001/**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements.  See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License.  You may obtain a copy of the License at
008 *
009 *      http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.apache.camel.util.jsse;
018
019import java.io.IOException;
020import java.security.GeneralSecurityException;
021import java.security.KeyStore;
022import java.security.Security;
023
024import javax.net.ssl.TrustManager;
025import javax.net.ssl.TrustManagerFactory;
026
027import org.slf4j.Logger;
028import org.slf4j.LoggerFactory;
029
030public class TrustManagersParameters extends JsseParameters {
031
032    private static final Logger LOG = LoggerFactory.getLogger(TrustManagersParameters.class);
033    
034    /**
035     * The key store configuration used to create the {@link KeyStoreParameters} that the
036     * {@link TrustManager}s produced by this object's configuration expose.
037     */
038    protected KeyStoreParameters keyStore;
039
040    /**
041     * The optional provider identifier for the {@link TrustManagerFactory} used to create
042     * the {@link TrustManager}s represented by this object's configuration.
043     */
044    protected String provider;
045
046    /**
047     * The optional algorithm name for the {@link TrustManagerFactory} used to
048     * create the {@link TrustManager}s represented by this object's
049     * configuration. See the <a href=
050     * "http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html"
051     * >Java Secure Socket Extension Reference Guide</a> for information about
052     * standard algorithm names.
053     */
054    protected String algorithm;
055    
056    /**
057     * Creates {@link TrustManager}s based on this instance's configuration and the
058     * {@code KeyStore} produced by the configuration returned from
059     * {@link #getKeyStore()}. The {@code KeyManager}s are produced from a
060     * factory created by using the provider and algorithm identifiers returned
061     * by {@link #getProvider()} and {@link #getAlgorithm()}, respectively. If
062     * either of these methods returns null, the default JSSE value is used
063     * instead.
064     * 
065     * @return the initialized {@code TrustManager}s
066     * @throws GeneralSecurityException if there is an error creating the
067     *             {@code TrustManagers}s or in creating the {@code KeyStore}
068     * @throws IOException if there is an error loading the {@code KeyStore}
069     *
070     * @see KeyStoreParameters#createKeyStore()
071     */
072    public TrustManager[] createTrustManagers() throws GeneralSecurityException, IOException {
073        
074        LOG.trace("Creating TrustManager[] from TrustManagersParameters [{}]", this);
075
076        TrustManager[] trustManagers = null;
077
078        if (this.getKeyStore() != null) {
079            String tmfAlgorithm = this.parsePropertyValue(this.getAlgorithm());
080            if (tmfAlgorithm == null) {
081                tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
082            }
083            
084            TrustManagerFactory tmf;
085            if (this.getProvider() == null) {
086                tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
087            } else {
088                tmf = TrustManagerFactory.getInstance(tmfAlgorithm, this.parsePropertyValue(this.getProvider()));
089            }
090            
091            LOG.debug("TrustManagerFactory [{}] is using provider [{}] and algorithm [{}].",
092                      new Object[] {tmf, tmf.getProvider(), tmf.getAlgorithm()});
093            
094            KeyStore ks = this.getKeyStore() == null ? null : this.getKeyStore().createKeyStore();
095            tmf.init(ks);
096            trustManagers = tmf.getTrustManagers();
097            
098            LOG.debug("TrustManager[] [{}], initialized from TrustManagerFactory [{}].", trustManagers, tmf);
099        }
100        
101        return trustManagers;
102    }
103
104    public KeyStoreParameters getKeyStore() {
105        return keyStore;
106    }
107
108    /**
109     * Sets the key store configuration used to create the {@link KeyStoreParameters} that the
110     * {@link TrustManager}s produced by this object's configuration expose.
111     * 
112     * @param value the configuration to use
113     */
114    public void setKeyStore(KeyStoreParameters value) {
115        this.keyStore = value;
116    }
117
118    public String getProvider() {
119        return provider;
120    }
121
122    /**
123     * Sets the optional provider identifier for the {@link TrustManagerFactory}
124     * used to create the {@link TrustManager}s represented by this object's
125     * configuration.
126     * 
127     * @param value the desired provider identifier or {@code null} to use the
128     *            highest priority provider implementing the algorithm
129     *            
130     * @see Security#getProviders()
131     */
132    public void setProvider(String value) {
133        this.provider = value;
134    }
135
136    public String getAlgorithm() {
137        return algorithm;
138    }
139
140    /**
141     * Sets optional algorithm name for the {@link TrustManagerFactory} used to create
142     * the {@link TrustManager}s represented by this object's configuration.  See the <a href=
143     * "http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html"
144     * >Java Secure Socket Extension Reference Guide</a> for information about
145     * standard algorithm names.
146     * 
147     * @param value the desired algorithm or {@code null} to use default
148     * 
149     * @see TrustManagerFactory#getDefaultAlgorithm()
150     */
151    public void setAlgorithm(String value) {
152        this.algorithm = value;
153    }
154
155    @Override
156    public String toString() {
157        StringBuilder builder = new StringBuilder();
158        builder.append("TrustManagerType [keyStore=");
159        builder.append(keyStore);
160        builder.append(", provider=");
161        builder.append(provider);
162        builder.append(", algorithm=");
163        builder.append(algorithm);
164        builder.append(", getContext()=");
165        builder.append(getCamelContext());
166        builder.append("]");
167        return builder.toString();
168    }
169}