PentHertz
/
RISE-V2G
mirror of https://github.com/PentHertz/RISE-V2G.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
RISE-V2G/RISE-V2G-SECC/src/main/java/com/v2gclarity/risev2g/secc/transportLayer/TLSServer.java

160 lines
5.9 KiB
Java
Raw Blame History

/*******************************************************************************
* The MIT License (MIT)
*
* Copyright (c) 2015-207 V2G Clarity (Dr.-Ing. Marc Mültin)
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*******************************************************************************/
package com.v2gclarity.risev2g.secc.transportLayer;
import java.io.IOException;
import java.net.SocketException;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
import com.v2gclarity.risev2g.shared.enumerations.GlobalValues;
import com.v2gclarity.risev2g.shared.utils.SecurityUtils;
public final class TLSServer extends StatefulTransportLayerServer {
private static final TLSServer uniqueTLSServerInstance = new TLSServer();
private SSLSocket tlsClientSocket;
private SSLServerSocket tlsServerSocket;
private TLSServer() {}
public static TLSServer getInstance() {
return uniqueTLSServerInstance;
}
/**
* Used to check the correct initialization of a TCP server which is a prerequisite for establishing
* a V2G communication session.
* @return True if the initialization of the TCP server was successful, false otherwise
*/
public boolean initialize() {
super.initialize();
try {
/*
* Setting the system property for the keystore and truststore via
* - System.setProperty("javax.net.ssl.keyStore", [filePath given as a String])
* - System.setProperty("javax.net.ssl.trustStore", [filePath given as a String])
* does not work in a JAR file since only getResourceAsStream works there (which on the other
* hand only returns an InputStream, not a file resource). Thus use setSSLContext()
*/
SecurityUtils.setSSLContext(
GlobalValues.SECC_KEYSTORE_FILEPATH.toString(),
GlobalValues.SECC_TRUSTSTORE_FILEPATH.toString(),
GlobalValues.PASSPHRASE_FOR_CERTIFICATES_AND_KEYS.toString());
SSLServerSocketFactory tlsServerSocketFactory =
(SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
setTlsServerSocket((SSLServerSocket) tlsServerSocketFactory
.createServerSocket(getServerPort(), 50, getServerAddress()));
/*
* The EVCC shall support at least one cipher suite as listed below according to
* the standard. An implementer may decide to choose only one of them:
* - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
* - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
*/
String[] enabledCipherSuites = {
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
};
getTlsServerSocket().setEnabledCipherSuites(enabledCipherSuites);
// Set the supported TLS protocol
String[] enabledProtocols = {"TLSv1.2"};
getTlsServerSocket().setEnabledProtocols(enabledProtocols);
getLogger().info("TLS server initialized at link-local address " +
getTlsServerSocket().getInetAddress().getHostAddress() +
" and port " + getTlsServerSocket().getLocalPort());
} catch (IOException e) {
getLogger().fatal("IOException while trying to initialize TLS server", e);
return false;
} catch (NullPointerException e) {
getLogger().fatal("NullPointerException while trying to set keystores, resource path to keystore/truststore might be incorrect");
return false;
}
return true;
}
@Override
public void run() {
try {
while (!Thread.currentThread().isInterrupted()) {
getLogger().info("Waiting for new TLS client connection ...");
setTlsClientSocket((SSLSocket) getTlsServerSocket().accept());
getLogger().info("TLS client connection with IP address " +
getTlsClientSocket().getInetAddress().getHostAddress() + " and port " +
getTlsClientSocket().getPort());
ConnectionHandler connectionHandler = new ConnectionHandler(tlsClientSocket);
// Notify the V2GCommunicationSessionHandlerSECC about a newly connected TLS client socket
setChanged();
notifyObservers(connectionHandler);
}
} catch (IOException e) {
getLogger().error(e.getClass().getSimpleName() + " occurred while running TLSServer");
} finally {
stop();
}
}
@Override
public void stop() {
try {
getLogger().debug("TLS server will be stopped now");
getTlsServerSocket().close();
} catch (SocketException e) {
getLogger().debug("TLSServerSocket was still active and has been closed now", e);
} catch (IOException e) {
getLogger().error("Error occurred while trying to close TLSServerSocket (IOException)", e);
}
getLogger().debug("TLS server stopped");
}
public SSLSocket getTlsClientSocket() {
return tlsClientSocket;
}
public void setTlsClientSocket(SSLSocket tlsClientSocket) {
this.tlsClientSocket = tlsClientSocket;
}
public SSLServerSocket getTlsServerSocket() {
return tlsServerSocket;
}
public void setTlsServerSocket(SSLServerSocket tlsServerSocket) {
this.tlsServerSocket = tlsServerSocket;
}
}
Reference in New Issue View Git Blame Copy Permalink