summaryrefslogtreecommitdiffstats
path: root/sources/hv-collector-ssl
diff options
context:
space:
mode:
authorPiotr Jaszczyk <piotr.jaszczyk@nokia.com>2019-04-10 10:32:00 +0200
committerPiotr Jaszczyk <piotr.jaszczyk@nokia.com>2019-04-10 11:37:50 +0200
commitc138b700030d22ae0bdbd6992fb4a4d8a3431798 (patch)
tree35926c24ef0eb4c770f3592bedc6e4d3cf69c98e /sources/hv-collector-ssl
parentd52444107a3c62c1027e35178b76645ceb4d2c4e (diff)
Read passwords from files
Key- and trust-store passwords should be read from files in order to work with DCAE tls-init-container. Change-Id: Ibe454663328268f33f8be25ef9ec129f1ce1d396 Issue-ID: DCAEGEN2-1412 Signed-off-by: Piotr Jaszczyk <piotr.jaszczyk@nokia.com>
Diffstat (limited to 'sources/hv-collector-ssl')
-rw-r--r--sources/hv-collector-ssl/src/main/kotlin/org/onap/dcae/collectors/veshv/ssl/boundary/utils.kt11
-rw-r--r--sources/hv-collector-ssl/src/test/kotlin/org/onap/dcae/collectors/veshv/ssl/boundary/UtilsKtTest.kt (renamed from sources/hv-collector-ssl/src/test/kotlin/org/onap/dcae/collectors/veshv/ssl/boundary/SecurityUtilsTest.kt)13
-rw-r--r--sources/hv-collector-ssl/src/test/resources/ssl/password1
3 files changed, 19 insertions, 6 deletions
diff --git a/sources/hv-collector-ssl/src/main/kotlin/org/onap/dcae/collectors/veshv/ssl/boundary/utils.kt b/sources/hv-collector-ssl/src/main/kotlin/org/onap/dcae/collectors/veshv/ssl/boundary/utils.kt
index 822d84f1..5981d9d4 100644
--- a/sources/hv-collector-ssl/src/main/kotlin/org/onap/dcae/collectors/veshv/ssl/boundary/utils.kt
+++ b/sources/hv-collector-ssl/src/main/kotlin/org/onap/dcae/collectors/veshv/ssl/boundary/utils.kt
@@ -22,7 +22,6 @@ package org.onap.dcae.collectors.veshv.ssl.boundary
import arrow.core.None
import arrow.core.Some
import arrow.core.Try
-import arrow.core.getOrElse
import org.apache.commons.cli.CommandLine
import org.onap.dcae.collectors.veshv.commandline.CommandLineOption
import org.onap.dcae.collectors.veshv.commandline.hasOption
@@ -38,7 +37,9 @@ import java.nio.file.Paths
*/
const val KEY_STORE_FILE = "/etc/ves-hv/server.p12"
+const val KEY_STORE_PASSWORD_FILE = "/etc/ves-hv/server.pass"
const val TRUST_STORE_FILE = "/etc/ves-hv/trust.p12"
+const val TRUST_STORE_PASSWORD_FILE = "/etc/ves-hv/trust.pass"
fun createSecurityConfiguration(cmdLine: CommandLine): Try<SecurityConfiguration> =
createSecurityConfigurationProvider(cmdLine).map { it() }
@@ -55,15 +56,15 @@ private fun disabledSecurityConfiguration() = SecurityConfiguration(None)
private fun enabledSecurityConfiguration(cmdLine: CommandLine): SecurityConfiguration {
val ksFile = cmdLine.stringValue(CommandLineOption.KEY_STORE_FILE, KEY_STORE_FILE)
- val ksPass = cmdLine.stringValue(CommandLineOption.KEY_STORE_PASSWORD).getOrElse { "" }
+ val ksPass = cmdLine.stringValue(CommandLineOption.KEY_STORE_PASSWORD_FILE, KEY_STORE_PASSWORD_FILE)
val tsFile = cmdLine.stringValue(CommandLineOption.TRUST_STORE_FILE, TRUST_STORE_FILE)
- val tsPass = cmdLine.stringValue(CommandLineOption.TRUST_STORE_PASSWORD).getOrElse { "" }
+ val tsPass = cmdLine.stringValue(CommandLineOption.TRUST_STORE_PASSWORD_FILE, TRUST_STORE_PASSWORD_FILE)
val keys = ImmutableSecurityKeys.builder()
.keyStore(ImmutableSecurityKeysStore.of(pathFromFile(ksFile)))
- .keyStorePassword(Passwords.fromString(ksPass))
+ .keyStorePassword(Passwords.fromPath(pathFromFile(ksPass)))
.trustStore(ImmutableSecurityKeysStore.of(pathFromFile(tsFile)))
- .trustStorePassword(Passwords.fromString(tsPass))
+ .trustStorePassword(Passwords.fromPath(pathFromFile(tsPass)))
.build()
return SecurityConfiguration(Some(keys))
diff --git a/sources/hv-collector-ssl/src/test/kotlin/org/onap/dcae/collectors/veshv/ssl/boundary/SecurityUtilsTest.kt b/sources/hv-collector-ssl/src/test/kotlin/org/onap/dcae/collectors/veshv/ssl/boundary/UtilsKtTest.kt
index ddb3e357..c7c414f8 100644
--- a/sources/hv-collector-ssl/src/test/kotlin/org/onap/dcae/collectors/veshv/ssl/boundary/SecurityUtilsTest.kt
+++ b/sources/hv-collector-ssl/src/test/kotlin/org/onap/dcae/collectors/veshv/ssl/boundary/UtilsKtTest.kt
@@ -20,6 +20,7 @@
package org.onap.dcae.collectors.veshv.ssl.boundary
import com.nhaarman.mockitokotlin2.doReturn
+import com.nhaarman.mockitokotlin2.eq
import com.nhaarman.mockitokotlin2.mock
import com.nhaarman.mockitokotlin2.verify
import com.nhaarman.mockitokotlin2.whenever
@@ -31,15 +32,22 @@ import org.jetbrains.spek.api.dsl.it
import org.jetbrains.spek.api.dsl.on
import org.onap.dcae.collectors.veshv.commandline.CommandLineOption
import org.onap.dcae.collectors.veshv.commandline.hasOption
+import org.onap.dcae.collectors.veshv.commandline.stringValue
+import java.nio.file.Paths
-internal object SecurityUtilsTest : Spek({
+internal object UtilsKtTest : Spek({
describe("creating securty configuration provider") {
on("command line without ssl disable") {
+ val passwordFile = resourcePathAsString("/ssl/password")
val commandLine: CommandLine = mock()
whenever(commandLine.hasOption(CommandLineOption.SSL_DISABLE)).doReturn(false)
+ whenever(commandLine.stringValue(CommandLineOption.TRUST_STORE_PASSWORD_FILE, TRUST_STORE_PASSWORD_FILE))
+ .doReturn(passwordFile)
+ whenever(commandLine.stringValue(CommandLineOption.KEY_STORE_PASSWORD_FILE, KEY_STORE_PASSWORD_FILE))
+ .doReturn(passwordFile)
it("should create configuration with some keys") {
val configuration = createSecurityConfiguration(commandLine)
@@ -63,3 +71,6 @@ internal object SecurityUtilsTest : Spek({
}
}
})
+
+private fun resourcePathAsString(resource: String) =
+ Paths.get(UtilsKtTest::class.java.getResource(resource).toURI()).toString()
diff --git a/sources/hv-collector-ssl/src/test/resources/ssl/password b/sources/hv-collector-ssl/src/test/resources/ssl/password
new file mode 100644
index 00000000..e69c2de9
--- /dev/null
+++ b/sources/hv-collector-ssl/src/test/resources/ssl/password
@@ -0,0 +1 @@
+onaponap \ No newline at end of file