Package ghidra.net
Class ApplicationKeyManagerFactory
- java.lang.Object
-
- ghidra.net.ApplicationKeyManagerFactory
-
public class ApplicationKeyManagerFactory extends java.lang.Object
ApplicationKeyManagerFactory
provides application keystore management functionality and the ability to generate X509KeyManager's for use with an SSLContext or other PKI related operations. Access to keystore data (other than keystore path) is restricted to package access. Certain public operations are exposed via theApplicationKeyManagerUtils
class.
-
-
Field Summary
Fields Modifier and Type Field Description static GhidraFileFilter
CERTIFICATE_FILE_FILTER
PKCS Private Key/Certificate File Filterstatic java.lang.String
DEFAULT_PASSWORD
static java.lang.String
KEYSTORE_PASSWORD_PROPERTY
Password system property may be set.static java.lang.String
KEYSTORE_PATH_PROPERTY
Keystore path system property or user preference.
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static java.lang.String
getKeyStore()
Get the keystore path associated with the active key manager or the preferred keystore path if not yet initialized.static java.lang.String
getPreferredKeyStore()
If the system property ghidra.keystore takes precedence in establishing the ketsore.static boolean
initialize()
Initialize key manager if needed.static void
invalidateKeyManagers()
Invalidate the key managers associated with this factorystatic void
setDefaultIdentity(javax.security.auth.x500.X500Principal identity)
Set the default self-signed principal identity to be used during initialization if no keystore defined.static void
setKeyStore(java.lang.String path, boolean savePreference)
Set user keystore file path (e.g., certificate file with private key).static void
setKeyStorePasswordProvider(KeyStorePasswordProvider provider)
Set the active keystore password providerstatic boolean
usingGeneratedSelfSignedCertificate()
Determine if active key manager is utilizing a generated self-signed certificate.
-
-
-
Field Detail
-
KEYSTORE_PATH_PROPERTY
public static final java.lang.String KEYSTORE_PATH_PROPERTY
Keystore path system property or user preference. Setting the system property will take precedence over the user preference.- See Also:
- Constant Field Values
-
KEYSTORE_PASSWORD_PROPERTY
public static final java.lang.String KEYSTORE_PASSWORD_PROPERTY
Password system property may be set. If set, this password will be used when accessing the keystore before attempting to usecustomPasswordProvider
if it has been set.- See Also:
- Constant Field Values
-
CERTIFICATE_FILE_FILTER
public static final GhidraFileFilter CERTIFICATE_FILE_FILTER
PKCS Private Key/Certificate File Filter
-
DEFAULT_PASSWORD
public static final java.lang.String DEFAULT_PASSWORD
- See Also:
- Constant Field Values
-
-
Method Detail
-
setKeyStorePasswordProvider
public static void setKeyStorePasswordProvider(KeyStorePasswordProvider provider)
Set the active keystore password provider- Parameters:
provider
- keystore password provider
-
setKeyStore
public static void setKeyStore(java.lang.String path, boolean savePreference) throws java.io.IOException
Set user keystore file path (e.g., certificate file with private key). This method will have no effect if the keystore had been set via the system property and an error will be displayed. Otherwise, the keystore will be updated and the key manager re-initialized. The user preference will be updated unless a failure occurred while attempting to open the keystore. This change will take immediate effect for the current executing application, however, it may still be superseded by a system property setting when running the application in the future. SeegetKeyStore()
.- Parameters:
path
- keystore file pathsavePreference
- if true will be saved as user preference- Throws:
java.io.IOException
- if file or certificate error occurs
-
getKeyStore
public static java.lang.String getKeyStore()
Get the keystore path associated with the active key manager or the preferred keystore path if not yet initialized.
-
getPreferredKeyStore
public static java.lang.String getPreferredKeyStore()
If the system property ghidra.keystore takes precedence in establishing the ketsore. If using a GUI and the system property has not been set, the user preference with the same name will be used.- Returns:
- active keystore path or null if currently not running with a keystore or one has not been set.
-
usingGeneratedSelfSignedCertificate
public static boolean usingGeneratedSelfSignedCertificate()
Determine if active key manager is utilizing a generated self-signed certificate.- Returns:
- true if using self-signed certificate.
-
setDefaultIdentity
public static void setDefaultIdentity(javax.security.auth.x500.X500Principal identity)
Set the default self-signed principal identity to be used during initialization if no keystore defined. Current application key manager will be invalidated.- Parameters:
identity
- if not null and a KeyStore path has not be set, this identity will be used to generate a self-signed certificate and private key (NOTE: this is intended for server use only when client will not be performing CA validation).
-
initialize
public static boolean initialize()
Initialize key manager if needed. Doing this explicitly independent of an SSL connection allows application to bail before initiating connection. This will get handshake failure if user forgets keystore password or other keystore problem.- Returns:
- true if key manager initialized, otherwise false
-
invalidateKeyManagers
public static void invalidateKeyManagers()
Invalidate the key managers associated with this factory
-
-