Examples with TrustStore org.apache.qpid.server.model.TrustStore used on opensource projects

Search in sources :

Example 16 with TrustStore

use of org.apache.qpid.server.model.TrustStore in project qpid-broker-j by apache.

the class FileTrustStoreTest method testUseOfExpiredTrustAnchorAllowed.

public void testUseOfExpiredTrustAnchorAllowed() throws Exception {
    Map<String, Object> attributes = new HashMap<>();
    attributes.put(FileTrustStore.NAME, "myFileTrustStore");
    attributes.put(FileTrustStore.STORE_URL, TestSSLConstants.BROKER_EXPIRED_TRUSTSTORE);
    attributes.put(FileTrustStore.PASSWORD, TestSSLConstants.BROKER_TRUSTSTORE_PASSWORD);
    TrustStore trustStore = _factory.create(TrustStore.class, attributes, _broker);
    TrustManager[] trustManagers = trustStore.getTrustManagers();
    assertNotNull(trustManagers);
    assertEquals("Unexpected number of trust managers", 1, trustManagers.length);
    assertTrue("Unexpected trust manager type", trustManagers[0] instanceof X509TrustManager);
    X509TrustManager trustManager = (X509TrustManager) trustManagers[0];
    KeyStore clientStore = getInitializedKeyStore(TestSSLConstants.EXPIRED_KEYSTORE, TestSSLConstants.KEYSTORE_PASSWORD, KeyStore.getDefaultType());
    String alias = clientStore.aliases().nextElement();
    X509Certificate certificate = (X509Certificate) clientStore.getCertificate(alias);
    trustManager.checkClientTrusted(new X509Certificate[] { certificate }, "NULL");
}
Also used : HashMap(java.util.HashMap) X509TrustManager(javax.net.ssl.X509TrustManager) TrustStore(org.apache.qpid.server.model.TrustStore) SSLUtil.getInitializedKeyStore(org.apache.qpid.server.transport.network.security.ssl.SSLUtil.getInitializedKeyStore) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) TrustManager(javax.net.ssl.TrustManager) QpidPeersOnlyTrustManager(org.apache.qpid.server.transport.network.security.ssl.QpidPeersOnlyTrustManager) X509TrustManager(javax.net.ssl.X509TrustManager)

Example 17 with TrustStore

use of org.apache.qpid.server.model.TrustStore in project qpid-broker-j by apache.

the class FileTrustStoreTest method testUseOfExpiredTrustAnchorDenied.

public void testUseOfExpiredTrustAnchorDenied() throws Exception {
    Map<String, Object> attributes = new HashMap<>();
    attributes.put(FileTrustStore.NAME, "myFileTrustStore");
    attributes.put(FileTrustStore.STORE_URL, TestSSLConstants.BROKER_EXPIRED_TRUSTSTORE);
    attributes.put(FileTrustStore.PASSWORD, TestSSLConstants.BROKER_TRUSTSTORE_PASSWORD);
    attributes.put(FileTrustStore.TRUST_ANCHOR_VALIDITY_ENFORCED, true);
    TrustStore trustStore = _factory.create(TrustStore.class, attributes, _broker);
    TrustManager[] trustManagers = trustStore.getTrustManagers();
    assertNotNull(trustManagers);
    assertEquals("Unexpected number of trust managers", 1, trustManagers.length);
    assertTrue("Unexpected trust manager type", trustManagers[0] instanceof X509TrustManager);
    X509TrustManager trustManager = (X509TrustManager) trustManagers[0];
    KeyStore clientStore = getInitializedKeyStore(TestSSLConstants.EXPIRED_KEYSTORE, TestSSLConstants.KEYSTORE_PASSWORD, KeyStore.getDefaultType());
    String alias = clientStore.aliases().nextElement();
    X509Certificate certificate = (X509Certificate) clientStore.getCertificate(alias);
    try {
        trustManager.checkClientTrusted(new X509Certificate[] { certificate }, "NULL");
        fail("Exception not thrown");
    } catch (CertificateException e) {
        if (e instanceof CertificateExpiredException || "Certificate expired".equals(e.getMessage())) {
        // IBMJSSE2 does not throw CertificateExpiredException, it throws a CertificateException
        // PASS
        } else {
            throw e;
        }
    }
}
Also used : CertificateExpiredException(java.security.cert.CertificateExpiredException) HashMap(java.util.HashMap) X509TrustManager(javax.net.ssl.X509TrustManager) CertificateException(java.security.cert.CertificateException) TrustStore(org.apache.qpid.server.model.TrustStore) SSLUtil.getInitializedKeyStore(org.apache.qpid.server.transport.network.security.ssl.SSLUtil.getInitializedKeyStore) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) TrustManager(javax.net.ssl.TrustManager) QpidPeersOnlyTrustManager(org.apache.qpid.server.transport.network.security.ssl.QpidPeersOnlyTrustManager) X509TrustManager(javax.net.ssl.X509TrustManager)

Example 18 with TrustStore

use of org.apache.qpid.server.model.TrustStore in project qpid-broker-j by apache.

the class TrustStoreMessageSourceTest method setUp.

@Override
public void setUp() throws Exception {
    super.setUp();
    VirtualHost vhost = mock(VirtualHost.class);
    MessageStore messageStore = new TestMemoryMessageStore();
    TrustStore trustStore = mock(TrustStore.class);
    Certificate certificate = mock(Certificate.class);
    _certificates = new Certificate[] { certificate };
    when(vhost.getMessageStore()).thenReturn(messageStore);
    when(trustStore.getState()).thenReturn(State.ACTIVE);
    when(trustStore.getCertificates()).thenReturn(_certificates);
    when(certificate.getEncoded()).thenReturn("my certificate".getBytes());
    _trustStoreMessageSource = new TrustStoreMessageSource(trustStore, vhost);
}
Also used : MessageStore(org.apache.qpid.server.store.MessageStore) TestMemoryMessageStore(org.apache.qpid.server.store.TestMemoryMessageStore) VirtualHost(org.apache.qpid.server.model.VirtualHost) TrustStore(org.apache.qpid.server.model.TrustStore) TestMemoryMessageStore(org.apache.qpid.server.store.TestMemoryMessageStore) Certificate(java.security.cert.Certificate)

Aggregations

TrustStore (org.apache.qpid.server.model.TrustStore)18 URL (java.net.URL)8 GeneralSecurityException (java.security.GeneralSecurityException)7 JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)6 IOException (java.io.IOException)6 InputStream (java.io.InputStream)6 HttpURLConnection (java.net.HttpURLConnection)6 HashMap (java.util.HashMap)6 Map (java.util.Map)6 UsernamePrincipal (org.apache.qpid.server.security.auth.UsernamePrincipal)6 IdentityResolverException (org.apache.qpid.server.security.auth.manager.oauth2.IdentityResolverException)6 ConnectionBuilder (org.apache.qpid.server.util.ConnectionBuilder)6 ServerScopedRuntimeException (org.apache.qpid.server.util.ServerScopedRuntimeException)6 X509Certificate (java.security.cert.X509Certificate)5 TrustManager (javax.net.ssl.TrustManager)5 X509TrustManager (javax.net.ssl.X509TrustManager)5 KeyStore (java.security.KeyStore)3 Certificate (java.security.cert.Certificate)3 SSLContext (javax.net.ssl.SSLContext)3 CertificateException (java.security.cert.CertificateException)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial