import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.Paths;
+import java.security.GeneralSecurityException;
import java.security.KeyStore;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLException;
private static final Logger LOGGER = LoggerFactory.getLogger(SslFactory.class);
+ /**
+ * Function for creating secure ssl context.
+ *
+ * @param keyStorePath - path to file with keystore
+ * @param keyStorePasswordPath - path to file with keystore password
+ * @param trustStorePath - path to file with truststore
+ * @param trustStorePasswordPath - path to file with truststore password
+ * @return configured ssl context
+ */
public SslContext createSecureContext(String keyStorePath,
String keyStorePasswordPath,
String trustStorePath,
.keyManager(keyManagerFactory(keyStorePath, loadPasswordFromFile(keyStorePasswordPath)))
.trustManager(trustManagerFactory(trustStorePath, loadPasswordFromFile(trustStorePasswordPath)))
.build();
- } catch (Exception ex) {
+ } catch (GeneralSecurityException | IOException ex) {
throw new SSLException(ex);
}
}
+ /**
+ * Function for creating insecure ssl context.
+ *
+ * @return configured insecure ssl context
+ */
public SslContext createInsecureContext() throws SSLException {
LOGGER.info("Creating insecure ssl context");
return SslContextBuilder
.build();
}
- private KeyManagerFactory keyManagerFactory(String path, String password) throws Exception {
+ private KeyManagerFactory keyManagerFactory(String path, String password)
+ throws GeneralSecurityException, IOException {
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(loadKeyStoreFromFile(path, password),
password.toCharArray());
return kmf;
}
- private TrustManagerFactory trustManagerFactory(String path, String password) throws Exception {
+ private TrustManagerFactory trustManagerFactory(String path, String password)
+ throws GeneralSecurityException, IOException {
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(loadKeyStoreFromFile(path, password));
return tmf;
}
- private KeyStore loadKeyStoreFromFile(String path, String keyStorePassword) throws Exception {
+ private KeyStore loadKeyStoreFromFile(String path, String keyStorePassword)
+ throws GeneralSecurityException, IOException {
KeyStore ks = KeyStore.getInstance("jks");
ks.load(getResource(path), keyStorePassword.toCharArray());
return ks;
}
- private InputStream getResource(String path) throws Exception {
+ private InputStream getResource(String path) throws FileNotFoundException {
return new FileInputStream(path);
}
- private String loadPasswordFromFile(String path) throws Exception {
+ private String loadPasswordFromFile(String path) throws IOException {
return new String(Files.readAllBytes(Paths.get(path)));
}
}
--- /dev/null
+/*
+ * ============LICENSE_START=======================================================
+ * PNF-REGISTRATION-HANDLER
+ * ================================================================================
+ * Copyright (C) 2018 NOKIA Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dcaegen2.services.prh.ssl;
+
+import javax.net.ssl.SSLException;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+
+
+class SslFactoryTest {
+
+ private static final String KEY_STORE = "org.onap.dcae.jks";
+ private static final String KEYSTORE_PASSWORD = "keystore.password";
+ private static final String TRUSTSTORE_PASSWORD = "truststore.password";
+ private static final String TRUST_STORE = "org.onap.dcae.trust.jks";
+ private SslFactory sslFactory = new SslFactory();
+
+ @Test
+ void shouldCreateInsecureContext() throws SSLException {
+ Assertions.assertNotNull(sslFactory.createInsecureContext());
+ }
+
+ @Test
+ void shouldCreateSecureContext() throws SSLException {
+ Assertions.assertNotNull(sslFactory.createSecureContext(
+ getPath(KEY_STORE),
+ getPath(KEYSTORE_PASSWORD),
+ getPath(TRUST_STORE),
+ getPath(TRUSTSTORE_PASSWORD)));
+ }
+
+ @Test
+ void shouldThrowSslExceptionWhenKeystorePasswordIsIncorrect() {
+ Assertions.assertThrows(SSLException.class, () -> sslFactory.createSecureContext(
+ getPath(KEY_STORE),
+ getPath(TRUSTSTORE_PASSWORD),
+ getPath(TRUST_STORE),
+ getPath(TRUSTSTORE_PASSWORD)));
+ }
+
+ private String getPath(String fileName) {
+ return this.getClass().getClassLoader().getResource(fileName).getPath();
+ }
+}
\ No newline at end of file
Code Review / dcaegen2 / services / prh.git / commitdiff