Example 1 with ManagerFactoryParameters
use of javax.net.ssl.ManagerFactoryParameters in project netty by netty.
the class SslHandlerTest method testAlertProducedAndSend.
private void testAlertProducedAndSend(SslProvider provider) throws Exception {
SelfSignedCertificate ssc = new SelfSignedCertificate();
final SslContext sslServerCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).sslProvider(provider).trustManager(new SimpleTrustManagerFactory() {
@Override
protected void engineInit(KeyStore keyStore) {
}
@Override
protected void engineInit(ManagerFactoryParameters managerFactoryParameters) {
}
@Override
protected TrustManager[] engineGetTrustManagers() {
return new TrustManager[] { new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
// Fail verification which should produce an alert that is send back to the client.
throw new CertificateException();
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s) {
// NOOP
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return EmptyArrays.EMPTY_X509_CERTIFICATES;
}
} };
}
}).clientAuth(ClientAuth.REQUIRE).build();
final SslContext sslClientCtx = SslContextBuilder.forClient().trustManager(InsecureTrustManagerFactory.INSTANCE).keyManager(new File(getClass().getResource("test.crt").getFile()), new File(getClass().getResource("test_unencrypted.pem").getFile())).sslProvider(provider).build();
NioEventLoopGroup group = new NioEventLoopGroup();
Channel sc = null;
Channel cc = null;
try {
final Promise<Void> promise = group.next().newPromise();
sc = new ServerBootstrap().group(group).channel(NioServerSocketChannel.class).childHandler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) throws Exception {
ch.pipeline().addLast(sslServerCtx.newHandler(ch.alloc()));
ch.pipeline().addLast(new ChannelInboundHandlerAdapter() {
@Override
public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) {
// Just trigger a close
ctx.close();
}
});
}
}).bind(new InetSocketAddress(0)).syncUninterruptibly().channel();
cc = new Bootstrap().group(group).channel(NioSocketChannel.class).handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) throws Exception {
ch.pipeline().addLast(sslClientCtx.newHandler(ch.alloc()));
ch.pipeline().addLast(new ChannelInboundHandlerAdapter() {
@Override
public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) {
if (cause.getCause() instanceof SSLException) {
// We received the alert and so produce an SSLException.
promise.setSuccess(null);
}
}
});
}
}).connect(sc.localAddress()).syncUninterruptibly().channel();
promise.syncUninterruptibly();
} finally {
if (cc != null) {
cc.close().syncUninterruptibly();
}
if (sc != null) {
sc.close().syncUninterruptibly();
}
group.shutdownGracefully();
ReferenceCountUtil.release(sslServerCtx);
ReferenceCountUtil.release(sslClientCtx);
}
}
Also used :
SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate)
InetSocketAddress(java.net.InetSocketAddress)
CertificateException(java.security.cert.CertificateException)
ChannelHandlerContext(io.netty.channel.ChannelHandlerContext)
SSLException(javax.net.ssl.SSLException)
Bootstrap(io.netty.bootstrap.Bootstrap)
ServerBootstrap(io.netty.bootstrap.ServerBootstrap)
NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup)
NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel)
NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel)
NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel)
EmbeddedChannel(io.netty.channel.embedded.EmbeddedChannel)
Channel(io.netty.channel.Channel)
SimpleTrustManagerFactory(io.netty.handler.ssl.util.SimpleTrustManagerFactory)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
ServerBootstrap(io.netty.bootstrap.ServerBootstrap)
IllegalReferenceCountException(io.netty.util.IllegalReferenceCountException)
CodecException(io.netty.handler.codec.CodecException)
SSLProtocolException(javax.net.ssl.SSLProtocolException)
DecoderException(io.netty.handler.codec.DecoderException)
SSLException(javax.net.ssl.SSLException)
ClosedChannelException(java.nio.channels.ClosedChannelException)
CertificateException(java.security.cert.CertificateException)
ExecutionException(java.util.concurrent.ExecutionException)
UnsupportedMessageTypeException(io.netty.handler.codec.UnsupportedMessageTypeException)
NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel)
X509TrustManager(javax.net.ssl.X509TrustManager)
File(java.io.File)
ManagerFactoryParameters(javax.net.ssl.ManagerFactoryParameters)
ChannelInboundHandlerAdapter(io.netty.channel.ChannelInboundHandlerAdapter)
Example 2 with ManagerFactoryParameters
use of javax.net.ssl.ManagerFactoryParameters in project robovm by robovm.
the class MyProvider method test_engineInit_02.
/**
* @throws InvalidAlgorithmParameterException
* @throws NoSuchAlgorithmException
* javax.net.ssl.TrustManagerFactorySpi#engineInit(ManagerFactoryParameters spec)
*/
public void test_engineInit_02() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
factory.reset();
Provider provider = new MyProvider();
TrustManagerFactory tmf = TrustManagerFactory.getInstance("MyTMF", provider);
Parameters pr = null;
try {
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(null, null);
pr = new Parameters(ks);
tmf.init(pr);
} catch (Exception e) {
fail("Unexpected exception " + e.toString());
}
assertTrue(factory.isEngineInitCalled());
assertEquals(pr, factory.getSpec());
factory.reset();
tmf.init((ManagerFactoryParameters) null);
assertTrue(factory.isEngineInitCalled());
assertNull(factory.getSpec());
}
Also used :
Parameters(org.apache.harmony.xnet.tests.support.MyTrustManagerFactorySpi.Parameters)
ManagerFactoryParameters(javax.net.ssl.ManagerFactoryParameters)
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
KeyStore(java.security.KeyStore)
KeyStoreException(java.security.KeyStoreException)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
Provider(java.security.Provider)
Example 3 with ManagerFactoryParameters
use of javax.net.ssl.ManagerFactoryParameters in project robovm by robovm.
the class TrustManagerFactory2Test method checkResult.
private void checkResult(TrustManagerFactory tmf) throws Exception {
KeyStore kStore = null;
ManagerFactoryParameters mfp = null;
try {
tmf.init(kStore);
fail("KeyStoreException must be thrown");
} catch (KeyStoreException e) {
}
try {
tmf.init(mfp);
fail("InvalidAlgorithmParameterException must be thrown");
} catch (InvalidAlgorithmParameterException e) {
}
assertNull("getTrustManagers() should return null object", tmf.getTrustManagers());
try {
kStore = KeyStore.getInstance(KeyStore.getDefaultType());
kStore.load(null, null);
} catch (KeyStoreException e) {
fail("default keystore is not supported");
return;
}
tmf.init(kStore);
mfp = (ManagerFactoryParameters) new MyTrustManagerFactorySpi.Parameters(null);
try {
tmf.init(mfp);
fail("RuntimeException must be thrown");
} catch (RuntimeException e) {
assertTrue("Incorrect exception", e.getCause() instanceof KeyStoreException);
}
mfp = (ManagerFactoryParameters) new MyTrustManagerFactorySpi.Parameters(kStore);
tmf.init(mfp);
}
Also used :
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
ManagerFactoryParameters(javax.net.ssl.ManagerFactoryParameters)
KeyStoreException(java.security.KeyStoreException)
KeyStore(java.security.KeyStore)
ManagerFactoryParameters(javax.net.ssl.ManagerFactoryParameters)
Example 4 with ManagerFactoryParameters
use of javax.net.ssl.ManagerFactoryParameters in project robovm by robovm.
the class KeyManagerFactorySpiTest method test_engineInit_02.
