View Javadoc

1   /*
2    * Copyright 2012 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package org.jboss.netty.example.http.websocketx.sslserver;
17  
18  import java.io.FileInputStream;
19  import java.security.KeyStore;
20  import java.security.Security;
21  
22  import javax.net.ssl.KeyManagerFactory;
23  import javax.net.ssl.SSLContext;
24  
25  import org.jboss.netty.logging.InternalLogger;
26  import org.jboss.netty.logging.InternalLoggerFactory;
27  
28  /**
29   * Creates a {@link SSLContext} for just server certificates.
30   */
31  public final class WebSocketSslServerSslContext {
32  
33      private static final InternalLogger logger = InternalLoggerFactory.getInstance(WebSocketSslServerSslContext.class);
34      private static final String PROTOCOL = "TLS";
35      private SSLContext _serverContext;
36  
37      /**
38       * Returns the singleton instance for this class
39       */
40      public static WebSocketSslServerSslContext getInstance() {
41          return SingletonHolder.INSTANCE;
42      }
43  
44      /**
45       * SingletonHolder is loaded on the first execution of Singleton.getInstance() or the first access to
46       * SingletonHolder.INSTANCE, not before.
47       *
48       * See http://en.wikipedia.org/wiki/Singleton_pattern
49       */
50      private static class SingletonHolder {
51  
52          public static final WebSocketSslServerSslContext INSTANCE = new WebSocketSslServerSslContext();
53      }
54  
55      /**
56       * Constructor for singleton
57       */
58      private WebSocketSslServerSslContext() {
59          try {
60              // Key store (Server side certificate)
61              String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm");
62              if (algorithm == null) {
63                  algorithm = "SunX509";
64              }
65  
66              SSLContext serverContext = null;
67              try {
68                  String keyStoreFilePath = System.getProperty("keystore.file.path");
69                  String keyStoreFilePassword = System.getProperty("keystore.file.password");
70  
71                  KeyStore ks = KeyStore.getInstance("JKS");
72                  FileInputStream fin = new FileInputStream(keyStoreFilePath);
73                  ks.load(fin, keyStoreFilePassword.toCharArray());
74  
75                  // Set up key manager factory to use our key store
76                  // Assume key password is the same as the key store file
77                  // password
78                  KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
79                  kmf.init(ks, keyStoreFilePassword.toCharArray());
80  
81                  // Initialise the SSLContext to work with our key managers.
82                  serverContext = SSLContext.getInstance(PROTOCOL);
83                  serverContext.init(kmf.getKeyManagers(), null, null);
84              } catch (Exception e) {
85                  throw new Error("Failed to initialize the server-side SSLContext", e);
86              }
87              _serverContext = serverContext;
88          } catch (Exception ex) {
89              if (logger.isErrorEnabled()) {
90                  logger.error("Error initializing SslContextManager. " + ex.getMessage(), ex);
91              }
92              System.exit(1);
93  
94          }
95      }
96  
97      /**
98       * Returns the server context with server side key store
99       */
100     public SSLContext getServerContext() {
101         return _serverContext;
102     }
103 }