001/** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017package org.apache.activemq.broker; 018 019import java.security.KeyManagementException; 020import java.security.NoSuchAlgorithmException; 021import java.security.NoSuchProviderException; 022import java.security.SecureRandom; 023import java.util.ArrayList; 024import java.util.Arrays; 025import java.util.List; 026 027import javax.net.ssl.KeyManager; 028import javax.net.ssl.SSLContext; 029import javax.net.ssl.TrustManager; 030 031/** 032 * A holder of SSL configuration. 033 */ 034public class SslContext { 035 036 protected String protocol = "TLS"; 037 protected String provider = null; 038 protected List<KeyManager> keyManagers = new ArrayList<KeyManager>(); 039 protected List<TrustManager> trustManagers = new ArrayList<TrustManager>(); 040 protected SecureRandom secureRandom; 041 private volatile boolean initialized; 042 private SSLContext sslContext; 043 044 private static final ThreadLocal<SslContext> current = new ThreadLocal<SslContext>(); 045 046 public SslContext() { 047 } 048 049 public SslContext(KeyManager[] km, TrustManager[] tm, SecureRandom random) { 050 if( km!=null ) { 051 setKeyManagers(Arrays.asList(km)); 052 } 053 if( tm!=null ) { 054 setTrustManagers(Arrays.asList(tm)); 055 } 056 setSecureRandom(random); 057 } 058 059 static public void setCurrentSslContext(SslContext bs) { 060 current.set(bs); 061 } 062 static public SslContext getCurrentSslContext() { 063 return current.get(); 064 } 065 066 public KeyManager[] getKeyManagersAsArray() { 067 KeyManager rc[] = new KeyManager[keyManagers.size()]; 068 return keyManagers.toArray(rc); 069 } 070 public TrustManager[] getTrustManagersAsArray() { 071 TrustManager rc[] = new TrustManager[trustManagers.size()]; 072 return trustManagers.toArray(rc); 073 } 074 075 public void addKeyManager(KeyManager km) { 076 keyManagers.add(km); 077 } 078 public boolean removeKeyManager(KeyManager km) { 079 return keyManagers.remove(km); 080 } 081 public void addTrustManager(TrustManager tm) { 082 trustManagers.add(tm); 083 } 084 public boolean removeTrustManager(TrustManager tm) { 085 return trustManagers.remove(tm); 086 } 087 088 public List<KeyManager> getKeyManagers() { 089 return keyManagers; 090 } 091 public void setKeyManagers(List<KeyManager> keyManagers) { 092 this.keyManagers = keyManagers; 093 } 094 public List<TrustManager> getTrustManagers() { 095 return trustManagers; 096 } 097 public void setTrustManagers(List<TrustManager> trustManagers) { 098 this.trustManagers = trustManagers; 099 } 100 public SecureRandom getSecureRandom() { 101 return secureRandom; 102 } 103 public void setSecureRandom(SecureRandom secureRandom) { 104 this.secureRandom = secureRandom; 105 } 106 107 public String getProtocol() { 108 return protocol; 109 } 110 public void setProtocol(String protocol) { 111 this.protocol = protocol; 112 } 113 public String getProvider() { 114 return provider; 115 } 116 public void setProvider(String provider) { 117 this.provider = provider; 118 } 119 120 public SSLContext getSSLContext() throws NoSuchProviderException, NoSuchAlgorithmException, KeyManagementException { 121 if (!initialized) { 122 synchronized (this) { 123 if (!initialized) { 124 if (provider == null) { 125 sslContext = SSLContext.getInstance(protocol); 126 } else { 127 sslContext = SSLContext.getInstance(protocol, provider); 128 } 129 sslContext.init(getKeyManagersAsArray(), getTrustManagersAsArray(), getSecureRandom()); 130 initialized = true; 131 } 132 } 133 } 134 return sslContext; 135 } 136 public synchronized void setSSLContext(SSLContext sslContext) { 137 this.sslContext = sslContext; 138 initialized = true; 139 } 140 141 142}