for (Provider currentProvider : providerSupplier.get()) { if (currentProvider == null) { continue; Set<Service> services = currentProvider.getServices(); if (services != null) { for (Service service : currentProvider.getServices()) { if (SERVICE_TYPE.equals(service.getType())) { try { clientFactoryList.add(new Pair(currentProvider, (SaslClientFactory) service.newInstance(null))); } catch (NoSuchAlgorithmException | ClassCastException | InvalidParameterException e) { log.debug("Unable to create instance", e); if (saslClient != null) { if (log.isTraceEnabled()) { log.tracef("Created SaslClient for mechanism %s, using Provider %s and protocol %s", saslClient.getMechanismName(), pair.provider.getName(), protocol); log.tracef("No %s provided by providers in %s: %s", SERVICE_TYPE, getClass().getSimpleName(), Arrays.toString(providerSupplier.get()));
@Test public void listCryptoSettingsAvailable() { logger.log(Level.INFO, "Listing security providers and properties:"); for (Provider provider: Security.getProviders()) { logger.log(Level.INFO, "- Provider '"+provider.getName()+"' "); List<String> propertyNames = new ArrayList<String>(); propertyNames.addAll(provider.stringPropertyNames()); Collections.sort(propertyNames); for (String key : propertyNames) { logger.log(Level.INFO, " "+provider.getName()+" / "+key+" = "+provider.getProperty(key)); } } } }
Provider[] providers = Security.getProviders(); for (Provider provider : providers) { Log.i("CRYPTO","provider: "+provider.getName()); Set<Provider.Service> services = provider.getServices(); for (Provider.Service service : services) { Log.i("CRYPTO"," algorithm: "+service.getAlgorithm()); } }
/** * Returns the property with the specified key in the provider properties. * The name is not case-sensitive. */ private String getPropertyIgnoreCase(String key) { String res = getProperty(key); if (res != null) { return res; } for (Enumeration<?> e = propertyNames(); e.hasMoreElements(); ) { String propertyName = (String) e.nextElement(); if (key.equalsIgnoreCase(propertyName)) { return getProperty(propertyName); } } return null; }
/** * Get the service of the specified type * */ synchronized Provider.Service getService(String type) { updatePropertyServiceTable(); if (lastServicesByType != null && type.equals(lastType)) { return lastServicesByType; } Provider.Service service; for (Iterator<Service> it = getServices().iterator(); it.hasNext();) { service = it.next(); if (type.equals(service.type)) { lastType = type; lastServicesByType = service; return service; } } return null; }
/** * Find a provider service which matches the given predicate. * * @param providerSupplier the provider supplier * @param matchPredicate the predicate to test * @return the provider service, or {@code null} if none is found */ public static Provider.Service findProviderService(Supplier<Provider[]> providerSupplier, Predicate<Provider.Service> matchPredicate) { Assert.checkNotNullParam("providerSupplier", providerSupplier); Assert.checkNotNullParam("matchPredicate", matchPredicate); for (Provider provider : providerSupplier.get()) { for (Provider.Service service : provider.getServices()) { if (matchPredicate.test(service)) { return service; } } } return null; }
/** * Find a provider service which provides the given service type and algorithm name. * * If a providerName is specified the match will only be tested against providers with the name specified. * * @param providerSupplier the provider supplier (must not be {@code null}) * @param providerName the name of the provider, can be {@code null} * @param serviceType the service type (must not be {@code null}) * @param algorithm the algorithm name (must not be {@code null}) * @return the provider service, or {@code null} if none is found */ public static Provider.Service findProviderService(Supplier<Provider[]> providerSupplier, String providerName, String serviceType, String algorithm) { Assert.checkNotNullParam("providerSupplier", providerSupplier); Assert.checkNotNullParam("serviceType", serviceType); Assert.checkNotNullParam("algorithm", algorithm); for (Provider provider : providerSupplier.get()) { if (providerName == null || providerName.equals(provider.getName())) { Provider.Service providerService = provider.getService(serviceType, algorithm); if (providerService != null) { return providerService; } } } return null; }
ctx.getProvider().getName()}); keyStoreType = KeyStore.getDefaultType(); keyStore=KeyStore.getInstance(keyStoreType); keyStore.load(new FileInputStream(keyStoreName), keyStorePwd); if(keyMgrProvider!=null) { keyMgrFact = KeyManagerFactory.getInstance(keyMgrAlgo, keyMgrProvider); keyMgrFact.getProvider().getName()}); trustMgrFact.getProvider().getName()});
private KeyStore getKeyStoreFromConfigFile(String configFile) { KeyStore keyStore = null; try { Constructor<?> construtor = Class.forName("sun.security.pkcs11.SunPKCS11").getConstructor(new Class[] { String.class }); Provider pkcs11Provider = (Provider) construtor.newInstance(new Object[] { configFile }); Security.addProvider(pkcs11Provider); Method login = Class.forName("sun.security.pkcs11.SunPKCS11").getMethod("login", new Class[] { Subject.class, CallbackHandler.class }); login.invoke(Security.getProvider(pkcs11Provider.getName()), new Object[] { null, this.callback }); keyStore = KeyStore.getInstance(PKCS11_KEYSTORE_TYPE, pkcs11Provider.getName()); keyStore.load(null, null); } catch (Exception e) { if (e.getCause().toString().equals("javax.security.auth.login.FailedLoginException")) throw new InvalidPinException(PINNUMBER_INVALID, e); if (e.getCause().toString().equals("javax.security.auth.login.LoginException")) throw new InvalidPinException(PINNUMBER_INVALID, e); else throw new PKCS11NotFoundException(DRIVER_LOAD_ERROR, e); } return keyStore; }
