001    /**
002     * Licensed to the Apache Software Foundation (ASF) under one or more
003     * contributor license agreements.  See the NOTICE file distributed with
004     * this work for additional information regarding copyright ownership.
005     * The ASF licenses this file to You under the Apache License, Version 2.0
006     * (the "License"); you may not use this file except in compliance with
007     * the License.  You may obtain a copy of the License at
008     *
009     *      http://www.apache.org/licenses/LICENSE-2.0
010     *
011     * Unless required by applicable law or agreed to in writing, software
012     * distributed under the License is distributed on an "AS IS" BASIS,
013     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     * See the License for the specific language governing permissions and
015     * limitations under the License.
016     */
017    package org.apache.camel.component.netty.ssl;
018    
019    import java.io.File;
020    import java.security.KeyStore;
021    
022    import javax.net.ssl.KeyManagerFactory;
023    import javax.net.ssl.SSLContext;
024    import javax.net.ssl.SSLEngine;
025    import javax.net.ssl.TrustManagerFactory;
026    
027    import org.apache.camel.converter.IOConverter;
028    
029    public class SSLEngineFactory {
030    
031        private static final String SSL_PROTOCOL = "TLS";
032        private static SSLContext sslContext;
033        
034        public SSLEngineFactory(String keyStoreFormat, String securityProvider, File keyStoreFile, File trustStoreFile, char[] passphrase) throws Exception {
035            super();        
036            
037            KeyStore ks = KeyStore.getInstance(keyStoreFormat);
038    
039            ks.load(IOConverter.toInputStream(keyStoreFile), passphrase);
040    
041            KeyManagerFactory kmf = KeyManagerFactory.getInstance(securityProvider);
042            kmf.init(ks, passphrase);
043    
044            sslContext = SSLContext.getInstance(SSL_PROTOCOL);
045            
046            if (trustStoreFile != null) { 
047                KeyStore ts = KeyStore.getInstance(keyStoreFormat); 
048                ts.load(IOConverter.toInputStream(trustStoreFile), passphrase); 
049                TrustManagerFactory tmf = TrustManagerFactory.getInstance(securityProvider); 
050                tmf.init(ts); 
051                sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); 
052            } else { 
053                sslContext.init(kmf.getKeyManagers(), null, null); 
054            }
055        }
056    
057        public SSLEngine createServerSSLEngine() {
058            SSLEngine serverEngine = sslContext.createSSLEngine();
059            serverEngine.setUseClientMode(false);
060            serverEngine.setNeedClientAuth(true);
061            return serverEngine;
062        }
063    
064        public SSLEngine createClientSSLEngine() {
065            SSLEngine clientEngine = sslContext.createSSLEngine();
066            clientEngine.setUseClientMode(true);
067            return clientEngine;
068        }
069        
070    }