Source code

001/* ***** BEGIN LICENSE BLOCK *****
002 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
003 *
004 * The contents of this file are subject to the Mozilla Public License Version
005 * 1.1 (the "License"); you may not use this file except in compliance with
006 * the License. You may obtain a copy of the License at
007 * http://www.mozilla.org/MPL/
008 *
009 * Software distributed under the License is distributed on an "AS IS" basis,
010 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
011 * for the specific language governing rights and limitations under the
012 * License.
013 *
014 * The Original Code is part of dcm4che, an implementation of DICOM(TM) in
015 * Java(TM), hosted at https://github.com/gunterze/dcm4che.
016 *
017 * The Initial Developer of the Original Code is
018 * Agfa Healthcare.
019 * Portions created by the Initial Developer are Copyright (C) 2011
020 * the Initial Developer. All Rights Reserved.
021 *
022 * Contributor(s):
023 * See @authors listed below
024 *
025 * Alternatively, the contents of this file may be used under the terms of
026 * either the GNU General Public License Version 2 or later (the "GPL"), or
027 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
028 * in which case the provisions of the GPL or the LGPL are applicable instead
029 * of those above. If you wish to allow use of your version of this file only
030 * under the terms of either the GPL or the LGPL, and not to allow others to
031 * use your version of this file under the terms of the MPL, indicate your
032 * decision by deleting the provisions above and replace them with the notice
033 * and other provisions required by the GPL or the LGPL. If you do not delete
034 * the provisions above, a recipient may use your version of this file under
035 * the terms of any one of the MPL, the GPL or the LGPL.
036 *
037 * ***** END LICENSE BLOCK ***** */
038
039package org.dcm4che3.net;
040
041import java.io.IOException;
042import java.io.InputStream;
043import java.security.KeyStore;
044import java.security.KeyStoreException;
045import java.security.NoSuchAlgorithmException;
046import java.security.UnrecoverableKeyException;
047import java.security.cert.X509Certificate;
048import java.security.cert.CertificateException;
049
050import javax.net.ssl.KeyManager;
051import javax.net.ssl.KeyManagerFactory;
052import javax.net.ssl.TrustManager;
053import javax.net.ssl.TrustManagerFactory;
054
055import org.dcm4che3.util.SafeClose;
056import org.dcm4che3.util.StreamUtils;
057
058/**
059 * @author Gunter Zeilinger <gunterze@gmail.com>
060 */
061public abstract class SSLManagerFactory {
062
063    public static KeyStore createKeyStore(X509Certificate... certs)
064            throws KeyStoreException {
065        KeyStore ks = KeyStore.getInstance("JKS");
066        try {
067            ks.load(null);
068        } catch (IOException e) {
069            throw new AssertionError(e);
070        } catch (NoSuchAlgorithmException e) {
071            throw new AssertionError(e);
072        } catch (CertificateException e) {
073            throw new AssertionError(e);
074        }
075        for (X509Certificate cert : certs)
076            ks.setCertificateEntry(cert.getSubjectX500Principal().getName(), cert);
077        return ks;
078    }
079
080    public static KeyStore loadKeyStore(String type, String url, String password)
081            throws IOException, KeyStoreException, NoSuchAlgorithmException,
082                CertificateException {
083        return loadKeyStore(type, url, password.toCharArray());
084    }
085
086    public static KeyStore loadKeyStore(String type, String url, char[] password)
087            throws IOException, KeyStoreException, NoSuchAlgorithmException,
088                CertificateException {
089        KeyStore ks = KeyStore.getInstance(type);
090        InputStream in = StreamUtils.openFileOrURL(url);
091        try {
092            ks.load(in, password);
093        } finally {
094            SafeClose.close(in);
095        }
096        return ks;
097    }
098
099    public static KeyManager createKeyManager(String type, String url,
100            char[] storePassword, char[] keyPassword)
101            throws UnrecoverableKeyException, KeyStoreException,
102                NoSuchAlgorithmException, CertificateException, IOException {
103        return createKeyManager(loadKeyStore(type, url, storePassword), keyPassword);
104    }
105
106    public static KeyManager createKeyManager(String type, String url,
107            String storePassword, String keyPassword)
108            throws UnrecoverableKeyException, KeyStoreException,
109                NoSuchAlgorithmException, CertificateException, IOException {
110        return createKeyManager(loadKeyStore(type, url, storePassword), keyPassword);
111    }
112
113    public static KeyManager createKeyManager(KeyStore ks, String password)
114            throws UnrecoverableKeyException, KeyStoreException {
115        return createKeyManager(ks, password.toCharArray());
116    }
117
118    public static KeyManager createKeyManager(KeyStore ks, char[] password)
119            throws UnrecoverableKeyException, KeyStoreException {
120        try {
121            KeyManagerFactory kmf = KeyManagerFactory
122                    .getInstance(KeyManagerFactory.getDefaultAlgorithm());
123            kmf.init(ks, password);
124            KeyManager[] kms = kmf.getKeyManagers();
125            return kms.length > 0 ? kms[0] : null;
126        } catch (NoSuchAlgorithmException e) {
127            throw new AssertionError(e);
128        }
129    }
130
131    public static TrustManager createTrustManager(KeyStore ks)
132            throws KeyStoreException {
133        try {
134            TrustManagerFactory kmf = TrustManagerFactory
135                    .getInstance(TrustManagerFactory.getDefaultAlgorithm());
136            kmf.init(ks);
137            TrustManager[] tms = kmf.getTrustManagers();
138            return tms.length > 0 ? tms[0] : null;
139        } catch (NoSuchAlgorithmException e) {
140            throw new AssertionError(e);
141        }
142    }
143
144    public static TrustManager createTrustManager(X509Certificate... certs)
145            throws KeyStoreException {
146        return createTrustManager(createKeyStore(certs));
147    }
148
149    public static TrustManager createTrustManager(String type, String url, char[] password)
150            throws KeyStoreException, NoSuchAlgorithmException,
151                CertificateException, IOException {
152        return createTrustManager(loadKeyStore(type, url, password));
153    }
154
155    public static TrustManager createTrustManager(String type, String url, String password)
156            throws KeyStoreException, NoSuchAlgorithmException,
157                CertificateException, IOException {
158        return createTrustManager(loadKeyStore(type, url, password));
159    }
160}