Code Review / integration / packaging / puppet-opendaylight.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Adds SSL/TLS support
[integration/packaging/puppet-opendaylight.git] / lib / puppet / provider / odl_keystore / jks.rb
1 Puppet::Type.type(:odl_keystore).provide(:jks) do
2   commands :keytool => 'keytool'
3
4   require 'fileutils'
5   require 'openssl'
6
7   def remove_p12_ks
8     keystore_dir = File.dirname(@resource[:keystore_path])
9     if File.file?("#{keystore_dir}/ctl.p12")
10       FileUtils.rm("#{keystore_dir}/ctl.p12")
11     end
12   end
13
14   def create
15     keystore_dir = File.dirname(@resource[:keystore_path])
16     unless File.directory?(keystore_dir)
17       FileUtils.mkdir_p(keystore_dir, :mode => 0755)
18       FileUtils.chown('odl', 'odl', keystore_dir)
19     end
20     # create p12 keystore
21     key = OpenSSL::PKey::RSA.new File.read(@resource[:key_file])
22     raw_cert = File.read(@resource[:cert_file])
23     certificate = OpenSSL::X509::Certificate.new(raw_cert)
24     if @resource[:ca_file]
25       p12_ks = OpenSSL::PKCS12.create(@resource[:password], @resource[:name], \
26                                       key, certificate, [@resource[:ca_file]])
27     else
28       p12_ks = OpenSSL::PKCS12.create(@resource[:password], @resource[:name], \
29                                       key, certificate)
30     end
31     open "#{keystore_dir}/ctl1.p12", 'w', 0644 do |io|
32       io.write p12_ks.to_der()
33     end
34     # convert to jks
35     keytool('-importkeystore', '-deststorepass', @resource[:password], \
36             '-destkeypass', @resource[:password], '-destkeystore', \
37             @resource[:keystore_path], '-srckeystore', "#{keystore_dir}/ctl1.p12", \
38             '-srcstoretype', 'PKCS12', '-srcstorepass', @resource[:password], \
39             '-alias', @resource[:name])
40     remove_p12_ks
41     unless File.file?(@resource[:keystore_path])
42       raise Puppet::Error, 'JKS keystore creation failed'
43     end
44     FileUtils.chown('odl', 'odl', @resource[:keystore_path])
45   end
46
47   def destroy
48     FileUtils.rm(@resource[:keystore_path])
49   end
50
51   def exists?
52     return File.file?(@resource[:keystore_path])
53   end
54
55   def key_file
56     return @resource[:key_file]
57   end
58
59   def key_file=(key_file)
60     destroy
61     create
62   end
63
64   def cert_file
65     return @resource[:cert_file]
66   end
67
68   def cert_file=(cert_file)
69     destroy
70     create
71   end
72
73   def ca_file
74     return @resource[:ca_file]
75   end
76
77   def ca_file=(ca_file)
78     destroy
79     create
80   end
81
82   def keystore_path
83     if exists?
84       return @resource[:keystore_path]
85     end
86   end
87
88   def keystore_path=(keystore_path)
89     destroy
90     create
91   end
92
93   def password
94     begin
95       keytool('-list', '-keystore', @resource[:keystore_path], '-storepass', \
96               @resource[:password])
97       return @resource[:password]
98     rescue
99       return false
100     end
101   end
102
103   def password=(password)
104     destroy
105     create
106   end
107 end
ODL-managed repository for the puppet-opendaylight. - Archived