Skip to content

Instantly share code, notes, and snippets.

@edwardbeckett

edwardbeckett/SecurityManager.java

Last active December 18, 2015 19:01
Show Gist options
  • Save edwardbeckett/485b9610d65066fa1c8b to your computer and use it in GitHub Desktop.
Save edwardbeckett/485b9610d65066fa1c8b to your computer and use it in GitHub Desktop.
Download ZIP
SSL Builder ;)
Raw
SecurityManager.java
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* @author Edward Beckett <[email protected]>
* @since 12/17/2015
*/
public class SecurityManager {
private static final Logger log = LoggerFactory.getLogger(SecurityManager.class);
private KeyManager[] keyManager;
private final String keyStore;
private final String keyStorePass;
private final String keyStoreType;
private TrustManager[] trustManager;
private final String trustStore;
private final String trustStorePass;
private final String trustStoreType;
private SecurityManager(SSLBuilder SSLBuilder) {
keyManager = SSLBuilder.keyManager;
keyStore = SSLBuilder.keyStore;
keyStorePass = SSLBuilder.keyStorePass;
keyStoreType = SSLBuilder.keyStoreType;
trustManager = SSLBuilder.trustManager;
trustStore = SSLBuilder.trustStore;
trustStorePass = SSLBuilder.trustStorePass;
trustStoreType = SSLBuilder.trustStoreType;
}
public static class SSLBuilder {
private KeyManager[] keyManager;
private final String keyStore;
private final String keyStorePass;
private String keyStoreType;
private TrustManager[] trustManager;
private String trustStore;
private String trustStoreType;
private String trustStorePass;
public SSLBuilder(String keyStore, String keyStorePass) {
this.keyStore = keyStore;
this.keyStorePass = keyStorePass;
getKeyManager(keyStore, keyStorePass);
}
public SSLBuilder keyStoreType(String keyStoreType) {
this.keyStoreType = keyStoreType;
getKeyManager(keyStore, keyStorePass, keyStoreType);
return this;
}
public SSLBuilder trustStore(String trustStore, String trustStorePass) {
this.trustStore = trustStore;
this.trustStorePass = trustStorePass;
getTrustManager(trustStore, trustStorePass);
return this;
}
public SSLBuilder trustStoreType(String trustStoreType) {
this.trustStoreType = trustStoreType;
getTrustManager(trustStore, trustStorePass, trustStoreType);
return this;
}
private SSLBuilder getKeyManager(String keyStore, String keyStorePass) {
getKeyManager(keyStore, keyStorePass, KeyStore.getDefaultType());
return this;
}
private SSLBuilder getKeyManager(String keyStore, String keyStorePass, String keyStoreType) {
KeyManagerFactory kmf;
KeyManager[] keyManager = null;
KeyStore ks;
try {
kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
ks = KeyStore.getInstance(keyStoreType);
byte[] sslCert = getResource(keyStore);
if (sslCert != null && sslCert.length > 0) {
ByteArrayInputStream bin = new ByteArrayInputStream(sslCert);
ks.load(bin, keyStorePass.toCharArray());
kmf.init(ks, keyStorePass.toCharArray());
keyManager = kmf.getKeyManagers();
}
} catch (UnrecoverableKeyException | NoSuchAlgorithmException | CertificateException | IOException | KeyStoreException e) {
log.debug("Error initializing KeyManager [{}]", e.fillInStackTrace());
}
this.keyManager = keyManager;
return this;
}
private SSLBuilder getTrustManager(String trustStore, String trustStorePass) {
getTrustManager(trustStore, trustStorePass, KeyStore.getDefaultType());
return this;
}
private SSLBuilder getTrustManager(String trustStore, String trustStorePass, String trustStoreType) {
TrustManagerFactory tmf;
TrustManager[] trustManager = null;
KeyStore trustedCertStore;
try {
tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustedCertStore = KeyStore.getInstance(trustStoreType);
trustedCertStore.load(SecurityManager.class.getResourceAsStream(trustStore), trustStorePass.toCharArray());
tmf.init(trustedCertStore);
trustManager = tmf.getTrustManagers();
} catch (CertificateException | IOException | KeyStoreException | NoSuchAlgorithmException e) {
log.debug("Error initializing TrustManager [{}]", e.fillInStackTrace());
}
this.trustManager = trustManager;
return this;
}
public SecurityManager build() {
return new SecurityManager(this);
}
}
private static byte[] getResource(String resource) {
InputStream in = SecurityManager.class.getClassLoader().getResourceAsStream(resource);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
try {
if (in != null) {
byte[] buffer = new byte[1024];
int r = in.read(buffer);
while (r > 0) {
baos.write(buffer, 0, r);
r = in.read(buffer);
}
in.close();
}
} catch (IOException e) {
log.debug("Exception loading SSL resource [{}]", e.getMessage());
}
return baos.toByteArray();
}
public KeyManager[] getKeyManager() {
return keyManager;
}
public TrustManager[] getTrustManager() {
return trustManager;
}
public String getKeyStore() {
return keyStore;
}
public String getKeyStorePass() {
return keyStorePass;
}
public String getKeyStoreType() {
return keyStoreType;
}
public String getTrustStore() {
return trustStore;
}
public String getTrustStorePass() {
return trustStorePass;
}
public String getTrustStoreType() {
return trustStoreType;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment