001: /*
002: * $Id: TlsPropertiesMapper.java 10489 2008-01-23 17:53:38Z dfeist $
003: * --------------------------------------------------------------------------------------
004: * Copyright (c) MuleSource, Inc. All rights reserved. http://www.mulesource.com
005: *
006: * The software in this package is published under the terms of the CPAL v1.0
007: * license, a copy of which has been included with this distribution in the
008: * LICENSE.txt file.
009: */
010:
011: package org.mule.api.security.tls;
012:
013: import java.io.IOException;
014: import java.util.Properties;
015:
016: import org.apache.commons.logging.Log;
017: import org.apache.commons.logging.LogFactory;
018:
019: /**
020: * Move a {@link TlsConfiguration} to and from Properties (typically System Properties).
021: * This can be used to store TLS/SSL configuration for a library (eg. Javamail, which
022: * reads java.mail properties) or for later retrieval by {@link TlsPropertiesSocketFactory}.
023: */
024: public class TlsPropertiesMapper {
025:
026: private static final String TRUST_NAME_SUFFIX = ".ssl.trustStore";
027: private static final String TRUST_TYPE_SUFFIX = ".ssl.trustStoreType";
028: private static final String TRUST_PASSWORD_SUFFIX = ".ssl.trustStorePassword";
029: private static final String TRUST_ALGORITHM_SUFFIX = ".ssl.trustManagerAlgorithm";
030:
031: private static final String KEY_NAME_SUFFIX = ".ssl.keyStore";
032: private static final String KEY_TYPE_SUFFIX = ".ssl.keyStoreType";
033: private static final String KEY_PASSWORD_SUFFIX = ".ssl.keyStorePassword";
034:
035: private Log logger = LogFactory.getLog(getClass());
036: private String namespace;
037:
038: public TlsPropertiesMapper(String namespace) {
039: this .namespace = namespace;
040: }
041:
042: public void writeToProperties(Properties properties,
043: TlsConfiguration configuration) {
044: writeTrustStoreToProperties(properties, configuration);
045: writeKeyStoreToProperties(properties, configuration);
046: }
047:
048: public void readFromProperties(TlsConfiguration configuration,
049: Properties properties) throws IOException {
050: readTrustStoreFromProperties(configuration, properties);
051: readKeyStoreFromProperties(configuration, properties);
052: }
053:
054: private void writeTrustStoreToProperties(Properties properties,
055: TlsConfiguration configuration) {
056: String trustStoreName = configuration.getTrustStore();
057: String trustStorePassword = configuration
058: .getTrustStorePassword();
059:
060: if (null == trustStoreName
061: && !configuration.isExplicitTrustStoreOnly()) {
062: logger.info("Defaulting " + namespace
063: + " trust store to client Key Store");
064: trustStoreName = configuration.getClientKeyStore();
065: trustStorePassword = configuration
066: .getClientKeyStorePassword();
067: }
068: if (null != trustStoreName) {
069: synchronized (properties) {
070: setProperty(properties, TRUST_NAME_SUFFIX,
071: trustStoreName);
072: setProperty(properties, TRUST_TYPE_SUFFIX,
073: configuration.getTrustStoreType());
074: setProperty(properties, TRUST_PASSWORD_SUFFIX,
075: trustStorePassword);
076: setProperty(properties, TRUST_ALGORITHM_SUFFIX,
077: configuration.getTrustManagerAlgorithm());
078: }
079: logger.debug("Set Trust Store: " + namespace
080: + TRUST_NAME_SUFFIX + " = " + trustStoreName);
081: }
082: }
083:
084: private void readTrustStoreFromProperties(
085: TlsConfiguration configuration, Properties properties)
086: throws IOException {
087: configuration.setTrustStore(getProperty(properties,
088: TRUST_NAME_SUFFIX, configuration.getTrustStore()));
089: configuration.setTrustStoreType(getProperty(properties,
090: TRUST_TYPE_SUFFIX, configuration.getTrustStoreType()));
091: configuration.setTrustStorePassword(getProperty(properties,
092: TRUST_PASSWORD_SUFFIX, configuration
093: .getTrustStorePassword()));
094: configuration.setTrustManagerAlgorithm(getProperty(properties,
095: TRUST_ALGORITHM_SUFFIX, configuration
096: .getTrustManagerAlgorithm()));
097: }
098:
099: private void writeKeyStoreToProperties(Properties properties,
100: TlsConfiguration configuration) {
101: if (null != configuration.getClientKeyStore()) {
102: synchronized (properties) {
103: setProperty(properties, KEY_NAME_SUFFIX, configuration
104: .getClientKeyStore());
105: setProperty(properties, KEY_TYPE_SUFFIX, configuration
106: .getClientKeyStoreType());
107: setProperty(properties, KEY_PASSWORD_SUFFIX,
108: configuration.getClientKeyStorePassword());
109: }
110: logger.info("Set Key Store: " + namespace + KEY_NAME_SUFFIX
111: + " = " + configuration.getClientKeyStore());
112: }
113: }
114:
115: // note the asymmetry here. this preserves the semantics of the original implementation.
116:
117: // originally, the "client" keystore data were written to system properties (only) and
118: // used implicitly to construct sockets, while "non-client" keystore information was
119: // used explicitly.
120:
121: // now we construct some of those implicit sockets explicitly (as part of avoiding global
122: // configuration for tls across all transports). in these cases we read the data needed
123: // from (namespaced) proeprties. if we read that information back into "non-client" keystore
124: // data, even though it was written from "client" data, then we can use the same code in
125: // TlsConfiguration to generate the sockets in both cases.
126:
127: private void readKeyStoreFromProperties(
128: TlsConfiguration configuration, Properties properties)
129: throws IOException {
130: configuration.setKeyStore(getProperty(properties,
131: KEY_NAME_SUFFIX, configuration.getKeyStore()));
132: configuration.setKeyStoreType(getProperty(properties,
133: KEY_TYPE_SUFFIX, configuration.getKeyStoreType()));
134: configuration.setKeyStorePassword(getProperty(properties,
135: KEY_PASSWORD_SUFFIX, configuration
136: .getKeyStorePassword()));
137: }
138:
139: private void setProperty(Properties properties, String suffix,
140: String value) {
141: if (null != value) {
142: properties.setProperty(namespace + suffix, value);
143: if (logger.isDebugEnabled()) {
144: logger.debug(namespace + suffix + " <- " + value);
145: }
146: }
147: }
148:
149: private String getProperty(Properties properties, String suffix,
150: String deflt) {
151: String value = properties.getProperty(namespace + suffix);
152: if (null == value) {
153: value = deflt;
154: }
155: if (logger.isDebugEnabled()) {
156: logger.debug(namespace + suffix + " -> " + value);
157: }
158: return value;
159: }
160:
161: }
|