This is an automated email from the ASF dual-hosted git repository.
johnnyv pushed a commit to branch bugfix/DIRMINA1132
in repository https://gitbox.apache.org/repos/asf/mina.git
commit 498588d57cbe2e51638efd7f7e1315b3381d4480
Author: Jonathan Valliere <john...@apache.org>
AuthorDate: Wed Sep 23 13:43:42 2020 -0400
formatted mina.filter.ssl
---
.../mina/filter/ssl/BogusTrustManagerFactory.java | 112 +--
.../apache/mina/filter/ssl/KeyStoreFactory.java | 292 ++++----
.../apache/mina/filter/ssl/SslContextFactory.java | 782 +++++++++++----------
.../java/org/apache/mina/filter/ssl/SslEvent.java | 6 +-
.../org/apache/mina/filter/ssl/package-info.java | 3 +-
5 files changed, 601 insertions(+), 594 deletions(-)
diff --git
a/mina-core/src/main/java/org/apache/mina/filter/ssl/BogusTrustManagerFactory.java
b/mina-core/src/main/java/org/apache/mina/filter/ssl/BogusTrustManagerFactory.java
index 5984e69..e0402c2 100644
---
a/mina-core/src/main/java/org/apache/mina/filter/ssl/BogusTrustManagerFactory.java
+++
b/mina-core/src/main/java/org/apache/mina/filter/ssl/BogusTrustManagerFactory.java
@@ -39,68 +39,68 @@ import javax.net.ssl.X509TrustManager;
* @author <a href="http://mina.apache.org";>Apache MINA Project</a>
*/
public class BogusTrustManagerFactory extends TrustManagerFactory {
- private static final X509TrustManager X509 = new X509TrustManager() {
- /**
- * {@inheritDoc}
- */
- @Override
- public void checkClientTrusted(X509Certificate[] x509Certificates,
String s) throws CertificateException {
- // Do nothing
- }
+ private static final X509TrustManager X509 = new X509TrustManager() {
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public void checkClientTrusted(X509Certificate[]
x509Certificates, String s) throws CertificateException {
+ // Do nothing
+ }
- /**
- * {@inheritDoc}
- */
- @Override
- public void checkServerTrusted(X509Certificate[] x509Certificates,
String s) throws CertificateException {
- // Do nothing
- }
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public void checkServerTrusted(X509Certificate[]
x509Certificates, String s) throws CertificateException {
+ // Do nothing
+ }
- /**
- * {@inheritDoc}
- */
- @Override
- public X509Certificate[] getAcceptedIssuers() {
- return new X509Certificate[0];
- }
- };
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public X509Certificate[] getAcceptedIssuers() {
+ return new X509Certificate[0];
+ }
+ };
- private static final TrustManager[] X509_MANAGERS = new TrustManager[] {
X509 };
+ private static final TrustManager[] X509_MANAGERS = new TrustManager[]
{ X509 };
- /**
- * Creates a new BogusTrustManagerFactory instance
- */
- public BogusTrustManagerFactory() {
- super(new BogusTrustManagerFactorySpi(), new Provider("MinaBogus",
1.0, "") {
- private static final long serialVersionUID = -4024169055312053827L;
- }, "MinaBogus");
- }
+ /**
+ * Creates a new BogusTrustManagerFactory instance
+ */
+ public BogusTrustManagerFactory() {
+ super(new BogusTrustManagerFactorySpi(), new
Provider("MinaBogus", 1.0, "") {
+ private static final long serialVersionUID =
-4024169055312053827L;
+ }, "MinaBogus");
+ }
- private static class BogusTrustManagerFactorySpi extends
TrustManagerFactorySpi {
- /**
- * {@inheritDoc}
- */
- @Override
- protected TrustManager[] engineGetTrustManagers() {
- return X509_MANAGERS;
- }
+ private static class BogusTrustManagerFactorySpi extends
TrustManagerFactorySpi {
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ protected TrustManager[] engineGetTrustManagers() {
+ return X509_MANAGERS;
+ }
- /**
- * {@inheritDoc}
- */
- @Override
- protected void engineInit(KeyStore keystore) throws KeyStoreException {
- // noop
- }
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ protected void engineInit(KeyStore keystore) throws
KeyStoreException {
+ // noop
+ }
- /**
- * {@inheritDoc}
- */
- @Override
- protected void engineInit(ManagerFactoryParameters
managerFactoryParameters)
- throws InvalidAlgorithmParameterException {
- // noop
- }
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ protected void engineInit(ManagerFactoryParameters
managerFactoryParameters)
+ throws InvalidAlgorithmParameterException {
+ // noop
+ }
- }
+ }
}
diff --git
a/mina-core/src/main/java/org/apache/mina/filter/ssl/KeyStoreFactory.java
b/mina-core/src/main/java/org/apache/mina/filter/ssl/KeyStoreFactory.java
index b0903fa..875f039 100644
--- a/mina-core/src/main/java/org/apache/mina/filter/ssl/KeyStoreFactory.java
+++ b/mina-core/src/main/java/org/apache/mina/filter/ssl/KeyStoreFactory.java
@@ -40,150 +40,150 @@ import java.security.cert.CertificateException;
*/
public class KeyStoreFactory {
- private String type = "JKS";
-
- private String provider = null;
-
- private char[] password = null;
-
- private byte[] data = null;
-
- /**
- * Creates a new {@link KeyStore}. This method will be called
- * by the base class when Spring creates a bean using this FactoryBean.
- *
- * @return a new {@link KeyStore} instance.
- * @throws KeyStoreException If we can't create an instance of the
KeyStore for the given type
- * @throws NoSuchProviderException If we don't have the provider
registered to create the KeyStore
- * @throws NoSuchAlgorithmException If the KeyStore algorithm cannot be
used
- * @throws CertificateException If the KeyStore certificate cannot be
loaded
- * @throws IOException If the KeyStore cannot be loaded
- */
- public KeyStore newInstance() throws KeyStoreException,
NoSuchProviderException, NoSuchAlgorithmException,
- CertificateException, IOException {
- if (data == null) {
- throw new IllegalStateException("data property is not set.");
- }
-
- KeyStore ks;
- if (provider == null) {
- ks = KeyStore.getInstance(type);
- } else {
- ks = KeyStore.getInstance(type, provider);
- }
-
- InputStream is = new ByteArrayInputStream(data);
-
- try {
- ks.load(is, password);
- } finally {
- try {
- is.close();
- } catch (IOException ignored) {
- // Do nothing
- }
- }
-
- return ks;
- }
-
- /**
- * Sets the type of key store to create. The default is to create a
- * JKS key store.
- *
- * @param type the type to use when creating the key store.
- * @throws IllegalArgumentException if the specified value is
- * <code>null</code>.
- */
- public void setType(String type) {
- if (type == null) {
- throw new IllegalArgumentException("type");
- }
- this.type = type;
- }
-
- /**
- * Sets the key store password. If this value is <code>null</code> no
- * password will be used to check the integrity of the key store.
- *
- * @param password the password or <code>null</code> if no password is
- * needed.
- */
- public void setPassword(String password) {
- if (password != null) {
- this.password = password.toCharArray();
- } else {
- this.password = null;
- }
- }
-
- /**
- * Sets the name of the provider to use when creating the key store. The
- * default is to use the platform default provider.
- *
- * @param provider the name of the provider, e.g. <tt>"SUN"</tt>.
- */
- public void setProvider(String provider) {
- this.provider = provider;
- }
-
- /**
- * Sets the data which contains the key store.
- *
- * @param data the byte array that contains the key store
- */
- public void setData(byte[] data) {
- byte[] copy = new byte[data.length];
- System.arraycopy(data, 0, copy, 0, data.length);
- this.data = copy;
- }
-
- /**
- * Sets the data which contains the key store.
- *
- * @param dataStream the {@link InputStream} that contains the key store
- * @throws IOException If we can't process the stream
- */
- private void setData(InputStream dataStream) throws IOException {
- ByteArrayOutputStream out = new ByteArrayOutputStream();
- try {
- for (;;) {
- int readByte = dataStream.read();
-
- if (readByte < 0) {
- break;
- }
-
- out.write(readByte);
- }
-
- setData(out.toByteArray());
- } finally {
- try {
- dataStream.close();
- } catch (IOException e) {
- // Ignore.
- }
- }
- }
-
- /**
- * Sets the data which contains the key store.
- *
- * @param dataFile the {@link File} that contains the key store
- * @throws IOException If we can't process the file
- */
- public void setDataFile(File dataFile) throws IOException {
- setData(new BufferedInputStream(new FileInputStream(dataFile)));
- }
-
- /**
- * Sets the data which contains the key store.
- *
- * @param dataUrl the {@link URL} that contains the key store.
- * @throws IOException If we can't process the URL
- */
- public void setDataUrl(URL dataUrl) throws IOException {
- setData(dataUrl.openStream());
- }
+ private String type = "JKS";
+
+ private String provider = null;
+
+ private char[] password = null;
+
+ private byte[] data = null;
+
+ /**
+ * Creates a new {@link KeyStore}. This method will be called by the
base class
+ * when Spring creates a bean using this FactoryBean.
+ *
+ * @return a new {@link KeyStore} instance.
+ * @throws KeyStoreException If we can't create an instance of
the
+ * KeyStore for the given type
+ * @throws NoSuchProviderException If we don't have the provider
registered to
+ * create the KeyStore
+ * @throws NoSuchAlgorithmException If the KeyStore algorithm cannot be
used
+ * @throws CertificateException If the KeyStore certificate cannot
be loaded
+ * @throws IOException If the KeyStore cannot be loaded
+ */
+ public KeyStore newInstance() throws KeyStoreException,
NoSuchProviderException, NoSuchAlgorithmException,
+ CertificateException, IOException {
+ if (data == null) {
+ throw new IllegalStateException("data property is not
set.");
+ }
+
+ KeyStore ks;
+ if (provider == null) {
+ ks = KeyStore.getInstance(type);
+ } else {
+ ks = KeyStore.getInstance(type, provider);
+ }
+
+ InputStream is = new ByteArrayInputStream(data);
+
+ try {
+ ks.load(is, password);
+ } finally {
+ try {
+ is.close();
+ } catch (IOException ignored) {
+ // Do nothing
+ }
+ }
+
+ return ks;
+ }
+
+ /**
+ * Sets the type of key store to create. The default is to create a JKS
key
+ * store.
+ *
+ * @param type the type to use when creating the key store.
+ * @throws IllegalArgumentException if the specified value is
<code>null</code>.
+ */
+ public void setType(String type) {
+ if (type == null) {
+ throw new IllegalArgumentException("type");
+ }
+ this.type = type;
+ }
+
+ /**
+ * Sets the key store password. If this value is <code>null</code> no
password
+ * will be used to check the integrity of the key store.
+ *
+ * @param password the password or <code>null</code> if no password is
needed.
+ */
+ public void setPassword(String password) {
+ if (password != null) {
+ this.password = password.toCharArray();
+ } else {
+ this.password = null;
+ }
+ }
+
+ /**
+ * Sets the name of the provider to use when creating the key store.
The default
+ * is to use the platform default provider.
+ *
+ * @param provider the name of the provider, e.g. <tt>"SUN"</tt>.
+ */
+ public void setProvider(String provider) {
+ this.provider = provider;
+ }
+
+ /**
+ * Sets the data which contains the key store.
