Add a script to regenerate the VNC client's certificate store
[invirt/packages/invirt-vnc-client.git] / InvirtTrustManager.java
1 /*
2  * Copyright 2006 Perry Nguyen <pfnguyen@hanhuy.com>
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 import java.io.IOException;
16 import java.io.InputStream;
17 import java.security.KeyStore;
18 import java.security.KeyStoreException;
19 import java.security.NoSuchAlgorithmException;
20 import java.security.cert.CertificateException;
21 import java.security.cert.X509Certificate;
22 import java.util.Enumeration;
23 import java.util.logging.Level;
24 import java.util.logging.Logger;
25
26 import javax.net.ssl.TrustManager;
27 import javax.net.ssl.TrustManagerFactory;
28 import javax.net.ssl.X509TrustManager;
29
30 public class InvirtTrustManager implements X509TrustManager {
31     private X509TrustManager trustManager;
32     private final static char[] KEY_STORE_PASSWORD =
33         { 'f', 'o', 'o', 'b', 'a', 'r' };
34     private final static String KEY_STORE_RESOURCE =
35         "trust.store";
36
37     private KeyStore loadKeyStore() throws Exception {
38         InputStream in = getClass().getClassLoader().getResourceAsStream(
39                 KEY_STORE_RESOURCE);
40         KeyStore ks = null;
41         try {
42             if (in == null) {
43                 //log.severe("Unable to open KeyStore");
44                 throw new NullPointerException();
45             }
46             ks = KeyStore.getInstance(KeyStore.getDefaultType());
47             ks.load(in, KEY_STORE_PASSWORD);
48             /*if (log.isLoggable(Level.FINEST)) {
49                 for (Enumeration<String> aliases = ks.aliases();
50                 aliases.hasMoreElements();) {
51                     String alias = aliases.nextElement();
52                     log.finest("ALIAS: " + alias);
53                 }
54                 }*/
55         } catch (NoSuchAlgorithmException e) {
56             throwError(e);
57         } catch (CertificateException e) {
58             throwError(e);
59         } catch (IOException e) {
60             throwError(e);
61         } catch (KeyStoreException e) {
62             throwError(e);
63         } finally {
64             try {
65                 if (in != null)
66                     in.close();
67             }
68             catch (IOException e) { } // ignore
69         }
70         return ks;
71     }
72     private void createTrustManager() {
73         try {
74             try {
75                 KeyStore keystore = loadKeyStore();
76                 TrustManagerFactory factory = TrustManagerFactory.getInstance(
77                                                                               TrustManagerFactory.getDefaultAlgorithm());
78                 factory.init(keystore);
79                 TrustManager[] trustManagers = factory.getTrustManagers();
80                 if (trustManagers.length == 0)
81                     throw new IllegalStateException("No trust manager found");
82                 setTrustManager((X509TrustManager) trustManagers[0]);
83             } catch (NoSuchAlgorithmException e) {
84                 throwError(e);
85             } catch (KeyStoreException e) {
86                 throwError(e);
87             }
88         } catch (Exception e) {
89             e.printStackTrace();
90         }
91     }
92     private void throwError(Exception e) throws Exception {
93         //HttpClientError error = new HttpClientError(e.getMessage());
94         //error.initCause(e);
95         throw e;
96     }
97     public X509TrustManager getTrustManager() {
98         if (trustManager == null)
99             createTrustManager();
100         return trustManager;
101     }
102
103     public void setTrustManager(X509TrustManager trustManager) {
104         this.trustManager = trustManager;
105     }
106
107     public void checkClientTrusted(X509Certificate[] chain, String authType)
108             throws CertificateException {
109         getTrustManager().checkClientTrusted(chain, authType);
110     }
111
112     public void checkServerTrusted(X509Certificate[] chain, String authType)
113             throws CertificateException {
114         getTrustManager().checkServerTrusted(chain, authType);
115
116     }
117
118     public X509Certificate[] getAcceptedIssuers() {
119         return getTrustManager().getAcceptedIssuers();
120     }
121
122 }