ASF Bugzilla – Attachment 20649 Details for
Bug 43094
Allowing non-file based keystore and other providers
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for allowing to specify keystores providers and not to need a keystore file
JSSESocketFactory.java.patch (text/plain), 5.17 KB, created by
Bruno Harbulot
on 2007-08-11 15:01:07 UTC
(
hide
)
Description:
Patch for allowing to specify keystores providers and not to need a keystore file
Filename:
MIME Type:
Creator:
Bruno Harbulot
Created:
2007-08-11 15:01:07 UTC
Size:
5.17 KB
patch
obsolete
>--- JSSESocketFactory.java.old 2007-08-11 22:58:24.000000000 +0200 >+++ JSSESocketFactory.java 2007-08-11 23:35:11.000000000 +0200 >@@ -249,20 +249,20 @@ > /* > * Gets the SSL server's keystore. > */ >- protected KeyStore getKeystore(String type, String pass) >+ protected KeyStore getKeystore(String type, String provider, String pass) > throws IOException { > > String keystoreFile = (String)attributes.get("keystore"); > if (keystoreFile == null) > keystoreFile = defaultKeystoreFile; > >- return getStore(type, keystoreFile, pass); >+ return getStore(type, provider, keystoreFile, pass); > } > > /* > * Gets the SSL server's truststore. > */ >- protected KeyStore getTrustStore(String keystoreType) throws IOException { >+ protected KeyStore getTrustStore(String keystoreType, String keystoreProvider) throws IOException { > KeyStore trustStore = null; > > String trustStoreFile = (String)attributes.get("truststoreFile"); >@@ -286,11 +286,15 @@ > if(truststoreType == null) { > truststoreType = keystoreType; > } >+ String truststoreProvider = (String)attributes.get("truststoreProvider"); >+ if(truststoreProvider == null) { >+ truststoreProvider = keystoreProvider; >+ } > if(log.isDebugEnabled()) { > log.debug("trustType = " + truststoreType); > } > if (trustStoreFile != null && trustStorePassword != null){ >- trustStore = getStore(truststoreType, trustStoreFile, >+ trustStore = getStore(truststoreType, truststoreProvider, trustStoreFile, > trustStorePassword); > } > >@@ -300,14 +304,18 @@ > /* > * Gets the key- or truststore with the specified type, path, and password. > */ >- private KeyStore getStore(String type, String path, String pass) >+ private KeyStore getStore(String type, String provider, String path, String pass) > throws IOException { > > KeyStore ks = null; > InputStream istream = null; > try { >- ks = KeyStore.getInstance(type); >- if(! "PKCS11".equalsIgnoreCase(type) ) { >+ if (provider != null) { >+ ks = KeyStore.getInstance(type, provider); >+ } else { >+ ks = KeyStore.getInstance(type); >+ } >+ if(! "".equalsIgnoreCase(path) ) { > File keyStoreFile = new File(path); > if (!keyStoreFile.isAbsolute()) { > keyStoreFile = new File(System.getProperty("catalina.base"), >@@ -368,6 +376,8 @@ > if (keystoreType == null) { > keystoreType = defaultKeystoreType; > } >+ >+ String keystoreProvider = (String) attributes.get("keystoreProvider"); > > String trustAlgorithm = (String)attributes.get("truststoreAlgorithm"); > if( trustAlgorithm == null ) { >@@ -375,9 +385,9 @@ > } > // Create and init SSLContext > SSLContext context = SSLContext.getInstance(protocol); >- context.init(getKeyManagers(keystoreType, algorithm, >+ context.init(getKeyManagers(keystoreType, keystoreProvider, algorithm, > (String) attributes.get("keyAlias")), >- getTrustManagers(keystoreType, trustAlgorithm), >+ getTrustManagers(keystoreType, keystoreProvider, trustAlgorithm), > new SecureRandom()); > > // create proxy >@@ -399,6 +409,7 @@ > * Gets the initialized key managers. > */ > protected KeyManager[] getKeyManagers(String keystoreType, >+ String keystoreProvider, > String algorithm, > String keyAlias) > throws Exception { >@@ -407,7 +418,7 @@ > > String keystorePass = getKeystorePassword(); > >- KeyStore ks = getKeystore(keystoreType, keystorePass); >+ KeyStore ks = getKeystore(keystoreType, keystoreProvider, keystorePass); > if (keyAlias != null && !ks.isKeyEntry(keyAlias)) { > throw new IOException(sm.getString("jsse.alias_no_key_entry", keyAlias)); > } >@@ -431,7 +442,7 @@ > /** > * Gets the intialized trust managers. > */ >- protected TrustManager[] getTrustManagers(String keystoreType, String algorithm) >+ protected TrustManager[] getTrustManagers(String keystoreType, String keystoreProvider, String algorithm) > throws Exception { > String crlf = (String) attributes.get("crlFile"); > >@@ -441,7 +452,11 @@ > if (truststoreType == null) { > truststoreType = keystoreType; > } >- KeyStore trustStore = getTrustStore(truststoreType); >+ String truststoreProvider = (String) attributes.get("truststoreProvider"); >+ if (truststoreProvider == null) { >+ truststoreType = keystoreProvider; >+ } >+ KeyStore trustStore = getTrustStore(truststoreType, truststoreProvider); > if (trustStore != null) { > if (crlf == null) { > TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 43094
: 20649