io.stepfunc.dnp3.TlsClientConfig Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of dnp3 Show documentation
Show all versions of dnp3 Show documentation
Safe and fast DNP3 library
// This library is provided under the terms of a non-commercial license.
//
// Please refer to the source repository for details:
//
// https://github.com/stepfunc/dnp3/blob/master/LICENSE.txt
//
// Please contact Step Function I/O if you are interested in commercial license:
//
// [email protected]
package io.stepfunc.dnp3;
import org.joou.*;
/**
* TLS client configuration
*/
public final class TlsClientConfig
{
/**
* Subject name which is verified in the presented server certificate, from the SAN extension or in the common name field.
*
* Warning: This argument is only used when used with {@link CertificateMode#AUTHORITY_BASED}
*/
public String dnsName;
/**
* Path to the PEM-encoded certificate of the peer
*/
public String peerCertPath;
/**
* Path to the PEM-encoded local certificate
*/
public String localCertPath;
/**
* Path to the the PEM-encoded private key
*/
public String privateKeyPath;
/**
* Optional password if the private key file is encrypted
*
* Only PKCS#8 encrypted files are supported.
*
* Pass empty string if the file is not encrypted.
*/
public String password;
/**
* Minimum TLS version allowed
*/
public MinTlsVersion minTlsVersion;
/**
* Certificate validation mode
*/
public CertificateMode certificateMode;
/**
* If set to true, a '*' may be used for {@link TlsClientConfig#dnsName} to bypass server name validation
*/
public boolean allowServerNameWildcard;
/**
* @param value New value for the 'dnsName' field
* @return Reference to this instance of the class with the modified value
*/
public TlsClientConfig withDnsName(String value)
{
this.dnsName = value;
return this;
}
/**
* @param value New value for the 'peerCertPath' field
* @return Reference to this instance of the class with the modified value
*/
public TlsClientConfig withPeerCertPath(String value)
{
this.peerCertPath = value;
return this;
}
/**
* @param value New value for the 'localCertPath' field
* @return Reference to this instance of the class with the modified value
*/
public TlsClientConfig withLocalCertPath(String value)
{
this.localCertPath = value;
return this;
}
/**
* @param value New value for the 'privateKeyPath' field
* @return Reference to this instance of the class with the modified value
*/
public TlsClientConfig withPrivateKeyPath(String value)
{
this.privateKeyPath = value;
return this;
}
/**
* @param value New value for the 'password' field
* @return Reference to this instance of the class with the modified value
*/
public TlsClientConfig withPassword(String value)
{
this.password = value;
return this;
}
/**
* @param value New value for the 'minTlsVersion' field
* @return Reference to this instance of the class with the modified value
*/
public TlsClientConfig withMinTlsVersion(MinTlsVersion value)
{
this.minTlsVersion = value;
return this;
}
/**
* @param value New value for the 'certificateMode' field
* @return Reference to this instance of the class with the modified value
*/
public TlsClientConfig withCertificateMode(CertificateMode value)
{
this.certificateMode = value;
return this;
}
/**
* @param value New value for the 'allowServerNameWildcard' field
* @return Reference to this instance of the class with the modified value
*/
public TlsClientConfig withAllowServerNameWildcard(boolean value)
{
this.allowServerNameWildcard = value;
return this;
}
/**
* construct the configuration with defaults
*
* Values are initialized to:
*
* - {@link TlsClientConfig#minTlsVersion} : {@link MinTlsVersion#V12}
* - {@link TlsClientConfig#certificateMode} : {@link CertificateMode#AUTHORITY_BASED}
* - {@link TlsClientConfig#allowServerNameWildcard} : false
*
*
* @param dnsName Subject name which is verified in the presented server certificate, from the SAN extension or in the common name field.
* @param peerCertPath Path to the PEM-encoded certificate of the peer
* @param localCertPath Path to the PEM-encoded local certificate
* @param privateKeyPath Path to the the PEM-encoded private key
* @param password Optional password if the private key file is encrypted
*/
public TlsClientConfig(String dnsName, String peerCertPath, String localCertPath, String privateKeyPath, String password)
{
this.dnsName = dnsName;
this.peerCertPath = peerCertPath;
this.localCertPath = localCertPath;
this.privateKeyPath = privateKeyPath;
this.password = password;
this.minTlsVersion = MinTlsVersion.V12;
this.certificateMode = CertificateMode.AUTHORITY_BASED;
this.allowServerNameWildcard = false;
}
private TlsClientConfig(String dnsName, String peerCertPath, String localCertPath, String privateKeyPath, String password, MinTlsVersion minTlsVersion, CertificateMode certificateMode, boolean allowServerNameWildcard)
{
this.dnsName = dnsName;
this.peerCertPath = peerCertPath;
this.localCertPath = localCertPath;
this.privateKeyPath = privateKeyPath;
this.password = password;
this.minTlsVersion = minTlsVersion;
this.certificateMode = certificateMode;
this.allowServerNameWildcard = allowServerNameWildcard;
}
void _assertFieldsNotNull()
{
java.util.Objects.requireNonNull(dnsName, "dnsName cannot be null");
java.util.Objects.requireNonNull(peerCertPath, "peerCertPath cannot be null");
java.util.Objects.requireNonNull(localCertPath, "localCertPath cannot be null");
java.util.Objects.requireNonNull(privateKeyPath, "privateKeyPath cannot be null");
java.util.Objects.requireNonNull(password, "password cannot be null");
java.util.Objects.requireNonNull(minTlsVersion, "minTlsVersion cannot be null");
java.util.Objects.requireNonNull(certificateMode, "certificateMode cannot be null");
}
}