/**
* javax.net.ssl.KeyManagerFactorySpi#KengineInit(ManagerFactoryParameters spec)
*/
public void test_engineInit_02() {
KeyManagerFactorySpiImpl kmf = new KeyManagerFactorySpiImpl();
try {
kmf.engineInit(null);
fail("InvalidAlgorithmParameterException wasn't thrown");
} catch (InvalidAlgorithmParameterException iape) {
//expected
} catch (Exception e) {
fail(e + " was thrown instead of InvalidAlgorithmParameterException");
}
try {
char[] psw = "password".toCharArray();
Parameters pr = new Parameters(psw);
kmf.engineInit(pr);
} catch (Exception e) {
fail(e + " unexpected exception was thrown");
}
}
Also used :
KeyManagerFactorySpiImpl(org.apache.harmony.xnet.tests.support.KeyManagerFactorySpiImpl)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
ManagerFactoryParameters(javax.net.ssl.ManagerFactoryParameters)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
KeyStoreException(java.security.KeyStoreException)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
Example 5 with ManagerFactoryParameters
use of javax.net.ssl.ManagerFactoryParameters in project robovm by robovm.
the class KeyManagerFactory2Test method checkResult.
private void checkResult(KeyManagerFactory keyMF) throws Exception {
KeyStore kStore = null;
ManagerFactoryParameters mfp = null;
char[] pass = { 'a', 'b', 'c' };
try {
keyMF.init(kStore, null);
fail("KeyStoreException must be thrown");
} catch (KeyStoreException e) {
}
try {
keyMF.init(kStore, pass);
fail("UnrecoverableKeyException must be thrown");
} catch (UnrecoverableKeyException e) {
}
try {
keyMF.init(mfp);
fail("InvalidAlgorithmParameterException must be thrown");
} catch (InvalidAlgorithmParameterException e) {
}
assertNull("getKeyManagers() should return null object", keyMF.getKeyManagers());
try {
kStore = KeyStore.getInstance(KeyStore.getDefaultType());
kStore.load(null, null);
} catch (KeyStoreException e) {
fail("default keystore is not supported");
return;
}
keyMF.init(kStore, pass);
mfp = new MyKeyManagerFactorySpi.Parameters(kStore, null);
try {
keyMF.init(mfp);
fail("InvalidAlgorithmParameterException must be thrown");
} catch (InvalidAlgorithmParameterException e) {
}
mfp = new MyKeyManagerFactorySpi.Parameters(kStore, pass);
keyMF.init(mfp);
}
Also used :
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
KeyStoreException(java.security.KeyStoreException)
KeyStore(java.security.KeyStore)
MyKeyManagerFactorySpi(org.apache.harmony.xnet.tests.support.MyKeyManagerFactorySpi)
ManagerFactoryParameters(javax.net.ssl.ManagerFactoryParameters)
Aggregations
ManagerFactoryParameters (javax.net.ssl.ManagerFactoryParameters)9
KeyStore (java.security.KeyStore)8
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)6
KeyStoreException (java.security.KeyStoreException)5
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3
CertificateException (java.security.cert.CertificateException)3
TrustManagerFactory (javax.net.ssl.TrustManagerFactory)3
Bootstrap (io.netty.bootstrap.Bootstrap)2
ServerBootstrap (io.netty.bootstrap.ServerBootstrap)2
Channel (io.netty.channel.Channel)2
ChannelHandlerContext (io.netty.channel.ChannelHandlerContext)2
ChannelInboundHandlerAdapter (io.netty.channel.ChannelInboundHandlerAdapter)2
NioEventLoopGroup (io.netty.channel.nio.NioEventLoopGroup)2
NioServerSocketChannel (io.netty.channel.socket.nio.NioServerSocketChannel)2
NioSocketChannel (io.netty.channel.socket.nio.NioSocketChannel)2
SelfSignedCertificate (io.netty.handler.ssl.util.SelfSignedCertificate)2
SimpleTrustManagerFactory (io.netty.handler.ssl.util.SimpleTrustManagerFactory)2
File (java.io.File)2
UnrecoverableKeyException (java.security.UnrecoverableKeyException)2
X509Certificate (java.security.cert.X509Certificate)2
