load certificate from the inputStream (#293)

cyjseagull · cyjseagull · commit f0a2c7a714dc · 2021-04-09T16:35:59.000+08:00
diff --git a/sdk-core/src/main/java/org/fisco/bcos/sdk/config/Config.java b/sdk-core/src/main/java/org/fisco/bcos/sdk/config/Config.java
@@ -46,7 +46,7 @@ public static ConfigOption load(String tomlConfigFile, int cryptoType) throws Co
             return configOption;
         } catch (Exception e) {
             throw new ConfigException(
-                    "parse Config " + tomlConfigFile + " failed, error info: " + e.getMessage(), e);
+                    "parse Config " + tomlConfigFile + " failed, error info: ", e);
         }
     }
 }
diff --git a/sdk-core/src/main/java/org/fisco/bcos/sdk/config/model/ConfigProperty.java b/sdk-core/src/main/java/org/fisco/bcos/sdk/config/model/ConfigProperty.java
@@ -17,12 +17,17 @@
 
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
 import java.io.UnsupportedEncodingException;
 import java.net.URL;
 import java.net.URLDecoder;
 import java.util.List;
 import java.util.Map;
 import org.fisco.bcos.sdk.config.exceptions.ConfigException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * ConfigOption is the java object of the config file.
@@ -31,6 +36,7 @@
  */
 @JsonIgnoreProperties(ignoreUnknown = true)
 public class ConfigProperty {
+    private static Logger logger = LoggerFactory.getLogger(ConfigProperty.class);
     public Map<String, Object> cryptoMaterial;
     public Map<String, Object> network;
     public List<AmopTopic> amop;
@@ -85,11 +91,41 @@ public static String getValue(Map<String, Object> config, String key, String def
         return (String) config.get(key);
     }
 
+    public static InputStream getConfigInputStream(String configFilePath) throws ConfigException {
+        if (configFilePath == null) {
+            return null;
+        }
+        InputStream inputStream = null;
+        try {
+            inputStream = new FileInputStream(configFilePath);
+            if (inputStream != null) {
+                return inputStream;
+            }
+        } catch (IOException e) {
+            logger.warn(
+                    "Load config from {} failed, trying to load from the classpath, e: {}",
+                    configFilePath,
+                    e);
+            if (inputStream != null) {
+                try {
+                    inputStream.close();
+                } catch (IOException error) {
+                    logger.warn("close InputStream failed, error:", e);
+                }
+            }
+        }
+        // try to load from the class path
+        ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
+        inputStream = classLoader.getResourceAsStream(configFilePath);
+        return inputStream;
+    }
+
     public static String getConfigFilePath(String configFilePath) throws ConfigException {
         try {
             if (configFilePath == null) {
                 return null;
             }
+
             File file = new File(configFilePath);
             if (file.exists()) {
                 return configFilePath;
diff --git a/sdk-core/src/main/java/org/fisco/bcos/sdk/config/model/CryptoMaterialConfig.java b/sdk-core/src/main/java/org/fisco/bcos/sdk/config/model/CryptoMaterialConfig.java
@@ -16,6 +16,7 @@
 package org.fisco.bcos.sdk.config.model;
 
 import java.io.File;
+import java.io.InputStream;
 import java.util.Map;
 import org.fisco.bcos.sdk.config.exceptions.ConfigException;
 import org.fisco.bcos.sdk.model.CryptoType;
@@ -31,6 +32,13 @@ public class CryptoMaterialConfig {
     private String sdkPrivateKeyPath;
     private String enSSLCertPath;
     private String enSSLPrivateKeyPath;
+
+    private InputStream caInputStream;
+    private InputStream sdkCertInputStream;
+    private InputStream sdkPrivateKeyInputStream;
+    private InputStream enSSLCertInputStream;
+    private InputStream enSSLPrivateKeyInputStream;
+
     private int sslCryptoType;
 
     protected CryptoMaterialConfig() {}
@@ -74,6 +82,37 @@ public CryptoMaterialConfig(ConfigProperty configProperty, int cryptoType)
                                 cryptoMaterialProperty,
                                 "enSslKey",
                                 defaultCryptoMaterialConfig.getEnSSLPrivateKeyPath()));
+        // load the input stream
+        this.caInputStream =
+                ConfigProperty.getConfigInputStream(
+                        ConfigProperty.getValue(
+                                cryptoMaterialProperty,
+                                "caCert",
+                                defaultCryptoMaterialConfig.getCaCertPath()));
+        this.sdkCertInputStream =
+                ConfigProperty.getConfigInputStream(
+                        ConfigProperty.getValue(
+                                cryptoMaterialProperty,
+                                "sslCert",
+                                defaultCryptoMaterialConfig.getSdkCertPath()));
+        this.sdkPrivateKeyInputStream =
+                ConfigProperty.getConfigInputStream(
+                        ConfigProperty.getValue(
+                                cryptoMaterialProperty,
+                                "sslKey",
+                                defaultCryptoMaterialConfig.getSdkPrivateKeyPath()));
+        this.enSSLCertInputStream =
+                ConfigProperty.getConfigInputStream(
+                        ConfigProperty.getValue(
+                                cryptoMaterialProperty,
+                                "enSslCert",
+                                defaultCryptoMaterialConfig.getEnSSLCertPath()));
+        this.enSSLPrivateKeyInputStream =
+                ConfigProperty.getConfigInputStream(
+                        ConfigProperty.getValue(
+                                cryptoMaterialProperty,
+                                "enSslKey",
+                                defaultCryptoMaterialConfig.getEnSSLPrivateKeyPath()));
         logger.debug(
                 "Load cryptoMaterial, caCertPath: {}, sdkCertPath: {}, sdkPrivateKeyPath:{}, enSSLCertPath: {}, enSSLPrivateKeyPath:{}",
                 this.getCaCertPath(),
@@ -167,6 +206,46 @@ public void setSslCryptoType(int sslCryptoType) {
         this.sslCryptoType = sslCryptoType;
     }
 
+    public InputStream getCaInputStream() {
+        return caInputStream;
+    }
+
+    public void setCaInputStream(InputStream caInputStream) {
+        this.caInputStream = caInputStream;
+    }
+
+    public InputStream getSdkCertInputStream() {
+        return sdkCertInputStream;
+    }
+
+    public void setSdkCertInputStream(InputStream sdkCertInputStream) {
+        this.sdkCertInputStream = sdkCertInputStream;
+    }
+
+    public InputStream getSdkPrivateKeyInputStream() {
+        return sdkPrivateKeyInputStream;
+    }
+
+    public void setSdkPrivateKeyInputStream(InputStream sdkPrivateKeyInputStream) {
+        this.sdkPrivateKeyInputStream = sdkPrivateKeyInputStream;
+    }
+
+    public InputStream getEnSSLCertInputStream() {
+        return enSSLCertInputStream;
+    }
+
+    public void setEnSSLCertInputStream(InputStream enSSLCertInputStream) {
+        this.enSSLCertInputStream = enSSLCertInputStream;
+    }
+
+    public InputStream getEnSSLPrivateKeyInputStream() {
+        return enSSLPrivateKeyInputStream;
+    }
+
+    public void setEnSSLPrivateKeyInputStream(InputStream enSSLPrivateKeyInputStream) {
+        this.enSSLPrivateKeyInputStream = enSSLPrivateKeyInputStream;
+    }
+
     @Override
     public String toString() {
         return "CryptoMaterialConfig{"
diff --git a/sdk-core/src/main/java/org/fisco/bcos/sdk/network/ConnectionManager.java b/sdk-core/src/main/java/org/fisco/bcos/sdk/network/ConnectionManager.java
@@ -33,9 +33,6 @@
 import io.netty.handler.ssl.SslProvider;
 import io.netty.handler.timeout.IdleStateHandler;
 import io.netty.util.concurrent.Future;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
@@ -52,7 +49,6 @@
 import java.util.concurrent.ScheduledExecutorService;
 import java.util.concurrent.ScheduledThreadPoolExecutor;
 import java.util.concurrent.TimeUnit;
-import javax.net.ssl.SSLException;
 import org.fisco.bcos.sdk.config.ConfigOption;
 import org.fisco.bcos.sdk.model.CryptoType;
 import org.fisco.bcos.sdk.model.RetCode;
@@ -229,28 +225,21 @@ private SslContext initSslContext(ConfigOption configOption) throws NetworkExcep
             Security.setProperty("jdk.disabled.namedCurves", "");
             System.setProperty("jdk.sunec.disableNative", "false");
             // Get file, file existence is already checked when check config file.
-            FileInputStream caCert =
-                    new FileInputStream(
-                            new File(configOption.getCryptoMaterialConfig().getCaCertPath()));
-            FileInputStream sslCert =
-                    new FileInputStream(
-                            new File(configOption.getCryptoMaterialConfig().getSdkCertPath()));
-            FileInputStream sslKey =
-                    new FileInputStream(
-                            new File(
-                                    configOption.getCryptoMaterialConfig().getSdkPrivateKeyPath()));
-
             // Init SslContext
             logger.info(" build ECDSA ssl context with configured certificates ");
             SslContext sslCtx =
                     SslContextBuilder.forClient()
-                            .trustManager(caCert)
-                            .keyManager(sslCert, sslKey)
+                            .trustManager(configOption.getCryptoMaterialConfig().getCaInputStream())
+                            .keyManager(
+                                    configOption.getCryptoMaterialConfig().getSdkCertInputStream(),
+                                    configOption
+                                            .getCryptoMaterialConfig()
+                                            .getSdkPrivateKeyInputStream())
                             .sslProvider(SslProvider.OPENSSL)
                             // .sslProvider(SslProvider.JDK)
                             .build();
             return sslCtx;
-        } catch (FileNotFoundException | SSLException e) {
+        } catch (IOException e) {
             logger.error(
                     "initSslContext failed, caCert: {}, sslCert: {}, sslKey: {}, error: {}, e: {}",
                     configOption.getCryptoMaterialConfig().getCaCertPath(),
@@ -273,29 +262,14 @@ private SslContext initSslContext(ConfigOption configOption) throws NetworkExcep
     private SslContext initSMSslContext(ConfigOption configOption) throws NetworkException {
         try {
             // Get file, file existence is already checked when check config file.
-            FileInputStream caCert =
-                    new FileInputStream(
-                            new File(configOption.getCryptoMaterialConfig().getCaCertPath()));
-            FileInputStream sslCert =
-                    new FileInputStream(
-                            new File(configOption.getCryptoMaterialConfig().getSdkCertPath()));
-            FileInputStream sslKey =
-                    new FileInputStream(
-                            new File(
-                                    configOption.getCryptoMaterialConfig().getSdkPrivateKeyPath()));
-            FileInputStream enCert =
-                    new FileInputStream(
-                            new File(configOption.getCryptoMaterialConfig().getEnSSLCertPath()));
-            FileInputStream enKey =
-                    new FileInputStream(
-                            new File(
-                                    configOption
-                                            .getCryptoMaterialConfig()
-                                            .getEnSSLPrivateKeyPath()));
-
             // Init SslContext
             logger.info(" build SM ssl context with configured certificates ");
-            return SMSslClientContextFactory.build(caCert, enCert, enKey, sslCert, sslKey);
+            return SMSslClientContextFactory.build(
+                    configOption.getCryptoMaterialConfig().getCaInputStream(),
+                    configOption.getCryptoMaterialConfig().getEnSSLCertInputStream(),
+                    configOption.getCryptoMaterialConfig().getEnSSLPrivateKeyInputStream(),
+                    configOption.getCryptoMaterialConfig().getSdkCertInputStream(),
+                    configOption.getCryptoMaterialConfig().getSdkPrivateKeyInputStream());
         } catch (IOException
                 | CertificateException
                 | NoSuchAlgorithmException
diff --git a/sdk-core/src/main/java/org/fisco/bcos/sdk/network/NetworkImp.java b/sdk-core/src/main/java/org/fisco/bcos/sdk/network/NetworkImp.java
@@ -109,17 +109,17 @@ private CheckCertExistenceResult checkCertExistence(boolean isSM) {
         result.setCheckPassed(true);
         String errorMessage = "";
         errorMessage = errorMessage + "Please make sure ";
-        if (!new File(configOption.getCryptoMaterialConfig().getCaCertPath()).exists()) {
+        if (configOption.getCryptoMaterialConfig().getCaInputStream() == null) {
             result.setCheckPassed(false);
             errorMessage =
                     errorMessage + configOption.getCryptoMaterialConfig().getCaCertPath() + " ";
         }
-        if (!new File(configOption.getCryptoMaterialConfig().getSdkCertPath()).exists()) {
+        if (configOption.getCryptoMaterialConfig().getSdkCertInputStream() == null) {
             result.setCheckPassed(false);
             errorMessage =
                     errorMessage + configOption.getCryptoMaterialConfig().getSdkCertPath() + " ";
         }
-        if (!new File(configOption.getCryptoMaterialConfig().getSdkPrivateKeyPath()).exists()) {
+        if (configOption.getCryptoMaterialConfig().getSdkPrivateKeyInputStream() == null) {
             result.setCheckPassed(false);
             errorMessage =
                     errorMessage
@@ -131,12 +131,12 @@ private CheckCertExistenceResult checkCertExistence(boolean isSM) {
             result.setErrorMessage(errorMessage);
             return result;
         }
-        if (!new File(configOption.getCryptoMaterialConfig().getEnSSLCertPath()).exists()) {
+        if (configOption.getCryptoMaterialConfig().getEnSSLCertInputStream() == null) {
             errorMessage =
                     errorMessage + configOption.getCryptoMaterialConfig().getEnSSLCertPath() + " ";
             result.setCheckPassed(false);
         }
-        if (!new File(configOption.getCryptoMaterialConfig().getEnSSLPrivateKeyPath()).exists()) {
+        if (configOption.getCryptoMaterialConfig().getEnSSLPrivateKeyInputStream() == null) {
             errorMessage =
                     errorMessage
                             + configOption.getCryptoMaterialConfig().getEnSSLPrivateKeyPath()

Original file line number	Diff line number	Diff line change
`@@ -46,7 +46,7 @@ public static ConfigOption load(String tomlConfigFile, int cryptoType) throws Co`
`46`	`46`	`return configOption;`
`47`	`47`	`} catch (Exception e) {`
`48`	`48`	`throw new ConfigException(`
`49`		`- "parse Config " + tomlConfigFile + " failed, error info: " + e.getMessage(), e);`
	`49`	`+ "parse Config " + tomlConfigFile + " failed, error info: ", e);`
`50`	`50`	`}`
`51`	`51`	`}`
`52`	`52`	`}`