/** * Get a KeyManager configured with the given private key and certificate */ public static KeyManager[] getKeyManagers(String alias, String clientKey, String clientCert) { if (clientCert == null) { return null; } KeyStore keyStore = createEmptyKeyStore(); setKeyEntry(keyStore, alias, clientKey, clientCert); return getKeyManagers(keyStore); }
/** * Returns certificate thumbprint with no colon characters and lower-cased for the first * certificate in the chain. */ public static String generatePureFingerPrint(X509Certificate[] certificateChain) { return generatePureFingerPrint(certificateChain[0]); }
public static String generateSelfLink(SslTrustCertificateState body) { AssertUtil.assertNotEmpty(body.certificate, "certificate"); return CertificateUtil.generatePureFingerPrint( CertificateUtil.createCertificateChain(body.certificate)); }
/** * Initializes (or re-initializes) the {@link EncryptorService} by reading the configured * encryption key file. */ public static void initEncryptionService() { File encryptionKey = getEncryptionFile(); if (encryptionKey == null) { encryptionService = null; } else { encryptionService = new EncryptorService(encryptionKey); try { encryptionService.encrypt(ENCRYPTION_PREFIX); } catch (Exception e) { throw new LocalizableValidationException(e, "Error validating the encryption key!", "common.encryption.file.validation"); } } }
/** * Create a TrustManager for the given PEM encoded certificate */ public static TrustManager[] getTrustManagers(String alias, String trustedCert) { if (trustedCert == null) { return null; } KeyStore trustStore = createEmptyKeyStore(); setCertificateEntry(trustStore, alias, trustedCert); return getTrustManagers(trustStore); }
/** * Retrieve the {@link ThumbprintAlgorithm#DEFAULT} thumbprint of a X.509 certificate. * * @param cert * certificate * @return the thumbprint corresponding to the certificate; {@code not-null} value * @throws IllegalStateException * if an error occur while getting the encoded form of the certificates * @throws IllegalArgumentException * if an error occur while getting the encoded form of the certificates */ public static String computeCertificateThumbprint(X509Certificate cert) { return computeCertificateThumbprint(cert, ThumbprintAlgorithm.DEFAULT); }
public void putDelegate(String alias, String certificate) { X509TrustManager delegateTrustManager = (X509TrustManager) CertificateUtil .getTrustManagers(alias, certificate)[0]; this.delegatingTrustManager.putDelegate(alias, delegateTrustManager); }
/** * Create a ServiceClient instance using the given TrustManager and KeyManager * * @param trustManager * @param keyManager * @return */ public static ServiceClient createServiceClient(TrustManager trustManager, KeyManager keyManager) { return createServiceClient(CertificateUtil.createSSLContext( trustManager, keyManager)); }
public static boolean isSelfSignedCertificate(String certPEM) { try { X509Certificate[] certs = CertificateUtil.createCertificateChain(certPEM); if (certs.length != 1) { return false; } return isSelfSignedCertificate(certs[0]); } catch (Exception e) { return false; } }
/** * Serialize Certificate chain in PEM format */ public static String toPEMformat(X509Certificate[] certificateChain) { StringWriter sw = new StringWriter(); for (X509Certificate certificate : certificateChain) { sw.append(toPEMformat(certificate)); } return sw.toString(); }
public static X509TrustManagerResolver resolveCertificate(URI uri, long timeoutMillis) { return resolveCertificate(uri, null, null, null, timeoutMillis); }
@Override public FilterReturnCode processRequest(Operation op, OperationProcessingContext context) { if (op.getAction() == Action.POST) { handlePatchPostPut(service, op); } return FilterReturnCode.CONTINUE_PROCESSING; } });
/** * PSC 6.5 SAML requirement due to Bouncycastle library conflicts. */ public static String toPEMFormat(Key key, ServiceHost host) { if (useAuthConfig(host)) { return keyToPEMFormat(key); } else { return KeyUtil.toPEMFormat(key); } }
public String getAlias() { if (this.documentSelfLink != null) { return Service.getId(this.documentSelfLink); } else { return CertificateUtil.generatePureFingerPrint( CertificateUtil.createCertificateChain(this.certificate)); } }
/** * Initializes (or re-initializes) the {@link EncryptorService} by reading the configured * encryption key file. */ public static void initEncryptionService() { File encryptionKey = getEncryptionFile(); if (encryptionKey == null) { encryptionService = null; } else { encryptionService = new EncryptorService(encryptionKey); try { encryptionService.encrypt(ENCRYPTION_PREFIX); } catch (Exception e) { throw new LocalizableValidationException(e, "Error validating the encryption key!", "common.encryption.file.validation"); } } }
/** * Returns certificate thumbprint with no colon characters and lower-cased. */ public static String generatePureFingerPrint(X509Certificate certificate) { String thumbprint = computeCertificateThumbprint(certificate); return thumbprint.replaceAll(":", "").toLowerCase(); }
public void putDelegate(String alias, String certificate) { X509TrustManager delegateTrustManager = (X509TrustManager) CertificateUtil .getTrustManagers(alias, certificate)[0]; this.delegatingTrustManager.putDelegate(alias, delegateTrustManager); }
/** * PSC 6.5 SAML requirement due to Bouncycastle library conflicts. */ public static String toPEMformat(X509Certificate certificate, ServiceHost host) { if (useAuthConfig(host)) { return certToPEMformat(certificate); } else { return CertificateUtil.toPEMformat(certificate); } }
public static String generateFingerprint(SslTrustCertificateState body) { AssertUtil.assertNotEmpty(body.certificate, "certificate"); return CertificateUtil .generatePureFingerPrint(CertificateUtil.createCertificateChain(body.certificate)); }