source: branches/wsgi/packages/sipb-xen-vnc-client/code/SIPBTrustManager.java @ 711

Last change on this file since 711 was 143, checked in by quentin, 17 years ago

SSL support for VNC proxy

File size: 4.1 KB
Line 
1/*
2 * Copyright 2006 Perry Nguyen <pfnguyen@hanhuy.com>
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15import java.io.IOException;
16import java.io.InputStream;
17import java.security.KeyStore;
18import java.security.KeyStoreException;
19import java.security.NoSuchAlgorithmException;
20import java.security.cert.CertificateException;
21import java.security.cert.X509Certificate;
22import java.util.Enumeration;
23import java.util.logging.Level;
24import java.util.logging.Logger;
25
26import javax.net.ssl.TrustManager;
27import javax.net.ssl.TrustManagerFactory;
28import javax.net.ssl.X509TrustManager;
29
30public class SIPBTrustManager implements X509TrustManager {
31    private X509TrustManager trustManager;
32    private final static char[] KEY_STORE_PASSWORD =
33        { 'f', 'o', 'o', 'b', 'a', 'r' };
34    private final static String KEY_STORE_RESOURCE =
35        "trust.store";
36
37    private KeyStore loadKeyStore() throws Exception {
38        InputStream in = getClass().getClassLoader().getResourceAsStream(
39                KEY_STORE_RESOURCE);
40        KeyStore ks = null;
41        try {
42            if (in == null) {
43                //log.severe("Unable to open KeyStore");
44                throw new NullPointerException();
45            }
46            ks = KeyStore.getInstance(KeyStore.getDefaultType());
47            ks.load(in, KEY_STORE_PASSWORD);
48            /*if (log.isLoggable(Level.FINEST)) {
49                for (Enumeration<String> aliases = ks.aliases();
50                aliases.hasMoreElements();) {
51                    String alias = aliases.nextElement();
52                    log.finest("ALIAS: " + alias);
53                }
54                }*/
55        } catch (NoSuchAlgorithmException e) {
56            throwError(e);
57        } catch (CertificateException e) {
58            throwError(e);
59        } catch (IOException e) {
60            throwError(e);
61        } catch (KeyStoreException e) {
62            throwError(e);
63        } finally {
64            try {
65                if (in != null)
66                    in.close();
67            }
68            catch (IOException e) { } // ignore
69        }
70        return ks;
71    }
72    private void createTrustManager() {
73        try {
74            try {
75                KeyStore keystore = loadKeyStore();
76                TrustManagerFactory factory = TrustManagerFactory.getInstance(
77                                                                              TrustManagerFactory.getDefaultAlgorithm());
78                factory.init(keystore);
79                TrustManager[] trustManagers = factory.getTrustManagers();
80                if (trustManagers.length == 0)
81                    throw new IllegalStateException("No trust manager found");
82                setTrustManager((X509TrustManager) trustManagers[0]);
83            } catch (NoSuchAlgorithmException e) {
84                throwError(e);
85            } catch (KeyStoreException e) {
86                throwError(e);
87            }
88        } catch (Exception e) {
89            e.printStackTrace();
90        }
91    }
92    private void throwError(Exception e) throws Exception {
93        //HttpClientError error = new HttpClientError(e.getMessage());
94        //error.initCause(e);
95        throw e;
96    }
97    public X509TrustManager getTrustManager() {
98        if (trustManager == null)
99            createTrustManager();
100        return trustManager;
101    }
102
103    public void setTrustManager(X509TrustManager trustManager) {
104        this.trustManager = trustManager;
105    }
106
107    public void checkClientTrusted(X509Certificate[] chain, String authType)
108            throws CertificateException {
109        getTrustManager().checkClientTrusted(chain, authType);
110    }
111
112    public void checkServerTrusted(X509Certificate[] chain, String authType)
113            throws CertificateException {
114        getTrustManager().checkServerTrusted(chain, authType);
115
116    }
117
118    public X509Certificate[] getAcceptedIssuers() {
119        return getTrustManager().getAcceptedIssuers();
120    }
121
122}
Note: See TracBrowser for help on using the repository browser.