001: /*
002: * $Id: SSLUtil.java,v 1.4 2003/12/04 21:15:08 ajzeneski Exp $
003: *
004: * Copyright (c) 2003 The Open For Business Project - www.ofbiz.org
005: *
006: * Permission is hereby granted, free of charge, to any person obtaining a
007: * copy of this software and associated documentation files (the "Software"),
008: * to deal in the Software without restriction, including without limitation
009: * the rights to use, copy, modify, merge, publish, distribute, sublicense,
010: * and/or sell copies of the Software, and to permit persons to whom the
011: * Software is furnished to do so, subject to the following conditions:
012: *
013: * The above copyright notice and this permission notice shall be included
014: * in all copies or substantial portions of the Software.
015: *
016: * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
017: * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
018: * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
019: * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
020: * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT
021: * OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR
022: * THE USE OR OTHER DEALINGS IN THE SOFTWARE.
023: *
024: */
025: package org.ofbiz.base.util;
026:
027: import java.io.IOException;
028: import java.security.GeneralSecurityException;
029: import java.security.KeyStore;
030:
031: import javax.net.ssl.*;
032:
033: /**
034: * KeyStoreUtil - Utilities for setting up SSL connections with specific client certificates
035: *
036: * @author <a href="mailto:jaz@ofbiz.org">Andy Zeneski</a>
037: * @version $Revision: 1.4 $
038: * @since 3.0
039: */
040: public class SSLUtil {
041:
042: public static final String module = SSLUtil.class.getName();
043: private static boolean loadedProps = false;
044:
045: public static KeyManager[] getKeyManagers() throws IOException,
046: GeneralSecurityException {
047: // get the default TrustManagerFactory
048: String alg = KeyManagerFactory.getDefaultAlgorithm();
049: KeyManagerFactory factory = KeyManagerFactory.getInstance(alg);
050:
051: // set up the KeyStore to use
052: KeyStore ks = KeyStoreUtil.getKeyStore();
053:
054: // initialise the TrustManagerFactory with this KeyStore
055: factory.init(ks, KeyStoreUtil.getKeyStorePassword()
056: .toCharArray());
057:
058: // get the KeyManagers
059: KeyManager[] keyManagers = factory.getKeyManagers();
060: return keyManagers;
061: }
062:
063: public static KeyManager[] getKeyManagers(String alias)
064: throws IOException, GeneralSecurityException {
065: KeyManager[] keyManagers = getKeyManagers();
066:
067: // if an alias has been specified, wrap recognised KeyManagers in an AliasKeyManager
068: if (alias != null) {
069: for (int i = 0; i < keyManagers.length; i++) {
070: // we can only work with instances of X509KeyManager
071: if (keyManagers[i] instanceof X509KeyManager) {
072: keyManagers[i] = new AliasKeyManager(
073: (X509KeyManager) keyManagers[i], alias);
074: }
075: }
076: }
077: return keyManagers;
078: }
079:
080: public static TrustManager[] getTrustManagers() throws IOException,
081: GeneralSecurityException {
082: // get the default TrustManagerFactory
083: String alg = TrustManagerFactory.getDefaultAlgorithm();
084: TrustManagerFactory factory = TrustManagerFactory
085: .getInstance(alg);
086:
087: // set up the TrustStore to use
088: KeyStore ks = KeyStoreUtil.getTrustStore();
089:
090: // initialise the TrustManagerFactory with this KeyStore
091: factory.init(ks);
092:
093: // get the TrustManagers
094: TrustManager[] trustManagers = factory.getTrustManagers();
095: return trustManagers;
096: }
097:
098: public static SSLSocketFactory getSSLSocketFactory(String alias)
099: throws IOException, GeneralSecurityException {
100: KeyManager[] km = getKeyManagers(alias);
101: TrustManager[] tm = getTrustManagers();
102:
103: // may want to have this in the properties file
104: SSLContext context = SSLContext.getInstance("SSL");
105: context.init(km, tm, null);
106: return context.getSocketFactory();
107: }
108:
109: public static synchronized void loadJsseProperties() {
110: if (!loadedProps) {
111: String protocol = UtilProperties.getPropertyValue(
112: "jsse.properties", "java.protocol.handler.pkgs",
113: "NONE");
114: String proxyHost = UtilProperties.getPropertyValue(
115: "jsse.properties", "https.proxyHost", "NONE");
116: String proxyPort = UtilProperties.getPropertyValue(
117: "jsse.properties", "https.proxyPort", "NONE");
118: String cypher = UtilProperties.getPropertyValue(
119: "jsse.properties", "https.cipherSuites", "NONE");
120: if (protocol != null && !protocol.equals("NONE")) {
121: System.setProperty("java.protocol.handler.pkgs",
122: protocol);
123: }
124: if (proxyHost != null && !proxyHost.equals("NONE")) {
125: System.setProperty("https.proxyHost", proxyHost);
126: }
127: if (proxyPort != null && !proxyPort.equals("NONE")) {
128: System.setProperty("https.proxyPort", proxyPort);
129: }
130: if (cypher != null && !cypher.equals("NONE")) {
131: System.setProperty("https.cipherSuites", cypher);
132: }
133: loadedProps = true;
134: }
135: }
136: }
|