| package org.bouncycastle.est.jcajce; |
| |
| |
| import java.security.KeyManagementException; |
| import java.security.NoSuchAlgorithmException; |
| import java.security.NoSuchProviderException; |
| import java.security.Provider; |
| import java.security.SecureRandom; |
| import java.security.Security; |
| |
| import javax.net.ssl.KeyManager; |
| import javax.net.ssl.SSLContext; |
| import javax.net.ssl.SSLSocketFactory; |
| import javax.net.ssl.X509TrustManager; |
| |
| /** |
| * A basic builder to allow configuration of an SSLContext used to create an SSLSocketFactory. |
| */ |
| class SSLSocketFactoryCreatorBuilder |
| { |
| protected String tlsVersion = "TLS"; |
| protected Provider tlsProvider; |
| protected KeyManager[] keyManagers; |
| protected X509TrustManager[] trustManagers; |
| protected SecureRandom secureRandom = new SecureRandom(); |
| |
| public SSLSocketFactoryCreatorBuilder(X509TrustManager trustManager) |
| { |
| if (trustManager == null) |
| { |
| throw new NullPointerException("Trust managers can not be null"); |
| } |
| this.trustManagers = new X509TrustManager[]{trustManager}; |
| } |
| |
| public SSLSocketFactoryCreatorBuilder(X509TrustManager[] trustManagers) |
| { |
| if (trustManagers == null) |
| { |
| throw new NullPointerException("Trust managers can not be null"); |
| } |
| this.trustManagers = trustManagers; |
| } |
| |
| public SSLSocketFactoryCreatorBuilder withTLSVersion(String tlsVersion) |
| { |
| this.tlsVersion = tlsVersion; |
| return this; |
| } |
| |
| public SSLSocketFactoryCreatorBuilder withSecureRandom(SecureRandom secureRandom) |
| { |
| this.secureRandom = secureRandom; |
| return this; |
| } |
| |
| /** |
| * Configure this builder to use the provider with the passed in name. |
| * |
| * @param tlsProviderName the name JSSE Provider to use. |
| * @return the current builder instance. |
| * @throws NoSuchProviderException if the specified provider does not exist. |
| */ |
| public SSLSocketFactoryCreatorBuilder withProvider(String tlsProviderName) |
| throws NoSuchProviderException |
| { |
| this.tlsProvider = Security.getProvider(tlsProviderName); |
| if (this.tlsProvider == null) |
| { |
| throw new NoSuchProviderException("JSSE provider not found: " + tlsProviderName); |
| } |
| return this; |
| } |
| |
| /** |
| * Configure this builder to use the passed in provider. |
| * |
| * @param tlsProvider the JSSE Provider to use. |
| * @return the current builder instance. |
| */ |
| public SSLSocketFactoryCreatorBuilder withProvider(Provider tlsProvider) |
| { |
| this.tlsProvider = tlsProvider; |
| return this; |
| } |
| |
| public SSLSocketFactoryCreatorBuilder withKeyManager(KeyManager keyManager) |
| { |
| if (keyManager == null) |
| { |
| this.keyManagers = null; |
| } |
| else |
| { |
| this.keyManagers = new KeyManager[]{keyManager}; |
| } |
| return this; |
| } |
| |
| public SSLSocketFactoryCreatorBuilder withKeyManagers(KeyManager[] keyManagers) |
| { |
| this.keyManagers = keyManagers; |
| |
| return this; |
| } |
| |
| public SSLSocketFactoryCreator build() |
| { |
| return new SSLSocketFactoryCreator() |
| { |
| public boolean isTrusted() |
| { |
| for (int i = 0; i != trustManagers.length; i++) |
| { |
| X509TrustManager tm = trustManagers[i]; |
| if (tm.getAcceptedIssuers().length > 0) |
| { |
| return true; |
| } |
| } |
| |
| return false; |
| } |
| |
| public SSLSocketFactory createFactory() |
| throws NoSuchAlgorithmException, NoSuchProviderException, KeyManagementException |
| { |
| SSLContext ctx; |
| |
| if (tlsProvider != null) |
| { |
| ctx = SSLContext.getInstance(tlsVersion, tlsProvider); |
| } |
| else |
| { |
| ctx = SSLContext.getInstance(tlsVersion); |
| } |
| |
| ctx.init(keyManagers, trustManagers, secureRandom); |
| |
| return ctx.getSocketFactory(); |
| } |
| }; |
| } |
| } |
