SSLContextGenerator.java example

Explorer

flashback-master
- flashback-admin
  - src
    - main
      - java
        com
        linkedin
        flashback
        FlashbackAdminResource.java
- flashback-core-impl
  - src
    - main
      - java
        com
        linkedin
        flashback
        SceneAccessLayer.java
        decorator
        compression
        AbstractCompressor.java
        AbstractDecompressor.java
        DeflateCompressor.java
        DeflateDecompressor.java
        GzipCompressor.java
        GzipDecompressor.java
        factory
        RecordedHttpBodyFactory.java
        SceneFactory.java
        http
        HttpUtilities.java
        matchrules
        BaseMatchRule.java
        CompositeMatchRule.java
        DummyMatchRule.java
        MatchBody.java
        MatchBodyPostParameters.java
        MatchCaseInsensitiveMethod.java
        MatchHeaders.java
        MatchMethod.java
        MatchRule.java
        MatchRuleBlacklistTransform.java
        MatchRuleIdentityTransform.java
        MatchRuleMapTransform.java
        MatchRuleUtils.java
        MatchRuleWhitelistTransform.java
        MatchUri.java
        MatchUriWithQueryTransform.java
        NamedMatchRule.java
        scene
        DummyScene.java
        Scene.java
        SceneConfiguration.java
        SceneMode.java
        serializable
        RecordedByteHttpBody.java
        RecordedEncodedHttpBody.java
        RecordedHttpBody.java
        RecordedHttpExchange.java
        RecordedHttpMessage.java
        RecordedHttpRequest.java
        RecordedHttpResponse.java
        RecordedStringHttpBody.java
        serialization
        SceneDeserializer.java
        SceneReader.java
        SceneSerializationConstant.java
        SceneSerializer.java
        SceneWriter.java
    - test
      - java
        com
        linkedin
        flashback
        SceneAccessLayerTest.java
        decorator
        compression
        DeflateCompressorTest.java
        GzipCompressorTest.java
        factory
        RecordedHttpBodyFactoryTest.java
        SceneFactoryTest.java
        http
        HttpUtilitiesTest.java
        matchrules
        BaseMatchRuleTest.java
        CompositeMatchRuleTest.java
        MatchBodyPostParametersTest.java
        MatchBodyTest.java
        MatchCaseInsensitiveMethodTest.java
        MatchHeadersTest.java
        MatchMethodTest.java
        MatchRuleUtilsTest.java
        MatchUriTest.java
        serializable
        RecordedEncodedHttpBodyTest.java
        RecordedHttpMessageTest.java
        RecordedStringHttpBodyTest.java
        serialization
        MockDataGenerator.java
        SceneDeserializerTest.java
        SceneSerializerTest.java
- flashback-netty
  - src
    - main
      - java
        com
        linkedin
        flashback
        netty
        builder
        RecordedHttpMessageBuilder.java
        RecordedHttpRequestBuilder.java
        RecordedHttpResponseBuilder.java
        mapper
        NettyHttpResponseMapper.java
    - test
      - java
        com
        linkedin
        flashback
        netty
        builder
        RecordedHttpMessageBuilderTest.java
        RecordedHttpRequestBuilderTest.java
        RecordedHttpResponseBuilderTest.java
        mapper
        NettyHttpResponseMapperTest.java
- flashback-smartproxy
  - src
    - main
      - java
        com
        linkedin
        flashback
        smartproxy
        FlashbackRunner.java
        proxycontroller
        RecordController.java
        ReplayController.java
        utils
        NoMatchResponseGenerator.java
    - test
      - java
        com
        linkedin
        flashback
        smartproxy
        FlashbackRunnerTest.java
- flashback-test-util
  - src
    - main
      - java
        com
        linkedin
        flashback
        test
        FlashbackBaseTest.java
- mitm
  - src
    - main
      - java
        com
        linkedin
        mitm
        factory
        CertificateKeyStoreFactory.java
        KeyPairFactory.java
        RSASha1KeyPairFactory.java
        model
        CertificateAuthority.java
        CertificateValidPeriod.java
        Protocol.java
        proxy
        ProxyInitializer.java
        ProxyServer.java
        channel
        ChannelHandlerDelegate.java
        ChannelMediator.java
        ClientChannelHandler.java
        Flushable.java
        ServerChannelHandler.java
        protocol
        HttpChannelHandlerDelegate.java
        HttpsChannelHandlerDelegate.java
        connectionflow
        ConnectionFlowProcessor.java
        steps
        AcceptTCPConnectionFromClient.java
        ConnectionFlowStep.java
        EstablishTCPConnectionToServer.java
        HandshakeWithClient.java
        HandshakeWithServer.java
        ResumeReadingFromClient.java
        StopReadingFromClient.java
        dataflow
        NormalProxyModeController.java
        NormalProxyModeControllerFactory.java
        ProxyModeController.java
        ProxyModeControllerFactory.java
        factory
        ConnectionFlowFactory.java
        ErrorResponseFactory.java
        HandlerDelegateFactory.java
        NamedThreadFactory.java
        services
        AbstractX509CertificateService.java
        CACertificateService.java
        CertificateService.java
        IdentityCertificateService.java
        RandomNumberGenerator.java
        SSLContextGenerator.java
        store
        JKSTrustStoreReader.java
        KeyStoreReader.java
        KeyStoreWriter.java
        PKC12KeyStoreReadWriter.java

/*
 * Copyright (c) LinkedIn Corporation. All rights reserved. Licensed under the BSD-2 Clause license.
 * See LICENSE in the project root for license information.
 */

package com.linkedin.mitm.services;

import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;


/**
 * Wrapper class for SSLContext generating code
 * @author shfeng
 */
public class SSLContextGenerator {
  private static final String SSL_CONTEXT_PROTOCOL = "TLS";
  private static final String KEY_MANAGER_TYPE = "SunX509";
  private static final String TRUST_MANAGER_TYPE = "SunX509";

  /**
   * Create client side SSLContext {@link javax.net.ssl.SSLContext}
   *
   * */
  public static SSLContext createClientContext(KeyStore keyStore, char[] passphrase)
      throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
    String keyManAlg = KeyManagerFactory.getDefaultAlgorithm();
    KeyManagerFactory kmf = KeyManagerFactory.getInstance(keyManAlg);
    kmf.init(keyStore, passphrase);
    KeyManager[] keyManagers = kmf.getKeyManagers();
    return create(keyManagers, InsecureTrustManagerFactory.INSTANCE.getTrustManagers(),
        RandomNumberGenerator.getInstance().getSecureRandom());
  }

  /**
   * Create default server side SSLContext {@link javax.net.ssl.SSLContext}
   *
   * */
  public static SSLContext createDefaultServerContext()
      throws KeyManagementException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException {
    return create(null, null, RandomNumberGenerator.getInstance().getSecureRandom());
  }

  private static SSLContext create(KeyManager[] keyManagers, TrustManager[] trustManagers, SecureRandom secureRandom)
      throws NoSuchAlgorithmException, KeyManagementException {
    SSLContext sslContext = SSLContext.getInstance(SSL_CONTEXT_PROTOCOL);
    sslContext.init(keyManagers, trustManagers, secureRandom);
    return sslContext;
  }

  private SSLContextGenerator() {
  }
}