001 /**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements. See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License. You may obtain a copy of the License at
008 *
009 * http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017 package org.apache.activemq.spring;
018
019 import java.io.InputStream;
020 import java.net.MalformedURLException;
021 import java.security.KeyStore;
022 import java.security.NoSuchAlgorithmException;
023 import java.security.SecureRandom;
024 import java.util.ArrayList;
025 import java.util.Arrays;
026 import java.util.Collection;
027
028 import javax.annotation.PostConstruct;
029 import javax.net.ssl.KeyManager;
030 import javax.net.ssl.KeyManagerFactory;
031 import javax.net.ssl.TrustManager;
032 import javax.net.ssl.TrustManagerFactory;
033 import org.apache.activemq.broker.SslContext;
034
035 /**
036 * Extends the SslContext so that it's easier to configure from spring.
037 *
038 * @org.apache.xbean.XBean element="sslContext"
039 *
040 *
041 */
042 public class SpringSslContext extends SslContext {
043
044 private String keyStoreType="jks";
045 private String trustStoreType="jks";
046
047 private String secureRandomAlgorithm="SHA1PRNG";
048 private String keyStoreAlgorithm=KeyManagerFactory.getDefaultAlgorithm();
049 private String trustStoreAlgorithm=TrustManagerFactory.getDefaultAlgorithm();
050
051 private String keyStore;
052 private String trustStore;
053
054 private String keyStorePassword;
055 private String trustStorePassword;
056
057 /**
058 *
059 * @throws Exception
060 * @org.apache.xbean.InitMethod
061 */
062 @PostConstruct
063 public void afterPropertiesSet() throws Exception {
064 keyManagers.addAll(createKeyManagers());
065 trustManagers.addAll(createTrustManagers());
066 if( secureRandom == null ) {
067 secureRandom = createSecureRandom();
068 }
069 }
070
071 private SecureRandom createSecureRandom() throws NoSuchAlgorithmException {
072 return SecureRandom.getInstance(secureRandomAlgorithm);
073 }
074
075 private Collection<TrustManager> createTrustManagers() throws Exception {
076 KeyStore ks = createTrustManagerKeyStore();
077 if( ks ==null ) {
078 return new ArrayList<TrustManager>(0);
079 }
080
081 TrustManagerFactory tmf = TrustManagerFactory.getInstance(trustStoreAlgorithm);
082 tmf.init(ks);
083 return Arrays.asList(tmf.getTrustManagers());
084 }
085
086 private Collection<KeyManager> createKeyManagers() throws Exception {
087 KeyStore ks = createKeyManagerKeyStore();
088 if( ks ==null ) {
089 return new ArrayList<KeyManager>(0);
090 }
091
092 KeyManagerFactory tmf = KeyManagerFactory.getInstance(keyStoreAlgorithm);
093 tmf.init(ks, keyStorePassword==null? null : keyStorePassword.toCharArray());
094 return Arrays.asList(tmf.getKeyManagers());
095 }
096
097 private KeyStore createTrustManagerKeyStore() throws Exception {
098 if( trustStore ==null ) {
099 return null;
100 }
101
102 KeyStore ks = KeyStore.getInstance(trustStoreType);
103 InputStream is=Utils.resourceFromString(trustStore).getInputStream();
104 try {
105 ks.load(is, trustStorePassword==null? null : trustStorePassword.toCharArray());
106 } finally {
107 is.close();
108 }
109 return ks;
110 }
111
112 private KeyStore createKeyManagerKeyStore() throws Exception {
113 if( keyStore ==null ) {
114 return null;
115 }
116
117 KeyStore ks = KeyStore.getInstance(keyStoreType);
118 InputStream is=Utils.resourceFromString(keyStore).getInputStream();
119 try {
120 ks.load(is, keyStorePassword==null? null : keyStorePassword.toCharArray());
121 } finally {
122 is.close();
123 }
124 return ks;
125 }
126
127 public String getTrustStoreType() {
128 return trustStoreType;
129 }
130
131 public String getKeyStoreType() {
132 return keyStoreType;
133 }
134
135 public String getKeyStore() {
136 return keyStore;
137 }
138
139 public void setKeyStore(String keyStore) throws MalformedURLException {
140 this.keyStore = keyStore;
141 }
142
143 public String getTrustStore() {
144 return trustStore;
145 }
146
147 public void setTrustStore(String trustStore) throws MalformedURLException {
148 this.trustStore = trustStore;
149 }
150
151 public String getKeyStoreAlgorithm() {
152 return keyStoreAlgorithm;
153 }
154
155 public void setKeyStoreAlgorithm(String keyAlgorithm) {
156 this.keyStoreAlgorithm = keyAlgorithm;
157 }
158
159 public String getTrustStoreAlgorithm() {
160 return trustStoreAlgorithm;
161 }
162
163 public void setTrustStoreAlgorithm(String trustAlgorithm) {
164 this.trustStoreAlgorithm = trustAlgorithm;
165 }
166
167 public String getKeyStorePassword() {
168 return keyStorePassword;
169 }
170
171 public void setKeyStorePassword(String keyPassword) {
172 this.keyStorePassword = keyPassword;
173 }
174
175 public String getTrustStorePassword() {
176 return trustStorePassword;
177 }
178
179 public void setTrustStorePassword(String trustPassword) {
180 this.trustStorePassword = trustPassword;
181 }
182
183 public void setKeyStoreType(String keyType) {
184 this.keyStoreType = keyType;
185 }
186
187 public void setTrustStoreType(String trustType) {
188 this.trustStoreType = trustType;
189 }
190
191 public String getSecureRandomAlgorithm() {
192 return secureRandomAlgorithm;
193 }
194
195 public void setSecureRandomAlgorithm(String secureRandomAlgorithm) {
196 this.secureRandomAlgorithm = secureRandomAlgorithm;
197 }
198
199 }