• Home
• cz.abclinuxu.datoveschranky
• isds
• 1.1.2
• source code
• ClientCertAuthentication.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

cz.abclinuxu.datoveschranky.impl.ClientCertAuthentication Maven / Gradle / Ivy

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package cz.abclinuxu.datoveschranky.impl;

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.xml.ws.BindingProvider;

import java.io.File;
import java.io.FileInputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.Map;

import cz.abclinuxu.datoveschranky.common.Config;
import cz.abclinuxu.datoveschranky.common.DataBoxException;

/**
 * @author xrosecky
 */
public class ClientCertAuthentication extends Authentication {

    protected File certFile;
    protected String certPassword;

    public ClientCertAuthentication(Config config, File certFile, String certPassword) {
        super(config);
        KeyStore keyStore = config.getKeyStore();
        this.certFile = certFile;
        this.certPassword = certPassword;
    }

    @Override
    protected void configureServiceOverride(Map requestContext, String servicePostfix) {
    }

    @Override
    protected void configureService(Map requestContext, String servicePostfix) {
        requestContext.put(SSL_SOCKET_FACTORY, this.createSSLSocketFactory());
        requestContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, config.getServiceURLClientCert() + servicePostfix);
        this.configureServiceOverride(requestContext, servicePostfix);
    }

    @Override
    protected SSLSocketFactory createSSLSocketFactory() throws DataBoxException {
        try {
            // System.setProperty("https.protocols", "SSLv3");
            // System.setProperty("javax.net.debug", "all");
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            // KeyStore keyStore = Utils.createTrustStore();
            InputStream keyInput = new FileInputStream(certFile);
            keyStore.load(keyInput, certPassword.toCharArray());
            keyInput.close();
            keyManagerFactory.init(keyStore, certPassword.toCharArray());
            SSLContext context = SSLContext.getInstance("TLS");
            context.init(keyManagerFactory.getKeyManagers(), null, new SecureRandom());
            return context.getSocketFactory();
        } catch (Exception ex) {
            if (ex instanceof RuntimeException) {
                throw (RuntimeException) ex;
            } else {
                throw new DataBoxException("Can't create SSLSocketFactory.", ex);
            }
        }
    }
}