Package com.fathomdb.crypto

Examples of com.fathomdb.crypto.CertificateAndKey


    {
      SslContextFactory sslContextFactory = new SslContextFactory(SslContextFactory.DEFAULT_KEYSTORE_PATH);

      {
        CertificateAndKey certificateAndKey = encryptionStore.getCertificateAndKey("https");
        String secret = KeyStoreUtils.DEFAULT_KEYSTORE_SECRET;
        KeyStore keystore = KeyStoreUtils.createEmpty(secret);

        String alias = "https";
View Full Code Here


  Optional<List<String>> trustKeys = null;

  public List<String> getServerTrustKeys() throws OpsException {
    if (trustKeys == null) {
      CertificateAndKey certificateAndKey = encryptionStore.getCertificateAndKey("https");

      List<String> trustKeys = Lists.newArrayList();
      for (X509Certificate certificate : certificateAndKey.getCertificateChain()) {
        PublicKey publicKey = certificate.getPublicKey();
        trustKeys.add(OpenSshUtils.getSignatureString(publicKey));
      }
      this.trustKeys = Optional.of(trustKeys);
    }
View Full Code Here

    String keystoneServiceUrl = configuration.lookup("auth.system.url", "https://127.0.0.1:"
        + WellKnownPorts.PORT_PLATFORMLAYER_AUTH_ADMIN + "/");

    String cert = configuration.get("auth.system.tls.clientcert");

    CertificateAndKey certificateAndKey = encryptionStore.getCertificateAndKey(cert);

    HostnameVerifier hostnameVerifier = null;

    KeyManager keyManager = new SimpleClientCertificateKeyManager(certificateAndKey);

    TrustManager trustManager = null;

    String trustKeys = configuration.lookup("auth.system.ssl.keys", null);

    if (trustKeys != null) {
      trustManager = new PublicKeyTrustManager(Splitter.on(',').trimResults().split(trustKeys));

      hostnameVerifier = new AcceptAllHostnameVerifier();
    }

    if (log.isDebugEnabled() && certificateAndKey != null) {
      X509Certificate[] chain = certificateAndKey.getCertificateChain();
      log.debug("Using client cert for PL auth: " + Joiner.on(",").join(chain));
    }

    SslConfiguration sslConfiguration = new SslConfiguration(keyManager, trustManager, hostnameVerifier);
    RestfulClient restfulClient = new JreRestfulClient(httpStrategy, keystoneServiceUrl, sslConfiguration);
View Full Code Here

    String projectKey = configuration.lookup("multitenant.project", null);
    String username = configuration.lookup("multitenant.user", null);
    String password = configuration.lookup("multitenant.password", null);
    String certAlias = configuration.lookup("multitenant.cert", null);

    CertificateAndKey certificateAndKey = null;
    if (certAlias != null) {
      certificateAndKey = encryptionStore.getCertificateAndKey(certAlias);
    }

    String message = "Invalid multitenant configuration";

    if (username == null || projectKey == null) {
      throw new OpsException(message);
    }

    AuthenticationToken authn = null;

    if (certificateAndKey != null) {
      try {
        authn = authenticationService.authenticateWithCertificate(username, certificateAndKey.getPrivateKey(),
            certificateAndKey.getCertificateChain());
      } catch (PlatformlayerAuthenticationClientException e) {
        throw new OpsException(message, e);
      }
    } else if (password != null) {
      log.warn("Using password authentication with multitenant");
View Full Code Here

      if (project.getPkiCertificate() == null) {
        // KeyPair keyPair = RsaUtils.generateRsaKeyPair();
        // SimpleCertificateAuthority ca = new SimpleCertificateAuthority();
        X500Principal subject = new X500Principal("CN=" + project.getName());
        CertificateAndKey certificateAndKey = CertificateUtils.createSelfSigned(subject,
            RsaUtils.DEFAULT_KEYSIZE);
        project.setPkiCertificate(certificateAndKey.getCertificateChain()[0]);
        project.setPkiPrivateKey(certificateAndKey.getPrivateKey());

        db.update(project);
      }

      X509Certificate[] certificateChain = new X509Certificate[1];
      certificateChain[0] = project.getPkiCertificate();

      CertificateAndKey certificateAndKey = new SimpleCertificateAndKey(certificateChain,
          project.getPkiPrivateKey());

      return certificateAndKey;
    } catch (SQLException e) {
      throw new RepositoryException("Error retrieving PKI info", e);
View Full Code Here

    this.base = base;
  }

  @Override
  public CertificateAndKey getCertificateAndKey(String alias) {
    CertificateAndKey certificateAndKey;

    Preconditions.checkNotNull(alias);

    // Path to file
    File certPath = new File(base, alias + ".crt");
View Full Code Here

  @Inject
  UserDatabase repository;

  @Override
  public List<X509Certificate> signCsr(ProjectEntity project, String csr) throws OpsException {
    CertificateAndKey projectPki;
    try {
      projectPki = repository.getProjectPki(project);
    } catch (RepositoryException e) {
      throw new OpsException("Error getting project PKI info", e);
    }

    SimpleCertificateAuthority ca = new SimpleCertificateAuthority();
    ca.caCertificate = projectPki.getCertificateChain();
    ca.caPrivateKey = projectPki.getPrivateKey();

    X509Certificate certificate = ca.signCsr(csr);

    List<X509Certificate> chain = Lists.newArrayList();
    chain.add(certificate);
    for (X509Certificate cert : projectPki.getCertificateChain()) {
      chain.add(cert);
    }
    return chain;
  }
View Full Code Here

      return new DummyMetricClient();
    }

    // String cert = configuration.get("metrics.report.ssl.cert");
    String cert = configuration.get("metrics.tls.clientcert");
    CertificateAndKey certificateAndKey = encryptionStore.getCertificateAndKey(cert);

    String project = configuration.get("metrics.report.project");

    MetricTreeObject tags = new MetricTreeObject(null);
    Map<String, String> tagProperties = configuration.getChildProperties("metrics.report.tags.");
View Full Code Here

    return x;
  }

  @Override
  public CertificateAndKey getCertificateAndKey(String alias) {
    CertificateAndKey certificateAndKey;

    if (alias.startsWith("/")) {
      // Path to file
      File certPath = new File(alias + ".crt");
View Full Code Here

        URI uri = URI.create(server);
        OpenstackIdentityClient identityClient = OpenstackIdentityClient.build(uri);

        X500Principal subject = new X500Principal("CN=" + "test");
        CertificateAndKey certificateAndKey = ChallengeResponses.createSelfSigned(subject, keypair);

        String project = null;

        CertificateAuthTokenProvider tokenProvider = CertificateAuthTokenProvider.build(identityClient, project,
                certificateAndKey);
View Full Code Here

TOP

Related Classes of com.fathomdb.crypto.CertificateAndKey

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.