use of javax.net.ssl.X509ExtendedKeyManager in project netty by netty.
the class OpenSslKeyMaterialManagerTest method testChooseClientAliasReturnsNull.
@Test
public void testChooseClientAliasReturnsNull() throws SSLException {
OpenSsl.ensureAvailability();
X509ExtendedKeyManager keyManager = new X509ExtendedKeyManager() {
@Override
public String[] getClientAliases(String s, Principal[] principals) {
return EmptyArrays.EMPTY_STRINGS;
}
@Override
public String chooseClientAlias(String[] strings, Principal[] principals, Socket socket) {
return null;
}
@Override
public String[] getServerAliases(String s, Principal[] principals) {
return EmptyArrays.EMPTY_STRINGS;
}
@Override
public String chooseServerAlias(String s, Principal[] principals, Socket socket) {
return null;
}
@Override
public X509Certificate[] getCertificateChain(String s) {
return EmptyArrays.EMPTY_X509_CERTIFICATES;
}
@Override
public PrivateKey getPrivateKey(String s) {
return null;
}
};
OpenSslKeyMaterialManager manager = new OpenSslKeyMaterialManager(new OpenSslKeyMaterialProvider(keyManager, null) {
@Override
OpenSslKeyMaterial chooseKeyMaterial(ByteBufAllocator allocator, String alias) throws Exception {
fail("Should not be called when alias is null");
return null;
}
});
SslContext context = SslContextBuilder.forClient().sslProvider(SslProvider.OPENSSL).build();
OpenSslEngine engine = (OpenSslEngine) context.newEngine(UnpooledByteBufAllocator.DEFAULT);
manager.setKeyMaterialClientSide(engine, EmptyArrays.EMPTY_STRINGS, null);
}
use of javax.net.ssl.X509ExtendedKeyManager in project netty by netty.
the class OpenSslEngineTest method testNoKeyFound.
@MethodSource("newTestParams")
@ParameterizedTest
public void testNoKeyFound(final SSLEngineTestParam param) throws Exception {
checkShouldUseKeyManagerFactory();
clientSslCtx = wrapContext(param, SslContextBuilder.forClient().trustManager(InsecureTrustManagerFactory.INSTANCE).sslProvider(sslClientProvider()).protocols(param.protocols()).ciphers(param.ciphers()).build());
final SSLEngine client = wrapEngine(clientSslCtx.newEngine(UnpooledByteBufAllocator.DEFAULT));
serverSslCtx = wrapContext(param, SslContextBuilder.forServer(new X509ExtendedKeyManager() {
@Override
public String[] getClientAliases(String keyType, Principal[] issuers) {
return new String[0];
}
@Override
public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket) {
return null;
}
@Override
public String[] getServerAliases(String keyType, Principal[] issuers) {
return new String[0];
}
@Override
public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) {
return null;
}
@Override
public X509Certificate[] getCertificateChain(String alias) {
return new X509Certificate[0];
}
@Override
public PrivateKey getPrivateKey(String alias) {
return null;
}
}).sslProvider(sslServerProvider()).protocols(param.protocols()).ciphers(param.ciphers()).build());
final SSLEngine server = wrapEngine(serverSslCtx.newEngine(UnpooledByteBufAllocator.DEFAULT));
try {
assertThrows(SSLException.class, new Executable() {
@Override
public void execute() throws Throwable {
handshake(param.type(), param.delegate(), client, server);
}
});
} finally {
cleanupClientSslEngine(client);
cleanupServerSslEngine(server);
}
}
use of javax.net.ssl.X509ExtendedKeyManager in project jetty.project by eclipse.
the class SslContextFactory method getKeyManagers.
protected KeyManager[] getKeyManagers(KeyStore keyStore) throws Exception {
KeyManager[] managers = null;
if (keyStore != null) {
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(getKeyManagerFactoryAlgorithm());
keyManagerFactory.init(keyStore, _keyManagerPassword == null ? (_keyStorePassword == null ? null : _keyStorePassword.toString().toCharArray()) : _keyManagerPassword.toString().toCharArray());
managers = keyManagerFactory.getKeyManagers();
if (managers != null) {
String alias = getCertAlias();
if (alias != null) {
for (int idx = 0; idx < managers.length; idx++) {
if (managers[idx] instanceof X509ExtendedKeyManager)
managers[idx] = new AliasedX509ExtendedKeyManager((X509ExtendedKeyManager) managers[idx], alias);
}
}
if (!_certHosts.isEmpty() || !_certWilds.isEmpty()) {
for (int idx = 0; idx < managers.length; idx++) {
if (managers[idx] instanceof X509ExtendedKeyManager)
managers[idx] = new SniX509ExtendedKeyManager((X509ExtendedKeyManager) managers[idx]);
}
}
}
}
if (LOG.isDebugEnabled())
LOG.debug("managers={} for {}", managers, this);
return managers;
}
use of javax.net.ssl.X509ExtendedKeyManager in project activemq-artemis by apache.
the class NettyTransportSupport method wrapKeyManagers.
private static KeyManager[] wrapKeyManagers(String alias, KeyManager[] origKeyManagers) {
KeyManager[] keyManagers = new KeyManager[origKeyManagers.length];
for (int i = 0; i < origKeyManagers.length; i++) {
KeyManager km = origKeyManagers[i];
if (km instanceof X509ExtendedKeyManager) {
km = new X509AliasKeyManager(alias, (X509ExtendedKeyManager) km);
}
keyManagers[i] = km;
}
return keyManagers;
}
use of javax.net.ssl.X509ExtendedKeyManager in project tomcat by apache.
the class TesterSupport method getUser1KeyManagers.
protected static KeyManager[] getUser1KeyManagers() throws Exception {
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(getKeyStore(CLIENT_JKS), JKS_PASS.toCharArray());
KeyManager[] managers = kmf.getKeyManagers();
KeyManager manager;
for (int i = 0; i < managers.length; i++) {
manager = managers[i];
if (manager instanceof X509ExtendedKeyManager) {
managers[i] = new TrackingExtendedKeyManager((X509ExtendedKeyManager) manager);
} else if (manager instanceof X509KeyManager) {
managers[i] = new TrackingKeyManager((X509KeyManager) manager);
}
}
return managers;
}
Aggregations