Examples with TlsOptions tech.pegasys.web3signer.core.config.TlsOptions used on opensource projects

Search in sources :

Example 1 with TlsOptions

use of tech.pegasys.web3signer.core.config.TlsOptions in project web3signer by ConsenSys.

the class CmdLineParamsConfigFileImpl method createServerTlsArgs.

private String createServerTlsArgs() {
    final StringBuilder yamlConfig = new StringBuilder();
    if (signerConfig.getServerTlsOptions().isPresent()) {
        final TlsOptions serverTlsOptions = signerConfig.getServerTlsOptions().get();
        yamlConfig.append(String.format(YAML_STRING_FMT, "tls-keystore-file", serverTlsOptions.getKeyStoreFile().toString()));
        yamlConfig.append(String.format(YAML_STRING_FMT, "tls-keystore-password-file", serverTlsOptions.getKeyStorePasswordFile().toString()));
        if (serverTlsOptions.getClientAuthConstraints().isEmpty()) {
            yamlConfig.append(String.format(YAML_BOOLEAN_FMT, "tls-allow-any-client", Boolean.TRUE));
        } else {
            final ClientAuthConstraints constraints = serverTlsOptions.getClientAuthConstraints().get();
            if (constraints.getKnownClientsFile().isPresent()) {
                yamlConfig.append(String.format(YAML_STRING_FMT, "tls-known-clients-file", constraints.getKnownClientsFile().get().toString()));
            }
            if (constraints.isCaAuthorizedClientAllowed()) {
                yamlConfig.append(String.format(YAML_BOOLEAN_FMT, "tls-allow-ca-clients", Boolean.TRUE));
            }
        }
    }
    return yamlConfig.toString();
}
Also used : ClientAuthConstraints(tech.pegasys.web3signer.core.config.ClientAuthConstraints) TlsOptions(tech.pegasys.web3signer.core.config.TlsOptions)

Example 2 with TlsOptions

use of tech.pegasys.web3signer.core.config.TlsOptions in project web3signer by ConsenSys.

the class CmdLineParamsDefaultImpl method createServerTlsArgs.

private Collection<? extends String> createServerTlsArgs() {
    final List<String> params = Lists.newArrayList();
    if (signerConfig.getServerTlsOptions().isPresent()) {
        final TlsOptions serverTlsOptions = signerConfig.getServerTlsOptions().get();
        params.add("--tls-keystore-file");
        params.add(serverTlsOptions.getKeyStoreFile().toString());
        params.add("--tls-keystore-password-file");
        params.add(serverTlsOptions.getKeyStorePasswordFile().toString());
        if (serverTlsOptions.getClientAuthConstraints().isEmpty()) {
            params.add("--tls-allow-any-client=true");
        } else {
            final ClientAuthConstraints constraints = serverTlsOptions.getClientAuthConstraints().get();
            if (constraints.getKnownClientsFile().isPresent()) {
                params.add("--tls-known-clients-file");
                params.add(constraints.getKnownClientsFile().get().toString());
            }
            if (constraints.isCaAuthorizedClientAllowed()) {
                params.add("--tls-allow-ca-clients=true");
            }
        }
    }
    return params;
}
Also used : ClientAuthConstraints(tech.pegasys.web3signer.core.config.ClientAuthConstraints) TlsOptions(tech.pegasys.web3signer.core.config.TlsOptions)

Example 3 with TlsOptions

use of tech.pegasys.web3signer.core.config.TlsOptions in project web3signer by ConsenSys.

the class ServerSideTlsCaClientAcceptanceTest method createSigner.

private Signer createSigner(final TlsCertificateDefinition certInCa, final Path testDir, final boolean useConfigFile) throws Exception {
    final Path passwordPath = testDir.resolve("keystore.passwd");
    writeString(passwordPath, serverCert.getPassword());
    final TlsOptions serverOptions = new BasicTlsOptions(serverCert.getPkcs12File(), passwordPath.toFile(), Optional.of(BasicClientAuthConstraints.caOnly()));
    final SignerConfigurationBuilder configBuilder = new SignerConfigurationBuilder().withServerTlsOptions(serverOptions).withOverriddenCA(certInCa).withUseConfigFile(useConfigFile).withMode("eth2");
    final ClientTlsConfig clientTlsConfig = new ClientTlsConfig(serverCert, clientCert);
    return new Signer(configBuilder.build(), clientTlsConfig);
}
Also used : Path(java.nio.file.Path) ClientTlsConfig(tech.pegasys.web3signer.dsl.tls.ClientTlsConfig) Signer(tech.pegasys.web3signer.dsl.signer.Signer) BasicTlsOptions(tech.pegasys.web3signer.dsl.tls.BasicTlsOptions) SignerConfigurationBuilder(tech.pegasys.web3signer.dsl.signer.SignerConfigurationBuilder) BasicTlsOptions(tech.pegasys.web3signer.dsl.tls.BasicTlsOptions) TlsOptions(tech.pegasys.web3signer.core.config.TlsOptions)

Example 4 with TlsOptions

use of tech.pegasys.web3signer.core.config.TlsOptions in project web3signer by ConsenSys.

the class Runner method applyConfigTlsSettingsTo.

private HttpServerOptions applyConfigTlsSettingsTo(final HttpServerOptions input) {
    if (config.getTlsOptions().isEmpty()) {
        return input;
    }
    HttpServerOptions result = new HttpServerOptions(input);
    result.setSsl(true);
    final TlsOptions tlsConfig = config.getTlsOptions().get();
    result = applyTlsKeyStore(result, tlsConfig);
    if (tlsConfig.getClientAuthConstraints().isPresent()) {
        result = applyClientAuthentication(result, tlsConfig.getClientAuthConstraints().get());
    }
    return result;
}
Also used : HttpServerOptions(io.vertx.core.http.HttpServerOptions) TlsOptions(tech.pegasys.web3signer.core.config.TlsOptions)

Example 5 with TlsOptions

use of tech.pegasys.web3signer.core.config.TlsOptions in project web3signer by ConsenSys.

the class ServerSideTlsAcceptanceTest method createTlsSigner.

private Signer createTlsSigner(final TlsCertificateDefinition serverPresentedCerts, final TlsCertificateDefinition clientExpectedCert, final TlsCertificateDefinition clientCertInServerWhitelist, final TlsCertificateDefinition clientToPresent, final int fixedListenPort, final boolean useConfigFile) {
    try {
        final SignerConfigurationBuilder configBuilder = new SignerConfigurationBuilder().withHttpPort(fixedListenPort).withUseConfigFile(useConfigFile).withMode("eth1");
        final ClientAuthConstraints clientAuthConstraints;
        if (clientCertInServerWhitelist != null) {
            final Path fingerPrintFilePath = dataPath.resolve("known_clients");
            populateFingerprintFile(fingerPrintFilePath, clientCertInServerWhitelist, Optional.empty());
            clientAuthConstraints = BasicClientAuthConstraints.fromFile(fingerPrintFilePath.toFile());
        } else {
            clientAuthConstraints = null;
        }
        final Path passwordPath = dataPath.resolve("keystore.passwd");
        if (serverPresentedCerts.getPassword() != null) {
            writeString(passwordPath, serverPresentedCerts.getPassword());
        }
        final TlsOptions serverOptions = new BasicTlsOptions(serverPresentedCerts.getPkcs12File(), passwordPath.toFile(), Optional.ofNullable(clientAuthConstraints));
        configBuilder.withServerTlsOptions(serverOptions);
        final ClientTlsConfig clientTlsConfig;
        if (clientExpectedCert != null) {
            clientTlsConfig = new ClientTlsConfig(clientExpectedCert, clientToPresent);
        } else {
            clientTlsConfig = null;
        }
        return new Signer(configBuilder.build(), clientTlsConfig);
    } catch (final Exception e) {
        fail("Failed to create EthSigner.", e);
        return null;
    }
}
Also used : Path(java.nio.file.Path) ClientTlsConfig(tech.pegasys.web3signer.dsl.tls.ClientTlsConfig) Signer(tech.pegasys.web3signer.dsl.signer.Signer) BasicTlsOptions(tech.pegasys.web3signer.dsl.tls.BasicTlsOptions) ClientAuthConstraints(tech.pegasys.web3signer.core.config.ClientAuthConstraints) BasicClientAuthConstraints(tech.pegasys.web3signer.tests.tls.support.BasicClientAuthConstraints) SignerConfigurationBuilder(tech.pegasys.web3signer.dsl.signer.SignerConfigurationBuilder) BasicTlsOptions(tech.pegasys.web3signer.dsl.tls.BasicTlsOptions) TlsOptions(tech.pegasys.web3signer.core.config.TlsOptions) SSLHandshakeException(javax.net.ssl.SSLHandshakeException) IOException(java.io.IOException)

Aggregations

TlsOptions (tech.pegasys.web3signer.core.config.TlsOptions)6 ClientAuthConstraints (tech.pegasys.web3signer.core.config.ClientAuthConstraints)3 Signer (tech.pegasys.web3signer.dsl.signer.Signer)3 SignerConfigurationBuilder (tech.pegasys.web3signer.dsl.signer.SignerConfigurationBuilder)3 BasicTlsOptions (tech.pegasys.web3signer.dsl.tls.BasicTlsOptions)3 Path (java.nio.file.Path)2 ClientTlsConfig (tech.pegasys.web3signer.dsl.tls.ClientTlsConfig)2 HttpServerOptions (io.vertx.core.http.HttpServerOptions)1 IOException (java.io.IOException)1 SSLHandshakeException (javax.net.ssl.SSLHandshakeException)1 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)1 ValueSource (org.junit.jupiter.params.provider.ValueSource)1 BasicClientAuthConstraints (tech.pegasys.web3signer.tests.tls.support.BasicClientAuthConstraints)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial