTableException("The algorithm used to check the integrity of the trust store cannot be " + "found. Trust Store file path : '" + trustStore + "'.", e); } catch (KeyStoreException e) { throw new MongoTableException("Exception in creating trust store, no Provider supports aKeyStoreSpi " + "implementation for the specified type. Trust Store file path : '" + trustStore + "'.", e); } try (InputStream keyStream = new FileInputStream(keyStore)) { char[] keyStorePass = keyStorePassword.toCharArray(); KeyStore keyStoreJKS = KeyStore.getInstance(KeyStore.getDefaultType()); keyStoreJKS.load(keyStream, keyStorePass); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStoreJKS, keyStorePass); keyManagers = keyManagerFactory.getKeyManagers(); } catch (FileNotFoundException e) { throw new MongoTableException("Key store file not found for secure connections to mongodb. " + "Key Store file path : '" + keyStore + "'.", e); } catch (IOException e) { throw new MongoTableException( "I/O Exception in creating trust store for secure connections to mongodb. " + "Key Store file path : '" + keyStore + "'.", e); } catch (CertificateException e) { throw new MongoTableException("Certificates in the trust store could not be loaded for secure " + "connections to mongodb. Key Store file path : '" + keyStore + "'.", e); } catch (NoSuchAlgorithmException e) { throw new MongoTableException("The algorithm used to check the integrity of the trust store cannot be " + "found. Key Store file path : '" + keyStore + "'.", e); } catch (KeyStoreException e) { throw new MongoTableException( "Exception in creating trust store, no Provider supports aKeyStoreSpi " + "implementation for the specified type. Key Store file path : '" + keyStore + "'.", e); } catch (UnrecoverableKeyException e) { throw new MongoTableException( "Key in the keystore cannot be recovered. " + "Key Store file path : '" + keyStore + "'.", e); } try { SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(keyManagers, trustManagers, null); SSLContext.setDefault(sslContext); return sslContext.getSocketFactory(); } catch (KeyManagementException e) { throw new MongoTableException( "Error in validating the key in the key store/ trust store. " + "Trust Store file path : '" + trustStore + "'. " + "Key Store file path : '" + keyStore + "'.", e); } catch (NoSuchAlgorithmException e) { throw new MongoTableException( " SSL Algorithm used to create SSL Socket Factory for mongodb connections " + "is not found.", e); } }
From source file:edu.washington.shibboleth.attribute.resolver.provider.dataConnector.RwsDataConnector.java
/** * This sets the key managers that will be used for all TLS and SSL connections to the ldap. * /*from www . ja v a 2 s . c o m*/ * @see #clearCache() * @see #initializeHttpPool() * @see #setSslSocketFactory(SSLSocketFactory) * * @param kc <code>X509Credential</code> to create KeyManagers with */ public void setSslKeyManagers(X509Credential kc) { if (kc != null) { try { KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(null, null); keystore.setKeyEntry("ldap_tls_client_auth", kc.getPrivateKey(), "changeit".toCharArray(), kc.getEntityCertificateChain().toArray(new X509Certificate[0])); kmf.init(keystore, "changeit".toCharArray()); sslKeyManagers = kmf.getKeyManagers(); } catch (GeneralSecurityException e) { log.error("Error initializing key managers", e); } catch (IOException e) { log.error("Error initializing key managers", e); } } }
From source file:com.sat.vcse.automation.utils.http.HttpClient.java
private SSLContext getSSLContext() { final String METHOD_NAME = "getSSLContext(): "; SSLContext sslContext = null; try {/* w w w.java 2 s .c o m*/ //Get the TrustManager based on client truststore file presence or no final TrustManager[] trustManager = getTrustManagers(); // Configure the SSLContext object with the defined cryptoProtocol sslContext = SSLContext.getInstance(this.cryptoProtocol); if (this.isClientAuthEnabled) { // Load the Client Keystore final KeyManagerFactory kmf = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); final KeyStore clientKeystore = KeyStore.getInstance(KeyStore.getDefaultType()); InputStream keystoreis = null; //see if the file is present otherwise read from class path File keStoreFile = new File(this.keystore); if (keStoreFile.exists()) { keystoreis = new FileInputStream(keStoreFile); } else { LogHandler.warn("File not found, so trying to read it from class path now"); keystoreis = HttpClient.class.getResourceAsStream(this.keystore); } clientKeystore.load(keystoreis, this.keystorePasswd.toCharArray()); kmf.init(clientKeystore, this.keystorePasswd.toCharArray()); // Configure the SSLContext object with the Keystore, Truststore and random data sslContext.init(kmf.getKeyManagers(), trustManager, new SecureRandom()); } else { // Configure the SSLContext object with the only a Truststore and random data sslContext.init(null, trustManager, new SecureRandom()); } } catch (Exception exp) { LogHandler.error(CLASS_NAME + METHOD_NAME + exp.getMessage()); throw new CoreRuntimeException(exp, CLASS_NAME + METHOD_NAME + exp.getMessage()); } return sslContext; }
From source file:com.photon.phresco.framework.rest.api.util.FrameworkServiceUtil.java
public static void addCertificate(CertificateInfo info, File file) throws PhrescoException { char[] passphrase = "changeit".toCharArray(); InputStream inputKeyStore = null; OutputStream outputKeyStore = null; try {/* ww w .ja v a 2s .c o m*/ KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null); keyStore.setCertificateEntry(info.getDisplayName(), info.getCertificate()); if (!file.exists()) { file.getParentFile().mkdirs(); file.createNewFile(); } outputKeyStore = new FileOutputStream(file); keyStore.store(outputKeyStore, passphrase); } catch (Exception e) { throw new PhrescoException(e); } finally { Utility.closeStream(inputKeyStore); Utility.closeStream(outputKeyStore); } }
From source file:com.sat.vcse.automation.utils.http.HttpClient.java
private TrustManager[] getTrustManagers() throws NoSuchAlgorithmException, KeyStoreException, IOException, CertificateException { final InputStream truststoreis; TrustManager[] trustManager;// w w w .j a v a 2 s. c om if (StringUtils.isBlank(this.truststore) || StringUtils.isBlank(this.truststorePasswd)) { //This means we dont want certificate authentication of any type, however we want only encryption during https call trustManager = new TrustManager[] { new NoOpTrustManager() }; } else { // Load the Client Truststore final TrustManagerFactory tmf = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); final KeyStore truststore = KeyStore.getInstance(KeyStore.getDefaultType()); //see if the file is present otherwise read from class path File trustStoreFile = new File(this.truststore); if (trustStoreFile.exists()) { truststoreis = new FileInputStream(trustStoreFile); } else { LogHandler.warn("File not found, so trying to read it from class path now"); truststoreis = HttpClient.class.getResourceAsStream(this.truststore); } truststore.load(truststoreis, this.truststorePasswd.toCharArray()); tmf.init(truststore); trustManager = tmf.getTrustManagers(); truststoreis.close(); } return trustManager; }
From source file:org.apache.sling.discovery.etcd.EtcdDiscoveryService.java
@Nonnull private KeyStore loadKeyStore(@Nonnull String filePath, @Nullable char[] pwd) { InputStream is = null;// ww w.j a v a 2 s.c o m try { is = new FileInputStream(checkFile(new File(filePath))); KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(is, pwd); return keyStore; } catch (CertificateException e) { throw wrap(e); } catch (NoSuchAlgorithmException e) { throw wrap(e); } catch (KeyStoreException e) { throw wrap(e); } catch (IOException e) { throw wrap(e); } finally { IOUtils.closeQuietly(is); } }
From source file:controller.CCInstance.java
public KeyStore getDefaultKeystore() { if (null == defaultKs) { final InputStream fis = CCInstance.class.getResourceAsStream(KEYSTORE_PATH); defaultKs = null;/*w w w . j a va 2 s . co m*/ try { defaultKs = KeyStore.getInstance(KeyStore.getDefaultType()); defaultKs.load(fis, null); } catch (KeyStoreException | IOException | NoSuchAlgorithmException | CertificateException ex) { } } return defaultKs; }
From source file:ddf.test.itests.platform.TestSecurity.java
@Test public void testAllowedCipherSuites() throws Exception { String[] supportedCipherSuites = { "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" }; List<String> systemCipherSuites = Arrays.asList(System.getProperty("https.cipherSuites").split(",")); assertThat("Missing a supported cipher suite", systemCipherSuites, equalTo(Arrays.asList(supportedCipherSuites))); // Used to filter out cipher's that don't use our current key algorithm KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(new FileInputStream(KEY_STORE_PATH), "changeit".toCharArray()); String keyAlgorithm = keystore.getKey("localhost", "changeit".toCharArray()).getAlgorithm(); String url = SERVICE_ROOT.getUrl() + "/catalog/query?q=*&src=local"; CredentialsProvider credentialsProvider = createBasicAuth("admin", "admin"); for (String cipher : supportedCipherSuites) { if (cipher.contains("_" + keyAlgorithm + "_")) { HttpClient client = createHttpClient("TLSv1.2", new String[] { cipher }, credentialsProvider); assertBasicAuth(client, url, 200); }//from w ww . ja v a 2 s . c o m } }