View Javadoc
1   /* 
2    * Copyright (C) 2016 Hobrasoft s.r.o.
3    *
4    * This program is free software: you can redistribute it and/or modify
5    * it under the terms of the GNU Affero General Public License as published by
6    * the Free Software Foundation, either version 3 of the License, or
7    * (at your option) any later version.
8    *
9    * This program is distributed in the hope that it will be useful,
10   * but WITHOUT ANY WARRANTY; without even the implied warranty of
11   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12   * GNU Affero General Public License for more details.
13   *
14   * You should have received a copy of the GNU Affero General Public License
15   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
16   */
17  package cz.hobrasoft.pdfmu.operation.signature;
18  
19  import cz.hobrasoft.pdfmu.error.ErrorType;
20  import cz.hobrasoft.pdfmu.operation.OperationException;
21  import java.io.File;
22  import java.util.AbstractMap;
23  import java.util.logging.Logger;
24  import org.apache.commons.io.FilenameUtils;
25  
26  /**
27   * SSL keystore (that is TrustStore or private KeyStore) configurator.
28   *
29   * @author <a href="mailto:filip.bartek@hobrasoft.cz">Filip Bartek</a>
30   * @see
31   * <a href="https://access.redhat.com/documentation/en-US/Fuse_MQ_Enterprise/7.1/html/Security_Guide/files/SSL-SysProps.html">Configuring
32   * JSSE System Properties</a>
33   * @see
34   * <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#KeyStore">KeyStore
35   * Types</a>
36   * @see
37   * <a href="http://docs.oracle.com/cd/E19509-01/820-3503/6nf1il6er/index.html">Generating
38   * a KeyStore and TrustStore</a>
39   */
40  public enum SslKeystore {
41      /**
42       * The keystore that contains the private keys used for authorization. The
43       * respective system property keys start with the prefix
44       * {@code javax.net.ssl.keyStore}.
45       */
46      PRIVATE("javax.net.ssl.keyStore",
47              "javax.net.ssl.keyStorePassword",
48              "javax.net.ssl.keyStoreType",
49              "SSL KeyStore",
50              ErrorType.SSL_KEYSTORE_NOT_FOUND),
51      /**
52       * The keystore that contains the certificates of the trusted certificate
53       * authorities. The respective system property keys start with the prefix
54       * {@code javax.net.ssl.trustStore}.
55       */
56      TRUSTSTORE("javax.net.ssl.trustStore",
57              "javax.net.ssl.trustStorePassword",
58              "javax.net.ssl.trustStoreType",
59              "SSL TrustStore",
60              ErrorType.SSL_TRUSTSTORE_NOT_FOUND);
61  
62      private static final Logger LOGGER = Logger.getLogger(SslKeystore.class.getName());
63  
64      private final String keyLocation;
65      private final String keyPassword;
66      private final String keyType;
67      private final String name;
68      private final ErrorType errorTypeNotFound;
69  
70      private SslKeystore(String location,
71              String password,
72              String type,
73              String name,
74              ErrorType errorTypeNotFound) {
75          this.keyLocation = location;
76          this.keyPassword = password;
77          this.keyType = type;
78          this.name = name;
79          this.errorTypeNotFound = errorTypeNotFound;
80      }
81  
82      /**
83       * @return a short description of this keystore
84       */
85      public String getName() {
86          return name;
87      }
88  
89      /**
90       * Set the system properties that configure this SSL keystore.
91       *
92       * @param file the keystore file
93       * @param type the type of the keystore
94       * @param password the password of the keystore
95       * @throws OperationException if the keystore file does not exist
96       */
97      public void setSystemProperties(File file, String type, String password) throws OperationException {
98          if (file != null) {
99              // https://access.redhat.com/documentation/en-US/Fuse_MQ_Enterprise/7.1/html/Security_Guide/files/SSL-SysProps.html
100             // > On Windows, the specified pathname must use forward slashes, /, in place of backslashes, \.
101             String location = FilenameUtils.separatorsToUnix(file.getPath());
102             if (!file.exists()) {
103                 throw new OperationException(errorTypeNotFound,
104                         new AbstractMap.SimpleEntry<String, Object>("location", location));
105             }
106             LOGGER.info(String.format("%s: Configuring to use the keystore file %s.", name, location));
107             System.setProperty(keyLocation, location);
108         }
109 
110         if (type != null) {
111             if (file == null) {
112                 LOGGER.warning(String.format("%s: Type has been specified but location has not.", name));
113             }
114             // TODO: Warn if `file` extension is inconsistent with `type`
115             System.setProperty(keyType, type);
116         }
117 
118         if (password != null) {
119             if (file == null) {
120                 LOGGER.warning(String.format("%s: Password has been specified but location has not.", name));
121             }
122             System.setProperty(keyPassword, password);
123         }
124     }
125 }