Examples with CertificateEntry org.apache.qpid.test.utils.tls.CertificateEntry used on opensource projects

Search in sources :

Example 1 with CertificateEntry

use of org.apache.qpid.test.utils.tls.CertificateEntry in project qpid-broker-j by apache.

the class FileTrustStoreTest method generateTrustStoreAndCrl.

private StoreAndCrl<Path> generateTrustStoreAndCrl() throws Exception {
    final KeyCertificatePair caPair = TlsResourceBuilder.createKeyPairAndRootCA(DN_CA);
    final KeyCertificatePair keyCertPair1 = TlsResourceBuilder.createKeyPairAndCertificate(DN_FOO, caPair);
    final KeyCertificatePair keyCertPair2 = TlsResourceBuilder.createKeyPairAndCertificate(DN_BAR, caPair);
    final Path keyStoreFile = TLS_RESOURCE.createKeyStore(new CertificateEntry(CERTIFICATE_ALIAS_A, keyCertPair1.getCertificate()), new CertificateEntry(CERTIFICATE_ALIAS_B, keyCertPair2.getCertificate()));
    final Path clrFile = TLS_RESOURCE.createCrl(caPair, keyCertPair2.getCertificate());
    return new StoreAndCrl<>(keyStoreFile, clrFile, caPair);
}
Also used : KeyCertificatePair(org.apache.qpid.test.utils.tls.KeyCertificatePair) Path(java.nio.file.Path) CertificateEntry(org.apache.qpid.test.utils.tls.CertificateEntry)

Example 2 with CertificateEntry

use of org.apache.qpid.test.utils.tls.CertificateEntry in project qpid-broker-j by apache.

the class PortTest method createTrustStore.

private File createTrustStore(final KeyCertificatePair keyCertPair) throws Exception {
    CertificateEntry entry = new CertificateEntry(CERTIFICATE_ALIAS, keyCertPair.getCertificate());
    Path keyStore = TLS_RESOURCE.createKeyStore(entry);
    return keyStore.toFile();
}
Also used : Path(java.nio.file.Path) CertificateEntry(org.apache.qpid.test.utils.tls.CertificateEntry)

Example 3 with CertificateEntry

use of org.apache.qpid.test.utils.tls.CertificateEntry in project qpid-broker-j by apache.

the class PortTest method setUp.

@Before
public void setUp() throws Exception {
    _portName = getTestName();
    _authenticationProvider = _portName + "AuthenticationProvider";
    _keyStoreName = _portName + "KeyStore";
    createAnonymousAuthenticationProvider();
    final KeyCertificatePair keyCertPair = generateSelfSignedCertificate();
    final X509Certificate certificate = keyCertPair.getCertificate();
    submitKeyStoreAttributes(_keyStoreName, SC_CREATED, keyCertPair);
    _storeFile = TLS_RESOURCE.createKeyStore(new CertificateEntry(CERTIFICATE_ALIAS, certificate)).toFile();
    getBrokerAdmin().createQueue(QUEUE_NAME);
}
Also used : KeyCertificatePair(org.apache.qpid.test.utils.tls.KeyCertificatePair) CertificateEntry(org.apache.qpid.test.utils.tls.CertificateEntry) X509Certificate(java.security.cert.X509Certificate) Before(org.junit.Before)

Example 4 with CertificateEntry

use of org.apache.qpid.test.utils.tls.CertificateEntry in project qpid-broker-j by apache.

the class AuthenticationTest method buildTlsResources.

private static void buildTlsResources() throws Exception {
    final String crlUri = String.format(CRL_TEMPLATE, crlHttpPort, _crlFile.toFile().getName());
    final String emptyCrlUri = String.format(CRL_TEMPLATE, crlHttpPort, _emptyCrlFile.toFile().getName());
    final String intermediateCrlUri = String.format(CRL_TEMPLATE, crlHttpPort, _intermediateCrlFile.toFile().getName());
    final String nonExistingCrlUri = String.format(CRL_TEMPLATE, crlHttpPort, "not/a/crl");
    final KeyCertificatePair caPair = TlsResourceBuilder.createKeyPairAndRootCA(DN_CA);
    final KeyPair brokerKeyPair = TlsResourceBuilder.createRSAKeyPair();
    final X509Certificate brokerCertificate = TlsResourceBuilder.createCertificateForServerAuthorization(brokerKeyPair, caPair, DN_BROKER);
    _brokerKeyStore = TLS_RESOURCE.createKeyStore(new PrivateKeyEntry("java-broker", brokerKeyPair.getPrivate(), brokerCertificate, caPair.getCertificate()), new CertificateEntry(CERT_ALIAS_ROOT_CA, caPair.getCertificate())).toFile().getAbsolutePath();
    _brokerTrustStore = TLS_RESOURCE.createKeyStore(new CertificateEntry(CERT_ALIAS_ROOT_CA, caPair.getCertificate())).toFile().getAbsolutePath();
    final KeyPair clientApp1KeyPair = TlsResourceBuilder.createRSAKeyPair();
    final X509Certificate clientApp1Certificate = TlsResourceBuilder.createCertificateForClientAuthorization(clientApp1KeyPair, caPair, DN_CLIENT_APP1);
    _brokerPeerStore = TLS_RESOURCE.createKeyStore(new CertificateEntry(DN_CLIENT_APP1, clientApp1Certificate)).toFile().getAbsolutePath();
    final KeyPair clientApp2KeyPair = TlsResourceBuilder.createRSAKeyPair();
    final X509Certificate clientApp2Certificate = TlsResourceBuilder.createCertificateForClientAuthorization(clientApp2KeyPair, caPair, DN_CLIENT_APP2);
    final KeyPair clientAllowedKeyPair = TlsResourceBuilder.createRSAKeyPair();
    final X509Certificate clientAllowedCertificate = TlsResourceBuilder.createCertificateWithCrlDistributionPoint(clientAllowedKeyPair, caPair, DN_CLIENT_ALLOWED, crlUri);
    final KeyPair clientRevokedKeyPair = TlsResourceBuilder.createRSAKeyPair();
    final X509Certificate clientRevokedCertificate = TlsResourceBuilder.createCertificateWithCrlDistributionPoint(clientRevokedKeyPair, caPair, DN_CLIENT_REVOKED, crlUri);
    final KeyPair clientKeyPairRevokedByEmpty = TlsResourceBuilder.createRSAKeyPair();
    final X509Certificate clientCertificateRevokedByEmpty = TlsResourceBuilder.createCertificateWithCrlDistributionPoint(clientKeyPairRevokedByEmpty, caPair, DN_CLIENT_REVOKED_BY_EMPTY, emptyCrlUri);
    final KeyPair clientKeyPairInvalidClr = TlsResourceBuilder.createRSAKeyPair();
    final X509Certificate clientCertificateInvalidClr = TlsResourceBuilder.createCertificateWithCrlDistributionPoint(clientKeyPairInvalidClr, caPair, DN_CLIENT_REVOKED_INVALID_CRL, nonExistingCrlUri);
    final KeyCertificatePair intermediateCA = TlsResourceBuilder.createKeyPairAndIntermediateCA(DN_INTERMEDIATE, caPair, crlUri);
    final KeyPair clientKeyPairIntermediate = TlsResourceBuilder.createRSAKeyPair();
    final X509Certificate clientCertificateIntermediate = TlsResourceBuilder.createCertificateWithCrlDistributionPoint(clientKeyPairIntermediate, intermediateCA, DN_CLIENT_INT, intermediateCrlUri);
    final KeyPair clientKeyPairExpired = TlsResourceBuilder.createRSAKeyPair();
    final Instant from = Instant.now().minus(10, ChronoUnit.DAYS);
    final Instant to = Instant.now().minus(5, ChronoUnit.DAYS);
    final X509Certificate clientCertificateExpired = TlsResourceBuilder.createCertificate(clientKeyPairExpired, caPair, "CN=user1", from, to);
    _clientExpiredKeyStore = TLS_RESOURCE.createKeyStore(new PrivateKeyEntry("user1", clientKeyPairExpired.getPrivate(), clientCertificateExpired, caPair.getCertificate())).toFile().getAbsolutePath();
    _clientKeyStore = TLS_RESOURCE.createKeyStore(new PrivateKeyEntry(CERT_ALIAS_APP1, clientApp1KeyPair.getPrivate(), clientApp1Certificate, caPair.getCertificate()), new PrivateKeyEntry(CERT_ALIAS_APP2, clientApp2KeyPair.getPrivate(), clientApp2Certificate, caPair.getCertificate()), new PrivateKeyEntry(CERT_ALIAS_ALLOWED, clientAllowedKeyPair.getPrivate(), clientAllowedCertificate, caPair.getCertificate()), new PrivateKeyEntry(CERT_ALIAS_REVOKED, clientRevokedKeyPair.getPrivate(), clientRevokedCertificate, caPair.getCertificate()), new PrivateKeyEntry(CERT_ALIAS_REVOKED_EMPTY_CRL, clientKeyPairRevokedByEmpty.getPrivate(), clientCertificateRevokedByEmpty, caPair.getCertificate()), new PrivateKeyEntry(CERT_ALIAS_REVOKED_INVALID_CRL_PATH, clientKeyPairInvalidClr.getPrivate(), clientCertificateInvalidClr, caPair.getCertificate()), new PrivateKeyEntry(CERT_ALIAS_ALLOWED_WITH_INTERMEDIATE, clientKeyPairIntermediate.getPrivate(), clientCertificateIntermediate, intermediateCA.getCertificate(), caPair.getCertificate()), new CertificateEntry(CERT_ALIAS_ROOT_CA, caPair.getCertificate())).toFile().getAbsolutePath();
    _clientTrustStore = TLS_RESOURCE.createKeyStore(new CertificateEntry(CERT_ALIAS_ROOT_CA, caPair.getCertificate())).toFile().getAbsolutePath();
    final Path crl = TLS_RESOURCE.createCrlAsDer(caPair, clientRevokedCertificate, intermediateCA.getCertificate());
    Files.copy(crl, _crlFile, StandardCopyOption.REPLACE_EXISTING);
    final Path emptyCrl = TLS_RESOURCE.createCrlAsDer(caPair);
    Files.copy(emptyCrl, _emptyCrlFile, StandardCopyOption.REPLACE_EXISTING);
    final Path intermediateCrl = TLS_RESOURCE.createCrlAsDer(caPair);
    Files.copy(intermediateCrl, _intermediateCrlFile, StandardCopyOption.REPLACE_EXISTING);
    final KeyCertificatePair clientKeyPairUntrusted = TlsResourceBuilder.createSelfSigned(DN_CLIENT_UNTRUSTED);
    _clientUntrustedKeyStore = TLS_RESOURCE.createKeyStore(new PrivateKeyEntry(CERT_ALIAS_APP1, clientKeyPairUntrusted.getPrivateKey(), clientKeyPairUntrusted.getCertificate())).toFile().getAbsolutePath();
}
Also used : KeyCertificatePair(org.apache.qpid.test.utils.tls.KeyCertificatePair) Path(java.nio.file.Path) KeyPair(java.security.KeyPair) Instant(java.time.Instant) CertificateEntry(org.apache.qpid.test.utils.tls.CertificateEntry) PrivateKeyEntry(org.apache.qpid.test.utils.tls.PrivateKeyEntry) X509Certificate(java.security.cert.X509Certificate)

Example 5 with CertificateEntry

use of org.apache.qpid.test.utils.tls.CertificateEntry in project qpid-broker-j by apache.

the class FileTrustStoreTest method generateTrustStoreAndCrlAsDataUrl.

private StoreAndCrl<String> generateTrustStoreAndCrlAsDataUrl() throws Exception {
    final KeyCertificatePair caPair = TlsResourceBuilder.createKeyPairAndRootCA(DN_CA);
    final KeyCertificatePair keyCertPair1 = TlsResourceBuilder.createKeyPairAndCertificate(DN_FOO, caPair);
    final KeyCertificatePair keyCertPair2 = TlsResourceBuilder.createKeyPairAndCertificate(DN_BAR, caPair);
    final String trustStoreAsDataUrl = TLS_RESOURCE.createKeyStoreAsDataUrl(new CertificateEntry(CERTIFICATE_ALIAS_A, keyCertPair1.getCertificate()), new CertificateEntry(CERTIFICATE_ALIAS_B, keyCertPair2.getCertificate()));
    final String crlAsDataUrl = TLS_RESOURCE.createCrlAsDataUrl(caPair, keyCertPair2.getCertificate());
    return new StoreAndCrl<>(trustStoreAsDataUrl, crlAsDataUrl, caPair);
}
Also used : KeyCertificatePair(org.apache.qpid.test.utils.tls.KeyCertificatePair) CertificateEntry(org.apache.qpid.test.utils.tls.CertificateEntry)

Aggregations

CertificateEntry (org.apache.qpid.test.utils.tls.CertificateEntry)5 KeyCertificatePair (org.apache.qpid.test.utils.tls.KeyCertificatePair)4 Path (java.nio.file.Path)3 X509Certificate (java.security.cert.X509Certificate)2 KeyPair (java.security.KeyPair)1 Instant (java.time.Instant)1 PrivateKeyEntry (org.apache.qpid.test.utils.tls.PrivateKeyEntry)1 Before (org.junit.Before)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial