Example 6 with AdaptrisSecurityException
use of com.adaptris.security.exc.AdaptrisSecurityException in project interlok by adaptris.
the class KeystoreProxyImp method importCertificateChain.
/**
* Import a certificate chain from a file, giving it the assigned alias.
* <p>
* This deals with certificate chains as used by Netscape Navigator and
* Microsoft Internet Explorer.
* <p>
* Certificate Chains are only appropriate for keystore <code>keyEntry</code>
* types.
* <p>
* This assumes that a <code>keyEntry</code> with the alias
* <code>alias</code> has already been created, and the secret key
* associated with this <code>keyEntry</code> is protected by
* <code>keyPassword</code>
*
* @param keyPassword the password to access the private key
* @param alias the alias to be assigned
* @param in the Certificate Chain file to be imported
* @throws AdaptrisSecurityException for any error
* @see #setPrivateKey(String, PrivateKey, char[], Certificate[])
*/
public void importCertificateChain(String alias, char[] keyPassword, InputStream in) throws AdaptrisSecurityException {
try (PemReader pemReader = new PemReader(new InputStreamReader(in))) {
// ,, Constants.SECURITY_PROVIDER);
CertificateFactory cf = CertificateFactory.getInstance(Constants.KEYSTORE_X509);
Collection<?> certs = cf.generateCertificates(in);
Certificate[] pkcs7b = certs.toArray(new Certificate[0]);
PrivateKey pkey = this.getPrivateKey(alias, keyPassword);
if (pkey == null) {
throw new Exception("No Private key for alias " + alias);
}
this.setPrivateKey(alias, pkey, keyPassword, pkcs7b);
} catch (AdaptrisSecurityException e) {
throw e;
} catch (Exception e) {
throw new CertException(e.getMessage(), e);
}
}
Also used :
PemReader(org.bouncycastle.util.io.pem.PemReader)
PrivateKey(java.security.PrivateKey)
InputStreamReader(java.io.InputStreamReader)
AdaptrisSecurityException(com.adaptris.security.exc.AdaptrisSecurityException)
CertException(com.adaptris.security.exc.CertException)
CertificateFactory(java.security.cert.CertificateFactory)
KeystoreException(com.adaptris.security.exc.KeystoreException)
IOException(java.io.IOException)
CertException(com.adaptris.security.exc.CertException)
AdaptrisSecurityException(com.adaptris.security.exc.AdaptrisSecurityException)
GeneralSecurityException(java.security.GeneralSecurityException)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
Example 7 with AdaptrisSecurityException
use of com.adaptris.security.exc.AdaptrisSecurityException in project interlok by adaptris.
the class StdOutput method formatBase64.
/**
* Return the encrypted message ready for immediate writing to file.
*
* @return the bytes ready for writing.
* @throws AdaptrisSecurityException if an error occurs
*/
private byte[] formatBase64() throws EncryptException {
DataOutputStream out = null;
ByteArrayOutputStream byteStream = null;
byte[] returnBytes = null;
try {
byteStream = new ByteArrayOutputStream();
out = new DataOutputStream(byteStream);
write(out, getSessionVector());
write(out, getSessionKey());
write(out, getEncryptedData(false) == null ? getDecryptedData(false) : getEncryptedData(false));
write(out, getSignature());
returnBytes = Base64.encodeBase64(byteStream.toByteArray());
} catch (Exception e) {
throw new EncryptException(e);
} finally {
try {
if (out != null) {
out.close();
}
if (byteStream != null) {
byteStream.close();
}
} catch (Exception ignored) {
;
}
}
return returnBytes;
}
Also used :
DataOutputStream(java.io.DataOutputStream)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
VerifyException(com.adaptris.security.exc.VerifyException)
IOException(java.io.IOException)
EncryptException(com.adaptris.security.exc.EncryptException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
AdaptrisSecurityException(com.adaptris.security.exc.AdaptrisSecurityException)
EncryptException(com.adaptris.security.exc.EncryptException)
Example 8 with AdaptrisSecurityException
use of com.adaptris.security.exc.AdaptrisSecurityException in project interlok by adaptris.
the class StdSecurityService method encrypt.
private Output encrypt(byte[] payload, PrivateKey pk, CertificateHandler ch) throws AdaptrisSecurityException {
StdOutput output = new StdOutput(Output.ENCRYPTED);
try {
KeyGenerator kg = KeyGenerator.getInstance(getCipherName(alg.getAlgorithm()));
kg.init(alg.getKeyLength(), SecurityUtil.getSecureRandom());
SecretKey sessionKey = kg.generateKey();
Cipher dataCipher = Cipher.getInstance(alg.getAlgorithm());
/*,
Constants.SECURITY_PROVIDER);*/
dataCipher.init(Cipher.ENCRYPT_MODE, sessionKey);
byte[] encryptedBody = dataCipher.doFinal(payload);
Cipher keyCipher = Cipher.getInstance(ch.getKeyAlgorithm());
/*,
Constants.SECURITY_PROVIDER);*/
keyCipher.init(Cipher.ENCRYPT_MODE, ch.getPublicKey(), SecurityUtil.getSecureRandom());
byte[] encryptedSessionKey = keyCipher.doFinal(sessionKey.getEncoded());
output.setSessionKey(encryptedSessionKey);
output.setSessionVector(dataCipher.getIV());
output.setEncryptedData(encryptedBody);
} catch (Exception e) {
throw new EncryptException(e);
}
return output;
}
Also used :
SecretKey(javax.crypto.SecretKey)
Cipher(javax.crypto.Cipher)
KeyGenerator(javax.crypto.KeyGenerator)
KeystoreException(com.adaptris.security.exc.KeystoreException)
CertException(com.adaptris.security.exc.CertException)
VerifyException(com.adaptris.security.exc.VerifyException)
EncryptException(com.adaptris.security.exc.EncryptException)
AdaptrisSecurityException(com.adaptris.security.exc.AdaptrisSecurityException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
DecryptException(com.adaptris.security.exc.DecryptException)
NoSuchProviderException(java.security.NoSuchProviderException)
EncryptException(com.adaptris.security.exc.EncryptException)
Example 9 with AdaptrisSecurityException
use of com.adaptris.security.exc.AdaptrisSecurityException in project interlok by adaptris.
the class CoreSecurityService method retrieveRemotePartner.
final Alias retrieveRemotePartner(AdaptrisMessage m) throws AdaptrisSecurityException {
Alias rpa = remotePartnerAlias;
if (m.headersContainsKey(getRemotePartnerMetadataKey())) {
String aliasName = m.getMetadataValue(getRemotePartnerMetadataKey());
log.debug("Message metadata overrides configured remote partner with [" + aliasName + "]");
rpa = new Alias(aliasName);
}
if (rpa == null) {
throw new AdaptrisSecurityException("No Remote Partner alias");
}
return rpa;
}
Also used :
Alias(com.adaptris.security.keystore.Alias)
AdaptrisSecurityException(com.adaptris.security.exc.AdaptrisSecurityException)
Example 10 with AdaptrisSecurityException
use of com.adaptris.security.exc.AdaptrisSecurityException in project interlok by adaptris.
the class CoreSecurityService method initService.
@Override
protected final void initService() throws CoreException {
try {
pkPassword = getPrivateKeyPasswordProvider().retrievePrivateKeyPassword();
} catch (PasswordException e) {
throw new CoreException("Could not get password using " + getPrivateKeyPasswordProvider().getClass().getCanonicalName(), e);
}
try {
if (isEmpty(localPartner)) {
throw new CoreException("No Local Partner configured");
}
localPartnerAlias = new Alias(localPartner, pkPassword);
if (isEmpty(remotePartner)) {
log.warn("Remote partner not configured, " + "must be set individually as message metadata");
} else {
remotePartnerAlias = new Alias(remotePartner);
}
SecurityServiceFactory factory = securityFactory;
if (factory == null) {
factory = SecurityServiceFactory.defaultInstance();
}
service = factory.createService();
for (Iterator i = keystoreUrls.iterator(); i.hasNext(); ) {
ConfiguredKeystore url = (ConfiguredKeystore) i.next();
service.registerKeystore(url);
}
service.setEncryptionAlgorithm(encryptionAlgorithm);
if (successId != null && failId != null) {
branchingEnabled = true;
} else {
log.debug("No Success Id or Fail Id, branching disabled");
}
} catch (AdaptrisSecurityException e) {
throw new CoreException(e);
}
}
Also used :
PasswordException(com.adaptris.security.exc.PasswordException)
CoreException(com.adaptris.core.CoreException)
Alias(com.adaptris.security.keystore.Alias)
Iterator(java.util.Iterator)
AdaptrisSecurityException(com.adaptris.security.exc.AdaptrisSecurityException)
ConfiguredKeystore(com.adaptris.security.keystore.ConfiguredKeystore)
SecurityServiceFactory(com.adaptris.security.SecurityServiceFactory)
Aggregations
AdaptrisSecurityException (com.adaptris.security.exc.AdaptrisSecurityException)23
CertException (com.adaptris.security.exc.CertException)11
KeystoreException (com.adaptris.security.exc.KeystoreException)10
EncryptException (com.adaptris.security.exc.EncryptException)7
VerifyException (com.adaptris.security.exc.VerifyException)7
IOException (java.io.IOException)7
DecryptException (com.adaptris.security.exc.DecryptException)5
GeneralSecurityException (java.security.GeneralSecurityException)5
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5
NoSuchProviderException (java.security.NoSuchProviderException)5
PrivateKey (java.security.PrivateKey)5
X509Certificate (java.security.cert.X509Certificate)4
Test (org.junit.Test)4
Certificate (java.security.cert.Certificate)3
AdaptrisMessage (com.adaptris.core.AdaptrisMessage)2
HttpException (com.adaptris.http.HttpException)2
HttpsClient (com.adaptris.http.HttpsClient)2
Alias (com.adaptris.security.keystore.Alias)2
KeystoreFactory (com.adaptris.security.keystore.KeystoreFactory)2
KeystoreLocation (com.adaptris.security.keystore.KeystoreLocation)2
