diff --git a/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/src/main/java/org/wso2/carbon/device/mgt/iot/devicetype/config/CertificateKeystoreConfig.java b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/src/main/java/org/wso2/carbon/device/mgt/iot/devicetype/config/CertificateKeystoreConfig.java
new file mode 100644
index 000000000..972975a64
--- /dev/null
+++ b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/src/main/java/org/wso2/carbon/device/mgt/iot/devicetype/config/CertificateKeystoreConfig.java
@@ -0,0 +1,108 @@
+/*
+ * Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * you may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.device.mgt.iot.devicetype.config;
+
+
+import org.wso2.carbon.device.mgt.iot.devicetype.util.DeviceTypeConfigUtil;
+
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+
+/**
+ * Class for holding CertificateKeystore data.
+ */
+@XmlRootElement(name = "CertificateKeystore")
+public class CertificateKeystoreConfig {
+
+ private String certificateKeystoreLocation;
+ private String certificateKeystoreType;
+ private String certificateKeystorePassword;
+ private String caCertAlias;
+ private String caPrivateKeyPassword;
+ private String raCertAlias;
+ private String raPrivateKeyPassword;
+
+ @XmlElement(name = "CertificateKeystoreLocation", required = true)
+ public String getCertificateKeystoreLocation() {
+ return certificateKeystoreLocation;
+ }
+
+ public void setCertificateKeystoreLocation(String certificateKeystoreLocation) {
+ if (certificateKeystoreLocation != null && certificateKeystoreLocation.toLowerCase().
+ contains(DeviceTypeConfigUtil.CARBON_HOME_ENTRY)) {
+ certificateKeystoreLocation = certificateKeystoreLocation.replace(DeviceTypeConfigUtil.CARBON_HOME_ENTRY,
+ System.getProperty(DeviceTypeConfigUtil.CARBON_HOME));
+ }
+ this.certificateKeystoreLocation = certificateKeystoreLocation;
+ }
+
+ @XmlElement(name = "CertificateKeystoreType", required = true)
+ public String getCertificateKeystoreType() {
+ return certificateKeystoreType;
+ }
+
+ public void setCertificateKeystoreType(String certificateKeystoreType) {
+ this.certificateKeystoreType = certificateKeystoreType;
+ }
+
+ @XmlElement(name = "CertificateKeystorePassword", required = true)
+ public String getCertificateKeystorePassword() {
+ return certificateKeystorePassword;
+ }
+
+ public void setCertificateKeystorePassword(String certificateKeystorePassword) {
+ this.certificateKeystorePassword = certificateKeystorePassword;
+ }
+
+ @XmlElement(name = "CACertAlias", required = true)
+ public String getCACertAlias() {
+ return caCertAlias;
+ }
+
+ public void setCACertAlias(String caCertAlias) {
+ this.caCertAlias = caCertAlias;
+ }
+
+ @XmlElement(name = "CAPrivateKeyPassword", required = true)
+ public String getCAPrivateKeyPassword() {
+ return caPrivateKeyPassword;
+ }
+
+ public void setCAPrivateKeyPassword(String caPrivateKeyPassword) {
+ this.caPrivateKeyPassword = caPrivateKeyPassword;
+ }
+
+ @XmlElement(name = "RACertAlias", required = true)
+ public String getRACertAlias() {
+ return raCertAlias;
+ }
+
+ public void setRACertAlias(String raCertAlias) {
+ this.raCertAlias = raCertAlias;
+ }
+
+ @XmlElement(name = "RAPrivateKeyPassword", required = true)
+ public String getRAPrivateKeyPassword() {
+ return raPrivateKeyPassword;
+ }
+
+ public void setRAPrivateKeyPassword(String raPrivateKeyPassword) {
+ this.raPrivateKeyPassword = raPrivateKeyPassword;
+ }
+}
diff --git a/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/src/main/java/org/wso2/carbon/device/mgt/iot/devicetype/config/DeviceManagementConfiguration.java b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/src/main/java/org/wso2/carbon/device/mgt/iot/devicetype/config/DeviceManagementConfiguration.java
index ffda827a6..55b816566 100644
--- a/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/src/main/java/org/wso2/carbon/device/mgt/iot/devicetype/config/DeviceManagementConfiguration.java
+++ b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/src/main/java/org/wso2/carbon/device/mgt/iot/devicetype/config/DeviceManagementConfiguration.java
@@ -30,6 +30,7 @@ public class DeviceManagementConfiguration {
private DeviceManagementConfigRepository deviceManagementConfigRepository;
private PushNotificationConfig pushNotificationConfig;
private String deviceType;
+ private CertificateKeystoreConfig certificateKeystoreConfig;
private static final Log log = LogFactory.getLog(DeviceManagementConfiguration.class);
@@ -63,4 +64,13 @@ public class DeviceManagementConfiguration {
this.pushNotificationConfig = pushNotificationConfig;
}
+ @XmlElement(name = "CertificateKeystore", required = false)
+ public CertificateKeystoreConfig getCertificateKeystoreConfig() {
+ return certificateKeystoreConfig;
+ }
+
+ public void setCertificateKeystoreConfig(
+ CertificateKeystoreConfig certificateKeystoreConfig) {
+ this.certificateKeystoreConfig = certificateKeystoreConfig;
+ }
}
diff --git a/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/src/main/java/org/wso2/carbon/device/mgt/iot/devicetype/util/DeviceTypeConfigUtil.java b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/src/main/java/org/wso2/carbon/device/mgt/iot/devicetype/util/DeviceTypeConfigUtil.java
index 4184c1a3e..a32a88bdf 100644
--- a/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/src/main/java/org/wso2/carbon/device/mgt/iot/devicetype/util/DeviceTypeConfigUtil.java
+++ b/components/iot-plugins/iot-base-plugin/org.wso2.carbon.device.mgt.iot/src/main/java/org/wso2/carbon/device/mgt/iot/devicetype/util/DeviceTypeConfigUtil.java
@@ -31,6 +31,9 @@ import java.io.File;
public class DeviceTypeConfigUtil {
+ public static final String CARBON_HOME = "carbon.home";
+ public static final String CARBON_HOME_ENTRY = "${carbon.home}";
+
public static Document convertToDocument(File file) throws DeviceTypeConfigurationException {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
diff --git a/components/iot-plugins/pom.xml b/components/iot-plugins/pom.xml
index f1b5762d3..283ad011f 100644
--- a/components/iot-plugins/pom.xml
+++ b/components/iot-plugins/pom.xml
@@ -36,7 +36,7 @@
androidsense-plugin
arduino-plugin
raspberrypi-plugin
-
+ virtual-fire-alarm-plugin
iot-base-plugin
iot-analytics
diff --git a/components/iot-plugins/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin/src/main/java/org/wso2/carbon/device/mgt/iot/virtualfirealarm/plugin/impl/util/VirtualFirealarmSecurityManager.java b/components/iot-plugins/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin/src/main/java/org/wso2/carbon/device/mgt/iot/virtualfirealarm/plugin/impl/util/VirtualFirealarmSecurityManager.java
index 257ed36c6..9f318e165 100644
--- a/components/iot-plugins/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin/src/main/java/org/wso2/carbon/device/mgt/iot/virtualfirealarm/plugin/impl/util/VirtualFirealarmSecurityManager.java
+++ b/components/iot-plugins/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin/src/main/java/org/wso2/carbon/device/mgt/iot/virtualfirealarm/plugin/impl/util/VirtualFirealarmSecurityManager.java
@@ -22,8 +22,11 @@ import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
-import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
+import org.wso2.carbon.device.mgt.iot.devicetype.config.CertificateKeystoreConfig;
+import org.wso2.carbon.device.mgt.iot.devicetype.config.DeviceManagementConfiguration;
+import org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin.constants.VirtualFireAlarmConstants;
import org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin.exception.VirtualFirealarmDeviceMgtPluginException;
+import org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin.internal.VirtualFirealarmManagementDataHolder;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
@@ -46,11 +49,11 @@ import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
-
public class VirtualFirealarmSecurityManager {
private static final Log log = LogFactory.getLog(VirtualFirealarmSecurityManager.class);
private static PrivateKey serverPrivateKey;
+ private static CertificateKeystoreConfig certificateKeystoreConfig;
private static final String SIGNATURE_ALG = "SHA1withRSA";
private static final String CIPHER_PADDING = "RSA/ECB/PKCS1Padding";
@@ -58,26 +61,34 @@ public class VirtualFirealarmSecurityManager {
}
+ private static CertificateKeystoreConfig getCertKeyStoreConfig() {
+ if (certificateKeystoreConfig == null) {
+ DeviceManagementConfiguration deviceManagementConfiguration = VirtualFirealarmManagementDataHolder.getInstance().
+ getDeviceTypeConfigService().getConfiguration(
+ VirtualFireAlarmConstants.DEVICE_TYPE,
+ VirtualFireAlarmConstants.DEVICE_TYPE_PROVIDER_DOMAIN);
+ certificateKeystoreConfig = deviceManagementConfiguration.getCertificateKeystoreConfig();
+ }
+ return certificateKeystoreConfig;
+ }
+
public static void initVerificationManager() {
- serverPrivateKey = retrievePrivateKey(ConfigurationUtil.CA_CERT_ALIAS,
- ConfigurationUtil.KEYSTORE_CA_CERT_PRIV_PASSWORD);
+ serverPrivateKey = retrievePrivateKey();
}
- public static PrivateKey retrievePrivateKey(String alias, String password){
+ public static PrivateKey retrievePrivateKey() {
PrivateKey privateKey = null;
InputStream inputStream = null;
KeyStore keyStore;
-
+ CertificateKeystoreConfig certificateKeystoreConfig = getCertKeyStoreConfig();
try {
- keyStore = KeyStore.getInstance(ConfigurationUtil.getConfigEntry(ConfigurationUtil.CERTIFICATE_KEYSTORE));
- inputStream = new FileInputStream(ConfigurationUtil.getConfigEntry(
- ConfigurationUtil.PATH_CERTIFICATE_KEYSTORE));
+ keyStore = KeyStore.getInstance(certificateKeystoreConfig.getCertificateKeystoreType());
+ inputStream = new FileInputStream(certificateKeystoreConfig.getCertificateKeystoreLocation());
- keyStore.load(inputStream, ConfigurationUtil.getConfigEntry(ConfigurationUtil.CERTIFICATE_KEYSTORE_PASSWORD)
- .toCharArray());
+ keyStore.load(inputStream, certificateKeystoreConfig.getCertificateKeystorePassword().toCharArray());
- privateKey = (PrivateKey) (keyStore.getKey(ConfigurationUtil.getConfigEntry(alias),
- ConfigurationUtil.getConfigEntry(password).toCharArray()));
+ privateKey = (PrivateKey) (keyStore.getKey(certificateKeystoreConfig.getCACertAlias(),
+ certificateKeystoreConfig.getCAPrivateKeyPassword().toCharArray()));
} catch (KeyStoreException e) {
String errorMsg = "Could not load KeyStore of given type in [certificate-config.xml] file." ;
@@ -94,9 +105,6 @@ public class VirtualFirealarmSecurityManager {
} catch (IOException e) {
String errorMsg = "Input output issue occurred when loading KeyStore";
log.error(errorMsg, e);
- } catch (KeystoreException e) {
- String errorMsg = "An error occurred whilst trying load Configs for KeyStoreReader";
- log.error(errorMsg, e);
} catch (UnrecoverableKeyException e) {
String errorMsg = "Key is unrecoverable when retrieving CA private key";
log.error(errorMsg, e);
diff --git a/features/iot-plugins-feature/androidsense-plugin-feature/org.wso2.carbon.device.mgt.iot.androidsense.feature/src/main/resources/conf/android-sense-config.xml b/features/iot-plugins-feature/androidsense-plugin-feature/org.wso2.carbon.device.mgt.iot.androidsense.feature/src/main/resources/conf/android-sense-config.xml
index d4863f8f7..994309e65 100644
--- a/features/iot-plugins-feature/androidsense-plugin-feature/org.wso2.carbon.device.mgt.iot.androidsense.feature/src/main/resources/conf/android-sense-config.xml
+++ b/features/iot-plugins-feature/androidsense-plugin-feature/org.wso2.carbon.device.mgt.iot.androidsense.feature/src/main/resources/conf/android-sense-config.xml
@@ -43,4 +43,20 @@
true
+
+
+ ${carbon.home}/repository/resources/security/wso2certs.jks
+
+ JKS
+
+ wso2carbon
+
+ cacert
+
+ cacert
+
+ racert
+
+ racert
+
diff --git a/features/iot-plugins-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.feature/src/main/resources/conf/arduino-config.xml b/features/iot-plugins-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.feature/src/main/resources/conf/arduino-config.xml
index 6cb535f80..5c2e2b290 100644
--- a/features/iot-plugins-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.feature/src/main/resources/conf/arduino-config.xml
+++ b/features/iot-plugins-feature/arduino-plugin-feature/org.wso2.carbon.device.mgt.iot.arduino.feature/src/main/resources/conf/arduino-config.xml
@@ -30,4 +30,20 @@
false
+
+
+ ${carbon.home}/repository/resources/security/wso2certs.jks
+
+ JKS
+
+ wso2carbon
+
+ cacert
+
+ cacert
+
+ racert
+
+ racert
+
diff --git a/features/iot-plugins-feature/pom.xml b/features/iot-plugins-feature/pom.xml
index 60e45e2cd..0e4a641bc 100644
--- a/features/iot-plugins-feature/pom.xml
+++ b/features/iot-plugins-feature/pom.xml
@@ -38,7 +38,7 @@
androidsense-plugin-feature
arduino-plugin-feature
raspberrypi-plugin-feature
-
+ virtual-fire-alarm-plugin-feature
iot-base-plugin-feature
iot-devicetypes-feature
diff --git a/features/iot-plugins-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.feature/src/main/resources/conf/raspberrypi-config.xml b/features/iot-plugins-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.feature/src/main/resources/conf/raspberrypi-config.xml
index a68818a73..5685c0696 100644
--- a/features/iot-plugins-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.feature/src/main/resources/conf/raspberrypi-config.xml
+++ b/features/iot-plugins-feature/raspberrypi-plugin-feature/org.wso2.carbon.device.mgt.iot.raspberrypi.feature/src/main/resources/conf/raspberrypi-config.xml
@@ -43,4 +43,20 @@
true
+
+
+ ${carbon.home}/repository/resources/security/wso2certs.jks
+
+ JKS
+
+ wso2carbon
+
+ cacert
+
+ cacert
+
+ racert
+
+ racert
+
diff --git a/features/iot-plugins-feature/virtual-fire-alarm-plugin-feature/org.wso2.carbon.device.mgt.iot.virtualfirealarm.feature/src/main/resources/conf/virtual-fire-alarm-config.xml b/features/iot-plugins-feature/virtual-fire-alarm-plugin-feature/org.wso2.carbon.device.mgt.iot.virtualfirealarm.feature/src/main/resources/conf/virtual-fire-alarm-config.xml
index f2eb16ae5..a88883a88 100644
--- a/features/iot-plugins-feature/virtual-fire-alarm-plugin-feature/org.wso2.carbon.device.mgt.iot.virtualfirealarm.feature/src/main/resources/conf/virtual-fire-alarm-config.xml
+++ b/features/iot-plugins-feature/virtual-fire-alarm-plugin-feature/org.wso2.carbon.device.mgt.iot.virtualfirealarm.feature/src/main/resources/conf/virtual-fire-alarm-config.xml
@@ -54,4 +54,20 @@
localhost
+
+
+ ${carbon.home}/repository/resources/security/wso2certs.jks
+
+ JKS
+
+ wso2carbon
+
+ cacert
+
+ cacert
+
+ racert
+
+ racert
+