| 1 | /* |
|---|
| 2 | * Copyright 2006 Perry Nguyen <pfnguyen@hanhuy.com> |
|---|
| 3 | * Licensed under the Apache License, Version 2.0 (the "License"); |
|---|
| 4 | * you may not use this file except in compliance with the License. |
|---|
| 5 | * You may obtain a copy of the License at |
|---|
| 6 | * |
|---|
| 7 | * http://www.apache.org/licenses/LICENSE-2.0 |
|---|
| 8 | * |
|---|
| 9 | * Unless required by applicable law or agreed to in writing, software |
|---|
| 10 | * distributed under the License is distributed on an "AS IS" BASIS, |
|---|
| 11 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|---|
| 12 | * See the License for the specific language governing permissions and |
|---|
| 13 | * limitations under the License. |
|---|
| 14 | */ |
|---|
| 15 | import java.io.IOException; |
|---|
| 16 | import java.io.InputStream; |
|---|
| 17 | import java.security.KeyStore; |
|---|
| 18 | import java.security.KeyStoreException; |
|---|
| 19 | import java.security.NoSuchAlgorithmException; |
|---|
| 20 | import java.security.cert.CertificateException; |
|---|
| 21 | import java.security.cert.X509Certificate; |
|---|
| 22 | import java.util.Enumeration; |
|---|
| 23 | import java.util.logging.Level; |
|---|
| 24 | import java.util.logging.Logger; |
|---|
| 25 | |
|---|
| 26 | import javax.net.ssl.TrustManager; |
|---|
| 27 | import javax.net.ssl.TrustManagerFactory; |
|---|
| 28 | import javax.net.ssl.X509TrustManager; |
|---|
| 29 | |
|---|
| 30 | public class SIPBTrustManager implements X509TrustManager { |
|---|
| 31 | private X509TrustManager trustManager; |
|---|
| 32 | private final static char[] KEY_STORE_PASSWORD = |
|---|
| 33 | { 'f', 'o', 'o', 'b', 'a', 'r' }; |
|---|
| 34 | private final static String KEY_STORE_RESOURCE = |
|---|
| 35 | "trust.store"; |
|---|
| 36 | |
|---|
| 37 | private KeyStore loadKeyStore() throws Exception { |
|---|
| 38 | InputStream in = getClass().getClassLoader().getResourceAsStream( |
|---|
| 39 | KEY_STORE_RESOURCE); |
|---|
| 40 | KeyStore ks = null; |
|---|
| 41 | try { |
|---|
| 42 | if (in == null) { |
|---|
| 43 | //log.severe("Unable to open KeyStore"); |
|---|
| 44 | throw new NullPointerException(); |
|---|
| 45 | } |
|---|
| 46 | ks = KeyStore.getInstance(KeyStore.getDefaultType()); |
|---|
| 47 | ks.load(in, KEY_STORE_PASSWORD); |
|---|
| 48 | /*if (log.isLoggable(Level.FINEST)) { |
|---|
| 49 | for (Enumeration<String> aliases = ks.aliases(); |
|---|
| 50 | aliases.hasMoreElements();) { |
|---|
| 51 | String alias = aliases.nextElement(); |
|---|
| 52 | log.finest("ALIAS: " + alias); |
|---|
| 53 | } |
|---|
| 54 | }*/ |
|---|
| 55 | } catch (NoSuchAlgorithmException e) { |
|---|
| 56 | throwError(e); |
|---|
| 57 | } catch (CertificateException e) { |
|---|
| 58 | throwError(e); |
|---|
| 59 | } catch (IOException e) { |
|---|
| 60 | throwError(e); |
|---|
| 61 | } catch (KeyStoreException e) { |
|---|
| 62 | throwError(e); |
|---|
| 63 | } finally { |
|---|
| 64 | try { |
|---|
| 65 | if (in != null) |
|---|
| 66 | in.close(); |
|---|
| 67 | } |
|---|
| 68 | catch (IOException e) { } // ignore |
|---|
| 69 | } |
|---|
| 70 | return ks; |
|---|
| 71 | } |
|---|
| 72 | private void createTrustManager() { |
|---|
| 73 | try { |
|---|
| 74 | try { |
|---|
| 75 | KeyStore keystore = loadKeyStore(); |
|---|
| 76 | TrustManagerFactory factory = TrustManagerFactory.getInstance( |
|---|
| 77 | TrustManagerFactory.getDefaultAlgorithm()); |
|---|
| 78 | factory.init(keystore); |
|---|
| 79 | TrustManager[] trustManagers = factory.getTrustManagers(); |
|---|
| 80 | if (trustManagers.length == 0) |
|---|
| 81 | throw new IllegalStateException("No trust manager found"); |
|---|
| 82 | setTrustManager((X509TrustManager) trustManagers[0]); |
|---|
| 83 | } catch (NoSuchAlgorithmException e) { |
|---|
| 84 | throwError(e); |
|---|
| 85 | } catch (KeyStoreException e) { |
|---|
| 86 | throwError(e); |
|---|
| 87 | } |
|---|
| 88 | } catch (Exception e) { |
|---|
| 89 | e.printStackTrace(); |
|---|
| 90 | } |
|---|
| 91 | } |
|---|
| 92 | private void throwError(Exception e) throws Exception { |
|---|
| 93 | //HttpClientError error = new HttpClientError(e.getMessage()); |
|---|
| 94 | //error.initCause(e); |
|---|
| 95 | throw e; |
|---|
| 96 | } |
|---|
| 97 | public X509TrustManager getTrustManager() { |
|---|
| 98 | if (trustManager == null) |
|---|
| 99 | createTrustManager(); |
|---|
| 100 | return trustManager; |
|---|
| 101 | } |
|---|
| 102 | |
|---|
| 103 | public void setTrustManager(X509TrustManager trustManager) { |
|---|
| 104 | this.trustManager = trustManager; |
|---|
| 105 | } |
|---|
| 106 | |
|---|
| 107 | public void checkClientTrusted(X509Certificate[] chain, String authType) |
|---|
| 108 | throws CertificateException { |
|---|
| 109 | getTrustManager().checkClientTrusted(chain, authType); |
|---|
| 110 | } |
|---|
| 111 | |
|---|
| 112 | public void checkServerTrusted(X509Certificate[] chain, String authType) |
|---|
| 113 | throws CertificateException { |
|---|
| 114 | getTrustManager().checkServerTrusted(chain, authType); |
|---|
| 115 | |
|---|
| 116 | } |
|---|
| 117 | |
|---|
| 118 | public X509Certificate[] getAcceptedIssuers() { |
|---|
| 119 | return getTrustManager().getAcceptedIssuers(); |
|---|
| 120 | } |
|---|
| 121 | |
|---|
| 122 | } |
|---|
