Search in sources :

Example 1 with KeyCertificateAlgorithmValuesHolder

use of com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder in project coprhd-controller by CoprHD.

the class KeyCertificatePairGeneratorTest method setup.

@Before
public void setup() throws IOException, URISyntaxException {
    ApplicationContextUtil.initContext(System.getProperty("buildType"), ApplicationContextUtil.SECURITY_CONTEXTS);
    List<URI> uri = new ArrayList<URI>();
    uri.add(URI.create(coordinatorServer));
    ZkConnection connection = new ZkConnection();
    connection.setServer(uri);
    connection.build();
    coordinatorClient.setZkConnection(connection);
    CoordinatorClientInetAddressMap map = new CoordinatorClientInetAddressMap();
    map.setNodeId("standalone");
    DualInetAddress localAddress = DualInetAddress.fromAddresses("127.0.0.1", "::1");
    map.setDualInetAddress(localAddress);
    Map<String, DualInetAddress> controllerNodeIPLookupMap = new HashMap<String, DualInetAddress>();
    controllerNodeIPLookupMap.put("localhost", localAddress);
    map.setControllerNodeIPLookupMap(controllerNodeIPLookupMap);
    coordinatorClient.setInetAddessLookupMap(map);
    coordinatorClient.start();
    FileInputStream is = new FileInputStream(defaultOvfPropsLocation);
    Properties defaultProp = new Properties();
    defaultProp.load(is);
    is.close();
    is = new FileInputStream(ovfPropsLocation);
    Properties ovfProps = new Properties();
    ovfProps.load(is);
    is.close();
    CoordinatorClientImpl.setDefaultProperties(defaultProp);
    CoordinatorClientImpl.setOvfProperties(ovfProps);
    defaultValues = new KeyCertificateAlgorithmValuesHolder(coordinatorClient);
    String envVar = System.getenv(LOCALHOST_IP);
    if (StringUtils.isNotBlank(envVar)) {
        localhostIP = envVar;
    }
    InetAddress localhost = InetAddress.getByName(localhostIP);
    localhostName = localhost.getCanonicalHostName();
}
Also used : URI(java.net.URI) ZkConnection(com.emc.storageos.coordinator.common.impl.ZkConnection) FileInputStream(java.io.FileInputStream) KeyCertificateAlgorithmValuesHolder(com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder) CoordinatorClientInetAddressMap(com.emc.storageos.coordinator.client.service.impl.CoordinatorClientInetAddressMap) InetAddress(java.net.InetAddress) DualInetAddress(com.emc.storageos.coordinator.client.service.impl.DualInetAddress) DualInetAddress(com.emc.storageos.coordinator.client.service.impl.DualInetAddress) Before(org.junit.Before)

Example 2 with KeyCertificateAlgorithmValuesHolder

use of com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder in project coprhd-controller by CoprHD.

the class KeystoreTest method setup.

@Before
public void setup() throws URISyntaxException, IOException {
    ApplicationContextUtil.initContext(System.getProperty("buildType"), ApplicationContextUtil.SECURITY_CONTEXTS);
    List<URI> uri = new ArrayList<URI>();
    uri.add(URI.create(coordinatorServer));
    ZkConnection connection = new ZkConnection();
    connection.setServer(uri);
    connection.build();
    coordinatorClient.setZkConnection(connection);
    CoordinatorClientInetAddressMap map = new CoordinatorClientInetAddressMap();
    map.setNodeId("standalone");
    DualInetAddress localAddress = DualInetAddress.fromAddresses("127.0.0.1", "::1");
    map.setDualInetAddress(localAddress);
    Map<String, DualInetAddress> controllerNodeIPLookupMap = new HashMap<String, DualInetAddress>();
    controllerNodeIPLookupMap.put("localhost", localAddress);
    map.setControllerNodeIPLookupMap(controllerNodeIPLookupMap);
    coordinatorClient.setInetAddessLookupMap(map);
    coordinatorClient.start();
    FileInputStream is = new FileInputStream(defaultOvfPropsLocation);
    Properties defaultProp = new Properties();
    defaultProp.load(is);
    is.close();
    is = new FileInputStream(ovfPropsLocation);
    Properties ovfProps = new Properties();
    ovfProps.load(is);
    is.close();
    CoordinatorClientImpl.setDefaultProperties(defaultProp);
    CoordinatorClientImpl.setOvfProperties(ovfProps);
    loadStoreParam = new DistributedLoadKeyStoreParam();
    loadStoreParam.setCoordinator(coordinatorClient);
    invalidLoadStoreParam = new LoadStoreParameter() {

        @Override
        public ProtectionParameter getProtectionParameter() {
            return null;
        }
    };
    gen = new KeyCertificatePairGenerator();
    KeyCertificateAlgorithmValuesHolder values = new KeyCertificateAlgorithmValuesHolder(coordinatorClient);
    gen.setKeyCertificateAlgorithmValuesHolder(values);
}
Also used : HashMap(java.util.HashMap) DistributedLoadKeyStoreParam(com.emc.storageos.security.keystore.impl.DistributedLoadKeyStoreParam) ArrayList(java.util.ArrayList) Properties(java.util.Properties) URI(java.net.URI) ZkConnection(com.emc.storageos.coordinator.common.impl.ZkConnection) FileInputStream(java.io.FileInputStream) LoadStoreParameter(java.security.KeyStore.LoadStoreParameter) KeyCertificateAlgorithmValuesHolder(com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder) KeyCertificatePairGenerator(com.emc.storageos.security.keystore.impl.KeyCertificatePairGenerator) CoordinatorClientInetAddressMap(com.emc.storageos.coordinator.client.service.impl.CoordinatorClientInetAddressMap) DualInetAddress(com.emc.storageos.coordinator.client.service.impl.DualInetAddress) ProtectionParameter(java.security.KeyStore.ProtectionParameter) Before(org.junit.Before)

Example 3 with KeyCertificateAlgorithmValuesHolder

use of com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder in project coprhd-controller by CoprHD.

the class ProtocolSocketFactoryTest method setup.

@Before
public void setup() throws Exception {
    ApplicationContextUtil.initContext(System.getProperty("buildType"), ApplicationContextUtil.SECURITY_CONTEXTS);
    List<URI> uri = new ArrayList<URI>();
    uri.add(URI.create(coordinatorServer));
    ZkConnection connection = new ZkConnection();
    connection.setServer(uri);
    connection.build();
    coordinatorClient.setZkConnection(connection);
    CoordinatorClientInetAddressMap map = new CoordinatorClientInetAddressMap();
    map.setNodeId("standalone");
    DualInetAddress localAddress = DualInetAddress.fromAddresses("127.0.0.1", "::1");
    map.setDualInetAddress(localAddress);
    Map<String, DualInetAddress> controllerNodeIPLookupMap = new HashMap<String, DualInetAddress>();
    controllerNodeIPLookupMap.put("localhost", localAddress);
    map.setControllerNodeIPLookupMap(controllerNodeIPLookupMap);
    coordinatorClient.setInetAddessLookupMap(map);
    coordinatorClient.start();
    FileInputStream is = new FileInputStream(defaultOvfPropsLocation);
    Properties defaultProp = new Properties();
    defaultProp.load(is);
    is.close();
    is = new FileInputStream(ovfPropsLocation);
    Properties ovfProps = new Properties();
    ovfProps.load(is);
    is.close();
    CoordinatorClientImpl.setDefaultProperties(defaultProp);
    CoordinatorClientImpl.setOvfProperties(ovfProps);
    ks = KeyStoreUtil.getViPRKeystore(coordinatorClient);
    KeyCertificatePairGenerator gen = new KeyCertificatePairGenerator();
    gen.setKeyCertificateAlgorithmValuesHolder(new KeyCertificateAlgorithmValuesHolder(coordinatorClient));
    entry = gen.generateKeyCertificatePair();
    hostName = System.getenv(KeyCertificatePairGeneratorTest.LOCALHOST_IP);
    if (StringUtils.isBlank(hostName)) {
        hostName = "localhost";
    }
    webServer = new TestWebServer(entry);
    webServer.start();
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) Properties(java.util.Properties) URI(java.net.URI) ZkConnection(com.emc.storageos.coordinator.common.impl.ZkConnection) FileInputStream(java.io.FileInputStream) KeyCertificateAlgorithmValuesHolder(com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder) KeyCertificatePairGenerator(com.emc.storageos.security.keystore.impl.KeyCertificatePairGenerator) CoordinatorClientInetAddressMap(com.emc.storageos.coordinator.client.service.impl.CoordinatorClientInetAddressMap) DualInetAddress(com.emc.storageos.coordinator.client.service.impl.DualInetAddress) Before(org.junit.Before)

Example 4 with KeyCertificateAlgorithmValuesHolder

use of com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder in project coprhd-controller by CoprHD.

the class SSLSocketFactoryTest method setup.

@Before
public void setup() throws Exception {
    ApplicationContextUtil.initContext(System.getProperty("buildType"), ApplicationContextUtil.SECURITY_CONTEXTS);
    List<URI> uri = new ArrayList<URI>();
    uri.add(URI.create(coordinatorServer));
    ZkConnection connection = new ZkConnection();
    connection.setServer(uri);
    connection.build();
    coordinatorClient.setZkConnection(connection);
    CoordinatorClientInetAddressMap map = new CoordinatorClientInetAddressMap();
    map.setNodeId("standalone");
    DualInetAddress localAddress = DualInetAddress.fromAddresses("127.0.0.1", "::1");
    map.setDualInetAddress(localAddress);
    Map<String, DualInetAddress> controllerNodeIPLookupMap = new HashMap<String, DualInetAddress>();
    controllerNodeIPLookupMap.put("localhost", localAddress);
    map.setControllerNodeIPLookupMap(controllerNodeIPLookupMap);
    coordinatorClient.setInetAddessLookupMap(map);
    coordinatorClient.start();
    FileInputStream is = new FileInputStream(defaultOvfPropsLocation);
    Properties defaultProp = new Properties();
    defaultProp.load(is);
    is.close();
    is = new FileInputStream(ovfPropsLocation);
    Properties ovfProps = new Properties();
    ovfProps.load(is);
    is.close();
    CoordinatorClientImpl.setDefaultProperties(defaultProp);
    CoordinatorClientImpl.setOvfProperties(ovfProps);
    ks = KeyStoreUtil.getViPRKeystore(coordinatorClient);
    KeyCertificateAlgorithmValuesHolder values = new KeyCertificateAlgorithmValuesHolder(coordinatorClient);
    gen = new KeyCertificatePairGenerator();
    gen.setKeyCertificateAlgorithmValuesHolder(values);
    entry = gen.generateKeyCertificatePair();
    hostName = System.getenv(KeyCertificatePairGeneratorTest.LOCALHOST_IP);
    if (StringUtils.isBlank(hostName)) {
        hostName = "localhost";
    }
    webServer = new TestWebServer(entry);
    webServer.start();
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) Properties(java.util.Properties) URI(java.net.URI) ZkConnection(com.emc.storageos.coordinator.common.impl.ZkConnection) FileInputStream(java.io.FileInputStream) KeyCertificateAlgorithmValuesHolder(com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder) KeyCertificatePairGenerator(com.emc.storageos.security.keystore.impl.KeyCertificatePairGenerator) CoordinatorClientInetAddressMap(com.emc.storageos.coordinator.client.service.impl.CoordinatorClientInetAddressMap) DualInetAddress(com.emc.storageos.coordinator.client.service.impl.DualInetAddress) Before(org.junit.Before)

Example 5 with KeyCertificateAlgorithmValuesHolder

use of com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder in project coprhd-controller by CoprHD.

the class TrustManagerTest method testCheckServerTrusted.

@Test
public void testCheckServerTrusted() throws Exception {
    DistributedKeyStore zookeeperKeystore = new DistributedKeyStoreImpl();
    zookeeperKeystore.init(loadStoreParam);
    zookeeperKeystore.setTrustedCertificates(null);
    KeyStoreUtil.setAcceptAllCertificates(zkhHelper, Boolean.FALSE);
    ViPRX509TrustManager tm = new ViPRX509TrustManager(coordinatorClient);
    KeyCertificatePairGenerator gen = new KeyCertificatePairGenerator();
    gen.setKeyCertificateAlgorithmValuesHolder(new KeyCertificateAlgorithmValuesHolder(coordinatorClient));
    KeyCertificateEntry entry = gen.generateKeyCertificatePair();
    X509Certificate[] chainToVerify = new X509Certificate[] { (X509Certificate) entry.getCertificateChain()[0] };
    boolean exceptionThrown = false;
    try {
        tm.checkServerTrusted(chainToVerify, "RSA_EXPORT");
    } catch (CertificateException e) {
        exceptionThrown = true;
    }
    Assert.assertTrue(exceptionThrown);
    TrustedCertificateEntry trustedCert = new TrustedCertificateEntry(entry.getCertificateChain()[0], new Date());
    zookeeperKeystore.addTrustedCertificate("someAlias", trustedCert);
    // creating a new instance since trust manager caches all the certs
    tm = new ViPRX509TrustManager(coordinatorClient);
    try {
        tm.checkServerTrusted(chainToVerify, "RSA_EXPORT");
    } catch (CertificateException e) {
        Assert.fail();
    }
    KeyStoreUtil.setAcceptAllCertificates(zkhHelper, Boolean.TRUE);
    entry = gen.generateKeyCertificatePair();
    chainToVerify = new X509Certificate[] { (X509Certificate) entry.getCertificateChain()[0] };
    try {
        tm.checkServerTrusted(chainToVerify, "RSA_EXPORT");
    } catch (CertificateException e) {
        Assert.fail();
    }
}
Also used : KeyCertificateAlgorithmValuesHolder(com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder) DistributedKeyStoreImpl(com.emc.storageos.security.keystore.impl.DistributedKeyStoreImpl) KeyCertificatePairGenerator(com.emc.storageos.security.keystore.impl.KeyCertificatePairGenerator) CertificateException(java.security.cert.CertificateException) ViPRX509TrustManager(com.emc.storageos.security.ssl.ViPRX509TrustManager) KeyCertificateEntry(com.emc.storageos.security.keystore.impl.KeyCertificateEntry) X509Certificate(java.security.cert.X509Certificate) Date(java.util.Date) TrustedCertificateEntry(com.emc.storageos.security.keystore.impl.TrustedCertificateEntry) Test(org.junit.Test)

Aggregations

KeyCertificateAlgorithmValuesHolder (com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder)6 KeyCertificatePairGenerator (com.emc.storageos.security.keystore.impl.KeyCertificatePairGenerator)5 CoordinatorClientInetAddressMap (com.emc.storageos.coordinator.client.service.impl.CoordinatorClientInetAddressMap)4 DualInetAddress (com.emc.storageos.coordinator.client.service.impl.DualInetAddress)4 ZkConnection (com.emc.storageos.coordinator.common.impl.ZkConnection)4 FileInputStream (java.io.FileInputStream)4 URI (java.net.URI)4 Before (org.junit.Before)4 ArrayList (java.util.ArrayList)3 HashMap (java.util.HashMap)3 Properties (java.util.Properties)3 DistributedKeyStoreImpl (com.emc.storageos.security.keystore.impl.DistributedKeyStoreImpl)1 DistributedLoadKeyStoreParam (com.emc.storageos.security.keystore.impl.DistributedLoadKeyStoreParam)1 KeyCertificateEntry (com.emc.storageos.security.keystore.impl.KeyCertificateEntry)1 TrustedCertificateEntry (com.emc.storageos.security.keystore.impl.TrustedCertificateEntry)1 ViPRX509TrustManager (com.emc.storageos.security.ssl.ViPRX509TrustManager)1 InetAddress (java.net.InetAddress)1 LoadStoreParameter (java.security.KeyStore.LoadStoreParameter)1 ProtectionParameter (java.security.KeyStore.ProtectionParameter)1 CertificateException (java.security.cert.CertificateException)1