blob: e636f4c06a697ed02318b61f03aeee132726a29a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
/*-
* ============LICENSE_START=======================================================
* PROJECT
* ================================================================================
* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* ============LICENSE_END=========================================================
*/
package org.onap.dcae.common;
import java.nio.file.Path;
import org.springframework.boot.web.server.Ssl;
public class SSLContextCreator {
private final String keyStorePassword;
private final String certAlias;
private final Path keyStoreFile;
private Path trustStoreFile;
private String trustStorePassword;
private boolean hasTlsClientAuthentication = false;
public static SSLContextCreator create(final Path keyStoreFile, final String certAlias, final String password) {
return new SSLContextCreator(keyStoreFile, certAlias, password);
}
private SSLContextCreator(final Path keyStoreFile, final String certAlias, final String password) {
this.certAlias = certAlias;
this.keyStoreFile = keyStoreFile;
this.keyStorePassword = password;
}
public SSLContextCreator withTlsClientAuthentication(final Path trustStoreFile, final String password) {
hasTlsClientAuthentication = true;
this.trustStoreFile = trustStoreFile;
this.trustStorePassword = password;
return this;
}
private void configureKeyStore(final Ssl ssl) {
final String keyStore = keyStoreFile.toAbsolutePath().toString();
ssl.setKeyStore(keyStore);
ssl.setKeyPassword(keyStorePassword);
ssl.setKeyAlias(certAlias);
}
private void configureTrustStore(final Ssl ssl) {
final String trustStore = trustStoreFile.toAbsolutePath().toString();
ssl.setTrustStore(trustStore);
ssl.setTrustStorePassword(trustStorePassword);
ssl.setClientAuth(Ssl.ClientAuth.NEED);
}
public Ssl build() {
final Ssl ssl = new Ssl();
ssl.setEnabled(true);
configureKeyStore(ssl);
if (hasTlsClientAuthentication) {
configureTrustStore(ssl);
}
return ssl;
}
}
|