List of usage examples for java.security Security addProvider
public static int addProvider(Provider provider)
From source file:it.cnr.icar.eric.common.security.X509Parser.java
/** * Parses a X509Certificate from a DER formatted input stream. Uses the * BouncyCastle provider if available.// w w w .j a v a 2s. c om * * @param inStream The DER InputStream with the certificate. * @return X509Certificate parsed from stream. * @throws JAXRException in case of IOException or CertificateException * while parsing the stream. */ public static X509Certificate parseX509Certificate(InputStream inStream) throws JAXRException { try { //possible options // - der x509 generated by keytool -export // - der x509 generated by openssh x509 (might require BC provider) // Get the CertificateFactory to parse the stream // if BouncyCastle provider available, use it CertificateFactory cf; try { Class<?> clazz = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider"); Constructor<?> constructor = clazz.getConstructor(new Class[] {}); Provider bcProvider = (Provider) constructor.newInstance(new Object[] {}); Security.addProvider(bcProvider); cf = CertificateFactory.getInstance("X.509", "BC"); } catch (Exception e) { // log error if bc present but failed to instanciate/add provider if (!(e instanceof ClassNotFoundException)) { log.error(CommonResourceBundle.getInstance() .getString("message.FailedToInstantiateBouncyCastleProvider")); } // fall back to default provider cf = CertificateFactory.getInstance("X.509"); } // Read the stream to a local variable DataInputStream dis = new DataInputStream(inStream); byte[] bytes = new byte[dis.available()]; dis.readFully(bytes); ByteArrayInputStream certStream = new ByteArrayInputStream(bytes); // Parse the cert stream int i = 0; Collection<? extends Certificate> c = cf.generateCertificates(certStream); X509Certificate[] certs = new X509Certificate[c.toArray().length]; for (Iterator<? extends Certificate> it = c.iterator(); it.hasNext();) { certs[i++] = (X509Certificate) it.next(); } // Some logging.. if (log.isDebugEnabled()) { if (c.size() == 1) { log.debug("One certificate, no chain."); } else { log.debug("Certificate chain length: " + c.size()); } log.debug("Subject DN: " + certs[0].getSubjectDN().getName()); log.debug("Issuer DN: " + certs[0].getIssuerDN().getName()); } // Do we need to return the chain? // do we need to verify if cert is self signed / valid? return certs[0]; } catch (CertificateException e) { String msg = CommonResourceBundle.getInstance().getString("message.parseX509CertificateStreamFailed", new Object[] { e.getClass().getName(), e.getMessage() }); throw new JAXRException(msg, e); } catch (IOException e) { String msg = CommonResourceBundle.getInstance().getString("message.parseX509CertificateStreamFailed", new Object[] { e.getClass().getName(), e.getMessage() }); throw new JAXRException(msg, e); } finally { try { inStream.close(); } catch (IOException e) { inStream = null; } } }
From source file:org.tolven.security.cert.CertificateHelper.java
public CertificateHelper() { //TODO Is this the right place to add a provider. It should be a one time initialization for the JVM Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); }
From source file:ie.peternagy.jcrypto.algo.EllipticCurveWrapper.java
public EllipticCurveWrapper() { Security.addProvider(new BouncyCastleProvider()); try {//w w w. j ava 2 s . com tryLoadKeys(); ecCipher = Cipher.getInstance(ALGORITHM_NAME, "BC"); } catch (NoSuchAlgorithmException | NoSuchPaddingException | NoSuchProviderException ex) { Logger.getLogger(EllipticCurveWrapper.class.getName()).log(Level.SEVERE, null, ex); } }
From source file:org.tolven.gatekeeper.CertificateHelper.java
public CertificateHelper() { //TODO This is not the right place to add a provider. It should be a one time initialization for the EJB tier Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); }
From source file:test.integ.be.fedict.commons.eid.client.JCATest.java
@Test public void testSwingParentLocale() throws Exception { Security.addProvider(new BeIDProvider()); final JFrame frame = new JFrame("Test Parent frame"); frame.setSize(200, 200);/*from w w w . j a v a 2 s. c om*/ frame.setLocation(300, 300); frame.setVisible(true); final KeyStore keyStore = KeyStore.getInstance("BeID"); final BeIDKeyStoreParameter keyStoreParameter = new BeIDKeyStoreParameter(); keyStoreParameter.setLogoff(true); keyStoreParameter.setParentComponent(frame); keyStoreParameter.setLocale(new Locale("nl")); keyStore.load(keyStoreParameter); final PrivateKey authnPrivateKey = (PrivateKey) keyStore.getKey("Authentication", null); final Signature signature = Signature.getInstance("SHA1withRSA"); signature.initSign(authnPrivateKey); final byte[] toBeSigned = "hello world".getBytes(); signature.update(toBeSigned); signature.sign(); }
From source file:org.apache.excalibur.source.impl.HTTPSClientSourceFactory.java
/** * Method to set up the SSL provider for this factory * instance./*from w w w . jav a2s . c om*/ * * @param params configuration {@link Parameters} * @exception ParameterException if an error occurs */ private void setProvider(final Parameters params) throws ParameterException { String provider = null; try { provider = params.getParameter(SSL_PROVIDER); } catch (final ParameterException e) { return; // this is ok, means no custom SSL provider } Security.addProvider((Provider) this.getInstance(provider)); }
From source file:org.zaproxy.zap.extension.dynssl.SslCertificateUtils.java
/** * Creates a new Root CA certificate and returns private and public key as * {@link KeyStore}. The {@link KeyStore#getDefaultType()} is used. * * @return// w w w . j a va 2 s .com * @throws NoSuchAlgorithmException If no providers are found * for 'RSA' key pair generator * or 'SHA1PRNG' Secure random number generator * @throws IllegalStateException in case of errors during assembling {@link KeyStore} */ public static final KeyStore createRootCA() throws NoSuchAlgorithmException { final Date startDate = Calendar.getInstance().getTime(); final Date expireDate = new Date(startDate.getTime() + (DEFAULT_VALID_DAYS * 24L * 60L * 60L * 1000L)); final KeyPairGenerator g = KeyPairGenerator.getInstance("RSA"); g.initialize(2048, SecureRandom.getInstance("SHA1PRNG")); final KeyPair keypair = g.genKeyPair(); final PrivateKey privKey = keypair.getPrivate(); final PublicKey pubKey = keypair.getPublic(); Security.addProvider(new BouncyCastleProvider()); Random rnd = new Random(); // using the hash code of the user's name and home path, keeps anonymity // but also gives user a chance to distinguish between each other X500NameBuilder namebld = new X500NameBuilder(BCStyle.INSTANCE); namebld.addRDN(BCStyle.CN, "OWASP Zed Attack Proxy Root CA"); namebld.addRDN(BCStyle.L, Integer.toHexString(System.getProperty("user.name").hashCode()) + Integer.toHexString(System.getProperty("user.home").hashCode())); namebld.addRDN(BCStyle.O, "OWASP Root CA"); namebld.addRDN(BCStyle.OU, "OWASP ZAP Root CA"); namebld.addRDN(BCStyle.C, "xx"); X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(namebld.build(), BigInteger.valueOf(rnd.nextInt()), startDate, expireDate, namebld.build(), pubKey); KeyStore ks = null; try { certGen.addExtension(Extension.subjectKeyIdentifier, false, new SubjectKeyIdentifier(pubKey.getEncoded())); certGen.addExtension(Extension.basicConstraints, true, new BasicConstraints(true)); certGen.addExtension(Extension.keyUsage, false, new KeyUsage(KeyUsage.keyCertSign | KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment | KeyUsage.cRLSign)); KeyPurposeId[] eku = { KeyPurposeId.id_kp_serverAuth, KeyPurposeId.id_kp_clientAuth, KeyPurposeId.anyExtendedKeyUsage }; certGen.addExtension(Extension.extendedKeyUsage, false, new ExtendedKeyUsage(eku)); final ContentSigner sigGen = new JcaContentSignerBuilder("SHA256WithRSAEncryption").setProvider("BC") .build(privKey); final X509Certificate cert = new JcaX509CertificateConverter().setProvider("BC") .getCertificate(certGen.build(sigGen)); ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null, null); ks.setKeyEntry(SslCertificateService.ZAPROXY_JKS_ALIAS, privKey, SslCertificateService.PASSPHRASE, new Certificate[] { cert }); } catch (final Exception e) { throw new IllegalStateException("Errors during assembling root CA.", e); } return ks; }
From source file:com.lightszentip.module.security.password.PasswordModuleImpl.java
/** * Constructor Set attribute for password encoding and cryption, for * generate and check - you need the same attributes * // w w w.j av a 2 s . c om * @param secretId * @param secretSaltPw * @param secureSaltKey * @param typeEncrypt * @param typeEncod * @param randomPasswordLength */ public PasswordModuleImpl(String secretId, String secretSaltPw, String secureSaltKey, EncryptionType typeEncrypt, AlgorithmType typeEncod, int randomPasswordLength) { this.secretId = secretId; this.secretSaltPw = secretSaltPw; this.typeEncod = typeEncod; this.typeEncrypt = typeEncrypt; this.randomPasswordLength = randomPasswordLength; this.key = secureSaltKey + this.secretId; if (this.key.length() % 4 != 0) { throw new IllegalArgumentException("The length for secureSaltKey and secretId is false"); } Security.addProvider(new BouncyCastleProvider()); }
From source file:ListAlgorithms.java
public static void main(String[] args) { Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); Provider[] providers = Security.getProviders(); Set<String> ciphers = new HashSet<String>(); Set<String> keyAgreements = new HashSet<String>(); Set<String> macs = new HashSet<String>(); Set<String> messageDigests = new HashSet<String>(); Set<String> signatures = new HashSet<String>(); Set<String> keyFactory = new HashSet<String>(); Set<String> keyPairGenerator = new HashSet<String>(); Set<String> keyGenerator = new HashSet<String>(); for (int i = 0; i != providers.length; i++) { Iterator it = providers[i].keySet().iterator(); while (it.hasNext()) { String entry = (String) it.next(); if (entry.startsWith("Alg.Alias.")) { entry = entry.substring("Alg.Alias.".length()); }/*w w w . j a v a2s . c o m*/ if (entry.startsWith("Cipher.")) { ciphers.add(entry.substring("Cipher.".length())); } else if (entry.startsWith("KeyAgreement.")) { keyAgreements.add(entry.substring("KeyAgreement.".length())); } else if (entry.startsWith("Mac.")) { macs.add(entry.substring("Mac.".length())); } else if (entry.startsWith("MessageDigest.")) { messageDigests.add(entry.substring("MessageDigest.".length())); } else if (entry.startsWith("Signature.")) { signatures.add(entry.substring("Signature.".length())); } else if (entry.startsWith("KeyPairGenerator.")) { keyPairGenerator.add(entry.substring("KeyPairGenerator.".length())); } else if (entry.startsWith("KeyFactory.")) { keyFactory.add(entry.substring("KeyFactory.".length())); } else if (entry.startsWith("KeyGenerator.")) { keyGenerator.add(entry.substring("KeyGenerator.".length())); } else { System.out.println(entry); } } } printSet("KeyGenerator", keyGenerator); printSet("KeyFactory", keyFactory); printSet("KeyPairGenerator", keyPairGenerator); printSet("Ciphers", ciphers); printSet("KeyAgreeents", keyAgreements); printSet("Macs", macs); printSet("MessageDigests", messageDigests); printSet("Signatures", signatures); }