Merge branch 'release/v0.4.0'

mami-project · Nov 30, 2016 · 6434db3 · 6434db3
2 parents a6fab10 + 794a1e3
commit 6434db3
Show file tree

Hide file tree

Showing 37 changed files with 1,208 additions and 977 deletions.
diff --git a/.gitignore b/.gitignore
@@ -148,6 +148,9 @@ fabric.properties
 ### Intellij Patch ###
 *.iml
 
+# Others 
+.idea/encodings.xml
+
 
 ### Java ###
 *.class
@@ -204,12 +207,13 @@ buildNumber.properties
 ### Custom KeyServer Repository ###
 # KeyServer Logs #
 logs/
+
+# KeyServer Config Files #
+config/
+
+# KeyServer Tools #
+!tools/ks_client/ksClient.jar
+
 # Others #
 *.~vsdx
 nb-configuration.xml
-project.properties
-IP_whitelist.txt
-general.properties
-!tools/pk-provider.jar
-tools/certs/
-HTTPS_keystore.ks
diff --git a/.travis.yml b/.travis.yml
@@ -4,6 +4,7 @@ jdk:
 script:
   - mvn verify -X -f ./pom.xml
   - mvn package
+  - mvn javadoc:javadoc
   - mvn site
   - mvn versions:display-dependency-updates
   - mvn versions:display-plugin-updates
diff --git a/CHANGELOG b/CHANGELOG
@@ -1,10 +1,25 @@
 # KeyServer Change Log
 
+v0.4.0
+-------------------------------------------------------------------------------- 
+Features:
+  - Improved HTTPs service and security using Jetty.
+  - New KeyServer folder structure.
+  - Improved logs and security register.
+  - Swagger API file for client code generation.
+  - OpenSource KeyServer Client tool.
+  - New menu option for Jetty server statistics.
+
+Bug fixes:
+  - Solved #13 out of memory error.
+  - Solved cURL problem #14 with GnuTLS/3.x.x
+
+
 v0.3.3
 -------------------------------------------------------------------------------- 
 Features:
   - Now can use others Redis DB index.
-  - Security log for each incomming request.
+  - Security log for each incoming request.
   - Configuration parameters for time intervals (DB monitor and KS updates).
 
 Bug fixes:
@@ -20,13 +35,13 @@ Features:
 Bug fixes:
   - Fixed Javadoc warnings.
   - Updated KeyServer dependencies.
-  - Updated Maven pluginss.
+  - Updated Maven plugins.
 
 
 v0.3.1
 -------------------------------------------------------------------------------- 
 Features:
-  - Impoved Redis connection security.
+  - Improved Redis connection security.
   - Auto remove a Private Key from Redis database before a specific date.
 
 Bug fixes:

diff --git a/pom.xml b/pom.xml
@@ -4,7 +4,7 @@
     <!-- The Basics -->
     <groupId>es.tid.keyserver</groupId>
     <artifactId>KeyServer</artifactId>
-    <version>v0.3.3</version>
+    <version>v0.4.0</version>
     <packaging>jar</packaging>
     <prerequisites>
         <maven>3.0</maven>
@@ -42,8 +42,25 @@
             <artifactId>logback-core</artifactId>
             <version>1.1.7</version>
         </dependency>
-    </dependencies>
+        <!-- https://mvnrepository.com/artifact/javax.servlet/javax.servlet-api -->
+        <!--<dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>javax.servlet-api</artifactId>
+            <version>4.0.0-b01</version>
+        </dependency>-->
 
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-server</artifactId>
+            <version>9.3.14.v20161028</version>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-servlet</artifactId>
+            <version>9.3.8.v20160314</version>
+            <type>jar</type>
+        </dependency>
+    </dependencies>
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <maven.compiler.source>1.8</maven.compiler.source>
@@ -71,7 +88,7 @@
             </plugin>
             <plugin>
                 <artifactId>maven-assembly-plugin</artifactId>
-                <version>2.6</version>
+                <version>3.0.0</version>
                 <executions>
                     <execution>
                         <phase>package</phase>

diff --git a/src/main/java/es/tid/keyserver/config/ConfigController.java b/src/main/java/es/tid/keyserver/config/ConfigController.java
@@ -138,133 +138,79 @@ public int getServerPort(){
             return -1;
         }
     }
-
-    /**
-     * This method is used to get the KeyServer HTTPS SSL Context. 
-     * @return String with the KeyServer HTTPS SSL Context. If the field is not 
-     *     present, returns 'null'.
-     * 
-     *     <p>This is an example with valid values for this field:
-     *     <ul>
-     *      <li>SSLv2</li>
-     *      <li>SSLv3</li>
-     *      <li>TLS</li>
-     *      <li>TLSv1</li>
-     *      <li>TLSv1.1</li>
-     *      <li>TLSv1.2</li>
-     *     </ul> 
-     * @since v0.3.0
-     */
-    public String getServerSSLContext(){
-        return this.keyserverConfig.getServerSSLContext();
-    }
 
     /**
      * This method is used to get the certificate for KeyServer HTTPS server.
      * @return String with the certificate name and route (if is available). If 
      *     the field is not present, returns 'null'.
      * @since v0.3.0
      */
-    public String getServerKeyFile(){
-        return this.keyserverConfig.getServerKeyFile();
+    public String getServerKeyStoreFile(){
+        return this.keyserverConfig.getServerKeyStoreFile();
     }
 
     /**
-     * This method is used to get password of the KeyServer HTTPS certificate.
+     * This method is used to get password of the KeyServer HTTPS certificate 
+     * key store.
      * @return String with the KeyServer HTTPS certificate password. If the 
      *     field is not present, returns 'null'.
      * @since v0.3.0
      */
-    public String getServerKeyPass(){
-        return this.keyserverConfig.getServerKeyPass();
-    }
-
-    /**
-     * This method is used to get the Server Backlog value from the 
-     *     configuration file.
-     * @return Integer with the KeyServer Backlog value. If the field is not 
-     *     present, it returns -1 value.
-     * @since v0.3.0
-     */
-    public int getServerBacklog(){
-        String backlog = this.keyserverConfig.getServerBacklog();
-        if(backlog != null){
-            return Integer.parseInt(backlog);
-        } else {
-            // Error level.
-            LOGGER.error("Not valid Backlog parammeter specified on KeyServer config file: {}", backlog);
-            return -1;
-        }
-    }
-
-    /**
-     * This method is used to get the KeyServer HTTPS certificate manager 
-     *     factory. 
-     * @return String with the KeyServer HTTPS certificate manager factory. 
-     *     If the field is not present, returns 'null'.
-     * 
-     *     <p>This is an example with valid values for this field:
-     *     <ul>
-     *      <li>PKIX</li>
-     *      <li>SunX509</li>
-     *     </ul> 
-     * @since v0.3.0
-     */
-    public String getServerKeyManagerFactory(){
-        return this.keyserverConfig.getServerKeyManagerFactory();
+    public String getServerKeyStorePassword(){
+        return this.keyserverConfig.getKeyStorePassword();
     }
 
     /**
-     * This method is used to get the KeyServer HTTPS certificate trust manager 
-     *     factory. 
-     * @return String with the KeyServer HTTPS certificate trust manager factory. 
-     *     If the field is not present, returns 'null'.
-     * 
-     *     <p>This is an example with valid values for this field:
-     *     <ul>
-     *      <li>PKIX (X509 or SunPKIX)</li>
-     *      <li>SunX509</li>
-     *     </ul> 
-     * @since v0.3.0
+     * This method is used to get password of the KeyServer HTTPS certificate 
+     * manager.
+     * @return String with the KeyServer HTTPS certificate password. If the 
+     *     field is not present, returns 'null'.
+     * @since v0.4.0
      */
-    public String getServerTrustManagerFactory(){
-        return this.keyserverConfig.getServerTrustManagerFactory();
+    public String getServerKeyManagerPassword(){
+        return this.keyserverConfig.getKeyManagerPassword();
     }
 
     /**
-     * This method is used to get the KeyServer HTTPS certificate key store. 
-     * @return String with the KeyServer HTTPS certificate key store. 
-     *     If the field is not present, returns 'null'.
-     * 
-     *     <p>This is an example with valid values for this field:
-     *     <ul>
-     *      <li>jceks</li>
-     *      <li>jks</li>
-     *      <li>pkcs12</li>
-     *     </ul> 
-     * @since v0.3.0
+     * The time in milliseconds that the connection can be idle before it is 
+     * closed.
+     * @return The value in milliseconds or -1 if the value is not valid.
      */
-    public String getServerKeyStore(){
-        return this.keyserverConfig.getServerKeyStore();
+    public long getIdleTimeout() {
+        if(this.keyserverConfig.getServerIdleTimeout().isEmpty()){
+            return -1;
+        }
+        int time = Integer.valueOf(this.keyserverConfig.getServerIdleTimeout());
+        if(time > 0){
+            return time;
+        } else {
+            // Warning level.
+            LOGGER.warn("Jetty connection Idle Timeout value is not valid.");
+            return -1;
+        }
     }
-    
+
     /**
-     * This method is used to get the KeyServer HTTPS cipher suites. 
-     * @return String with the KeyServer HTTPS ciphers suites. If the field is 
-     *     not present, returns 'null'. The ciphers names are separated with commas.
-     * 
-     *     <p>This is an example with valid values for this field:
-     *     <ul>
-     *      <li>TLS_DHE_DSS_WITH_AES_128_GCM_SHA256</li>
-     *      <li>TLS_DHE_DSS_WITH_AES_128_CBC_SHA256</li>
-     *      <li>TLS_DHE_DSS_WITH_AES_128_CBC_SHA</li>
-     *      <li>SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA</li>
-     *      <li>...</li>
-     *     </ul> 
-     * @since v0.3.0
+     * This method returns an array with the authorized IPs for access to the
+     *     KeyServer.
+     * @return Array of strings with the IP authorized. If the field is not 
+     *     present, returns 'null'.
+     * @since v0.4.0
      */
-    public String getServerCiphersSuites(){
-        return this.keyserverConfig.getServerCiphersSuites();
+    public String[] getServerIpWhiteList() {
+        if(this.keyserverConfig.getServerIpWhiteList()==null){
+            // Not defined.
+            return null;
+        }
+        String tmp = this.keyserverConfig.getServerIpWhiteList();
+        if (tmp.contains("&")){
+            // Contains multiples IPs.
+            return tmp.split("&");
+        } else {
+            // Only contains a IP.
+            String [] value = {tmp};
+            return value;
+        }
     }
 
     /**