Attachment 20649 Details for Bug 43094 – Patch for allowing to specify keystores providers and not to need a keystore file

[patch] Patch for allowing to specify keystores providers and not to need a keystore file

JSSESocketFactory.java.patch (text/plain), 5.17 KB, created by Bruno Harbulot on 2007-08-11 15:01:07 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Bruno Harbulot

Created: 2007-08-11 15:01:07 UTC

Size: 5.17 KB

patch

obsolete

>--- JSSESocketFactory.java.old	2007-08-11 22:58:24.000000000 +0200
>+++ JSSESocketFactory.java	2007-08-11 23:35:11.000000000 +0200
>@@ -249,20 +249,20 @@
>     /*
>      * Gets the SSL server's keystore.
>      */
>-    protected KeyStore getKeystore(String type, String pass)
>+    protected KeyStore getKeystore(String type, String provider, String pass)
>             throws IOException {
> 
>         String keystoreFile = (String)attributes.get("keystore");
>         if (keystoreFile == null)
>             keystoreFile = defaultKeystoreFile;
> 
>-        return getStore(type, keystoreFile, pass);
>+        return getStore(type, provider, keystoreFile, pass);
>     }
> 
>     /*
>      * Gets the SSL server's truststore.
>      */
>-    protected KeyStore getTrustStore(String keystoreType) throws IOException {
>+    protected KeyStore getTrustStore(String keystoreType, String keystoreProvider) throws IOException {
>         KeyStore trustStore = null;
> 
>         String trustStoreFile = (String)attributes.get("truststoreFile");
>@@ -286,11 +286,15 @@
>         if(truststoreType == null) {
>             truststoreType = keystoreType;
>         }
>+        String truststoreProvider = (String)attributes.get("truststoreProvider");
>+        if(truststoreProvider == null) {
>+        	truststoreProvider = keystoreProvider;
>+        }
>         if(log.isDebugEnabled()) {
>             log.debug("trustType = " + truststoreType);
>         }
>         if (trustStoreFile != null && trustStorePassword != null){
>-            trustStore = getStore(truststoreType, trustStoreFile,
>+            trustStore = getStore(truststoreType, truststoreProvider, trustStoreFile,
>                                   trustStorePassword);
>         }
> 
>@@ -300,14 +304,18 @@
>     /*
>      * Gets the key- or truststore with the specified type, path, and password.
>      */
>-    private KeyStore getStore(String type, String path, String pass)
>+    private KeyStore getStore(String type, String provider, String path, String pass)
>             throws IOException {
> 
>         KeyStore ks = null;
>         InputStream istream = null;
>         try {
>-            ks = KeyStore.getInstance(type);
>-            if(! "PKCS11".equalsIgnoreCase(type) ) {
>+        	if (provider != null) {
>+        		ks = KeyStore.getInstance(type, provider);
>+        	} else {
>+        		ks = KeyStore.getInstance(type);
>+        	}
>+            if(! "".equalsIgnoreCase(path) ) {
>                 File keyStoreFile = new File(path);
>                 if (!keyStoreFile.isAbsolute()) {
>                     keyStoreFile = new File(System.getProperty("catalina.base"),
>@@ -368,6 +376,8 @@
>             if (keystoreType == null) {
>                 keystoreType = defaultKeystoreType;
>             }
>+            
>+            String keystoreProvider = (String) attributes.get("keystoreProvider");
> 
>         String trustAlgorithm = (String)attributes.get("truststoreAlgorithm");
>         if( trustAlgorithm == null ) {
>@@ -375,9 +385,9 @@
>         }
>             // Create and init SSLContext
>             SSLContext context = SSLContext.getInstance(protocol); 
>-            context.init(getKeyManagers(keystoreType, algorithm,
>+            context.init(getKeyManagers(keystoreType, keystoreProvider, algorithm,
>                                         (String) attributes.get("keyAlias")),
>-                         getTrustManagers(keystoreType, trustAlgorithm),
>+                         getTrustManagers(keystoreType, keystoreProvider, trustAlgorithm),
>                          new SecureRandom());
> 
>             // create proxy
>@@ -399,6 +409,7 @@
>      * Gets the initialized key managers.
>      */
>     protected KeyManager[] getKeyManagers(String keystoreType,
>+                                          String keystoreProvider,
>                                           String algorithm,
>                                           String keyAlias)
>                 throws Exception {
>@@ -407,7 +418,7 @@
> 
>         String keystorePass = getKeystorePassword();
> 
>-        KeyStore ks = getKeystore(keystoreType, keystorePass);
>+        KeyStore ks = getKeystore(keystoreType, keystoreProvider, keystorePass);
>         if (keyAlias != null && !ks.isKeyEntry(keyAlias)) {
>             throw new IOException(sm.getString("jsse.alias_no_key_entry", keyAlias));
>         }
>@@ -431,7 +442,7 @@
>     /**
>      * Gets the intialized trust managers.
>      */
>-    protected TrustManager[] getTrustManagers(String keystoreType, String algorithm)
>+    protected TrustManager[] getTrustManagers(String keystoreType, String keystoreProvider, String algorithm)
>         throws Exception {
>         String crlf = (String) attributes.get("crlFile");
>         
>@@ -441,7 +452,11 @@
>         if (truststoreType == null) {
>             truststoreType = keystoreType;
>         }
>-        KeyStore trustStore = getTrustStore(truststoreType);
>+        String truststoreProvider = (String) attributes.get("truststoreProvider");
>+        if (truststoreProvider == null) {
>+            truststoreType = keystoreProvider;
>+        }
>+        KeyStore trustStore = getTrustStore(truststoreType, truststoreProvider);
>         if (trustStore != null) {
>             if (crlf == null) {
>                 TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);

Actions: View | Diff

Attachments on bug 43094: 20649