Examples with KeyStoreException - java.security.KeyStoreException

Example 31 with KeyStoreException

use of java.security.KeyStoreException in project android_frameworks_base by ResurrectionRemix.

the class LockSettingsService method setLockPatternInternal.

private void setLockPatternInternal(String pattern, String savedCredential, int userId) throws RemoteException {
    byte[] currentHandle = getCurrentHandle(userId);
    if (pattern == null) {
        clearUserKeyProtection(userId);
        getGateKeeperService().clearSecureUserId(userId);
        mStorage.writePatternHash(null, userId);
        setKeystorePassword(null, userId);
        fixateNewestUserKeyAuth(userId);
        onUserLockChanged(userId);
        notifyActivePasswordMetricsAvailable(null, userId);
        return;
    }
    if (isManagedProfileWithUnifiedLock(userId)) {
        // get credential from keystore when managed profile has unified lock
        try {
            savedCredential = getDecryptedPasswordForTiedProfile(userId);
        } catch (UnrecoverableKeyException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchPaddingException | InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException | CertificateException | IOException e) {
            if (e instanceof FileNotFoundException) {
                Slog.i(TAG, "Child profile key not found");
            } else {
                Slog.e(TAG, "Failed to decrypt child profile key", e);
            }
        }
    } else {
        if (currentHandle == null) {
            if (savedCredential != null) {
                Slog.w(TAG, "Saved credential provided, but none stored");
            }
            savedCredential = null;
        }
    }
    byte[] enrolledHandle = enrollCredential(currentHandle, savedCredential, pattern, userId);
    if (enrolledHandle != null) {
        CredentialHash willStore = new CredentialHash(enrolledHandle, CredentialHash.VERSION_GATEKEEPER);
        setUserKeyProtection(userId, pattern, doVerifyPattern(pattern, willStore, true, 0, userId, null));
        mStorage.writePatternHash(enrolledHandle, userId);
        fixateNewestUserKeyAuth(userId);
        onUserLockChanged(userId);
    } else {
        throw new RemoteException("Failed to enroll pattern");
    }
}

Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) CredentialHash(com.android.server.LockSettingsStorage.CredentialHash) FileNotFoundException(java.io.FileNotFoundException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) CertificateException(java.security.cert.CertificateException) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) IOException(java.io.IOException) InvalidKeyException(java.security.InvalidKeyException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) RemoteException(android.os.RemoteException)

Example 32 with KeyStoreException

use of java.security.KeyStoreException in project Resurrection_packages_apps_Settings by ResurrectionRemix.

the class CertInstallerHelper method extractCertificate.

private void extractCertificate(String certFile, String password) {
    InputStream in = null;
    final byte[] raw;
    java.security.KeyStore keystore = null;
    try {
        // Read .p12 file from SDCARD and extract with password
        in = new FileInputStream(new File(Environment.getExternalStorageDirectory(), certFile));
        raw = Streams.readFully(in);
        keystore = java.security.KeyStore.getInstance("PKCS12");
        PasswordProtection passwordProtection = new PasswordProtection(password.toCharArray());
        keystore.load(new ByteArrayInputStream(raw), passwordProtection.getPassword());
        // Install certificates and private keys
        Enumeration<String> aliases = keystore.aliases();
        if (!aliases.hasMoreElements()) {
            Assert.fail("key store failed to put in keychain");
        }
        ArrayList<String> aliasesList = Collections.list(aliases);
        // The keystore is initialized for each test case, there will
        // be only one alias in the keystore
        Assert.assertEquals(1, aliasesList.size());
        String alias = aliasesList.get(0);
        java.security.KeyStore.Entry entry = keystore.getEntry(alias, passwordProtection);
        Log.d(TAG, "extracted alias = " + alias + ", entry=" + entry.getClass());
        if (entry instanceof PrivateKeyEntry) {
            Assert.assertTrue(installFrom((PrivateKeyEntry) entry));
        }
    } catch (IOException e) {
        Assert.fail("Failed to read certficate: " + e);
    } catch (KeyStoreException e) {
        Log.e(TAG, "failed to extract certificate" + e);
    } catch (NoSuchAlgorithmException e) {
        Log.e(TAG, "failed to extract certificate" + e);
    } catch (CertificateException e) {
        Log.e(TAG, "failed to extract certificate" + e);
    } catch (UnrecoverableEntryException e) {
        Log.e(TAG, "failed to extract certificate" + e);
    } finally {
        if (in != null) {
            try {
                in.close();
            } catch (IOException e) {
                Log.e(TAG, "close FileInputStream error: " + e);
            }
        }
    }
}

Also used : ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) CertificateException(java.security.cert.CertificateException) DEROctetString(com.android.org.bouncycastle.asn1.DEROctetString) IOException(java.io.IOException) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyStore(android.security.KeyStore) FileInputStream(java.io.FileInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) UnrecoverableEntryException(java.security.UnrecoverableEntryException) File(java.io.File) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) PasswordProtection(java.security.KeyStore.PasswordProtection)

Example 33 with KeyStoreException

use of java.security.KeyStoreException in project opennms by OpenNMS.

the class JCEKSSecureCredentialsVault method setCredentials.

@Override
public void setCredentials(String alias, Credentials credentials) {
    try {
        byte[] credentialBytes = toBase64EncodedByteArray(credentials);
        SecretKeyFactory factory = SecretKeyFactory.getInstance("PBE");
        SecretKey generatedSecret = factory.generateSecret(new PBEKeySpec(new String(credentialBytes).toCharArray(), m_salt, m_iterationCount, m_keyLength));
        KeyStore.PasswordProtection keyStorePP = new KeyStore.PasswordProtection(m_password);
        m_keystore.setEntry(alias, new KeyStore.SecretKeyEntry(generatedSecret), keyStorePP);
        writeKeystoreToDisk();
    } catch (KeyStoreException | InvalidKeySpecException | NoSuchAlgorithmException | IOException e) {
        throw Throwables.propagate(e);
    }
}

Also used : PBEKeySpec(javax.crypto.spec.PBEKeySpec) KeyStoreException(java.security.KeyStoreException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) KeyStore(java.security.KeyStore) SecretKey(javax.crypto.SecretKey) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) SecretKeyFactory(javax.crypto.SecretKeyFactory)

Example 34 with KeyStoreException

use of java.security.KeyStoreException in project opennms by OpenNMS.

the class JCEKSSecureCredentialsVault method setCredentials.

@Override
public void setCredentials(String alias, Credentials credentials) {
    try {
        byte[] credentialBytes = toBase64EncodedByteArray(credentials);
        SecretKeyFactory factory = SecretKeyFactory.getInstance("PBE");
        SecretKey generatedSecret = factory.generateSecret(new PBEKeySpec(new String(credentialBytes).toCharArray(), m_salt, m_iterationCount, m_keyLength));
        KeyStore.PasswordProtection keyStorePP = new KeyStore.PasswordProtection(m_password);
        m_keystore.setEntry(alias, new KeyStore.SecretKeyEntry(generatedSecret), keyStorePP);
        writeKeystoreToDisk();
    } catch (KeyStoreException | InvalidKeySpecException | NoSuchAlgorithmException | IOException e) {
        throw Throwables.propagate(e);
    }
}

Example 35 with KeyStoreException

use of java.security.KeyStoreException in project UltimateAndroid by cymcsg.

the class HttpsUtils method buildSslSocketFactory.

public static SSLSocketFactory buildSslSocketFactory(Context context, String crtUrl) {
    try {
        // Load CAs from an InputStream
        // (could be from a resource or ByteArrayInputStream or ...)
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        // From https://www.washington.edu/itconnect/security/ca/load-der.crt
        InputStream is = context.getResources().getAssets().open(crtUrl);
        InputStream caInput = new BufferedInputStream(is);
        Certificate ca;
        try {
            ca = cf.generateCertificate(caInput);
        // System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN());
        } finally {
            caInput.close();
        }
        // Create a KeyStore containing our trusted CAs
        String keyStoreType = KeyStore.getDefaultType();
        KeyStore keyStore = KeyStore.getInstance(keyStoreType);
        keyStore.load(null, null);
        keyStore.setCertificateEntry("ca", ca);
        // Create a TrustManager that trusts the CAs in our KeyStore
        String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
        tmf.init(keyStore);
        // Create an SSLContext that uses our TrustManager
        SSLContext contexts = SSLContext.getInstance("TLS");
        contexts.init(null, tmf.getTrustManagers(), null);
        return contexts.getSocketFactory();
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (KeyStoreException e) {
        e.printStackTrace();
    } catch (KeyManagementException e) {
        e.printStackTrace();
    } catch (CertificateException e) {
        e.printStackTrace();
    } catch (IOException e) {
        e.printStackTrace();
    }
    return null;
}

Also used : CertificateException(java.security.cert.CertificateException) SSLContext(javax.net.ssl.SSLContext) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyStoreException(java.security.KeyStoreException) CertificateFactory(java.security.cert.CertificateFactory) KeyStore(java.security.KeyStore) KeyManagementException(java.security.KeyManagementException) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Aggregations

KeyStoreException (java.security.KeyStoreException)797 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)506 IOException (java.io.IOException)409 KeyStore (java.security.KeyStore)359 CertificateException (java.security.cert.CertificateException)353 UnrecoverableKeyException (java.security.UnrecoverableKeyException)194 X509Certificate (java.security.cert.X509Certificate)189 KeyManagementException (java.security.KeyManagementException)172 Certificate (java.security.cert.Certificate)132 InputStream (java.io.InputStream)103 SSLContext (javax.net.ssl.SSLContext)103 TrustManagerFactory (javax.net.ssl.TrustManagerFactory)95 FileInputStream (java.io.FileInputStream)94 File (java.io.File)80 PrivateKey (java.security.PrivateKey)71 TrustManager (javax.net.ssl.TrustManager)70 FileNotFoundException (java.io.FileNotFoundException)61 ByteArrayInputStream (java.io.ByteArrayInputStream)58 CertificateFactory (java.security.cert.CertificateFactory)58 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)53