Example 1 with START_ELEMENT
use of javax.xml.stream.XMLStreamConstants.START_ELEMENT in project wildfly-elytron by wildfly-security.
the class ElytronXmlParser method parseCredentialsType.
private static ExceptionSupplier<CredentialSource, ConfigXMLParseException> parseCredentialsType(final ConfigurationXMLStreamReader reader, final Version xmlVersion, final Map<String, ExceptionSupplier<KeyStore, ConfigXMLParseException>> keyStoresMap, final Map<String, ExceptionSupplier<CredentialStore, ConfigXMLParseException>> credentialStoresMap, Supplier<Provider[]> providers) throws ConfigXMLParseException {
ExceptionUnaryOperator<CredentialSource, ConfigXMLParseException> function = parent -> CredentialSource.NONE;
requireNoAttributes(reader);
while (reader.hasNext()) {
final int tag = reader.nextTag();
if (tag == START_ELEMENT) {
checkElementNamespace(reader, xmlVersion);
switch(reader.getLocalName()) {
case "key-store-reference":
{
final ExceptionSupplier<KeyStore.Entry, ConfigXMLParseException> supplier = parseKeyStoreRefType(reader, xmlVersion, keyStoresMap, credentialStoresMap, providers);
function = andThenOp(function, credentialSource -> credentialSource.with(new KeyStoreCredentialSource(new FixedSecurityFactory<KeyStore.Entry>(supplier.get()))));
break;
}
case "credential-store-reference":
{
final ExceptionSupplier<CredentialSource, ConfigXMLParseException> supplier = parseCredentialStoreRefType(reader, credentialStoresMap);
function = andThenOp(function, credentialSource -> credentialSource.with(supplier.get()));
break;
}
case "clear-password":
{
ExceptionSupplier<Password, ConfigXMLParseException> password = parseClearPassword(reader, providers);
function = andThenOp(function, credentialSource -> credentialSource.with(IdentityCredentials.NONE.withCredential(new PasswordCredential(password.get()))));
break;
}
case "masked-password":
{
if (!xmlVersion.isAtLeast(Version.VERSION_1_4)) {
throw reader.unexpectedElement();
}
final XMLLocation location = reader.getLocation();
ExceptionSupplier<Password, ConfigXMLParseException> password = parseMaskedPassword(reader, providers);
Password maskedPassword = password.get();
Password finalPassword;
try {
final PasswordFactory passwordFactory = PasswordFactory.getInstance(maskedPassword.getAlgorithm(), providers);
final ClearPasswordSpec spec = passwordFactory.getKeySpec(maskedPassword, ClearPasswordSpec.class);
final char[] clearPassword = spec.getEncodedPassword();
PasswordFactory clearPasswordFactory = PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR, providers);
finalPassword = clearPasswordFactory.generatePassword(new ClearPasswordSpec(clearPassword)).castAs(ClearPassword.class);
} catch (InvalidKeySpecException | NoSuchAlgorithmException cause) {
throw xmlLog.xmlFailedToCreateCredential(location, cause);
}
function = andThenOp(function, credentialSource -> credentialSource.with(IdentityCredentials.NONE.withCredential(new PasswordCredential(finalPassword))));
break;
}
case "key-pair":
{
KeyPairCredential keyPairCredential = parseKeyPair(reader, xmlVersion, credentialStoresMap, providers);
function = andThenOp(function, credentialSource -> credentialSource.with(IdentityCredentials.NONE.withCredential(keyPairCredential)));
break;
}
case "certificate":
{
X509CertificateChainPrivateCredential credential = parseCertificateType(reader, xmlVersion);
function = andThenOp(function, credentialSource -> credentialSource.with(IdentityCredentials.NONE.withCredential(credential)));
break;
}
case "public-key-pem":
{
PublicKey publicKey = parsePem(reader, PublicKey.class);
function = andThenOp(function, credentialSource -> credentialSource.with(IdentityCredentials.NONE.withCredential(new PublicKeyCredential(publicKey))));
break;
}
case "bearer-token":
{
BearerTokenCredential bearerToken = parseBearerTokenType(reader);
function = andThenOp(function, credentialSource -> credentialSource.with(IdentityCredentials.NONE.withCredential(bearerToken)));
break;
}
case "oauth2-bearer-token":
{
final ExceptionSupplier<CredentialSource, ConfigXMLParseException> oauthCredentialSourceSupplier = parseOAuth2BearerTokenType(reader, credentialStoresMap, xmlVersion);
function = andThenOp(function, credentialSource -> credentialSource.with(oauthCredentialSourceSupplier.get()));
break;
}
case "local-kerberos":
{
if (!xmlVersion.isAtLeast(Version.VERSION_1_1)) {
throw reader.unexpectedElement();
}
CredentialSource kerberosCredentialSource = parseLocalKerberos(reader);
function = andThenOp(function, credentialSource -> credentialSource.with(kerberosCredentialSource));
xmlLog.xmlDeprecatedElement(reader.getLocalName(), reader.getLocation());
break;
}
case "ssh-credential":
{
if (!xmlVersion.isAtLeast(Version.VERSION_1_6)) {
throw reader.unexpectedElement();
}
SSHCredential sshCredential = parseSSHKeyLocationCredential(reader, xmlVersion, credentialStoresMap, providers);
function = andThenOp(function, credentialSource -> credentialSource.with(credentialSource.with(IdentityCredentials.NONE.withCredential(sshCredential))));
break;
}
default:
{
throw reader.unexpectedElement();
}
}
} else if (tag == END_ELEMENT) {
assert reader.getLocalName().equals("credentials") || reader.getLocalName().equals("protection-parameter-credentials");
final ExceptionUnaryOperator<CredentialSource, ConfigXMLParseException> finalFunction = function;
return () -> finalFunction.apply(null);
} else {
throw reader.unexpectedContent();
}
}
throw reader.unexpectedDocumentEnd();
}
Also used :
KeyPair(java.security.KeyPair)
SSLContext(javax.net.ssl.SSLContext)
ProviderFactory(org.wildfly.security.provider.util.ProviderFactory)
Enumeration(java.util.Enumeration)
SSHCredential(org.wildfly.security.credential.SSHCredential)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
KeyStoreException(java.security.KeyStoreException)
OAuth2CredentialSource(org.wildfly.security.credential.source.OAuth2CredentialSource)
CodePointIterator(org.wildfly.common.iteration.CodePointIterator)
KeyStoreCredentialSource(org.wildfly.security.credential.source.impl.KeyStoreCredentialSource)
GSSCredentialSecurityFactory(org.wildfly.security.mechanism.gssapi.GSSCredentialSecurityFactory)
GeneralSecurityException(java.security.GeneralSecurityException)
Map(java.util.Map)
MaskedPasswordSpec(org.wildfly.security.password.spec.MaskedPasswordSpec)
ClientConfiguration(org.wildfly.client.config.ClientConfiguration)
Assert(org.wildfly.common.Assert)
SSLContextBuilder(org.wildfly.security.ssl.SSLContextBuilder)
PemEntry(org.wildfly.security.pem.PemEntry)
Oid(org.ietf.jgss.Oid)
PasswordEntry(org.wildfly.security.keystore.PasswordEntry)
FilteringKeyStore(org.wildfly.security.keystore.FilteringKeyStore)
StandardCharsets(java.nio.charset.StandardCharsets)
START_ELEMENT(javax.xml.stream.XMLStreamConstants.START_ELEMENT)
PrivateKey(java.security.PrivateKey)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
BearerTokenCredential(org.wildfly.security.credential.BearerTokenCredential)
SecretKey(javax.crypto.SecretKey)
CipherSuiteSelector(org.wildfly.security.ssl.CipherSuiteSelector)
SecurityFactory(org.wildfly.security.SecurityFactory)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
FixedSecurityFactory(org.wildfly.security.FixedSecurityFactory)
PasswordFactory(org.wildfly.security.password.PasswordFactory)
ElytronAuthenticator(org.wildfly.security.auth.util.ElytronAuthenticator)
Supplier(java.util.function.Supplier)
ProtocolSelector(org.wildfly.security.ssl.ProtocolSelector)
ArrayList(java.util.ArrayList)
XMLLocation(org.wildfly.client.config.XMLLocation)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
PasswordCredential(org.wildfly.security.credential.PasswordCredential)
OidsUtil(org.wildfly.security.asn1.OidsUtil)
RegexNameRewriter(org.wildfly.security.auth.util.RegexNameRewriter)
IntFunction(java.util.function.IntFunction)
ConfigurationXMLStreamReader(org.wildfly.client.config.ConfigurationXMLStreamReader)
IOException(java.io.IOException)
KeyManager(javax.net.ssl.KeyManager)
MaskedPassword(org.wildfly.security.password.interfaces.MaskedPassword)
SaslMechanismSelector(org.wildfly.security.sasl.SaslMechanismSelector)
X509TrustManager(javax.net.ssl.X509TrustManager)
X509ExtendedKeyManager(javax.net.ssl.X509ExtendedKeyManager)
X509Certificate(java.security.cert.X509Certificate)
ElytronFilePasswordProvider(org.wildfly.security.auth.util.ElytronFilePasswordProvider)
ListIterator(java.util.ListIterator)
TrustManager(javax.net.ssl.TrustManager)
ConfigXMLParseException(org.wildfly.client.config.ConfigXMLParseException)
CredentialSource(org.wildfly.security.credential.source.CredentialSource)
ExceptionUnaryOperator(org.wildfly.common.function.ExceptionUnaryOperator)
ProviderUtil.findProvider(org.wildfly.security.provider.util.ProviderUtil.findProvider)
WrappingPasswordKeyStore(org.wildfly.security.keystore.WrappingPasswordKeyStore)
END_ELEMENT(javax.xml.stream.XMLStreamConstants.END_ELEMENT)
ProviderServiceLoaderSupplier(org.wildfly.security.provider.util.ProviderServiceLoaderSupplier)
URI(java.net.URI)
ExceptionBiFunction(org.wildfly.common.function.ExceptionBiFunction)
LocalKerberosCredentialSource(org.wildfly.security.credential.source.impl.LocalKerberosCredentialSource)
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
CredentialStore(org.wildfly.security.credential.store.CredentialStore)
Authenticator(java.net.Authenticator)
PublicKeyCredential(org.wildfly.security.credential.PublicKeyCredential)
KeyStore(java.security.KeyStore)
ServiceLoader(java.util.ServiceLoader)
KeyPairCredential(org.wildfly.security.credential.KeyPairCredential)
GSSException(org.ietf.jgss.GSSException)
INSTALLED_PROVIDERS(org.wildfly.security.provider.util.ProviderUtil.INSTALLED_PROVIDERS)
