1 | |
package ca.uhn.hl7v2.hoh.sockets; |
2 | |
|
3 | |
import java.io.FileInputStream; |
4 | |
import java.io.FileNotFoundException; |
5 | |
import java.io.IOException; |
6 | |
import java.net.ServerSocket; |
7 | |
import java.net.Socket; |
8 | |
import java.security.KeyManagementException; |
9 | |
import java.security.KeyStore; |
10 | |
import java.security.KeyStoreException; |
11 | |
import java.security.NoSuchAlgorithmException; |
12 | |
import java.security.UnrecoverableKeyException; |
13 | |
import java.security.cert.CertificateException; |
14 | |
|
15 | |
import javax.net.ssl.KeyManager; |
16 | |
import javax.net.ssl.KeyManagerFactory; |
17 | |
import javax.net.ssl.SSLContext; |
18 | |
import javax.net.ssl.SSLServerSocketFactory; |
19 | |
import javax.net.ssl.SSLSocketFactory; |
20 | |
import javax.net.ssl.TrustManager; |
21 | |
import javax.net.ssl.TrustManagerFactory; |
22 | |
|
23 | |
|
24 | |
|
25 | |
|
26 | |
|
27 | |
public class CustomCertificateTlsSocketFactory implements ISocketFactory { |
28 | |
|
29 | 5 | private static final org.slf4j.Logger ourLog = org.slf4j.LoggerFactory.getLogger(CustomCertificateTlsSocketFactory.class); |
30 | |
private KeyStore myKeystore; |
31 | |
private String myKeystoreFilename; |
32 | |
private String myKeystorePassphrase; |
33 | 30 | private String myKeystoreType = "JKS"; |
34 | |
private SSLServerSocketFactory myServerSocketFactory; |
35 | |
|
36 | 30 | private SSLSocketFactory mySocketFactory = null; |
37 | |
|
38 | |
|
39 | |
|
40 | |
|
41 | |
public CustomCertificateTlsSocketFactory() { |
42 | 30 | super(); |
43 | 30 | } |
44 | |
|
45 | |
|
46 | |
|
47 | |
|
48 | |
|
49 | |
|
50 | |
|
51 | 0 | public CustomCertificateTlsSocketFactory(KeyStore theKeystore, String theKeystorePass) { |
52 | 0 | if (theKeystore == null) { |
53 | 0 | throw new NullPointerException("KeyStore can not be null"); |
54 | |
} |
55 | 0 | myKeystore = theKeystore; |
56 | 0 | myKeystorePassphrase = theKeystorePass; |
57 | 0 | } |
58 | |
|
59 | |
|
60 | |
|
61 | |
|
62 | |
|
63 | |
|
64 | |
|
65 | |
|
66 | |
|
67 | |
|
68 | |
|
69 | |
public CustomCertificateTlsSocketFactory(String theKeystoreType, String theKeystoreFilename, String theKeystorePassphrase) { |
70 | 0 | super(); |
71 | 0 | myKeystoreType = theKeystoreType; |
72 | 0 | myKeystoreFilename = theKeystoreFilename; |
73 | 0 | myKeystorePassphrase = theKeystorePassphrase; |
74 | 0 | } |
75 | |
|
76 | |
|
77 | |
|
78 | |
|
79 | |
public Socket createClientSocket() throws IOException { |
80 | 15 | initialize(); |
81 | 15 | ourLog.debug("Creating client socket"); |
82 | 15 | return mySocketFactory.createSocket(); |
83 | |
} |
84 | |
|
85 | |
|
86 | |
|
87 | |
|
88 | |
public ServerSocket createServerSocket() throws IOException { |
89 | 15 | initialize(); |
90 | 15 | ourLog.debug("Creating server socket"); |
91 | 15 | return myServerSocketFactory.createServerSocket(); |
92 | |
} |
93 | |
|
94 | |
private void initialize() throws IOException { |
95 | 30 | if (mySocketFactory != null) { |
96 | 0 | return; |
97 | |
} |
98 | |
|
99 | |
try { |
100 | 30 | char[] passphrase = myKeystorePassphrase != null ? myKeystorePassphrase.toCharArray() : null; |
101 | 30 | if (myKeystore == null) { |
102 | |
|
103 | 30 | myKeystore = KeyStore.getInstance(myKeystoreType); |
104 | |
|
105 | |
try { |
106 | 30 | myKeystore.load(new FileInputStream(myKeystoreFilename), passphrase); |
107 | 0 | } catch (IOException e) { |
108 | 0 | throw new IOException("Failed to load keystore: " + myKeystoreFilename, e); |
109 | 30 | } |
110 | |
} |
111 | |
|
112 | 30 | SSLContext ctx = SSLContext.getInstance("TLS"); |
113 | 30 | KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); |
114 | 30 | TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); |
115 | |
|
116 | 30 | kmf.init(myKeystore, passphrase); |
117 | 30 | tmf.init(myKeystore); |
118 | 30 | TrustManager[] trustManagers = tmf.getTrustManagers(); |
119 | 30 | KeyManager[] keyManagers = kmf.getKeyManagers(); |
120 | 30 | ctx.init(keyManagers, trustManagers, null); |
121 | |
|
122 | 30 | mySocketFactory = ctx.getSocketFactory(); |
123 | 30 | myServerSocketFactory = ctx.getServerSocketFactory(); |
124 | |
|
125 | 0 | } catch (NoSuchAlgorithmException e) { |
126 | 0 | throw new IOException("Failed to initialize socket factory: " + e.getMessage(), e); |
127 | 0 | } catch (CertificateException e) { |
128 | 0 | throw new IOException("Failed to initialize socket factory: " + e.getMessage(), e); |
129 | 0 | } catch (FileNotFoundException e) { |
130 | 0 | throw new IOException("Failed to initialize socket factory: " + e.getMessage(), e); |
131 | 0 | } catch (UnrecoverableKeyException e) { |
132 | 0 | throw new IOException("Failed to initialize socket factory: " + e.getMessage(), e); |
133 | 0 | } catch (KeyStoreException e) { |
134 | 0 | throw new IOException("Failed to initialize socket factory: " + e.getMessage(), e); |
135 | 0 | } catch (KeyManagementException e) { |
136 | 0 | throw new IOException("Failed to initialize socket factory: " + e.getMessage(), e); |
137 | 30 | } |
138 | |
|
139 | 30 | } |
140 | |
|
141 | |
|
142 | |
|
143 | |
|
144 | |
public void setKeystoreFilename(String theKeystoreFilename) { |
145 | 30 | myKeystoreFilename = theKeystoreFilename; |
146 | 30 | } |
147 | |
|
148 | |
|
149 | |
|
150 | |
|
151 | |
public void setKeystorePassphrase(String theKeystorePassphrase) { |
152 | 25 | myKeystorePassphrase = theKeystorePassphrase; |
153 | 25 | } |
154 | |
|
155 | |
|
156 | |
|
157 | |
|
158 | |
public void setKeystoreType(String theKeystoreType) { |
159 | 0 | myKeystoreType = theKeystoreType; |
160 | 0 | } |
161 | |
|
162 | |
} |