/** * Get a {@code CredentialStore} instance. The returned CredentialStore object will implement the given algorithm. * * @param algorithm the name of the algorithm * @param providerName the name of the provider to use * @param providers supplier of provider instances to search * @return a {@code CredentialStore} instance * @throws NoSuchAlgorithmException if the given algorithm has no available implementations * @throws NoSuchProviderException if given provider name cannot match any registered {@link Provider} */ public static CredentialStore getInstance(String algorithm, String providerName, Supplier<Provider[]> providers) throws NoSuchAlgorithmException, NoSuchProviderException { checkNotNullParam("algorithm", algorithm); checkNotNullParam("providerName", providerName); checkNotNullParam("providers", providers); Provider provider = null; for (Provider current : providers.get()) { if (providerName.equals(current.getName())) { provider = current; break; } } if (provider == null) throw new NoSuchProviderException(providerName); return getInstance(algorithm, provider); }
private static KeyStore tryLoadKeystore(final Supplier<Provider[]> providers, final String providerName, InputStream is, char[] password, String... types) { for (String type : types) { try { log.debug("Searching provider for: " + type); Provider provider = findProvider(providers, providerName, KeyStore.class, type); if (provider == null) { log.debug("Provider not found"); continue; } log.debug("Provider found: " + provider.getName()); KeyStore keystore = KeyStore.getInstance(type, provider); is.reset(); keystore.load(is, password); return keystore; } catch (Exception e) { log.debug("KeyStore is not of type " + type); continue; } } return null; }
public int initPKCS11(PKCS11Configuration configuration, String kspassword) throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, ClassNotFoundException, SecurityException, NoSuchMethodException, IllegalArgumentException, InstantiationException, IllegalAccessException, InvocationTargetException { if (!isProviderAvailable(PKCS11_PROVIDER_TYPE)) { return -1; } Provider pkcs11 = createPKCS11Provider(configuration); Security.addProvider(pkcs11); // init the key store KeyStore ks = getPKCS11KeyStore(pkcs11.getName()); ks.load(null, kspassword == null ? null : kspassword.toCharArray()); return addKeyStore(ks, "PKCS#11: " + configuration.getName(), ""); // do not store pin code }
@Override public KeyStore createKeyStore(final String type) throws KeyStoreException { checkNotNull(type); KeyStore obj; try { obj = KeyStore.getInstance(type, getProvider()); } catch (KeyStoreException e) { logFallback(e); obj = KeyStore.getInstance(type); } if (log.isTraceEnabled()) { log.trace("Created key-store: {} ({})", obj.getType(), obj.getProvider().getName()); } return obj; }
@Test public void testBuildAllDefaults() throws Exception { final SSLContext sslContext = SSLContextBuilder.create() .setKeyStoreType(KeyStore.getDefaultType()) .setKeyManagerFactoryAlgorithm(KeyManagerFactory.getDefaultAlgorithm()) .setTrustManagerFactoryAlgorithm(TrustManagerFactory.getDefaultAlgorithm()) .setProvider(PROVIDER_SUN_JSSE) .setProtocol("TLS") .setSecureRandom(null) .loadTrustMaterial((KeyStore) null, null) .loadKeyMaterial((KeyStore) null, null, null) .build(); Assert.assertNotNull(sslContext); Assert.assertEquals("TLS", sslContext.getProtocol()); Assert.assertEquals(PROVIDER_SUN_JSSE, sslContext.getProvider().getName()); }
public static boolean isConscryptPreferred() { // mainly to allow tests to run cleanly if ("conscrypt".equals(Util.getSystemProperty("okhttp.platform", null))) { return true; } // check if Provider manually installed String preferredProvider = Security.getProviders()[0].getName(); return "Conscrypt".equals(preferredProvider); }
@Override public void applyDelegate(Config config) { Security.addProvider(new BouncyCastleProvider()); if (isDebug()) { Configurator.setAllLevels("de.rub.nds.tlsattacker", Level.DEBUG); } else if (quiet) { Configurator.setAllLevels("de.rub.nds.tlsattacker", Level.OFF); } LOGGER.debug("Using the following security providers"); for (Provider p : Security.getProviders()) { LOGGER.debug("Provider {}, version, {}", p.getName(), p.getVersion()); } // remove stupid Oracle JDK security restriction (otherwise, it is not // possible to use strong crypto with Oracle JDK) UnlimitedStrengthEnabler.enable(); } }
@SuppressWarnings("unchecked") private static void printKeyStoreInfo(KeyStore keystore) throws KeyStoreException { log.debug("Provider : " + keystore.getProvider().getName()); log.debug("Type : " + keystore.getType()); log.debug("Size : " + keystore.size()); Enumeration en = keystore.aliases(); while (en.hasMoreElements()) { System.out.println("Alias: " + en.nextElement()); } }
for (Provider provider : Security.getProviders()) { System.out.println("Provider: " + provider.getName() + " version: " + provider.getVersion()); for (Provider.Service service : provider.getServices()) { System.out.printf(" Type : %-30s Algorithm: %-30s\n", service.getType(), service.getAlgorithm()); } }
/** * {@inheritDoc}} */ @Override public byte[] wrapWithSecretKey(SecretKey kek, Key keyToWrap) throws CryptoException { final IvParameterSpec iv = new IvParameterSpec(IV_BYTES); try { final Cipher wrapCipher = Cipher.getInstance(WRAP_ALGO, ks.getProvider().getName()); wrapCipher.init(Cipher.WRAP_MODE, kek, iv); return wrapCipher.wrap(keyToWrap); } catch (Exception e) { throw new CryptoException("Failed to wrap key: " + e.getMessage(), e); } }
for (Provider p : Security.getProviders()) { log.debug(p.getName()); log.debug(p.getInfo()); }