Source code

001/**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements.  See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License.  You may obtain a copy of the License at
008 *
009 *      http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.apache.activemq.spring;
018
019import java.io.InputStream;
020import java.net.MalformedURLException;
021import java.security.KeyStore;
022import java.security.NoSuchAlgorithmException;
023import java.security.SecureRandom;
024import java.util.ArrayList;
025import java.util.Arrays;
026import java.util.Collection;
027
028import javax.annotation.PostConstruct;
029import javax.net.ssl.KeyManager;
030import javax.net.ssl.KeyManagerFactory;
031import javax.net.ssl.TrustManager;
032import javax.net.ssl.TrustManagerFactory;
033
034import org.apache.activemq.broker.SslContext;
035
036/**
037 * Extends the SslContext so that it's easier to configure from spring.
038 *
039 * @org.apache.xbean.XBean element="sslContext"
040 *
041 *
042 */
043public class SpringSslContext extends SslContext {
044
045    private String keyStoreType="jks";
046    private String trustStoreType="jks";
047
048    private String secureRandomAlgorithm="SHA1PRNG";
049    private String keyStoreAlgorithm=KeyManagerFactory.getDefaultAlgorithm();
050    private String trustStoreAlgorithm=TrustManagerFactory.getDefaultAlgorithm();
051
052    private String keyStore;
053    private String trustStore;
054
055    private String keyStoreKeyPassword;
056    private String keyStorePassword;
057    private String trustStorePassword;
058
059    /**
060     * JSR-250 callback wrapper; converts checked exceptions to runtime exceptions
061     *
062     * delegates to afterPropertiesSet, done to prevent backwards incompatible signature change.
063     */
064    @PostConstruct
065    private void postConstruct() {
066        try {
067            afterPropertiesSet();
068        } catch (Exception ex) {
069            throw new RuntimeException(ex);
070        }
071    }
072
073    /**
074     *
075     * @throws Exception
076     * @org.apache.xbean.InitMethod
077     */
078    public void afterPropertiesSet() throws Exception {
079        keyManagers.addAll(createKeyManagers());
080        trustManagers.addAll(createTrustManagers());
081        if( secureRandom == null ) {
082            secureRandom = createSecureRandom();
083        }
084    }
085
086    private SecureRandom createSecureRandom() throws NoSuchAlgorithmException {
087        return SecureRandom.getInstance(secureRandomAlgorithm);
088    }
089
090    private Collection<TrustManager> createTrustManagers() throws Exception {
091        KeyStore ks = createTrustManagerKeyStore();
092        if( ks ==null ) {
093            return new ArrayList<TrustManager>(0);
094        }
095
096        TrustManagerFactory tmf  = TrustManagerFactory.getInstance(trustStoreAlgorithm);
097        tmf.init(ks);
098        return Arrays.asList(tmf.getTrustManagers());
099    }
100
101    private Collection<KeyManager> createKeyManagers() throws Exception {
102        KeyStore ks = createKeyManagerKeyStore();
103        if( ks ==null ) {
104            return new ArrayList<KeyManager>(0);
105        }
106
107        KeyManagerFactory tmf  = KeyManagerFactory.getInstance(keyStoreAlgorithm);
108        tmf.init(ks, keyStoreKeyPassword == null ? (keyStorePassword==null? null : keyStorePassword.toCharArray()) : keyStoreKeyPassword.toCharArray());
109        return Arrays.asList(tmf.getKeyManagers());
110    }
111
112    private KeyStore createTrustManagerKeyStore() throws Exception {
113        if( trustStore ==null ) {
114            return null;
115        }
116
117        KeyStore ks = KeyStore.getInstance(trustStoreType);
118        InputStream is=Utils.resourceFromString(trustStore).getInputStream();
119        try {
120            ks.load(is, trustStorePassword==null? null : trustStorePassword.toCharArray());
121        } finally {
122            is.close();
123        }
124        return ks;
125    }
126
127    private KeyStore createKeyManagerKeyStore() throws Exception {
128        if( keyStore ==null ) {
129            return null;
130        }
131
132        KeyStore ks = KeyStore.getInstance(keyStoreType);
133        InputStream is=Utils.resourceFromString(keyStore).getInputStream();
134        try {
135            ks.load(is, keyStorePassword==null? null : keyStorePassword.toCharArray());
136        } finally {
137            is.close();
138        }
139        return ks;
140    }
141
142    public String getTrustStoreType() {
143        return trustStoreType;
144    }
145
146    public String getKeyStoreType() {
147        return keyStoreType;
148    }
149
150    public String getKeyStore() {
151        return keyStore;
152    }
153
154    public void setKeyStore(String keyStore) throws MalformedURLException {
155        this.keyStore = keyStore;
156    }
157
158    public String getTrustStore() {
159        return trustStore;
160    }
161
162    public void setTrustStore(String trustStore) throws MalformedURLException {
163        this.trustStore = trustStore;
164    }
165
166    public String getKeyStoreAlgorithm() {
167        return keyStoreAlgorithm;
168    }
169
170    public void setKeyStoreAlgorithm(String keyAlgorithm) {
171        this.keyStoreAlgorithm = keyAlgorithm;
172    }
173
174    public String getTrustStoreAlgorithm() {
175        return trustStoreAlgorithm;
176    }
177
178    public void setTrustStoreAlgorithm(String trustAlgorithm) {
179        this.trustStoreAlgorithm = trustAlgorithm;
180    }
181
182    public String getKeyStoreKeyPassword() {
183        return keyStoreKeyPassword;
184    }
185
186    public void setKeyStoreKeyPassword(String keyPassword) {
187        this.keyStoreKeyPassword = keyPassword;
188    }
189
190    public String getKeyStorePassword() {
191        return keyStorePassword;
192    }
193
194    public void setKeyStorePassword(String keyPassword) {
195        this.keyStorePassword = keyPassword;
196    }
197
198    public String getTrustStorePassword() {
199        return trustStorePassword;
200    }
201
202    public void setTrustStorePassword(String trustPassword) {
203        this.trustStorePassword = trustPassword;
204    }
205
206    public void setKeyStoreType(String keyType) {
207        this.keyStoreType = keyType;
208    }
209
210    public void setTrustStoreType(String trustType) {
211        this.trustStoreType = trustType;
212    }
213
214    public String getSecureRandomAlgorithm() {
215        return secureRandomAlgorithm;
216    }
217
218    public void setSecureRandomAlgorithm(String secureRandomAlgorithm) {
219        this.secureRandomAlgorithm = secureRandomAlgorithm;
220    }
221
222}