/**
* Classes implementing SSL support for Netty
*
* To generate the stores for Waarp for instance, you need to create 2 JKS keyStore. To generate
* those files, you can use the "keytool" command from the JDK or using the free tool KeyTool IUI
* (last known version in 2.4.1).<br>
* <br>
*
* See Certificate-Howto.txt file<br>
* <br>
*
* Usage:<br>
* In order to use the SSL support, here are the different steps.<br>
* <br>
*
* <b>On Client side:</b><br>
* <ul>
* <li>Create the KeyStore for the Client<br>
* <b>For no client authentication:</b><br>
* ggSecureKeyStore = new WaarpSecureKeyStore(keyStorePasswd, keyPasswd);<br>
* <b>For client authentication:</b><br>
* ggSecureKeyStore = new WaarpSecureKeyStore(keyStoreFilename, keyStorePasswd, keyPasswd);</li>
* <li>Create the TrustStore for the Client<br>
* <b>For Trusting everyone:</b><br>
* ggSecureKeyStore.initEmptyTrustStore(keyTrustStorePasswd);<br>
* <b>For Trusting only known Certificates:</b><br>
* ggSecureKeyStore.initTrustStore(keyTrustStoreFilename, keyTrustStorePasswd, needClientAuthent);<br>
* Note: needClientAuthent is True if the TrustStore is used to authenticate Clients, False if only
* to authenticate Servers</li>
* <li>Create the WaarpSslContextFactory:<br>
* WaarpSslContextFactory ggSslContextFactory = new WaarpSslContextFactory(ggSecureKeyStore,
* <b>false</b>);</li>
* <li>Create your own Initializer:<br>
* As first item in the pipeline, add:<br>
* pipeline.addLast("ssl", ggSslContextFactory.initInitializer(<b>false</b>,
* ggSslContextFactory.hasTrustStore(), executor));<br>
* where executor is generally a Executors.newCachedThreadPool();<br>
* <br>
*
* For example, see Waarp Local Exec module using SSL:<br>
* localExecClientInitializer = new LocalExecSslClientInitializer(ggSslContextFactory);<br>
* bootstrap.setInitializer(localExecClientInitializer);</li>
* <li>In the final Handler, you need to add the handshake:<br>
* public void channelConnected(ChannelHandlerContext ctx, ChannelStateEvent e)<br>
* throws Exception {<br>
* ...<br>
* SslHandler sslHandler = ctx.pipeline().get(SslHandler.class);<br>
* // Begin handshake<br>
* ChannelFuture handshakeFuture = sslHandler.handshake();<br>
* handshakeFuture.addListener(new ChannelFutureListener() {<br>
* public void operationComplete(ChannelFuture future)<br>
* throws Exception {<br>
* if (future.isSuccess()) {<br>
* //OK<br>
* } else {<br>
* future.channel().close();<br>
* }<br>
* }<br>
* });<br>
* }</li>
* <li>At the end of your connection, you need to release the Executor passes as argument to
* ggSslContextFactory.initInitializer</li>
* </ul>
* <br>
* <br>
*
* <b>On Server side:</b><br>
* <ul>
* <li>Create the KeyStore for the Server<br>
* ggSecureKeyStore = new WaarpSecureKeyStore(keyStoreFilename, keyStorePasswd, keyPasswd);</li>
* <li>Create the TrustStore for the Client<br>
* <b>For Trusting everyone:</b><br>
* ggSecureKeyStore.initEmptyTrustStore(keyTrustStorePasswd);<br>
* <b>For Trusting only known Certificates:</b><br>
* ggSecureKeyStore.initTrustStore(keyTrustStoreFilename, keyTrustStorePasswd, needClientAuthent);<br>
* Note: needClientAuthent is True if the TrustStore is used to authenticate Clients, False if only
* to authenticate Servers
* <li>
* <li>Create the WaarpSslContextFactory:<br>
* WaarpSslContextFactory ggSslContextFactory = new WaarpSslContextFactory(ggSecureKeyStore,
* <b>true</b>);</li>
* <li>Create your own Initializer:<br>
* As first item in the pipeline, add:<br>
* pipeline.addLast("ssl", ggSslContextFactory.initInitializer(<b>true</b>,
* ggSslContextFactory.hasTrustStore(), executor));<br>
* where executor is generally a Executors.newCachedThreadPool();<br>
* <br>
*
* For example, see Waarp Local Exec module using SSL:<br>
* bootstrap.setInitializer(new LocalExecSslServerInitializer(ggSslContextFactory, delay));</li>
* <li>In the final Handler, you need to add the handshake:<br>
* public void channelConnected(ChannelHandlerContext ctx, ChannelStateEvent e)<br>
* throws Exception {<br>
* ...<br>
* SslHandler sslHandler = ctx.pipeline().get(SslHandler.class);<br>
* // Begin handshake<br>
* ChannelFuture handshakeFuture = sslHandler.handshake();<br>
* handshakeFuture.addListener(new ChannelFutureListener() {<br>
* public void operationComplete(ChannelFuture future)<br>
* throws Exception {<br>
* if (future.isSuccess()) {<br>
* //OK<br>
* } else {<br>
* future.channel().close();<br>
* }<br>
* }<br>
* });<br>
* }</li>
* <li>At the end of your connection, you need to release the Executor passes as argument to
* ggSslContextFactory.initInitializer</li>
* </ul>
*
*/
package org.waarp.common.crypto.ssl;