DenaliSecurityProvider.java example

Explorer
openflexo-master
/*
 * (c) Copyright 2010-2011 AgileBirds
 *
 * This file is part of OpenFlexo.
 *
 * OpenFlexo is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * OpenFlexo is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with OpenFlexo. If not, see <http://www.gnu.org/licenses/>.
 *
 */
package org.openflexo.ssl;

import java.security.AccessController;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivilegedAction;
import java.security.Provider;
import java.security.Security;
import java.security.cert.X509Certificate;

import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactorySpi;
import javax.net.ssl.X509TrustManager;

public final class DenaliSecurityProvider extends Provider {

	private final static String PROVIDER_ID = "DenaliSecurityProvider";

	public DenaliSecurityProvider() {
		super(PROVIDER_ID, 1.0, "Denali security provider");

		AccessController.doPrivileged(new SecurityPrivilegedAction());
	}

	public static void insertSecurityProvider() throws Exception {
		if (Security.getProvider(PROVIDER_ID) == null) {
			Security.addProvider(new DenaliSecurityProvider());
			Security.setProperty("ssl.TrustManagerFactory.algorithm", "DenaliX509");
		}
	}

	protected final class SecurityPrivilegedAction implements PrivilegedAction<Object> {
		@Override
		public Object run() {
			put("TrustManagerFactory.DenaliX509", TrustManagerFactoryImpl.class.getName());
			return null;
		}
	}

	public final static class TrustManagerFactoryImpl extends TrustManagerFactorySpi {
		protected final class DenaliX509TrustManager implements X509TrustManager {
			@Override
			public X509Certificate[] getAcceptedIssuers() {
				return null;
			}

			@Override
			public void checkClientTrusted(X509Certificate[] chain, String authType) {

			}

			@Override
			public void checkServerTrusted(X509Certificate[] chain, String authType) {
				// TODO: check in some way the certificates here.
			}
		}

		@Override
		protected void engineInit(KeyStore keystore) throws KeyStoreException {

		}

		@Override
		protected void engineInit(ManagerFactoryParameters mgrparams) throws InvalidAlgorithmParameterException {

		}

		@Override
		protected TrustManager[] engineGetTrustManagers() {
			return new TrustManager[] { new DenaliX509TrustManager() };
		}
	}
}