This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new a33f0a19cb Remove KeyStoreUtil as it is no longer required.
a33f0a19cb is described below
commit a33f0a19cb052b96e5162512e0e254fd97bfd9ea
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Sep 13 20:14:09 2023 +0100
Remove KeyStoreUtil as it is no longer required.
The JRE bug that this class worked around is:
https://bugs.openjdk.java.net/browse/JDK-8157404
This bug is not present in any version of Java 13 onwards. Since the
minimum Java version is now Java 21, this class can be removed.
---
java/org/apache/tomcat/util/net/SSLUtilBase.java | 3 +-
.../apache/tomcat/util/security/KeyStoreUtil.java | 72 ----------------------
.../websocket/TestWebSocketFrameClientSSL.java | 5 +-
.../websocket/TestWsWebSocketContainerSSL.java | 3 +-
4 files changed, 4 insertions(+), 79 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/SSLUtilBase.java
b/java/org/apache/tomcat/util/net/SSLUtilBase.java
index e0bd30c1e1..6976718a69 100644
--- a/java/org/apache/tomcat/util/net/SSLUtilBase.java
+++ b/java/org/apache/tomcat/util/net/SSLUtilBase.java
@@ -60,7 +60,6 @@ import org.apache.tomcat.util.file.ConfigFileLoader;
import org.apache.tomcat.util.net.jsse.JSSEKeyManager;
import org.apache.tomcat.util.net.jsse.PEMFile;
import org.apache.tomcat.util.res.StringManager;
-import org.apache.tomcat.util.security.KeyStoreUtil;
/**
* Common base class for {@link SSLUtil} implementations.
@@ -222,7 +221,7 @@ public abstract class SSLUtilBase implements SSLUtil {
"JKS".equalsIgnoreCase(type) ||
"PKCS12".equalsIgnoreCase(type))) {
storePass = pass.toCharArray();
}
- KeyStoreUtil.load(ks, istream, storePass);
+ ks.load(istream, storePass);
}
} catch (IOException ioe) {
// May be expected when working with a trust store
diff --git a/java/org/apache/tomcat/util/security/KeyStoreUtil.java
b/java/org/apache/tomcat/util/security/KeyStoreUtil.java
deleted file mode 100644
index 862ef22967..0000000000
--- a/java/org/apache/tomcat/util/security/KeyStoreUtil.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.tomcat.util.security;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.KeyStore;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.CertificateException;
-
-public class KeyStoreUtil {
-
- private KeyStoreUtil() {
- // Utility class
- }
-
- /**
- * Loads a KeyStore from an InputStream working around the known JDK bug
- * https://bugs.openjdk.java.net/browse/JDK-8157404.
- *
- * This code can be removed once the minimum Java version for Tomcat is 13.
- *
- *
- * @param keystore The KeyStore to load from the InputStream
- * @param is The InputStream to use to populate the KeyStore
- * @param storePass The password to access the KeyStore
- *
- * @throws IOException
- * If an I/O occurs reading from the given InputStream
- * @throws CertificateException
- * If one or more certificates can't be loaded into the
- * KeyStore
- * @throws NoSuchAlgorithmException
- * If the algorithm specified to validate the integrity of the
- * KeyStore cannot be found
- */
- public static void load(KeyStore keystore, InputStream is, char[]
storePass)
- throws NoSuchAlgorithmException, CertificateException, IOException
{
- if (keystore.getType().equals("PKCS12")) {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- byte[] buf = new byte[8192];
- int numRead;
- while ((numRead = is.read(buf)) >= 0) {
- baos.write(buf, 0, numRead);
- }
- baos.close();
- // Don't close is. That remains the callers responsibility.
-
- ByteArrayInputStream bais = new
ByteArrayInputStream(baos.toByteArray());
-
- keystore.load(bais, storePass);
- } else {
- keystore.load(is, storePass);
- }
- }
-}
diff --git a/test/org/apache/tomcat/websocket/TestWebSocketFrameClientSSL.java
b/test/org/apache/tomcat/websocket/TestWebSocketFrameClientSSL.java
index 5eae78a1bc..20d491c606 100644
--- a/test/org/apache/tomcat/websocket/TestWebSocketFrameClientSSL.java
+++ b/test/org/apache/tomcat/websocket/TestWebSocketFrameClientSSL.java
@@ -50,7 +50,6 @@ import org.apache.catalina.core.StandardServer;
import org.apache.catalina.servlets.DefaultServlet;
import org.apache.catalina.startup.Tomcat;
import org.apache.tomcat.util.net.TesterSupport;
-import org.apache.tomcat.util.security.KeyStoreUtil;
import org.apache.tomcat.websocket.TesterMessageCountClient.BasicText;
import org.apache.tomcat.websocket.TesterMessageCountClient.SleepingText;
import
org.apache.tomcat.websocket.TesterMessageCountClient.TesterProgrammaticEndpoint;
@@ -98,7 +97,7 @@ public class TestWebSocketFrameClientSSL extends
WebSocketBaseTest {
File trustStoreFile = new File(TesterSupport.CA_JKS);
KeyStore ks = KeyStore.getInstance("JKS");
try (InputStream is = new FileInputStream(trustStoreFile)) {
- KeyStoreUtil.load(ks, is, TesterSupport.JKS_PASS.toCharArray());
+ ks.load(is, TesterSupport.JKS_PASS.toCharArray());
}
TrustManagerFactory tmf =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ks);
@@ -146,7 +145,7 @@ public class TestWebSocketFrameClientSSL extends
WebSocketBaseTest {
File trustStoreFile = new File(TesterSupport.CA_JKS);
KeyStore ks = KeyStore.getInstance("JKS");
try (InputStream is = new FileInputStream(trustStoreFile)) {
- KeyStoreUtil.load(ks, is, TesterSupport.JKS_PASS.toCharArray());
+ ks.load(is, TesterSupport.JKS_PASS.toCharArray());
}
TrustManagerFactory tmf =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ks);
diff --git a/test/org/apache/tomcat/websocket/TestWsWebSocketContainerSSL.java
b/test/org/apache/tomcat/websocket/TestWsWebSocketContainerSSL.java
index 1a9f6e50fb..3023246f25 100644
--- a/test/org/apache/tomcat/websocket/TestWsWebSocketContainerSSL.java
+++ b/test/org/apache/tomcat/websocket/TestWsWebSocketContainerSSL.java
@@ -49,7 +49,6 @@ import org.apache.catalina.core.StandardServer;
import org.apache.catalina.servlets.DefaultServlet;
import org.apache.catalina.startup.Tomcat;
import org.apache.tomcat.util.net.TesterSupport;
-import org.apache.tomcat.util.security.KeyStoreUtil;
import org.apache.tomcat.websocket.TesterMessageCountClient.BasicText;
import
org.apache.tomcat.websocket.TesterMessageCountClient.TesterProgrammaticEndpoint;
@@ -99,7 +98,7 @@ public class TestWsWebSocketContainerSSL extends
WebSocketBaseTest {
File trustStoreFile = new File(TesterSupport.CA_JKS);
KeyStore ks = KeyStore.getInstance("JKS");
try (InputStream is = new FileInputStream(trustStoreFile)) {
- KeyStoreUtil.load(ks, is, TesterSupport.JKS_PASS.toCharArray());
+ ks.load(is, TesterSupport.JKS_PASS.toCharArray());
}
TrustManagerFactory tmf =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ks);
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
