1 /*
2 * Licensed to the Apache Software Foundation (ASF) under one or more
3 * contributor license agreements. See the NOTICE file distributed with
4 * this work for additional information regarding copyright ownership.
5 * The ASF licenses this file to You under the Apache License, Version 2.0
6 * (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17
18 package javax.net.ssl;
19
20 import java.io.FileInputStream;
21 import java.security.AccessController;
22 import java.security.KeyStore;
23 import java.security.PrivilegedAction;
24 import java.security.Provider;
25 import java.security.Security;
26
27 import org.apache.harmony.security.fortress.Engine;
28 import org.apache.harmony.security.fortress.Services;
29
30 /**
31 * Support class for this package.
32 */
33 final class DefaultSSLContext {
34 private static SSLContext defaultSSLContext;
35
36 static synchronized SSLContext getContext() {
37 if (defaultSSLContext == null) {
38 defaultSSLContext = AccessController
39 .doPrivileged(new PrivilegedAction<SSLContext>() {
40 public SSLContext run() {
41 return findDefault();
42 }
43 });
44 }
45 return defaultSSLContext;
46 }
47
48 private static SSLContext findDefault() {
49 // FIXME EXPORT CONTROL
50 for (Provider provider : Services.getProvidersList()) {
51 final Provider.Service service = Engine.door.getService(provider, "SSLContext");
52 if (service != null) {
53 try {
54 SSLContext con = new SSLContext((SSLContextSpi) service.newInstance(null),
55 service.getProvider(), service.getAlgorithm());
56
57 /*
58 * TODO
59 * javax.net.ssl.keyStoreProvider,
60 * javax.net.ssl.trustStoreProvider system property
61 */
62
63 // find KeyStore, KeyManagers
64 KeyManager[] keyManagers = null;
65 KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
66 String keystore = System.getProperty("javax.net.ssl.keyStore");
67 String keystorepwd = System.getProperty("javax.net.ssl.keyStorePassword");
68 char[] pwd = null;
69 if (keystorepwd != null) {
70 pwd = keystorepwd.toCharArray();
71 }
72 if (keystore != null) {
73 FileInputStream fis = new FileInputStream(keystore);
74 try {
75 ks.load(fis, pwd);
76 } finally {
77 fis.close();
78 }
79 KeyManagerFactory kmf;
80 String kmfAlg = Security.getProperty("ssl.KeyManagerFactory.algorithm");
81 if (kmfAlg == null) {
82 kmfAlg = "SunX509";
83 }
84 kmf = KeyManagerFactory.getInstance(kmfAlg);
85 kmf.init(ks, pwd);
86 keyManagers = kmf.getKeyManagers();
87 }
88
89 // find TrustStore, TrustManagers
90 TrustManager[] trustManagers = null;
91 keystore = System.getProperty("javax.net.ssl.trustStore");
92 keystorepwd = System.getProperty("javax.net.ssl.trustStorePassword");
93 pwd = null;
94 if (keystorepwd != null) {
95 pwd = keystorepwd.toCharArray();
96 }
97 // TODO Defaults: jssecacerts; cacerts
98 if (keystore != null) {
99 FileInputStream fis = new FileInputStream(keystore);
100 try {
101 ks.load(fis, pwd);
102 } finally {
103 fis.close();
104 }
105 TrustManagerFactory tmf;
106 String tmfAlg = Security.getProperty("ssl.TrustManagerFactory.algorithm");
107 if (tmfAlg == null) {
108 tmfAlg = "PKIX";
109 }
110 tmf = TrustManagerFactory.getInstance(tmfAlg);
111 tmf.init(ks);
112 trustManagers = tmf.getTrustManagers();
113 }
114
115 con.init(keyManagers, trustManagers, null);
116 return con;
117 } catch (Exception e) {
118 // ignore and try another
119 }
120 }
121 }
122 return null;
123 }
124 }