diff options
author | Harald Musum <musum@yahoo-inc.com> | 2018-01-17 19:45:45 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-01-17 19:45:45 +0100 |
commit | e1a198c29b4f7453f38d6f796626a99ba8f5e3a5 (patch) | |
tree | 403836969d050736403f6512a455198a2c63edad /vespa-athenz | |
parent | 37d6a6f18c8df8ba747f302f6ad7aa35406250ab (diff) |
Revert "Add builder helper for SSLContext in vespa-athenz"
Diffstat (limited to 'vespa-athenz')
-rw-r--r-- | vespa-athenz/pom.xml | 4 | ||||
-rw-r--r-- | vespa-athenz/src/main/java/com/yahoo/vespa/athenz/tls/AthenzSslContextBuilder.java | 125 |
2 files changed, 0 insertions, 129 deletions
diff --git a/vespa-athenz/pom.xml b/vespa-athenz/pom.xml index c3189443e43..5312594472f 100644 --- a/vespa-athenz/pom.xml +++ b/vespa-athenz/pom.xml @@ -140,10 +140,6 @@ <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-compiler-plugin</artifactId> </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-compiler-plugin</artifactId> - </plugin> </plugins> </build> diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/tls/AthenzSslContextBuilder.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/tls/AthenzSslContextBuilder.java deleted file mode 100644 index 513191d7c83..00000000000 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/tls/AthenzSslContextBuilder.java +++ /dev/null @@ -1,125 +0,0 @@ -// Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.athenz.tls; - -import com.yahoo.vespa.athenz.api.AthenzIdentityCertificate; - -import javax.net.ssl.KeyManager; -import javax.net.ssl.KeyManagerFactory; -import javax.net.ssl.SSLContext; -import javax.net.ssl.TrustManager; -import javax.net.ssl.TrustManagerFactory; -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.UncheckedIOException; -import java.security.GeneralSecurityException; -import java.security.KeyStore; -import java.security.NoSuchAlgorithmException; -import java.security.cert.Certificate; - -/** - * @author bjorncs - */ -public class AthenzSslContextBuilder { - - private KeyStoreSupplier trustStoreSupplier; - private KeyStoreSupplier keyStoreSupplier; - private char[] keyStorePassword; - - public AthenzSslContextBuilder() {} - - public AthenzSslContextBuilder withTrustStore(File file, String trustStoreType) { - this.trustStoreSupplier = () -> loadKeyStoreFromFile(file, null, trustStoreType); - return this; - } - - public AthenzSslContextBuilder withTrustStore(KeyStore trustStore) { - this.trustStoreSupplier = () -> trustStore; - return this; - } - - public AthenzSslContextBuilder withIdentityCertificate(AthenzIdentityCertificate certificate) { - char[] pwd = new char[0]; - this.keyStoreSupplier = () -> { - KeyStore keyStore = KeyStore.getInstance("JKS"); - keyStore.load(null); - keyStore.setKeyEntry( - "athenz-identity", certificate.getPrivateKey(), pwd, new Certificate[]{certificate.getCertificate()}); - return keyStore; - }; - this.keyStorePassword = pwd; - return this; - } - - public AthenzSslContextBuilder withKeyStore(KeyStore keyStore, char[] password) { - this.keyStoreSupplier = () -> keyStore; - this.keyStorePassword = password; - return this; - } - - public AthenzSslContextBuilder withKeyStore(File file, char[] password, String keyStoreType) { - this.keyStoreSupplier = () -> loadKeyStoreFromFile(file, password, keyStoreType); - this.keyStorePassword = password; - return this; - } - - public SSLContext build() { - try { - SSLContext sslContext = SSLContext.getInstance("TLSv1.2"); - TrustManager[] trustManagers = - trustStoreSupplier != null ? createTrustManagers(trustStoreSupplier) : getDefaultTrustManagers(); - KeyManager[] keyManagers = - keyStoreSupplier != null ? createKeyManagers(keyStoreSupplier, keyStorePassword) : getDefaultKeyManagers(); - sslContext.init(keyManagers, trustManagers, null); - return sslContext; - } catch (GeneralSecurityException e) { - throw new RuntimeException(e); - } catch (IOException e) { - throw new UncheckedIOException(e); - } - } - - private static TrustManager[] createTrustManagers(KeyStoreSupplier trustStoreSupplier) - throws GeneralSecurityException, IOException { - TrustManagerFactory trustManagerFactory = getTrustManagerFactory(); - trustManagerFactory.init(trustStoreSupplier.get()); - return trustManagerFactory.getTrustManagers(); - } - - private static KeyManager[] createKeyManagers(KeyStoreSupplier keyStoreSupplier, char[] password) - throws GeneralSecurityException, IOException { - KeyManagerFactory keyManagerFactory = getKeyManagerFactory(); - keyManagerFactory.init(keyStoreSupplier.get(), password); - return keyManagerFactory.getKeyManagers(); - } - - private static KeyManager[] getDefaultKeyManagers() throws NoSuchAlgorithmException { - return getKeyManagerFactory().getKeyManagers(); - } - - private static TrustManager[] getDefaultTrustManagers() throws NoSuchAlgorithmException { - return getTrustManagerFactory().getTrustManagers(); - } - - private static KeyManagerFactory getKeyManagerFactory() throws NoSuchAlgorithmException { - return KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); - } - - private static TrustManagerFactory getTrustManagerFactory() throws NoSuchAlgorithmException { - return TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); - } - - private static KeyStore loadKeyStoreFromFile(File file, char[] password, String keyStoreType) - throws IOException, GeneralSecurityException{ - KeyStore keyStore = KeyStore.getInstance(keyStoreType); - try (FileInputStream in = new FileInputStream(file)) { - keyStore.load(in, password); - } - return keyStore; - } - - private interface KeyStoreSupplier { - KeyStore get() throws IOException, GeneralSecurityException; - } - -} |