View Javadoc

1   /*
2    * Copyright 2014 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  
17  package org.jboss.netty.handler.ssl.util;
18  
19  import javax.net.ssl.ManagerFactoryParameters;
20  import javax.net.ssl.TrustManager;
21  import javax.net.ssl.TrustManagerFactory;
22  import javax.net.ssl.TrustManagerFactorySpi;
23  import java.security.InvalidAlgorithmParameterException;
24  import java.security.KeyStore;
25  import java.security.KeyStoreException;
26  import java.security.Provider;
27  
28  /**
29   * Helps to implement a custom {@link TrustManagerFactory}.
30   */
31  public abstract class SimpleTrustManagerFactory extends TrustManagerFactory {
32  
33      private static final Provider PROVIDER = new Provider("", 0.0, "") {
34          private static final long serialVersionUID = -2680540247105807895L;
35      };
36  
37      /**
38       * {@link SimpleTrustManagerFactorySpi} must have a reference to {@link SimpleTrustManagerFactory}
39       * to delegate its callbacks back to {@link SimpleTrustManagerFactory}.  However, it is impossible to do so,
40       * because {@link TrustManagerFactory} requires {@link TrustManagerFactorySpi} at construction time and
41       * does not provide a way to access it later.
42       *
43       * To work around this issue, we use an ugly hack which uses a {@link ThreadLocal}.
44       */
45      private static final ThreadLocal<SimpleTrustManagerFactorySpi> CURRENT_SPI =
46              new ThreadLocal<SimpleTrustManagerFactorySpi>() {
47                  @Override
48                  protected SimpleTrustManagerFactorySpi initialValue() {
49                      return new SimpleTrustManagerFactorySpi();
50                  }
51              };
52  
53      /**
54       * Creates a new instance.
55       */
56      protected SimpleTrustManagerFactory() {
57          this("");
58      }
59  
60      /**
61       * Creates a new instance.
62       *
63       * @param name the name of this {@link TrustManagerFactory}
64       */
65      protected SimpleTrustManagerFactory(String name) {
66          super(CURRENT_SPI.get(), PROVIDER, name);
67          CURRENT_SPI.get().init(this);
68          CURRENT_SPI.remove();
69  
70          if (name == null) {
71              throw new NullPointerException("name");
72          }
73      }
74  
75      /**
76       * Initializes this factory with a source of certificate authorities and related trust material.
77       *
78       * @see TrustManagerFactorySpi#engineInit(KeyStore)
79       */
80      protected abstract void engineInit(KeyStore keyStore) throws Exception;
81  
82      /**
83       * Initializes this factory with a source of provider-specific key material.
84       *
85       * @see TrustManagerFactorySpi#engineInit(ManagerFactoryParameters)
86       */
87      protected abstract void engineInit(ManagerFactoryParameters managerFactoryParameters) throws Exception;
88  
89      /**
90       * Returns one trust manager for each type of trust material.
91       *
92       * @see TrustManagerFactorySpi#engineGetTrustManagers()
93       */
94      protected abstract TrustManager[] engineGetTrustManagers();
95  
96      static final class SimpleTrustManagerFactorySpi extends TrustManagerFactorySpi {
97  
98          private SimpleTrustManagerFactory parent;
99  
100         void init(SimpleTrustManagerFactory parent) {
101             this.parent = parent;
102         }
103 
104         @Override
105         protected void engineInit(KeyStore keyStore) throws KeyStoreException {
106             try {
107                 parent.engineInit(keyStore);
108             } catch (KeyStoreException e) {
109                 throw e;
110             } catch (Exception e) {
111                 throw new KeyStoreException(e);
112             }
113         }
114 
115         @Override
116         protected void engineInit(
117                 ManagerFactoryParameters managerFactoryParameters) throws InvalidAlgorithmParameterException {
118             try {
119                 parent.engineInit(managerFactoryParameters);
120             } catch (InvalidAlgorithmParameterException e) {
121                 throw e;
122             } catch (Exception e) {
123                 throw new InvalidAlgorithmParameterException(e);
124             }
125         }
126 
127         @Override
128         protected TrustManager[] engineGetTrustManagers() {
129             return parent.engineGetTrustManagers();
130         }
131     }
132 }