View Javadoc

1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License.
18   *
19   */
20  package org.apache.mina.example.echoserver.ssl;
21  
22  import java.io.IOException;
23  import java.io.InputStream;
24  import java.security.GeneralSecurityException;
25  import java.security.KeyStore;
26  import java.security.Security;
27  
28  import javax.net.ssl.KeyManagerFactory;
29  import javax.net.ssl.SSLContext;
30  
31  /**
32   * Factory to create a bogus SSLContext.
33   *
34   * @author <a href="http://mina.apache.org">Apache MINA Project</a>
35   */
36  public class BogusSslContextFactory {
37  
38      /**
39       * Protocol to use.
40       */
41      private static final String PROTOCOL = "TLS";
42  
43      private static final String KEY_MANAGER_FACTORY_ALGORITHM;
44  
45      static {
46          String algorithm = Security
47                  .getProperty("ssl.KeyManagerFactory.algorithm");
48          if (algorithm == null) {
49              algorithm = KeyManagerFactory.getDefaultAlgorithm();
50          }
51  
52          KEY_MANAGER_FACTORY_ALGORITHM = algorithm;
53      }
54  
55      /**
56       * Bougus Server certificate keystore file name.
57       */
58      private static final String BOGUS_KEYSTORE = "bogus.cert";
59  
60      // NOTE: The keystore was generated using keytool:
61      //   keytool -genkey -alias bogus -keysize 512 -validity 3650
62      //           -keyalg RSA -dname "CN=bogus.com, OU=XXX CA,
63      //               O=Bogus Inc, L=Stockholm, S=Stockholm, C=SE"
64      //           -keypass boguspw -storepass boguspw -keystore bogus.cert
65  
66      /**
67       * Bougus keystore password.
68       */
69      private static final char[] BOGUS_PW = { 'b', 'o', 'g', 'u', 's', 'p', 'w' };
70  
71      private static SSLContext serverInstance = null;
72      
73      private static SSLContext clientInstance = null;
74  
75      /**
76       * Get SSLContext singleton.
77       *
78       * @return SSLContext
79       * @throws java.security.GeneralSecurityException
80       *
81       */
82      public static SSLContext getInstance(boolean server)
83              throws GeneralSecurityException {
84          SSLContext retInstance = null;
85          if (server) {
86              synchronized(BogusSslContextFactory.class) {
87                  if (serverInstance == null) {
88                      try {
89                          serverInstance = createBougusServerSslContext();
90                      } catch (Exception ioe) {
91                          throw new GeneralSecurityException(
92                                  "Can't create Server SSLContext:" + ioe);
93                      }
94                  }
95              }
96              retInstance = serverInstance;
97          } else {
98              synchronized (BogusSslContextFactory.class) {
99                  if (clientInstance == null) {
100                     clientInstance = createBougusClientSslContext();
101                 }
102             }
103             retInstance = clientInstance;
104         }
105         return retInstance;
106     }
107 
108     private static SSLContext createBougusServerSslContext()
109             throws GeneralSecurityException, IOException {
110         // Create keystore
111         KeyStore ks = KeyStore.getInstance("JKS");
112         InputStream in = null;
113         try {
114             in = BogusSslContextFactory.class
115                     .getResourceAsStream(BOGUS_KEYSTORE);
116             ks.load(in, BOGUS_PW);
117         } finally {
118             if (in != null) {
119                 try {
120                     in.close();
121                 } catch (IOException ignored) {
122                 }
123             }
124         }
125 
126         // Set up key manager factory to use our key store
127         KeyManagerFactory kmf = KeyManagerFactory
128                 .getInstance(KEY_MANAGER_FACTORY_ALGORITHM);
129         kmf.init(ks, BOGUS_PW);
130 
131         // Initialize the SSLContext to work with our key managers.
132         SSLContext sslContext = SSLContext.getInstance(PROTOCOL);
133         sslContext.init(kmf.getKeyManagers(),
134                 BogusTrustManagerFactory.X509_MANAGERS, null);
135 
136         return sslContext;
137     }
138 
139     private static SSLContext createBougusClientSslContext()
140             throws GeneralSecurityException {
141         SSLContext context = SSLContext.getInstance(PROTOCOL);
142         context.init(null, BogusTrustManagerFactory.X509_MANAGERS, null);
143         return context;
144     }
145 
146 }