下面列出了java.security.cert.CertificateExpiredException#java.security.KeyStoreException 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
/**
* This method has been overridden here simply to show how a custom/project-specific http client
* can be plugged into the framework.
*
* e.g. You can create your own project specific http client needed for http/https/tls connections or
* a Corporate proxy based Http client here.
* Sometimes you may need a simple default http client
* e.g. HttpClients.createDefault() provided by Apache lib.
*
* Note:
* If you do not override this method, the framework anyways creates a http client suitable for both http/https.
*/
@Override
public CloseableHttpClient createHttpClient() throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException {
LOGGER.info("###Used SSL Enabled Http Client for http/https/TLS connections");
SSLContext sslContext = new SSLContextBuilder()
.loadTrustMaterial(null, (certificate, authType) -> true).build();
CookieStore cookieStore = new BasicCookieStore();
return HttpClients.custom()
.setSSLContext(sslContext)
.setSSLHostnameVerifier(new NoopHostnameVerifier())
.setDefaultCookieStore(cookieStore)
.build();
}
private void runTest() throws IOException, KeyStoreException,
NoSuchAlgorithmException, CertificateException,
UnrecoverableKeyException {
KeyStore ks = Utils.loadKeyStore(KEYSTORE_PATH,
Utils.KeyStoreType.pkcs12, PASSWORD);
Key key = ks.getKey(ALIAS, PASSWORD);
Certificate cert = ks
.getCertificate(ALIAS);
KeyStore.Entry entry = new KeyStore.PrivateKeyEntry(
(PrivateKey) key,
new Certificate[]{cert});
if (!entry.getAttributes().isEmpty()) {
throw new RuntimeException("Entry's attributes set "
+ "must be empty");
}
out.println("Test Passed");
}
/**
* Check whether or not a trusted certificate in the supplied keystore matches the the supplied X.509 certificate.
*
* @return The alias of the matching certificate in the keystore or null if there is no match
* @param cert The certificate
* @param keyStore The keystore
* @throws CryptoException If there is a problem establishing trust
*/
public static String matchCertificate(KeyStore keyStore, X509Certificate cert)
throws CryptoException
{
try
{
for (Enumeration<String> en = keyStore.aliases(); en.hasMoreElements();)
{
String sAlias = en.nextElement();
if (keyStore.isCertificateEntry(sAlias))
{
X509Certificate compCert = X509CertUtil.convertCertificate(keyStore.getCertificate(sAlias));
if (cert.equals(compCert))
{
return sAlias;
}
}
}
return null;
}
catch (KeyStoreException ex)
{
throw new CryptoException(RB.getString("NoMatchCertificate.exception.message"), ex);
}
}
private byte[] rsaEncryptKey(byte[] secret) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, NoSuchProviderException, NoSuchPaddingException, UnrecoverableEntryException, InvalidKeyException {
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
keyStore.load(null);
KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(KEY_ENCRYPTION, null);
Cipher inputCipher = Cipher.getInstance(RSA_MODE, CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_RSA);
inputCipher.init(Cipher.ENCRYPT_MODE, privateKeyEntry.getCertificate().getPublicKey());
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
CipherOutputStream cipherOutputStream = new CipherOutputStream(outputStream, inputCipher);
cipherOutputStream.write(secret);
cipherOutputStream.close();
byte[] encryptedKeyAsByteArray = outputStream.toByteArray();
return encryptedKeyAsByteArray;
}
@Test()
public void select_publicKey_exception() throws Exception {
// given
selector = spy(new X509KeySelector(keystore));
KeyInfo keyinfo = mock(KeyInfo.class);
ArrayList<XMLStructure> list = new ArrayList<XMLStructure>();
X509Data x509Data = mock(X509Data.class);
list.add(x509Data);
doReturn(list).when(keyinfo).getContent();
ArrayList<Object> x509DataContent = new ArrayList<Object>();
x509DataContent.add(mock(X509Certificate.class));
doReturn(x509DataContent).when(x509Data).getContent();
doThrow(new KeyStoreException("key exception")).when(selector)
.getPublicKeyFromKeystore(any(X509Certificate.class),
any(SignatureMethod.class));
// when
try {
selector.select(keyinfo, null, null, null);
fail();
} catch (KeySelectorException e) {
assertTrue(e.getCause().getMessage().contains("key exception"));
}
}
/**
* Constructor KeyStoreIterator
*
* @param keyStore
*/
public KeyStoreIterator(KeyStore keyStore) {
try {
this.keyStore = keyStore;
this.aliases = this.keyStore.aliases();
} catch (KeyStoreException ex) {
// empty Enumeration
this.aliases = new Enumeration<String>() {
public boolean hasMoreElements() {
return false;
}
public String nextElement() {
return null;
}
};
}
}
/**
* Sets the certificate chain for the keystore entry.
*/
void setCertificateChain(X509Certificate[] chain)
throws CertificateException, KeyStoreException
{
for (int i = 0; i < chain.length; i++) {
byte[] encoding = chain[i].getEncoded();
if (i == 0 && privateKey != null) {
storeCertificate(getName(), alias, encoding,
encoding.length, privateKey.getHCryptProvider(),
privateKey.getHCryptKey());
} else {
storeCertificate(getName(), alias, encoding,
encoding.length, 0L, 0L); // no private key to attach
}
}
certChain = chain;
}
private SecretKey storeKeyIntoKeyStoreFile(final String keyPhrase)
throws CertificateException, NoSuchAlgorithmException, IOException, KeyStoreException,
InvalidKeyException, InvalidKeySpecException {
final KeyStore keyStore = KeyStore.getInstance("JCEKS");
keyStore.load(null, KEYSTORE_SERVER_PASSWORD.toCharArray());
final SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("DES");
final SecretKey mySecretKey = secretKeyFactory.generateSecret(new DESKeySpec(keyPhrase.getBytes()));
final KeyStore.SecretKeyEntry skEntry = new KeyStore.SecretKeyEntry(mySecretKey);
keyStore.setEntry(KEY_ALIAS, skEntry, new KeyStore.PasswordProtection(KEY_PASSWORD.toCharArray()));
try (FileOutputStream fos = new java.io.FileOutputStream(KEYSTORE_JCEKS_FILENAME, false)) {
keyStore.store(fos, KEYSTORE_SERVER_PASSWORD.toCharArray());
}
return mySecretKey;
}
public static CloseableHttpAsyncClient getInstance(ServerConfig serverConfig)
throws IOException{
if (HTTPC_CLIENT == null) {
if (serverConfig.isTrustAllCertificates()) {
try {
SSLContext sslContext = SSLContexts.custom()
.loadTrustMaterial(null, TrustAllStrategy.INSTANCE).build();
HTTPC_CLIENT = HttpAsyncClients.custom()
.setSSLHostnameVerifier((NoopHostnameVerifier.INSTANCE))
.setSSLContext(sslContext)
.build();
} catch (KeyManagementException | NoSuchAlgorithmException
| KeyStoreException e) {
throw new IOException(e);
}
} else {
HTTPC_CLIENT = HttpAsyncClients.createDefault();
}
HTTPC_CLIENT.start();
}
return HTTPC_CLIENT;
}
/**
* Returns a standard keystore which holds the respective credentials (private key and certificate chain).
*
* @param keyStoreIS The input stream of the keystore
* @param keyStorePassword The password which protects the keystore
* @param keyStoreType The type of the keystore, either "jks" or "pkcs12"
* @return The respective keystore
*/
private static KeyStore getKeyStore(InputStream keyStoreIS, String keyStorePassword, String keyStoreType) {
KeyStore keyStore = null;
try {
keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(keyStoreIS, keyStorePassword.toCharArray());
keyStoreIS.close();
return keyStore;
} catch (KeyStoreException | NoSuchAlgorithmException | CertificateException |
IOException | NullPointerException e) {
getLogger().error(e.getClass().getSimpleName() + " occurred while trying to load keystore", e);
}
return null;
}
private static void assertGreet(String uri, String user, String password, int responseCode,
String responseBody) throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException,
KeyStoreException, CertificateException, IOException {
try (CloseableHttpClient httpclient = HttpClients.createDefault()) {
HttpGet request = new HttpGet(uri + "/Joe");
request.setHeader("Content-Type", "application/json");
if (user != null) {
String auth = user + ":" + password;
String authHeader = "Basic "
+ Base64.getEncoder().encodeToString(auth.getBytes(StandardCharsets.ISO_8859_1));
request.setHeader(HttpHeaders.AUTHORIZATION, authHeader);
}
try (CloseableHttpResponse response = httpclient.execute(request)) {
final int actualCode = response.getStatusLine().getStatusCode();
Assert.assertEquals(responseCode, actualCode);
if (actualCode == 200) {
HttpEntity entity = response.getEntity();
String body = EntityUtils.toString(entity, StandardCharsets.UTF_8);
Assert.assertTrue(body.startsWith(responseBody));
}
}
}
}
public void start(int pPort) throws IOException {
if (sslWorkerThread == null) {
//keystore including the key for HTTPs connection
String ksName = "dsworkbench.jks";
char ksPass[] = "dsworkbench".toCharArray();
char ctPass[] = "dsworkbench".toCharArray();
try {
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(ksName), ksPass);
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, ctPass);
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(kmf.getKeyManagers(), null, null);
SSLServerSocketFactory ssf = sc.getServerSocketFactory();
SSLServerSocket s = (SSLServerSocket) ssf.createServerSocket(pPort);
s.setEnabledCipherSuites(sc.getServerSocketFactory().getSupportedCipherSuites());
sslWorkerThread = new SSLWorkerThread(s);
sslWorkerThread.start();
} catch (NoSuchAlgorithmException | CertificateException | KeyStoreException | KeyManagementException | UnrecoverableKeyException ex) {
logger.error("Failed to decrypt SSL key.", ex);
}
} else {
logger.info("Server is already running");
}
}
/**
* Load AndroidKeyStore.
* @return true if keystore loaded successfully
*/
private KeyStore loadKeyStore() throws PFSecurityException {
try {
final KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
keyStore.load(null);
return keyStore;
} catch (KeyStoreException
| NoSuchAlgorithmException
| CertificateException
| IOException e) {
e.printStackTrace();
throw new PFSecurityException(
"Can not load keystore:" + e.getMessage(),
PFSecurityUtilsErrorCodes.ERROR_LOAD_KEY_STORE
);
}
}
/**
* Deletes the entry identified by the given alias from this keystore.
*
* @param alias the alias name
*
* @exception KeyStoreException if the entry cannot be removed.
*/
public synchronized void engineDeleteEntry(String alias)
throws KeyStoreException
{
if (debug != null) {
debug.println("Removing entry at alias '" + alias + "'");
}
Entry entry = entries.get(alias.toLowerCase(Locale.ENGLISH));
if (entry instanceof PrivateKeyEntry) {
PrivateKeyEntry keyEntry = (PrivateKeyEntry) entry;
if (keyEntry.chain != null) {
certificateCount -= keyEntry.chain.length;
}
privateKeyCount--;
} else if (entry instanceof CertEntry) {
certificateCount--;
} else if (entry instanceof SecretKeyEntry) {
secretKeyCount--;
}
entries.remove(alias.toLowerCase(Locale.ENGLISH));
}
private SSLContext createSslContext(String keystoreFile, String keystorePassword, String truststoreFile, String truststorePassword)
throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, KeyManagementException
{
ClassLoader classLoader = getClass().getClassLoader();
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(new FileInputStream(new File(classLoader.getResource(keystoreFile).getFile())), keystorePassword.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, "password".toCharArray());
KeyStore trustStore = KeyStore.getInstance("PKCS12");
trustStore.load(new FileInputStream(new File(classLoader.getResource(truststoreFile).getFile())), truststorePassword.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(trustStore);
SSLContext c = SSLContext.getInstance("TLSv1.2");
c.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
return c;
}
/***
* Reads the (private) key and certificate from keystore to sign
*
* @param conf
* @throws OfficeWriterException
* @throws IOException
*/
private void readSigningKeyAndCertificate(Configuration conf) throws OfficeWriterException, IOException {
if ((this.howc.getSigKeystoreFile()!=null) && (!"".equals(this.howc.getSigKeystoreFile()))) {
LOG.info("Signing document");
if ((this.howc.getSigKeystoreAlias()==null) || ("".equals(this.howc.getSigKeystoreAlias()))) {
LOG.error("Keystore alias for signature keystore not defined. Cannot sign document");
throw new OfficeWriterException("Keystore alias for signature keystore not defined. Cannot sign document");
}
if ((this.howc.getSigKeystoreType()==null) || ("".equals(this.howc.getSigKeystoreType()))) {
LOG.error("Keystore type for signature keystore not defined. Cannot sign document");
throw new OfficeWriterException("Keystore type for signature keystore not defined. Cannot sign document");
}
LOG.info("Reading keystore");
HadoopKeyStoreManager hksm = new HadoopKeyStoreManager(conf);
try {
hksm.openKeyStore(new Path(this.howc.getSigKeystoreFile()), this.howc.getSigKeystoreType(), this.howc.getSigKeystorePassword());
this.howc.setSigKey(hksm.getPrivateKey(this.howc.getSigKeystoreAlias(), this.howc.getSigKeystorePassword()));
this.howc.setSigCertificate((X509Certificate) hksm.getCertificate(this.howc.getSigKeystoreAlias()));
} catch (NoSuchAlgorithmException | CertificateException | KeyStoreException | IllegalArgumentException | UnrecoverableKeyException e) {
LOG.error("Cannopt read signing certificate. Exception: ",e);
throw new OfficeWriterException("Cannot read keystore to obtain key and certificate for signing "+e);
}
}
}
@Test
public void testGetProxyHistoryAndSiteMap() throws IOException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
HttpMessageList proxyHistory = burpClient.getProxyHistory();
assertEquals(0, proxyHistory.getHttpMessages().size());
String urlString = "http://www.vmware.com";
HttpMessageList siteMap = burpClient.getSiteMap(urlString);
assertEquals(0, siteMap.getHttpMessages().size());
sendRequestThruProxy();
proxyHistory = burpClient.getProxyHistory();
assertNotEquals(0, proxyHistory.getHttpMessages().size());
siteMap = burpClient.getSiteMap(urlString);
assertNotEquals(0, siteMap.getHttpMessages().size());
}
public WebhookService()
throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException
{
TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain,
String authType) -> true;
SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom()
.loadTrustMaterial(null, acceptingTrustStrategy).build();
SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext);
CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(csf).build();
nonValidatingRequestFactory = new HttpComponentsClientHttpRequestFactory();
nonValidatingRequestFactory.setHttpClient(httpClient);
}
/**
* This method creates an insecure SSL factory that will trust on self signed certificates.
* For that we use {@link TrustSelfSignedStrategy}.
*/
protected SSLConnectionSocketFactory createInsecureSslFactory() {
try {
SSLContextBuilder builder = new SSLContextBuilder();
builder.loadTrustMaterial(new TrustSelfSignedStrategy());
SSLContext sc = builder.build();
if (acceptAllKindsOfCertificates) {
TrustManager[] trustAllCerts = new TrustManager[1];
TrustManager tm = new TrustAllManager();
trustAllCerts[0] = tm;
sc.init(null, trustAllCerts, null);
HostnameVerifier hostnameVerifier = createInsecureHostNameVerifier();
return new SSLConnectionSocketFactory(sc, hostnameVerifier);
}
return new SSLConnectionSocketFactory(sc);
} catch (NoSuchAlgorithmException | KeyStoreException | KeyManagementException e) {
throw new ApacheCloudStackClientRuntimeException(e);
}
}
private static Key getKeyStoreKey(KeyStore ks, String keyAlias, List<char[]> passwords)
throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {
UnrecoverableKeyException lastFailure = null;
for (char[] password : passwords) {
try {
return ks.getKey(keyAlias, password);
} catch (UnrecoverableKeyException e) {
lastFailure = e;
}
}
if (lastFailure == null) {
throw new RuntimeException("No key passwords");
} else {
throw lastFailure;
}
}
private SSLContext createSSLContext(final SSLContextService service)
throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, KeyManagementException, UnrecoverableKeyException {
final SSLContextBuilder sslContextBuilder = new SSLContextBuilder();
if (StringUtils.isNotBlank(service.getTrustStoreFile())) {
final KeyStore truststore = KeyStoreUtils.getTrustStore(service.getTrustStoreType());
try (final InputStream in = new FileInputStream(new File(service.getTrustStoreFile()))) {
truststore.load(in, service.getTrustStorePassword().toCharArray());
}
sslContextBuilder.loadTrustMaterial(truststore, new TrustSelfSignedStrategy());
}
if (StringUtils.isNotBlank(service.getKeyStoreFile())){
final KeyStore keystore = KeyStoreUtils.getKeyStore(service.getKeyStoreType());
try (final InputStream in = new FileInputStream(new File(service.getKeyStoreFile()))) {
keystore.load(in, service.getKeyStorePassword().toCharArray());
}
sslContextBuilder.loadKeyMaterial(keystore, service.getKeyStorePassword().toCharArray());
}
sslContextBuilder.useProtocol(service.getSslAlgorithm());
return sslContextBuilder.build();
}
/**
* When a PIN(Personal Identification Number) and Alias was informed,
* obtain the certificate from a Token or Smartcard, defined by ICP-BRASIL with the name A3.
*
* @param pinNumber a PIN(Personal Identification Number)
* @param alias desired alias
* @return the certificate information in X509Certificate format
*
*/
@Override
public X509Certificate loadFromToken(String pinNumber, String alias) {
if (this.keyStore == null) {
KeyStoreLoader keyStoreLoader = KeyStoreLoaderFactory.factoryKeyStoreLoader();
this.keyStore = keyStoreLoader.getKeyStore();
}
try {
return (X509Certificate) this.keyStore.getCertificateChain(alias)[0];
} catch (KeyStoreException e) {
throw new CertificateCoreException("", e);
}
}
private PrivateKey resolveX509Certificate(
XMLX509Certificate x509Cert
) throws XMLSecurityException, KeyStoreException {
log.log(java.util.logging.Level.FINE, "Can I resolve X509Certificate?");
byte[] x509CertBytes = x509Cert.getCertificateBytes();
Enumeration<String> aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (keyStore.isKeyEntry(alias)) {
Certificate cert = keyStore.getCertificate(alias);
if (cert instanceof X509Certificate) {
byte[] certBytes = null;
try {
certBytes = cert.getEncoded();
} catch (CertificateEncodingException e1) {
}
if (certBytes != null && Arrays.equals(certBytes, x509CertBytes)) {
log.log(java.util.logging.Level.FINE, "match !!! ");
try {
Key key = keyStore.getKey(alias, password);
if (key instanceof PrivateKey) {
return (PrivateKey) key;
}
}
catch (Exception e) {
log.log(java.util.logging.Level.FINE, "Cannot recover the key", e);
// Keep searching
}
}
}
}
}
return null;
}
private void createTrustStore() throws CryptoException {
try {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
setTrustStore(keyStore);
} catch (KeyStoreException | NoSuchAlgorithmException | CertificateException | IOException | InvalidArgumentException e) {
throw new CryptoException("Cannot create trust store. Error: " + e.getMessage(), e);
}
}
public AlwaysTrustManager(KeyStore keyStore)
throws NoSuchAlgorithmException, KeyStoreException {
TrustManagerFactory tmf
= TrustManagerFactory.getInstance(TrustManagerFactory.
getDefaultAlgorithm());
tmf.init(keyStore);
TrustManager tms[] = tmf.getTrustManagers();
for (TrustManager tm : tms) {
trustManager = (X509TrustManager) tm;
return;
}
}
private SubjectIssuerDNPair lookupServerDN() throws KeyStoreException {
if (domain == null) {
throw new IllegalArgumentException("Unable to find security domain.");
}
KeyStore keystore = domain.getKeyStore();
final X509Certificate cert = (X509Certificate) keystore.getCertificate(keystore.aliases().nextElement());
final String serverDN = cert.getSubjectX500Principal().getName();
final String serverIssuerDN = cert.getIssuerX500Principal().getName();
return SubjectIssuerDNPair.of(serverDN, serverIssuerDN);
}
public static void main(final String args[]) throws IOException, CertificateException, NoSuchAlgorithmException,
InvalidKeySpecException, KeyStoreException {
Security.addProvider(new BouncyCastleProvider());
Security.addProvider(new EdDSASecurityProvider());
// Check usage
if (args.length < 4) {
System.err.println("USAGE: ca-path key-path cert-path [servers=true/false]");
System.exit(1);
}
// Get directories from arguments
final File caPath = new File(args[0]);
final File keyPath = new File(args[1]);
final File certPath = new File(args[2]);
final boolean areServers = Boolean.parseBoolean(args[3]);
if (areServers) {
// Generate Server Certificates using server configuration
// These IP addresses will have subject alternative names
issueServerCertificates(caPath, keyPath, certPath);
} else {
// Generate Client Certificates using client configuration
// These certificates will all be issued by the same client CA
issueClientCertificates(caPath, keyPath, certPath);
}
}
public static byte[] buildAndSaveKeystore(final String alias, final String cert, final String privateKey, final String storePassword) throws KeyStoreException, CertificateException,
NoSuchAlgorithmException, InvalidKeySpecException, IOException {
Preconditions.checkArgument(!Strings.isNullOrEmpty(alias), "Certificate alias cannot be blank");
Preconditions.checkArgument(!Strings.isNullOrEmpty(cert), "Certificate cannot be blank");
Preconditions.checkArgument(!Strings.isNullOrEmpty(privateKey), "Private key cannot be blank");
final KeyStore ks = buildKeystore(alias, cert, privateKey, storePassword);
try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) {
ks.store(os, storePassword != null ? storePassword.toCharArray() : null);
return os.toByteArray();
}
}
@Override
public boolean verify(String algorithm, String signed, byte[] signature) {
boolean verified = false;
try {
Signature sig=Signature.getInstance(algorithm);
sig.initVerify(ks.getCertificateForGateway().getPublicKey());
sig.update(signed.getBytes(StandardCharsets.UTF_8));
verified = sig.verify(signature);
} catch (SignatureException | KeystoreServiceException | InvalidKeyException | NoSuchAlgorithmException | KeyStoreException e) {
LOG.failedToVerifySignature( e );
}
LOG.signatureVerified( verified );
return verified;
}
public static KeyPair getSampleKeyPair() throws CertificateException,
NoSuchAlgorithmException, IOException, InvalidKeyException, KeyStoreException,
NoSuchProviderException, SignatureException {
KeyStore keyStore = KeyStore.getInstance("JKS");
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA", "SHA1WithRSA");
SecureRandom random = SecureRandom.getInstance("RSA", "SHA1WithRSA");
keyGen.initialize(1024, random);
KeyPair keypair = keyGen.generateKeyPair();
return keypair;
}