001    /**
002     * Licensed to the Apache Software Foundation (ASF) under one or more
003     * contributor license agreements.  See the NOTICE file distributed with
004     * this work for additional information regarding copyright ownership.
005     * The ASF licenses this file to You under the Apache License, Version 2.0
006     * (the "License"); you may not use this file except in compliance with
007     * the License.  You may obtain a copy of the License at
008     *
009     *      http://www.apache.org/licenses/LICENSE-2.0
010     *
011     * Unless required by applicable law or agreed to in writing, software
012     * distributed under the License is distributed on an "AS IS" BASIS,
013     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     * See the License for the specific language governing permissions and
015     * limitations under the License.
016     */
017    package org.apache.camel.util.jsse;
018    
019    import java.io.IOException;
020    import java.security.GeneralSecurityException;
021    import java.security.KeyStore;
022    import java.security.Security;
023    
024    import javax.net.ssl.TrustManager;
025    import javax.net.ssl.TrustManagerFactory;
026    
027    import org.slf4j.Logger;
028    import org.slf4j.LoggerFactory;
029    
030    public class TrustManagersParameters extends JsseParameters {
031    
032        private static final Logger LOG = LoggerFactory.getLogger(TrustManagersParameters.class);
033        
034        /**
035         * The key store configuration used to create the {@link KeyStoreParameters} that the
036         * {@link TrustManager}s produced by this object's configuration expose.
037         */
038        protected KeyStoreParameters keyStore;
039    
040        /**
041         * The optional provider identifier for the {@link TrustManagerFactory} used to create
042         * the {@link TrustManager}s represented by this object's configuration.
043         */
044        protected String provider;
045    
046        /**
047         * The optional algorithm name for the {@link TrustManagerFactory} used to
048         * create the {@link TrustManager}s represented by this object's
049         * configuration. See the <a href=
050         * "http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html"
051         * >Java Secure Socket Extension Reference Guide</a> for information about
052         * standard algorithm names.
053         */
054        protected String algorithm;
055        
056        /**
057         * Creates {@link TrustManager}s based on this instance's configuration and the
058         * {@code KeyStore} produced by the configuration returned from
059         * {@link #getKeyStore()}. The {@code KeyManager}s are produced from a
060         * factory created by using the provider and algorithm identifiers returned
061         * by {@link #getProvider()} and {@link #getAlgorithm()}, respectively. If
062         * either of these methods returns null, the default JSSE value is used
063         * instead.
064         * 
065         * @return the initialized {@code TrustManager}s
066         * @throws GeneralSecurityException if there is an error creating the
067         *             {@code TrustManagers}s or in creating the {@code KeyStore}
068         * @throws IOException if there is an error loading the {@code KeyStore}
069         *
070         * @see KeyStoreParameters#createKeyStore()
071         */
072        public TrustManager[] createTrustManagers() throws GeneralSecurityException, IOException {
073            
074            LOG.trace("Creating TrustManager[] from TrustManagersParameters [{}]", this);
075    
076            TrustManager[] trustManagers = null;
077    
078            if (this.getKeyStore() != null) {
079                String tmfAlgorithm = this.parsePropertyValue(this.getAlgorithm());
080                if (tmfAlgorithm == null) {
081                    tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
082                }
083                
084                TrustManagerFactory tmf;
085                if (this.getProvider() == null) {
086                    tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
087                } else {
088                    tmf = TrustManagerFactory.getInstance(tmfAlgorithm, this.parsePropertyValue(this.getProvider()));
089                }
090                
091                LOG.debug("TrustManagerFactory [{}] is using provider [{}] and algorithm [{}].",
092                          new Object[] {tmf, tmf.getProvider(), tmf.getAlgorithm()});
093                
094                KeyStore ks = this.getKeyStore() == null ? null : this.getKeyStore().createKeyStore();
095                tmf.init(ks);
096                trustManagers = tmf.getTrustManagers();
097                
098                LOG.debug("TrustManager[] [{}], initialized from TrustManagerFactory [{}].", trustManagers, tmf);
099            }
100            
101            return trustManagers;
102        }
103    
104        public KeyStoreParameters getKeyStore() {
105            return keyStore;
106        }
107    
108        /**
109         * Sets the key store configuration used to create the {@link KeyStoreParameters} that the
110         * {@link TrustManager}s produced by this object's configuration expose.
111         * 
112         * @param value the configuration to use
113         */
114        public void setKeyStore(KeyStoreParameters value) {
115            this.keyStore = value;
116        }
117    
118        public String getProvider() {
119            return provider;
120        }
121    
122        /**
123         * Sets the optional provider identifier for the {@link TrustManagerFactory}
124         * used to create the {@link TrustManager}s represented by this object's
125         * configuration.
126         * 
127         * @param value the desired provider identifier or {@code null} to use the
128         *            highest priority provider implementing the algorithm
129         *            
130         * @see Security#getProviders()
131         */
132        public void setProvider(String value) {
133            this.provider = value;
134        }
135    
136        public String getAlgorithm() {
137            return algorithm;
138        }
139    
140        /**
141         * Sets optional algorithm name for the {@link TrustManagerFactory} used to create
142         * the {@link TrustManager}s represented by this object's configuration.  See the <a href=
143         * "http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html"
144         * >Java Secure Socket Extension Reference Guide</a> for information about
145         * standard algorithm names.
146         * 
147         * @param value the desired algorithm or {@code null} to use default
148         * 
149         * @see TrustManagerFactory#getDefaultAlgorithm()
150         */
151        public void setAlgorithm(String value) {
152            this.algorithm = value;
153        }
154    
155        @Override
156        public String toString() {
157            StringBuilder builder = new StringBuilder();
158            builder.append("TrustManagerType [keyStore=");
159            builder.append(keyStore);
160            builder.append(", provider=");
161            builder.append(provider);
162            builder.append(", algorithm=");
163            builder.append(algorithm);
164            builder.append(", getContext()=");
165            builder.append(getCamelContext());
166            builder.append("]");
167            return builder.toString();
168        }
169    }