Examples with CRL - java.security.cert.CRL

Example 1 with CRL

use of java.security.cert.CRL in project vert.x by eclipse.

the class SSLHelper method getTrustMgrFactory.

private TrustManagerFactory getTrustMgrFactory(VertxInternal vertx) throws Exception {
    TrustManagerFactory fact;
    if (trustAll) {
        TrustManager[] mgrs = new TrustManager[] { createTrustAllTrustManager() };
        fact = new VertxTrustManagerFactory(mgrs);
    } else if (trustOptions != null) {
        fact = trustOptions.getTrustManagerFactory(vertx);
    } else {
        return null;
    }
    if (crlPaths != null && crlValues != null && (crlPaths.size() > 0 || crlValues.size() > 0)) {
        Stream<Buffer> tmp = crlPaths.stream().map(path -> vertx.resolveFile(path).getAbsolutePath()).map(vertx.fileSystem()::readFileBlocking);
        tmp = Stream.concat(tmp, crlValues.stream());
        CertificateFactory certificatefactory = CertificateFactory.getInstance("X.509");
        ArrayList<CRL> crls = new ArrayList<>();
        for (Buffer crlValue : tmp.collect(Collectors.toList())) {
            crls.addAll(certificatefactory.generateCRLs(new ByteArrayInputStream(crlValue.getBytes())));
        }
        TrustManager[] mgrs = createUntrustRevokedCertTrustManager(fact.getTrustManagers(), crls);
        fact = new VertxTrustManagerFactory(mgrs);
    }
    return fact;
}

Also used : VertxException(io.vertx.core.VertxException) X509Certificate(java.security.cert.X509Certificate) java.util(java.util) CertificateFactory(java.security.cert.CertificateFactory) ByteBufAllocator(io.netty.buffer.ByteBufAllocator) SimpleTrustManagerFactory(io.netty.handler.ssl.util.SimpleTrustManagerFactory) LoggerFactory(io.vertx.core.logging.LoggerFactory) OpenSSLEngineOptions(io.vertx.core.net.OpenSSLEngineOptions) ByteArrayInputStream(java.io.ByteArrayInputStream) HttpVersion(io.vertx.core.http.HttpVersion) KeyCertOptions(io.vertx.core.net.KeyCertOptions) HttpClientOptions(io.vertx.core.http.HttpClientOptions) Logger(io.vertx.core.logging.Logger) CRL(java.security.cert.CRL) JdkSSLEngineOptions(io.vertx.core.net.JdkSSLEngineOptions) TCPSSLOptions(io.vertx.core.net.TCPSSLOptions) SSLEngineOptions(io.vertx.core.net.SSLEngineOptions) VertxInternal(io.vertx.core.impl.VertxInternal) KeyStore(java.security.KeyStore) CertificateException(java.security.cert.CertificateException) io.netty.handler.ssl(io.netty.handler.ssl) Collectors(java.util.stream.Collectors) NetClientOptions(io.vertx.core.net.NetClientOptions) TrustOptions(io.vertx.core.net.TrustOptions) NetServerOptions(io.vertx.core.net.NetServerOptions) Stream(java.util.stream.Stream) Buffer(io.vertx.core.buffer.Buffer) ClientAuth(io.vertx.core.http.ClientAuth) HttpServerOptions(io.vertx.core.http.HttpServerOptions) javax.net.ssl(javax.net.ssl) Buffer(io.vertx.core.buffer.Buffer) ByteArrayInputStream(java.io.ByteArrayInputStream) SimpleTrustManagerFactory(io.netty.handler.ssl.util.SimpleTrustManagerFactory) CRL(java.security.cert.CRL) CertificateFactory(java.security.cert.CertificateFactory)

Example 2 with CRL

use of java.security.cert.CRL in project java-chassis by ServiceComb.

the class KeyStoreUtil method createCRL.

@SuppressWarnings({ "rawtypes", "unchecked" })
public static CRL[] createCRL(String crlfile) {
    InputStream is = null;
    try {
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        is = new FileInputStream(crlfile);
        Collection c = cf.generateCRLs(is);
        CRL[] crls = (CRL[]) c.toArray(new CRL[c.size()]);
        return crls;
    } catch (CertificateException e) {
        throw new IllegalArgumentException("bad cert file.");
    } catch (FileNotFoundException e) {
        throw new IllegalArgumentException("crl file not found.");
    } catch (CRLException e) {
        throw new IllegalArgumentException("bad crl file.");
    } finally {
        if (is != null) {
            try {
                is.close();
            } catch (IOException e) {
                ignore();
            }
        }
    }
}

Also used : FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) FileNotFoundException(java.io.FileNotFoundException) Collection(java.util.Collection) CertificateException(java.security.cert.CertificateException) IOException(java.io.IOException) CRL(java.security.cert.CRL) CertificateFactory(java.security.cert.CertificateFactory) CRLException(java.security.cert.CRLException) FileInputStream(java.io.FileInputStream)

Example 3 with CRL

use of java.security.cert.CRL in project nhin-d by DirectProject.

the class CRLRevocationManager_getCrlFromUriTest method testGetCrlFromUri_nullURI_assertNull.

public void testGetCrlFromUri_nullURI_assertNull() {
    CRL crl = CRLRevocationManager.getInstance().getCrlFromUri(null);
    assertNull(crl);
}

Also used : X509CRL(java.security.cert.X509CRL) CRL(java.security.cert.CRL)

Example 4 with CRL

use of java.security.cert.CRL in project nhin-d by DirectProject.

the class CRLRevocationManager_writeCRLCacheFileTest method testWriteCRLCacheFile_writeToFile_deleteExisting.

public void testWriteCRLCacheFile_writeToFile_deleteExisting() throws Exception {
    CRLRevocationManager.initCRLCacheLocation();
    CRL crlToWrite = TestUtils.loadCRL("certs.crl");
    String distURI = "http://localhost:8080/config";
    // make sure it doesn't exist
    File crlFile = new File(CRLRevocationManager.getCacheFileName(distURI));
    assertFalse(crlFile.exists());
    CRLRevocationManager.getInstance().writeCRLCacheFile(distURI, (X509CRL) crlToWrite);
    // make sure the file exists
    assertTrue(crlFile.exists());
    // mark the date
    long originalFileDate = crlFile.lastModified();
    // sleep 2000 ms to make sure we get a new date
    Thread.sleep(2000);
    // write it again
    CRLRevocationManager.getInstance().writeCRLCacheFile(distURI, (X509CRL) crlToWrite);
    // make sure the file exists
    crlFile = new File(CRLRevocationManager.getCacheFileName(distURI));
    assertTrue(crlFile.exists());
    // mark the date
    long newFileDate = crlFile.lastModified();
    // make sure the dates aren't the same
    assertTrue(originalFileDate != newFileDate);
}

Also used : X509CRL(java.security.cert.X509CRL) CRL(java.security.cert.CRL) File(java.io.File)

Example 5 with CRL

use of java.security.cert.CRL in project nhin-d by DirectProject.

the class TestUtils method loadCRL.

public static CRL loadCRL(String certFileName) throws Exception {
    File fl = new File(crlBasePath + certFileName);
    InputStream str = FileUtils.openInputStream(fl);
    CRL retVal = CertificateFactory.getInstance("X.509").generateCRL(str);
    str.close();
    return retVal;
}

Also used : BufferedInputStream(java.io.BufferedInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) CRL(java.security.cert.CRL) File(java.io.File)

Aggregations

CRL (java.security.cert.CRL)59 CertificateException (java.security.cert.CertificateException)21 X509CRL (java.security.cert.X509CRL)21 CRLException (java.security.cert.CRLException)19 ByteArrayInputStream (java.io.ByteArrayInputStream)14 Certificate (java.security.cert.Certificate)13 File (java.io.File)9 IOException (java.io.IOException)9 X509Certificate (java.security.cert.X509Certificate)9 CertificateFactory (java.security.cert.CertificateFactory)8 ArrayList (java.util.ArrayList)8 DataInputStream (java.io.DataInputStream)6 InputStream (java.io.InputStream)6 CertificateFactorySpi (java.security.cert.CertificateFactorySpi)6 MyCertificateFactorySpi (org.apache.harmony.security.tests.support.cert.MyCertificateFactorySpi)6 FileInputStream (java.io.FileInputStream)5 X509CRLSelector (java.security.cert.X509CRLSelector)4 Collection (java.util.Collection)4 GeneralSecurityException (java.security.GeneralSecurityException)3 List (java.util.List)3