Examples with KeyManagementException - java.security.KeyManagementException

Example 96 with KeyManagementException

use of java.security.KeyManagementException in project xabber-android by redsolution.

the class ConnectionThread method onReady.

private void onReady(XMPPTCPConnectionConfiguration.Builder builder) {
    builder.setSecurityMode(tlsMode.getSecurityMode());
    builder.setCompressionEnabled(compression);
    builder.setSendPresence(false);
    try {
        if (SettingsManager.securityCheckCertificate()) {
            SSLContext sslContext = SSLContext.getInstance("TLS");
            MemorizingTrustManager mtm = new MemorizingTrustManager(Application.getInstance());
            sslContext.init(null, new X509TrustManager[] { mtm }, new java.security.SecureRandom());
            builder.setCustomSSLContext(sslContext);
            builder.setHostnameVerifier(mtm.wrapHostnameVerifier(new org.apache.http.conn.ssl.StrictHostnameVerifier()));
        } else {
            TLSUtils.acceptAllCertificates(builder);
            TLSUtils.disableHostnameVerificationForTlsCertificicates(builder);
        }
    } catch (NoSuchAlgorithmException | KeyManagementException e) {
        e.printStackTrace();
    }
    setUpSASL();
    xmppConnection = new XMPPTCPConnection(builder.build());
    xmppConnection.addAsyncStanzaListener(this, ACCEPT_ALL);
    xmppConnection.addConnectionListener(this);
    // by default Smack disconnects in case of parsing errors
    xmppConnection.setParsingExceptionCallback(new ExceptionLoggingCallback());
    AccountRosterListener rosterListener = new AccountRosterListener(((AccountItem) connectionItem).getAccount());
    final Roster roster = Roster.getInstanceFor(xmppConnection);
    roster.addRosterListener(rosterListener);
    roster.addRosterLoadedListener(rosterListener);
    roster.setSubscriptionMode(Roster.SubscriptionMode.manual);
    org.jivesoftware.smackx.ping.PingManager.getInstanceFor(xmppConnection).registerPingFailedListener(this);
    connectionItem.onSRVResolved(this);
    final String password = OAuthManager.getInstance().getPassword(protocol, token);
    if (password != null) {
        runOnConnectionThread(new Runnable() {

            @Override
            public void run() {
                connect(password);
            }
        });
    } else {
        runOnConnectionThread(new Runnable() {

            @Override
            public void run() {
                passwordRequest();
            }
        });
    }
}

Also used : XMPPTCPConnection(org.jivesoftware.smack.tcp.XMPPTCPConnection) SSLContext(javax.net.ssl.SSLContext) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyManagementException(java.security.KeyManagementException) MemorizingTrustManager(de.duenndns.ssl.MemorizingTrustManager) AccountRosterListener(com.xabber.android.data.roster.AccountRosterListener) Roster(org.jivesoftware.smack.roster.Roster) ExceptionLoggingCallback(org.jivesoftware.smack.parsing.ExceptionLoggingCallback)

Example 97 with KeyManagementException

use of java.security.KeyManagementException in project keywhiz by square.

the class ClientUtils method sslOkHttpClient.

/**
   * Creates a {@link OkHttpClient} to start a TLS connection.
   *
   * @param devTrustStore if not null, uses the provided TrustStore instead of whatever is
   *                      configured in the JVM. This is a convenient way to allow developers to
   *                      start playing with Keywhiz right away. This option should not be used in
   *                      production systems.
   * @param cookies list of cookies to include in the client.
   * @return new http client.
   */
public static OkHttpClient sslOkHttpClient(@Nullable KeyStore devTrustStore, List<HttpCookie> cookies) {
    checkNotNull(cookies);
    SSLContext sslContext;
    try {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(devTrustStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        sslContext = SSLContext.getInstance("TLSv1.2");
        sslContext.init(new KeyManager[0], trustManagers, new SecureRandom());
    } catch (NoSuchAlgorithmException | KeyManagementException | KeyStoreException e) {
        throw Throwables.propagate(e);
    }
    SSLSocketFactory socketFactory = sslContext.getSocketFactory();
    OkHttpClient.Builder client = new OkHttpClient().newBuilder().sslSocketFactory(socketFactory).connectionSpecs(Arrays.asList(ConnectionSpec.MODERN_TLS)).followSslRedirects(false);
    client.retryOnConnectionFailure(false);
    client.networkInterceptors().add(new XsrfTokenInterceptor("XSRF-TOKEN", "X-XSRF-TOKEN"));
    cookies.forEach(c -> getCookieManager().getCookieStore().add(null, c));
    client.cookieJar(new JavaNetCookieJar(getCookieManager()));
    return client.build();
}

Also used : JavaNetCookieJar(okhttp3.JavaNetCookieJar) OkHttpClient(okhttp3.OkHttpClient) SecureRandom(java.security.SecureRandom) SSLContext(javax.net.ssl.SSLContext) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyStoreException(java.security.KeyStoreException) KeyManagementException(java.security.KeyManagementException) TrustManager(javax.net.ssl.TrustManager) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) SSLSocketFactory(javax.net.ssl.SSLSocketFactory)

Example 98 with KeyManagementException

use of java.security.KeyManagementException in project QuickAndroid by ImKarl.

the class HttpsHelper method setCertificates.

public static void setCertificates(OkHttpClient client, InputStream[] certificates, InputStream bksFile, String password) {
    if (client == null) {
        return;
    }
    try {
        TrustManager[] trustManagers = prepareTrustManager(certificates);
        KeyManager[] keyManagers = prepareKeyManager(bksFile, password);
        SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(keyManagers, new TrustManager[] { new MyTrustManager(chooseTrustManager(trustManagers)) }, new SecureRandom());
        client.setSslSocketFactory(sslContext.getSocketFactory());
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (KeyManagementException e) {
        e.printStackTrace();
    } catch (KeyStoreException e) {
        e.printStackTrace();
    }
}

Also used : SecureRandom(java.security.SecureRandom) SSLContext(javax.net.ssl.SSLContext) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyStoreException(java.security.KeyStoreException) KeyManager(javax.net.ssl.KeyManager) KeyManagementException(java.security.KeyManagementException) TrustManager(javax.net.ssl.TrustManager) X509TrustManager(javax.net.ssl.X509TrustManager)

Example 99 with KeyManagementException

use of java.security.KeyManagementException in project jodd by oblac.

the class SocketHttpConnectionProvider method getDefaultSSLSocketFactory.

/**
	 * Returns default SSL socket factory allowing setting trust managers.
	 */
protected SSLSocketFactory getDefaultSSLSocketFactory(boolean trustAllCertificates) throws IOException {
    if (trustAllCertificates) {
        try {
            SSLContext sc = SSLContext.getInstance("SSL");
            sc.init(null, TrustManagers.TRUST_ALL_CERTS, new java.security.SecureRandom());
            return sc.getSocketFactory();
        } catch (NoSuchAlgorithmException | KeyManagementException e) {
            throw new IOException(e);
        }
    } else {
        return (SSLSocketFactory) SSLSocketFactory.getDefault();
    }
}

Also used : SSLContext(javax.net.ssl.SSLContext) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) KeyManagementException(java.security.KeyManagementException)

Example 100 with KeyManagementException

use of java.security.KeyManagementException in project openhab1-addons by openhab.

the class Util method getConnection.

public static Sardine getConnection(CalDavConfig config) {
    if (config.isDisableCertificateVerification()) {
        if (config.getUrl().startsWith(HTTP_URL_PREFIX)) {
            log.error("do not use '{}' if no ssl is used", CalDavLoaderImpl.PROP_DISABLE_CERTIFICATE_VERIFICATION);
        }
        log.trace("connecting to caldav '{}' with disabled certificate verification (url={}, username={}, password={})", config.getKey(), config.getUrl(), config.getUsername(), config.getPassword());
        HttpClientBuilder httpClientBuilder = HttpClientBuilder.create().setHostnameVerifier(new AllowAllHostnameVerifier());
        try {
            httpClientBuilder.setSslcontext(new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {

                @Override
                public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
                    return true;
                }
            }).build());
        } catch (KeyManagementException e) {
            log.error("error verifying certificate", e);
        } catch (NoSuchAlgorithmException e) {
            log.error("error verifying certificate", e);
        } catch (KeyStoreException e) {
            log.error("error verifying certificate", e);
        }
        if (StringUtils.isEmpty(config.getUsername()) && StringUtils.isEmpty(config.getPassword())) {
            log.trace("connecting without credentials for '{}'", config.getKey());
            return new SardineImpl(httpClientBuilder);
        } else {
            return new SardineImpl(httpClientBuilder, config.getUsername(), config.getPassword());
        }
    } else {
        log.trace("connecting to caldav '{}' (url={}, username={}, password={})", config.getKey(), config.getUrl(), config.getUsername(), config.getPassword());
        if (StringUtils.isEmpty(config.getUsername()) && StringUtils.isEmpty(config.getPassword())) {
            log.trace("connecting without credentials for '{}'", config.getKey());
            return new SardineImpl();
        } else {
            return new SardineImpl(config.getUsername(), config.getPassword());
        }
    }
}

Also used : TrustStrategy(org.apache.http.conn.ssl.TrustStrategy) AllowAllHostnameVerifier(org.apache.http.conn.ssl.AllowAllHostnameVerifier) CertificateException(java.security.cert.CertificateException) HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyStoreException(java.security.KeyStoreException) X509Certificate(java.security.cert.X509Certificate) KeyManagementException(java.security.KeyManagementException) SSLContextBuilder(org.apache.http.conn.ssl.SSLContextBuilder) SardineImpl(com.github.sardine.impl.SardineImpl)

Aggregations

KeyManagementException (java.security.KeyManagementException)157 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)111 SSLContext (javax.net.ssl.SSLContext)83 KeyStoreException (java.security.KeyStoreException)60 IOException (java.io.IOException)55 TrustManager (javax.net.ssl.TrustManager)45 CertificateException (java.security.cert.CertificateException)35 X509TrustManager (javax.net.ssl.X509TrustManager)28 SecureRandom (java.security.SecureRandom)27 X509Certificate (java.security.cert.X509Certificate)26 UnrecoverableKeyException (java.security.UnrecoverableKeyException)24 TrustManagerFactory (javax.net.ssl.TrustManagerFactory)24 KeyStore (java.security.KeyStore)22 KeyManager (javax.net.ssl.KeyManager)19 SSLSocketFactory (javax.net.ssl.SSLSocketFactory)16 HostnameVerifier (javax.net.ssl.HostnameVerifier)15 KeyManagerFactory (javax.net.ssl.KeyManagerFactory)15 InputStream (java.io.InputStream)12 HttpsURLConnection (javax.net.ssl.HttpsURLConnection)11 SSLSession (javax.net.ssl.SSLSession)10