Example usage for java.security KeyStore getInstance

List of usage examples for java.security KeyStore getInstance

  1. HOME
  2. Java
  3. java
  4. java.security.*
  5. KeyStore
  6. getInstance

Introduction

In this page you can find the example usage for java.security KeyStore getInstance.

Prototype

public static KeyStore getInstance(String type) throws KeyStoreException

Source Link

Document

Returns a keystore object of the specified type.

Usage

From source file:org.qi4j.library.http.AbstractSecureJettyTest.java

@Before
public void beforeSecure() throws GeneralSecurityException, IOException {
    // Trust HTTP Client
    KeyStore truststore = KeyStore.getInstance("JCEKS");
    truststore.load(new FileInputStream(TRUSTSTORE_FILE), KS_PASSWORD.toCharArray());

    AllowAllHostnameVerifier verifier = new AllowAllHostnameVerifier();

    DefaultHttpClient trustClient = new DefaultHttpClient();
    SSLSocketFactory trustSslFactory = new SSLSocketFactory(truststore);
    trustSslFactory.setHostnameVerifier(verifier);
    SchemeRegistry trustSchemeRegistry = trustClient.getConnectionManager().getSchemeRegistry();
    trustSchemeRegistry.unregister(HTTPS);
    trustSchemeRegistry.register(new Scheme(HTTPS, HTTPS_PORT, trustSslFactory));
    trustHttpClient = trustClient;/*from  ww w . j  av  a 2s.co m*/

    // Mutual HTTP Client
    KeyStore keystore = KeyStore.getInstance("JCEKS");
    keystore.load(new FileInputStream(CLIENT_KEYSTORE_FILE), KS_PASSWORD.toCharArray());

    DefaultHttpClient mutualClient = new DefaultHttpClient();
    SSLSocketFactory mutualSslFactory = new SSLSocketFactory(keystore, KS_PASSWORD, truststore);
    mutualSslFactory.setHostnameVerifier(verifier);
    SchemeRegistry mutualSchemeRegistry = mutualClient.getConnectionManager().getSchemeRegistry();
    mutualSchemeRegistry.unregister(HTTPS);
    mutualSchemeRegistry.register(new Scheme(HTTPS, HTTPS_PORT, mutualSslFactory));
    mutualHttpClient = mutualClient;
}

From source file:io.cloudslang.content.httpclient.build.conn.SSLConnectionSocketFactoryBuilder.java

protected KeyStore createKeyStore(final URL url, final String password)
        throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
    if (url == null) {
        throw new IllegalArgumentException("Keystore url may not be null");
    }// ww w  .j av  a2  s . c  om
    KeyStore keystore = KeyStore.getInstance("jks");
    InputStream is = null;
    try {
        is = url.openStream();
        keystore.load(is, password != null ? password.toCharArray() : null);
    } finally {
        if (is != null)
            is.close();
    }
    return keystore;
}

From source file:jp.pigumer.mqtt.Client.java

Optional<KeyStore> loadKeyStore() {
    X509Certificate cert;/* w  w w. jav  a 2s.  c om*/

    if (caFile == null) {
        return Optional.empty();
    }
    try (InputStream is = caFile.getInputStream()) {
        InputStreamReader isr = new InputStreamReader(is);
        PEMParser parser = new PEMParser(isr);
        X509CertificateHolder holder = (X509CertificateHolder) parser.readObject();
        cert = new JcaX509CertificateConverter().getCertificate(holder);
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        keyStore.setCertificateEntry("ca", cert);
        return Optional.of(keyStore);
    } catch (Exception e) {
        LOGGER.log(Level.SEVERE, "failed load", e);
        return Optional.empty();
    }
}

From source file:edu.internet2.middleware.subject.provider.LdapPEMSocketFactory.java

protected void initManagers() {

    // trust managers
    try {//  www.j ava 2s . c om
        X509Certificate cert = null;
        if (caFilename != null)
            cert = readCertificate(caFilename);
        KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
        ks.load(null, null);
        ks.setCertificateEntry("CACERT", cert);
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        tmf.init(ks);
        trustManagers = tmf.getTrustManagers();
    } catch (Exception e) {
        log.error("ldap source cacert error: " + e);
    }

    // key managers
    if (certFilename != null && keyFilename != null) {
        char[] pw = new char[] { 0 };

        try {
            X509Certificate cert = readCertificate(certFilename);
            PKCS1 pkcs = new PKCS1();
            PrivateKey key = pkcs.readKey(keyFilename);
            KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
            ks.load(null, null);
            X509Certificate[] chain = new X509Certificate[1];
            chain[0] = cert;
            ks.setKeyEntry("CERT", (Key) key, pw, chain);

            KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            kmf.init(ks, pw);
            keyManagers = kmf.getKeyManagers();
        } catch (Exception e) {
            log.error("ldap source cert/key error: " + e);
        }
    }

}

From source file:org.openiot.gsn.http.ac.GSNClient.java

public GSNClient(String host, int gsnhttpport, int gsnhttpsport) {
    this.host = host;
    this.gsnhttpport = gsnhttpport;
    this.gsnhttpsport = gsnhttpsport;
    httpclient = new DefaultHttpClient();
    FileInputStream instream = null;
    try {/*from   ww  w .  j  a va 2s  .com*/
        this.trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
        instream = new FileInputStream(new File("conf/clienttestkeystore"));
        this.trustStore.load(instream, "changeit".toCharArray());
        SSLSocketFactory socketFactory = new SSLSocketFactory(trustStore);
        socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        Scheme sch = new Scheme("https", socketFactory, gsnhttpsport);
        Scheme plainsch = new Scheme("http", PlainSocketFactory.getSocketFactory(), gsnhttpport);
        httpclient.getConnectionManager().getSchemeRegistry().register(sch);
        httpclient.getConnectionManager().getSchemeRegistry().register(plainsch);

    } catch (KeyStoreException e) {

        logger.error("ERROR IN GSNCLIENT : Exception while creating trustStore :");
        logger.error(e.getMessage(), e);
    } catch (FileNotFoundException e) {
        logger.error("ERROR IN GSNCLIENT : FileInputStream exception :");
        logger.error(e.getMessage(), e);
    } catch (Exception e) {
        logger.error("ERROR IN GSNCLIENT : Exception while loading truststore :");
        logger.error(e.getMessage(), e);
    } finally {
        try {
            if (instream != null) {
                instream.close();
            }
        } catch (Exception e) {
        }
    }
}

From source file:com.shwy.bestjoy.utils.AndroidHttpClient.java

/**
 * Create a new HttpClient with reasonable defaults (which you can update).
 *
 * @param userAgent to report in your HTTP requests.
 * @return AndroidHttpClient for you to use for all your requests.
 *///from  w ww. j a va 2  s .  c o  m
public static HttpClient newInstance(String userAgent) {

    try {
        KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
        trustStore.load(null, null);
        SSLSocketFactory sslSocketFactory = new SSLSocketFactoryEx(trustStore);
        sslSocketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        HttpParams params = new BasicHttpParams();

        // Turn off stale checking.  Our connections break all the time anyway,
        // and it's not worth it to pay the penalty of checking every time.
        HttpConnectionParams.setStaleCheckingEnabled(params, false);

        // Default connection and socket timeout of 20 seconds.  Tweak to taste.
        HttpConnectionParams.setConnectionTimeout(params, 60 * 1000);
        HttpConnectionParams.setSoTimeout(params, 60 * 1000);
        HttpConnectionParams.setSocketBufferSize(params, 8192);

        // Don't handle redirects -- return them to the caller.  Our code
        // often wants to re-POST after a redirect, which we must do ourselves.
        HttpClientParams.setRedirecting(params, true);

        // Set the specified user agent and register standard protocols.
        HttpProtocolParams.setUserAgent(params, userAgent);
        HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
        HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);

        SchemeRegistry schemeRegistry = new SchemeRegistry();
        schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
        schemeRegistry.register(new Scheme("https", sslSocketFactory, 443));
        ClientConnectionManager manager = new ThreadSafeClientConnManager(params, schemeRegistry);
        // We use a factory method to modify superclass initialization
        // parameters without the funny call-a-static-method dance.
        return new AndroidHttpClient(manager, params);
    } catch (KeyStoreException e) {
        e.printStackTrace();
    } catch (CertificateException e) {
        e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (IOException e) {
        e.printStackTrace();
    } catch (UnrecoverableKeyException e) {
        e.printStackTrace();
    } catch (KeyManagementException e) {
        e.printStackTrace();
    }

    return new DefaultHttpClient();

}

From source file:biz.mosil.webtools.MosilSSLSocketFactory.java

public static HttpClient getHttpClient(HttpParams _params) {
    try {//  w  ww .  jav a 2 s .  c  om
        KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
        trustStore.load(null, null);

        SSLSocketFactory factory = new MosilSSLSocketFactory(trustStore);
        factory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

        HttpProtocolParams.setVersion(_params, HttpVersion.HTTP_1_1);
        HttpProtocolParams.setContentCharset(_params, HTTP.UTF_8);

        SchemeRegistry registry = new SchemeRegistry();
        registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), MosilWebConf.HTTP_PORT));
        registry.register(new Scheme("https", factory, MosilWebConf.SSL_PORT));

        ClientConnectionManager clientConnectionManager = new ThreadSafeClientConnManager(_params, registry);

        return new DefaultHttpClient(clientConnectionManager, _params);

    } catch (Exception _ex) {
        return new DefaultHttpClient();
    }
}

From source file:de.betterform.connector.http.ssl.BetterFORMKeyStoreManager.java

private X509KeyManager getCustomX509KeyManager(final URL url, final String password)
        throws NoSuchAlgorithmException, KeyStoreException, IOException, CertificateException,
        UnrecoverableKeyException {
    KeyManagerFactory keyManagerFactory = KeyManagerFactory
            .getInstance(KeyManagerFactory.getDefaultAlgorithm());
    if (url == null) {
        throw new IllegalArgumentException("BetterFORMKeyStoreManager: Keystore url may not be null");
    }//from  ww w .j av a 2  s  . c o  m

    LOGGER.debug("BetterFORMKeyStoreManager: initializing custom key store");
    KeyStore customKeystore = KeyStore.getInstance(KeyStore.getDefaultType());
    InputStream is = null;
    try {
        is = url.openStream();
        customKeystore.load(is, password != null ? password.toCharArray() : null);
    } finally {
        if (is != null)
            is.close();
    }

    if (LOGGER.isTraceEnabled()) {
        Enumeration aliases = customKeystore.aliases();
        while (aliases.hasMoreElements()) {
            String alias = (String) aliases.nextElement();
            LOGGER.trace("Trusted certificate '" + alias + "':");
            Certificate trustedcert = customKeystore.getCertificate(alias);
            if (trustedcert != null && trustedcert instanceof X509Certificate) {
                X509Certificate cert = (X509Certificate) trustedcert;
                LOGGER.trace("  Subject DN: " + cert.getSubjectDN());
                LOGGER.trace("  Signature Algorithm: " + cert.getSigAlgName());
                LOGGER.trace("  Valid from: " + cert.getNotBefore());
                LOGGER.trace("  Valid until: " + cert.getNotAfter());
                LOGGER.trace("  Issuer: " + cert.getIssuerDN());
            }
        }
    }
    keyManagerFactory.init(customKeystore, password.toCharArray());

    KeyManager[] customX509KeyManagers = keyManagerFactory.getKeyManagers();
    if (customX509KeyManagers != null && customX509KeyManagers.length > 0) {
        for (int i = 0; i < customX509KeyManagers.length; i++) {
            if (customX509KeyManagers[i] instanceof X509KeyManager) {
                return (X509KeyManager) customX509KeyManagers[i];
            }
        }
    }

    return null;
}

From source file:org.syslog_ng.elasticsearch_v2.client.http.ESHttpsClient.java

private KeyStore createKeyStore() {
    KeyStore keyStore;/*from  w w w . j  a va 2  s  . c  o m*/
    try {
        keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    } catch (KeyStoreException e) {
        throw new ESHttpsClient.HttpClientBuilderException("Error initializing keyStore", e);
    }
    return keyStore;
}