001: /**
002: * Licensed to the Apache Software Foundation (ASF) under one
003: * or more contributor license agreements. See the NOTICE file
004: * distributed with this work for additional information
005: * regarding copyright ownership. The ASF licenses this file
006: * to you under the Apache License, Version 2.0 (the
007: * "License"); you may not use this file except in compliance
008: * with the License. You may obtain a copy of the License at
009: *
010: * http://www.apache.org/licenses/LICENSE-2.0
011: *
012: * Unless required by applicable law or agreed to in writing,
013: * software distributed under the License is distributed on an
014: * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015: * KIND, either express or implied. See the License for the
016: * specific language governing permissions and limitations
017: * under the License.
018: */package org.apache.cxf.configuration.jsse.spring;
019:
020: import java.io.FileInputStream;
021: import java.io.IOException;
022: import java.net.URL;
023: import java.security.GeneralSecurityException;
024: import java.security.KeyStore;
025: import java.security.SecureRandom;
026:
027: import javax.net.ssl.KeyManager;
028: import javax.net.ssl.KeyManagerFactory;
029: import javax.net.ssl.TrustManager;
030: import javax.net.ssl.TrustManagerFactory;
031:
032: import org.apache.cxf.configuration.security.KeyManagersType;
033: import org.apache.cxf.configuration.security.KeyStoreType;
034: import org.apache.cxf.configuration.security.SecureRandomParameters;
035: import org.apache.cxf.configuration.security.TrustManagersType;
036:
037: /**
038: * This class provides some functionality to convert the JAXB
039: * generated types in the security.xsd to the items needed
040: * to programatically configure the HTTPConduit and HTTPDesination
041: * with TLSClientParameters and TLSServerParameters respectively.
042: */
043: public final class TLSParameterJaxBUtils {
044:
045: private TLSParameterJaxBUtils() {
046: // empty
047: }
048:
049: /**
050: * This method converts the JAXB generated type into a SecureRandom.
051: */
052: public static SecureRandom getSecureRandom(
053: SecureRandomParameters secureRandomParams)
054: throws GeneralSecurityException {
055:
056: SecureRandom secureRandom = null;
057: if (secureRandomParams != null) {
058: String secureRandomAlg = secureRandomParams.getAlgorithm();
059: String randomProvider = secureRandomParams.getProvider();
060: if (randomProvider != null) {
061: secureRandom = secureRandomAlg != null ? SecureRandom
062: .getInstance(secureRandomAlg, randomProvider)
063: : null;
064: } else {
065: secureRandom = secureRandomAlg != null ? SecureRandom
066: .getInstance(secureRandomAlg) : null;
067: }
068: }
069: return secureRandom;
070: }
071:
072: /**
073: * This method converts a JAXB generated KeyStoreType into a KeyStore.
074: */
075: public static KeyStore getKeyStore(KeyStoreType kst)
076: throws GeneralSecurityException, IOException {
077:
078: if (kst == null) {
079: return null;
080: }
081:
082: String type = kst.isSetType() ? kst.getType() : KeyStore
083: .getDefaultType();
084:
085: char[] password = kst.isSetPassword() ? kst.getPassword()
086: .toCharArray() : null;
087:
088: KeyStore keyStore = !kst.isSetProvider() ? KeyStore
089: .getInstance(type) : KeyStore.getInstance(type, kst
090: .getProvider());
091:
092: if (kst.isSetFile()) {
093: keyStore.load(new FileInputStream(kst.getFile()), password);
094: }
095: if (kst.isSetResource()) {
096: keyStore.load(kst.getClass().getClassLoader()
097: .getResourceAsStream(kst.getResource()), password);
098: }
099: if (kst.isSetUrl()) {
100: keyStore.load(new URL(kst.getUrl()).openStream(), password);
101: }
102: return keyStore;
103: }
104:
105: /**
106: * This method converts the JAXB KeyManagersType into a list of
107: * JSSE KeyManagers.
108: */
109: public static KeyManager[] getKeyManagers(KeyManagersType kmc)
110: throws GeneralSecurityException, IOException {
111:
112: KeyStore keyStore = getKeyStore(kmc.getKeyStore());
113:
114: if (keyStore == null) {
115: return null;
116: }
117:
118: String alg = kmc.isSetFactoryAlgorithm() ? kmc
119: .getFactoryAlgorithm() : KeyManagerFactory
120: .getDefaultAlgorithm();
121:
122: char[] keyPass = kmc.isSetKeyPassword() ? kmc.getKeyPassword()
123: .toCharArray() : null;
124:
125: KeyManagerFactory fac = kmc.isSetProvider() ? KeyManagerFactory
126: .getInstance(alg, kmc.getProvider())
127: : KeyManagerFactory.getInstance(alg);
128:
129: fac.init(keyStore, keyPass);
130:
131: return fac.getKeyManagers();
132: }
133:
134: /**
135: * This method converts the JAXB KeyManagersType into a list of
136: * JSSE TrustManagers.
137: */
138: public static TrustManager[] getTrustManagers(TrustManagersType kmc)
139: throws GeneralSecurityException, IOException {
140:
141: KeyStore keyStore = getKeyStore(kmc.getKeyStore());
142:
143: if (keyStore == null) {
144: return null;
145: }
146:
147: String alg = kmc.isSetFactoryAlgorithm() ? kmc
148: .getFactoryAlgorithm() : KeyManagerFactory
149: .getDefaultAlgorithm();
150:
151: TrustManagerFactory fac = kmc.isSetProvider() ? TrustManagerFactory
152: .getInstance(alg, kmc.getProvider())
153: : TrustManagerFactory.getInstance(alg);
154:
155: fac.init(keyStore);
156:
157: return fac.getTrustManagers();
158: }
159: }
|