001/** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017package org.apache.activemq.spring; 018 019import java.io.InputStream; 020import java.security.KeyStore; 021import java.security.NoSuchAlgorithmException; 022import java.security.SecureRandom; 023import java.util.ArrayList; 024import java.util.Arrays; 025import java.util.Collection; 026 027import javax.annotation.PostConstruct; 028import javax.net.ssl.KeyManager; 029import javax.net.ssl.KeyManagerFactory; 030import javax.net.ssl.TrustManager; 031import javax.net.ssl.TrustManagerFactory; 032import org.apache.activemq.broker.SslContext; 033import org.springframework.core.io.Resource; 034 035/** 036 * Extends the SslContext so that it's easier to configure from spring. 037 * 038 * @org.apache.xbean.XBean element="sslContext" 039 * 040 * 041 */ 042public class SpringSslContext extends SslContext { 043 044 private String keyStoreType="jks"; 045 private String trustStoreType="jks"; 046 047 private String secureRandomAlgorithm="SHA1PRNG"; 048 private String keyStoreAlgorithm=KeyManagerFactory.getDefaultAlgorithm(); 049 private String trustStoreAlgorithm=TrustManagerFactory.getDefaultAlgorithm(); 050 051 private Resource keyStore; 052 private Resource trustStore; 053 054 private String keyStorePassword; 055 private String trustStorePassword; 056 057 /** 058 * 059 * @throws Exception 060 * @org.apache.xbean.InitMethod 061 */ 062 @PostConstruct 063 public void afterPropertiesSet() throws Exception { 064 keyManagers.addAll(createKeyManagers()); 065 trustManagers.addAll(createTrustManagers()); 066 if( secureRandom == null ) { 067 secureRandom = createSecureRandom(); 068 } 069 } 070 071 private SecureRandom createSecureRandom() throws NoSuchAlgorithmException { 072 return SecureRandom.getInstance(secureRandomAlgorithm); 073 } 074 075 private Collection<TrustManager> createTrustManagers() throws Exception { 076 KeyStore ks = createTrustManagerKeyStore(); 077 if( ks ==null ) { 078 return new ArrayList<TrustManager>(0); 079 } 080 081 TrustManagerFactory tmf = TrustManagerFactory.getInstance(trustStoreAlgorithm); 082 tmf.init(ks); 083 return Arrays.asList(tmf.getTrustManagers()); 084 } 085 086 private Collection<KeyManager> createKeyManagers() throws Exception { 087 KeyStore ks = createKeyManagerKeyStore(); 088 if( ks ==null ) { 089 return new ArrayList<KeyManager>(0); 090 } 091 092 KeyManagerFactory tmf = KeyManagerFactory.getInstance(keyStoreAlgorithm); 093 tmf.init(ks, keyStorePassword==null? null : keyStorePassword.toCharArray()); 094 return Arrays.asList(tmf.getKeyManagers()); 095 } 096 097 private KeyStore createTrustManagerKeyStore() throws Exception { 098 if( trustStore ==null ) { 099 return null; 100 } 101 102 KeyStore ks = KeyStore.getInstance(trustStoreType); 103 InputStream is=trustStore.getInputStream(); 104 try { 105 ks.load(is, trustStorePassword==null? null : trustStorePassword.toCharArray()); 106 } finally { 107 is.close(); 108 } 109 return ks; 110 } 111 112 private KeyStore createKeyManagerKeyStore() throws Exception { 113 if( keyStore ==null ) { 114 return null; 115 } 116 117 KeyStore ks = KeyStore.getInstance(keyStoreType); 118 InputStream is=keyStore.getInputStream(); 119 try { 120 ks.load(is, keyStorePassword==null? null : keyStorePassword.toCharArray()); 121 } finally { 122 is.close(); 123 } 124 return ks; 125 } 126 127 public String getTrustStoreType() { 128 return trustStoreType; 129 } 130 131 public String getKeyStoreType() { 132 return keyStoreType; 133 } 134 135 public Resource getKeyStore() { 136 return keyStore; 137 } 138 139 public void setKeyStore(Resource keyResource) { 140 this.keyStore = keyResource; 141 } 142 143 public Resource getTrustStore() { 144 return trustStore; 145 } 146 147 public void setTrustStore(Resource trustResource) { 148 this.trustStore = trustResource; 149 } 150 151 public String getKeyStoreAlgorithm() { 152 return keyStoreAlgorithm; 153 } 154 155 public void setKeyStoreAlgorithm(String keyAlgorithm) { 156 this.keyStoreAlgorithm = keyAlgorithm; 157 } 158 159 public String getTrustStoreAlgorithm() { 160 return trustStoreAlgorithm; 161 } 162 163 public void setTrustStoreAlgorithm(String trustAlgorithm) { 164 this.trustStoreAlgorithm = trustAlgorithm; 165 } 166 167 public String getKeyStorePassword() { 168 return keyStorePassword; 169 } 170 171 public void setKeyStorePassword(String keyPassword) { 172 this.keyStorePassword = keyPassword; 173 } 174 175 public String getTrustStorePassword() { 176 return trustStorePassword; 177 } 178 179 public void setTrustStorePassword(String trustPassword) { 180 this.trustStorePassword = trustPassword; 181 } 182 183 public void setKeyStoreType(String keyType) { 184 this.keyStoreType = keyType; 185 } 186 187 public void setTrustStoreType(String trustType) { 188 this.trustStoreType = trustType; 189 } 190 191 public String getSecureRandomAlgorithm() { 192 return secureRandomAlgorithm; 193 } 194 195 public void setSecureRandomAlgorithm(String secureRandomAlgorithm) { 196 this.secureRandomAlgorithm = secureRandomAlgorithm; 197 } 198 199}