org.springframework.vault.support.SslConfiguration.KeyStoreConfiguration Java Examples
The following examples show how to use
org.springframework.vault.support.SslConfiguration.KeyStoreConfiguration.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: EnvironmentVaultConfiguration.java From spring-vault with Apache License 2.0 | 6 votes |
|
private KeyStoreConfiguration getKeyStoreConfiguration(String resourceProperty, String passwordProperty,
String keystoreTypeProperty) {
Resource keyStore = getResource(resourceProperty);
String keyStorePassword = getProperty(passwordProperty);
String keystoreType = getProperty(keystoreTypeProperty, SslConfiguration.PEM_KEYSTORE_TYPE);
if (keyStore == null) {
return KeyStoreConfiguration.unconfigured();
}
if (StringUtils.hasText(keyStorePassword)) {
return KeyStoreConfiguration.of(keyStore, keyStorePassword.toCharArray(), keystoreType);
}
return KeyStoreConfiguration.of(keyStore).withStoreType(keystoreType);
}
Example #2
| Source File: SpringVaultClientConfigurationTests.java From spring-cloud-config with Apache License 2.0 | 6 votes |
|
@Test
public void customSslConfiguration() {
VaultEnvironmentProperties properties = new VaultEnvironmentProperties();
properties.getSsl().setKeyStore(new ClassPathResource("ssl-test.jks"));
properties.getSsl().setKeyStorePassword("password");
properties.getSsl().setTrustStore(new ClassPathResource("ssl-test.jks"));
properties.getSsl().setTrustStorePassword("password");
SpringVaultClientConfiguration configuration = getConfiguration(properties);
SslConfiguration sslConfiguration = configuration.sslConfiguration();
KeyStoreConfiguration keyStoreConfiguration = sslConfiguration
.getKeyStoreConfiguration();
KeyStoreConfiguration trustStoreConfiguration = sslConfiguration
.getTrustStoreConfiguration();
assertThat(keyStoreConfiguration.isPresent()).isTrue();
assertThat(new String(keyStoreConfiguration.getStorePassword()))
.isEqualTo("password");
assertThat(trustStoreConfiguration.isPresent()).isTrue();
assertThat(new String(trustStoreConfiguration.getStorePassword()))
.isEqualTo("password");
}
Example #3
| Source File: ClientHttpRequestFactoryFactory.java From spring-vault with Apache License 2.0 | 5 votes |
|
static KeyStore getKeyStore(KeyStoreConfiguration keyStoreConfiguration)
throws IOException, GeneralSecurityException {
KeyStore keyStore = KeyStore.getInstance(getKeyStoreType(keyStoreConfiguration));
loadKeyStore(keyStoreConfiguration, keyStore);
return keyStore;
}
Example #4
| Source File: ClientHttpRequestFactoryFactory.java From spring-vault with Apache License 2.0 | 5 votes |
|
private static String getKeyStoreType(KeyStoreConfiguration keyStoreConfiguration) {
if (StringUtils.hasText(keyStoreConfiguration.getStoreType())
&& !SslConfiguration.PEM_KEYSTORE_TYPE.equalsIgnoreCase(keyStoreConfiguration.getStoreType())) {
return keyStoreConfiguration.getStoreType();
}
return KeyStore.getDefaultType();
}
Example #5
| Source File: ClientHttpRequestFactoryFactory.java From spring-vault with Apache License 2.0 | 5 votes |
|
static TrustManagerFactory createTrustManagerFactory(KeyStoreConfiguration keyStoreConfiguration)
throws GeneralSecurityException, IOException {
KeyStore trustStore = getKeyStore(keyStoreConfiguration);
TrustManagerFactory trustManagerFactory = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);
return trustManagerFactory;
}
Example #6
| Source File: ClientHttpRequestFactoryFactory.java From spring-vault with Apache License 2.0 | 5 votes |
|
private static void loadKeyStore(KeyStoreConfiguration keyStoreConfiguration, KeyStore keyStore)
throws IOException, GeneralSecurityException {
if (logger.isDebugEnabled()) {
logger.debug(String.format("Loading keystore from %s", keyStoreConfiguration.getResource()));
}
InputStream inputStream = null;
try {
inputStream = keyStoreConfiguration.getResource().getInputStream();
if (SslConfiguration.PEM_KEYSTORE_TYPE.equalsIgnoreCase(keyStoreConfiguration.getStoreType())) {
keyStore.load(null);
loadFromPem(keyStore, inputStream);
}
else {
keyStore.load(inputStream, keyStoreConfiguration.getStorePassword());
}
if (logger.isDebugEnabled()) {
logger.debug(String.format("Keystore loaded with %d entries", keyStore.size()));
}
}
finally {
if (inputStream != null) {
inputStream.close();
}
}
}
Example #7
| Source File: EnvironmentVaultConfiguration.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Override
public SslConfiguration sslConfiguration() {
KeyStoreConfiguration keyStoreConfiguration = getKeyStoreConfiguration("vault.ssl.key-store",
"vault.ssl.key-store-password", "vault.ssl.key-store-type");
KeyStoreConfiguration trustStoreConfiguration = getKeyStoreConfiguration("vault.ssl.trust-store",
"vault.ssl.trust-store-password", "vault.ssl.trust-store-type");
return new SslConfiguration(keyStoreConfiguration, trustStoreConfiguration);
}
Example #8
| Source File: ClientCertificateAuthenticationIntegrationTestBase.java From spring-vault with Apache License 2.0 | 5 votes |
|
static SslConfiguration prepareCertAuthenticationMethod(SslConfiguration.KeyConfiguration keyConfiguration) {
SslConfiguration original = createSslConfiguration();
return new SslConfiguration(KeyStoreConfiguration
.of(new FileSystemResource(new File(findWorkDir(), "client-cert.jks")), "changeit".toCharArray()),
keyConfiguration, original.getTrustStoreConfiguration());
}
Example #9
| Source File: SslConfigurationUnitTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void shouldCreateConfiguration() {
KeyStoreConfiguration keystore = KeyStoreConfiguration.of(new ClassPathResource("certificate.json"));
SslConfiguration ksConfig = SslConfiguration.unconfigured().withKeyStore(keystore);
assertThat(ksConfig.getKeyStoreConfiguration()).isSameAs(keystore);
assertThat(ksConfig.getTrustStoreConfiguration().isPresent()).isFalse();
SslConfiguration tsConfig = SslConfiguration.unconfigured().withTrustStore(keystore);
assertThat(tsConfig.getTrustStoreConfiguration()).isSameAs(keystore);
assertThat(tsConfig.getKeyStoreConfiguration().isPresent()).isFalse();
}
Example #10
| Source File: SslConfigurationUnitTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void shouldCreatePemConfiguration() {
KeyStoreConfiguration keystore = KeyStoreConfiguration.of(new ClassPathResource("certificate.json"))
.withStoreType("PEM");
SslConfiguration configuration = SslConfiguration.forTrustStore(keystore);
assertThat(configuration.getTrustStoreConfiguration().getStoreType()).isEqualTo("PEM");
}
Example #11
| Source File: VaultConfigurationUtil.java From spring-cloud-vault with Apache License 2.0 | 5 votes |
|
/**
* Create a {@link SslConfiguration} given {@link Ssl SSL properties}.
* @param ssl the SSL properties.
* @return the SSL configuration.
*/
static SslConfiguration createSslConfiguration(Ssl ssl) {
if (ssl == null) {
return SslConfiguration.unconfigured();
}
KeyStoreConfiguration keyStore = KeyStoreConfiguration.unconfigured();
KeyStoreConfiguration trustStore = KeyStoreConfiguration.unconfigured();
if (ssl.getKeyStore() != null) {
if (StringUtils.hasText(ssl.getKeyStorePassword())) {
keyStore = KeyStoreConfiguration.of(ssl.getKeyStore(),
ssl.getKeyStorePassword().toCharArray());
}
else {
keyStore = KeyStoreConfiguration.of(ssl.getKeyStore());
}
}
if (ssl.getTrustStore() != null) {
if (StringUtils.hasText(ssl.getTrustStorePassword())) {
trustStore = KeyStoreConfiguration.of(ssl.getTrustStore(),
ssl.getTrustStorePassword().toCharArray());
}
else {
trustStore = KeyStoreConfiguration.of(ssl.getTrustStore());
}
}
return new SslConfiguration(keyStore, trustStore);
}
Example #12
| Source File: SpringVaultClientConfigurationTests.java From spring-cloud-config with Apache License 2.0 | 5 votes |
|
@Test
public void defaultSslConfiguration() {
VaultEnvironmentProperties properties = new VaultEnvironmentProperties();
SpringVaultClientConfiguration configuration = getConfiguration(properties);
SslConfiguration sslConfiguration = configuration.sslConfiguration();
assertThat(sslConfiguration.getKeyStoreConfiguration())
.isEqualTo(KeyStoreConfiguration.unconfigured());
assertThat(sslConfiguration.getTrustStoreConfiguration())
.isEqualTo(KeyStoreConfiguration.unconfigured());
}
Example #13
| Source File: VaultConfig.java From cloudbreak with Apache License 2.0 | 5 votes |
|
private KeyManagerFactory createKeyManagerFactory(KeyStoreConfiguration keyStoreConfiguration) throws GeneralSecurityException, IOException {
KeyStore keyStore = KeyStore.getInstance(StringUtils
.hasText(keyStoreConfiguration.getStoreType()) ? keyStoreConfiguration.getStoreType() : KeyStore.getDefaultType());
loadKeyStore(keyStoreConfiguration, keyStore);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, keyStoreConfiguration.getStorePassword() == null ? EMPTY_ARRAY : keyStoreConfiguration.getStorePassword());
return keyManagerFactory;
}
Example #14
| Source File: VaultConfig.java From cloudbreak with Apache License 2.0 | 5 votes |
|
private TrustManagerFactory createTrustManagerFactory(KeyStoreConfiguration keyStoreConfiguration) throws GeneralSecurityException, IOException {
KeyStore trustStore = KeyStore.getInstance(StringUtils
.hasText(keyStoreConfiguration.getStoreType()) ? keyStoreConfiguration.getStoreType() : KeyStore.getDefaultType());
loadKeyStore(keyStoreConfiguration, trustStore);
TrustManagerFactory trustManagerFactory = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);
return trustManagerFactory;
}
Example #15
| Source File: ClientHttpRequestFactoryFactory.java From spring-vault with Apache License 2.0 | 4 votes |
|
static KeyManagerFactory createKeyManagerFactory(KeyStoreConfiguration keyStoreConfiguration,
KeyConfiguration keyConfiguration) throws GeneralSecurityException, IOException {
KeyStore keyStore = getKeyStore(keyStoreConfiguration);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
char[] keyPasswordToUse = keyConfiguration.getKeyPassword();
if (keyPasswordToUse == null) {
keyPasswordToUse = keyStoreConfiguration.getStorePassword() == null ? new char[0]
: keyStoreConfiguration.getStorePassword();
}
keyManagerFactory.init(keyStore, keyPasswordToUse);
if (StringUtils.hasText(keyConfiguration.getKeyAlias())) {
return new KeySelectingKeyManagerFactory(keyManagerFactory, keyConfiguration);
}
return keyManagerFactory;
}
Example #16
| Source File: VaultConfig.java From cloudbreak with Apache License 2.0 | 4 votes |
|
private void loadKeyStore(KeyStoreConfiguration keyStoreConfiguration, KeyStore keyStore)
throws IOException, NoSuchAlgorithmException, CertificateException {
try (InputStream inputStream = keyStoreConfiguration.getResource().getInputStream()) {
keyStore.load(inputStream, keyStoreConfiguration.getStorePassword());
}
}
