Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update for jca #44142

Draft
wants to merge 11 commits into
base: main
Choose a base branch
from
Draft

Update for jca #44142

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
fba00bf
enable publish jca doc
Netyyyy Jan 22, 2025
d145c7d
add section for jar signer
Netyyyy Jan 23, 2025
b462492
add section for options
Netyyyy Jan 26, 2025
a4a3752
add tls
Netyyyy Feb 7, 2025
8e3a922
add mtls
Netyyyy Feb 8, 2025
c9605a7
update
Netyyyy Feb 11, 2025
05f95fb
update
Netyyyy Feb 11, 2025
e09f12a
update
Netyyyy Feb 11, 2025
8fbf223
update
Netyyyy Feb 12, 2025
c8c1dca
fix codesnippet
Netyyyy Feb 13, 2025
430c89e
update
Netyyyy Feb 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
322 changes: 317 additions & 5 deletions sdk/keyvault/azure-security-keyvault-jca/README.md
View file
Open in desktop

Large diffs are not rendered by default.

Binary file added sdk/keyvault/azure-security-keyvault-jca/resources/place-jar.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
35 changes: 0 additions & 35 deletions ...curity-keyvault-jca/src/samples/java/com/azure/security/keyvault/jca/ServerSSLSample.java
View file
Open in desktop

This file was deleted.

81 changes: 81 additions & 0 deletions ...-keyvault-jca/src/samples/java/com/azure/security/keyvault/jca/mtls/ClientMTLSSample.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
package com.azure.security.keyvault.jca.mtls;

import com.azure.security.keyvault.jca.KeyVaultJcaProvider;
import com.azure.security.keyvault.jca.KeyVaultKeyStore;
import org.apache.http.HttpResponse;
import org.apache.http.client.ResponseHandler;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.util.EntityUtils;

import javax.net.ssl.SSLContext;
import java.io.IOException;
import java.security.KeyStore;
import java.security.Security;

/**
* The ClientMTLS sample.
*/
public class ClientMTLSSample {

public static void main(String[] args) throws Exception {
// BEGIN: readme-sample-clientMTLS
KeyVaultJcaProvider provider = new KeyVaultJcaProvider();
Security.addProvider(provider);

System.setProperty("azure.keyvault.uri", "<client-azure-keyvault-uri>");
System.setProperty("azure.keyvault.tenant-id", "<client-azure-keyvault-tenant-id>");
System.setProperty("azure.keyvault.client-id", "<client-azure-keyvault-client-id>");
System.setProperty("azure.keyvault.client-secret", "<client-azure-keyvault-client-secret>");
KeyStore keyStore = KeyVaultKeyStore.getKeyVaultKeyStoreBySystemProperty();

System.setProperty("azure.keyvault.uri", "<server-azure-keyvault-uri>");
System.setProperty("azure.keyvault.tenant-id", "<server-azure-keyvault-tenant-id>");
System.setProperty("azure.keyvault.client-id", "<server-azure-keyvault-client-id>");
System.setProperty("azure.keyvault.client-secret", "<server-azure-keyvault-client-secret>");
KeyStore trustStore = KeyVaultKeyStore.getKeyVaultKeyStoreBySystemProperty();

SSLContext sslContext = SSLContexts
.custom()
.loadTrustMaterial(trustStore, new TrustSelfSignedStrategy())
.loadKeyMaterial(keyStore, "".toCharArray())
.build();

SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(
sslContext, (hostname, session) -> true);

PoolingHttpClientConnectionManager manager = new PoolingHttpClientConnectionManager(
RegistryBuilder.<ConnectionSocketFactory>create()
.register("https", sslConnectionSocketFactory)
.build());

String result = null;

try (CloseableHttpClient client = HttpClients.custom().setConnectionManager(manager).build()) {
HttpGet httpGet = new HttpGet("https://localhost:8765");
ResponseHandler<String> responseHandler = (HttpResponse response) -> {
int status = response.getStatusLine().getStatusCode();
String result1 = "Not success";
if (status == 200) {
result1 = EntityUtils.toString(response.getEntity());
}
return result1;
};
result = client.execute(httpGet, responseHandler);
} catch (IOException ioe) {
ioe.printStackTrace();
}
System.out.println(result);
// END: readme-sample-clientMTLS
}

}
70 changes: 70 additions & 0 deletions ...-keyvault-jca/src/samples/java/com/azure/security/keyvault/jca/mtls/ServerMTLSSample.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,70 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
package com.azure.security.keyvault.jca.mtls;

import com.azure.security.keyvault.jca.KeyVaultJcaProvider;
import com.azure.security.keyvault.jca.KeyVaultKeyStore;

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManagerFactory;
import java.io.BufferedWriter;
import java.io.OutputStreamWriter;
import java.security.KeyStore;
import java.security.Security;

/**
* The ServerMTLS sample.
*/
public class ServerMTLSSample {

public static void main(String[] args) throws Exception {
// BEGIN: readme-sample-serverMTLS
KeyVaultJcaProvider provider = new KeyVaultJcaProvider();
Security.addProvider(provider);

System.setProperty("azure.keyvault.uri", "<server-azure-keyvault-uri>");
System.setProperty("azure.keyvault.tenant-id", "<server-azure-keyvault-tenant-id>");
System.setProperty("azure.keyvault.client-id", "<server-azure-keyvault-client-id>");
System.setProperty("azure.keyvault.client-secret", "<server-azure-keyvault-client-secret>");
KeyStore keyStore = KeyVaultKeyStore.getKeyVaultKeyStoreBySystemProperty();

KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(keyStore, "".toCharArray());

System.setProperty("azure.keyvault.uri", "<client-azure-keyvault-uri>");
System.setProperty("azure.keyvault.tenant-id", "<client-azure-keyvault-tenant-id>");
System.setProperty("azure.keyvault.client-id", "<client-azure-keyvault-client-id>");
System.setProperty("azure.keyvault.client-secret", "<client-azure-keyvault-client-secret>");
KeyStore trustStore = KeyVaultKeyStore.getKeyVaultKeyStoreBySystemProperty();

TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(trustStore);

SSLContext context = SSLContext.getInstance("TLS");
context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

SSLServerSocketFactory socketFactory = context.getServerSocketFactory();
SSLServerSocket serverSocket = (SSLServerSocket) socketFactory.createServerSocket(8765);
serverSocket.setNeedClientAuth(true);

while (true) {
SSLSocket socket = (SSLSocket) serverSocket.accept();
System.out.println("Client connected: " + socket.getInetAddress());
BufferedWriter out = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()));

String body = "Hello, this is server.";
String response =
"HTTP/1.1 200 OK\r\n" + "Content-Type: text/plain\r\n" + "Content-Length: " + body.getBytes("UTF-8").length + "\r\n" + "Connection: close\r\n" + "\r\n" + body;

out.write(response);
out.flush();
socket.close();
}
// END: readme-sample-serverMTLS
}

}
18 changes: 14 additions & 4 deletions ...ecurity/keyvault/jca/ClientSSLSample.java → ...ity/keyvault/jca/tls/ClientSSLSample.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
package com.azure.security.keyvault.jca;
package com.azure.security.keyvault.jca.tls;

import com.azure.security.keyvault.jca.KeyVaultJcaProvider;
import com.azure.security.keyvault.jca.KeyVaultKeyStore;
import org.apache.http.HttpResponse;
import org.apache.http.client.ResponseHandler;
import org.apache.http.client.methods.HttpGet;
Expand All @@ -13,8 +15,10 @@
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.util.EntityUtils;

import javax.net.ssl.SSLContext;

import java.io.IOException;
import java.security.KeyStore;
import java.security.Security;
Expand All @@ -26,6 +30,11 @@ public class ClientSSLSample {

public static void main(String[] args) throws Exception {
// BEGIN: readme-sample-clientSSL
System.setProperty("azure.keyvault.uri", "<your-azure-keyvault-uri>");
System.setProperty("azure.keyvault.tenant-id", "<your-azure-keyvault-tenant-id>");
System.setProperty("azure.keyvault.client-id", "<your-azure-keyvault-client-id>");
System.setProperty("azure.keyvault.client-secret", "<your-azure-keyvault-client-secret>");

KeyVaultJcaProvider provider = new KeyVaultJcaProvider();
Security.addProvider(provider);

Expand All @@ -47,19 +56,20 @@ public static void main(String[] args) throws Exception {
String result = null;

try (CloseableHttpClient client = HttpClients.custom().setConnectionManager(manager).build()) {
HttpGet httpGet = new HttpGet("https://localhost:8766");
HttpGet httpGet = new HttpGet("https://localhost:8765");
ResponseHandler<String> responseHandler = (HttpResponse response) -> {
int status = response.getStatusLine().getStatusCode();
String result1 = "Not success";
if (status == 204) {
result1 = "Success";
if (status == 200) {
result1 = EntityUtils.toString(response.getEntity());
}
return result1;
};
result = client.execute(httpGet, responseHandler);
} catch (IOException ioe) {
ioe.printStackTrace();
}
System.out.println(result);
// END: readme-sample-clientSSL
}

Expand Down
60 changes: 60 additions & 0 deletions ...ty-keyvault-jca/src/samples/java/com/azure/security/keyvault/jca/tls/ServerSSLSample.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
package com.azure.security.keyvault.jca.tls;

import com.azure.security.keyvault.jca.KeyVaultJcaProvider;
import com.azure.security.keyvault.jca.KeyVaultKeyStore;

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
import java.io.BufferedWriter;
import java.io.OutputStreamWriter;
import java.security.KeyStore;
import java.security.Security;

/**
* The ServerSSL sample.
*/
public class ServerSSLSample {

public static void main(String[] args) throws Exception {
// BEGIN: readme-sample-serverSSL
System.setProperty("azure.keyvault.uri", "<your-azure-keyvault-uri>");
System.setProperty("azure.keyvault.tenant-id", "<your-azure-keyvault-tenant-id>");
System.setProperty("azure.keyvault.client-id", "<your-azure-keyvault-client-id>");
System.setProperty("azure.keyvault.client-secret", "<your-azure-keyvault-client-secret>");

KeyVaultJcaProvider provider = new KeyVaultJcaProvider();
Security.addProvider(provider);

KeyStore keyStore = KeyVaultKeyStore.getKeyVaultKeyStoreBySystemProperty();

KeyManagerFactory managerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
managerFactory.init(keyStore, "".toCharArray());

SSLContext context = SSLContext.getInstance("TLS");
context.init(managerFactory.getKeyManagers(), null, null);

SSLServerSocketFactory socketFactory = context.getServerSocketFactory();
SSLServerSocket serverSocket = (SSLServerSocket) socketFactory.createServerSocket(8765);

while (true) {
SSLSocket socket = (SSLSocket) serverSocket.accept();
System.out.println("Client connected: " + socket.getInetAddress());
BufferedWriter out = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()));

String body = "Hello, this is server.";
String response =
"HTTP/1.1 200 OK\r\n" + "Content-Type: text/plain\r\n" + "Content-Length: " + body.getBytes("UTF-8").length + "\r\n" + "Connection: close\r\n" + "\r\n" + body;

out.write(response);
out.flush();
socket.close();
}
// END: readme-sample-serverSSL
}

}
1 change: 0 additions & 1 deletion sdk/keyvault/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,6 @@ extends:
groupId: com.azure
safeName: azuresecuritykeyvaultjca
releaseInBatch: ${{ parameters.release_azuresecuritykeyvaultjca }}
skipPublishDocMs: true
- name: azure-security-keyvault-keys
groupId: com.azure
safeName: azuresecuritykeyvaultkeys
Expand Down