SSLConfig.java

  1. /*
  2.  * GovWay - A customizable API Gateway 
  3.  * https://govway.org
  4.  * 
  5.  * Copyright (c) 2005-2025 Link.it srl (https://link.it). 
  6.  * 
  7.  * This program is free software: you can redistribute it and/or modify
  8.  * it under the terms of the GNU General Public License version 3, as published by
  9.  * the Free Software Foundation.
  10.  *
  11.  * This program is distributed in the hope that it will be useful,
  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14.  * GNU General Public License for more details.
  15.  *
  16.  * You should have received a copy of the GNU General Public License
  17.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18.  *
  19.  */


  22. package org.openspcoop2.utils.transport.http;

  24. import java.io.Serializable;
  25. import java.security.KeyStore;
  26. import java.security.cert.CertStore;
  27. import java.util.Map;

  29. import org.apache.commons.lang.StringUtils;
  30. import org.openspcoop2.utils.LoggerBuffer;
  31. import org.slf4j.Logger;


  34. /**
  35.  * SSLConfig
  36.  *
  37.  * @author Poli Andrea (apoli@link.it)
  38.  * @author $Author$
  39.  * @version $Rev$, $Date$
  40.  */
  41. public class SSLConfig implements Serializable  {

  43.     /**
  44.      * 
  45.      */
  46.     private static final long serialVersionUID = 1L;
  47.     
  48.     // AUTENTICAZIONE SERVER:
  49.     // TrustAllCerts
  50.     private boolean trustAllCerts = false;
  51.     // TrustStore
  52.     private transient KeyStore trustStore;
  53.     private transient boolean trustStoreHsm;
  54.     // Path del trustStore che contiene il certificato del server.
  55.     private String trustStoreLocation;
  56.     // Password del trustStore che contiene il certificato del server.
  57.     private String trustStorePassword;
  58.     // the standard name of the requested trust management algorithm
  59.     private String trustManagementAlgorithm;
  60.     // tipo del truststore
  61.     private String trustStoreType;
  62.     // CRLs
  63.     private String trustStoreCRLsLocation;
  64.     // CertStore
  65.     private transient CertStore trustStoreCRLs;
  66.     // OCSP Policy
  67.     private String trustStoreOCSPPolicy;
  68.     
  69.     
  70.     // AUTENTICAZIONE CLIENT:
  71.     // KeyStore
  72.     private transient KeyStore keyStore;
  73.     private transient boolean keyStoreHsm;
  74.     // Path del keyStore che contiene il certificato del client e la chiave privata del client.
  75.     private String keyStoreLocation;
  76.     // Password del keyStore che contiene il certificato del client
  77.     private String keyStorePassword;
  78.     // Alias della chiave privata
  79.     private String keyAlias;
  80.     // Password della chiave privata
  81.     private String keyPassword;
  82.     // the standard name of the requested key management algorithm
  83.     private String keyManagementAlgorithm;
  84.     // tipo del keystore
  85.     private String keyStoreType;
  86.     // BYOK Policy
  87.     private String keyStoreBYOKPolicy;

  89.     // HostName verifier
  90.     private boolean hostnameVerifier = true;
  91.     // Eventuale classe da utilizzare per effettuare hostnameVerifier al posto di quella di default
  92.     private String classNameHostnameVerifier;
  93.     
  94.     // TipologiaSSL
  95.     private String sslType= null;
  96.     
  97.     // Use Secure Random
  98.     private boolean secureRandomSet = false;
  99.     private boolean secureRandom = false;
  100.     private String secureRandomAlgorithm = null;
  101.     
  102.     // Utilities
  103.     private StringBuilder sbError;
  104.     private StringBuilder sbDebug;
  105.     private transient Logger logger;
  106.     
  107.     // Dynamic Map
  108.     private Map<String,Object> dynamicMap;
  109.     
  110.     @Override
  111.     public String toString() {
  112.         return this.toString(false);
  113.     }
  114.     public String toString(boolean includePassword) {
  115.         StringBuilder sb = new StringBuilder();
  116.         
  117.         sb.append("sslType=").append(this.sslType);
  118.         sb.append(" ");
  119.         
  120.         sb.append("secureRandom=").append(this.secureRandom);
  121.         sb.append(" ");
  122.         if(this.secureRandomAlgorithm!=null) {
  123.             sb.append("secureRandomAlgorithm=").append(this.secureRandomAlgorithm);
  124.             sb.append(" ");
  125.         }
  126.         
  127.         sb.append("hostnameVerifier=").append(this.hostnameVerifier);
  128.         sb.append(" ");
  129.         if(this.classNameHostnameVerifier!=null) {
  130.             sb.append("classNameHostnameVerifier=").append(this.classNameHostnameVerifier);
  131.             sb.append(" ");
  132.         }
  133.         
  134.         sb.append("trustAllCerts=").append(this.trustAllCerts);
  135.         sb.append(" ");
  136.         if(!this.trustAllCerts) {
  137.             sb.append("trustStoreLocation=").append(this.trustStoreLocation);
  138.             sb.append(" ");
  139.             sb.append("trustStoreType=").append(this.trustStoreType);
  140.             sb.append(" ");
  141.             sb.append("trustStorePassword=").append(includePassword? this.trustStorePassword : hidePassword(this.trustStorePassword) );
  142.             sb.append(" ");
  143.             sb.append("trustManagementAlgorithm=").append(this.trustManagementAlgorithm);
  144.             sb.append(" ");
  145.             sb.append("trustStoreCRLsLocation=").append(this.trustStoreCRLsLocation);
  146.             sb.append(" ");
  147.             sb.append("trustStoreOCSPPolicy=").append(this.trustStoreOCSPPolicy);
  148.             sb.append(" ");
  149.         }
  150.         else if(this.trustStoreOCSPPolicy!=null && StringUtils.isNotEmpty(this.trustStoreOCSPPolicy)){
  151.             sb.append("trustStoreCRLsLocation=").append(this.trustStoreCRLsLocation);
  152.             sb.append(" ");
  153.             sb.append("trustStoreOCSPPolicy=").append(this.trustStoreOCSPPolicy);
  154.             sb.append(" ");
  155.         }
  156.         
  157.         if(this.keyStoreLocation!=null) {
  158.             sb.append("keyStoreLocation=").append(this.keyStoreLocation);
  159.             sb.append(" ");
  160.             sb.append("keyStoreType=").append(this.keyStoreType);
  161.             sb.append(" ");
  162.             sb.append("keyStorePassword=").append(includePassword? this.keyStorePassword : hidePassword(this.keyStorePassword) );
  163.             sb.append(" ");
  164.             sb.append("keyStoreBYOKPolicy=").append(this.keyStoreBYOKPolicy);
  165.             sb.append(" ");
  166.             sb.append("keyAlias=").append(this.keyAlias);
  167.             sb.append(" ");
  168.             sb.append("keyPassword=").append(includePassword? this.keyPassword : hidePassword(this.keyPassword) );
  169.             sb.append(" ");
  170.             sb.append("keyManagementAlgorithm=").append(this.keyManagementAlgorithm);
  171.             sb.append(" ");
  172.         }
  173.         else {
  174.             sb.append("keyStore=disabled");
  175.             sb.append(" ");
  176.         }
  177.         
  178.         return sb.toString();
  179.     }
  180.     private String hidePassword(String value) {
  181.         return (value!=null) ? "***" : "unset" ;
  182.     }

  184.     public boolean isTrustAllCerts() {
  185.         return this.trustAllCerts;
  186.     }

  188.     public void setTrustAllCerts(boolean trustAllCerts) {
  189.         this.trustAllCerts = trustAllCerts;
  190.     }
  191.     
  192.     public KeyStore getTrustStore() {
  193.         return this.trustStore;
  194.     }
  195.     public boolean isTrustStoreHsm() {
  196.         return this.trustStoreHsm;
  197.     }

  199.     public void setTrustStore(KeyStore trustStore) {
  200.         this.setTrustStore(trustStore, false);
  201.     }
  202.     public void setTrustStore(KeyStore trustStore, boolean hsm) {
  203.         this.trustStore = trustStore;
  204.         this.trustStoreHsm = hsm;
  205.     }

  207.     public KeyStore getKeyStore() {
  208.         return this.keyStore;
  209.     }
  210.     public boolean isKeyStoreHsm() {
  211.         return this.keyStoreHsm;
  212.     }

  214.     public void setKeyStore(KeyStore keyStore) {
  215.         this.setKeyStore(keyStore, false);
  216.     }
  217.     public void setKeyStore(KeyStore keyStore, boolean hsm) {
  218.         this.keyStore = keyStore;
  219.         this.keyStoreHsm = hsm;
  220.     }
  221.     
  222.     public String getTrustStoreLocation() {
  223.         return this.trustStoreLocation;
  224.     }

  226.     public void setTrustStoreLocation(String trustStoreLocation) {
  227.         this.trustStoreLocation = trustStoreLocation;
  228.     }

  230.     public String getTrustStorePassword() {
  231.         return this.trustStorePassword;
  232.     }

  234.     public void setTrustStorePassword(String trustStorePassword) {
  235.         this.trustStorePassword = trustStorePassword;
  236.     }

  238.     public String getTrustManagementAlgorithm() {
  239.         return this.trustManagementAlgorithm;
  240.     }

  242.     public void setTrustManagementAlgorithm(String trustManagementAlgorithm) {
  243.         this.trustManagementAlgorithm = trustManagementAlgorithm;
  244.     }

  246.     public String getTrustStoreType() {
  247.         return this.trustStoreType;
  248.     }

  250.     public void setTrustStoreType(String trustStoreType) {
  251.         this.trustStoreType = trustStoreType;
  252.     }
  253.     
  254.     public String getTrustStoreCRLsLocation() {
  255.         return this.trustStoreCRLsLocation;
  256.     }

  258.     public void setTrustStoreCRLsLocation(String trustStoreCRLsLocation) {
  259.         this.trustStoreCRLsLocation = trustStoreCRLsLocation;
  260.     }

  262.     public CertStore getTrustStoreCRLs() {
  263.         return this.trustStoreCRLs;
  264.     }

  266.     public void setTrustStoreCRLs(CertStore trustStoreCRLs) {
  267.         this.trustStoreCRLs = trustStoreCRLs;
  268.     }

  270.     public String getTrustStoreOCSPPolicy() {
  271.         return this.trustStoreOCSPPolicy;
  272.     }
  273.     public void setTrustStoreOCSPPolicy(String trustStoreOCSPPolicy) {
  274.         this.trustStoreOCSPPolicy = trustStoreOCSPPolicy;
  275.     }
  276.     
  277.     public String getKeyStoreLocation() {
  278.         return this.keyStoreLocation;
  279.     }

  281.     public void setKeyStoreLocation(String keyStoreLocation) {
  282.         this.keyStoreLocation = keyStoreLocation;
  283.     }

  285.     public String getKeyStorePassword() {
  286.         return this.keyStorePassword;
  287.     }

  289.     public void setKeyStorePassword(String keyStorePassword) {
  290.         this.keyStorePassword = keyStorePassword;
  291.     }

  293.     public String getKeyAlias() {
  294.         return this.keyAlias;
  295.     }

  297.     public void setKeyAlias(String keyAlias) {
  298.         this.keyAlias = keyAlias;
  299.     }
  300.     
  301.     public String getKeyPassword() {
  302.         return this.keyPassword;
  303.     }

  305.     public void setKeyPassword(String keyPassword) {
  306.         this.keyPassword = keyPassword;
  307.     }

  309.     public String getKeyManagementAlgorithm() {
  310.         return this.keyManagementAlgorithm;
  311.     }

  313.     public void setKeyManagementAlgorithm(String keyManagementAlgorithm) {
  314.         this.keyManagementAlgorithm = keyManagementAlgorithm;
  315.     }

  317.     public String getKeyStoreType() {
  318.         return this.keyStoreType;
  319.     }

  321.     public void setKeyStoreType(String keyStoreType) {
  322.         this.keyStoreType = keyStoreType;
  323.     }

  325.     public String getKeyStoreBYOKPolicy() {
  326.         return this.keyStoreBYOKPolicy;
  327.     }
  328.     
  329.     public void setKeyStoreBYOKPolicy(String keyStoreBYOKPolicy) {
  330.         this.keyStoreBYOKPolicy = keyStoreBYOKPolicy;
  331.     }
  332.     
  333.     public boolean isHostnameVerifier() {
  334.         return this.hostnameVerifier;
  335.     }

  337.     public void setHostnameVerifier(boolean hostnameVerifier) {
  338.         this.hostnameVerifier = hostnameVerifier;
  339.     }

  341.     public String getClassNameHostnameVerifier() {
  342.         return this.classNameHostnameVerifier;
  343.     }

  345.     public void setClassNameHostnameVerifier(String classNameHostnameVerifier) {
  346.         this.classNameHostnameVerifier = classNameHostnameVerifier;
  347.     }

  349.     public String getSslType() {
  350.         return this.sslType;
  351.     }

  353.     public void setSslType(String sslType) {
  354.         this.sslType = sslType;
  355.     }
  356.     
  357.     public boolean isSecureRandom() {
  358.         return this.secureRandom;
  359.     }

  361.     public void setSecureRandom(boolean secureRandom) {
  362.         this.secureRandom = secureRandom;
  363.         this.secureRandomSet = true;
  364.     }

  366.     public boolean isSecureRandomSet() {
  367.         return this.secureRandomSet;
  368.     }

  370.     public String getSecureRandomAlgorithm() {
  371.         return this.secureRandomAlgorithm;
  372.     }

  374.     public void setSecureRandomAlgorithm(String secureRandomAlgorithm) {
  375.         this.secureRandomAlgorithm = secureRandomAlgorithm;
  376.     }
  377.     
  378.     public StringBuilder getSbError() {
  379.         return this.sbError;
  380.     }

  382.     public void setSbError(StringBuilder sbError) {
  383.         this.sbError = sbError;
  384.     }

  386.     public StringBuilder getSbDebug() {
  387.         return this.sbDebug;
  388.     }

  390.     public void setSbDebug(StringBuilder sbDebug) {
  391.         this.sbDebug = sbDebug;
  392.     }
  393.     
  394.     public void setLogger(Logger logger) {
  395.         this.logger = logger;
  396.     }
  397.     
  398.     public LoggerBuffer getLoggerBuffer() {
  399.         LoggerBuffer lb = new LoggerBuffer();
  400.         lb.setSbDebug(this.sbDebug);
  401.         lb.setSbError(this.sbError);
  402.         lb.setLogErrorInDebug(true);
  403.         return lb;
  404.     }
  405.     public LoggerBuffer getLog4jBuffer() {
  406.         LoggerBuffer lb = new LoggerBuffer();
  407.         lb.setLogError(this.logger);
  408.         if(this.sbDebug!=null) {
  409.             lb.setLogDebug(this.logger);
  410.         }
  411.         return lb;
  412.     }
  413.     
  414.     public Map<String, Object> getDynamicMap() {
  415.         return this.dynamicMap;
  416.     }
  417.     public void setDynamicMap(Map<String, Object> dynamicMap) {
  418.         this.dynamicMap = dynamicMap;
  419.     }
  420. }
Created with JaCoCo 0.8.8.202204050719