List of usage examples for org.apache.commons.ssl KeyMaterial KeyMaterial
public KeyMaterial(byte[] jksOrCerts, byte[] key, char[] password) throws GeneralSecurityException, IOException
From source file:com.terradue.dsi.wire.KeyManagerProvider.java
@Override public KeyManager[] get() { final char[] password = this.password.toCharArray(); try {/*w ww. j a va2 s.c o m*/ final KeyStore store = new KeyMaterial(certificate, certificate, password).getKeyStore(); store.load(null, password); // initialize key and trust managers -> default behavior final KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509"); // password for key and store have to be the same IIRC keyManagerFactory.init(store, password); return keyManagerFactory.getKeyManagers(); } catch (Exception e) { throw new ProvisionException("Impossible to initialize SSL certificate/key", e); } }
From source file:com.terradue.warhol.auth.ssl.SslAuthenticationConfiguration.java
private KeyManager[] fromSslKeyAndCertificate(String publicCertificateLocation, String provateKeyLocation, String sslPassword) {//ww w.j ava 2s.c o m File publicCertificate = checkFile(publicCertificateLocation); File privateKey = checkFile(provateKeyLocation); char[] password; if (sslPassword != null) { password = sslPassword.toCharArray(); } else { password = new char[] {}; } try { final KeyStore store = new KeyMaterial(publicCertificate, privateKey, password).getKeyStore(); store.load(null, password); // initialize key and trust managers -> default behavior final KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509"); // password for key and store have to be the same IIRC keyManagerFactory.init(store, password); return keyManagerFactory.getKeyManagers(); } catch (Exception e) { throw new IllegalStateException("Impossible to initialize SSL certificate/key", e); } }
From source file:org.fedoraproject.eclipse.packager.FedoraSSL.java
/** * Retrieve key material from fedoraCert as specified by constructor. * /*w ww .j av a2 s . c o m*/ * @return The key material. * @throws GeneralSecurityException * @throws FileNotFoundException * If one of the three certificates is missing. * @throws IOException */ public KeyMaterial getFedoraCertKeyMaterial() throws GeneralSecurityException, FileNotFoundException, IOException { if (!allCertsExist) { Object[] bindings = { fedoraCert.getAbsolutePath(), fedoraServerCert.getAbsolutePath(), fedoraUploadCert.getAbsolutePath() }; throw new FileNotFoundException( NLS.bind(FedoraPackagerText.FedoraSSL_certificatesMissingError, bindings)); } KeyMaterial kmat = new KeyMaterial(fedoraCert, fedoraCert, new char[0]); return kmat; }
From source file:org.fedoraproject.eclipse.packager.FedoraSSL.java
/** * Determine FAS username from fedora cert file. * //from w ww . j a v a 2s .c o m * @return Username if retrieval is successful. * {@link FedoraSSL#UNKNOWN_USER} otherwise. */ public String getUsernameFromCert() { if (fedoraCert.exists()) { KeyMaterial kmat; try { kmat = new KeyMaterial(fedoraCert, fedoraCert, new char[0]); List<?> chains = kmat.getAssociatedCertificateChains(); Iterator<?> it = chains.iterator(); ArrayList<String> cns = new ArrayList<String>(); while (it.hasNext()) { X509Certificate[] certs = (X509Certificate[]) it.next(); if (certs != null) { for (int i = 0; i < certs.length; i++) { cns.add(Certificates.getCN(certs[i])); } } } return cns.get(0); } catch (GeneralSecurityException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } } return UNKNOWN_USER; }
From source file:org.fedoraproject.eclipse.packager.FedoraSSL.java
/** * Determine if FAS certificate (~/.fedora.cert) is valid. * /*from w w w. j av a2 s. c o m*/ * @return {@code true} if certificate exist and is valid. {@code false} * otherwise. */ public boolean isFedoraCertValid() { if (fedoraCert.exists()) { KeyMaterial kmat; try { kmat = new KeyMaterial(fedoraCert, fedoraCert, new char[0]); List<?> chains = kmat.getAssociatedCertificateChains(); Iterator<?> it = chains.iterator(); while (it.hasNext()) { X509Certificate[] certs = (X509Certificate[]) it.next(); if (certs != null) { if (certs.length == 1) { try { certs[0].checkValidity(); return true; } catch (CertificateExpiredException e) { return false; } catch (CertificateNotYetValidException e) { return false; } } } } } catch (GeneralSecurityException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } } return false; }
From source file:servidor.Servidor.java
public static void main(String[] arstring) { try {//from w ww .j av a 2 s. c o m SSLServer server = new SSLServer(); // Server needs some key material. We'll use an OpenSSL/PKCS8 style key (possibly encrypted). String certificateChain = "/lib/server.crt"; String privateKey = "/lib/server.key"; char[] password = "clave".toCharArray(); KeyMaterial km = new KeyMaterial(certificateChain, privateKey, password); server.setKeyMaterial(km); // These settings have to do with how we'll treat client certificates that are presented // to us. If the client doesn't present any client certificate, then these are ignored. server.setCheckHostname(false); // default setting is "false" for SSLServer server.setCheckExpiry(true); // default setting is "true" for SSLServer server.setCheckCRL(true); // default setting is "true" for SSLServer // This server trusts all client certificates presented (usually people won't present // client certs, but if they do, we'll give them a socket at the very least). server.addTrustMaterial(TrustMaterial.TRUST_ALL); SSLServerSocket ss = (SSLServerSocket) server.createServerSocket(7443); SSLSocket s = (SSLSocket) ss.accept(); PrintWriter writer = new PrintWriter(s.getOutputStream()); BufferedReader reader = new BufferedReader(new InputStreamReader(s.getInputStream())); System.out.println(reader.readLine()); } catch (Exception e) { } }