Refacotered IOT plugins to use own keystore.

revert-dabc3590
harshanl 8 years ago
parent ca4cb37d58
commit b207554bba

@ -0,0 +1,108 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.iot.devicetype.config;
import org.wso2.carbon.device.mgt.iot.devicetype.util.DeviceTypeConfigUtil;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
/**
* Class for holding CertificateKeystore data.
*/
@XmlRootElement(name = "CertificateKeystore")
public class CertificateKeystoreConfig {
private String certificateKeystoreLocation;
private String certificateKeystoreType;
private String certificateKeystorePassword;
private String caCertAlias;
private String caPrivateKeyPassword;
private String raCertAlias;
private String raPrivateKeyPassword;
@XmlElement(name = "CertificateKeystoreLocation", required = true)
public String getCertificateKeystoreLocation() {
return certificateKeystoreLocation;
}
public void setCertificateKeystoreLocation(String certificateKeystoreLocation) {
if (certificateKeystoreLocation != null && certificateKeystoreLocation.toLowerCase().
contains(DeviceTypeConfigUtil.CARBON_HOME_ENTRY)) {
certificateKeystoreLocation = certificateKeystoreLocation.replace(DeviceTypeConfigUtil.CARBON_HOME_ENTRY,
System.getProperty(DeviceTypeConfigUtil.CARBON_HOME));
}
this.certificateKeystoreLocation = certificateKeystoreLocation;
}
@XmlElement(name = "CertificateKeystoreType", required = true)
public String getCertificateKeystoreType() {
return certificateKeystoreType;
}
public void setCertificateKeystoreType(String certificateKeystoreType) {
this.certificateKeystoreType = certificateKeystoreType;
}
@XmlElement(name = "CertificateKeystorePassword", required = true)
public String getCertificateKeystorePassword() {
return certificateKeystorePassword;
}
public void setCertificateKeystorePassword(String certificateKeystorePassword) {
this.certificateKeystorePassword = certificateKeystorePassword;
}
@XmlElement(name = "CACertAlias", required = true)
public String getCACertAlias() {
return caCertAlias;
}
public void setCACertAlias(String caCertAlias) {
this.caCertAlias = caCertAlias;
}
@XmlElement(name = "CAPrivateKeyPassword", required = true)
public String getCAPrivateKeyPassword() {
return caPrivateKeyPassword;
}
public void setCAPrivateKeyPassword(String caPrivateKeyPassword) {
this.caPrivateKeyPassword = caPrivateKeyPassword;
}
@XmlElement(name = "RACertAlias", required = true)
public String getRACertAlias() {
return raCertAlias;
}
public void setRACertAlias(String raCertAlias) {
this.raCertAlias = raCertAlias;
}
@XmlElement(name = "RAPrivateKeyPassword", required = true)
public String getRAPrivateKeyPassword() {
return raPrivateKeyPassword;
}
public void setRAPrivateKeyPassword(String raPrivateKeyPassword) {
this.raPrivateKeyPassword = raPrivateKeyPassword;
}
}

@ -30,6 +30,7 @@ public class DeviceManagementConfiguration {
private DeviceManagementConfigRepository deviceManagementConfigRepository; private DeviceManagementConfigRepository deviceManagementConfigRepository;
private PushNotificationConfig pushNotificationConfig; private PushNotificationConfig pushNotificationConfig;
private String deviceType; private String deviceType;
private CertificateKeystoreConfig certificateKeystoreConfig;
private static final Log log = LogFactory.getLog(DeviceManagementConfiguration.class); private static final Log log = LogFactory.getLog(DeviceManagementConfiguration.class);
@ -63,4 +64,13 @@ public class DeviceManagementConfiguration {
this.pushNotificationConfig = pushNotificationConfig; this.pushNotificationConfig = pushNotificationConfig;
} }
@XmlElement(name = "CertificateKeystore", required = false)
public CertificateKeystoreConfig getCertificateKeystoreConfig() {
return certificateKeystoreConfig;
}
public void setCertificateKeystoreConfig(
CertificateKeystoreConfig certificateKeystoreConfig) {
this.certificateKeystoreConfig = certificateKeystoreConfig;
}
} }

@ -31,6 +31,9 @@ import java.io.File;
public class DeviceTypeConfigUtil { public class DeviceTypeConfigUtil {
public static final String CARBON_HOME = "carbon.home";
public static final String CARBON_HOME_ENTRY = "${carbon.home}";
public static Document convertToDocument(File file) throws DeviceTypeConfigurationException { public static Document convertToDocument(File file) throws DeviceTypeConfigurationException {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true); factory.setNamespaceAware(true);

@ -36,7 +36,7 @@
<module>androidsense-plugin</module> <module>androidsense-plugin</module>
<module>arduino-plugin</module> <module>arduino-plugin</module>
<module>raspberrypi-plugin</module> <module>raspberrypi-plugin</module>
<!--<module>virtual-fire-alarm-plugin</module>--> <module>virtual-fire-alarm-plugin</module>
<module>iot-base-plugin</module> <module>iot-base-plugin</module>
<module>iot-analytics</module> <module>iot-analytics</module>
</modules> </modules>

@ -22,8 +22,11 @@ import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException; import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil; import org.wso2.carbon.device.mgt.iot.devicetype.config.CertificateKeystoreConfig;
import org.wso2.carbon.device.mgt.iot.devicetype.config.DeviceManagementConfiguration;
import org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin.constants.VirtualFireAlarmConstants;
import org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin.exception.VirtualFirealarmDeviceMgtPluginException; import org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin.exception.VirtualFirealarmDeviceMgtPluginException;
import org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin.internal.VirtualFirealarmManagementDataHolder;
import javax.crypto.BadPaddingException; import javax.crypto.BadPaddingException;
import javax.crypto.Cipher; import javax.crypto.Cipher;
@ -46,11 +49,11 @@ import java.security.SignatureException;
import java.security.UnrecoverableKeyException; import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException; import java.security.cert.CertificateException;
public class VirtualFirealarmSecurityManager { public class VirtualFirealarmSecurityManager {
private static final Log log = LogFactory.getLog(VirtualFirealarmSecurityManager.class); private static final Log log = LogFactory.getLog(VirtualFirealarmSecurityManager.class);
private static PrivateKey serverPrivateKey; private static PrivateKey serverPrivateKey;
private static CertificateKeystoreConfig certificateKeystoreConfig;
private static final String SIGNATURE_ALG = "SHA1withRSA"; private static final String SIGNATURE_ALG = "SHA1withRSA";
private static final String CIPHER_PADDING = "RSA/ECB/PKCS1Padding"; private static final String CIPHER_PADDING = "RSA/ECB/PKCS1Padding";
@ -58,26 +61,34 @@ public class VirtualFirealarmSecurityManager {
} }
private static CertificateKeystoreConfig getCertKeyStoreConfig() {
if (certificateKeystoreConfig == null) {
DeviceManagementConfiguration deviceManagementConfiguration = VirtualFirealarmManagementDataHolder.getInstance().
getDeviceTypeConfigService().getConfiguration(
VirtualFireAlarmConstants.DEVICE_TYPE,
VirtualFireAlarmConstants.DEVICE_TYPE_PROVIDER_DOMAIN);
certificateKeystoreConfig = deviceManagementConfiguration.getCertificateKeystoreConfig();
}
return certificateKeystoreConfig;
}
public static void initVerificationManager() { public static void initVerificationManager() {
serverPrivateKey = retrievePrivateKey(ConfigurationUtil.CA_CERT_ALIAS, serverPrivateKey = retrievePrivateKey();
ConfigurationUtil.KEYSTORE_CA_CERT_PRIV_PASSWORD);
} }
public static PrivateKey retrievePrivateKey(String alias, String password){ public static PrivateKey retrievePrivateKey() {
PrivateKey privateKey = null; PrivateKey privateKey = null;
InputStream inputStream = null; InputStream inputStream = null;
KeyStore keyStore; KeyStore keyStore;
CertificateKeystoreConfig certificateKeystoreConfig = getCertKeyStoreConfig();
try { try {
keyStore = KeyStore.getInstance(ConfigurationUtil.getConfigEntry(ConfigurationUtil.CERTIFICATE_KEYSTORE)); keyStore = KeyStore.getInstance(certificateKeystoreConfig.getCertificateKeystoreType());
inputStream = new FileInputStream(ConfigurationUtil.getConfigEntry( inputStream = new FileInputStream(certificateKeystoreConfig.getCertificateKeystoreLocation());
ConfigurationUtil.PATH_CERTIFICATE_KEYSTORE));
keyStore.load(inputStream, ConfigurationUtil.getConfigEntry(ConfigurationUtil.CERTIFICATE_KEYSTORE_PASSWORD) keyStore.load(inputStream, certificateKeystoreConfig.getCertificateKeystorePassword().toCharArray());
.toCharArray());
privateKey = (PrivateKey) (keyStore.getKey(ConfigurationUtil.getConfigEntry(alias), privateKey = (PrivateKey) (keyStore.getKey(certificateKeystoreConfig.getCACertAlias(),
ConfigurationUtil.getConfigEntry(password).toCharArray())); certificateKeystoreConfig.getCAPrivateKeyPassword().toCharArray()));
} catch (KeyStoreException e) { } catch (KeyStoreException e) {
String errorMsg = "Could not load KeyStore of given type in [certificate-config.xml] file." ; String errorMsg = "Could not load KeyStore of given type in [certificate-config.xml] file." ;
@ -94,9 +105,6 @@ public class VirtualFirealarmSecurityManager {
} catch (IOException e) { } catch (IOException e) {
String errorMsg = "Input output issue occurred when loading KeyStore"; String errorMsg = "Input output issue occurred when loading KeyStore";
log.error(errorMsg, e); log.error(errorMsg, e);
} catch (KeystoreException e) {
String errorMsg = "An error occurred whilst trying load Configs for KeyStoreReader";
log.error(errorMsg, e);
} catch (UnrecoverableKeyException e) { } catch (UnrecoverableKeyException e) {
String errorMsg = "Key is unrecoverable when retrieving CA private key"; String errorMsg = "Key is unrecoverable when retrieving CA private key";
log.error(errorMsg, e); log.error(errorMsg, e);

@ -43,4 +43,20 @@
<Property Name="clearSession">true</Property> <Property Name="clearSession">true</Property>
</Properties> </Properties>
</PushNotificationConfiguration> </PushNotificationConfiguration>
<CertificateKeystore>
<!-- Certificate Keystore file location-->
<CertificateKeystoreLocation>${carbon.home}/repository/resources/security/wso2certs.jks</CertificateKeystoreLocation>
<!-- Certificate Keystore type (JKS/PKCS12 etc.)-->
<CertificateKeystoreType>JKS</CertificateKeystoreType>
<!-- Certificate Keystore password-->
<CertificateKeystorePassword>wso2carbon</CertificateKeystorePassword>
<!-- Certificate authority certificate alias -->
<CACertAlias>cacert</CACertAlias>
<!-- Certificate authority private key password -->
<CAPrivateKeyPassword>cacert</CAPrivateKeyPassword>
<!-- Registration authority certificate alias -->
<RACertAlias>racert</RACertAlias>
<!-- Registration authority private key password -->
<RAPrivateKeyPassword>racert</RAPrivateKeyPassword>
</CertificateKeystore>
</DeviceManagementConfiguration> </DeviceManagementConfiguration>

@ -30,4 +30,20 @@
<SharedWithAllTenants>false</SharedWithAllTenants> <SharedWithAllTenants>false</SharedWithAllTenants>
</ProvisioningConfig> </ProvisioningConfig>
</ManagementRepository> </ManagementRepository>
<CertificateKeystore>
<!-- Certificate Keystore file location-->
<CertificateKeystoreLocation>${carbon.home}/repository/resources/security/wso2certs.jks</CertificateKeystoreLocation>
<!-- Certificate Keystore type (JKS/PKCS12 etc.)-->
<CertificateKeystoreType>JKS</CertificateKeystoreType>
<!-- Certificate Keystore password-->
<CertificateKeystorePassword>wso2carbon</CertificateKeystorePassword>
<!-- Certificate authority certificate alias -->
<CACertAlias>cacert</CACertAlias>
<!-- Certificate authority private key password -->
<CAPrivateKeyPassword>cacert</CAPrivateKeyPassword>
<!-- Registration authority certificate alias -->
<RACertAlias>racert</RACertAlias>
<!-- Registration authority private key password -->
<RAPrivateKeyPassword>racert</RAPrivateKeyPassword>
</CertificateKeystore>
</DeviceManagementConfiguration> </DeviceManagementConfiguration>

@ -38,7 +38,7 @@
<module>androidsense-plugin-feature</module> <module>androidsense-plugin-feature</module>
<module>arduino-plugin-feature</module> <module>arduino-plugin-feature</module>
<module>raspberrypi-plugin-feature</module> <module>raspberrypi-plugin-feature</module>
<!--<module>virtual-fire-alarm-plugin-feature</module>--> <module>virtual-fire-alarm-plugin-feature</module>
<module>iot-base-plugin-feature</module> <module>iot-base-plugin-feature</module>
<module>iot-devicetypes-feature</module> <module>iot-devicetypes-feature</module>
</modules> </modules>

@ -43,4 +43,20 @@
<Property Name="clearSession">true</Property> <Property Name="clearSession">true</Property>
</Properties> </Properties>
</PushNotificationConfiguration> </PushNotificationConfiguration>
<CertificateKeystore>
<!-- Certificate Keystore file location-->
<CertificateKeystoreLocation>${carbon.home}/repository/resources/security/wso2certs.jks</CertificateKeystoreLocation>
<!-- Certificate Keystore type (JKS/PKCS12 etc.)-->
<CertificateKeystoreType>JKS</CertificateKeystoreType>
<!-- Certificate Keystore password-->
<CertificateKeystorePassword>wso2carbon</CertificateKeystorePassword>
<!-- Certificate authority certificate alias -->
<CACertAlias>cacert</CACertAlias>
<!-- Certificate authority private key password -->
<CAPrivateKeyPassword>cacert</CAPrivateKeyPassword>
<!-- Registration authority certificate alias -->
<RACertAlias>racert</RACertAlias>
<!-- Registration authority private key password -->
<RAPrivateKeyPassword>racert</RAPrivateKeyPassword>
</CertificateKeystore>
</DeviceManagementConfiguration> </DeviceManagementConfiguration>

@ -54,4 +54,20 @@
<Property Name="server.name">localhost</Property> <Property Name="server.name">localhost</Property>
</Properties--> </Properties-->
</PushNotificationConfiguration> </PushNotificationConfiguration>
<CertificateKeystore>
<!-- Certificate Keystore file location-->
<CertificateKeystoreLocation>${carbon.home}/repository/resources/security/wso2certs.jks</CertificateKeystoreLocation>
<!-- Certificate Keystore type (JKS/PKCS12 etc.)-->
<CertificateKeystoreType>JKS</CertificateKeystoreType>
<!-- Certificate Keystore password-->
<CertificateKeystorePassword>wso2carbon</CertificateKeystorePassword>
<!-- Certificate authority certificate alias -->
<CACertAlias>cacert</CACertAlias>
<!-- Certificate authority private key password -->
<CAPrivateKeyPassword>cacert</CAPrivateKeyPassword>
<!-- Registration authority certificate alias -->
<RACertAlias>racert</RACertAlias>
<!-- Registration authority private key password -->
<RAPrivateKeyPassword>racert</RAPrivateKeyPassword>
</CertificateKeystore>
</DeviceManagementConfiguration> </DeviceManagementConfiguration>

Loading…
Cancel
Save