List of usage examples for javax.net.ssl KeyManagerFactory getInstance
public static final KeyManagerFactory getInstance(String algorithm) throws NoSuchAlgorithmException
KeyManagerFactory object that acts as a factory for key managers. From source file:com.myJava.file.driver.remote.ftp.SecuredSocketFactory.java
public SecuredSocketFactory(String protocol, String protection, boolean checkServerCertificate, boolean implicit, InputStream certificateInputStream, String certificatePassword, FTPSClient client) { Logger.defaultLogger().info("Initializing secured socket factory ..."); acceptProtocol(protocol);/*from www .ja v a2 s .c o m*/ this.protocol = protocol; this.protection = protection; if (protection == null || (!protection.equals("C") && !protection.equals("P"))) { throw new IllegalArgumentException( "Illegal protection method : [" + protection + "]. Only \"C\" and \"P\" are accepted."); } this.implicit = implicit; this.client = client; TrustManager tm[] = null; KeyManager km[] = null; // Init the keyStore if needed if (certificateInputStream != null) { try { Logger.defaultLogger().info("Loading certificate ..."); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEY_ALGORITHM); KeyStore ks = KeyStore.getInstance(KEY_TYPE); char[] pwdChars = (certificatePassword == null ? null : certificatePassword.toCharArray()); ks.load(certificateInputStream, pwdChars); kmf.init(ks, pwdChars); km = kmf.getKeyManagers(); } catch (Exception e) { Logger.defaultLogger().error(e); } } // Init the trustmanager if needed if (!checkServerCertificate) { Logger.defaultLogger().info("Disabling server identification ..."); tm = NO_CHECK_TM; } try { sslContext = SSLContext.getInstance(protocol); sslContext.init(km, tm, null); } catch (NoSuchAlgorithmException e) { Logger.defaultLogger().error(e); } catch (KeyManagementException e) { Logger.defaultLogger().error(e); } }
From source file:org.apache.axis2.transport.nhttp.HttpCoreNIOSSLSender.java
protected SSLContext getSSLContext(TransportOutDescription transportOut) throws AxisFault { KeyManager[] keymanagers = null; TrustManager[] trustManagers = null; Parameter keyParam = transportOut.getParameter("keystore"); Parameter trustParam = transportOut.getParameter("truststore"); if (keyParam != null) { OMElement ksEle = keyParam.getParameterElement().getFirstElement(); String location = ksEle.getFirstChildWithName(new QName("Location")).getText(); String type = ksEle.getFirstChildWithName(new QName("Type")).getText(); String storePassword = ksEle.getFirstChildWithName(new QName("Password")).getText(); String keyPassword = ksEle.getFirstChildWithName(new QName("KeyPassword")).getText(); try {//from w w w . ja v a 2 s .c o m KeyStore keyStore = KeyStore.getInstance(type); URL url = getClass().getClassLoader().getResource(location); log.debug("Loading Key Store from URL : " + url); keyStore.load(url.openStream(), storePassword.toCharArray()); KeyManagerFactory kmfactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmfactory.init(keyStore, keyPassword.toCharArray()); keymanagers = kmfactory.getKeyManagers(); } catch (GeneralSecurityException gse) { log.error("Error loading Key store : " + location, gse); throw new AxisFault("Error loading Key store : " + location, gse); } catch (IOException ioe) { log.error("Error opening Key store : " + location, ioe); throw new AxisFault("Error opening Key store : " + location, ioe); } } if (trustParam != null) { OMElement tsEle = trustParam.getParameterElement().getFirstElement(); String location = tsEle.getFirstChildWithName(new QName("Location")).getText(); String type = tsEle.getFirstChildWithName(new QName("Type")).getText(); String storePassword = tsEle.getFirstChildWithName(new QName("Password")).getText(); try { KeyStore trustStore = KeyStore.getInstance(type); URL url = getClass().getClassLoader().getResource(location); log.debug("Loading Trust Key Store from URL : " + url); trustStore.load(url.openStream(), storePassword.toCharArray()); TrustManagerFactory trustManagerfactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerfactory.init(trustStore); trustManagers = trustManagerfactory.getTrustManagers(); } catch (GeneralSecurityException gse) { log.error("Error loading Key store : " + location, gse); throw new AxisFault("Error loading Key store : " + location, gse); } catch (IOException ioe) { log.error("Error opening Key store : " + location, ioe); throw new AxisFault("Error opening Key store : " + location, ioe); } } try { SSLContext sslcontext = SSLContext.getInstance("TLS"); sslcontext.init(keymanagers, trustManagers, null); return sslcontext; } catch (GeneralSecurityException gse) { log.error("Unable to create SSL context with the given configuration", gse); throw new AxisFault("Unable to create SSL context with the given configuration", gse); } }
From source file:test.integ.be.fedict.commons.eid.client.SSLTest.java
@Test public void testTestEIDBelgiumBe() throws Exception { Security.addProvider(new BeIDProvider()); SSLContext sslContext = SSLContext.getInstance("TLS"); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("BeID"); keyManagerFactory.init(null);/*w w w . j a v a2 s. c om*/ SecureRandom secureRandom = new SecureRandom(); sslContext.init(keyManagerFactory.getKeyManagers(), new TrustManager[] { new ClientTestX509TrustManager() }, secureRandom); SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory(); SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket("test.eid.belgium.be", 443); LOG.debug("socket created"); SSLSession sslSession = sslSocket.getSession(); Certificate[] peerCertificates = sslSession.getPeerCertificates(); for (Certificate peerCertificate : peerCertificates) { LOG.debug("peer certificate: " + ((X509Certificate) peerCertificate).getSubjectX500Principal()); } }
From source file:edu.internet2.middleware.subject.provider.LdapPEMSocketFactory.java
protected void initManagers() { // trust managers try {/* w w w .j a v a2s. c om*/ X509Certificate cert = null; if (caFilename != null) cert = readCertificate(caFilename); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null, null); ks.setCertificateEntry("CACERT", cert); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(ks); trustManagers = tmf.getTrustManagers(); } catch (Exception e) { log.error("ldap source cacert error: " + e); } // key managers if (certFilename != null && keyFilename != null) { char[] pw = new char[] { 0 }; try { X509Certificate cert = readCertificate(certFilename); PKCS1 pkcs = new PKCS1(); PrivateKey key = pkcs.readKey(keyFilename); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null, null); X509Certificate[] chain = new X509Certificate[1]; chain[0] = cert; ks.setKeyEntry("CERT", (Key) key, pw, chain); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(ks, pw); keyManagers = kmf.getKeyManagers(); } catch (Exception e) { log.error("ldap source cert/key error: " + e); } } }
From source file:io.wcm.caravan.commons.httpclient.impl.helpers.CertificateLoader.java
/** * Get key manager factory/*from w ww . java 2 s . c om*/ * @param keyStoreStream Keystore input stream * @param storeProperties store properties * @return Key manager factory * @throws IOException * @throws GeneralSecurityException */ private static KeyManagerFactory getKeyManagerFactory(InputStream keyStoreStream, StoreProperties storeProperties) throws IOException, GeneralSecurityException { KeyStore ts = KeyStore.getInstance(storeProperties.getType()); ts.load(keyStoreStream, storeProperties.getPassword().toCharArray()); KeyManagerFactory kmf = KeyManagerFactory.getInstance(storeProperties.getManagerType()); kmf.init(ts, storeProperties.getPassword().toCharArray()); return kmf; }
From source file:dk.netarkivet.common.distribute.HTTPSRemoteFileRegistry.java
private HTTPSRemoteFileRegistry() { FileInputStream keyStoreInputStream = null; try {// ww w .j av a2 s . c o m keyStoreInputStream = new FileInputStream(KEYSTORE_PATH); KeyStore store = KeyStore.getInstance(SUN_JCEKS_KEYSTORE_TYPE); store.load(keyStoreInputStream, KEYSTORE_PASSWORD.toCharArray()); KeyManagerFactory kmf = KeyManagerFactory.getInstance(SUN_X509_CERTIFICATE_ALGORITHM); kmf.init(store, KEY_PASSWORD.toCharArray()); TrustManagerFactory tmf = TrustManagerFactory.getInstance(SUN_X509_CERTIFICATE_ALGORITHM); tmf.init(store); sslContext = SSLContext.getInstance(SSL_PROTOCOL); sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), SecureRandom.getInstance(SHA1_PRNG_RANDOM_ALGORITHM)); } catch (GeneralSecurityException | IOException e) { throw new IOFailure("Unable to create secure environment for keystore '" + KEYSTORE_PATH + "'", e); } finally { IOUtils.closeQuietly(keyStoreInputStream); } }
From source file:org.appenders.log4j2.elasticsearch.jest.PEMCertInfo.java
@Override public void applyTo(HttpClientConfig.Builder builder) { if (java.security.Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) { java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); }//w w w .j av a2 s. c o m try (FileInputStream clientCert = new FileInputStream(new File(clientCertPath)); FileInputStream key = new FileInputStream(new File(keyPath)); FileInputStream certificateAuthoritiies = new FileInputStream(new File(caPath))) { KeyStore keyStore = PemReader.loadKeyStore(clientCert, key, Optional.ofNullable(keyPassphrase)); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, keyPassphrase.toCharArray()); KeyStore trustStore = PemReader.loadTrustStore(certificateAuthoritiies); TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(trustStore); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null); // TODO: add support for hostname verification modes builder.sslSocketFactory(new SSLConnectionSocketFactory(sslContext)); builder.httpsIOSessionStrategy(new SSLIOSessionStrategy(sslContext, new NoopHostnameVerifier())); } catch (IOException | GeneralSecurityException e) { throw new ConfigurationException(configExceptionMessage, e); } }
From source file:net.sf.jsignpdf.ssl.SSLInitializer.java
/** * @param options//from w w w . j a va2 s . c om * @throws NoSuchAlgorithmException * @throws IOException * @throws CertificateException * @throws KeyStoreException * @throws KeyManagementException * @throws UnrecoverableKeyException */ public static void init(BasicSignerOptions options) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, CertificateException, IOException, UnrecoverableKeyException { KeyManager[] km = null; if (options != null && options.getTsaServerAuthn() == ServerAuthentication.CERTIFICATE) { char[] pwd = null; if (StringUtils.isNotEmpty(options.getTsaCertFilePwd())) { pwd = options.getTsaCertFilePwd().toCharArray(); } LOGGER.info(Constants.RES.get("ssl.keymanager.init", options.getTsaCertFile())); final String ksType = StringUtils.defaultIfBlank(options.getTsaCertFileType(), "PKCS12"); KeyStore keyStore = KeyStoreUtils.loadKeyStore(ksType, options.getTsaCertFile(), pwd); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, pwd); km = keyManagerFactory.getKeyManagers(); } SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(km, TRUST_MANAGERS, null); HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory()); }
From source file:net.straylightlabs.archivo.net.MindRPC.java
private SSLSocketFactory createSecureSocketFactory() { try {/*from w w w .ja va 2s . co m*/ SSLContext context = SSLContext.getInstance("TLS"); KeyStore store = createKeyStore(); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(store, KEY_PASSWORD.toCharArray()); TrustManager[] trustManagers = new TrustManager[] { new AllTrustingTrustManager() }; context.init(keyManagerFactory.getKeyManagers(), trustManagers, null); return context.getSocketFactory(); } catch (GeneralSecurityException e) { logger.error("Error creating custom SSLSocketFactory: ", e); } throw new AssertionError(); }
From source file:ninja.standalone.StandaloneHelper.java
static public SSLContext createSSLContext(URI keystoreUri, char[] keystorePassword, URI truststoreUri, char[] truststorePassword) throws Exception { // load keystore KeyStore keystore = loadKeyStore(keystoreUri, keystorePassword); KeyManager[] keyManagers;/*from w w w. j a v a2s.com*/ KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keystore, keystorePassword); keyManagers = keyManagerFactory.getKeyManagers(); // load truststore KeyStore truststore = loadKeyStore(truststoreUri, truststorePassword); TrustManager[] trustManagers; TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(truststore); trustManagers = trustManagerFactory.getTrustManagers(); SSLContext sslContext; sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagers, trustManagers, null); return sslContext; }