diff options
Diffstat (limited to 'src/main/java/org/onap/pnfsimulator/simulator/client/utils')
7 files changed, 0 insertions, 368 deletions
diff --git a/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/CertAuthSslContextFactory.java b/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/CertAuthSslContextFactory.java deleted file mode 100644 index 72af9e5..0000000 --- a/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/CertAuthSslContextFactory.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * PNF-REGISTRATION-HANDLER - * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.pnfsimulator.simulator.client.utils.ssl; - -import java.io.IOException; -import java.security.GeneralSecurityException; -import java.security.KeyStore; -import javax.net.ssl.SSLContext; -import org.apache.http.conn.ssl.TrustSelfSignedStrategy; -import org.apache.http.ssl.SSLContexts; - -class CertAuthSslContextFactory { - - private final CertificateReader certificateReader; - - CertAuthSslContextFactory(CertificateReader certificateReader) { - this.certificateReader = certificateReader; - } - - SSLContext createSslContext(SslAuthenticationHelper sslAuthenticationHelper) - throws GeneralSecurityException, IOException { - final String keystorePasswordPath = sslAuthenticationHelper.getClientCertificatePasswordPath(); - - final KeyStore keystore = certificateReader.read(sslAuthenticationHelper.getClientCertificatePath(), - keystorePasswordPath, "PKCS12"); - final KeyStore truststore = certificateReader.read(sslAuthenticationHelper.getTrustStorePath(), - sslAuthenticationHelper.getTrustStorePasswordPath(), "JKS"); - - return SSLContexts.custom() - .loadKeyMaterial(keystore, certificateReader.readPassword(keystorePasswordPath)) - .loadTrustMaterial(truststore, new TrustSelfSignedStrategy()) - .build(); - } - -} diff --git a/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/CertificateReader.java b/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/CertificateReader.java deleted file mode 100644 index a42114b..0000000 --- a/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/CertificateReader.java +++ /dev/null @@ -1,46 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * PNF-REGISTRATION-HANDLER - * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.pnfsimulator.simulator.client.utils.ssl; - -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.nio.file.Files; -import java.nio.file.Path; -import java.security.GeneralSecurityException; -import java.security.KeyStore; - -class CertificateReader { - - KeyStore read(String certificatePath, String passwordPath, String type) throws GeneralSecurityException, IOException { - try (InputStream keyStoreStream = new FileInputStream(certificatePath)) { - KeyStore keyStore = KeyStore.getInstance(type); - keyStore.load(keyStoreStream, readPassword(passwordPath)); - return keyStore; - } - } - - char[] readPassword(String passwordPath) throws IOException { - final String password = Files.readString(Path.of(passwordPath)); - return PasswordConverter.convert(password); - } - -} diff --git a/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/HttpClientFactory.java b/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/HttpClientFactory.java deleted file mode 100644 index ca57a64..0000000 --- a/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/HttpClientFactory.java +++ /dev/null @@ -1,104 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * PNF-REGISTRATION-HANDLER - * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.pnfsimulator.simulator.client.utils.ssl; - -import io.vavr.control.Try; -import org.apache.http.client.HttpClient; -import org.apache.http.client.config.RequestConfig; -import org.apache.http.conn.ssl.DefaultHostnameVerifier; -import org.apache.http.conn.ssl.NoopHostnameVerifier; -import org.apache.http.impl.client.HttpClientBuilder; -import org.apache.http.impl.client.HttpClients; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.net.ssl.HostnameVerifier; -import javax.net.ssl.SSLContext; -import java.io.IOException; -import java.net.URL; -import java.security.GeneralSecurityException; -import java.security.KeyManagementException; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; - -class HttpClientFactory { - private static final int CONNECTION_TIMEOUT = 1000; - private static final RequestConfig CONFIG = RequestConfig.custom() - .setConnectTimeout(CONNECTION_TIMEOUT) - .setConnectionRequestTimeout(CONNECTION_TIMEOUT) - .setSocketTimeout(CONNECTION_TIMEOUT) - .build(); - private static final Logger LOGGER = LoggerFactory.getLogger(HttpClientFactory.class); - private final SSLContextFactory sslContextFactory; - - HttpClientFactory(SSLContextFactory sslContextFactory) { - this.sslContextFactory = sslContextFactory; - } - - HttpClient create(String url, SslAuthenticationHelper sslAuthenticationHelper) throws GeneralSecurityException, IOException { - HttpClient client; - if (!sslAuthenticationHelper.isClientCertificateEnabled()) { - client = "https".equals(new URL(url).getProtocol()) ? createForHttps() : createBasic(); - } else if (sslAuthenticationHelper.isStrictHostnameVerification()) { - client = createSecured(sslContextFactory.create(sslAuthenticationHelper), new DefaultHostnameVerifier()); - } else { - client = createSecured(sslContextFactory.create(sslAuthenticationHelper), new NoopHostnameVerifier()); - } - return client; - } - - private HttpClient createForHttps() { - return Try.of(this::createSecuredTrustAlways) - .onFailure(this::logErrorMessage) - .getOrElse(createBasic()); - } - - private void logErrorMessage(Throwable e) { - String message = String.format( - "Could not initialize client due to SSL exception: %s. " + - "Default client without SSL support will be used instead." + - "\nCause: %s", - e.getMessage(), - e.getCause() - ); - LOGGER.error(message, e); - } - - - private HttpClient createBasic() { - return HttpClientBuilder - .create() - .setDefaultRequestConfig(CONFIG) - .build(); - } - - private HttpClient createSecuredTrustAlways() throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException { - return createSecured(sslContextFactory.createTrustAlways(), new NoopHostnameVerifier()); - } - - private HttpClient createSecured(SSLContext trustAlways, HostnameVerifier hostnameVerifier) { - return HttpClients.custom() - .setSSLContext(trustAlways) - .setDefaultRequestConfig(CONFIG) - .setSSLHostnameVerifier(hostnameVerifier) - .build(); - } -} diff --git a/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/HttpClientFactoryFacade.java b/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/HttpClientFactoryFacade.java deleted file mode 100644 index dffd635..0000000 --- a/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/HttpClientFactoryFacade.java +++ /dev/null @@ -1,40 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * PNF-REGISTRATION-HANDLER - * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.pnfsimulator.simulator.client.utils.ssl; - -import java.io.IOException; -import java.security.GeneralSecurityException; -import org.apache.http.client.HttpClient; - -public class HttpClientFactoryFacade { - - private HttpClientFactoryFacade() { - } - - private static final CertificateReader CERTIFICATE_READER = new CertificateReader(); - private static final CertAuthSslContextFactory CERT_AUTH_SSL_CONTEXT_FACTORY = new CertAuthSslContextFactory(CERTIFICATE_READER); - private static final SSLContextFactory SSL_CONTEXT_FACTORY = new SSLContextFactory(CERT_AUTH_SSL_CONTEXT_FACTORY); - private static final HttpClientFactory HTTP_CLIENT_FACTORY = new HttpClientFactory(SSL_CONTEXT_FACTORY); - - public static HttpClient create(String url, SslAuthenticationHelper sslAuthenticationHelper) throws GeneralSecurityException, IOException { - return HTTP_CLIENT_FACTORY.create(url, sslAuthenticationHelper); - } -} diff --git a/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/PasswordConverter.java b/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/PasswordConverter.java deleted file mode 100644 index 7a645ae..0000000 --- a/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/PasswordConverter.java +++ /dev/null @@ -1,32 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * PNF-REGISTRATION-HANDLER - * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.pnfsimulator.simulator.client.utils.ssl; - -import java.util.Optional; - -class PasswordConverter { - private PasswordConverter() { - } - - static char[] convert(String password) { - return Optional.ofNullable(password).map(String::toCharArray).orElse(null); - } -} diff --git a/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/SSLContextFactory.java b/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/SSLContextFactory.java deleted file mode 100644 index b8dfe6f..0000000 --- a/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/SSLContextFactory.java +++ /dev/null @@ -1,48 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * PNF-REGISTRATION-HANDLER - * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.onap.pnfsimulator.simulator.client.utils.ssl; - -import java.io.IOException; -import java.security.GeneralSecurityException; -import java.security.KeyManagementException; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import javax.net.ssl.SSLContext; -import org.apache.http.conn.ssl.TrustAllStrategy; -import org.apache.http.conn.ssl.TrustStrategy; -import org.apache.http.ssl.SSLContextBuilder; - -class SSLContextFactory { - private static final TrustStrategy TRUST_STRATEGY_ALWAYS = new TrustAllStrategy(); - - private final CertAuthSslContextFactory certAuthSslContextFactory; - - SSLContextFactory(CertAuthSslContextFactory certAuthSslContextFactory) { - this.certAuthSslContextFactory = certAuthSslContextFactory; - } - SSLContext create(SslAuthenticationHelper sslAuthenticationHelper) throws GeneralSecurityException, IOException { - return certAuthSslContextFactory.createSslContext(sslAuthenticationHelper); - } - - SSLContext createTrustAlways() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException { - return SSLContextBuilder.create().loadTrustMaterial(TRUST_STRATEGY_ALWAYS).build(); - } - -} diff --git a/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/SslAuthenticationHelper.java b/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/SslAuthenticationHelper.java deleted file mode 100644 index 271ad93..0000000 --- a/src/main/java/org/onap/pnfsimulator/simulator/client/utils/ssl/SslAuthenticationHelper.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * ============LICENSE_START======================================================= - * PNF-REGISTRATION-HANDLER - * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.onap.pnfsimulator.simulator.client.utils.ssl; - -import java.io.Serializable; - -import lombok.Getter; -import lombok.Setter; -import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.cloud.context.config.annotation.RefreshScope; -import org.springframework.context.annotation.Primary; -import org.springframework.stereotype.Component; - -@Component -@ConfigurationProperties(prefix = "ssl") -@RefreshScope -@Primary -@Getter -@Setter -public class SslAuthenticationHelper implements Serializable { - - private boolean clientCertificateEnabled; - private boolean strictHostnameVerification; - private String clientCertificatePath; - private String clientCertificatePasswordPath; - private String trustStorePath; - private String trustStorePasswordPath; -} |