Example usage for javax.net.ssl KeyManagerFactory init

List of usage examples for javax.net.ssl KeyManagerFactory init

  1. HOME
  2. Java
  3. javax
  4. javax.net.ssl.*
  5. KeyManagerFactory
  6. init

Introduction

In this page you can find the example usage for javax.net.ssl KeyManagerFactory init.

Prototype

public final void init(KeyStore ks, char[] password)
        throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException

Source Link

Document

Initializes this factory with a source of key material.

Usage

From source file:com.dbay.apns4j.tools.ApnsTools.java

public final static SocketFactory createSocketFactory(InputStream keyStore, String password,
        String keystoreType, String algorithm, String protocol)
        throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException,
        UnrecoverableKeyException, KeyManagementException, CertificateExpiredException {

    char[] pwdChars = password.toCharArray();
    KeyStore ks = KeyStore.getInstance(keystoreType);
    ks.load(keyStore, pwdChars);//from www  .  j  a  va2s.  c om

    // ??
    Enumeration<String> enums = ks.aliases();
    String alias = "";
    if (enums.hasMoreElements()) {
        alias = enums.nextElement();
    }
    if (StringUtils.isNotEmpty(alias)) {
        X509Certificate certificate = (X509Certificate) ks.getCertificate(alias);
        if (null != certificate) {
            String type = certificate.getType();
            int ver = certificate.getVersion();
            String name = certificate.getSubjectDN().getName();
            String serialNumber = certificate.getSerialNumber().toString(16);
            String issuerDN = certificate.getIssuerDN().getName();
            String sigAlgName = certificate.getSigAlgName();
            String publicAlgorithm = certificate.getPublicKey().getAlgorithm();
            Date before = certificate.getNotBefore();
            Date after = certificate.getNotAfter();

            String beforeStr = DateFormatUtils.format(before, "yyyy-MM-dd HH:mm:ss");
            String afterStr = DateFormatUtils.format(after, "yyyy-MM-dd HH:mm:ss");

            // ??
            long expire = DateUtil.getNumberOfDaysBetween(new Date(), after);
            if (expire <= 0) {
                if (LOG.isErrorEnabled()) {
                    LOG.error(
                            "?[{}], [{}], ?[{}], ??[{}], ?[{}], ??[{}], [{}], [{}][{}], ?[{}]",
                            name, type, ver, serialNumber, issuerDN, sigAlgName, publicAlgorithm, beforeStr,
                            afterStr, Math.abs(expire));
                }

                throw new CertificateExpiredException("??[" + Math.abs(expire) + "]");
            }

            if (LOG.isInfoEnabled()) {
                LOG.info(
                        "?[{}], [{}], ?[{}], ??[{}], ?[{}], ??[{}], [{}], [{}][{}], ?[{}]?",
                        name, type, ver, serialNumber, issuerDN, sigAlgName, publicAlgorithm, beforeStr,
                        afterStr, expire);
            }
        }
    }

    KeyManagerFactory kf = KeyManagerFactory.getInstance(algorithm);
    kf.init(ks, pwdChars);

    TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);
    tmf.init((KeyStore) null);
    SSLContext context = SSLContext.getInstance(protocol);
    context.init(kf.getKeyManagers(), tmf.getTrustManagers(), null);

    return context.getSocketFactory();
}

From source file:org.openremote.android.console.net.SelfCertificateSSLSocketFactory.java

/**
 * Creates a new SelfCertificateSSLSocket object.
 * //  w w  w .j  av a  2s  .  c om
 * @return the SSL context
 * 
 * @throws IOException Signals that an I/O exception has occurred.
 */
private static SSLContext createEasySSLContext(Context context) throws IOException {
    TrustManager easyTrustManager = new X509TrustManager() {
        @Override
        public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
        }

        @Override
        public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
        }

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    };

    try {
        ORKeyStore keystore = ORKeyStore.getInstance(context);
        KeyManager[] managers = null;

        //keystore.fillKeyStore();
        //keystore.saveKeyStore();

        if (!keystore.isEmpty()) {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory
                    .getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keystore.getKeyStore(), "password".toCharArray());

            managers = keyManagerFactory.getKeyManagers();
        }

        SSLContext sslcontext = SSLContext.getInstance("TLS");
        sslcontext.init(managers, new TrustManager[] { easyTrustManager }, null);
        return sslcontext;
    } catch (Exception e) {
        throw new IOException(e.getMessage());
    }
}

