2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
20 package org.onap.config.api;
23 import java.io.FileInputStream;
24 import java.io.IOException;
25 import java.security.GeneralSecurityException;
26 import java.security.KeyStore;
27 import java.util.Properties;
28 import javax.net.ssl.SSLContext;
29 import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
30 import org.apache.http.ssl.SSLContextBuilder;
31 import org.apache.http.ssl.SSLContexts;
32 import org.slf4j.Logger;
33 import org.slf4j.LoggerFactory;
34 import org.springframework.util.StringUtils;
36 public class JettySSLUtils {
38 private static final Logger LOGGER = LoggerFactory.getLogger(JettySSLUtils.class);
40 private JettySSLUtils() {
43 public static JettySslConfig getSSLConfig() {
44 Properties sslProperties = new Properties();
45 String sslPropsPath = System.getenv("JETTY_BASE") + File.separator + "/start.d/ssl.ini";
46 File sslPropsFile = new File(sslPropsPath);
47 try (FileInputStream fis = new FileInputStream(sslPropsFile)) {
48 sslProperties.load(fis);
49 } catch (IOException exception) {
50 LOGGER.error("Failed to read '{}'", sslPropsPath, exception);
52 return new JettySslConfig(sslProperties);
55 public static SSLContext getSslContext() throws GeneralSecurityException, IOException {
56 JettySslConfig sslProperties = JettySSLUtils.getSSLConfig();
57 KeyStore trustStore = KeyStore.getInstance(sslProperties.getTruststoreType());
59 final SSLContextBuilder contextBuilder = SSLContexts.custom();
60 if (!StringUtils.isEmpty(sslProperties.getTruststorePath())) {
61 try (FileInputStream instream = new FileInputStream(new File(sslProperties.getTruststorePath()));) {
62 trustStore.load(instream, (sslProperties.getTruststorePass()).toCharArray());
63 contextBuilder.loadTrustMaterial(trustStore, new TrustSelfSignedStrategy());
66 KeyStore keystore = KeyStore.getInstance(sslProperties.getKeystoreType());
67 if (!StringUtils.isEmpty(sslProperties.getKeystorePath())) {
68 try (FileInputStream instream = new FileInputStream(new File(sslProperties.getKeystorePath()));) {
69 keystore.load(instream, sslProperties.getKeystorePass().toCharArray());
70 contextBuilder.loadKeyMaterial(keystore, sslProperties.getKeystorePass().toCharArray());
73 return contextBuilder.build();
76 public static class JettySslConfig {
78 static final String JETTY_BASE = System.getenv("JETTY_BASE");
79 static final String KEY_STORE_TYPE_PROPERTY_NAME = "jetty.sslContext.keyStoreType";
80 static final String TRUST_STORE_TYPE_PROPERTY_NAME = "jetty.sslContext.trustStoreType";
81 Properties sslProperties;
83 JettySslConfig(Properties sslProperties) {
84 this.sslProperties = sslProperties;
87 public String getJettyBase() {
88 return JettySslConfig.JETTY_BASE;
91 public String getKeystorePath() {
92 return sslProperties.getProperty("jetty.sslContext.keyStorePath");
95 public String getKeystorePass() {
96 return sslProperties.getProperty("jetty.sslContext.keyStorePassword");
99 public String getKeystoreType() {
100 return sslProperties.getProperty(KEY_STORE_TYPE_PROPERTY_NAME, KeyStore.getDefaultType());
103 public String getTruststorePath() {
104 return sslProperties.getProperty("jetty.sslContext.trustStorePath");
107 public String getTruststorePass() {
108 return sslProperties.getProperty("jetty.sslContext.trustStorePassword");
111 public String getTruststoreType() {
112 return sslProperties.getProperty(TRUST_STORE_TYPE_PROPERTY_NAME, KeyStore.getDefaultType());
115 public String getKeyStoreManager() {
116 return sslProperties.getProperty("jetty.sslContext.keyManagerPassword");
119 public Boolean getNeedClientAuth() {
120 if (sslProperties.containsKey("jetty.sslContext.needClientAuth")) {
121 return Boolean.valueOf(sslProperties.getProperty("jetty.sslContext.needClientAuth"));
123 return Boolean.FALSE;
127 public String getProperty(String key) {
128 return sslProperties.getProperty(key);