public void testProvider() throws Exception { SSLContextParameters scp = new SSLContextParameters(); scp.createSSLContext(); SSLContext context = scp.createSSLContext(); SSLContext defaultContext = SSLContext.getDefault(); assertEquals(defaultContext.getProvider().getName(), context.getProvider().getName()); }
public TLSServer(KeyStore keyStore, String password, String protocol, int port) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, KeyManagementException { KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509"); keyManagerFactory.init(keyStore, password.toCharArray()); KeyManager[] keyManagers = keyManagerFactory.getKeyManagers(); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509"); trustManagerFactory.init(keyStore); TrustManager[] trustManagers = trustManagerFactory.getTrustManagers(); sslContext = SSLContext.getInstance(protocol); sslContext.init(keyManagers, trustManagers, null); cipherSuites = sslContext.getServerSocketFactory().getSupportedCipherSuites(); if (LOGGER.isDebugEnabled()) { LOGGER.debug("Provider: " + sslContext.getProvider()); LOGGER.debug( "Supported cipher suites (" + sslContext.getServerSocketFactory().getSupportedCipherSuites().length + ")"); for (String c : sslContext.getServerSocketFactory().getSupportedCipherSuites()) { LOGGER.debug(" " + c); } } this.port = port; LOGGER.info("SSL Server successfully initialized!"); }
protected CamelContext createPropertiesPlaceholderAwareContext() throws Exception { Properties supplementalProperties = new Properties(); KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); SecureRandom sr = null; try { sr = SecureRandom.getInstance("SHA1PRNG"); } catch (NoSuchAlgorithmException e) { // Ignore } SSLContext sslc = SSLContext.getInstance("TLS"); sslc.init(null, null, null); SSLSocket socket = (SSLSocket) sslc.getSocketFactory().createSocket(); supplementalProperties.setProperty("keyStoreParameters.type", KeyStore.getDefaultType()); supplementalProperties.setProperty("keyStoreParameters.provider", ks.getProvider().getName()); supplementalProperties.setProperty( "keyManagersParameters.algorithm", KeyManagerFactory.getDefaultAlgorithm()); supplementalProperties.setProperty( "keyManagersParameters.provider", kmf.getProvider().getName()); supplementalProperties.setProperty( "trustManagersParameters.algorithm", TrustManagerFactory.getDefaultAlgorithm()); supplementalProperties.setProperty( "trustManagersParameters.provider", tmf.getProvider().getName()); if (sr != null) { supplementalProperties.setProperty("secureRandomParameters.algorithm", "SHA1PRNG"); supplementalProperties.setProperty( "secureRandomParameters.provider", sr.getProvider().getName()); } supplementalProperties.setProperty( "sslContextParameters.provider", sslc.getProvider().getName()); supplementalProperties.setProperty("cipherSuite.0", socket.getSupportedCipherSuites()[0]); // Have to skip this guy because he doesn't work with TLS as the SSLContext protocol String ssp = ""; for (String protocol : socket.getSupportedProtocols()) { if (!"SSLv2Hello".equals(protocol)) { ssp = protocol; break; } } supplementalProperties.setProperty("secureSocketProtocol.0", ssp); return this.createPropertiesPlaceholderAwareContext(supplementalProperties); }
/** * Creates a new {@link SSLContext} using the receiver's configuration. * * @param context context for status messages * @return {@link SSLContext} object * @throws NoSuchProviderException if a provider specified for one of the JCA or JSSE components * utilized in creating the context is not known to the platform * @throws NoSuchAlgorithmException if a JCA or JSSE algorithm, protocol, or type name specified * for one of the context's components is not known to a given provider (or platform default * provider for the component) * @throws KeyManagementException if an error occurs in creating a {@link KeyManager} for the * context * @throws UnrecoverableKeyException if a private key needed by a {@link KeyManager} cannot be * obtained from a key store * @throws KeyStoreException if an error occurs in reading the contents of a key store * @throws CertificateException if an error occurs in reading the contents of a certificate */ public SSLContext createContext(ContextAware context) throws NoSuchProviderException, NoSuchAlgorithmException, KeyManagementException, UnrecoverableKeyException, KeyStoreException, CertificateException { SSLContext sslContext = getProvider() != null ? SSLContext.getInstance(getProtocol(), getProvider()) : SSLContext.getInstance(getProtocol()); context.addInfo( "SSL protocol '" + sslContext.getProtocol() + "' provider '" + sslContext.getProvider() + "'"); KeyManager[] keyManagers = createKeyManagers(context); TrustManager[] trustManagers = createTrustManagers(context); SecureRandom secureRandom = createSecureRandom(context); sslContext.init(keyManagers, trustManagers, secureRandom); return sslContext; }