All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.bluenimble.platform.security.SslUtils Maven / Gradle / Ivy

There is a newer version: 2.50.0
Show newest version
package com.bluenimble.platform.security;

import java.io.InputStream;
import java.security.KeyStore;
import java.security.SecureRandom;

import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

import com.bluenimble.platform.Lang;

public class SslUtils {
	
	public static final String TLS 		= "TLS";
	public static final String PKCS12 	= "PKCS12";

	public interface StoreSource {
		String		type 		();
		String		algorithm 	();
		InputStream stream 		();
		char [] 	password 	();
		char [] 	paraphrase 	();
		void 		close 		();
	}

	public static SSLContext sslContext (StoreSource keystore, StoreSource truststore) throws Exception {
		try {
			
			KeyManager [] kms = null;
			TrustManager [] tms = null;
			
			// load keystore
			if (keystore != null) {
				KeyStore ks = load (keystore);

				String kalg = keystore.algorithm ();
				if (Lang.isNullOrEmpty (kalg)) {
					kalg = KeyManagerFactory.getDefaultAlgorithm ();
				}
				KeyManagerFactory kmf = KeyManagerFactory.getInstance (kalg);
				kmf.init (ks, keystore.paraphrase ());
				
				kms = kmf.getKeyManagers ();
			}
			
			// load truststore
			if (truststore != null) {
				KeyStore ts = load (truststore);
	
				String talg = truststore.algorithm ();
				if (Lang.isNullOrEmpty (talg)) {
					talg = TrustManagerFactory.getDefaultAlgorithm ();
				}
				TrustManagerFactory tmf = TrustManagerFactory.getInstance (talg);
				tmf.init (ts);
				
				tms = tmf.getTrustManagers ();
			}

			SSLContext sslContext = SSLContext.getInstance (TLS);
			sslContext.init (kms, tms, new SecureRandom ());
			
			return sslContext;
			
		} finally {
			keystore.close ();
			truststore.close ();
		}
		
	}
	
	public static KeyStore load (StoreSource store) throws Exception {
		KeyStore s = KeyStore.getInstance (store.type ());
		s.load (store.stream (), store.password ());
		return s;
	}
	
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy