Project Report: fawkez

Packagesummary org.jcoderz.commons.connector.http.transport

org.jcoderz.commons.connector.http.transport.SslSocketFactory

LineHitsNoteSource
1  /*
2   * $Id: SslSocketFactory.java 1011 2008-06-16 17:57:36Z amandel $
3   *
4   * Copyright 2006, The jCoderZ.org Project. All rights reserved.
5   *
6   * Redistribution and use in source and binary forms, with or without
7   * modification, are permitted provided that the following conditions are
8   * met:
9   *
10   *    * Redistributions of source code must retain the above copyright
11   *      notice, this list of conditions and the following disclaimer.
12   *    * Redistributions in binary form must reproduce the above
13   *      copyright notice, this list of conditions and the following
14   *      disclaimer in the documentation and/or other materials
15   *      provided with the distribution.
16   *    * Neither the name of the jCoderZ.org Project nor the names of
17   *      its contributors may be used to endorse or promote products
18   *      derived from this software without specific prior written
19   *      permission.
20   *
21   * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS "AS IS" AND
22   * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24   * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS AND CONTRIBUTORS
25   * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28   * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
29   * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
30   * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
31   * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32   */
33  package org.jcoderz.commons.connector.http.transport;
34  
35  import java.io.FileInputStream;
36  import java.io.FileNotFoundException;
37  import java.io.IOException;
38  import java.net.InetAddress;
39  import java.net.Socket;
40  import java.net.SocketAddress;
41  import java.net.InetSocketAddress;
42  import java.net.UnknownHostException;
43  import java.security.GeneralSecurityException;
44  import java.security.KeyStore;
45  import java.security.Security;
46  import java.util.logging.Logger;
47  
48  import javax.net.ssl.KeyManager;
49  import javax.net.ssl.SSLContext;
50  import javax.net.ssl.SSLSocketFactory;
51  import javax.net.ssl.TrustManager;
52  import javax.net.ssl.TrustManagerFactory;
53  
54  import org.apache.commons.httpclient.ConnectTimeoutException;
55  import org.apache.commons.httpclient.params.HttpConnectionParams;
56  import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
57  import org.jcoderz.commons.connector.InitializingSslFailedException;
58  import org.jcoderz.commons.util.Assert;
59  
60  
61  
62  /**
63   * Factory used to create SSLSocket.
64   */
65 (1)public final class SslSocketFactory
66        implements SecureProtocolSocketFactory
67  {
68     /** The class name used for logging */
690    private static final String CLASSNAME = SslSocketFactory.class.getName();
70     /** The logger in use */
710    private static final Logger logger = Logger.getLogger(CLASSNAME);
72  
73     /** Cache for SSLSocketFactories */
740    private static final ThreadLocal SSL_SOCKET_FACTORIES = new ThreadLocal();
75  
76     private final String mKeyStoreLocation;
77     private final String mKeyStorePassword;
78     private final String mTrustStoreLocation;
79     private final String mTrustStorePassword;
80     private final String mKeyAlias;
81     private final String mKeyPassword;
820    private KeyStore mKeyStore = null;
830    private KeyStore mTrustStore = null;
84  
85     /**
86      * Constructor.
87      * @param keyStoreLocation
88    * the location of the key store in use
89      * @param keyStorePassword
90    * the password of the key store in use
91      * @param trustStoreLocation
92    * the location of the trust store in use
93      * @param trustStorePassword
94    * the password of the trust store in use
95      * @param keyAlias
96    * the alias of the key in use
97      * @param keyPassword
98    * the password of the key in use
99      */
100     public SslSocketFactory (
101           String keyStoreLocation,
102           String keyStorePassword,
103           String trustStoreLocation,
104           String trustStorePassword,
105           String keyAlias,
106           String keyPassword)
1070    {
1080       Assert.notNull(keyStoreLocation, "keyStoreLocation");
1090       Assert.notNull(keyStorePassword, "keyStorePassword");
1100       Assert.notNull(trustStoreLocation, "trustStoreLocation");
1110       Assert.notNull(trustStorePassword, "trustStorePassword");
1120       Assert.notNull(keyAlias, "keyAlias");
1130       Assert.notNull(keyPassword, "keyPassword");
1140       mKeyStoreLocation = keyStoreLocation;
1150       mKeyStorePassword = keyStorePassword;
1160       mTrustStoreLocation = trustStoreLocation;
1170       mTrustStorePassword = trustStorePassword;
1180       mKeyAlias = keyAlias;
1190       mKeyPassword = keyPassword;
1200    }
121  
122    /**
123     * Constructor.
124     * @param keyStore the keystore to use
125     * @param trustStore the truststore in use
126     * @param keyAlias the alias of the key in use
127     * @param keyPassword the password of the key in use
128     */
129     public SslSocketFactory (
130           KeyStore keyStore,
131           KeyStore trustStore,
132           String keyAlias,
133           String keyPassword)
1340    {
1350       Assert.notNull(keyStore, "keyStore");
1360       Assert.notNull(keyAlias, "keyAlias");
1370       Assert.notNull(keyPassword, "keyPassword");
1380       mKeyStore = keyStore;
