1 files changed, 0 insertions, 133 deletions
diff --git a/src/main/java/at/gv/egiz/moazs/util/SSLContextCreator.java b/src/main/java/at/gv/egiz/moazs/util/SSLContextCreator.java
deleted file mode 100644
index 8fb5d80..0000000
--- a/src/main/java/at/gv/egiz/moazs/util/SSLContextCreator.java
+++ /dev/null
@@ -1,133 +0,0 @@
-package at.gv.egiz.moazs.client;
-
-import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils;
-import at.gv.zustellung.app2mzs.xsd.KeyStoreType;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.lang.Nullable;
-import org.springframework.stereotype.Component;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import javax.net.ssl.X509TrustManager;
-
-import javax.net.ssl.*;
-import java.io.IOException;
-import java.security.*;
-
-import static at.gv.egiz.moazs.MoaZSException.moaZSException;
-import static java.lang.String.format;
-
-@Component
- /**
-  * Adapted from at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient
-  */
-public class SSLContextCreator {
-
-    private static final Logger log = LoggerFactory.getLogger(SSLContextCreator.class);
-
-    private static final String SSL_WARN_MAN_IN_THE_MIDDLE_MSG =
-            "HTTP Client trusts ANY server certificate and is therefore vulnerable to Man-In-The-Middle attacks. " +
-                    "Use this configuration for testing purposes only and NOT IN PRODUCTION. ";
-
-    /**
-     * Creates an SSL Context.
-     *
-     * @param keystore (if null, use no key store)
-     * @param truststore (if null, use default trust store)
-     * @throws at.gv.egiz.moazs.MoaZSException
-     */
-    public SSLContext createSSLContext(@Nullable KeyStoreType keystore, @Nullable KeyStoreType truststore) {
-        return createSSLContext(keystore, false, truststore);
-    }
-
-    /**
-     * Creates an SSL Context that trusts all certificates. Don't use in production.
-     *
-     * @param keystore (if null, use no key store)
-     * @throws at.gv.egiz.moazs.MoaZSException
-     */
-    public SSLContext createUnsafeSSLContext(@Nullable KeyStoreType keystore) {
-        log.warn(SSL_WARN_MAN_IN_THE_MIDDLE_MSG);
-        return createSSLContext(keystore, true, null);
-    }
-
-    private SSLContext createSSLContext(@Nullable KeyStoreType keystore, boolean trustAll, @Nullable KeyStoreType truststore) {
-        try {
-            SSLContext context = SSLContext.getInstance("TLS");
-            KeyManager[] keyManager = initKeyManager(keystore);
-            TrustManager[] trustManager = trustAll
-                    ? new TrustManager[]{new TrustAllManager()}
-                    : initTrustManager(truststore);
-            context.init(keyManager, trustManager, new SecureRandom());
-            return context;
-        } catch (NoSuchAlgorithmException | KeyManagementException e) {
-            throw moaZSException("SSLContext initialization FAILED.", e);
-        }
-    }
-
-    private KeyManager[] initKeyManager(KeyStoreType keystore) {
-        if (keystore == null) {
-            log.trace("No keystore path provided. NOT using SSL client authentication. ");
-            return null;
-        } else {
-            log.trace("Find keystore path: {}. Injecting SSL client certificate... ", keystore.getFileName());
-            try {
-                KeyStore keyStore = KeyStoreUtils.loadKeyStore(
-                        keystore.getFileType(), keystore.getFileName(), keystore.getPassword());
-                KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
-                kmf.init(keyStore, keystore.getPassword().toCharArray());
-                log.trace("SSL client certificate injected.");
-                return kmf.getKeyManagers();
-            } catch (IOException | GeneralSecurityException e) {
-                throw moaZSException(format("Can NOT load SSL client certificate from path: %s.",
-                        keystore.getFileName()), e);
-            }
-        }
-    }
-
-    private TrustManager[] initTrustManager(KeyStoreType truststore) {
-        if (truststore == null) {
-            log.trace("Using default truststore. ");
-            return null;
-        } else {
-            log.trace("Find truststore path: {}. Injecting SSL truststore... ", truststore.getFileName());
-            try {
-                KeyStore trustStore = KeyStoreUtils.loadKeyStore(
-                        truststore.getFileType(), truststore.getFileName(), truststore.getPassword());
-                TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
-                tmf.init(trustStore);
-                log.trace("SSL TrustStore injected to client. ");
-                return tmf.getTrustManagers();
-            } catch (GeneralSecurityException | IOException e) {
-                throw moaZSException(format("Can NOT open SSL TrustStore from path: %s.",
-                        truststore.getFileName()), e);
-            }
-        }
-    }
-
-    /**
-     * Class implementing a trust manager that trusts all certificates.
-     *
-     * @author Arne Tauber
-     */
-    public static class TrustAllManager implements X509TrustManager {
-
-        private static Logger log = LoggerFactory.getLogger(TrustAllManager.class);
-
-        public X509Certificate[] getAcceptedIssuers() {
-            return new X509Certificate[0];
-        }
-
-        public void checkClientTrusted(X509Certificate[] arg0, String arg1)
-                throws CertificateException {
-            log.debug("Automatically accepting client certificate as trusted.");
-        }
-
-        public void checkServerTrusted(X509Certificate[] arg0, String arg1)
-                throws CertificateException {
-            log.debug("Automatically accepting server certificate as trusted.");
-        }
-    }
-
-
-}