Examples with KeyManager javax.net.ssl.KeyManager used on opensource projects

Search in sources :

Example 41 with KeyManager

use of javax.net.ssl.KeyManager in project apache-kafka-on-k8s by banzaicloud.

the class SslFactory method createSSLContext.

// package access for testing
SSLContext createSSLContext(SecurityStore keystore) throws GeneralSecurityException, IOException {
    SSLContext sslContext;
    if (provider != null)
        sslContext = SSLContext.getInstance(protocol, provider);
    else
        sslContext = SSLContext.getInstance(protocol);
    KeyManager[] keyManagers = null;
    if (keystore != null) {
        String kmfAlgorithm = this.kmfAlgorithm != null ? this.kmfAlgorithm : KeyManagerFactory.getDefaultAlgorithm();
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(kmfAlgorithm);
        KeyStore ks = keystore.load();
        Password keyPassword = keystore.keyPassword != null ? keystore.keyPassword : keystore.password;
        kmf.init(ks, keyPassword.value().toCharArray());
        keyManagers = kmf.getKeyManagers();
    }
    String tmfAlgorithm = this.tmfAlgorithm != null ? this.tmfAlgorithm : TrustManagerFactory.getDefaultAlgorithm();
    TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
    KeyStore ts = truststore == null ? null : truststore.load();
    tmf.init(ts);
    sslContext.init(keyManagers, tmf.getTrustManagers(), this.secureRandomImplementation);
    if (keystore != null && keystore != this.keystore) {
        if (this.keystore == null)
            throw new ConfigException("Cannot add SSL keystore to an existing listener for which no keystore was configured.");
        if (keystoreVerifiableUsingTruststore)
            SSLConfigValidatorEngine.validate(this, sslContext);
        if (!CertificateEntries.create(this.keystore.load()).equals(CertificateEntries.create(keystore.load()))) {
            throw new ConfigException("Keystore DistinguishedName or SubjectAltNames do not match");
        }
    }
    return sslContext;
}
Also used : TrustManagerFactory(javax.net.ssl.TrustManagerFactory) ConfigException(org.apache.kafka.common.config.ConfigException) SSLContext(javax.net.ssl.SSLContext) KeyManager(javax.net.ssl.KeyManager) KeyStore(java.security.KeyStore) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) Password(org.apache.kafka.common.config.types.Password)

Example 42 with KeyManager

use of javax.net.ssl.KeyManager in project Much-Assembly-Required by simon987.

the class SocketServer method getContext.

/**
 * See https://github.com/TooTallNate/Java-WebSocket/blob/master/src/main/example/SSLServerLetsEncryptExample.java
 */
/*
     *      * Copyright (c) 2010-2017 Nathan Rajlich
     *
     *  Permission is hereby granted, free of charge, to any person
     *  obtaining a copy of this software and associated documentation
     *  files (the "Software"), to deal in the Software without
     *  restriction, including without limitation the rights to use,
     *  copy, modify, merge, publish, distribute, sublicense, and/or sell
     *  copies of the Software, and to permit persons to whom the
     *  Software is furnished to do so, subject to the following
     *  conditions:
     *
     *  The above copyright notice and this permission notice shall be
     *  included in all copies or substantial portions of the Software.
     */
private static SSLContext getContext(String pathTo) {
    SSLContext context;
    String password = "MAR";
    try {
        context = SSLContext.getInstance("TLS");
        byte[] certBytes = parseDERFromPEM(getBytes(new File(pathTo + File.separator + "cert.pem")), "-----BEGIN CERTIFICATE-----", "-----END CERTIFICATE-----");
        byte[] keyBytes = parseDERFromPEM(getBytes(new File(pathTo + File.separator + "privkey.pem")), "-----BEGIN PRIVATE KEY-----", "-----END PRIVATE KEY-----");
        X509Certificate cert = generateCertificateFromDER(certBytes);
        RSAPrivateKey key = generatePrivateKeyFromDER(keyBytes);
        KeyStore keystore = KeyStore.getInstance("JKS");
        keystore.load(null);
        keystore.setCertificateEntry("cert-alias", cert);
        keystore.setKeyEntry("key-alias", key, password.toCharArray(), new Certificate[] { cert });
        KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
        kmf.init(keystore, password.toCharArray());
        KeyManager[] km = kmf.getKeyManagers();
        context.init(km, null, null);
    } catch (Exception e) {
        context = null;
    }
    return context;
}
Also used : SSLContext(javax.net.ssl.SSLContext) File(java.io.File) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) KeyStore(java.security.KeyStore) KeyManager(javax.net.ssl.KeyManager) X509Certificate(java.security.cert.X509Certificate) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) BindException(java.net.BindException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyManagerFactory(javax.net.ssl.KeyManagerFactory)

Example 43 with KeyManager

use of javax.net.ssl.KeyManager in project runwar by cfmlprojects.

the class SSLUtil method createSSLContext.

private static SSLContext createSSLContext(final KeyStore keyStore, final KeyStore trustStore, final char[] passphrase, final String[] addCertificatePaths) throws IOException {
    KeyManager[] keyManagers;
    try {
        final KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, passphrase);
        keyManagers = keyManagerFactory.getKeyManagers();
    } catch (NoSuchAlgorithmException ex) {
        throw new IOException("Unable to initialise KeyManager[]", ex);
    } catch (UnrecoverableKeyException ex2) {
        throw new IOException("Unable to initialise KeyManager[]", ex2);
    } catch (KeyStoreException ex3) {
        throw new IOException("Unable to initialise KeyManager[]", ex3);
    }
    if (addCertificatePaths != null && addCertificatePaths.length > 0) {
        for (int length = addCertificatePaths.length, i = 0; i < length; ++i) {
            addCertificate(keyStore, new File(addCertificatePaths[i]), "addedKey" + i);
        }
    }
    TrustManager[] trustManagers;
    try {
        final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(trustStore);
        trustManagers = trustManagerFactory.getTrustManagers();
    } catch (NoSuchAlgorithmException ex4) {
        throw new IOException("Unable to initialise TrustManager[]", ex4);
    } catch (KeyStoreException ex5) {
        throw new IOException("Unable to initialise TrustManager[]", ex5);
    }
    SSLContext sslContext;
    try {
        sslContext = SSLContext.getInstance("TLS");
        sslContext.init(keyManagers, trustManagers, null);
    } catch (NoSuchAlgorithmException ex6) {
        throw new IOException("Unable to create and initialise the SSLContext", ex6);
    } catch (KeyManagementException ex7) {
        throw new IOException("Unable to create and initialise the SSLContext", ex7);
    }
    Arrays.fill(passphrase, '*');
    return sslContext;
}
Also used : NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) KeyStoreException(java.security.KeyStoreException) SSLContext(javax.net.ssl.SSLContext) KeyManagementException(java.security.KeyManagementException) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) TrustManager(javax.net.ssl.TrustManager) UnrecoverableKeyException(java.security.UnrecoverableKeyException) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) KeyManager(javax.net.ssl.KeyManager) File(java.io.File)

Example 44 with KeyManager

use of javax.net.ssl.KeyManager in project Pix-Art-Messenger by kriztan.

the class XmppConnection method getTlsFactoryVerifier.

private TlsFactoryVerifier getTlsFactoryVerifier() throws NoSuchAlgorithmException, KeyManagementException, IOException {
    final SSLContext sc = SSLSocketHelper.getSSLContext();
    MemorizingTrustManager trustManager = this.mXmppConnectionService.getMemorizingTrustManager();
    KeyManager[] keyManager;
    if (account.getPrivateKeyAlias() != null && account.getPassword().isEmpty()) {
        keyManager = new KeyManager[] { new MyKeyManager() };
    } else {
        keyManager = null;
    }
    String domain = account.getJid().getDomainpart();
    sc.init(keyManager, new X509TrustManager[] { mInteractive ? trustManager.getInteractive(domain) : trustManager.getNonInteractive(domain) }, mXmppConnectionService.getRNG());
    final SSLSocketFactory factory = sc.getSocketFactory();
    final DomainHostnameVerifier verifier = trustManager.wrapHostnameVerifier(new XmppDomainVerifier(), mInteractive);
    return new TlsFactoryVerifier(factory, verifier);
}
Also used : MemorizingTrustManager(de.pixart.messenger.services.MemorizingTrustManager) XmppDomainVerifier(de.pixart.messenger.crypto.XmppDomainVerifier) DomainHostnameVerifier(de.pixart.messenger.crypto.DomainHostnameVerifier) SSLContext(javax.net.ssl.SSLContext) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) X509KeyManager(javax.net.ssl.X509KeyManager) KeyManager(javax.net.ssl.KeyManager)

Example 45 with KeyManager

use of javax.net.ssl.KeyManager in project incubator-pulsar by apache.

the class SecurityUtility method createSslContext.

public static SSLContext createSslContext(boolean allowInsecureConnection, Certificate[] trustCertficates, Certificate[] certificates, PrivateKey privateKey) throws GeneralSecurityException {
    KeyStoreHolder ksh = new KeyStoreHolder();
    TrustManager[] trustManagers = null;
    KeyManager[] keyManagers = null;
    trustManagers = setupTrustCerts(ksh, allowInsecureConnection, trustCertficates);
    keyManagers = setupKeyManager(ksh, privateKey, certificates);
    SSLContext sslCtx = SSLContext.getInstance("TLS");
    sslCtx.init(keyManagers, trustManagers, new SecureRandom());
    sslCtx.getDefaultSSLParameters();
    return sslCtx;
}
Also used : SecureRandom(java.security.SecureRandom) SSLContext(javax.net.ssl.SSLContext) KeyManager(javax.net.ssl.KeyManager) TrustManager(javax.net.ssl.TrustManager)

Aggregations

KeyManager (javax.net.ssl.KeyManager)210 SSLContext (javax.net.ssl.SSLContext)127 TrustManager (javax.net.ssl.TrustManager)127 KeyManagerFactory (javax.net.ssl.KeyManagerFactory)103 KeyStore (java.security.KeyStore)95 IOException (java.io.IOException)59 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)59 SecureRandom (java.security.SecureRandom)54 TrustManagerFactory (javax.net.ssl.TrustManagerFactory)54 KeyManagementException (java.security.KeyManagementException)46 X509TrustManager (javax.net.ssl.X509TrustManager)45 KeyStoreException (java.security.KeyStoreException)42 X509KeyManager (javax.net.ssl.X509KeyManager)40 InputStream (java.io.InputStream)33 UnrecoverableKeyException (java.security.UnrecoverableKeyException)32 FileInputStream (java.io.FileInputStream)31 CertificateException (java.security.cert.CertificateException)30 GeneralSecurityException (java.security.GeneralSecurityException)24 X509Certificate (java.security.cert.X509Certificate)23 File (java.io.File)15
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial