diff options
3 files changed, 0 insertions, 410 deletions
diff --git a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/SecurityContextFactory.java b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/SecurityContextFactory.java deleted file mode 100644 index ea910a6..0000000 --- a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/SecurityContextFactory.java +++ /dev/null @@ -1,74 +0,0 @@ -/** - * ============LICENSE_START======================================================= - * org.onap.aai - * ================================================================================ - * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. - * Copyright © 2017-2018 Amdocs - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.onap.aai.sparky.security; - -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.security.KeyManagementException; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.UnrecoverableKeyException; -import java.security.cert.CertificateException; - -import javax.net.ssl.SSLContext; - -/** - * A factory for creating SecurityContext objects. - */ -public interface SecurityContextFactory { - - public String getSslAlgorithm(); - - public void setSslAlgorithm(String sslAlgorithm); - - public String getKeyManagerAlgortihm(); - - public void setKeyManagerAlgortihm(String keyManagerAlgortihm); - - public String getKeyStoreType(); - - public void setKeyStoreType(String keyStoreType); - - public boolean isServerCertificationChainValidationEnabled(); - - public void setServerCertificationChainValidationEnabled( - boolean serverCertificationChainValidationEnabled); - - public String getTrustStoreFileName(); - - public void setTrustStoreFileName(String filename); - - public String getClientCertPassword(); - - public void setClientCertPassword(String password); - - public void setClientCertFileInputStream(FileInputStream fis); - - public void setClientCertFileName(String filename) throws IOException; - - public FileInputStream getClientCertFileInputStream(); - - public SSLContext getSecureContext() - throws KeyManagementException, NoSuchAlgorithmException, FileNotFoundException, - KeyStoreException, CertificateException, IOException, UnrecoverableKeyException; - -} diff --git a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/SecurityContextFactoryImpl.java b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/SecurityContextFactoryImpl.java deleted file mode 100644 index e20e113..0000000 --- a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/SecurityContextFactoryImpl.java +++ /dev/null @@ -1,201 +0,0 @@ -/** - * ============LICENSE_START======================================================= - * org.onap.aai - * ================================================================================ - * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. - * Copyright © 2017-2018 Amdocs - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.onap.aai.sparky.security; - -import java.io.ByteArrayInputStream; -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.nio.file.Files; -import java.security.KeyManagementException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.UnrecoverableKeyException; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; - -import javax.net.ssl.KeyManagerFactory; -import javax.net.ssl.SSLContext; -import javax.net.ssl.TrustManager; -import javax.net.ssl.X509TrustManager; - -/** - * The Class SecurityContextFactoryImpl. - */ -public class SecurityContextFactoryImpl implements SecurityContextFactory { - - protected String sslAlgorithm; - protected String keyManagerAlgortihm; - protected String keyStoreType; - protected boolean serverCertificationChainValidationEnabled; - protected String trustStoreFileName; - protected String clientCertPassword; - protected FileInputStream clientCertFileInputStream; - protected String clientCertFileName; - protected byte[] clientCertBytes; - - /** - * Instantiates a new security context factory impl. - */ - public SecurityContextFactoryImpl() { - this.sslAlgorithm = "TLS"; - this.keyManagerAlgortihm = "SunX509"; - this.keyStoreType = "PKCS12"; - this.serverCertificationChainValidationEnabled = false; - this.clientCertFileInputStream = null; - this.clientCertFileName = null; - } - - @Override - public String getSslAlgorithm() { - return sslAlgorithm; - } - - @Override - public void setSslAlgorithm(String sslAlgorithm) { - this.sslAlgorithm = sslAlgorithm; - } - - @Override - public String getKeyManagerAlgortihm() { - return keyManagerAlgortihm; - } - - @Override - public void setKeyManagerAlgortihm(String keyManagerAlgortihm) { - this.keyManagerAlgortihm = keyManagerAlgortihm; - } - - @Override - public String getKeyStoreType() { - return keyStoreType; - } - - @Override - public void setKeyStoreType(String keyStoreType) { - this.keyStoreType = keyStoreType; - } - - @Override - public boolean isServerCertificationChainValidationEnabled() { - return serverCertificationChainValidationEnabled; - } - - @Override - public void setServerCertificationChainValidationEnabled( - boolean serverCertificationChainValidationEnabled) { - this.serverCertificationChainValidationEnabled = serverCertificationChainValidationEnabled; - } - - @Override - public void setClientCertFileName(String filename) throws IOException { - this.clientCertFileName = filename; - - if (filename == null) { - this.clientCertBytes = null; - } else { - this.clientCertBytes = Files.readAllBytes(new File(filename).toPath()); - } - } - - @Override - public void setClientCertFileInputStream(FileInputStream fis) { - this.clientCertFileInputStream = fis; - } - - @Override - public FileInputStream getClientCertFileInputStream() { - return this.clientCertFileInputStream; - } - - @Override - public SSLContext getSecureContext() throws KeyManagementException, NoSuchAlgorithmException, - KeyStoreException, CertificateException, IOException, UnrecoverableKeyException { - - TrustManager[] trustAllCerts = null; - - if (serverCertificationChainValidationEnabled) { - - System.setProperty("javax.net.ssl.trustStore", trustStoreFileName); - - } else { - - // Create a trust manager that does not validate certificate chains - trustAllCerts = new TrustManager[] {new X509TrustManager() { - @Override - public X509Certificate[] getAcceptedIssuers() { - return null; - } - - @Override - public void checkClientTrusted(X509Certificate[] certs, String authType) {} - - @Override - public void checkServerTrusted(X509Certificate[] certs, String authType) {} - } }; - } - - KeyManagerFactory kmf = KeyManagerFactory.getInstance(keyManagerAlgortihm); - - KeyStore ks = KeyStore.getInstance(keyStoreType); - - char[] pwd = null; - if (clientCertPassword != null) { - pwd = clientCertPassword.toCharArray(); - } - - if (clientCertBytes != null) { - ks.load(new ByteArrayInputStream(clientCertBytes), pwd); - } else { - ks.load(null, pwd); - } - - kmf.init(ks, pwd); - - SSLContext ctx = SSLContext.getInstance(sslAlgorithm); - ctx.init(kmf.getKeyManagers(), trustAllCerts, null); - - return ctx; - - } - - @Override - public String getTrustStoreFileName() { - return this.trustStoreFileName; - } - - @Override - public void setTrustStoreFileName(String filename) { - this.trustStoreFileName = filename; - } - - @Override - public String getClientCertPassword() { - return this.clientCertPassword; - } - - @Override - public void setClientCertPassword(String password) { - this.clientCertPassword = password; - } - -} diff --git a/sparkybe-onap-service/src/test/java/org/onap/aai/sparky/security/SecurityContextFactoryImplTest.java b/sparkybe-onap-service/src/test/java/org/onap/aai/sparky/security/SecurityContextFactoryImplTest.java deleted file mode 100644 index 11beabd..0000000 --- a/sparkybe-onap-service/src/test/java/org/onap/aai/sparky/security/SecurityContextFactoryImplTest.java +++ /dev/null @@ -1,135 +0,0 @@ -/** - * ============LICENSE_START=================================================== - * SPARKY (AAI UI service) - * ============================================================================ - * Copyright © 2017 AT&T Intellectual Property. - * Copyright © 2017 Amdocs - * All rights reserved. - * ============================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END===================================================== - * - * ECOMP and OpenECOMP are trademarks - * and service marks of AT&T Intellectual Property. - */ - -package org.onap.aai.sparky.security; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertNotNull; - -import java.io.FileInputStream; - -import javax.net.ssl.SSLContext; - -import org.junit.Before; -import org.junit.Test; -import org.mockito.Mockito; - -/** - * The Class SecurityContextFactoryImplTest. - */ -public class SecurityContextFactoryImplTest { - - - /** - * Inits the. - * - * @throws Exception the exception - */ - @Before - public void init() throws Exception { - } - - /** - * Basic construction test. - * - * @throws Exception the exception - */ - @Test - public void basicConstructionTest() throws Exception { - - SecurityContextFactory sslContextFactory = new SecurityContextFactoryImpl(); - - assertEquals("TLS", sslContextFactory.getSslAlgorithm()); - assertEquals("SunX509", sslContextFactory.getKeyManagerAlgortihm()); - assertEquals("PKCS12", sslContextFactory.getKeyStoreType()); - assertEquals(false, sslContextFactory.isServerCertificationChainValidationEnabled()); - assertEquals(null, sslContextFactory.getClientCertFileInputStream()); - } - - /** - * Validate secure context. - * - * @throws Exception the exception - */ - @Test - public void validateSecureContext() throws Exception { - - SecurityContextFactory sslContextFactory = new SecurityContextFactoryImpl(); - - SSLContext sslContext = sslContextFactory.getSecureContext(); - - assertNotNull(sslContext); - } - - /** - * Validate secure context with server cert chain validation. - * - * @throws Exception the exception - */ - @Test - public void validateSecureContext_withServerCertChainValidation() throws Exception { - - SecurityContextFactory sslContextFactory = new SecurityContextFactoryImpl(); - sslContextFactory.setServerCertificationChainValidationEnabled(true); - sslContextFactory.setTrustStoreFileName("filename"); - - sslContextFactory.setClientCertFileName(null); - - SSLContext sslContext = sslContextFactory.getSecureContext(); - - assertNotNull(sslContext); - } - - /** - * Validate accessors. - * - * @throws Exception the exception - */ - @Test - public void validateAccessors() throws Exception { - - SecurityContextFactory sslContextFactory = new SecurityContextFactoryImpl(); - - FileInputStream mockInputStream = Mockito.mock(FileInputStream.class); - - sslContextFactory.setSslAlgorithm("sslAlgorithm"); - sslContextFactory.setKeyManagerAlgortihm("keyManagerAlgorithm"); - sslContextFactory.setKeyStoreType("keyStoreType"); - sslContextFactory.setClientCertFileInputStream(mockInputStream); - sslContextFactory.setServerCertificationChainValidationEnabled(true); - sslContextFactory.setTrustStoreFileName("truststoreFileName"); - sslContextFactory.setClientCertPassword("password"); - - assertEquals("sslAlgorithm", sslContextFactory.getSslAlgorithm()); - assertEquals("keyManagerAlgorithm", sslContextFactory.getKeyManagerAlgortihm()); - assertEquals("keyStoreType", sslContextFactory.getKeyStoreType()); - assertEquals(mockInputStream, sslContextFactory.getClientCertFileInputStream()); - assertEquals(true, sslContextFactory.isServerCertificationChainValidationEnabled()); - assertEquals("truststoreFileName", sslContextFactory.getTrustStoreFileName()); - assertEquals("password", sslContextFactory.getClientCertPassword()); - - } - -} |