View Javadoc
1   /*
2    * This file is part of Waarp Project (named also Waarp or GG).
3    *
4    *  Copyright (c) 2019, Waarp SAS, and individual contributors by the @author
5    *  tags. See the COPYRIGHT.txt in the distribution for a full listing of
6    * individual contributors.
7    *
8    *  All Waarp Project is free software: you can redistribute it and/or
9    * modify it under the terms of the GNU General Public License as published by
10   * the Free Software Foundation, either version 3 of the License, or (at your
11   * option) any later version.
12   *
13   * Waarp is distributed in the hope that it will be useful, but WITHOUT ANY
14   * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
15   * A PARTICULAR PURPOSE. See the GNU General Public License for more details.
16   *
17   *  You should have received a copy of the GNU General Public License along with
18   * Waarp . If not, see <http://www.gnu.org/licenses/>.
19   */
20  package org.waarp.common.crypto.ssl;
21  
22  import org.waarp.common.exception.CryptoException;
23  
24  import javax.net.ssl.ManagerFactoryParameters;
25  import javax.net.ssl.TrustManager;
26  import javax.net.ssl.TrustManagerFactory;
27  import javax.net.ssl.TrustManagerFactorySpi;
28  import java.security.KeyStore;
29  import java.security.cert.X509Certificate;
30  
31  /**
32   * A SecureTrustManagerFactory
33   */
34  public class WaarpSecureTrustManagerFactory extends TrustManagerFactorySpi {
35    private final WaarpX509TrustManager ggTrustManager;
36  
37    private final TrustManager[] trustManager;
38  
39    private final boolean needAuthentication;
40    private final boolean hasTrustStore;
41  
42    /**
43     * Accept all connections
44     */
45    public WaarpSecureTrustManagerFactory() {
46      ggTrustManager = new WaarpX509TrustManager();
47      trustManager = new TrustManager[] { ggTrustManager };
48      needAuthentication = false;
49      hasTrustStore = false;
50    }
51  
52    /**
53     * @param tmf
54     * @param clientAuthent True if the TrustStore is used for Client
55     *     Authentication
56     *
57     * @throws CryptoException
58     */
59    public WaarpSecureTrustManagerFactory(final TrustManagerFactory tmf,
60                                          final boolean clientAuthent)
61        throws CryptoException {
62      ggTrustManager = new WaarpX509TrustManager(tmf);
63      trustManager = new TrustManager[] { ggTrustManager };
64      needAuthentication = clientAuthent;
65      hasTrustStore = true;
66    }
67  
68    /**
69     * @return True if this TrustManager really check authentication
70     */
71    public final boolean hasTrustStore() {
72      return hasTrustStore;
73    }
74  
75    /**
76     * @return True if this TrustManager really check authentication
77     */
78    public final boolean needAuthentication() {
79      return needAuthentication;
80    }
81  
82    /**
83     * @return the list of TrustManagers
84     */
85    public final X509Certificate[] getX509Certificates() {
86      return ((WaarpX509TrustManager) trustManager[0]).getAcceptedIssuers();
87    }
88  
89    /**
90     * @return The TrustManager arrays
91     */
92    public final TrustManager[] getTrustManagers() {
93      return trustManager.clone();
94    }
95  
96    @Override
97    protected final TrustManager[] engineGetTrustManagers() {
98      return getTrustManagers();
99    }
100 
101   @Override
102   protected final void engineInit(final KeyStore arg0) {
103     // Unused
104   }
105 
106   @Override
107   protected final void engineInit(final ManagerFactoryParameters arg0) {
108     // Unused
109   }
110 
111 }