diff options
| author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-05-05 09:36:51 +0200 |
|---|---|---|
| committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-05-05 09:36:51 +0200 |
| commit | 72c60055809b0f7994c4e78c9ba54a3828506a46 (patch) | |
| tree | 29588b7d8ad6836c68a04242ca896bf6376690f0 | |
| parent | 2a8a81480af60c447f3ec927d3432b651a4a1bfb (diff) | |
| download | EAAF-Components-72c60055809b0f7994c4e78c9ba54a3828506a46.tar.gz EAAF-Components-72c60055809b0f7994c4e78c9ba54a3828506a46.tar.bz2 EAAF-Components-72c60055809b0f7994c4e78c9ba54a3828506a46.zip | |
refactor interface of method 'buildSslContextWithSslClientAuthentication' to inject information about the KeyStore-Provider
3 files changed, 13 insertions, 14 deletions
diff --git a/eaaf_core_utils/pom.xml b/eaaf_core_utils/pom.xml index 630ac8d4..13df6c1e 100644 --- a/eaaf_core_utils/pom.xml +++ b/eaaf_core_utils/pom.xml @@ -49,12 +49,7 @@ <groupId>io.grpc</groupId> <artifactId>grpc-core</artifactId> </dependency> - - <dependency> - <groupId>org.springframework</groupId> - <artifactId>spring-webmvc</artifactId> - </dependency> - + <dependency> <groupId>org.slf4j</groupId> <artifactId>slf4j-api</artifactId> diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java index 00d5891a..4e811eaa 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java @@ -1,6 +1,7 @@ package at.gv.egiz.eaaf.core.impl.http; import java.security.KeyStore; +import java.security.Provider; import java.util.HashMap; import java.util.Map; @@ -42,6 +43,7 @@ import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType; +import at.gv.egiz.eaaf.core.impl.data.Pair; import lombok.extern.slf4j.Slf4j; @Slf4j @@ -237,8 +239,7 @@ public class HttpClientFactory implements IHttpClientFactory { SSLContext sslContext = null; if (httpClientConfig.getAuthMode().equals(HttpClientConfiguration.ClientAuthMode.SSL)) { log.debug("Open keyStore with type: {}", httpClientConfig.getKeyStoreConfig().getKeyStoreType()); - final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(httpClientConfig.getKeyStoreConfig()) - .getFirst(); + final Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(httpClientConfig.getKeyStoreConfig()); log.trace("Injecting SSL client-authentication into http client ... "); sslContext = HttpUtils.buildSslContextWithSslClientAuthentication(keyStore, diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java index 2d514912..06b8dfd2 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java @@ -22,6 +22,7 @@ import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; +import java.security.Provider; import java.security.UnrecoverableKeyException; import javax.annotation.Nonnull; @@ -29,15 +30,15 @@ import javax.annotation.Nullable; import javax.net.ssl.SSLContext; import javax.servlet.http.HttpServletRequest; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException; - import org.apache.commons.lang3.StringUtils; import org.apache.http.conn.ssl.TrustAllStrategy; import org.apache.http.ssl.SSLContextBuilder; import org.apache.http.ssl.SSLContexts; import org.apache.http.ssl.TrustStrategy; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException; +import at.gv.egiz.eaaf.core.impl.data.Pair; import lombok.extern.slf4j.Slf4j; @Slf4j @@ -155,7 +156,7 @@ public class HttpUtils { * @throws EaafFactoryException In case of a {@link SSLContext} * initialization error */ - public static SSLContext buildSslContextWithSslClientAuthentication(@Nonnull final KeyStore keyStore, + public static SSLContext buildSslContextWithSslClientAuthentication(@Nonnull final Pair<KeyStore, Provider> keyStore, @Nullable String keyAlias, @Nullable String keyPasswordString, boolean trustAllServerCertificates, @Nonnull String friendlyName) throws EaafConfigurationException, EaafFactoryException { @@ -165,13 +166,15 @@ public class HttpUtils { : keyPasswordString.toCharArray(); SSLContextBuilder sslContextBuilder = SSLContexts.custom(); + Provider provider = null; + sslContextBuilder.setProvider(provider); if (StringUtils.isNotEmpty(keyAlias)) { sslContextBuilder = sslContextBuilder - .loadKeyMaterial(keyStore, keyPassword, new EaafSslKeySelectionStrategy(keyAlias)); + .loadKeyMaterial(keyStore.getFirst(), keyPassword, new EaafSslKeySelectionStrategy(keyAlias)); } else { sslContextBuilder = sslContextBuilder - .loadKeyMaterial(keyStore, keyPassword); + .loadKeyMaterial(keyStore.getFirst(), keyPassword); } |