1 10 11 package org.mule.providers.ssl; 12 13 import java.io.FileNotFoundException ; 14 import java.io.IOException ; 15 import java.io.InputStream ; 16 import java.security.KeyStore ; 17 import java.security.Provider ; 18 import java.security.Security ; 19 20 import javax.net.ssl.KeyManagerFactory; 21 import javax.net.ssl.TrustManagerFactory; 22 23 import org.mule.config.i18n.Message; 24 import org.mule.config.i18n.Messages; 25 import org.mule.providers.tcp.TcpConnector; 26 import org.mule.umo.lifecycle.InitialisationException; 27 import org.mule.umo.security.provider.AutoDiscoverySecurityProviderFactory; 28 import org.mule.umo.security.provider.SecurityProviderFactory; 29 import org.mule.umo.security.provider.SecurityProviderInfo; 30 import org.mule.util.FileUtils; 31 import org.mule.util.IOUtils; 32 33 38 public class SslConnector extends TcpConnector 39 { 40 public static final String DEFAULT_KEYSTORE_TYPE = KeyStore.getDefaultType(); 41 42 private SecurityProviderFactory spFactory = new AutoDiscoverySecurityProviderFactory(); 43 private SecurityProviderInfo spInfo = spFactory.getSecurityProviderInfo(); 44 45 private String keyStore = null; 46 private String keyPassword = null; 47 private String storePassword = null; 48 private String keyStoreType = DEFAULT_KEYSTORE_TYPE; 49 private String keyManagerAlgorithm = spInfo.getKeyManagerAlgorithm(); 50 private Provider provider = spFactory.getProvider(); 51 private String protocolHandler = spInfo.getProtocolHandler(); 52 private String clientKeyStore = null; 53 private String clientKeyStorePassword = null; 54 private String trustStore = null; 55 private String trustStorePassword = null; 56 private String trustStoreType = DEFAULT_KEYSTORE_TYPE; 57 private String trustManagerAlgorithm = spInfo.getKeyManagerAlgorithm(); 59 private TrustManagerFactory trustManagerFactory; 60 private boolean explicitTrustStoreOnly = false; 61 62 private KeyManagerFactory keyManagerFactory = null; 63 private boolean requireClientAuthentication = true; 64 65 public void doInitialise() throws InitialisationException 66 { 67 if (getProvider() == null) 68 { 69 throw new NullPointerException ("The security provider cannot be null"); 70 } 71 if (getKeyStore() != null) 72 { 73 if (getKeyPassword() == null) 74 { 75 throw new NullPointerException ("The Key password cannot be null"); 76 } 77 if (getStorePassword() == null) 78 { 79 throw new NullPointerException ("The KeyStore password cannot be null"); 80 } 81 if (getKeyManagerAlgorithm() == null) 82 { 83 throw new NullPointerException ("The Key Manager Algorithm cannot be null"); 84 } 85 if (getKeyStoreType() == null) 86 { 87 throw new NullPointerException ("The KeyStore type cannot be null"); 88 } 89 } 90 91 if (getKeyStore() != null) 92 { 93 KeyStore keystore; 94 try 95 { 96 Security.addProvider(getProvider()); 97 keystore = KeyStore.getInstance(keyStoreType); 99 InputStream is = IOUtils.getResourceAsStream(getKeyStore(), getClass()); 100 if (is == null) 101 { 102 throw new FileNotFoundException ("Failed to load keystore from classpath or local file: " 103 + getKeyStore()); 104 } 105 keystore.load(is, getKeyPassword().toCharArray()); 106 } 107 catch (Exception e) 108 { 109 throw new InitialisationException(new Message(Messages.FAILED_LOAD_X, "KeyStore: " 110 + getKeyStore()), e, 111 this); 112 } 113 try 114 { 115 keyManagerFactory = KeyManagerFactory.getInstance(getKeyManagerAlgorithm()); 117 keyManagerFactory.init(keystore, getStorePassword().toCharArray()); 119 } 120 catch (Exception e) 121 { 122 throw new InitialisationException(new Message(Messages.FAILED_LOAD_X, 123 "Key Manager (" + getKeyManagerAlgorithm() + ")"), e, this); 124 } 125 } 126 127 if (getTrustStore() != null) 128 { 129 KeyStore truststore; 130 try 131 { 132 truststore = KeyStore.getInstance(trustStoreType); 133 InputStream is = IOUtils.getResourceAsStream(getTrustStore(), getClass()); 134 if (is == null) 135 { 136 throw new FileNotFoundException ( 137 "Failed to load truststore from classpath or local file: " + getTrustStore()); 138 } 139 truststore.load(is, getTrustStorePassword().toCharArray()); 140 } 141 catch (Exception e) 142 { 143 throw new InitialisationException(new Message(Messages.FAILED_LOAD_X, "TrustStore: " 144 + getTrustStore()), e, 145 this); 146 } 147 148 try 149 { 150 trustManagerFactory = TrustManagerFactory.getInstance(getTrustManagerAlgorithm()); 151 trustManagerFactory.init(truststore); 152 } 153 catch (Exception e) 154 { 155 throw new InitialisationException(new Message(Messages.FAILED_LOAD_X, 156 "Trust Manager (" + getTrustManagerAlgorithm() + ")"), e, this); 157 } 158 } 159 160 super.doInitialise(); 161 162 if (protocolHandler != null) 163 { 164 System.setProperty("java.protocol.handler.pkgs", protocolHandler); 165 } 166 if (clientKeyStore != null) 167 { 168 try 169 { 170 String clientPath = FileUtils.getResourcePath(clientKeyStore, getClass()); 171 System.setProperty("javax.net.ssl.keyStore", clientPath); 172 System.setProperty("javax.net.ssl.keyStorePassword", clientKeyStorePassword); 173 174 logger.info("Set Client Key store: javax.net.ssl.keyStore=" + clientPath); 175 } 176 catch (IOException e) 177 { 178 throw new InitialisationException(new Message(Messages.FAILED_LOAD_X, "Client KeyStore: " 179 + clientKeyStore), e, 180 this); 181 } 182 } 183 184 if (trustStore != null) 185 { 186 System.setProperty("javax.net.ssl.trustStore", getTrustStore()); 187 System.setProperty("javax.net.ssl.trustStorePassword", getTrustStorePassword()); 188 logger.debug("Set Trust store: javax.net.ssl.trustStore=" + getTrustStore()); 189 } 190 else if (!isExplicitTrustStoreOnly()) 191 { 192 logger.info("Defaulting trust store to client Key Store"); 193 trustStore = getClientKeyStore(); 194 trustStorePassword = getClientKeyStorePassword(); 195 System.setProperty("javax.net.ssl.trustStore", getTrustStore()); 196 System.setProperty("javax.net.ssl.trustStorePassword", getTrustStorePassword()); 197 logger.debug("Set Trust store: javax.net.ssl.trustStore=" + getTrustStore()); 198 } 199 200 } 201 202 public String getProtocol() 203 { 204 return "SSL"; 205 } 206 207 public String getKeyStore() 208 { 209 return keyStore; 210 } 211 212 public void setKeyStore(String keyStore) 213 { 214 this.keyStore = keyStore; 215 } 216 217 public String getKeyPassword() 218 { 219 return keyPassword; 220 } 221 222 public void setKeyPassword(String keyPassword) 223 { 224 this.keyPassword = keyPassword; 225 } 226 227 public String getStorePassword() 228 { 229 return storePassword; 230 } 231 232 public void setStorePassword(String storePassword) 233 { 234 this.storePassword = storePassword; 235 } 236 237 public String getTrustStoreType() 238 { 239 return trustStoreType; 240 } 241 242 public void setTrustStoreType(String trustStoreType) 243 { 244 this.trustStoreType = trustStoreType; 245 } 246 247 public TrustManagerFactory getTrustManagerFactory() 248 { 249 return trustManagerFactory; 250 } 251 252 public void setTrustManagerFactory(TrustManagerFactory trustManagerFactory) 253 { 254 this.trustManagerFactory = trustManagerFactory; 255 } 256 257 public String getTrustManagerAlgorithm() 258 { 259 return trustManagerAlgorithm; 260 } 261 262 public void setTrustManagerAlgorithm(String trustManagerAlgorithm) 263 { 264 this.trustManagerAlgorithm = trustManagerAlgorithm; 265 } 266 267 public String getKeyStoreType() 268 { 269 return keyStoreType; 270 } 271 272 public void setKeyStoreType(String keyStoreType) 273 { 274 this.keyStoreType = keyStoreType; 275 } 276 277 public String getKeyManagerAlgorithm() 278 { 279 return keyManagerAlgorithm; 280 } 281 282 public void setKeyManagerAlgorithm(String keyManagerAlgorithm) 283 { 284 this.keyManagerAlgorithm = keyManagerAlgorithm; 285 } 286 287 public boolean isRequireClientAuthentication() 288 { 289 return requireClientAuthentication; 290 } 291 292 public void setRequireClientAuthentication(boolean requireClientAuthentication) 293 { 294 this.requireClientAuthentication = requireClientAuthentication; 295 } 296 297 public KeyManagerFactory getKeyManagerFactory() 298 { 299 return keyManagerFactory; 300 } 301 302 public Provider getProvider() 303 { 304 return provider; 305 } 306 307 public void setProvider(Provider provider) 308 { 309 this.provider = provider; 310 } 311 312 public String getProtocolHandler() 313 { 314 return protocolHandler; 315 } 316 317 public void setProtocolHandler(String protocolHandler) 318 { 319 this.protocolHandler = protocolHandler; 320 } 321 322 public String getClientKeyStore() 323 { 324 return clientKeyStore; 325 } 326 327 public void setClientKeyStore(String clientKeyStore) throws IOException 328 { 329 this.clientKeyStore = clientKeyStore; 330 if (this.clientKeyStore != null) 331 { 332 this.clientKeyStore = FileUtils.getResourcePath(clientKeyStore, getClass()); 333 logger.debug("Normalised clientKeyStore path to: " + getClientKeyStore()); 334 } 335 } 336 337 public String getClientKeyStorePassword() 338 { 339 return clientKeyStorePassword; 340 } 341 342 public void setClientKeyStorePassword(String clientKeyStorePassword) 343 { 344 this.clientKeyStorePassword = clientKeyStorePassword; 345 } 346 347 public String getTrustStore() 348 { 349 return trustStore; 350 } 351 352 public void setTrustStore(String trustStore) throws IOException 353 { 354 this.trustStore = trustStore; 355 if (this.trustStore != null) 356 { 357 this.trustStore = FileUtils.getResourcePath(trustStore, getClass()); 358 logger.debug("Normalised trustStore path to: " + getTrustStore()); 359 } 360 } 361 362 public String getTrustStorePassword() 363 { 364 return trustStorePassword; 365 } 366 367 public void setTrustStorePassword(String trustStorePassword) 368 { 369 this.trustStorePassword = trustStorePassword; 370 } 371 372 public boolean isExplicitTrustStoreOnly() 373 { 374 return explicitTrustStoreOnly; 375 } 376 377 public void setExplicitTrustStoreOnly(boolean explicitTrustStoreOnly) 378 { 379 this.explicitTrustStoreOnly = explicitTrustStoreOnly; 380 } 381 } 382 | Popular Tags |