-
Notifications
You must be signed in to change notification settings - Fork 13
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Pushkar N Kulkarni
committed
May 2, 2019
1 parent
4f5d2a6
commit 1f8e27c
Showing
4 changed files
with
134 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,83 @@ | ||
| /* | ||
| * Copyright IBM Corporation 2016 | ||
| * | ||
| * Licensed under the Apache License, Version 2.0 (the "License"); | ||
| * you may not use this file except in compliance with the License. | ||
| * You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
|
|
||
| import SSLService | ||
|
|
||
| // MARK: SSLConfig | ||
| /// A struct that allows you to configure your SSL using a CA certificate file (Linux), a CA certificate directory (Linux) or a certificate chain file (MacOS). | ||
| public struct SSLConfig { | ||
|
|
||
| /// :nodoc: | ||
| public private(set) var config: SSLService.Configuration | ||
|
|
||
| // MARK: Lifecycle | ||
|
|
||
| #if os(Linux) | ||
| // MARK: For Linux | ||
| /// Initialize an `SSLService.Configuration` instance using a CA certificate file. | ||
| /// | ||
| /// - Parameter caCertificateFilePath: Path to the PEM formatted CA certificate file. | ||
| /// - Parameter certificateFilePath: Path to the PEM formatted certificate file. | ||
| /// - Parameter keyFilePath: Path to the PEM formatted key file. If nil, `certificateFilePath` will be used. | ||
| /// - Parameter selfSigned: True if certs are *self-signed*, false otherwise. Defaults to true. | ||
| /// - Parameter cipherSuite: Unused. | ||
| /// - Returns: New `SSLConfig` instance. | ||
| public init(withCACertificateFilePath caCertificateFilePath: String?, usingCertificateFile certificateFilePath: String?, withKeyFile keyFilePath: String? = nil, usingSelfSignedCerts selfSigned: Bool = true, cipherSuite: String? = nil) { | ||
|
|
||
| config = SSLService.Configuration(withCACertificateFilePath: caCertificateFilePath, usingCertificateFile: certificateFilePath, withKeyFile: keyFilePath, usingSelfSignedCerts: selfSigned, cipherSuite: cipherSuite) | ||
| } | ||
|
|
||
| /// Initialize an `SSLService.Configuration` instance using a CA certificate directory. | ||
| /// | ||
| /// *Note:* `caCertificateDirPath` - all certificates in the specified directory **must** be hashed using the NIOSSL Certificate Tool. | ||
| /// | ||
| /// - Parameter caCertificateDirPath: Path to a directory containing CA certificates. *(see note above)* | ||
| /// - Parameter certificateFilePath: Path to the PEM formatted certificate file. If nil, `certificateFilePath` will be used. | ||
| /// - Parameter keyFilePath: Path to the PEM formatted key file (optional). If nil, `certificateFilePath` is used. | ||
| /// - Parameter selfSigned: True if certs are *self-signed*, false otherwise. Defaults to true. | ||
| /// - Parameter cipherSuite: Unused. | ||
| /// - Returns: New `SSLConfig` instance. | ||
