List of usage examples for javax.net.ssl KeyManagerFactory getInstance
public static final KeyManagerFactory getInstance(String algorithm) throws NoSuchAlgorithmException
KeyManagerFactory object that acts as a factory for key managers. From source file:org.wso2.carbon.identity.provisioning.connector.InweboUserManager.java
/** * Set the client certificate to Default SSL Context * * @param certificateFile File containing certificate (PKCS12 format) * @param certPassword Password of certificate * @throws Exception//from w w w . ja v a 2s. c om */ public static void setHttpsClientCert(String certificateFile, String certPassword) throws KeyStoreException, NoSuchAlgorithmException, IOException, CertificateException, UnrecoverableKeyException, KeyManagementException, IdentityProvisioningException { if (certificateFile == null || !new File(certificateFile).exists()) { throw new IdentityProvisioningException("The certificate file is not found"); } KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509"); KeyStore keyStore = KeyStore.getInstance("PKCS12"); InputStream keyInput = new FileInputStream(certificateFile); keyStore.load(keyInput, certPassword.toCharArray()); keyInput.close(); keyManagerFactory.init(keyStore, certPassword.toCharArray()); SSLContext context = SSLContext.getInstance("TLS"); context.init(keyManagerFactory.getKeyManagers(), null, new SecureRandom()); SSLContext.setDefault(context); }
From source file:org.wso2.msf4j.conf.SSLHandlerFactory.java
public SSLHandlerFactory(SSLConfig sslConfig) { String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm"); if (algorithm == null) { algorithm = "SunX509"; }/*www .j a va 2s .c o m*/ try { KeyStore ks = getKeyStore(sslConfig.getKeyStore(), sslConfig.getKeyStorePassword()); // Set up key manager factory to use our key store KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm); kmf.init(ks, sslConfig.getCertificatePassword() != null ? sslConfig.getCertificatePassword().toCharArray() : sslConfig.getKeyStorePassword().toCharArray()); KeyManager[] keyManagers = kmf.getKeyManagers(); TrustManager[] trustManagers = null; if (sslConfig.getTrustKeyStore() != null) { this.needClientAuth = true; KeyStore tks = getKeyStore(sslConfig.getTrustKeyStore(), sslConfig.getTrustKeyStorePassword()); TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm); tmf.init(tks); trustManagers = tmf.getTrustManagers(); } serverContext = SSLContext.getInstance(protocol); serverContext.init(keyManagers, trustManagers, null); } catch (UnrecoverableKeyException | KeyManagementException | NoSuchAlgorithmException | KeyStoreException | IOException e) { throw new IllegalArgumentException("Failed to initialize the server-side SSLContext", e); } }
From source file:io.kubernetes.client.util.SSLUtils.java
public static KeyManager[] keyManagers(String certData, String certFile, String keyData, String keyFile, String algo, String passphrase, String keyStoreFile, String keyStorePassphrase) throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, CertificateException, InvalidKeySpecException, IOException { KeyManager[] keyManagers = null; if ((isNotNullOrEmpty(certData) || isNotNullOrEmpty(certFile)) && (isNotNullOrEmpty(keyData) || isNotNullOrEmpty(keyFile))) { KeyStore keyStore = createKeyStore(certData, certFile, keyData, keyFile, algo, passphrase, keyStoreFile, keyStorePassphrase);/*from w ww . jav a 2s .co m*/ KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(keyStore, passphrase.toCharArray()); keyManagers = kmf.getKeyManagers(); } return keyManagers; }
From source file:org.oscarehr.olis.OLISProtocolSocketFactory.java
public OLISProtocolSocketFactory() throws Exception { String pKeyFile = OscarProperties.getInstance().getProperty("olis_ssl_keystore").trim(); String pKeyPassword = OscarProperties.getInstance().getProperty("olis_ssl_keystore_password").trim(); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509"); KeyStore keyStore = KeyStore.getInstance("JKS"); InputStream keyInput = new FileInputStream(pKeyFile); keyStore.load(keyInput, pKeyPassword.toCharArray()); keyInput.close();// ww w . j a v a2 s .c om keyManagerFactory.init(keyStore, pKeyPassword.toCharArray()); context = SSLContext.getInstance("TLS"); context.init(keyManagerFactory.getKeyManagers(), null, new SecureRandom()); }
From source file:org.openremote.android.console.net.SelfCertificateSSLSocketFactory.java
/** * Creates a new SelfCertificateSSLSocket object. * // w w w . j a va 2 s. c o m * @return the SSL context * * @throws IOException Signals that an I/O exception has occurred. */ private static SSLContext createEasySSLContext(Context context) throws IOException { TrustManager easyTrustManager = new X509TrustManager() { @Override public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return null; } }; try { ORKeyStore keystore = ORKeyStore.getInstance(context); KeyManager[] managers = null; //keystore.fillKeyStore(); //keystore.saveKeyStore(); if (!keystore.isEmpty()) { KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keystore.getKeyStore(), "password".toCharArray()); managers = keyManagerFactory.getKeyManagers(); } SSLContext sslcontext = SSLContext.getInstance("TLS"); sslcontext.init(managers, new TrustManager[] { easyTrustManager }, null); return sslcontext; } catch (Exception e) { throw new IOException(e.getMessage()); } }
From source file:spade.client.CommandLine.java
private static void setupClientSSLContext() throws Exception { SecureRandom secureRandom = new SecureRandom(); secureRandom.nextInt();//from w w w. j a va 2 s .c om TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); tmf.init(serverKeyStorePublic); KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(clientKeyStorePrivate, "private".toCharArray()); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), secureRandom); sslSocketFactory = sslContext.getSocketFactory(); }
From source file:com.thesocialcoin.networking.SSL.EasySSLSocketFactory.java
private static SSLContext createEasySSLContext() throws IOException { try {/*from ww w. j a v a 2 s . c om*/ // Client should authenticate itself with the valid certificate to Server. InputStream clientStream = App.getAppContext().getResources() .openRawResource(R.raw.production_test_client); char[] password = "XXXXXXXXXXXXX".toCharArray(); KeyStore keyStore = KeyStore.getInstance("PKCS12"); keyStore.load(clientStream, password); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, password); // Client should also add the CA certificate obtained from server and create TrustManager from it for the client to validate the // identity of the server. KeyStore trustStore = KeyStore.getInstance("BKS"); InputStream instream = null; instream = App.getAppContext().getResources().openRawResource(R.raw.production_test_ca); try { trustStore.load(instream, "XXXXXXXX".toCharArray()); } catch (Exception e) { e.printStackTrace(); } finally { try { instream.close(); } catch (Exception ignore) { } } String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); tmf.init(trustStore); // Create an SSLContext that uses our TrustManager & Keystore SSLContext context = SSLContext.getInstance("TLS"); context.init(keyManagerFactory.getKeyManagers(), tmf.getTrustManagers(), null); return context; } catch (Exception e) { e.printStackTrace(); throw new IOException(e.getMessage()); } }
From source file:com.ring.ytjojo.ssl.EasySSLSocketFactory.java
private static SSLContext createEasySSLContext() throws IOException { try {/*from w ww. j ava 2s . c o m*/ // Client should authenticate itself with the valid certificate to Server. InputStream clientStream = AppContext_.getInstance().getResources() .openRawResource(R.raw.production_test_client); char[] password = "XXXXXXXXXXXXX".toCharArray(); KeyStore keyStore = KeyStore.getInstance("PKCS12"); keyStore.load(clientStream, password); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, password); // Client should also add the CA certificate obtained from server and create TrustManager from it for the client to validate the // identity of the server. KeyStore trustStore = KeyStore.getInstance("BKS"); InputStream instream = null; instream = AppContext_.getInstance().getResources().openRawResource(R.raw.production_test_ca); try { trustStore.load(instream, "XXXXXXXX".toCharArray()); } catch (Exception e) { e.printStackTrace(); } finally { try { instream.close(); } catch (Exception ignore) { } } String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); tmf.init(trustStore); // Create an SSLContext that uses our TrustManager & Keystore SSLContext context = SSLContext.getInstance("TLS"); context.init(keyManagerFactory.getKeyManagers(), tmf.getTrustManagers(), null); return context; } catch (Exception e) { e.printStackTrace(); throw new IOException(e.getMessage()); } }
From source file:edu.gmu.isa681.server.Server.java
/** * Creates a TLS server socket factory using the key store and key store password provided to the JVM at runtime. * @return/*from www . ja va 2 s . c om*/ * @throws GeneralSecurityException If an error occurs while creating the TLS factory. * @throws IOException If an error occurs while reading the key store. * * Adapted from Oracle JSSE docs. */ private static SSLServerSocketFactory getSSLServerSocketFactory() throws GeneralSecurityException, IOException { FileInputStream fis = null; try { SSLServerSocketFactory ssf = null; // set up key manager to do server authentication SSLContext ctx = SSLContext.getInstance("TLS"); KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); KeyStore ks = KeyStore.getInstance("JKS"); String keyStore = System.getProperty("javax.net.ssl.keyStore"); String keyStorePassword = System.getProperty("javax.net.ssl.keyStorePassword"); fis = new FileInputStream(keyStore); ks.load(fis, keyStorePassword.toCharArray()); kmf.init(ks, keyStorePassword.toCharArray()); ctx.init(kmf.getKeyManagers(), null, null); ssf = ctx.getServerSocketFactory(); return ssf; } finally { Utils.closeQuitely(fis); } }
From source file:cn.dacas.emmclient.security.ssl.EasySSLSocketFactory.java
private static SSLContext createEasySSLContext() throws IOException { try {/* w ww . jav a2 s. com*/ // Client should authenticate itself with the valid certificate to Server. InputStream clientStream = EmmClientApplication.getContext().getResources() .openRawResource(R.raw.production_test_client); char[] password = "XXXXXXXXXXXXX".toCharArray(); KeyStore keyStore = KeyStore.getInstance("PKCS12"); keyStore.load(clientStream, password); KeyManagerFactory keyManagerFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, password); // Client should also add the CA certificate obtained from server and create TrustManager from it for the client to validate the // identity of the server. KeyStore trustStore = KeyStore.getInstance("BKS"); InputStream instream = null; instream = EmmClientApplication.getContext().getResources().openRawResource(R.raw.production_test_ca); try { trustStore.load(instream, "XXXXXXXX".toCharArray()); } catch (Exception e) { e.printStackTrace(); } finally { try { instream.close(); } catch (Exception ignore) { } } String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); tmf.init(trustStore); // Create an SSLContext that uses our TrustManager & Keystore SSLContext context = SSLContext.getInstance("TLS"); context.init(keyManagerFactory.getKeyManagers(), tmf.getTrustManagers(), null); return context; } catch (Exception e) { e.printStackTrace(); throw new IOException(e.getMessage()); } }