Example 6 with SSLContext
use of javax.net.ssl.SSLContext in project camel by apache.
the class SSLContextParametersTest method testPropertyPlaceholders.
public void testPropertyPlaceholders() throws Exception {
CamelContext camelContext = this.createPropertiesPlaceholderAwareContext();
KeyStoreParameters ksp = new KeyStoreParameters();
ksp.setCamelContext(camelContext);
ksp.setType("{{keyStoreParameters.type}}");
ksp.setProvider("{{keyStoreParameters.provider}}");
ksp.setResource("{{keyStoreParameters.resource}}");
ksp.setPassword("{{keyStoreParamerers.password}}");
KeyManagersParameters kmp = new KeyManagersParameters();
kmp.setCamelContext(camelContext);
kmp.setKeyStore(ksp);
kmp.setKeyPassword("{{keyManagersParameters.keyPassword}}");
kmp.setAlgorithm("{{keyManagersParameters.algorithm}}");
kmp.setProvider("{{keyManagersParameters.provider}}");
TrustManagersParameters tmp = new TrustManagersParameters();
tmp.setCamelContext(camelContext);
tmp.setKeyStore(ksp);
tmp.setAlgorithm("{{trustManagersParameters.algorithm}}");
tmp.setProvider("{{trustManagersParameters.provider}}");
CipherSuitesParameters csp = new CipherSuitesParameters();
csp.setCipherSuite(Collections.singletonList("{{cipherSuite.0}}"));
SecureSocketProtocolsParameters sspp = new SecureSocketProtocolsParameters();
sspp.setSecureSocketProtocol(Collections.singletonList("{{secureSocketProtocol.0}}"));
SSLContextServerParameters scsp = new SSLContextServerParameters();
scsp.setCamelContext(camelContext);
scsp.setClientAuthentication("{{sslContextServerParameters.clientAuthentication}}");
SSLContextParameters scp = new SSLContextParameters();
scp.setCamelContext(camelContext);
scp.setKeyManagers(kmp);
scp.setTrustManagers(tmp);
scp.setServerParameters(scsp);
scp.setProvider("{{sslContextParameters.provider}}");
scp.setSecureSocketProtocol("{{sslContextParameters.protocol}}");
scp.setSessionTimeout("{{sslContextParameters.sessionTimeout}}");
scp.setCipherSuites(csp);
scp.setSecureSocketProtocols(sspp);
SSLContext context = scp.createSSLContext();
SSLServerSocket serverSocket = (SSLServerSocket) context.getServerSocketFactory().createServerSocket();
assertTrue(serverSocket.getNeedClientAuth());
context.getSocketFactory().createSocket();
context.createSSLEngine();
}
Also used :
CamelContext(org.apache.camel.CamelContext)
SSLContext(javax.net.ssl.SSLContext)
SSLServerSocket(javax.net.ssl.SSLServerSocket)
Example 7 with SSLContext
use of javax.net.ssl.SSLContext in project camel by apache.
the class HttpsServerTestSupport method getSSLContext.
@Override
protected SSLContext getSSLContext() throws Exception {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream(KEYSTORE), PASSWORD.toCharArray());
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, PASSWORD.toCharArray());
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(new FileInputStream(KEYSTORE), PASSWORD.toCharArray());
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);
SSLContext sslcontext = SSLContext.getInstance(SECURE_SOCKET_PROTOCOL);
sslcontext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
return sslcontext;
}
Also used :
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
SSLContext(javax.net.ssl.SSLContext)
KeyStore(java.security.KeyStore)
FileInputStream(java.io.FileInputStream)
KeyManagerFactory(javax.net.ssl.KeyManagerFactory)
Example 8 with SSLContext
use of javax.net.ssl.SSLContext in project camel by apache.
the class CamelSSLIRCConnection method connect.
