optimize imports, fix PrivateKeyreader for Ed25519 by JDK, and public key derival from private key
This commit is contained in:
parent
ac6e1480dc
commit
50987d45fb
77 changed files with 420 additions and 389 deletions
|
@ -1,8 +1,5 @@
|
|||
package org.xbib.net.security;
|
||||
|
||||
import org.xbib.net.security.util.DistinguishedNameParser;
|
||||
|
||||
import javax.crypto.NoSuchPaddingException;
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
|
@ -26,6 +23,8 @@ import java.util.Base64;
|
|||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
import java.util.Scanner;
|
||||
import javax.crypto.NoSuchPaddingException;
|
||||
import org.xbib.net.security.util.DistinguishedNameParser;
|
||||
|
||||
public class CertificateReader {
|
||||
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
package org.xbib.net.security;
|
||||
|
||||
import javax.crypto.NoSuchPaddingException;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
|
@ -12,6 +11,7 @@ import java.security.cert.X509Certificate;
|
|||
import java.security.spec.InvalidKeySpecException;
|
||||
import java.util.Collection;
|
||||
import java.util.Map;
|
||||
import javax.crypto.NoSuchPaddingException;
|
||||
|
||||
public class DefaultCertificateProvider implements CertificateProvider {
|
||||
|
||||
|
|
|
@ -1,11 +1,5 @@
|
|||
package org.xbib.net.security;
|
||||
|
||||
import javax.crypto.Cipher;
|
||||
import javax.crypto.EncryptedPrivateKeyInfo;
|
||||
import javax.crypto.SecretKey;
|
||||
import javax.crypto.SecretKeyFactory;
|
||||
import javax.crypto.spec.PBEKeySpec;
|
||||
import javax.security.auth.x500.X500Principal;
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
|
@ -34,7 +28,12 @@ import java.util.List;
|
|||
import java.util.Set;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
import javax.crypto.Cipher;
|
||||
import javax.crypto.EncryptedPrivateKeyInfo;
|
||||
import javax.crypto.SecretKey;
|
||||
import javax.crypto.SecretKeyFactory;
|
||||
import javax.crypto.spec.PBEKeySpec;
|
||||
import javax.security.auth.x500.X500Principal;
|
||||
import static java.lang.String.format;
|
||||
import static java.nio.charset.StandardCharsets.US_ASCII;
|
||||
import static java.util.Base64.getMimeDecoder;
|
||||
|
@ -44,8 +43,8 @@ import static javax.crypto.Cipher.DECRYPT_MODE;
|
|||
import static org.xbib.net.security.util.DerUtils.decodeSequence;
|
||||
import static org.xbib.net.security.util.DerUtils.decodeSequenceOptionalElement;
|
||||
import static org.xbib.net.security.util.DerUtils.encodeBitString;
|
||||
import static org.xbib.net.security.util.DerUtils.encodeOctetString;
|
||||
import static org.xbib.net.security.util.DerUtils.encodeOID;
|
||||
import static org.xbib.net.security.util.DerUtils.encodeOctetString;
|
||||
import static org.xbib.net.security.util.DerUtils.encodeSequence;
|
||||
|
||||
public final class PemReader {
|
||||
|
|
|
@ -1,11 +1,5 @@
|
|||
package org.xbib.net.security;
|
||||
|
||||
import javax.crypto.Cipher;
|
||||
import javax.crypto.EncryptedPrivateKeyInfo;
|
||||
import javax.crypto.SecretKey;
|
||||
import javax.crypto.SecretKeyFactory;
|
||||
import javax.crypto.spec.PBEKeySpec;
|
||||
import javax.security.auth.x500.X500Principal;
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
|
@ -25,7 +19,12 @@ import java.util.Base64;
|
|||
import java.util.List;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
import javax.crypto.Cipher;
|
||||
import javax.crypto.EncryptedPrivateKeyInfo;
|
||||
import javax.crypto.SecretKey;
|
||||
import javax.crypto.SecretKeyFactory;
|
||||
import javax.crypto.spec.PBEKeySpec;
|
||||
import javax.security.auth.x500.X500Principal;
|
||||
import static java.nio.charset.StandardCharsets.US_ASCII;
|
||||
import static java.util.regex.Pattern.CASE_INSENSITIVE;
|
||||
import static javax.crypto.Cipher.DECRYPT_MODE;
|
||||
|
|
|
@ -1,23 +1,5 @@
|
|||
package org.xbib.net.security;
|
||||
|
||||
import java.security.KeyPair;
|
||||
import java.security.PublicKey;
|
||||
import java.security.spec.KeySpec;
|
||||
import org.xbib.net.security.eddsa.EdDSAPrivateKey;
|
||||
import org.xbib.net.security.eddsa.EdDSAPublicKey;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveTable;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAPrivateKeySpec;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAPublicKeySpec;
|
||||
import org.xbib.net.security.util.Asn1Object;
|
||||
import org.xbib.net.security.util.DerParser;
|
||||
import org.xbib.net.security.util.DerUtils;
|
||||
|
||||
import javax.crypto.Cipher;
|
||||
import javax.crypto.EncryptedPrivateKeyInfo;
|
||||
import javax.crypto.NoSuchPaddingException;
|
||||
import javax.crypto.SecretKey;
|
||||
import javax.crypto.SecretKeyFactory;
|
||||
import javax.crypto.spec.PBEKeySpec;
|
||||
import java.io.BufferedReader;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
|
@ -28,29 +10,57 @@ import java.security.InvalidAlgorithmParameterException;
|
|||
import java.security.InvalidKeyException;
|
||||
import java.security.KeyException;
|
||||
import java.security.KeyFactory;
|
||||
import java.security.KeyPair;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.PublicKey;
|
||||
import java.security.interfaces.DSAParams;
|
||||
import java.security.interfaces.DSAPrivateKey;
|
||||
import java.security.interfaces.DSAPublicKey;
|
||||
import java.security.interfaces.ECPrivateKey;
|
||||
import java.security.interfaces.ECPublicKey;
|
||||
import java.security.interfaces.EdECPrivateKey;
|
||||
import java.security.interfaces.EdECPublicKey;
|
||||
import java.security.interfaces.RSAPrivateKey;
|
||||
import java.security.interfaces.RSAPublicKey;
|
||||
import java.security.spec.DSAPrivateKeySpec;
|
||||
import java.security.spec.DSAPublicKeySpec;
|
||||
import java.security.spec.ECField;
|
||||
import java.security.spec.ECFieldFp;
|
||||
import java.security.spec.ECParameterSpec;
|
||||
import java.security.spec.ECPoint;
|
||||
import java.security.spec.ECPrivateKeySpec;
|
||||
import java.security.spec.ECPublicKeySpec;
|
||||
import java.security.spec.EdECPoint;
|
||||
import java.security.spec.EdECPrivateKeySpec;
|
||||
import java.security.spec.EdECPublicKeySpec;
|
||||
import java.security.spec.EllipticCurve;
|
||||
import java.security.spec.EncodedKeySpec;
|
||||
import java.security.spec.InvalidKeySpecException;
|
||||
import java.security.spec.KeySpec;
|
||||
import java.security.spec.NamedParameterSpec;
|
||||
import java.security.spec.PKCS8EncodedKeySpec;
|
||||
import java.security.spec.RSAPrivateCrtKeySpec;
|
||||
import java.security.spec.RSAPrivateKeySpec;
|
||||
import java.security.spec.RSAPublicKeySpec;
|
||||
import java.util.Arrays;
|
||||
import java.util.Base64;
|
||||
import java.util.Objects;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
import java.util.stream.Collectors;
|
||||
import javax.crypto.Cipher;
|
||||
import javax.crypto.EncryptedPrivateKeyInfo;
|
||||
import javax.crypto.NoSuchPaddingException;
|
||||
import javax.crypto.SecretKey;
|
||||
import javax.crypto.SecretKeyFactory;
|
||||
import javax.crypto.spec.PBEKeySpec;
|
||||
import org.xbib.net.security.util.Asn1Object;
|
||||
import org.xbib.net.security.util.DerParser;
|
||||
import org.xbib.net.security.util.DerUtils;
|
||||
|
||||
/**
|
||||
* Class for reading RSA private key from PEM formatted text.
|
||||
* It can read PEM files with PKCS#8 or PKCS#1 encodings.
|
||||
* Key reader for reading private keys from inputstreams, PEM formatted text etc. with PKCS#8 or PKCS#1 encodings.
|
||||
* It doesn't support encrypted PEM files.
|
||||
*/
|
||||
public class PrivateKeyReader {
|
||||
|
@ -78,91 +88,111 @@ public class PrivateKeyReader {
|
|||
public PrivateKeyReader() {
|
||||
}
|
||||
|
||||
public KeySpec parse(InputStream inputStream, String password)
|
||||
public KeySpec parse(InputStream inputStream,
|
||||
String password)
|
||||
throws IOException, NoSuchAlgorithmException, InvalidKeySpecException,
|
||||
InvalidAlgorithmParameterException, NoSuchPaddingException, InvalidKeyException {
|
||||
Objects.requireNonNull(inputStream);
|
||||
byte[] key = inputStream.readAllBytes();
|
||||
if (indexOf(key, BEGIN_PRIVATE_KEY,0, key.length) >= 0) {
|
||||
byte[] keyBytes = extract(key, BEGIN_PRIVATE_KEY, END_PRIVATE_KEY);
|
||||
return generateKeySpec(keyBytes, password != null ? password.toCharArray() : null);
|
||||
}
|
||||
if (indexOf(key, BEGIN_RSA_PRIVATE_KEY,0, key.length) >= 0) {
|
||||
return getKeySpec(keyBytes, password != null ? password.toCharArray() : null);
|
||||
} else if (indexOf(key, BEGIN_RSA_PRIVATE_KEY,0, key.length) >= 0) {
|
||||
byte[] keyBytes = extract(key, BEGIN_RSA_PRIVATE_KEY, END_RSA_PRIVATE_KEY);
|
||||
return getRSAKeySpec(keyBytes);
|
||||
}
|
||||
if (indexOf(key, BEGIN_DSA_PRIVATE_KEY,0, key.length) >= 0) {
|
||||
} else if (indexOf(key, BEGIN_DSA_PRIVATE_KEY,0, key.length) >= 0) {
|
||||
byte[] keyBytes = extract(key, BEGIN_DSA_PRIVATE_KEY, END_DSA_PRIVATE_KEY);
|
||||
return getDSAKeySpec(keyBytes);
|
||||
}
|
||||
if (indexOf(key, BEGIN_EC_PRIVATE_KEY,0, key.length) >= 0) {
|
||||
} else if (indexOf(key, BEGIN_EC_PRIVATE_KEY,0, key.length) >= 0) {
|
||||
byte[] keyBytes = extract(key, BEGIN_EC_PRIVATE_KEY, END_EC_PRIVATE_KEY);
|
||||
return getECKeySpec(keyBytes);
|
||||
}
|
||||
if (indexOf(key, BEGIN_OPENSSH_PRIVATE_KEY,0, key.length) >= 0) {
|
||||
} else if (indexOf(key, BEGIN_OPENSSH_PRIVATE_KEY,0, key.length) >= 0) {
|
||||
byte[] keyBytes = extract(key, BEGIN_OPENSSH_PRIVATE_KEY, END_OPENSSH_PRIVATE_KEY);
|
||||
byte[] sk = Arrays.copyOfRange(keyBytes, 0, 32);
|
||||
return new EdDSAPrivateKeySpec(sk, EdDSANamedCurveTable.getByName("Ed25519"));
|
||||
return getEdECKeySpec(sk);
|
||||
}
|
||||
throw new IOException("invalid PEM input stream");
|
||||
}
|
||||
|
||||
public PrivateKey readPrivateKey(InputStream inputStream, String password)
|
||||
public PrivateKey readPrivateKey(InputStream inputStream,
|
||||
String password)
|
||||
throws IOException, NoSuchAlgorithmException, InvalidKeySpecException,
|
||||
InvalidAlgorithmParameterException, NoSuchPaddingException, InvalidKeyException {
|
||||
KeySpec keySpec = parse(inputStream, password);
|
||||
if (keySpec instanceof EncodedKeySpec) {
|
||||
return KeyFactory.getInstance("RSA").generatePrivate(keySpec);
|
||||
}
|
||||
if (keySpec instanceof RSAPrivateCrtKeySpec) {
|
||||
} else if (keySpec instanceof RSAPrivateCrtKeySpec) {
|
||||
return KeyFactory.getInstance("RSA").generatePrivate(keySpec);
|
||||
}
|
||||
if (keySpec instanceof DSAPrivateKeySpec) {
|
||||
return KeyFactory.getInstance("DSA").generatePrivate(keySpec);
|
||||
}
|
||||
if (keySpec instanceof ECPrivateKeySpec) {
|
||||
} else if (keySpec instanceof ECPrivateKeySpec) {
|
||||
return KeyFactory.getInstance("EC").generatePrivate(keySpec);
|
||||
}
|
||||
if (keySpec instanceof EdDSAPrivateKeySpec) {
|
||||
return new EdDSAPrivateKey((EdDSAPrivateKeySpec) keySpec);
|
||||
} else if (keySpec instanceof EdECPrivateKeySpec) {
|
||||
return KeyFactory.getInstance("EdDSA").generatePrivate(keySpec);
|
||||
} else if (keySpec instanceof DSAPrivateKeySpec) {
|
||||
return KeyFactory.getInstance("DSA").generatePrivate(keySpec);
|
||||
}
|
||||
throw new IOException("invalid PEM");
|
||||
}
|
||||
|
||||
public KeyPair generateFrom(InputStream inputStream, String password)
|
||||
public KeyPair readKeyPair(InputStream inputStream,
|
||||
String password)
|
||||
throws IOException, NoSuchAlgorithmException, InvalidKeySpecException,
|
||||
InvalidAlgorithmParameterException, NoSuchPaddingException, InvalidKeyException {
|
||||
KeySpec keySpec = parse(inputStream, password);
|
||||
PrivateKey privateKey = null;
|
||||
PublicKey publicKey = null;
|
||||
if (keySpec instanceof EncodedKeySpec) {
|
||||
privateKey = KeyFactory.getInstance("RSA").generatePrivate(keySpec);
|
||||
publicKey = KeyFactory.getInstance("RSA").generatePublic(keySpec);
|
||||
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
|
||||
privateKey = keyFactory.generatePrivate(keySpec);
|
||||
publicKey = getRSAPublicKey(keyFactory, privateKey);
|
||||
} else if (keySpec instanceof RSAPrivateCrtKeySpec) {
|
||||
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
|
||||
privateKey = keyFactory.generatePrivate(keySpec);
|
||||
publicKey = getRSAPublicKey(keyFactory, privateKey);
|
||||
} else if (keySpec instanceof ECPrivateKeySpec) {
|
||||
KeyFactory keyFactory = KeyFactory.getInstance("EC");
|
||||
privateKey = keyFactory.generatePrivate(keySpec);
|
||||
publicKey = getECPublicKey(keyFactory, privateKey);
|
||||
} else if (keySpec instanceof EdECPrivateKeySpec) {
|
||||
KeyFactory keyFactory = KeyFactory.getInstance("EdDSA");
|
||||
privateKey = keyFactory.generatePrivate(keySpec);
|
||||
publicKey = getEdECPublicKey(keyFactory, privateKey);
|
||||
} else if (keySpec instanceof DSAPrivateKeySpec) {
|
||||
KeyFactory keyFactory = KeyFactory.getInstance("DSA");
|
||||
privateKey = keyFactory.generatePrivate(keySpec);
|
||||
publicKey = getDSAPublicKey(keyFactory, privateKey);
|
||||
}
|
||||
if (keySpec instanceof RSAPrivateCrtKeySpec) {
|
||||
privateKey = KeyFactory.getInstance("RSA").generatePrivate(keySpec);
|
||||
publicKey = KeyFactory.getInstance("RSA").generatePublic(keySpec);
|
||||
}
|
||||
if (keySpec instanceof DSAPrivateKeySpec) {
|
||||
privateKey = KeyFactory.getInstance("DSA").generatePrivate(keySpec);
|
||||
publicKey = KeyFactory.getInstance("DSA").generatePublic(keySpec);
|
||||
}
|
||||
if (keySpec instanceof ECPrivateKeySpec) {
|
||||
privateKey = KeyFactory.getInstance("EC").generatePrivate(keySpec);
|
||||
publicKey = KeyFactory.getInstance("EC").generatePublic(keySpec);
|
||||
}
|
||||
if (keySpec instanceof EdDSAPrivateKeySpec) {
|
||||
EdDSAPrivateKeySpec privateKeySpec = (EdDSAPrivateKeySpec) keySpec;
|
||||
privateKey = new EdDSAPrivateKey(privateKeySpec);
|
||||
EdDSAPublicKeySpec publicKeySpec = new EdDSAPublicKeySpec(privateKeySpec.getA(), privateKeySpec.getParams());
|
||||
publicKey = new EdDSAPublicKey(publicKeySpec);
|
||||
}
|
||||
if (publicKey != null && privateKey != null) {
|
||||
if (publicKey != null) {
|
||||
return new KeyPair(publicKey, privateKey);
|
||||
}
|
||||
throw new IOException("invalid PEM");
|
||||
}
|
||||
|
||||
public static PrivateKey toPrivateKey(InputStream keyInputStream,
|
||||
String keyPassword)
|
||||
throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException,
|
||||
InvalidAlgorithmParameterException, KeyException, IOException {
|
||||
if (keyInputStream == null) {
|
||||
return null;
|
||||
}
|
||||
return getPrivateKey(readPrivateKey(keyInputStream), keyPassword);
|
||||
}
|
||||
|
||||
public static PrivateKey getPrivateKey(byte[] key,
|
||||
String keyPassword)
|
||||
throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException,
|
||||
InvalidAlgorithmParameterException, KeyException, IOException {
|
||||
PKCS8EncodedKeySpec encodedKeySpec =
|
||||
getKeySpec(key, keyPassword == null ? null : keyPassword.toCharArray());
|
||||
for (String keyType : KEY_TYPES) {
|
||||
try {
|
||||
return KeyFactory.getInstance(keyType).generatePrivate(encodedKeySpec);
|
||||
} catch (InvalidKeySpecException e) {
|
||||
// ignore exception
|
||||
}
|
||||
}
|
||||
throw new InvalidKeySpecException("no key worked: " + Arrays.asList(KEY_TYPES));
|
||||
}
|
||||
|
||||
/**
|
||||
* Convert PKCS#1 encoded private key into RSAPrivateCrtKeySpec.
|
||||
* The ASN.1 syntax for the private key with CRT is
|
||||
|
@ -282,6 +312,11 @@ public class PrivateKeyReader {
|
|||
}
|
||||
}
|
||||
|
||||
private EdECPrivateKeySpec getEdECKeySpec(byte[] keySpec) {
|
||||
NamedParameterSpec params = NamedParameterSpec.ED25519;
|
||||
return new EdECPrivateKeySpec(params, keySpec);
|
||||
}
|
||||
|
||||
private static final Curve SECP256R1 = initializeCurve(
|
||||
"secp256r1 [NIST P-256, X9.62 prime256v1]",
|
||||
"1.2.840.10045.3.1.7",
|
||||
|
@ -328,12 +363,11 @@ public class PrivateKeyReader {
|
|||
return new Curve(name, oid, curve, g, bigInt(n), h);
|
||||
}
|
||||
|
||||
static final class Curve extends ECParameterSpec {
|
||||
private static final class Curve extends ECParameterSpec {
|
||||
private final String name;
|
||||
private final String oid;
|
||||
|
||||
Curve(String name, String oid, EllipticCurve curve,
|
||||
ECPoint g, BigInteger n, int h) {
|
||||
private Curve(String name, String oid, EllipticCurve curve, ECPoint g, BigInteger n, int h) {
|
||||
super(curve, g, n, h);
|
||||
this.name = name;
|
||||
this.oid = oid;
|
||||
|
@ -350,7 +384,7 @@ public class PrivateKeyReader {
|
|||
return new BigInteger(s, 16);
|
||||
}
|
||||
|
||||
private static PKCS8EncodedKeySpec generateKeySpec(byte[] key, char[] password)
|
||||
private static PKCS8EncodedKeySpec getKeySpec(byte[] key, char[] password)
|
||||
throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException,
|
||||
InvalidKeyException, InvalidAlgorithmParameterException {
|
||||
if (password == null) {
|
||||
|
@ -365,6 +399,62 @@ public class PrivateKeyReader {
|
|||
return encryptedPrivateKeyInfo.getKeySpec(cipher);
|
||||
}
|
||||
|
||||
private static DSAPublicKey getDSAPublicKey(KeyFactory keyFactory, PrivateKey key)
|
||||
throws InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException {
|
||||
if (!(key instanceof DSAPrivateKey dsaPrivateKey)) {
|
||||
throw new InvalidKeyException("Private key is not DSA private key");
|
||||
}
|
||||
DSAParams dsaParams = dsaPrivateKey.getParams();
|
||||
BigInteger g = dsaParams.getG();
|
||||
BigInteger p = dsaParams.getP();
|
||||
BigInteger q = dsaParams.getQ();
|
||||
BigInteger y = dsaParams.getG().modPow(dsaPrivateKey.getX(), dsaParams.getP());
|
||||
DSAPublicKeySpec spec = new DSAPublicKeySpec(y, p, q, g);
|
||||
return DSAPublicKey.class.cast(keyFactory.generatePublic(spec));
|
||||
}
|
||||
|
||||
private static RSAPublicKey getRSAPublicKey(KeyFactory keyFactory, PrivateKey key)
|
||||
throws InvalidKeyException, InvalidKeySpecException {
|
||||
if (!(key instanceof RSAPrivateKey)) {
|
||||
throw new InvalidKeyException("Private key is not RSA private key");
|
||||
}
|
||||
RSAPrivateKeySpec rsaPrivateKeySpec = keyFactory.getKeySpec(key, RSAPrivateKeySpec.class);
|
||||
RSAPublicKeySpec spec = new RSAPublicKeySpec(rsaPrivateKeySpec.getModulus(), BigInteger.valueOf(65537));
|
||||
return RSAPublicKey.class.cast(keyFactory.generatePublic(spec));
|
||||
}
|
||||
|
||||
private static ECPublicKey getECPublicKey(KeyFactory keyFactory, PrivateKey key)
|
||||
throws InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException {
|
||||
if (!(key instanceof ECPrivateKey ecPrivateKey)) {
|
||||
throw new InvalidKeyException("Private key is not EC private key");
|
||||
}
|
||||
ECParameterSpec ecParameterSpec = ecPrivateKey.getParams();
|
||||
BigInteger x = ecParameterSpec.getGenerator().getAffineX();
|
||||
BigInteger y = ecParameterSpec.getGenerator().getAffineX();
|
||||
ECPoint ecPoint = new ECPoint(x, y);
|
||||
ECPublicKeySpec spec = new ECPublicKeySpec(ecPoint, ecParameterSpec);
|
||||
return ECPublicKey.class.cast(keyFactory.generatePublic(spec));
|
||||
}
|
||||
|
||||
private static EdECPublicKey getEdECPublicKey(KeyFactory keyFactory, PrivateKey key)
|
||||
throws InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException {
|
||||
if (!(key instanceof EdECPrivateKey)) {
|
||||
throw new InvalidKeyException("Private key is not EdEC private key");
|
||||
}
|
||||
byte[] pk = key.getEncoded();
|
||||
boolean xisodd = false;
|
||||
int lastbyteInt = pk[pk.length - 1];
|
||||
if ((lastbyteInt & 255) >> 7 == 1) {
|
||||
xisodd = true;
|
||||
}
|
||||
pk[pk.length - 1] &= 127;
|
||||
BigInteger y = new BigInteger(1, pk);
|
||||
NamedParameterSpec paramSpec = new NamedParameterSpec("Ed25519");
|
||||
EdECPoint ep = new EdECPoint(xisodd, y);
|
||||
EdECPublicKeySpec publicKeySpec = new EdECPublicKeySpec(paramSpec, ep);
|
||||
return EdECPublicKey.class.cast(keyFactory.generatePublic(publicKeySpec));
|
||||
}
|
||||
|
||||
private static int indexOf(byte[] array, byte[] target, int start, int end) {
|
||||
if (target.length == 0) {
|
||||
return 0;
|
||||
|
@ -397,37 +487,13 @@ public class PrivateKeyReader {
|
|||
}
|
||||
|
||||
private static final String[] KEY_TYPES = {
|
||||
"RSA", "DSA", "EC"
|
||||
"RSA", "DSA", "EC", "EdDSA"
|
||||
};
|
||||
|
||||
private static final Pattern KEY_PATTERN =
|
||||
Pattern.compile("-+BEGIN\\s+.*PRIVATE\\s+KEY[^-]*-+(?:\\s|\\r|\\n)+" +
|
||||
"([a-z0-9+/=\\r\\n]+)" + "-+END\\s+.*PRIVATE\\s+KEY[^-]*-+", Pattern.CASE_INSENSITIVE);
|
||||
|
||||
public static PrivateKey toPrivateKey(InputStream keyInputStream, String keyPassword)
|
||||
throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException,
|
||||
InvalidAlgorithmParameterException, KeyException, IOException {
|
||||
if (keyInputStream == null) {
|
||||
return null;
|
||||
}
|
||||
return getPrivateKey(readPrivateKey(keyInputStream), keyPassword);
|
||||
}
|
||||
|
||||
public static PrivateKey getPrivateKey(byte[] key, String keyPassword)
|
||||
throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException,
|
||||
InvalidAlgorithmParameterException, KeyException, IOException {
|
||||
PKCS8EncodedKeySpec encodedKeySpec =
|
||||
generateKeySpec(key, keyPassword == null ? null : keyPassword.toCharArray());
|
||||
for (String keyType : KEY_TYPES) {
|
||||
try {
|
||||
return KeyFactory.getInstance(keyType).generatePrivate(encodedKeySpec);
|
||||
} catch (InvalidKeySpecException e) {
|
||||
// ignore
|
||||
}
|
||||
}
|
||||
throw new InvalidKeySpecException("Neither RSA, DSA nor EC worked");
|
||||
}
|
||||
|
||||
private static byte[] readPrivateKey(InputStream inputStream) throws KeyException, IOException {
|
||||
try (BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream, StandardCharsets.US_ASCII))) {
|
||||
String string = bufferedReader.lines().collect(Collectors.joining(System.lineSeparator()));
|
||||
|
|
|
@ -1,9 +1,5 @@
|
|||
package org.xbib.net.security;
|
||||
|
||||
import javax.net.SocketFactory;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import javax.net.ssl.TrustManagerFactory;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.net.InetAddress;
|
||||
|
@ -16,6 +12,10 @@ import java.security.KeyStore;
|
|||
import java.security.KeyStoreException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.cert.CertificateException;
|
||||
import javax.net.SocketFactory;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import javax.net.ssl.TrustManagerFactory;
|
||||
|
||||
public class SecureSocketFactory extends SSLSocketFactory {
|
||||
|
||||
|
|
|
@ -1,9 +1,5 @@
|
|||
package org.xbib.net.security.cookie;
|
||||
|
||||
import org.xbib.net.PercentDecoder;
|
||||
import org.xbib.net.PercentEncoder;
|
||||
import org.xbib.net.PercentEncoders;
|
||||
|
||||
import java.nio.charset.Charset;
|
||||
import java.nio.charset.CodingErrorAction;
|
||||
import java.nio.charset.MalformedInputException;
|
||||
|
@ -12,6 +8,9 @@ import java.nio.charset.UnmappableCharacterException;
|
|||
import java.security.InvalidKeyException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.SignatureException;
|
||||
import org.xbib.net.PercentDecoder;
|
||||
import org.xbib.net.PercentEncoder;
|
||||
import org.xbib.net.PercentEncoders;
|
||||
|
||||
public class CookieSigner {
|
||||
|
||||
|
|
|
@ -1,7 +1,5 @@
|
|||
package org.xbib.net.security.cookie;
|
||||
|
||||
import javax.crypto.Mac;
|
||||
import javax.crypto.spec.SecretKeySpec;
|
||||
import java.nio.charset.Charset;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.security.InvalidKeyException;
|
||||
|
@ -11,6 +9,8 @@ import java.security.SecureRandom;
|
|||
import java.util.Base64;
|
||||
import java.util.Objects;
|
||||
import java.util.Random;
|
||||
import javax.crypto.Mac;
|
||||
import javax.crypto.spec.SecretKeySpec;
|
||||
|
||||
/**
|
||||
* A utility class for invoking encryption methods and returning password strings,
|
||||
|
|
|
@ -1,9 +1,5 @@
|
|||
package org.xbib.net.security.eddsa;
|
||||
|
||||
import org.xbib.net.security.eddsa.math.Curve;
|
||||
import org.xbib.net.security.eddsa.math.GroupElement;
|
||||
import org.xbib.net.security.eddsa.math.ScalarOps;
|
||||
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.nio.ByteBuffer;
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
|
@ -16,6 +12,9 @@ import java.security.Signature;
|
|||
import java.security.SignatureException;
|
||||
import java.security.spec.AlgorithmParameterSpec;
|
||||
import java.util.Arrays;
|
||||
import org.xbib.net.security.eddsa.math.Curve;
|
||||
import org.xbib.net.security.eddsa.math.GroupElement;
|
||||
import org.xbib.net.security.eddsa.math.ScalarOps;
|
||||
|
||||
/**
|
||||
* Signing and verification for EdDSA.
|
||||
|
|
|
@ -1,14 +1,13 @@
|
|||
package org.xbib.net.security.eddsa;
|
||||
|
||||
import org.xbib.net.security.eddsa.math.GroupElement;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveTable;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAParameterSpec;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAPrivateKeySpec;
|
||||
|
||||
import java.security.PrivateKey;
|
||||
import java.security.spec.InvalidKeySpecException;
|
||||
import java.security.spec.PKCS8EncodedKeySpec;
|
||||
import java.util.Arrays;
|
||||
import org.xbib.net.security.eddsa.math.GroupElement;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveTable;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAParameterSpec;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAPrivateKeySpec;
|
||||
|
||||
/**
|
||||
* An EdDSA private key.
|
||||
|
|
|
@ -1,14 +1,13 @@
|
|||
package org.xbib.net.security.eddsa;
|
||||
|
||||
import org.xbib.net.security.eddsa.math.GroupElement;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveTable;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAParameterSpec;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAPublicKeySpec;
|
||||
|
||||
import java.security.PublicKey;
|
||||
import java.security.spec.InvalidKeySpecException;
|
||||
import java.security.spec.X509EncodedKeySpec;
|
||||
import java.util.Arrays;
|
||||
import org.xbib.net.security.eddsa.math.GroupElement;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveTable;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAParameterSpec;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAPublicKeySpec;
|
||||
|
||||
/**
|
||||
* An EdDSA public key.
|
||||
|
|
|
@ -1,8 +1,5 @@
|
|||
package org.xbib.net.security.eddsa;
|
||||
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAPrivateKeySpec;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAPublicKeySpec;
|
||||
|
||||
import java.security.InvalidKeyException;
|
||||
import java.security.Key;
|
||||
import java.security.KeyFactorySpi;
|
||||
|
@ -12,6 +9,8 @@ import java.security.spec.InvalidKeySpecException;
|
|||
import java.security.spec.KeySpec;
|
||||
import java.security.spec.PKCS8EncodedKeySpec;
|
||||
import java.security.spec.X509EncodedKeySpec;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAPrivateKeySpec;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAPublicKeySpec;
|
||||
|
||||
public final class KeyFactory extends KeyFactorySpi {
|
||||
|
||||
|
|
|
@ -1,12 +1,5 @@
|
|||
package org.xbib.net.security.eddsa;
|
||||
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAGenParameterSpec;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveSpec;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveTable;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAParameterSpec;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAPrivateKeySpec;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAPublicKeySpec;
|
||||
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
import java.security.InvalidParameterException;
|
||||
import java.security.KeyPair;
|
||||
|
@ -14,6 +7,12 @@ import java.security.KeyPairGeneratorSpi;
|
|||
import java.security.SecureRandom;
|
||||
import java.security.spec.AlgorithmParameterSpec;
|
||||
import java.util.Hashtable;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAGenParameterSpec;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveSpec;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveTable;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAParameterSpec;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAPrivateKeySpec;
|
||||
import org.xbib.net.security.eddsa.spec.EdDSAPublicKeySpec;
|
||||
|
||||
/**
|
||||
* Default keysize is 256 (Ed25519).
|
||||
|
|
|
@ -1,8 +1,7 @@
|
|||
package org.xbib.net.security.eddsa.math;
|
||||
|
||||
import org.xbib.net.security.eddsa.Utils;
|
||||
|
||||
import java.util.Arrays;
|
||||
import org.xbib.net.security.eddsa.Utils;
|
||||
|
||||
/**
|
||||
* A point $(x,y)$ on an EdDSA curve.
|
||||
|
|
|
@ -1,10 +1,9 @@
|
|||
package org.xbib.net.security.eddsa.math.bigint;
|
||||
|
||||
import java.math.BigInteger;
|
||||
import org.xbib.net.security.eddsa.math.Field;
|
||||
import org.xbib.net.security.eddsa.math.FieldElement;
|
||||
|
||||
import java.math.BigInteger;
|
||||
|
||||
/**
|
||||
* A particular element of the field \Z/(2^255-19).
|
||||
*/
|
||||
|
|
|
@ -1,11 +1,10 @@
|
|||
package org.xbib.net.security.eddsa.math.bigint;
|
||||
|
||||
import java.math.BigInteger;
|
||||
import org.xbib.net.security.eddsa.math.Encoding;
|
||||
import org.xbib.net.security.eddsa.math.Field;
|
||||
import org.xbib.net.security.eddsa.math.FieldElement;
|
||||
|
||||
import java.math.BigInteger;
|
||||
|
||||
public class BigIntegerLittleEndianEncoding extends Encoding {
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,10 +1,9 @@
|
|||
package org.xbib.net.security.eddsa.math.bigint;
|
||||
|
||||
import java.math.BigInteger;
|
||||
import org.xbib.net.security.eddsa.math.Field;
|
||||
import org.xbib.net.security.eddsa.math.ScalarOps;
|
||||
|
||||
import java.math.BigInteger;
|
||||
|
||||
public class BigIntegerScalarOps implements ScalarOps {
|
||||
private final BigInteger l;
|
||||
private final BigIntegerLittleEndianEncoding enc;
|
||||
|
|
|
@ -1,11 +1,10 @@
|
|||
package org.xbib.net.security.eddsa.math.ed25519;
|
||||
|
||||
import java.util.Arrays;
|
||||
import org.xbib.net.security.eddsa.Utils;
|
||||
import org.xbib.net.security.eddsa.math.Field;
|
||||
import org.xbib.net.security.eddsa.math.FieldElement;
|
||||
|
||||
import java.util.Arrays;
|
||||
|
||||
/**
|
||||
* Class to represent a field element of the finite field $p = 2^{255} - 19$ elements.
|
||||
* An element $t$, entries $t[0] \dots t[9]$, represents the integer
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
package org.xbib.net.security.eddsa.math.ed25519;
|
||||
|
||||
import org.xbib.net.security.eddsa.math.ScalarOps;
|
||||
|
||||
import static org.xbib.net.security.eddsa.math.ed25519.Ed25519LittleEndianEncoding.load_3;
|
||||
import static org.xbib.net.security.eddsa.math.ed25519.Ed25519LittleEndianEncoding.load_4;
|
||||
|
||||
|
|
|
@ -1,14 +1,13 @@
|
|||
package org.xbib.net.security.eddsa.spec;
|
||||
|
||||
import java.util.Hashtable;
|
||||
import java.util.Locale;
|
||||
import org.xbib.net.security.eddsa.Utils;
|
||||
import org.xbib.net.security.eddsa.math.Curve;
|
||||
import org.xbib.net.security.eddsa.math.Field;
|
||||
import org.xbib.net.security.eddsa.math.ed25519.Ed25519LittleEndianEncoding;
|
||||
import org.xbib.net.security.eddsa.math.ed25519.Ed25519ScalarOps;
|
||||
|
||||
import java.util.Hashtable;
|
||||
import java.util.Locale;
|
||||
|
||||
/**
|
||||
* The named EdDSA curves.
|
||||
*/
|
||||
|
|
|
@ -1,12 +1,11 @@
|
|||
package org.xbib.net.security.eddsa.spec;
|
||||
|
||||
import org.xbib.net.security.eddsa.math.Curve;
|
||||
import org.xbib.net.security.eddsa.math.GroupElement;
|
||||
import org.xbib.net.security.eddsa.math.ScalarOps;
|
||||
|
||||
import java.security.MessageDigest;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.spec.AlgorithmParameterSpec;
|
||||
import org.xbib.net.security.eddsa.math.Curve;
|
||||
import org.xbib.net.security.eddsa.math.GroupElement;
|
||||
import org.xbib.net.security.eddsa.math.ScalarOps;
|
||||
|
||||
/**
|
||||
* Parameter specification for an EdDSA algorithm.
|
||||
|
|
|
@ -1,11 +1,10 @@
|
|||
package org.xbib.net.security.eddsa.spec;
|
||||
|
||||
import org.xbib.net.security.eddsa.math.GroupElement;
|
||||
|
||||
import java.security.MessageDigest;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.spec.KeySpec;
|
||||
import java.util.Arrays;
|
||||
import org.xbib.net.security.eddsa.math.GroupElement;
|
||||
|
||||
/**
|
||||
*
|
||||
|
|
|
@ -1,8 +1,7 @@
|
|||
package org.xbib.net.security.eddsa.spec;
|
||||
|
||||
import org.xbib.net.security.eddsa.math.GroupElement;
|
||||
|
||||
import java.security.spec.KeySpec;
|
||||
import org.xbib.net.security.eddsa.math.GroupElement;
|
||||
|
||||
public class EdDSAPublicKeySpec implements KeySpec {
|
||||
private final GroupElement A;
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
package org.xbib.net.security.jaas;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Map;
|
||||
import javax.security.auth.Subject;
|
||||
import javax.security.auth.callback.Callback;
|
||||
import javax.security.auth.callback.CallbackHandler;
|
||||
|
@ -8,8 +10,6 @@ import javax.security.auth.callback.PasswordCallback;
|
|||
import javax.security.auth.callback.UnsupportedCallbackException;
|
||||
import javax.security.auth.login.LoginException;
|
||||
import javax.security.auth.spi.LoginModule;
|
||||
import java.io.IOException;
|
||||
import java.util.Map;
|
||||
|
||||
class DummyLoginModule implements LoginModule {
|
||||
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
package org.xbib.net.security.signatures;
|
||||
|
||||
import javax.crypto.Mac;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import javax.crypto.Mac;
|
||||
|
||||
/**
|
||||
* The cryptographic algorithms for the HTTP signature.
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
package org.xbib.net.security.signatures;
|
||||
|
||||
import javax.crypto.Mac;
|
||||
import java.io.IOException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.security.Key;
|
||||
|
@ -8,7 +7,7 @@ import java.security.NoSuchAlgorithmException;
|
|||
import java.security.PrivateKey;
|
||||
import java.security.Provider;
|
||||
import java.util.Map;
|
||||
|
||||
import javax.crypto.Mac;
|
||||
import static java.util.Objects.requireNonNull;
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
package org.xbib.net.security.signatures;
|
||||
|
||||
import javax.crypto.Mac;
|
||||
import java.io.IOException;
|
||||
import java.security.Key;
|
||||
import java.security.MessageDigest;
|
||||
|
@ -9,7 +8,7 @@ import java.security.Provider;
|
|||
import java.security.PublicKey;
|
||||
import java.security.SignatureException;
|
||||
import java.util.Map;
|
||||
|
||||
import javax.crypto.Mac;
|
||||
import static java.util.Objects.requireNonNull;
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,40 +1,5 @@
|
|||
package org.xbib.net.security.ssl;
|
||||
|
||||
import org.xbib.net.security.ssl.exception.GenericKeyStoreException;
|
||||
import org.xbib.net.security.ssl.exception.GenericSecurityException;
|
||||
import org.xbib.net.security.ssl.model.KeyStoreHolder;
|
||||
import org.xbib.net.security.ssl.model.SSLMaterial;
|
||||
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeValidator;
|
||||
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeWithSSLEngineValidator;
|
||||
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeWithSocketValidator;
|
||||
import org.xbib.net.security.ssl.trustmanager.TrustAnchorTrustOptions;
|
||||
import org.xbib.net.security.ssl.trustmanager.TrustStoreTrustOptions;
|
||||
import org.xbib.net.security.ssl.util.HostnameVerifierUtils;
|
||||
import org.xbib.net.security.ssl.util.KeyManagerUtils;
|
||||
import org.xbib.net.security.ssl.util.KeyStoreUtils;
|
||||
import org.xbib.net.security.ssl.util.SSLContextUtils;
|
||||
import org.xbib.net.security.ssl.util.SSLParametersUtils;
|
||||
import org.xbib.net.security.ssl.util.SSLSessionUtils;
|
||||
import org.xbib.net.security.ssl.util.SSLSocketUtils;
|
||||
import org.xbib.net.security.ssl.util.StringUtils;
|
||||
import org.xbib.net.security.ssl.util.TrustManagerUtils;
|
||||
import org.xbib.net.security.ssl.util.UriUtils;
|
||||
import org.xbib.net.security.ssl.util.ValidationUtils;
|
||||
|
||||
import javax.net.ssl.CertPathTrustManagerParameters;
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.KeyManagerFactory;
|
||||
import javax.net.ssl.ManagerFactoryParameters;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.SSLParameters;
|
||||
import javax.net.ssl.SSLServerSocketFactory;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import javax.net.ssl.TrustManagerFactory;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import javax.net.ssl.X509KeyManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import java.io.InputStream;
|
||||
import java.net.URI;
|
||||
import java.nio.file.Path;
|
||||
|
@ -57,7 +22,40 @@ import java.util.Map;
|
|||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import javax.net.ssl.CertPathTrustManagerParameters;
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.KeyManagerFactory;
|
||||
import javax.net.ssl.ManagerFactoryParameters;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.SSLParameters;
|
||||
import javax.net.ssl.SSLServerSocketFactory;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import javax.net.ssl.TrustManagerFactory;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import javax.net.ssl.X509KeyManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import org.xbib.net.security.ssl.exception.GenericKeyStoreException;
|
||||
import org.xbib.net.security.ssl.exception.GenericSecurityException;
|
||||
import org.xbib.net.security.ssl.model.KeyStoreHolder;
|
||||
import org.xbib.net.security.ssl.model.SSLMaterial;
|
||||
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeValidator;
|
||||
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeWithSSLEngineValidator;
|
||||
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeWithSocketValidator;
|
||||
import org.xbib.net.security.ssl.trustmanager.TrustAnchorTrustOptions;
|
||||
import org.xbib.net.security.ssl.trustmanager.TrustStoreTrustOptions;
|
||||
import org.xbib.net.security.ssl.util.HostnameVerifierUtils;
|
||||
import org.xbib.net.security.ssl.util.KeyManagerUtils;
|
||||
import org.xbib.net.security.ssl.util.KeyStoreUtils;
|
||||
import org.xbib.net.security.ssl.util.SSLContextUtils;
|
||||
import org.xbib.net.security.ssl.util.SSLParametersUtils;
|
||||
import org.xbib.net.security.ssl.util.SSLSessionUtils;
|
||||
import org.xbib.net.security.ssl.util.SSLSocketUtils;
|
||||
import org.xbib.net.security.ssl.util.StringUtils;
|
||||
import org.xbib.net.security.ssl.util.TrustManagerUtils;
|
||||
import org.xbib.net.security.ssl.util.UriUtils;
|
||||
import org.xbib.net.security.ssl.util.ValidationUtils;
|
||||
import static java.util.Objects.isNull;
|
||||
import static java.util.Objects.nonNull;
|
||||
|
||||
|
|
|
@ -1,9 +1,8 @@
|
|||
package org.xbib.net.security.ssl.hostnameverifier;
|
||||
|
||||
import org.xbib.net.security.ssl.util.HostnameVerifierUtils;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import org.xbib.net.security.ssl.util.HostnameVerifierUtils;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,9 +1,8 @@
|
|||
package org.xbib.net.security.ssl.hostnameverifier;
|
||||
|
||||
import org.xbib.net.security.ssl.util.HostnameVerifierUtils;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import org.xbib.net.security.ssl.util.HostnameVerifierUtils;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,13 +1,13 @@
|
|||
package org.xbib.net.security.ssl.keymanager;
|
||||
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import javax.net.ssl.X509KeyManager;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.Objects;
|
||||
import java.util.function.Function;
|
||||
import java.util.function.Predicate;
|
||||
import java.util.stream.Collectors;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import javax.net.ssl.X509KeyManager;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,10 +1,5 @@
|
|||
package org.xbib.net.security.ssl.keymanager;
|
||||
|
||||
import org.xbib.net.security.ssl.util.KeyManagerUtils;
|
||||
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.SSLSocket;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import java.net.Socket;
|
||||
import java.net.URI;
|
||||
import java.security.Principal;
|
||||
|
@ -15,6 +10,10 @@ import java.util.HashMap;
|
|||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Objects;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.SSLSocket;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import org.xbib.net.security.ssl.util.KeyManagerUtils;
|
||||
|
||||
/**
|
||||
* Represents an ordered list of {@link X509ExtendedKeyManager} with most-preferred managers first.
|
||||
|
|
|
@ -1,14 +1,13 @@
|
|||
package org.xbib.net.security.ssl.keymanager;
|
||||
|
||||
import org.xbib.net.security.ssl.util.ValidationUtils;
|
||||
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import javax.net.ssl.X509KeyManager;
|
||||
import java.net.Socket;
|
||||
import java.security.Principal;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.cert.X509Certificate;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import javax.net.ssl.X509KeyManager;
|
||||
import org.xbib.net.security.ssl.util.ValidationUtils;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
package org.xbib.net.security.ssl.keymanager;
|
||||
|
||||
import java.security.Principal;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import java.security.Principal;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
package org.xbib.net.security.ssl.keymanager;
|
||||
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import java.net.Socket;
|
||||
import java.security.Principal;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.cert.X509Certificate;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,10 +1,9 @@
|
|||
package org.xbib.net.security.ssl.keymanager;
|
||||
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import org.xbib.net.security.ssl.util.KeyManagerUtils;
|
||||
import org.xbib.net.security.ssl.util.ValidationUtils;
|
||||
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
* Please don't use this class directly as it is part of the internal API. Class name and methods can be changed any time.
|
||||
|
|
|
@ -1,11 +1,10 @@
|
|||
package org.xbib.net.security.ssl.keymanager;
|
||||
|
||||
import org.xbib.net.security.ssl.util.ValidationUtils;
|
||||
|
||||
import java.security.KeyStore;
|
||||
import javax.net.ssl.KeyManager;
|
||||
import javax.net.ssl.KeyManagerFactorySpi;
|
||||
import javax.net.ssl.ManagerFactoryParameters;
|
||||
import java.security.KeyStore;
|
||||
import org.xbib.net.security.ssl.util.ValidationUtils;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,10 +1,9 @@
|
|||
package org.xbib.net.security.ssl.keymanager;
|
||||
|
||||
import org.xbib.net.security.ssl.util.KeyManagerUtils;
|
||||
|
||||
import java.security.Provider;
|
||||
import javax.net.ssl.KeyManager;
|
||||
import javax.net.ssl.KeyManagerFactory;
|
||||
import java.security.Provider;
|
||||
import org.xbib.net.security.ssl.util.KeyManagerUtils;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,11 +1,5 @@
|
|||
package org.xbib.net.security.ssl.keymanager;
|
||||
|
||||
import javax.net.ssl.ExtendedSSLSession;
|
||||
import javax.net.ssl.SNIServerName;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import javax.net.ssl.X509KeyManager;
|
||||
import java.net.InetSocketAddress;
|
||||
import java.net.Socket;
|
||||
import java.net.URI;
|
||||
|
@ -14,11 +8,17 @@ import java.util.List;
|
|||
import java.util.Map;
|
||||
import java.util.Map.Entry;
|
||||
import java.util.Objects;
|
||||
import java.util.Set;
|
||||
import java.util.function.Function;
|
||||
import java.util.function.Predicate;
|
||||
import java.util.function.Supplier;
|
||||
import java.util.stream.Collectors;
|
||||
import java.util.Set;
|
||||
import javax.net.ssl.ExtendedSSLSession;
|
||||
import javax.net.ssl.SNIServerName;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import javax.net.ssl.X509KeyManager;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,10 +1,9 @@
|
|||
package org.xbib.net.security.ssl.keymanager;
|
||||
|
||||
import org.xbib.net.security.ssl.util.KeyManagerUtils;
|
||||
|
||||
import java.security.Principal;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509KeyManager;
|
||||
import java.security.Principal;
|
||||
import org.xbib.net.security.ssl.util.KeyManagerUtils;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
package org.xbib.net.security.ssl.model;
|
||||
|
||||
import java.util.List;
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLParameters;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,14 +1,13 @@
|
|||
package org.xbib.net.security.ssl.socket;
|
||||
|
||||
import org.xbib.net.security.ssl.util.SSLSocketUtils;
|
||||
import org.xbib.net.security.ssl.util.ValidationUtils;
|
||||
|
||||
import javax.net.ssl.SSLParameters;
|
||||
import javax.net.ssl.SSLServerSocket;
|
||||
import javax.net.ssl.SSLServerSocketFactory;
|
||||
import java.io.IOException;
|
||||
import java.net.InetAddress;
|
||||
import java.net.ServerSocket;
|
||||
import javax.net.ssl.SSLParameters;
|
||||
import javax.net.ssl.SSLServerSocket;
|
||||
import javax.net.ssl.SSLServerSocketFactory;
|
||||
import org.xbib.net.security.ssl.util.SSLSocketUtils;
|
||||
import org.xbib.net.security.ssl.util.ValidationUtils;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,16 +1,15 @@
|
|||
package org.xbib.net.security.ssl.socket;
|
||||
|
||||
import org.xbib.net.security.ssl.util.SSLSocketUtils;
|
||||
import org.xbib.net.security.ssl.util.ValidationUtils;
|
||||
|
||||
import javax.net.ssl.SSLParameters;
|
||||
import javax.net.ssl.SSLSocket;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.net.InetAddress;
|
||||
import java.net.Socket;
|
||||
import java.net.UnknownHostException;
|
||||
import javax.net.ssl.SSLParameters;
|
||||
import javax.net.ssl.SSLSocket;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import org.xbib.net.security.ssl.util.SSLSocketUtils;
|
||||
import org.xbib.net.security.ssl.util.ValidationUtils;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
package org.xbib.net.security.ssl.trustmanager;
|
||||
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import java.net.Socket;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
package org.xbib.net.security.ssl.trustmanager;
|
||||
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.Objects;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
|
||||
@FunctionalInterface
|
||||
public interface ChainAndAuthTypeWithSSLEngineValidator {
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
package org.xbib.net.security.ssl.trustmanager;
|
||||
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,15 +1,14 @@
|
|||
package org.xbib.net.security.ssl.trustmanager;
|
||||
|
||||
import org.xbib.net.security.ssl.util.TrustManagerUtils;
|
||||
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import java.net.Socket;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import org.xbib.net.security.ssl.util.TrustManagerUtils;
|
||||
|
||||
/**
|
||||
* {@link CompositeX509ExtendedTrustManager} is a wrapper for a collection of TrustManagers.
|
||||
|
|
|
@ -1,14 +1,13 @@
|
|||
package org.xbib.net.security.ssl.trustmanager;
|
||||
|
||||
import org.xbib.net.security.ssl.util.ValidationUtils;
|
||||
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import java.net.Socket;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.Arrays;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import org.xbib.net.security.ssl.util.ValidationUtils;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
package org.xbib.net.security.ssl.trustmanager;
|
||||
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import java.net.Socket;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
package org.xbib.net.security.ssl.trustmanager;
|
||||
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import java.net.Socket;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
package org.xbib.net.security.ssl.trustmanager;
|
||||
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import java.net.Socket;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,10 +1,9 @@
|
|||
package org.xbib.net.security.ssl.trustmanager;
|
||||
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import org.xbib.net.security.ssl.util.TrustManagerUtils;
|
||||
import org.xbib.net.security.ssl.util.ValidationUtils;
|
||||
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
* Please don't use this class directly as it is part of the internal API. Class name and methods can be changed any time.
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
package org.xbib.net.security.ssl.trustmanager;
|
||||
|
||||
import javax.net.ssl.CertPathTrustManagerParameters;
|
||||
import java.security.cert.TrustAnchor;
|
||||
import java.util.Set;
|
||||
import javax.net.ssl.CertPathTrustManagerParameters;
|
||||
|
||||
@FunctionalInterface
|
||||
public interface TrustAnchorTrustOptions<R extends CertPathTrustManagerParameters> extends TrustOptions<Set<TrustAnchor>, R> {
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
package org.xbib.net.security.ssl.trustmanager;
|
||||
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import java.security.cert.CertificateException;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,11 +1,10 @@
|
|||
package org.xbib.net.security.ssl.trustmanager;
|
||||
|
||||
import org.xbib.net.security.ssl.util.ValidationUtils;
|
||||
|
||||
import java.security.KeyStore;
|
||||
import javax.net.ssl.ManagerFactoryParameters;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.TrustManagerFactorySpi;
|
||||
import java.security.KeyStore;
|
||||
import org.xbib.net.security.ssl.util.ValidationUtils;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,10 +1,9 @@
|
|||
package org.xbib.net.security.ssl.trustmanager;
|
||||
|
||||
import org.xbib.net.security.ssl.util.TrustManagerUtils;
|
||||
|
||||
import java.security.Provider;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.TrustManagerFactory;
|
||||
import java.security.Provider;
|
||||
import org.xbib.net.security.ssl.util.TrustManagerUtils;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
package org.xbib.net.security.ssl.trustmanager;
|
||||
|
||||
import javax.net.ssl.CertPathTrustManagerParameters;
|
||||
import java.security.KeyStore;
|
||||
import javax.net.ssl.CertPathTrustManagerParameters;
|
||||
|
||||
@FunctionalInterface
|
||||
public interface TrustStoreTrustOptions<R extends CertPathTrustManagerParameters> extends TrustOptions<KeyStore, R> {
|
||||
|
|
|
@ -1,12 +1,11 @@
|
|||
package org.xbib.net.security.ssl.trustmanager;
|
||||
|
||||
import org.xbib.net.security.ssl.util.TrustManagerUtils;
|
||||
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import java.net.Socket;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import javax.net.ssl.SSLEngine;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import org.xbib.net.security.ssl.util.TrustManagerUtils;
|
||||
|
||||
/**
|
||||
* <strong>NOTE:</strong>
|
||||
|
|
|
@ -1,11 +1,5 @@
|
|||
package org.xbib.net.security.ssl.util;
|
||||
|
||||
import org.xbib.net.security.ssl.SSLFactory;
|
||||
import org.xbib.net.security.ssl.exception.GenericCertificateException;
|
||||
import org.xbib.net.security.ssl.exception.GenericIOException;
|
||||
|
||||
import javax.net.ssl.HttpsURLConnection;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.net.URI;
|
||||
|
@ -25,6 +19,11 @@ import java.util.regex.Matcher;
|
|||
import java.util.regex.Pattern;
|
||||
import java.util.stream.Collectors;
|
||||
import java.util.stream.Stream;
|
||||
import javax.net.ssl.HttpsURLConnection;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import org.xbib.net.security.ssl.SSLFactory;
|
||||
import org.xbib.net.security.ssl.exception.GenericCertificateException;
|
||||
import org.xbib.net.security.ssl.exception.GenericIOException;
|
||||
|
||||
class CertificateExtractorUtils {
|
||||
|
||||
|
|
|
@ -1,10 +1,5 @@
|
|||
package org.xbib.net.security.ssl.util;
|
||||
|
||||
import org.xbib.net.security.ssl.exception.GenericCertificateException;
|
||||
import org.xbib.net.security.ssl.exception.GenericIOException;
|
||||
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import javax.security.auth.x500.X500Principal;
|
||||
import java.io.BufferedInputStream;
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.IOException;
|
||||
|
@ -32,6 +27,10 @@ import java.util.regex.Matcher;
|
|||
import java.util.regex.Pattern;
|
||||
import java.util.stream.Collectors;
|
||||
import java.util.stream.Stream;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import javax.security.auth.x500.X500Principal;
|
||||
import org.xbib.net.security.ssl.exception.GenericCertificateException;
|
||||
import org.xbib.net.security.ssl.exception.GenericIOException;
|
||||
|
||||
public final class CertificateUtils {
|
||||
|
||||
|
|
|
@ -1,10 +1,9 @@
|
|||
package org.xbib.net.security.ssl.util;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import org.xbib.net.security.ssl.hostnameverifier.BasicHostNameVerifier;
|
||||
import org.xbib.net.security.ssl.hostnameverifier.UnsafeHostNameVerifier;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
|
||||
public final class HostnameVerifierUtils {
|
||||
|
||||
private HostnameVerifierUtils() {}
|
||||
|
|
|
@ -1,7 +1,5 @@
|
|||
package org.xbib.net.security.ssl.util;
|
||||
|
||||
import org.xbib.net.security.ssl.exception.GenericIOException;
|
||||
|
||||
import java.io.BufferedReader;
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.IOException;
|
||||
|
@ -12,6 +10,7 @@ import java.nio.file.Files;
|
|||
import java.nio.file.Path;
|
||||
import java.nio.file.StandardOpenOption;
|
||||
import java.util.stream.Collectors;
|
||||
import org.xbib.net.security.ssl.exception.GenericIOException;
|
||||
|
||||
public final class IOUtils {
|
||||
|
||||
|
|
|
@ -1,17 +1,5 @@
|
|||
package org.xbib.net.security.ssl.util;
|
||||
|
||||
import org.xbib.net.security.ssl.exception.GenericKeyManagerException;
|
||||
import org.xbib.net.security.ssl.keymanager.CompositeX509ExtendedKeyManager;
|
||||
import org.xbib.net.security.ssl.keymanager.DummyX509ExtendedKeyManager;
|
||||
import org.xbib.net.security.ssl.keymanager.HotSwappableX509ExtendedKeyManager;
|
||||
import org.xbib.net.security.ssl.keymanager.KeyManagerFactoryWrapper;
|
||||
import org.xbib.net.security.ssl.keymanager.X509KeyManagerWrapper;
|
||||
import org.xbib.net.security.ssl.model.KeyStoreHolder;
|
||||
|
||||
import javax.net.ssl.KeyManager;
|
||||
import javax.net.ssl.KeyManagerFactory;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import javax.net.ssl.X509KeyManager;
|
||||
import java.net.URI;
|
||||
import java.security.Key;
|
||||
import java.security.KeyStore;
|
||||
|
@ -30,6 +18,17 @@ import java.util.List;
|
|||
import java.util.Map;
|
||||
import java.util.Map.Entry;
|
||||
import java.util.stream.Collectors;
|
||||
import javax.net.ssl.KeyManager;
|
||||
import javax.net.ssl.KeyManagerFactory;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import javax.net.ssl.X509KeyManager;
|
||||
import org.xbib.net.security.ssl.exception.GenericKeyManagerException;
|
||||
import org.xbib.net.security.ssl.keymanager.CompositeX509ExtendedKeyManager;
|
||||
import org.xbib.net.security.ssl.keymanager.DummyX509ExtendedKeyManager;
|
||||
import org.xbib.net.security.ssl.keymanager.HotSwappableX509ExtendedKeyManager;
|
||||
import org.xbib.net.security.ssl.keymanager.KeyManagerFactoryWrapper;
|
||||
import org.xbib.net.security.ssl.keymanager.X509KeyManagerWrapper;
|
||||
import org.xbib.net.security.ssl.model.KeyStoreHolder;
|
||||
|
||||
public final class KeyManagerUtils {
|
||||
|
||||
|
|
|
@ -1,11 +1,5 @@
|
|||
package org.xbib.net.security.ssl.util;
|
||||
|
||||
import org.xbib.net.security.ssl.exception.GenericKeyStoreException;
|
||||
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
|
||||
import static java.util.Objects.isNull;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.nio.file.Files;
|
||||
|
@ -24,6 +18,9 @@ import java.util.Collection;
|
|||
import java.util.Collections;
|
||||
import java.util.Enumeration;
|
||||
import java.util.List;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import org.xbib.net.security.ssl.exception.GenericKeyStoreException;
|
||||
import static java.util.Objects.isNull;
|
||||
|
||||
public final class KeyStoreUtils {
|
||||
|
||||
|
|
|
@ -1,19 +1,17 @@
|
|||
package org.xbib.net.security.ssl.util;
|
||||
|
||||
import org.xbib.net.security.ssl.exception.GenericSSLContextException;
|
||||
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import javax.net.ssl.X509KeyManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.NoSuchProviderException;
|
||||
import java.security.Provider;
|
||||
import java.security.SecureRandom;
|
||||
import java.util.List;
|
||||
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.X509ExtendedKeyManager;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import javax.net.ssl.X509KeyManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import org.xbib.net.security.ssl.exception.GenericSSLContextException;
|
||||
import static java.util.Objects.nonNull;
|
||||
|
||||
public final class SSLContextUtils {
|
||||
|
|
|
@ -1,10 +1,9 @@
|
|||
package org.xbib.net.security.ssl.util;
|
||||
|
||||
import org.xbib.net.security.ssl.SSLFactory;
|
||||
|
||||
import java.util.Optional;
|
||||
import java.util.function.BiConsumer;
|
||||
import java.util.function.Function;
|
||||
import org.xbib.net.security.ssl.SSLFactory;
|
||||
|
||||
public final class SSLFactoryUtils {
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
package org.xbib.net.security.ssl.util;
|
||||
|
||||
import javax.net.ssl.SSLParameters;
|
||||
import java.util.Optional;
|
||||
import javax.net.ssl.SSLParameters;
|
||||
|
||||
public final class SSLParametersUtils {
|
||||
|
||||
|
|
|
@ -1,10 +1,5 @@
|
|||
package org.xbib.net.security.ssl.util;
|
||||
|
||||
import org.xbib.net.security.ssl.SSLFactory;
|
||||
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import javax.net.ssl.SSLSessionContext;
|
||||
import java.time.Instant;
|
||||
import java.time.ZoneOffset;
|
||||
import java.time.ZonedDateTime;
|
||||
|
@ -14,6 +9,10 @@ import java.util.Objects;
|
|||
import java.util.function.LongFunction;
|
||||
import java.util.function.Predicate;
|
||||
import java.util.stream.Collectors;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import javax.net.ssl.SSLSessionContext;
|
||||
import org.xbib.net.security.ssl.SSLFactory;
|
||||
|
||||
public final class SSLSessionUtils {
|
||||
|
||||
|
|
|
@ -1,12 +1,11 @@
|
|||
package org.xbib.net.security.ssl.util;
|
||||
|
||||
import org.xbib.net.security.ssl.socket.CompositeSSLServerSocketFactory;
|
||||
import org.xbib.net.security.ssl.socket.CompositeSSLSocketFactory;
|
||||
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLParameters;
|
||||
import javax.net.ssl.SSLServerSocketFactory;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import org.xbib.net.security.ssl.socket.CompositeSSLServerSocketFactory;
|
||||
import org.xbib.net.security.ssl.socket.CompositeSSLSocketFactory;
|
||||
|
||||
public final class SSLSocketUtils {
|
||||
|
||||
|
|
|
@ -1,22 +1,5 @@
|
|||
package org.xbib.net.security.ssl.util;
|
||||
|
||||
import org.xbib.net.security.ssl.exception.GenericTrustManagerException;
|
||||
import org.xbib.net.security.ssl.trustmanager.CertificateCapturingX509ExtendedTrustManager;
|
||||
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeValidator;
|
||||
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeWithSSLEngineValidator;
|
||||
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeWithSocketValidator;
|
||||
import org.xbib.net.security.ssl.trustmanager.CompositeX509ExtendedTrustManager;
|
||||
import org.xbib.net.security.ssl.trustmanager.DummyX509ExtendedTrustManager;
|
||||
import org.xbib.net.security.ssl.trustmanager.EnhanceableX509ExtendedTrustManager;
|
||||
import org.xbib.net.security.ssl.trustmanager.HotSwappableX509ExtendedTrustManager;
|
||||
import org.xbib.net.security.ssl.trustmanager.TrustManagerFactoryWrapper;
|
||||
import org.xbib.net.security.ssl.trustmanager.X509TrustManagerWrapper;
|
||||
|
||||
import javax.net.ssl.ManagerFactoryParameters;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.TrustManagerFactory;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
import java.security.KeyStore;
|
||||
import java.security.KeyStoreException;
|
||||
|
@ -30,6 +13,22 @@ import java.util.Collection;
|
|||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
import java.util.stream.Collectors;
|
||||
import javax.net.ssl.ManagerFactoryParameters;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.TrustManagerFactory;
|
||||
import javax.net.ssl.X509ExtendedTrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
import org.xbib.net.security.ssl.exception.GenericTrustManagerException;
|
||||
import org.xbib.net.security.ssl.trustmanager.CertificateCapturingX509ExtendedTrustManager;
|
||||
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeValidator;
|
||||
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeWithSSLEngineValidator;
|
||||
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeWithSocketValidator;
|
||||
import org.xbib.net.security.ssl.trustmanager.CompositeX509ExtendedTrustManager;
|
||||
import org.xbib.net.security.ssl.trustmanager.DummyX509ExtendedTrustManager;
|
||||
import org.xbib.net.security.ssl.trustmanager.EnhanceableX509ExtendedTrustManager;
|
||||
import org.xbib.net.security.ssl.trustmanager.HotSwappableX509ExtendedTrustManager;
|
||||
import org.xbib.net.security.ssl.trustmanager.TrustManagerFactoryWrapper;
|
||||
import org.xbib.net.security.ssl.trustmanager.X509TrustManagerWrapper;
|
||||
|
||||
public final class TrustManagerUtils {
|
||||
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
package org.xbib.net.security.ssl.util;
|
||||
|
||||
import java.net.URI;
|
||||
|
||||
import static java.util.Objects.isNull;
|
||||
|
||||
public final class UriUtils {
|
||||
|
|
|
@ -18,7 +18,6 @@ import java.util.StringTokenizer;
|
|||
import java.util.stream.Collectors;
|
||||
import java.util.stream.Stream;
|
||||
import java.util.stream.StreamSupport;
|
||||
|
||||
import static java.util.Objects.requireNonNull;
|
||||
|
||||
/**
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
org.xbib.net.security.eddsa.EdDSASecurityProvider
|
|
@ -5,7 +5,6 @@ module org.xbib.net.security.test {
|
|||
requires org.xbib.net.security;
|
||||
requires org.bouncycastle.provider;
|
||||
exports org.xbib.net.security.test;
|
||||
exports org.xbib.net.security.test.ed25519;
|
||||
exports org.xbib.net.security.test.eddsa;
|
||||
exports org.xbib.net.security.test.eddsa.math;
|
||||
exports org.xbib.net.security.test.eddsa.math.bigint;
|
||||
|
|
|
@ -13,7 +13,7 @@ public class CertificateReaderTest {
|
|||
|
||||
@Test
|
||||
public void testCert() throws Exception {
|
||||
InputStream inputStream = getClass().getResourceAsStream("/test.crt");
|
||||
InputStream inputStream = getClass().getResourceAsStream("rsa.crt");
|
||||
if (inputStream != null) {
|
||||
CertificateReader certificateReader = new CertificateReader();
|
||||
X509Certificate certificate = certificateReader.readCertificate(inputStream);
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
package org.xbib.net.security.test.ed25519;
|
||||
package org.xbib.net.security.test;
|
||||
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.security.KeyPair;
|
|
@ -1,5 +1,7 @@
|
|||
package org.xbib.net.security.test;
|
||||
|
||||
import java.security.KeyPair;
|
||||
import java.security.PublicKey;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.xbib.net.security.PrivateKeyReader;
|
||||
|
||||
|
@ -9,47 +11,67 @@ import java.nio.charset.StandardCharsets;
|
|||
import java.security.PrivateKey;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.fail;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
|
||||
public class PrivateKeyReaderTest {
|
||||
|
||||
@Test
|
||||
public void testRSA() throws Exception {
|
||||
InputStream inputStream = getClass().getResourceAsStream("/rsa.key");
|
||||
if (inputStream != null) {
|
||||
PrivateKeyReader privateKeyReader = new PrivateKeyReader();
|
||||
PrivateKey privateKey = privateKeyReader.readPrivateKey(inputStream, null);
|
||||
assertEquals("PKCS#8", privateKey.getFormat());
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDSA() throws Exception {
|
||||
InputStream inputStream = getClass().getResourceAsStream("/dsa.key");
|
||||
InputStream inputStream = getClass().getResourceAsStream("dsa.key");
|
||||
if (inputStream != null) {
|
||||
PrivateKeyReader privateKeyReader = new PrivateKeyReader();
|
||||
PrivateKey privateKey = privateKeyReader.readPrivateKey(inputStream, null);
|
||||
KeyPair keyPair = privateKeyReader.readKeyPair(inputStream, null);
|
||||
PrivateKey privateKey = keyPair.getPrivate();
|
||||
assertNotNull(privateKey);
|
||||
assertEquals("PKCS#8", privateKey.getFormat());
|
||||
PublicKey publicKey = keyPair.getPublic();
|
||||
assertNotNull(publicKey);
|
||||
assertEquals("DSA", publicKey.getAlgorithm());
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testEd25519() throws Exception {
|
||||
InputStream inputStream = getClass().getResourceAsStream("/ed25519.key");
|
||||
public void testRSA() throws Exception {
|
||||
InputStream inputStream = getClass().getResourceAsStream("rsa.key");
|
||||
if (inputStream != null) {
|
||||
PrivateKeyReader privateKeyReader = new PrivateKeyReader();
|
||||
PrivateKey privateKey = privateKeyReader.readPrivateKey(inputStream, null);
|
||||
KeyPair keyPair = privateKeyReader.readKeyPair(inputStream, null);
|
||||
PrivateKey privateKey = keyPair.getPrivate();
|
||||
assertNotNull(privateKey);
|
||||
assertEquals("PKCS#8", privateKey.getFormat());
|
||||
PublicKey publicKey = keyPair.getPublic();
|
||||
assertNotNull(publicKey);
|
||||
assertEquals("RSA", publicKey.getAlgorithm());
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testEc() throws Exception {
|
||||
InputStream inputStream = getClass().getResourceAsStream("/ec.key");
|
||||
InputStream inputStream = getClass().getResourceAsStream("ec.key");
|
||||
if (inputStream != null) {
|
||||
PrivateKeyReader privateKeyReader = new PrivateKeyReader();
|
||||
PrivateKey privateKey = privateKeyReader.readPrivateKey(inputStream, null);
|
||||
KeyPair keyPair = privateKeyReader.readKeyPair(inputStream, null);
|
||||
PrivateKey privateKey = keyPair.getPrivate();
|
||||
assertNotNull(privateKey);
|
||||
assertEquals("PKCS#8", privateKey.getFormat());
|
||||
PublicKey publicKey = keyPair.getPublic();
|
||||
assertNotNull(publicKey);
|
||||
assertEquals("EC", publicKey.getAlgorithm());
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testEd25519() throws Exception {
|
||||
InputStream inputStream = getClass().getResourceAsStream("ed25519.key");
|
||||
if (inputStream != null) {
|
||||
PrivateKeyReader privateKeyReader = new PrivateKeyReader();
|
||||
KeyPair keyPair = privateKeyReader.readKeyPair(inputStream, null);
|
||||
PrivateKey privateKey = keyPair.getPrivate();
|
||||
assertNotNull(privateKey);
|
||||
assertEquals("PKCS#8", privateKey.getFormat());
|
||||
PublicKey publicKey = keyPair.getPublic();
|
||||
assertNotNull(publicKey);
|
||||
assertEquals("EdDSA", publicKey.getAlgorithm());
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue