1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *  
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *  
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License. 
18   *  
19   */
20  package org.apache.directory.server.ssl;
21  
22  
23  import java.io.IOException;
24  import java.io.InputStream;
25  import java.security.GeneralSecurityException;
26  import java.security.KeyStore;
27  
28  import javax.net.ssl.KeyManagerFactory;
29  import javax.net.ssl.SSLContext;
30  
31  
32  /**
33   * Factory to create a bougus SSLContext.
34   *
35   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
36   * @version $Rev: 683827 $, $Date: 2008-08-08 05:34:27 +0200 (Fr, 08 Aug 2008) $
37   */
38  public class BogusSSLContextFactory
39  {
40  
41      /**
42       * Protocol to use.
43       */
44      private static final String PROTOCOL = "TLS";
45  
46      /**
47       * Bougus Server certificate keystore file name.
48       */
49      private static final String BOGUS_KEYSTORE = "/bogus.cert";
50  
51      // NOTE: The keystore was generated using keytool:
52      //   keytool -genkey -alias bogus -keysize 512 -validity 3650
53      //           -keyalg RSA -dname "CN=bogus.com, OU=XXX CA,
54      //               O=Bogus Inc, L=Stockholm, S=Stockholm, C=SE"
55      //           -keypass boguspw -storepass boguspw -keystore bogus.cert
56  
57      /**
58       * Bougus keystore password.
59       */
60      private static final char[] BOGUS_PW =
61          { 'b', 'o', 'g', 'u', 's', 'p', 'w' };
62  
63      private static SSLContext serverInstance = null;
64  
65      private static SSLContext clientInstance = null;
66  
67  
68      /**
69       * Get SSLContext singleton.
70       *
71       * @return SSLContext
72       * @throws java.security.GeneralSecurityException
73       *
74       */
75      public static SSLContext getInstance( boolean server ) throws GeneralSecurityException
76      {
77          SSLContext retInstance = null;
78          if ( server )
79          {
80              if ( serverInstance == null )
81              {
82                  synchronized ( BogusSSLContextFactory.class )
83                  {
84                      if ( serverInstance == null )
85                      {
86                          try
87                          {
88                              serverInstance = createBougusServerSSLContext();
89                          }
90                          catch ( Exception ioe )
91                          {
92                              throw new GeneralSecurityException( "Can't create Server SSLContext:" + ioe );
93                          }
94                      }
95                  }
96              }
97              retInstance = serverInstance;
98          }
99          else
100         {
101             if ( clientInstance == null )
102             {
103                 synchronized ( BogusSSLContextFactory.class )
104                 {
105                     if ( clientInstance == null )
106                     {
107                         clientInstance = createBougusClientSSLContext();
108                     }
109                 }
110             }
111             retInstance = clientInstance;
112         }
113         return retInstance;
114     }
115 
116 
117     private static SSLContext createBougusServerSSLContext() throws GeneralSecurityException, IOException
118     {
119         // Create keystore
120         KeyStore ks = KeyStore.getInstance( "JKS" );
121         InputStream in = null;
122         try
123         {
124             in = BogusSSLContextFactory.class.getResourceAsStream( BOGUS_KEYSTORE );
125             ks.load( in, BOGUS_PW );
126         }
127         finally
128         {
129             if ( in != null )
130             {
131                 try
132                 {
133                     in.close();
134                 }
135                 catch ( IOException ignored )
136                 {
137                 }
138             }
139         }
140 
141         // Set up key manager factory to use our key store
142         KeyManagerFactory kmf = KeyManagerFactory.getInstance( "SunX509" );
143         kmf.init( ks, BOGUS_PW );
144 
145         // Initialize the SSLContext to work with our key managers.
146         SSLContext sslContext = SSLContext.getInstance( PROTOCOL );
147         sslContext.init( kmf.getKeyManagers(), BogusTrustManagerFactory.X509_MANAGERS, null );
148 
149         return sslContext;
150     }
151 
152 
153     private static SSLContext createBougusClientSSLContext() throws GeneralSecurityException
154     {
155         SSLContext context = SSLContext.getInstance( PROTOCOL );
156         context.init( null, BogusTrustManagerFactory.X509_MANAGERS, null );
157         return context;
158     }
159 
160 }