private KeyStore newEmptyKeyStore(char[] password) throws GeneralSecurityException { try { KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); InputStream in = null; // By convention, 'null' creates an empty key store. keyStore.load(in, password); return keyStore; } catch (IOException e) { throw new AssertionError(e); } }
private static SSLContext sslContext(String keystoreFile, String password) throws GeneralSecurityException, IOException { KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); try (InputStream in = new FileInputStream(keystoreFile)) { keystore.load(in, password.toCharArray()); } KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keystore, password.toCharArray()); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keystore); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init( keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom()); return sslContext; } }
KeyStore readKeyStore() { KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); // get user password and file input stream char[] password = getPassword(); java.io.FileInputStream fis = null; try { fis = new java.io.FileInputStream("keyStoreName"); ks.load(fis, password); } finally { if (fis != null) { fis.close(); } } return ks; }
static TrustManagerFactory buildTrustManagerFactory( X509Certificate[] certCollection, TrustManagerFactory trustManagerFactory) throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException { final KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null, null); int i = 1; for (X509Certificate cert: certCollection) { String alias = Integer.toString(i); ks.setCertificateEntry(alias, cert); i++; } // Set up trust manager factory to use our key store. if (trustManagerFactory == null) { trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); } trustManagerFactory.init(ks); return trustManagerFactory; }
private static KeyStore loadTrustStore(File trustStorePath, Optional<String> trustStorePassword) throws IOException, GeneralSecurityException { KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); try { // attempt to read the trust store as a PEM file List<X509Certificate> certificateChain = PemReader.readCertificateChain(trustStorePath); if (!certificateChain.isEmpty()) { trustStore.load(null, null); for (X509Certificate certificate : certificateChain) { X500Principal principal = certificate.getSubjectX500Principal(); trustStore.setCertificateEntry(principal.getName(), certificate); } return trustStore; } } catch (IOException | GeneralSecurityException ignored) { } try (InputStream in = new FileInputStream(trustStorePath)) { trustStore.load(in, trustStorePassword.map(String::toCharArray).orElse(null)); } return trustStore; }
private static KeyStore newEmptyKeyStore(String keyStoreType) throws GeneralSecurityException { if (keyStoreType == null) { keyStoreType = KeyStore.getDefaultType(); } try { KeyStore keyStore = KeyStore.getInstance(keyStoreType); InputStream in = null; // By convention, 'null' creates an empty key store. keyStore.load(in, password); return keyStore; } catch (IOException e) { throw new AssertionError(e); } } }
InputStream is = new FileInputStream("cacert.crt"); // You could get a resource as a stream instead. CertificateFactory cf = CertificateFactory.getInstance("X.509"); X509Certificate caCert = (X509Certificate)cf.generateCertificate(is); TrustManagerFactory tmf = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null); // You don't need the KeyStore instance to come from a file. ks.setCertificateEntry("caCert", caCert); tmf.init(ks); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, tmf.getTrustManagers(), null);
private static KeyStore loadTrustStore(File trustStorePath, Optional<String> trustStorePassword) throws IOException, GeneralSecurityException { KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); try { // attempt to read the trust store as a PEM file List<X509Certificate> certificateChain = PemReader.readCertificateChain(trustStorePath); if (!certificateChain.isEmpty()) { trustStore.load(null, null); for (X509Certificate certificate : certificateChain) { X500Principal principal = certificate.getSubjectX500Principal(); trustStore.setCertificateEntry(principal.getName(), certificate); } return trustStore; } } catch (IOException | GeneralSecurityException ignored) { } try (InputStream in = new FileInputStream(trustStorePath)) { trustStore.load(in, trustStorePassword.map(String::toCharArray).orElse(null)); } return trustStore; }
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(trustStore, trustStorePassword); trustStore.close();
static TrustManagerFactory buildTrustManagerFactory( X509Certificate[] certCollection, TrustManagerFactory trustManagerFactory) throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException { final KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null, null); int i = 1; for (X509Certificate cert: certCollection) { String alias = Integer.toString(i); ks.setCertificateEntry(alias, cert); i++; } // Set up trust manager factory to use our key store. if (trustManagerFactory == null) { trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); } trustManagerFactory.init(ks); return trustManagerFactory; }
private static KeyStore initKeyStore(File keyStoreFile) { try { KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); if (keyStoreFile.exists()) { FileInputStream trustStoreInputStream = new FileInputStream(keyStoreFile); keyStore.load(trustStoreInputStream, new char[0]); trustStoreInputStream.close(); } else { keyStore.load(null, new char[0]); // Initialize empty store } return keyStore; } catch (Exception e) { throw new RuntimeException(e); } }
/** * Generates a new {@link KeyStore}. * * @param certChain a X.509 certificate chain * @param key a PKCS#8 private key * @param keyPasswordChars the password of the {@code keyFile}. * {@code null} if it's not password-protected. * @return generated {@link KeyStore}. */ static KeyStore buildKeyStore(X509Certificate[] certChain, PrivateKey key, char[] keyPasswordChars) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException { KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null, null); ks.setKeyEntry(ALIAS, key, keyPasswordChars, certChain); return ks; }
final KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); in = new FileInputStream(keyStorePath); ks.load(in, keyStorePassword.toCharArray()); in.close(); final TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(ks); final SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, tmf.getTrustManagers(), null);
public KeyStore loadOrCreateKeyStore() { KeyStore keystore = null; File keyStoreFile = new File(ConfigurationProperties.javaKeyStoreFilePath()); if (keyStoreFile.exists()) { try (FileInputStream fileInputStream = new FileInputStream(keyStoreFile)) { keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(fileInputStream, ConfigurationProperties.javaKeyStorePassword().toCharArray()); } catch (Exception e) { throw new RuntimeException("Exception while loading KeyStore from " + keyStoreFile.getAbsolutePath(), e); } } System.setProperty("javax.net.ssl.trustStore", keyStoreFile.getAbsolutePath()); // don't rebuild again and again and again ConfigurationProperties.rebuildKeyStore(false); return populateKeyStore(keystore); }
private static KeyStore getKeyStore(InputStream inputStream, char[] storePassword) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException { KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); try { keyStore.load(inputStream, storePassword); } finally { inputStream.close(); } return keyStore; }
public SSLContext getCACertSSLContext() { try { CertificateFactory cf = CertificateFactory.getInstance("X.509"); InputStream caInput = context.getAssets().open("cacert.pem"); Certificate ca = cf.generateCertificate(caInput); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null, null); ks.setCertificateEntry("ca", ca); TrustManagerFactory tmf = TrustManagerFactory.getInstance( TrustManagerFactory.getDefaultAlgorithm()); tmf.init(ks); SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(null, tmf.getTrustManagers(), null); return ctx; } catch (Exception e) { throw new RuntimeException(e); } } }
is = new FileInputStream(file); KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); String password = "password"; keystore.load(is, password.toCharArray());
private KeyStore newKeyStore() throws CertificateException, NoSuchAlgorithmException, IOException, KeyStoreException { final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null); return keyStore; }
public SingleCertTrustManager(InputStream in) throws IOException, GeneralSecurityException { KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); // Note: KeyStore requires it be loaded even if you don't load anything into it: ks.load(null); CertificateFactory cf = CertificateFactory.getInstance("X509"); cert = (X509Certificate) cf.generateCertificate(in); ks.setCertificateEntry(UUID.randomUUID().toString(), cert); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(ks); for (TrustManager tm : tmf.getTrustManagers()) { if (tm instanceof X509TrustManager) { trustManager = (X509TrustManager) tm; break; } } if (trustManager == null) { throw new GeneralSecurityException(GT.tr("No X509TrustManager found")); } }
try (InputStream in = new FileInputStream(cacertsPath.toAbsolutePath().toFile())) { keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(in, "changeit".toCharArray());