Example 1 with KeystoreIsLocked
use of org.apache.karaf.jaas.config.KeystoreIsLocked in project karaf by apache.
the class ResourceKeystoreInstance method getTrustManager.
public TrustManager[] getTrustManager(String algorithm) throws KeyStoreException, NoSuchAlgorithmException, KeystoreIsLocked {
if (isKeystoreLocked()) {
throw new KeystoreIsLocked("Keystore '" + name + "' is locked.");
}
if (!loadKeystoreData()) {
return null;
}
TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(algorithm);
trustFactory.init(keystore);
return trustFactory.getTrustManagers();
}
Also used :
KeystoreIsLocked(org.apache.karaf.jaas.config.KeystoreIsLocked)
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
Example 2 with KeystoreIsLocked
use of org.apache.karaf.jaas.config.KeystoreIsLocked in project karaf by apache.
the class OsgiKeystoreManager method createSSLContext.
public SSLContext createSSLContext(String provider, String protocol, String algorithm, String keyStore, String keyAlias, String trustStore, long timeout) throws GeneralSecurityException {
if (!this.checkForKeystoresAvailability(keyStore, keyAlias, trustStore, timeout)) {
throw new GeneralSecurityException("Unable to lookup configured keystore and/or truststore");
}
KeystoreInstance keyInstance = getKeystore(keyStore);
if (keyInstance != null && keyInstance.isKeystoreLocked()) {
throw new KeystoreIsLocked("Keystore '" + keyStore + "' is locked");
}
if (keyInstance != null && keyInstance.isKeyLocked(keyAlias)) {
throw new KeystoreIsLocked("Key '" + keyAlias + "' in keystore '" + keyStore + "' is locked");
}
KeystoreInstance trustInstance = trustStore == null ? null : getKeystore(trustStore);
if (trustInstance != null && trustInstance.isKeystoreLocked()) {
throw new KeystoreIsLocked("Keystore '" + trustStore + "' is locked");
}
SSLContext context;
if (provider == null) {
context = SSLContext.getInstance(protocol);
} else {
context = SSLContext.getInstance(protocol, provider);
}
context.init(keyInstance == null ? null : keyInstance.getKeyManager(algorithm, keyAlias), trustInstance == null ? null : trustInstance.getTrustManager(algorithm), new SecureRandom());
return context;
}
Also used :
KeystoreIsLocked(org.apache.karaf.jaas.config.KeystoreIsLocked)
GeneralSecurityException(java.security.GeneralSecurityException)
SecureRandom(java.security.SecureRandom)
SSLContext(javax.net.ssl.SSLContext)
KeystoreInstance(org.apache.karaf.jaas.config.KeystoreInstance)
Example 3 with KeystoreIsLocked
use of org.apache.karaf.jaas.config.KeystoreIsLocked in project karaf by apache.
the class ResourceKeystoreInstance method getKeyManager.
public KeyManager[] getKeyManager(String algorithm, String keyAlias) throws KeystoreIsLocked, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException {
if (isKeystoreLocked()) {
throw new KeystoreIsLocked("Keystore '" + name + "' is locked.");
}
if (!loadKeystoreData()) {
return null;
}
KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(algorithm);
keyFactory.init(keystore, (char[]) keyPasswords.get(keyAlias));
return keyFactory.getKeyManagers();
}
Also used :
KeystoreIsLocked(org.apache.karaf.jaas.config.KeystoreIsLocked)
KeyManagerFactory(javax.net.ssl.KeyManagerFactory)
Aggregations
KeystoreIsLocked (org.apache.karaf.jaas.config.KeystoreIsLocked)3
GeneralSecurityException (java.security.GeneralSecurityException)1
SecureRandom (java.security.SecureRandom)1
KeyManagerFactory (javax.net.ssl.KeyManagerFactory)1
SSLContext (javax.net.ssl.SSLContext)1
TrustManagerFactory (javax.net.ssl.TrustManagerFactory)1
KeystoreInstance (org.apache.karaf.jaas.config.KeystoreInstance)1
