Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id AE6F28B86 for ; Wed, 10 Aug 2011 20:00:49 +0000 (UTC) Received: (qmail 69462 invoked by uid 500); 10 Aug 2011 20:00:49 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 69348 invoked by uid 500); 10 Aug 2011 20:00:48 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 69341 invoked by uid 99); 10 Aug 2011 20:00:48 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 10 Aug 2011 20:00:48 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 10 Aug 2011 20:00:46 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 972FD2388A9B for ; Wed, 10 Aug 2011 20:00:27 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1156344 - in /cxf/branches/2.4.x-fixes: ./ rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/TLSParameterJaxBUtils.java Date: Wed, 10 Aug 2011 20:00:27 -0000 To: commits@cxf.apache.org From: dkulp@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20110810200027.972FD2388A9B@eris.apache.org> Author: dkulp Date: Wed Aug 10 20:00:27 2011 New Revision: 1156344 URL: http://svn.apache.org/viewvc?rev=1156344&view=rev Log: Merged revisions 1156343 via svnmerge from https://svn.apache.org/repos/asf/cxf/trunk ........ r1156343 | dkulp | 2011-08-10 15:59:20 -0400 (Wed, 10 Aug 2011) | 2 lines [CXF-3729] Allow use keystores with empty file/url/resource. Patch from Sergey Zhemzhitsky applied ........ Modified: cxf/branches/2.4.x-fixes/ (props changed) cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/TLSParameterJaxBUtils.java Propchange: cxf/branches/2.4.x-fixes/ ------------------------------------------------------------------------------ Binary property 'svnmerge-integrated' - no diff available. Modified: cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/TLSParameterJaxBUtils.java URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/TLSParameterJaxBUtils.java?rev=1156344&r1=1156343&r2=1156344&view=diff ============================================================================== --- cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/TLSParameterJaxBUtils.java (original) +++ cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/TLSParameterJaxBUtils.java Wed Aug 10 20:00:27 2011 @@ -47,13 +47,13 @@ import org.apache.cxf.configuration.secu import org.apache.cxf.configuration.security.TrustManagersType; /** - * This class provides some functionality to convert the JAXB + * This class provides some functionality to convert the JAXB * generated types in the security.xsd to the items needed * to programatically configure the HTTPConduit and HTTPDestination * with TLSClientParameters and TLSServerParameters respectively. */ public final class TLSParameterJaxBUtils { - + private static final Logger LOG = LogUtils.getL7dLogger(TLSParameterJaxBUtils.class); @@ -69,14 +69,14 @@ public final class TLSParameterJaxBUtils SecureRandom secureRandom = null; if (secureRandomParams != null) { - String secureRandomAlg = + String secureRandomAlg = secureRandomParams.getAlgorithm(); String randomProvider = secureRandomParams.getProvider(); if (randomProvider != null) { secureRandom = secureRandomAlg != null ? SecureRandom.getInstance( - secureRandomAlg, + secureRandomAlg, randomProvider) : null; } else { @@ -94,14 +94,14 @@ public final class TLSParameterJaxBUtils public static KeyStore getKeyStore(KeyStoreType kst) throws GeneralSecurityException, IOException { - + if (kst == null) { return null; } String type = kst.isSetType() ? kst.getType() : KeyStore.getDefaultType(); - + char[] password = kst.isSetPassword() ? kst.getPassword().toCharArray() : null; @@ -109,37 +109,33 @@ public final class TLSParameterJaxBUtils KeyStore keyStore = !kst.isSetProvider() ? KeyStore.getInstance(type) : KeyStore.getInstance(type, kst.getProvider()); - - if (!"PKCS11".equals(type)) { - if (kst.isSetFile()) { - keyStore.load(new FileInputStream(kst.getFile()), password); - } - if (kst.isSetResource()) { - final java.io.InputStream is = - ClassLoaderUtils.getResourceAsStream(kst.getResource(), kst.getClass()); - if (is == null) { - final String msg = - "Could not load keystore resource " + kst.getResource(); - LOG.severe(msg); - throw new java.io.IOException(msg); - } - keyStore.load(is, password); - } - if (kst.isSetUrl()) { - keyStore.load(new URL(kst.getUrl()).openStream(), password); + + if (kst.isSetFile()) { + keyStore.load(new FileInputStream(kst.getFile()), password); + } else if (kst.isSetResource()) { + final java.io.InputStream is = + ClassLoaderUtils.getResourceAsStream(kst.getResource(), kst.getClass()); + if (is == null) { + final String msg = + "Could not load keystore resource " + kst.getResource(); + LOG.severe(msg); + throw new java.io.IOException(msg); } + keyStore.load(is, password); + } else if (kst.isSetUrl()) { + keyStore.load(new URL(kst.getUrl()).openStream(), password); } else { keyStore.load(null, password); } return keyStore; } - + /** * This method converts a JAXB generated CertStoreType into a KeyStore. */ public static KeyStore getKeyStore(final CertStoreType pst) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException { - + if (pst == null) { return null; } @@ -164,80 +160,80 @@ public final class TLSParameterJaxBUtils // TODO error? return null; } - + /** * Create a KeyStore containing the trusted CA certificates contained * in the supplied input stream. */ private static KeyStore createTrustStore(final java.io.InputStream is) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException { - + final Collection certs = loadCertificates(is); - final KeyStore keyStore = + final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null, null); for (Certificate cert : certs) { final X509Certificate xcert = (X509Certificate) cert; keyStore.setCertificateEntry( - xcert.getSubjectX500Principal().getName(), + xcert.getSubjectX500Principal().getName(), cert ); } return keyStore; } - + /** * load the certificates as X.509 certificates */ - private static Collection + private static Collection loadCertificates(final java.io.InputStream is) throws IOException, CertificateException { - + final CertificateFactory factory = CertificateFactory.getInstance("X.509"); return factory.generateCertificates(is); } /** - * This method converts the JAXB KeyManagersType into a list of + * This method converts the JAXB KeyManagersType into a list of * JSSE KeyManagers. */ - public static KeyManager[] getKeyManagers(KeyManagersType kmc) + public static KeyManager[] getKeyManagers(KeyManagersType kmc) throws GeneralSecurityException, IOException { - + KeyStore keyStore = getKeyStore(kmc.getKeyStore()); - + if (keyStore == null) { return null; } - - String alg = kmc.isSetFactoryAlgorithm() + + String alg = kmc.isSetFactoryAlgorithm() ? kmc.getFactoryAlgorithm() : KeyManagerFactory.getDefaultAlgorithm(); - + char[] keyPass = kmc.isSetKeyPassword() ? kmc.getKeyPassword().toCharArray() : null; - - KeyManagerFactory fac = + + KeyManagerFactory fac = kmc.isSetProvider() ? KeyManagerFactory.getInstance(alg, kmc.getProvider()) : KeyManagerFactory.getInstance(alg); - + fac.init(keyStore, keyPass); - + return fac.getKeyManagers(); } /** - * This method converts the JAXB KeyManagersType into a list of + * This method converts the JAXB KeyManagersType into a list of * JSSE TrustManagers. */ - public static TrustManager[] getTrustManagers(TrustManagersType tmc) + public static TrustManager[] getTrustManagers(TrustManagersType tmc) throws GeneralSecurityException, IOException { - - final KeyStore keyStore = + + final KeyStore keyStore = tmc.isSetKeyStore() ? getKeyStore(tmc.getKeyStore()) : (tmc.isSetCertStore() @@ -246,18 +242,18 @@ public final class TLSParameterJaxBUtils if (keyStore == null) { return null; } - + String alg = tmc.isSetFactoryAlgorithm() ? tmc.getFactoryAlgorithm() : KeyManagerFactory.getDefaultAlgorithm(); - - TrustManagerFactory fac = + + TrustManagerFactory fac = tmc.isSetProvider() ? TrustManagerFactory.getInstance(alg, tmc.getProvider()) : TrustManagerFactory.getInstance(alg); - + fac.init(keyStore); - + return fac.getTrustManagers(); } }