Gitiles
Code Review Sign In
gerrit.onosproject.org / onos / 37cf6ba72703aafc3fdf2eadae335a443d146514 / . / protocols / ovsdb / ctl / src / main / java / org / onosproject / ovsdb / controller / impl / TlsParams.java
blob: 1d09e1d21e391f68899355a7dfea6e3aef7badd1 [file] [log] [blame]
debanshur37cf6ba2018-05-08 20:07:30 +0530[diff] [blame^]1/*
2 * Copyright 2015-present Open Networking Foundation
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16package org.onosproject.ovsdb.controller.impl;
17
18import com.google.common.base.MoreObjects;
19import org.slf4j.Logger;
20import org.slf4j.LoggerFactory;
21
22import java.io.File;
23import java.io.FileInputStream;
24import java.io.IOException;
25import java.security.DigestInputStream;
26import java.security.MessageDigest;
27import java.security.NoSuchAlgorithmException;
28import java.util.Arrays;
29import java.util.EnumSet;
30import java.util.Objects;
31
32import static org.onosproject.ovsdb.controller.OvsdbConstant.DEFAULT_KS_FILE;
33import static org.onosproject.ovsdb.controller.OvsdbConstant.DEFAULT_KS_PASSWORD;
34
35/**
36 * TlsParams Class for properties required for configuring OVSDB TLS Connection.
37 */
38public class TlsParams {
39
40 private static final Logger log = LoggerFactory
41 .getLogger(Controller.class);
42
43 /**
44 * Options for Activated / Deactivated TLS Mode.
45 */
46 enum TlsMode {
47 /**
48 * Signifies that TLS is enabled.
49 */
50 ENABLED,
51 /**
52 * Signifies that TLS is disabled.
53 */
54 DISABLED
55 }
56
57 protected static final EnumSet<TlsMode> TLS_ENABLED = EnumSet.of(TlsMode.ENABLED);
58
59 final TlsMode mode;
60 final String ksLocation;
61 final String tsLocation;
62 final String ksPwd;
63 final String tsPwd;
64 final byte[] ksSignature;
65 final byte[] tsSignature;
66
67 /**
68 * Default Constructor.
69 */
70 TlsParams() {
71 this.mode = TlsMode.DISABLED;
72 this.ksLocation = DEFAULT_KS_FILE;
73 this.tsLocation = DEFAULT_KS_FILE;
74 this.ksPwd = DEFAULT_KS_PASSWORD;
75 this.tsPwd = DEFAULT_KS_PASSWORD;
76 this.ksSignature = getSha1Checksum(ksLocation);
77 this.tsSignature = getSha1Checksum(tsLocation);
78 }
79
80 /**
81 * Creates new Tls params.
82 *
83 * @param mode TlsMode
84 * @param ksLocation keyStore Location
85 * @param tsLocation trustStore Location
86 * @param ksPwd keyStore Password
87 * @param tsPwd trustStore Password
88 */
89 TlsParams(TlsMode mode, String ksLocation, String tsLocation,
90 String ksPwd, String tsPwd) {
91 this.mode = mode;
92 this.ksLocation = ksLocation;
93 this.tsLocation = tsLocation;
94 this.ksPwd = ksPwd;
95 this.tsPwd = tsPwd;
96 this.ksSignature = getSha1Checksum(ksLocation);
97 this.tsSignature = getSha1Checksum(tsLocation);
98 }
99
100 /**
101 * Exposes the keyStore password in char[] format.
102 *
103 * @return the keyStorePassword as a char array
104 */
105 public char[] ksPwd() {
106 return ksPwd.toCharArray();
107 }
108
109 /**
110 * Exposes the trustStore password in char[] format.
111 *
112 * @return the trustStorePassword as a char array
113 */
114 public char[] tsPwd() {
115 return tsPwd.toCharArray();
116 }
117
118 /**
119 * Returns whether TLS is enabled or not.
120 *
121 * @return true if TLS is enabled otherwise false
122 */
123 public boolean isTlsEnabled() {
124 return TLS_ENABLED.contains(mode);
125 }
126
127 /**
128 * Returns SHA1 Checksum from a JKS.
129 *
130 * @param filepath JKS FilePath
131 * @return byte[] sha1checksum
132 */
133 public byte[] getSha1Checksum(String filepath) {
134 if (filepath == null) {
135 return new byte[0];
136 }
137 try {
138 MessageDigest digest = MessageDigest.getInstance("SHA1");
139 File f = new File(filepath);
140 FileInputStream is = new FileInputStream(f);
141 DigestInputStream dis = new DigestInputStream(is, digest);
142 byte[] buffer = new byte[1024];
143 while (dis.read(buffer) > 0) {
144 // nothing to do :)
145 }
146 return dis.getMessageDigest().digest();
147 } catch (NoSuchAlgorithmException e) {
148 log.error("Algorithm SHA1 Not found");
149 } catch (IOException e) {
150 log.info("Error reading file file: {}", filepath);
151 }
152 return new byte[0];
153 }
154
155 @Override
156 public int hashCode() {
157 if (mode == TlsMode.DISABLED) {
158 return Objects.hash(mode);
159 }
160 return Objects.hash(mode, ksLocation, tsLocation,
161 ksPwd, tsPwd,
162 Arrays.hashCode(ksSignature),
163 Arrays.hashCode(tsSignature));
164 }
165
166 @Override
167 public boolean equals(Object obj) {
168 if (this == obj) {
169 return true;
170 }
171 if (obj instanceof TlsParams) {
172 final TlsParams that = (TlsParams) obj;
173 if (this.getClass() != that.getClass()) {
174 return false;
175 } else if (this.mode == that.mode && this.mode == TlsMode.DISABLED) {
176 // All disabled objects should be equal regardless of other params
177 return true;
178 }
179 return this.mode == that.mode &&
180 Objects.equals(this.ksLocation, that.ksLocation) &&
181 Objects.equals(this.tsLocation, that.tsLocation) &&
182 Objects.equals(this.ksPwd, that.ksPwd) &&
183 Objects.equals(this.tsPwd, that.tsPwd) &&
184 Arrays.equals(this.ksSignature, that.ksSignature) &&
185 Arrays.equals(this.tsSignature, that.tsSignature);
186 }
187 return false;
188 }
189
190 @Override
191 public String toString() {
192 return MoreObjects.toStringHelper(this)
193 .add("tlsMode", mode.toString().toLowerCase())
194 .add("ksLocation", ksLocation)
195 .add("tsLocation", tsLocation)
196 .toString();
197 }
198}