List of usage examples for javax.net.ssl KeyManagerFactory init
public final void init(KeyStore ks, char[] password) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException
From source file:org.signserver.client.cli.defaultimpl.KeyStoreOptions.java
private static void setDefaultSocketFactory(final KeyStore truststore, final KeyStore keystore, String keyAlias, char[] keystorePassword) throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException, UnrecoverableKeyException { final TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); tmf.init(truststore);/*from w w w .j ava 2s.c o m*/ final KeyManager[] keyManagers; if (keystore == null) { keyManagers = null; } else { if (keyAlias == null) { keyAlias = keystore.aliases().nextElement(); } final KeyManagerFactory kKeyManagerFactory = KeyManagerFactory.getInstance("SunX509"); kKeyManagerFactory.init(keystore, keystorePassword); keyManagers = kKeyManagerFactory.getKeyManagers(); for (int i = 0; i < keyManagers.length; i++) { if (keyManagers[i] instanceof X509KeyManager) { keyManagers[i] = new AliasKeyManager((X509KeyManager) keyManagers[i], keyAlias); } } } final SSLContext context = SSLContext.getInstance("TLS"); context.init(keyManagers, tmf.getTrustManagers(), new SecureRandom()); SSLSocketFactory factory = context.getSocketFactory(); HttpsURLConnection.setDefaultSSLSocketFactory(factory); }
From source file:org.kontalk.client.ClientHTTPConnection.java
public static SSLSocketFactory setupSSLSocketFactory(Context context, PrivateKey privateKey, X509Certificate certificate, boolean acceptAnyCertificate) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, KeyManagementException, UnrecoverableKeyException, NoSuchProviderException { // in-memory keystore KeyManager[] km = null;/* w w w .ja va 2 s.c o m*/ if (privateKey != null && certificate != null) { KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(null, null); keystore.setKeyEntry("private", privateKey, null, new Certificate[] { certificate }); // key managers KeyManagerFactory kmFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmFactory.init(keystore, null); km = kmFactory.getKeyManagers(); } // trust managers TrustManager[] tm; if (acceptAnyCertificate) { tm = new TrustManager[] { new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } } }; } else { // load merged truststore (system + internal) KeyStore trustStore = InternalTrustStore.getTrustStore(context); // builtin keystore TrustManagerFactory tmFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmFactory.init(trustStore); tm = tmFactory.getTrustManagers(); } SSLContext ctx = SSLContext.getInstance("TLSv1"); ctx.init(km, tm, null); return new TlsOnlySocketFactory(ctx.getSocketFactory(), true); }
From source file:com.gargoylesoftware.htmlunit.httpclient.HtmlUnitSSLConnectionSocketFactory.java
private static KeyManager[] getKeyManagers(final WebClientOptions options) { if (options.getSSLClientCertificateStore() == null) { return null; }// w w w . j a va 2 s .c om try { final KeyStore keyStore = options.getSSLClientCertificateStore(); final KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, options.getSSLClientCertificatePassword()); return keyManagerFactory.getKeyManagers(); } catch (final Exception e) { throw new RuntimeException(e); } }
From source file:org.kontalk.client.KontalkConnection.java
@SuppressLint("AllowAllHostnameVerifier") private static void setupSSL(XMPPTCPConnectionConfiguration.Builder builder, boolean direct, PrivateKey privateKey, X509Certificate bridgeCert, boolean acceptAnyCertificate, KeyStore trustStore) { try {/*from ww w .ja va 2 s . com*/ SSLContext ctx = SSLContext.getInstance("TLS"); KeyManager[] km = null; if (privateKey != null && bridgeCert != null) { // in-memory keystore KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(null, null); keystore.setKeyEntry("private", privateKey, null, new Certificate[] { bridgeCert }); // key managers KeyManagerFactory kmFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmFactory.init(keystore, null); km = kmFactory.getKeyManagers(); // disable PLAIN mechanism if not upgrading from legacy if (!LegacyAuthentication.isUpgrading()) { // blacklist PLAIN mechanism SASLAuthentication.blacklistSASLMechanism("PLAIN"); } } // trust managers TrustManager[] tm; if (acceptAnyCertificate) { tm = new TrustManager[] { new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return null; } @SuppressLint("TrustAllX509TrustManager") @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @SuppressLint("TrustAllX509TrustManager") @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } } }; builder.setHostnameVerifier(new AllowAllHostnameVerifier()); } else { // builtin keystore TrustManagerFactory tmFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmFactory.init(trustStore); tm = tmFactory.getTrustManagers(); } ctx.init(km, tm, null); builder.setCustomSSLContext(ctx); if (direct) builder.setSocketFactory(ctx.getSocketFactory()); // SASL EXTERNAL is already enabled in Smack } catch (Exception e) { Log.w(TAG, "unable to setup SSL connection", e); } }
From source file:com.gravspace.core.HttpServer.java
public static void start(String[] args) throws Exception { int port = 8082; if (args.length >= 1) { port = Integer.parseInt(args[0]); }/*from w ww. j a va 2 s.c o m*/ ActorSystem system = ActorSystem.create("Application-System"); Properties config = new Properties(); config.load(HttpServer.class.getResourceAsStream("/megapode.conf")); ActorRef master = system.actorOf(Props.create(CoordinatingActor.class, config), "Coordinator"); // Set up the HTTP protocol processor HttpProcessor httpproc = HttpProcessorBuilder.create().add(new ResponseDate()) .add(new ResponseServer("Test/1.1")).add(new ResponseContent()).add(new ResponseConnControl()) .build(); // Set up request handlers UriHttpRequestHandlerMapper reqistry = new UriHttpRequestHandlerMapper(); reqistry.register("*", new HttpHandler(system, master)); // Set up the HTTP service HttpService httpService = new HttpService(httpproc, reqistry); SSLServerSocketFactory sf = null; if (port == 8443) { // Initialize SSL context ClassLoader cl = HttpServer.class.getClassLoader(); URL url = cl.getResource("my.keystore"); if (url == null) { System.out.println("Keystore not found"); System.exit(1); } KeyStore keystore = KeyStore.getInstance("jks"); keystore.load(url.openStream(), "secret".toCharArray()); KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmfactory.init(keystore, "secret".toCharArray()); KeyManager[] keymanagers = kmfactory.getKeyManagers(); SSLContext sslcontext = SSLContext.getInstance("TLS"); sslcontext.init(keymanagers, null, null); sf = sslcontext.getServerSocketFactory(); } RequestListenerThread t = new RequestListenerThread(port, httpService, sf); t.setDaemon(false); t.start(); t.join(); }
From source file:org.pepstock.jem.node.security.keystore.KeyStoreUtil.java
/** * Returns a SSL socket factory creating asymmetric keys at runtime. * //w w w . ja v a 2 s . co m * @return a SSL socket factory for HTTPS listener * @throws KeyStoreException if any errors occurs to get keys */ public static SSLServerSocketFactory getSSLServerSocketFactory() throws KeyStoreException { try { // gets a key stores created at runtime ByteArrayInputStream baos = SelfSignedCertificate.getCertificate(); KeyStore keystore = KeyStore.getInstance("jks"); // loads the keystore keystore.load(baos, SelfSignedCertificate.CERTIFICATE_PASSWORD.toCharArray()); KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); // initialiazes the key manager kmfactory.init(keystore, SelfSignedCertificate.CERTIFICATE_PASSWORD.toCharArray()); KeyManager[] keymanagers = kmfactory.getKeyManagers(); // creates SSL socket factory SSLContext sslcontext = SSLContext.getInstance("TLS"); sslcontext.init(keymanagers, null, null); return sslcontext.getServerSocketFactory(); } catch (UnrecoverableKeyException e) { throw new KeyStoreException(e.getMessage(), e); } catch (KeyManagementException e) { throw new KeyStoreException(e.getMessage(), e); } catch (NoSuchAlgorithmException e) { throw new KeyStoreException(e.getMessage(), e); } catch (CertificateException e) { throw new KeyStoreException(e.getMessage(), e); } catch (SecurityException e) { throw new KeyStoreException(e.getMessage(), e); } catch (IOException e) { throw new KeyStoreException(e.getMessage(), e); } catch (OperatorCreationException e) { throw new KeyStoreException(e.getMessage(), e); } }
From source file:learn.encryption.ssl.SSLContext_Https.java
/** * @description javaSSLContext/* ww w. j a v a 2 s. com*/ * @description https?, SSLContext (NoHttp?SecureRandombug) * @description client.ks?server * @description ?? * @description ????getSSLContext2() */ //@SuppressLint("TrulyRandom") public static SSLContext getSSLContext() { SSLContext sslContext = null; try { sslContext = SSLContext.getInstance("TLS"); // ??, ??assets InputStream inputStream = new FileInputStream(new File("D:\\tomcatcert\\server.ks")); //App.getInstance().getAssets().open("srca.cer"); // ?? CertificateFactory cerFactory = CertificateFactory.getInstance("X.509"); // ?KeyStore KeyStore keyStore = KeyStore.getInstance("jks"); keyStore.load(inputStream, "123456".toCharArray()); //Certificate cer = cerFactory.generateCertificate(inputStream); Certificate cer = keyStore.getCertificate("clientKey"); keyStore.setCertificateEntry("trust", cer); // KeyStorekeyManagerFactory KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, "123456".toCharArray()); // KeyStoreTrustManagerFactory TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keyStore); // ?SSLContext sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom()); } catch (Exception e) { e.printStackTrace(); } return sslContext; }
From source file:learn.encryption.ssl.SSLContext_Https.java
public static SSLContext getSSLContext2(String servercerfile, String clientkeyStore, String clientPass) { if (sslContext != null) { return sslContext; }//w w w .j a v a2 s. c o m try { // ??, ??assets //InputStream inputStream = App.getInstance().getAssets().open("serverkey.cer"); InputStream inputStream = new FileInputStream(new File(servercerfile)); // ?? CertificateFactory cerFactory = CertificateFactory.getInstance("X.509"); Certificate cer = cerFactory.generateCertificate(inputStream); // ?KeyStore KeyStore keyStore = KeyStore.getInstance("PKCS12");//eclipse?jksandroidPKCS12?? keyStore.load(null, null); keyStore.setCertificateEntry("trust", cer); // KeyStoreTrustManagerFactory TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keyStore); sslContext = SSLContext.getInstance("TLS"); //?clientKeyStore(android??bks) //KeyStore clientKeyStore = KeyStore.getInstance("BKS"); KeyStore clientKeyStore = KeyStore.getInstance("jks"); //clientKeyStore.load(App.getInstance().getAssets().open("clientkey.bks"), "123456".toCharArray()); clientKeyStore.load(new FileInputStream(new File(clientkeyStore)), clientPass.toCharArray()); // ?clientKeyStorekeyManagerFactory KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(clientKeyStore, clientPass.toCharArray()); // ?SSLContext trustManagerFactory.getTrustManagers() sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());//new TrustManager[]{trustManagers}?? } catch (Exception e) { e.printStackTrace(); } return sslContext; }
From source file:org.springframework.vault.config.ClientHttpRequestFactoryFactory.java
private static KeyManagerFactory createKeyManagerFactory(Resource keystoreFile, String storePassword) throws GeneralSecurityException, IOException { KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); loadKeyStore(keystoreFile, storePassword, keyStore); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, StringUtils.hasText(storePassword) ? storePassword.toCharArray() : new char[0]); return keyManagerFactory; }
From source file:com.android.beyondemail.SSLSocketFactory.java
private static KeyManager[] createKeyManagers(final KeyStore keystore, final String password) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException { if (keystore == null) { throw new IllegalArgumentException("Keystore may not be null"); }/*from w ww .j a v a 2s. co m*/ KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmfactory.init(keystore, password != null ? password.toCharArray() : null); return kmfactory.getKeyManagers(); }