public class SSLSocketFactoryFactory
extends java.lang.Object
The SSLSocketFactoryFactory is configured using IBM SSL properties, i.e. properties of the format "com.ibm.ssl.propertyName", e.g. "com.ibm.ssl.keyStore". The class supports multiple configurations, each configuration is identified using a name or configuration ID. The configuration ID with "null" is used as a default configuration. When a socket factory is being created for a given configuration, properties of that configuration are first picked. If a property is not defined there, then that property is looked up in the default configuration. Finally, if a property element is still not found, then the corresponding system property is inspected, i.e. javax.net.ssl.keyStore. If the system property is not set either, then the system's default value is used (if available) or an exception is thrown.
The SSLSocketFacotryFactory can be reconfigured at any time. A reconfiguration does not affect existing socket factories.
All properties share the same key space; i.e. the configuration ID is not part of the property keys.
The methods should be called in the following order:
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
CIPHERSUITES |
static java.lang.String |
CLIENTAUTH |
static java.lang.String |
DEFAULT_PROTOCOL |
static java.lang.String |
JSSEPROVIDER |
static java.lang.String |
KEYSTORE |
static java.lang.String |
KEYSTOREMGR |
static java.lang.String |
KEYSTOREPROVIDER |
static java.lang.String |
KEYSTOREPWD |
static java.lang.String |
KEYSTORETYPE |
static java.lang.String |
SSLPROTOCOL
Property keys specific to the client).
|
static java.lang.String |
SYSKEYMGRALGO |
static java.lang.String |
SYSKEYSTORE
Property keys used for java system properties
|
static java.lang.String |
SYSKEYSTOREPWD |
static java.lang.String |
SYSKEYSTORETYPE |
static java.lang.String |
SYSTRUSTMGRALGO |
static java.lang.String |
SYSTRUSTSTORE |
static java.lang.String |
SYSTRUSTSTOREPWD |
static java.lang.String |
SYSTRUSTSTORETYPE |
static java.lang.String |
TRUSTSTORE |
static java.lang.String |
TRUSTSTOREMGR |
static java.lang.String |
TRUSTSTOREPROVIDER |
static java.lang.String |
TRUSTSTOREPWD |
static java.lang.String |
TRUSTSTORETYPE |
Constructor and Description |
---|
SSLSocketFactoryFactory()
Create new instance of class.
|
SSLSocketFactoryFactory(Logger logger)
Create new instance of class.
|
Modifier and Type | Method and Description |
---|---|
javax.net.ssl.SSLSocketFactory |
createSocketFactory(java.lang.String configID)
Returns an SSL socket factory for the given configuration.
|
static char[] |
deObfuscate(java.lang.String ePassword)
The inverse operation of obfuscate: returns a cleartext password that was
previously obfuscated using the XOR scrambler.
|
boolean |
getClientAuthentication(java.lang.String configID)
Returns whether client authentication is required.
|
java.util.Properties |
getConfiguration(java.lang.String configID)
Returns the configuration of the SSLSocketFactoryFactory for a given
configuration.
|
java.lang.String[] |
getEnabledCipherSuites(java.lang.String configID)
Returns an array with the enabled ciphers.
|
java.lang.String |
getJSSEProvider(java.lang.String configID)
Gets the JSSE provider of the indicated configuration
|
java.lang.String |
getKeyManager(java.lang.String configID)
Gets the key manager algorithm that is used.
|
java.lang.String |
getKeyStore(java.lang.String configID)
Gets the name of the keystore file that is used.
|
char[] |
getKeyStorePassword(java.lang.String configID)
Gets the plain-text password that is used for the keystore.
|
java.lang.String |
getKeyStoreProvider(java.lang.String configID)
Gets the keystore provider.
|
java.lang.String |
getKeyStoreType(java.lang.String configID)
Gets the type of keystore.
|
java.lang.String |
getSSLProtocol(java.lang.String configID)
Gets the SSL protocol variant of the indicated configuration or the
default configuration.
|
java.lang.String |
getTrustManager(java.lang.String configID)
Gets the trust manager algorithm that is used.
|
java.lang.String |
getTrustStore(java.lang.String configID)
Gets the name of the truststore file that is used.
|
char[] |
getTrustStorePassword(java.lang.String configID)
Gets the plain-text password that is used for the truststore.
|
java.lang.String |
getTrustStoreProvider(java.lang.String configID)
Gets the truststore provider.
|
java.lang.String |
getTrustStoreType(java.lang.String configID)
Gets the type of truststore.
|
void |
initialize(java.util.Properties props,
java.lang.String configID)
Initializes the SSLSocketFactoryFactory with the provided properties for
the provided configuration.
|
static boolean |
isSupportedOnJVM()
Not all of the JVM/Platforms support all of its
security features.
|
void |
merge(java.util.Properties props,
java.lang.String configID)
Merges the given IBM SSL properties into the existing configuration,
overwriting existing properties.
|
static java.lang.String |
obfuscate(char[] password)
Obfuscates the password using a simple and not very secure XOR mechanism.
|
static java.lang.String |
packCipherSuites(java.lang.String[] ciphers)
Converts an array of ciphers into a single String.
|
boolean |
remove(java.lang.String configID)
Remove the configuration of a given configuration identifier.
|
static byte[] |
toByte(char[] c)
Convert char array to byte array, where each char is split into two
bytes.
|
static char[] |
toChar(byte[] b)
Convert byte array to char array, where each char is constructed from two
bytes.
|
static java.lang.String[] |
unpackCipherSuites(java.lang.String ciphers)
Inverse operation of packCipherSuites: converts a string of cipher names
into an array of cipher names
|
public static final java.lang.String SSLPROTOCOL
public static final java.lang.String JSSEPROVIDER
public static final java.lang.String KEYSTORE
public static final java.lang.String KEYSTOREPWD
public static final java.lang.String KEYSTORETYPE
public static final java.lang.String KEYSTOREPROVIDER
public static final java.lang.String KEYSTOREMGR
public static final java.lang.String TRUSTSTORE
public static final java.lang.String TRUSTSTOREPWD
public static final java.lang.String TRUSTSTORETYPE
public static final java.lang.String TRUSTSTOREPROVIDER
public static final java.lang.String TRUSTSTOREMGR
public static final java.lang.String CIPHERSUITES
public static final java.lang.String CLIENTAUTH
public static final java.lang.String SYSKEYSTORE
public static final java.lang.String SYSKEYSTORETYPE
public static final java.lang.String SYSKEYSTOREPWD
public static final java.lang.String SYSTRUSTSTORE
public static final java.lang.String SYSTRUSTSTORETYPE
public static final java.lang.String SYSTRUSTSTOREPWD
public static final java.lang.String SYSKEYMGRALGO
public static final java.lang.String SYSTRUSTMGRALGO
public static final java.lang.String DEFAULT_PROTOCOL
public SSLSocketFactoryFactory()
public SSLSocketFactoryFactory(Logger logger)
public static boolean isSupportedOnJVM() throws java.lang.LinkageError, java.lang.ExceptionInInitializerError
java.lang.Error
- if any unexpected error encountered whilst checking. Note
this should not be a ClassNotFoundException, which should
cause the method to return false.java.lang.LinkageError
java.lang.ExceptionInInitializerError
public static char[] toChar(byte[] b)
b
- byte arraypublic static byte[] toByte(char[] c)
c
- char arraypublic static java.lang.String obfuscate(char[] password)
password
- The password to be encrypted, as a char[] array.deObfuscate(java.lang.String)
public static char[] deObfuscate(java.lang.String ePassword)
ePassword
- An obfuscated password.obfuscate(char[])
public static java.lang.String packCipherSuites(java.lang.String[] ciphers)
ciphers
- The array of cipher names.public static java.lang.String[] unpackCipherSuites(java.lang.String ciphers)
ciphers
- A list of ciphers, separated by comma.public void initialize(java.util.Properties props, java.lang.String configID) throws java.lang.IllegalArgumentException
props
- A properties object containing IBM SSL properties that are
qualified by one or more configuration identifiers.configID
- The configuration identifier for selecting a configuration or
null for the default configuration.java.lang.IllegalArgumentException
- if any of the properties is not a valid IBM SSL property key.public void merge(java.util.Properties props, java.lang.String configID) throws java.lang.IllegalArgumentException
props
- A properties object containing IBM SSL propertiesconfigID
- The configuration identifier for selecting a configuration or
null for the default configuration.java.lang.IllegalArgumentException
- if any of the properties is not a valid IBM SSL property key.public boolean remove(java.lang.String configID)
configID
- The configuration identifier for selecting a configuration or
null for the default configuration.public java.util.Properties getConfiguration(java.lang.String configID)
configID
- The configuration identifier for selecting a configuration or
null for the default configuration.public java.lang.String getSSLProtocol(java.lang.String configID)
configID
- The configuration identifier for selecting a configuration or
null for the default configuration.public java.lang.String getJSSEProvider(java.lang.String configID)
configID
- The configuration identifier for selecting a configuration or
null for the default configuration.public java.lang.String getKeyStore(java.lang.String configID)
configID
- The configuration identifier for selecting a configuration or
null for the default configuration.public char[] getKeyStorePassword(java.lang.String configID)
configID
- The configuration identifier for selecting a configuration or
null for the default configuration.public java.lang.String getKeyStoreType(java.lang.String configID)
configID
- The configuration identifier for selecting a configuration or
null for the default configuration.public java.lang.String getKeyStoreProvider(java.lang.String configID)
configID
- The configuration identifier for selecting a configuration or
null for the default configuration.public java.lang.String getKeyManager(java.lang.String configID)
configID
- The configuration identifier for selecting a configuration or
null for the default configuration.public java.lang.String getTrustStore(java.lang.String configID)
configID
- The configuration identifier for selecting a configuration or
null for the default configuration.public char[] getTrustStorePassword(java.lang.String configID)
configID
- The configuration identifier for selecting a configuration or
null for the default configuration.public java.lang.String getTrustStoreType(java.lang.String configID)
configID
- The configuration identifier for selecting a configuration or
null for the default configuration.public java.lang.String getTrustStoreProvider(java.lang.String configID)
configID
- The configuration identifier for selecting a configuration or
null for the default configuration.public java.lang.String getTrustManager(java.lang.String configID)
configID
- The configuration identifier for selecting a configuration or
null for the default configuration.public java.lang.String[] getEnabledCipherSuites(java.lang.String configID)
configID
- The configuration identifier for selecting a configuration or
null for the default configuration.public boolean getClientAuthentication(java.lang.String configID)
configID
- The configuration identifier for selecting a configuration or
null for the default configuration.public javax.net.ssl.SSLSocketFactory createSocketFactory(java.lang.String configID) throws MqttSecurityException
configID
- The configuration identifier for selecting a configuration.MqttDirectException
MqttSecurityException
DEFAULT_PROTOCOL