Examples with KeyManager javax.net.ssl.KeyManager used on opensource projects

Example 16 with KeyManager

use of javax.net.ssl.KeyManager in project torodb by torodb.

the class MongoClientConfigurationFactory method getMongoClientConfiguration.

public static MongoClientConfiguration getMongoClientConfiguration(AbstractReplication replication) {
    HostAndPort syncSource = HostAndPort.fromString(replication.getSyncSource()).withDefaultPort(27017);
    MongoClientConfiguration.Builder mongoClientConfigurationBuilder = new MongoClientConfiguration.Builder(syncSource);
    Ssl ssl = replication.getSsl();
    mongoClientConfigurationBuilder.setSslEnabled(ssl.getEnabled());
    if (ssl.getEnabled()) {
        try {
            mongoClientConfigurationBuilder.setSslAllowInvalidHostnames(ssl.getAllowInvalidHostnames());
            TrustManager[] tms = getTrustManagers(ssl);
            KeyManager[] kms = getKeyManagers(ssl);
            SSLContext sslContext;
            if (ssl.getFipsMode()) {
                sslContext = SSLContext.getInstance("TLS", "SunPKCS11-NSS");
            } else {
                sslContext = SSLContext.getInstance("TLS");
            }
            sslContext.init(kms, tms, null);
            mongoClientConfigurationBuilder.setSocketFactory(sslContext.getSocketFactory());
        } catch (CertificateException | KeyManagementException | KeyStoreException | UnrecoverableKeyException | NoSuchProviderException | NoSuchAlgorithmException | IOException exception) {
            throw new SystemException(exception);
        }
    }
    Auth auth = replication.getAuth();
    if (auth.getMode().isEnabled()) {
        MongoAuthenticationConfiguration mongoAuthenticationConfiguration = getMongoAuthenticationConfiguration(auth, ssl);
        mongoClientConfigurationBuilder.addAuthenticationConfiguration(mongoAuthenticationConfiguration);
    }
    return mongoClientConfigurationBuilder.build();
}

Example 17 with KeyManager

use of javax.net.ssl.KeyManager in project torodb by torodb.

the class MongoClientConfigurationFactory method getKeyManagers.

public static KeyManager[] getKeyManagers(Ssl ssl) throws NoSuchAlgorithmException, FileNotFoundException, KeyStoreException, IOException, CertificateException, UnrecoverableKeyException {
    KeyManager[] kms = null;
    if (ssl.getKeyStoreFile() != null) {
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        KeyStore ks = getKeyStore(ssl);
        char[] keyPassword = null;
        if (ssl.getKeyPassword() != null) {
            keyPassword = ssl.getKeyPassword().toCharArray();
        }
        kmf.init(ks, keyPassword);
        kms = kmf.getKeyManagers();
    }
    return kms;
}

Example 18 with KeyManager

use of javax.net.ssl.KeyManager in project XobotOS by xamarin.

the class SSLParametersImpl method createDefaultKeyManager.

private static X509KeyManager createDefaultKeyManager() {
    try {
        String algorithm = KeyManagerFactory.getDefaultAlgorithm();
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
        kmf.init(null, null);
        KeyManager[] kms = kmf.getKeyManagers();
        return findX509KeyManager(kms);
    } catch (NoSuchAlgorithmException e) {
        return null;
    } catch (KeyStoreException e) {
        return null;
    } catch (UnrecoverableKeyException e) {
        return null;
    }
}

Example 19 with KeyManager

use of javax.net.ssl.KeyManager in project camel by apache.

the class KeyManagersParametersTest method testPropertyPlaceholders.

public void testPropertyPlaceholders() throws Exception {
    CamelContext context = this.createPropertiesPlaceholderAwareContext();
    KeyStoreParameters ksp = new KeyStoreParameters();
    ksp.setCamelContext(context);
    ksp.setType("{{keyStoreParameters.type}}");
    ksp.setProvider("{{keyStoreParameters.provider}}");
    ksp.setResource("{{keyStoreParameters.resource}}");
    ksp.setPassword("{{keyStoreParamerers.password}}");
    KeyManagersParameters kmp = new KeyManagersParameters();
    kmp.setCamelContext(context);
    kmp.setKeyStore(ksp);
    kmp.setKeyPassword("{{keyManagersParameters.keyPassword}}");
    kmp.setAlgorithm("{{keyManagersParameters.algorithm}}");
    kmp.setProvider("{{keyManagersParameters.provider}}");
    KeyManager[] kms = kmp.createKeyManagers();
    validateKeyManagers(kms);
}

Example 20 with KeyManager

use of javax.net.ssl.KeyManager in project camel by apache.

the class SSLContextParameters method createSSLContext.

/**
     * Creates an {@link SSLContext} based on the related configuration options
     * of this instance. Namely, {@link #keyManagers}, {@link #trustManagers}, and
     * {@link #secureRandom}, but also respecting the chosen provider and secure
     * socket protocol as well.
     *
     * @param camelContext  The camel context
     *
     * @return a newly configured instance
     *
     * @throws GeneralSecurityException if there is a problem in this instances
     *             configuration or that of its nested configuration options
     * @throws IOException if there is an error reading a key/trust store
     */
public SSLContext createSSLContext(CamelContext camelContext) throws GeneralSecurityException, IOException {
    if (camelContext != null) {
        // setup CamelContext before creating SSLContext
        setCamelContext(camelContext);
        if (keyManagers != null) {
            keyManagers.setCamelContext(camelContext);
        }
        if (trustManagers != null) {
            trustManagers.setCamelContext(camelContext);
        }
        if (secureRandom != null) {
            secureRandom.setCamelContext(camelContext);
        }
        if (clientParameters != null) {
            clientParameters.setCamelContext(camelContext);
        }
        if (serverParameters != null) {
            serverParameters.setCamelContext(camelContext);
        }
    }
    LOG.trace("Creating SSLContext from SSLContextParameters [{}].", this);
    LOG.info("Available providers: {}.", Security.getProviders());
    KeyManager[] keyManagers = this.keyManagers == null ? null : this.keyManagers.createKeyManagers();
    TrustManager[] trustManagers = this.trustManagers == null ? null : this.trustManagers.createTrustManagers();
    SecureRandom secureRandom = this.secureRandom == null ? null : this.secureRandom.createSecureRandom();
    SSLContext context;
    if (this.getProvider() == null) {
        context = SSLContext.getInstance(this.parsePropertyValue(this.getSecureSocketProtocol()));
    } else {
        context = SSLContext.getInstance(this.parsePropertyValue(this.getSecureSocketProtocol()), this.parsePropertyValue(this.getProvider()));
    }
    if (this.getCertAlias() != null && keyManagers != null) {
        for (int idx = 0; idx < keyManagers.length; idx++) {
            if (keyManagers[idx] instanceof X509KeyManager) {
                try {
                    keyManagers[idx] = new AliasedX509ExtendedKeyManager(this.getCertAlias(), (X509KeyManager) keyManagers[idx]);
                } catch (Exception e) {
                    throw new GeneralSecurityException(e);
                }
            }
        }
    }
    LOG.debug("SSLContext [{}], initialized from [{}], is using provider [{}], protocol [{}], key managers {}, trust managers {}, and secure random [{}].", new Object[] { context, this, context.getProvider(), context.getProtocol(), keyManagers, trustManagers, secureRandom });
    context.init(keyManagers, trustManagers, secureRandom);
    this.configureSSLContext(context);
    // Decorate the context.
    context = new SSLContextDecorator(new SSLContextSpiDecorator(context, this.getSSLEngineConfigurers(context), this.getSSLSocketFactoryConfigurers(context), this.getSSLServerSocketFactoryConfigurers(context)));
    return context;
}