Example 1 with KeyCertificateAlgorithmValuesHolder
use of com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder in project coprhd-controller by CoprHD.
the class KeyCertificatePairGeneratorTest method setup.
@Before
public void setup() throws IOException, URISyntaxException {
ApplicationContextUtil.initContext(System.getProperty("buildType"), ApplicationContextUtil.SECURITY_CONTEXTS);
List<URI> uri = new ArrayList<URI>();
uri.add(URI.create(coordinatorServer));
ZkConnection connection = new ZkConnection();
connection.setServer(uri);
connection.build();
coordinatorClient.setZkConnection(connection);
CoordinatorClientInetAddressMap map = new CoordinatorClientInetAddressMap();
map.setNodeId("standalone");
DualInetAddress localAddress = DualInetAddress.fromAddresses("127.0.0.1", "::1");
map.setDualInetAddress(localAddress);
Map<String, DualInetAddress> controllerNodeIPLookupMap = new HashMap<String, DualInetAddress>();
controllerNodeIPLookupMap.put("localhost", localAddress);
map.setControllerNodeIPLookupMap(controllerNodeIPLookupMap);
coordinatorClient.setInetAddessLookupMap(map);
coordinatorClient.start();
FileInputStream is = new FileInputStream(defaultOvfPropsLocation);
Properties defaultProp = new Properties();
defaultProp.load(is);
is.close();
is = new FileInputStream(ovfPropsLocation);
Properties ovfProps = new Properties();
ovfProps.load(is);
is.close();
CoordinatorClientImpl.setDefaultProperties(defaultProp);
CoordinatorClientImpl.setOvfProperties(ovfProps);
defaultValues = new KeyCertificateAlgorithmValuesHolder(coordinatorClient);
String envVar = System.getenv(LOCALHOST_IP);
if (StringUtils.isNotBlank(envVar)) {
localhostIP = envVar;
}
InetAddress localhost = InetAddress.getByName(localhostIP);
localhostName = localhost.getCanonicalHostName();
}
Also used :
URI(java.net.URI)
ZkConnection(com.emc.storageos.coordinator.common.impl.ZkConnection)
FileInputStream(java.io.FileInputStream)
KeyCertificateAlgorithmValuesHolder(com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder)
CoordinatorClientInetAddressMap(com.emc.storageos.coordinator.client.service.impl.CoordinatorClientInetAddressMap)
InetAddress(java.net.InetAddress)
DualInetAddress(com.emc.storageos.coordinator.client.service.impl.DualInetAddress)
DualInetAddress(com.emc.storageos.coordinator.client.service.impl.DualInetAddress)
Before(org.junit.Before)
Example 2 with KeyCertificateAlgorithmValuesHolder
use of com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder in project coprhd-controller by CoprHD.
the class KeystoreTest method setup.
@Before
public void setup() throws URISyntaxException, IOException {
ApplicationContextUtil.initContext(System.getProperty("buildType"), ApplicationContextUtil.SECURITY_CONTEXTS);
List<URI> uri = new ArrayList<URI>();
uri.add(URI.create(coordinatorServer));
ZkConnection connection = new ZkConnection();
connection.setServer(uri);
connection.build();
coordinatorClient.setZkConnection(connection);
CoordinatorClientInetAddressMap map = new CoordinatorClientInetAddressMap();
map.setNodeId("standalone");
DualInetAddress localAddress = DualInetAddress.fromAddresses("127.0.0.1", "::1");
map.setDualInetAddress(localAddress);
Map<String, DualInetAddress> controllerNodeIPLookupMap = new HashMap<String, DualInetAddress>();
controllerNodeIPLookupMap.put("localhost", localAddress);
map.setControllerNodeIPLookupMap(controllerNodeIPLookupMap);
coordinatorClient.setInetAddessLookupMap(map);
coordinatorClient.start();
FileInputStream is = new FileInputStream(defaultOvfPropsLocation);
Properties defaultProp = new Properties();
defaultProp.load(is);
is.close();
is = new FileInputStream(ovfPropsLocation);
Properties ovfProps = new Properties();
ovfProps.load(is);
is.close();
CoordinatorClientImpl.setDefaultProperties(defaultProp);
CoordinatorClientImpl.setOvfProperties(ovfProps);
loadStoreParam = new DistributedLoadKeyStoreParam();
loadStoreParam.setCoordinator(coordinatorClient);
