List of usage examples for java.security Security addProvider
public static int addProvider(Provider provider)
From source file:org.bedework.util.security.pki.PKITools.java
/** * Constructor * */ public PKITools() { curSchema = schemas[0]; if (curSchema.p != null) { Security.addProvider(curSchema.p); } }
From source file:org.fdroid.fdroid.FDroidApp.java
public static void enableSpongyCastleOnLollipop() { if (Build.VERSION.SDK_INT == 21) { Security.addProvider(SPONGYCASTLE_PROVIDER); } }
From source file:org.roda.common.certification.PDFSignatureUtils.java
public static List<Path> runDigitalSignatureExtract(Path input) throws SignatureException, IOException { Security.addProvider(new BouncyCastleProvider()); List<Path> paths = new ArrayList<Path>(); Path output = Files.createTempFile("extraction", ".xml"); Path outputContents = Files.createTempFile("contents", ".pkcs7"); PdfReader reader = new PdfReader(input.toString()); AcroFields fields = reader.getAcroFields(); ArrayList<?> names = fields.getSignatureNames(); String filename = input.getFileName().toString(); filename = filename.substring(0, filename.lastIndexOf('.')); if (names.isEmpty()) return paths; StringBuilder sb = getExtractionInformation(fields, names, outputContents, filename); FileOutputStream fos = new FileOutputStream(output.toString()); OutputStreamWriter osw = new OutputStreamWriter(fos); PrintWriter out = new PrintWriter(osw, true); out.println("<?xml version=\"1.0\" encoding=\"UTF-8\"?>"); out.println("<signatures>"); out.println(sb.toString());// ww w .j a v a2s . c o m out.println("</signatures>"); IOUtils.closeQuietly(out); IOUtils.closeQuietly(osw); IOUtils.closeQuietly(fos); reader.close(); paths.add(output); paths.add(outputContents); return paths; }
From source file:test.integ.be.e_contract.mycarenet.genins.GenericInsurabilityClientTest.java
@Test public void testSTSNurse() throws Exception { EHealthSTSClient client = new EHealthSTSClient("https://wwwacc.ehealth.fgov.be/sts_1_1/SecureTokenService"); Security.addProvider(new BeIDProvider()); KeyStore keyStore = KeyStore.getInstance("BeID"); keyStore.load(null);/*www .j a v a 2 s .c o m*/ PrivateKey authnPrivateKey = (PrivateKey) keyStore.getKey("Authentication", null); X509Certificate authnCertificate = (X509Certificate) keyStore.getCertificate("Authentication"); KeyStore eHealthKeyStore = KeyStore.getInstance("PKCS12"); FileInputStream fileInputStream = new FileInputStream(this.config.getEHealthPKCS12Path()); eHealthKeyStore.load(fileInputStream, this.config.getEHealthPKCS12Password().toCharArray()); Enumeration<String> aliasesEnum = eHealthKeyStore.aliases(); String alias = aliasesEnum.nextElement(); X509Certificate eHealthCertificate = (X509Certificate) eHealthKeyStore.getCertificate(alias); PrivateKey eHealthPrivateKey = (PrivateKey) eHealthKeyStore.getKey(alias, this.config.getEHealthPKCS12Password().toCharArray()); List<Attribute> attributes = new LinkedList<Attribute>(); attributes.add(new Attribute("urn:be:fgov:identification-namespace", "urn:be:fgov:ehealth:1.0:certificateholder:person:ssin")); attributes.add(new Attribute("urn:be:fgov:identification-namespace", "urn:be:fgov:person:ssin")); List<AttributeDesignator> attributeDesignators = new LinkedList<AttributeDesignator>(); attributeDesignators.add(new AttributeDesignator("urn:be:fgov:identification-namespace", "urn:be:fgov:ehealth:1.0:certificateholder:person:ssin")); attributeDesignators .add(new AttributeDesignator("urn:be:fgov:identification-namespace", "urn:be:fgov:person:ssin")); attributeDesignators.add(new AttributeDesignator("urn:be:fgov:certified-namespace:ehealth", "urn:be:fgov:person:ssin:nurse:boolean")); Element assertion = client.requestAssertion(authnCertificate, authnPrivateKey, eHealthCertificate, eHealthPrivateKey, attributes, attributeDesignators); assertNotNull(assertion); String assertionString = client.toString(assertion); LOG.debug("SAML assertion: " + assertionString); }
From source file:org.guanxi.idp.Bootstrap.java
/** * Initialise the interceptor/*from w w w. j a va 2 s. c o m*/ */ public void init() { try { /* If we try to add the BouncyCastle provider but another Guanxi::SP running * in another webapp in the same container has already done so, then we'll get * -1 returned from the method, in which case, we should leave unloading of the * provider to the particular Guanxi::SP that loaded it. */ if ((Security.addProvider(new BouncyCastleProvider())) != -1) { // We've loaded it, so we should unload it okToUnloadBCProvider = true; } IdpDocument configDoc = IdpDocument.Factory.parse(new File(servletContext.getRealPath(configFile))); servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_CONFIG_DOC, configDoc); servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_CONFIG, configDoc.getIdp()); // Sort out the cookie's age int cookieAge = -1; String cookieMaxAge = configDoc.getIdp().getCookie().getAge().getStringValue(); String cookieAgeUnits = configDoc.getIdp().getCookie().getAge().getUnits().toString(); if (cookieAgeUnits.equals("seconds")) cookieAge = Integer.parseInt(cookieMaxAge); else if (cookieAgeUnits.equals("minutes")) cookieAge = Integer.parseInt(cookieMaxAge) * 60; else if (cookieAgeUnits.equals("hours")) cookieAge = Integer.parseInt(cookieMaxAge) * 3600; else if (cookieAgeUnits.equals("days")) cookieAge = Integer.parseInt(cookieMaxAge) * 86400; else if (cookieAgeUnits.equals("weeks")) cookieAge = Integer.parseInt(cookieMaxAge) * 604800; else if (cookieAgeUnits.equals("months")) cookieAge = Integer.parseInt(cookieMaxAge) * 2419200; else if (cookieAgeUnits.equals("years")) cookieAge = Integer.parseInt(cookieMaxAge) * 29030400; else if (cookieAgeUnits.equals("transient")) cookieAge = -1; String cookieDomain = (configDoc.getIdp().getCookie().getDomain() == null) ? "" : configDoc.getIdp().getCookie().getDomain(); // Register the IdP's ID and cookie details in case we're embedded servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_ID, configDoc.getIdp().getID()); servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_COOKIE_PREFIX, configDoc.getIdp().getCookie().getPrefix()); servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_COOKIE_NAME, configDoc.getIdp().getCookie().getPrefix() + configDoc.getIdp().getID()); servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_COOKIE_DOMAIN, cookieDomain); servletContext.setAttribute(Guanxi.CONTEXT_ATTR_IDP_COOKIE_AGE, new Integer(cookieAge)); setup(); startJobs(); } catch (Exception e) { } }
From source file:org.apache.hadoop.yarn.server.resourcemanager.security.RMAppSecurityManager.java
public RMAppSecurityManager(RMContext rmContext) { super(RMAppSecurityManager.class.getName()); Security.addProvider(new BouncyCastleProvider()); this.rmContext = rmContext; securityHandlersMap = new HashMap(); }
From source file:com.jtechme.apphub.FDroidApp.java
public static void enableSpongyCastleOnLollipop() { if (Build.VERSION.SDK_INT == 21) { Security.addProvider(spongyCastleProvider); } }
From source file:org.guanxi.sp.engine.Bootstrap.java
/** * Initialise the intercepter//from w w w.j a v a 2 s . c o m */ public void init() { try { File keyStoreFile, trustStoreFile; /* If we try to add the BouncyCastle provider but another Guanxi::SP running * in another webapp in the same container has already done so, then we'll get * -1 returned from the method, in which case, we should leave unloading of the * provider to the particular Guanxi::SP that loaded it. */ if ((Security.addProvider(new BouncyCastleProvider())) != -1) { // We've loaded it, so we should unload it okToUnloadBCProvider = true; } // If we don't have a keystore, create a self signed one now keyStoreFile = new File(config.getKeystore()); if (!keyStoreFile.exists()) { try { SecUtils secUtils = SecUtils.getInstance(); secUtils.createSelfSignedKeystore(config.getId(), // cn config.getKeystore(), config.getKeystorePassword(), config.getKeystorePassword(), config.getCertificateAlias(), config.getKeyType()); } catch (GuanxiException ge) { logger.error("Can't create self signed keystore - secure Guard comms won't be available : ", ge); } } // Create a truststore if we don't have one trustStoreFile = new File(config.getTrustStore()); if (!trustStoreFile.exists()) { try { SecUtils secUtils = SecUtils.getInstance(); secUtils.createTrustStore(config.getTrustStore(), config.getTrustStorePassword()); } catch (GuanxiException ge) { logger.error("Can't create truststore - secure comms won't be available : ", ge); } } // Inject the metadata farm to handle all source of metadata servletContext.setAttribute(Guanxi.CONTEXT_ATTR_ENGINE_ENTITY_FARM, entityFarm); // Inject the Discovery Service feed manager servletContext.setAttribute(Guanxi.CONTEXT_ATTR_ENGINE_DISCOVERY_FEED_MANAGER, saml2DiscoveryFeedManager); loadGuardMetadata(config.getGuardsMetadataDirectory()); loadIdPMetadata(config.getIdPMetadataDirectory()); startJobs(); } catch (GuanxiException ge) { logger.error("Issue during the initialization of the Bootstrap : ", ge); } }
From source file:org.apache.xml.security.test.signature.ECDSASignatureTest.java
protected void setUp() throws Exception { ///*from w ww . j a va 2s . co m*/ // If the BouncyCastle provider is not installed, then try to load it // via reflection. If it is not available, then skip this test as it is // required for elliptic curves // if (Security.getProvider("BC") == null) { Constructor cons = null; try { Class c = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider"); cons = c.getConstructor(new Class[] {}); } catch (Exception e) { //ignore } if (cons == null) { // BouncyCastle is not available so just return return; } else { Security.addProvider((java.security.Provider) cons.newInstance(new Object[] {})); } } javax.xml.parsers.DocumentBuilderFactory dbf = javax.xml.parsers.DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); log.info("dbf.isIgnoringComments()=" + dbf.isIgnoringComments()); log.info("dbf.isIgnoringElementContentWhitespace()=" + dbf.isIgnoringElementContentWhitespace()); String id = "http://apache.org/xml/properties/dom/document-class-name"; dbf.setAttribute(id, IndexedDocument.class.getName()); db = dbf.newDocumentBuilder(); org.apache.xml.security.Init.init(); }
From source file:be.fgov.kszbcss.rhq.websphere.WebSpherePluginLifecycleListener.java
public void initialize(PluginContext context) throws Exception { // We explicitly manage the lifecycle of the ORB so that we can configure // it without relying on system properties and also cleanly shut it down. log.info("Starting ORB"); // The ORB initialization may change the name of the current thread // (apparently this occurs only for the "main" thread). We don't want that. String threadName = Thread.currentThread().getName(); try {/*w ww . j ava 2s . c o m*/ Properties orbProps = new Properties(); orbProps.setProperty("com.ibm.CORBA.ConfigURL", WebSpherePluginLifecycleListener.class.getResource("sas.client.props").toExternalForm()); // This prevents the ORB from creating orbtrc files orbProps.setProperty("com.ibm.CORBA.Debug.Output", File.separatorChar == '/' ? "/dev/null" : "NUL"); // Set a reasonable connection timeout. This is important when starting // the RHQ agent while some servers are down (and don't reply to SYN packets). orbProps.setProperty("com.ibm.CORBA.ConnectTimeout", "5"); orb = GlobalORBFactory.init(new String[0], orbProps); } finally { Thread.currentThread().setName(threadName); } TrustStoreManager.init(context); ConfigQueryServiceFactory.init(context); // TODO: we should specify com.ibm.ssl.customTrustManagers and set com.ibm.ssl.skipDefaultTrustManagerWhenCustomDefined=true // to use our own trust manager so that we can reload the trust store without restarting the agent; // the TrustManagerExtendedInfo interface may also be interesting Security.addProvider(new CustomProvider()); sslConfig = new SSLConfig(); sslConfig.setProperty("com.ibm.ssl.dynamicSelectionInfo", "*,*,*"); sslConfig.setProperty("com.ibm.ssl.trustStore", "dummy"); sslConfig.setProperty("com.ibm.ssl.trustStorePassword", "dummy"); sslConfig.setProperty("com.ibm.ssl.trustManager", "Delegating|" + CustomProvider.NAME); configManager = SSLConfigManager.getInstance(); configManager.addSSLConfigToMap(SSL_CONFIG_ALIAS, sslConfig); }