javax.net.ssl.X509ExtendedKeyManager Java Examples

The following examples show how to use javax.net.ssl.X509ExtendedKeyManager. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SSLUtils.java    From athenz with Apache License 2.0 6 votes vote down vote up
private static KeyManager[] getAliasedKeyManagers(KeyManager[] managers, String alias) {
    ///CLOVER:OFF
    if (managers != null) {
        ///CLOVER:ON
        if (alias != null) {
            for (int idx = 0; idx < managers.length; idx++) {
                ///CLOVER:OFF
                if (managers[idx] instanceof X509ExtendedKeyManager) {
                    managers[idx] = new ClientAliasedX509ExtendedKeyManager((X509ExtendedKeyManager) managers[idx], alias);
                }
                ///CLOVER:ON
            }
        }
    }
    return managers;
}
 
Example #2
Source File: CustomAliasKeyManagerFactory.java    From armeria with Apache License 2.0 6 votes vote down vote up
CustomAliasKeyManagerFactory(KeyManagerFactory delegate, String alias) {
    super(new KeyManagerFactorySpi() {
        @Override
        protected void engineInit(KeyStore ks, char[] password)
                throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
            delegate.init(ks, password);
        }

        @Override
        protected void engineInit(ManagerFactoryParameters spec) throws InvalidAlgorithmParameterException {
            delegate.init(spec);
        }

        @Override
        protected KeyManager[] engineGetKeyManagers() {
            final KeyManager[] keyManagers = delegate.getKeyManagers().clone();
            for (int i = 0; i < keyManagers.length; i++) {
                if (keyManagers[i] instanceof X509ExtendedKeyManager) {
                    final X509ExtendedKeyManager keyManager = (X509ExtendedKeyManager) keyManagers[i];
                    keyManagers[i] = new CustomAliasX509ExtendedKeyManager(keyManager, alias);
                }
            }
            return keyManagers;
        }
    }, delegate.getProvider(), delegate.getAlgorithm());
}
 
Example #3
Source File: SSLDefinitions.java    From wildfly-core with GNU Lesser General Public License v2.1 6 votes vote down vote up
private static X509ExtendedKeyManager getX509KeyManager(KeyManager keyManager) throws StartException {
    if (keyManager == null) {
        return null;
    }
    if (keyManager instanceof X509ExtendedKeyManager) {
        X509ExtendedKeyManager x509KeyManager = (X509ExtendedKeyManager) keyManager;
        if (x509KeyManager instanceof DelegatingKeyManager && IS_FIPS.getAsBoolean()) {
            ROOT_LOGGER.trace("FIPS enabled on JVM, unwrapping KeyManager");
            // If FIPS is enabled unwrap the KeyManager
            x509KeyManager = ((DelegatingKeyManager) x509KeyManager).delegating.get();
        }

        return x509KeyManager;
    }
    throw ROOT_LOGGER.invalidTypeInjected(X509ExtendedKeyManager.class.getSimpleName());
}
 
Example #4
Source File: TesterSupport.java    From Tomcat8-Source-Read with MIT License 6 votes vote down vote up
protected static KeyManager[] getUser1KeyManagers() throws Exception {
    KeyManagerFactory kmf = KeyManagerFactory.getInstance(
            KeyManagerFactory.getDefaultAlgorithm());
    kmf.init(getKeyStore(CLIENT_JKS), JKS_PASS.toCharArray());
    KeyManager[] managers = kmf.getKeyManagers();
    KeyManager manager;
    for (int i=0; i < managers.length; i++) {
        manager = managers[i];
        if (manager instanceof X509ExtendedKeyManager) {
            managers[i] = new TrackingExtendedKeyManager((X509ExtendedKeyManager)manager);
        } else if (manager instanceof X509KeyManager) {
            managers[i] = new TrackingKeyManager((X509KeyManager)manager);
        }
    }
    return managers;
}
 
Example #5
Source File: ApplicationKeyManagerFactoryTest.java    From ghidra with Apache License 2.0 6 votes vote down vote up
@Test
public void testCancelledPasswordOnSetCertificate() throws Exception {

	assertNull(ApplicationKeyManagerFactory.getKeyStore());
	ApplicationKeyManagerFactory instance = ApplicationKeyManagerFactory.getInstance();
	KeyManager[] keyManagers = instance.getKeyManagers();
	assertEquals(1, keyManagers.length);
	assertTrue("", keyManagers[0] instanceof X509ExtendedKeyManager);
	X509ExtendedKeyManager keyManager = (X509ExtendedKeyManager) keyManagers[0];

	// verify that no certs are installed
	assertNull(keyManager.getCertificateChain(ALIAS));
	assertNull(keyManager.getClientAliases("RSA", null));

	passwordProvider.cancelNextEntry();

	ApplicationKeyManagerFactory.setKeyStore(keystoreFile.getAbsolutePath(), false);

	// verify that no certs are installed
	assertEquals(null, ApplicationKeyManagerFactory.getKeyStore());
	assertNull(keyManager.getCertificateChain(ALIAS));
	assertNull(keyManager.getClientAliases("RSA", null));
}
 
Example #6
Source File: CipherTestUtils.java    From dragonwell8_jdk with GNU General Public License v2.0 5 votes vote down vote up
private CipherTestUtils()
        throws IOException, FileNotFoundException, KeyStoreException,
        NoSuchAlgorithmException, CertificateException,
        UnrecoverableKeyException, InvalidKeySpecException {
    factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
    KeyStore serverKeyStore = createServerKeyStore(SERVER_PUBLIC_KEY,
            SERVER_PRIVATE_KEY);
    KeyStore serverTrustStore = createServerKeyStore(CA_PUBLIC_KEY,
            CA_PRIVATE_KEY);

    if (serverKeyStore != null) {
        KeyManagerFactory keyFactory1
                = KeyManagerFactory.getInstance(
                        KeyManagerFactory.getDefaultAlgorithm());
        keyFactory1.init(serverKeyStore, PASSWORD);
        serverKeyManager = (X509ExtendedKeyManager) keyFactory1.
                getKeyManagers()[0];
    } else {
        serverKeyManager = null;
    }
    serverTrustManager = serverTrustStore != null
            ? new AlwaysTrustManager(serverTrustStore) : null;

    KeyStore clientKeyStore, clientTrustStore;
    clientTrustStore = serverTrustStore;
    clientKeyStore =
            createServerKeyStore(CLIENT_PUBLIC_KEY,CLIENT_PRIVATE_KEY);
    if (clientKeyStore != null) {
        KeyManagerFactory keyFactory
                = KeyManagerFactory.getInstance(
                        KeyManagerFactory.getDefaultAlgorithm());
        keyFactory.init(clientKeyStore, PASSWORD);
        clientKeyManager = (X509ExtendedKeyManager) keyFactory.
                getKeyManagers()[0];
    } else {
        clientKeyManager = null;
    }
    clientTrustManager = (clientTrustStore != null)
            ? new AlwaysTrustManager(clientTrustStore) : null;
}
 
Example #7
Source File: MutableX509KeyManager.java    From vespa with Apache License 2.0 5 votes vote down vote up
private X509ExtendedKeyManager getThreadLocalManager() {
    synchronized (monitor) {
        X509ExtendedKeyManager manager = threadLocalManager.get(Thread.currentThread());
        if (manager == null) {
            throw new IllegalStateException("Methods to retrieve valid aliases has not been called previously from this thread");
        }
        return manager;
    }
}
 
Example #8
Source File: X509AliasKeyManagerTest.java    From qpid-jms with Apache License 2.0 5 votes vote down vote up
@Test
public void testChooseClientAliasReturnsGivenAlias() {
    String wrapperAlias = "wrapperAlias";
    String myDelegateAlias = "delegateAlias";
    X509ExtendedKeyManager mock = mock(X509ExtendedKeyManager.class);
    when(mock.chooseClientAlias(any(String[].class), any(Principal[].class), any(Socket.class))).thenReturn(myDelegateAlias);

    X509ExtendedKeyManager wrapper = new X509AliasKeyManager(wrapperAlias, mock);

    assertEquals("Expected wrapper alias", wrapperAlias, wrapper.chooseClientAlias(new String[0], new Principal[0], new Socket()));
}
 
Example #9
Source File: CipherTestUtils.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
private CipherTestUtils()
        throws IOException, FileNotFoundException, KeyStoreException,
        NoSuchAlgorithmException, CertificateException,
        UnrecoverableKeyException, InvalidKeySpecException {
    factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
    KeyStore serverKeyStore = createServerKeyStore(SERVER_PUBLIC_KEY,
            SERVER_PRIVATE_KEY);
    KeyStore serverTrustStore = createServerKeyStore(CA_PUBLIC_KEY,
            CA_PRIVATE_KEY);

    if (serverKeyStore != null) {
        KeyManagerFactory keyFactory1
                = KeyManagerFactory.getInstance(
                        KeyManagerFactory.getDefaultAlgorithm());
        keyFactory1.init(serverKeyStore, PASSWORD);
        serverKeyManager = (X509ExtendedKeyManager) keyFactory1.
                getKeyManagers()[0];
    } else {
        serverKeyManager = null;
    }
    serverTrustManager = serverTrustStore != null
            ? new AlwaysTrustManager(serverTrustStore) : null;

    KeyStore clientKeyStore, clientTrustStore;
    clientTrustStore = serverTrustStore;
    clientKeyStore =
            createServerKeyStore(CLIENT_PUBLIC_KEY,CLIENT_PRIVATE_KEY);
    if (clientKeyStore != null) {
        KeyManagerFactory keyFactory
                = KeyManagerFactory.getInstance(
                        KeyManagerFactory.getDefaultAlgorithm());
        keyFactory.init(clientKeyStore, PASSWORD);
        clientKeyManager = (X509ExtendedKeyManager) keyFactory.
                getKeyManagers()[0];
    } else {
        clientKeyManager = null;
    }
    clientTrustManager = (clientTrustStore != null)
            ? new AlwaysTrustManager(clientTrustStore) : null;
}
 
Example #10
Source File: X509AliasKeyManagerTest.java    From qpid-jms with Apache License 2.0 5 votes vote down vote up
@Test
public void testGetClientAliasesReturnsGivenAliasOnly() {
    String wrapperAlias = "wrapperAlias";
    String[] delegateAliases = new String[] { "a", "b", wrapperAlias};

    X509ExtendedKeyManager mock = mock(X509ExtendedKeyManager.class);
    when(mock.getClientAliases(any(String.class), any(Principal[].class))).thenReturn(delegateAliases);

    X509ExtendedKeyManager wrapper = new X509AliasKeyManager(wrapperAlias, mock);

    assertArrayEquals("Expected array containing only the wrapper alias", new String[] { wrapperAlias }, wrapper.getClientAliases("", new Principal[0]));
}
 
Example #11
Source File: KeyManagerProxyTest.java    From athenz with Apache License 2.0 5 votes vote down vote up
@Test
public void testKeyManagerProxyGetPrivateKey(@Mocked X509ExtendedKeyManager mockedKeyManager) {
    new Expectations() {{
        mockedKeyManager.getPrivateKey("cert"); times = 1;
    }};

    KeyManagerProxy keyManagerProxy = new KeyManagerProxy(new KeyManager[]{mockedKeyManager});

    keyManagerProxy.getPrivateKey("cert");
}
 
Example #12
Source File: KeyManagerProxyTest.java    From athenz with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("ConstantConditions")
@Test
public void testKeyManagerProxyChooseClientAlias(@Mocked X509ExtendedKeyManager mockedKeyManager) {
    new Expectations() {{
        mockedKeyManager.chooseClientAlias((String[]) any, (Principal[]) any, (Socket) any); times = 1;
    }};

    KeyManagerProxy keyManagerProxy = new KeyManagerProxy(new KeyManager[]{mockedKeyManager});

    keyManagerProxy.chooseClientAlias(null, null, null);
}
 
Example #13
Source File: CipherTestUtils.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
private CipherTestUtils()
        throws IOException, FileNotFoundException, KeyStoreException,
        NoSuchAlgorithmException, CertificateException,
        UnrecoverableKeyException, InvalidKeySpecException {
    factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
    KeyStore serverKeyStore = createServerKeyStore(SERVER_PUBLIC_KEY,
            SERVER_PRIVATE_KEY);
    KeyStore serverTrustStore = createServerKeyStore(CA_PUBLIC_KEY,
            CA_PRIVATE_KEY);

    if (serverKeyStore != null) {
        KeyManagerFactory keyFactory1
                = KeyManagerFactory.getInstance(
                        KeyManagerFactory.getDefaultAlgorithm());
        keyFactory1.init(serverKeyStore, PASSWORD);
        serverKeyManager = (X509ExtendedKeyManager) keyFactory1.
                getKeyManagers()[0];
    } else {
        serverKeyManager = null;
    }
    serverTrustManager = serverTrustStore != null
            ? new AlwaysTrustManager(serverTrustStore) : null;

    KeyStore clientKeyStore, clientTrustStore;
    clientTrustStore = serverTrustStore;
    clientKeyStore =
            createServerKeyStore(CLIENT_PUBLIC_KEY,CLIENT_PRIVATE_KEY);
    if (clientKeyStore != null) {
        KeyManagerFactory keyFactory
                = KeyManagerFactory.getInstance(
                        KeyManagerFactory.getDefaultAlgorithm());
        keyFactory.init(clientKeyStore, PASSWORD);
        clientKeyManager = (X509ExtendedKeyManager) keyFactory.
                getKeyManagers()[0];
    } else {
        clientKeyManager = null;
    }
    clientTrustManager = (clientTrustStore != null)
            ? new AlwaysTrustManager(clientTrustStore) : null;
}
 
Example #14
Source File: KeyManagerProxyTest.java    From athenz with Apache License 2.0 5 votes vote down vote up
@Test
public void testKeyManagerProxyGeClientAliases(@Mocked X509ExtendedKeyManager mockedKeyManager) {
    new Expectations() {{
        mockedKeyManager.getClientAliases("cert", (Principal[]) any); times = 1;
    }};

    KeyManagerProxy keyManagerProxy = new KeyManagerProxy(new KeyManager[]{mockedKeyManager});

    keyManagerProxy.getClientAliases("cert", null);
}
 
Example #15
Source File: KeyManagerProxyTest.java    From athenz with Apache License 2.0 5 votes vote down vote up
@Test
public void testKeyManagerProxyGetServerAliases(@Mocked X509ExtendedKeyManager mockedKeyManager) {
    new Expectations() {{
        mockedKeyManager.getServerAliases("cert", (Principal[]) any); times = 1;
    }};

    KeyManagerProxy keyManagerProxy = new KeyManagerProxy(new KeyManager[]{mockedKeyManager});

    keyManagerProxy.getServerAliases("cert", null);
}
 
Example #16
Source File: SSLContextImpl.java    From openjsse with GNU General Public License v2.0 5 votes vote down vote up
private X509ExtendedKeyManager chooseKeyManager(KeyManager[] kms)
        throws KeyManagementException {
    for (int i = 0; kms != null && i < kms.length; i++) {
        KeyManager km = kms[i];
        if (!(km instanceof X509KeyManager)) {
            continue;
        }
        if (OpenJSSE.isFIPS()) {
            // In FIPS mode, require that one of OpenJSSE's own keymanagers
            // is used. Otherwise, we cannot be sure that only keys from
            // the FIPS token are used.
            if ((km instanceof X509KeyManagerImpl)
                        || (km instanceof SunX509KeyManagerImpl)) {
                return (X509ExtendedKeyManager)km;
            } else {
                // throw exception, we don't want to silently use the
                // dummy keymanager without telling the user.
                throw new KeyManagementException
                    ("FIPS mode: only OpenJSSE KeyManagers may be used");
            }
        }
        if (km instanceof X509ExtendedKeyManager) {
            return (X509ExtendedKeyManager)km;
        }

        if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {
            SSLLogger.warning(
                "X509KeyManager passed to SSLContext.init():  need an " +
                "X509ExtendedKeyManager for SSLEngine use");
        }
        return new AbstractKeyManagerWrapper((X509KeyManager)km);
    }

    // nothing found, return a dummy X509ExtendedKeyManager
    return DummyX509KeyManager.INSTANCE;
}
 
Example #17
Source File: X509AliasKeyManager.java    From qpid-jms with Apache License 2.0 5 votes vote down vote up
public X509AliasKeyManager(String alias, X509ExtendedKeyManager delegate) throws IllegalArgumentException {
    if (alias == null) {
        throw new IllegalArgumentException("The given key alias must not be null.");
    }

    this.alias = alias;
    this.delegate = delegate;
}
 
Example #18
Source File: CustomAliasKeyManagerFactory.java    From armeria with Apache License 2.0 5 votes vote down vote up
CustomAliasKeyManagerFactory(KeyManagerFactory delegate, String alias) {
    super(new KeyManagerFactorySpi() {
        @Override
        protected void engineInit(KeyStore ks, char[] password)
                throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
            delegate.init(ks, password);
        }

        @Override
        protected void engineInit(ManagerFactoryParameters spec) throws
                                                                 InvalidAlgorithmParameterException {
            delegate.init(spec);
        }

        @Override
        protected KeyManager[] engineGetKeyManagers() {
            final KeyManager[] keyManagers = delegate.getKeyManagers().clone();
            for (int i = 0; i < keyManagers.length; i++) {
                if (keyManagers[i] instanceof X509ExtendedKeyManager) {
                    final X509ExtendedKeyManager keyManager = (X509ExtendedKeyManager) keyManagers[i];
                    keyManagers[i] = new CustomAliasX509ExtendedKeyManager(keyManager, alias);
                }
            }
            return keyManagers;
        }
    }, delegate.getProvider(), delegate.getAlgorithm());
}
 
Example #19
Source File: MutableX509KeyManager.java    From vespa with Apache License 2.0 5 votes vote down vote up
private X509ExtendedKeyManager updateAndGetThreadLocalManager() {
    synchronized (monitor) {
        X509ExtendedKeyManager currentManager = this.currentManager;
        threadLocalManager.put(Thread.currentThread(), currentManager);
        return currentManager;
    }
}
 
Example #20
Source File: KeyManagerAdapter.java    From seed with Mozilla Public License 2.0 5 votes vote down vote up
@Override
public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine) {
    if (delegate instanceof X509ExtendedKeyManager) {
        return ((X509ExtendedKeyManager) delegate).chooseEngineServerAlias(keyType, issuers, engine);
    } else if (fallback instanceof X509ExtendedKeyManager) {
        return ((X509ExtendedKeyManager) fallback).chooseEngineServerAlias(keyType, issuers, engine);
    } else {
        return super.chooseEngineServerAlias(keyType, issuers, engine);
    }
}
 
Example #21
Source File: CipherTestUtils.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
private CipherTestUtils()
        throws IOException, FileNotFoundException, KeyStoreException,
        NoSuchAlgorithmException, CertificateException,
        UnrecoverableKeyException, InvalidKeySpecException {
    factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
    KeyStore serverKeyStore = createServerKeyStore(SERVER_PUBLIC_KEY,
            SERVER_PRIVATE_KEY);
    KeyStore serverTrustStore = createServerKeyStore(CA_PUBLIC_KEY,
            CA_PRIVATE_KEY);

    if (serverKeyStore != null) {
        KeyManagerFactory keyFactory1
                = KeyManagerFactory.getInstance(
                        KeyManagerFactory.getDefaultAlgorithm());
        keyFactory1.init(serverKeyStore, PASSWORD);
        serverKeyManager = (X509ExtendedKeyManager) keyFactory1.
                getKeyManagers()[0];
    } else {
        serverKeyManager = null;
    }
    serverTrustManager = serverTrustStore != null
            ? new AlwaysTrustManager(serverTrustStore) : null;

    KeyStore clientKeyStore, clientTrustStore;
    clientTrustStore = serverTrustStore;
    clientKeyStore =
            createServerKeyStore(CLIENT_PUBLIC_KEY,CLIENT_PRIVATE_KEY);
    if (clientKeyStore != null) {
        KeyManagerFactory keyFactory
                = KeyManagerFactory.getInstance(
                        KeyManagerFactory.getDefaultAlgorithm());
        keyFactory.init(clientKeyStore, PASSWORD);
        clientKeyManager = (X509ExtendedKeyManager) keyFactory.
                getKeyManagers()[0];
    } else {
        clientKeyManager = null;
    }
    clientTrustManager = (clientTrustStore != null)
            ? new AlwaysTrustManager(clientTrustStore) : null;
}
 
Example #22
Source File: X509AliasKeyManagerTest.java    From qpid-jms with Apache License 2.0 5 votes vote down vote up
@Test
public void testChooseEngineServerAliasReturnsGivenAlias() {
    String wrapperAlias = "wrapperAlias";
    String myDelegateAlias = "delegateAlias";
    X509ExtendedKeyManager mock = mock(X509ExtendedKeyManager.class);
    when(mock.chooseEngineServerAlias(any(String.class), any(Principal[].class), any(SSLEngine.class))).thenReturn(myDelegateAlias);

    X509ExtendedKeyManager wrapper = new X509AliasKeyManager(wrapperAlias, mock);

    assertEquals("Expected wrapper alias", wrapperAlias, wrapper.chooseEngineServerAlias("", new Principal[0], mock(SSLEngine.class)));
}
 
Example #23
Source File: MyX509ExtendedKeyManager.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
public MyX509ExtendedKeyManager(
        X509ExtendedKeyManager akm, String expectedAP, boolean doCheck) {
    this.akm = akm;
    this.expectedAP = expectedAP;
    this.doCheck = doCheck;

}
 
Example #24
Source File: X509AliasKeyManagerTest.java    From qpid-jms with Apache License 2.0 5 votes vote down vote up
@Test
public void testChooseServerAliasReturnsGivenAlias() {
    String wrapperAlias = "wrapperAlias";
    String myDelegateAlias = "delegateAlias";
    X509ExtendedKeyManager mock = mock(X509ExtendedKeyManager.class);
    when(mock.chooseServerAlias(any(String.class), any(Principal[].class), any(Socket.class))).thenReturn(myDelegateAlias);

    X509ExtendedKeyManager wrapper = new X509AliasKeyManager(wrapperAlias, mock);

    assertEquals("Expected wrapper alias", wrapperAlias, wrapper.chooseServerAlias("", new Principal[0], new Socket()));
}
 
Example #25
Source File: KeyManagerAdapter.java    From seed with Mozilla Public License 2.0 5 votes vote down vote up
@Override
public String chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine engine) {
    if (delegate instanceof X509ExtendedKeyManager) {
        return ((X509ExtendedKeyManager) delegate).chooseEngineClientAlias(keyType, issuers, engine);
    } else if (fallback instanceof X509ExtendedKeyManager) {
        return ((X509ExtendedKeyManager) fallback).chooseEngineClientAlias(keyType, issuers, engine);
    } else {
        return super.chooseEngineClientAlias(keyType, issuers, engine);
    }
}
 
Example #26
Source File: ClientHttpRequestFactoryFactory.java    From spring-vault with Apache License 2.0 5 votes vote down vote up
KeySelectingKeyManagerFactory(KeyManagerFactory factory, KeyConfiguration keyConfiguration) {
	super(new KeyManagerFactorySpi() {
		@Override
		protected void engineInit(KeyStore keyStore, char[] chars)
				throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
			factory.init(keyStore, chars);
		}

		@Override
		protected void engineInit(ManagerFactoryParameters managerFactoryParameters)
				throws InvalidAlgorithmParameterException {
			factory.init(managerFactoryParameters);
		}

		@Override
		protected KeyManager[] engineGetKeyManagers() {

			KeyManager[] keyManagers = factory.getKeyManagers();

			if (keyManagers.length == 1 && keyManagers[0] instanceof X509ExtendedKeyManager) {

				return new KeyManager[] { new KeySelectingX509KeyManager(
						(X509ExtendedKeyManager) keyManagers[0], keyConfiguration) };
			}

			return keyManagers;
		}
	}, factory.getProvider(), factory.getAlgorithm());
}
 
Example #27
Source File: CipherTestUtils.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
private CipherTestUtils()
        throws IOException, FileNotFoundException, KeyStoreException,
        NoSuchAlgorithmException, CertificateException,
        UnrecoverableKeyException, InvalidKeySpecException {
    factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
    KeyStore serverKeyStore = createServerKeyStore(SERVER_PUBLIC_KEY,
            SERVER_PRIVATE_KEY);
    KeyStore serverTrustStore = createServerKeyStore(CA_PUBLIC_KEY,
            CA_PRIVATE_KEY);

    if (serverKeyStore != null) {
        KeyManagerFactory keyFactory1
                = KeyManagerFactory.getInstance(
                        KeyManagerFactory.getDefaultAlgorithm());
        keyFactory1.init(serverKeyStore, PASSWORD);
        serverKeyManager = (X509ExtendedKeyManager) keyFactory1.
                getKeyManagers()[0];
    } else {
        serverKeyManager = null;
    }
    serverTrustManager = serverTrustStore != null
            ? new AlwaysTrustManager(serverTrustStore) : null;

    KeyStore clientKeyStore, clientTrustStore;
    clientTrustStore = serverTrustStore;
    clientKeyStore =
            createServerKeyStore(CLIENT_PUBLIC_KEY,CLIENT_PRIVATE_KEY);
    if (clientKeyStore != null) {
        KeyManagerFactory keyFactory
                = KeyManagerFactory.getInstance(
                        KeyManagerFactory.getDefaultAlgorithm());
        keyFactory.init(clientKeyStore, PASSWORD);
        clientKeyManager = (X509ExtendedKeyManager) keyFactory.
                getKeyManagers()[0];
    } else {
        clientKeyManager = null;
    }
    clientTrustManager = (clientTrustStore != null)
            ? new AlwaysTrustManager(clientTrustStore) : null;
}
 
Example #28
Source File: CipherTestUtils.java    From hottub with GNU General Public License v2.0 5 votes vote down vote up
private CipherTestUtils()
        throws IOException, FileNotFoundException, KeyStoreException,
        NoSuchAlgorithmException, CertificateException,
        UnrecoverableKeyException, InvalidKeySpecException {
    factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
    KeyStore serverKeyStore = createServerKeyStore(SERVER_PUBLIC_KEY,
            SERVER_PRIVATE_KEY);
    KeyStore serverTrustStore = createServerKeyStore(CA_PUBLIC_KEY,
            CA_PRIVATE_KEY);

    if (serverKeyStore != null) {
        KeyManagerFactory keyFactory1
                = KeyManagerFactory.getInstance(
                        KeyManagerFactory.getDefaultAlgorithm());
        keyFactory1.init(serverKeyStore, PASSWORD);
        serverKeyManager = (X509ExtendedKeyManager) keyFactory1.
                getKeyManagers()[0];
    } else {
        serverKeyManager = null;
    }
    serverTrustManager = serverTrustStore != null
            ? new AlwaysTrustManager(serverTrustStore) : null;

    KeyStore clientKeyStore, clientTrustStore;
    clientTrustStore = serverTrustStore;
    clientKeyStore =
            createServerKeyStore(CLIENT_PUBLIC_KEY,CLIENT_PRIVATE_KEY);
    if (clientKeyStore != null) {
        KeyManagerFactory keyFactory
                = KeyManagerFactory.getInstance(
                        KeyManagerFactory.getDefaultAlgorithm());
        keyFactory.init(clientKeyStore, PASSWORD);
        clientKeyManager = (X509ExtendedKeyManager) keyFactory.
                getKeyManagers()[0];
    } else {
        clientKeyManager = null;
    }
    clientTrustManager = (clientTrustStore != null)
            ? new AlwaysTrustManager(clientTrustStore) : null;
}
 
Example #29
Source File: QpidServerX509KeyManager.java    From qpid-broker-j with Apache License 2.0 5 votes vote down vote up
public QpidServerX509KeyManager(String alias, URL keyStoreUrl, String keyStoreType,
                                String keyStorePassword, String keyManagerFactoryAlgorithmName) throws GeneralSecurityException, IOException
{
    _alias = alias;
    KeyStore ks = SSLUtil.getInitializedKeyStore(keyStoreUrl, keyStorePassword, keyStoreType);
    KeyManagerFactory kmf = KeyManagerFactory.getInstance(keyManagerFactoryAlgorithmName);
    kmf.init(ks, keyStorePassword.toCharArray());
    _delegate = (X509ExtendedKeyManager) kmf.getKeyManagers()[0];
}
 
Example #30
Source File: TransportSupport.java    From qpid-jms with Apache License 2.0 5 votes vote down vote up
private static KeyManager[] wrapKeyManagers(String alias, KeyManager[] origKeyManagers) {
    KeyManager[] keyManagers = new KeyManager[origKeyManagers.length];
    for (int i = 0; i < origKeyManagers.length; i++) {
        KeyManager km = origKeyManagers[i];
        if (km instanceof X509ExtendedKeyManager) {
            km = new X509AliasKeyManager(alias, (X509ExtendedKeyManager) km);
        }

        keyManagers[i] = km;
    }

    return keyManagers;
}