Example 61 with SSLContext
use of javax.net.ssl.SSLContext in project camel by apache.
the class SSLContextParametersTest method testPropertyPlaceholders.
public void testPropertyPlaceholders() throws Exception {
CamelContext camelContext = this.createPropertiesPlaceholderAwareContext();
KeyStoreParameters ksp = new KeyStoreParameters();
ksp.setCamelContext(camelContext);
ksp.setType("{{keyStoreParameters.type}}");
ksp.setProvider("{{keyStoreParameters.provider}}");
ksp.setResource("{{keyStoreParameters.resource}}");
ksp.setPassword("{{keyStoreParamerers.password}}");
KeyManagersParameters kmp = new KeyManagersParameters();
kmp.setCamelContext(camelContext);
kmp.setKeyStore(ksp);
kmp.setKeyPassword("{{keyManagersParameters.keyPassword}}");
kmp.setAlgorithm("{{keyManagersParameters.algorithm}}");
kmp.setProvider("{{keyManagersParameters.provider}}");
TrustManagersParameters tmp = new TrustManagersParameters();
tmp.setCamelContext(camelContext);
tmp.setKeyStore(ksp);
tmp.setAlgorithm("{{trustManagersParameters.algorithm}}");
tmp.setProvider("{{trustManagersParameters.provider}}");
CipherSuitesParameters csp = new CipherSuitesParameters();
csp.setCipherSuite(Collections.singletonList("{{cipherSuite.0}}"));
SecureSocketProtocolsParameters sspp = new SecureSocketProtocolsParameters();
sspp.setSecureSocketProtocol(Collections.singletonList("{{secureSocketProtocol.0}}"));
SSLContextServerParameters scsp = new SSLContextServerParameters();
scsp.setCamelContext(camelContext);
scsp.setClientAuthentication("{{sslContextServerParameters.clientAuthentication}}");
SSLContextParameters scp = new SSLContextParameters();
scp.setCamelContext(camelContext);
scp.setKeyManagers(kmp);
scp.setTrustManagers(tmp);
scp.setServerParameters(scsp);
scp.setProvider("{{sslContextParameters.provider}}");
scp.setSecureSocketProtocol("{{sslContextParameters.protocol}}");
scp.setSessionTimeout("{{sslContextParameters.sessionTimeout}}");
scp.setCipherSuites(csp);
scp.setSecureSocketProtocols(sspp);
SSLContext context = scp.createSSLContext();
SSLServerSocket serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
assertTrue(serverSocket.getNeedClientAuth());
context.getSocketFactory().createSocket();
context.createSSLEngine();
}
Also used :
CamelContext(org.apache.camel.CamelContext)
SSLContext(javax.net.ssl.SSLContext)
SSLServerSocket(javax.net.ssl.SSLServerSocket)
Example 62 with SSLContext
use of javax.net.ssl.SSLContext in project camel by apache.
the class SSLContextParameters method createSSLContext.
/**
* Creates an {@link SSLContext} based on the related configuration options
* of this instance. Namely, {@link #keyManagers}, {@link #trustManagers}, and
* {@link #secureRandom}, but also respecting the chosen provider and secure
* socket protocol as well.
*
* @param camelContext The camel context
*
* @return a newly configured instance
*
* @throws GeneralSecurityException if there is a problem in this instances
* configuration or that of its nested configuration options
* @throws IOException if there is an error reading a key/trust store
*/
public SSLContext createSSLContext(CamelContext camelContext) throws GeneralSecurityException, IOException {
if (camelContext != null) {
// setup CamelContext before creating SSLContext
setCamelContext(camelContext);
if (keyManagers != null) {
keyManagers.setCamelContext(camelContext);
}
if (trustManagers != null) {
trustManagers.setCamelContext(camelContext);
}
if (secureRandom != null) {
secureRandom.setCamelContext(camelContext);
}
if (clientParameters != null) {
clientParameters.setCamelContext(camelContext);
}
if (serverParameters != null) {
serverParameters.setCamelContext(camelContext);
}
}
LOG.trace("Creating SSLContext from SSLContextParameters [{}].", this);
LOG.info("Available providers: {}.", Security.getProviders());
KeyManager[] keyManagers = this.keyManagers == null ? null : this.keyManagers.createKeyManagers();
TrustManager[] trustManagers = this.trustManagers == null ? null : this.trustManagers.createTrustManagers();
SecureRandom secureRandom = this.secureRandom == null ? null : this.secureRandom.createSecureRandom();
SSLContext context;
if (this.getProvider() == null) {
context = SSLContext.getInstance(this.parsePropertyValue(this.getSecureSocketProtocol()));
} else {
context = SSLContext.getInstance(this.parsePropertyValue(this.getSecureSocketProtocol()), this.parsePropertyValue(this.getProvider()));
}
if (this.getCertAlias() != null && keyManagers != null) {
for (int idx = 0; idx < keyManagers.length; idx++) {
if (keyManagers[idx] instanceof X509KeyManager) {
try {
keyManagers[idx] = new AliasedX509ExtendedKeyManager(this.getCertAlias(), (X509KeyManager) keyManagers[idx]);
} catch (Exception e) {
throw new GeneralSecurityException(e);
}
}
}
}
LOG.debug("SSLContext [{}], initialized from [{}], is using provider [{}], protocol [{}], key managers {}, trust managers {}, and secure random [{}].", new Object[] { context, this, context.getProvider(), context.getProtocol(), keyManagers, trustManagers, secureRandom });
context.init(keyManagers, trustManagers, secureRandom);
this.configureSSLContext(context);
// Decorate the context.
context = new SSLContextDecorator(new SSLContextSpiDecorator(context, this.getSSLEngineConfigurers(context), this.getSSLSocketFactoryConfigurers(context), this.getSSLServerSocketFactoryConfigurers(context)));
return context;
}
Also used :
GeneralSecurityException(java.security.GeneralSecurityException)
SecureRandom(java.security.SecureRandom)
SSLContext(javax.net.ssl.SSLContext)
IOException(java.io.IOException)
GeneralSecurityException(java.security.GeneralSecurityException)
TrustManager(javax.net.ssl.TrustManager)
X509KeyManager(javax.net.ssl.X509KeyManager)
X509KeyManager(javax.net.ssl.X509KeyManager)
KeyManager(javax.net.ssl.KeyManager)
Example 63 with SSLContext
use of javax.net.ssl.SSLContext in project robovm by robovm.
the class URLConnectionTest method testHttpsWithCustomTrustManager.
public void testHttpsWithCustomTrustManager() throws Exception {
RecordingHostnameVerifier hostnameVerifier = new RecordingHostnameVerifier();
RecordingTrustManager trustManager = new RecordingTrustManager();
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, new TrustManager[] { trustManager }, new java.security.SecureRandom());
HostnameVerifier defaultHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
SSLSocketFactory defaultSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
try {
TestSSLContext testSSLContext = TestSSLContext.create();
server.useHttps(testSSLContext.serverContext.getSocketFactory(), false);
server.enqueue(new MockResponse().setBody("ABC"));
server.enqueue(new MockResponse().setBody("DEF"));
server.enqueue(new MockResponse().setBody("GHI"));
server.play();
URL url = server.getUrl("/");
assertEquals("ABC", readAscii(url.openStream(), Integer.MAX_VALUE));
assertEquals("DEF", readAscii(url.openStream(), Integer.MAX_VALUE));
assertEquals("GHI", readAscii(url.openStream(), Integer.MAX_VALUE));
assertEquals(Arrays.asList("verify " + hostName), hostnameVerifier.calls);
assertEquals(Arrays.asList("checkServerTrusted [" + "CN=" + hostName + " 1, " + "CN=Test Intermediate Certificate Authority 1, " + "CN=Test Root Certificate Authority 1" + "] RSA"), trustManager.calls);
} finally {
HttpsURLConnection.setDefaultHostnameVerifier(defaultHostnameVerifier);
HttpsURLConnection.setDefaultSSLSocketFactory(defaultSSLSocketFactory);
}
}
Also used :
MockResponse(com.google.mockwebserver.MockResponse)
SSLContext(javax.net.ssl.SSLContext)
TestSSLContext(libcore.javax.net.ssl.TestSSLContext)
TestSSLContext(libcore.javax.net.ssl.TestSSLContext)
SSLSocketFactory(javax.net.ssl.SSLSocketFactory)
URL(java.net.URL)
HostnameVerifier(javax.net.ssl.HostnameVerifier)
Example 64 with SSLContext
use of javax.net.ssl.SSLContext in project jetty.project by eclipse.
the class ALPNNegotiationTest method testClientAdvertisingMultipleProtocolsServerSpeaksHTTPWhenNegotiated.
@Test
public void testClientAdvertisingMultipleProtocolsServerSpeaksHTTPWhenNegotiated() throws Exception {
InetSocketAddress address = prepare();
SslContextFactory sslContextFactory = newSslContextFactory();
sslContextFactory.start();
SSLContext sslContext = sslContextFactory.getSslContext();
try (SSLSocket client = (SSLSocket) sslContext.getSocketFactory().createSocket(address.getAddress(), address.getPort())) {
client.setUseClientMode(true);
client.setSoTimeout(5000);
ALPN.put(client, new ALPN.ClientProvider() {
@Override
public void unsupported() {
}
@Override
public List<String> protocols() {
return Arrays.asList("unknown/1.0", "http/1.1");
}
@Override
public void selected(String protocol) {
Assert.assertEquals("http/1.1", protocol);
}
});
client.startHandshake();
// Verify that the server really speaks http/1.1
OutputStream output = client.getOutputStream();
output.write(("" + "GET / HTTP/1.1\r\n" + "Host: localhost:" + address.getPort() + "\r\n" + "\r\n" + "").getBytes(StandardCharsets.UTF_8));
output.flush();
InputStream input = client.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(input, StandardCharsets.UTF_8));
String line = reader.readLine();
Assert.assertTrue(line.contains(" 404 "));
}
}
Also used :
InputStreamReader(java.io.InputStreamReader)
InetSocketAddress(java.net.InetSocketAddress)
InputStream(java.io.InputStream)
SSLSocket(javax.net.ssl.SSLSocket)
OutputStream(java.io.OutputStream)
SSLContext(javax.net.ssl.SSLContext)
SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory)
ALPN(org.eclipse.jetty.alpn.ALPN)
BufferedReader(java.io.BufferedReader)
List(java.util.List)
Test(org.junit.Test)
Example 65 with SSLContext
use of javax.net.ssl.SSLContext in project jetty.project by eclipse.
the class ALPNNegotiationTest method testClientAdvertisingHTTPServerSpeaksHTTP.
@Test
public void testClientAdvertisingHTTPServerSpeaksHTTP() throws Exception {
InetSocketAddress address = prepare();
SslContextFactory sslContextFactory = newSslContextFactory();
sslContextFactory.start();
SSLContext sslContext = sslContextFactory.getSslContext();
try (SSLSocket client = (SSLSocket) sslContext.getSocketFactory().createSocket(address.getAddress(), address.getPort())) {
client.setUseClientMode(true);
client.setSoTimeout(5000);
ALPN.put(client, new ALPN.ClientProvider() {
@Override
public void unsupported() {
}
@Override
public List<String> protocols() {
return Arrays.asList("http/1.1");
}
@Override
public void selected(String protocol) {
Assert.assertEquals("http/1.1", protocol);
}
});
client.startHandshake();
// Verify that the server really speaks http/1.1
OutputStream output = client.getOutputStream();
output.write(("" + "GET / HTTP/1.1\r\n" + "Host: localhost:" + address.getPort() + "\r\n" + "\r\n" + "").getBytes(StandardCharsets.UTF_8));
output.flush();
InputStream input = client.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(input, StandardCharsets.UTF_8));
String line = reader.readLine();
Assert.assertTrue(line.contains(" 404 "));
}
}
Also used :
InputStreamReader(java.io.InputStreamReader)
InetSocketAddress(java.net.InetSocketAddress)
InputStream(java.io.InputStream)
SSLSocket(javax.net.ssl.SSLSocket)
OutputStream(java.io.OutputStream)
SSLContext(javax.net.ssl.SSLContext)
SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory)
ALPN(org.eclipse.jetty.alpn.ALPN)
BufferedReader(java.io.BufferedReader)
List(java.util.List)
Test(org.junit.Test)
Aggregations
SSLContext (javax.net.ssl.SSLContext)745
IOException (java.io.IOException)171
TrustManager (javax.net.ssl.TrustManager)139
KeyStore (java.security.KeyStore)130
TrustManagerFactory (javax.net.ssl.TrustManagerFactory)112
SecureRandom (java.security.SecureRandom)110
X509TrustManager (javax.net.ssl.X509TrustManager)107
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)106
KeyManagementException (java.security.KeyManagementException)92
KeyManagerFactory (javax.net.ssl.KeyManagerFactory)92
CertificateException (java.security.cert.CertificateException)84
X509Certificate (java.security.cert.X509Certificate)84
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)69
Test (org.junit.Test)65
SSLSocket (javax.net.ssl.SSLSocket)64
InputStream (java.io.InputStream)59
FileInputStream (java.io.FileInputStream)56
SSLEngine (javax.net.ssl.SSLEngine)54
KeyManager (javax.net.ssl.KeyManager)52
KeyStoreException (java.security.KeyStoreException)45
