AbstractSSLContextInitializer.java example

Explorer
ldaptive-master
/* See LICENSE for licensing and NOTICE for copyright. */
package org.ldaptive.ssl;

import java.security.GeneralSecurityException;
import java.util.Arrays;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.ldaptive.LdapUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * Provides common implementation for SSL context initializer.
 *
 * @author  Middleware Services
 */
public abstract class AbstractSSLContextInitializer implements SSLContextInitializer
{

  /** Logger for this class. */
  protected final Logger logger = LoggerFactory.getLogger(getClass());

  /** Trust managers. */
  protected TrustManager[] trustManagers;


  @Override
  public TrustManager[] getTrustManagers()
    throws GeneralSecurityException
  {
    final TrustManager[] tm = createTrustManagers();
    TrustManager[] aggregate;
    if (tm == null) {
      aggregate = trustManagers != null ? aggregateTrustManagers(trustManagers) : null;
    } else {
      aggregate = aggregateTrustManagers(LdapUtils.concatArrays(tm, trustManagers));
    }
    return aggregate;
  }


  /**
   * Sets the trust managers.
   *
   * @param  managers  trust managers
   */
  @Override
  public void setTrustManagers(final TrustManager... managers)
  {
    trustManagers = managers;
  }


  /**
   * Creates any trust managers specific to this context initializer.
   *
   * @return  trust managers
   *
   * @throws  GeneralSecurityException  if an errors occurs while loading the TrustManagers
   */
  protected abstract TrustManager[] createTrustManagers()
    throws GeneralSecurityException;


  @Override
  public SSLContext initSSLContext(final String protocol)
    throws GeneralSecurityException
  {
    final KeyManager[] km = getKeyManagers();
    final TrustManager[] tm = getTrustManagers();
    logger.trace(
      "Initialize SSLContext with keyManagers={} and trustManagers={}", Arrays.toString(km), Arrays.toString(tm));
    final SSLContext ctx = SSLContext.getInstance(protocol);
    ctx.init(km, tm, null);
    return ctx;
  }


  /**
   * Creates an {@link AggregateTrustManager} containing the supplied trust managers.
   *
   * @param  managers  to aggregate
   *
   * @return  array containing a single aggregate trust manager
   */
  protected TrustManager[] aggregateTrustManagers(final TrustManager... managers)
  {
    X509TrustManager[] x509Managers = null;
    if (managers != null) {
      x509Managers = new X509TrustManager[managers.length];
      for (int i = 0; i < managers.length; i++) {
        x509Managers[i] = (X509TrustManager) managers[i];
      }
    }
    return new TrustManager[] {new AggregateTrustManager(x509Managers)};
  }
}