001/*
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements. See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache license, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License. You may obtain a copy of the License at
008 *
009 *      http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the license for the specific language governing permissions and
015 * limitations under the license.
016 */
017package org.apache.logging.log4j.core.net.ssl;
018
019import org.apache.logging.log4j.core.config.plugins.Plugin;
020import org.apache.logging.log4j.core.config.plugins.PluginAttribute;
021import org.apache.logging.log4j.core.config.plugins.PluginFactory;
022import java.io.*;
023import java.security.KeyStore;
024import java.security.KeyStoreException;
025import java.security.NoSuchAlgorithmException;
026import java.security.cert.CertificateException;
027
028/**
029 * The TrustStoreConfiguration.
030 */
031@Plugin(name = "trustStore", category = "Core", printObject = true)
032public class TrustStoreConfiguration extends StoreConfiguration {
033    private KeyStore trustStore;
034    private String trustStoreType;
035
036    public TrustStoreConfiguration(String location, String password) {
037        super(location, password);
038        trustStoreType = SSLConfigurationDefaults.KEYSTORE_TYPE;
039        trustStore = null;
040    }
041
042    @Override
043    protected void load() throws StoreConfigurationException {
044        KeyStore ts = null;
045        InputStream in = null;
046
047        LOGGER.debug("Loading truststore from file with params(location={})", getLocation());
048        try {
049            if (getLocation() == null) {
050                throw new IOException("The location is null");
051            }
052            ts = KeyStore.getInstance(trustStoreType);
053            in = new FileInputStream(getLocation());
054            ts.load(in, getPasswordAsCharArray());
055        }
056        catch (CertificateException e) {
057            LOGGER.error("No Provider supports a KeyStoreSpi implementation for the specified type {}", trustStoreType);
058            throw new StoreConfigurationException(e);
059        } catch (NoSuchAlgorithmException e) {
060            LOGGER.error("The algorithm used to check the integrity of the keystore cannot be found");
061            throw new StoreConfigurationException(e);
062        } catch (KeyStoreException e) {
063            LOGGER.error(e);
064            throw new StoreConfigurationException(e);
065        } catch (FileNotFoundException e) {
066            LOGGER.error("The keystore file({}) is not found", getLocation());
067            throw new StoreConfigurationException(e);
068        } catch (IOException e) {
069            LOGGER.error("Something is wrong with the format of the truststore or the given password: {}", e.getMessage());
070            throw new StoreConfigurationException(e);
071        } finally {
072            try {
073                if (in != null) {
074                    in.close();
075                }
076            }
077            catch (Exception e) {
078                LOGGER.warn("Error closing {}", getLocation(), e);
079            }
080        }
081        trustStore = ts;
082        LOGGER.debug("Truststore successfully loaded with params(location={})", getLocation());
083    }
084
085    public KeyStore getTrustStore() throws StoreConfigurationException {
086        if (trustStore == null) {
087            load();
088        }
089        return trustStore;
090    }
091
092    /**
093     * Create a TrustStoreConfiguration.
094     * @param location The location of the TrustStore.
095     * @param password The password required to access the TrustStore.
096     * @return
097     */
098    @PluginFactory
099    public static TrustStoreConfiguration createTrustStoreConfiguration(@PluginAttribute("location") String location,
100                                                                        @PluginAttribute("password") String password){
101        return new TrustStoreConfiguration(location, password);
102    }
103}