Java Code Examples for javax.net.ssl.KeyManagerFactory#getKeyManagers()
The following examples show how to use
javax.net.ssl.KeyManagerFactory#getKeyManagers() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: TLSHttpsTransport.java From servicecomb-java-chassis with Apache License 2.0 | 6 votes |
|
private SSLContext getSSLContext(KeyStore keyStore, String keyStoreValue, KeyStore trustStore) {
try {
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, keyStoreValue.toCharArray());
KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
TrustManagerFactory trustManagerFactory = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(new TrustSelfSignedStrategy()).build();
sslContext.init(keyManagers, trustManagers, new SecureRandom());
return sslContext;
} catch (UnrecoverableKeyException | NoSuchAlgorithmException | KeyStoreException | KeyManagementException e) {
e.printStackTrace();
}
return null;
}
Example 2
| Source File: KeyStoreUtil.java From browserup-proxy with Apache License 2.0 | 6 votes |
|
/**
* Retrieve the KeyManagers for the specified KeyStore.
*
* @param keyStore the KeyStore to retrieve KeyManagers from
* @param keyStorePassword the KeyStore password
* @param keyManagerAlgorithm key manager algorithm to use, or null to use the system default
* @param provider JCA provider to use, or null to use the system default
* @return KeyManagers for the specified KeyStore
*/
public static KeyManager[] getKeyManagers(KeyStore keyStore, String keyStorePassword, String keyManagerAlgorithm, String provider) {
if (keyManagerAlgorithm == null) {
keyManagerAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
}
try {
KeyManagerFactory kmf;
if (provider == null) {
kmf = KeyManagerFactory.getInstance(keyManagerAlgorithm);
} else {
kmf = KeyManagerFactory.getInstance(keyManagerAlgorithm, provider);
}
kmf.init(keyStore, keyStorePassword.toCharArray());
return kmf.getKeyManagers();
} catch (NoSuchAlgorithmException | UnrecoverableKeyException | KeyStoreException | NoSuchProviderException e) {
throw new KeyStoreAccessException("Unable to get KeyManagers for KeyStore", e);
}
}
Example 3
| Source File: KeycloakServer.java From keycloak with Apache License 2.0 | 6 votes |
|
private KeyManager[] getKeyManagers() throws Exception {
String keyStorePath = System.getProperty("keycloak.tls.keystore.path");
if (keyStorePath == null) {
return null;
}
log.infof("Loading keystore from file: %s", keyStorePath);
InputStream stream = Files.newInputStream(Paths.get(keyStorePath));
if (stream == null) {
throw new RuntimeException("Could not load keystore");
}
try (InputStream is = stream) {
KeyStore keyStore = KeyStore.getInstance("JKS");
char[] keyStorePassword = System.getProperty("keycloak.tls.keystore.password", "password").toCharArray();
keyStore.load(is, keyStorePassword);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, keyStorePassword);
return keyManagerFactory.getKeyManagers();
}
}
Example 4
| Source File: HttpConnectionFactoryImpl.java From gradle-golang-plugin with Mozilla Public License 2.0 | 6 votes |
|
@Nonnull
protected HttpConnection configure(@Nonnull HttpConnection input) throws IOException {
try {
final KeyStore keyStore = loadKeyStore();
final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
final TrustManager[] defaultTrustManagers = trustManagerFactory.getTrustManagers();
final KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, null);
final KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
input.configure(keyManagers, defaultTrustManagers, null);
input.setInstanceFollowRedirects(true);
return input;
} catch (final GeneralSecurityException e) {
throw new IOException(e.getMessage(), e);
}
}
Example 5
| Source File: TesterSupport.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
protected static KeyManager[] getUser1KeyManagers() throws Exception {
KeyManagerFactory kmf = KeyManagerFactory.getInstance(
KeyManagerFactory.getDefaultAlgorithm());
kmf.init(getKeyStore(CLIENT_JKS), JKS_PASS.toCharArray());
KeyManager[] managers = kmf.getKeyManagers();
KeyManager manager;
for (int i=0; i < managers.length; i++) {
manager = managers[i];
if (manager instanceof X509ExtendedKeyManager) {
managers[i] = new TrackingExtendedKeyManager((X509ExtendedKeyManager)manager);
} else if (manager instanceof X509KeyManager) {
managers[i] = new TrackingKeyManager((X509KeyManager)manager);
}
}
return managers;
}
Example 6
| Source File: KeyStoreUtil.java From AndroidHttpCapture with MIT License | 6 votes |
|
/**
* Retrieve the KeyManagers for the specified KeyStore.
*
* @param keyStore the KeyStore to retrieve KeyManagers from
* @param keyStorePassword the KeyStore password
* @param keyManagerAlgorithm key manager algorithm to use, or null to use the system default
* @param provider JCA provider to use, or null to use the system default
* @return KeyManagers for the specified KeyStore
*/
public static KeyManager[] getKeyManagers(KeyStore keyStore, String keyStorePassword, String keyManagerAlgorithm, String provider) {
if (keyManagerAlgorithm == null) {
keyManagerAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
}
try {
KeyManagerFactory kmf;
if (provider == null) {
kmf = KeyManagerFactory.getInstance(keyManagerAlgorithm);
} else {
kmf = KeyManagerFactory.getInstance(keyManagerAlgorithm, provider);
}
kmf.init(keyStore, keyStorePassword.toCharArray());
return kmf.getKeyManagers();
} catch (NoSuchAlgorithmException | UnrecoverableKeyException | KeyStoreException | NoSuchProviderException e) {
throw new KeyStoreAccessException("Unable to get KeyManagers for KeyStore", e);
}
}
Example 7
| Source File: EmptyCertificateAuthorities.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
private SSLServerSocketFactory getSSLServerSF() throws Exception {
char [] password =
System.getProperty("javax.net.ssl.keyStorePassword").toCharArray();
String keyFilename = System.getProperty("javax.net.ssl.keyStore");
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(keyFilename), password);
KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509");
kmf.init(ks, password);
KeyManager[] kms = kmf.getKeyManagers();
TrustManager[] tms = new MyX509TM[] {new MyX509TM()};
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(kms, tms, null);
return ctx.getServerSocketFactory();
}
Example 8
| Source File: HTTPSConduitTest.java From cxf with Apache License 2.0 | 6 votes |
|
public static KeyManager[] getKeyManagers(KeyStore keyStore, String keyPassword)
throws GeneralSecurityException,
IOException {
// For tests, we just use the default algorithm
String alg = KeyManagerFactory.getDefaultAlgorithm();
char[] keyPass = keyPassword != null
? keyPassword.toCharArray()
: null;
// For tests, we just use the default provider.
KeyManagerFactory fac = KeyManagerFactory.getInstance(alg);
fac.init(keyStore, keyPass);
return fac.getKeyManagers();
}
Example 9
| Source File: NetworkTools.java From MyBox with Apache License 2.0 | 6 votes |
|
public static SSLSocketFactory DefaultSSLSocketFactory() {
try {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
FileInputStream keyStoreFile = new FileInputStream(new File(SystemTools.keystore()));
String keyStorePassword = SystemTools.keystorePassword();
keyStore.load(keyStoreFile, keyStorePassword.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(keyStore, keyStorePassword.toCharArray());
KeyManager[] keyManagers = kmf.getKeyManagers();
SSLContext ctx = SSLContext.getInstance(CommonValues.HttpsProtocal);
ctx.init(keyManagers, null, new SecureRandom());
return ctx.getSocketFactory();
} catch (Exception e) {
logger.debug(e.toString());
return AppVariables.defaultSSLSocketFactory;
}
}
Example 10
| Source File: HSSLSocketFactory.java From appcan-android with GNU Lesser General Public License v3.0 | 6 votes |
|
public HSSLSocketFactory(KeyStore ksP12, String keyPass) throws Exception {
super(ksP12);
mSSLContext = SSLContext.getInstance(SSLSocketFactory.TLS);
KeyManagerFactory kMgrFact = null;
TrustManager[] tMgrs = null;
KeyManager[] kMgrs = null;
TrustManager tMgr = null;
tMgr = new HX509TrustManager(ksP12);
kMgrFact = KeyManagerFactory.getInstance(Http.algorithm);
if (null != keyPass) {
kMgrFact.init(ksP12, keyPass.toCharArray());
} else {
kMgrFact.init(ksP12, null);
}
kMgrs = kMgrFact.getKeyManagers();
tMgrs = new TrustManager[]{tMgr};
SecureRandom secureRandom = new java.security.SecureRandom();
mSSLContext.init(kMgrs, tMgrs, secureRandom);
if (!Http.isCheckTrustCert()) {
setHostnameVerifier(new HX509HostnameVerifier());
} else {
setHostnameVerifier(STRICT_HOSTNAME_VERIFIER);
}
}
Example 11
| Source File: TrustStoreImpl.java From nexus-public with Eclipse Public License 1.0 | 5 votes |
|
private static KeyManager[] getSystemKeyManagers() throws Exception {
KeyManagerFactory keyManagerFactory;
String keyAlgorithm = System.getProperty("ssl.KeyManagerFactory.algorithm");
if (keyAlgorithm == null) {
keyAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
}
String keyStoreType = System.getProperty("javax.net.ssl.keyStoreType");
if (keyStoreType == null) {
keyStoreType = KeyStore.getDefaultType();
}
if ("none".equalsIgnoreCase(keyStoreType)) {
keyManagerFactory = KeyManagerFactory.getInstance(keyAlgorithm);
}
else {
final String keyStoreFileName = System.getProperty("javax.net.ssl.keyStore");
if (keyStoreFileName != null) {
File keyStoreFile = new File(keyStoreFileName);
keyManagerFactory = KeyManagerFactory.getInstance(keyAlgorithm);
String keyStoreProvider = System.getProperty("javax.net.ssl.keyStoreProvider");
KeyStore keyStore;
if (keyStoreProvider != null) {
keyStore = KeyStore.getInstance(keyStoreType, keyStoreProvider);
}
else {
keyStore = KeyStore.getInstance(keyStoreType);
}
String password = System.getProperty("javax.net.ssl.keyStorePassword");
try (FileInputStream in = new FileInputStream(keyStoreFile)) {
keyStore.load(in, password != null ? password.toCharArray() : null);
}
keyManagerFactory.init(keyStore, password != null ? password.toCharArray() : null);
}
else {
return null;
}
}
return keyManagerFactory.getKeyManagers();
}
Example 12
| Source File: CalculatorTest.java From tomee with Apache License 2.0 | 5 votes |
|
private static KeyManager[] getKeyManagers(KeyStore keyStore, String keyPassword) throws GeneralSecurityException, IOException {
String alg = KeyManagerFactory.getDefaultAlgorithm();
char[] keyPass = keyPassword != null ? keyPassword.toCharArray() : null;
KeyManagerFactory fac = KeyManagerFactory.getInstance(alg);
fac.init(keyStore, keyPass);
return fac.getKeyManagers();
}
Example 13
| Source File: NonJavaKeyStoreImpl.java From qpid-broker-j with Apache License 2.0 | 5 votes |
|
@SuppressWarnings("unused")
private void updateKeyManagers()
{
try
{
if (_privateKeyUrl != null && _certificateUrl != null)
{
PrivateKey privateKey = SSLUtil.readPrivateKey(getUrlFromString(_privateKeyUrl));
X509Certificate[] certs = SSLUtil.readCertificates(getUrlFromString(_certificateUrl));
List<X509Certificate> allCerts = new ArrayList<>(Arrays.asList(certs));
if(_intermediateCertificateUrl != null)
{
allCerts.addAll(Arrays.asList(SSLUtil.readCertificates(getUrlFromString(_intermediateCertificateUrl))));
certs = allCerts.toArray(new X509Certificate[allCerts.size()]);
}
checkCertificateExpiry(certs);
java.security.KeyStore inMemoryKeyStore = java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());
byte[] bytes = new byte[64];
char[] chars = "".toCharArray();
RANDOM.nextBytes(bytes);
StandardCharsets.US_ASCII.decode(ByteBuffer.wrap(bytes)).get(chars);
inMemoryKeyStore.load(null, chars);
inMemoryKeyStore.setKeyEntry("1", privateKey, chars, certs);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(inMemoryKeyStore, chars);
_keyManagers = kmf.getKeyManagers();
_certificate = certs[0];
_certificates = Collections.unmodifiableCollection(allCerts);
}
}
catch (IOException | GeneralSecurityException e)
{
throw new IllegalConfigurationException("Cannot load private key or certificate(s): " + e, e);
}
}
Example 14
| Source File: JdkSslFactory.java From ambry with Apache License 2.0 | 5 votes |
|
/**
* Create {@link SSLContext} by loading keystore and trustsotre
* One factory only has one SSLContext
* @param sslConfig the config for setting up the {@link SSLContext}
* @return SSLContext
* @throws GeneralSecurityException
* @throws IOException
*/
private SSLContext createSSLContext(SSLConfig sslConfig) throws GeneralSecurityException, IOException {
SSLContext sslContext;
if (!sslConfig.sslContextProvider.isEmpty()) {
sslContext = SSLContext.getInstance(sslConfig.sslContextProtocol, sslConfig.sslContextProvider);
} else {
sslContext = SSLContext.getInstance(sslConfig.sslContextProtocol);
}
SecurityStore keystore =
new SecurityStore(sslConfig.sslKeystoreType, sslConfig.sslKeystorePath, sslConfig.sslKeystorePassword);
String kmfAlgorithm = sslConfig.sslKeymanagerAlgorithm.isEmpty() ? KeyManagerFactory.getDefaultAlgorithm()
: sslConfig.sslKeymanagerAlgorithm;
KeyManagerFactory kmf = KeyManagerFactory.getInstance(kmfAlgorithm);
KeyStore ks = keystore.load();
String keyPassword = sslConfig.sslKeyPassword.isEmpty() ? keystore.password : sslConfig.sslKeyPassword;
kmf.init(ks, keyPassword.toCharArray());
KeyManager[] keyManagers = kmf.getKeyManagers();
String tmfAlgorithm = sslConfig.sslTrustmanagerAlgorithm.isEmpty() ? TrustManagerFactory.getDefaultAlgorithm()
: sslConfig.sslTrustmanagerAlgorithm;
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
KeyStore ts = new SecurityStore(sslConfig.sslTruststoreType, sslConfig.sslTruststorePath,
sslConfig.sslTruststorePassword).load();
tmf.init(ts);
sslContext.init(keyManagers, tmf.getTrustManagers(),
sslConfig.sslSecureRandomAlgorithm.isEmpty() ? new SecureRandom()
: SecureRandom.getInstance(sslConfig.sslSecureRandomAlgorithm));
return sslContext;
}
Example 15
| Source File: CertificateHelper.java From signer with GNU Lesser General Public License v3.0 | 5 votes |
|
public static KeyManager[] getKeyManagers(KeyStore keyStore, Authority authority)
throws NoSuchAlgorithmException, NoSuchProviderException, UnrecoverableKeyException, KeyStoreException {
String keyManAlg = KeyManagerFactory.getDefaultAlgorithm();
KeyManagerFactory kmf = KeyManagerFactory.getInstance(keyManAlg
/* , PROVIDER_NAME */);
kmf.init(keyStore, authority.password());
return kmf.getKeyManagers();
}
Example 16
| Source File: Connection.java From deskcon-android with GNU General Public License v3.0 | 5 votes |
|
public static SSLContext initSSLContext(Context context) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException, KeyManagementException {
// load the keystore
InputStream keyStoreStream;
try {
keyStoreStream = context.openFileInput("devicekeystore.bks");
} catch (FileNotFoundException e1) {
return null;
}
KeyStore MyKeyStore = KeyStore.getInstance("BKS");
MyKeyStore.load(keyStoreStream, "android".toCharArray());
// Enumeration<String> aliases = MyKeyStore.aliases();
// while(aliases.hasMoreElements()) {
// System.out.println(aliases.nextElement());
// }
// initialize trust manager factory with the read truststore
TrustManagerFactory trustManagerFactory = null;
trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(MyKeyStore);
TrustManager[] tm = trustManagerFactory.getTrustManagers();
// init KeyManagerFactory
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(MyKeyStore, "passwd".toCharArray());
KeyManager[] km = keyManagerFactory.getKeyManagers();
// Set SSL Context
SSLContext sslcontext;
if( Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN ) {
sslcontext = SSLContext.getInstance("TLSv1.2");
}
else {
sslcontext = SSLContext.getInstance("TLSv1");
}
sslcontext.init(km, tm, new SecureRandom());
return sslcontext;
}
Example 17
| Source File: OkHttpUnsafe.java From xio with Apache License 2.0 | 5 votes |
