Example 46 with X509KeyManager
use of javax.net.ssl.X509KeyManager in project ddf by codice.
the class SecureCxfClientFactoryTest method testAliasSelectorKeyManager.
@Test
public void testAliasSelectorKeyManager() {
X509KeyManager keyManager = mock(X509KeyManager.class);
String alias = "testAlias";
String[] aliases = new String[] { alias };
when(keyManager.chooseClientAlias(any(), any(), any())).thenReturn(alias);
when(keyManager.getClientAliases(any(), any())).thenReturn(aliases);
AliasSelectorKeyManager aliasSelectorKeyManager = new AliasSelectorKeyManager(keyManager, alias);
String chosenAlias = aliasSelectorKeyManager.chooseClientAlias(new String[] { "x509" }, null, null);
assertThat(chosenAlias, is(alias));
}
Also used :
AliasSelectorKeyManager(org.codice.ddf.cxf.client.impl.SecureCxfClientFactoryImpl.AliasSelectorKeyManager)
X509KeyManager(javax.net.ssl.X509KeyManager)
Test(org.junit.Test)
Example 47 with X509KeyManager
use of javax.net.ssl.X509KeyManager in project ddf by codice.
the class SecureCxfClientFactoryImpl method getSSLSocketFactory.
private SSLSocketFactory getSSLSocketFactory(String sslProtocol, String alias, KeyManager[] keyManagers, TrustManager[] trustManagers) throws KeyManagementException, NoSuchAlgorithmException {
if (ArrayUtils.isNotEmpty(keyManagers)) {
for (int i = 0; i < keyManagers.length; i++) {
if (keyManagers[i] instanceof X509KeyManager) {
keyManagers[i] = new AliasSelectorKeyManager((X509KeyManager) keyManagers[i], alias);
}
}
}
SSLContext context = SSLContext.getInstance(sslProtocol);
context.init(keyManagers, trustManagers, null);
return context.getSocketFactory();
}
Also used :
X509KeyManager(javax.net.ssl.X509KeyManager)
SSLContext(javax.net.ssl.SSLContext)
Example 48 with X509KeyManager
use of javax.net.ssl.X509KeyManager in project cas by apereo.
the class CompositeX509KeyManagerTests method verifyOperation.
@Test
public void verifyOperation() throws Exception {
val kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
val ks = KeyStore.getInstance("JKS");
ks.load(null, "changeit".toCharArray());
kmf.init(ks, "changeit".toCharArray());
val km = kmf.getKeyManagers();
val managers = Arrays.stream(km).filter(tm -> tm instanceof X509KeyManager).map(X509KeyManager.class::cast).collect(Collectors.toList());
val input = new CompositeX509KeyManager(managers);
assertNull(input.chooseClientAlias(new String[] { "any" }, new Principal[] {}, mock(Socket.class)));
assertNull(input.chooseServerAlias("any", new Principal[] {}, mock(Socket.class)));
assertNull(input.getCertificateChain("cas"));
assertEquals(0, input.getClientAliases("cas", new Principal[] {}).length);
assertEquals(0, input.getServerAliases("cas", new Principal[] {}).length);
}
Also used :
lombok.val(lombok.val)
X509KeyManager(javax.net.ssl.X509KeyManager)
Principal(java.security.Principal)
Test(org.junit.jupiter.api.Test)
Example 49 with X509KeyManager
use of javax.net.ssl.X509KeyManager in project zookeeper by apache.
the class X509UtilTest method testLoadPEMKeyStoreWithWrongPassword.
@ParameterizedTest
@MethodSource("data")
public void testLoadPEMKeyStoreWithWrongPassword(X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex) throws Exception {
init(caKeyType, certKeyType, keyPassword, paramIndex);
assertThrows(X509Exception.KeyManagerException.class, () -> {
// Attempting to load with the wrong key password should fail
X509KeyManager km = X509Util.createKeyManager(x509TestContext.getKeyStoreFile(KeyStoreFileType.PEM).getAbsolutePath(), // intentionally use the wrong password
"wrong password", KeyStoreFileType.PEM.getPropertyValue());
});
}
Also used :
X509KeyManager(javax.net.ssl.X509KeyManager)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
MethodSource(org.junit.jupiter.params.provider.MethodSource)
Example 50 with X509KeyManager
use of javax.net.ssl.X509KeyManager in project zookeeper by apache.
the class X509UtilTest method testLoadJKSKeyStore.
@ParameterizedTest
@MethodSource("data")
public void testLoadJKSKeyStore(X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex) throws Exception {
init(caKeyType, certKeyType, keyPassword, paramIndex);
// Make sure we can instantiate a key manager from the JKS file on disk
X509KeyManager km = X509Util.createKeyManager(x509TestContext.getKeyStoreFile(KeyStoreFileType.JKS).getAbsolutePath(), x509TestContext.getKeyStorePassword(), KeyStoreFileType.JKS.getPropertyValue());
}
Also used :
X509KeyManager(javax.net.ssl.X509KeyManager)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
MethodSource(org.junit.jupiter.params.provider.MethodSource)
Aggregations
X509KeyManager (javax.net.ssl.X509KeyManager)66
KeyManager (javax.net.ssl.KeyManager)32
KeyManagerFactory (javax.net.ssl.KeyManagerFactory)22
IOException (java.io.IOException)18
X509Certificate (java.security.cert.X509Certificate)17
KeyStore (java.security.KeyStore)16
SSLContext (javax.net.ssl.SSLContext)15
ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)12
MethodSource (org.junit.jupiter.params.provider.MethodSource)12
GeneralSecurityException (java.security.GeneralSecurityException)8
CertificateException (java.security.cert.CertificateException)8
X509TrustManager (javax.net.ssl.X509TrustManager)8
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)7
PrivateKey (java.security.PrivateKey)7
TrustManager (javax.net.ssl.TrustManager)7
X509ExtendedKeyManager (javax.net.ssl.X509ExtendedKeyManager)7
UnifiedX509KeyManager (com.sun.enterprise.security.ssl.manager.UnifiedX509KeyManager)4
KeyFactory (java.security.KeyFactory)4
KeyPair (java.security.KeyPair)4
KeyPairGenerator (java.security.KeyPairGenerator)4