+ *
+ * @param data the byte array that contains the key store
+ */
+ public void setData(byte[] data) {
+ byte[] copy = new byte[data.length];
+ System.arraycopy(data, 0, copy, 0, data.length);
+ this.data = copy;
+ }
+
+ /**
+ * Sets the data which contains the key store.
+ *
+ * @param dataStream the {@link InputStream} that contains the key store
+ * @throws IOException If we can't process the stream
+ */
+ private void setData(InputStream dataStream) throws IOException {
+ ByteArrayOutputStream out = new ByteArrayOutputStream();
+ try {
+ for (;;) {
+ int readByte = dataStream.read();
+
+ if (readByte < 0) {
+ break;
+ }
+
+ out.write(readByte);
+ }
+
+ setData(out.toByteArray());
+ } finally {
+ try {
+ dataStream.close();
+ } catch (IOException e) {
+ // Ignore.
+ }
+ }
+ }
+
+ /**
+ * Sets the data which contains the key store.
+ *
+ * @param dataFile the {@link File} that contains the key store
+ * @throws IOException If we can't process the file
+ */
+ public void setDataFile(File dataFile) throws IOException {
+ setData(new BufferedInputStream(new FileInputStream(dataFile)));
+ }
+
+ /**
+ * Sets the data which contains the key store.
+ *
+ * @param dataUrl the {@link URL} that contains the key store.
+ * @throws IOException If we can't process the URL
+ */
+ public void setDataUrl(URL dataUrl) throws IOException {
+ setData(dataUrl.openStream());
+ }
}
diff --git
a/mina-core/src/main/java/org/apache/mina/filter/ssl/SslContextFactory.java
b/mina-core/src/main/java/org/apache/mina/filter/ssl/SslContextFactory.java
index e05d3d6..255eeb5 100644
--- a/mina-core/src/main/java/org/apache/mina/filter/ssl/SslContextFactory.java
+++ b/mina-core/src/main/java/org/apache/mina/filter/ssl/SslContextFactory.java
@@ -33,11 +33,12 @@ import javax.net.ssl.TrustManagerFactory;
/**
* A factory that creates and configures a new {@link SSLContext}.
* <p>
- * If no properties are set the returned {@link SSLContext} will
- * be equivalent to what the following creates:
+ * If no properties are set the returned {@link SSLContext} will be equivalent
+ * to what the following creates:
+ *
* <pre>
- * SSLContext c = SSLContext.getInstance( "TLSv1.2" );
- * c.init(null, null, null);
+ * SSLContext c = SSLContext.getInstance("TLSv1.2");
+ * c.init(null, null, null);
* </pre>
* <p>
* Use the properties prefixed with <code>keyManagerFactory</code> to control
@@ -50,388 +51,393 @@ import javax.net.ssl.TrustManagerFactory;
*/
public class SslContextFactory {
- private String provider = null;
-
- private String protocol = "TLSv1.2";
-
- private SecureRandom secureRandom = null;
-
- private KeyStore keyManagerFactoryKeyStore = null;
-
- private char[] keyManagerFactoryKeyStorePassword = null;
-
- private KeyManagerFactory keyManagerFactory = null;
-
- private String keyManagerFactoryAlgorithm = null;
-
- private String keyManagerFactoryProvider = null;
-
- private boolean keyManagerFactoryAlgorithmUseDefault = true;
-
- private KeyStore trustManagerFactoryKeyStore = null;
-
- private TrustManagerFactory trustManagerFactory = null;
-
- private String trustManagerFactoryAlgorithm = null;
-
- private String trustManagerFactoryProvider = null;
-
- private boolean trustManagerFactoryAlgorithmUseDefault = true;
-
- private ManagerFactoryParameters trustManagerFactoryParameters = null;
-
- private int clientSessionCacheSize = -1;
-
- private int clientSessionTimeout = -1;
-
- private int serverSessionCacheSize = -1;
-
- private int serverSessionTimeout = -1;
-
- /**
- * Create a new SSLContext instance,using the {@link KeyManagerFactory}
and the
- * {@link TrustManagerFactory}.
- *
- * @return The created instance
- * @throws Exception If we weren't able to create the SSLContext insyance
- */
- public SSLContext newInstance() throws Exception {
- KeyManagerFactory kmf = this.keyManagerFactory;
- TrustManagerFactory tmf = this.trustManagerFactory;
-
- if (kmf == null) {
- String algorithm = keyManagerFactoryAlgorithm;
-
- if (algorithm == null && keyManagerFactoryAlgorithmUseDefault) {
- algorithm = KeyManagerFactory.getDefaultAlgorithm();
- }
-
- if (algorithm != null) {
- if (keyManagerFactoryProvider == null) {
- kmf = KeyManagerFactory.getInstance(algorithm);
- } else {
- kmf = KeyManagerFactory.getInstance(algorithm,
keyManagerFactoryProvider);
- }
- }
- }
-
- if (tmf == null) {
- String algorithm = trustManagerFactoryAlgorithm;
-
- if (algorithm == null && trustManagerFactoryAlgorithmUseDefault) {
- algorithm = TrustManagerFactory.getDefaultAlgorithm();
- }
-
- if (algorithm != null) {
- if (trustManagerFactoryProvider == null) {
- tmf = TrustManagerFactory.getInstance(algorithm);
- } else {
- tmf = TrustManagerFactory.getInstance(algorithm,
trustManagerFactoryProvider);
- }
- }
- }
-
- KeyManager[] keyManagers = null;
-
- if (kmf != null) {
- kmf.init(keyManagerFactoryKeyStore,
keyManagerFactoryKeyStorePassword);
- keyManagers = kmf.getKeyManagers();
- }
-
- TrustManager[] trustManagers = null;
-
- if (tmf != null) {
- if (trustManagerFactoryParameters != null) {
- tmf.init(trustManagerFactoryParameters);
- } else {
- tmf.init(trustManagerFactoryKeyStore);
- }
-
- trustManagers = tmf.getTrustManagers();
- }
-
- SSLContext context;
-
- if (provider == null) {
- context = SSLContext.getInstance(protocol);
- } else {
- context = SSLContext.getInstance(protocol, provider);
- }
-
- context.init(keyManagers, trustManagers, secureRandom);
-
- if (clientSessionCacheSize >= 0) {
-
context.getClientSessionContext().setSessionCacheSize(clientSessionCacheSize);
- }
-
- if (clientSessionTimeout >= 0) {
-
context.getClientSessionContext().setSessionTimeout(clientSessionTimeout);
- }
-
- if (serverSessionCacheSize >= 0) {
-
context.getServerSessionContext().setSessionCacheSize(serverSessionCacheSize);
- }
-
- if (serverSessionTimeout >= 0) {
-
context.getServerSessionContext().setSessionTimeout(serverSessionTimeout);
- }
-
- return context;
- }
-
- /**
- * Sets the provider of the new {@link SSLContext}. The default value is
- * <tt>null</tt>, which means the default provider will be used.
