Examples of com.fathomdb.crypto.CertificateAndKey

com.fathomdb.crypto.CertificateAndKey


    {
      SslContextFactory sslContextFactory = new SslContextFactory(SslContextFactory.DEFAULT_KEYSTORE_PATH);


      {
        CertificateAndKey certificateAndKey = encryptionStore.getCertificateAndKey("https");
        String secret = KeyStoreUtils.DEFAULT_KEYSTORE_SECRET;
        KeyStore keystore = KeyStoreUtils.createEmpty(secret);


        String alias = "https";

View Full Code Here


  Optional<List<String>> trustKeys = null;


  public List<String> getServerTrustKeys() throws OpsException {
    if (trustKeys == null) {
      CertificateAndKey certificateAndKey = encryptionStore.getCertificateAndKey("https");


      List<String> trustKeys = Lists.newArrayList();
      for (X509Certificate certificate : certificateAndKey.getCertificateChain()) {
        PublicKey publicKey = certificate.getPublicKey();
        trustKeys.add(OpenSshUtils.getSignatureString(publicKey));
      }
      this.trustKeys = Optional.of(trustKeys);
    }

View Full Code Here

    String keystoneServiceUrl = configuration.lookup("auth.system.url", "https://127.0.0.1:"
        + WellKnownPorts.PORT_PLATFORMLAYER_AUTH_ADMIN + "/");


    String cert = configuration.get("auth.system.tls.clientcert");


    CertificateAndKey certificateAndKey = encryptionStore.getCertificateAndKey(cert);


    HostnameVerifier hostnameVerifier = null;


    KeyManager keyManager = new SimpleClientCertificateKeyManager(certificateAndKey);


    TrustManager trustManager = null;


    String trustKeys = configuration.lookup("auth.system.ssl.keys", null);


    if (trustKeys != null) {
      trustManager = new PublicKeyTrustManager(Splitter.on(',').trimResults().split(trustKeys));


      hostnameVerifier = new AcceptAllHostnameVerifier();
    }


    if (log.isDebugEnabled() && certificateAndKey != null) {
      X509Certificate[] chain = certificateAndKey.getCertificateChain();
      log.debug("Using client cert for PL auth: " + Joiner.on(",").join(chain));
    }


    SslConfiguration sslConfiguration = new SslConfiguration(keyManager, trustManager, hostnameVerifier);
    RestfulClient restfulClient = new JreRestfulClient(httpStrategy, keystoneServiceUrl, sslConfiguration);

View Full Code Here

    String projectKey = configuration.lookup("multitenant.project", null);
    String username = configuration.lookup("multitenant.user", null);
    String password = configuration.lookup("multitenant.password", null);
    String certAlias = configuration.lookup("multitenant.cert", null);


    CertificateAndKey certificateAndKey = null;
    if (certAlias != null) {
      certificateAndKey = encryptionStore.getCertificateAndKey(certAlias);
    }


    String message = "Invalid multitenant configuration";


    if (username == null || projectKey == null) {
      throw new OpsException(message);
    }


    AuthenticationToken authn = null;


    if (certificateAndKey != null) {
      try {
        authn = authenticationService.authenticateWithCertificate(username, certificateAndKey.getPrivateKey(),
            certificateAndKey.getCertificateChain());
      } catch (PlatformlayerAuthenticationClientException e) {
        throw new OpsException(message, e);
      }
    } else if (password != null) {
      log.warn("Using password authentication with multitenant");

View Full Code Here


      if (project.getPkiCertificate() == null) {
        // KeyPair keyPair = RsaUtils.generateRsaKeyPair();
        // SimpleCertificateAuthority ca = new SimpleCertificateAuthority();
        X500Principal subject = new X500Principal("CN=" + project.getName());
        CertificateAndKey certificateAndKey = CertificateUtils.createSelfSigned(subject,
            RsaUtils.DEFAULT_KEYSIZE);
        project.setPkiCertificate(certificateAndKey.getCertificateChain()[0]);
        project.setPkiPrivateKey(certificateAndKey.getPrivateKey());


        db.update(project);
      }


      X509Certificate[] certificateChain = new X509Certificate[1];
      certificateChain[0] = project.getPkiCertificate();


      CertificateAndKey certificateAndKey = new SimpleCertificateAndKey(certificateChain,
          project.getPkiPrivateKey());


      return certificateAndKey;
    } catch (SQLException e) {
      throw new RepositoryException("Error retrieving PKI info", e);

View Full Code Here

    this.base = base;
  }


  @Override
  public CertificateAndKey getCertificateAndKey(String alias) {
    CertificateAndKey certificateAndKey;


    Preconditions.checkNotNull(alias);


    // Path to file
    File certPath = new File(base, alias + ".crt");

View Full Code Here

  @Inject
  UserDatabase repository;


  @Override
  public List<X509Certificate> signCsr(ProjectEntity project, String csr) throws OpsException {
    CertificateAndKey projectPki;
    try {
      projectPki = repository.getProjectPki(project);
    } catch (RepositoryException e) {
      throw new OpsException("Error getting project PKI info", e);
    }


    SimpleCertificateAuthority ca = new SimpleCertificateAuthority();
    ca.caCertificate = projectPki.getCertificateChain();
    ca.caPrivateKey = projectPki.getPrivateKey();


    X509Certificate certificate = ca.signCsr(csr);


    List<X509Certificate> chain = Lists.newArrayList();
    chain.add(certificate);
    for (X509Certificate cert : projectPki.getCertificateChain()) {
      chain.add(cert);
    }
    return chain;
  }

View Full Code Here

      return new DummyMetricClient();
    }


    // String cert = configuration.get("metrics.report.ssl.cert");
    String cert = configuration.get("metrics.tls.clientcert");
    CertificateAndKey certificateAndKey = encryptionStore.getCertificateAndKey(cert);


    String project = configuration.get("metrics.report.project");


    MetricTreeObject tags = new MetricTreeObject(null);
    Map<String, String> tagProperties = configuration.getChildProperties("metrics.report.tags.");

View Full Code Here

    return x;
  }


  @Override
  public CertificateAndKey getCertificateAndKey(String alias) {
    CertificateAndKey certificateAndKey;


    if (alias.startsWith("/")) {
      // Path to file
      File certPath = new File(alias + ".crt");

View Full Code Here


        URI uri = URI.create(server);
        OpenstackIdentityClient identityClient = OpenstackIdentityClient.build(uri);


        X500Principal subject = new X500Principal("CN=" + "test");
        CertificateAndKey certificateAndKey = ChallengeResponses.createSelfSigned(subject, keypair);


        String project = null;


        CertificateAuthTokenProvider tokenProvider = CertificateAuthTokenProvider.build(identityClient, project,
                certificateAndKey);

View Full Code Here

0 1

TOP

Related Classes of com.fathomdb.crypto.CertificateAndKey

io.fathom.auto.Bootstrap

io.fathom.cloud.compute.api.os.resources.CertificatesResource

io.fathom.cloud.dns.backend.federated.FederatedDnsBackend

io.fathom.cloud.dns.command.RegisterCheckCmdlet

io.fathom.cloud.openstack.client.identity.CertificateAuthTokenProvider

io.fathom.cloud.secrets.commands.SecretKeyActivateCmdlet

org.platformlayer.auth.JdbcUserRepository

org.platformlayer.auth.services.pki.PkiServiceImpl

org.platformlayer.auth.system.PlatformLayerAuthAdminClient

org.platformlayer.crypto.DirectoryEncryptionStore

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.