1 /* 2 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"). 5 * You may not use this file except in compliance with the License. 6 * A copy of the License is located at 7 * 8 * http://aws.amazon.com/apache2.0 9 * 10 * or in the "license" file accompanying this file. This file is distributed 11 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 * express or implied. See the License for the specific language governing 13 * permissions and limitations under the License. 14 */ 15 16 package software.amazon.awssdk.http; 17 18 import static software.amazon.awssdk.utils.JavaSystemSetting.SSL_KEY_STORE; 19 import static software.amazon.awssdk.utils.JavaSystemSetting.SSL_KEY_STORE_PASSWORD; 20 import static software.amazon.awssdk.utils.JavaSystemSetting.SSL_KEY_STORE_TYPE; 21 22 import java.nio.file.Path; 23 import java.nio.file.Paths; 24 import java.security.KeyStore; 25 import java.util.Optional; 26 import javax.net.ssl.KeyManager; 27 import javax.net.ssl.KeyManagerFactory; 28 import software.amazon.awssdk.annotations.SdkPublicApi; 29 import software.amazon.awssdk.internal.http.AbstractFileStoreTlsKeyManagersProvider; 30 import software.amazon.awssdk.utils.Logger; 31 import software.amazon.awssdk.utils.internal.SystemSettingUtils; 32 33 /** 34 * Implementation of {@link TlsKeyManagersProvider} that gets the information 35 * about the KeyStore to load from the system properties. 36 * <p> 37 * This provider checks the standard {@code javax.net.ssl.keyStore}, 38 * {@code javax.net.ssl.keyStorePassword}, and 39 * {@code javax.net.ssl.keyStoreType} properties defined by the 40 * <a href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html">JSSE</a>. 41 * <p> 42 * This uses {@link KeyManagerFactory#getDefaultAlgorithm()} to determine the 43 * {@code KeyManagerFactory} algorithm to use. 44 */ 45 @SdkPublicApi 46 public final class SystemPropertyTlsKeyManagersProvider extends AbstractFileStoreTlsKeyManagersProvider { 47 private static final Logger log = Logger.loggerFor(SystemPropertyTlsKeyManagersProvider.class); 48 SystemPropertyTlsKeyManagersProvider()49 private SystemPropertyTlsKeyManagersProvider() { 50 } 51 52 @Override keyManagers()53 public KeyManager[] keyManagers() { 54 return getKeyStore().map(p -> { 55 Path path = Paths.get(p); 56 String type = getKeyStoreType(); 57 char[] password = getKeyStorePassword().map(String::toCharArray).orElse(null); 58 try { 59 return createKeyManagers(path, type, password); 60 } catch (Exception e) { 61 log.warn(() -> String.format("Unable to create KeyManagers from %s property value '%s'", 62 SSL_KEY_STORE.property(), p), e); 63 return null; 64 } 65 }).orElse(null); 66 } 67 create()68 public static SystemPropertyTlsKeyManagersProvider create() { 69 return new SystemPropertyTlsKeyManagersProvider(); 70 } 71 getKeyStore()72 private static Optional<String> getKeyStore() { 73 return SystemSettingUtils.resolveSetting(SSL_KEY_STORE); 74 } 75 getKeyStoreType()76 private static String getKeyStoreType() { 77 return SystemSettingUtils.resolveSetting(SSL_KEY_STORE_TYPE) 78 .orElseGet(KeyStore::getDefaultType); 79 } 80 getKeyStorePassword()81 private static Optional<String> getKeyStorePassword() { 82 return SystemSettingUtils.resolveSetting(SSL_KEY_STORE_PASSWORD); 83 } 84 } 85