package org.webpieces.nio.api;
import java.io.FileInputStream;
import java.security.KeyStore;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManagerFactory;
public class SelfSignedSSLEngineFactory implements SSLEngineFactoryWithHost {
//private static final Logger log = Logger.getLogger(MockSSLEngineFactory.class.getName());
private String clientKeystore = "src/test/resources/exampletrust.jks";
private String serverKeystore = "src/test/resources/exampleca.jks";
private String password = "password";
private String cachedHost = "";
@Override
public SSLEngine createSslEngine(String host) {
try {
this.cachedHost = host;
// Create/initialize the SSLContext with key material
char[] passphrase = password.toCharArray();
// First initialize the key and trust material.
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(serverKeystore), passphrase);
SSLContext sslContext = SSLContext.getInstance("TLS");
//****************Server side specific*********************
// KeyManager's decide which key material to use.
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, passphrase);
sslContext.init(kmf.getKeyManagers(), null, null);
//****************Server side specific*********************
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(false);
return engine;
} catch(Exception e) {
throw new RuntimeException(e);
}
}
public SSLEngine createSslEngine() {
throw new IllegalStateException("Do not return here to make test fail if this no longer works");
}
public SSLEngine createEngineForClient(String host, int port) {
try {
// Create/initialize the SSLContext with key material
char[] passphrase = password.toCharArray();
// First initialize the key and trust material.
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(clientKeystore), passphrase);
SSLContext sslContext = SSLContext.getInstance("TLS");
//****************Client side specific*********************
// TrustManager's decide whether to allow connections.
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(ks);
sslContext.init(null, tmf.getTrustManagers(), null);
//****************Client side specific*********************
SSLEngine engine = sslContext.createSSLEngine(host, port);
engine.setUseClientMode(true);
return engine;
} catch(Exception e) {
throw new RuntimeException(e);
}
}
public String getCachedHost() {
return cachedHost;
}
}