List of usage examples for java.security KeyStore getInstance
public static KeyStore getInstance(String type) throws KeyStoreException
From source file:org.gw2InfoViewer.factories.HttpsConnectionFactory.java
public static HttpClient getHttpsClient(Certificate[] sslCertificate) { DefaultHttpClient httpClient;// ww w . j a v a2s . c o m httpClient = new DefaultHttpClient(); try { TrustManagerFactory tf = TrustManagerFactory.getInstance("X509"); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null); for (int i = 0; i < sslCertificate.length; i++) { ks.setCertificateEntry("StartCom" + i, sslCertificate[i]); } tf.init(ks); TrustManager[] tm = tf.getTrustManagers(); SSLContext sslCon = SSLContext.getInstance("SSL"); sslCon.init(null, tm, new SecureRandom()); SSLSocketFactory socketFactory = new SSLSocketFactory(ks); Scheme sch = new Scheme("https", 443, socketFactory); httpClient.getConnectionManager().getSchemeRegistry().register(sch); } catch (CertificateException | NoSuchAlgorithmException | KeyStoreException | IOException | KeyManagementException | UnrecoverableKeyException ex) { Logger.getLogger(HttpsConnectionFactory.class.getName()).log(Level.SEVERE, null, ex); } return httpClient; }
From source file:com.android.volley.toolbox.https.SslHttpClient.java
@Override protected ClientConnectionManager createClientConnectionManager() { SchemeRegistry registry = new SchemeRegistry(); PlainSocketFactory pfs = PlainSocketFactory.getSocketFactory(); Scheme s = new Scheme(HTTP_SCHEME, pfs, HTTP_DEFAULT_PORT); registry.register(s);// w ww.ja v a 2 s. co m ThreadSafeClientConnManager ret = null; try { KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(null, null); SSLSocketFactory sf = new MySSLSocketFactory(trustStore); sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); registry.register(new Scheme(HTTP_SSL_SCHEME, sf, mHttpsPort)); ret = new ThreadSafeClientConnManager(new BasicHttpParams(), registry); } catch (GeneralSecurityException e) { throw new IllegalStateException(e); } catch (IOException e) { e.printStackTrace(); } return ret; }
From source file:ch.cyberduck.core.ssl.CertificateStoreX509KeyManager.java
private synchronized KeyStore getKeystore() throws IOException { String type = null;/*w w w . j a v a2s. com*/ try { if (null == _keystore) { // Get the key manager factory for the default algorithm. final Preferences preferences = PreferencesFactory.get(); type = preferences.getProperty("connection.ssl.keystore.type"); if (log.isInfoEnabled()) { log.info(String.format("Load default store of type %s", type)); } if (null == type) { type = KeyStore.getDefaultType(); } final String provider = preferences.getProperty("connection.ssl.keystore.provider"); if (StringUtils.isBlank(provider)) { _keystore = KeyStore.getInstance(type); } else { _keystore = KeyStore.getInstance(type, provider); } // Load default key store _keystore.load(null, null); } } catch (Exception e) { try { log.error(String.format("Could not load default store of type %s", type), e); if (log.isInfoEnabled()) { log.info("Load default store of default type"); } _keystore = KeyStore.getInstance(KeyStore.getDefaultType()); _keystore.load(null, null); } catch (NoSuchAlgorithmException | KeyStoreException | CertificateException ex) { log.error(String.format("Initialization of key store failed. %s", e.getMessage())); throw new IOException(e); } } return _keystore; }
From source file:com.shekhargulati.reactivex.rxokhttp.SslCertificates.java
private SslCertificates(final Builder builder) throws SslCertificateException { if ((builder.caCertPath == null) || (builder.clientCertPath == null) || (builder.clientKeyPath == null)) { throw new SslCertificateException( "caCertPath, clientCertPath, and clientKeyPath must all be specified"); }//from ww w .j a v a2 s . c o m try { final CertificateFactory cf = CertificateFactory.getInstance("X.509"); final Certificate caCert = cf.generateCertificate(Files.newInputStream(builder.caCertPath)); final Certificate clientCert = cf.generateCertificate(Files.newInputStream(builder.clientCertPath)); final PEMKeyPair clientKeyPair = (PEMKeyPair) new PEMParser( Files.newBufferedReader(builder.clientKeyPath, Charset.defaultCharset())).readObject(); final PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec( clientKeyPair.getPrivateKeyInfo().getEncoded()); final KeyFactory kf = KeyFactory.getInstance("RSA"); final PrivateKey clientKey = kf.generatePrivate(spec); final KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(null, null); trustStore.setEntry("ca", new KeyStore.TrustedCertificateEntry(caCert), null); final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null, KEY_STORE_PASSWORD); keyStore.setCertificateEntry("client", clientCert); keyStore.setKeyEntry("key", clientKey, KEY_STORE_PASSWORD, new Certificate[] { clientCert }); this.sslContext = SSLContexts.custom().loadTrustMaterial(trustStore) .loadKeyMaterial(keyStore, KEY_STORE_PASSWORD).useTLS().build(); } catch (java.security.cert.CertificateException | IOException | NoSuchAlgorithmException | InvalidKeySpecException | KeyStoreException | UnrecoverableKeyException | KeyManagementException e) { throw new SslCertificateException(e); } }
From source file:com.zacwolf.commons.crypto._CRYPTOfactory.java
final public static KeyStore genNewKeyStore(final File keystorefile, final char[] keystorepass) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException { final KeyStore ks = KeyStore.getInstance(STORETYPE); ks.load((InputStream) null, keystorepass); final FileOutputStream out = new FileOutputStream(keystorefile); try {/*from ww w. j a va 2 s .c o m*/ ks.store(out, keystorepass); } finally { out.close(); } return ks; }
From source file:HttpsRequestDemo.java
private void registerSSLSocketFactory(HttpClient httpclient) throws Exception { KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); // E:\\cer\\cpic_jttp.keystore FileInputStream instream = new FileInputStream( new File("E:\\Program Files\\Java\\jdk1.7.0_21\\bin\\cpic_jttp.keystore")); try {// w w w . j ava 2s .c o m trustStore.load(instream, "cpicJttp".toCharArray()); } finally { instream.close(); } SSLSocketFactory socketFactory = new SSLSocketFactory(trustStore); Scheme sch = new Scheme("https", socketFactory, 443); httpclient.getConnectionManager().getSchemeRegistry().register(sch); }
From source file:net.di2e.ecdr.security.ssl.client.cxf.CxfSSLClientConfigurationImpl.java
@Override public void configurationUpdateCallback(Map<String, String> updatedConfiguration) { if (updatedConfiguration != null) { String keystore = updatedConfiguration.get(ConfigurationManager.KEY_STORE); String keystorePassword = updatedConfiguration.get(ConfigurationManager.KEY_STORE_PASSWORD); KeyManager[] keyManagers = null; if (StringUtils.isNotBlank(keystore) && keystorePassword != null) { try { KeyManager manager = KeyManagerUtils.createClientKeyManager(new File(keystore), keystorePassword); keyManagers = new KeyManager[1]; keyManagers[0] = manager; } catch (IOException | GeneralSecurityException ex) { LOGGER.debug("Could not access keystore {}, using default java keystore.", keystore); }//from w w w . ja v a2 s. co m } String trustStoreLocation = updatedConfiguration.get(ConfigurationManager.TRUST_STORE); String trustStorePassword = updatedConfiguration.get(ConfigurationManager.TRUST_STORE_PASSWORD); TrustManager[] trustManagers = null; if (StringUtils.isNotBlank(trustStoreLocation) && trustStorePassword != null) { try (FileInputStream fis = new FileInputStream(trustStoreLocation)) { KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); try { trustStore.load(fis, StringUtils.isNotEmpty(trustStorePassword) ? trustStorePassword.toCharArray() : null); trustManagers = new TrustManager[1]; trustManagers[0] = TrustManagerUtils.getDefaultTrustManager(trustStore); } catch (IOException ioe) { LOGGER.debug("Could not load truststore {}, using default java truststore"); } } catch (IOException | GeneralSecurityException ex) { LOGGER.debug("Could not access truststore {}, using default java truststore.", trustStoreLocation); } } synchronized (tlsClientParameters) { LOGGER.debug( "Setting the CXF KeyManager and TrustManager based on the Platform Global Configuration values"); tlsClientParameters.setKeyManagers(keyManagers); tlsClientParameters.setTrustManagers(trustManagers); } } }
From source file:org.surveydroid.android.coms.SDHttpClient.java
private SSLSocketFactory newSslSocketFactory() { try {/*from ww w . j a va 2s.c om*/ KeyStore trusted = KeyStore.getInstance("BKS"); InputStream in = ctxt.getResources().openRawResource(R.raw.sd_keystore); try { trusted.load(in, PASSWORD.toCharArray()); } catch (CertificateException e) { Util.e(null, TAG, "Cert Exception: " + Util.fmt(e)); throw new AssertionError(e); } finally { in.close(); } SSLSocketFactory sf = new SSLSocketFactory(trusted); //TODO look into this sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); return sf; } catch (Exception e) { Util.e(ctxt, TAG, Util.fmt(e)); throw new AssertionError(e); } }
From source file:projekat.rest_client.RestTemplateFactory.java
@Override public void afterPropertiesSet() { fillTypesForRestService();// w ww . jav a 2 s .c o m //za potrebe testirnja if (rest_keystore == null || "".equals(rest_keystore)) { rest_keystore = "/etc/keystores/nst2.jks"; rest_keystore_password = "changeit"; res_host_port = "8443"; rest_hostname = "localhost"; } InputStream keyStoreInputStream = null; try { keyStoreInputStream = new FileInputStream(rest_keystore); if (keyStoreInputStream == null) { throw new FileNotFoundException(""); } final KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); try { trustStore.load(keyStoreInputStream, rest_keystore_password.toCharArray()); } finally { keyStoreInputStream.close(); } SSLContext sslcontext = SSLContexts.custom() .loadTrustMaterial(trustStore, new TrustSelfSignedStrategy()).build(); // Allow TLSv1 protocol only SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext, new String[] { "TLSv1" }, null, SSLConnectionSocketFactory.getDefaultHostnameVerifier()); CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(sslsf).build(); auth = new HttpComponentsClientHttpRequestFactoryBasicAuth( new HttpHost(rest_hostname, Integer.parseInt(res_host_port), "https"), httpClient); auth.setConnectTimeout(60000); auth.setReadTimeout(180000); restTemplate = new RestTemplate(auth); } catch (KeyStoreException | IOException | NoSuchAlgorithmException | CertificateException | KeyManagementException ex) { Logger.getLogger(RestTemplateFactory.class.getName()).log(Level.SEVERE, null, ex); } finally { try { keyStoreInputStream.close(); } catch (Exception ex) { Logger.getLogger(RestTemplateFactory.class.getName()).log(Level.SEVERE, null, ex); } } }
From source file:psiprobe.controllers.certificates.ListCertificatesController.java
/** * Gets the certificates./*w w w . ja v a 2 s . c om*/ * * @param storeType the store type * @param storeFile the store file * @param storePassword the store password * @return the certificates * @throws Exception the exception */ public List<Cert> getCertificates(String storeType, String storeFile, String storePassword) throws Exception { KeyStore keyStore; // Get key store if (storeType != null) { keyStore = KeyStore.getInstance(storeType); } else { keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); } // Get password char[] password = null; if (storePassword != null) { password = storePassword.toCharArray(); } // Load key store from file try (InputStream storeInput = getStoreInputStream(storeFile)) { keyStore.load(storeInput, password); } catch (IOException e) { logger.error("Error loading store file {}", storeFile, e); return null; } List<Cert> certs = new ArrayList<>(); for (String alias : Collections.list(keyStore.aliases())) { Certificate[] certificateChains = keyStore.getCertificateChain(alias); if (certificateChains != null) { for (Certificate certificateChain : certificateChains) { X509Certificate x509Cert = (X509Certificate) certificateChain; addToStore(certs, alias, x509Cert); } } else { X509Certificate x509Cert = (X509Certificate) keyStore.getCertificate(alias); addToStore(certs, alias, x509Cert); } } return certs; }