summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--prh-commons/src/main/java/org/onap/dcaegen2/services/prh/ssl/SslFactory.java32
-rw-r--r--prh-commons/src/test/java/org/onap/dcaegen2/services/prh/ssl/SslFactoryTest.java62
-rw-r--r--prh-commons/src/test/resources/keystore.password1
-rw-r--r--prh-commons/src/test/resources/org.onap.dcae.jksbin0 -> 4512 bytes
-rw-r--r--prh-commons/src/test/resources/org.onap.dcae.trust.jksbin0 -> 1413 bytes
-rw-r--r--prh-commons/src/test/resources/truststore.password1
6 files changed, 90 insertions, 6 deletions
diff --git a/prh-commons/src/main/java/org/onap/dcaegen2/services/prh/ssl/SslFactory.java b/prh-commons/src/main/java/org/onap/dcaegen2/services/prh/ssl/SslFactory.java
index 891bcb73..60e1224e 100644
--- a/prh-commons/src/main/java/org/onap/dcaegen2/services/prh/ssl/SslFactory.java
+++ b/prh-commons/src/main/java/org/onap/dcaegen2/services/prh/ssl/SslFactory.java
@@ -24,9 +24,12 @@ import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.Paths;
+import java.security.GeneralSecurityException;
import java.security.KeyStore;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLException;
@@ -38,6 +41,15 @@ public class SslFactory {
private static final Logger LOGGER = LoggerFactory.getLogger(SslFactory.class);
+ /**
+ * Function for creating secure ssl context.
+ *
+ * @param keyStorePath - path to file with keystore
+ * @param keyStorePasswordPath - path to file with keystore password
+ * @param trustStorePath - path to file with truststore
+ * @param trustStorePasswordPath - path to file with truststore password
+ * @return configured ssl context
+ */
public SslContext createSecureContext(String keyStorePath,
String keyStorePasswordPath,
String trustStorePath,
@@ -49,11 +61,16 @@ public class SslFactory {
.keyManager(keyManagerFactory(keyStorePath, loadPasswordFromFile(keyStorePasswordPath)))
.trustManager(trustManagerFactory(trustStorePath, loadPasswordFromFile(trustStorePasswordPath)))
.build();
- } catch (Exception ex) {
+ } catch (GeneralSecurityException | IOException ex) {
throw new SSLException(ex);
}
}
+ /**
+ * Function for creating insecure ssl context.
+ *
+ * @return configured insecure ssl context
+ */
public SslContext createInsecureContext() throws SSLException {
LOGGER.info("Creating insecure ssl context");
return SslContextBuilder
@@ -62,30 +79,33 @@ public class SslFactory {
.build();
}
- private KeyManagerFactory keyManagerFactory(String path, String password) throws Exception {
+ private KeyManagerFactory keyManagerFactory(String path, String password)
+ throws GeneralSecurityException, IOException {
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(loadKeyStoreFromFile(path, password),
password.toCharArray());
return kmf;
}
- private TrustManagerFactory trustManagerFactory(String path, String password) throws Exception {
+ private TrustManagerFactory trustManagerFactory(String path, String password)
+ throws GeneralSecurityException, IOException {
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(loadKeyStoreFromFile(path, password));
return tmf;
}
- private KeyStore loadKeyStoreFromFile(String path, String keyStorePassword) throws Exception {
+ private KeyStore loadKeyStoreFromFile(String path, String keyStorePassword)
+ throws GeneralSecurityException, IOException {
KeyStore ks = KeyStore.getInstance("jks");
ks.load(getResource(path), keyStorePassword.toCharArray());
return ks;
}
- private InputStream getResource(String path) throws Exception {
+ private InputStream getResource(String path) throws FileNotFoundException {
return new FileInputStream(path);
}
- private String loadPasswordFromFile(String path) throws Exception {
+ private String loadPasswordFromFile(String path) throws IOException {
return new String(Files.readAllBytes(Paths.get(path)));
}
}
diff --git a/prh-commons/src/test/java/org/onap/dcaegen2/services/prh/ssl/SslFactoryTest.java b/prh-commons/src/test/java/org/onap/dcaegen2/services/prh/ssl/SslFactoryTest.java
new file mode 100644
index 00000000..dbd63911
--- /dev/null
+++ b/prh-commons/src/test/java/org/onap/dcaegen2/services/prh/ssl/SslFactoryTest.java
@@ -0,0 +1,62 @@
+/*
+ * ============LICENSE_START=======================================================
+ * PNF-REGISTRATION-HANDLER
+ * ================================================================================
+ * Copyright (C) 2018 NOKIA Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dcaegen2.services.prh.ssl;
+
+import javax.net.ssl.SSLException;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+
+
+class SslFactoryTest {
+
+ private static final String KEY_STORE = "org.onap.dcae.jks";
+ private static final String KEYSTORE_PASSWORD = "keystore.password";
+ private static final String TRUSTSTORE_PASSWORD = "truststore.password";
+ private static final String TRUST_STORE = "org.onap.dcae.trust.jks";
+ private SslFactory sslFactory = new SslFactory();
+
+ @Test
+ void shouldCreateInsecureContext() throws SSLException {
+ Assertions.assertNotNull(sslFactory.createInsecureContext());
+ }
+
+ @Test
+ void shouldCreateSecureContext() throws SSLException {
+ Assertions.assertNotNull(sslFactory.createSecureContext(
+ getPath(KEY_STORE),
+ getPath(KEYSTORE_PASSWORD),
+ getPath(TRUST_STORE),
+ getPath(TRUSTSTORE_PASSWORD)));
+ }
+
+ @Test
+ void shouldThrowSslExceptionWhenKeystorePasswordIsIncorrect() {
+ Assertions.assertThrows(SSLException.class, () -> sslFactory.createSecureContext(
+ getPath(KEY_STORE),
+ getPath(TRUSTSTORE_PASSWORD),
+ getPath(TRUST_STORE),
+ getPath(TRUSTSTORE_PASSWORD)));
+ }
+
+ private String getPath(String fileName) {
+ return this.getClass().getClassLoader().getResource(fileName).getPath();
+ }
+} \ No newline at end of file
diff --git a/prh-commons/src/test/resources/keystore.password b/prh-commons/src/test/resources/keystore.password
new file mode 100644
index 00000000..39823872
--- /dev/null
+++ b/prh-commons/src/test/resources/keystore.password
@@ -0,0 +1 @@
+mYHC98!qX}7h?W}jRv}MIXTJ \ No newline at end of file
diff --git a/prh-commons/src/test/resources/org.onap.dcae.jks b/prh-commons/src/test/resources/org.onap.dcae.jks
new file mode 100644
index 00000000..e74ce64f
--- /dev/null
+++ b/prh-commons/src/test/resources/org.onap.dcae.jks
Binary files differ
diff --git a/prh-commons/src/test/resources/org.onap.dcae.trust.jks b/prh-commons/src/test/resources/org.onap.dcae.trust.jks
new file mode 100644
index 00000000..10103cfb
--- /dev/null
+++ b/prh-commons/src/test/resources/org.onap.dcae.trust.jks
Binary files differ
diff --git a/prh-commons/src/test/resources/truststore.password b/prh-commons/src/test/resources/truststore.password
new file mode 100644
index 00000000..168e64bd
--- /dev/null
+++ b/prh-commons/src/test/resources/truststore.password
@@ -0,0 +1 @@
+*TQH?Lnszprs4LmlAj38yds( \ No newline at end of file