List of usage examples for javax.net.ssl KeyManagerFactory init
public final void init(KeyStore ks, char[] password) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException
From source file:org.apache.nifi.elasticsearch.ElasticSearchClientServiceImpl.java
private SSLContext buildSslContext(SSLContextService sslService) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, KeyManagementException { KeyStore keyStore = KeyStore.getInstance(sslService.getKeyStoreType()); KeyStore trustStore = KeyStore.getInstance("JKS"); try (final InputStream is = new FileInputStream(sslService.getKeyStoreFile())) { keyStore.load(is, sslService.getKeyStorePassword().toCharArray()); }// w w w .j a va2 s. com try (final InputStream is = new FileInputStream(sslService.getTrustStoreFile())) { trustStore.load(is, sslService.getTrustStorePassword().toCharArray()); } final KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(keyStore, sslService.getKeyStorePassword().toCharArray()); final TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(keyStore); SSLContext context1 = SSLContext.getInstance(sslService.getSslAlgorithm()); context1.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new SecureRandom()); return context1; }
From source file:org.eclipse.emf.emfstore.server.connection.ServerKeyStoreManager.java
/** * Creates a {@link KeyManagerFactory} for the rmi encryption ( * {@link org.eclipse.emf.emfstore.server.connection.rmi.RMISSLServerSocketFactory} ). * /*from ww w .ja va2 s . c o m*/ * @return KeyManagerFactory * @throws ServerKeyStoreException in case of failure */ public KeyManagerFactory getKeyManagerFactory() throws ServerKeyStoreException { try { KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance( ServerConfiguration.getProperties().getProperty(ServerConfiguration.KEYSTORE_CERTIFICATE_TYPE, ServerConfiguration.KEYSTORE_CERTIFICATE_TYPE_DEFAULT)); keyManagerFactory.init(getKeyStore(), getKeyStorePassword()); return keyManagerFactory; } catch (NoSuchAlgorithmException e) { throw new ServerKeyStoreException(e); } catch (KeyStoreException e) { throw new ServerKeyStoreException(e); } catch (UnrecoverableKeyException e) { throw new ServerKeyStoreException(e); } }
From source file:org.opcfoundation.ua.transport.https.HttpsSettings.java
/** * Set keystore as the key manager for a https application. * /* ww w.j av a 2 s . c om*/ * @param keystore * @param password * @throws NoSuchAlgorithmException * @throws UnrecoverableKeyException * @throws KeyStoreException */ public void setKeyStore(KeyStore keystore, String password) throws ServiceResultException { try { KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmfactory.init(keystore, password.toCharArray()); KeyManager kms[] = kmfactory.getKeyManagers(); keyManager = kms.length == 0 ? null : (X509KeyManager) kms[0]; } catch (NoSuchAlgorithmException e) { throw new ServiceResultException(e); } catch (UnrecoverableKeyException e) { throw new ServiceResultException(e); } catch (KeyStoreException e) { throw new ServiceResultException(e); } }
From source file:org.jenkinsci.remoting.protocol.ProtocolStackLoopbackLoadStress.java
public ProtocolStackLoopbackLoadStress(boolean nio, boolean ssl) throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException, UnrecoverableKeyException, KeyManagementException, OperatorCreationException { KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA"); gen.initialize(2048); // maximum supported by JVM with export restrictions keyPair = gen.generateKeyPair();//from w w w . j a v a 2 s . c om Date now = new Date(); Date firstDate = new Date(now.getTime() + TimeUnit.DAYS.toMillis(10)); Date lastDate = new Date(now.getTime() + TimeUnit.DAYS.toMillis(-10)); SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo .getInstance(keyPair.getPublic().getEncoded()); X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE); X500Name subject = nameBuilder.addRDN(BCStyle.CN, getClass().getSimpleName()).addRDN(BCStyle.C, "US") .build(); X509v3CertificateBuilder certGen = new X509v3CertificateBuilder(subject, BigInteger.ONE, firstDate, lastDate, subject, subjectPublicKeyInfo); JcaX509ExtensionUtils instance = new JcaX509ExtensionUtils(); certGen.addExtension(X509Extension.subjectKeyIdentifier, false, instance.createSubjectKeyIdentifier(subjectPublicKeyInfo)); ContentSigner signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BOUNCY_CASTLE_PROVIDER) .build(keyPair.getPrivate()); certificate = new JcaX509CertificateConverter().setProvider(BOUNCY_CASTLE_PROVIDER) .getCertificate(certGen.build(signer)); char[] password = "password".toCharArray(); KeyStore store = KeyStore.getInstance("jks"); store.load(null, password); store.setKeyEntry("alias", keyPair.getPrivate(), password, new Certificate[] { certificate }); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(store, password); context = SSLContext.getInstance("TLS"); context.init(kmf.getKeyManagers(), new TrustManager[] { new PublicKeyMatchingX509ExtendedTrustManager(keyPair.getPublic()) }, null); hub = IOHub.create(executorService); serverSocketChannel = ServerSocketChannel.open(); acceptor = new Acceptor(serverSocketChannel, nio, ssl); }
From source file:ucar.nc2.util.net.EasySSLProtocolSocketFactory.java
private SSLContext createSSLContext(HttpConnectionParams params, String host, int port) throws HTTPException { SSLContext sslcontext = null; KeyManager[] keymanagers = null; KeyStore keystore = null;//w w w. jav a 2s. c o m KeyStore truststore = null; TrustManager[] trustmanagers = null; String keypassword = null; String keypath = null; String trustpassword = null; String trustpath = null; try { // Get the HTTPAuthProvider HTTPAuthProvider provider; provider = (HTTPAuthProvider) params.getParameter(CredentialsProvider.PROVIDER); if (provider == null) return stdauthenticate(); // Abuse the getCredentials() api Credentials creds = null; try { creds = provider.getCredentials(HTTPSSLScheme.Default, null, 0, false); if (creds == null) return stdauthenticate(); } catch (CredentialsNotAvailableException e) { return stdauthenticate(); } HTTPSSLProvider sslprovider = (creds == null ? null : (HTTPSSLProvider) creds); if (sslprovider == null) return stdauthenticate(); keypath = (String) sslprovider.getKeystore(); keypassword = (String) sslprovider.getKeypassword(); trustpath = (String) sslprovider.getTruststore(); trustpassword = (String) sslprovider.getTrustpassword(); keystore = buildstore(keypath, keypassword, "key"); if (keystore != null) { KeyManagerFactory kmfactory = KeyManagerFactory.getInstance("SunX509"); kmfactory.init(keystore, keypassword.toCharArray()); keymanagers = kmfactory.getKeyManagers(); } truststore = buildstore(trustpath, trustpassword, "trust"); if (truststore != null) { //TrustManagerFactory trfactory = TrustManagerFactory.getInstance("SunX509"); //trfactory.init(truststore, trustpassword.toCharArray()); //trustmanagers = trfactory.getTrustManagers(); trustmanagers = new TrustManager[] { new EasyX509TrustManager(truststore) }; } else { trustmanagers = new TrustManager[] { new EasyX509TrustManager(null) }; } sslcontext = SSLContext.getInstance("SSL"); sslcontext.init(keymanagers, trustmanagers, null); return sslcontext; } catch (KeyManagementException e) { throw new HTTPException("Key Management exception: " + e.getMessage()); } catch (NoSuchAlgorithmException e) { throw new HTTPException("Unsupported algorithm exception: " + e.getMessage()); } catch (KeyStoreException e) { throw new HTTPException("Keystore exception: " + e.getMessage()); } catch (GeneralSecurityException e) { throw new HTTPException("Key management exception: " + e.getMessage()); } catch (IOException e) { throw new HTTPException("I/O error reading keystore/truststore file: " + e.getMessage()); } }
From source file:org.globus.gsi.jsse.SSLConfigurator.java
private KeyManager[] loadKeyManagers() throws GlobusSSLConfigurationException { try {/*w w w . ja v a 2s . com*/ KeyStore inputKeyStore; if (this.credentialStore == null) { if (this.credentialStoreLocation == null) return null; inputKeyStore = GlobusSSLHelper.findCredentialStore(this.provider, this.credentialStoreType, this.credentialStoreLocation, this.credentialStorePassword); } else { inputKeyStore = this.credentialStore; } KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(sslKeyManagerFactoryAlgorithm); keyManagerFactory.init(inputKeyStore, credentialStorePassword == null ? null : credentialStorePassword.toCharArray()); return keyManagerFactory.getKeyManagers(); } catch (KeyStoreException e) { throw new GlobusSSLConfigurationException(e); } catch (NoSuchAlgorithmException e) { throw new GlobusSSLConfigurationException(e); } catch (UnrecoverableKeyException e) { throw new GlobusSSLConfigurationException(e); } }
From source file:org.apache.commons.vfs2.util.NHttpServer.java
public void runBlock(final int port, final File docRoot) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException, KeyManagementException { if (docRoot == null) { throw new IllegalArgumentException("No doc root specified."); }// w w w .j a va 2 s . com // HTTP parameters for the server final HttpParams params = new SyncBasicHttpParams(); params.setIntParameter(CoreConnectionPNames.SO_TIMEOUT, 5000) .setIntParameter(CoreConnectionPNames.SOCKET_BUFFER_SIZE, 8 * 1024) .setBooleanParameter(CoreConnectionPNames.TCP_NODELAY, true) .setParameter(CoreProtocolPNames.ORIGIN_SERVER, "HttpTest/1.1"); // Create HTTP protocol processing chain final HttpProcessor httpproc = new ImmutableHttpProcessor(new HttpResponseInterceptor[] { // Use standard server-side protocol interceptors new ResponseDate(), new ResponseServer(), new ResponseContent(), new ResponseConnControl() }); // Create request handler registry final HttpAsyncRequestHandlerRegistry reqistry = new HttpAsyncRequestHandlerRegistry(); // Register the default handler for all URIs reqistry.register("*", new HttpFileHandler(docRoot)); // Create server-side HTTP protocol handler final HttpAsyncService protocolHandler = new HttpAsyncService(httpproc, new DefaultConnectionReuseStrategy(), reqistry, params) { @Override public void closed(final NHttpServerConnection conn) { NHttpServer.debug(conn + ": connection closed"); super.closed(conn); } @Override public void connected(final NHttpServerConnection conn) { NHttpServer.debug(conn + ": connection open"); super.connected(conn); } }; // Create HTTP connection factory NHttpConnectionFactory<DefaultNHttpServerConnection> connFactory; if (port == 8443) { // Initialize SSL context final ClassLoader cl = NHttpServer.class.getClassLoader(); final URL url = cl.getResource("my.keystore"); if (url == null) { NHttpServer.debug("Keystore not found"); System.exit(1); } final KeyStore keystore = KeyStore.getInstance("jks"); keystore.load(url.openStream(), "secret".toCharArray()); final KeyManagerFactory kmfactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmfactory.init(keystore, "secret".toCharArray()); final KeyManager[] keymanagers = kmfactory.getKeyManagers(); final SSLContext sslcontext = SSLContext.getInstance("TLS"); sslcontext.init(keymanagers, null, null); connFactory = new SSLNHttpServerConnectionFactory(sslcontext, null, params); } else { connFactory = new DefaultNHttpServerConnectionFactory(params); } // Create server-side I/O event dispatch final IOEventDispatch ioEventDispatch = new DefaultHttpServerIODispatch(protocolHandler, connFactory); // Create server-side I/O reactor this.ioReactor = new DefaultListeningIOReactor(); try { // Listen of the given port this.ioReactor.listen(new InetSocketAddress(port)); // Ready to go! this.ioReactor.execute(ioEventDispatch); } catch (final InterruptedIOException ex) { System.err.println("Interrupted"); } catch (final IOException e) { System.err.println("I/O error: " + e.getMessage()); } NHttpServer.debug("Shutdown"); }
