1 | /* |
2 | * @(#) $Id: BogusSSLContextFactory.java 210062 2005-07-11 03:52:38Z trustin $ |
3 | * |
4 | * Copyright 2004 The Apache Software Foundation |
5 | * |
6 | * Licensed under the Apache License, Version 2.0 (the "License"); |
7 | * you may not use this file except in compliance with the License. |
8 | * You may obtain a copy of the License at |
9 | * |
10 | * http://www.apache.org/licenses/LICENSE-2.0 |
11 | * |
12 | * Unless required by applicable law or agreed to in writing, software |
13 | * distributed under the License is distributed on an "AS IS" BASIS, |
14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
15 | * See the License for the specific language governing permissions and |
16 | * limitations under the License. |
17 | * |
18 | */ |
19 | package org.apache.mina.examples.echoserver.ssl; |
20 | |
21 | import java.io.IOException; |
22 | import java.io.InputStream; |
23 | import java.security.GeneralSecurityException; |
24 | import java.security.KeyStore; |
25 | |
26 | import javax.net.ssl.KeyManagerFactory; |
27 | import javax.net.ssl.SSLContext; |
28 | |
29 | /** |
30 | * Factory to create a bougus SSLContext. |
31 | * |
32 | * @author Per Widerlund (per@minq.se) |
33 | * @author Jan Andersson (janne@minq.se) |
34 | * |
35 | * @version $Rev: 210062 $, $Date: 2005-07-11 12:52:38 +0900 $ |
36 | */ |
37 | public class BogusSSLContextFactory |
38 | { |
39 | |
40 | /** |
41 | * Protocol to use. |
42 | */ |
43 | private static final String PROTOCOL = "TLS"; |
44 | |
45 | /** |
46 | * Bougus Server certificate keystore file name. |
47 | */ |
48 | private static final String BOGUS_KEYSTORE = "bogus.cert"; |
49 | |
50 | // NOTE: The keystore was generated using keytool: |
51 | // keytool -genkey -alias bogus -keysize 512 -validity 3650 |
52 | // -keyalg RSA -dname "CN=bogus.com, OU=XXX CA, |
53 | // O=Bogus Inc, L=Stockholm, S=Stockholm, C=SE" |
54 | // -keypass boguspw -storepass boguspw -keystore bogus.cert |
55 | |
56 | /** |
57 | * Bougus keystore password. |
58 | */ |
59 | private static final char[] BOGUS_PW = { 'b', 'o', 'g', 'u', 's', 'p', |
60 | 'w' }; |
61 | |
62 | private static SSLContext serverInstance = null; |
63 | |
64 | private static SSLContext clientInstance = null; |
65 | |
66 | /** |
67 | * Get SSLContext singleton. |
68 | * |
69 | * @return SSLContext |
70 | * @throws java.security.GeneralSecurityException |
71 | * |
72 | */ |
73 | public static SSLContext getInstance( boolean server ) |
74 | throws GeneralSecurityException |
75 | { |
76 | SSLContext retInstance = null; |
77 | if( server ) |
78 | { |
79 | if( serverInstance == null ) |
80 | { |
81 | synchronized( BogusSSLContextFactory.class ) |
82 | { |
83 | if( serverInstance == null ) |
84 | { |
85 | try |
86 | { |
87 | serverInstance = createBougusServerSSLContext(); |
88 | } |
89 | catch( Exception ioe ) |
90 | { |
91 | throw new GeneralSecurityException( |
92 | "Can't create Server SSLContext:" + ioe ); |
93 | } |
94 | } |
95 | } |
96 | } |
97 | retInstance = serverInstance; |
98 | } |
99 | else |
100 | { |
101 | if( clientInstance == null ) |
102 | { |
103 | synchronized( BogusSSLContextFactory.class ) |
104 | { |
105 | if( clientInstance == null ) |
106 | { |
107 | clientInstance = createBougusClientSSLContext(); |
108 | } |
109 | } |
110 | } |
111 | retInstance = clientInstance; |
112 | } |
113 | return retInstance; |
114 | } |
115 | |
116 | private static SSLContext createBougusServerSSLContext() |
117 | throws GeneralSecurityException, IOException |
118 | { |
119 | // Create keystore |
120 | KeyStore ks = KeyStore.getInstance( "JKS" ); |
121 | InputStream in = null; |
122 | try |
123 | { |
124 | in = BogusSSLContextFactory.class |
125 | .getResourceAsStream( BOGUS_KEYSTORE ); |
126 | ks.load( in, BOGUS_PW ); |
127 | } |
128 | finally |
129 | { |
130 | if( in != null ) |
131 | { |
132 | try |
133 | { |
134 | in.close(); |
135 | } |
136 | catch( IOException ignored ) |
137 | { |
138 | } |
139 | } |
140 | } |
141 | |
142 | // Set up key manager factory to use our key store |
143 | KeyManagerFactory kmf = KeyManagerFactory.getInstance( "SunX509" ); |
144 | kmf.init( ks, BOGUS_PW ); |
145 | |
146 | // Initialize the SSLContext to work with our key managers. |
147 | SSLContext sslContext = SSLContext.getInstance( PROTOCOL ); |
148 | sslContext.init( kmf.getKeyManagers(), |
149 | BogusTrustManagerFactory.X509_MANAGERS, null ); |
150 | |
151 | return sslContext; |
152 | } |
153 | |
154 | private static SSLContext createBougusClientSSLContext() |
155 | throws GeneralSecurityException |
156 | { |
157 | SSLContext context = SSLContext.getInstance( PROTOCOL ); |
158 | context.init( null, BogusTrustManagerFactory.X509_MANAGERS, null ); |
159 | return context; |
160 | } |
161 | |
162 | } |