simple-client/src/main/java/org/opendaylight/openflowjava/protocol/impl/clients/ClientSslContextFactory.java

   1 /*
   2  * Copyright (c) 2013 Pantheon Technologies s.r.o. and others. All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8
   9 package org.opendaylight.openflowjava.protocol.impl.clients;
  10
  11 import java.security.KeyStore;
  12 import java.security.Security;
  13
  14 import javax.net.ssl.KeyManagerFactory;
  15 import javax.net.ssl.SSLContext;
  16 import javax.net.ssl.TrustManagerFactory;
  17
  18 /**
  19  * Class for setting up TLS connection.
  20  *
  21  * @author michal.polkorab
  22  */
  23 public final class ClientSslContextFactory {
  24
  25     private ClientSslContextFactory() {
  26         throw new UnsupportedOperationException("Utility class shouldn't be instantiated");
  27     }
  28
  29     // "TLS" - supports some version of TLS
  30     // Use "TLSv1", "TLSv1.1", "TLSv1.2" for specific TLS version
  31     private static final String PROTOCOL = "TLS";
  32     private static final SSLContext CLIENT_CONTEXT;
  33
  34     static {
  35         String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm");
  36         if (algorithm == null) {
  37             algorithm = "SunX509";
  38         }
  39
  40         SSLContext clientContext;
  41         try {
  42             KeyStore ks = KeyStore.getInstance("JKS");
  43             ks.load(ClientSslKeyStore.asInputStream(),
  44                     ClientSslKeyStore.getKeyStorePassword());
  45
  46             KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
  47             kmf.init(ks, ClientSslKeyStore.getCertificatePassword());
  48
  49             KeyStore ts = KeyStore.getInstance("JKS");
  50             ts.load(ClientSslTrustStore.asInputStream(),
  51                     ClientSslTrustStore.getKeyStorePassword());
  52
  53             TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);
  54             tmf.init(ts);
  55
  56             clientContext = SSLContext.getInstance(PROTOCOL);
  57             clientContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
  58         } catch (Exception e) {
  59             throw new Error(
  60                     "Failed to initialize the client-side SSLContext", e);
  61         }
  62
  63         CLIENT_CONTEXT = clientContext;
  64     }
  65
  66     /**
  67      * @return cliencontext
  68      */
  69     public static SSLContext getClientContext() {
  70         return CLIENT_CONTEXT;
  71     }
  72 }