Search in sources :

Example 26 with KeyStore

use of java.security.KeyStore in project qi4j-sdk by Qi4j.

the class AbstractSecureJettyTest method beforeSecureClass.

@BeforeClass
public static void beforeSecureClass() throws IOException, GeneralSecurityException {
    defaultHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
    defaultSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
    HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {

        public boolean verify(String string, SSLSession ssls) {
            return true;
        }
    });
    KeyStore truststore = KeyStore.getInstance("JCEKS");
    truststore.load(new FileInputStream(TRUSTSTORE_FILE), KS_PASSWORD.toCharArray());
    SSLContext sslCtx = SSLContext.getInstance("TLS");
    TrustManagerFactory caTrustManagerFactory = TrustManagerFactory.getInstance(getX509Algorithm());
    caTrustManagerFactory.init(truststore);
    sslCtx.init(null, caTrustManagerFactory.getTrustManagers(), null);
    HttpsURLConnection.setDefaultSSLSocketFactory(sslCtx.getSocketFactory());
}
Also used : TrustManagerFactory(javax.net.ssl.TrustManagerFactory) SSLSession(javax.net.ssl.SSLSession) SSLContext(javax.net.ssl.SSLContext) KeyStore(java.security.KeyStore) FileInputStream(java.io.FileInputStream) AllowAllHostnameVerifier(org.apache.http.conn.ssl.AllowAllHostnameVerifier) HostnameVerifier(javax.net.ssl.HostnameVerifier) BeforeClass(org.junit.BeforeClass)

Example 27 with KeyStore

use of java.security.KeyStore in project ribbon by Netflix.

the class MockHttpServer method before.

public void before(final Description description) throws Exception {
    this.service = Executors.newFixedThreadPool(threadCount, new ThreadFactoryBuilder().setDaemon(true).setNameFormat("TestHttpServer-%d").build());
    InetSocketAddress inetSocketAddress = new InetSocketAddress("localhost", 0);
    if (hasSsl) {
        byte[] sampleTruststore1 = Base64.decode(TEST_TS1);
        byte[] sampleKeystore1 = Base64.decode(TEST_KS1);
        keystore = File.createTempFile("SecureAcceptAllGetTest", ".keystore");
        truststore = File.createTempFile("SecureAcceptAllGetTest", ".truststore");
        FileOutputStream keystoreFileOut = new FileOutputStream(keystore);
        try {
            keystoreFileOut.write(sampleKeystore1);
        } finally {
            keystoreFileOut.close();
        }
        FileOutputStream truststoreFileOut = new FileOutputStream(truststore);
        try {
            truststoreFileOut.write(sampleTruststore1);
        } finally {
            truststoreFileOut.close();
        }
        KeyStore ks = KeyStore.getInstance("JKS");
        ks.load(new FileInputStream(keystore), PASSWORD.toCharArray());
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        kmf.init(ks, PASSWORD.toCharArray());
        KeyStore ts = KeyStore.getInstance("JKS");
        ts.load(new FileInputStream(truststore), PASSWORD.toCharArray());
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        tmf.init(ts);
        SSLContext sc = SSLContext.getInstance("TLS");
        sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
        HttpsServer secureServer = HttpsServer.create(inetSocketAddress, 0);
        secureServer.setHttpsConfigurator(new HttpsConfigurator(sc) {

            public void configure(HttpsParameters params) {
                SSLContext c = getSSLContext();
                SSLParameters sslparams = c.getDefaultSSLParameters();
                params.setSSLParameters(sslparams);
            }
        });
        server = secureServer;
    } else {
        server = HttpServer.create(inetSocketAddress, 0);
    }
    server.setExecutor(service);
    for (Entry<String, HttpHandler> handler : handlers.entrySet()) {
        server.createContext(handler.getKey(), handler.getValue());
    }
    server.start();
    localHttpServerPort = server.getAddress().getPort();
    System.out.println(description.getClassName() + " TestServer is started: " + getServerUrl());
}
Also used : HttpHandler(com.sun.net.httpserver.HttpHandler) HttpsConfigurator(com.sun.net.httpserver.HttpsConfigurator) InetSocketAddress(java.net.InetSocketAddress) HttpsParameters(com.sun.net.httpserver.HttpsParameters) SSLContext(javax.net.ssl.SSLContext) KeyStore(java.security.KeyStore) FileInputStream(java.io.FileInputStream) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) SSLParameters(javax.net.ssl.SSLParameters) FileOutputStream(java.io.FileOutputStream) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) ThreadFactoryBuilder(com.google.common.util.concurrent.ThreadFactoryBuilder) HttpsServer(com.sun.net.httpserver.HttpsServer)

Example 28 with KeyStore

use of java.security.KeyStore in project ribbon by Netflix.

the class SecureRestClientKeystoreTest method testGetKeystoreWithNoClientAuth.

@Test
public void testGetKeystoreWithNoClientAuth() throws Exception {
    // jks format
    byte[] dummyTruststore = Base64.decode(SecureGetTest.TEST_TS1);
    byte[] dummyKeystore = Base64.decode(SecureGetTest.TEST_KS1);
    File tempKeystore = File.createTempFile(this.getClass().getName(), ".keystore");
    File tempTruststore = File.createTempFile(this.getClass().getName(), ".truststore");
    FileOutputStream keystoreFileOut = new FileOutputStream(tempKeystore);
    try {
        keystoreFileOut.write(dummyKeystore);
    } finally {
        keystoreFileOut.close();
    }
    FileOutputStream truststoreFileOut = new FileOutputStream(tempTruststore);
    try {
        truststoreFileOut.write(dummyTruststore);
    } finally {
        truststoreFileOut.close();
    }
    AbstractConfiguration cm = ConfigurationManager.getConfigInstance();
    String name = this.getClass().getName() + ".test2";
    String configPrefix = name + "." + "ribbon";
    cm.setProperty(configPrefix + "." + CommonClientConfigKey.IsSecure, "true");
    cm.setProperty(configPrefix + "." + CommonClientConfigKey.KeyStore, tempKeystore.getAbsolutePath());
    cm.setProperty(configPrefix + "." + CommonClientConfigKey.KeyStorePassword, "changeit");
    RestClient client = (RestClient) ClientFactory.getNamedClient(name);
    KeyStore keyStore = client.getKeyStore();
    Certificate cert = keyStore.getCertificate("ribbon_key");
    assertNotNull(cert);
}
Also used : AbstractConfiguration(org.apache.commons.configuration.AbstractConfiguration) FileOutputStream(java.io.FileOutputStream) File(java.io.File) KeyStore(java.security.KeyStore) Certificate(java.security.cert.Certificate) Test(org.junit.Test)

Example 29 with KeyStore

use of java.security.KeyStore in project OpenAttestation by OpenAttestation.

the class Pkcs12 method getRsaCredentialX509.

public RsaCredentialX509 getRsaCredentialX509(String keyAlias, String keyPassword) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException, FileNotFoundException, CertificateEncodingException {
    // load the key pair
    //NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException
    KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry) keystore.getEntry(keyAlias, new KeyStore.PasswordProtection(keyPassword.toCharArray()));
    if (pkEntry != null) {
        PrivateKey myPrivateKey = pkEntry.getPrivateKey();
        Certificate myCertificate = pkEntry.getCertificate();
        if (myCertificate instanceof X509Certificate) {
            //CertificateEncodingException, NoSuchAlgorithmException
            return new RsaCredentialX509(myPrivateKey, (X509Certificate) myCertificate);
        }
        throw new IllegalArgumentException("Key has a certificate that is not X509: " + myCertificate.getType());
    //PublicKey myPublicKey = pkEntry.getCertificate().getPublicKey();
    //return new RsaCredential(myPrivateKey, myPublicKey);
    }
    // key pair not found
    throw new FileNotFoundException("Keystore does not contain the specified key");
}
Also used : PrivateKey(java.security.PrivateKey) FileNotFoundException(java.io.FileNotFoundException) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 30 with KeyStore

use of java.security.KeyStore in project OpenAttestation by OpenAttestation.

the class SslUtil method createTrustedSslKeystore.

// just a convenience function for importing an array of certs into a java keystore
public static KeyStore createTrustedSslKeystore(X509Certificate[] certificates) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableEntryException {
    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
    ks.load(null, null);
    for (int i = 0; i < certificates.length; i++) {
        X509Certificate cert = certificates[i];
        ks.setCertificateEntry("cert" + i, cert);
    }
    return ks;
}
Also used : KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate)

Aggregations

KeyStore (java.security.KeyStore)738 IOException (java.io.IOException)190 X509Certificate (java.security.cert.X509Certificate)189 FileInputStream (java.io.FileInputStream)163 KeyStoreException (java.security.KeyStoreException)151 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)138 InputStream (java.io.InputStream)125 Certificate (java.security.cert.Certificate)124 TrustManagerFactory (javax.net.ssl.TrustManagerFactory)119 KeyManagerFactory (javax.net.ssl.KeyManagerFactory)114 SSLContext (javax.net.ssl.SSLContext)112 PrivateKey (java.security.PrivateKey)94 CertificateException (java.security.cert.CertificateException)94 File (java.io.File)82 ByteArrayInputStream (java.io.ByteArrayInputStream)75 CertificateFactory (java.security.cert.CertificateFactory)75 Key (java.security.Key)61 UnrecoverableKeyException (java.security.UnrecoverableKeyException)55 TrustManager (javax.net.ssl.TrustManager)47 KeyManagementException (java.security.KeyManagementException)40