1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18 package javax.net.ssl; 19 20 import java.io.FileInputStream; 21 import java.security.AccessController; 22 import java.security.KeyStore; 23 import java.security.PrivilegedAction; 24 import java.security.Provider; 25 import java.security.Security; 26 27 import org.apache.harmony.security.fortress.Engine; 28 import org.apache.harmony.security.fortress.Services; 29 30 /** 31 * Support class for this package. 32 */ 33 final class DefaultSSLContext { 34 private static SSLContext defaultSSLContext; 35 36 static synchronized SSLContext getContext() { 37 if (defaultSSLContext == null) { 38 defaultSSLContext = AccessController 39 .doPrivileged(new PrivilegedAction<SSLContext>() { 40 public SSLContext run() { 41 return findDefault(); 42 } 43 }); 44 } 45 return defaultSSLContext; 46 } 47 48 private static SSLContext findDefault() { 49 // FIXME EXPORT CONTROL 50 for (Provider provider : Services.getProvidersList()) { 51 final Provider.Service service = Engine.door.getService(provider, "SSLContext"); 52 if (service != null) { 53 try { 54 SSLContext con = new SSLContext((SSLContextSpi) service.newInstance(null), 55 service.getProvider(), service.getAlgorithm()); 56 57 /* 58 * TODO 59 * javax.net.ssl.keyStoreProvider, 60 * javax.net.ssl.trustStoreProvider system property 61 */ 62 63 // find KeyStore, KeyManagers 64 KeyManager[] keyManagers = null; 65 KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); 66 String keystore = System.getProperty("javax.net.ssl.keyStore"); 67 String keystorepwd = System.getProperty("javax.net.ssl.keyStorePassword"); 68 char[] pwd = null; 69 if (keystorepwd != null) { 70 pwd = keystorepwd.toCharArray(); 71 } 72 if (keystore != null) { 73 FileInputStream fis = new FileInputStream(keystore); 74 try { 75 ks.load(fis, pwd); 76 } finally { 77 fis.close(); 78 } 79 KeyManagerFactory kmf; 80 String kmfAlg = Security.getProperty("ssl.KeyManagerFactory.algorithm"); 81 if (kmfAlg == null) { 82 kmfAlg = "SunX509"; 83 } 84 kmf = KeyManagerFactory.getInstance(kmfAlg); 85 kmf.init(ks, pwd); 86 keyManagers = kmf.getKeyManagers(); 87 } 88 89 // find TrustStore, TrustManagers 90 TrustManager[] trustManagers = null; 91 keystore = System.getProperty("javax.net.ssl.trustStore"); 92 keystorepwd = System.getProperty("javax.net.ssl.trustStorePassword"); 93 pwd = null; 94 if (keystorepwd != null) { 95 pwd = keystorepwd.toCharArray(); 96 } 97 // TODO Defaults: jssecacerts; cacerts 98 if (keystore != null) { 99 FileInputStream fis = new FileInputStream(keystore); 100 try { 101 ks.load(fis, pwd); 102 } finally { 103 fis.close(); 104 } 105 TrustManagerFactory tmf; 106 String tmfAlg = Security.getProperty("ssl.TrustManagerFactory.algorithm"); 107 if (tmfAlg == null) { 108 tmfAlg = "PKIX"; 109 } 110 tmf = TrustManagerFactory.getInstance(tmfAlg); 111 tmf.init(ks); 112 trustManagers = tmf.getTrustManagers(); 113 } 114 115 con.init(keyManagers, trustManagers, null); 116 return con; 117 } catch (Exception e) { 118 // ignore and try another 119 } 120 } 121 } 122 return null; 123 } 124 } 125
