Examples with Keystore org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.Keystore used on opensource projects

Search in sources :

Example 1 with Keystore

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.Keystore in project netconf by opendaylight.

the class NetconfKeystoreAdapterTest method testWritePrivateKey.

@SuppressWarnings("unchecked")
@Test
public void testWritePrivateKey() throws Exception {
    DataTreeModification<Keystore> dataTreeModification = mock(DataTreeModification.class);
    DataObjectModification<Keystore> keystoreObjectModification = mock(DataObjectModification.class);
    doReturn(keystoreObjectModification).when(dataTreeModification).getRootNode();
    DataObjectModification<?> childObjectModification = mock(DataObjectModification.class);
    doReturn(Collections.singletonList(childObjectModification)).when(keystoreObjectModification).getModifiedChildren();
    doReturn(PrivateKey.class).when(childObjectModification).getDataType();
    doReturn(DataObjectModification.ModificationType.WRITE).when(childObjectModification).getModificationType();
    PrivateKey privateKey = getPrivateKey();
    doReturn(privateKey).when(childObjectModification).getDataAfter();
    NetconfKeystoreAdapter keystoreAdapter = new NetconfKeystoreAdapter(dataBroker);
    keystoreAdapter.onDataTreeChanged(Collections.singletonList(dataTreeModification));
    java.security.KeyStore keyStore = keystoreAdapter.getJavaKeyStore();
    assertTrue(keyStore.containsAlias(privateKey.getName()));
}
Also used : Keystore(org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.Keystore) PrivateKey(org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017._private.keys.PrivateKey) Test(org.junit.Test)

Example 2 with Keystore

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.Keystore in project netconf by opendaylight.

the class NetconfKeystoreAdapter method onDataTreeChanged.

@Override
public void onDataTreeChanged(final Collection<DataTreeModification<Keystore>> changes) {
    LOG.debug("Keystore updated: {}", changes);
    for (final DataTreeModification<Keystore> change : changes) {
        final DataObjectModification<Keystore> rootNode = change.getRootNode();
        for (final DataObjectModification<? extends DataObject> changedChild : rootNode.getModifiedChildren()) {
            if (changedChild.getDataType().equals(KeyCredential.class)) {
                final Keystore dataAfter = rootNode.getDataAfter();
                pairs.clear();
                if (dataAfter != null) {
                    dataAfter.nonnullKeyCredential().values().forEach(pair -> pairs.put(pair.key().getKeyId(), pair));
                }
            } else if (changedChild.getDataType().equals(PrivateKey.class)) {
                onPrivateKeyChanged((DataObjectModification<PrivateKey>) changedChild);
            } else if (changedChild.getDataType().equals(TrustedCertificate.class)) {
                onTrustedCertificateChanged((DataObjectModification<TrustedCertificate>) changedChild);
            }
        }
    }
}
Also used : Keystore(org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.Keystore) PrivateKey(org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017._private.keys.PrivateKey) DataObjectModification(org.opendaylight.mdsal.binding.api.DataObjectModification) TrustedCertificate(org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.trusted.certificates.TrustedCertificate)

Example 3 with Keystore

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.Keystore in project netconf by opendaylight.

the class NetconfSalKeystoreService method initKeystore.

private void initKeystore() {
    final Keystore keystore = new KeystoreBuilder().build();
    final WriteTransaction writeTransaction = dataBroker.newWriteOnlyTransaction();
    writeTransaction.merge(LogicalDatastoreType.CONFIGURATION, keystoreIid, keystore);
    try {
        writeTransaction.commit().get();
        LOG.debug("init keystore done");
    } catch (InterruptedException | ExecutionException exception) {
        LOG.error("Unable to initialize Netconf key-pair store.", exception);
    }
}
Also used : Keystore(org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.Keystore) KeystoreBuilder(org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.KeystoreBuilder) WriteTransaction(org.opendaylight.mdsal.binding.api.WriteTransaction) ExecutionException(java.util.concurrent.ExecutionException)

Example 4 with Keystore

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.Keystore in project netconf by opendaylight.

the class SslHandlerFactoryImpl method createSslHandler.

@Override
public SslHandler createSslHandler(Set<String> allowedKeys) {
    try {
        final KeyStore keyStore = keystoreAdapter.getJavaKeyStore(allowedKeys);
        final KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        kmf.init(keyStore, "".toCharArray());
        final TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        tmf.init(keyStore);
        final SSLContext sslCtx = SSLContext.getInstance("TLS");
        sslCtx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
        final SSLEngine engine = sslCtx.createSSLEngine();
        engine.setUseClientMode(true);
        final String[] engineProtocols = engine.getSupportedProtocols();
        final String[] enabledProtocols;
        if (specification != null) {
            checkArgument(specification instanceof TlsCase, "Cannot get TLS specification from: %s", specification);
            final Set<String> protocols = Sets.newHashSet(engineProtocols);
            protocols.removeAll(((TlsCase) specification).getTls().getExcludedVersions());
            enabledProtocols = protocols.toArray(new String[0]);
        } else {
            enabledProtocols = engineProtocols;
        }
        engine.setEnabledProtocols(enabledProtocols);
        engine.setEnabledCipherSuites(engine.getSupportedCipherSuites());
        engine.setEnableSessionCreation(true);
        return new SslHandler(engine);
    } catch (GeneralSecurityException | IOException exc) {
        throw new IllegalStateException(exc);
    }
}
Also used : TlsCase(org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev150114.netconf.node.connection.parameters.protocol.specification.TlsCase) SSLEngine(javax.net.ssl.SSLEngine) GeneralSecurityException(java.security.GeneralSecurityException) SSLContext(javax.net.ssl.SSLContext) IOException(java.io.IOException) KeyStore(java.security.KeyStore) SslHandler(io.netty.handler.ssl.SslHandler) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) TrustManagerFactory(javax.net.ssl.TrustManagerFactory)

Example 5 with Keystore

use of org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.Keystore in project netconf by opendaylight.

the class NetconfKeystoreAdapterTest method testWritePrivateKeyAndTrustedCertificate.

@SuppressWarnings("unchecked")
@Test
public void testWritePrivateKeyAndTrustedCertificate() throws Exception {
    // Prepare PrivateKey configuration
    DataTreeModification<Keystore> dataTreeModification1 = mock(DataTreeModification.class);
    DataObjectModification<Keystore> keystoreObjectModification1 = mock(DataObjectModification.class);
    doReturn(keystoreObjectModification1).when(dataTreeModification1).getRootNode();
    DataObjectModification<?> childObjectModification1 = mock(DataObjectModification.class);
    doReturn(Collections.singletonList(childObjectModification1)).when(keystoreObjectModification1).getModifiedChildren();
    doReturn(PrivateKey.class).when(childObjectModification1).getDataType();
    doReturn(DataObjectModification.ModificationType.WRITE).when(childObjectModification1).getModificationType();
    PrivateKey privateKey = getPrivateKey();
    doReturn(privateKey).when(childObjectModification1).getDataAfter();
    // Prepare TrustedCertificate configuration
    DataTreeModification<Keystore> dataTreeModification2 = mock(DataTreeModification.class);
    DataObjectModification<Keystore> keystoreObjectModification2 = mock(DataObjectModification.class);
    doReturn(keystoreObjectModification2).when(dataTreeModification2).getRootNode();
    DataObjectModification<?> childObjectModification2 = mock(DataObjectModification.class);
    doReturn(Collections.singletonList(childObjectModification2)).when(keystoreObjectModification2).getModifiedChildren();
    doReturn(TrustedCertificate.class).when(childObjectModification2).getDataType();
    doReturn(DataObjectModification.ModificationType.WRITE).when(childObjectModification2).getModificationType();
    TrustedCertificate trustedCertificate = geTrustedCertificate();
    doReturn(trustedCertificate).when(childObjectModification2).getDataAfter();
    // Apply configurations
    NetconfKeystoreAdapter keystoreAdapter = new NetconfKeystoreAdapter(dataBroker);
    keystoreAdapter.onDataTreeChanged(Arrays.asList(dataTreeModification1, dataTreeModification2));
    // Check result
    java.security.KeyStore keyStore = keystoreAdapter.getJavaKeyStore();
    assertTrue(keyStore.containsAlias(privateKey.getName()));
    assertTrue(keyStore.containsAlias(trustedCertificate.getName()));
}
Also used : Keystore(org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.Keystore) PrivateKey(org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017._private.keys.PrivateKey) TrustedCertificate(org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.trusted.certificates.TrustedCertificate) Test(org.junit.Test)

Aggregations

Keystore (org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.Keystore)4 PrivateKey (org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017._private.keys.PrivateKey)4 TrustedCertificate (org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.trusted.certificates.TrustedCertificate)3 KeyStore (java.security.KeyStore)2 Test (org.junit.Test)2 SslHandler (io.netty.handler.ssl.SslHandler)1 IOException (java.io.IOException)1 GeneralSecurityException (java.security.GeneralSecurityException)1 KeyStoreException (java.security.KeyStoreException)1 Certificate (java.security.cert.Certificate)1 CertificateException (java.security.cert.CertificateException)1 X509Certificate (java.security.cert.X509Certificate)1 HashMap (java.util.HashMap)1 Map (java.util.Map)1 ExecutionException (java.util.concurrent.ExecutionException)1 KeyManagerFactory (javax.net.ssl.KeyManagerFactory)1 SSLContext (javax.net.ssl.SSLContext)1 SSLEngine (javax.net.ssl.SSLEngine)1 TrustManagerFactory (javax.net.ssl.TrustManagerFactory)1 DataObjectModification (org.opendaylight.mdsal.binding.api.DataObjectModification)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial