• Home
• com.jpmorgan.quorum
• security
• 0.11.0.01102019090814
• source code
• AbstractTrustManager.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.quorum.tessera.ssl.trust.AbstractTrustManager Maven / Gradle / Ivy

package com.quorum.tessera.ssl.trust;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.net.ssl.X509TrustManager;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.StandardOpenOption;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;

abstract class AbstractTrustManager implements X509TrustManager {

    private static final Logger LOGGER = LoggerFactory.getLogger(AbstractTrustManager.class);

    private Path knownHostsFile;

    private Map certificates;

    AbstractTrustManager(final Path knownHostsFile) throws IOException {
        this.knownHostsFile = knownHostsFile;
        certificates = new HashMap<>();
        getWhiteListedCertificateForServerAddress();
    }

    AbstractTrustManager(){
    }

    private void getWhiteListedCertificateForServerAddress() throws IOException {

        if (knownHostsFile.toFile().exists()){
            try (BufferedReader reader = Files.newBufferedReader(knownHostsFile)) {
                String line;
                while ((line = reader.readLine()) != null) {
                    String[] items = line.split(" ");
                    this.certificates.put(items[0], items[1]);
                }
            }
        }
    }

    private void generateWhiteListedFileIfNotExisted() throws IOException {

        if (!knownHostsFile.toFile().exists()) {

            final Path parentDirectory = knownHostsFile.getParent();

            if (Objects.nonNull(parentDirectory) && !parentDirectory.toFile().exists()) {
                Files.createDirectory(parentDirectory);
            }

            Files.createFile(knownHostsFile);
        }
    }

    void addServerToKnownHostsList(String address, String thumbPrint) throws IOException {
        LOGGER.info("Add entry to known host file");

        generateWhiteListedFileIfNotExisted();

        this.certificates.put(address, thumbPrint);

        try (BufferedWriter writer = Files.newBufferedWriter(knownHostsFile, StandardOpenOption.APPEND))
        {
            writer.write(address + " " + thumbPrint);
            writer.newLine();
        }
    }

    boolean certificateExistsInKnownHosts(String address) {
        return this.certificates.containsKey(address);
    }

    boolean certificateValidForKnownHost(String address, String thumbPrint) {
        return this.certificates.get(address).equals(thumbPrint);
    }

}