invalidLoadStoreParam = new LoadStoreParameter() {
@Override
public ProtectionParameter getProtectionParameter() {
return null;
}
};
gen = new KeyCertificatePairGenerator();
KeyCertificateAlgorithmValuesHolder values = new KeyCertificateAlgorithmValuesHolder(coordinatorClient);
gen.setKeyCertificateAlgorithmValuesHolder(values);
}
Also used :
HashMap(java.util.HashMap)
DistributedLoadKeyStoreParam(com.emc.storageos.security.keystore.impl.DistributedLoadKeyStoreParam)
ArrayList(java.util.ArrayList)
Properties(java.util.Properties)
URI(java.net.URI)
ZkConnection(com.emc.storageos.coordinator.common.impl.ZkConnection)
FileInputStream(java.io.FileInputStream)
LoadStoreParameter(java.security.KeyStore.LoadStoreParameter)
KeyCertificateAlgorithmValuesHolder(com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder)
KeyCertificatePairGenerator(com.emc.storageos.security.keystore.impl.KeyCertificatePairGenerator)
CoordinatorClientInetAddressMap(com.emc.storageos.coordinator.client.service.impl.CoordinatorClientInetAddressMap)
DualInetAddress(com.emc.storageos.coordinator.client.service.impl.DualInetAddress)
ProtectionParameter(java.security.KeyStore.ProtectionParameter)
Before(org.junit.Before)
Example 3 with KeyCertificateAlgorithmValuesHolder
use of com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder in project coprhd-controller by CoprHD.
the class ProtocolSocketFactoryTest method setup.
@Before
public void setup() throws Exception {
ApplicationContextUtil.initContext(System.getProperty("buildType"), ApplicationContextUtil.SECURITY_CONTEXTS);
List<URI> uri = new ArrayList<URI>();
uri.add(URI.create(coordinatorServer));
ZkConnection connection = new ZkConnection();
connection.setServer(uri);
connection.build();
coordinatorClient.setZkConnection(connection);
CoordinatorClientInetAddressMap map = new CoordinatorClientInetAddressMap();
map.setNodeId("standalone");
DualInetAddress localAddress = DualInetAddress.fromAddresses("127.0.0.1", "::1");
map.setDualInetAddress(localAddress);
Map<String, DualInetAddress> controllerNodeIPLookupMap = new HashMap<String, DualInetAddress>();
controllerNodeIPLookupMap.put("localhost", localAddress);
map.setControllerNodeIPLookupMap(controllerNodeIPLookupMap);
coordinatorClient.setInetAddessLookupMap(map);
coordinatorClient.start();
FileInputStream is = new FileInputStream(defaultOvfPropsLocation);
Properties defaultProp = new Properties();
defaultProp.load(is);
is.close();
is = new FileInputStream(ovfPropsLocation);
Properties ovfProps = new Properties();
ovfProps.load(is);
is.close();
CoordinatorClientImpl.setDefaultProperties(defaultProp);
CoordinatorClientImpl.setOvfProperties(ovfProps);
ks = KeyStoreUtil.getViPRKeystore(coordinatorClient);
KeyCertificatePairGenerator gen = new KeyCertificatePairGenerator();
gen.setKeyCertificateAlgorithmValuesHolder(new KeyCertificateAlgorithmValuesHolder(coordinatorClient));
entry = gen.generateKeyCertificatePair();
hostName = System.getenv(KeyCertificatePairGeneratorTest.LOCALHOST_IP);
if (StringUtils.isBlank(hostName)) {
hostName = "localhost";
}
webServer = new TestWebServer(entry);
webServer.start();
}
Also used :
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
Properties(java.util.Properties)
URI(java.net.URI)
ZkConnection(com.emc.storageos.coordinator.common.impl.ZkConnection)
FileInputStream(java.io.FileInputStream)
KeyCertificateAlgorithmValuesHolder(com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder)
KeyCertificatePairGenerator(com.emc.storageos.security.keystore.impl.KeyCertificatePairGenerator)
CoordinatorClientInetAddressMap(com.emc.storageos.coordinator.client.service.impl.CoordinatorClientInetAddressMap)
DualInetAddress(com.emc.storageos.coordinator.client.service.impl.DualInetAddress)
Before(org.junit.Before)
Example 4 with KeyCertificateAlgorithmValuesHolder
use of com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder in project coprhd-controller by CoprHD.
the class SSLSocketFactoryTest method setup.
@Before
public void setup() throws Exception {
ApplicationContextUtil.initContext(System.getProperty("buildType"), ApplicationContextUtil.SECURITY_CONTEXTS);
List<URI> uri = new ArrayList<URI>();
uri.add(URI.create(coordinatorServer));
ZkConnection connection = new ZkConnection();
connection.setServer(uri);
connection.build();
coordinatorClient.setZkConnection(connection);
CoordinatorClientInetAddressMap map = new CoordinatorClientInetAddressMap();
map.setNodeId("standalone");
DualInetAddress localAddress = DualInetAddress.fromAddresses("127.0.0.1", "::1");
map.setDualInetAddress(localAddress);
Map<String, DualInetAddress> controllerNodeIPLookupMap = new HashMap<String, DualInetAddress>();
controllerNodeIPLookupMap.put("localhost", localAddress);
map.setControllerNodeIPLookupMap(controllerNodeIPLookupMap);
coordinatorClient.setInetAddessLookupMap(map);
coordinatorClient.start();
FileInputStream is = new FileInputStream(defaultOvfPropsLocation);
Properties defaultProp = new Properties();
defaultProp.load(is);
is.close();
is = new FileInputStream(ovfPropsLocation);
Properties ovfProps = new Properties();
ovfProps.load(is);
is.close();
CoordinatorClientImpl.setDefaultProperties(defaultProp);
CoordinatorClientImpl.setOvfProperties(ovfProps);
ks = KeyStoreUtil.getViPRKeystore(coordinatorClient);
KeyCertificateAlgorithmValuesHolder values = new KeyCertificateAlgorithmValuesHolder(coordinatorClient);
gen = new KeyCertificatePairGenerator();
gen.setKeyCertificateAlgorithmValuesHolder(values);
entry = gen.generateKeyCertificatePair();
hostName = System.getenv(KeyCertificatePairGeneratorTest.LOCALHOST_IP);
if (StringUtils.isBlank(hostName)) {
hostName = "localhost";
}
webServer = new TestWebServer(entry);
webServer.start();
}
Also used :
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
Properties(java.util.Properties)
URI(java.net.URI)
ZkConnection(com.emc.storageos.coordinator.common.impl.ZkConnection)
FileInputStream(java.io.FileInputStream)
KeyCertificateAlgorithmValuesHolder(com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder)
KeyCertificatePairGenerator(com.emc.storageos.security.keystore.impl.KeyCertificatePairGenerator)
CoordinatorClientInetAddressMap(com.emc.storageos.coordinator.client.service.impl.CoordinatorClientInetAddressMap)
DualInetAddress(com.emc.storageos.coordinator.client.service.impl.DualInetAddress)
Before(org.junit.Before)
Example 5 with KeyCertificateAlgorithmValuesHolder
use of com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder in project coprhd-controller by CoprHD.
the class TrustManagerTest method testCheckServerTrusted.
@Test
public void testCheckServerTrusted() throws Exception {
DistributedKeyStore zookeeperKeystore = new DistributedKeyStoreImpl();
zookeeperKeystore.init(loadStoreParam);
zookeeperKeystore.setTrustedCertificates(null);
KeyStoreUtil.setAcceptAllCertificates(zkhHelper, Boolean.FALSE);
ViPRX509TrustManager tm = new ViPRX509TrustManager(coordinatorClient);
KeyCertificatePairGenerator gen = new KeyCertificatePairGenerator();
gen.setKeyCertificateAlgorithmValuesHolder(new KeyCertificateAlgorithmValuesHolder(coordinatorClient));
KeyCertificateEntry entry = gen.generateKeyCertificatePair();
X509Certificate[] chainToVerify = new X509Certificate[] { (X509Certificate) entry.getCertificateChain()[0] };
boolean exceptionThrown = false;
try {
tm.checkServerTrusted(chainToVerify, "RSA_EXPORT");
} catch (CertificateException e) {
exceptionThrown = true;
}
Assert.assertTrue(exceptionThrown);
TrustedCertificateEntry trustedCert = new TrustedCertificateEntry(entry.getCertificateChain()[0], new Date());
zookeeperKeystore.addTrustedCertificate("someAlias", trustedCert);
// creating a new instance since trust manager caches all the certs
tm = new ViPRX509TrustManager(coordinatorClient);
try {
tm.checkServerTrusted(chainToVerify, "RSA_EXPORT");
} catch (CertificateException e) {
Assert.fail();
}
KeyStoreUtil.setAcceptAllCertificates(zkhHelper, Boolean.TRUE);
entry = gen.generateKeyCertificatePair();
chainToVerify = new X509Certificate[] { (X509Certificate) entry.getCertificateChain()[0] };
try {
tm.checkServerTrusted(chainToVerify, "RSA_EXPORT");
} catch (CertificateException e) {
Assert.fail();
}
}
Also used :
KeyCertificateAlgorithmValuesHolder(com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder)
DistributedKeyStoreImpl(com.emc.storageos.security.keystore.impl.DistributedKeyStoreImpl)
KeyCertificatePairGenerator(com.emc.storageos.security.keystore.impl.KeyCertificatePairGenerator)
CertificateException(java.security.cert.CertificateException)
ViPRX509TrustManager(com.emc.storageos.security.ssl.ViPRX509TrustManager)
KeyCertificateEntry(com.emc.storageos.security.keystore.impl.KeyCertificateEntry)
X509Certificate(java.security.cert.X509Certificate)
Date(java.util.Date)
TrustedCertificateEntry(com.emc.storageos.security.keystore.impl.TrustedCertificateEntry)
Test(org.junit.Test)
Aggregations
KeyCertificateAlgorithmValuesHolder (com.emc.storageos.security.keystore.impl.KeyCertificateAlgorithmValuesHolder)6
KeyCertificatePairGenerator (com.emc.storageos.security.keystore.impl.KeyCertificatePairGenerator)5
CoordinatorClientInetAddressMap (com.emc.storageos.coordinator.client.service.impl.CoordinatorClientInetAddressMap)4
DualInetAddress (com.emc.storageos.coordinator.client.service.impl.DualInetAddress)4
ZkConnection (com.emc.storageos.coordinator.common.impl.ZkConnection)4
FileInputStream (java.io.FileInputStream)4
URI (java.net.URI)4
Before (org.junit.Before)4
ArrayList (java.util.ArrayList)3
HashMap (java.util.HashMap)3
Properties (java.util.Properties)3
DistributedKeyStoreImpl (com.emc.storageos.security.keystore.impl.DistributedKeyStoreImpl)1
DistributedLoadKeyStoreParam (com.emc.storageos.security.keystore.impl.DistributedLoadKeyStoreParam)1
KeyCertificateEntry (com.emc.storageos.security.keystore.impl.KeyCertificateEntry)1
TrustedCertificateEntry (com.emc.storageos.security.keystore.impl.TrustedCertificateEntry)1
ViPRX509TrustManager (com.emc.storageos.security.ssl.ViPRX509TrustManager)1
InetAddress (java.net.InetAddress)1
LoadStoreParameter (java.security.KeyStore.LoadStoreParameter)1
ProtectionParameter (java.security.KeyStore.ProtectionParameter)1
CertificateException (java.security.cert.CertificateException)1