@Override
public void connect() throws IOException {
if (sslContextParameters == null) {
super.connect();
} else {
if (level != 0) {
throw new SocketException("Socket closed or already open (" + level + ")");
}
IOException exception = null;
final SSLContext sslContext;
try {
sslContext = sslContextParameters.createSSLContext(camelContext);
} catch (GeneralSecurityException e) {
throw new RuntimeCamelException("Error in SSLContextParameters configuration or instantiation.", e);
}
final SSLSocketFactory sf = sslContext.getSocketFactory();
SSLSocket s = null;
for (int i = 0; i < ports.length && s == null; i++) {
try {
s = (SSLSocket) sf.createSocket(host, ports[i]);
s.startHandshake();
exception = null;
} catch (SSLNotSupportedException exc) {
if (s != null) {
s.close();
}
s = null;
throw exc;
} catch (IOException exc) {
if (s != null) {
s.close();
}
s = null;
exception = exc;
}
}
if (exception != null) {
// connection wasn't successful at any port
throw exception;
}
prepare(s);
}
}
Also used :
SocketException(java.net.SocketException)
GeneralSecurityException(java.security.GeneralSecurityException)
SSLSocket(javax.net.ssl.SSLSocket)
SSLNotSupportedException(org.schwering.irc.lib.ssl.SSLNotSupportedException)
RuntimeCamelException(org.apache.camel.RuntimeCamelException)
IOException(java.io.IOException)
SSLContext(javax.net.ssl.SSLContext)
SSLSocketFactory(javax.net.ssl.SSLSocketFactory)
Example 9 with SSLContext
use of javax.net.ssl.SSLContext in project flink by apache.
the class SSLUtilsTest method testCreateSSLServerContextMisconfiguration.
/**
* Tests if SSL Server Context creation fails with bad SSL configuration
*/
@Test
public void testCreateSSLServerContextMisconfiguration() {
Configuration serverConfig = new Configuration();
serverConfig.setBoolean(ConfigConstants.SECURITY_SSL_ENABLED, true);
serverConfig.setString(ConfigConstants.SECURITY_SSL_KEYSTORE, "src/test/resources/local127.keystore");
serverConfig.setString(ConfigConstants.SECURITY_SSL_KEYSTORE_PASSWORD, "badpassword");
serverConfig.setString(ConfigConstants.SECURITY_SSL_KEY_PASSWORD, "badpassword");
try {
SSLContext serverContext = SSLUtils.createSSLServerContext(serverConfig);
Assert.fail("SSL server context created even with bad SSL configuration ");
} catch (Exception e) {
// Exception here is valid
}
}
Also used :
Configuration(org.apache.flink.configuration.Configuration)
SSLContext(javax.net.ssl.SSLContext)
Test(org.junit.Test)
Example 10 with SSLContext
use of javax.net.ssl.SSLContext in project flink by apache.
the class SSLUtilsTest method testCreateSSLServerContextWithMultiProtocols.
/**
* Tests if SSL Server Context creation fails with bad SSL configuration
*/
@Test
public void testCreateSSLServerContextWithMultiProtocols() {
Configuration serverConfig = new Configuration();
serverConfig.setBoolean(ConfigConstants.SECURITY_SSL_ENABLED, true);
serverConfig.setString(ConfigConstants.SECURITY_SSL_KEYSTORE, "src/test/resources/local127.keystore");
serverConfig.setString(ConfigConstants.SECURITY_SSL_KEYSTORE_PASSWORD, "password");
serverConfig.setString(ConfigConstants.SECURITY_SSL_KEY_PASSWORD, "password");
serverConfig.setString(ConfigConstants.SECURITY_SSL_PROTOCOL, "TLSv1,TLSv1.2");
try {
SSLContext serverContext = SSLUtils.createSSLServerContext(serverConfig);
Assert.fail("SSL server context created even with multiple protocols set ");
} catch (Exception e) {
// Exception here is valid
}
}
Also used :
Configuration(org.apache.flink.configuration.Configuration)
SSLContext(javax.net.ssl.SSLContext)
Test(org.junit.Test)
Aggregations
SSLContext (javax.net.ssl.SSLContext)660
IOException (java.io.IOException)136
TrustManager (javax.net.ssl.TrustManager)116
KeyStore (java.security.KeyStore)112
SecureRandom (java.security.SecureRandom)97
TrustManagerFactory (javax.net.ssl.TrustManagerFactory)96
X509TrustManager (javax.net.ssl.X509TrustManager)87
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)83
KeyManagerFactory (javax.net.ssl.KeyManagerFactory)81
KeyManagementException (java.security.KeyManagementException)73
X509Certificate (java.security.cert.X509Certificate)68
CertificateException (java.security.cert.CertificateException)66
Test (org.junit.Test)61
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)60
SSLSocket (javax.net.ssl.SSLSocket)59
SSLEngine (javax.net.ssl.SSLEngine)51
FileInputStream (java.io.FileInputStream)48
InputStream (java.io.InputStream)48
KeyManager (javax.net.ssl.KeyManager)43
GeneralSecurityException (java.security.GeneralSecurityException)41
