From 72c60055809b0f7994c4e78c9ba54a3828506a46 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 5 May 2020 09:36:51 +0200
Subject: refactor interface of method
 'buildSslContextWithSslClientAuthentication' to inject information about the
 KeyStore-Provider

---
 eaaf_core_utils/pom.xml                                   |  7 +------
 .../at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java |  5 +++--
 .../java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java    | 15 +++++++++------
 3 files changed, 13 insertions(+), 14 deletions(-)

diff --git a/eaaf_core_utils/pom.xml b/eaaf_core_utils/pom.xml
index 630ac8d4..13df6c1e 100644
--- a/eaaf_core_utils/pom.xml
+++ b/eaaf_core_utils/pom.xml
@@ -49,12 +49,7 @@
       <groupId>io.grpc</groupId>
       <artifactId>grpc-core</artifactId>
     </dependency>
-
-    <dependency>
-      <groupId>org.springframework</groupId>
-      <artifactId>spring-webmvc</artifactId>
-    </dependency>
-
+    
     <dependency>
       <groupId>org.slf4j</groupId>
       <artifactId>slf4j-api</artifactId>
diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java
index 00d5891a..4e811eaa 100644
--- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java
+++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java
@@ -1,6 +1,7 @@
 package at.gv.egiz.eaaf.core.impl.http;
 
 import java.security.KeyStore;
+import java.security.Provider;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -42,6 +43,7 @@ import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
 import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
 import lombok.extern.slf4j.Slf4j;
 
 @Slf4j
@@ -237,8 +239,7 @@ public class HttpClientFactory implements IHttpClientFactory {
     SSLContext sslContext = null;
     if (httpClientConfig.getAuthMode().equals(HttpClientConfiguration.ClientAuthMode.SSL)) {
       log.debug("Open keyStore with type: {}", httpClientConfig.getKeyStoreConfig().getKeyStoreType());
-      final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(httpClientConfig.getKeyStoreConfig())
-          .getFirst();
+      final Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(httpClientConfig.getKeyStoreConfig());
 
       log.trace("Injecting SSL client-authentication into http client ... ");
       sslContext = HttpUtils.buildSslContextWithSslClientAuthentication(keyStore,
diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java
index 2d514912..06b8dfd2 100644
--- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java
+++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java
@@ -22,6 +22,7 @@ import java.security.KeyManagementException;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
+import java.security.Provider;
 import java.security.UnrecoverableKeyException;
 
 import javax.annotation.Nonnull;
@@ -29,15 +30,15 @@ import javax.annotation.Nullable;
 import javax.net.ssl.SSLContext;
 import javax.servlet.http.HttpServletRequest;
 
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException;
-
 import org.apache.commons.lang3.StringUtils;
 import org.apache.http.conn.ssl.TrustAllStrategy;
 import org.apache.http.ssl.SSLContextBuilder;
 import org.apache.http.ssl.SSLContexts;
 import org.apache.http.ssl.TrustStrategy;
 
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
 import lombok.extern.slf4j.Slf4j;
 
 @Slf4j
@@ -155,7 +156,7 @@ public class HttpUtils {
    * @throws EaafFactoryException       In case of a {@link SSLContext}
    *                                    initialization error
    */
-  public static SSLContext buildSslContextWithSslClientAuthentication(@Nonnull final KeyStore keyStore,
+  public static SSLContext buildSslContextWithSslClientAuthentication(@Nonnull final Pair<KeyStore, Provider> keyStore,
       @Nullable String keyAlias, @Nullable String keyPasswordString,
       boolean trustAllServerCertificates, @Nonnull String friendlyName)
       throws EaafConfigurationException, EaafFactoryException {
@@ -165,13 +166,15 @@ public class HttpUtils {
           : keyPasswordString.toCharArray();
 
       SSLContextBuilder sslContextBuilder = SSLContexts.custom();
+      Provider provider = null;
+      sslContextBuilder.setProvider(provider);
       if (StringUtils.isNotEmpty(keyAlias)) {
         sslContextBuilder = sslContextBuilder
-            .loadKeyMaterial(keyStore, keyPassword, new EaafSslKeySelectionStrategy(keyAlias));
+            .loadKeyMaterial(keyStore.getFirst(), keyPassword, new EaafSslKeySelectionStrategy(keyAlias));
 
       } else {
         sslContextBuilder = sslContextBuilder
-            .loadKeyMaterial(keyStore, keyPassword);
+            .loadKeyMaterial(keyStore.getFirst(), keyPassword);
 
       }
 
-- 
cgit v1.2.3