Package org.eclipse.hono.config

Class AbstractConfig

java.lang.Object
org.eclipse.hono.config.AbstractConfig
Direct Known Subclasses:
ServerConfig
public abstract class AbstractConfig extends Object
A base class for managing basic configuration properties shared by clients and server components.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    protected final org.slf4j.Logger
    LOG
    A logger to be shared with subclasses.
    static final String
    PREFIX_FILE
    The prefix indicating a file path.

  • Constructor Summary

    Constructors
    Modifier
    Constructor
    Description
    protected
    AbstractConfig()
    Creates a new empty instance.
    protected
    AbstractConfig(AbstractConfig other)
    Creates a new instance from another instance.
    protected
    AbstractConfig(GenericOptions other)
    Creates a new instance from generic options.

  • Method Summary

    Modifier and Type
    Method
    Description
    final String
    getCertPath()
    Gets the absolute path to the PEM file containing the X.509 certificate chain for the RSA private key that should be used for authentication to peers.
    final io.vertx.core.net.KeyCertOptions
    getKeyCertOptions()
    Gets the key & certificate options derived from the key store properties.
    final FileFormat
    getKeyFormat()
    Get the specified format of the key files.
    final String
    getKeyPath()
    Gets the absolute path to the PEM file containing the RSA private key that will be used for authentication to peers.
    final String
    getKeyStorePassword()
    Gets the password for the key store containing the private key and certificate chain that should be used for authentication to peers.
    final String
    getKeyStorePath()
    Gets the absolute path to the key store containing the private key and certificate chain that will be used for authentication to peers.
    protected final String
    getPassword(String purpose, String value)
    Gets the password represented by a property value.
    final String
    getPathSeparator()
    Gets the character separating the segments of target addresses.
    final List<String>
    getSecureProtocols()
    Gets the secure protocols that are enabled for TLS connections.
    final List<String>
    getSupportedCipherSuites()
    Gets the names of the cipher suites that may be used in TLS connections.
    final io.vertx.core.net.TrustOptions
    getTrustOptions()
    Gets the trust options derived from the trust store properties.
    final FileFormat
    getTrustStoreFormat()
    Get the specified format of the trust store.
    final String
    getTrustStorePassword()
    Gets the password for accessing the key store containing the certificates of trusted CAs.
    final String
    getTrustStorePath()
    Gets the path to the key store to load certificates of trusted CAs from.
    protected boolean
    isValidPort(int port)
    Checks if a given port number is valid.
    final void
    setCertPath(String certPath)
    Sets the absolute path to the PEM file containing the X.509 certificate chain for the RSA private key that should be used for authentication to peers.
    final void
    setKeyFormat(FileFormat keyFormat)
    Specify the format of the key material explicitly.
    final void
    setKeyPath(String keyPath)
    Sets the absolute path to the PEM file containing the RSA private key that should be used for authentication to peers.
    final void
    setKeyStorePassword(String keyStorePassword)
    Sets the password for the key store containing the private key and certificate chain that should be used for authentication to peers.
    final void
    setKeyStorePath(String keyStorePath)
    Sets the absolute path to the key store containing the private key and certificate chain that should be used for authentication to peers.
    final void
    setPathSeparator(String pathSeparator)
    Sets the character separating the segments of target addresses.
    final void
    setSecureProtocols(List<String> enabledProtocols)
    Sets the secure protocols that are enabled for TLS connections.
    final void
    setSupportedCipherSuites(List<String> cipherSuites)
    Sets the names of the cipher suites that may be used in TLS connections.
    final void
    setTrustStoreFormat(FileFormat trustStoreFormat)
    Specify the format of the trust store explicitly.
    final void
    setTrustStorePassword(String trustStorePassword)
    Sets the password for accessing the key store containing the certificates of trusted CAs.
    final void
    setTrustStorePath(String trustStorePath)
    Sets the path to the key store to load certificates of trusted CAs from.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • PREFIX_FILE

      public static final String PREFIX_FILE
      The prefix indicating a file path.
      See Also:

    • LOG

      protected final org.slf4j.Logger LOG
      A logger to be shared with subclasses.

  • Constructor Details

    • AbstractConfig

      protected AbstractConfig()
      Creates a new empty instance.

    • AbstractConfig

      protected AbstractConfig(AbstractConfig other)
      Creates a new instance from another instance.
      Parameters:
      other - The other instance. All of the other instance's properties are copied to the newly created instance.

    • AbstractConfig

      protected AbstractConfig(GenericOptions other)
      Creates a new instance from generic options.
      Parameters:
      other - The options. All of the options are copied to the newly created instance.

  • Method Details

    • getPassword

      protected final String getPassword(String purpose, String value)
      Gets the password represented by a property value.

      This method determines the password as follows:

      1. If the given value does not start with "file:", then the password is the given value.
      2. Otherwise the password is the UTF-8 encoded string represented by the first line read from the file indicated by the property's value after the "file:" prefix.
      Parameters:
      purpose - A (very) short description of the context in which the password is being used.
      value - The property value to determine the password from.
      Returns:
      The password.
      Throws:
      NullPointerException - if any of the parameters are null.

    • isValidPort

      protected boolean isValidPort(int port)
      Checks if a given port number is valid.
      Parameters:
      port - The port number.
      Returns:
      true if port >= 0 and port <= 65535.

    • getPathSeparator

      public final String getPathSeparator()
      Gets the character separating the segments of target addresses.
      Returns:
      The separator.

    • setPathSeparator

      public final void setPathSeparator(String pathSeparator)
      Sets the character separating the segments of target addresses.

      The default value of this property is Constants.DEFAULT_PATH_SEPARATOR.

      Parameters:
      pathSeparator - The separator to use.
      Throws:
      NullPointerException - if the given character is null.

    • getTrustStorePath

      public final String getTrustStorePath()
      Gets the path to the key store to load certificates of trusted CAs from.
      Returns:
      The absolute path to the key store or null if not set.

    • setTrustStorePath

      public final void setTrustStorePath(String trustStorePath)
      Sets the path to the key store to load certificates of trusted CAs from.
      Parameters:
      trustStorePath - The absolute path to the key store.

    • getTrustStorePassword

      public final String getTrustStorePassword()
      Gets the password for accessing the key store containing the certificates of trusted CAs.
      Returns:
      The password or null if no password is set.
      See Also:

    • setTrustStorePassword

      public final void setTrustStorePassword(String trustStorePassword)
      Sets the password for accessing the key store containing the certificates of trusted CAs.

      The password can be set either explicitly or implicitly by specifying the path to a file from where the password will be read. In the latter case, the value to set is the (absolute) path to the file prefixed by "file:". To read the password from file /etc/hono/password, this property would need to be set to value file:/etc/hono/password.

      Parameters:
      trustStorePassword - The password to set.
      See Also:

    • getTrustOptions

      public final io.vertx.core.net.TrustOptions getTrustOptions()
      Gets the trust options derived from the trust store properties.
      Returns:
      The trust options or null if trust store path is not set or not supported.
      Throws:
      IllegalArgumentException - In the case the configured trust store is not present in the file system.

    • getKeyStorePath

      public final String getKeyStorePath()
      Gets the absolute path to the key store containing the private key and certificate chain that will be used for authentication to peers.
      Returns:
      The path or null if no path has been set.

    • setKeyStorePath

      public final void setKeyStorePath(String keyStorePath)
      Sets the absolute path to the key store containing the private key and certificate chain that should be used for authentication to peers.
      Parameters:
      keyStorePath - The path.

    • getKeyStorePassword

      public final String getKeyStorePassword()
      Gets the password for the key store containing the private key and certificate chain that should be used for authentication to peers.
      Returns:
      The password or null if no password has been set.
      See Also:

    • setKeyStorePassword

      public final void setKeyStorePassword(String keyStorePassword)
      Sets the password for the key store containing the private key and certificate chain that should be used for authentication to peers.

      The password can be set either explicitly or implicitly by specifying the path to a file from where the password will be read. In the latter case, the value to set is the (absolute) path to the file prefixed by "file:". To read the password from file /etc/hono/password, this property would need to be set to value file:/etc/hono/password.

      Parameters:
      keyStorePassword - The password.

    • getKeyCertOptions

      public final io.vertx.core.net.KeyCertOptions getKeyCertOptions()
      Gets the key & certificate options derived from the key store properties.
      Returns:
      The options or null if key store path or key path and cert path are not set or not supported.
      Throws:
      IllegalArgumentException - In the case any of the configured files is not present in the file system.

    • getCertPath

      public final String getCertPath()
      Gets the absolute path to the PEM file containing the X.509 certificate chain for the RSA private key that should be used for authentication to peers.
      Returns:
      The path or null if no path has been set.

    • setCertPath

      public final void setCertPath(String certPath)
      Sets the absolute path to the PEM file containing the X.509 certificate chain for the RSA private key that should be used for authentication to peers.

      In order to use a non-RSA type key (e.g. an ECC based key) a PKCS12 key store containing the key and certificate chain should be configured by means of the setKeyStorePath(String) and setKeyStorePassword(String) methods.

      Parameters:
      certPath - The path.

    • getKeyPath

      public final String getKeyPath()
      Gets the absolute path to the PEM file containing the RSA private key that will be used for authentication to peers.
      Returns:
      The path or null if no path has been set.

    • setKeyPath

      public final void setKeyPath(String keyPath)
      Sets the absolute path to the PEM file containing the RSA private key that should be used for authentication to peers.

      In order to use a non-RSA type key (e.g. an ECC based key) a PKCS12 key store containing the key should be configured by means of the setKeyStorePath(String) and setKeyStorePassword(String) methods.

      Parameters:
      keyPath - The path.

    • setTrustStoreFormat

      public final void setTrustStoreFormat(FileFormat trustStoreFormat)
      Specify the format of the trust store explicitly.
      Parameters:
      trustStoreFormat - The format to use when reading the trust store, may be null to trigger auto detection.

    • getTrustStoreFormat

      public final FileFormat getTrustStoreFormat()
      Get the specified format of the trust store.
      Returns:
      The format or null if auto-detection should be tried.

    • setKeyFormat

      public final void setKeyFormat(FileFormat keyFormat)
      Specify the format of the key material explicitly.
      Parameters:
      keyFormat - The format to use when reading the key material, may be null to trigger auto detection.

    • getKeyFormat

      public final FileFormat getKeyFormat()
      Get the specified format of the key files.
      Returns:
      The format or null if auto-detection should be tried.

    • getSecureProtocols

      public final List<String> getSecureProtocols()
      Gets the secure protocols that are enabled for TLS connections.

      By default, only TLSv1.2 and TLSv1.3 are enabled. Please refer to the vert.x documentation for a list of supported values.

      Returns:
      The enabled protocols in order of preference.

    • setSecureProtocols

      public final void setSecureProtocols(List<String> enabledProtocols)
      Sets the secure protocols that are enabled for TLS connections.

      By default, only TLSv1.2 and TLSv1.3 are enabled. Please refer to the vert.x documentation for a list of supported values.

      Note that setting this property to an empty list effectively disables TLS altogether.

      Parameters:
      enabledProtocols - The protocols in order of preference.
      Throws:
      NullPointerException - if protocols is null.

    • getSupportedCipherSuites

      public final List<String> getSupportedCipherSuites()
      Gets the names of the cipher suites that may be used in TLS connections.

      An empty list indicates that all cipher suites supported by the JVM can be used. This is also the default.

      Please refer to JSSE Cipher Suite Names for a list of supported cipher suite names.

      Returns:
      The supported cipher suites in order of preference.

    • setSupportedCipherSuites

      public final void setSupportedCipherSuites(List<String> cipherSuites)
      Sets the names of the cipher suites that may be used in TLS connections.

      An empty list indicates that all cipher suites supported by the JVM can be used. This is also the default.

      Please refer to JSSE Cipher Suite Names for a list of supported cipher suite names.

      Parameters:
      cipherSuites - The supported cipher suites in order of preference.
      Throws:
      NullPointerException - if cipher suites is null.