/** * * @return certificate paramters for tls * @throws GeneralSecurityException * @throws IOException */ public static SSLContextParameters sslParameters() throws GeneralSecurityException, IOException { String storePath = System.getProperty(ServerProperties.KEYSTORE); String alias = System.getProperty(ServerProperties.ALIAS); String pass = System.getProperty(ServerProperties.PASS); KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource(storePath); ksp.setPassword(pass); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyStore(ksp); kmp.setKeyPassword(pass); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(ksp); SSLContextParameters scp = new SSLContextParameters(); scp.setKeyManagers(kmp); scp.setTrustManagers(tmp); return scp; }
private SSLContextParameters createProducerSSLContextParameters() { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource(KEYSTORE_PATH); ksp.setPassword(KEYSTORE_PASSWORD); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyStore(ksp); kmp.setKeyPassword(KEYSTORE_PASSWORD); SSLContextClientParameters sslContextClientParameters = new SSLContextClientParameters(); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setClientParameters(sslContextClientParameters); sslContextParameters.setKeyManagers(kmp); sslContextParameters.setCertAlias(TRUSTSTORE_ALIAS_NAME); // so that the client trusts the self-signed server certificate TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(ksp); sslContextParameters.setTrustManagers(tmp); return sslContextParameters; }
private SSLContextParameters createConsumerSSLContextParameters() { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource(KEYSTORE_PATH); ksp.setPassword(KEYSTORE_PASSWORD); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(ksp); SSLContextServerParameters sslContextServerParameters = new SSLContextServerParameters(); sslContextServerParameters.setClientAuthentication(ClientAuthentication.REQUIRE.name()); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setServerParameters(sslContextServerParameters); sslContextParameters.setTrustManagers(tmp); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyStore(ksp); kmp.setKeyPassword(KEYSTORE_PASSWORD); sslContextParameters.setKeyManagers(kmp); return sslContextParameters; }
@Test public void testFullPayloadAsymmetricKeyEncryption() throws Exception { KeyStoreParameters tsParameters = new KeyStoreParameters(); tsParameters.setPassword("password"); tsParameters.setResource("sender.ts"); final XMLSecurityDataFormat xmlEncDataFormat = new XMLSecurityDataFormat(); xmlEncDataFormat.setKeyCipherAlgorithm(XMLCipher.RSA_v1dot5); xmlEncDataFormat.setKeyOrTrustStoreParameters(tsParameters); xmlEncDataFormat.setXmlCipherAlgorithm(testCypherAlgorithm); xmlEncDataFormat.setRecipientKeyAlias("recipient"); context.addRoutes(new RouteBuilder() { public void configure() { from("direct:start") .marshal(xmlEncDataFormat).to("mock:encrypted"); } }); xmlsecTestHelper.testEncryption(context); }
@SuppressWarnings("deprecation") @Test public void testPartialPayloadAsymmetricKeyEncryptionWithContextTruststoreProperties() throws Exception { final KeyStoreParameters tsParameters = new KeyStoreParameters(); tsParameters.setPassword("password"); tsParameters.setResource("sender.ts"); Map<String, String> contextProps = context.getProperties(); contextProps.put(XMLSecurityDataFormat.XML_ENC_TRUST_STORE_PASSWORD, "password"); context.addRoutes(new RouteBuilder() { public void configure() { from("direct:start") .marshal().secureXML("//cheesesites/italy/cheese", true, "recipient", testCypherAlgorithm, XMLCipher.RSA_v1dot5, tsParameters) .to("mock:encrypted"); } }); xmlsecTestHelper.testEncryption(context); }
@Test @SuppressWarnings("deprecation") public void testPartialPayloadAsymmetricKeyEncryptionWithExchangeRecipientAlias() throws Exception { MockEndpoint resultEndpoint = context.getEndpoint("mock:foo", MockEndpoint.class); resultEndpoint.setExpectedMessageCount(1); final KeyStoreParameters tsParameters = new KeyStoreParameters(); tsParameters.setPassword("password"); tsParameters.setResource("sender.ts"); context.addRoutes(new RouteBuilder() { public void configure() { from("direct:start") .process(new Processor() { public void process(Exchange exchange) throws Exception { exchange.getIn().setHeader(XMLSecurityDataFormat.XML_ENC_RECIPIENT_ALIAS, "recipient"); } }) .marshal().secureXML("//cheesesites/italy/cheese", true, null, testCypherAlgorithm, XMLCipher.RSA_v1dot5, tsParameters) .to("mock:encrypted"); } }); xmlsecTestHelper.testEncryption(context); }
@Test public void testAsymmetricEncryptionAddKeyValue() throws Exception { KeyStoreParameters tsParameters = new KeyStoreParameters(); tsParameters.setPassword("password"); tsParameters.setResource("sender.ts"); final XMLSecurityDataFormat xmlEncDataFormat = new XMLSecurityDataFormat(); xmlEncDataFormat.setKeyOrTrustStoreParameters(tsParameters); xmlEncDataFormat.setXmlCipherAlgorithm(testCypherAlgorithm); xmlEncDataFormat.setRecipientKeyAlias("recipient"); xmlEncDataFormat.setAddKeyValueForEncryptedKey(true); context.addRoutes(new RouteBuilder() { public void configure() { from("direct:start") .marshal(xmlEncDataFormat).to("mock:encrypted"); } }); Document doc = xmlsecTestHelper.testEncryption(TestHelper.XML_FRAGMENT, context); NodeList nodeList = doc.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "RSAKeyValue"); Assert.assertTrue(nodeList.getLength() > 0); }
@Test public void testAsymmetricEncryptionNoKeyValue() throws Exception { KeyStoreParameters tsParameters = new KeyStoreParameters(); tsParameters.setPassword("password"); tsParameters.setResource("sender.ts"); final XMLSecurityDataFormat xmlEncDataFormat = new XMLSecurityDataFormat(); xmlEncDataFormat.setKeyOrTrustStoreParameters(tsParameters); xmlEncDataFormat.setXmlCipherAlgorithm(testCypherAlgorithm); xmlEncDataFormat.setRecipientKeyAlias("recipient"); xmlEncDataFormat.setAddKeyValueForEncryptedKey(false); context.addRoutes(new RouteBuilder() { public void configure() { from("direct:start") .marshal(xmlEncDataFormat).to("mock:encrypted"); } }); Document doc = xmlsecTestHelper.testEncryption(TestHelper.XML_FRAGMENT, context); NodeList nodeList = doc.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "RSAKeyValue"); Assert.assertTrue(nodeList.getLength() == 0); }
@Test public void testFullPayloadAsymmetricKeyDecryption() throws Exception { final KeyStoreParameters tsParameters = new KeyStoreParameters(); tsParameters.setPassword("password"); tsParameters.setResource("sender.ts"); final KeyStoreParameters ksParameters = new KeyStoreParameters(); ksParameters.setPassword("password"); ksParameters.setResource("recipient.ks"); context.addRoutes(new RouteBuilder() { public void configure() { from("direct:start") .marshal().secureXML("", true, "recipient", testCypherAlgorithm, XMLCipher.RSA_v1dot5, tsParameters).to("mock:encrypted") .unmarshal().secureXML("", true, "recipient", testCypherAlgorithm, XMLCipher.RSA_v1dot5, ksParameters).to("mock:decrypted"); } }); xmlsecTestHelper.testDecryption(context); }
@Test public void testFullPayloadAsymmetricKeyDecryptionWithKeyPassword() throws Exception { final KeyStoreParameters tsParameters = new KeyStoreParameters(); tsParameters.setPassword("password"); tsParameters.setResource("sender.ts"); final KeyStoreParameters ksParameters = new KeyStoreParameters(); ksParameters.setPassword("password"); ksParameters.setResource("recipient-with-key-pass.ks"); context.addRoutes(new RouteBuilder() { public void configure() { from("direct:start") .marshal().secureXML("", true, "recipient", testCypherAlgorithm, XMLCipher.RSA_v1dot5, tsParameters).to("mock:encrypted") .unmarshal().secureXML("", true, "recipient", testCypherAlgorithm, XMLCipher.RSA_v1dot5, ksParameters, "keyPassword").to("mock:decrypted"); } }); xmlsecTestHelper.testDecryption(context); }
@Test public void testPartialPayloadAsymmetricKeyDecryption() throws Exception { final Map<String, String> namespaces = new HashMap<String, String>(); namespaces.put("ns1", "http://cheese.xmlsecurity.camel.apache.org/"); final KeyStoreParameters tsParameters = new KeyStoreParameters(); tsParameters.setPassword("password"); tsParameters.setResource("sender.ts"); final KeyStoreParameters ksParameters = new KeyStoreParameters(); ksParameters.setPassword("password"); ksParameters.setResource("recipient.ks"); context.addRoutes(new RouteBuilder() { public void configure() { from("direct:start") .marshal().secureXML("//ns1:cheesesites/italy", namespaces, true, "recipient", testCypherAlgorithm, XMLCipher.RSA_v1dot5, tsParameters).to("mock:encrypted") .unmarshal().secureXML("//ns1:cheesesites/italy", namespaces, true, "recipient", testCypherAlgorithm, XMLCipher.RSA_v1dot5, ksParameters).to("mock:decrypted"); } }); xmlsecTestHelper.testDecryption(TestHelper.NS_XML_FRAGMENT, context); }
@Test public void testPartialPayloadAsymmetricKeyDecryptionCustomNS() throws Exception { final KeyStoreParameters tsParameters = new KeyStoreParameters(); tsParameters.setPassword("password"); tsParameters.setResource("sender.ts"); final KeyStoreParameters ksParameters = new KeyStoreParameters(); ksParameters.setPassword("password"); ksParameters.setResource("recipient.ks"); final Map<String, String> namespaces = new HashMap<String, String>(); namespaces.put("cust", "http://cheese.xmlsecurity.camel.apache.org/"); context.addRoutes(new RouteBuilder() { public void configure() { from("direct:start") .marshal().secureXML("//cust:cheesesites/italy", namespaces, true, "recipient", testCypherAlgorithm, XMLCipher.RSA_v1dot5, tsParameters).to("mock:encrypted") .unmarshal().secureXML("//cust:cheesesites/italy", namespaces, true, "recipient", testCypherAlgorithm, XMLCipher.RSA_v1dot5, ksParameters).to("mock:decrypted"); } }); xmlsecTestHelper.testDecryption(TestHelper.NS_XML_FRAGMENT, context); }
@Test public void testFullPayloadAsymmetricKeyEncryptionGCM() throws Exception { KeyStoreParameters tsParameters = new KeyStoreParameters(); tsParameters.setPassword("password"); tsParameters.setResource("sender.ts"); final XMLSecurityDataFormat xmlEncDataFormat = new XMLSecurityDataFormat(); xmlEncDataFormat.setKeyCipherAlgorithm(XMLCipher.RSA_OAEP); xmlEncDataFormat.setKeyOrTrustStoreParameters(tsParameters); xmlEncDataFormat.setXmlCipherAlgorithm(XMLCipher.AES_128_GCM); xmlEncDataFormat.setRecipientKeyAlias("recipient"); context.addRoutes(new RouteBuilder() { public void configure() { from("direct:start") .marshal(xmlEncDataFormat).to("mock:encrypted"); } }); xmlsecTestHelper.testEncryption(context); }
@Test public void testFullPayloadAsymmetricKeyEncryptionSHA256() throws Exception { KeyStoreParameters tsParameters = new KeyStoreParameters(); tsParameters.setPassword("password"); tsParameters.setResource("sender.ts"); final XMLSecurityDataFormat xmlEncDataFormat = new XMLSecurityDataFormat(); xmlEncDataFormat.setKeyCipherAlgorithm(XMLCipher.RSA_OAEP); xmlEncDataFormat.setKeyOrTrustStoreParameters(tsParameters); xmlEncDataFormat.setXmlCipherAlgorithm(XMLCipher.AES_128); xmlEncDataFormat.setRecipientKeyAlias("recipient"); xmlEncDataFormat.setDigestAlgorithm(XMLCipher.SHA256); context.addRoutes(new RouteBuilder() { public void configure() { from("direct:start") .marshal(xmlEncDataFormat).to("mock:encrypted"); } }); xmlsecTestHelper.testEncryption(context); }
@Test public void testFullPayloadAsymmetricKeyEncryptionMGF256() throws Exception { KeyStoreParameters tsParameters = new KeyStoreParameters(); tsParameters.setPassword("password"); tsParameters.setResource("sender.ts"); final XMLSecurityDataFormat xmlEncDataFormat = new XMLSecurityDataFormat(); xmlEncDataFormat.setKeyCipherAlgorithm(XMLCipher.RSA_OAEP_11); xmlEncDataFormat.setKeyOrTrustStoreParameters(tsParameters); xmlEncDataFormat.setXmlCipherAlgorithm(XMLCipher.AES_128); xmlEncDataFormat.setMgfAlgorithm(EncryptionConstants.MGF1_SHA256); xmlEncDataFormat.setRecipientKeyAlias("recipient"); context.addRoutes(new RouteBuilder() { public void configure() { from("direct:start") .marshal(xmlEncDataFormat).to("mock:encrypted"); } }); xmlsecTestHelper.testEncryption(context); }
@Test public void testFullPayloadAsymmetricKeyDecryptionGCM() throws Exception { final KeyStoreParameters tsParameters = new KeyStoreParameters(); tsParameters.setPassword("password"); tsParameters.setResource("sender.ts"); final KeyStoreParameters ksParameters = new KeyStoreParameters(); ksParameters.setPassword("password"); ksParameters.setResource("recipient.ks"); context.addRoutes(new RouteBuilder() { public void configure() { from("direct:start") .marshal().secureXML("", true, "recipient", XMLCipher.AES_128_GCM, XMLCipher.RSA_OAEP, tsParameters).to("mock:encrypted") .unmarshal().secureXML("", true, "recipient", XMLCipher.AES_128_GCM, XMLCipher.RSA_OAEP, ksParameters).to("mock:decrypted"); } }); xmlsecTestHelper.testDecryption(context); }
@Test public void testFullPayloadAsymmetricKeyDecryptionSHA256() throws Exception { final KeyStoreParameters tsParameters = new KeyStoreParameters(); tsParameters.setPassword("password"); tsParameters.setResource("sender.ts"); final KeyStoreParameters ksParameters = new KeyStoreParameters(); ksParameters.setPassword("password"); ksParameters.setResource("recipient.ks"); context.addRoutes(new RouteBuilder() { public void configure() { from("direct:start") .marshal().secureXML("", new HashMap<String, String>(), true, "recipient", XMLCipher.AES_128, XMLCipher.RSA_OAEP, tsParameters, null, XMLCipher.SHA256).to("mock:encrypted") .unmarshal().secureXML("", new HashMap<String, String>(), true, "recipient", XMLCipher.AES_128, XMLCipher.RSA_OAEP, ksParameters, null, XMLCipher.SHA256).to("mock:decrypted"); } }); xmlsecTestHelper.testDecryption(context); }
@Override protected JndiRegistry createRegistry() throws Exception { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource("server.jks"); ksp.setPassword("password"); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyPassword("password"); kmp.setKeyStore(ksp); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(ksp); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setSecureSocketProtocol("SSL"); sslContextParameters.setKeyManagers(kmp); sslContextParameters.setTrustManagers(tmp); JndiRegistry registry = super.createRegistry(); registry.bind("sslContextParameters", sslContextParameters); return registry; }
@Override protected JndiRegistry createRegistry() throws Exception { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource("server.jks"); ksp.setPassword("password"); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(ksp); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setSecureSocketProtocol("SSL"); sslContextParameters.setTrustManagers(tmp); JndiRegistry registry = super.createRegistry(); registry.bind("sslContextParameters", sslContextParameters); return registry; }
@Override protected JndiRegistry createRegistry() throws Exception { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource("server.jks"); ksp.setPassword("password"); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(ksp); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setSecureSocketProtocol("TLS"); sslContextParameters.setTrustManagers(tmp); JndiRegistry registry = super.createRegistry(); registry.bind("sslContextParameters", sslContextParameters); return registry; }
@Override protected JndiRegistry createRegistry() throws Exception { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource("server.jks"); ksp.setPassword("password"); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyPassword("password"); kmp.setKeyStore(ksp); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(ksp); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setSecureSocketProtocol("TLS"); sslContextParameters.setKeyManagers(kmp); sslContextParameters.setTrustManagers(tmp); JndiRegistry registry = super.createRegistry(); registry.bind("sslContextParameters", sslContextParameters); return registry; }
@Override protected JndiRegistry createRegistry() throws Exception { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource("localhost.ks"); ksp.setPassword("changeit"); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(ksp); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setTrustManagers(tmp); JndiRegistry registry = super.createRegistry(); registry.bind("sslContextParameters", sslContextParameters); return registry; }
@Override protected JndiRegistry createRegistry() throws Exception { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource("jsse/localhost.ks"); ksp.setPassword(pwd); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyPassword(pwd); kmp.setKeyStore(ksp); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(ksp); // NOTE: Needed since the client uses a loose trust configuration when no ssl context // is provided. We turn on WANT client-auth to prefer using authentication SSLContextServerParameters scsp = new SSLContextServerParameters(); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setKeyManagers(kmp); sslContextParameters.setTrustManagers(tmp); sslContextParameters.setServerParameters(scsp); JndiRegistry registry = super.createRegistry(); registry.bind("sslContextParameters", sslContextParameters); return registry; }
protected SSLContextParameters defineSSLContextParameters() { KeyStoreParameters ksp = new KeyStoreParameters(); // ksp.setResource(this.getClass().getClassLoader().getResource("jsse/localhost.ks").toString()); ksp.setResource("jsse/localhost.ks"); ksp.setPassword(pwd); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyPassword(pwd); kmp.setKeyStore(ksp); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(ksp); // NOTE: Needed since the client uses a loose trust configuration when no ssl context // is provided. We turn on WANT client-auth to prefer using authentication SSLContextServerParameters scsp = new SSLContextServerParameters(); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setKeyManagers(kmp); sslContextParameters.setTrustManagers(tmp); sslContextParameters.setServerParameters(scsp); return sslContextParameters; }
@Override protected JndiRegistry createRegistry() throws Exception { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource(this.getClass().getClassLoader().getResource("jsse/localhost.ks").getPath().toString()); ksp.setPassword("changeit"); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyPassword("changeit"); kmp.setKeyStore(ksp); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setKeyManagers(kmp); JndiRegistry registry = super.createRegistry(); registry.bind("mySSLContextParameters", sslContextParameters); return registry; }
private static SSLContextParameters defineSSLContextServerParameters() { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource("jsse/localhost.ks"); ksp.setPassword(PW); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyPassword(PW); kmp.setKeyStore(ksp); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(ksp); // NOTE: Needed since the client uses a loose trust configuration when no ssl context // is provided. We turn on WANT client-auth to prefer using authentication SSLContextServerParameters scsp = new SSLContextServerParameters(); scsp.setClientAuthentication(ClientAuthentication.WANT.name()); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setKeyManagers(kmp); sslContextParameters.setTrustManagers(tmp); sslContextParameters.setServerParameters(scsp); return sslContextParameters; }
public static SSLContextParameters createSslContextParameters() { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource(MailTestHelper.class.getClassLoader().getResource("jsse/localhost.ks").toString()); ksp.setPassword(KEY_STORE_PASSWORD); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyPassword(KEY_STORE_PASSWORD); kmp.setKeyStore(ksp); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(ksp); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setKeyManagers(kmp); sslContextParameters.setTrustManagers(tmp); return sslContextParameters; }
private SSLContextParameters getSSLContextParameters(String path, String password) { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource(path); ksp.setPassword(password); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyPassword(password); kmp.setKeyStore(ksp); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(ksp); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setKeyManagers(kmp); sslContextParameters.setTrustManagers(tmp); return sslContextParameters; }
@Override protected JndiRegistry createRegistry() throws Exception { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource(this.getClass().getClassLoader().getResource("jsse/localhost.ks").toString()); ksp.setPassword(pwd); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyPassword(pwd); kmp.setKeyStore(ksp); //TrustManagersParameters tmp = new TrustManagersParameters(); //tmp.setKeyStore(ksp); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setKeyManagers(kmp); //sslContextParameters.setTrustManagers(tmp); JndiRegistry registry = super.createRegistry(); registry.bind("sslContextParameters", sslContextParameters); return registry; }
@Override protected JndiRegistry createRegistry() throws Exception { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource(this.getClass().getClassLoader().getResource("jsse/localhost.ks").toString()); ksp.setPassword(pwd); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyPassword(pwd); kmp.setKeyStore(ksp); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setKeyManagers(kmp); JndiRegistry registry = super.createRegistry(); registry.bind("sslContextParameters", sslContextParameters); return registry; }
private Connector createSslSocketConnector(CamelContext context, int port) throws Exception { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource(this.getClass().getClassLoader().getResource("jsse/localhost.ks").toString()); ksp.setPassword(pwd); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyPassword(pwd); kmp.setKeyStore(ksp); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setKeyManagers(kmp); // From Camel 2.5.0 Camel-Jetty is using SslSelectChannelConnector instead of SslSocketConnector //SslSelectChannelConnector sslSocketConnector = new SslSelectChannelConnector(); //sslSocketConnector.getSslContextFactory().setSslContext(sslContextParameters.createSSLContext()); //sslSocketConnector.setPort(port); //return sslSocketConnector; return null; }
protected void addSslContextParametersToRegistry(JndiRegistry registry) { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource(this.getClass().getClassLoader().getResource("jsse/localhost.ks").toString()); ksp.setPassword(KEY_STORE_PASSWORD); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyPassword(KEY_STORE_PASSWORD); kmp.setKeyStore(ksp); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(ksp); // NOTE: Needed since the client uses a loose trust configuration when no ssl context // is provided. We turn on WANT client-auth to prefer using authentication SSLContextServerParameters scsp = new SSLContextServerParameters(); scsp.setClientAuthentication(ClientAuthentication.WANT.name()); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setKeyManagers(kmp); sslContextParameters.setTrustManagers(tmp); sslContextParameters.setServerParameters(scsp); registry.bind("sslContextParameters", sslContextParameters); }
@Override protected JndiRegistry createRegistry() throws Exception { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource("jsse/localhost.ks"); ksp.setPassword("changeit"); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyPassword("changeit"); kmp.setKeyStore(ksp); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(ksp); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setKeyManagers(kmp); sslContextParameters.setTrustManagers(tmp); JndiRegistry registry = super.createRegistry(); registry.bind("sslContextParameters", sslContextParameters); return registry; }
@Override protected JndiRegistry createRegistry() throws Exception { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource("./cia_keystore.jks"); ksp.setPassword("supersecret"); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyPassword("secret"); kmp.setKeyStore(ksp); KeyStoreParameters tsp = new KeyStoreParameters(); tsp.setResource("./cia_truststore.jks"); tsp.setPassword("supersecret"); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(tsp); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setKeyManagers(kmp); sslContextParameters.setTrustManagers(tmp); JndiRegistry registry = super.createRegistry(); registry.bind("ssl", sslContextParameters); return registry; }
private SSLContextParameters createSSLContextParameters() { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource("./cia_keystore.jks"); ksp.setPassword("supersecret"); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyPassword("secret"); kmp.setKeyStore(ksp); KeyStoreParameters tsp = new KeyStoreParameters(); tsp.setResource("./cia_truststore.jks"); tsp.setPassword("supersecret"); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(tsp); SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setKeyManagers(kmp); sslContextParameters.setTrustManagers(tmp); return sslContextParameters; }
