From 72c60055809b0f7994c4e78c9ba54a3828506a46 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 5 May 2020 09:36:51 +0200 Subject: refactor interface of method 'buildSslContextWithSslClientAuthentication' to inject information about the KeyStore-Provider --- .../at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java | 5 +++-- .../java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java | 15 +++++++++------ 2 files changed, 12 insertions(+), 8 deletions(-) (limited to 'eaaf_core_utils/src') diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java index 00d5891a..4e811eaa 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpClientFactory.java @@ -1,6 +1,7 @@ package at.gv.egiz.eaaf.core.impl.http; import java.security.KeyStore; +import java.security.Provider; import java.util.HashMap; import java.util.Map; @@ -42,6 +43,7 @@ import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; import at.gv.egiz.eaaf.core.exceptions.EaafException; import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType; +import at.gv.egiz.eaaf.core.impl.data.Pair; import lombok.extern.slf4j.Slf4j; @Slf4j @@ -237,8 +239,7 @@ public class HttpClientFactory implements IHttpClientFactory { SSLContext sslContext = null; if (httpClientConfig.getAuthMode().equals(HttpClientConfiguration.ClientAuthMode.SSL)) { log.debug("Open keyStore with type: {}", httpClientConfig.getKeyStoreConfig().getKeyStoreType()); - final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(httpClientConfig.getKeyStoreConfig()) - .getFirst(); + final Pair keyStore = keyStoreFactory.buildNewKeyStore(httpClientConfig.getKeyStoreConfig()); log.trace("Injecting SSL client-authentication into http client ... "); sslContext = HttpUtils.buildSslContextWithSslClientAuthentication(keyStore, diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java index 2d514912..06b8dfd2 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/http/HttpUtils.java @@ -22,6 +22,7 @@ import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; +import java.security.Provider; import java.security.UnrecoverableKeyException; import javax.annotation.Nonnull; @@ -29,15 +30,15 @@ import javax.annotation.Nullable; import javax.net.ssl.SSLContext; import javax.servlet.http.HttpServletRequest; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException; - import org.apache.commons.lang3.StringUtils; import org.apache.http.conn.ssl.TrustAllStrategy; import org.apache.http.ssl.SSLContextBuilder; import org.apache.http.ssl.SSLContexts; import org.apache.http.ssl.TrustStrategy; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException; +import at.gv.egiz.eaaf.core.impl.data.Pair; import lombok.extern.slf4j.Slf4j; @Slf4j @@ -155,7 +156,7 @@ public class HttpUtils { * @throws EaafFactoryException In case of a {@link SSLContext} * initialization error */ - public static SSLContext buildSslContextWithSslClientAuthentication(@Nonnull final KeyStore keyStore, + public static SSLContext buildSslContextWithSslClientAuthentication(@Nonnull final Pair keyStore, @Nullable String keyAlias, @Nullable String keyPasswordString, boolean trustAllServerCertificates, @Nonnull String friendlyName) throws EaafConfigurationException, EaafFactoryException { @@ -165,13 +166,15 @@ public class HttpUtils { : keyPasswordString.toCharArray(); SSLContextBuilder sslContextBuilder = SSLContexts.custom(); + Provider provider = null; + sslContextBuilder.setProvider(provider); if (StringUtils.isNotEmpty(keyAlias)) { sslContextBuilder = sslContextBuilder - .loadKeyMaterial(keyStore, keyPassword, new EaafSslKeySelectionStrategy(keyAlias)); + .loadKeyMaterial(keyStore.getFirst(), keyPassword, new EaafSslKeySelectionStrategy(keyAlias)); } else { sslContextBuilder = sslContextBuilder - .loadKeyMaterial(keyStore, keyPassword); + .loadKeyMaterial(keyStore.getFirst(), keyPassword); } -- cgit v1.2.3