/** * Returns the VM's default SSL socket factory, using {@code trustManager} for trusted root * certificates. */ private SSLSocketFactory defaultSslSocketFactory(X509TrustManager trustManager) throws NoSuchAlgorithmException, KeyManagementException { SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, new TrustManager[] { trustManager }, null); return sslContext.getSocketFactory(); }
private void processHandshakeFailure(Socket raw) throws Exception { SSLContext context = SSLContext.getInstance("TLS"); context.init(null, new TrustManager[] {UNTRUSTED_TRUST_MANAGER}, new SecureRandom()); SSLSocketFactory sslSocketFactory = context.getSocketFactory(); SSLSocket socket = (SSLSocket) sslSocketFactory.createSocket( raw, raw.getInetAddress().getHostAddress(), raw.getPort(), true); try { socket.startHandshake(); // we're testing a handshake failure throw new AssertionError(); } catch (IOException expected) { } socket.close(); }
private static SSLContext sslContext(String keystoreFile, String password) throws GeneralSecurityException, IOException { KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); try (InputStream in = new FileInputStream(keystoreFile)) { keystore.load(in, password.toCharArray()); } KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keystore, password.toCharArray()); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keystore); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init( keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom()); return sslContext; } }
private SSLServerSocket getSSLSocket() throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException{ KeyStore keyStore = KeyStore.getInstance("PKCS12"); keyStore.load(mContext.getAssets().open(KEYSTORE_FILE), KEYSTORE_PASS.toCharArray()); KeyManagerFactory keyMan = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyMan.init(keyStore, KEYSTORE_PASS.toCharArray()); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyMan.getKeyManagers(), null, null); SSLServerSocketFactory sslFactory = sslContext.getServerSocketFactory(); return (SSLServerSocket) sslFactory.createServerSocket(mPort, BACKLOG, mAddress); }
public static Client IgnoreSSLClient() throws Exception { SSLContext sslcontext = SSLContext.getInstance("TLS"); sslcontext.init(null, new TrustManager[]{new X509TrustManager() { public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {} public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {} public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } }}, new java.security.SecureRandom()); return ClientBuilder.newBuilder().sslContext(sslcontext).hostnameVerifier((s1, s2) -> true).build(); }
/* Load the keyStore that includes self-signed cert as a "trusted" entry. */ KeyStore keyStore = ... TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(keyStore); SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(null, tmf.getTrustManagers(), null); sslFactory = ctx.getSocketFactory();
private static SSLContext createSSLContext() throws IOException { try { SSLContext context = SSLContext.getInstance("TLS"); context.init(null, new TrustManager[]{new TrustingX509TrustManager()}, null); return context; } catch (Exception e) { throw new IOException(e.getMessage(), e); } }
SSLContext ctx = sslContextProvider == null ? SSLContext.getInstance(PROTOCOL) : SSLContext.getInstance(PROTOCOL, sslContextProvider); ctx.init(keyManagerFactory.getKeyManagers(), trustManagerFactory == null ? null : trustManagerFactory.getTrustManagers(), null);
public SSLContext sslContext() { try { SSLContext sslContext = Platform.get().getSSLContext(); sslContext.init(new KeyManager[] { keyManager }, new TrustManager[] { trustManager }, new SecureRandom()); return sslContext; } catch (KeyManagementException e) { throw new AssertionError(e); } }
private static SSLSocketFactory newSslSocketFactory(X509TrustManager trustManager) { try { SSLContext sslContext = Platform.get().getSSLContext(); sslContext.init(null, new TrustManager[] { trustManager }, null); return sslContext.getSocketFactory(); } catch (GeneralSecurityException e) { throw new AssertionError("No System TLS", e); // The system has no TLS. Just give up. } }
OkHttpClient client = new OkHttpClient(); KeyStore keyStore = readKeyStore(); //your method to obtain KeyStore SSLContext sslContext = SSLContext.getInstance("SSL"); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(keyStore); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyManagerFactory.init(keyStore, "keystore_pass".toCharArray()); sslContext.init(keyManagerFactory.getKeyManagers(),trustManagerFactory.getTrustManagers(), new SecureRandom()); client.setSslSocketFactory(sslContext.getSocketFactory());
SSLSocketFactory newFactory(TrustManager... managers) throws NoSuchAlgorithmException, KeyManagementException { SSLContext context = SSLContext.getInstance("TLS"); context.init(null, managers, new SecureRandom()); return context.getSocketFactory(); } }
/** * 构建SSLSocketFactory * @return SSLSocketFactory * @throws NoSuchAlgorithmException 无此算法 * @throws KeyManagementException Key管理异常 */ public SSLSocketFactory build() throws NoSuchAlgorithmException, KeyManagementException{ SSLContext sslContext = SSLContext.getInstance(protocol); sslContext.init(this.keyManagers, this.trustManagers, this.secureRandom); return sslContext.getSocketFactory(); } }
private Optional<SSLContext> getSslContext() { if (sslEnabled) { try { KeyStore ks = KeyStore.getInstance(keystoreType); ks.load(new FileInputStream(keystore), keystorePassword.toCharArray()); // can be set with "ssl.KeyManagerFactory.algorithm" String algorithm = KeyManagerFactory.getDefaultAlgorithm(); // Set up key manager factory to use our key store KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm); kmf.init(ks, keystorePassword.toCharArray()); SSLContext serverContext = SSLContext.getInstance("TLS"); serverContext.init(kmf.getKeyManagers(), null, null); return Optional.of(serverContext); } catch (Exception e) { throw new Error("Failed to initialize the server-side SSLContext", e); } } else { return Optional.empty(); } }
/** * Generates a new, initialized SSLContext instance that is suitable for connections that are created based on a * particular configuration. * * @return TrustManagers applicable to a connection that is established using the provided configuration. */ public synchronized SSLContext getSSLContext() throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { final SSLContext sslContext = SSLContext.getInstance("TLSv1"); sslContext.init( getKeyManagers(), getTrustManagers(), new SecureRandom() ); return sslContext; }
@Test public void testUseJdkCiphersWhenNotSpecified() throws Exception { SSLContext context = SSLContext.getInstance("TLS"); context.init(null, null, null); SSLEngine engine = context.createSSLEngine(); String[] expected = engine.getEnabledCipherSuites(); SSLHelper helper = new SSLHelper(new HttpClientOptions(), Cert.CLIENT_JKS.get(), Trust.SERVER_JKS.get()); SslContext ctx = helper.getContext((VertxInternal) vertx); assertEquals(new HashSet<>(Arrays.asList(expected)), new HashSet<>(ctx.cipherSuites())); }
keyManagerFactory = buildKeyManagerFactory(keyCertChain, key, keyPassword, keyManagerFactory); SSLContext ctx = sslContextProvider == null ? SSLContext.getInstance(PROTOCOL) : SSLContext.getInstance(PROTOCOL, sslContextProvider); ctx.init(keyManagerFactory == null ? null : keyManagerFactory.getKeyManagers(), trustManagerFactory == null ? null : trustManagerFactory.getTrustManagers(), null);
public static SSLContext newServerContext(KeyManager[] keyManagers) throws NoSuchAlgorithmException, NoSuchProviderException, KeyManagementException { SSLContext result = newSSLContext(); SecureRandom random = new SecureRandom(); random.setSeed(System.currentTimeMillis()); result.init(keyManagers, null, random); return result; }
private static SSLSocketFactory createInsecureSslSocketFactory(TrustManager trustManager) { try { SSLContext context = Platform.get().getSSLContext(); context.init(null, new TrustManager[] {trustManager}, null); return context.getSocketFactory(); } catch (Exception e) { throw new AssertionError(e); } }
@SuppressWarnings("WeakerAccess") protected void configureHttps(@NonNull HttpsURLConnection connection) throws GeneralSecurityException { // Configure SSL final String algorithm = TrustManagerFactory.getDefaultAlgorithm(); final TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm); final KeyStore keyStore = KeyStoreHelper.getKeyStore(context, config); tmf.init(keyStore); final SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, tmf.getTrustManagers(), null); connection.setSSLSocketFactory(sslContext.getSocketFactory()); }