@Override public int engineSize() { try { return getKeyStore().size(); } catch (KeyStoreException e) { throw new IllegalStateException(e); } }
public List<String> listEntries() throws EsHadoopSecurityException { try { List<String> entries = new ArrayList<String>(keyStore.size()); Enumeration<String> aliases = keyStore.aliases(); while (aliases.hasMoreElements()) { String alias = aliases.nextElement(); entries.add(alias); } return entries; } catch (KeyStoreException e) { throw new EsHadoopSecurityException("Could not read aliases from keystore", e); } }
try { int numberOfEntry = trustStore.size();
private static TrustManager[] createTrustManagers() throws GeneralSecurityException, IOException { KeyStore ks = KeyStore.getInstance("JKS"); try (InputStream keyStoreStream = TestUtils.class.getClassLoader().getResourceAsStream("ssltest-keystore.jks")) { char[] keyStorePassword = "changeit".toCharArray(); ks.load(keyStoreStream, keyStorePassword); } assert (ks.size() > 0); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(ks); return tmf.getTrustManagers(); }
HttpClient httpclient = new DefaultHttpClient(); // truststore KeyStore ts = KeyStore.getInstance("JKS", "SUN"); ts.load(PostService.class.getResourceAsStream("/truststore.jks"), "amber%".toCharArray()); // if you remove me, you've got 'javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated' on missing truststore if(0 == ts.size()) throw new IOException("Error loading truststore"); // tmf TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(ts); // keystore KeyStore ks = KeyStore.getInstance("PKCS12", "SunJSSE"); ks.load(PostService.class.getResourceAsStream("/" + certName), certPwd.toCharArray()); // if you remove me, you've got 'javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated' on missing keystore if(0 == ks.size()) throw new IOException("Error loading keystore"); // kmf KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(ks, certPwd.toCharArray()); // SSL SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); // socket SSLSocketFactory socketFactory = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); Scheme sch = new Scheme("https", 8443, socketFactory); httpclient.getConnectionManager().getSchemeRegistry().register(sch); // request HttpMethod get = new GetMethod("https://localhost:8443/foo"); client.executeMethod(get); IOUtils.copy(get.getResponseBodyAsStream(), System.out);
try { int numberOfEntry = trustStore.size();
private static KeyManager[] createKeyManagers() throws GeneralSecurityException, IOException { KeyStore ks = KeyStore.getInstance("JKS"); try (InputStream keyStoreStream = TestUtils.class.getClassLoader().getResourceAsStream("ssltest-cacerts.jks")) { char[] keyStorePassword = "changeit".toCharArray(); ks.load(keyStoreStream, keyStorePassword); } assert (ks.size() > 0); // Set up key manager factory to use our key store char[] certificatePassword = "changeit".toCharArray(); KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks, certificatePassword); // Initialize the SSLContext to work with our key managers. return kmf.getKeyManagers(); }
if (keyStore.size() == 0) { throw new InvalidAlgorithmParameterException("keyStore.size() == 0");
boolean hasCertificates = false; try { hasCertificates = XMPPServer.getInstance().getCertificateStoreManager().getIdentityStore( ConnectionType.SOCKET_S2S ).getStore().size() > 0;
@Test public void testLoadTrustStore() throws Exception { String path = x509TestContext.getTrustStoreFile(KeyStoreFileType.PEM) .getAbsolutePath(); KeyStore ts = new PEMFileLoader.Builder() .setTrustStorePath(path) .setTrustStorePassword(x509TestContext.getTrustStorePassword()) .build() .loadTrustStore(); Assert.assertEquals(1, ts.size()); }
@Test public void testLoadKeyStore() throws Exception { String path = x509TestContext.getKeyStoreFile(KeyStoreFileType.JKS) .getAbsolutePath(); KeyStore ks = new JKSFileLoader.Builder() .setKeyStorePath(path) .setKeyStorePassword(x509TestContext.getKeyStorePassword()) .build() .loadKeyStore(); Assert.assertEquals(1, ks.size()); }
@Test public void testLoadTrustStore() throws Exception { String path = x509TestContext.getTrustStoreFile(KeyStoreFileType.JKS) .getAbsolutePath(); KeyStore ts = new JKSFileLoader.Builder() .setTrustStorePath(path) .setTrustStorePassword(x509TestContext.getTrustStorePassword()) .build() .loadTrustStore(); Assert.assertEquals(1, ts.size()); }
@Test public void testLoadKeyStore() throws Exception { String path = x509TestContext.getKeyStoreFile(KeyStoreFileType.PEM) .getAbsolutePath(); KeyStore ks = new PEMFileLoader.Builder() .setKeyStorePath(path) .setKeyStorePassword(x509TestContext.getKeyStorePassword()) .build() .loadKeyStore(); Assert.assertEquals(1, ks.size()); }
@Test public void testLoadTrustStoreWithWrongFileType() throws Exception { // Trying to load a JKS file with PEM loader should fail String path = x509TestContext.getTrustStoreFile(KeyStoreFileType.JKS) .getAbsolutePath(); KeyStore ts = new PEMFileLoader.Builder() .setTrustStorePath(path) .setTrustStorePassword(x509TestContext.getTrustStorePassword()) .build() .loadTrustStore(); Assert.assertEquals(0, ts.size()); } }
} else { if (keyStoreSupplier.get().size() > 1) { throw xmlLog.missingAlias(location); } else if (keyStoreSupplier.get().aliases().hasMoreElements()) {
keyStore = FilteringKeyStore.filteringKeyStore(keyStore, AliasFilter.fromString(finalAlias)); if (xmlLog.isTraceEnabled()) xmlLog.tracef("Filtered aliases %s", aliasesToString(keyStore.aliases())); if (keyStore.size() < 1) throw xmlLog.keyStoreEntryMissing(location, finalAlias);
@Test public void testLoadKeyStoreFromFileUsingSystemProperties() throws InvalidKeySpecException, CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, URISyntaxException { System.setProperty(CertUtils.KEY_STORE_SYSTEM_PROPERTY, FABRIC8_STORE_PATH); System.setProperty(CertUtils.KEY_STORE_PASSWORD_SYSTEM_PROPERTY, String.valueOf(FABRIC8_STORE_PASSPHRASE)); String privateKeyPath = Utils.filePath(getClass().getResource("/ssl/fabric8")); String multipleCertsPath = Utils.filePath(getClass().getResource("/ssl/multiple-certs.pem")); KeyStore trustStore = CertUtils.createKeyStore(null, multipleCertsPath, null, privateKeyPath, "RSA", "changeit", null, null); assertEquals(2, trustStore.size()); verifyFabric8InStore(trustStore); }
@Test public void testLoadTrustStoreFromFileUsingSystemProperties() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException { System.setProperty(CertUtils.TRUST_STORE_SYSTEM_PROPERTY, FABRIC8_STORE_PATH); System.setProperty(CertUtils.TRUST_STORE_PASSWORD_SYSTEM_PROPERTY, String.valueOf(FABRIC8_STORE_PASSPHRASE)); KeyStore trustStore = CertUtils.createTrustStore(getMultipleCertsInputSteam(), null, null); assertEquals(3, trustStore.size()); verifyFabric8InStore(trustStore); }