Examples with UnrecoverableKeyException java.security.UnrecoverableKeyException used on opensource projects

Example 16 with UnrecoverableKeyException

use of java.security.UnrecoverableKeyException in project platform_frameworks_base by android.

the class LockSettingsService method setLockPatternInternal.

private void setLockPatternInternal(String pattern, String savedCredential, int userId) throws RemoteException {
    byte[] currentHandle = getCurrentHandle(userId);
    if (pattern == null) {
        clearUserKeyProtection(userId);
        getGateKeeperService().clearSecureUserId(userId);
        mStorage.writePatternHash(null, userId);
        setKeystorePassword(null, userId);
        fixateNewestUserKeyAuth(userId);
        onUserLockChanged(userId);
        return;
    }
    if (isManagedProfileWithUnifiedLock(userId)) {
        // get credential from keystore when managed profile has unified lock
        try {
            savedCredential = getDecryptedPasswordForTiedProfile(userId);
        } catch (UnrecoverableKeyException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchPaddingException | InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException | CertificateException | IOException e) {
            if (e instanceof FileNotFoundException) {
                Slog.i(TAG, "Child profile key not found");
            } else {
                Slog.e(TAG, "Failed to decrypt child profile key", e);
            }
        }
    } else {
        if (currentHandle == null) {
            if (savedCredential != null) {
                Slog.w(TAG, "Saved credential provided, but none stored");
            }
            savedCredential = null;
        }
    }
    byte[] enrolledHandle = enrollCredential(currentHandle, savedCredential, pattern, userId);
    if (enrolledHandle != null) {
        CredentialHash willStore = new CredentialHash(enrolledHandle, CredentialHash.VERSION_GATEKEEPER);
        setUserKeyProtection(userId, pattern, doVerifyPattern(pattern, willStore, true, 0, userId, null));
        mStorage.writePatternHash(enrolledHandle, userId);
        fixateNewestUserKeyAuth(userId);
        onUserLockChanged(userId);
    } else {
        throw new RemoteException("Failed to enroll pattern");
    }
}

Example 17 with UnrecoverableKeyException

use of java.security.UnrecoverableKeyException in project camel by apache.

the class DefaultKeySelector method select.

public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException {
    if (keyStoreAndAlias.getKeyStore() == null) {
        return getNullKeyResult();
    }
    if (keyStoreAndAlias.getAlias() == null) {
        return getNullKeyResult();
    }
    if (KeySelector.Purpose.VERIFY.equals(purpose)) {
        Certificate cert;
        try {
            cert = keyStoreAndAlias.getKeyStore().getCertificate(keyStoreAndAlias.getAlias());
        } catch (KeyStoreException e) {
            throw new KeySelectorException(e);
        }
        if (cert == null) {
            return getNullKeyResult();
        }
        final Key key = cert.getPublicKey();
        return getKeySelectorResult(key);
    } else if (KeySelector.Purpose.SIGN.equals(purpose)) {
        if (keyStoreAndAlias.getPassword() == null) {
            return getNullKeyResult();
        }
        Key key;
        try {
            if (this.getCamelContext() != null && keyStoreAndAlias.getPassword() != null) {
                try {
                    String passwordProperty = this.getCamelContext().resolvePropertyPlaceholders(new String(keyStoreAndAlias.getPassword()));
                    key = keyStoreAndAlias.getKeyStore().getKey(keyStoreAndAlias.getAlias(), passwordProperty.toCharArray());
                } catch (Exception e) {
                    throw new RuntimeCamelException("Error parsing property value: " + new String(keyStoreAndAlias.getPassword()), e);
                }
            } else {
                key = keyStoreAndAlias.getKeyStore().getKey(keyStoreAndAlias.getAlias(), keyStoreAndAlias.getPassword());
            }
        } catch (UnrecoverableKeyException e) {
            throw new KeySelectorException(e);
        } catch (KeyStoreException e) {
            throw new KeySelectorException(e);
        } catch (NoSuchAlgorithmException e) {
            throw new KeySelectorException(e);
        }
        return getKeySelectorResult(key);
    } else {
        throw new IllegalStateException("Purpose " + purpose + " not supported");
    }
}

Example 18 with UnrecoverableKeyException

use of java.security.UnrecoverableKeyException in project android-async-http by loopj.

the class CustomCASample method onCreate.

@Override
protected void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    try {
        InputStream is = null;
        try {
            // Configure the library to use a custom 'bks' file to perform
            // SSL negotiation.
            KeyStore store = KeyStore.getInstance(KeyStore.getDefaultType());
            is = getResources().openRawResource(R.raw.store);
            store.load(is, STORE_PASS.toCharArray());
            getAsyncHttpClient().setSSLSocketFactory(new SecureSocketFactory(store, STORE_ALIAS));
        } catch (IOException e) {
            throw new KeyStoreException(e);
        } catch (CertificateException e) {
            throw new KeyStoreException(e);
        } catch (NoSuchAlgorithmException e) {
            throw new KeyStoreException(e);
        } catch (KeyManagementException e) {
            throw new KeyStoreException(e);
        } catch (UnrecoverableKeyException e) {
            throw new KeyStoreException(e);
        } finally {
            AsyncHttpClient.silentCloseInputStream(is);
        }
    } catch (KeyStoreException e) {
        Log.e(LOG_TAG, "Unable to initialize key store", e);
        showCustomCAHelp();
    }
}

Example 19 with UnrecoverableKeyException

use of java.security.UnrecoverableKeyException in project keywhiz by square.

the class HttpClients method testSslClient.

/**
   * Create a {@link OkHttpClient} for tests.
   *
   * @param keyStore Use a client certificate from keystore if present. Client certs disabled if null.
   * @param keyStorePassword keyStore password. Client certs disabled if null.
   * @param requestInterceptors Any request interceptors to register with client.
   * @return new http client
   */
private static OkHttpClient testSslClient(@Nullable KeyStore keyStore, @Nullable String keyStorePassword, KeyStore trustStore, List<Interceptor> requestInterceptors) {
    boolean usingClientCert = keyStore != null && keyStorePassword != null;
    SSLContext sslContext;
    try {
        SSLContextBuilder sslContextBuilder = new SSLContextBuilder().useProtocol("TLSv1.2").loadTrustMaterial(trustStore);
        if (usingClientCert) {
            sslContextBuilder.loadKeyMaterial(keyStore, keyStorePassword.toCharArray());
        }
        sslContext = sslContextBuilder.build();
    } catch (NoSuchAlgorithmException | KeyStoreException | UnrecoverableKeyException | KeyManagementException e) {
        throw Throwables.propagate(e);
    }
    OkHttpClient.Builder client = new OkHttpClient().newBuilder().sslSocketFactory(sslContext.getSocketFactory()).connectionSpecs(Arrays.asList(ConnectionSpec.MODERN_TLS)).followSslRedirects(false);
    client.followRedirects(false);
    client.retryOnConnectionFailure(false);
    // Won't use cookies and a client certificate at once.
    if (!usingClientCert) {
        CookieManager cookieManager = new CookieManager();
        cookieManager.setCookiePolicy(CookiePolicy.ACCEPT_ALL);
        client.cookieJar(new JavaNetCookieJar(cookieManager));
    }
    for (Interceptor interceptor : requestInterceptors) {
        client.networkInterceptors().add(interceptor);
    }
    return client.build();
}

Example 20 with UnrecoverableKeyException

use of java.security.UnrecoverableKeyException in project torodb by torodb.

the class MongoClientConfigurationFactory method getMongoClientConfiguration.

public static MongoClientConfiguration getMongoClientConfiguration(AbstractReplication replication) {
    HostAndPort syncSource = HostAndPort.fromString(replication.getSyncSource()).withDefaultPort(27017);
    MongoClientConfiguration.Builder mongoClientConfigurationBuilder = new MongoClientConfiguration.Builder(syncSource);
    Ssl ssl = replication.getSsl();
    mongoClientConfigurationBuilder.setSslEnabled(ssl.getEnabled());
    if (ssl.getEnabled()) {
        try {
            mongoClientConfigurationBuilder.setSslAllowInvalidHostnames(ssl.getAllowInvalidHostnames());
            TrustManager[] tms = getTrustManagers(ssl);
            KeyManager[] kms = getKeyManagers(ssl);
            SSLContext sslContext;
            if (ssl.getFipsMode()) {
                sslContext = SSLContext.getInstance("TLS", "SunPKCS11-NSS");
            } else {
                sslContext = SSLContext.getInstance("TLS");
            }
            sslContext.init(kms, tms, null);
            mongoClientConfigurationBuilder.setSocketFactory(sslContext.getSocketFactory());
        } catch (CertificateException | KeyManagementException | KeyStoreException | UnrecoverableKeyException | NoSuchProviderException | NoSuchAlgorithmException | IOException exception) {
            throw new SystemException(exception);
        }
    }
    Auth auth = replication.getAuth();
    if (auth.getMode().isEnabled()) {
        MongoAuthenticationConfiguration mongoAuthenticationConfiguration = getMongoAuthenticationConfiguration(auth, ssl);
        mongoClientConfigurationBuilder.addAuthenticationConfiguration(mongoAuthenticationConfiguration);
    }
    return mongoClientConfigurationBuilder.build();
}