From source file:io.fabric8.utils.cxf.WebClients.java

public static void configureClientCert(WebClient webClient, String clientCertData, File clientCertFile,
        String clientKeyData, File clientKeyFile, String clientKeyAlgo, char[] clientKeyPassword) {
    try {/*from   w  w w .j  ava 2  s .c  o  m*/
        KeyStore keyStore = createKeyStore(clientCertData, clientCertFile, clientKeyData, clientKeyFile,
                clientKeyAlgo, clientKeyPassword);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory
                .getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, clientKeyPassword);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();

        HTTPConduit conduit = WebClient.getConfig(webClient).getHttpConduit();

        TLSClientParameters params = conduit.getTlsClientParameters();

        if (params == null) {
            params = new TLSClientParameters();
            conduit.setTlsClientParameters(params);
        }

        KeyManager[] existingKeyManagers = params.getKeyManagers();

        if (!ArrayUtils.isEmpty(existingKeyManagers)) {
            keyManagers = (KeyManager[]) ArrayUtils.addAll(existingKeyManagers, keyManagers);
        }

        params.setKeyManagers(keyManagers);

    } catch (Exception e) {
        LOG.error("Could not create key manager for " + clientCertFile + " (" + clientKeyFile + ")", e);
    }
}

From source file:io.wcm.caravan.commons.httpclient.impl.helpers.CertificateLoader.java

/**
 * Get key manager factory/*from  w  w w.j a va 2 s.  c  o  m*/
 * @param keyStoreStream Keystore input stream
 * @param storeProperties store properties
 * @return Key manager factory
 * @throws IOException
 * @throws GeneralSecurityException
 */
private static KeyManagerFactory getKeyManagerFactory(InputStream keyStoreStream,
        StoreProperties storeProperties) throws IOException, GeneralSecurityException {
    KeyStore ts = KeyStore.getInstance(storeProperties.getType());
    ts.load(keyStoreStream, storeProperties.getPassword().toCharArray());
    KeyManagerFactory kmf = KeyManagerFactory.getInstance(storeProperties.getManagerType());
    kmf.init(ts, storeProperties.getPassword().toCharArray());
    return kmf;
}

From source file:com.mani.fileupload.http.EasySSLSocketFactory.java

private static SSLContext createEasySSLContext() throws IOException {
    try {/*from w  w  w  .  j  av a 2s  .co m*/

        // Client should send the valid key to Server 
        InputStream clientStream = null;
        char[] password = null;

        clientStream = FileUploadApplication.getContext().getResources().openRawResource(R.raw.client);
        password = "fileupload".toCharArray();

        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(clientStream, password);

        KeyManagerFactory keyManagerFactory = KeyManagerFactory
                .getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, password);

        // CA key obtained from server.
        KeyStore trustStore = KeyStore.getInstance("BKS");
        InputStream instream = null;
        instream = FileUploadApplication.getContext().getResources().openRawResource(R.raw.ca);

        try {
            trustStore.load(instream, "casecret".toCharArray());
        } catch (Exception e) {
            e.printStackTrace();
        } finally {
            try {
                instream.close();
            } catch (Exception ignore) {
            }
        }

        String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
        tmf.init(trustStore);

        // Create an SSLContext that uses our TrustManager
        SSLContext context = SSLContext.getInstance("TLS");
        context.init(keyManagerFactory.getKeyManagers(), tmf.getTrustManagers(), null);

        return context;
    } catch (Exception e) {
        e.printStackTrace();
        throw new IOException(e.getMessage());
    }
}

From source file:android.apn.androidpn.server.xmpp.ssl.SSLKeyManagerFactory.java

public static KeyManager[] getKeyManagers(KeyStore keystore, String keypass) {
    KeyManager[] keyManagers;/*from w ww . j a v a  2s.  c  o  m*/
    try {
        if (keystore == null) {
            keyManagers = null;
        } else {
            KeyManagerFactory keyFactory = KeyManagerFactory
                    .getInstance(KeyManagerFactory.getDefaultAlgorithm());
            if (keypass == null) {
                keypass = SSLConfig.getKeyPassword();
            }

            keyFactory.init(keystore, keypass.toCharArray());
            keyManagers = keyFactory.getKeyManagers();
        }
    } catch (KeyStoreException e) {
        keyManagers = null;
        log.error("SSLKeyManagerFactory startup problem.", e);
    } catch (NoSuchAlgorithmException e) {
        keyManagers = null;
        log.error("SSLKeyManagerFactory startup problem.", e);
    } catch (UnrecoverableKeyException e) {
        keyManagers = null;
        log.error("SSLKeyManagerFactory startup problem.", e);
    }
    return keyManagers;
}

From source file:org.wso2.carbon.esb.rabbitmq.message.store.jira.ESBJAVA4569RabbiMQSSLStoreWithClientCertValidationTest.java

/**
 * Helper method to retrieve queue message from rabbitMQ
 *
 * @return result/*from   w  w w . j a  v  a2s.co  m*/
 * @throws Exception
 */
private static String consumeWithoutCertificate() throws Exception {
    String result = "";

    String basePath = TestConfigurationProvider.getResourceLocation()
            + "/artifacts/ESB/messageStore/rabbitMQ/SSL/";

    String truststoreLocation = basePath + "rabbitMQ/certs/client/rabbitstore";
    String keystoreLocation = basePath + "rabbitMQ/certs/client/keycert.p12";

    char[] keyPassphrase = "MySecretPassword".toCharArray();
    KeyStore ks = KeyStore.getInstance("PKCS12");
    ks.load(new FileInputStream(keystoreLocation), keyPassphrase);

    KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    kmf.init(ks, keyPassphrase);

    char[] trustPassphrase = "rabbitstore".toCharArray();
    KeyStore tks = KeyStore.getInstance("JKS");
    tks.load(new FileInputStream(truststoreLocation), trustPassphrase);

    TrustManagerFactory tmf = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    tmf.init(tks);

    SSLContext c = SSLContext.getInstance("SSL");
    c.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

    ConnectionFactory factory = new ConnectionFactory();
    factory.setHost("localhost");
    factory.setPort(5671);
    factory.useSslProtocol(c);

    Connection conn = factory.newConnection();
    Channel channel = conn.createChannel();

    GetResponse chResponse = channel.basicGet("WithClientCertQueue", true);
    if (chResponse != null) {
        byte[] body = chResponse.getBody();
        result = new String(body);
    }
    channel.close();
    conn.close();
    return result;
}

From source file:org.jasig.cas.authentication.FileTrustStoreSslSocketFactory.java

/**
 * Gets key manager./*w ww.  j  a v  a  2 s.  com*/
 *
 * @param algorithm the algorithm
 * @param keystore the keystore
 * @param password the password
 * @return the key manager
 * @throws Exception the exception
 */
private static X509KeyManager getKeyManager(final String algorithm, final KeyStore keystore,
        final char[] password) throws Exception {
    final KeyManagerFactory factory = KeyManagerFactory.getInstance(algorithm);
    factory.init(keystore, password);
    return (X509KeyManager) factory.getKeyManagers()[0];
}

From source file:AuthSSLProtocolSocketFactory.java

private static KeyManager[] createKeyManagers(final KeyStore keystore, final String password)
        throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
    if (keystore == null) {
        throw new IllegalArgumentException("Keystore may not be null");
    }/*from w  w  w .j  a  v  a  2  s. c  om*/
    System.out.println("Initializing key manager");
    KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    kmfactory.init(keystore, password != null ? password.toCharArray() : null);
    return kmfactory.getKeyManagers();
}

From source file:cn.dacas.emmclient.security.ssl.EasySSLSocketFactory.java

private static SSLContext createEasySSLContext() throws IOException {
    try {/*  www . j  av a2s. c o m*/

        // Client should authenticate itself with the valid certificate to Server.
        InputStream clientStream = EmmClientApplication.getContext().getResources()
                .openRawResource(R.raw.production_test_client);
        char[] password = "XXXXXXXXXXXXX".toCharArray();

        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(clientStream, password);

        KeyManagerFactory keyManagerFactory = KeyManagerFactory
                .getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, password);

        // Client should also add the CA certificate obtained from server and create TrustManager from it for the client to validate the 
        // identity of the server.
        KeyStore trustStore = KeyStore.getInstance("BKS");
        InputStream instream = null;
        instream = EmmClientApplication.getContext().getResources().openRawResource(R.raw.production_test_ca);

        try {
            trustStore.load(instream, "XXXXXXXX".toCharArray());
        } catch (Exception e) {
            e.printStackTrace();
        } finally {
            try {
                instream.close();
            } catch (Exception ignore) {
            }
        }

        String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
        tmf.init(trustStore);

        // Create an SSLContext that uses our TrustManager & Keystore
        SSLContext context = SSLContext.getInstance("TLS");
        context.init(keyManagerFactory.getKeyManagers(), tmf.getTrustManagers(), null);

        return context;
    } catch (Exception e) {
        e.printStackTrace();
        throw new IOException(e.getMessage());
    }
}