List of usage examples for javax.net.ssl KeyManagerFactory getInstance
public static final KeyManagerFactory getInstance(String algorithm) throws NoSuchAlgorithmException
KeyManagerFactory object that acts as a factory for key managers. From source file:it.greenvulcano.gvesb.http.ssl.AuthSSLProtocolSocketFactory.java
private static KeyManager[] createKeyManagers(final KeyStore keystore, final String password) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException { if (keystore == null) { throw new IllegalArgumentException("Keystore may not be null"); }/* w w w. j av a2s .c o m*/ logger.debug("Initializing key manager"); KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmfactory.init(keystore, password != null ? password.toCharArray() : null); return kmfactory.getKeyManagers(); }
From source file:be.solidx.hot.nio.http.SSLContextBuilder.java
private KeyManagerFactory handleClientPFXURLProvided(Map<String, Object> options) throws SSLContextInitializationException { InputStream jksFileInputStream = null; try {// w w w . j a v a 2 s. com KeyManagerFactory keyManagerFactory = null; jksFileInputStream = getInputStream(new URI(options.get(P12).toString())); KeyStore keyStore = KeyStore.getInstance("pkcs12", "SunJSSE"); keyStore.load(jksFileInputStream, options.get(PASSPHRASE).toString().toCharArray()); keyManagerFactory = KeyManagerFactory.getInstance("SunX509"); keyManagerFactory.init(keyStore, options.get(PASSPHRASE).toString().toCharArray()); return keyManagerFactory; } catch (UnrecoverableKeyException | KeyStoreException | NoSuchProviderException | NoSuchAlgorithmException | CertificateException | URISyntaxException | IOException e) { throw new SSLContextInitializationException(e); } finally { if (jksFileInputStream != null) { try { jksFileInputStream.close(); } catch (IOException e) { } } } }
From source file:davmail.util.ClientCertificateTest.java
private SSLContext createSSLContext() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyManagementException, KeyStoreException, IOException, CertificateException, UnrecoverableKeyException { // PKCS11 client certificate settings String pkcs11Library = Settings.getProperty("davmail.ssl.pkcs11Library"); String clientKeystoreType = Settings.getProperty("davmail.ssl.clientKeystoreType"); // set default keystore type if (clientKeystoreType == null || clientKeystoreType.length() == 0) { clientKeystoreType = "PKCS11"; }/* ww w.ja v a 2s . com*/ if (pkcs11Library != null && pkcs11Library.length() > 0 && "PKCS11".equals(clientKeystoreType)) { StringBuilder pkcs11Buffer = new StringBuilder(); pkcs11Buffer.append("name=DavMail\n"); pkcs11Buffer.append("library=").append(pkcs11Library).append('\n'); String pkcs11Config = Settings.getProperty("davmail.ssl.pkcs11Config"); if (pkcs11Config != null && pkcs11Config.length() > 0) { pkcs11Buffer.append(pkcs11Config).append('\n'); } SunPKCS11ProviderHandler.registerProvider(pkcs11Buffer.toString()); } String algorithm = KeyManagerFactory.getDefaultAlgorithm(); if ("SunX509".equals(algorithm)) { algorithm = "NewSunX509"; } else if ("IbmX509".equals(algorithm)) { algorithm = "NewIbmX509"; } KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(algorithm); ArrayList<KeyStore.Builder> keyStoreBuilders = new ArrayList<KeyStore.Builder>(); // PKCS11 (smartcard) keystore with password callback KeyStore.Builder scBuilder = KeyStore.Builder.newInstance("PKCS11", null, getProtectionParameter(null)); //keyStoreBuilders.add(scBuilder); String clientKeystoreFile = Settings.getProperty("davmail.ssl.clientKeystoreFile"); String clientKeystorePass = Settings.getProperty("davmail.ssl.clientKeystorePass"); if (clientKeystoreFile != null && clientKeystoreFile.length() > 0 && ("PKCS12".equals(clientKeystoreType) || "JKS".equals(clientKeystoreType))) { // PKCS12 file based keystore KeyStore.Builder fsBuilder = KeyStore.Builder.newInstance(clientKeystoreType, null, new File(clientKeystoreFile), getProtectionParameter(clientKeystorePass)); keyStoreBuilders.add(fsBuilder); } System.setProperty("javax.net.debug", "ssl,handshake"); //try { Provider sunMSCAPI = new sun.security.mscapi.SunMSCAPI(); //Security.insertProviderAt(sunMSCAPI, 1); KeyStore keyStore = KeyStore.getInstance("Windows-MY", sunMSCAPI); keyStore.load(null, null); keyStoreBuilders.add(KeyStore.Builder.newInstance(keyStore, new KeyStore.PasswordProtection(null))); /*} catch (IOException e) { e.printStackTrace(); } catch (CertificateException e) { e.printStackTrace(); }*/ ManagerFactoryParameters keyStoreBuilderParameters = new KeyStoreBuilderParameters(keyStoreBuilders); keyManagerFactory.init(keyStoreBuilderParameters); //keyManagerFactory.init(keyStore, null); // Get a list of key managers KeyManager[] keyManagers = keyManagerFactory.getKeyManagers(); // Walk through the key managers and replace all X509 Key Managers with // a specialized wrapped DavMail X509 Key Manager for (int i = 0; i < keyManagers.length; i++) { KeyManager keyManager = keyManagers[i]; if (keyManager instanceof X509KeyManager) { keyManagers[i] = new DavMailX509KeyManager((X509KeyManager) keyManager); } } //keyManagers = new KeyManager[]{new DavMailX509KeyManager(new X509KeyManagerImpl())} SSLContext context = SSLContext.getInstance("TLS"); context.init(keyManagers, new TrustManager[] { new DavGatewayX509TrustManager() }, null); return context; }
From source file:org.alfresco.encryption.AlfrescoKeyStoreImpl.java
/** * {@inheritDoc}//from ww w. j ava 2 s. c om */ @Override public KeyManager[] createKeyManagers() { KeyInfoManager keyInfoManager = null; try { keyInfoManager = getKeyInfoManager(getKeyMetaDataFileLocation()); KeyStore ks = loadKeyStore(keyStoreParameters, keyInfoManager); logger.debug("Initializing key managers"); KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); String keyStorePassword = keyInfoManager.getKeyStorePassword(); kmfactory.init(ks, keyStorePassword != null ? keyStorePassword.toCharArray() : null); return kmfactory.getKeyManagers(); } catch (Throwable e) { throw new AlfrescoRuntimeException("Unable to create key manager", e); } finally { if (keyInfoManager != null) { keyInfoManager.clear(); } } }
From source file:mitm.common.security.ca.handlers.ejbca.EJBCACertificateRequestHandler.java
private EjbcaWS getEjbcaWS() throws CAException { if (ejbcaWS == null) { try {/*from www . j a v a 2 s. c o m*/ JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean(); factory.setServiceClass(EjbcaWS.class); factory.setAddress(requestHandlerSettings.getWebServiceURL().toExternalForm()); factory.setServiceName(EJBCAConst.SERVICE_NAME); EjbcaWS localEjbcaWS = (EjbcaWS) factory.create(); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); char[] password = requestHandlerSettings.getKeyStorePassword() != null ? requestHandlerSettings.getKeyStorePassword().toCharArray() : null; keyManagerFactory.init(requestHandlerSettings.getKeyStore(), password); KeyManager[] keyManagers = keyManagerFactory.getKeyManagers(); Client proxy = ClientProxy.getClient(localEjbcaWS); TLSClientParameters tlsClientParameters = new TLSClientParameters(); tlsClientParameters.setDisableCNCheck(requestHandlerSettings.isDisableCNCheck()); if (requestHandlerSettings.isSkipCertificateCheck()) { /* * Use a TrustManager that skips all checks */ tlsClientParameters.setTrustManagers(new TrustManager[] { new TrustAllX509TrustManager() }); } else { KeyStore trustStore = requestHandlerSettings.getTrustStore(); if (trustStore != null) { /* * Use the provided trust store */ TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(trustStore); tlsClientParameters.setTrustManagers(trustManagerFactory.getTrustManagers()); } } tlsClientParameters.setKeyManagers(keyManagers); HTTPConduit conduit = (HTTPConduit) proxy.getConduit(); conduit.setTlsClientParameters(tlsClientParameters); ejbcaWS = localEjbcaWS; } catch (NoSuchAlgorithmException e) { throw new CAException(e); } catch (UnrecoverableKeyException e) { throw new CAException(e); } catch (KeyStoreException e) { throw new CAException(e); } } return ejbcaWS; }
From source file:com.googlecode.xremoting.core.commonshttpclient.ssl.AuthSSLProtocolSocketFactory.java
private static KeyManager[] createKeyManagers(final KeyStore keystore, final String password) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException { if (keystore == null) { throw new IllegalArgumentException("Keystore may not be null"); }/*from w w w . jav a 2 s . c o m*/ LOG.debug("Initializing key manager"); KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmfactory.init(keystore, password != null ? password.toCharArray() : null); KeyManager[] keymanagers = kmfactory.getKeyManagers(); for (int i = 0; i < keymanagers.length; i++) { if (keymanagers[i] instanceof X509KeyManager) { keymanagers[i] = new AuthSSLX509KeyManager((X509KeyManager) keymanagers[i]); } } return keymanagers; }
From source file:org.wso2.carbon.andes.extensions.device.mgt.mqtt.authorization.client.OAuthRequestInterceptor.java
private static SSLSocketFactory initSSLConnection(KeyStore keyStore, String keyStorePassword, KeyStore trustStore)/*w ww . ja va 2s. c o m*/ throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, KeyManagementException { KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509"); keyManagerFactory.init(keyStore, keyStorePassword.toCharArray()); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509"); trustManagerFactory.init(trustStore); // Create and initialize SSLContext for HTTPS communication SSLContext sslContext = SSLContext.getInstance("SSLv3"); sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null); SSLContext.setDefault(sslContext); return sslContext.getSocketFactory(); }
From source file:gov.va.med.imaging.proxy.ssl.AuthSSLProtocolSocketFactory.java
private static KeyManager[] createKeyManagers(final KeyStore keystore, final String password) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException { if (keystore == null) throw new IllegalArgumentException("Keystore may not be null"); Logger.getLogger(AuthSSLProtocolSocketFactory.class).debug("Initializing key manager"); KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmfactory.init(keystore, password != null ? password.toCharArray() : null); return kmfactory.getKeyManagers(); }
From source file:org.apache.hadoop.security.ssl.ReloadingX509KeyManager.java
private X509ExtendedKeyManager loadKeyManager() throws GeneralSecurityException, IOException { KeyStore keyStore = KeyStore.getInstance(type); String keyStorePass;/* www . j a v a 2 s . c o m*/ String keyPass; if (passwordFileLocation != null) { keyStorePass = FileUtils.readFileToString(passwordFileLocation); keyPass = keyStorePass; } else { keyStorePass = keystorePassword; keyPass = keyPassword; } try (FileInputStream in = new FileInputStream(location)) { keyStore.load(in, keyStorePass.toCharArray()); lastLoadedTimestamp = location.lastModified(); LOG.debug("Loaded keystore file: " + location); } KeyManagerFactory kmf = KeyManagerFactory.getInstance(SSLFactory.SSLCERTIFICATE); kmf.init(keyStore, keyPass.toCharArray()); X509ExtendedKeyManager keyManager = null; KeyManager[] keyManagers = kmf.getKeyManagers(); for (KeyManager km : keyManagers) { if (km instanceof X509ExtendedKeyManager) { keyManager = (X509ExtendedKeyManager) km; break; } } return keyManager; }
From source file:net.jmhertlein.mcanalytics.api.auth.SSLUtil.java
/** * Same as buildContext(), but wraps all X509TrustManagers in a SavableTrustManager to provide * UntrustedCertificateExceptions so that when a client connects to a server it does not trust, * the program can recover the key and ask the user if they wish to trust it. * * @param trustMaterial/* w w w .ja v a 2 s. com*/ * @return */ public static SSLContext buildClientContext(KeyStore trustMaterial) { SSLContext ctx; try { TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(trustMaterial); ctx = SSLContext.getInstance("TLS"); //key manager factory go! KeyManagerFactory keyMgr = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyMgr.init(trustMaterial, new char[0]); TrustManager[] trustManagers = tmf.getTrustManagers(); for (int i = 0; i < trustManagers.length; i++) { if (trustManagers[i] instanceof X509TrustManager) { System.out.println("Wrapped a trust manager."); trustManagers[i] = new SavableTrustManager((X509TrustManager) trustManagers[i]); } } ctx.init(keyMgr.getKeyManagers(), trustManagers, null); } catch (KeyStoreException | UnrecoverableKeyException | KeyManagementException | NoSuchAlgorithmException ex) { Logger.getLogger(SSLUtil.class.getName()).log(Level.SEVERE, null, ex); ctx = null; } return ctx; }