List of usage examples for javax.net.ssl TrustManagerFactory getTrustManagers
public final TrustManager[] getTrustManagers()
From source file:org.disrupted.rumble.database.statistics.StatisticManager.java
public void onEventAsync(LinkLayerStarted event) { if (!event.linkLayerIdentifier.equals(WifiLinkLayerAdapter.LinkLayerIdentifier)) return;/*from w w w . ja v a 2s .c om*/ if (RumblePreferences.UserOkWithSharingAnonymousData(RumbleApplication.getContext()) && RumblePreferences.isTimeToSync(RumbleApplication.getContext())) { if (!NetUtil.isURLReachable("http://disruptedsystems.org/")) return; try { // generate the JSON file byte[] json = generateStatJSON().toString().getBytes(); // configure SSL CertificateFactory cf = CertificateFactory.getInstance("X.509"); InputStream caInput = new BufferedInputStream( RumbleApplication.getContext().getAssets().open("certs/disruptedsystemsCA.pem")); Certificate ca = cf.generateCertificate(caInput); String keyStoreType = KeyStore.getDefaultType(); KeyStore keyStore = KeyStore.getInstance(keyStoreType); keyStore.load(null, null); keyStore.setCertificateEntry("ca", ca); String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); tmf.init(keyStore); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, tmf.getTrustManagers(), null); URL url = new URL("https://data.disruptedsystems.org/post"); HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection(); urlConnection.setSSLSocketFactory(sslContext.getSocketFactory()); // then configure the header urlConnection.setInstanceFollowRedirects(true); urlConnection.setRequestMethod("POST"); urlConnection.setDoOutput(true); urlConnection.setRequestProperty("Content-Type", "application/json"); urlConnection.setRequestProperty("Accept", "application/json"); urlConnection.setRequestProperty("charset", "utf-8"); urlConnection.setRequestProperty("Content-Length", Integer.toString(json.length)); urlConnection.setUseCaches(false); // connect and send the JSON urlConnection.setConnectTimeout(10 * 1000); urlConnection.connect(); urlConnection.getOutputStream().write(json); if (urlConnection.getResponseCode() != 200) throw new IOException("request failed"); // erase the database RumblePreferences.updateLastSync(RumbleApplication.getContext()); cleanDatabase(); } catch (Exception ex) { Log.e(TAG, "Failed to establish SSL connection to server: " + ex.toString()); } } }
From source file:com.youTransactor.uCube.mdm.MDMManager.java
public void initialize(Context context) { SharedPreferences settings = PreferenceManager.getDefaultSharedPreferences(context); onSharedPreferenceChanged(settings, null); settings.registerOnSharedPreferenceChangeListener(this); try {/*from ww w .j ava2s. c o m*/ KeyStore keystoreCA = KeyStore.getInstance(KEYSTORE_TYPE); keystoreCA.load(context.getResources().openRawResource(R.raw.keystore), PWD); KeyStore keystoreClient = null; File file = context.getFileStreamPath(KEYSTORE_CLIENT_FILENAME); if (file.exists()) { keystoreClient = KeyStore.getInstance(KEYSTORE_TYPE); InputStream in = new FileInputStream(file); keystoreClient.load(in, PWD); } ready = keystoreClient != null && keystoreClient.getKey(MDM_CLIENT_CERT_ALIAS, PWD) != null; TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(keystoreCA); KeyManagerFactory kmf = KeyManagerFactory.getInstance("X509"); kmf.init(keystoreClient, PWD); sslContext = SSLContext.getInstance("TLS"); sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); } catch (Exception e) { LogManager.debug(MDMManager.class.getSimpleName(), "load keystore error", e); } }
From source file:org.cloudcoder.builder2.server.WebappSocketFactory.java
private SSLSocketFactory createSocketFactory() throws IOException, GeneralSecurityException { String keyStoreType = "JKS"; String keystoreFilename = options.getKeystoreFilename(); InputStream keyStoreInputStream = this.getClass().getClassLoader().getResourceAsStream(keystoreFilename); if (keyStoreInputStream == null) { throw new IOException("Could not load keystore " + keystoreFilename); }/* www. ja v a2 s . com*/ KeyStore keyStore; String keystorePassword = options.getKeystorePassword(); try { keyStore = KeyStore.getInstance(keyStoreType); keyStore.load(keyStoreInputStream, keystorePassword.toCharArray()); } finally { IOUtils.closeQuietly(keyStoreInputStream); } TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX", "SunJSSE"); //trustManagerFactory.init(trustStore); // XXX Load the cert (public key) here instead of the private key? trustManagerFactory.init(keyStore); // TrustManager X509TrustManager x509TrustManager = null; for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) { if (trustManager instanceof X509TrustManager) { x509TrustManager = (X509TrustManager) trustManager; break; } } if (x509TrustManager == null) { throw new IllegalArgumentException("Cannot find x509TrustManager"); } // KeyManager KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509", "SunJSSE"); keyManagerFactory.init(keyStore, keystorePassword.toCharArray()); X509KeyManager x509KeyManager = null; for (KeyManager keyManager : keyManagerFactory.getKeyManagers()) { if (keyManager instanceof X509KeyManager) { x509KeyManager = (X509KeyManager) keyManager; break; } } if (x509KeyManager == null) { throw new NullPointerException(); } SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(new KeyManager[] { x509KeyManager }, new TrustManager[] { x509TrustManager }, null); return sslContext.getSocketFactory(); }
From source file:org.apache.ambari.server.controller.internal.URLStreamProvider.java
protected HttpsURLConnection getSSLConnection(String spec) throws IOException { if (sslSocketFactory == null) { synchronized (this) { if (sslSocketFactory == null) { try { FileInputStream in = new FileInputStream(new File(path)); KeyStore store = KeyStore.getInstance(type == null ? KeyStore.getDefaultType() : type); store.load(in, password.toCharArray()); in.close();//from w w w . ja va2 s .c o m TrustManagerFactory tmf = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(store); SSLContext context = SSLContext.getInstance("TLS"); context.init(null, tmf.getTrustManagers(), null); sslSocketFactory = context.getSocketFactory(); } catch (Exception e) { throw new IOException("Can't get connection.", e); } } } } HttpsURLConnection connection = (HttpsURLConnection) (new URL(spec).openConnection()); connection.setSSLSocketFactory(sslSocketFactory); return connection; }
From source file:android.net.http.CertificateChainValidator.java
/** * Creates a new certificate chain validator. This is a pivate constructor. * If you need a Certificate chain validator, call getInstance(). *///from w w w .j a v a 2s . com private CertificateChainValidator() { try { TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509"); trustManagerFactory.init((KeyStore) null); TrustManager[] trustManagers = trustManagerFactory.getTrustManagers(); if (trustManagers != null && trustManagers.length > 0) { for (TrustManager trustManager : trustManagers) { if (trustManager instanceof X509TrustManager) { mDefaultTrustManager = (X509TrustManager) (trustManager); break; } } } } catch (Exception exc) { if (HttpLog.LOGV) { HttpLog.v("CertificateChainValidator():" + " failed to initialize the trust manager"); } } }
From source file:org.apache.nifi.elasticsearch.ElasticSearchClientServiceImpl.java
private SSLContext buildSslContext(SSLContextService sslService) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, KeyManagementException { KeyStore keyStore = KeyStore.getInstance(sslService.getKeyStoreType()); KeyStore trustStore = KeyStore.getInstance("JKS"); try (final InputStream is = new FileInputStream(sslService.getKeyStoreFile())) { keyStore.load(is, sslService.getKeyStorePassword().toCharArray()); }//w w w . j a v a 2s. co m try (final InputStream is = new FileInputStream(sslService.getTrustStoreFile())) { trustStore.load(is, sslService.getTrustStorePassword().toCharArray()); } final KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(keyStore, sslService.getKeyStorePassword().toCharArray()); final TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(keyStore); SSLContext context1 = SSLContext.getInstance(sslService.getSslAlgorithm()); context1.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new SecureRandom()); return context1; }
From source file:sabina.integration.TestScenario.java
/** * Convenience method to use own truststore on SSL Sockets. Will default to * the self signed keystore provided in resources, but will respect * <p>// w w w. jav a 2 s. co m * -Djavax.net.ssl.keyStore=serverKeys * -Djavax.net.ssl.keyStorePassword=password * -Djavax.net.ssl.trustStore=serverTrust * -Djavax.net.ssl.trustStorePassword=password SSLApplication * <p> * So these can be used to specify other key/trust stores if required. * * @return an SSL Socket Factory using either provided keystore OR the * keystore specified in JVM params */ private SSLSocketFactory getSslFactory() { KeyStore keyStore; try { keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); FileInputStream fis = new FileInputStream(getTrustStoreLocation()); keyStore.load(fis, getTrustStorePassword().toCharArray()); fis.close(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(keyStore); SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(null, tmf.getTrustManagers(), null); return ctx.getSocketFactory(); } catch (Exception e) { e.printStackTrace(); return null; } }
From source file:info.guardianproject.cacert.CustomTrust.java
public CustomTrust(Context context, int rawResource, String password) throws IOException, KeyStoreException, KeyManagementException, NoSuchAlgorithmException, CertificateException { // Setup the SSL context to use the truststore ssl_ctx = SSLContext.getInstance("TLS"); // Setup truststore KeyStore ksCACert = KeyStore.getInstance("BKS"); TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); InputStream trustStoreStream = context.getResources().openRawResource(rawResource); ksCACert.load(trustStoreStream, password.toCharArray()); //init factory with custom cacert trustManagerFactory.init(ksCACert);/*w w w . j a v a 2 s . c o m*/ Log.d("SSL", "CACerts " + ksCACert.size()); Log.d("SSL", "trustManagerFactory " + trustManagerFactory.getTrustManagers().length); // Setup client keystore /* KeyStore keyStore = KeyStore.getInstance("BKS"); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); InputStream keyStoreStream = context.getResources().openRawResource(R.raw.clientkeystore); keyStore.load(keyStoreStream, "testtest".toCharArray()); keyManagerFactory.init(keyStore, "testtest".toCharArray()); Log.d("SSL", "Key " + keyStore.size()); Log.d("SSL", "keyManagerFactory " + keyManagerFactory.getKeyManagers().length); */ //nothing implemented yet SecureRandom secRand = SecureRandom.getInstance(RANDOM_ALGORITHM); ssl_ctx.init(null, trustManagerFactory.getTrustManagers(), secRand); socketFactory = (SSLSocketFactory) ssl_ctx.getSocketFactory(); }
From source file:com.quarterfull.newsAndroid.ssl.MemorizingTrustManager.java
X509TrustManager getTrustManager(KeyStore ks) {
try {//from w w w .jav a 2 s . com
TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
tmf.init(ks);
for (TrustManager t : tmf.getTrustManagers()) {
if (t instanceof X509TrustManager) {
return (X509TrustManager) t;
}
}
} catch (Exception e) {
// Here, we are covering up errors. It might be more useful
// however to throw them out of the constructor so the
// embedding app knows something went wrong.
Log.e(TAG, "getTrustManager(" + ks + ")", e);
}
return null;
}