/
SSL.scala
60 lines (49 loc) · 2.37 KB
/
SSL.scala
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
package lol.http
import java.io.{ File }
import java.security.{ KeyStore }
import javax.net.ssl.{ TrustManagerFactory }
import io.netty.handler.ssl.{ SslContextBuilder }
import io.netty.handler.ssl.util.{
InsecureTrustManagerFactory,
SelfSignedCertificate }
/** lol SSL. */
object SSL {
/** SSL configuration for clients. */
class ClientConfiguration private[http] (private[http] val builder: SslContextBuilder, name: String) {
override def toString = s"ClientConfiguration($name)"
}
/** SSL configuration for servers. */
class ServerConfiguration private[http] (private[http] val builder: SslContextBuilder, name: String) {
override def toString = s"ServerConfiguration($name)"
}
/** Provides the default client SSL configuration. */
object ClientConfiguration {
/** The default SSL configuration. */
implicit lazy val default = new ClientConfiguration({
val trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm)
trustManagerFactory.init(null: KeyStore)
SslContextBuilder.forClient.trustManager(trustManagerFactory)
}, "default")
}
/** A "Trust all" client configuration that will accept any certificate.
* You can use it as configuration for an HTTP client that need to connect to an
* insecure server.
*/
lazy val trustAll = new ClientConfiguration({
SslContextBuilder.forClient.trustManager(InsecureTrustManagerFactory.INSTANCE)
}, "trustAll")
/** Generate an SSL server configuration with a self-signed certificate.
* You can use it to start an HTTPS server with an insecure certificate.
* @param fqdn the fqdn to use for the certificate (default to localhost)
*/
def selfSigned(fqdn: String = "localhost") = new ServerConfiguration({
val ssc = new SelfSignedCertificate(fqdn)
SslContextBuilder.forServer(ssc.certificate, ssc.privateKey)
}, s"selfSigned for $fqdn")
def serverCertificate(certificate: File, privateKey: File, privateKeyPassword: String): ServerConfiguration =
new ServerConfiguration({
SslContextBuilder.forServer(certificate, privateKey, privateKeyPassword)
}, s"serverCertificate from $certificate")
def serverCertificate(certificatePath: String, privateKeyPath: String, privateKeyPassword: String): ServerConfiguration =
serverCertificate(new File(certificatePath), new File(privateKeyPath), privateKeyPassword)
}