|
public static KeyManager[] getKeyManagers(
PrivateKey privateKey, X509Certificate[] certificateAndChain) throws Exception {
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
keystore.load(null, "".toCharArray());
keystore.setKeyEntry("server", privateKey, "".toCharArray(), certificateAndChain);
KeyManagerFactory keyManagerFactory =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keystore, "".toCharArray());
return keyManagerFactory.getKeyManagers();
}
Example 18
| Source File: VaultClient.java From datacollector with Apache License 2.0 | 4 votes |
|
private KeyManager[] getKeyManagers(final KeyStore trustStore, String password) throws GeneralSecurityException {
KeyManagerFactory keyMgrFactory = KeyManagerFactory.getInstance(X509);
keyMgrFactory.init(trustStore, password.toCharArray());
return keyMgrFactory.getKeyManagers();
}
Example 19
| Source File: SSLUtils.java From Flink-CEPplus with Apache License 2.0 | 4 votes |
|
/**
* Creates an SSL context for the external REST SSL.
* If mutual authentication is configured the client and the server side configuration are identical.
*/
@Nullable
private static SSLContext createRestSSLContext(Configuration config, RestSSLContextConfigMode configMode) throws Exception {
checkNotNull(config, "config");
if (!isRestSSLEnabled(config)) {
return null;
}
KeyManager[] keyManagers = null;
if (configMode == RestSSLContextConfigMode.SERVER || configMode == RestSSLContextConfigMode.MUTUAL) {
String keystoreFilePath = getAndCheckOption(
config, SecurityOptions.SSL_REST_KEYSTORE, SecurityOptions.SSL_KEYSTORE);
String keystorePassword = getAndCheckOption(
config, SecurityOptions.SSL_REST_KEYSTORE_PASSWORD, SecurityOptions.SSL_KEYSTORE_PASSWORD);
String certPassword = getAndCheckOption(
config, SecurityOptions.SSL_REST_KEY_PASSWORD, SecurityOptions.SSL_KEY_PASSWORD);
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
try (InputStream keyStoreFile = Files.newInputStream(new File(keystoreFilePath).toPath())) {
keyStore.load(keyStoreFile, keystorePassword.toCharArray());
}
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(keyStore, certPassword.toCharArray());
keyManagers = kmf.getKeyManagers();
}
TrustManager[] trustManagers = null;
if (configMode == RestSSLContextConfigMode.CLIENT || configMode == RestSSLContextConfigMode.MUTUAL) {
String trustStoreFilePath = getAndCheckOption(
config, SecurityOptions.SSL_REST_TRUSTSTORE, SecurityOptions.SSL_TRUSTSTORE);
String trustStorePassword = getAndCheckOption(
config, SecurityOptions.SSL_REST_TRUSTSTORE_PASSWORD, SecurityOptions.SSL_TRUSTSTORE_PASSWORD);
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
try (InputStream trustStoreFile = Files.newInputStream(new File(trustStoreFilePath).toPath())) {
trustStore.load(trustStoreFile, trustStorePassword.toCharArray());
}
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(trustStore);
trustManagers = tmf.getTrustManagers();
}
String sslProtocolVersion = config.getString(SecurityOptions.SSL_PROTOCOL);
SSLContext sslContext = SSLContext.getInstance(sslProtocolVersion);
sslContext.init(keyManagers, trustManagers, null);
return sslContext;
}
Example 20
| Source File: SSLUtils.java From mockwebserver with Apache License 2.0 | 4 votes |
|
public static KeyManager[] keyManagers(InputStream certInputStream, InputStream keyInputStream, String algo, String passphrase) throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, CertificateException, InvalidKeySpecException, IOException {
KeyStore keyStore = createKeyStore(certInputStream, keyInputStream, algo, passphrase.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(keyStore, passphrase.toCharArray());
return kmf.getKeyManagers();
}
