selfsignedcert.java

来自「RESIN 3.2 最新源码」· Java 代码 · 共 133 行

/*
 * Copyright (c) 1998-2008 Caucho Technology -- all rights reserved
 *
 * This file is part of Resin(R) Open Source
 *
 * Each copy or derived work must preserve the copyright notice and this
 * notice unmodified.
 *
 * Resin Open Source is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * Resin Open Source is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE, or any warranty
 * of NON-INFRINGEMENT.  See the GNU General Public License for more
 * details.
 *
 * You should have received a copy of the GNU General Public License
 * along with Resin Open Source; if not, write to the
 *   Free SoftwareFoundation, Inc.
 *   59 Temple Place, Suite 330
 *   Boston, MA 02111-1307  USA
 *
 * @author Scott Ferguson
 */

package com.caucho.vfs;

import com.caucho.config.ConfigException;
import com.caucho.util.L10N;

import javax.annotation.PostConstruct;
import javax.crypto.*;
import javax.net.ssl.*;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.util.logging.*;
import java.security.*;
import java.security.cert.*;

import java.net.*;
import sun.security.x509.X500Name;
import sun.security.x509.CertAndKeyGen;

/**
 * Abstract socket to handle both normal sockets and bin/resin sockets.
 */
public class SelfSignedCert {
  private static final Logger log
    = Logger.getLogger(SelfSignedCert.class.getName());

  private X509Certificate _cert;
  private PrivateKey _key;
  private KeyManagerFactory _kmf;
  
  private SelfSignedCert(X509Certificate cert, PrivateKey key)
    throws Exception
  {
    _cert = cert;
    _key = key;
    
    KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");

    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());

    ks.load(null, "password".toCharArray());

      
    ks.setKeyEntry("anonymous", getPrivateKey(),
		   "key-password".toCharArray(), getCertificateChain());
    
    kmf.init(ks, "key-password".toCharArray());

    _kmf = kmf;
  }

  public static SelfSignedCert create(String name)
  {
    try {
      String keyAlgName = "DSA";
      String sigAlgName = "SHA1WithDSA";
      String providerName = null;
      int keysize = 1024;
      int days = 365;

      CertAndKeyGen keypair;
      keypair = new CertAndKeyGen(keyAlgName, sigAlgName, providerName);

      keypair.generate(keysize);

      PrivateKey privKey = keypair.getPrivateKey();
      X500Name x500name = new X500Name("CN=" + name);
      
      X509Certificate cert
	= keypair.getSelfCertificate(x500name, days * 24 * 3600);

      return new SelfSignedCert(cert, privKey);
    } catch (Exception e) {
      log.log(Level.FINE, e.toString(), e);

      e.printStackTrace();

      return null;
    }
  }

  public PrivateKey getPrivateKey()
  {
    return _key;
  }

  public X509Certificate []getCertificateChain()
  {
    return new X509Certificate[] { _cert };
  }

  public KeyManager []getKeyManagers()
  {
    return _kmf.getKeyManagers();
  }

  @Override
  public String toString()
  {
    return getClass().getSimpleName() + "[" + _cert.getSubjectX500Principal() + "]";
  }
}