001/**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements.  See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License.  You may obtain a copy of the License at
008 *
009 *      http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.apache.activemq.spring;
018
019import java.io.InputStream;
020import java.security.KeyStore;
021import java.security.NoSuchAlgorithmException;
022import java.security.SecureRandom;
023import java.util.ArrayList;
024import java.util.Arrays;
025import java.util.Collection;
026
027import javax.annotation.PostConstruct;
028import javax.net.ssl.KeyManager;
029import javax.net.ssl.KeyManagerFactory;
030import javax.net.ssl.TrustManager;
031import javax.net.ssl.TrustManagerFactory;
032import org.apache.activemq.broker.SslContext;
033import org.springframework.core.io.Resource;
034
035/**
036 * Extends the SslContext so that it's easier to configure from spring.
037 * 
038 * @org.apache.xbean.XBean element="sslContext"
039 * 
040 * 
041 */
042public class SpringSslContext extends SslContext {    
043    
044    private String keyStoreType="jks";
045    private String trustStoreType="jks";
046
047    private String secureRandomAlgorithm="SHA1PRNG";    
048    private String keyStoreAlgorithm=KeyManagerFactory.getDefaultAlgorithm();
049    private String trustStoreAlgorithm=TrustManagerFactory.getDefaultAlgorithm();
050
051    private Resource keyStore;
052    private Resource trustStore;
053
054    private String keyStorePassword;
055    private String trustStorePassword;
056
057    /**
058     *
059     * @throws Exception
060     * @org.apache.xbean.InitMethod
061     */
062    @PostConstruct
063    public void afterPropertiesSet() throws Exception {
064        keyManagers.addAll(createKeyManagers());
065        trustManagers.addAll(createTrustManagers());
066        if( secureRandom == null ) {
067            secureRandom = createSecureRandom();
068        }
069    }
070
071    private SecureRandom createSecureRandom() throws NoSuchAlgorithmException {
072        return SecureRandom.getInstance(secureRandomAlgorithm);
073    }
074
075    private Collection<TrustManager> createTrustManagers() throws Exception {
076        KeyStore ks = createTrustManagerKeyStore(); 
077        if( ks ==null ) {
078            return new ArrayList<TrustManager>(0);
079        }
080        
081        TrustManagerFactory tmf  = TrustManagerFactory.getInstance(trustStoreAlgorithm);
082        tmf.init(ks);
083        return Arrays.asList(tmf.getTrustManagers());
084    }
085
086    private Collection<KeyManager> createKeyManagers() throws Exception {
087        KeyStore ks = createKeyManagerKeyStore(); 
088        if( ks ==null ) {
089            return new ArrayList<KeyManager>(0);
090        }
091        
092        KeyManagerFactory tmf  = KeyManagerFactory.getInstance(keyStoreAlgorithm);
093        tmf.init(ks, keyStorePassword==null? null : keyStorePassword.toCharArray());
094        return Arrays.asList(tmf.getKeyManagers());
095    }
096
097    private KeyStore createTrustManagerKeyStore() throws Exception {
098        if( trustStore ==null ) {
099            return null;
100        }
101        
102        KeyStore ks = KeyStore.getInstance(trustStoreType);
103        InputStream is=trustStore.getInputStream();
104        try {
105            ks.load(is, trustStorePassword==null? null : trustStorePassword.toCharArray());
106        } finally {
107            is.close();
108        }
109        return ks;
110    }
111    
112    private KeyStore createKeyManagerKeyStore() throws Exception {
113        if( keyStore ==null ) {
114            return null;
115        }
116        
117        KeyStore ks = KeyStore.getInstance(keyStoreType);
118        InputStream is=keyStore.getInputStream();
119        try {
120            ks.load(is, keyStorePassword==null? null : keyStorePassword.toCharArray());
121        } finally {
122            is.close();
123        }
124        return ks;
125    }
126
127    public String getTrustStoreType() {
128        return trustStoreType;
129    }
130
131    public String getKeyStoreType() {
132        return keyStoreType;
133    }
134
135    public Resource getKeyStore() {
136        return keyStore;
137    }
138
139    public void setKeyStore(Resource keyResource) {
140        this.keyStore = keyResource;
141    }
142
143    public Resource getTrustStore() {
144        return trustStore;
145    }
146
147    public void setTrustStore(Resource trustResource) {
148        this.trustStore = trustResource;
149    }
150
151    public String getKeyStoreAlgorithm() {
152        return keyStoreAlgorithm;
153    }
154
155    public void setKeyStoreAlgorithm(String keyAlgorithm) {
156        this.keyStoreAlgorithm = keyAlgorithm;
157    }
158
159    public String getTrustStoreAlgorithm() {
160        return trustStoreAlgorithm;
161    }
162
163    public void setTrustStoreAlgorithm(String trustAlgorithm) {
164        this.trustStoreAlgorithm = trustAlgorithm;
165    }
166
167    public String getKeyStorePassword() {
168        return keyStorePassword;
169    }
170
171    public void setKeyStorePassword(String keyPassword) {
172        this.keyStorePassword = keyPassword;
173    }
174
175    public String getTrustStorePassword() {
176        return trustStorePassword;
177    }
178
179    public void setTrustStorePassword(String trustPassword) {
180        this.trustStorePassword = trustPassword;
181    }
182
183    public void setKeyStoreType(String keyType) {
184        this.keyStoreType = keyType;
185    }
186
187    public void setTrustStoreType(String trustType) {
188        this.trustStoreType = trustType;
189    }
190
191    public String getSecureRandomAlgorithm() {
192        return secureRandomAlgorithm;
193    }
194
195    public void setSecureRandomAlgorithm(String secureRandomAlgorithm) {
196        this.secureRandomAlgorithm = secureRandomAlgorithm;
197    }
198
199}