- *
- * @param provider the name of the {@link SSLContext} provider
- */
- public void setProvider(String provider) {
- this.provider = provider;
- }
-
- /**
- * Sets the protocol to use when creating the {@link SSLContext}. The
- * default is <code>TLS</code>.
- *
- * @param protocol the name of the protocol.
- */
- public void setProtocol(String protocol) {
- if (protocol == null) {
- throw new IllegalArgumentException("protocol");
- }
-
- this.protocol = protocol;
- }
-
- /**
- * If this is set to <tt>true</tt> while no {@link KeyManagerFactory}
- * has been set using {@link #setKeyManagerFactory(KeyManagerFactory)} and
- * no algorithm has been set using
- * {@link #setKeyManagerFactoryAlgorithm(String)} the default algorithm
- * return by {@link KeyManagerFactory#getDefaultAlgorithm()} will be used.
- * The default value of this property is <tt>true</tt>.
- *
- * @param useDefault <tt>true</tt> or <tt>false</tt>.
- */
- public void setKeyManagerFactoryAlgorithmUseDefault(boolean useDefault) {
- this.keyManagerFactoryAlgorithmUseDefault = useDefault;
- }
-
- /**
- * If this is set to <tt>true</tt> while no {@link TrustManagerFactory}
- * has been set using {@link #setTrustManagerFactory(TrustManagerFactory)}
and
- * no algorithm has been set using
- * {@link #setTrustManagerFactoryAlgorithm(String)} the default algorithm
- * return by {@link TrustManagerFactory#getDefaultAlgorithm()} will be
used.
- * The default value of this property is <tt>true</tt>.
- *
- * @param useDefault <tt>true</tt> or <tt>false</tt>.
- */
- public void setTrustManagerFactoryAlgorithmUseDefault(boolean useDefault) {
- this.trustManagerFactoryAlgorithmUseDefault = useDefault;
- }
-
- /**
- * Sets the {@link KeyManagerFactory} to use. If this is set the properties
- * which are used by this factory bean to create a {@link
KeyManagerFactory}
- * will all be ignored.
- *
- * @param factory the factory.
- */
- public void setKeyManagerFactory(KeyManagerFactory factory) {
- this.keyManagerFactory = factory;
- }
-
- /**
- * Sets the algorithm to use when creating the {@link KeyManagerFactory}
- * using {@link KeyManagerFactory#getInstance(java.lang.String)} or
- * {@link KeyManagerFactory#getInstance(java.lang.String,
java.lang.String)}.
- * <p>
- * This property will be ignored if a {@link KeyManagerFactory} has been
- * set directly using {@link #setKeyManagerFactory(KeyManagerFactory)}.
- * <p>
- * If this property isn't set while no {@link KeyManagerFactory} has been
- * set using {@link #setKeyManagerFactory(KeyManagerFactory)} and
- * {@link #setKeyManagerFactoryAlgorithmUseDefault(boolean)} has been set
to
- * <tt>true</tt> the value returned
- * by {@link KeyManagerFactory#getDefaultAlgorithm()} will be used instead.
- *
- * @param algorithm the algorithm to use.
- */
- public void setKeyManagerFactoryAlgorithm(String algorithm) {
- this.keyManagerFactoryAlgorithm = algorithm;
- }
-
- /**
- * Sets the provider to use when creating the {@link KeyManagerFactory}
- * using
- * {@link KeyManagerFactory#getInstance(java.lang.String,
java.lang.String)}.
- * <p>
- * This property will be ignored if a {@link KeyManagerFactory} has been
- * set directly using {@link #setKeyManagerFactory(KeyManagerFactory)}.
- * <p>
- * If this property isn't set and no {@link KeyManagerFactory} has been set
- * using {@link #setKeyManagerFactory(KeyManagerFactory)}
- * {@link KeyManagerFactory#getInstance(java.lang.String)} will be used
- * to create the {@link KeyManagerFactory}.
- *
- * @param provider the name of the provider.
- */
- public void setKeyManagerFactoryProvider(String provider) {
- this.keyManagerFactoryProvider = provider;
- }
-
- /**
- * Sets the {@link KeyStore} which will be used in the call to
- * {@link KeyManagerFactory#init(java.security.KeyStore, char[])} when
- * the {@link SSLContext} is created.
- *
- * @param keyStore the key store.
- */
- public void setKeyManagerFactoryKeyStore(KeyStore keyStore) {
- this.keyManagerFactoryKeyStore = keyStore;
- }
-
- /**
- * Sets the password which will be used in the call to
- * {@link KeyManagerFactory#init(java.security.KeyStore, char[])} when
- * the {@link SSLContext} is created.
- *
- * @param password the password. Use <code>null</code> to disable password.
- */
- public void setKeyManagerFactoryKeyStorePassword(String password) {
- if (password != null) {
- this.keyManagerFactoryKeyStorePassword = password.toCharArray();
- } else {
- this.keyManagerFactoryKeyStorePassword = null;
- }
- }
-
- /**
- * Sets the {@link TrustManagerFactory} to use. If this is set the
- * properties which are used by this factory bean to create a
- * {@link TrustManagerFactory} will all be ignored.
- *
- * @param factory
- * the factory.
- */
- public void setTrustManagerFactory(TrustManagerFactory factory) {
- this.trustManagerFactory = factory;
- }
-
- /**
- * Sets the algorithm to use when creating the {@link TrustManagerFactory}
- * using {@link TrustManagerFactory#getInstance(java.lang.String)} or
- * {@link TrustManagerFactory#getInstance(java.lang.String,
java.lang.String)}.
- * <p>
- * This property will be ignored if a {@link TrustManagerFactory} has been
- * set directly using {@link #setTrustManagerFactory(TrustManagerFactory)}.
- * <p>
- * If this property isn't set while no {@link TrustManagerFactory} has been
- * set using {@link #setTrustManagerFactory(TrustManagerFactory)} and
- * {@link #setTrustManagerFactoryAlgorithmUseDefault(boolean)} has been
set to
- * <tt>true</tt> the value returned
- * by {@link TrustManagerFactory#getDefaultAlgorithm()} will be used
instead.
- *
- * @param algorithm the algorithm to use.
- */
- public void setTrustManagerFactoryAlgorithm(String algorithm) {
- this.trustManagerFactoryAlgorithm = algorithm;
- }
-
- /**
- * Sets the {@link KeyStore} which will be used in the call to
- * {@link TrustManagerFactory#init(java.security.KeyStore)} when
- * the {@link SSLContext} is created.
- * <p>
- * This property will be ignored if {@link ManagerFactoryParameters} has
been
- * set directly using {@link
#setTrustManagerFactoryParameters(ManagerFactoryParameters)}.
- *
- * @param keyStore the key store.
- */
- public void setTrustManagerFactoryKeyStore(KeyStore keyStore) {
- this.trustManagerFactoryKeyStore = keyStore;
- }
-
- /**
- * Sets the {@link ManagerFactoryParameters} which will be used in the
call to
- * {@link
TrustManagerFactory#init(javax.net.ssl.ManagerFactoryParameters)} when
- * the {@link SSLContext} is created.
- *
- * @param parameters describing provider-specific trust material.
- */
- public void setTrustManagerFactoryParameters(ManagerFactoryParameters
parameters) {
- this.trustManagerFactoryParameters = parameters;
- }
-
- /**
- * Sets the provider to use when creating the {@link TrustManagerFactory}
- * using
- * {@link TrustManagerFactory#getInstance(java.lang.String,
java.lang.String)}.
- * <p>
- * This property will be ignored if a {@link TrustManagerFactory} has been
- * set directly using {@link #setTrustManagerFactory(TrustManagerFactory)}.
- * <p>
- * If this property isn't set and no {@link TrustManagerFactory} has been
set
- * using {@link #setTrustManagerFactory(TrustManagerFactory)}
- * {@link TrustManagerFactory#getInstance(java.lang.String)} will be used
- * to create the {@link TrustManagerFactory}.
- *
- * @param provider the name of the provider.
- */
- public void setTrustManagerFactoryProvider(String provider) {
- this.trustManagerFactoryProvider = provider;
- }
-
- /**
- * Sets the {@link SecureRandom} to use when initializing the
- * {@link SSLContext}. The JVM's default will be used if this isn't set.
- *
- * @param secureRandom the {@link SecureRandom} or <code>null</code> if the
- * JVM's default should be used.
- * @see SSLContext#init(javax.net.ssl.KeyManager[],
javax.net.ssl.TrustManager[], java.security.SecureRandom)
- */
- public void setSecureRandom(SecureRandom secureRandom) {
- this.secureRandom = secureRandom;
- }
-
- /**
- * Sets the SSLSession cache size for the {@link SSLSessionContext} for
use in client mode.
- *
- * @param size the new session cache size limit; zero means there is no
limit.
- * @see SSLSessionContext#setSessionCacheSize(int size)
- */
- public void setClientSessionCacheSize(int size) {
- this.clientSessionCacheSize = size;
- }
-
- /**
- * Set the SSLSession timeout limit for the {@link SSLSessionContext} for
use in client mode.
- *
- * @param seconds the new session timeout limit in seconds; zero means
there is no limit.
- * @see SSLSessionContext#setSessionTimeout(int seconds)
- */
- public void setClientSessionTimeout(int seconds) {
- this.clientSessionTimeout = seconds;
- }
-
- /**
- * Sets the SSLSession cache size for the {@link SSLSessionContext} for
use in server mode.
- *
- * @param serverSessionCacheSize the new session cache size limit; zero
means there is no limit.
- * @see SSLSessionContext#setSessionCacheSize(int)
- */
- public void setServerSessionCacheSize(int serverSessionCacheSize) {
- this.serverSessionCacheSize = serverSessionCacheSize;
- }
-
- /**
- * Set the SSLSession timeout limit for the {@link SSLSessionContext} for
use in server mode.
- *
- * @param serverSessionTimeout the new session timeout limit in seconds;
zero means there is no limit.
- * @see SSLSessionContext#setSessionTimeout(int)
- */
- public void setServerSessionTimeout(int serverSessionTimeout) {
- this.serverSessionTimeout = serverSessionTimeout;
- }
+ private String provider = null;
+
+ private String protocol = "TLSv1.2";
+
+ private SecureRandom secureRandom = null;
+
+ private KeyStore keyManagerFactoryKeyStore = null;
+
+ private char[] keyManagerFactoryKeyStorePassword = null;
+
+ private KeyManagerFactory keyManagerFactory = null;
+
+ private String keyManagerFactoryAlgorithm = null;
+
+ private String keyManagerFactoryProvider = null;
+
+ private boolean keyManagerFactoryAlgorithmUseDefault = true;
+
+ private KeyStore trustManagerFactoryKeyStore = null;
+
+ private TrustManagerFactory trustManagerFactory = null;
+
+ private String trustManagerFactoryAlgorithm = null;
+
+ private String trustManagerFactoryProvider = null;
+
+ private boolean trustManagerFactoryAlgorithmUseDefault = true;
+
+ private ManagerFactoryParameters trustManagerFactoryParameters = null;
+
+ private int clientSessionCacheSize = -1;
+
+ private int clientSessionTimeout = -1;
+
+ private int serverSessionCacheSize = -1;
+
+ private int serverSessionTimeout = -1;
+
+ /**
+ * Create a new SSLContext instance,using the {@link KeyManagerFactory}
and the
+ * {@link TrustManagerFactory}.
+ *
+ * @return The created instance
+ * @throws Exception If we weren't able to create the SSLContext
insyance
+ */
+ public SSLContext newInstance() throws Exception {
+ KeyManagerFactory kmf = this.keyManagerFactory;
+ TrustManagerFactory tmf = this.trustManagerFactory;
+
+ if (kmf == null) {
+ String algorithm = keyManagerFactoryAlgorithm;
+
+ if (algorithm == null &&
keyManagerFactoryAlgorithmUseDefault) {
+ algorithm =
KeyManagerFactory.getDefaultAlgorithm();
+ }
+
+ if (algorithm != null) {
+ if (keyManagerFactoryProvider == null) {
+ kmf =
KeyManagerFactory.getInstance(algorithm);
+ } else {
+ kmf =
KeyManagerFactory.getInstance(algorithm, keyManagerFactoryProvider);
+ }
+ }
+ }
+
+ if (tmf == null) {
+ String algorithm = trustManagerFactoryAlgorithm;
+
+ if (algorithm == null &&
trustManagerFactoryAlgorithmUseDefault) {
+ algorithm =
TrustManagerFactory.getDefaultAlgorithm();
+ }
+
+ if (algorithm != null) {
+ if (trustManagerFactoryProvider == null) {
+ tmf =
TrustManagerFactory.getInstance(algorithm);
+ } else {
+ tmf =
TrustManagerFactory.getInstance(algorithm, trustManagerFactoryProvider);
+ }
+ }
+ }
+
+ KeyManager[] keyManagers = null;
+
+ if (kmf != null) {
+ kmf.init(keyManagerFactoryKeyStore,
keyManagerFactoryKeyStorePassword);
+ keyManagers = kmf.getKeyManagers();
+ }
+
+ TrustManager[] trustManagers = null;
+
+ if (tmf != null) {
+ if (trustManagerFactoryParameters != null) {
+ tmf.init(trustManagerFactoryParameters);
+ } else {
+ tmf.init(trustManagerFactoryKeyStore);
+ }
+
+ trustManagers = tmf.getTrustManagers();
+ }
+
+ SSLContext context;
+
+ if (provider == null) {
+ context = SSLContext.getInstance(protocol);
+ } else {
+ context = SSLContext.getInstance(protocol, provider);
+ }
+
+ context.init(keyManagers, trustManagers, secureRandom);
+
+ if (clientSessionCacheSize >= 0) {
+
context.getClientSessionContext().setSessionCacheSize(clientSessionCacheSize);
+ }
+
+ if (clientSessionTimeout >= 0) {
+
context.getClientSessionContext().setSessionTimeout(clientSessionTimeout);
+ }
+
+ if (serverSessionCacheSize >= 0) {
+
context.getServerSessionContext().setSessionCacheSize(serverSessionCacheSize);
+ }
+
+ if (serverSessionTimeout >= 0) {
+
context.getServerSessionContext().setSessionTimeout(serverSessionTimeout);
+ }
+
+ return context;
+ }
+
+ /**
+ * Sets the provider of the new {@link SSLContext}. The default value is
+ * <tt>null</tt>, which means the default provider will be used.
+ *
+ * @param provider the name of the {@link SSLContext} provider
+ */
+ public void setProvider(String provider) {
+ this.provider = provider;
+ }
+
+ /**
+ * Sets the protocol to use when creating the {@link SSLContext}. The
default is
+ * <code>TLS</code>.
+ *
+ * @param protocol the name of the protocol.
+ */
+ public void setProtocol(String protocol) {
+ if (protocol == null) {
+ throw new IllegalArgumentException("protocol");
+ }
+
+ this.protocol = protocol;
+ }
+
+ /**
+ * If this is set to <tt>true</tt> while no {@link KeyManagerFactory}
has been
+ * set using {@link #setKeyManagerFactory(KeyManagerFactory)} and no
algorithm
+ * has been set using {@link #setKeyManagerFactoryAlgorithm(String)}
the default
+ * algorithm return by {@link KeyManagerFactory#getDefaultAlgorithm()}
will be
+ * used. The default value of this property is <tt>true</tt>.
+ *
+ * @param useDefault <tt>true</tt> or <tt>false</tt>.
