View Javadoc
1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License.
18   *
19   */
20  package org.apache.mina.example.echoserver.ssl;
21  
22  import java.io.IOException;
23  import java.io.InputStream;
24  import java.security.GeneralSecurityException;
25  import java.security.KeyStore;
26  import java.security.Security;
27  
28  import javax.net.ssl.KeyManagerFactory;
29  import javax.net.ssl.SSLContext;
30  
31  /**
32   * Factory to create a bogus SSLContext.
33   *
34   * @author <a href="http://mina.apache.org">Apache MINA Project</a>
35   */
36  public class BogusSslContextFactory {
37  
38      /**
39       * Protocol to use.
40       */
41      private static final String PROTOCOL = "TLSv1.2";
42  
43      private static final String KEY_MANAGER_FACTORY_ALGORITHM;
44  
45      static {
46          String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm");
47          
48          if (algorithm == null) {
49              algorithm = KeyManagerFactory.getDefaultAlgorithm();
50          }
51  
52          KEY_MANAGER_FACTORY_ALGORITHM = algorithm;
53      }
54  
55      /**
56       * Bogus Server certificate keystore file name.
57       */
58      private static final String BOGUS_KEYSTORE = "bogus.cert";
59  
60      // NOTE: The keystore was generated using keytool:
61      //   keytool -genkey -alias bogus -keysize 512 -validity 3650
62      //           -keyalg RSA -dname "CN=bogus.com, OU=XXX CA,
63      //               O=Bogus Inc, L=Stockholm, S=Stockholm, C=SE"
64      //           -keypass boguspw -storepass boguspw -keystore bogus.cert
65  
66      /**
67       * Bougus keystore password.
68       */
69      private static final char[] BOGUS_PW = { 'b', 'o', 'g', 'u', 's', 'p', 'w' };
70  
71      private static SSLContext serverInstance = null;
72      
73      private static SSLContext clientInstance = null;
74  
75      /**
76       * Get SSLContext singleton.
77       *
78       * @param server A flag to tell if this is a Client or Server instance we want to create
79       * @return SSLContext The created SSLContext 
80       * @throws GeneralSecurityException If we had an issue creating the SSLContext
81       */
82      public static SSLContext getInstance(boolean server) throws GeneralSecurityException {
83          SSLContext retInstance;
84          
85          if (server) {
86              synchronized(BogusSslContextFactory.class) {
87                  if (serverInstance == null) {
88                      try {
89                          serverInstance = createBougusServerSslContext();
90                      } catch (Exception ioe) {
91                          throw new GeneralSecurityException( "Can't create Server SSLContext:" + ioe);
92                      }
93                  }
94              }
95              
96              retInstance = serverInstance;
97          } else {
98              synchronized (BogusSslContextFactory.class) {
99                  if (clientInstance == null) {
100                     clientInstance = createBougusClientSslContext();
101                 }
102             }
103             
104             retInstance = clientInstance;
105         }
106         
107         return retInstance;
108     }
109 
110     private static SSLContext createBougusServerSslContext() throws GeneralSecurityException, IOException {
111         // Create keystore
112         KeyStore ks = KeyStore.getInstance("JKS");
113         InputStream in = null;
114         
115         try {
116             in = BogusSslContextFactory.class.getResourceAsStream(BOGUS_KEYSTORE);
117             ks.load(in, BOGUS_PW);
118         } finally {
119             if (in != null) {
120                 try {
121                     in.close();
122                 } catch (IOException ignored) {
123                 }
124             }
125         }
126 
127         // Set up key manager factory to use our key store
128         KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM);
129         kmf.init(ks, BOGUS_PW);
130 
131         // Initialize the SSLContext to work with our key managers.
132         SSLContext sslContext = SSLContext.getInstance(PROTOCOL);
133         sslContext.init(kmf.getKeyManagers(), BogusTrustManagerFactory.X509_MANAGERS, null);
134 
135         return sslContext;
136     }
137 
138     private static SSLContext createBougusClientSslContext() throws GeneralSecurityException {
139         SSLContext context = SSLContext.getInstance(PROTOCOL);
140         context.init(null, BogusTrustManagerFactory.X509_MANAGERS, null);
141         
142         return context;
143     }
144 }