org.wso2.broker.amqp.SslHandlerFactory Maven / Gradle / Ivy
/*
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.broker.amqp;
import io.netty.channel.ChannelHandler;
import io.netty.handler.ssl.SslHandler;
import org.wso2.broker.common.CommonConstants;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManagerFactory;
/**
* Factory class for creating the SSL engine
*/
public class SslHandlerFactory {
private SSLContext sslContext;
public SslHandlerFactory(AmqpServerConfiguration configuration) throws KeyStoreException, IOException,
CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
KeyStore keyStore = getKeyStore(configuration.getSsl().getKeyStore().getType(),
configuration.getSsl().getKeyStore().getLocation(),
configuration.getSsl().getKeyStore().getPassword());
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(configuration.getSsl()
.getKeyStore()
.getCertType());
keyManagerFactory.init(keyStore, configuration.getSsl().getKeyStore().getPassword().toCharArray());
KeyStore trustStore = getKeyStore(configuration.getSsl().getTrustStore().getType(),
configuration.getSsl().getTrustStore().getLocation(),
configuration.getSsl().getTrustStore().getPassword());
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(configuration.getSsl()
.getTrustStore()
.getCertType());
trustManagerFactory.init(trustStore);
sslContext = SSLContext.getInstance(configuration.getSsl().getProtocol());
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
}
private KeyStore getKeyStore(String type, String storePath, String password)
throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
KeyStore keyStore = KeyStore.getInstance(type);
InputStream in = null;
try {
Path path = getPath(storePath);
in = Files.newInputStream(path);
keyStore.load(in, password.toCharArray());
} finally {
if (in != null) {
in.close();
}
}
return keyStore;
}
private Path getPath(String storePath) {
Path path = Paths.get(storePath);
if (Files.notExists(path)) {
String brokerHome = System.getProperty(CommonConstants.MESSAGE_BROKER_HOME_PROPERTY);
path = Paths.get(brokerHome + File.separator + storePath);
}
return path;
}
public ChannelHandler create() {
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setUseClientMode(false);
return new SslHandler(sslEngine);
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy