Example usage for java.security KeyStore load

List of usage examples for java.security KeyStore load

  1. HOME
  2. Java
  3. java
  4. java.security.*
  5. KeyStore
  6. load

Introduction

In this page you can find the example usage for java.security KeyStore load.

Prototype

public final void load(InputStream stream, char[] password)
        throws IOException, NoSuchAlgorithmException, CertificateException

Source Link

Document

Loads this KeyStore from the given input stream.

Usage

From source file:com.shekhargulati.reactivex.rxokhttp.SslCertificates.java

private SslCertificates(final Builder builder) throws SslCertificateException {
    if ((builder.caCertPath == null) || (builder.clientCertPath == null) || (builder.clientKeyPath == null)) {
        throw new SslCertificateException(
                "caCertPath, clientCertPath, and clientKeyPath must all be specified");
    }//from  ww  w  . ja  va2  s  . c o m

    try {
        final CertificateFactory cf = CertificateFactory.getInstance("X.509");
        final Certificate caCert = cf.generateCertificate(Files.newInputStream(builder.caCertPath));
        final Certificate clientCert = cf.generateCertificate(Files.newInputStream(builder.clientCertPath));

        final PEMKeyPair clientKeyPair = (PEMKeyPair) new PEMParser(
                Files.newBufferedReader(builder.clientKeyPath, Charset.defaultCharset())).readObject();

        final PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(
                clientKeyPair.getPrivateKeyInfo().getEncoded());
        final KeyFactory kf = KeyFactory.getInstance("RSA");
        final PrivateKey clientKey = kf.generatePrivate(spec);

        final KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
        trustStore.load(null, null);
        trustStore.setEntry("ca", new KeyStore.TrustedCertificateEntry(caCert), null);

        final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, KEY_STORE_PASSWORD);
        keyStore.setCertificateEntry("client", clientCert);
        keyStore.setKeyEntry("key", clientKey, KEY_STORE_PASSWORD, new Certificate[] { clientCert });

        this.sslContext = SSLContexts.custom().loadTrustMaterial(trustStore)
                .loadKeyMaterial(keyStore, KEY_STORE_PASSWORD).useTLS().build();
    } catch (java.security.cert.CertificateException | IOException | NoSuchAlgorithmException
            | InvalidKeySpecException | KeyStoreException | UnrecoverableKeyException
            | KeyManagementException e) {
        throw new SslCertificateException(e);
    }
}

From source file:fi.helsinki.moodi.config.OodiConfig.java

private KeyStore oodiKeyStore(String keystoreLocation, char[] keystorePassword) throws Exception {
    KeyStore keyStore = KeyStore.getInstance("PKCS12");
    FileSystemResource keystoreFile = new FileSystemResource(new File(keystoreLocation));

    keyStore.load(keystoreFile.getInputStream(), keystorePassword);
    return keyStore;
}

From source file:mobisocial.musubi.util.CertifiedHttpClient.java

private SSLSocketFactory newSslSocketFactory() {
    try {/* ww w.  j a v  a 2s.  c o  m*/
        KeyStore trusted = KeyStore.getInstance("BKS");
        InputStream in = mContext.getResources().openRawResource(R.raw.servercertificates);
        try {
            trusted.load(in, "ez24get".toCharArray());
        } finally {
            in.close();
        }
        SSLSocketFactory sf = new SSLSocketFactory(trusted);
        //don't check the host name because we are doing funny redirects.  the
        //actual cert is good enough because it is bundled.
        sf.setHostnameVerifier(new AllowAllHostnameVerifier());
        return sf;
    } catch (Exception e) {
        throw new AssertionError(e);
    }
}

From source file:energy.usef.environment.tool.security.KeystoreService.java

/**
 * Creates a NaCl secret key in the local key store ( {@link Config#USEF_HOME_FOLDER} / {@link Config#USEF_CONFIGURATION_FOLDER}
 * / {@link Config#KEYSTORE_FILENAME}). Creates the key store if it does not exist.
 *
 * @param seed Password/*from   ww  w  . j  a  v  a2s . co m*/
 * @return the associate public key.
 */
public byte[] createSecretKey(String seed) {
    if (seed == null) {
        throw new IllegalArgumentException("A seed must be provided in order to create keys!");
    }

    byte[] publicKey = new byte[32];
    byte[] privateKey = new byte[64];

    NaCl.sodium().crypto_sign_ed25519_seed_keypair(publicKey, privateKey, seed.getBytes(UTF_8));
    SecretKey secretKey = new SecretKeySpec(privateKey, ALGORITHM);

    char[] ksPassword = toCharArray(keystorePassword);
    char[] ksKeyPassword = toCharArray(keystorePKPassword);

    try {
        createNewStoreIfNeeded(keystoreFilename, ksPassword);
    } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
        throw new RuntimeException(e.getMessage(), e);
    }

    try (InputStream is = new FileInputStream(keystoreFilename)) {
        KeyStore ks = KeyStore.getInstance(JCEKS);
        ks.load(is, ksPassword);

        SecretKeyEntry secretKeyEntry = new SecretKeyEntry(secretKey);
        ProtectionParameter protectionParameter = new KeyStore.PasswordProtection(ksKeyPassword);

        ks.setEntry(keystorePKAlias, secretKeyEntry, protectionParameter);
        try (OutputStream os = new FileOutputStream(keystoreFilename)) {
            ks.store(os, ksPassword);
        }

    } catch (KeyStoreException | IOException | NoSuchAlgorithmException | CertificateException e) {
        throw new RuntimeException(e);
    }
    return publicKey;
}

From source file:oauth.commons.http.CommonsHttpOAuthProvider.java

public HttpClient getNewHttpClient() {
    try {// ww  w  .java 2s  .  c  om
        KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
        trustStore.load(null, null);

        SSLSocketFactory sf = new SSLSocketFactoryEx(trustStore);
        sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

        HttpParams params = new BasicHttpParams();
        HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
        HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);

        SchemeRegistry registry = new SchemeRegistry();
        registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
        registry.register(new Scheme("https", sf, 443));

        ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);

        return new DefaultHttpClient(ccm, params);
    } catch (Exception e) {
        return new DefaultHttpClient();
    }
}

From source file:dk.netarkivet.common.distribute.HTTPSRemoteFileRegistry.java

private HTTPSRemoteFileRegistry() {
    FileInputStream keyStoreInputStream = null;
    try {/*from   w ww .j  ava 2 s .  c o  m*/
        keyStoreInputStream = new FileInputStream(KEYSTORE_PATH);
        KeyStore store = KeyStore.getInstance(SUN_JCEKS_KEYSTORE_TYPE);
        store.load(keyStoreInputStream, KEYSTORE_PASSWORD.toCharArray());
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(SUN_X509_CERTIFICATE_ALGORITHM);
        kmf.init(store, KEY_PASSWORD.toCharArray());
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(SUN_X509_CERTIFICATE_ALGORITHM);
        tmf.init(store);
        sslContext = SSLContext.getInstance(SSL_PROTOCOL);
        sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(),
                SecureRandom.getInstance(SHA1_PRNG_RANDOM_ALGORITHM));
    } catch (GeneralSecurityException | IOException e) {
        throw new IOFailure("Unable to create secure environment for keystore '" + KEYSTORE_PATH + "'", e);
    } finally {
        IOUtils.closeQuietly(keyStoreInputStream);
    }
}

From source file:org.jasig.portal.security.provider.saml.SSLSecurityImpl.java

private void setSSLClientCredentials(PrivateKey pk, Certificate cert) throws KeyStoreException,
        NoSuchProviderException, NoSuchAlgorithmException, CertificateException, IOException {
    this.logger.info("Private key: [{}].", pk.toString());
    this.logger.info("Certificate: [{}].", cert.toString());
    KeyStore ks = KeyStore.getInstance("JKS", "SUN");
    ks.load(null, null);
    Certificate[] certificates = new Certificate[1];
    certificates[0] = cert;// w ww.j av a2s . c o m
    String keystorePass = UUID.randomUUID().toString();
    ks.setKeyEntry("sp", pk, keystorePass.toCharArray(), certificates);
    this.keyStore = ks;
    this.keyStorePass = keystorePass;
}

From source file:org.jasig.portal.security.provider.saml.SSLSecurityImpl.java

private KeyStore loadKeyStoreFromFile(String ksFile, String pass) throws KeyStoreException,
        NoSuchProviderException, NoSuchAlgorithmException, CertificateException, IOException {
    FileInputStream fis = new FileInputStream(ksFile);
    try {//from ww w.  ja  va2s.  c  o  m
        KeyStore ks = KeyStore.getInstance("JKS", "SUN");
        ks.load(fis, pass.toCharArray());
        return ks;
    } finally {
        fis.close();
    }
}

From source file:org.picketlink.test.integration.federation.saml.SAMLIDPInitiatedSSLAuthenticationTestCase.java

private KeyStore getKeyStore(String trustStorePath, String type)
        throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
    KeyStore trustStore = KeyStore.getInstance(type);
    FileInputStream instream = new FileInputStream(new File(trustStorePath));

    try {// w  ww . j  a  v  a2s  . co  m
        trustStore.load(instream, "change_it".toCharArray());
    } finally {
        instream.close();
    }
    return trustStore;
}

From source file:slash.navigation.rest.ssl.SSLConnectionManagerFactory.java

private KeyStore getKeyStore()
        throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
    KeyStore keyStore = KeyStore.getInstance("JKS");
    InputStream inputStream = getClass().getResourceAsStream("letsencrypt.truststore");
    try {//from   w  ww  . j  a v  a  2 s .  com
        keyStore.load(inputStream, "letsencrypt".toCharArray());
    } finally {
        closeQuietly(inputStream);
    }
    return keyStore;
}