Examples with PublicKeyTrustManager com.fathomdb.crypto.ssl.PublicKeyTrustManager used on opensource projects

Search in sources :

Example 1 with PublicKeyTrustManager

use of com.fathomdb.crypto.ssl.PublicKeyTrustManager in project platformlayer by platformlayer.

the class PlatformLayerAuthAdminClient method build.

public static AuthenticationTokenValidator build(HttpStrategy httpStrategy, Configuration configuration, EncryptionStore encryptionStore) throws OpsException {
    String keystoneServiceUrl = configuration.lookup("auth.system.url", "https://127.0.0.1:" + WellKnownPorts.PORT_PLATFORMLAYER_AUTH_ADMIN + "/");
    String cert = configuration.get("auth.system.tls.clientcert");
    CertificateAndKey certificateAndKey = encryptionStore.getCertificateAndKey(cert);
    HostnameVerifier hostnameVerifier = null;
    KeyManager keyManager = new SimpleClientCertificateKeyManager(certificateAndKey);
    TrustManager trustManager = null;
    String trustKeys = configuration.lookup("auth.system.ssl.keys", null);
    if (trustKeys != null) {
        trustManager = new PublicKeyTrustManager(Splitter.on(',').trimResults().split(trustKeys));
        hostnameVerifier = new AcceptAllHostnameVerifier();
    }
    if (log.isDebugEnabled() && certificateAndKey != null) {
        X509Certificate[] chain = certificateAndKey.getCertificateChain();
        log.debug("Using client cert for PL auth: " + Joiner.on(",").join(chain));
    }
    SslConfiguration sslConfiguration = new SslConfiguration(keyManager, trustManager, hostnameVerifier);
    RestfulClient restfulClient = new JreRestfulClient(httpStrategy, keystoneServiceUrl, sslConfiguration);
    AuthenticationTokenValidator tokenValidator = new PlatformLayerAuthAdminClient(restfulClient);
    tokenValidator = new CachingAuthenticationTokenValidator(tokenValidator);
    return tokenValidator;
}
Also used : SimpleClientCertificateKeyManager(com.fathomdb.crypto.SimpleClientCertificateKeyManager) PublicKeyTrustManager(com.fathomdb.crypto.ssl.PublicKeyTrustManager) AuthenticationTokenValidator(org.platformlayer.auth.AuthenticationTokenValidator) RestfulClient(org.platformlayer.rest.RestfulClient) JreRestfulClient(org.platformlayer.rest.JreRestfulClient) X509Certificate(java.security.cert.X509Certificate) AcceptAllHostnameVerifier(com.fathomdb.crypto.ssl.AcceptAllHostnameVerifier) HostnameVerifier(javax.net.ssl.HostnameVerifier) TrustManager(javax.net.ssl.TrustManager) PublicKeyTrustManager(com.fathomdb.crypto.ssl.PublicKeyTrustManager) AcceptAllHostnameVerifier(com.fathomdb.crypto.ssl.AcceptAllHostnameVerifier) JreRestfulClient(org.platformlayer.rest.JreRestfulClient) SslConfiguration(org.platformlayer.http.SslConfiguration) CertificateAndKey(com.fathomdb.crypto.CertificateAndKey) SimpleClientCertificateKeyManager(com.fathomdb.crypto.SimpleClientCertificateKeyManager) KeyManager(javax.net.ssl.KeyManager)

Example 2 with PublicKeyTrustManager

use of com.fathomdb.crypto.ssl.PublicKeyTrustManager in project platformlayer by platformlayer.

the class MetricClientImpl method buildHttpClient.

private HttpClient buildHttpClient(CertificateAndKey certificateAndKey, List<String> trustKeys) {
    int port = metricBaseUrl.getPort();
    if (port == -1) {
        String scheme = metricBaseUrl.getScheme();
        if (scheme.equals("https")) {
            port = 443;
        } else if (scheme.equals("http")) {
            port = 80;
        } else {
            throw new IllegalArgumentException("Unknown scheme: " + scheme);
        }
    }
    SchemeSocketFactory schemeSocketFactory;
    try {
        KeyManager keyManager = new SimpleClientCertificateKeyManager(certificateAndKey);
        TrustManager trustManager;
        X509HostnameVerifier hostnameVerifier;
        if (trustKeys != null) {
            trustManager = new PublicKeyTrustManager(trustKeys);
            hostnameVerifier = SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
        } else {
            trustManager = null;
            hostnameVerifier = SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
        }
        javax.net.ssl.SSLSocketFactory sslSocketFactory = SslHelpers.buildSslSocketFactory(keyManager, trustManager);
        schemeSocketFactory = new SSLSocketFactory(sslSocketFactory, hostnameVerifier);
    } catch (GeneralSecurityException e) {
        throw new IllegalArgumentException("Error building SSL client", e);
    }
    SchemeRegistry schemeRegistry = new SchemeRegistry();
    schemeRegistry.register(new Scheme("https", port, schemeSocketFactory));
    PoolingClientConnectionManager connectionManager = new PoolingClientConnectionManager(schemeRegistry);
    HttpClient httpClient = new DefaultHttpClient(connectionManager);
    httpClient = new DecompressingHttpClient(httpClient);
    return httpClient;
}
Also used : SimpleClientCertificateKeyManager(com.fathomdb.crypto.SimpleClientCertificateKeyManager) PoolingClientConnectionManager(org.apache.http.impl.conn.PoolingClientConnectionManager) Scheme(org.apache.http.conn.scheme.Scheme) PublicKeyTrustManager(com.fathomdb.crypto.ssl.PublicKeyTrustManager) SchemeSocketFactory(org.apache.http.conn.scheme.SchemeSocketFactory) GeneralSecurityException(java.security.GeneralSecurityException) DecompressingHttpClient(org.apache.http.impl.client.DecompressingHttpClient) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) TrustManager(javax.net.ssl.TrustManager) PublicKeyTrustManager(com.fathomdb.crypto.ssl.PublicKeyTrustManager) X509HostnameVerifier(org.apache.http.conn.ssl.X509HostnameVerifier) SchemeRegistry(org.apache.http.conn.scheme.SchemeRegistry) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) DecompressingHttpClient(org.apache.http.impl.client.DecompressingHttpClient) HttpClient(org.apache.http.client.HttpClient) SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory) SimpleClientCertificateKeyManager(com.fathomdb.crypto.SimpleClientCertificateKeyManager) KeyManager(javax.net.ssl.KeyManager)

Example 3 with PublicKeyTrustManager

use of com.fathomdb.crypto.ssl.PublicKeyTrustManager in project platformlayer by platformlayer.

the class PlatformLayerAuthenticationClientProvider method get.

@Override
public PlatformLayerAuthenticationClient get() {
    String keystoneUserUrl = configuration.lookup("auth.user.url", "https://127.0.0.1:" + PORT_PLATFORMLAYER_AUTH_USER + "/v2.0/");
    HostnameVerifier hostnameVerifier = null;
    KeyManager keyManager = null;
    TrustManager trustManager = null;
    String trustKeys = configuration.lookup("auth.user.ssl.keys", null);
    if (trustKeys != null) {
        trustManager = new PublicKeyTrustManager(Splitter.on(',').trimResults().split(trustKeys));
        hostnameVerifier = new AcceptAllHostnameVerifier();
    }
    SslConfiguration sslConfiguration = new SslConfiguration(keyManager, trustManager, hostnameVerifier);
    RestfulClient restfulClient = new JreRestfulClient(httpStrategy, keystoneUserUrl, sslConfiguration);
    PlatformLayerAuthenticationClient authClient = new PlatformLayerAuthenticationClient(restfulClient);
    return authClient;
}
Also used : PublicKeyTrustManager(com.fathomdb.crypto.ssl.PublicKeyTrustManager) SslConfiguration(org.platformlayer.http.SslConfiguration) JreRestfulClient(org.platformlayer.rest.JreRestfulClient) RestfulClient(org.platformlayer.rest.RestfulClient) KeyManager(javax.net.ssl.KeyManager) AcceptAllHostnameVerifier(com.fathomdb.crypto.ssl.AcceptAllHostnameVerifier) HostnameVerifier(javax.net.ssl.HostnameVerifier) TrustManager(javax.net.ssl.TrustManager) PublicKeyTrustManager(com.fathomdb.crypto.ssl.PublicKeyTrustManager) AcceptAllHostnameVerifier(com.fathomdb.crypto.ssl.AcceptAllHostnameVerifier) JreRestfulClient(org.platformlayer.rest.JreRestfulClient)

Aggregations

PublicKeyTrustManager (com.fathomdb.crypto.ssl.PublicKeyTrustManager)3 KeyManager (javax.net.ssl.KeyManager)3 TrustManager (javax.net.ssl.TrustManager)3 SimpleClientCertificateKeyManager (com.fathomdb.crypto.SimpleClientCertificateKeyManager)2 AcceptAllHostnameVerifier (com.fathomdb.crypto.ssl.AcceptAllHostnameVerifier)2 HostnameVerifier (javax.net.ssl.HostnameVerifier)2 SslConfiguration (org.platformlayer.http.SslConfiguration)2 JreRestfulClient (org.platformlayer.rest.JreRestfulClient)2 RestfulClient (org.platformlayer.rest.RestfulClient)2 CertificateAndKey (com.fathomdb.crypto.CertificateAndKey)1 GeneralSecurityException (java.security.GeneralSecurityException)1 X509Certificate (java.security.cert.X509Certificate)1 HttpClient (org.apache.http.client.HttpClient)1 Scheme (org.apache.http.conn.scheme.Scheme)1 SchemeRegistry (org.apache.http.conn.scheme.SchemeRegistry)1 SchemeSocketFactory (org.apache.http.conn.scheme.SchemeSocketFactory)1 SSLSocketFactory (org.apache.http.conn.ssl.SSLSocketFactory)1 X509HostnameVerifier (org.apache.http.conn.ssl.X509HostnameVerifier)1 DecompressingHttpClient (org.apache.http.impl.client.DecompressingHttpClient)1 DefaultHttpClient (org.apache.http.impl.client.DefaultHttpClient)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial