SslSupport.java

/*******************************************************************************
 * Copyright (c) 2011, 2013 Tasktop Technologies and others.
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 *
 * Contributors:
 *     Tasktop Technologies - initial API and implementation
 *     BREDEX GmbH - fix for bug 295050
 *******************************************************************************/

package org.eclipse.mylyn.commons.core.net;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;

import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;

import org.eclipse.osgi.util.NLS;

/**
 * Provides support for managing SSL connections.
 * 
 * @author Steffen Pingel
 * @author Torsten Kalix
 * @since 3.7
 */
public class SslSupport {

	private static final String KEY_STORE_FILE_NAME = "javax.net.ssl.keyStore"; //$NON-NLS-1$

	private static final String KEY_STORE_PASSWORD = "javax.net.ssl.keyStorePassword"; //$NON-NLS-1$

	private static final String KEY_STORE_TYPE = "javax.net.ssl.keyStoreType"; //$NON-NLS-1$

	private final String keyStoreFileName;

	private final String keyStorePassword;

	private final String keyStoreType;

	private SSLSocketFactory socketFactory;

	private final TrustManager[] trustManagers;

	public SslSupport(TrustManager[] trustManagers) {
		this(trustManagers, System.getProperty(KEY_STORE_FILE_NAME), System.getProperty(KEY_STORE_PASSWORD),
				System.getProperty(KEY_STORE_TYPE));
	}

	public SslSupport(TrustManager[] trustManagers, String keyStoreFileName, String keyStorePassword,
			String keyStoreType) {
		this.trustManagers = trustManagers;
		this.keyStoreFileName = keyStoreFileName;
		this.keyStorePassword = keyStorePassword;
		this.keyStoreType = keyStoreType;
	}

	@Override
	public boolean equals(Object obj) {
		if (this == obj) {
			return true;
		}
		if (obj == null) {
			return false;
		}
		if (getClass() != obj.getClass()) {
			return false;
		}
		SslSupport other = (SslSupport) obj;
		if (keyStoreFileName == null) {
			if (other.keyStoreFileName != null) {
				return false;
			}
		} else if (!keyStoreFileName.equals(other.keyStoreFileName)) {
			return false;
		}
		if (keyStorePassword == null) {
			if (other.keyStorePassword != null) {
				return false;
			}
		} else if (!keyStorePassword.equals(other.keyStorePassword)) {
			return false;
		}
		if (keyStoreType == null) {
			if (other.keyStoreType != null) {
				return false;
			}
		} else if (!keyStoreType.equals(other.keyStoreType)) {
			return false;
		}
		return true;
	}

	public synchronized SSLSocketFactory getSocketFactory() throws IOException {
		if (socketFactory == null) {
			KeyManager[] keyManagers = null;

			// load keystore from file
			if (keyStoreFileName != null && keyStorePassword != null) {
				try {
					if (keyStoreType != null) {
						keyManagers = openKeyStore(keyStoreType);
					} else {
						try {
							keyManagers = openKeyStore(KeyStore.getDefaultType());
						} catch (Exception e) {
							keyManagers = openKeyStore("pkcs12"); //$NON-NLS-1$
						}
					}
				} catch (Exception cause) {
					IOException e = new SslCertificateException(NLS.bind("Error accessing keystore: {0}", //$NON-NLS-1$
							cause.getMessage()));
					e.initCause(cause);
					throw e;
				}
			}

			try {
				SSLContext sslContext = SSLContext.getInstance("SSL"); //$NON-NLS-1$
				sslContext.init(keyManagers, trustManagers, null);

				this.socketFactory = sslContext.getSocketFactory();
			} catch (Exception cause) {
				IOException e = new SslCertificateException();
				e.initCause(cause);
				throw e;
			}
		}
		return socketFactory;
	}

	@Override
	public int hashCode() {
		final int prime = 31;
		int result = 1;
		result = prime * result + ((keyStoreFileName == null) ? 0 : keyStoreFileName.hashCode());
		result = prime * result + ((keyStorePassword == null) ? 0 : keyStorePassword.hashCode());
		result = prime * result + ((keyStoreType == null) ? 0 : keyStoreType.hashCode());
		return result;
	}

	private KeyManager[] openKeyStore(String type) throws KeyStoreException, IOException, NoSuchAlgorithmException,
			CertificateException, FileNotFoundException, UnrecoverableKeyException {
		KeyStore keyStore = KeyStore.getInstance(type);
		char[] password = keyStorePassword.toCharArray();
		keyStore.load(new FileInputStream(keyStoreFileName), password);

		KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
		keyManagerFactory.init(keyStore, password);
		return keyManagerFactory.getKeyManagers();
	}

}