001/**
002 * Logback: the reliable, generic, fast and flexible logging framework.
003 * Copyright (C) 1999-2015, QOS.ch. All rights reserved.
004 *
005 * This program and the accompanying materials are dual-licensed under
006 * either the terms of the Eclipse Public License v1.0 as published by
007 * the Eclipse Foundation
008 *
009 *   or (per the licensee's choosing)
010 *
011 * under the terms of the GNU Lesser General Public License version 2.1
012 * as published by the Free Software Foundation.
013 */
014package ch.qos.logback.core.net.ssl;
015
016import java.io.FileNotFoundException;
017import java.io.IOException;
018import java.io.InputStream;
019import java.net.URL;
020import java.security.KeyStore;
021import java.security.KeyStoreException;
022import java.security.NoSuchAlgorithmException;
023import java.security.NoSuchProviderException;
024
025import ch.qos.logback.core.util.LocationUtil;
026
027/**
028 * A factory bean for a JCA {@link KeyStore}.
029 * <p>
030 * This object holds the configurable properties of a key store and uses
031 * them to create and load a {@link KeyStore} instance.
032 *
033 * @author Carl Harris
034 */
035public class KeyStoreFactoryBean {
036
037    private String location;
038    private String provider;
039    private String type;
040    private String password;
041
042    /**
043     * Creates a new {@link KeyStore} using the receiver's configuration.
044     * @return key store
045     * @throws NoSuchProviderException if the provider specified by 
046     *    {@link #setProvider(String)} is not known to the platform
047     * @throws NoSuchAlgorithmException if the key store type specified by
048     *    {@link #setType(String)} is not known to the specified provider
049     *    (or the platform's default provider if the provider isn't specified)
050     * @throws KeyStoreException if some other error occurs in loading
051     *    the key store from the resource specified by 
052     *    {@link #setLocation(String)}
053     */
054    public KeyStore createKeyStore() throws NoSuchProviderException, NoSuchAlgorithmException, KeyStoreException {
055
056        if (getLocation() == null) {
057            throw new IllegalArgumentException("location is required");
058        }
059
060        InputStream inputStream = null;
061        try {
062            URL url = LocationUtil.urlForResource(getLocation());
063            inputStream = url.openStream();
064            KeyStore keyStore = newKeyStore();
065            keyStore.load(inputStream, getPassword().toCharArray());
066            return keyStore;
067        } catch (NoSuchProviderException ex) {
068            throw new NoSuchProviderException("no such keystore provider: " + getProvider());
069        } catch (NoSuchAlgorithmException ex) {
070            throw new NoSuchAlgorithmException("no such keystore type: " + getType());
071        } catch (FileNotFoundException ex) {
072            throw new KeyStoreException(getLocation() + ": file not found");
073        } catch (Exception ex) {
074            throw new KeyStoreException(getLocation() + ": " + ex.getMessage(), ex);
075        } finally {
076            try {
077                if (inputStream != null) {
078                    inputStream.close();
079                }
080            } catch (IOException ex) {
081                ex.printStackTrace(System.err);
082            }
083        }
084    }
085
086    /**
087     * Invokes the appropriate JCE factory method to obtain a new
088     * {@link KeyStore} object.
089     */
090    private KeyStore newKeyStore() throws NoSuchAlgorithmException, NoSuchProviderException, KeyStoreException {
091
092        return getProvider() != null ? KeyStore.getInstance(getType(), getProvider()) : KeyStore.getInstance(getType());
093    }
094
095    /**
096     * Gets the location of the key store resource.
097     * @return a String containing a URL for the resource
098     */
099    public String getLocation() {
100        return location;
101    }
102
103    /**
104     * Sets the location of the key store resource.
105     * @param location a String containing a URL for the resource; if the 
106     *    URL string isn't prefixed by a scheme, the path is assumed to be 
107     *    relative to the root of the classpath.
108     */
109    public void setLocation(String location) {
110        this.location = location;
111    }
112
113    /**
114     * Gets the type of key store to load.
115     * @return a key store type name (e.g. {@code JKS}); the 
116     *    {@link SSL#DEFAULT_KEYSTORE_TYPE} is returned if no type has been configured
117     */
118    public String getType() {
119        if (type == null) {
120            return SSL.DEFAULT_KEYSTORE_TYPE;
121        }
122        return type;
123    }
124
125    /**
126     * Sets the type of key store to load.
127     * @param type a key store type name (e.g. {@code JKS}, {@code PKCS12});
128     *    the type specified must be supported by the provider specified by
129     *    {@link #setProvider(String)} or by the platform's default provider
130     *    if no provider is specified
131     */
132    public void setType(String type) {
133        this.type = type;
134    }
135
136    /**
137     * Gets the JCA key store provider name.
138     * @return provider name or {@code null} if no provider has been configured
139     */
140    public String getProvider() {
141        return provider;
142    }
143
144    /**
145     * Sets the JCA key store provider name.
146     * @param provider name of the JCA provider to utilize in creating the
147     *    key store
148     */
149    public void setProvider(String provider) {
150        this.provider = provider;
151    }
152
153    /**
154     * Gets the password to use to access the key store.
155     * @return password string; the {@link SSL#DEFAULT_KEYSTORE_PASSWORD} is returned
156     *    if no password has been configured
157     */
158    public String getPassword() {
159        if (password == null) {
160            return SSL.DEFAULT_KEYSTORE_PASSWORD;
161        }
162        return password;
163    }
164
165    /**
166     * Sets the password to use to access the keystore.
167     * @param password the password to set
168     */
169    public void setPassword(String password) {
170        this.password = password;
171    }
172
173}