List of usage examples for javax.net.ssl KeyManagerFactory getInstance
public static final KeyManagerFactory getInstance(String algorithm) throws NoSuchAlgorithmException
KeyManagerFactory object that acts as a factory for key managers. From source file:org.soyatec.windowsazure.internal.util.ssl.SslUtil.java
private static KeyManager[] createKeyManagers(final KeyStore keystore, final String password) throws Exception { if (keystore == null) { throw new IllegalArgumentException("Keystore may not be null"); }//from w w w. ja va 2 s. co m KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmfactory.init(keystore, password != null ? password.toCharArray() : null); return kmfactory.getKeyManagers(); }
From source file:edu.washington.iam.tools.IamConnectionManager.java
protected void initManagers() { // trust managers /**//from ww w. j a v a 2 s . c o m try { TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); X509Certificate cert = null; if (caFilename!=null) cert = readCertificate(caFilename); log.debug("init trust mgr " + cert); trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(null, null); trustStore.setCertificateEntry("CACERT", cert); tmf.init(trustStore); trustManagers = tmf.getTrustManagers(); } catch (Exception e) { log.error("cacert error: " + e); } **/ trustManagers = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] certs, String authType) { return; } public void checkServerTrusted(X509Certificate[] certs, String authType) { return; } } }; // key managers if (certFilename != null && keyFilename != null) { try { KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null, null); X509Certificate cert = readCertificate(certFilename); PKCS1 pkcs = new PKCS1(); PrivateKey key = pkcs.readKey(keyFilename); X509Certificate[] chain = new X509Certificate[1]; chain[0] = cert; keyStore.setKeyEntry("CERT", (Key) key, "pw".toCharArray(), chain); kmf.init(keyStore, "pw".toCharArray()); keyManagers = kmf.getKeyManagers(); } catch (Exception e) { log.error("cert/key error: " + e); } } }
From source file:org.eclipse.emf.emfstore.internal.server.connection.ServerKeyStoreManager.java
/** * Creates a {@link KeyManagerFactory} for the RMI encryption. * //from w w w. ja va 2s. com * @return KeyManagerFactory * @throws ServerKeyStoreException in case of failure */ public KeyManagerFactory getKeyManagerFactory() throws ServerKeyStoreException { try { final KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance( ServerConfiguration.getProperties().getProperty(ServerConfiguration.KEYSTORE_CERTIFICATE_TYPE, ServerConfiguration.KEYSTORE_CERTIFICATE_TYPE_DEFAULT)); keyManagerFactory.init(getKeyStore(), getKeyStorePassword()); return keyManagerFactory; } catch (final NoSuchAlgorithmException e) { throw new ServerKeyStoreException(e); } catch (final KeyStoreException e) { throw new ServerKeyStoreException(e); } catch (final UnrecoverableKeyException e) { throw new ServerKeyStoreException(e); } }
From source file:com.linkedin.pinot.common.utils.ClientSSLContextGenerator.java
private KeyManager[] setupKeyManagers() { if (_keyStoreFile == null) { return null; }/*from w w w . j ava 2 s. c o m*/ try { KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE); LOGGER.info("Setting up keystore with file {}", _keyStoreFile); keyStore.load(new FileInputStream(new File(_keyStoreFile)), _keyStorePassword.toCharArray()); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEYMANAGER_FACTORY_ALGORITHM); kmf.init(keyStore, _keyStorePassword.toCharArray()); LOGGER.info("Successfully initialized keystore"); return kmf.getKeyManagers(); } catch (Exception e) { Utils.rethrowException(e); } return null; }
From source file:io.dropwizard.revolver.http.RevolverHttpClientFactory.java
private static SSLContext getSSLContext(final String keyStorePath, final String keyStorePassword) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, KeyManagementException, UnrecoverableKeyException { final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); try (InputStream instream = RevolverHttpClientFactory.class.getClassLoader() .getResourceAsStream(keyStorePath)) { keyStore.load(instream, keyStorePassword.toCharArray()); }/*from ww w .j av a 2 s. c o m*/ final TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keyStore); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, keyStorePassword.toCharArray()); final SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom()); return sslContext; }
From source file:learn.encryption.ssl.SSLContext_Https.java
/** * @description javaSSLContext// w w w . ja va 2 s . c o m * @description https?, SSLContext (NoHttp?SecureRandombug) * @description client.ks?server * @description ?? * @description ????getSSLContext2() */ //@SuppressLint("TrulyRandom") public static SSLContext getSSLContext() { SSLContext sslContext = null; try { sslContext = SSLContext.getInstance("TLS"); // ??, ??assets InputStream inputStream = new FileInputStream(new File("D:\\tomcatcert\\server.ks")); //App.getInstance().getAssets().open("srca.cer"); // ?? CertificateFactory cerFactory = CertificateFactory.getInstance("X.509"); // ?KeyStore KeyStore keyStore = KeyStore.getInstance("jks"); keyStore.load(inputStream, "123456".toCharArray()); //Certificate cer = cerFactory.generateCertificate(inputStream); Certificate cer = keyStore.getCertificate("clientKey"); keyStore.setCertificateEntry("trust", cer); // KeyStorekeyManagerFactory KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, "123456".toCharArray()); // KeyStoreTrustManagerFactory TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keyStore); // ?SSLContext sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom()); } catch (Exception e) { e.printStackTrace(); } return sslContext; }
From source file:it.govpay.core.utils.client.BasicClient.java
private BasicClient(String bundleKey, Connettore connettore) throws ClientException { if (connettore == null) { throw new ClientException("Connettore non configurato"); }//from w w w. j ava 2 s.co m try { this.url = new URL(connettore.getUrl()); } catch (Exception e) { throw new ClientException("La URL del connettore " + errMsg + " non e' valida: " + e); } sslContext = sslContexts.get(bundleKey); if (connettore.getTipoAutenticazione().equals(EnumAuthType.SSL)) { isSslEnabled = true; if (sslContext == null) { try { FileInputStream finKeyStore = null; FileInputStream finTrustStore = null; KeyManager[] km = null; TrustManager[] tm = null; // Autenticazione CLIENT if (connettore.getTipoSsl().equals(EnumSslType.CLIENT)) { if (connettore.getSslKsType() == null || connettore.getSslKsLocation() == null || connettore.getSslKsPasswd() == null || connettore.getSslPKeyPasswd() == null) throw new ClientException( "Configurazione SSL Client del connettore " + errMsg + " incompleta."); KeyStore keystore = KeyStore.getInstance(connettore.getSslKsType()); // JKS,PKCS12,jceks,bks,uber,gkr finKeyStore = new FileInputStream(connettore.getSslKsLocation()); keystore.load(finKeyStore, connettore.getSslKsPasswd().toCharArray()); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keystore, connettore.getSslPKeyPasswd().toCharArray()); km = keyManagerFactory.getKeyManagers(); } if (connettore.getSslTsType() == null || connettore.getSslTsLocation() == null || connettore.getSslTsPasswd() == null || connettore.getSslType() == null) throw new ClientException( "Configurazione SSL Server del connettore " + errMsg + " incompleta."); // Autenticazione SERVER KeyStore truststore = KeyStore.getInstance(connettore.getSslTsType()); // JKS,PKCS12,jceks,bks,uber,gkr finTrustStore = new FileInputStream(connettore.getSslTsLocation()); truststore.load(finTrustStore, connettore.getSslTsPasswd().toCharArray()); TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(truststore); tm = trustManagerFactory.getTrustManagers(); // Creo contesto SSL sslContext = SSLContext.getInstance(connettore.getSslType()); sslContext.init(km, tm, null); sslContexts.put(bundleKey, sslContext); } catch (Exception e) { throw new ClientException(e); } } } if (connettore.getTipoAutenticazione().equals(EnumAuthType.HTTPBasic)) { ishttpBasicEnabled = true; httpBasicUser = connettore.getHttpUser(); httpBasicPassword = connettore.getHttpPassw(); } }
From source file:davmail.util.ClientCertificateTest.java
public void testClientSocket() throws NoSuchAlgorithmException, KeyStoreException, IOException, CertificateException, KeyManagementException, UnrecoverableKeyException { //System.setProperty("javax.net.ssl.trustStoreProvider", "SunMSCAPI"); //System.setProperty("javax.net.ssl.trustStoreType", "Windows-ROOT"); System.setProperty("javax.net.ssl.trustStore", "cacerts"); System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); System.setProperty("javax.net.ssl.trustStoreType", "JKS"); String algorithm = KeyManagerFactory.getDefaultAlgorithm(); if ("SunX509".equals(algorithm)) { algorithm = "NewSunX509"; } else if ("IbmX509".equals(algorithm)) { algorithm = "NewIbmX509"; }// w w w . ja v a2s . c om Provider sunMSCAPI = new sun.security.mscapi.SunMSCAPI(); //Security.insertProviderAt(sunMSCAPI, 1); KeyStore keyStore = KeyStore.getInstance("Windows-MY", sunMSCAPI); keyStore.load(null, null); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(algorithm); keyManagerFactory.init(keyStore, null); // Get a list of key managers KeyManager[] keyManagers = keyManagerFactory.getKeyManagers(); // Walk through the key managers and replace all X509 Key Managers with // a specialized wrapped DavMail X509 Key Manager for (int i = 0; i < keyManagers.length; i++) { KeyManager keyManager = keyManagers[i]; if (keyManager instanceof X509KeyManager) { keyManagers[i] = new DavMailX509KeyManager((X509KeyManager) keyManager); } } SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagers, null, null); SSLSocketFactory sockFactory = sslContext.getSocketFactory(); SSLSocket sslSock = (SSLSocket) sockFactory.createSocket("localhost", 443); sslSock.startHandshake(); }
From source file:it.danja.newsmonitor.utils.HttpServer.java
public void init() { // Set up the HTTP protocol processor HttpProcessor httpproc = HttpProcessorBuilder.create().add(new ResponseDate()) .add(new ResponseServer("Test/1.1")).add(new ResponseContent()).add(new ResponseConnControl()) .build();// w w w. j a v a 2s. co m // Set up request handlers UriHttpRequestHandlerMapper reqistry = new UriHttpRequestHandlerMapper(); reqistry.register("*", new HttpFileHandler(docRoot)); // Set up the HTTP service httpService = new HttpService(httpproc, reqistry); if (port == 8443) { // Initialize SSL context ClassLoader cl = HttpServer.class.getClassLoader(); URL url = cl.getResource("my.keystore"); if (url == null) { log.info("HttpServer : Keystore not found"); System.exit(1); } KeyStore keystore = null; try { keystore = KeyStore.getInstance("jks"); } catch (KeyStoreException e) { log.error(e.getMessage()); } try { keystore.load(url.openStream(), "secret".toCharArray()); } catch (NoSuchAlgorithmException e) { log.error(e.getMessage()); } catch (CertificateException e) { log.error(e.getMessage()); } catch (IOException e) { log.error(e.getMessage()); } KeyManagerFactory kmfactory = null; try { kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); } catch (NoSuchAlgorithmException e) { log.error(e.getMessage()); } try { kmfactory.init(keystore, "secret".toCharArray()); } catch (UnrecoverableKeyException e) { log.error(e.getMessage()); } catch (KeyStoreException e) { log.error(e.getMessage()); } catch (NoSuchAlgorithmException e) { log.error(e.getMessage()); } KeyManager[] keymanagers = kmfactory.getKeyManagers(); SSLContext sslcontext = null; try { sslcontext = SSLContext.getInstance("TLS"); } catch (NoSuchAlgorithmException e) { log.error(e.getMessage()); } try { sslcontext.init(keymanagers, null, null); } catch (KeyManagementException e) { log.error(e.getMessage()); } this.sf = sslcontext.getServerSocketFactory(); } }
From source file:org.elasticsearch.xpack.ssl.SSLClientAuthTests.java
private SSLContext getSSLContext() { try (InputStream in = Files.newInputStream( getDataPath("/org/elasticsearch/xpack/security/transport/ssl/certs/simple/testclient.jks"))) { KeyStore keyStore = KeyStore.getInstance("jks"); keyStore.load(in, "testclient".toCharArray()); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(keyStore);// w w w . ja va2 s .c om KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(keyStore, "testclient".toCharArray()); SSLContext context = SSLContext.getInstance("TLSv1.2"); context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new SecureRandom()); return context; } catch (Exception e) { throw new ElasticsearchException("failed to initialize a TrustManagerFactory", e); } }