FileNotFoundException(java.io.FileNotFoundException)
Provider(java.security.Provider)
NameRewriter(org.wildfly.security.auth.server.NameRewriter)
List(java.util.List)
ElytronMessages.xmlLog(org.wildfly.security.auth.client._private.ElytronMessages.xmlLog)
CredentialStoreCredentialSource(org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource)
Pattern(java.util.regex.Pattern)
ExceptionSupplier(org.wildfly.common.function.ExceptionSupplier)
ElytronMessages(org.wildfly.security.auth.client._private.ElytronMessages)
WildFlyElytronPasswordProvider(org.wildfly.security.password.WildFlyElytronPasswordProvider)
HashMap(java.util.HashMap)
Assert.checkMinimumParameter(org.wildfly.common.Assert.checkMinimumParameter)
X509RevocationTrustManager(org.wildfly.security.ssl.X509RevocationTrustManager)
AliasFilter(org.wildfly.security.keystore.AliasFilter)
ClearPasswordSpec(org.wildfly.security.password.spec.ClearPasswordSpec)
ServiceConfigurationError(java.util.ServiceConfigurationError)
LinkedList(java.util.LinkedList)
X509CertificateChainPrivateCredential(org.wildfly.security.credential.X509CertificateChainPrivateCredential)
Iterator(java.util.Iterator)
MalformedURLException(java.net.MalformedURLException)
IdentityCredentials(org.wildfly.security.auth.server.IdentityCredentials)
KeyManagerFactory(javax.net.ssl.KeyManagerFactory)
PublicKey(java.security.PublicKey)
FileInputStream(java.io.FileInputStream)
Pem(org.wildfly.security.pem.Pem)
Assert.checkNotNullParam(org.wildfly.common.Assert.checkNotNullParam)
KeyStoreUtil(org.wildfly.security.keystore.KeyStoreUtil)
Closeable(java.io.Closeable)
Location(javax.xml.stream.Location)
Password(org.wildfly.security.password.Password)
ClearPassword(org.wildfly.security.password.interfaces.ClearPassword)
ProviderUtil(org.wildfly.security.provider.util.ProviderUtil)
Credential(org.wildfly.security.credential.Credential)
Collections(java.util.Collections)
ServiceLoaderSaslClientFactory(org.wildfly.security.sasl.util.ServiceLoaderSaslClientFactory)
InputStream(java.io.InputStream)
ExceptionSupplier(org.wildfly.common.function.ExceptionSupplier)
XMLLocation(org.wildfly.client.config.XMLLocation)
SSHCredential(org.wildfly.security.credential.SSHCredential)
KeyStoreCredentialSource(org.wildfly.security.credential.source.impl.KeyStoreCredentialSource)
X509CertificateChainPrivateCredential(org.wildfly.security.credential.X509CertificateChainPrivateCredential)
PublicKey(java.security.PublicKey)
PasswordCredential(org.wildfly.security.credential.PasswordCredential)
ClearPasswordSpec(org.wildfly.security.password.spec.ClearPasswordSpec)
BearerTokenCredential(org.wildfly.security.credential.BearerTokenCredential)
PublicKeyCredential(org.wildfly.security.credential.PublicKeyCredential)
FilteringKeyStore(org.wildfly.security.keystore.FilteringKeyStore)
WrappingPasswordKeyStore(org.wildfly.security.keystore.WrappingPasswordKeyStore)
KeyStore(java.security.KeyStore)
ExceptionUnaryOperator(org.wildfly.common.function.ExceptionUnaryOperator)
PemEntry(org.wildfly.security.pem.PemEntry)
PasswordEntry(org.wildfly.security.keystore.PasswordEntry)
PasswordFactory(org.wildfly.security.password.PasswordFactory)
KeyPairCredential(org.wildfly.security.credential.KeyPairCredential)
ConfigXMLParseException(org.wildfly.client.config.ConfigXMLParseException)
OAuth2CredentialSource(org.wildfly.security.credential.source.OAuth2CredentialSource)
KeyStoreCredentialSource(org.wildfly.security.credential.source.impl.KeyStoreCredentialSource)
CredentialSource(org.wildfly.security.credential.source.CredentialSource)
LocalKerberosCredentialSource(org.wildfly.security.credential.source.impl.LocalKerberosCredentialSource)
CredentialStoreCredentialSource(org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource)
MaskedPassword(org.wildfly.security.password.interfaces.MaskedPassword)
Password(org.wildfly.security.password.Password)
ClearPassword(org.wildfly.security.password.interfaces.ClearPassword)
Example 2 with START_ELEMENT
use of javax.xml.stream.XMLStreamConstants.START_ELEMENT in project jpx by jenetics.
the class ListResult method read.
@Override
public List<T> read(final XMLStreamReader xml, final boolean lenient) throws XMLStreamException {
xml.require(START_ELEMENT, null, name());
final T element = _adoptee.read(xml, lenient);
return element != null ? Collections.singletonList(element) : emptyList();
}
Also used :
COMMENT(javax.xml.stream.XMLStreamConstants.COMMENT)
START_ELEMENT(javax.xml.stream.XMLStreamConstants.START_ELEMENT)
END_ELEMENT(javax.xml.stream.XMLStreamConstants.END_ELEMENT)
Example 3 with START_ELEMENT
use of javax.xml.stream.XMLStreamConstants.START_ELEMENT in project wildfly-elytron by wildfly-security.
the class ElytronXmlParser method parseKeyStoreType.
/**
* Parse an XML element of type {@code key-store-type} from an XML reader.
*
* @param reader the XML stream reader
* @param xmlVersion the version of parsed XML
* @param keyStoresMap the map of key stores to use
* @throws ConfigXMLParseException if the resource failed to be parsed
*/
static void parseKeyStoreType(ConfigurationXMLStreamReader reader, final Version xmlVersion, final Map<String, ExceptionSupplier<KeyStore, ConfigXMLParseException>> keyStoresMap, final Map<String, ExceptionSupplier<CredentialStore, ConfigXMLParseException>> credentialStoresMap, final Supplier<Provider[]> providers) throws ConfigXMLParseException {
final int attributeCount = reader.getAttributeCount();
String name = null;
String type = null;
String provider = null;
Boolean wrap = null;
DeferredSupplier<Provider[]> providersSupplier = new DeferredSupplier<>(providers);
for (int i = 0; i < attributeCount; i++) {
checkAttributeNamespace(reader, i);
switch(reader.getAttributeLocalName(i)) {
case "type":
{
if (type != null)
throw reader.unexpectedAttribute(i);
type = reader.getAttributeValueResolved(i);
break;
}
case "provider":
{
if (provider != null)
throw reader.unexpectedAttribute(i);
provider = reader.getAttributeValueResolved(i);
break;
}
case "name":
{
if (name != null)
throw reader.unexpectedAttribute(i);
name = reader.getAttributeValueResolved(i);
break;
}
case "wrap-passwords":
{
if (wrap != null)
throw reader.unexpectedAttribute(i);
wrap = Boolean.valueOf(Boolean.parseBoolean(reader.getAttributeValueResolved(i)));
break;
}
default:
throw reader.unexpectedAttribute(i);
}
}
if (type == null && !xmlVersion.isAtLeast(Version.VERSION_1_3)) {
throw missingAttribute(reader, "type");
}
if (name == null) {
throw missingAttribute(reader, "name");
}
final XMLLocation location = reader.getLocation();
ExceptionSupplier<char[], ConfigXMLParseException> passwordFactory = null;
boolean gotSource = false;
boolean gotCredential = false;
boolean gotProviders = false;
String fileSource = null;
ExceptionSupplier<InputStream, IOException> resourceSource = null;
URI uriSource = null;
while (reader.hasNext()) {
final int tag = reader.nextTag();
if (tag == START_ELEMENT) {
checkElementNamespace(reader, xmlVersion);
switch(reader.getLocalName()) {
case "key-store-credential":
{
// group 2
if (gotCredential) {
throw reader.unexpectedElement();
}
gotCredential = true;
final XMLLocation nestedLocation = reader.getLocation();
final ExceptionSupplier<KeyStore.Entry, ConfigXMLParseException> entryFactory = parseKeyStoreRefType(reader, xmlVersion, keyStoresMap, credentialStoresMap, providersSupplier);
passwordFactory = () -> {
final KeyStore.Entry entry = entryFactory.get();
if (entry instanceof PasswordEntry)
try {
final Password password = ((PasswordEntry) entry).getPassword();
final PasswordFactory passwordFactory1 = PasswordFactory.getInstance(password.getAlgorithm(), providersSupplier);
final ClearPasswordSpec passwordSpec = passwordFactory1.getKeySpec(password, ClearPasswordSpec.class);
return passwordSpec.getEncodedPassword();
} catch (GeneralSecurityException e) {
throw xmlLog.xmlFailedToCreateCredential(nestedLocation, e);
}
return null;
};
break;
}
case "credential-store-reference":
{
if (gotCredential || !xmlVersion.isAtLeast(Version.VERSION_1_0_1)) {
throw reader.unexpectedElement();
}
gotCredential = true;
final XMLLocation nestedLocation = reader.getLocation();
ExceptionSupplier<CredentialSource, ConfigXMLParseException> credentialSourceSupplier = parseCredentialStoreRefType(reader, credentialStoresMap);
passwordFactory = () -> {
try {
return credentialSourceSupplier.get().applyToCredential(PasswordCredential.class, c -> c.getPassword().castAndApply(ClearPassword.class, ClearPassword::getPassword));
} catch (IOException e) {
throw xmlLog.xmlFailedToCreateCredential(nestedLocation, e);
}
};
break;
}
case "key-store-clear-password":
{
// group 2
if (gotCredential) {
throw reader.unexpectedElement();
}
gotCredential = true;
final ExceptionSupplier<Password, ConfigXMLParseException> clearPassword = parseClearPassword(reader, providersSupplier);
passwordFactory = () -> ((ClearPassword) clearPassword.get()).getPassword();
break;
}
case "key-store-masked-password":
{
// group 2
if (gotCredential || !xmlVersion.isAtLeast(Version.VERSION_1_4)) {
throw reader.unexpectedElement();
}
gotCredential = true;
final XMLLocation nestedLocation = reader.getLocation();
final ExceptionSupplier<Password, ConfigXMLParseException> maskedPassword = parseMaskedPassword(reader, providersSupplier);
passwordFactory = () -> {
try {
Password password = maskedPassword.get();
PasswordFactory factory = PasswordFactory.getInstance(password.getAlgorithm(), providersSupplier);
ClearPasswordSpec spec = factory.getKeySpec(password, ClearPasswordSpec.class);
return spec.getEncodedPassword();
} catch (GeneralSecurityException e) {
throw xmlLog.xmlFailedToCreateCredential(nestedLocation, e);
}
};
break;
}
case "file":
{
// group 1
if (gotSource || gotCredential) {
throw reader.unexpectedElement();
}
gotSource = true;
fileSource = parseNameType(reader);
break;
}
case "resource":
{
// group 1
if (gotSource || gotCredential) {
throw reader.unexpectedElement();
}
gotSource = true;
resourceSource = parseResourceType(reader, xmlVersion);
break;
}
case "uri":
{
// group 1
if (gotSource || gotCredential) {
throw reader.unexpectedElement();
}
gotSource = true;
uriSource = parseUriType(reader);
break;
}
case "providers":
{
if (gotProviders || !xmlVersion.isAtLeast(Version.VERSION_1_1)) {
throw reader.unexpectedElement();
}
gotProviders = true;
Supplier<Provider[]> supplier = parseProvidersType(reader, xmlVersion);
if (supplier != null) {
providersSupplier.setSupplier(supplier);
}
break;
}
default:
throw reader.unexpectedElement();
}
} else if (tag == END_ELEMENT) {
ExceptionSupplier<KeyStore, ConfigXMLParseException> keyStoreFactory = null;
if (type == null || type.equalsIgnoreCase("automatic")) {
keyStoreFactory = new UnknownTypeFileKeyStoreFactory(providers, provider, passwordFactory, fileSource, resourceSource, uriSource, location);
if (wrap) {
keyStoreFactory = new PasswordKeyStoreFactory(keyStoreFactory);
}
} else {
keyStoreFactory = new KeyStoreCreateFactory(providersSupplier, provider, type, location);
if (wrap == Boolean.TRUE) {
keyStoreFactory = new PasswordKeyStoreFactory(keyStoreFactory);
}
if (fileSource != null) {
keyStoreFactory = new FileLoadingKeyStoreFactory(keyStoreFactory, passwordFactory, fileSource, location);
} else if (resourceSource != null) {
keyStoreFactory = new ResourceLoadingKeyStoreFactory(keyStoreFactory, passwordFactory, resourceSource, location);
} else if (uriSource != null) {
keyStoreFactory = new URILoadingKeyStoreFactory(keyStoreFactory, passwordFactory, uriSource, location);
} else {
keyStoreFactory = new NullLoadingKeyStoreFactory(keyStoreFactory, passwordFactory, location);
}
}
keyStoresMap.put(name, keyStoreFactory);
return;
} else {
throw reader.unexpectedContent();
}
}
throw reader.unexpectedDocumentEnd();
}
Also used :
KeyPair(java.security.KeyPair)
SSLContext(javax.net.ssl.SSLContext)
ProviderFactory(org.wildfly.security.provider.util.ProviderFactory)
Enumeration(java.util.Enumeration)
SSHCredential(org.wildfly.security.credential.SSHCredential)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
KeyStoreException(java.security.KeyStoreException)
OAuth2CredentialSource(org.wildfly.security.credential.source.OAuth2CredentialSource)
CodePointIterator(org.wildfly.common.iteration.CodePointIterator)
KeyStoreCredentialSource(org.wildfly.security.credential.source.impl.KeyStoreCredentialSource)
GSSCredentialSecurityFactory(org.wildfly.security.mechanism.gssapi.GSSCredentialSecurityFactory)
GeneralSecurityException(java.security.GeneralSecurityException)
Map(java.util.Map)
MaskedPasswordSpec(org.wildfly.security.password.spec.MaskedPasswordSpec)
ClientConfiguration(org.wildfly.client.config.ClientConfiguration)
Assert(org.wildfly.common.Assert)
SSLContextBuilder(org.wildfly.security.ssl.SSLContextBuilder)
PemEntry(org.wildfly.security.pem.PemEntry)
Oid(org.ietf.jgss.Oid)
PasswordEntry(org.wildfly.security.keystore.PasswordEntry)
FilteringKeyStore(org.wildfly.security.keystore.FilteringKeyStore)
StandardCharsets(java.nio.charset.StandardCharsets)
START_ELEMENT(javax.xml.stream.XMLStreamConstants.START_ELEMENT)
PrivateKey(java.security.PrivateKey)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
BearerTokenCredential(org.wildfly.security.credential.BearerTokenCredential)
SecretKey(javax.crypto.SecretKey)
CipherSuiteSelector(org.wildfly.security.ssl.CipherSuiteSelector)
SecurityFactory(org.wildfly.security.SecurityFactory)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
FixedSecurityFactory(org.wildfly.security.FixedSecurityFactory)
PasswordFactory(org.wildfly.security.password.PasswordFactory)
ElytronAuthenticator(org.wildfly.security.auth.util.ElytronAuthenticator)
Supplier(java.util.function.Supplier)
ProtocolSelector(org.wildfly.security.ssl.ProtocolSelector)
ArrayList(java.util.ArrayList)
XMLLocation(org.wildfly.client.config.XMLLocation)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
PasswordCredential(org.wildfly.security.credential.PasswordCredential)
OidsUtil(org.wildfly.security.asn1.OidsUtil)
RegexNameRewriter(org.wildfly.security.auth.util.RegexNameRewriter)
IntFunction(java.util.function.IntFunction)
ConfigurationXMLStreamReader(org.wildfly.client.config.ConfigurationXMLStreamReader)
IOException(java.io.IOException)
KeyManager(javax.net.ssl.KeyManager)
MaskedPassword(org.wildfly.security.password.interfaces.MaskedPassword)
SaslMechanismSelector(org.wildfly.security.sasl.SaslMechanismSelector)
X509TrustManager(javax.net.ssl.X509TrustManager)
X509ExtendedKeyManager(javax.net.ssl.X509ExtendedKeyManager)
X509Certificate(java.security.cert.X509Certificate)
ElytronFilePasswordProvider(org.wildfly.security.auth.util.ElytronFilePasswordProvider)
ListIterator(java.util.ListIterator)
TrustManager(javax.net.ssl.TrustManager)
ConfigXMLParseException(org.wildfly.client.config.ConfigXMLParseException)
CredentialSource(org.wildfly.security.credential.source.CredentialSource)
ExceptionUnaryOperator(org.wildfly.common.function.ExceptionUnaryOperator)
ProviderUtil.findProvider(org.wildfly.security.provider.util.ProviderUtil.findProvider)
WrappingPasswordKeyStore(org.wildfly.security.keystore.WrappingPasswordKeyStore)
END_ELEMENT(javax.xml.stream.XMLStreamConstants.END_ELEMENT)
ProviderServiceLoaderSupplier(org.wildfly.security.provider.util.ProviderServiceLoaderSupplier)
URI(java.net.URI)
ExceptionBiFunction(org.wildfly.common.function.ExceptionBiFunction)
LocalKerberosCredentialSource(org.wildfly.security.credential.source.impl.LocalKerberosCredentialSource)
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
CredentialStore(org.wildfly.security.credential.store.CredentialStore)
Authenticator(java.net.Authenticator)
PublicKeyCredential(org.wildfly.security.credential.PublicKeyCredential)
KeyStore(java.security.KeyStore)
ServiceLoader(java.util.ServiceLoader)
KeyPairCredential(org.wildfly.security.credential.KeyPairCredential)
GSSException(org.ietf.jgss.GSSException)
INSTALLED_PROVIDERS(org.wildfly.security.provider.util.ProviderUtil.INSTALLED_PROVIDERS)
FileNotFoundException(java.io.FileNotFoundException)
Provider(java.security.Provider)
NameRewriter(org.wildfly.security.auth.server.NameRewriter)
List(java.util.List)
ElytronMessages.xmlLog(org.wildfly.security.auth.client._private.ElytronMessages.xmlLog)
CredentialStoreCredentialSource(org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource)
Pattern(java.util.regex.Pattern)
ExceptionSupplier(org.wildfly.common.function.ExceptionSupplier)
ElytronMessages(org.wildfly.security.auth.client._private.ElytronMessages)
WildFlyElytronPasswordProvider(org.wildfly.security.password.WildFlyElytronPasswordProvider)
HashMap(java.util.HashMap)
Assert.checkMinimumParameter(org.wildfly.common.Assert.checkMinimumParameter)
X509RevocationTrustManager(org.wildfly.security.ssl.X509RevocationTrustManager)
AliasFilter(org.wildfly.security.keystore.AliasFilter)
ClearPasswordSpec(org.wildfly.security.password.spec.ClearPasswordSpec)
ServiceConfigurationError(java.util.ServiceConfigurationError)
LinkedList(java.util.LinkedList)
X509CertificateChainPrivateCredential(org.wildfly.security.credential.X509CertificateChainPrivateCredential)
Iterator(java.util.Iterator)
MalformedURLException(java.net.MalformedURLException)
IdentityCredentials(org.wildfly.security.auth.server.IdentityCredentials)
KeyManagerFactory(javax.net.ssl.KeyManagerFactory)
PublicKey(java.security.PublicKey)
FileInputStream(java.io.FileInputStream)
Pem(org.wildfly.security.pem.Pem)
Assert.checkNotNullParam(org.wildfly.common.Assert.checkNotNullParam)
KeyStoreUtil(org.wildfly.security.keystore.KeyStoreUtil)
Closeable(java.io.Closeable)
Location(javax.xml.stream.Location)
Password(org.wildfly.security.password.Password)
ClearPassword(org.wildfly.security.password.interfaces.ClearPassword)
ProviderUtil(org.wildfly.security.provider.util.ProviderUtil)
Credential(org.wildfly.security.credential.Credential)
Collections(java.util.Collections)
ServiceLoaderSaslClientFactory(org.wildfly.security.sasl.util.ServiceLoaderSaslClientFactory)
InputStream(java.io.InputStream)
ClearPassword(org.wildfly.security.password.interfaces.ClearPassword)
ExceptionSupplier(org.wildfly.common.function.ExceptionSupplier)
PasswordCredential(org.wildfly.security.credential.PasswordCredential)
ClearPasswordSpec(org.wildfly.security.password.spec.ClearPasswordSpec)
URI(java.net.URI)
PemEntry(org.wildfly.security.pem.PemEntry)
PasswordEntry(org.wildfly.security.keystore.PasswordEntry)
Supplier(java.util.function.Supplier)
ProviderServiceLoaderSupplier(org.wildfly.security.provider.util.ProviderServiceLoaderSupplier)
ExceptionSupplier(org.wildfly.common.function.ExceptionSupplier)
MaskedPassword(org.wildfly.security.password.interfaces.MaskedPassword)
Password(org.wildfly.security.password.Password)
ClearPassword(org.wildfly.security.password.interfaces.ClearPassword)
XMLLocation(org.wildfly.client.config.XMLLocation)
FileInputStream(java.io.FileInputStream)
InputStream(java.io.InputStream)
GeneralSecurityException(java.security.GeneralSecurityException)
IOException(java.io.IOException)
FilteringKeyStore(org.wildfly.security.keystore.FilteringKeyStore)
WrappingPasswordKeyStore(org.wildfly.security.keystore.WrappingPasswordKeyStore)
KeyStore(java.security.KeyStore)
PasswordEntry(org.wildfly.security.keystore.PasswordEntry)
ElytronFilePasswordProvider(org.wildfly.security.auth.util.ElytronFilePasswordProvider)
ProviderUtil.findProvider(org.wildfly.security.provider.util.ProviderUtil.findProvider)
Provider(java.security.Provider)
WildFlyElytronPasswordProvider(org.wildfly.security.password.WildFlyElytronPasswordProvider)
PasswordFactory(org.wildfly.security.password.PasswordFactory)
ConfigXMLParseException(org.wildfly.client.config.ConfigXMLParseException)
Example 4 with START_ELEMENT
use of javax.xml.stream.XMLStreamConstants.START_ELEMENT in project wildfly-elytron by wildfly-security.
the class ElytronXmlParser method parseOpenSSHKeyType.
private static KeyPair parseOpenSSHKeyType(final ConfigurationXMLStreamReader reader, final Version xmlVersion, final Map<String, ExceptionSupplier<CredentialStore, ConfigXMLParseException>> credentialStoresMap, Supplier<Provider[]> providers) throws ConfigXMLParseException {
final int attributeCount = reader.getAttributeCount();
ExceptionUnaryOperator<CredentialSource, ConfigXMLParseException> function = parent -> CredentialSource.NONE;
String keyContent = null;
for (int i = 0; i < attributeCount; i++) {
checkAttributeNamespace(reader, i);
switch(reader.getAttributeLocalName(i)) {
case "pem":
{
if (keyContent != null)
throw reader.unexpectedAttribute(i);
keyContent = reader.getAttributeValueResolved(i);
break;
}
default:
throw reader.unexpectedAttribute(i);
}
}
while (reader.hasNext()) {
final int tag = reader.nextTag();
if (tag == START_ELEMENT) {
checkElementNamespace(reader, xmlVersion);
switch(reader.getLocalName()) {
case "credential-store-reference":
{
final ExceptionSupplier<CredentialSource, ConfigXMLParseException> supplier = parseCredentialStoreRefType(reader, credentialStoresMap);
function = andThenOp(function, credentialSource -> credentialSource.with(supplier.get()));
break;
}
case "clear-password":
{
ExceptionSupplier<Password, ConfigXMLParseException> password = parseClearPassword(reader, providers);
function = andThenOp(function, credentialSource -> credentialSource.with(IdentityCredentials.NONE.withCredential(new PasswordCredential(password.get()))));
break;
}
case "masked-password":
{
if (!xmlVersion.isAtLeast(Version.VERSION_1_4)) {
throw reader.unexpectedElement();
}
final XMLLocation location = reader.getLocation();
ExceptionSupplier<Password, ConfigXMLParseException> password = parseMaskedPassword(reader, providers);
Password maskedPassword = password.get();
Password finalPassword;
try {
final PasswordFactory passwordFactory = PasswordFactory.getInstance(maskedPassword.getAlgorithm(), providers);
final ClearPasswordSpec spec = passwordFactory.getKeySpec(maskedPassword, ClearPasswordSpec.class);
final char[] clearPassword = spec.getEncodedPassword();
PasswordFactory clearPasswordFactory = PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR, providers);
finalPassword = clearPasswordFactory.generatePassword(new ClearPasswordSpec(clearPassword)).castAs(ClearPassword.class);
} catch (InvalidKeySpecException | NoSuchAlgorithmException cause) {
throw xmlLog.xmlFailedToCreateCredential(location, cause);
}
function = andThenOp(function, credentialSource -> credentialSource.with(IdentityCredentials.NONE.withCredential(new PasswordCredential(finalPassword))));
break;
}
default:
throw reader.unexpectedElement();
}
} else if (tag == END_ELEMENT) {
if (keyContent == null)
throw reader.missingRequiredAttribute(reader.getNamespaceURI(), "openssh-private-key");
final ExceptionUnaryOperator<CredentialSource, ConfigXMLParseException> finalFunction = function;
ElytronFilePasswordProvider passwordProvider = new ElytronFilePasswordProvider(() -> finalFunction.apply(null));
Iterator<PemEntry<?>> pemContent = Pem.parsePemOpenSSHContent(CodePointIterator.ofString(keyContent), passwordProvider);
final PemEntry<?> pemEntry = pemContent.next();
final KeyPair keyPair = pemEntry.tryCast(KeyPair.class);
if (keyPair == null)
throw xmlLog.xmlInvalidOpenSSHKey(reader);
return keyPair;
} else {
throw reader.unexpectedContent();
}
}
throw reader.unexpectedDocumentEnd();
}
Also used :
KeyPair(java.security.KeyPair)
SSLContext(javax.net.ssl.SSLContext)
ProviderFactory(org.wildfly.security.provider.util.ProviderFactory)
Enumeration(java.util.Enumeration)
SSHCredential(org.wildfly.security.credential.SSHCredential)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
KeyStoreException(java.security.KeyStoreException)
OAuth2CredentialSource(org.wildfly.security.credential.source.OAuth2CredentialSource)
CodePointIterator(org.wildfly.common.iteration.CodePointIterator)
KeyStoreCredentialSource(org.wildfly.security.credential.source.impl.KeyStoreCredentialSource)
GSSCredentialSecurityFactory(org.wildfly.security.mechanism.gssapi.GSSCredentialSecurityFactory)
GeneralSecurityException(java.security.GeneralSecurityException)
Map(java.util.Map)
MaskedPasswordSpec(org.wildfly.security.password.spec.MaskedPasswordSpec)
ClientConfiguration(org.wildfly.client.config.ClientConfiguration)
Assert(org.wildfly.common.Assert)
SSLContextBuilder(org.wildfly.security.ssl.SSLContextBuilder)
PemEntry(org.wildfly.security.pem.PemEntry)
Oid(org.ietf.jgss.Oid)
PasswordEntry(org.wildfly.security.keystore.PasswordEntry)
FilteringKeyStore(org.wildfly.security.keystore.FilteringKeyStore)
StandardCharsets(java.nio.charset.StandardCharsets)
START_ELEMENT(javax.xml.stream.XMLStreamConstants.START_ELEMENT)
PrivateKey(java.security.PrivateKey)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
BearerTokenCredential(org.wildfly.security.credential.BearerTokenCredential)
SecretKey(javax.crypto.SecretKey)
CipherSuiteSelector(org.wildfly.security.ssl.CipherSuiteSelector)
SecurityFactory(org.wildfly.security.SecurityFactory)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
FixedSecurityFactory(org.wildfly.security.FixedSecurityFactory)
PasswordFactory(org.wildfly.security.password.PasswordFactory)
ElytronAuthenticator(org.wildfly.security.auth.util.ElytronAuthenticator)
Supplier(java.util.function.Supplier)
ProtocolSelector(org.wildfly.security.ssl.ProtocolSelector)
ArrayList(java.util.ArrayList)
XMLLocation(org.wildfly.client.config.XMLLocation)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
PasswordCredential(org.wildfly.security.credential.PasswordCredential)
OidsUtil(org.wildfly.security.asn1.OidsUtil)
RegexNameRewriter(org.wildfly.security.auth.util.RegexNameRewriter)
IntFunction(java.util.function.IntFunction)
ConfigurationXMLStreamReader(org.wildfly.client.config.ConfigurationXMLStreamReader)
IOException(java.io.IOException)
KeyManager(javax.net.ssl.KeyManager)
MaskedPassword(org.wildfly.security.password.interfaces.MaskedPassword)
SaslMechanismSelector(org.wildfly.security.sasl.SaslMechanismSelector)
X509TrustManager(javax.net.ssl.X509TrustManager)
X509ExtendedKeyManager(javax.net.ssl.X509ExtendedKeyManager)
X509Certificate(java.security.cert.X509Certificate)
ElytronFilePasswordProvider(org.wildfly.security.auth.util.ElytronFilePasswordProvider)
ListIterator(java.util.ListIterator)
TrustManager(javax.net.ssl.TrustManager)
ConfigXMLParseException(org.wildfly.client.config.ConfigXMLParseException)
CredentialSource(org.wildfly.security.credential.source.CredentialSource)
ExceptionUnaryOperator(org.wildfly.common.function.ExceptionUnaryOperator)
ProviderUtil.findProvider(org.wildfly.security.provider.util.ProviderUtil.findProvider)
WrappingPasswordKeyStore(org.wildfly.security.keystore.WrappingPasswordKeyStore)
END_ELEMENT(javax.xml.stream.XMLStreamConstants.END_ELEMENT)
ProviderServiceLoaderSupplier(org.wildfly.security.provider.util.ProviderServiceLoaderSupplier)
URI(java.net.URI)
ExceptionBiFunction(org.wildfly.common.function.ExceptionBiFunction)
LocalKerberosCredentialSource(org.wildfly.security.credential.source.impl.LocalKerberosCredentialSource)
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
CredentialStore(org.wildfly.security.credential.store.CredentialStore)
Authenticator(java.net.Authenticator)
PublicKeyCredential(org.wildfly.security.credential.PublicKeyCredential)
KeyStore(java.security.KeyStore)
ServiceLoader(java.util.ServiceLoader)
KeyPairCredential(org.wildfly.security.credential.KeyPairCredential)
GSSException(org.ietf.jgss.GSSException)
INSTALLED_PROVIDERS(org.wildfly.security.provider.util.ProviderUtil.INSTALLED_PROVIDERS)
FileNotFoundException(java.io.FileNotFoundException)
Provider(java.security.Provider)
NameRewriter(org.wildfly.security.auth.server.NameRewriter)
List(java.util.List)
ElytronMessages.xmlLog(org.wildfly.security.auth.client._private.ElytronMessages.xmlLog)
CredentialStoreCredentialSource(org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource)
Pattern(java.util.regex.Pattern)
ExceptionSupplier(org.wildfly.common.function.ExceptionSupplier)
ElytronMessages(org.wildfly.security.auth.client._private.ElytronMessages)
WildFlyElytronPasswordProvider(org.wildfly.security.password.WildFlyElytronPasswordProvider)
HashMap(java.util.HashMap)
Assert.checkMinimumParameter(org.wildfly.common.Assert.checkMinimumParameter)
X509RevocationTrustManager(org.wildfly.security.ssl.X509RevocationTrustManager)
AliasFilter(org.wildfly.security.keystore.AliasFilter)
ClearPasswordSpec(org.wildfly.security.password.spec.ClearPasswordSpec)
ServiceConfigurationError(java.util.ServiceConfigurationError)
LinkedList(java.util.LinkedList)
X509CertificateChainPrivateCredential(org.wildfly.security.credential.X509CertificateChainPrivateCredential)
Iterator(java.util.Iterator)
MalformedURLException(java.net.MalformedURLException)
IdentityCredentials(org.wildfly.security.auth.server.IdentityCredentials)
KeyManagerFactory(javax.net.ssl.KeyManagerFactory)
PublicKey(java.security.PublicKey)
FileInputStream(java.io.FileInputStream)
Pem(org.wildfly.security.pem.Pem)
Assert.checkNotNullParam(org.wildfly.common.Assert.checkNotNullParam)
KeyStoreUtil(org.wildfly.security.keystore.KeyStoreUtil)
Closeable(java.io.Closeable)
Location(javax.xml.stream.Location)
Password(org.wildfly.security.password.Password)
ClearPassword(org.wildfly.security.password.interfaces.ClearPassword)
ProviderUtil(org.wildfly.security.provider.util.ProviderUtil)
Credential(org.wildfly.security.credential.Credential)
Collections(java.util.Collections)
ServiceLoaderSaslClientFactory(org.wildfly.security.sasl.util.ServiceLoaderSaslClientFactory)
InputStream(java.io.InputStream)
KeyPair(java.security.KeyPair)
ExceptionSupplier(org.wildfly.common.function.ExceptionSupplier)
XMLLocation(org.wildfly.client.config.XMLLocation)
ElytronFilePasswordProvider(org.wildfly.security.auth.util.ElytronFilePasswordProvider)
PasswordCredential(org.wildfly.security.credential.PasswordCredential)
PemEntry(org.wildfly.security.pem.PemEntry)
ClearPasswordSpec(org.wildfly.security.password.spec.ClearPasswordSpec)
ExceptionUnaryOperator(org.wildfly.common.function.ExceptionUnaryOperator)
PasswordFactory(org.wildfly.security.password.PasswordFactory)
CodePointIterator(org.wildfly.common.iteration.CodePointIterator)
ListIterator(java.util.ListIterator)
Iterator(java.util.Iterator)
ConfigXMLParseException(org.wildfly.client.config.ConfigXMLParseException)
OAuth2CredentialSource(org.wildfly.security.credential.source.OAuth2CredentialSource)
KeyStoreCredentialSource(org.wildfly.security.credential.source.impl.KeyStoreCredentialSource)
CredentialSource(org.wildfly.security.credential.source.CredentialSource)
LocalKerberosCredentialSource(org.wildfly.security.credential.source.impl.LocalKerberosCredentialSource)
CredentialStoreCredentialSource(org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource)
MaskedPassword(org.wildfly.security.password.interfaces.MaskedPassword)
Password(org.wildfly.security.password.Password)
ClearPassword(org.wildfly.security.password.interfaces.ClearPassword)
Aggregations
Closeable (java.io.Closeable)3
FileInputStream (java.io.FileInputStream)3
FileNotFoundException (java.io.FileNotFoundException)3
IOException (java.io.IOException)3
InputStream (java.io.InputStream)3
Authenticator (java.net.Authenticator)3
MalformedURLException (java.net.MalformedURLException)3
URI (java.net.URI)3
StandardCharsets (java.nio.charset.StandardCharsets)3
GeneralSecurityException (java.security.GeneralSecurityException)3
KeyPair (java.security.KeyPair)3
KeyStore (java.security.KeyStore)3
KeyStoreException (java.security.KeyStoreException)3
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3
PrivateKey (java.security.PrivateKey)3
Provider (java.security.Provider)3
PublicKey (java.security.PublicKey)3
X509Certificate (java.security.cert.X509Certificate)3
InvalidKeySpecException (java.security.spec.InvalidKeySpecException)3
ArrayList (java.util.ArrayList)3