+ */
+ public void setKeyManagerFactoryAlgorithmUseDefault(boolean useDefault)
{
+ this.keyManagerFactoryAlgorithmUseDefault = useDefault;
+ }
+
+ /**
+ * If this is set to <tt>true</tt> while no {@link TrustManagerFactory}
has been
+ * set using {@link #setTrustManagerFactory(TrustManagerFactory)} and no
+ * algorithm has been set using {@link
#setTrustManagerFactoryAlgorithm(String)}
+ * the default algorithm return by
+ * {@link TrustManagerFactory#getDefaultAlgorithm()} will be used. The
default
+ * value of this property is <tt>true</tt>.
+ *
+ * @param useDefault <tt>true</tt> or <tt>false</tt>.
+ */
+ public void setTrustManagerFactoryAlgorithmUseDefault(boolean
useDefault) {
+ this.trustManagerFactoryAlgorithmUseDefault = useDefault;
+ }
+
+ /**
+ * Sets the {@link KeyManagerFactory} to use. If this is set the
properties
+ * which are used by this factory bean to create a {@link
KeyManagerFactory}
+ * will all be ignored.
+ *
+ * @param factory the factory.
+ */
+ public void setKeyManagerFactory(KeyManagerFactory factory) {
+ this.keyManagerFactory = factory;
+ }
+
+ /**
+ * Sets the algorithm to use when creating the {@link
KeyManagerFactory} using
+ * {@link KeyManagerFactory#getInstance(java.lang.String)} or
+ * {@link KeyManagerFactory#getInstance(java.lang.String,
java.lang.String)}.
+ * <p>
+ * This property will be ignored if a {@link KeyManagerFactory} has
been set
+ * directly using {@link #setKeyManagerFactory(KeyManagerFactory)}.
+ * <p>
+ * If this property isn't set while no {@link KeyManagerFactory} has
been set
+ * using {@link #setKeyManagerFactory(KeyManagerFactory)} and
+ * {@link #setKeyManagerFactoryAlgorithmUseDefault(boolean)} has been
set to
+ * <tt>true</tt> the value returned by
+ * {@link KeyManagerFactory#getDefaultAlgorithm()} will be used instead.
+ *
+ * @param algorithm the algorithm to use.
+ */
+ public void setKeyManagerFactoryAlgorithm(String algorithm) {
+ this.keyManagerFactoryAlgorithm = algorithm;
+ }
+
+ /**
+ * Sets the provider to use when creating the {@link KeyManagerFactory}
using
+ * {@link KeyManagerFactory#getInstance(java.lang.String,
java.lang.String)}.
+ * <p>
+ * This property will be ignored if a {@link KeyManagerFactory} has
been set
+ * directly using {@link #setKeyManagerFactory(KeyManagerFactory)}.
+ * <p>
+ * If this property isn't set and no {@link KeyManagerFactory} has been
set
+ * using {@link #setKeyManagerFactory(KeyManagerFactory)}
+ * {@link KeyManagerFactory#getInstance(java.lang.String)} will be used
to
+ * create the {@link KeyManagerFactory}.
+ *
+ * @param provider the name of the provider.
+ */
+ public void setKeyManagerFactoryProvider(String provider) {
+ this.keyManagerFactoryProvider = provider;
+ }
+
+ /**
+ * Sets the {@link KeyStore} which will be used in the call to
+ * {@link KeyManagerFactory#init(java.security.KeyStore, char[])} when
the
+ * {@link SSLContext} is created.
+ *
+ * @param keyStore the key store.
+ */
+ public void setKeyManagerFactoryKeyStore(KeyStore keyStore) {
+ this.keyManagerFactoryKeyStore = keyStore;
+ }
+
+ /**
+ * Sets the password which will be used in the call to
+ * {@link KeyManagerFactory#init(java.security.KeyStore, char[])} when
the
+ * {@link SSLContext} is created.
+ *
+ * @param password the password. Use <code>null</code> to disable
password.
+ */
+ public void setKeyManagerFactoryKeyStorePassword(String password) {
+ if (password != null) {
+ this.keyManagerFactoryKeyStorePassword =
password.toCharArray();
+ } else {
+ this.keyManagerFactoryKeyStorePassword = null;
+ }
+ }
+
+ /**
+ * Sets the {@link TrustManagerFactory} to use. If this is set the
properties
+ * which are used by this factory bean to create a {@link
TrustManagerFactory}
+ * will all be ignored.
+ *
+ * @param factory the factory.
+ */
+ public void setTrustManagerFactory(TrustManagerFactory factory) {
+ this.trustManagerFactory = factory;
+ }
+
+ /**
+ * Sets the algorithm to use when creating the {@link
TrustManagerFactory} using
+ * {@link TrustManagerFactory#getInstance(java.lang.String)} or
+ * {@link TrustManagerFactory#getInstance(java.lang.String,
java.lang.String)}.
+ * <p>
+ * This property will be ignored if a {@link TrustManagerFactory} has
been set
+ * directly using {@link #setTrustManagerFactory(TrustManagerFactory)}.
+ * <p>
+ * If this property isn't set while no {@link TrustManagerFactory} has
been set
+ * using {@link #setTrustManagerFactory(TrustManagerFactory)} and
+ * {@link #setTrustManagerFactoryAlgorithmUseDefault(boolean)} has been
set to
+ * <tt>true</tt> the value returned by
+ * {@link TrustManagerFactory#getDefaultAlgorithm()} will be used
instead.
+ *
+ * @param algorithm the algorithm to use.
+ */
+ public void setTrustManagerFactoryAlgorithm(String algorithm) {
+ this.trustManagerFactoryAlgorithm = algorithm;
+ }
+
+ /**
+ * Sets the {@link KeyStore} which will be used in the call to
+ * {@link TrustManagerFactory#init(java.security.KeyStore)} when the
+ * {@link SSLContext} is created.
+ * <p>
+ * This property will be ignored if {@link ManagerFactoryParameters}
has been
+ * set directly using
+ * {@link #setTrustManagerFactoryParameters(ManagerFactoryParameters)}.
+ *
+ * @param keyStore the key store.
+ */
+ public void setTrustManagerFactoryKeyStore(KeyStore keyStore) {
+ this.trustManagerFactoryKeyStore = keyStore;
+ }
+
+ /**
+ * Sets the {@link ManagerFactoryParameters} which will be used in the
call to
+ * {@link
TrustManagerFactory#init(javax.net.ssl.ManagerFactoryParameters)} when
+ * the {@link SSLContext} is created.
+ *
+ * @param parameters describing provider-specific trust material.
+ */
+ public void setTrustManagerFactoryParameters(ManagerFactoryParameters
parameters) {
+ this.trustManagerFactoryParameters = parameters;
+ }
+
+ /**
+ * Sets the provider to use when creating the {@link
TrustManagerFactory} using
+ * {@link TrustManagerFactory#getInstance(java.lang.String,
java.lang.String)}.
+ * <p>
+ * This property will be ignored if a {@link TrustManagerFactory} has
been set
+ * directly using {@link #setTrustManagerFactory(TrustManagerFactory)}.
+ * <p>
+ * If this property isn't set and no {@link TrustManagerFactory} has
been set
+ * using {@link #setTrustManagerFactory(TrustManagerFactory)}
+ * {@link TrustManagerFactory#getInstance(java.lang.String)} will be
used to
+ * create the {@link TrustManagerFactory}.
+ *
+ * @param provider the name of the provider.
+ */
+ public void setTrustManagerFactoryProvider(String provider) {
+ this.trustManagerFactoryProvider = provider;
+ }
+
+ /**
+ * Sets the {@link SecureRandom} to use when initializing the
+ * {@link SSLContext}. The JVM's default will be used if this isn't set.
+ *
+ * @param secureRandom the {@link SecureRandom} or <code>null</code> if
the
+ * JVM's default should be used.
+ * @see SSLContext#init(javax.net.ssl.KeyManager[],
+ * javax.net.ssl.TrustManager[], java.security.SecureRandom)
+ */
+ public void setSecureRandom(SecureRandom secureRandom) {
+ this.secureRandom = secureRandom;
+ }
+
+ /**
+ * Sets the SSLSession cache size for the {@link SSLSessionContext} for
use in
+ * client mode.
+ *
+ * @param size the new session cache size limit; zero means there is no
limit.
+ * @see SSLSessionContext#setSessionCacheSize(int size)
+ */
+ public void setClientSessionCacheSize(int size) {
+ this.clientSessionCacheSize = size;
+ }
+
+ /**
+ * Set the SSLSession timeout limit for the {@link SSLSessionContext}
for use in
+ * client mode.
+ *
+ * @param seconds the new session timeout limit in seconds; zero means
there is
+ * no limit.
+ * @see SSLSessionContext#setSessionTimeout(int seconds)
+ */
+ public void setClientSessionTimeout(int seconds) {
+ this.clientSessionTimeout = seconds;
+ }
+
+ /**
+ * Sets the SSLSession cache size for the {@link SSLSessionContext} for
use in
+ * server mode.
+ *
+ * @param serverSessionCacheSize the new session cache size limit; zero
means
+ * there is no limit.
+ * @see SSLSessionContext#setSessionCacheSize(int)
+ */
+ public void setServerSessionCacheSize(int serverSessionCacheSize) {
+ this.serverSessionCacheSize = serverSessionCacheSize;
+ }
+
+ /**
+ * Set the SSLSession timeout limit for the {@link SSLSessionContext}
for use in
+ * server mode.
+ *
+ * @param serverSessionTimeout the new session timeout limit in
seconds; zero
+ * means there is no limit.
+ * @see SSLSessionContext#setSessionTimeout(int)
+ */
+ public void setServerSessionTimeout(int serverSessionTimeout) {
+ this.serverSessionTimeout = serverSessionTimeout;
+ }
}
diff --git a/mina-core/src/main/java/org/apache/mina/filter/ssl/SslEvent.java
b/mina-core/src/main/java/org/apache/mina/filter/ssl/SslEvent.java
index 060d313..e1c497d 100644
--- a/mina-core/src/main/java/org/apache/mina/filter/ssl/SslEvent.java
+++ b/mina-core/src/main/java/org/apache/mina/filter/ssl/SslEvent.java
@@ -22,11 +22,11 @@ package org.apache.mina.filter.ssl;
import org.apache.mina.filter.FilterEvent;
/**
- * A SSL event sent by {@link SslFilter} when the session is secured or not
secured.
+ * A SSL event sent by {@link SslFilter} when the session is secured or not
+ * secured.
*
* @author <a href="http://mina.apache.org";>Apache MINA Project</a>
*/
public enum SslEvent implements FilterEvent {
- SECURED,
- UNSECURED
+ SECURED, UNSECURED
}
diff --git
a/mina-core/src/main/java/org/apache/mina/filter/ssl/package-info.java
b/mina-core/src/main/java/org/apache/mina/filter/ssl/package-info.java
index 62cce29..73d622f 100644
--- a/mina-core/src/main/java/org/apache/mina/filter/ssl/package-info.java
+++ b/mina-core/src/main/java/org/apache/mina/filter/ssl/package-info.java
@@ -19,7 +19,8 @@
*/
/**
- * Classes that implement IoFilter and provide Secure Sockets Layer
functionality.
+ * Classes that implement IoFilter and provide Secure Sockets Layer
+ * functionality.
*
* @author <a href="http://mina.apache.org";>Apache MINA Project</a>
*/
