View Javadoc

1   /**
2    * This file is part of Waarp Project.
3    * 
4    * Copyright 2009, Frederic Bregier, and individual contributors by the @author tags. See the
5    * COPYRIGHT.txt in the distribution for a full listing of individual contributors.
6    * 
7    * All Waarp Project is free software: you can redistribute it and/or modify it under the terms of
8    * the GNU General Public License as published by the Free Software Foundation, either version 3 of
9    * the License, or (at your option) any later version.
10   * 
11   * Waarp is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even
12   * the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
13   * Public License for more details.
14   * 
15   * You should have received a copy of the GNU General Public License along with Waarp . If not, see
16   * <http://www.gnu.org/licenses/>.
17   */
18  package org.waarp.ftp.simpleimpl.config;
19  
20  import org.dom4j.Document;
21  import org.dom4j.DocumentException;
22  import org.dom4j.io.SAXReader;
23  import org.waarp.common.crypto.ssl.WaarpSecureKeyStore;
24  import org.waarp.common.crypto.ssl.WaarpSslContextFactory;
25  import org.waarp.common.exception.CryptoException;
26  import org.waarp.common.logging.WaarpLogger;
27  import org.waarp.common.logging.WaarpLoggerFactory;
28  import org.waarp.common.xml.XmlDecl;
29  import org.waarp.common.xml.XmlHash;
30  import org.waarp.common.xml.XmlType;
31  import org.waarp.common.xml.XmlUtil;
32  import org.waarp.common.xml.XmlValue;
33  import org.waarp.ftp.core.config.FtpConfiguration;
34  import org.waarp.ftp.core.control.ftps.FtpsInitializer;
35  
36  /**
37   * FtpConfiguration based on a XML file
38   * 
39   * @author Frederic Bregier
40   * 
41   */
42  public class FileBasedSslConfiguration {
43      /**
44       * Internal Logger
45       */
46      private static final WaarpLogger logger = WaarpLoggerFactory
47              .getLogger(FileBasedSslConfiguration.class);
48  
49      /**
50       * SERVER SSL STOREKEY PATH
51       */
52      private static final String XML_PATH_KEYPATH = "keypath";
53  
54      /**
55       * SERVER SSL KEY PASS
56       */
57      private static final String XML_PATH_KEYPASS = "keypass";
58  
59      /**
60       * SERVER SSL STOREKEY PASS
61       */
62      private static final String XML_PATH_KEYSTOREPASS = "keystorepass";
63  
64      /**
65       * SERVER SSL TRUSTSTOREKEY PATH
66       */
67      private static final String XML_PATH_TRUSTKEYPATH = "trustkeypath";
68  
69      /**
70       * SERVER SSL TRUSTSTOREKEY PASS
71       */
72      private static final String XML_PATH_TRUSTKEYSTOREPASS = "trustkeystorepass";
73  
74      /**
75       * SERVER SSL Use TrustStore for Client Authentication
76       */
77      private static final String XML_USECLIENT_AUTHENT = "trustuseclientauthenticate";
78  
79      /**
80       * Structure of the Configuration file
81       * 
82       */
83      private static final XmlDecl[] configSslDecls = {
84              // ssl
85              new XmlDecl(XmlType.STRING, XML_PATH_KEYPATH),
86              new XmlDecl(XmlType.STRING, XML_PATH_KEYSTOREPASS),
87              new XmlDecl(XmlType.STRING, XML_PATH_KEYPASS),
88              new XmlDecl(XmlType.STRING, XML_PATH_TRUSTKEYPATH),
89              new XmlDecl(XmlType.STRING, XML_PATH_TRUSTKEYSTOREPASS),
90              new XmlDecl(XmlType.BOOLEAN, XML_USECLIENT_AUTHENT)
91      };
92      /**
93       * Overall structure of the Configuration file
94       */
95      private static final String XML_ROOT = "/config/";
96      private static final String XML_SSL = "ssl";
97      /**
98       * Global Structure for Server Configuration
99       */
100     private static final XmlDecl[] configServer = {
101             new XmlDecl(XML_SSL, XmlType.XVAL, XML_ROOT + XML_SSL, configSslDecls, false)
102     };
103     private static XmlValue[] configuration = null;
104     private static XmlHash hashConfig = null;
105 
106     protected static boolean loadSsl(FtpConfiguration config) {
107         // StoreKey for Server
108         XmlValue value = hashConfig.get(XML_PATH_KEYPATH);
109         if (value == null || (value.isEmpty())) {
110             logger.info("Unable to find Key Path");
111             try {
112                 FtpsInitializer.waarpSecureKeyStore =
113                         new WaarpSecureKeyStore("secret", "secret");
114             } catch (CryptoException e) {
115                 logger.error("Bad SecureKeyStore construction");
116                 return false;
117             }
118         } else {
