Example 36 with Provider
use of java.security.Provider in project actor-platform by actorapp.
the class PRNGFixes method installLinuxPRNGSecureRandom.
/**
* Installs a Linux PRNG-backed {@code SecureRandom} implementation as the
* default. Does nothing if the implementation is already the default or if
* there is not need to install the implementation.
*
* @throws SecurityException if the fix is needed but could not be applied.
*/
private static void installLinuxPRNGSecureRandom() throws SecurityException {
if (Build.VERSION.SDK_INT > VERSION_CODE_JELLY_BEAN_MR2) {
// No need to apply the fix
return;
}
// Install a Linux PRNG-based SecureRandom implementation as the
// default, if not yet installed.
Provider[] secureRandomProviders = Security.getProviders("SecureRandom.SHA1PRNG");
if ((secureRandomProviders == null) || (secureRandomProviders.length < 1) || (!LinuxPRNGSecureRandomProvider.class.equals(secureRandomProviders[0].getClass()))) {
Security.insertProviderAt(new LinuxPRNGSecureRandomProvider(), 1);
}
// Assert that new SecureRandom() and
// SecureRandom.getInstance("SHA1PRNG") return a SecureRandom backed
// by the Linux PRNG-based SecureRandom implementation.
SecureRandom rng1 = new SecureRandom();
if (!LinuxPRNGSecureRandomProvider.class.equals(rng1.getProvider().getClass())) {
throw new SecurityException("new SecureRandom() backed by wrong Provider: " + rng1.getProvider().getClass());
}
SecureRandom rng2;
try {
rng2 = SecureRandom.getInstance("SHA1PRNG");
} catch (NoSuchAlgorithmException e) {
throw new SecurityException("SHA1PRNG not available", e);
}
if (!LinuxPRNGSecureRandomProvider.class.equals(rng2.getProvider().getClass())) {
throw new SecurityException("SecureRandom.getInstance(\"SHA1PRNG\") backed by wrong" + " Provider: " + rng2.getProvider().getClass());
}
}
Also used :
SecureRandom(java.security.SecureRandom)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
Provider(java.security.Provider)
Example 37 with Provider
use of java.security.Provider in project android-pbe by nelenkov.
the class Crypto method listAlgorithms.
public static void listAlgorithms(String algFilter) {
Provider[] providers = Security.getProviders();
for (Provider p : providers) {
String providerStr = String.format("%s/%s/%f\n", p.getName(), p.getInfo(), p.getVersion());
Log.d(TAG, providerStr);
Set<Service> services = p.getServices();
List<String> algs = new ArrayList<String>();
for (Service s : services) {
boolean match = true;
if (algFilter != null) {
match = s.getAlgorithm().toLowerCase().contains(algFilter.toLowerCase());
}
if (match) {
String algStr = String.format("\t%s/%s/%s", s.getType(), s.getAlgorithm(), s.getClassName());
algs.add(algStr);
}
}
Collections.sort(algs);
for (String alg : algs) {
Log.d(TAG, "\t" + alg);
}
Log.d(TAG, "");
}
}Example 38 with Provider
use of java.security.Provider in project OpenAM by OpenRock.
the class JSSInit method initialize.
public static synchronized boolean initialize() {
if (initialized) {
return true;
}
final String method = "JSSInit.initialize";
// JSS, initialize cert db
String certdbDir = SystemPropertiesManager.get("com.iplanet.am.admin.cli.certdb.dir");
if (certdbDir == null) {
certdbDir = defaultDBdir;
}
String certdbPrefix = SystemPropertiesManager.get("com.iplanet.am.admin.cli.certdb.prefix");
if (certdbPrefix == null) {
certdbPrefix = "";
}
// Property to determine if JSS needs to installed with highest priority
// at initialization of JSS. If not, it needs to added explicitly
// at the end
boolean donotInstallJSSProviderAt0 = Boolean.valueOf(SystemPropertiesManager.get("com.sun.identity.jss.donotInstallAtHighestPriority", "false")).booleanValue();
String passfile = SystemPropertiesManager.get("com.iplanet.am.admin.cli.certdb.passfile");
String ocspCheckValue = SystemPropertiesManager.get("com.sun.identity.authentication.ocspCheck");
String fipsMode = SystemPropertiesManager.get("com.sun.identity.security.fipsmode", null);
if (ocspCheckValue != null && ocspCheckValue.trim().length() == 0) {
ocspCheckValue = null;
}
boolean ocspCheck = (ocspCheckValue != null && ocspCheckValue.equalsIgnoreCase("true"));
String responderURL = SystemPropertiesManager.get("com.sun.identity.authentication.ocsp.responder.url");
if (responderURL != null && responderURL.trim().length() == 0) {
responderURL = null;
}
String responderNickName = SystemPropertiesManager.get("com.sun.identity.authentication.ocsp.responder.nickname");
if (responderNickName != null && responderNickName.trim().length() == 0) {
responderNickName = null;
}
if (debug.messageEnabled()) {
debug.message(method + "certdbDir = " + certdbDir);
debug.message(method + "certdbPrefix = " + certdbPrefix);
debug.message(method + "certdbPassfile = " + passfile);
debug.message(method + "responderURL = " + responderURL);
debug.message(method + "responderNickName = " + responderNickName);
debug.message(method + "fipsMode = " + fipsMode);
}
String password = null;
if (passfile != null) {
try {
FileInputStream fis = new FileInputStream(passfile);
InputStreamReader isr = new InputStreamReader(fis);
BufferedReader br = new BufferedReader(isr);
password = br.readLine();
} catch (Exception ex) {
if (debug.messageEnabled()) {
debug.message(method + "Unable to " + "read JSS password file " + passfile);
}
}
}
String keydbPrefix = certdbPrefix;
String moddb = "secmod.db";
try {
cm = CryptoManager.getInstance();
} catch (CryptoManager.NotInitializedException exp) {
try {
CryptoManager.InitializationValues iv = null;
if (certdbPrefix.length() == 0) {
iv = new CryptoManager.InitializationValues(certdbDir);
} else {
iv = new CryptoManager.InitializationValues(certdbDir, certdbPrefix, keydbPrefix, moddb);
}
if (debug.messageEnabled()) {
debug.message(method + "output of Initilization values ");
debug.message(method + "Manufacturer ID: " + iv.getManufacturerID());
debug.message(method + "Library: " + iv.getLibraryDescription());
debug.message(method + "Internal Slot: " + iv.getInternalSlotDescription());
debug.message(method + "Internal Token: " + iv.getInternalTokenDescription());
debug.message(method + "Key Storage Slot: " + iv.getFIPSKeyStorageSlotDescription());
debug.message(method + "Key Storage Token: " + iv.getInternalKeyStorageTokenDescription());
debug.message(method + "FIPS Slot: " + iv.getFIPSSlotDescription());
debug.message(method + "FIPS Key Storage: " + iv.getFIPSKeyStorageSlotDescription());
}
if (fipsMode == null) {
iv.fipsMode = CryptoManager.InitializationValues.FIPSMode.UNCHANGED;
} else if (fipsMode.equalsIgnoreCase("true")) {
iv.fipsMode = CryptoManager.InitializationValues.FIPSMode.ENABLED;
} else if (fipsMode.equalsIgnoreCase("false")) {
iv.fipsMode = CryptoManager.InitializationValues.FIPSMode.DISABLED;
}
iv.removeSunProvider = false;
// if other providers are being used
if (donotInstallJSSProviderAt0) {
iv.installJSSProvider = false;
}
// set open mode of the databases
iv.readOnly = true;
// enable OCSP
iv.ocspCheckingEnabled = ocspCheck;
// responderURL & responderNickname must both present
if (ocspCheck && responderURL != null && responderNickName != null) {
iv.ocspResponderCertNickname = responderNickName;
iv.ocspResponderURL = responderURL;
}
CryptoManager.initialize(iv);
// add it to the list of JCE providers at the end
if (donotInstallJSSProviderAt0) {
Provider provider = null;
try {
provider = (Provider) Class.forName("org.mozilla.jss.JSSProvider").newInstance();
} catch (ClassNotFoundException e) {
provider = (Provider) Class.forName("org.mozilla.jss.provider.Provider").newInstance();
}
Security.addProvider(provider);
}
cm = CryptoManager.getInstance();
if (password != null) {
cm.setPasswordCallback(new JSSPasswordCallback(password));
}
token = cm.getInternalKeyStorageToken();
if (cm.FIPSEnabled()) {
token.login(cm.getPasswordCallback());
}
cm.setThreadToken(token);
if (debug.messageEnabled()) {
if (cm.FIPSEnabled() == true) {
debug.message(method + "FIPS enabled.");
} else {
debug.message(method + "FIPS not enabled.");
}
}
initialized = true;
} catch (KeyDatabaseException kdbe) {
debug.error(method + "Couldn't open the key database.", kdbe);
} catch (CertDatabaseException cdbe) {
debug.error(method + "Couldn't open the certificate database.", cdbe);
} catch (AlreadyInitializedException aie) {
debug.error(method + "CryptoManager already initialized.", aie);
} catch (Exception e) {
debug.error(method + "Exception occurred: ", e);
}
}
return initialized;
}
Also used :
InputStreamReader(java.io.InputStreamReader)
CryptoManager(org.mozilla.jss.CryptoManager)
KeyDatabaseException(org.mozilla.jss.KeyDatabaseException)
FileInputStream(java.io.FileInputStream)
AlreadyInitializedException(org.mozilla.jss.crypto.AlreadyInitializedException)
KeyDatabaseException(org.mozilla.jss.KeyDatabaseException)
CertDatabaseException(org.mozilla.jss.CertDatabaseException)
AlreadyInitializedException(org.mozilla.jss.crypto.AlreadyInitializedException)
Provider(java.security.Provider)
JSSPasswordCallback(com.iplanet.am.util.JSSPasswordCallback)
CertDatabaseException(org.mozilla.jss.CertDatabaseException)
BufferedReader(java.io.BufferedReader)
Example 39 with Provider
use of java.security.Provider in project zaproxy by zaproxy.
the class SSLContextManager method initMSCAPI.
public int initMSCAPI() throws KeyStoreException, NoSuchProviderException, IOException, NoSuchAlgorithmException, CertificateException {
try {
if (!isProviderAvailable("msks")) {
return -1;
}
Provider mscapi = (Provider) Class.forName("se.assembla.jce.provider.ms.MSProvider").newInstance();
Security.addProvider(mscapi);
// init the key store
KeyStore ks = KeyStore.getInstance("msks", "assembla");
ks.load(null, null);
return addKeyStore(ks, "Microsoft CAPI Store", null);
} catch (Exception e) {
log.error("Error instantiating the MSCAPI provider: " + e.getMessage(), e);
return -1;
}
}
Also used :
KeyStore(java.security.KeyStore)
KeyStoreException(java.security.KeyStoreException)
IOException(java.io.IOException)
KeyManagementException(java.security.KeyManagementException)
CertificateException(java.security.cert.CertificateException)
FileNotFoundException(java.io.FileNotFoundException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
NoSuchProviderException(java.security.NoSuchProviderException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
Provider(java.security.Provider)
Example 40 with Provider
use of java.security.Provider in project zaproxy by zaproxy.
the class SSLContextManager method initPKCS11.
/*
* public int initCryptoApi() throws KeyStoreException,
* NoSuchAlgorithmException, CertificateException, IOException{
*
* Provider mscapi = new sun.security.mscapi.SunMSCAPI();
* Security.addProvider(mscapi);
*
* KeyStore ks = KeyStore.getInstance("Windows-MY"); ks.load(null, null);
*
* return addKeyStore(ks, "CryptoAPI", null); }
*/
public int initPKCS11(PKCS11Configuration configuration, String kspassword) throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, ClassNotFoundException, SecurityException, NoSuchMethodException, IllegalArgumentException, InstantiationException, IllegalAccessException, InvocationTargetException {
if (!isProviderAvailable(PKCS11_PROVIDER_TYPE)) {
return -1;
}
Provider pkcs11 = createPKCS11Provider(configuration);
Security.addProvider(pkcs11);
// init the key store
KeyStore ks = getPKCS11KeyStore(pkcs11.getName());
ks.load(null, kspassword == null ? null : kspassword.toCharArray());
// do not store pin code
return addKeyStore(ks, "PKCS#11: " + configuration.getName(), "");
}Aggregations
Provider (java.security.Provider)243
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)49
ArrayList (java.util.ArrayList)26
MessageDigest (java.security.MessageDigest)21
List (java.util.List)20
Key (java.security.Key)19
KeyStore (java.security.KeyStore)19
Service (java.security.Provider.Service)15
ExemptionMechanism (javax.crypto.ExemptionMechanism)14
SpiEngUtils (org.apache.harmony.security.tests.support.SpiEngUtils)14
InvalidKeyException (java.security.InvalidKeyException)13
SecureRandom (java.security.SecureRandom)13
IOException (java.io.IOException)12
NoSuchProviderException (java.security.NoSuchProviderException)12
SecretKey (javax.crypto.SecretKey)12
KeyStoreException (java.security.KeyStoreException)11
CertificateException (java.security.cert.CertificateException)11
Cipher (javax.crypto.Cipher)11
KeyGenerator (javax.crypto.KeyGenerator)11
MyExemptionMechanismSpi.tmpKey (org.apache.harmony.crypto.tests.support.MyExemptionMechanismSpi.tmpKey)11
