下面列出了怎么用javax.net.ssl.KeyManagerFactory的API类实例代码及写法,或者点击链接到github查看源代码。
protected static KeyManager[] getUser1KeyManagers() throws Exception {
KeyManagerFactory kmf = KeyManagerFactory.getInstance(
KeyManagerFactory.getDefaultAlgorithm());
kmf.init(getKeyStore(CLIENT_JKS), JKS_PASS.toCharArray());
KeyManager[] managers = kmf.getKeyManagers();
KeyManager manager;
for (int i=0; i < managers.length; i++) {
manager = managers[i];
if (manager instanceof X509ExtendedKeyManager) {
managers[i] = new TrackingExtendedKeyManager((X509ExtendedKeyManager)manager);
} else if (manager instanceof X509KeyManager) {
managers[i] = new TrackingKeyManager((X509KeyManager)manager);
}
}
return managers;
}
public static SSLContext initManagementSSLContext(final CAService caService) throws GeneralSecurityException, IOException {
if (caService == null) {
throw new CloudRuntimeException("CAService is not available to load/get management server keystore");
}
final KeyStore ks = caService.getManagementKeyStore();
char[] passphrase = caService.getKeyStorePassphrase();
final TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(ks);
final TrustManager[] tms = tmf.getTrustManagers();
final KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, passphrase);
final SSLContext sslContext = SSLUtils.getSSLContext();
sslContext.init(kmf.getKeyManagers(), tms, new SecureRandom());
return sslContext;
}
void loadSigningKeys(String path, String alias) {
try {
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
KeyStore keyStore = KeyStore.getInstance("JKS");
InputStream keyStream = new FileInputStream(FileHelper.getAbsoluteFilePathFromClassPath(path).toFile());
keyStore.load(keyStream, "changeit".toCharArray());
kmf.init(keyStore, "changeit".toCharArray());
this.signingCertificate = (X509Certificate) keyStore.getCertificate(alias);
this.signingCredential = new BasicX509Credential(this.signingCertificate,
(PrivateKey) keyStore.getKey(alias, "changeit".toCharArray()));
} catch (NoSuchAlgorithmException | KeyStoreException | CertificateException | IOException
| UnrecoverableKeyException e) {
throw new RuntimeException(e);
}
}
private void initSsl() throws IOException, GeneralSecurityException {
String kmAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
String tmAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
// TODO make the protocol and keystore type configurable.
String protocol = "TLS";
KeyStore ks = KeyStore.getInstance("JKS");
KeyStore ts = KeyStore.getInstance("JKS");
try (FileInputStream keyStoreStream = new FileInputStream(keyStore);
FileInputStream trustStoreStream = new FileInputStream(trustStore)) {
ks.load(keyStoreStream, keyStorePassword);
ts.load(trustStoreStream, trustStorePassword);
}
KeyManagerFactory kmf = KeyManagerFactory.getInstance(kmAlgorithm);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmAlgorithm);
kmf.init(ks, keyStorePassword);
tmf.init(ts);
serverContext = SSLContext.getInstance(protocol);
clientContext = SSLContext.getInstance(protocol);
serverContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
clientContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
}
public HSSLSocketFactory(KeyStore ksP12, String keyPass) throws Exception {
super(ksP12);
mSSLContext = SSLContext.getInstance(SSLSocketFactory.TLS);
KeyManagerFactory kMgrFact = null;
TrustManager[] tMgrs = null;
KeyManager[] kMgrs = null;
TrustManager tMgr = null;
tMgr = new HX509TrustManager(ksP12);
kMgrFact = KeyManagerFactory.getInstance(Http.algorithm);
if (null != keyPass) {
kMgrFact.init(ksP12, keyPass.toCharArray());
} else {
kMgrFact.init(ksP12, null);
}
kMgrs = kMgrFact.getKeyManagers();
tMgrs = new TrustManager[]{tMgr};
SecureRandom secureRandom = new java.security.SecureRandom();
mSSLContext.init(kMgrs, tMgrs, secureRandom);
if (!Http.isCheckTrustCert()) {
setHostnameVerifier(new HX509HostnameVerifier());
} else {
setHostnameVerifier(STRICT_HOSTNAME_VERIFIER);
}
}
public SslHandlerFactory(AmqpServerConfiguration configuration) throws KeyStoreException, IOException,
CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
KeyStore keyStore = getKeyStore(configuration.getSsl().getKeyStore().getType(),
configuration.getSsl().getKeyStore().getLocation(),
configuration.getSsl().getKeyStore().getPassword());
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(configuration.getSsl()
.getKeyStore()
.getCertType());
keyManagerFactory.init(keyStore, configuration.getSsl().getKeyStore().getPassword().toCharArray());
KeyStore trustStore = getKeyStore(configuration.getSsl().getTrustStore().getType(),
configuration.getSsl().getTrustStore().getLocation(),
configuration.getSsl().getTrustStore().getPassword());
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(configuration.getSsl()
.getTrustStore()
.getCertType());
trustManagerFactory.init(trustStore);
sslContext = SSLContext.getInstance(configuration.getSsl().getProtocol());
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
}
/**
* Creates and returns an SSLContext by reading information from a keystore. <br>
* Change the hardcoded options to match your configuration and your environment.
*/
private static SSLContext createSSLContext() throws Exception
{
String keystoreName = "key.store";
String keystorePassword = "storepwd";
KeyStore keystore = KeyStore.getInstance("JKS");
InputStream keystoreStream = Server.class.getClassLoader().getResourceAsStream(keystoreName);
// Must check for nullity, otherwise a new empty keystore is created by KeyStore.load
if (keystoreStream == null) throw new IOException("Cannot find KeyStore " + keystoreName + " in classpath");
keystore.load(keystoreStream, keystorePassword.toCharArray());
KeyManagerFactory keyFactory = KeyManagerFactory.getInstance("SunX509");
keyFactory.init(keystore, keystorePassword.toCharArray());
SSLContext context = SSLContext.getInstance("TLS");
context.init(keyFactory.getKeyManagers(), null, null);
return context;
}
/**
* register ssl contects to accept all issue certificates.
*
* @return SSLContext
*/
static SSLContext ignoreSSLCertificate() {
try {
// Install the all-trusting trust manager
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(
SSLUtils.class.getClassLoader().getResourceAsStream("resources/.keystore"),
"changeit".toCharArray());
KeyManagerFactory kmf =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, "changeit".toCharArray());
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(kmf.getKeyManagers(), trustAllCerts, null);
SSLContext.setDefault(ctx);
return ctx;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
/**
* @throws Exception if an error occurs
*/
@Before
public void setUp() throws Exception {
final URL url = getClass().getClassLoader().getResource("insecureSSL.keystore");
final KeyStore keystore = KeyStore.getInstance("jks");
final char[] pwd = "nopassword".toCharArray();
keystore.load(url.openStream(), pwd);
final TrustManagerFactory trustManagerFactory = createTrustManagerFactory();
trustManagerFactory.init(keystore);
final TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
final KeyManagerFactory keyManagerFactory = createKeyManagerFactory();
keyManagerFactory.init(keystore, pwd);
final KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
final SSLContext serverSSLContext = SSLContext.getInstance("TLS");
serverSSLContext.init(keyManagers, trustManagers, null);
localServer_ = new LocalTestServer(serverSSLContext);
localServer_.start();
}
/**
* Get the key manager
* @param ssl ssl
* @param sslStoreProvider sslStoreProvider
* @return KeyManagerFactory
* @throws Exception Exception
*/
protected KeyManagerFactory getKeyManagerFactory(Ssl ssl,SslStoreProvider sslStoreProvider) throws Exception {
KeyStore keyStore;
if (sslStoreProvider != null) {
keyStore = sslStoreProvider.getKeyStore();
}else {
keyStore = loadKeyStore(ssl.getKeyStoreType(), ssl.getKeyStoreProvider(),ssl.getKeyStore(), ssl.getKeyStorePassword());
}
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
char[] keyPassword = (ssl.getKeyPassword() != null) ? ssl.getKeyPassword().toCharArray() : null;
if (keyPassword == null && ssl.getKeyStorePassword() != null) {
keyPassword = ssl.getKeyStorePassword().toCharArray();
}
keyManagerFactory.init(keyStore, keyPassword);
return keyManagerFactory;
}
public KeyManager[] getClientKeyManagers()
{
KeyManager[] keyManagers = null;
KeyManagerFactory keyManagerFactory;
try
{
keyManagerFactory = KeyManagerFactory.getInstance( KeyManagerFactory.getDefaultAlgorithm() );
keyManagerFactory.init( keyStore, keyStoreData.getPassword().toCharArray() );
keyManagers = keyManagerFactory.getKeyManagers();
}
catch ( Exception e )
{
LOGGER.error( "Error getting array of client key managers: {}", e.getMessage() );
}
return keyManagers;
}
private static SSLContext createSslContext(ApacheThriftClientConfig config)
{
try {
KeyStore trustStore = PemReader.loadTrustStore(config.getTrustCertificate());
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);
KeyManager[] keyManagers = null;
if (config.getKey() != null) {
Optional<String> keyPassword = Optional.ofNullable(config.getKeyPassword());
KeyStore keyStore = PemReader.loadKeyStore(config.getTrustCertificate(), config.getKey(), keyPassword);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, new char[0]);
keyManagers = keyManagerFactory.getKeyManagers();
}
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagers, trustManagerFactory.getTrustManagers(), null);
return sslContext;
}
catch (IOException | GeneralSecurityException e) {
throw new IllegalArgumentException("Unable to load SSL keys", e);
}
}
private SSLOptions createSSLOptions()
throws KeyStoreException, FileNotFoundException, IOException, NoSuchAlgorithmException,
KeyManagementException, CertificateException, UnrecoverableKeyException {
TrustManagerFactory tmf = null;
KeyStore tks = KeyStore.getInstance("JKS");
tks.load((InputStream) new FileInputStream(new File(truststorePath)),
truststorePwd.toCharArray());
tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(tks);
KeyManagerFactory kmf = null;
if (null != keystorePath) {
KeyStore kks = KeyStore.getInstance("JKS");
kks.load((InputStream) new FileInputStream(new File(keystorePath)),
keystorePwd.toCharArray());
kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(kks, keystorePwd.toCharArray());
}
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(kmf != null? kmf.getKeyManagers() : null,
tmf != null ? tmf.getTrustManagers() : null,
new SecureRandom());
return JdkSSLOptions.builder().withSSLContext(sslContext).build(); //SSLOptions.DEFAULT_SSL_CIPHER_SUITES);
}
private SSLContext createServerSSLContext() {
try {
KeyStore ks = KeyStore.getInstance(keystoreType);
ks.load(new FileInputStream(keystore), keystorePassword.toCharArray());
// Set up key manager factory to use our key store
KeyManagerFactory kmf = KeyManagerFactory.getInstance(getAlgorithm());
kmf.init(ks, keystorePassword.toCharArray());
SSLContext serverContext = SSLContext.getInstance("TLS");
serverContext.init(kmf.getKeyManagers(), null, null);
return serverContext;
} catch (Exception e) {
throw new Error("Failed to initialize the server-side SSLContext", e);
}
}
private static KeyManagerFactory createKeyManagerFactory(BridgeServerConfig serverConfig)
throws IOException, KeyStoreException, CertificateException, UnrecoverableKeyException, NoSuchAlgorithmException {
String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm");
if (algorithm == null) {
algorithm = "SunX509";
}
KeyStore ks = KeyStoreLoader.loadKeyStore(
serverConfig.getTlsServerKeystoreFilepath(),
serverConfig.getTlsServerKeystorePassword()
);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
kmf.init(ks, serverConfig.getTlsServerKeyPassword().toCharArray());
return kmf;
}
static private SSLEngine createSSLEngine(boolean client)
throws Exception {
SSLEngine ssle;
KeyManagerFactory kmf = KeyManagerFactory.getInstance("PKIX",
jsseProvider);
kmf.init(ks, passphrase);
TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX",
jsseProvider);
tmf.init(ts);
SSLContext sslCtx = SSLContext.getInstance("TLSv1.2",
jsseProvider);
sslCtx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
ssle = sslCtx.createSSLEngine("localhost", 443);
ssle.setUseClientMode(client);
SSLParameters sslParameters = ssle.getSSLParameters();
ssle.setSSLParameters(sslParameters);
return ssle;
}
private static SSLContext createClientSslContext() throws GeneralSecurityException, IOException {
// Create keystore
KeyStore ks = KeyStore.getInstance("JKS");
InputStream in = null;
try {
in = GateSslContextFactory.class.getResourceAsStream(CLIENT_KEYSTORE);
if (in == null) {
in = FileUtil.getFileInputStream(AppGate.getConfigPath()+File.separatorChar+CLIENT_KEYSTORE);
}
ks.load(in, GATE_PW); // TODO 密码暂时都一样
} finally {
if (in != null) {
try {
in.close();
} catch (IOException ignored) {
}
}
}
// Set up key manager factory to use our key store
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM);
kmf.init(ks, GATE_PW);
// Initialize the SSLContext to work with our key managers.
SSLContext sslContext = SSLContext.getInstance(PROTOCOL);
sslContext.init(kmf.getKeyManagers(), GateTrustManagerFactory.X509_MANAGERS, null);
return sslContext;
}
/**
* Initializes the SSL Context
*/
private void initSSLConnection() throws NoSuchAlgorithmException, UnrecoverableKeyException,
KeyStoreException, KeyManagementException {
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KEY_MANAGER_TYPE);
keyManagerFactory.init(keyStore, keyStorePassword);
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TRUST_MANAGER_TYPE);
trustManagerFactory.init(trustStore);
// Create and initialize SSLContext for HTTPS communication
sslContext = SSLContext.getInstance(SSLV3);
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
SSLContext.setDefault(sslContext);
}
/**
* Sets the key-manager-factory
*/
/*
public void setKeyManagerFactory(String keyManagerFactory)
{
_keyManagerFactory = keyManagerFactory;
}
*/
private String keyManagerFactory()
{
return KeyManagerFactory.getDefaultAlgorithm();
}
public static KeyManager[] getKeyManagers(KeyStore ks, String password, String alias) throws GeneralSecurityException {
KeyManagerFactory factory = KeyManagerFactory.getInstance("SunX509");
factory.init(ks, password.toCharArray());
KeyManager[] keyManagers = factory.getKeyManagers();
if (alias != null) {
for (int i = 0; i < keyManagers.length; i++) {
if (keyManagers[i] instanceof X509KeyManager) {
keyManagers[i] = new AliasKeyManager((X509KeyManager)keyManagers[i], alias);
}
}
}
return keyManagers;
}
@Alias
Target_io_netty_handler_ssl_JdkSslClientContext(Provider sslContextProvider, X509Certificate[] trustCertCollection,
TrustManagerFactory trustManagerFactory, X509Certificate[] keyCertChain, PrivateKey key,
String keyPassword, KeyManagerFactory keyManagerFactory, Iterable<String> ciphers,
CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn, String[] protocols,
long sessionCacheSize, long sessionTimeout, String keyStoreType)
throws SSLException {
}
private SSLContext createSSLContext() {
if (!this.ssl) {
return null;
}
try {
final TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
final KeyStore trustStore = KeyStore.getInstance("JKS");
InputStream trustStream = new FileInputStream(
FileHelper.getAbsoluteFilePathFromClassPath("jwt/truststore.jks").toFile());
trustStore.load(trustStream, "changeit".toCharArray());
tmf.init(trustStore);
final KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
final KeyStore keyStore = KeyStore.getInstance("JKS");
InputStream keyStream = new FileInputStream(
FileHelper.getAbsoluteFilePathFromClassPath("jwt/node-0-keystore.jks").toFile());
keyStore.load(keyStream, "changeit".toCharArray());
kmf.init(keyStore, "changeit".toCharArray());
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
return sslContext;
} catch (GeneralSecurityException | IOException e) {
throw new RuntimeException(e);
}
}
/**
* Returns SSLContext with TESTED_SECURITY_PROTOCOL protocol and
* sets up keys.
*
* @return - SSLContext with a protocol specified by
* TESTED_SECURITY_PROTOCOL.
*/
public static SSLContext getContext() {
try {
java.security.Security.setProperty(
"jdk.tls.disabledAlgorithms", "");
java.security.Security.setProperty(
"jdk.certpath.disabledAlgorithms", "");
KeyStore ks = KeyStore.getInstance("JKS");
KeyStore ts = KeyStore.getInstance("JKS");
char[] passphrase = PASSWD.toCharArray();
try (FileInputStream keyFileStream =
new FileInputStream(KEY_FILE_NAME)) {
ks.load(keyFileStream, passphrase);
}
try (FileInputStream trustFileStream =
new FileInputStream(TRUST_FILE_NAME)) {
ts.load(trustFileStream, passphrase);
}
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, passphrase);
TrustManagerFactory tmf =
TrustManagerFactory.getInstance("SunX509");
tmf.init(ts);
SSLContext sslCtx =
SSLContext.getInstance(TESTED_SECURITY_PROTOCOL);
sslCtx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
return sslCtx;
} catch (KeyStoreException | IOException | NoSuchAlgorithmException |
CertificateException | UnrecoverableKeyException |
KeyManagementException ex) {
throw new Error("Unexpected exception", ex);
}
}
private SSLSocketFactory getSSLSocketFactory( String keyStoreName, String password )
throws GeneralSecurityException, IOException {
KeyStore ks = this.getKeyStore(keyStoreName, password);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
keyManagerFactory.init(ks, password.toCharArray());
SSLContext context = SSLContext.getInstance("TLS");
context.init(keyManagerFactory.getKeyManagers(), null, new SecureRandom());
return context.getSocketFactory();
}
public static KeyManager[] getKeyManagers(KeyStore keyStore,
Authority authority) throws NoSuchAlgorithmException,
NoSuchProviderException, UnrecoverableKeyException,
KeyStoreException {
String keyManAlg = KeyManagerFactory.getDefaultAlgorithm();
KeyManagerFactory kmf = KeyManagerFactory.getInstance(keyManAlg
/* , PROVIDER_NAME */);
kmf.init(keyStore, authority.password());
return kmf.getKeyManagers();
}
private static KeyManager[] prepareKeyManager(InputStream bksFile, String password) {
try {
if (bksFile == null || password == null) return null;
KeyStore clientKeyStore = KeyStore.getInstance("BKS");
clientKeyStore.load(bksFile, password.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(clientKeyStore, password.toCharArray());
return kmf.getKeyManagers();
} catch (Exception e) {
OkLogger.printStackTrace(e);
}
return null;
}
@Override
public KeyManager[] getKeyManagers() throws Exception {
String keystoreType = endpoint.getKeystoreType();
if (keystoreType == null) {
keystoreType = defaultKeystoreType;
}
String algorithm = endpoint.getAlgorithm();
if (algorithm == null) {
algorithm = KeyManagerFactory.getDefaultAlgorithm();
}
return getKeyManagers(keystoreType, endpoint.getKeystoreProvider(),
algorithm, endpoint.getKeyAlias());
}
public static KeyManager[] getKeyManager() throws Exception {
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
KeyStore ks = KeyStore.getInstance(SslTransportBrokerTest.KEYSTORE_TYPE);
KeyManager[] keystoreManagers = null;
byte[] sslCert = loadClientCredential(SslTransportBrokerTest.SERVER_KEYSTORE);
if (sslCert != null && sslCert.length > 0) {
ByteArrayInputStream bin = new ByteArrayInputStream(sslCert);
ks.load(bin, SslTransportBrokerTest.PASSWORD.toCharArray());
kmf.init(ks, SslTransportBrokerTest.PASSWORD.toCharArray());
keystoreManagers = kmf.getKeyManagers();
}
return keystoreManagers;
}
private static KeyManager[] setupKeyManager(KeyStoreHolder ksh, PrivateKey privateKey, Certificate[] certificates)
throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
KeyManager[] keyManagers = null;
if (certificates != null && privateKey != null) {
ksh.setPrivateKey("private", privateKey, certificates);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ksh.getKeyStore(), "".toCharArray());
keyManagers = kmf.getKeyManagers();
}
return keyManagers;
}
private static KeyManagerFactory getKeyManager(String keyStore, String keyStorePasswordPath)
throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException {
KeyManagerFactory kmf = null;
try (FileInputStream myKeys = new FileInputStream(keyStore)) {
KeyStore myKeyStore = KeyStore.getInstance("JKS");
myKeyStore.load(myKeys, JKSHelper.loadPasswordFrom(keyStorePasswordPath).toCharArray());
kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(myKeyStore, JKSHelper.loadPasswordFrom(keyStorePasswordPath).toCharArray());
return kmf;
}
}