From 74d946d67bb3da606ec8e7633f69963ad06cd568 Mon Sep 17 00:00:00 2001 From: Marcin Migdal Date: Wed, 10 Apr 2019 14:46:22 +0200 Subject: Remove deprecated SSL Factory Change-Id: I95f38b12b51cbfa5948acf47fade50b037cc4810 Issue-ID: DCAEGEN2-1361 Signed-off-by: Marcin Migdal --- .../onap/dcaegen2/services/prh/ssl/SslFactory.java | 116 --------------------- .../dcaegen2/services/prh/ssl/SslFactoryTest.java | 62 ----------- 2 files changed, 178 deletions(-) delete mode 100644 prh-commons/src/main/java/org/onap/dcaegen2/services/prh/ssl/SslFactory.java delete mode 100644 prh-commons/src/test/java/org/onap/dcaegen2/services/prh/ssl/SslFactoryTest.java (limited to 'prh-commons') diff --git a/prh-commons/src/main/java/org/onap/dcaegen2/services/prh/ssl/SslFactory.java b/prh-commons/src/main/java/org/onap/dcaegen2/services/prh/ssl/SslFactory.java deleted file mode 100644 index 285b5e73..00000000 --- a/prh-commons/src/main/java/org/onap/dcaegen2/services/prh/ssl/SslFactory.java +++ /dev/null @@ -1,116 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * PNF-REGISTRATION-HANDLER - * ================================================================================ - * Copyright (C) 2018 NOKIA Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.dcaegen2.services.prh.ssl; - -import io.netty.handler.ssl.SslContext; -import io.netty.handler.ssl.SslContextBuilder; -import io.netty.handler.ssl.util.InsecureTrustManagerFactory; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.io.InputStream; -import java.nio.file.Files; -import java.nio.file.Paths; -import java.security.GeneralSecurityException; -import java.security.KeyStore; -import javax.net.ssl.KeyManagerFactory; -import javax.net.ssl.SSLException; -import javax.net.ssl.TrustManagerFactory; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - - -/** - * Please use the one from SDK security - * */ -@Deprecated -public class SslFactory { - - private static final Logger LOGGER = LoggerFactory.getLogger(SslFactory.class); - - /** - * Function for creating secure ssl context. - * - * @param keyStorePath - path to file with keystore - * @param keyStorePasswordPath - path to file with keystore password - * @param trustStorePath - path to file with truststore - * @param trustStorePasswordPath - path to file with truststore password - * @return configured ssl context - */ - public SslContext createSecureContext(String keyStorePath, - String keyStorePasswordPath, - String trustStorePath, - String trustStorePasswordPath) throws SSLException { - LOGGER.info("Creating secure ssl context for: {} {}", keyStorePath, trustStorePath); - try { - return SslContextBuilder - .forClient() - .keyManager(keyManagerFactory(keyStorePath, loadPasswordFromFile(keyStorePasswordPath))) - .trustManager(trustManagerFactory(trustStorePath, loadPasswordFromFile(trustStorePasswordPath))) - .build(); - } catch (GeneralSecurityException | IOException ex) { - throw new SSLException(ex); - } - } - - /** - * Function for creating insecure ssl context. - * - * @return configured insecure ssl context - */ - public SslContext createInsecureContext() throws SSLException { - LOGGER.info("Creating insecure ssl context"); - return SslContextBuilder - .forClient() - .trustManager(InsecureTrustManagerFactory.INSTANCE) - .build(); - } - - private KeyManagerFactory keyManagerFactory(String path, String password) - throws GeneralSecurityException, IOException { - KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); - kmf.init(loadKeyStoreFromFile(path, password), - password.toCharArray()); - return kmf; - } - - private TrustManagerFactory trustManagerFactory(String path, String password) - throws GeneralSecurityException, IOException { - TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); - tmf.init(loadKeyStoreFromFile(path, password)); - return tmf; - } - - private KeyStore loadKeyStoreFromFile(String path, String keyStorePassword) - throws GeneralSecurityException, IOException { - KeyStore ks = KeyStore.getInstance("jks"); - ks.load(getResource(path), keyStorePassword.toCharArray()); - return ks; - } - - private InputStream getResource(String path) throws FileNotFoundException { - return new FileInputStream(path); - } - - private String loadPasswordFromFile(String path) throws IOException { - return new String(Files.readAllBytes(Paths.get(path))); - } -} diff --git a/prh-commons/src/test/java/org/onap/dcaegen2/services/prh/ssl/SslFactoryTest.java b/prh-commons/src/test/java/org/onap/dcaegen2/services/prh/ssl/SslFactoryTest.java deleted file mode 100644 index dbd63911..00000000 --- a/prh-commons/src/test/java/org/onap/dcaegen2/services/prh/ssl/SslFactoryTest.java +++ /dev/null @@ -1,62 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * PNF-REGISTRATION-HANDLER - * ================================================================================ - * Copyright (C) 2018 NOKIA Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.dcaegen2.services.prh.ssl; - -import javax.net.ssl.SSLException; -import org.junit.jupiter.api.Assertions; -import org.junit.jupiter.api.Test; - - -class SslFactoryTest { - - private static final String KEY_STORE = "org.onap.dcae.jks"; - private static final String KEYSTORE_PASSWORD = "keystore.password"; - private static final String TRUSTSTORE_PASSWORD = "truststore.password"; - private static final String TRUST_STORE = "org.onap.dcae.trust.jks"; - private SslFactory sslFactory = new SslFactory(); - - @Test - void shouldCreateInsecureContext() throws SSLException { - Assertions.assertNotNull(sslFactory.createInsecureContext()); - } - - @Test - void shouldCreateSecureContext() throws SSLException { - Assertions.assertNotNull(sslFactory.createSecureContext( - getPath(KEY_STORE), - getPath(KEYSTORE_PASSWORD), - getPath(TRUST_STORE), - getPath(TRUSTSTORE_PASSWORD))); - } - - @Test - void shouldThrowSslExceptionWhenKeystorePasswordIsIncorrect() { - Assertions.assertThrows(SSLException.class, () -> sslFactory.createSecureContext( - getPath(KEY_STORE), - getPath(TRUSTSTORE_PASSWORD), - getPath(TRUST_STORE), - getPath(TRUSTSTORE_PASSWORD))); - } - - private String getPath(String fileName) { - return this.getClass().getClassLoader().getResource(fileName).getPath(); - } -} \ No newline at end of file -- cgit 1.2.3-korg