List of usage examples for javax.net.ssl KeyManagerFactory getDefaultAlgorithm
public static final String getDefaultAlgorithm()
From source file:net.sf.ufsc.ftp.FTPSClient.java
public FTPSClient() { super();// w ww . jav a2 s .co m try { KeyStore keyStore = KeyStore.getInstance(KEY_STORE_TYPE); keyStore.load(null, PASSWORD.toCharArray()); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, PASSWORD.toCharArray()); SSLContext context = SSLContext.getInstance(PROTOCOL); context.init(keyManagerFactory.getKeyManagers(), new TrustManager[] { new SimpleTrustManager() }, null); this.socketFactory = new SecureSocketFactory(context); } catch (Exception e) { e.printStackTrace(); } }
From source file:org.openhealthtools.openatna.net.ConnectionCertificateHandler.java
/** * Creates keymanagers from a keystore.//from ww w . j a v a2 s. c om */ public static KeyManager[] createKeyManagers(final KeyStore keystore, final String password) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException { if (keystore == null) { throw new IllegalArgumentException("Keystore may not be null"); } log.debug("Initializing key manager"); KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmfactory.init(keystore, password != null ? password.toCharArray() : null); return kmfactory.getKeyManagers(); }
From source file:eu.nullbyte.android.urllib.CertPinningSSLSocketFactory.java
private SSLContext createSSLContext() throws IOException { //Log.v(TAG, "createSSLContext()"); try {//w ww .j a va2 s . c o m SSLContext context = SSLContext.getInstance("TLS"); mTrustManager = new CertPinningTrustManager(certificates, lastHost); KeyManager[] keyManagers = null; if (mClientCertificate != null) { KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(mClientCertificate.getKeyStore(), mClientCertificate.getPassword().toCharArray()); keyManagers = kmf.getKeyManagers(); } context.init(keyManagers, new TrustManager[] { mTrustManager }, null); return context; } catch (Exception e) { throw new IOException(e.getMessage()); } }
From source file:ddf.security.common.util.CommonSSLFactory.java
/** * Creates a new SSLSocketFactory from a truststore and keystore. This is used during SSL * communication.//from w w w. ja v a 2 s. c o m * * @param trustStoreLoc * File path to the truststore. * @param trustStorePass * Password to the truststore. * @param keyStoreLoc * File path to the keystore. * @param keyStorePass * Password to the keystore. * @return new SSLSocketFactory instance containing the trust and key stores. * @throws IOException */ public static SSLSocketFactory createSocket(String trustStoreLoc, String trustStorePass, String keyStoreLoc, String keyStorePass) throws IOException { String methodName = "createSocket"; logger.debug("ENTERING: " + methodName); try { logger.debug("trustStoreLoc = " + trustStoreLoc); FileInputStream trustFIS = new FileInputStream(trustStoreLoc); logger.debug("keyStoreLoc = " + keyStoreLoc); FileInputStream keyFIS = new FileInputStream(keyStoreLoc); // truststore stuff KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); try { logger.debug("Loading trustStore"); trustStore.load(trustFIS, trustStorePass.toCharArray()); } catch (CertificateException e) { throw new IOException("Unable to load certificates from truststore. " + trustStoreLoc, e); } finally { IOUtils.closeQuietly(trustFIS); } TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(trustStore); logger.debug("trust manager factory initialized"); // keystore stuff KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); try { logger.debug("Loading keyStore"); keyStore.load(keyFIS, keyStorePass.toCharArray()); } catch (CertificateException e) { throw new IOException("Unable to load certificates from keystore. " + keyStoreLoc, e); } finally { IOUtils.closeQuietly(keyFIS); } KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(keyStore, keyStorePass.toCharArray()); logger.debug("key manager factory initialized"); // ssl context SSLContext sslCtx = SSLContext.getInstance("TLS"); sslCtx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); sslCtx.getDefaultSSLParameters().setNeedClientAuth(true); sslCtx.getDefaultSSLParameters().setWantClientAuth(true); logger.debug(exiting + methodName); return sslCtx.getSocketFactory(); } catch (KeyManagementException e) { logger.debug(exiting + methodName); throw new IOException("Unable to initialize the SSL context.", e); } catch (NoSuchAlgorithmException e) { logger.debug(exiting + methodName); throw new IOException( "Problems creating SSL socket. Usually this is " + "referring to the certificate sent by the server not being trusted by the client.", e); } catch (UnrecoverableKeyException e) { logger.debug(exiting + methodName); throw new IOException("Unable to load keystore. " + keyStoreLoc, e); } catch (KeyStoreException e) { logger.debug(exiting + methodName); throw new IOException("Unable to read keystore. " + keyStoreLoc, e); } }
From source file:org.apache.juddi.v3.client.cryptor.TransportSecurityHelper.java
public static boolean applyTransportSecurity(BindingProvider webServicePort) { try {//from w ww. j av a2 s. c o m File currentdir = new File("."); String s = System.getProperty("javax.net.ssl.keyStore"); String st = System.getProperty("javax.net.ssl.trustStore"); log.info("Attempting to initialize keystore and truststore from " + s + " " + st); if (s == null) { log.warn("keystore isn't defined! " + s); return false; } else if (st == null) { log.warn("truststore isn't defined! " + s); return false; } else { File keystore = new File(s); if (keystore == null || !keystore.exists()) { log.warn("keystore doesn't exist! input was " + s + " working dir is " + currentdir.getAbsolutePath()); return false; } //File truststore =new File(System.getProperty("javax.net.ssl.trustStore")); String pwd = System.getProperty("javax.net.ssl.keyStorePassword"); if (pwd == null) { log.warn("keystore password isn't defined!"); return false; } File truststore = new File(st); if (truststore == null || !truststore.exists()) { log.warn("truststore doesn't exist! input was " + s + " working dir is " + currentdir.getAbsolutePath()); return false; } //File truststore =new File(System.getProperty("javax.net.ssl.trustStore")); String pwdt = System.getProperty("javax.net.ssl.trustStorePassword"); if (pwdt == null) { log.warn("truststore password isn't defined!"); return false; } if (keystore.exists()) { try { log.info("Using keystore from " + keystore.getAbsolutePath() + " current dir is " + currentdir.getAbsolutePath()); log.info("Using truststore from " + truststore.getAbsolutePath() + " current dir is " + currentdir.getAbsolutePath()); //log.info("Using truststure from " + truststore.getAbsolutePath() + " current dir is " + currentdir.getAbsolutePath()); SSLContext sc = SSLContext.getInstance("SSLv3"); KeyManagerFactory kmf = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(new FileInputStream(keystore), pwd.toCharArray()); kmf.init(ks, pwd.toCharArray()); String alg = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmFact = TrustManagerFactory.getInstance(alg); FileInputStream fis = new FileInputStream(st); KeyStore kst = KeyStore.getInstance("jks"); kst.load(fis, pwdt.toCharArray()); fis.close(); tmFact.init(kst); TrustManager[] tms = tmFact.getTrustManagers(); sc.init(kmf.getKeyManagers(), null, null); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); ((BindingProvider) webServicePort).getRequestContext().put( "com.sun.xml.internal.ws.transport.https.client.SSLSocketFactory", sc.getSocketFactory()); ((BindingProvider) webServicePort).getRequestContext().put( "com.sun.xml.ws.transport.https.client.SSLSocketFactory", sc.getSocketFactory()); return true; } catch (Exception ex) { log.warn("unable to establish ssl settings", ex); } } } return false; } catch (Exception x) { log.error("unexpected error", x); } return false; }
From source file:org.openhab.binding.neato.internal.VendorVorwerk.java
/** * Trust the self signed certificate./*ww w . j a v a2s.c om*/ * * @param connection */ public void applyNucleoSslConfiguration(HttpsURLConnection connection) { KeyStore keyStore; try { keyStore = KeyStore.getInstance("JKS"); keyStore.load(this.getClass().getClassLoader().getResourceAsStream("keystore.jks"), "geheim".toCharArray()); TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keyStore); SSLContext sslctx = SSLContext.getInstance("SSL"); sslctx.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom()); connection.setSSLSocketFactory(sslctx.getSocketFactory()); } catch (KeyStoreException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (NoSuchAlgorithmException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (CertificateException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (KeyManagementException e) { // TODO Auto-generated catch block e.printStackTrace(); } }
From source file:com.cloudbees.tftwoway.Client.java
public static KeyManager[] getKeyManager() throws Exception { KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); KeyStore store = KeyStore.getInstance("JKS"); PrivateKey clientKey = loadRSAKey(PRIVATE_KEY); X509Certificate clientCert = loadX509Key(CERTIFICATE); store.load(null);//w w w.j a v a 2 s . c om store.setKeyEntry("key", clientKey, "123123".toCharArray(), new Certificate[] { clientCert }); keyManagerFactory.init(store, "123123".toCharArray()); return keyManagerFactory.getKeyManagers(); }
From source file:com.eviware.soapui.impl.wsdl.support.http.SoapUISSLSocketFactory.java
@SuppressWarnings("deprecation") public SoapUISSLSocketFactory(KeyStore keyStore, String keystorePassword) throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException { super(keyStore); // trust everyone! X509TrustManager tm = new X509TrustManager() { @Override//from www . j a v a 2s.c o m public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted(X509Certificate[] certs, String authType) { } @Override public void checkServerTrusted(X509Certificate[] certs, String authType) { } }; if (keyStore != null) { KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmfactory.init(keyStore, keystorePassword != null ? keystorePassword.toCharArray() : null); KeyManager[] keymanagers = kmfactory.getKeyManagers(); sslContext.init(keymanagers, new TrustManager[] { tm }, null); } else { sslContext.init(null, new TrustManager[] { tm }, null); } setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); }
From source file:org.eclipse.mylyn.internal.commons.net.PollingSslProtocolSocketFactory.java
public PollingSslProtocolSocketFactory() { KeyManager[] keymanagers = null; if (System.getProperty(KEY_STORE) != null && System.getProperty(KEY_STORE_PASSWORD) != null) { try {//from w ww. j av a2s .c o m String type = System.getProperty(KEY_STORE_TYPE, KeyStore.getDefaultType()); KeyStore keyStore = KeyStore.getInstance(type); char[] password = System.getProperty(KEY_STORE_PASSWORD).toCharArray(); keyStore.load(new FileInputStream(System.getProperty(KEY_STORE)), password); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, password); keymanagers = keyManagerFactory.getKeyManagers(); } catch (Exception e) { CommonsNetPlugin.log(IStatus.ERROR, "Could not initialize keystore", e); //$NON-NLS-1$ } } hasKeyManager = keymanagers != null; try { SSLContext sslContext = SSLContext.getInstance("SSL"); //$NON-NLS-1$ sslContext.init(keymanagers, new TrustManager[] { new TrustAllTrustManager() }, null); this.socketFactory = sslContext.getSocketFactory(); } catch (Exception e) { CommonsNetPlugin.log(IStatus.ERROR, "Could not initialize SSL context", e); //$NON-NLS-1$ } }
From source file:org.apache.nifi.framework.security.util.SslContextFactory.java
public static SSLContext createSslContext(final NiFiProperties props, final boolean strict) throws SslContextCreationException { final boolean hasKeystoreProperties = hasKeystoreProperties(props); if (hasKeystoreProperties == false) { if (strict) { throw new SslContextCreationException( "SSL context cannot be created because keystore properties have not been configured."); } else {//ww w .j a v a 2 s. co m return null; } } else if (props.getNeedClientAuth() && hasTruststoreProperties(props) == false) { throw new SslContextCreationException( "Need client auth is set to 'true', but no truststore properties are configured."); } try { // prepare the trust store final KeyStore trustStore; if (hasTruststoreProperties(props)) { trustStore = KeyStoreUtils .getTrustStore(props.getProperty(NiFiProperties.SECURITY_TRUSTSTORE_TYPE)); try (final InputStream trustStoreStream = new FileInputStream( props.getProperty(NiFiProperties.SECURITY_TRUSTSTORE))) { trustStore.load(trustStoreStream, props.getProperty(NiFiProperties.SECURITY_TRUSTSTORE_PASSWD).toCharArray()); } } else { trustStore = null; } final TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(trustStore); // prepare the key store final KeyStore keyStore = KeyStoreUtils .getKeyStore(props.getProperty(NiFiProperties.SECURITY_KEYSTORE_TYPE)); try (final InputStream keyStoreStream = new FileInputStream( props.getProperty(NiFiProperties.SECURITY_KEYSTORE))) { keyStore.load(keyStoreStream, props.getProperty(NiFiProperties.SECURITY_KEYSTORE_PASSWD).toCharArray()); } KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); // if the key password is provided, try to use that - otherwise default to the keystore password if (StringUtils.isNotBlank(props.getProperty(NiFiProperties.SECURITY_KEY_PASSWD))) { keyManagerFactory.init(keyStore, props.getProperty(NiFiProperties.SECURITY_KEY_PASSWD).toCharArray()); } else { keyManagerFactory.init(keyStore, props.getProperty(NiFiProperties.SECURITY_KEYSTORE_PASSWD).toCharArray()); } // initialize the ssl context final SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null); sslContext.getDefaultSSLParameters().setNeedClientAuth(props.getNeedClientAuth()); return sslContext; } catch (final KeyStoreException | IOException | NoSuchAlgorithmException | CertificateException | UnrecoverableKeyException | KeyManagementException e) { throw new SslContextCreationException(e); } }