Examples with TrustManager - javax.net.ssl.TrustManager

Example 46 with TrustManager

use of javax.net.ssl.TrustManager in project android_frameworks_base by ResurrectionRemix.

the class XmlConfigTests method testTrustManagerKeystore.

public void testTrustManagerKeystore() throws Exception {
    XmlConfigSource source = new XmlConfigSource(getContext(), R.xml.bad_pin, true);
    ApplicationConfig appConfig = new ApplicationConfig(source);
    Provider provider = new NetworkSecurityConfigProvider();
    TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX", provider);
    KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
    keystore.load(null);
    int i = 0;
    for (X509Certificate cert : SystemCertificateSource.getInstance().getCertificates()) {
        keystore.setEntry(String.valueOf(i), new KeyStore.TrustedCertificateEntry(cert), null);
        i++;
    }
    tmf.init(keystore);
    TrustManager[] tms = tmf.getTrustManagers();
    SSLContext context = SSLContext.getInstance("TLS");
    context.init(null, tms, null);
    TestUtils.assertConnectionSucceeds(context, "android.com", 443);
}

Also used : TrustManagerFactory(javax.net.ssl.TrustManagerFactory) SSLContext(javax.net.ssl.SSLContext) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) Provider(java.security.Provider) TrustManager(javax.net.ssl.TrustManager)

Example 47 with TrustManager

use of javax.net.ssl.TrustManager in project ats-framework by Axway.

the class InetSmtpConnection method getSSLSocketFactory.

/**
     * Returns a configured SSLSocketFactory to use in creating new SSL
     * sockets.
     * @param tm an optional trust manager to use
     */
protected SSLSocketFactory getSSLSocketFactory(TrustManager tm) throws GeneralSecurityException {
    if (tm == null) {
        tm = new EmptyX509TrustManager();
    }
    SSLContext context = SSLContext.getInstance("TLS");
    TrustManager[] trust = new TrustManager[] { tm };
    context.init(null, trust, null);
    return context.getSocketFactory();
}

Also used : EmptyX509TrustManager(gnu.inet.util.EmptyX509TrustManager) SSLContext(javax.net.ssl.SSLContext) TrustManager(javax.net.ssl.TrustManager) EmptyX509TrustManager(gnu.inet.util.EmptyX509TrustManager)

Example 48 with TrustManager

use of javax.net.ssl.TrustManager in project CloudStack-archive by CloudStack-extras.

the class Link method initSSLContext.

public static SSLContext initSSLContext(boolean isClient) throws Exception {
    InputStream stream;
    SSLContext sslContext = null;
    KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
    TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
    KeyStore ks = KeyStore.getInstance("JKS");
    TrustManager[] tms;
    if (!isClient) {
        char[] passphrase = "vmops.com".toCharArray();
        File confFile = PropertiesUtil.findConfigFile("db.properties");
        /* This line may throw a NPE, but that's due to fail to find db.properities, meant some bugs in the other places */
        String confPath = confFile.getParent();
        String keystorePath = confPath + "/cloud.keystore";
        if (new File(keystorePath).exists()) {
            stream = new FileInputStream(keystorePath);
        } else {
            s_logger.warn("SSL: Fail to find the generated keystore. Loading fail-safe one to continue.");
            stream = NioConnection.class.getResourceAsStream("/cloud.keystore");
        }
        ks.load(stream, passphrase);
        stream.close();
        kmf.init(ks, passphrase);
        tmf.init(ks);
        tms = tmf.getTrustManagers();
    } else {
        ks.load(null, null);
        kmf.init(ks, null);
        tms = new TrustManager[1];
        tms[0] = new TrustAllManager();
    }
    sslContext = SSLContext.getInstance("TLS");
    sslContext.init(kmf.getKeyManagers(), tms, null);
    if (s_logger.isTraceEnabled()) {
        s_logger.trace("SSL: SSLcontext has been initialized");
    }
    return sslContext;
}

Also used : FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) SSLContext(javax.net.ssl.SSLContext) KeyStore(java.security.KeyStore) FileInputStream(java.io.FileInputStream) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) TrustManager(javax.net.ssl.TrustManager) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) File(java.io.File)

Example 49 with TrustManager

use of javax.net.ssl.TrustManager in project midpoint by Evolveum.

the class ProtectorImpl method init.

/**
     * @throws SystemException if jceks keystore is not available on {@link ProtectorImpl#getKeyStorePath}
     */
public void init() {
    InputStream stream = null;
    try {
        // Test if use file or classpath resource
        File f = new File(getKeyStorePath());
        if (f.exists()) {
            LOGGER.info("Using file keystore at {}", getKeyStorePath());
            if (!f.canRead()) {
                LOGGER.error("Provided keystore file {} is unreadable.", getKeyStorePath());
                throw new EncryptionException("Provided keystore file " + getKeyStorePath() + " is unreadable.");
            }
            stream = new FileInputStream(f);
        // Use class path keystore
        } else {
            LOGGER.warn("Using default keystore from classpath ({}).", getKeyStorePath());
            // Read from class path
            stream = ProtectorImpl.class.getClassLoader().getResourceAsStream(getKeyStorePath());
            // class path
            if (stream == null) {
                stream = ProtectorImpl.class.getClassLoader().getResourceAsStream("com/../../" + getKeyStorePath());
            }
        }
        // Test if we have valid stream
        if (stream == null) {
            throw new EncryptionException("Couldn't load keystore as resource '" + getKeyStorePath() + "'");
        }
        // Load keystore
        keyStore.load(stream, getKeyStorePassword().toCharArray());
        stream.close();
        // Initialze trust manager list
        TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        tmFactory.init(keyStore);
        trustManagers = new ArrayList<TrustManager>();
        for (TrustManager trustManager : tmFactory.getTrustManagers()) {
            trustManagers.add(trustManager);
        }
        //init apache crypto library
        Init.init();
    } catch (Exception ex) {
        LOGGER.error("Unable to work with keystore {}, reason {}.", new Object[] { getKeyStorePath(), ex.getMessage() }, ex);
        throw new SystemException(ex.getMessage(), ex);
    }
    randomNumberGenerator = new SecureRandom();
}

Also used : SystemException(com.evolveum.midpoint.util.exception.SystemException) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) SecureRandom(java.security.SecureRandom) File(java.io.File) FileInputStream(java.io.FileInputStream) SchemaException(com.evolveum.midpoint.util.exception.SchemaException) KeyStoreException(java.security.KeyStoreException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) SystemException(com.evolveum.midpoint.util.exception.SystemException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) BadPaddingException(javax.crypto.BadPaddingException) NoSuchProviderException(java.security.NoSuchProviderException) TrustManager(javax.net.ssl.TrustManager)

Example 50 with TrustManager

use of javax.net.ssl.TrustManager in project android_frameworks_base by DirtyUnicorns.

the class X509TrustManagerExtensionsTest method testNormalUseCase.

public void testNormalUseCase() throws Exception {
    String defaultAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
    TrustManagerFactory tmf = TrustManagerFactory.getInstance(defaultAlgorithm);
    String defaultKeystoreType = KeyStore.getDefaultType();
    tmf.init(KeyStore.getInstance(defaultKeystoreType));
    TrustManager[] tms = tmf.getTrustManagers();
    for (TrustManager tm : tms) {
        if (tm instanceof X509TrustManager) {
            new X509TrustManagerExtensions((X509TrustManager) tm);
            return;
        }
    }
    fail();
}

Also used : X509TrustManager(javax.net.ssl.X509TrustManager) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) X509TrustManager(javax.net.ssl.X509TrustManager) TrustManager(javax.net.ssl.TrustManager)

Aggregations

TrustManager (javax.net.ssl.TrustManager)229 SSLContext (javax.net.ssl.SSLContext)139 X509TrustManager (javax.net.ssl.X509TrustManager)139 TrustManagerFactory (javax.net.ssl.TrustManagerFactory)90 X509Certificate (java.security.cert.X509Certificate)70 IOException (java.io.IOException)60 KeyStore (java.security.KeyStore)60 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)60 SecureRandom (java.security.SecureRandom)58 KeyManagementException (java.security.KeyManagementException)54 KeyManager (javax.net.ssl.KeyManager)52 CertificateException (java.security.cert.CertificateException)43 KeyStoreException (java.security.KeyStoreException)37 KeyManagerFactory (javax.net.ssl.KeyManagerFactory)34 HostnameVerifier (javax.net.ssl.HostnameVerifier)23 URL (java.net.URL)22 GeneralSecurityException (java.security.GeneralSecurityException)22 SSLSocketFactory (javax.net.ssl.SSLSocketFactory)20 InputStream (java.io.InputStream)18 FileInputStream (java.io.FileInputStream)16