Package ghidra.net

Class ApplicationKeyManagerFactory

  • public class ApplicationKeyManagerFactory
extends java.lang.Object
    ApplicationKeyManagerFactory provides application keystore management functionality and the ability to generate X509KeyManager's for use with an SSLContext or other PKI related operations. Access to keystore data (other than keystore path) is restricted to package access. Certain public operations are exposed via the ApplicationKeyManagerUtils class.

    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static java.lang.String getKeyStore()
      Get the keystore path associated with the active key manager or the preferred keystore path if not yet initialized.
      static java.lang.String getPreferredKeyStore()
      If the system property ghidra.keystore takes precedence in establishing the ketsore.
      static boolean initialize()
      Initialize key manager if needed.
      static void invalidateKeyManagers()
      Invalidate the key managers associated with this factory
      static void setDefaultIdentity​(javax.security.auth.x500.X500Principal identity)
      Set the default self-signed principal identity to be used during initialization if no keystore defined.
      static void setKeyStore​(java.lang.String path, boolean savePreference)
      Set user keystore file path (e.g., certificate file with private key).
      static void setKeyStorePasswordProvider​(KeyStorePasswordProvider provider)
      Set the active keystore password provider
      static boolean usingGeneratedSelfSignedCertificate()
      Determine if active key manager is utilizing a generated self-signed certificate.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • KEYSTORE_PATH_PROPERTY

        public static final java.lang.String KEYSTORE_PATH_PROPERTY
        Keystore path system property or user preference. Setting the system property will take precedence over the user preference.
        See Also:
        Constant Field Values

      • KEYSTORE_PASSWORD_PROPERTY

        public static final java.lang.String KEYSTORE_PASSWORD_PROPERTY
        Password system property may be set. If set, this password will be used when accessing the keystore before attempting to use customPasswordProvider if it has been set.
        See Also:
        Constant Field Values

      • CERTIFICATE_FILE_FILTER

        public static final GhidraFileFilter CERTIFICATE_FILE_FILTER
        PKCS Private Key/Certificate File Filter

      • DEFAULT_PASSWORD

        public static final java.lang.String DEFAULT_PASSWORD
        See Also:
        Constant Field Values

    • Method Detail

      • setKeyStorePasswordProvider

        public static void setKeyStorePasswordProvider​(KeyStorePasswordProvider provider)
        Set the active keystore password provider
        Parameters:
        provider - keystore password provider

      • setKeyStore

        public static void setKeyStore​(java.lang.String path,
                               boolean savePreference)
                        throws java.io.IOException
        Set user keystore file path (e.g., certificate file with private key). This method will have no effect if the keystore had been set via the system property and an error will be displayed. Otherwise, the keystore will be updated and the key manager re-initialized. The user preference will be updated unless a failure occurred while attempting to open the keystore. This change will take immediate effect for the current executing application, however, it may still be superseded by a system property setting when running the application in the future. See getKeyStore().
        Parameters:
        path - keystore file path
        savePreference - if true will be saved as user preference
        Throws:
        java.io.IOException - if file or certificate error occurs

      • getKeyStore

        public static java.lang.String getKeyStore()
        Get the keystore path associated with the active key manager or the preferred keystore path if not yet initialized.

      • getPreferredKeyStore

        public static java.lang.String getPreferredKeyStore()
        If the system property ghidra.keystore takes precedence in establishing the ketsore. If using a GUI and the system property has not been set, the user preference with the same name will be used.
        Returns:
        active keystore path or null if currently not running with a keystore or one has not been set.

      • usingGeneratedSelfSignedCertificate

        public static boolean usingGeneratedSelfSignedCertificate()
        Determine if active key manager is utilizing a generated self-signed certificate.
        Returns:
        true if using self-signed certificate.

      • setDefaultIdentity

        public static void setDefaultIdentity​(javax.security.auth.x500.X500Principal identity)
        Set the default self-signed principal identity to be used during initialization if no keystore defined. Current application key manager will be invalidated.
        Parameters:
        identity - if not null and a KeyStore path has not be set, this identity will be used to generate a self-signed certificate and private key (NOTE: this is intended for server use only when client will not be performing CA validation).

      • initialize

        public static boolean initialize()
        Initialize key manager if needed. Doing this explicitly independent of an SSL connection allows application to bail before initiating connection. This will get handshake failure if user forgets keystore password or other keystore problem.
        Returns:
        true if key manager initialized, otherwise false

      • invalidateKeyManagers

        public static void invalidateKeyManagers()
        Invalidate the key managers associated with this factory