Пример #1
0
  public void testProvider() throws Exception {
    SSLContextParameters scp = new SSLContextParameters();
    scp.createSSLContext();

    SSLContext context = scp.createSSLContext();

    SSLContext defaultContext = SSLContext.getDefault();

    assertEquals(defaultContext.getProvider().getName(), context.getProvider().getName());
  }
Пример #2
0
  public TLSServer(KeyStore keyStore, String password, String protocol, int port)
      throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException,
          UnrecoverableKeyException, KeyManagementException {

    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
    keyManagerFactory.init(keyStore, password.toCharArray());
    KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();

    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
    trustManagerFactory.init(keyStore);
    TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
    sslContext = SSLContext.getInstance(protocol);
    sslContext.init(keyManagers, trustManagers, null);

    cipherSuites = sslContext.getServerSocketFactory().getSupportedCipherSuites();

    if (LOGGER.isDebugEnabled()) {
      LOGGER.debug("Provider: " + sslContext.getProvider());
      LOGGER.debug(
          "Supported cipher suites ("
              + sslContext.getServerSocketFactory().getSupportedCipherSuites().length
              + ")");
      for (String c : sslContext.getServerSocketFactory().getSupportedCipherSuites()) {
        LOGGER.debug(" " + c);
      }
    }

    this.port = port;
    LOGGER.info("SSL Server successfully initialized!");
  }
  protected CamelContext createPropertiesPlaceholderAwareContext() throws Exception {
    Properties supplementalProperties = new Properties();

    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
    KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    TrustManagerFactory tmf =
        TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    SecureRandom sr = null;
    try {
      sr = SecureRandom.getInstance("SHA1PRNG");
    } catch (NoSuchAlgorithmException e) {
      // Ignore
    }

    SSLContext sslc = SSLContext.getInstance("TLS");
    sslc.init(null, null, null);
    SSLSocket socket = (SSLSocket) sslc.getSocketFactory().createSocket();

    supplementalProperties.setProperty("keyStoreParameters.type", KeyStore.getDefaultType());
    supplementalProperties.setProperty("keyStoreParameters.provider", ks.getProvider().getName());

    supplementalProperties.setProperty(
        "keyManagersParameters.algorithm", KeyManagerFactory.getDefaultAlgorithm());
    supplementalProperties.setProperty(
        "keyManagersParameters.provider", kmf.getProvider().getName());

    supplementalProperties.setProperty(
        "trustManagersParameters.algorithm", TrustManagerFactory.getDefaultAlgorithm());
    supplementalProperties.setProperty(
        "trustManagersParameters.provider", tmf.getProvider().getName());

    if (sr != null) {
      supplementalProperties.setProperty("secureRandomParameters.algorithm", "SHA1PRNG");
      supplementalProperties.setProperty(
          "secureRandomParameters.provider", sr.getProvider().getName());
    }

    supplementalProperties.setProperty(
        "sslContextParameters.provider", sslc.getProvider().getName());
    supplementalProperties.setProperty("cipherSuite.0", socket.getSupportedCipherSuites()[0]);

    // Have to skip this guy because he doesn't work with TLS as the SSLContext protocol
    String ssp = "";
    for (String protocol : socket.getSupportedProtocols()) {
      if (!"SSLv2Hello".equals(protocol)) {
        ssp = protocol;
        break;
      }
    }
    supplementalProperties.setProperty("secureSocketProtocol.0", ssp);

    return this.createPropertiesPlaceholderAwareContext(supplementalProperties);
  }
Пример #4
0
  /**
   * Creates a new {@link SSLContext} using the receiver's configuration.
   *
   * @param context context for status messages
   * @return {@link SSLContext} object
   * @throws NoSuchProviderException if a provider specified for one of the JCA or JSSE components
   *     utilized in creating the context is not known to the platform
   * @throws NoSuchAlgorithmException if a JCA or JSSE algorithm, protocol, or type name specified
   *     for one of the context's components is not known to a given provider (or platform default
   *     provider for the component)
   * @throws KeyManagementException if an error occurs in creating a {@link KeyManager} for the
   *     context
   * @throws UnrecoverableKeyException if a private key needed by a {@link KeyManager} cannot be
   *     obtained from a key store
   * @throws KeyStoreException if an error occurs in reading the contents of a key store
   * @throws CertificateException if an error occurs in reading the contents of a certificate
   */
  public SSLContext createContext(ContextAware context)
      throws NoSuchProviderException, NoSuchAlgorithmException, KeyManagementException,
          UnrecoverableKeyException, KeyStoreException, CertificateException {

    SSLContext sslContext =
        getProvider() != null
            ? SSLContext.getInstance(getProtocol(), getProvider())
            : SSLContext.getInstance(getProtocol());

    context.addInfo(
        "SSL protocol '"
            + sslContext.getProtocol()
            + "' provider '"
            + sslContext.getProvider()
            + "'");

    KeyManager[] keyManagers = createKeyManagers(context);
    TrustManager[] trustManagers = createTrustManagers(context);
    SecureRandom secureRandom = createSecureRandom(context);
    sslContext.init(keyManagers, trustManagers, secureRandom);
    return sslContext;
  }