Module: WebSocket::SslContextInitializationMethods

Defined in:
lib/websocket/ssl_context_initialization.rb

Overview

This module implements methods responsible for the initialization of an SSL context

Constant Summary collapse

DefaultCertificateType = 
'X.509'.freeze

Instance Method Summary collapse

Instance Method Details

#certificate_key_pair(certificate, private_key) ⇒ Object 



43
44
45
46
47
48
 
# File 'lib/websocket/ssl_context_initialization.rb', line 43

def certificate_key_pair(certificate, private_key)
  log.info "Securing socket layer using #{certificate} and #{private_key}"
  certificate = read_certificate(certificate)
  private_key = read_private_key(private_key)
  SslContextBuilder.forServer(private_key, certificate).build()
end

#close_streams(*streams) ⇒ Object 



89
90
91
 
# File 'lib/websocket/ssl_context_initialization.rb', line 89

def close_streams(*streams)
  streams.each { |stream| safely_close_stream(stream) }
end

#decode_private_key(encoded_private_key) ⇒ Object 



99
100
101
102
 
# File 'lib/websocket/ssl_context_initialization.rb', line 99

def decode_private_key(encoded_private_key)
  private_key_spec = PKCS8EncodedKeySpec.new(encoded_private_key)
  KeyFactory.getInstance('RSA').generatePrivate(private_key_spec)
end

#init_ssl(channel_initializer) ⇒ Object 



33
34
35
36
37
 
# File 'lib/websocket/ssl_context_initialization.rb', line 33

def init_ssl(channel_initializer)
  return unless options[:ssl] && channel_initializer.respond_to?(:ssl_context)
  context = ssl_context
  channel_initializer.ssl_context = context unless context.nil?
end

#jdk_ssl_providerObject 



50
51
52
53
54
55
 
# File 'lib/websocket/ssl_context_initialization.rb', line 50

def jdk_ssl_provider
  log.info 'Securing socket layer using JDK self-signed certificate'
  ssc = SelfSignedCertificate.new
  context_builder = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
  context_builder.sslProvider(SslProvider::JDK).build()
end

#read_certificate(file_path) ⇒ Object 



63
64
65
66
67
 
# File 'lib/websocket/ssl_context_initialization.rb', line 63

def read_certificate(file_path)
  file_input_stream = FileInputStream.new(file_path)
  buffered_input_stream = BufferedInputStream.new(file_input_stream)
  CertificateFactory.getInstance(DefaultCertificateType).generateCertificate(buffered_input_stream)
end

#read_private_key(file_path) ⇒ Object 



69
70
71
72
73
74
75
 
# File 'lib/websocket/ssl_context_initialization.rb', line 69

def read_private_key(file_path)
  file_input_stream = FileInputStream.new(file_path)
  buffered_input_stream = BufferedInputStream.new(file_input_stream)
  decode_private_key(stream_data(buffered_input_stream))
ensure
  close_streams(buffered_input_stream, file_input_stream)
end

#safely_close_stream(stream) ⇒ Object 



93
94
95
96
97
 
# File 'lib/websocket/ssl_context_initialization.rb', line 93

def safely_close_stream(stream)
  stream.close()
rescue StandardError => e
  log.warn "Failed to close stream: #{e.message}"
end

#self_signed_certificateObject 



57
58
59
60
61
 
# File 'lib/websocket/ssl_context_initialization.rb', line 57

def self_signed_certificate
  log.info 'Securing socket layer using self-signed certificate'
  ssc = SelfSignedCertificate.new
  SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build()
end

#ssl_contextObject 



39
40
41
 
# File 'lib/websocket/ssl_context_initialization.rb', line 39

def ssl_context
  @ssl_context ||= init_ssl_context(options[:ssl_certificate_file_path], options[:ssl_private_key_file_path])
end

#stream_data(input_stream, output_stream = ByteArrayOutputStream.new) ⇒ Object 



77
78
79
80
81
82
83
84
85
86
87
 
# File 'lib/websocket/ssl_context_initialization.rb', line 77

def stream_data(input_stream, output_stream = ByteArrayOutputStream.new)
  buffer = Java::byte[1024 * 4].new
  loop do
    n = input_stream.read(buffer)
    break if n == -1
    output_stream.write(buffer, 0, n)
  end
  output_stream.toByteArray()
ensure
  close_streams(output_stream)
end