Example 1 with AdaptrisSecurityException
use of com.adaptris.security.exc.AdaptrisSecurityException in project interlok by adaptris.
the class HttpsProduceConnection method initialiseClient.
/**
* @see HttpClientConnection#initialiseClient(java.lang.String)
*/
@Override
public HttpClientTransport initialiseClient(String url) throws HttpException {
HttpsClient client = new HttpsClient(url);
try {
if (keystore != null) {
KeystoreFactory ksf = KeystoreFactory.getDefault();
KeystoreLocation ksl = null;
if (keystorePassword != null) {
ksl = ksf.create(keystore, Password.decode(keystorePassword).toCharArray());
} else {
ksl = ksf.create(keystore);
}
char[] pkpw = PasswordOverride.discoverPrivateKeyPassword(ksl, getPrivateKeyPasswordProvider());
if (pkpw != null) {
client.registerPrivateKeyPassword(pkpw);
}
client.registerKeystore(ksf.create(ksl));
}
} catch (AdaptrisSecurityException e) {
throw new HttpException(e);
}
client.setAlwaysTrust(alwaysTrust);
return client;
}
Also used :
KeystoreLocation(com.adaptris.security.keystore.KeystoreLocation)
HttpsClient(com.adaptris.http.HttpsClient)
AdaptrisSecurityException(com.adaptris.security.exc.AdaptrisSecurityException)
KeystoreFactory(com.adaptris.security.keystore.KeystoreFactory)
HttpException(com.adaptris.http.HttpException)
Example 2 with AdaptrisSecurityException
use of com.adaptris.security.exc.AdaptrisSecurityException in project interlok by adaptris.
the class StdSecurityService method sign.
/**
* @see SecurityService#sign(byte[], Alias, Output)
*/
public Output sign(byte[] payload, Alias us, Output output) throws AdaptrisSecurityException {
PrivateKey pk = null;
StdOutput target = null;
CertificateHandler ch = null;
try {
target = output == null ? new StdOutput(Output.PLAIN) : (StdOutput) output;
target.setType(target.getType() | Output.SIGNED);
} catch (ClassCastException e) {
if (output != null)
throw new EncryptException("Class " + output.getClass() + " not recognised", e);
else
throw new EncryptException("Output null, therefore not recognised", e);
}
pk = getPrivateKey(us.getAlias(), us.getAliasPassword());
ch = createCertificateHandler(getCertificate(us.getAlias()));
try {
Signature sig = getSignatureInstance(ch);
sig.initSign(pk, SecurityUtil.getSecureRandom());
sig.update(payload);
target.setSignature(sig.sign());
target.setDecryptedData(payload);
} catch (Exception e) {
throw new EncryptException(e);
}
return target;
}
Also used :
PrivateKey(java.security.PrivateKey)
Signature(java.security.Signature)
CertificateHandler(com.adaptris.security.certificate.CertificateHandler)
EncryptException(com.adaptris.security.exc.EncryptException)
KeystoreException(com.adaptris.security.exc.KeystoreException)
CertException(com.adaptris.security.exc.CertException)
VerifyException(com.adaptris.security.exc.VerifyException)
EncryptException(com.adaptris.security.exc.EncryptException)
AdaptrisSecurityException(com.adaptris.security.exc.AdaptrisSecurityException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
DecryptException(com.adaptris.security.exc.DecryptException)
NoSuchProviderException(java.security.NoSuchProviderException)
Example 3 with AdaptrisSecurityException
use of com.adaptris.security.exc.AdaptrisSecurityException in project interlok by adaptris.
the class StdSecurityService method verify.
private boolean verify(StdOutput target, CertificateHandler ch) throws AdaptrisSecurityException {
boolean rc = false;
try {
if (target.getSignature() != null) {
Signature sig = getSignatureInstance(ch);
sig.initVerify(ch.getPublicKey());
sig.update(target.getDecryptedData(true));
rc = sig.verify(target.getSignature());
} else {
rc = true;
}
} catch (Exception e) {
throw new VerifyException("Exception during signature verfication", e);
}
return rc;
}
Also used :
VerifyException(com.adaptris.security.exc.VerifyException)
Signature(java.security.Signature)
KeystoreException(com.adaptris.security.exc.KeystoreException)
CertException(com.adaptris.security.exc.CertException)
VerifyException(com.adaptris.security.exc.VerifyException)
EncryptException(com.adaptris.security.exc.EncryptException)
AdaptrisSecurityException(com.adaptris.security.exc.AdaptrisSecurityException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
DecryptException(com.adaptris.security.exc.DecryptException)
NoSuchProviderException(java.security.NoSuchProviderException)
Example 4 with AdaptrisSecurityException
use of com.adaptris.security.exc.AdaptrisSecurityException in project interlok by adaptris.
the class CertificatePathVerifier method verify.
/**
* Verifies the specified certificate chain against the trusted anchors. The
* trusted anchors contains all public certificate that is trusted. This
* method will make use of JDK1.4's utilities to verify the certificate chain.
*
* @param certs the certificate chain being verified
* @param trusted the keystore storing the trusted anchors.
* @return true if verification is succeeded; false otherwise
*/
public static boolean verify(Certificate[] certs, KeyStore trusted) {
if (trusted == null) {
logR.warn("trusted keystore is null, cert chain verification fails.");
return false;
}
if (certs == null || certs.length == 0) {
logR.debug("Verifying a zero length certificate chain as [true]");
return true;
}
try {
CertPathBuilder certPathBuilder = CertPathBuilder.getInstance(PKIX);
X509CertSelector targetConstraints = new X509CertSelector();
for (int i = 0; i < certs.length; i++) {
targetConstraints.setSubject(((X509Certificate) certs[i]).getSubjectX500Principal().getEncoded());
}
PKIXBuilderParameters params = new PKIXBuilderParameters(trusted, targetConstraints);
CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters();
CertStore store = CertStore.getInstance(COLLECTION, ccsp);
params.addCertStore(store);
CertPath certPath = certPathBuilder.build(params).getCertPath();
if (certPath == null) {
throw new AdaptrisSecurityException("Failed to get certificate path");
}
} catch (Exception e) {
if (Constants.DEBUG) {
logR.debug("Failed to verify certificate chain due " + "to underlying exception", e);
}
return false;
}
return true;
}
Also used :
CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters)
PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters)
AdaptrisSecurityException(com.adaptris.security.exc.AdaptrisSecurityException)
X509CertSelector(java.security.cert.X509CertSelector)
CertPathBuilder(java.security.cert.CertPathBuilder)
CertPath(java.security.cert.CertPath)
CertStore(java.security.cert.CertStore)
X509Certificate(java.security.cert.X509Certificate)
AdaptrisSecurityException(com.adaptris.security.exc.AdaptrisSecurityException)
Example 5 with AdaptrisSecurityException
use of com.adaptris.security.exc.AdaptrisSecurityException in project interlok by adaptris.
the class KeystoreProxyImp method getPrivateKey.
/**
* Method to extract a Partner's Private Key from their Keystore entry and
* return a PrivateKey object to the caller.
*
* @param alias the alias in the keystore
* @param keyPassword the associated password
* @return the requested private key, or null if the alias does not exist/not
* a key entry
* @throws AdaptrisSecurityException for any error
*/
public PrivateKey getPrivateKey(String alias, char[] keyPassword) throws AdaptrisSecurityException {
PrivateKey p = null;
try {
if (keyPassword == null) {
logR.trace("No private key password passed as parameter, using keystore password as key password");
}
char[] pw = keyPassword == null ? keystoreLocation.getKeystorePassword() : keyPassword;
p = (PrivateKey) keyStore.getKey(alias, pw);
} catch (Exception e) {
throw KeystoreProxy.wrapException(e);
}
return p;
}
Also used :
PrivateKey(java.security.PrivateKey)
KeystoreException(com.adaptris.security.exc.KeystoreException)
IOException(java.io.IOException)
CertException(com.adaptris.security.exc.CertException)
AdaptrisSecurityException(com.adaptris.security.exc.AdaptrisSecurityException)
GeneralSecurityException(java.security.GeneralSecurityException)
Aggregations
AdaptrisSecurityException (com.adaptris.security.exc.AdaptrisSecurityException)23
CertException (com.adaptris.security.exc.CertException)11
KeystoreException (com.adaptris.security.exc.KeystoreException)10
EncryptException (com.adaptris.security.exc.EncryptException)7
VerifyException (com.adaptris.security.exc.VerifyException)7
IOException (java.io.IOException)7
DecryptException (com.adaptris.security.exc.DecryptException)5
GeneralSecurityException (java.security.GeneralSecurityException)5
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5
NoSuchProviderException (java.security.NoSuchProviderException)5
PrivateKey (java.security.PrivateKey)5
X509Certificate (java.security.cert.X509Certificate)4
Test (org.junit.Test)4
Certificate (java.security.cert.Certificate)3
AdaptrisMessage (com.adaptris.core.AdaptrisMessage)2
HttpException (com.adaptris.http.HttpException)2
HttpsClient (com.adaptris.http.HttpsClient)2
Alias (com.adaptris.security.keystore.Alias)2
KeystoreFactory (com.adaptris.security.keystore.KeystoreFactory)2
KeystoreLocation (com.adaptris.security.keystore.KeystoreLocation)2
