Module: WebSocket::SslContextInitializationMethods

Defined in:

lib/websocket/ssl_context_initialization.rb

Overview

This module implements methods responsible for the initialization of an SSL context

Constant Summary

DefaultCertificateType =

'X.509'.freeze

Instance Method Summary

• #all_exist?(*files) ⇒ Boolean
• #certificate_key_pair(certificate, private_key) ⇒ Object
• #close_streams(*streams) ⇒ Object
• #decode_private_key(encoded_private_key) ⇒ Object
• #init_ssl(channel_initializer) ⇒ Object
• #init_ssl_context(certificate, private_key) ⇒ Object
• #jdk_ssl_provider ⇒ Object
• #read_certificate(file_path) ⇒ Object
• #read_private_key(file_path) ⇒ Object
• #safely_close_stream(stream) ⇒ Object
• #self_signed_certificate ⇒ Object
• #ssl_context ⇒ Object
• #stream_data(input_stream, output_stream = ByteArrayOutputStream.new) ⇒ Object

Instance Method Details

#all_exist?(*files) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/websocket/ssl_context_initialization.rb', line 39

def all_exist?(*files)
  files.all? { |f| File.exist?(f) }
end

#certificate_key_pair(certificate, private_key) ⇒ Object

# File 'lib/websocket/ssl_context_initialization.rb', line 52

def certificate_key_pair(certificate, private_key)
  log.info "Securing socket layer using #{certificate} and #{private_key}"
  certificate = read_certificate(certificate)
  private_key = read_private_key(private_key)
  SslContextBuilder.forServer(private_key, certificate).build()
end

#close_streams(*streams) ⇒ Object

# File 'lib/websocket/ssl_context_initialization.rb', line 98

def close_streams(*streams)
  streams.each { |stream| safely_close_stream(stream) }
end

#decode_private_key(encoded_private_key) ⇒ Object

# File 'lib/websocket/ssl_context_initialization.rb', line 108

def decode_private_key(encoded_private_key)
  private_key_spec = PKCS8EncodedKeySpec.new(encoded_private_key)
  KeyFactory.getInstance('RSA').generatePrivate(private_key_spec)
end

#init_ssl(channel_initializer) ⇒ Object

# File 'lib/websocket/ssl_context_initialization.rb', line 33

def init_ssl(channel_initializer)
  return unless options[:ssl] && channel_initializer.respond_to?(:ssl_context)
  context = ssl_context
  channel_initializer.ssl_context = context unless context.nil?
end

#init_ssl_context(certificate, private_key) ⇒ Object

# File 'lib/websocket/ssl_context_initialization.rb', line 43

def init_ssl_context(certificate, private_key)
  return certificate_key_pair(certificate, private_key) if all_exist?(certificate, private_key)
  options[:use_jdk_ssl_provider] ? jdk_ssl_provider : self_signed_certificate
end

#jdk_ssl_provider ⇒ Object

# File 'lib/websocket/ssl_context_initialization.rb', line 59

def jdk_ssl_provider
  log.info 'Securing socket layer using JDK self-signed certificate'
  ssc = SelfSignedCertificate.new
  context_builder = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
  context_builder.sslProvider(SslProvider::JDK).build()
end

#read_certificate(file_path) ⇒ Object

# File 'lib/websocket/ssl_context_initialization.rb', line 72

def read_certificate(file_path)
  file_input_stream = FileInputStream.new(file_path)
  buffered_input_stream = BufferedInputStream.new(file_input_stream)
  CertificateFactory.getInstance(DefaultCertificateType).generateCertificate(buffered_input_stream)
end

#read_private_key(file_path) ⇒ Object

# File 'lib/websocket/ssl_context_initialization.rb', line 78

def read_private_key(file_path)
  file_input_stream = FileInputStream.new(file_path)
  buffered_input_stream = BufferedInputStream.new(file_input_stream)
  decode_private_key(stream_data(buffered_input_stream))
ensure
  close_streams(buffered_input_stream, file_input_stream)
end

#safely_close_stream(stream) ⇒ Object

# File 'lib/websocket/ssl_context_initialization.rb', line 102

def safely_close_stream(stream)
  stream.close()
rescue StandardError => e
  log.warn "Failed to close stream: #{e.message}"
end

#self_signed_certificate ⇒ Object

# File 'lib/websocket/ssl_context_initialization.rb', line 66

def self_signed_certificate
  log.info 'Securing socket layer using self-signed certificate'
  ssc = SelfSignedCertificate.new
  SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build()
end

#ssl_context ⇒ Object

# File 'lib/websocket/ssl_context_initialization.rb', line 48

def ssl_context
  @ssl_context ||= init_ssl_context(options[:ssl_certificate_file_path], options[:ssl_private_key_file_path])
end

#stream_data(input_stream, output_stream = ByteArrayOutputStream.new) ⇒ Object

# File 'lib/websocket/ssl_context_initialization.rb', line 86

def stream_data(input_stream, output_stream = ByteArrayOutputStream.new)
  buffer = Java::byte[1024 * 4].new
  loop do
    n = input_stream.read(buffer)
    break if n == -1
    output_stream.write(buffer, 0, n)
  end
  output_stream.toByteArray()
ensure
  close_streams(output_stream)
end