View Javadoc

1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License.
18   *
19   */
20  package org.apache.mina.examples.http;
21  
22  import java.io.IOException;
23  import java.io.InputStream;
24  import java.security.GeneralSecurityException;
25  import java.security.KeyStore;
26  import java.security.Security;
27  
28  import javax.net.ssl.KeyManagerFactory;
29  import javax.net.ssl.SSLContext;
30  
31  /**
32   * Factory to create a bogus SSLContext.
33   * 
34   * @author <a href="http://mina.apache.org">Apache MINA Project</a>
35   */
36  public class BogusSslContextFactory {
37  
38      /**
39       * Protocol to use.
40       */
41      private static final String PROTOCOL = "TLS";
42  
43      private static final String KEY_MANAGER_FACTORY_ALGORITHM;
44  
45      static {
46          String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm");
47          if (algorithm == null) {
48              algorithm = KeyManagerFactory.getDefaultAlgorithm();
49          }
50  
51          KEY_MANAGER_FACTORY_ALGORITHM = algorithm;
52      }
53  
54      /**
55       * Bogus Server certificate keystore file name.
56       */
57      private static final String BOGUS_KEYSTORE = "bogus.cert";
58  
59      // NOTE: The keystore was generated using keytool:
60      // keytool -genkey -alias bogus -keysize 512 -validity 3650
61      // -keyalg RSA -dname "CN=bogus.com, OU=XXX CA,
62      // O=Bogus Inc, L=Stockholm, S=Stockholm, C=SE"
63      // -keypass boguspw -storepass boguspw -keystore bogus.cert
64  
65      /**
66       * Bougus keystore password.
67       */
68      private static final char[] BOGUS_PW = { 'b', 'o', 'g', 'u', 's', 'p', 'w' };
69  
70      private static SSLContext serverInstance = null;
71  
72      private static SSLContext clientInstance = null;
73  
74      /**
75       * Get SSLContext singleton.
76       * 
77       * @return SSLContext
78       * @throws java.security.GeneralSecurityException
79       * 
80       */
81      public static SSLContext getInstance(boolean server) throws GeneralSecurityException {
82          SSLContext retInstance = null;
83          if (server) {
84              synchronized (BogusSslContextFactory.class) {
85                  if (serverInstance == null) {
86                      try {
87                          serverInstance = createBougusServerSslContext();
88                      } catch (Exception ioe) {
89                          throw new GeneralSecurityException("Can't create Server SSLContext:" + ioe);
90                      }
91                  }
92              }
93              retInstance = serverInstance;
94          } else {
95              synchronized (BogusSslContextFactory.class) {
96                  if (clientInstance == null) {
97                      clientInstance = createBougusClientSslContext();
98                  }
99              }
100             retInstance = clientInstance;
101         }
102         return retInstance;
103     }
104 
105     private static SSLContext createBougusServerSslContext() throws GeneralSecurityException, IOException {
106         // Create keystore
107         KeyStore ks = KeyStore.getInstance("JKS");
108         InputStream in = null;
109         try {
110             in = BogusSslContextFactory.class.getResourceAsStream(BOGUS_KEYSTORE);
111             ks.load(in, BOGUS_PW);
112         } finally {
113             if (in != null) {
114                 try {
115                     in.close();
116                 } catch (IOException ignored) {
117                 }
118             }
119         }
120 
121         // Set up key manager factory to use our key store
122         KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM);
123         kmf.init(ks, BOGUS_PW);
124 
125         // Initialize the SSLContext to work with our key managers.
126         SSLContext sslContext = SSLContext.getInstance(PROTOCOL);
127         sslContext.init(kmf.getKeyManagers(), BogusTrustManagerFactory.X509_MANAGERS, null);
128 
129         return sslContext;
130     }
131 
132     private static SSLContext createBougusClientSslContext() throws GeneralSecurityException {
133         SSLContext context = SSLContext.getInstance(PROTOCOL);
134         context.init(null, BogusTrustManagerFactory.X509_MANAGERS, null);
135         return context;
136     }
137 
138 }