1390       mTrustStore = trustStore;
1400       mKeyAlias = keyAlias;
1410       mKeyPassword = keyPassword;
1420       mKeyStoreLocation = null;
1430       mKeyStorePassword = null;
1440       mTrustStoreLocation = null;
1450       mTrustStorePassword = null;
1460    }
147  
148     /**
149      * Gets a CtsKeyManager as a specific X509KeyManager for the alias in use.
150      *
151      * @return KeyManager[] contains only one KeyManager for the alias in use
152      * @throws GeneralSecurityException
153    * in case of an keystore failure
154      */
155     private KeyManager[] getKeyManagers ()
156     {
1570       final KeyManager manager
158              = new HttpsKeyManager(null, mKeyStore, mKeyAlias, mKeyPassword);
1590       final KeyManager[] managers = {manager};
1600(2)(3)      return managers;
161     }
162  
163     /**
164      * Gets the TrustManagers for the specified algorithm.
165      *
166      * @return TrustManager[] the TrustManger for the algorithm
167      * @throws GeneralSecurityException
168    * in case of an keystore failure
169      */
170     private TrustManager[] getTrustManagers ()
171           throws GeneralSecurityException
172     {
1730       final TrustManagerFactory tmf
174              = TrustManagerFactory.getInstance(
175                    Security.getProperty("ssl.TrustManagerFactory.algorithm"));
1760       tmf.init(mTrustStore);
1770       return tmf.getTrustManagers();
178     }
179  
180     private SSLSocketFactory getSslSocketFactory ()
181           throws IOException, FileNotFoundException
182     {
183        SSLSocketFactory result;
1840       result = (SSLSocketFactory) SSL_SOCKET_FACTORIES.get();
185  
1860       if (result == null)
187        {
1880          logger.fine("Creating new SSL_SOCKET_FACTORY for Thread.");
1890          SSLContext ctx = null;
190           try
191           {
192              // loading keystore/truststore if necessary (test mode only!!)
1930             if (mKeyStore == null)
194              {
1950                logger.finest("Loading keystore from file system - "
196                       + mKeyStoreLocation);
1970                final char[] passphraseKeyStore
198                       = mKeyStorePassword.toCharArray();
1990                mKeyStore = KeyStore.getInstance("JKS");
2000(4)(5)               mKeyStore.load(new FileInputStream(
201                       mKeyStoreLocation), passphraseKeyStore);
202              }
2030             if (mTrustStore == null)
204              {
2050                logger.finest("Loading truststore from file system - "
206                       + mTrustStoreLocation);
2070                final char[] passphraseTrustStore
208                       = mTrustStorePassword.toCharArray();
2090                mTrustStore = KeyStore.getInstance("JKS");
2100                mTrustStore.load(new FileInputStream(
211                       mTrustStoreLocation), passphraseTrustStore);
212              }
213  
2140             if (!mKeyStore.containsAlias(mKeyAlias))
215              {
2160                final String reason
217                       = "Keystore does not contain key for alias "
218                          + "<" + mKeyAlias + ">";
2190                final InitializingSslFailedException sse
220                       = new InitializingSslFailedException(reason);
2210                throw sse;
222              }
2230             ctx = SSLContext.getInstance("TLS");
2240             ctx.init(getKeyManagers(), getTrustManagers(), null);
225           }
2260          catch (GeneralSecurityException gse)
227           {
2280             final String reason = gse.getMessage();
2290             final InitializingSslFailedException sse
230                    = new InitializingSslFailedException(reason, gse);
2310             throw sse;
2320          }
2330          result = ctx.getSocketFactory();
2340          SSL_SOCKET_FACTORIES.set(result);
235        }
2360       return result;
237     }
238  
239     /** {@inheritDoc} */
240     public Socket createSocket (
241           String host, int port, InetAddress localAddress ,
242           int localPort, HttpConnectionParams params)
243 (6)         throws IOException, UnknownHostException, ConnectTimeoutException
244     {
245        // This is an IBM JSSE workaround: SSLSocket.connect() does not
246        // connect the socket in the IBM JSSE implementation, so we
247        // first connect a plain TCP socket and then layer it with an
248        // SSL Socket.
2490       final Socket tcpSock = new Socket();
2500       final SocketAddress endPoint = new InetSocketAddress(host, port);
2510       tcpSock.connect(endPoint, params.getConnectionTimeout());
2520       final Socket sock
253              = getSslSocketFactory().createSocket(tcpSock, host, port, true);
2540(7)      return sock;
255     }
256  
257     /** {@inheritDoc} */
258     public Socket createSocket (String host, int port)
259           throws IOException, UnknownHostException
260     {
2610(8)      throw new UnsupportedOperationException("Method not supported");
262     }
263  
264     /** {@inheritDoc} */
265     public Socket createSocket (
266           Socket socket, String host, int port, boolean autoClose)
267     {
2680(9)      throw new UnsupportedOperationException("Method not supported");
269     }
270  
271     /** {@inheritDoc} */
272     public Socket createSocket (
273           String arg0, int arg1, InetAddress arg2, int arg3)
274           throws IOException, UnknownHostException
275     {
2760(10)      throw new UnsupportedOperationException("Method not supported");
277     }
278  }

Findings in this File

c (1) 65 : 0 Type Javadoc comment is missing an @author tag.
w (2) 160 : 0 method org.jcoderz.commons.connector.http.transport.SslSocketFactory.getKeyManagers() stores return result in local before immediately returning it
c (3) 160 : 7 Consider simply returning the value vs storing it in local variable 'managers'
w (4) 200 : 0 Method org.jcoderz.commons.connector.http.transport.SslSocketFactory.getSslSocketFactory() may fail to clean up stream or resource of type java.io.InputStream
w (5) 200 : 0 org.jcoderz.commons.connector.http.transport.SslSocketFactory.getSslSocketFactory() may fail to close stream
c (6) 243 : 52 Unable to get class information for ConnectTimeoutException.
w (7) 254 : 0 method org.jcoderz.commons.connector.http.transport.SslSocketFactory.createSocket(String, int, InetAddress, int, HttpConnectionParams) stores return result in local before immediately returning it
i (8) 261 : 0 method org.jcoderz.commons.connector.http.transport.SslSocketFactory.createSocket(String, int) throws exception with static message string
i (9) 268 : 0 method org.jcoderz.commons.connector.http.transport.SslSocketFactory.createSocket(Socket, String, int, boolean) throws exception with static message string
i (10) 276 : 0 method org.jcoderz.commons.connector.http.transport.SslSocketFactory.createSocket(String, int, InetAddress, int) throws exception with static message string