optimize imports, fix PrivateKeyreader for Ed25519 by JDK, and public key derival from private key

This commit is contained in:
Jörg Prante 2024-05-27 11:31:50 +02:00
parent ac6e1480dc
commit 50987d45fb
77 changed files with 420 additions and 389 deletions

View file

@ -1,8 +1,5 @@
package org.xbib.net.security;
import org.xbib.net.security.util.DistinguishedNameParser;
import javax.crypto.NoSuchPaddingException;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
@ -26,6 +23,8 @@ import java.util.Base64;
import java.util.Collection;
import java.util.List;
import java.util.Scanner;
import javax.crypto.NoSuchPaddingException;
import org.xbib.net.security.util.DistinguishedNameParser;
public class CertificateReader {

View file

@ -1,6 +1,5 @@
package org.xbib.net.security;
import javax.crypto.NoSuchPaddingException;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidAlgorithmParameterException;
@ -12,6 +11,7 @@ import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.util.Collection;
import java.util.Map;
import javax.crypto.NoSuchPaddingException;
public class DefaultCertificateProvider implements CertificateProvider {

View file

@ -1,11 +1,5 @@
package org.xbib.net.security;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.security.auth.x500.X500Principal;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
@ -34,7 +28,12 @@ import java.util.List;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.security.auth.x500.X500Principal;
import static java.lang.String.format;
import static java.nio.charset.StandardCharsets.US_ASCII;
import static java.util.Base64.getMimeDecoder;
@ -44,8 +43,8 @@ import static javax.crypto.Cipher.DECRYPT_MODE;
import static org.xbib.net.security.util.DerUtils.decodeSequence;
import static org.xbib.net.security.util.DerUtils.decodeSequenceOptionalElement;
import static org.xbib.net.security.util.DerUtils.encodeBitString;
import static org.xbib.net.security.util.DerUtils.encodeOctetString;
import static org.xbib.net.security.util.DerUtils.encodeOID;
import static org.xbib.net.security.util.DerUtils.encodeOctetString;
import static org.xbib.net.security.util.DerUtils.encodeSequence;
public final class PemReader {

View file

@ -1,11 +1,5 @@
package org.xbib.net.security;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.security.auth.x500.X500Principal;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
@ -25,7 +19,12 @@ import java.util.Base64;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.security.auth.x500.X500Principal;
import static java.nio.charset.StandardCharsets.US_ASCII;
import static java.util.regex.Pattern.CASE_INSENSITIVE;
import static javax.crypto.Cipher.DECRYPT_MODE;

