Last active
March 21, 2020 22:48
-
-
Save antonio-tomac/24950a3852f52ec4ecb7e3e7ad16779e to your computer and use it in GitHub Desktop.
Simple program to check validity of keystore against truststore
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import javax.net.ssl.SSLParameters; | |
import javax.net.ssl.SSLServerSocketFactory; | |
import javax.net.ssl.SSLSocket; | |
import javax.net.ssl.SSLSocketFactory; | |
import java.io.*; | |
import java.net.ServerSocket; | |
import java.net.Socket; | |
import java.util.Arrays; | |
import java.util.HashMap; | |
import java.util.Iterator; | |
import java.util.Map; | |
import java.util.concurrent.CountDownLatch; | |
/** | |
* Compile: | |
* javac KeyTest.java | |
* | |
* Run example: | |
* java KeyTest -k myKeystore.jks -kp keystore-pass -t myTruststore.jks -tp truststore-pass -h my.host.com -p 8443 | |
*/ | |
public class KeyTest implements Runnable { | |
private final String host; | |
private final int port; | |
private final CountDownLatch startedLatch = new CountDownLatch(1); | |
public KeyTest(String host, int port) { | |
this.host = host; | |
this.port = port; | |
} | |
static String read(InputStreamReader input) throws IOException { | |
char[] buffer = new char[1024]; | |
int num = input.read(buffer); | |
return new String(buffer, 0, num); | |
} | |
void startServer() { | |
try { | |
System.out.println("Server: staring server on port " + port); | |
ServerSocket serverSocket = SSLServerSocketFactory.getDefault().createServerSocket(port); | |
System.out.println("Server: listening on port " + port); | |
startedLatch.countDown(); | |
Socket socket = serverSocket.accept(); | |
String payload = read(new InputStreamReader(socket.getInputStream())); | |
System.out.println("Server: received '" + payload + "' responding 'PONG'"); | |
new OutputStreamWriter(socket.getOutputStream()).append("PONG").flush(); | |
socket.close(); | |
} catch (Throwable th) { | |
System.err.println("Server exception:"); | |
th.printStackTrace(); | |
System.exit(2); | |
} | |
} | |
void runClient() { | |
System.out.println("Client: going to connect to https://" + host + ":" + port); | |
try { | |
SSLSocket sslSocket = (SSLSocket) SSLSocketFactory.getDefault().createSocket(host, port); | |
SSLParameters sslParameters = new SSLParameters(); | |
sslParameters.setEndpointIdentificationAlgorithm("HTTPS"); | |
sslSocket.setSSLParameters(sslParameters); | |
System.out.println("Client: sending 'PING'"); | |
new OutputStreamWriter(sslSocket.getOutputStream()).append("PING").flush(); | |
String payload = read(new InputStreamReader( sslSocket.getInputStream())); | |
System.out.println("Client: Successfully connected via SSL, sent 'PING' and got response '" + payload + "'"); | |
} catch (Throwable th) { | |
System.err.println("Client exception:"); | |
th.printStackTrace(); | |
System.exit(1); | |
} | |
} | |
@Override | |
public void run() { | |
startServer(); | |
} | |
static String getParameter(Map<String, String> parameters, String key1, String key2) { | |
return getParameter(parameters, key1, key2, null); | |
} | |
static String getParameter(Map<String, String> parameters, String key1, String key2, String defaultValue) { | |
if (parameters.containsKey(key1)) return parameters.get(key1); | |
if (parameters.containsKey(key2)) return parameters.get(key2); | |
if (defaultValue != null) return defaultValue; | |
throw new IllegalArgumentException("Missing parameter: " + key1 + " or " + key2); | |
} | |
public static void main(String... args) throws InterruptedException { | |
Iterator<String> argIt = Arrays.asList(args).iterator(); | |
Map<String, String> params = new HashMap<>(); | |
while (argIt.hasNext()) { | |
params.put(argIt.next(), argIt.next()); | |
} | |
String host = getParameter(params, "-h", "--host", "localhost"); | |
int port = Integer.parseInt(getParameter(params, "-p", "--port", "443")); | |
System.setProperty("javax.net.ssl.trustStore", getParameter(params, "-t", "--truststore")); | |
System.setProperty("javax.net.ssl.trustStorePassword", getParameter(params, "-tp", "--truststore-password")); | |
System.setProperty("javax.net.ssl.keyStore", getParameter(params, "-k", "--keystore")); | |
System.setProperty("javax.net.ssl.keyStorePassword", getParameter(params, "-kp", "--keystore-password")); | |
KeyTest keyTest = new KeyTest(host, port); | |
new Thread(keyTest).start(); | |
keyTest.startedLatch.await(); | |
keyTest.runClient(); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment