Example 6 with KeyChainKeyLoader
use of com.disney.http.auth.client.keyloader.KeyChainKeyLoader in project groovity by disney.
the class TestKeyStoreKeyLoader method testImportKeystoreWrongAlias.
// alias has no key, should throw exception
@Test(expected = UnrecoverableKeyException.class)
public void testImportKeystoreWrongAlias() throws Exception {
KeyChainKeyLoader loader = setupKeyLoader("passwordForPrivateKey");
loader.setAlias("test");
loader.call();
}
Also used :
KeyChainKeyLoader(com.disney.http.auth.client.keyloader.KeyChainKeyLoader)
Test(org.junit.Test)
Example 7 with KeyChainKeyLoader
use of com.disney.http.auth.client.keyloader.KeyChainKeyLoader in project groovity by disney.
the class TestKeyStoreKeyLoader method testImportKeystoreDefaultType.
/*
// wrong type set for keystore, should throw error
@Test(expected=Exception.class)
public void testImportKeystoreWrongType() throws Exception{
KeyChainKeyLoader loader = new KeyChainKeyLoader("/testKey.store", context, "passwordForPrivateKey");
loader.setAlias("apiUser123");
loader.setAlgorithm("RSA");
loader.setKeystoreType("JKS");
loader.load();
}
*/
// all requirements satisfied, should work since default keystore type is set.
@Test
public void testImportKeystoreDefaultType() throws Exception {
KeyChainKeyLoader loader = setupKeyLoader("passwordForPrivateKey");
loader.setAlias("apiUser123");
loader.call();
}
Also used :
KeyChainKeyLoader(com.disney.http.auth.client.keyloader.KeyChainKeyLoader)
Test(org.junit.Test)
Example 8 with KeyChainKeyLoader
use of com.disney.http.auth.client.keyloader.KeyChainKeyLoader in project groovity by disney.
the class TestKeyUtils method TestKeyGeneration.
@Test
public void TestKeyGeneration() throws Exception {
KeyPair pair = KeyUtils.generateKeyPair(2048);
Assert.assertNotNull(pair);
PrivateKey privateKey = pair.getPrivate();
Assert.assertNotNull(privateKey);
Assert.assertEquals(privateKey.getAlgorithm(), "RSA");
PublicKey publicKey = pair.getPublic();
Assert.assertNotNull(publicKey);
Assert.assertEquals(publicKey.getAlgorithm(), "RSA");
String alias = "apiUser123";
// Store private key
File privateKeyFile = new File("target/testPrivateKey.pem");
File privateKeyStore = new File("target/testKey.store");
String privatePassword = "passwordForPrivateKey";
URIParcel.put(privateKeyFile.toURI(), pair);
writePrivateKeystoreToFile(pair, privateKeyStore.getAbsolutePath(), alias, privatePassword);
// test retrieval of KeyStore
Map<String, Object> config = new HashMap<String, Object>();
config.put(KeyStoreValueHandler.KEYSTORE_PASSWORD, privatePassword);
config.put(KeyStoreValueHandler.KEYSTORE_TYPE, "JCEKS");
URIParcel<KeyStore> parcel = new URIParcel<KeyStore>(KeyStore.class, privateKeyStore.toURI(), config);
KeyChain chain = new KeyStoreKeyChainImpl(parcel, "".toCharArray());
KeyChainKeyLoader privateKeyStoreLoader = new KeyChainKeyLoader(chain);
privateKeyStoreLoader.setAlias(alias);
PrivateKey loadedKeyFromKeyStore = (PrivateKey) privateKeyStoreLoader.call();
Assert.assertEquals(privateKey, loadedKeyFromKeyStore);
// test retrieval of Key
URIParcel<KeyPair> pkParcel = new URIParcel<KeyPair>(KeyPair.class, privateKeyFile.toURI());
KeyPair loadedPrivateKey = pkParcel.call();
Assert.assertArrayEquals(privateKey.getEncoded(), loadedPrivateKey.getPrivate().getEncoded());
// check storage and retrieval of public key
String publicKeyFileName = "testPublicKey.store";
String password = "publicPassword";
File publicKeyFile = new File("target/" + publicKeyFileName);
KeyUtils.writePublicKeyStoreToFile(publicKey, publicKeyFile.getAbsolutePath(), alias, password);
PublicKey loadedPublicKey = loadPublicKeyStore(publicKeyFile.getAbsolutePath(), alias, password);
Assert.assertArrayEquals(publicKey.getEncoded(), loadedPublicKey.getEncoded());
// check if valid key pair by trying to sign and verify a string
String testString = "This is the message to encode.";
Signature rsaSign = Signature.getInstance("MD5withRSA");
rsaSign.initSign(privateKey);
rsaSign.update(testString.getBytes("UTF-8"));
byte[] signedMessage = rsaSign.sign();
Signature rsaVerify = Signature.getInstance("MD5withRSA");
rsaVerify.initVerify(loadedPublicKey);
rsaVerify.update(testString.getBytes("UTF-8"));
boolean valid = rsaVerify.verify(signedMessage);
Assert.assertTrue(valid);
// make new key pair and save KeyStore to file.
KeyPair keyPairForFile = KeyUtils.generateKeyPair();
String location = new File("target/testKeytool.store").getAbsolutePath();
writePrivateKeystoreToFile(keyPairForFile, location, "test", "rachel");
// load from file
config = new HashMap<String, Object>();
config.put(KeyStoreValueHandler.KEYSTORE_PASSWORD, "rachel");
config.put(KeyStoreValueHandler.KEYSTORE_TYPE, "JCEKS");
URIParcel<KeyStore> ksParcel = new URIParcel<KeyStore>(KeyStore.class, new File(location).toURI(), config);
KeyChain chain2 = new KeyStoreKeyChainImpl(ksParcel, "".toCharArray());
KeyChainKeyLoader savedKeyStoreLoader = new KeyChainKeyLoader(chain2);
savedKeyStoreLoader.setAlias("test");
Key newKey = savedKeyStoreLoader.call();
Assert.assertEquals(keyPairForFile.getPrivate(), newKey);
KeyStore importedKeystore = ksParcel.call();
Assert.assertEquals(keyPairForFile.getPublic(), importedKeystore.getCertificate("test").getPublicKey());
}
Also used :
KeyPair(java.security.KeyPair)
PrivateKey(java.security.PrivateKey)
HashMap(java.util.HashMap)
URIParcel(com.disney.uriparcel.URIParcel)
PublicKey(java.security.PublicKey)
KeyChain(com.disney.http.auth.keychain.KeyChain)
KeyStore(java.security.KeyStore)
KeyStoreKeyChainImpl(com.disney.http.auth.keychain.KeyStoreKeyChainImpl)
KeyChainKeyLoader(com.disney.http.auth.client.keyloader.KeyChainKeyLoader)
Signature(java.security.Signature)
File(java.io.File)
PublicKey(java.security.PublicKey)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
Test(org.junit.Test)
Example 9 with KeyChainKeyLoader
use of com.disney.http.auth.client.keyloader.KeyChainKeyLoader in project groovity by disney.
the class Signature method tag.
@SuppressWarnings({ "rawtypes", "unchecked" })
public Object tag(Map attributes, Closure body) throws Exception {
Object keyId = resolve(attributes, "keyId");
if (keyId == null) {
throw new RuntimeException("<g:signature> requires a keyId for signing");
}
Callable<Key> useLoader = null;
Object key = resolve(attributes, "key");
if (key == null) {
Object keystore = resolve(attributes, "keystore");
if (keystore == null) {
throw new RuntimeException("<g:signature> requires a key or keystore for signing");
}
String password = resolve(attributes, "password", String.class);
if (password == null) {
throw new RuntimeException("<g:signature> requires a password when using a keystore");
}
String alias = resolve(attributes, "alias", String.class);
if (alias == null) {
throw new RuntimeException("<g:signature> requires an alias when using a keystore");
}
if (!(keystore instanceof KeyStore)) {
String ksl = keystore.toString();
KeyChainKeyLoader loader = keystores.get(ksl);
if (loader == null) {
URIParcel<KeyStore> keystoreParcel = new URIParcel<KeyStore>(KeyStore.class, new URI(ksl));
keystoreParcel.setRefresh(60000);
Map conf = new HashMap();
conf.put("password", password);
String type = resolve(attributes, "type", String.class);
if (type != null) {
conf.put("type", type);
}
keystoreParcel.setConfig(conf);
loader = new KeyChainKeyLoader(new KeyStoreKeyChainImpl(keystoreParcel, password.toCharArray()), alias);
keystores.put(ksl, loader);
}
useLoader = loader;
} else {
useLoader = new KeyChainKeyLoader(new KeyStoreKeyChainImpl((KeyStore) keystore, password.toCharArray()), alias);
}
}
if (key instanceof Callable<?>) {
useLoader = (Callable<Key>) key;
} else if (key instanceof Key) {
useLoader = new KeyObjectKeyLoader((Key) key);
}
String useAlgorithm = "hmac-sha256";
Object algorithm = resolve(attributes, "algorithm");
if (algorithm != null) {
useAlgorithm = algorithm.toString();
}
if (useLoader == null) {
if (useAlgorithm.startsWith("rsa")) {
// TODO load private key from object
} else {
String signingAlg = Algorithms.getSecurityAlgorithm(useAlgorithm);
// System.out.println("Generating hmac key "+signingAlg+" with "+new String(DatatypeConverter.parseBase64Binary(key.toString())));
useLoader = new KeyObjectKeyLoader(new SecretKeySpec(DatatypeConverter.parseBase64Binary(key.toString()), signingAlg));
}
}
Object headers = resolve(attributes, "headers");
HttpSignatureSigner signer = new HttpSignatureSigner();
signer.setAlgorithm(useAlgorithm);
signer.setKeyId(keyId.toString());
signer.setKeyLoader(useLoader);
if (headers != null) {
if (!(headers instanceof List)) {
throw new RuntimeException("signature tag requires that 'headers' attribut contains a List, instead found " + headers.getClass().toString());
}
signer.setHeaders((List) headers);
}
bind(body, SIGNATURE_BINDING, Optional.of(signer));
return null;
}
Also used :
URIParcel(com.disney.uriparcel.URIParcel)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
HashMap(java.util.HashMap)
KeyStore(java.security.KeyStore)
URI(java.net.URI)
Callable(java.util.concurrent.Callable)
KeyStoreKeyChainImpl(com.disney.http.auth.keychain.KeyStoreKeyChainImpl)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
KeyChainKeyLoader(com.disney.http.auth.client.keyloader.KeyChainKeyLoader)
HttpSignatureSigner(com.disney.http.auth.client.signer.HttpSignatureSigner)
List(java.util.List)
KeyObjectKeyLoader(com.disney.http.auth.client.keyloader.KeyObjectKeyLoader)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
HashMap(java.util.HashMap)
Map(java.util.Map)
Key(java.security.Key)
Aggregations
KeyChainKeyLoader (com.disney.http.auth.client.keyloader.KeyChainKeyLoader)9
Test (org.junit.Test)6
KeyStoreKeyChainImpl (com.disney.http.auth.keychain.KeyStoreKeyChainImpl)5
URIParcel (com.disney.uriparcel.URIParcel)5
HashMap (java.util.HashMap)5
KeyChain (com.disney.http.auth.keychain.KeyChain)4
File (java.io.File)4
KeyObjectKeyLoader (com.disney.http.auth.client.keyloader.KeyObjectKeyLoader)3
HttpSignatureSigner (com.disney.http.auth.client.signer.HttpSignatureSigner)3
KeyStore (java.security.KeyStore)3
Key (java.security.Key)2
SignatureAuthorization (com.disney.http.auth.SignatureAuthorization)1
ClientAuthorizationRequest (com.disney.http.auth.client.ClientAuthorizationRequest)1
URI (java.net.URI)1
KeyPair (java.security.KeyPair)1
PrivateKey (java.security.PrivateKey)1
PublicKey (java.security.PublicKey)1
Signature (java.security.Signature)1
List (java.util.List)1
Map (java.util.Map)1