View file

@ -1,23 +1,5 @@
package org.xbib.net.security;
import java.security.KeyPair;
import java.security.PublicKey;
import java.security.spec.KeySpec;
import org.xbib.net.security.eddsa.EdDSAPrivateKey;
import org.xbib.net.security.eddsa.EdDSAPublicKey;
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveTable;
import org.xbib.net.security.eddsa.spec.EdDSAPrivateKeySpec;
import org.xbib.net.security.eddsa.spec.EdDSAPublicKeySpec;
import org.xbib.net.security.util.Asn1Object;
import org.xbib.net.security.util.DerParser;
import org.xbib.net.security.util.DerUtils;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
@ -28,29 +10,57 @@ import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.EdECPrivateKey;
import java.security.interfaces.EdECPublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.DSAPrivateKeySpec;
import java.security.spec.DSAPublicKeySpec;
import java.security.spec.ECField;
import java.security.spec.ECFieldFp;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.EdECPoint;
import java.security.spec.EdECPrivateKeySpec;
import java.security.spec.EdECPublicKeySpec;
import java.security.spec.EllipticCurve;
import java.security.spec.EncodedKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.NamedParameterSpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.Arrays;
import java.util.Base64;
import java.util.Objects;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import org.xbib.net.security.util.Asn1Object;
import org.xbib.net.security.util.DerParser;
import org.xbib.net.security.util.DerUtils;
/**
* Class for reading RSA private key from PEM formatted text.
* It can read PEM files with PKCS#8 or PKCS#1 encodings.
* Key reader for reading private keys from inputstreams, PEM formatted text etc. with PKCS#8 or PKCS#1 encodings.
* It doesn't support encrypted PEM files.
*/
public class PrivateKeyReader {
@ -78,91 +88,111 @@ public class PrivateKeyReader {
public PrivateKeyReader() {
}
public KeySpec parse(InputStream inputStream, String password)
public KeySpec parse(InputStream inputStream,
String password)
throws IOException, NoSuchAlgorithmException, InvalidKeySpecException,
InvalidAlgorithmParameterException, NoSuchPaddingException, InvalidKeyException {
Objects.requireNonNull(inputStream);
byte[] key = inputStream.readAllBytes();
if (indexOf(key, BEGIN_PRIVATE_KEY,0, key.length) >= 0) {
byte[] keyBytes = extract(key, BEGIN_PRIVATE_KEY, END_PRIVATE_KEY);
return generateKeySpec(keyBytes, password != null ? password.toCharArray() : null);
}
if (indexOf(key, BEGIN_RSA_PRIVATE_KEY,0, key.length) >= 0) {
return getKeySpec(keyBytes, password != null ? password.toCharArray() : null);
} else if (indexOf(key, BEGIN_RSA_PRIVATE_KEY,0, key.length) >= 0) {
byte[] keyBytes = extract(key, BEGIN_RSA_PRIVATE_KEY, END_RSA_PRIVATE_KEY);
return getRSAKeySpec(keyBytes);
}
if (indexOf(key, BEGIN_DSA_PRIVATE_KEY,0, key.length) >= 0) {
} else if (indexOf(key, BEGIN_DSA_PRIVATE_KEY,0, key.length) >= 0) {
byte[] keyBytes = extract(key, BEGIN_DSA_PRIVATE_KEY, END_DSA_PRIVATE_KEY);
return getDSAKeySpec(keyBytes);
}
if (indexOf(key, BEGIN_EC_PRIVATE_KEY,0, key.length) >= 0) {
} else if (indexOf(key, BEGIN_EC_PRIVATE_KEY,0, key.length) >= 0) {
byte[] keyBytes = extract(key, BEGIN_EC_PRIVATE_KEY, END_EC_PRIVATE_KEY);
return getECKeySpec(keyBytes);
}
if (indexOf(key, BEGIN_OPENSSH_PRIVATE_KEY,0, key.length) >= 0) {
} else if (indexOf(key, BEGIN_OPENSSH_PRIVATE_KEY,0, key.length) >= 0) {
byte[] keyBytes = extract(key, BEGIN_OPENSSH_PRIVATE_KEY, END_OPENSSH_PRIVATE_KEY);
byte[] sk = Arrays.copyOfRange(keyBytes, 0, 32);
return new EdDSAPrivateKeySpec(sk, EdDSANamedCurveTable.getByName("Ed25519"));
return getEdECKeySpec(sk);
}
throw new IOException("invalid PEM input stream");
}
public PrivateKey readPrivateKey(InputStream inputStream, String password)
public PrivateKey readPrivateKey(InputStream inputStream,
String password)
throws IOException, NoSuchAlgorithmException, InvalidKeySpecException,
InvalidAlgorithmParameterException, NoSuchPaddingException, InvalidKeyException {
KeySpec keySpec = parse(inputStream, password);
if (keySpec instanceof EncodedKeySpec) {
return KeyFactory.getInstance("RSA").generatePrivate(keySpec);
}
if (keySpec instanceof RSAPrivateCrtKeySpec) {
} else if (keySpec instanceof RSAPrivateCrtKeySpec) {
return KeyFactory.getInstance("RSA").generatePrivate(keySpec);
}
if (keySpec instanceof DSAPrivateKeySpec) {
return KeyFactory.getInstance("DSA").generatePrivate(keySpec);
}
if (keySpec instanceof ECPrivateKeySpec) {
} else if (keySpec instanceof ECPrivateKeySpec) {
return KeyFactory.getInstance("EC").generatePrivate(keySpec);
}
if (keySpec instanceof EdDSAPrivateKeySpec) {
return new EdDSAPrivateKey((EdDSAPrivateKeySpec) keySpec);
} else if (keySpec instanceof EdECPrivateKeySpec) {
return KeyFactory.getInstance("EdDSA").generatePrivate(keySpec);
} else if (keySpec instanceof DSAPrivateKeySpec) {
return KeyFactory.getInstance("DSA").generatePrivate(keySpec);
}
throw new IOException("invalid PEM");
}
public KeyPair generateFrom(InputStream inputStream, String password)
public KeyPair readKeyPair(InputStream inputStream,
String password)
throws IOException, NoSuchAlgorithmException, InvalidKeySpecException,
InvalidAlgorithmParameterException, NoSuchPaddingException, InvalidKeyException {
KeySpec keySpec = parse(inputStream, password);
PrivateKey privateKey = null;
PublicKey publicKey = null;
if (keySpec instanceof EncodedKeySpec) {
privateKey = KeyFactory.getInstance("RSA").generatePrivate(keySpec);
publicKey = KeyFactory.getInstance("RSA").generatePublic(keySpec);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
privateKey = keyFactory.generatePrivate(keySpec);
publicKey = getRSAPublicKey(keyFactory, privateKey);
} else if (keySpec instanceof RSAPrivateCrtKeySpec) {
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
privateKey = keyFactory.generatePrivate(keySpec);
publicKey = getRSAPublicKey(keyFactory, privateKey);
} else if (keySpec instanceof ECPrivateKeySpec) {
KeyFactory keyFactory = KeyFactory.getInstance("EC");
privateKey = keyFactory.generatePrivate(keySpec);
publicKey = getECPublicKey(keyFactory, privateKey);
} else if (keySpec instanceof EdECPrivateKeySpec) {
KeyFactory keyFactory = KeyFactory.getInstance("EdDSA");
privateKey = keyFactory.generatePrivate(keySpec);
publicKey = getEdECPublicKey(keyFactory, privateKey);
} else if (keySpec instanceof DSAPrivateKeySpec) {
KeyFactory keyFactory = KeyFactory.getInstance("DSA");
privateKey = keyFactory.generatePrivate(keySpec);
publicKey = getDSAPublicKey(keyFactory, privateKey);
}
if (keySpec instanceof RSAPrivateCrtKeySpec) {
privateKey = KeyFactory.getInstance("RSA").generatePrivate(keySpec);
publicKey = KeyFactory.getInstance("RSA").generatePublic(keySpec);
}
if (keySpec instanceof DSAPrivateKeySpec) {
privateKey = KeyFactory.getInstance("DSA").generatePrivate(keySpec);
publicKey = KeyFactory.getInstance("DSA").generatePublic(keySpec);
}
if (keySpec instanceof ECPrivateKeySpec) {
privateKey = KeyFactory.getInstance("EC").generatePrivate(keySpec);
publicKey = KeyFactory.getInstance("EC").generatePublic(keySpec);
}
if (keySpec instanceof EdDSAPrivateKeySpec) {
EdDSAPrivateKeySpec privateKeySpec = (EdDSAPrivateKeySpec) keySpec;
privateKey = new EdDSAPrivateKey(privateKeySpec);
EdDSAPublicKeySpec publicKeySpec = new EdDSAPublicKeySpec(privateKeySpec.getA(), privateKeySpec.getParams());
publicKey = new EdDSAPublicKey(publicKeySpec);
}
if (publicKey != null && privateKey != null) {
if (publicKey != null) {
return new KeyPair(publicKey, privateKey);
}
throw new IOException("invalid PEM");
}
public static PrivateKey toPrivateKey(InputStream keyInputStream,
String keyPassword)
throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException,
InvalidAlgorithmParameterException, KeyException, IOException {
if (keyInputStream == null) {
return null;
}
return getPrivateKey(readPrivateKey(keyInputStream), keyPassword);
}
public static PrivateKey getPrivateKey(byte[] key,
String keyPassword)
throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException,
InvalidAlgorithmParameterException, KeyException, IOException {
PKCS8EncodedKeySpec encodedKeySpec =
getKeySpec(key, keyPassword == null ? null : keyPassword.toCharArray());
for (String keyType : KEY_TYPES) {
try {
return KeyFactory.getInstance(keyType).generatePrivate(encodedKeySpec);
} catch (InvalidKeySpecException e) {
// ignore exception
}
}
throw new InvalidKeySpecException("no key worked: " + Arrays.asList(KEY_TYPES));
}
/**
* Convert PKCS#1 encoded private key into RSAPrivateCrtKeySpec.
* The ASN.1 syntax for the private key with CRT is
@ -282,6 +312,11 @@ public class PrivateKeyReader {
}
}
private EdECPrivateKeySpec getEdECKeySpec(byte[] keySpec) {
NamedParameterSpec params = NamedParameterSpec.ED25519;
return new EdECPrivateKeySpec(params, keySpec);
}
private static final Curve SECP256R1 = initializeCurve(
"secp256r1 [NIST P-256, X9.62 prime256v1]",
"1.2.840.10045.3.1.7",
@ -328,12 +363,11 @@ public class PrivateKeyReader {
return new Curve(name, oid, curve, g, bigInt(n), h);
}
static final class Curve extends ECParameterSpec {
private static final class Curve extends ECParameterSpec {
private final String name;
private final String oid;
Curve(String name, String oid, EllipticCurve curve,
ECPoint g, BigInteger n, int h) {
private Curve(String name, String oid, EllipticCurve curve, ECPoint g, BigInteger n, int h) {
super(curve, g, n, h);
this.name = name;
this.oid = oid;
@ -350,7 +384,7 @@ public class PrivateKeyReader {
return new BigInteger(s, 16);
}
private static PKCS8EncodedKeySpec generateKeySpec(byte[] key, char[] password)
private static PKCS8EncodedKeySpec getKeySpec(byte[] key, char[] password)
throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException,
InvalidKeyException, InvalidAlgorithmParameterException {
if (password == null) {
@ -365,6 +399,62 @@ public class PrivateKeyReader {
return encryptedPrivateKeyInfo.getKeySpec(cipher);
}
private static DSAPublicKey getDSAPublicKey(KeyFactory keyFactory, PrivateKey key)
throws InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException {
if (!(key instanceof DSAPrivateKey dsaPrivateKey)) {
throw new InvalidKeyException("Private key is not DSA private key");
}
DSAParams dsaParams = dsaPrivateKey.getParams();
BigInteger g = dsaParams.getG();
BigInteger p = dsaParams.getP();
BigInteger q = dsaParams.getQ();
BigInteger y = dsaParams.getG().modPow(dsaPrivateKey.getX(), dsaParams.getP());
DSAPublicKeySpec spec = new DSAPublicKeySpec(y, p, q, g);
return DSAPublicKey.class.cast(keyFactory.generatePublic(spec));
}
private static RSAPublicKey getRSAPublicKey(KeyFactory keyFactory, PrivateKey key)
throws InvalidKeyException, InvalidKeySpecException {
if (!(key instanceof RSAPrivateKey)) {
throw new InvalidKeyException("Private key is not RSA private key");
}
RSAPrivateKeySpec rsaPrivateKeySpec = keyFactory.getKeySpec(key, RSAPrivateKeySpec.class);
RSAPublicKeySpec spec = new RSAPublicKeySpec(rsaPrivateKeySpec.getModulus(), BigInteger.valueOf(65537));
return RSAPublicKey.class.cast(keyFactory.generatePublic(spec));
}
private static ECPublicKey getECPublicKey(KeyFactory keyFactory, PrivateKey key)
throws InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException {
if (!(key instanceof ECPrivateKey ecPrivateKey)) {
throw new InvalidKeyException("Private key is not EC private key");
}
ECParameterSpec ecParameterSpec = ecPrivateKey.getParams();
BigInteger x = ecParameterSpec.getGenerator().getAffineX();
BigInteger y = ecParameterSpec.getGenerator().getAffineX();
ECPoint ecPoint = new ECPoint(x, y);
ECPublicKeySpec spec = new ECPublicKeySpec(ecPoint, ecParameterSpec);
return ECPublicKey.class.cast(keyFactory.generatePublic(spec));
}
private static EdECPublicKey getEdECPublicKey(KeyFactory keyFactory, PrivateKey key)
throws InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException {
if (!(key instanceof EdECPrivateKey)) {
throw new InvalidKeyException("Private key is not EdEC private key");
}
byte[] pk = key.getEncoded();
boolean xisodd = false;
int lastbyteInt = pk[pk.length - 1];
if ((lastbyteInt & 255) >> 7 == 1) {
xisodd = true;
}
pk[pk.length - 1] &= 127;
BigInteger y = new BigInteger(1, pk);
NamedParameterSpec paramSpec = new NamedParameterSpec("Ed25519");
EdECPoint ep = new EdECPoint(xisodd, y);
EdECPublicKeySpec publicKeySpec = new EdECPublicKeySpec(paramSpec, ep);
return EdECPublicKey.class.cast(keyFactory.generatePublic(publicKeySpec));
}
private static int indexOf(byte[] array, byte[] target, int start, int end) {
if (target.length == 0) {
return 0;
@ -397,37 +487,13 @@ public class PrivateKeyReader {
}
private static final String[] KEY_TYPES = {
"RSA", "DSA", "EC"
"RSA", "DSA", "EC", "EdDSA"
};
private static final Pattern KEY_PATTERN =
Pattern.compile("-+BEGIN\\s+.*PRIVATE\\s+KEY[^-]*-+(?:\\s|\\r|\\n)+" +
"([a-z0-9+/=\\r\\n]+)" + "-+END\\s+.*PRIVATE\\s+KEY[^-]*-+", Pattern.CASE_INSENSITIVE);
public static PrivateKey toPrivateKey(InputStream keyInputStream, String keyPassword)
throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException,
InvalidAlgorithmParameterException, KeyException, IOException {
if (keyInputStream == null) {
return null;
}
return getPrivateKey(readPrivateKey(keyInputStream), keyPassword);
}
public static PrivateKey getPrivateKey(byte[] key, String keyPassword)
throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException,
InvalidAlgorithmParameterException, KeyException, IOException {
PKCS8EncodedKeySpec encodedKeySpec =
generateKeySpec(key, keyPassword == null ? null : keyPassword.toCharArray());
for (String keyType : KEY_TYPES) {
try {
return KeyFactory.getInstance(keyType).generatePrivate(encodedKeySpec);
} catch (InvalidKeySpecException e) {
// ignore
}
}
throw new InvalidKeySpecException("Neither RSA, DSA nor EC worked");
}
private static byte[] readPrivateKey(InputStream inputStream) throws KeyException, IOException {
try (BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream, StandardCharsets.US_ASCII))) {
String string = bufferedReader.lines().collect(Collectors.joining(System.lineSeparator()));

View file

@ -1,9 +1,5 @@
package org.xbib.net.security;
import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
@ -16,6 +12,10 @@ import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
public class SecureSocketFactory extends SSLSocketFactory {

View file

@ -1,9 +1,5 @@
package org.xbib.net.security.cookie;
import org.xbib.net.PercentDecoder;
import org.xbib.net.PercentEncoder;
import org.xbib.net.PercentEncoders;
import java.nio.charset.Charset;
import java.nio.charset.CodingErrorAction;
import java.nio.charset.MalformedInputException;
@ -12,6 +8,9 @@ import java.nio.charset.UnmappableCharacterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import org.xbib.net.PercentDecoder;
import org.xbib.net.PercentEncoder;
import org.xbib.net.PercentEncoders;
public class CookieSigner {

View file

@ -1,7 +1,5 @@
package org.xbib.net.security.cookie;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
@ -11,6 +9,8 @@ import java.security.SecureRandom;
import java.util.Base64;
import java.util.Objects;
import java.util.Random;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
/**
* A utility class for invoking encryption methods and returning password strings,

View file

@ -1,9 +1,5 @@
package org.xbib.net.security.eddsa;
import org.xbib.net.security.eddsa.math.Curve;
import org.xbib.net.security.eddsa.math.GroupElement;
import org.xbib.net.security.eddsa.math.ScalarOps;
import java.io.ByteArrayOutputStream;
import java.nio.ByteBuffer;
import java.security.InvalidAlgorithmParameterException;
@ -16,6 +12,9 @@ import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import org.xbib.net.security.eddsa.math.Curve;
import org.xbib.net.security.eddsa.math.GroupElement;
import org.xbib.net.security.eddsa.math.ScalarOps;
/**
* Signing and verification for EdDSA.

View file

@ -1,14 +1,13 @@
package org.xbib.net.security.eddsa;
import org.xbib.net.security.eddsa.math.GroupElement;
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveTable;
import org.xbib.net.security.eddsa.spec.EdDSAParameterSpec;
import org.xbib.net.security.eddsa.spec.EdDSAPrivateKeySpec;
import java.security.PrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Arrays;
import org.xbib.net.security.eddsa.math.GroupElement;
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveTable;
import org.xbib.net.security.eddsa.spec.EdDSAParameterSpec;
import org.xbib.net.security.eddsa.spec.EdDSAPrivateKeySpec;
/**
* An EdDSA private key.

View file

@ -1,14 +1,13 @@
package org.xbib.net.security.eddsa;
import org.xbib.net.security.eddsa.math.GroupElement;
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveTable;
import org.xbib.net.security.eddsa.spec.EdDSAParameterSpec;
import org.xbib.net.security.eddsa.spec.EdDSAPublicKeySpec;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import org.xbib.net.security.eddsa.math.GroupElement;
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveTable;
import org.xbib.net.security.eddsa.spec.EdDSAParameterSpec;
import org.xbib.net.security.eddsa.spec.EdDSAPublicKeySpec;
/**
* An EdDSA public key.

View file

@ -1,8 +1,5 @@
package org.xbib.net.security.eddsa;
import org.xbib.net.security.eddsa.spec.EdDSAPrivateKeySpec;
import org.xbib.net.security.eddsa.spec.EdDSAPublicKeySpec;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactorySpi;
@ -12,6 +9,8 @@ import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import org.xbib.net.security.eddsa.spec.EdDSAPrivateKeySpec;
import org.xbib.net.security.eddsa.spec.EdDSAPublicKeySpec;
public final class KeyFactory extends KeyFactorySpi {

View file

@ -1,12 +1,5 @@
package org.xbib.net.security.eddsa;
import org.xbib.net.security.eddsa.spec.EdDSAGenParameterSpec;
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveSpec;
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveTable;
import org.xbib.net.security.eddsa.spec.EdDSAParameterSpec;
import org.xbib.net.security.eddsa.spec.EdDSAPrivateKeySpec;
import org.xbib.net.security.eddsa.spec.EdDSAPublicKeySpec;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidParameterException;
import java.security.KeyPair;
@ -14,6 +7,12 @@ import java.security.KeyPairGeneratorSpi;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Hashtable;
import org.xbib.net.security.eddsa.spec.EdDSAGenParameterSpec;
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveSpec;
import org.xbib.net.security.eddsa.spec.EdDSANamedCurveTable;
import org.xbib.net.security.eddsa.spec.EdDSAParameterSpec;
import org.xbib.net.security.eddsa.spec.EdDSAPrivateKeySpec;
import org.xbib.net.security.eddsa.spec.EdDSAPublicKeySpec;
/**
* Default keysize is 256 (Ed25519).

View file

@ -1,8 +1,7 @@
package org.xbib.net.security.eddsa.math;
import org.xbib.net.security.eddsa.Utils;
import java.util.Arrays;
import org.xbib.net.security.eddsa.Utils;
/**
* A point $(x,y)$ on an EdDSA curve.

View file

@ -1,10 +1,9 @@
package org.xbib.net.security.eddsa.math.bigint;
import java.math.BigInteger;
import org.xbib.net.security.eddsa.math.Field;
import org.xbib.net.security.eddsa.math.FieldElement;
import java.math.BigInteger;
/**
* A particular element of the field \Z/(2^255-19).
*/

View file

@ -1,11 +1,10 @@
package org.xbib.net.security.eddsa.math.bigint;
import java.math.BigInteger;
import org.xbib.net.security.eddsa.math.Encoding;
import org.xbib.net.security.eddsa.math.Field;
import org.xbib.net.security.eddsa.math.FieldElement;
import java.math.BigInteger;
public class BigIntegerLittleEndianEncoding extends Encoding {
/**

View file

@ -1,10 +1,9 @@
package org.xbib.net.security.eddsa.math.bigint;
import java.math.BigInteger;
import org.xbib.net.security.eddsa.math.Field;
import org.xbib.net.security.eddsa.math.ScalarOps;
import java.math.BigInteger;
public class BigIntegerScalarOps implements ScalarOps {
private final BigInteger l;
private final BigIntegerLittleEndianEncoding enc;

View file

@ -1,11 +1,10 @@
package org.xbib.net.security.eddsa.math.ed25519;
import java.util.Arrays;
import org.xbib.net.security.eddsa.Utils;
import org.xbib.net.security.eddsa.math.Field;
import org.xbib.net.security.eddsa.math.FieldElement;
import java.util.Arrays;
/**
* Class to represent a field element of the finite field $p = 2^{255} - 19$ elements.
* An element $t$, entries $t[0] \dots t[9]$, represents the integer

View file

@ -1,7 +1,6 @@
package org.xbib.net.security.eddsa.math.ed25519;
import org.xbib.net.security.eddsa.math.ScalarOps;
import static org.xbib.net.security.eddsa.math.ed25519.Ed25519LittleEndianEncoding.load_3;
import static org.xbib.net.security.eddsa.math.ed25519.Ed25519LittleEndianEncoding.load_4;

View file

@ -1,14 +1,13 @@
package org.xbib.net.security.eddsa.spec;
import java.util.Hashtable;
import java.util.Locale;
import org.xbib.net.security.eddsa.Utils;
import org.xbib.net.security.eddsa.math.Curve;
import org.xbib.net.security.eddsa.math.Field;
import org.xbib.net.security.eddsa.math.ed25519.Ed25519LittleEndianEncoding;
import org.xbib.net.security.eddsa.math.ed25519.Ed25519ScalarOps;
import java.util.Hashtable;
import java.util.Locale;
/**
* The named EdDSA curves.
*/

View file

@ -1,12 +1,11 @@
package org.xbib.net.security.eddsa.spec;
import org.xbib.net.security.eddsa.math.Curve;
import org.xbib.net.security.eddsa.math.GroupElement;
import org.xbib.net.security.eddsa.math.ScalarOps;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.spec.AlgorithmParameterSpec;
import org.xbib.net.security.eddsa.math.Curve;
import org.xbib.net.security.eddsa.math.GroupElement;
import org.xbib.net.security.eddsa.math.ScalarOps;
/**
* Parameter specification for an EdDSA algorithm.

View file

@ -1,11 +1,10 @@
package org.xbib.net.security.eddsa.spec;
import org.xbib.net.security.eddsa.math.GroupElement;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.spec.KeySpec;
import java.util.Arrays;
import org.xbib.net.security.eddsa.math.GroupElement;
/**
*

View file

@ -1,8 +1,7 @@
package org.xbib.net.security.eddsa.spec;
import org.xbib.net.security.eddsa.math.GroupElement;
import java.security.spec.KeySpec;
import org.xbib.net.security.eddsa.math.GroupElement;
public class EdDSAPublicKeySpec implements KeySpec {
private final GroupElement A;

View file

@ -1,5 +1,7 @@
package org.xbib.net.security.jaas;
import java.io.IOException;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
@ -8,8 +10,6 @@ import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import java.io.IOException;
import java.util.Map;
class DummyLoginModule implements LoginModule {

View file

@ -1,8 +1,8 @@
package org.xbib.net.security.signatures;
import javax.crypto.Mac;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Mac;
/**
* The cryptographic algorithms for the HTTP signature.

View file

@ -1,6 +1,5 @@
package org.xbib.net.security.signatures;
import javax.crypto.Mac;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.Key;
@ -8,7 +7,7 @@ import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.util.Map;
import javax.crypto.Mac;
import static java.util.Objects.requireNonNull;
/**

View file

@ -1,6 +1,5 @@
package org.xbib.net.security.signatures;
import javax.crypto.Mac;
import java.io.IOException;
import java.security.Key;
import java.security.MessageDigest;
@ -9,7 +8,7 @@ import java.security.Provider;
import java.security.PublicKey;
import java.security.SignatureException;
import java.util.Map;
import javax.crypto.Mac;
import static java.util.Objects.requireNonNull;
/**

View file

@ -1,40 +1,5 @@
package org.xbib.net.security.ssl;
import org.xbib.net.security.ssl.exception.GenericKeyStoreException;
import org.xbib.net.security.ssl.exception.GenericSecurityException;
import org.xbib.net.security.ssl.model.KeyStoreHolder;
import org.xbib.net.security.ssl.model.SSLMaterial;
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeValidator;
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeWithSSLEngineValidator;
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeWithSocketValidator;
import org.xbib.net.security.ssl.trustmanager.TrustAnchorTrustOptions;
import org.xbib.net.security.ssl.trustmanager.TrustStoreTrustOptions;
import org.xbib.net.security.ssl.util.HostnameVerifierUtils;
import org.xbib.net.security.ssl.util.KeyManagerUtils;
import org.xbib.net.security.ssl.util.KeyStoreUtils;
import org.xbib.net.security.ssl.util.SSLContextUtils;
import org.xbib.net.security.ssl.util.SSLParametersUtils;
import org.xbib.net.security.ssl.util.SSLSessionUtils;
import org.xbib.net.security.ssl.util.SSLSocketUtils;
import org.xbib.net.security.ssl.util.StringUtils;
import org.xbib.net.security.ssl.util.TrustManagerUtils;
import org.xbib.net.security.ssl.util.UriUtils;
import org.xbib.net.security.ssl.util.ValidationUtils;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import java.io.InputStream;
import java.net.URI;
import java.nio.file.Path;
@ -57,7 +22,40 @@ import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.xbib.net.security.ssl.exception.GenericKeyStoreException;
import org.xbib.net.security.ssl.exception.GenericSecurityException;
import org.xbib.net.security.ssl.model.KeyStoreHolder;
import org.xbib.net.security.ssl.model.SSLMaterial;
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeValidator;
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeWithSSLEngineValidator;
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeWithSocketValidator;
import org.xbib.net.security.ssl.trustmanager.TrustAnchorTrustOptions;
import org.xbib.net.security.ssl.trustmanager.TrustStoreTrustOptions;
import org.xbib.net.security.ssl.util.HostnameVerifierUtils;
import org.xbib.net.security.ssl.util.KeyManagerUtils;
import org.xbib.net.security.ssl.util.KeyStoreUtils;
import org.xbib.net.security.ssl.util.SSLContextUtils;
import org.xbib.net.security.ssl.util.SSLParametersUtils;
import org.xbib.net.security.ssl.util.SSLSessionUtils;
import org.xbib.net.security.ssl.util.SSLSocketUtils;
import org.xbib.net.security.ssl.util.StringUtils;
import org.xbib.net.security.ssl.util.TrustManagerUtils;
import org.xbib.net.security.ssl.util.UriUtils;
import org.xbib.net.security.ssl.util.ValidationUtils;
import static java.util.Objects.isNull;
import static java.util.Objects.nonNull;

View file

@ -1,9 +1,8 @@
package org.xbib.net.security.ssl.hostnameverifier;
import org.xbib.net.security.ssl.util.HostnameVerifierUtils;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import org.xbib.net.security.ssl.util.HostnameVerifierUtils;
/**
* <strong>NOTE:</strong>

View file

@ -1,9 +1,8 @@
package org.xbib.net.security.ssl.hostnameverifier;
import org.xbib.net.security.ssl.util.HostnameVerifierUtils;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import org.xbib.net.security.ssl.util.HostnameVerifierUtils;
/**
* <strong>NOTE:</strong>

View file

@ -1,13 +1,13 @@
package org.xbib.net.security.ssl.keymanager;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;
import java.util.Arrays;
import java.util.List;
import java.util.Objects;
import java.util.function.Function;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;
/**
* <strong>NOTE:</strong>

View file

@ -1,10 +1,5 @@
package org.xbib.net.security.ssl.keymanager;
import org.xbib.net.security.ssl.util.KeyManagerUtils;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.X509ExtendedKeyManager;
import java.net.Socket;
import java.net.URI;
import java.security.Principal;
@ -15,6 +10,10 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.X509ExtendedKeyManager;
import org.xbib.net.security.ssl.util.KeyManagerUtils;
/**
* Represents an ordered list of {@link X509ExtendedKeyManager} with most-preferred managers first.

View file

@ -1,14 +1,13 @@
package org.xbib.net.security.ssl.keymanager;
import org.xbib.net.security.ssl.util.ValidationUtils;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;
import java.net.Socket;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;
import org.xbib.net.security.ssl.util.ValidationUtils;
/**
* <strong>NOTE:</strong>

View file

@ -1,8 +1,8 @@
package org.xbib.net.security.ssl.keymanager;
import java.security.Principal;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedKeyManager;
import java.security.Principal;
/**
* <strong>NOTE:</strong>

View file

@ -1,11 +1,11 @@
package org.xbib.net.security.ssl.keymanager;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedKeyManager;
import java.net.Socket;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedKeyManager;
/**
* <strong>NOTE:</strong>

View file

@ -1,10 +1,9 @@
package org.xbib.net.security.ssl.keymanager;
import javax.net.ssl.X509ExtendedKeyManager;
import org.xbib.net.security.ssl.util.KeyManagerUtils;
import org.xbib.net.security.ssl.util.ValidationUtils;
import javax.net.ssl.X509ExtendedKeyManager;
/**
* <strong>NOTE:</strong>
* Please don't use this class directly as it is part of the internal API. Class name and methods can be changed any time.

View file

@ -1,11 +1,10 @@
package org.xbib.net.security.ssl.keymanager;
import org.xbib.net.security.ssl.util.ValidationUtils;
import java.security.KeyStore;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactorySpi;
import javax.net.ssl.ManagerFactoryParameters;
import java.security.KeyStore;
import org.xbib.net.security.ssl.util.ValidationUtils;
/**
* <strong>NOTE:</strong>

View file

@ -1,10 +1,9 @@
package org.xbib.net.security.ssl.keymanager;
import org.xbib.net.security.ssl.util.KeyManagerUtils;
import java.security.Provider;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import java.security.Provider;
import org.xbib.net.security.ssl.util.KeyManagerUtils;
/**
* <strong>NOTE:</strong>

View file

@ -1,11 +1,5 @@
package org.xbib.net.security.ssl.keymanager;
import javax.net.ssl.ExtendedSSLSession;
import javax.net.ssl.SNIServerName;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.URI;
@ -14,11 +8,17 @@ import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Objects;
import java.util.Set;
import java.util.function.Function;
import java.util.function.Predicate;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import java.util.Set;
import javax.net.ssl.ExtendedSSLSession;
import javax.net.ssl.SNIServerName;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;
/**
* <strong>NOTE:</strong>

View file

@ -1,10 +1,9 @@
package org.xbib.net.security.ssl.keymanager;
import org.xbib.net.security.ssl.util.KeyManagerUtils;
import java.security.Principal;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509KeyManager;
import java.security.Principal;
import org.xbib.net.security.ssl.util.KeyManagerUtils;
/**
* <strong>NOTE:</strong>

View file

@ -1,11 +1,11 @@
package org.xbib.net.security.ssl.model;
import java.util.List;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509ExtendedTrustManager;
import java.util.List;
/**
* <strong>NOTE:</strong>

View file

@ -1,14 +1,13 @@
package org.xbib.net.security.ssl.socket;
import org.xbib.net.security.ssl.util.SSLSocketUtils;
import org.xbib.net.security.ssl.util.ValidationUtils;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import org.xbib.net.security.ssl.util.SSLSocketUtils;
import org.xbib.net.security.ssl.util.ValidationUtils;
/**
* <strong>NOTE:</strong>

View file

@ -1,16 +1,15 @@
package org.xbib.net.security.ssl.socket;
import org.xbib.net.security.ssl.util.SSLSocketUtils;
import org.xbib.net.security.ssl.util.ValidationUtils;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import org.xbib.net.security.ssl.util.SSLSocketUtils;
import org.xbib.net.security.ssl.util.ValidationUtils;
/**
* <strong>NOTE:</strong>

View file

@ -1,12 +1,12 @@
package org.xbib.net.security.ssl.trustmanager;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedTrustManager;
import java.net.Socket;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedTrustManager;
/**
* <strong>NOTE:</strong>

View file

@ -1,8 +1,8 @@
package org.xbib.net.security.ssl.trustmanager;
import javax.net.ssl.SSLEngine;
import java.security.cert.X509Certificate;
import java.util.Objects;
import javax.net.ssl.SSLEngine;
@FunctionalInterface
public interface ChainAndAuthTypeWithSSLEngineValidator {

View file

@ -1,10 +1,10 @@
package org.xbib.net.security.ssl.trustmanager;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509TrustManager;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509TrustManager;
/**
* <strong>NOTE:</strong>

View file

@ -1,15 +1,14 @@
package org.xbib.net.security.ssl.trustmanager;
import org.xbib.net.security.ssl.util.TrustManagerUtils;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedTrustManager;
import java.net.Socket;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedTrustManager;
import org.xbib.net.security.ssl.util.TrustManagerUtils;
/**
* {@link CompositeX509ExtendedTrustManager} is a wrapper for a collection of TrustManagers.

View file

@ -1,14 +1,13 @@
package org.xbib.net.security.ssl.trustmanager;
import org.xbib.net.security.ssl.util.ValidationUtils;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509TrustManager;
import java.net.Socket;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509TrustManager;
import org.xbib.net.security.ssl.util.ValidationUtils;
/**
* <strong>NOTE:</strong>

View file

@ -1,10 +1,10 @@
package org.xbib.net.security.ssl.trustmanager;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedTrustManager;
import java.net.Socket;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedTrustManager;
/**
* <strong>NOTE:</strong>

View file

@ -1,10 +1,10 @@
package org.xbib.net.security.ssl.trustmanager;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedTrustManager;
import java.net.Socket;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedTrustManager;
/**
* <strong>NOTE:</strong>

View file

@ -1,10 +1,10 @@
package org.xbib.net.security.ssl.trustmanager;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedTrustManager;
import java.net.Socket;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedTrustManager;
/**
* <strong>NOTE:</strong>

View file

@ -1,10 +1,9 @@
package org.xbib.net.security.ssl.trustmanager;
import javax.net.ssl.X509ExtendedTrustManager;
import org.xbib.net.security.ssl.util.TrustManagerUtils;
import org.xbib.net.security.ssl.util.ValidationUtils;
import javax.net.ssl.X509ExtendedTrustManager;
/**
* <strong>NOTE:</strong>
* Please don't use this class directly as it is part of the internal API. Class name and methods can be changed any time.

View file

@ -1,8 +1,8 @@
package org.xbib.net.security.ssl.trustmanager;
import javax.net.ssl.CertPathTrustManagerParameters;
import java.security.cert.TrustAnchor;
import java.util.Set;
import javax.net.ssl.CertPathTrustManagerParameters;
@FunctionalInterface
public interface TrustAnchorTrustOptions<R extends CertPathTrustManagerParameters> extends TrustOptions<Set<TrustAnchor>, R> {

View file

@ -1,7 +1,7 @@
package org.xbib.net.security.ssl.trustmanager;
import javax.net.ssl.X509ExtendedTrustManager;
import java.security.cert.CertificateException;
import javax.net.ssl.X509ExtendedTrustManager;
/**
* <strong>NOTE:</strong>

View file

@ -1,11 +1,10 @@
package org.xbib.net.security.ssl.trustmanager;
import org.xbib.net.security.ssl.util.ValidationUtils;
import java.security.KeyStore;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactorySpi;
import java.security.KeyStore;
import org.xbib.net.security.ssl.util.ValidationUtils;
/**
* <strong>NOTE:</strong>

View file

@ -1,10 +1,9 @@
package org.xbib.net.security.ssl.trustmanager;
import org.xbib.net.security.ssl.util.TrustManagerUtils;
import java.security.Provider;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import java.security.Provider;
import org.xbib.net.security.ssl.util.TrustManagerUtils;
/**
* <strong>NOTE:</strong>

View file

@ -1,7 +1,7 @@
package org.xbib.net.security.ssl.trustmanager;
import javax.net.ssl.CertPathTrustManagerParameters;
import java.security.KeyStore;
import javax.net.ssl.CertPathTrustManagerParameters;
@FunctionalInterface
public interface TrustStoreTrustOptions<R extends CertPathTrustManagerParameters> extends TrustOptions<KeyStore, R> {

View file

@ -1,12 +1,11 @@
package org.xbib.net.security.ssl.trustmanager;
import org.xbib.net.security.ssl.util.TrustManagerUtils;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509TrustManager;
import java.net.Socket;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509TrustManager;
import org.xbib.net.security.ssl.util.TrustManagerUtils;
/**
* <strong>NOTE:</strong>

View file

@ -1,11 +1,5 @@
package org.xbib.net.security.ssl.util;
import org.xbib.net.security.ssl.SSLFactory;
import org.xbib.net.security.ssl.exception.GenericCertificateException;
import org.xbib.net.security.ssl.exception.GenericIOException;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocketFactory;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
@ -25,6 +19,11 @@ import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocketFactory;
import org.xbib.net.security.ssl.SSLFactory;
import org.xbib.net.security.ssl.exception.GenericCertificateException;
import org.xbib.net.security.ssl.exception.GenericIOException;
class CertificateExtractorUtils {

View file

@ -1,10 +1,5 @@
package org.xbib.net.security.ssl.util;
import org.xbib.net.security.ssl.exception.GenericCertificateException;
import org.xbib.net.security.ssl.exception.GenericIOException;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.IOException;
@ -32,6 +27,10 @@ import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;
import org.xbib.net.security.ssl.exception.GenericCertificateException;
import org.xbib.net.security.ssl.exception.GenericIOException;
public final class CertificateUtils {

View file

@ -1,10 +1,9 @@
package org.xbib.net.security.ssl.util;
import javax.net.ssl.HostnameVerifier;
import org.xbib.net.security.ssl.hostnameverifier.BasicHostNameVerifier;
import org.xbib.net.security.ssl.hostnameverifier.UnsafeHostNameVerifier;
import javax.net.ssl.HostnameVerifier;
public final class HostnameVerifierUtils {
private HostnameVerifierUtils() {}

View file

@ -1,7 +1,5 @@
package org.xbib.net.security.ssl.util;
import org.xbib.net.security.ssl.exception.GenericIOException;
import java.io.BufferedReader;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
@ -12,6 +10,7 @@ import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.StandardOpenOption;
import java.util.stream.Collectors;
import org.xbib.net.security.ssl.exception.GenericIOException;
public final class IOUtils {

View file

@ -1,17 +1,5 @@
package org.xbib.net.security.ssl.util;
import org.xbib.net.security.ssl.exception.GenericKeyManagerException;
import org.xbib.net.security.ssl.keymanager.CompositeX509ExtendedKeyManager;
import org.xbib.net.security.ssl.keymanager.DummyX509ExtendedKeyManager;
import org.xbib.net.security.ssl.keymanager.HotSwappableX509ExtendedKeyManager;
import org.xbib.net.security.ssl.keymanager.KeyManagerFactoryWrapper;
import org.xbib.net.security.ssl.keymanager.X509KeyManagerWrapper;
import org.xbib.net.security.ssl.model.KeyStoreHolder;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;
import java.net.URI;
import java.security.Key;
import java.security.KeyStore;
@ -30,6 +18,17 @@ import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.stream.Collectors;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;
import org.xbib.net.security.ssl.exception.GenericKeyManagerException;
import org.xbib.net.security.ssl.keymanager.CompositeX509ExtendedKeyManager;
import org.xbib.net.security.ssl.keymanager.DummyX509ExtendedKeyManager;
import org.xbib.net.security.ssl.keymanager.HotSwappableX509ExtendedKeyManager;
import org.xbib.net.security.ssl.keymanager.KeyManagerFactoryWrapper;
import org.xbib.net.security.ssl.keymanager.X509KeyManagerWrapper;
import org.xbib.net.security.ssl.model.KeyStoreHolder;
public final class KeyManagerUtils {

View file

@ -1,11 +1,5 @@
package org.xbib.net.security.ssl.util;
import org.xbib.net.security.ssl.exception.GenericKeyStoreException;
import javax.net.ssl.X509TrustManager;
import static java.util.Objects.isNull;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
@ -24,6 +18,9 @@ import java.util.Collection;
import java.util.Collections;
import java.util.Enumeration;
import java.util.List;
import javax.net.ssl.X509TrustManager;
import org.xbib.net.security.ssl.exception.GenericKeyStoreException;
import static java.util.Objects.isNull;
public final class KeyStoreUtils {

View file

@ -1,19 +1,17 @@
package org.xbib.net.security.ssl.util;
import org.xbib.net.security.ssl.exception.GenericSSLContextException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.SecureRandom;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.xbib.net.security.ssl.exception.GenericSSLContextException;
import static java.util.Objects.nonNull;
public final class SSLContextUtils {

View file

@ -1,10 +1,9 @@
package org.xbib.net.security.ssl.util;
import org.xbib.net.security.ssl.SSLFactory;
import java.util.Optional;
import java.util.function.BiConsumer;
import java.util.function.Function;
import org.xbib.net.security.ssl.SSLFactory;
public final class SSLFactoryUtils {

View file

@ -1,7 +1,7 @@
package org.xbib.net.security.ssl.util;
import javax.net.ssl.SSLParameters;
import java.util.Optional;
import javax.net.ssl.SSLParameters;
public final class SSLParametersUtils {

View file

@ -1,10 +1,5 @@
package org.xbib.net.security.ssl.util;
import org.xbib.net.security.ssl.SSLFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSessionContext;
import java.time.Instant;
import java.time.ZoneOffset;
import java.time.ZonedDateTime;
@ -14,6 +9,10 @@ import java.util.Objects;
import java.util.function.LongFunction;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSessionContext;
import org.xbib.net.security.ssl.SSLFactory;
public final class SSLSessionUtils {

View file

@ -1,12 +1,11 @@
package org.xbib.net.security.ssl.util;
import org.xbib.net.security.ssl.socket.CompositeSSLServerSocketFactory;
import org.xbib.net.security.ssl.socket.CompositeSSLSocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocketFactory;
import org.xbib.net.security.ssl.socket.CompositeSSLServerSocketFactory;
import org.xbib.net.security.ssl.socket.CompositeSSLSocketFactory;
public final class SSLSocketUtils {

View file

@ -1,22 +1,5 @@
package org.xbib.net.security.ssl.util;
import org.xbib.net.security.ssl.exception.GenericTrustManagerException;
import org.xbib.net.security.ssl.trustmanager.CertificateCapturingX509ExtendedTrustManager;
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeValidator;
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeWithSSLEngineValidator;
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeWithSocketValidator;
import org.xbib.net.security.ssl.trustmanager.CompositeX509ExtendedTrustManager;
import org.xbib.net.security.ssl.trustmanager.DummyX509ExtendedTrustManager;
import org.xbib.net.security.ssl.trustmanager.EnhanceableX509ExtendedTrustManager;
import org.xbib.net.security.ssl.trustmanager.HotSwappableX509ExtendedTrustManager;
import org.xbib.net.security.ssl.trustmanager.TrustManagerFactoryWrapper;
import org.xbib.net.security.ssl.trustmanager.X509TrustManagerWrapper;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509TrustManager;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
@ -30,6 +13,22 @@ import java.util.Collection;
import java.util.List;
import java.util.Optional;
import java.util.stream.Collectors;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509TrustManager;
import org.xbib.net.security.ssl.exception.GenericTrustManagerException;
import org.xbib.net.security.ssl.trustmanager.CertificateCapturingX509ExtendedTrustManager;
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeValidator;
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeWithSSLEngineValidator;
import org.xbib.net.security.ssl.trustmanager.ChainAndAuthTypeWithSocketValidator;
import org.xbib.net.security.ssl.trustmanager.CompositeX509ExtendedTrustManager;
import org.xbib.net.security.ssl.trustmanager.DummyX509ExtendedTrustManager;
import org.xbib.net.security.ssl.trustmanager.EnhanceableX509ExtendedTrustManager;
import org.xbib.net.security.ssl.trustmanager.HotSwappableX509ExtendedTrustManager;
import org.xbib.net.security.ssl.trustmanager.TrustManagerFactoryWrapper;
import org.xbib.net.security.ssl.trustmanager.X509TrustManagerWrapper;
public final class TrustManagerUtils {

View file

@ -1,7 +1,6 @@
package org.xbib.net.security.ssl.util;
import java.net.URI;
import static java.util.Objects.isNull;
public final class UriUtils {

View file

@ -18,7 +18,6 @@ import java.util.StringTokenizer;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import java.util.stream.StreamSupport;
import static java.util.Objects.requireNonNull;
/**

View file

@ -1 +0,0 @@
org.xbib.net.security.eddsa.EdDSASecurityProvider

View file

@ -5,7 +5,6 @@ module org.xbib.net.security.test {
requires org.xbib.net.security;
requires org.bouncycastle.provider;
exports org.xbib.net.security.test;
exports org.xbib.net.security.test.ed25519;
exports org.xbib.net.security.test.eddsa;
exports org.xbib.net.security.test.eddsa.math;
exports org.xbib.net.security.test.eddsa.math.bigint;

View file

@ -13,7 +13,7 @@ public class CertificateReaderTest {
@Test
public void testCert() throws Exception {
InputStream inputStream = getClass().getResourceAsStream("/test.crt");
InputStream inputStream = getClass().getResourceAsStream("rsa.crt");
if (inputStream != null) {
CertificateReader certificateReader = new CertificateReader();
X509Certificate certificate = certificateReader.readCertificate(inputStream);

View file

@ -1,4 +1,4 @@
package org.xbib.net.security.test.ed25519;
package org.xbib.net.security.test;
import java.nio.charset.StandardCharsets;
import java.security.KeyPair;

View file

@ -1,5 +1,7 @@
package org.xbib.net.security.test;
import java.security.KeyPair;
import java.security.PublicKey;
import org.junit.jupiter.api.Test;
import org.xbib.net.security.PrivateKeyReader;
@ -9,47 +11,67 @@ import java.nio.charset.StandardCharsets;
import java.security.PrivateKey;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.fail;
import static org.junit.jupiter.api.Assertions.assertNotNull;
public class PrivateKeyReaderTest {
@Test
public void testRSA() throws Exception {
InputStream inputStream = getClass().getResourceAsStream("/rsa.key");
if (inputStream != null) {
PrivateKeyReader privateKeyReader = new PrivateKeyReader();
PrivateKey privateKey = privateKeyReader.readPrivateKey(inputStream, null);
assertEquals("PKCS#8", privateKey.getFormat());
}
}
@Test
public void testDSA() throws Exception {
InputStream inputStream = getClass().getResourceAsStream("/dsa.key");
InputStream inputStream = getClass().getResourceAsStream("dsa.key");
if (inputStream != null) {
PrivateKeyReader privateKeyReader = new PrivateKeyReader();
PrivateKey privateKey = privateKeyReader.readPrivateKey(inputStream, null);
KeyPair keyPair = privateKeyReader.readKeyPair(inputStream, null);
PrivateKey privateKey = keyPair.getPrivate();
assertNotNull(privateKey);
assertEquals("PKCS#8", privateKey.getFormat());
PublicKey publicKey = keyPair.getPublic();
assertNotNull(publicKey);
assertEquals("DSA", publicKey.getAlgorithm());
}
}
@Test
public void testEd25519() throws Exception {
InputStream inputStream = getClass().getResourceAsStream("/ed25519.key");
public void testRSA() throws Exception {
InputStream inputStream = getClass().getResourceAsStream("rsa.key");
if (inputStream != null) {
PrivateKeyReader privateKeyReader = new PrivateKeyReader();
PrivateKey privateKey = privateKeyReader.readPrivateKey(inputStream, null);
KeyPair keyPair = privateKeyReader.readKeyPair(inputStream, null);
PrivateKey privateKey = keyPair.getPrivate();
assertNotNull(privateKey);
assertEquals("PKCS#8", privateKey.getFormat());
PublicKey publicKey = keyPair.getPublic();
assertNotNull(publicKey);
assertEquals("RSA", publicKey.getAlgorithm());
}
}
@Test
public void testEc() throws Exception {
InputStream inputStream = getClass().getResourceAsStream("/ec.key");
InputStream inputStream = getClass().getResourceAsStream("ec.key");
if (inputStream != null) {
PrivateKeyReader privateKeyReader = new PrivateKeyReader();
PrivateKey privateKey = privateKeyReader.readPrivateKey(inputStream, null);
KeyPair keyPair = privateKeyReader.readKeyPair(inputStream, null);
PrivateKey privateKey = keyPair.getPrivate();
assertNotNull(privateKey);
assertEquals("PKCS#8", privateKey.getFormat());
PublicKey publicKey = keyPair.getPublic();
assertNotNull(publicKey);
assertEquals("EC", publicKey.getAlgorithm());
}
}
@Test
public void testEd25519() throws Exception {
InputStream inputStream = getClass().getResourceAsStream("ed25519.key");
if (inputStream != null) {
PrivateKeyReader privateKeyReader = new PrivateKeyReader();
KeyPair keyPair = privateKeyReader.readKeyPair(inputStream, null);
PrivateKey privateKey = keyPair.getPrivate();
assertNotNull(privateKey);
assertEquals("PKCS#8", privateKey.getFormat());
PublicKey publicKey = keyPair.getPublic();
assertNotNull(publicKey);
assertEquals("EdDSA", publicKey.getAlgorithm());
}
}