Example 96 with GeneralSecurityException
use of java.security.GeneralSecurityException in project qpid-broker-j by apache.
the class SiteSpecificTrustStoreImpl method generateTrustManagers.
private void generateTrustManagers() {
try {
java.security.KeyStore inMemoryKeyStore = java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());
inMemoryKeyStore.load(null, null);
inMemoryKeyStore.setCertificateEntry("1", _x509Certificate);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(inMemoryKeyStore);
_trustManagers = tmf.getTrustManagers();
} catch (IOException | GeneralSecurityException e) {
throw new IllegalConfigurationException("Cannot load certificate(s) :" + e, e);
}
}
Also used :
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
GeneralSecurityException(java.security.GeneralSecurityException)
IllegalConfigurationException(org.apache.qpid.server.configuration.IllegalConfigurationException)
IOException(java.io.IOException)
Example 97 with GeneralSecurityException
use of java.security.GeneralSecurityException in project qpid-broker-j by apache.
the class TrustAnchorValidatingTrustManager method checkClientTrusted.
@Override
public void checkClientTrusted(final X509Certificate[] x509Certificates, final String authType) throws CertificateException {
_x509TrustManager.checkClientTrusted(x509Certificates, authType);
X509Certificate peerCertificate = x509Certificates[0];
PKIXCertPathBuilderResult pkixCertPathBuilderResult;
try {
pkixCertPathBuilderResult = getPkixCertPathBuilderResult(x509Certificates, _trustAnchors, _otherCerts);
} catch (GeneralSecurityException e) {
throw new CertificateException("Unexpected error whilst validating trust-anchor", e);
}
X509Certificate trustAnchorCert = pkixCertPathBuilderResult.getTrustAnchor().getTrustedCert();
try {
trustAnchorCert.checkValidity();
} catch (CertificateExpiredException | CertificateNotYetValidException e) {
LOGGER.warn("Authentication failed for peer bearing certificate (subject DN '{}') " + "as the trust anchor (subject DN '{}') within truststore '{}' " + "is either expired or not yet valid. Validity range {} - {}", peerCertificate.getSubjectDN(), trustAnchorCert.getSubjectDN(), _trustStoreName, trustAnchorCert.getNotBefore(), trustAnchorCert.getNotAfter());
throw e;
}
}
Also used :
CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException)
CertificateExpiredException(java.security.cert.CertificateExpiredException)
PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult)
GeneralSecurityException(java.security.GeneralSecurityException)
CertificateException(java.security.cert.CertificateException)
X509Certificate(java.security.cert.X509Certificate)
Example 98 with GeneralSecurityException
use of java.security.GeneralSecurityException in project ambry by linkedin.
the class RestTestUtils method getTestSSLFactory.
/**
* @return an {@link SSLFactory} for use in rest unit tests.
*/
static SSLFactory getTestSSLFactory() {
try {
File trustStoreFile = File.createTempFile("truststore", ".jks");
trustStoreFile.deleteOnExit();
return new SSLFactory(new SSLConfig(TestSSLUtils.createSslProps("", SSLFactory.Mode.SERVER, trustStoreFile, "frontend")));
} catch (IOException | GeneralSecurityException e) {
throw new IllegalStateException(e);
}
}
Also used :
SSLConfig(com.github.ambry.config.SSLConfig)
SSLFactory(com.github.ambry.commons.SSLFactory)
GeneralSecurityException(java.security.GeneralSecurityException)
IOException(java.io.IOException)
File(java.io.File)
Example 99 with GeneralSecurityException
use of java.security.GeneralSecurityException in project ambry by linkedin.
the class GCMCryptoService method encrypt.
@Override
public ByteBuffer encrypt(ByteBuffer toEncrypt, SecretKeySpec key) throws GeneralSecurityException {
try {
Cipher encrypter = Cipher.getInstance(GCM_CRYPTO_INSTANCE, "BC");
byte[] iv = new byte[ivValSize];
random.nextBytes(iv);
encrypter.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));
int outputSize = encrypter.getOutputSize(toEncrypt.remaining());
ByteBuffer encryptedContent = ByteBuffer.allocate(IVRecord_Format_V1.getIVRecordSize(iv) + outputSize);
IVRecord_Format_V1.serializeIVRecord(encryptedContent, iv);
encrypter.doFinal(toEncrypt, encryptedContent);
encryptedContent.flip();
return encryptedContent;
} catch (Exception e) {
throw new GeneralSecurityException("Exception thrown while encrypting data", e);
}
}
Also used :
GeneralSecurityException(java.security.GeneralSecurityException)
IvParameterSpec(javax.crypto.spec.IvParameterSpec)
Cipher(javax.crypto.Cipher)
ByteBuffer(java.nio.ByteBuffer)
IOException(java.io.IOException)
MessageFormatException(com.github.ambry.messageformat.MessageFormatException)
GeneralSecurityException(java.security.GeneralSecurityException)
Example 100 with GeneralSecurityException
use of java.security.GeneralSecurityException in project ambry by linkedin.
the class GCMCryptoService method decrypt.
@Override
public ByteBuffer decrypt(ByteBuffer toDecrypt, SecretKeySpec key) throws GeneralSecurityException {
try {
Cipher decrypter = Cipher.getInstance(GCM_CRYPTO_INSTANCE, "BC");
byte[] iv = deserializeIV(new ByteBufferInputStream(toDecrypt));
decrypter.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
ByteBuffer decryptedContent = ByteBuffer.allocate(decrypter.getOutputSize(toDecrypt.remaining()));
decrypter.doFinal(toDecrypt, decryptedContent);
decryptedContent.flip();
return decryptedContent;
} catch (Exception e) {
throw new GeneralSecurityException("Exception thrown while decrypting data", e);
}
}
Also used :
GeneralSecurityException(java.security.GeneralSecurityException)
ByteBufferInputStream(com.github.ambry.utils.ByteBufferInputStream)
IvParameterSpec(javax.crypto.spec.IvParameterSpec)
Cipher(javax.crypto.Cipher)
ByteBuffer(java.nio.ByteBuffer)
IOException(java.io.IOException)
MessageFormatException(com.github.ambry.messageformat.MessageFormatException)
GeneralSecurityException(java.security.GeneralSecurityException)
Aggregations
GeneralSecurityException (java.security.GeneralSecurityException)1171
IOException (java.io.IOException)435
Cipher (javax.crypto.Cipher)144
Test (org.junit.Test)136
X509Certificate (java.security.cert.X509Certificate)124
KeyStore (java.security.KeyStore)89
SSLContext (javax.net.ssl.SSLContext)84
SecretKeySpec (javax.crypto.spec.SecretKeySpec)80
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)72
ArrayList (java.util.ArrayList)72
File (java.io.File)61
InputStream (java.io.InputStream)57
Certificate (java.security.cert.Certificate)57
PublicKey (java.security.PublicKey)53
PrivateKey (java.security.PrivateKey)50
FileInputStream (java.io.FileInputStream)49
BigInteger (java.math.BigInteger)49
SecretKey (javax.crypto.SecretKey)48
IvParameterSpec (javax.crypto.spec.IvParameterSpec)43
SecureRandom (java.security.SecureRandom)42
