SecurityUtils.java example

Explorer
MULE-master
- mule-mule-4.x
/*
 * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
 * The software in this package is published under the terms of the CPAL v1.0
 * license, a copy of which has been included with this distribution in the
 * LICENSE.txt file.
 */
package org.mule.runtime.core.util;


import org.mule.runtime.core.api.config.MuleProperties;
import org.mule.runtime.core.api.security.tls.TlsConfiguration;

import java.security.Provider;
import java.security.Security;

public final class SecurityUtils {

  private static final String PREFERED_PROVIDER_NAME = "BC";

  public static String getSecurityModel() {
    return System.getProperty(MuleProperties.MULE_SECURITY_SYSTEM_PROPERTY, TlsConfiguration.DEFAULT_SECURITY_MODEL);
  }

  public static boolean isFipsSecurityModel() {
    return getSecurityModel().equals(TlsConfiguration.FIPS_SECURITY_MODEL);
  }

  public static boolean isDefaultSecurityModel() {
    return getSecurityModel().equals(TlsConfiguration.DEFAULT_SECURITY_MODEL);
  }

  /**
   * Returns the default security provider that should be used in scenarios where ONE provider must be explicitly given. It will
   * get the first registered provider in order of preference, unless a system variable is defined with a provider name.
   *
   * <p>
   * <b>Note:</b> Use this method as a last resort for cases were a library always requires you to provide one. JCE already
   * provides an excellent provider selection algorithm, and many operations will automatically choose the best provider if you
   * don't force one in particular
   * </p>
   */
  public static Provider getDefaultSecurityProvider() {
    String providerName = System.getProperty(MuleProperties.MULE_SECURITY_PROVIDER_PROPERTY);
    Provider provider = null;
    if (providerName == null) {
      if (!isFipsSecurityModel()) {
        provider = Security.getProvider(PREFERED_PROVIDER_NAME);
      }
      if (provider == null) {
        Provider[] providers = Security.getProviders();
        if (providers.length > 0) {
          provider = providers[0];
        }
      }
    } else {
      provider = Security.getProvider(providerName);
    }

    if (provider == null) {
      throw new IllegalStateException("Can't find a suitable security provider. "
          + (providerName == null ? "" : "Provider name " + providerName + " was not found."));
    }
    return provider;
  }
}