X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=sparkybe-onap-service%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faai%2Fsparky%2Fsecurity%2FSecurityContextFactoryImpl.java;fp=sparkybe-onap-service%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faai%2Fsparky%2Fsecurity%2FSecurityContextFactoryImpl.java;h=0000000000000000000000000000000000000000;hb=237fd67563dca13cf254a921f4f011995e82fc11;hp=e20e11327d4cf818dde39ff03286966495e298af;hpb=14e93687ee86247650ee1a496f5c8f77ded83eb8;p=aai%2Fsparky-be.git diff --git a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/SecurityContextFactoryImpl.java b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/SecurityContextFactoryImpl.java deleted file mode 100644 index e20e113..0000000 --- a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/SecurityContextFactoryImpl.java +++ /dev/null @@ -1,201 +0,0 @@ -/** - * ============LICENSE_START======================================================= - * org.onap.aai - * ================================================================================ - * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. - * Copyright © 2017-2018 Amdocs - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.onap.aai.sparky.security; - -import java.io.ByteArrayInputStream; -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.nio.file.Files; -import java.security.KeyManagementException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.UnrecoverableKeyException; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; - -import javax.net.ssl.KeyManagerFactory; -import javax.net.ssl.SSLContext; -import javax.net.ssl.TrustManager; -import javax.net.ssl.X509TrustManager; - -/** - * The Class SecurityContextFactoryImpl. - */ -public class SecurityContextFactoryImpl implements SecurityContextFactory { - - protected String sslAlgorithm; - protected String keyManagerAlgortihm; - protected String keyStoreType; - protected boolean serverCertificationChainValidationEnabled; - protected String trustStoreFileName; - protected String clientCertPassword; - protected FileInputStream clientCertFileInputStream; - protected String clientCertFileName; - protected byte[] clientCertBytes; - - /** - * Instantiates a new security context factory impl. - */ - public SecurityContextFactoryImpl() { - this.sslAlgorithm = "TLS"; - this.keyManagerAlgortihm = "SunX509"; - this.keyStoreType = "PKCS12"; - this.serverCertificationChainValidationEnabled = false; - this.clientCertFileInputStream = null; - this.clientCertFileName = null; - } - - @Override - public String getSslAlgorithm() { - return sslAlgorithm; - } - - @Override - public void setSslAlgorithm(String sslAlgorithm) { - this.sslAlgorithm = sslAlgorithm; - } - - @Override - public String getKeyManagerAlgortihm() { - return keyManagerAlgortihm; - } - - @Override - public void setKeyManagerAlgortihm(String keyManagerAlgortihm) { - this.keyManagerAlgortihm = keyManagerAlgortihm; - } - - @Override - public String getKeyStoreType() { - return keyStoreType; - } - - @Override - public void setKeyStoreType(String keyStoreType) { - this.keyStoreType = keyStoreType; - } - - @Override - public boolean isServerCertificationChainValidationEnabled() { - return serverCertificationChainValidationEnabled; - } - - @Override - public void setServerCertificationChainValidationEnabled( - boolean serverCertificationChainValidationEnabled) { - this.serverCertificationChainValidationEnabled = serverCertificationChainValidationEnabled; - } - - @Override - public void setClientCertFileName(String filename) throws IOException { - this.clientCertFileName = filename; - - if (filename == null) { - this.clientCertBytes = null; - } else { - this.clientCertBytes = Files.readAllBytes(new File(filename).toPath()); - } - } - - @Override - public void setClientCertFileInputStream(FileInputStream fis) { - this.clientCertFileInputStream = fis; - } - - @Override - public FileInputStream getClientCertFileInputStream() { - return this.clientCertFileInputStream; - } - - @Override - public SSLContext getSecureContext() throws KeyManagementException, NoSuchAlgorithmException, - KeyStoreException, CertificateException, IOException, UnrecoverableKeyException { - - TrustManager[] trustAllCerts = null; - - if (serverCertificationChainValidationEnabled) { - - System.setProperty("javax.net.ssl.trustStore", trustStoreFileName); - - } else { - - // Create a trust manager that does not validate certificate chains - trustAllCerts = new TrustManager[] {new X509TrustManager() { - @Override - public X509Certificate[] getAcceptedIssuers() { - return null; - } - - @Override - public void checkClientTrusted(X509Certificate[] certs, String authType) {} - - @Override - public void checkServerTrusted(X509Certificate[] certs, String authType) {} - } }; - } - - KeyManagerFactory kmf = KeyManagerFactory.getInstance(keyManagerAlgortihm); - - KeyStore ks = KeyStore.getInstance(keyStoreType); - - char[] pwd = null; - if (clientCertPassword != null) { - pwd = clientCertPassword.toCharArray(); - } - - if (clientCertBytes != null) { - ks.load(new ByteArrayInputStream(clientCertBytes), pwd); - } else { - ks.load(null, pwd); - } - - kmf.init(ks, pwd); - - SSLContext ctx = SSLContext.getInstance(sslAlgorithm); - ctx.init(kmf.getKeyManagers(), trustAllCerts, null); - - return ctx; - - } - - @Override - public String getTrustStoreFileName() { - return this.trustStoreFileName; - } - - @Override - public void setTrustStoreFileName(String filename) { - this.trustStoreFileName = filename; - } - - @Override - public String getClientCertPassword() { - return this.clientCertPassword; - } - - @Override - public void setClientCertPassword(String password) { - this.clientCertPassword = password; - } - -}