SSLJiveKeyManagerFactory


1   /**
2    * $RCSfile: SSLJiveKeyManagerFactory.java,v $
3    * $Revision: 1.4 $
4    * $Date: 2005/04/11 21:04:00 $
5    *
6    * Copyright (C) 2004 Jive Software. All rights reserved.
7    *
8    * This software is published under the terms of the GNU Public License (GPL),
9    * a copy of which is included in this distribution.
10   */
11  
12  package org.jivesoftware.messenger.net;
13  
14  import com.sun.net.ssl.KeyManager;
15  import com.sun.net.ssl.KeyManagerFactory;
16  
17  import java.io.FileInputStream  ;
18  import java.io.IOException  ;
19  import java.security.KeyStore  ;
20  import java.security.KeyStoreException  ;
21  import java.security.NoSuchAlgorithmException  ;
22  import java.security.UnrecoverableKeyException  ;
23  import java.security.cert.CertificateException  ;
24  
25  /**
26   * A custom KeyManagerFactory that creates a key manager list using the
27   * default key manager or a standard keystore as specified in jive_config.xml.
28   * The default keystore provided with the Jive distribution uses the Sun Java
29   * Keystore (JKS) and that takes a single password which must apply to both the
30   * keystore and the key itself. Users may specify another keystore type and keystore
31   * location. Alternatively, don't set a keystore type to use the JVM defaults and
32   * configure your JVMs security files (see your JVM documentation) to plug in
33   * any KeyManagerFactory provider.
34   *
35   * @author Iain Shigeoka
36   */
37  public class SSLJiveKeyManagerFactory {
38  
39      /**
40       * Creates a KeyManager list which is null if the storeType is null, or
41       * is a standard KeyManager that uses a KeyStore of type storeType,
42       * located at 'keystore' location under home, and uses 'keypass' as
43       * the password for the keystore password and key password. The default
44       * Jive keystore contains a self-signed X509 certificate pair under the
45       * alias '127.0.0.1' in a Java KeyStore (JKS) with initial password 'changeit'.
46       * This is sufficient for local host testing but should be using standard
47       * key management tools for any significant testing or deployment. See
48       * the Jive XMPP server security documentation for more information.
49       *
50       * @param storeType The type of keystore (e.g. "JKS") to use or null to indicate no keystore should be used
51       * @param keystore  The relative location of the keystore under home
52       * @param keypass   The password for the keystore and key
53       * @return An array of relevant KeyManagers (may be null indicating a default KeyManager should be created)
54       * @throws NoSuchAlgorithmException  If the keystore type doesn't exist (not provided or configured with your JVM)
55       * @throws KeyStoreException         If the keystore is corrupt
56       * @throws IOException               If the keystore could not be located or loaded
57       * @throws CertificateException      If there were no certificates to be loaded or they are invalid
58       * @throws UnrecoverableKeyException If they keystore coud not be opened (typically the password is bad)
59       */
60      public static KeyManager[] getKeyManagers(String   storeType, String   keystore, String   keypass) throws NoSuchAlgorithmException  , KeyStoreException  , IOException  , CertificateException  , UnrecoverableKeyException   {
61          KeyManager[] keyManagers;
62          if (keystore == null) {
63              keyManagers = null;
64          }
65          else {
66              if (keypass == null) {
67                  keypass = "";
68              }
69              KeyStore   keyStore = KeyStore.getInstance(storeType);
70              keyStore.load(new FileInputStream  (keystore), keypass.toCharArray());
71  
72              KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
73              keyFactory.init(keyStore, keypass.toCharArray());
74              keyManagers = keyFactory.getKeyManagers();
75          }
76          return keyManagers;
77      }
78  }
79
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags