1 package ca.uhn.hl7v2.hoh.sockets;
2
3 import java.io.FileInputStream;
4 import java.io.FileNotFoundException;
5 import java.io.IOException;
6 import java.net.ServerSocket;
7 import java.net.Socket;
8 import java.security.KeyManagementException;
9 import java.security.KeyStore;
10 import java.security.KeyStoreException;
11 import java.security.NoSuchAlgorithmException;
12 import java.security.UnrecoverableKeyException;
13 import java.security.cert.CertificateException;
14
15 import javax.net.ssl.KeyManager;
16 import javax.net.ssl.KeyManagerFactory;
17 import javax.net.ssl.SSLContext;
18 import javax.net.ssl.SSLServerSocketFactory;
19 import javax.net.ssl.SSLSocketFactory;
20 import javax.net.ssl.TrustManager;
21 import javax.net.ssl.TrustManagerFactory;
22
23
24
25
26
27 public class CustomCertificateTlsSocketFactory implements ISocketFactory {
28
29 private static final org.slf4j.Logger ourLog = org.slf4j.LoggerFactory.getLogger(CustomCertificateTlsSocketFactory.class);
30 private KeyStore myKeystore;
31 private String myKeystoreFilename;
32 private String myKeystorePassphrase;
33 private String myKeystoreType = "JKS";
34 private SSLServerSocketFactory myServerSocketFactory;
35
36 private SSLSocketFactory mySocketFactory = null;
37
38
39
40
41 public CustomCertificateTlsSocketFactory() {
42 super();
43 }
44
45
46
47
48
49
50
51 public CustomCertificateTlsSocketFactory(KeyStore theKeystore, String theKeystorePass) {
52 if (theKeystore == null) {
53 throw new NullPointerException("KeyStore can not be null");
54 }
55 myKeystore = theKeystore;
56 myKeystorePassphrase = theKeystorePass;
57 }
58
59
60
61
62
63
64
65
66
67
68
69 public CustomCertificateTlsSocketFactory(String theKeystoreType, String theKeystoreFilename, String theKeystorePassphrase) {
70 super();
71 myKeystoreType = theKeystoreType;
72 myKeystoreFilename = theKeystoreFilename;
73 myKeystorePassphrase = theKeystorePassphrase;
74 }
75
76
77
78
79 public Socket createClientSocket() throws IOException {
80 initialize();
81 ourLog.debug("Creating client socket");
82 return mySocketFactory.createSocket();
83 }
84
85
86
87
88 public ServerSocket createServerSocket() throws IOException {
89 initialize();
90 ourLog.debug("Creating server socket");
91 return myServerSocketFactory.createServerSocket();
92 }
93
94 private void initialize() throws IOException {
95 if (mySocketFactory != null) {
96 return;
97 }
98
99 try {
100 char[] passphrase = myKeystorePassphrase != null ? myKeystorePassphrase.toCharArray() : null;
101 if (myKeystore == null) {
102
103 myKeystore = KeyStore.getInstance(myKeystoreType);
104
105 try {
106 myKeystore.load(new FileInputStream(myKeystoreFilename), passphrase);
107 } catch (IOException e) {
108 throw new IOException("Failed to load keystore: " + myKeystoreFilename, e);
109 }
110 }
111
112 SSLContext ctx = SSLContext.getInstance("TLS");
113 KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
114 TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
115
116 kmf.init(myKeystore, passphrase);
117 tmf.init(myKeystore);
118 TrustManager[] trustManagers = tmf.getTrustManagers();
119 KeyManager[] keyManagers = kmf.getKeyManagers();
120 ctx.init(keyManagers, trustManagers, null);
121
122 mySocketFactory = ctx.getSocketFactory();
123 myServerSocketFactory = ctx.getServerSocketFactory();
124
125 } catch (NoSuchAlgorithmException e) {
126 throw new IOException("Failed to initialize socket factory: " + e.getMessage(), e);
127 } catch (CertificateException e) {
128 throw new IOException("Failed to initialize socket factory: " + e.getMessage(), e);
129 } catch (FileNotFoundException e) {
130 throw new IOException("Failed to initialize socket factory: " + e.getMessage(), e);
131 } catch (UnrecoverableKeyException e) {
132 throw new IOException("Failed to initialize socket factory: " + e.getMessage(), e);
133 } catch (KeyStoreException e) {
134 throw new IOException("Failed to initialize socket factory: " + e.getMessage(), e);
135 } catch (KeyManagementException e) {
136 throw new IOException("Failed to initialize socket factory: " + e.getMessage(), e);
137 }
138
139 }
140
141
142
143
144 public void setKeystoreFilename(String theKeystoreFilename) {
145 myKeystoreFilename = theKeystoreFilename;
146 }
147
148
149
150
151 public void setKeystorePassphrase(String theKeystorePassphrase) {
152 myKeystorePassphrase = theKeystorePassphrase;
153 }
154
155
156
157
158 public void setKeystoreType(String theKeystoreType) {
159 myKeystoreType = theKeystoreType;
160 }
161
162 }