Examples with LoadedKeyStore - com.helger.security.keystore.LoadedKeyStore

Example 6 with LoadedKeyStore

use of com.helger.security.keystore.LoadedKeyStore in project phoss-smp by phax.

the class PageSecureTasksProblems method _checkDirectoryConfig.

private void _checkDirectoryConfig(@Nonnull final WebPageExecutionContext aWPEC, @Nonnull final HCOL aOL, @Nonnull final OffsetDateTime aNowDT, @Nonnull final OffsetDateTime aNowPlusDT) {
    final ISMPSettings aSMPSettings = SMPMetaManager.getSettings();
    final String sDirectoryName = SMPWebAppConfiguration.getDirectoryName();
    if (aSMPSettings.isDirectoryIntegrationEnabled()) {
        if (StringHelper.hasNoText(aSMPSettings.getDirectoryHostName()))
            aOL.addItem(_createError("An empty " + sDirectoryName + " hostname is provided"), div("A connection to the " + sDirectoryName + " server cannot be establised!"));
        // Check key store
        final LoadedKeyStore aLoadedKeyStore = PDClientConfiguration.loadKeyStore();
        if (aLoadedKeyStore.isFailure()) {
            aOL.addItem(_createError("The " + sDirectoryName + " client key store configuration is invalid."), div(PeppolKeyStoreHelper.getLoadError(aLoadedKeyStore)));
        } else {
            final KeyStore aKeyStore = aLoadedKeyStore.getKeyStore();
            final LoadedKey<KeyStore.PrivateKeyEntry> aLoadedKey = PDClientConfiguration.loadPrivateKey(aKeyStore);
            if (aLoadedKey.isFailure()) {
                aOL.addItem(_createError("The " + sDirectoryName + " client key store could be read, but the private key configuration is invalid."), div(PeppolKeyStoreHelper.getLoadError(aLoadedKey)));
            } else {
                _checkPrivateKey(aWPEC, aOL, aNowDT, aNowPlusDT, aLoadedKey.getKeyEntry());
            }
        }
        // Check trust store
        final LoadedKeyStore aLoadedTrustStore = PDClientConfiguration.loadTrustStore();
        if (aLoadedTrustStore.isFailure()) {
            aOL.addItem(_createError("The " + sDirectoryName + " client trust store configuration is invalid."), div(PeppolKeyStoreHelper.getLoadError(aLoadedTrustStore)));
        } else {
            final KeyStore aTrustStore = aLoadedTrustStore.getKeyStore();
            _iterateTrustStore(aWPEC, aOL, aNowDT, aNowPlusDT, aTrustStore);
        }
    } else {
        // Warn only if Directory is required
        if (aSMPSettings.isDirectoryIntegrationRequired())
            aOL.addItem(_createError("The connection to " + sDirectoryName + " is not enabled."));
    }
}

Also used : ISMPSettings(com.helger.phoss.smp.settings.ISMPSettings) LoadedKeyStore(com.helger.security.keystore.LoadedKeyStore) PDTToString(com.helger.commons.datetime.PDTToString) LoadedKeyStore(com.helger.security.keystore.LoadedKeyStore) KeyStore(java.security.KeyStore)

Example 7 with LoadedKeyStore

use of com.helger.security.keystore.LoadedKeyStore in project peppol-commons by phax.

the class MainCreateTrustStoresSMP method main.

public static void main(final String[] args) throws Exception {
    for (final String sType : new String[] { "pilot", "prod" }) {
        final KeyStore aSMPTrustStore = EKeyStoreType.JKS.getKeyStore();
        // null stream means: create new key store
        aSMPTrustStore.load(null, null);
        for (final String sTS : new String[] { "directory", "sml", "2018/" + sType }) {
            final LoadedKeyStore aLKS = KeyStoreHelper.loadKeyStore(EKeyStoreType.JKS, "truststore/" + sTS + "-truststore.jks", PeppolKeyStoreHelper.TRUSTSTORE_PASSWORD);
            final Enumeration<String> aAliases = aLKS.getKeyStore().aliases();
            while (aAliases.hasMoreElements()) {
                final String sAlias = aAliases.nextElement();
                // No key password
                aSMPTrustStore.setEntry(sAlias, aLKS.getKeyStore().getEntry(sAlias, null), null);
            }
        }
        final File fDest = new File("src/main/resources/truststore/2018/smp-" + sType + "-truststore.jks");
        try (final OutputStream aFOS = new FileOutputStream(fDest)) {
            aSMPTrustStore.store(aFOS, PeppolKeyStoreHelper.TRUSTSTORE_PASSWORD.toCharArray());
        }
        LOGGER.info("Wrote " + fDest.getPath());
    }
}

Also used : LoadedKeyStore(com.helger.security.keystore.LoadedKeyStore) OutputStream(java.io.OutputStream) FileOutputStream(java.io.FileOutputStream) FileOutputStream(java.io.FileOutputStream) LoadedKeyStore(com.helger.security.keystore.LoadedKeyStore) KeyStore(java.security.KeyStore) File(java.io.File)

Aggregations

LoadedKeyStore (com.helger.security.keystore.LoadedKeyStore)7 KeyStore (java.security.KeyStore)4 InitializationException (com.helger.commons.exception.InitializationException)2 LoadedKey (com.helger.security.keystore.LoadedKey)2 File (java.io.File)2 FileOutputStream (java.io.FileOutputStream)2 OutputStream (java.io.OutputStream)2 GeneralSecurityException (java.security.GeneralSecurityException)2 PDTToString (com.helger.commons.datetime.PDTToString)1 HCOL (com.helger.html.hc.html.grouping.HCOL)1 HCNodeList (com.helger.html.hc.impl.HCNodeList)1 PrivateKeyStrategyFromAliasCaseInsensitive (com.helger.httpclient.security.PrivateKeyStrategyFromAliasCaseInsensitive)1 TrustStrategyTrustAll (com.helger.httpclient.security.TrustStrategyTrustAll)1 SMPKeyManager (com.helger.phoss.smp.security.SMPKeyManager)1 SMPTrustManager (com.helger.phoss.smp.security.SMPTrustManager)1 ISMPSettings (com.helger.phoss.smp.settings.ISMPSettings)1 BootstrapButton (com.helger.photon.bootstrap4.button.BootstrapButton)1 BootstrapButtonToolbar (com.helger.photon.bootstrap4.buttongroup.BootstrapButtonToolbar)1 BootstrapTabBox (com.helger.photon.bootstrap4.nav.BootstrapTabBox)1 BootstrapTable (com.helger.photon.bootstrap4.table.BootstrapTable)1