119             String keypath = value.getString();
120             if ((keypath == null) || (keypath.length() == 0)) {
121                 logger.error("Bad Key Path");
122                 return false;
123             }
124             value = hashConfig.get(XML_PATH_KEYSTOREPASS);
125             if (value == null || (value.isEmpty())) {
126                 logger.error("Unable to find KeyStore Passwd");
127                 return false;
128             }
129             String keystorepass = value.getString();
130             if ((keystorepass == null) || (keystorepass.length() == 0)) {
131                 logger.error("Bad KeyStore Passwd");
132                 return false;
133             }
134             value = hashConfig.get(XML_PATH_KEYPASS);
135             if (value == null || (value.isEmpty())) {
136                 logger.error("Unable to find Key Passwd");
137                 return false;
138             }
139             String keypass = value.getString();
140             if ((keypass == null) || (keypass.length() == 0)) {
141                 logger.error("Bad Key Passwd");
142                 return false;
143             }
144             try {
145                 FtpsInitializer.waarpSecureKeyStore =
146                         new WaarpSecureKeyStore(keypath, keystorepass,
147                                 keypass);
148             } catch (CryptoException e) {
149                 logger.error("Bad SecureKeyStore construction");
150                 return false;
151             }
152 
153         }
154         // TrustedKey for OpenR66 server
155         value = hashConfig.get(XML_PATH_TRUSTKEYPATH);
156         if (value == null || (value.isEmpty())) {
157             logger.info("Unable to find TRUST Key Path");
158             FtpsInitializer.waarpSecureKeyStore.initEmptyTrustStore();
159         } else {
160             String keypath = value.getString();
161             if ((keypath == null) || (keypath.length() == 0)) {
162                 logger.error("Bad TRUST Key Path");
163                 return false;
164             }
165             value = hashConfig.get(XML_PATH_TRUSTKEYSTOREPASS);
166             if (value == null || (value.isEmpty())) {
167                 logger.error("Unable to find TRUST KeyStore Passwd");
168                 return false;
169             }
170             String keystorepass = value.getString();
171             if ((keystorepass == null) || (keystorepass.length() == 0)) {
172                 logger.error("Bad TRUST KeyStore Passwd");
173                 return false;
174             }
175             boolean useClientAuthent = false;
176             value = hashConfig.get(XML_USECLIENT_AUTHENT);
177             if (value != null && (!value.isEmpty())) {
178                 useClientAuthent = value.getBoolean();
179             }
180             try {
181                 FtpsInitializer.waarpSecureKeyStore.initTrustStore(keypath,
182                         keystorepass, useClientAuthent);
183             } catch (CryptoException e) {
184                 logger.error("Bad TrustKeyStore construction");
185                 return false;
186             }
187         }
188         FtpsInitializer.waarpSslContextFactory =
189                 new WaarpSslContextFactory(
190                         FtpsInitializer.waarpSecureKeyStore);
191         return true;
192     }
193 
194     /**
195      * Initiate the configuration from the xml file for server
196      * 
197      * @param filename
198      * @return True if OK
199      */
200     public static boolean setConfigurationServerFromXml(FtpConfiguration config, String filename) {
201         Document document = null;
202         // Open config file
203         try {
204             document = new SAXReader().read(filename);
205         } catch (DocumentException e) {
206             logger.error("Unable to read the XML Config file: " + filename, e);
207             return false;
208         }
209         if (document == null) {
210             logger.error("Unable to read the XML Config file: " + filename);
211             return false;
212         }
213         configuration = XmlUtil.read(document, configServer);
214         hashConfig = new XmlHash(configuration);
215         // Now read the configuration
216         if (!loadSsl(config)) {
217             logger.error("Cannot load SSL configuration");
218             return false;
219         }
220         hashConfig.clear();
221         hashConfig = null;
222         configuration = null;
223         return true;
224     }
225 }