View Javadoc
1   /*
2    * Copyright 2015 The Apache Software Foundation.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.apache.juddi.v3.client.cryptor;
17  
18  import java.io.File;
19  import java.io.FileInputStream;
20  import java.security.KeyStore;
21  import javax.net.ssl.HttpsURLConnection;
22  import javax.net.ssl.KeyManagerFactory;
23  import javax.net.ssl.SSLContext;
24  import javax.net.ssl.TrustManagerFactory;
25  import javax.xml.ws.BindingProvider;
26  import org.apache.commons.logging.Log;
27  import org.apache.commons.logging.LogFactory;
28  
29  /**
30   *
31   * @author alexoree@apache.org
32   */
33  public class TransportSecurityHelper {
34  
35          private static final Log log = LogFactory.getLog(TransportSecurityHelper.class);
36  
37          public static boolean applyTransportSecurity(BindingProvider webServicePort) {
38                  try {
39                          File currentdir = new File(".");
40                          String s = System.getProperty("javax.net.ssl.keyStore");
41                          String st = System.getProperty("javax.net.ssl.trustStore");
42                          log.info("Attempting to initialize keystore and truststore from " + s + " " + st);
43                          if (s == null) {
44                                  log.warn("keystore isn't defined!");
45                                  return false;
46                          } else if (st == null) {
47                                  log.warn("truststore isn't defined! " + s);
48                                  return false;
49                          } else {
50                                  File keystore = new File(s);
51                                  if (keystore == null || !keystore.exists()) {
52                                          log.warn("keystore doesn't exist! input was " + s + " working dir is " + currentdir
53                                                  .getAbsolutePath());
54                                          return false;
55                                  }
56                                  //File truststore =new File(System.getProperty("javax.net.ssl.trustStore"));
57                                  String pwd = System.getProperty("javax.net.ssl.keyStorePassword");
58                                  if (pwd == null) {
59                                          log.warn("keystore password isn't defined!");
60                                          return false;
61                                  }
62  
63                                  File truststore = new File(st);
64                                  if (truststore == null || !truststore.exists()) {
65                                          log.warn("truststore doesn't exist! input was " + s + " working dir is " + currentdir
66                                                  .getAbsolutePath());
67                                          return false;
68                                  }
69                                  //File truststore =new File(System.getProperty("javax.net.ssl.trustStore"));
70                                  String pwdt = System.getProperty("javax.net.ssl.trustStorePassword");
71                                  if (pwdt == null) {
72                                          log.warn("truststore password isn't defined!");
73                                          return false;
74                                  }
75  
76                                  if (keystore.exists()) {
77                                          TrustManagerFactory tmFact = null;
78                                          FileInputStream fis = null;
79                                          SSLContext sc = SSLContext.getInstance("SSLv3");
80                                          KeyManagerFactory kmf
81                                                  = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
82                                          try {
83                                                  log.info("Using keystore from " + keystore.getAbsolutePath() + " current dir is " + currentdir.getAbsolutePath());
84  
85                                                  log.info("Using truststore from " + truststore.getAbsolutePath() + " current dir is " + currentdir.getAbsolutePath());
86  
87                                                  KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
88                                                  try {
89                                                          fis = new FileInputStream(keystore);
90                                                          ks.load(fis, pwd.toCharArray());
91                                                  } catch (Exception ex) {
92                                                          log.warn("unable to load key store " + keystore.getAbsolutePath(), ex);
93                                                  } finally {
94                                                          if (fis != null) {
95                                                                  fis.close();
96                                                          }
97                                                  }
98  
99                                                  kmf.init(ks, pwd.toCharArray());
100 
101                                                 String alg = TrustManagerFactory.getDefaultAlgorithm();
102                                                 tmFact = TrustManagerFactory.getInstance(alg);
103                                         } catch (Exception ex) {
104                                                 log.warn("unable to establish ssl settings", ex);
105                                         } 
106                                         try {
107                                                 fis = new FileInputStream(st);
108                                                 KeyStore kst = KeyStore.getInstance("jks");
109                                                 try {
110                                                         kst.load(fis, pwdt.toCharArray());
111                                                 } catch (Exception ex) {
112                                                         log.warn("unable to load key store " + st, ex);
113                                                 } finally {
114                                                         if (fis != null) {
115                                                                 fis.close();
116                                                         }
117                                                 }
118 
119                                                 tmFact.init(kst);
120 
121                                                 sc.init(kmf.getKeyManagers(), tmFact.getTrustManagers(), null);
122                                                 HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
123                                                 ((BindingProvider) webServicePort).getRequestContext().put("com.sun.xml.internal.ws.transport.https.client.SSLSocketFactory", sc.getSocketFactory());
124                                                 ((BindingProvider) webServicePort).getRequestContext().put("com.sun.xml.ws.transport.https.client.SSLSocketFactory", sc.getSocketFactory());
125                                                 return true;
126                                         } catch (Exception ex) {
127                                                 log.warn("unable to establish ssl settings", ex);
128                                         }
129                                 }
130                         }
131                         return false;
132                 } catch (Exception x) {
133                         log.error("unexpected error", x);
134                 }
135                 return false;
136         }
137 
138 }