use of java.security.KeyStore in project qi4j-sdk by Qi4j.
the class AbstractSecureJettyTest method beforeSecureClass.
@BeforeClass
public static void beforeSecureClass() throws IOException, GeneralSecurityException {
defaultHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
defaultSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
public boolean verify(String string, SSLSession ssls) {
return true;
}
});
KeyStore truststore = KeyStore.getInstance("JCEKS");
truststore.load(new FileInputStream(TRUSTSTORE_FILE), KS_PASSWORD.toCharArray());
SSLContext sslCtx = SSLContext.getInstance("TLS");
TrustManagerFactory caTrustManagerFactory = TrustManagerFactory.getInstance(getX509Algorithm());
caTrustManagerFactory.init(truststore);
sslCtx.init(null, caTrustManagerFactory.getTrustManagers(), null);
HttpsURLConnection.setDefaultSSLSocketFactory(sslCtx.getSocketFactory());
}
use of java.security.KeyStore in project ribbon by Netflix.
the class MockHttpServer method before.
public void before(final Description description) throws Exception {
this.service = Executors.newFixedThreadPool(threadCount, new ThreadFactoryBuilder().setDaemon(true).setNameFormat("TestHttpServer-%d").build());
InetSocketAddress inetSocketAddress = new InetSocketAddress("localhost", 0);
if (hasSsl) {
byte[] sampleTruststore1 = Base64.decode(TEST_TS1);
byte[] sampleKeystore1 = Base64.decode(TEST_KS1);
keystore = File.createTempFile("SecureAcceptAllGetTest", ".keystore");
truststore = File.createTempFile("SecureAcceptAllGetTest", ".truststore");
FileOutputStream keystoreFileOut = new FileOutputStream(keystore);
try {
keystoreFileOut.write(sampleKeystore1);
} finally {
keystoreFileOut.close();
}
FileOutputStream truststoreFileOut = new FileOutputStream(truststore);
try {
truststoreFileOut.write(sampleTruststore1);
} finally {
truststoreFileOut.close();
}
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(keystore), PASSWORD.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, PASSWORD.toCharArray());
KeyStore ts = KeyStore.getInstance("JKS");
ts.load(new FileInputStream(truststore), PASSWORD.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ts);
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
HttpsServer secureServer = HttpsServer.create(inetSocketAddress, 0);
secureServer.setHttpsConfigurator(new HttpsConfigurator(sc) {
public void configure(HttpsParameters params) {
SSLContext c = getSSLContext();
SSLParameters sslparams = c.getDefaultSSLParameters();
params.setSSLParameters(sslparams);
}
});
server = secureServer;
} else {
server = HttpServer.create(inetSocketAddress, 0);
}
server.setExecutor(service);
for (Entry<String, HttpHandler> handler : handlers.entrySet()) {
server.createContext(handler.getKey(), handler.getValue());
}
server.start();
localHttpServerPort = server.getAddress().getPort();
System.out.println(description.getClassName() + " TestServer is started: " + getServerUrl());
}
use of java.security.KeyStore in project ribbon by Netflix.
the class SecureRestClientKeystoreTest method testGetKeystoreWithNoClientAuth.
@Test
public void testGetKeystoreWithNoClientAuth() throws Exception {
// jks format
byte[] dummyTruststore = Base64.decode(SecureGetTest.TEST_TS1);
byte[] dummyKeystore = Base64.decode(SecureGetTest.TEST_KS1);
File tempKeystore = File.createTempFile(this.getClass().getName(), ".keystore");
File tempTruststore = File.createTempFile(this.getClass().getName(), ".truststore");
FileOutputStream keystoreFileOut = new FileOutputStream(tempKeystore);
try {
keystoreFileOut.write(dummyKeystore);
} finally {
keystoreFileOut.close();
}
FileOutputStream truststoreFileOut = new FileOutputStream(tempTruststore);
try {
truststoreFileOut.write(dummyTruststore);
} finally {
truststoreFileOut.close();
}
AbstractConfiguration cm = ConfigurationManager.getConfigInstance();
String name = this.getClass().getName() + ".test2";
String configPrefix = name + "." + "ribbon";
cm.setProperty(configPrefix + "." + CommonClientConfigKey.IsSecure, "true");
cm.setProperty(configPrefix + "." + CommonClientConfigKey.KeyStore, tempKeystore.getAbsolutePath());
cm.setProperty(configPrefix + "." + CommonClientConfigKey.KeyStorePassword, "changeit");
RestClient client = (RestClient) ClientFactory.getNamedClient(name);
KeyStore keyStore = client.getKeyStore();
Certificate cert = keyStore.getCertificate("ribbon_key");
assertNotNull(cert);
}
use of java.security.KeyStore in project OpenAttestation by OpenAttestation.
the class Pkcs12 method getRsaCredentialX509.
public RsaCredentialX509 getRsaCredentialX509(String keyAlias, String keyPassword) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException, FileNotFoundException, CertificateEncodingException {
// load the key pair
//NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException
KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry) keystore.getEntry(keyAlias, new KeyStore.PasswordProtection(keyPassword.toCharArray()));
if (pkEntry != null) {
PrivateKey myPrivateKey = pkEntry.getPrivateKey();
Certificate myCertificate = pkEntry.getCertificate();
if (myCertificate instanceof X509Certificate) {
//CertificateEncodingException, NoSuchAlgorithmException
return new RsaCredentialX509(myPrivateKey, (X509Certificate) myCertificate);
}
throw new IllegalArgumentException("Key has a certificate that is not X509: " + myCertificate.getType());
//PublicKey myPublicKey = pkEntry.getCertificate().getPublicKey();
//return new RsaCredential(myPrivateKey, myPublicKey);
}
// key pair not found
throw new FileNotFoundException("Keystore does not contain the specified key");
}
use of java.security.KeyStore in project OpenAttestation by OpenAttestation.
the class SslUtil method createTrustedSslKeystore.
// just a convenience function for importing an array of certs into a java keystore
public static KeyStore createTrustedSslKeystore(X509Certificate[] certificates) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableEntryException {
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(null, null);
for (int i = 0; i < certificates.length; i++) {
X509Certificate cert = certificates[i];
ks.setCertificateEntry("cert" + i, cert);
}
return ks;
}
Aggregations