Example 46 with Certificate
use of java.security.cert.Certificate in project neo4j by neo4j.
the class TestSslCertificateFactory method shouldLoadPEMCertificates.
@Test
public void shouldLoadPEMCertificates() throws Throwable {
// Given
SelfSignedCertificate cert = new SelfSignedCertificate("example.com");
Certificates certs = new Certificates();
File pemCertificate = cert.certificate();
// When
Certificate[] certificates = certs.loadCertificates(pemCertificate);
// Then
assertThat(certificates.length, equalTo(1));
}
Also used :
SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate)
File(java.io.File)
SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate)
Certificate(java.security.cert.Certificate)
Test(org.junit.Test)
Example 47 with Certificate
use of java.security.cert.Certificate in project neo4j by neo4j.
the class TestSslCertificateFactory method shouldCreateASelfSignedCertificate.
@Test
public void shouldCreateASelfSignedCertificate() throws Exception {
// Given
Certificates sslFactory = new Certificates();
File cPath = new File(tmpDir.getRoot(), "certificate");
File pkPath = new File(tmpDir.getRoot(), "key");
// When
sslFactory.createSelfSignedCertificate(cPath, pkPath, "myhost");
// Then
// Attempt to load certificate
Certificate[] certificates = sslFactory.loadCertificates(cPath);
assertThat(certificates.length, is(greaterThan(0)));
// Attempt to load private key
PrivateKey pk = sslFactory.loadPrivateKey(pkPath);
assertThat(pk, notNullValue());
}
Also used :
PrivateKey(java.security.PrivateKey)
File(java.io.File)
SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate)
Certificate(java.security.cert.Certificate)
Test(org.junit.Test)
Example 48 with Certificate
use of java.security.cert.Certificate in project netty by netty.
the class SSLEngineTest method testMutualAuthSameCertChain.
@Test(timeout = 30000)
public void testMutualAuthSameCertChain() throws Exception {
serverSslCtx = SslContextBuilder.forServer(new ByteArrayInputStream(X509_CERT_PEM.getBytes(CharsetUtil.UTF_8)), new ByteArrayInputStream(PRIVATE_KEY_PEM.getBytes(CharsetUtil.UTF_8))).trustManager(new ByteArrayInputStream(X509_CERT_PEM.getBytes(CharsetUtil.UTF_8))).clientAuth(ClientAuth.REQUIRE).sslProvider(sslServerProvider()).build();
sb = new ServerBootstrap();
sb.group(new NioEventLoopGroup(), new NioEventLoopGroup());
sb.channel(NioServerSocketChannel.class);
final Promise<String> promise = sb.config().group().next().newPromise();
serverChannel = sb.childHandler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) throws Exception {
ch.config().setAllocator(new TestByteBufAllocator(ch.config().getAllocator(), type));
ch.pipeline().addFirst(serverSslCtx.newHandler(ch.alloc()));
ch.pipeline().addLast(new ChannelInboundHandlerAdapter() {
@Override
public void userEventTriggered(ChannelHandlerContext ctx, Object evt) throws Exception {
if (evt instanceof SslHandshakeCompletionEvent) {
Throwable cause = ((SslHandshakeCompletionEvent) evt).cause();
if (cause == null) {
SSLSession session = ((SslHandler) ctx.pipeline().first()).engine().getSession();
X509Certificate[] peerCertificateChain = session.getPeerCertificateChain();
Certificate[] peerCertificates = session.getPeerCertificates();
if (peerCertificateChain == null) {
promise.setFailure(new NullPointerException("peerCertificateChain"));
} else if (peerCertificates == null) {
promise.setFailure(new NullPointerException("peerCertificates"));
} else if (peerCertificateChain.length + peerCertificates.length != 4) {
String excTxtFmt = "peerCertificateChain.length:%s, peerCertificates.length:%s";
promise.setFailure(new IllegalStateException(String.format(excTxtFmt, peerCertificateChain.length, peerCertificates.length)));
} else {
for (int i = 0; i < peerCertificateChain.length; i++) {
if (peerCertificateChain[i] == null || peerCertificates[i] == null) {
promise.setFailure(new IllegalStateException("Certificate in chain is null"));
return;
}
}
promise.setSuccess(null);
}
} else {
promise.setFailure(cause);
}
}
}
});
serverConnectedChannel = ch;
}
}).bind(new InetSocketAddress(0)).syncUninterruptibly().channel();
clientSslCtx = SslContextBuilder.forClient().keyManager(new ByteArrayInputStream(CLIENT_X509_CERT_CHAIN_PEM.getBytes(CharsetUtil.UTF_8)), new ByteArrayInputStream(CLIENT_PRIVATE_KEY_PEM.getBytes(CharsetUtil.UTF_8))).trustManager(new ByteArrayInputStream(X509_CERT_PEM.getBytes(CharsetUtil.UTF_8))).sslProvider(sslClientProvider()).build();
cb = new Bootstrap();
cb.group(new NioEventLoopGroup());
cb.channel(NioSocketChannel.class);
clientChannel = cb.handler(new ChannelInitializer<Channel>() {
@Override
protected void initChannel(Channel ch) throws Exception {
ch.config().setAllocator(new TestByteBufAllocator(ch.config().getAllocator(), type));
ch.pipeline().addLast(new SslHandler(clientSslCtx.newEngine(ch.alloc())));
}
}).connect(serverChannel.localAddress()).syncUninterruptibly().channel();
promise.syncUninterruptibly();
}
Also used :
InetSocketAddress(java.net.InetSocketAddress)
ChannelHandlerContext(io.netty.channel.ChannelHandlerContext)
Bootstrap(io.netty.bootstrap.Bootstrap)
ServerBootstrap(io.netty.bootstrap.ServerBootstrap)
NioEventLoopGroup(io.netty.channel.nio.NioEventLoopGroup)
SocketChannel(io.netty.channel.socket.SocketChannel)
NioServerSocketChannel(io.netty.channel.socket.nio.NioServerSocketChannel)
NioSocketChannel(io.netty.channel.socket.nio.NioSocketChannel)
Channel(io.netty.channel.Channel)
SSLSession(javax.net.ssl.SSLSession)
ServerBootstrap(io.netty.bootstrap.ServerBootstrap)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
SSLException(javax.net.ssl.SSLException)
ClosedChannelException(java.nio.channels.ClosedChannelException)
CertificateException(java.security.cert.CertificateException)
ExecutionException(java.util.concurrent.ExecutionException)
X509Certificate(javax.security.cert.X509Certificate)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ChannelInboundHandlerAdapter(io.netty.channel.ChannelInboundHandlerAdapter)
Certificate(java.security.cert.Certificate)
SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate)
X509Certificate(javax.security.cert.X509Certificate)
Test(org.junit.Test)
Example 49 with Certificate
use of java.security.cert.Certificate in project android by owncloud.
the class SsoWebViewClient method getX509CertificateFromError.
/**
* Obtain the X509Certificate from SslError
* @param error SslError
* @return X509Certificate from error
*/
public X509Certificate getX509CertificateFromError(SslError error) {
Bundle bundle = SslCertificate.saveState(error.getCertificate());
X509Certificate x509Certificate;
byte[] bytes = bundle.getByteArray("x509-certificate");
if (bytes == null) {
x509Certificate = null;
} else {
try {
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
Certificate cert = certFactory.generateCertificate(new ByteArrayInputStream(bytes));
x509Certificate = (X509Certificate) cert;
} catch (CertificateException e) {
x509Certificate = null;
}
}
return x509Certificate;
}
Also used :
ByteArrayInputStream(java.io.ByteArrayInputStream)
Bundle(android.os.Bundle)
CertificateException(java.security.cert.CertificateException)
CertificateFactory(java.security.cert.CertificateFactory)
X509Certificate(java.security.cert.X509Certificate)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
SslCertificate(android.net.http.SslCertificate)
Example 50 with Certificate
use of java.security.cert.Certificate in project android by owncloud.
the class SsoWebViewClient method onReceivedSslError.
@Override
public void onReceivedSslError(final WebView view, final SslErrorHandler handler, SslError error) {
Log_OC.e(TAG, "onReceivedSslError : " + error);
// Test 1
X509Certificate x509Certificate = getX509CertificateFromError(error);
boolean isKnownServer = false;
if (x509Certificate != null) {
try {
isKnownServer = NetworkUtils.isCertInKnownServersStore((Certificate) x509Certificate, mContext);
} catch (Exception e) {
Log_OC.e(TAG, "Exception: " + e.getMessage());
}
}
if (isKnownServer) {
handler.proceed();
} else {
((AuthenticatorActivity) mContext).showUntrustedCertDialog(x509Certificate, error, handler);
}
}
Also used :
X509Certificate(java.security.cert.X509Certificate)
CertificateException(java.security.cert.CertificateException)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
SslCertificate(android.net.http.SslCertificate)
Aggregations
Certificate (java.security.cert.Certificate)723
X509Certificate (java.security.cert.X509Certificate)469
CertificateFactory (java.security.cert.CertificateFactory)272
ByteArrayInputStream (java.io.ByteArrayInputStream)237
KeyStore (java.security.KeyStore)133
PrivateKey (java.security.PrivateKey)132
IOException (java.io.IOException)106
CertificateException (java.security.cert.CertificateException)102
KeyFactory (java.security.KeyFactory)89
KeyStoreException (java.security.KeyStoreException)88
PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)72
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)69
PrivateKeyEntry (java.security.KeyStore.PrivateKeyEntry)63
ArrayList (java.util.ArrayList)63
TrustedCertificateEntry (java.security.KeyStore.TrustedCertificateEntry)56
Entry (java.security.KeyStore.Entry)53
PublicKey (java.security.PublicKey)48
InputStream (java.io.InputStream)40
FileInputStream (java.io.FileInputStream)39
Key (java.security.Key)36
