View Javadoc

1   /*
2    * $Id: TlsPropertiesMapper.java 10489 2008-01-23 17:53:38Z dfeist $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSource, Inc.  All rights reserved.  http://www.mulesource.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.api.security.tls;
12  
13  import java.io.IOException;
14  import java.util.Properties;
15  
16  import org.apache.commons.logging.Log;
17  import org.apache.commons.logging.LogFactory;
18  
19  /**
20   * Move a {@link TlsConfiguration} to and from Properties (typically System Properties).
21   * This can be used to store TLS/SSL configuration for a library (eg. Javamail, which
22   * reads java.mail properties) or for later retrieval by {@link TlsPropertiesSocketFactory}.
23   */
24  public class TlsPropertiesMapper
25  {
26  
27      private static final String TRUST_NAME_SUFFIX = ".ssl.trustStore";
28      private static final String TRUST_TYPE_SUFFIX = ".ssl.trustStoreType";
29      private static final String TRUST_PASSWORD_SUFFIX = ".ssl.trustStorePassword";
30      private static final String TRUST_ALGORITHM_SUFFIX = ".ssl.trustManagerAlgorithm";
31  
32      private static final String KEY_NAME_SUFFIX = ".ssl.keyStore";
33      private static final String KEY_TYPE_SUFFIX = ".ssl.keyStoreType";
34      private static final String KEY_PASSWORD_SUFFIX = ".ssl.keyStorePassword";
35  
36      private Log logger = LogFactory.getLog(getClass());
37      private String namespace;
38  
39      public TlsPropertiesMapper(String namespace)
40      {
41          this.namespace = namespace;
42      }
43  
44      public void writeToProperties(Properties properties, TlsConfiguration configuration)
45      {
46          writeTrustStoreToProperties(properties, configuration);
47          writeKeyStoreToProperties(properties, configuration);
48      }
49  
50      public void readFromProperties(TlsConfiguration configuration, Properties properties) throws IOException
51      {
52          readTrustStoreFromProperties(configuration, properties);
53          readKeyStoreFromProperties(configuration, properties);
54      }
55  
56      private void writeTrustStoreToProperties(Properties properties, TlsConfiguration configuration)
57      {
58          String trustStoreName = configuration.getTrustStore();
59          String trustStorePassword = configuration.getTrustStorePassword();
60  
61          if (null == trustStoreName && !configuration.isExplicitTrustStoreOnly())
62          {
63              logger.info("Defaulting " + namespace + " trust store to client Key Store");
64              trustStoreName = configuration.getClientKeyStore();
65              trustStorePassword = configuration.getClientKeyStorePassword();
66          }
67          if (null != trustStoreName)
68          {
69              synchronized (properties)
70              {
71                  setProperty(properties, TRUST_NAME_SUFFIX, trustStoreName);
72                  setProperty(properties, TRUST_TYPE_SUFFIX, configuration.getTrustStoreType());
73                  setProperty(properties, TRUST_PASSWORD_SUFFIX, trustStorePassword);
74                  setProperty(properties, TRUST_ALGORITHM_SUFFIX, configuration.getTrustManagerAlgorithm());
75              }
76              logger.debug("Set Trust Store: " + namespace + TRUST_NAME_SUFFIX + " = " + trustStoreName);
77          }
78      }
79  
80      private void readTrustStoreFromProperties(TlsConfiguration configuration, Properties properties) 
81      throws IOException
82      {
83          configuration.setTrustStore(
84              getProperty(properties, TRUST_NAME_SUFFIX, configuration.getTrustStore()));
85          configuration.setTrustStoreType(
86              getProperty(properties, TRUST_TYPE_SUFFIX, configuration.getTrustStoreType()));
87          configuration.setTrustStorePassword(
88              getProperty(properties, TRUST_PASSWORD_SUFFIX, configuration.getTrustStorePassword()));
89          configuration.setTrustManagerAlgorithm(
90              getProperty(properties, TRUST_ALGORITHM_SUFFIX, configuration.getTrustManagerAlgorithm()));
91      }
92  
93      private void writeKeyStoreToProperties(Properties properties, TlsConfiguration configuration) 
94      {
95          if (null != configuration.getClientKeyStore())
96          {
97              synchronized (properties)
98              {
99                  setProperty(properties, KEY_NAME_SUFFIX, configuration.getClientKeyStore());
100                 setProperty(properties, KEY_TYPE_SUFFIX, configuration.getClientKeyStoreType());
101                 setProperty(properties, KEY_PASSWORD_SUFFIX, configuration.getClientKeyStorePassword());
102             }
103             logger.info("Set Key Store: " + namespace + KEY_NAME_SUFFIX + " = " + configuration.getClientKeyStore());
104         }
105     }
106 
107     // note the asymmetry here.  this preserves the semantics of the original implementation.
108 
109     // originally, the "client" keystore data were written to system properties (only) and
110     // used implicitly to construct sockets, while "non-client" keystore information was
111     // used explicitly.
112 
113     // now we construct some of those implicit sockets explicitly (as part of avoiding global
114     // configuration for tls across all transports).  in these cases we read the data needed
115     // from (namespaced) proeprties.  if we read that information back into "non-client" keystore
116     // data, even though it was written from "client" data, then we can use the same code in
117     // TlsConfiguration to generate the sockets in both cases.
118 
119     private void readKeyStoreFromProperties(TlsConfiguration configuration, Properties properties) 
120     throws IOException 
121     {
122         configuration.setKeyStore(
123             getProperty(properties, KEY_NAME_SUFFIX, configuration.getKeyStore()));
124         configuration.setKeyStoreType(
125             getProperty(properties, KEY_TYPE_SUFFIX, configuration.getKeyStoreType()));
126         configuration.setKeyStorePassword(
127             getProperty(properties, KEY_PASSWORD_SUFFIX, configuration.getKeyStorePassword()));
128     }
129 
130 
131     private void setProperty(Properties properties, String suffix, String value)
132     {
133         if (null != value)
134         {
135             properties.setProperty(namespace + suffix, value);
136             if (logger.isDebugEnabled())
137             {
138                 logger.debug(namespace + suffix + " <- " + value);
139             }
140         }
141     }
142 
143     private String getProperty(Properties properties, String suffix, String deflt)
144     {
145         String value = properties.getProperty(namespace + suffix);
146         if (null == value)
147         {
148             value = deflt;
149         }
150         if (logger.isDebugEnabled())
151         {
152             logger.debug(namespace + suffix + " -> " + value);
153         }
154         return value;
155     }
156 
157 }
158 
159