示例#1
0
  // =========================================================================================================
  // HTTPS handling
  private HttpServer createHttpsServer(
      InetSocketAddress pSocketAddress, JolokiaServerConfig pConfig) {
    // initialise the HTTPS server
    try {
      HttpsServer server = HttpsServer.create(pSocketAddress, pConfig.getBacklog());
      SSLContext sslContext = SSLContext.getInstance(pConfig.getSecureSocketProtocol());

      // initialise the keystore
      KeyStore ks = getKeyStore(pConfig);

      // setup the key manager factory
      KeyManagerFactory kmf = getKeyManagerFactory(pConfig);
      kmf.init(ks, pConfig.getKeystorePassword());

      // setup the trust manager factory
      TrustManagerFactory tmf = getTrustManagerFactory(pConfig);
      tmf.init(ks);

      // setup the HTTPS context and parameters
      sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

      // Update the config to filter out bad protocols or ciphers
      pConfig.updateHTTPSSettingsFromContext(sslContext);

      server.setHttpsConfigurator(new JolokiaHttpsConfigurator(sslContext, pConfig));
      return server;
    } catch (GeneralSecurityException e) {
      throw new IllegalStateException("Cannot use keystore for https communication: " + e, e);
    } catch (IOException e) {
      throw new IllegalStateException("Cannot open keystore for https communication: " + e, e);
    }
  }
 /**
  * Get the TrustManagers for the specified trust store.
  *
  * @param tsFile The trust store file
  * @param tsPass The trust store password
  * @return The TrustManagers that can manager the specified trust store.
  * @throws Exception
  */
 protected TrustManager[] getTrustManagers(String tsFile, String tsPass) throws Exception {
   tsFile = JavaKeyStoreHandler.getTrustStoreName(tsFile);
   tsPass = JavaKeyStoreHandler.getTrustStorePassword(tsPass);
   KeyStore ts = KeyStore.getInstance("JKS");
   ts.load(new FileInputStream(tsFile), tsPass.toCharArray());
   TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX");
   tmf.init(ts);
   return tmf.getTrustManagers();
 }
示例#3
0
  /*
   * If this is a secure server, we now setup the SSLContext we'll
   * use for creating the SSLEngines throughout the lifetime of
   * this process.
   */
  private void createSSLContext() throws Exception {

    char[] passphrase = "passphrase".toCharArray();

    KeyStore ks = KeyStore.getInstance("JKS");
    ks.load(new FileInputStream("testkeys"), passphrase);

    KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
    kmf.init(ks, passphrase);

    TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
    tmf.init(ks);

    sslContext = SSLContext.getInstance("TLS");
    sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
  }
示例#4
0
  public static void main(PeerFactory peerFactory, KeyStore keyStore, String[] args)
      throws Exception {

    long time = System.currentTimeMillis();
    String relPath;
    if ((args != null) && (args.length > 0) && args[0].equals("sh")) {
      relPath = pathToStoresSH;
    } else {
      relPath = pathToStores;
    }
    PATH = new File(System.getProperty("test.src", "."), relPath);
    CipherTest.peerFactory = peerFactory;
    System.out.print("Initializing test '" + peerFactory.getName() + "'...");
    //      secureRandom = new SecureRandom();
    //      secureRandom.nextInt();
    //      trustStore = readKeyStore(trustStoreFile);
    CipherTest.keyStore = keyStore;
    //      keyStore = readKeyStore(keyStoreFile);
    KeyManagerFactory keyFactory =
        KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    keyFactory.init(keyStore, "test12".toCharArray());
    keyManager = (X509ExtendedKeyManager) keyFactory.getKeyManagers()[0];

    TrustManagerFactory tmf =
        TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    tmf.init(keyStore);
    trustManager = (X509TrustManager) tmf.getTrustManagers()[0];

    //      trustManager = new AlwaysTrustManager();
    SSLContext context = SSLContext.getInstance("TLS");
    context.init(new KeyManager[] {keyManager}, new TrustManager[] {trustManager}, null);
    SSLContext.setDefault(context);

    CipherTest cipherTest = new CipherTest(peerFactory);
    Thread serverThread = new Thread(peerFactory.newServer(cipherTest), "Server");
    serverThread.setDaemon(true);
    serverThread.start();
    System.out.println("Done");
    cipherTest.run();
    time = System.currentTimeMillis() - time;
    System.out.println("Done. (" + time + " ms)");
  }
示例#5
0
  private void initialize() throws Exception {
    String trustFilename =
        System.getProperty("test.src", "./") + "/" + pathToStores + "/" + trustStoreFile;
    char[] passphrase = "passphrase".toCharArray();

    KeyStore ks = KeyStore.getInstance("JKS");
    ks.load(new FileInputStream(trustFilename), passphrase);

    for (Enumeration e = ks.aliases(); e.hasMoreElements(); ) {
      String alias = (String) e.nextElement();
      if (ks.isCertificateEntry(alias)) {
        certChain[0] = (X509Certificate) ks.getCertificate(alias);
        break;
      }
    }

    TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
    tmf.init(ks);

    trustManager = (X509TrustManager) (tmf.getTrustManagers())[0];
  }
示例#6
0
 private TrustManagerFactory getTrustManagerFactory(JolokiaServerConfig pConfig)
     throws NoSuchAlgorithmException {
   String algo = pConfig.getTrustManagerAlgorithm();
   return TrustManagerFactory.getInstance(
       algo != null ? algo : TrustManagerFactory.getDefaultAlgorithm());
 }