| public init(withCACertificateDirectory caCertificateDirPath: String?, usingCertificateFile certificateFilePath: String?, withKeyFile keyFilePath: String? = nil, usingSelfSignedCerts selfSigned: Bool = true, cipherSuite: String? = nil) { | ||
|
|
||
| config = SSLService.Configuration(withCACertificateDirectory: caCertificateDirPath, usingCertificateFile: certificateFilePath, withKeyFile: keyFilePath, usingSelfSignedCerts: selfSigned, cipherSuite: cipherSuite) | ||
| } | ||
| #endif // os(Linux) | ||
| // MARK: For MacOS | ||
| /// Initialize an `SSLService.Configuration` instance using a certificate chain file. | ||
| /// | ||
| /// *Note:* If using a certificate chain file, the certificates must be in PEM format and must be sorted starting with the subject's certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA. | ||
| /// | ||
| /// For testing purposes you will most likely want to create and use some self-signed certificates. Follow the | ||
| /// instructions in our [Enabling SSL/TLS On Your Kitura Server](http://www.kitura.io/en/resources/tutorials/ssl.html) tutorial. | ||
| /// ### Usage Example: ### | ||
| /// This example initializes an `SSLConfig` instance and then associates this SSL configuration with the Kitura HTTP | ||
| /// server registration. | ||
| /// ```swift | ||
| /// let mySSLConfig = SSLConfig(withChainFilePath: "/tmp/Creds/Self-Signed/cert.pfx", | ||
| /// withPassword: "password", | ||
| /// usingSelfSignedCerts: true) | ||
| /// Kitura.addHTTPServer(onPort: 8080, with: router, withSSL: mySSLConfig) | ||
| /// ``` | ||
| /// - Parameter chainFilePath: Path to the certificate chain file (optional). *(See note above)* | ||
| /// - Parameter password: Export password for the chain file (optional). This is required if using a certificate chain file. | ||
| /// - Parameter selfSigned: True if certs are *self-signed*, false otherwise. Defaults to true. | ||
| /// - Parameter cipherSuite: Unused. | ||
| /// - Returns: New `SSLConfig` instance. | ||
| public init(withChainFilePath chainFilePath: String? = nil, withPassword password: String? = nil, usingSelfSignedCerts selfSigned: Bool = true, cipherSuite: String? = nil) { | ||
|
|
||
| config = SSLService.Configuration(withChainFilePath: chainFilePath, withPassword: password, usingSelfSignedCerts: selfSigned, cipherSuite: cipherSuite) | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| -----BEGIN CERTIFICATE----- | ||
| MIIECTCCAvGgAwIBAgIJAOztRzGO7IBlMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNV | ||
| BAYTAlVTMQ4wDAYDVQQIEwVUZXhhczEPMA0GA1UEBxMGQXVzdGluMQwwCgYDVQQK | ||
| EwNJQk0xDjAMBgNVBAsTBVN3aWZ0MRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTcw | ||
| MTEwMjAzMjM0WhcNMjcwMTA4MjAzMjM0WjBgMQswCQYDVQQGEwJVUzEOMAwGA1UE | ||
| CBMFVGV4YXMxDzANBgNVBAcTBkF1c3RpbjEMMAoGA1UEChMDSUJNMQ4wDAYDVQQL | ||
| EwVTd2lmdDESMBAGA1UEAxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOC | ||
| AQ8AMIIBCgKCAQEAyEKi6MV6ABBCl9hyTztcXNElkI3JBWpKROWt4ReNauvKrdA7 | ||
| vD50o3MCfkDPOBCsx+mKxL66Nw4CquWk720fXoKZ8X8JFYJfkK6yEViw/wSnBb3A | ||
| XH7j2jrXBXK8ccY2yJy3XBNMNinMI969PItRysYhJO+yJG7/SyNAnnyvrIxmAgZX | ||
| qD7VaJq/XB8liynnxfdl08FprJDBjeXNHRNU5FtB9fastnVORQSKYOQRHk3vEArV | ||
| GX2BwBzQM8uXcXiRwDk7vrtusPrNqdyCJfD8HccNYB2AomZb5zukXrt8c3/fveke | ||
| kgqnWxVdOh0nFZGyq9PAQ9YTsarH/zVY4YoXbQIDAQABo4HFMIHCMB0GA1UdDgQW | ||
| BBQbyz6NOaU+R1f0OqfbN6KoFQT3WDCBkgYDVR0jBIGKMIGHgBQbyz6NOaU+R1f0 | ||
| OqfbN6KoFQT3WKFkpGIwYDELMAkGA1UEBhMCVVMxDjAMBgNVBAgTBVRleGFzMQ8w | ||
| DQYDVQQHEwZBdXN0aW4xDDAKBgNVBAoTA0lCTTEOMAwGA1UECxMFU3dpZnQxEjAQ | ||
| BgNVBAMTCWxvY2FsaG9zdIIJAOztRzGO7IBlMAwGA1UdEwQFMAMBAf8wDQYJKoZI | ||
| hvcNAQELBQADggEBAJ8iFApNhHlhDM+VREPRbXRGP34MeCh3kJgQV10fKM5knpdu | ||
| TMG9HBq0yEM4bQUkj6ebK12FktdTAM9FNr0WdUCjW9mTqWDYHTuTIRVOmdywT2be | ||
| TVRwGmTFjGJM6BWvzlFIgV7bR+m/GXhbUzllvGqv4YqVCB2UKPlr3XSRzlF2s0pG | ||
| OfSa9Rj7d5S4RgVeoGkz/mhHgf8iUopjqOvehESPI+WRR/RppK0WJVah04VcY4tC | ||
| OLnLBLqUM/YmYWolO126qszz0kFPh33MFknHlAuFnXEhOp8PAf+yE/9fRaOHcGHP | ||
| ttQVP8ozLPje39zOuo0Zv1Zp3V0ElX5sv7ImdC8= | ||
| -----END CERTIFICATE----- |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| -----BEGIN RSA PRIVATE KEY----- | ||
| MIIEowIBAAKCAQEAyEKi6MV6ABBCl9hyTztcXNElkI3JBWpKROWt4ReNauvKrdA7 | ||
| vD50o3MCfkDPOBCsx+mKxL66Nw4CquWk720fXoKZ8X8JFYJfkK6yEViw/wSnBb3A | ||
| XH7j2jrXBXK8ccY2yJy3XBNMNinMI969PItRysYhJO+yJG7/SyNAnnyvrIxmAgZX | ||
| qD7VaJq/XB8liynnxfdl08FprJDBjeXNHRNU5FtB9fastnVORQSKYOQRHk3vEArV | ||
| GX2BwBzQM8uXcXiRwDk7vrtusPrNqdyCJfD8HccNYB2AomZb5zukXrt8c3/fveke | ||
| kgqnWxVdOh0nFZGyq9PAQ9YTsarH/zVY4YoXbQIDAQABAoIBAF7L5HAJouHK0Ksu | ||
| g5XsBKHPQ1f1NhZBJV0N2Ex4KLJXYb77lntamT4SIDkBltX0VsXfUJgnrOCI2kxp | ||
| nrTT1AiaDCNcPkGXUIOdnp9Fe6uMWUAHfbqLOnLAba6fjILTEHXQcZ+9ZtMw3/iO | ||
| 5Md3L8WsGl5wtMQ4YtL/ogQkA8jKamVMMVloRDR6H0gZ7EagL91MMmlGfmJq6l6F | ||
| V0e3ac8n+IYq61/wKx3X+/uzoOS0cETxHfcUdbVb4aiOCDGWun6XNLjGs6tQHDuQ | ||
| 27rrAiH9CL2lLnKJZ0EHIkd6zCO/N+oaqRlTAzCHc7mL7t+7iGImk+khBdko0P2C | ||
| hl3vC6UCgYEA8Wp6Yoeez3yi/yNH58d/PoK8KvWf6RtPkXaDLw26MVfL64VqY5vY | ||
| 8ibirx8rd6sYS4g6Vejh9LHMd1rGsPaaeMCU9Wtr5LU1HyACG5/4RKqrV1tv92hc | ||
| mLNJD9vTMlBIGaQVSmfA4IWWYrhmak9ByLALH6wQh2RDGarCukEHY4MCgYEA1Fuu | ||
| qOyO+lJWsx/V8U44n6DsZK9E1OLwKe6KXmEWEiyM5dDk3Z2F+ujjz8GQOdtWihyE | ||
| /gl/h3ZselBi03RACg08ML0OS6PTJxgCMnjP1ggHmFJ6Ut+dVW6ZY/49grM8bkO5 | ||
| 3+69wwJECGcpcbWhsrK4qMf9AnGkXVFfrrTMdk8CgYEAoZ3o5MFqPflwnWGfJ7nU | ||
| o6KeGhxpu4K/F+DBHeUQuyvNppSgjqKs8B+8LgSt8uUl1JsUgqLvcgL9oQGydpIB | ||
| A8nZbxtFFc2CDJ4/CwNjD4U6Q7dBE95X7xpHVUiS8OHyAshoQHGJHEYSUXClj5IT | ||
| tii0qbVlM16Z1TsONeaG7cUCgYBLykT16SfGU2i6GVyj+MTgw/BapussB6qrbIVZ | ||
| 1dCov9mxk/J63eOZf1D/Lxgobg3e0PruJ7mqQSvKI7KBwXWxoLOguXjGqjuMMldm | ||
| aBPVUZxUUutxdHmUqhp4w550bT/eIrHOKEj1tnNNhHQYLzj8rCiXpHi6TJDa9VXu | ||
| 5nwqpQKBgBiJ/EZgHrgZgUQaN5/1bgXgBZkjm3AUsKdmuA+JvEd5+fvL7yULCn3s | ||
| NPBMzxosiXdCh7H5lsP5Q9nYqid1iL2l4u/H8ScgnRfrcyi9KUGJrwljvSUiCrtH | ||
| Pa0Hx/JmcYYF22kU31RDMfSYzl/MxQSojDqdD22nGXSEZkvDkDdq | ||
| -----END RSA PRIVATE KEY----- |