Attachment #20649 for bug #43094

View | Details | Raw Unified | Return to bug 43094
Collapse All | Expand All




    /*
     * Gets the SSL server's keystore.
     */
    protected KeyStore getKeystore(String type, String provider, String pass)
            throws IOException {

        String keystoreFile = (String)attributes.get("keystore");
        if (keystoreFile == null)
            keystoreFile = defaultKeystoreFile;

        return getStore(type, provider, keystoreFile, pass);
    }

    /*
     * Gets the SSL server's truststore.
     */
    protected KeyStore getTrustStore(String keystoreType, String keystoreProvider) throws IOException {
        KeyStore trustStore = null;

        String trustStoreFile = (String)attributes.get("truststoreFile");

        if(truststoreType == null) {
            truststoreType = keystoreType;
        }
        String truststoreProvider = (String)attributes.get("truststoreProvider");
        if(truststoreProvider == null) {
        	truststoreProvider = keystoreProvider;
        }
        if(log.isDebugEnabled()) {
            log.debug("trustType = " + truststoreType);
        }
        if (trustStoreFile != null && trustStorePassword != null){
            trustStore = getStore(truststoreType, truststoreProvider, trustStoreFile,
                                  trustStorePassword);
        }


    /*
     * Gets the key- or truststore with the specified type, path, and password.
     */
    private KeyStore getStore(String type, String provider, String path, String pass)
            throws IOException {

        KeyStore ks = null;
        InputStream istream = null;
        try {
        	if (provider != null) {
        		ks = KeyStore.getInstance(type, provider);
        	} else {
        		ks = KeyStore.getInstance(type);
        	}
            if(! "".equalsIgnoreCase(path) ) {
                File keyStoreFile = new File(path);
                if (!keyStoreFile.isAbsolute()) {
                    keyStoreFile = new File(System.getProperty("catalina.base"),

            if (keystoreType == null) {
                keystoreType = defaultKeystoreType;
            }
            
            String keystoreProvider = (String) attributes.get("keystoreProvider");

        String trustAlgorithm = (String)attributes.get("truststoreAlgorithm");
        if( trustAlgorithm == null ) {

        }
            // Create and init SSLContext
            SSLContext context = SSLContext.getInstance(protocol); 
            context.init(getKeyManagers(keystoreType, keystoreProvider, algorithm,
                                        (String) attributes.get("keyAlias")),
                         getTrustManagers(keystoreType, keystoreProvider, trustAlgorithm),
                         new SecureRandom());

            // create proxy

     * Gets the initialized key managers.
     */
    protected KeyManager[] getKeyManagers(String keystoreType,
                                          String keystoreProvider,
                                          String algorithm,
                                          String keyAlias)
                throws Exception {


        String keystorePass = getKeystorePassword();

        KeyStore ks = getKeystore(keystoreType, keystoreProvider, keystorePass);
        if (keyAlias != null && !ks.isKeyEntry(keyAlias)) {
            throw new IOException(sm.getString("jsse.alias_no_key_entry", keyAlias));
        }

    /**
     * Gets the intialized trust managers.
     */
    protected TrustManager[] getTrustManagers(String keystoreType, String keystoreProvider, String algorithm)
        throws Exception {
        String crlf = (String) attributes.get("crlFile");
        

        if (truststoreType == null) {
            truststoreType = keystoreType;
        }
        String truststoreProvider = (String) attributes.get("truststoreProvider");
        if (truststoreProvider == null) {
            truststoreType = keystoreProvider;
        }
        KeyStore trustStore = getTrustStore(truststoreType, truststoreProvider);
        if (trustStore != null) {
            if (crlf == null) {
                TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);

Return to bug 43094

Lines 249-268 Link Here

(-)JSSESocketFactory.java.old (-12 / +27 lines)
249	/*	249	/*
250	* Gets the SSL server's keystore.	250	* Gets the SSL server's keystore.
251	*/	251	*/
252	protected KeyStore getKeystore(String type, String pass)	252	protected KeyStore getKeystore(String type, String provider, String pass)
253	throws IOException {	253	throws IOException {
254		254
255	String keystoreFile = (String)attributes.get("keystore");	255	String keystoreFile = (String)attributes.get("keystore");
256	if (keystoreFile == null)	256	if (keystoreFile == null)
257	keystoreFile = defaultKeystoreFile;	257	keystoreFile = defaultKeystoreFile;
258		258
259	return getStore(type, keystoreFile, pass);	259	return getStore(type, provider, keystoreFile, pass);
260	}	260	}
261		261
262	/*	262	/*
263	* Gets the SSL server's truststore.	263	* Gets the SSL server's truststore.
264	*/	264	*/
265	protected KeyStore getTrustStore(String keystoreType) throws IOException {	265	protected KeyStore getTrustStore(String keystoreType, String keystoreProvider) throws IOException {
266	KeyStore trustStore = null;	266	KeyStore trustStore = null;
267		267
268	String trustStoreFile = (String)attributes.get("truststoreFile");	268	String trustStoreFile = (String)attributes.get("truststoreFile");
Lines 286-296 Link Here
286	if(truststoreType == null) {	286	if(truststoreType == null) {
287	truststoreType = keystoreType;	287	truststoreType = keystoreType;
288	}	288	}
		289	String truststoreProvider = (String)attributes.get("truststoreProvider");
		290	if(truststoreProvider == null) {
		291	truststoreProvider = keystoreProvider;
		292	}
289	if(log.isDebugEnabled()) {	293	if(log.isDebugEnabled()) {
290	log.debug("trustType = " + truststoreType);	294	log.debug("trustType = " + truststoreType);
291	}	295	}
292	if (trustStoreFile != null && trustStorePassword != null){	296	if (trustStoreFile != null && trustStorePassword != null){
293	trustStore = getStore(truststoreType, trustStoreFile,	297	trustStore = getStore(truststoreType, truststoreProvider, trustStoreFile,
294	trustStorePassword);	298	trustStorePassword);
295	}	299	}
296		300
Lines 300-313 Link Here
300	/*	304	/*
301	* Gets the key- or truststore with the specified type, path, and password.	305	* Gets the key- or truststore with the specified type, path, and password.
302	*/	306	*/
303	private KeyStore getStore(String type, String path, String pass)	307	private KeyStore getStore(String type, String provider, String path, String pass)
304	throws IOException {	308	throws IOException {
305		309
306	KeyStore ks = null;	310	KeyStore ks = null;
307	InputStream istream = null;	311	InputStream istream = null;
308	try {	312	try {
309	ks = KeyStore.getInstance(type);	313	if (provider != null) {
310	if(! "PKCS11".equalsIgnoreCase(type) ) {	314	ks = KeyStore.getInstance(type, provider);
		315	} else {
		316	ks = KeyStore.getInstance(type);
		317	}
		318	if(! "".equalsIgnoreCase(path) ) {
311	File keyStoreFile = new File(path);	319	File keyStoreFile = new File(path);
312	if (!keyStoreFile.isAbsolute()) {	320	if (!keyStoreFile.isAbsolute()) {
313	keyStoreFile = new File(System.getProperty("catalina.base"),	321	keyStoreFile = new File(System.getProperty("catalina.base"),
Lines 368-373 Link Here
368	if (keystoreType == null) {	376	if (keystoreType == null) {
369	keystoreType = defaultKeystoreType;	377	keystoreType = defaultKeystoreType;
370	}	378	}
		379
		380	String keystoreProvider = (String) attributes.get("keystoreProvider");
371		381
372	String trustAlgorithm = (String)attributes.get("truststoreAlgorithm");	382	String trustAlgorithm = (String)attributes.get("truststoreAlgorithm");
373	if( trustAlgorithm == null ) {	383	if( trustAlgorithm == null ) {
Lines 375-383 Link Here
375	}	385	}
376	// Create and init SSLContext	386	// Create and init SSLContext
377	SSLContext context = SSLContext.getInstance(protocol);	387	SSLContext context = SSLContext.getInstance(protocol);
378	context.init(getKeyManagers(keystoreType, algorithm,	388	context.init(getKeyManagers(keystoreType, keystoreProvider, algorithm,
379	(String) attributes.get("keyAlias")),	389	(String) attributes.get("keyAlias")),
380	getTrustManagers(keystoreType, trustAlgorithm),	390	getTrustManagers(keystoreType, keystoreProvider, trustAlgorithm),
381	new SecureRandom());	391	new SecureRandom());
382		392
383	// create proxy	393	// create proxy
Lines 399-404 Link Here
399	* Gets the initialized key managers.	409	* Gets the initialized key managers.
400	*/	410	*/
401	protected KeyManager[] getKeyManagers(String keystoreType,	411	protected KeyManager[] getKeyManagers(String keystoreType,
		412	String keystoreProvider,
402	String algorithm,	413	String algorithm,
403	String keyAlias)	414	String keyAlias)
404	throws Exception {	415	throws Exception {
Lines 407-413 Link Here
407		418
408	String keystorePass = getKeystorePassword();	419	String keystorePass = getKeystorePassword();
409		420
410	KeyStore ks = getKeystore(keystoreType, keystorePass);	421	KeyStore ks = getKeystore(keystoreType, keystoreProvider, keystorePass);
411	if (keyAlias != null && !ks.isKeyEntry(keyAlias)) {	422	if (keyAlias != null && !ks.isKeyEntry(keyAlias)) {
412	throw new IOException(sm.getString("jsse.alias_no_key_entry", keyAlias));	423	throw new IOException(sm.getString("jsse.alias_no_key_entry", keyAlias));
413	}	424	}
Lines 431-437 Link Here
431	/**	442	/**
432	* Gets the intialized trust managers.	443	* Gets the intialized trust managers.
433	*/	444	*/
434	protected TrustManager[] getTrustManagers(String keystoreType, String algorithm)	445	protected TrustManager[] getTrustManagers(String keystoreType, String keystoreProvider, String algorithm)
435	throws Exception {	446	throws Exception {
436	String crlf = (String) attributes.get("crlFile");	447	String crlf = (String) attributes.get("crlFile");
437		448
Lines 441-447 Link Here
441	if (truststoreType == null) {	452	if (truststoreType == null) {
442	truststoreType = keystoreType;	453	truststoreType = keystoreType;
443	}	454	}
444	KeyStore trustStore = getTrustStore(truststoreType);	455	String truststoreProvider = (String) attributes.get("truststoreProvider");
		456	if (truststoreProvider == null) {
		457	truststoreType = keystoreProvider;
		458	}
		459	KeyStore trustStore = getTrustStore(truststoreType, truststoreProvider);
445	if (trustStore != null) {	460	if (trustStore != null) {
446	if (crlf == null) {	461	if (crlf == null) {
447	TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);	462	TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);