From source file:org.hyperic.hq.bizapp.agent.server.CommandsServer.java
private KeyManager[] getKeyManagers(KeyStore useStore, String filePass) throws AgentStartException { KeyManagerFactory res; String alg;/*ww w . j a va 2 s . c o m*/ alg = KeyManagerFactory.getDefaultAlgorithm(); try { res = KeyManagerFactory.getInstance(alg); res.init(useStore, filePass.toCharArray()); } catch (Exception exc) { throw new AgentStartException("Unable to get default key " + "manager: " + exc.getMessage()); } return res.getKeyManagers(); }
From source file:org.eclipse.emf.emfstore.internal.server.connection.ServerKeyStoreManager.java
/** * Creates a {@link KeyManagerFactory} for the RMI encryption. * /*from w w w . j ava2 s .c om*/ * @return KeyManagerFactory * @throws ServerKeyStoreException in case of failure */ public KeyManagerFactory getKeyManagerFactory() throws ServerKeyStoreException { try { final KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance( ServerConfiguration.getProperties().getProperty(ServerConfiguration.KEYSTORE_CERTIFICATE_TYPE, ServerConfiguration.KEYSTORE_CERTIFICATE_TYPE_DEFAULT)); keyManagerFactory.init(getKeyStore(), getKeyStorePassword()); return keyManagerFactory; } catch (final NoSuchAlgorithmException e) { throw new ServerKeyStoreException(e); } catch (final KeyStoreException e) { throw new ServerKeyStoreException(e); } catch (final UnrecoverableKeyException e) { throw new ServerKeyStoreException(e); } }
From source file:org.jboss.aerogear.windows.mpns.MpnsServiceBuilder.java
/** * Returns a fully initialized instance of {@link MpnsService}, * according to the requested settings./* www. j a v a 2 s . c o m*/ * * @return a new instance of MpnsService */ public MpnsService build() { checkInitialization(); // Client Configuration HttpClient client; if (httpClient != null) { client = httpClient; } else if (pooledMax == 1) { client = new DefaultHttpClient(); } else { client = new DefaultHttpClient(Utilities.poolManager(pooledMax)); } if (proxy != null) { client.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, proxy); } if (securityInfo != null) { try { KeyStore keyStore; if (securityInfo.getProvider() == null) { keyStore = KeyStore.getInstance(securityInfo.getName()); } else { keyStore = KeyStore.getInstance(securityInfo.getName(), securityInfo.getProvider()); } keyStore.load(new ByteArrayInputStream(securityInfo.getCert()), securityInfo.getPassword().toCharArray()); KeyManagerFactory kmfactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmfactory.init(keyStore, securityInfo.getPassword().toCharArray()); KeyManager[] km = kmfactory.getKeyManagers(); // create SSL socket factory SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(km, null, null); org.apache.http.conn.ssl.SSLSocketFactory sslSocketFactory = new org.apache.http.conn.ssl.SSLSocketFactory( sslContext); Scheme https = new Scheme("https", 443, sslSocketFactory); client.getConnectionManager().getSchemeRegistry().register(https); } catch (Exception e) { throw new IllegalArgumentException(e); } } if (timeout > 0) { HttpParams params = client.getParams(); HttpConnectionParams.setConnectionTimeout(params, timeout); HttpConnectionParams.setSoTimeout(params, timeout); } // Configure service AbstractMpnsService service; if (pooledMax == 1) { service = new MpnsServiceImpl(client, delegate); } else { service = new MpnsPooledService(client, executor, delegate); } if (isQueued) { service = new MpnsQueuedService(service); } service.start(); return service; }