Example 51 with SecureRandom
use of java.security.SecureRandom in project camel by apache.
the class AbstractJsseParametersTest method createPropertiesPlaceholderAwareContext.
protected CamelContext createPropertiesPlaceholderAwareContext() throws Exception {
Properties supplementalProperties = new Properties();
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
SecureRandom sr = null;
try {
sr = SecureRandom.getInstance("SHA1PRNG");
} catch (NoSuchAlgorithmException e) {
// Ignore
}
SSLContext sslc = SSLContext.getInstance("TLS");
sslc.init(null, null, null);
SSLSocket socket = (SSLSocket) sslc.getSocketFactory().createSocket();
supplementalProperties.setProperty("keyStoreParameters.type", KeyStore.getDefaultType());
supplementalProperties.setProperty("keyStoreParameters.provider", ks.getProvider().getName());
supplementalProperties.setProperty("keyManagersParameters.algorithm", KeyManagerFactory.getDefaultAlgorithm());
supplementalProperties.setProperty("keyManagersParameters.provider", kmf.getProvider().getName());
supplementalProperties.setProperty("trustManagersParameters.algorithm", TrustManagerFactory.getDefaultAlgorithm());
supplementalProperties.setProperty("trustManagersParameters.provider", tmf.getProvider().getName());
if (sr != null) {
supplementalProperties.setProperty("secureRandomParameters.algorithm", "SHA1PRNG");
supplementalProperties.setProperty("secureRandomParameters.provider", sr.getProvider().getName());
}
supplementalProperties.setProperty("sslContextParameters.provider", sslc.getProvider().getName());
supplementalProperties.setProperty("cipherSuite.0", socket.getSupportedCipherSuites()[0]);
// Have to skip this guy because he doesn't work with TLS as the SSLContext protocol
String ssp = "";
for (String protocol : socket.getSupportedProtocols()) {
if (!"SSLv2Hello".equals(protocol)) {
ssp = protocol;
break;
}
}
supplementalProperties.setProperty("secureSocketProtocol.0", ssp);
return this.createPropertiesPlaceholderAwareContext(supplementalProperties);
}
Also used :
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
SSLSocket(javax.net.ssl.SSLSocket)
SecureRandom(java.security.SecureRandom)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
SSLContext(javax.net.ssl.SSLContext)
Properties(java.util.Properties)
KeyStore(java.security.KeyStore)
KeyManagerFactory(javax.net.ssl.KeyManagerFactory)
Example 52 with SecureRandom
use of java.security.SecureRandom in project camel by apache.
the class SecureRandomParametersTest method testCreateSecureRandom.
public void testCreateSecureRandom() throws Exception {
if (this.canTest()) {
SecureRandomParameters srp = new SecureRandomParameters();
srp.setAlgorithm("SHA1PRNG");
SecureRandom sr = srp.createSecureRandom();
assertEquals("SHA1PRNG", sr.getAlgorithm());
String providerName = sr.getProvider().getName();
srp.setProvider(providerName);
sr = srp.createSecureRandom();
assertEquals("SHA1PRNG", sr.getAlgorithm());
assertEquals(providerName, sr.getProvider().getName());
}
}
Also used :
SecureRandom(java.security.SecureRandom)
Example 53 with SecureRandom
use of java.security.SecureRandom in project camel by apache.
the class SSLContextParameters method createSSLContext.
/**
* Creates an {@link SSLContext} based on the related configuration options
* of this instance. Namely, {@link #keyManagers}, {@link #trustManagers}, and
* {@link #secureRandom}, but also respecting the chosen provider and secure
* socket protocol as well.
*
* @param camelContext The camel context
*
* @return a newly configured instance
*
* @throws GeneralSecurityException if there is a problem in this instances
* configuration or that of its nested configuration options
* @throws IOException if there is an error reading a key/trust store
*/
public SSLContext createSSLContext(CamelContext camelContext) throws GeneralSecurityException, IOException {
if (camelContext != null) {
// setup CamelContext before creating SSLContext
setCamelContext(camelContext);
if (keyManagers != null) {
keyManagers.setCamelContext(camelContext);
}
if (trustManagers != null) {
trustManagers.setCamelContext(camelContext);
}
if (secureRandom != null) {
secureRandom.setCamelContext(camelContext);
}
if (clientParameters != null) {
clientParameters.setCamelContext(camelContext);
}
if (serverParameters != null) {
serverParameters.setCamelContext(camelContext);
}
}
LOG.trace("Creating SSLContext from SSLContextParameters [{}].", this);
LOG.info("Available providers: {}.", Security.getProviders());
KeyManager[] keyManagers = this.keyManagers == null ? null : this.keyManagers.createKeyManagers();
TrustManager[] trustManagers = this.trustManagers == null ? null : this.trustManagers.createTrustManagers();
SecureRandom secureRandom = this.secureRandom == null ? null : this.secureRandom.createSecureRandom();
SSLContext context;
if (this.getProvider() == null) {
context = SSLContext.getInstance(this.parsePropertyValue(this.getSecureSocketProtocol()));
} else {
context = SSLContext.getInstance(this.parsePropertyValue(this.getSecureSocketProtocol()), this.parsePropertyValue(this.getProvider()));
}
if (this.getCertAlias() != null && keyManagers != null) {
for (int idx = 0; idx < keyManagers.length; idx++) {
if (keyManagers[idx] instanceof X509KeyManager) {
try {
keyManagers[idx] = new AliasedX509ExtendedKeyManager(this.getCertAlias(), (X509KeyManager) keyManagers[idx]);
} catch (Exception e) {
throw new GeneralSecurityException(e);
}
}
}
}
LOG.debug("SSLContext [{}], initialized from [{}], is using provider [{}], protocol [{}], key managers {}, trust managers {}, and secure random [{}].", new Object[] { context, this, context.getProvider(), context.getProtocol(), keyManagers, trustManagers, secureRandom });
context.init(keyManagers, trustManagers, secureRandom);
this.configureSSLContext(context);
// Decorate the context.
context = new SSLContextDecorator(new SSLContextSpiDecorator(context, this.getSSLEngineConfigurers(context), this.getSSLSocketFactoryConfigurers(context), this.getSSLServerSocketFactoryConfigurers(context)));
return context;
}
Also used :
GeneralSecurityException(java.security.GeneralSecurityException)
SecureRandom(java.security.SecureRandom)
SSLContext(javax.net.ssl.SSLContext)
IOException(java.io.IOException)
GeneralSecurityException(java.security.GeneralSecurityException)
TrustManager(javax.net.ssl.TrustManager)
X509KeyManager(javax.net.ssl.X509KeyManager)
X509KeyManager(javax.net.ssl.X509KeyManager)
KeyManager(javax.net.ssl.KeyManager)
Example 54 with SecureRandom
use of java.security.SecureRandom in project camel by apache.
the class SecureRandomParameters method createSecureRandom.
/**
* Returns a {@code SecureRandom} instance initialized using the configured
* algorithm and provider, if specified.
*
* @return the configured instance
*
* @throws GeneralSecurityException if the algorithm is not implemented by
* any registered provider or if the identified provider does
* not exist.
*/
public SecureRandom createSecureRandom() throws GeneralSecurityException {
LOG.debug("Creating SecureRandom from SecureRandomParameters: {}", this);
SecureRandom secureRandom;
if (this.getProvider() != null) {
secureRandom = SecureRandom.getInstance(this.parsePropertyValue(this.getAlgorithm()), this.parsePropertyValue(this.getProvider()));
} else {
secureRandom = SecureRandom.getInstance(this.parsePropertyValue(this.getAlgorithm()));
}
LOG.debug("SecureRandom [{}] is using provider [{}] and algorithm [{}].", new Object[] { secureRandom, secureRandom.getProvider(), secureRandom.getAlgorithm() });
return secureRandom;
}
Also used :
SecureRandom(java.security.SecureRandom)
Example 55 with SecureRandom
use of java.security.SecureRandom in project camel by apache.
the class PGPKeyAccessDataFormat method marshal.
public void marshal(Exchange exchange, Object graph, OutputStream outputStream) throws Exception {
//NOPMD
List<String> userids = determineEncryptionUserIds(exchange);
List<PGPPublicKey> keys = publicKeyAccessor.getEncryptionKeys(exchange, userids);
if (keys.isEmpty()) {
throw new IllegalArgumentException("Cannot PGP encrypt message. No public encryption key found for the User Ids " + userids + " in the public keyring. Either specify other User IDs or add correct public keys to the keyring.");
}
exchange.getOut().setHeader(NUMBER_OF_ENCRYPTION_KEYS, Integer.valueOf(keys.size()));
InputStream input = ExchangeHelper.convertToMandatoryType(exchange, InputStream.class, graph);
if (armored) {
outputStream = new ArmoredOutputStream(outputStream);
}
PGPEncryptedDataGenerator encGen = new PGPEncryptedDataGenerator(new JcePGPDataEncryptorBuilder(findAlgorithm(exchange)).setWithIntegrityPacket(integrity).setSecureRandom(new SecureRandom()).setProvider(getProvider()));
// several keys can be added
for (PGPPublicKey key : keys) {
encGen.addMethod(new JcePublicKeyKeyEncryptionMethodGenerator(key));
}
OutputStream encOut = encGen.open(outputStream, new byte[BUFFER_SIZE]);
OutputStream comOut;
if (withCompressedDataPacket) {
PGPCompressedDataGenerator comData = new PGPCompressedDataGenerator(findCompressionAlgorithm(exchange));
comOut = new BufferedOutputStream(comData.open(encOut));
} else {
comOut = encOut;
LOG.debug("No Compressed Data packet is added");
}
List<PGPSignatureGenerator> sigGens = createSignatureGenerator(exchange, comOut);
PGPLiteralDataGenerator litData = new PGPLiteralDataGenerator();
String fileName = findFileName(exchange);
OutputStream litOut = litData.open(comOut, PGPLiteralData.BINARY, fileName, new Date(), new byte[BUFFER_SIZE]);
try {
byte[] buffer = new byte[BUFFER_SIZE];
int bytesRead;
while ((bytesRead = input.read(buffer)) != -1) {
litOut.write(buffer, 0, bytesRead);
if (sigGens != null && !sigGens.isEmpty()) {
for (PGPSignatureGenerator sigGen : sigGens) {
// not nested therefore it is the same for all
// can this be improved that we only do it for one sigGen and set the result on the others?
sigGen.update(buffer, 0, bytesRead);
}
}
litOut.flush();
}
} finally {
IOHelper.close(litOut);
if (sigGens != null && !sigGens.isEmpty()) {
// reverse order
for (int i = sigGens.size() - 1; i > -1; i--) {
PGPSignatureGenerator sigGen = sigGens.get(i);
sigGen.generate().encode(comOut);
}
}
IOHelper.close(comOut, encOut, outputStream, input);
}
}
Also used :
PGPSignatureGenerator(org.bouncycastle.openpgp.PGPSignatureGenerator)
InputStream(java.io.InputStream)
BufferedOutputStream(java.io.BufferedOutputStream)
OutputStream(java.io.OutputStream)
ArmoredOutputStream(org.bouncycastle.bcpg.ArmoredOutputStream)
PGPCompressedDataGenerator(org.bouncycastle.openpgp.PGPCompressedDataGenerator)
PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey)
ArmoredOutputStream(org.bouncycastle.bcpg.ArmoredOutputStream)
SecureRandom(java.security.SecureRandom)
PGPLiteralDataGenerator(org.bouncycastle.openpgp.PGPLiteralDataGenerator)
PGPEncryptedDataGenerator(org.bouncycastle.openpgp.PGPEncryptedDataGenerator)
Date(java.util.Date)
JcePublicKeyKeyEncryptionMethodGenerator(org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator)
BufferedOutputStream(java.io.BufferedOutputStream)
JcePGPDataEncryptorBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder)
Aggregations
SecureRandom (java.security.SecureRandom)720
SSLContext (javax.net.ssl.SSLContext)106
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)97
IOException (java.io.IOException)87
Test (org.junit.Test)76
SecretKey (javax.crypto.SecretKey)62
X509Certificate (java.security.cert.X509Certificate)61
KeyGenerator (javax.crypto.KeyGenerator)57
TrustManager (javax.net.ssl.TrustManager)56
X509TrustManager (javax.net.ssl.X509TrustManager)47
Cipher (javax.crypto.Cipher)46
KeyPairGenerator (java.security.KeyPairGenerator)44
BigInteger (java.math.BigInteger)42
CertificateException (java.security.cert.CertificateException)40
InvalidKeyException (java.security.InvalidKeyException)35
KeyPair (java.security.KeyPair)34
KeyStore (java.security.KeyStore)34
SecretKeySpec (javax.crypto.spec.SecretKeySpec)30
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)28
KeyManagementException (java.security.KeyManagementException)28
