hc-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ol...@apache.org
Subject svn commit: r1469333 - in /httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl: SSLContextBuilder.java SSLContexts.java SSLSocketFactory.java
Date Thu, 18 Apr 2013 14:04:05 GMT
Author: olegk
Date: Thu Apr 18 14:04:04 2013
New Revision: 1469333

URL: http://svn.apache.org/r1469333
Log:
HTTPCLIENT-1343: deprecated SSLSocketFactory overloaded constructors in favor of SSLContextBuilder

Added:
    httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLContextBuilder.java
  (with props)
Modified:
    httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLContexts.java
    httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java

Added: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLContextBuilder.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLContextBuilder.java?rev=1469333&view=auto
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLContextBuilder.java
(added)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLContextBuilder.java
Thu Apr 18 14:04:04 2013
@@ -0,0 +1,127 @@
+/*
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.conn.ssl;
+
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.UnrecoverableKeyException;
+
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.X509TrustManager;
+
+import org.apache.http.annotation.NotThreadSafe;
+
+/**
+ * Builder for {@link SSLContext} instances.
+ *
+ * @since 4.3
+ */
+@NotThreadSafe
+public class SSLContextBuilder {
+
+    static final String TLS   = "TLS";
+    static final String SSL   = "SSL";
+
+    private String protocol;
+    private KeyManager[] keymanagers;
+    private TrustManager[] trustmanagers;
+    private SecureRandom secureRandom;
+
+    public SSLContextBuilder useTLS() {
+        this.protocol = TLS;
+        return this;
+    }
+
+    public SSLContextBuilder useSSL() {
+        this.protocol = SSL;
+        return this;
+    }
+
+    public SSLContextBuilder useProtocol(final String protocol) {
+        this.protocol = protocol;
+        return this;
+    }
+
+    public SSLContextBuilder loadTrustMaterial(
+            final KeyStore truststore,
+            final char[] truststorePassword,
+            final TrustStrategy trustStrategy) throws NoSuchAlgorithmException, KeyStoreException
{
+        final TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(
+                TrustManagerFactory.getDefaultAlgorithm());
+        tmfactory.init(truststore);
+        final TrustManager[] trustmanagers = tmfactory.getTrustManagers();
+        if (trustmanagers != null && trustStrategy != null) {
+            for (int i = 0; i < trustmanagers.length; i++) {
+                final TrustManager tm = trustmanagers[i];
+                if (tm instanceof X509TrustManager) {
+                    trustmanagers[i] = new TrustManagerDecorator(
+                            (X509TrustManager) tm, trustStrategy);
+                }
+            }
+        }
+        this.trustmanagers = trustmanagers;
+        return this;
+    }
+
+    public SSLContextBuilder loadTrustMaterial(
+            final KeyStore truststore,
+            final TrustStrategy trustStrategy) throws NoSuchAlgorithmException, KeyStoreException
{
+        return loadTrustMaterial(truststore, null, trustStrategy);
+    }
+
+    public SSLContextBuilder loadTrustMaterial(
+            final KeyStore truststore) throws NoSuchAlgorithmException, KeyStoreException
{
+        return loadTrustMaterial(truststore, null, null);
+    }
+
+    public SSLContextBuilder loadKeyMaterial(
+            final KeyStore keystore,
+            final char[] keystorePassword)
+                throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException
{
+        final KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(
+                KeyManagerFactory.getDefaultAlgorithm());
+        kmfactory.init(keystore, keystorePassword);
+        this.keymanagers =  kmfactory.getKeyManagers();
+        return this;
+    }
+
+    public SSLContext build() throws NoSuchAlgorithmException, KeyManagementException {
+        final SSLContext sslcontext = SSLContext.getInstance(
+                this.protocol != null ? this.protocol : TLS);
+        sslcontext.init(keymanagers, trustmanagers, secureRandom);
+        return sslcontext;
+    }
+
+}

Propchange: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLContextBuilder.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLContextBuilder.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLContextBuilder.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLContexts.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLContexts.java?rev=1469333&r1=1469332&r2=1469333&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLContexts.java
(original)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLContexts.java
Thu Apr 18 14:04:04 2013
@@ -51,7 +51,7 @@ public class SSLContexts {
      */
     public static final SSLContext createDefault() throws SSLInitializationException {
         try {
-            final SSLContext sslcontext = SSLContext.getInstance("TLS");
+            final SSLContext sslcontext = SSLContext.getInstance(SSLContextBuilder.TLS);
             sslcontext.init(null, null, null);
             return sslcontext;
         } catch (final NoSuchAlgorithmException ex) {
@@ -78,4 +78,13 @@ public class SSLContexts {
         }
     }
 
+    /**
+     * Creates custom SSL context.
+     *
+     * @return default system SSL context
+     */
+    public static final SSLContextBuilder custom() {
+        return new SSLContextBuilder();
+    }
+
 }

Modified: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java?rev=1469333&r1=1469332&r2=1469333&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
(original)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
Thu Apr 18 14:04:04 2013
@@ -40,13 +40,8 @@ import java.security.NoSuchAlgorithmExce
 import java.security.SecureRandom;
 import java.security.UnrecoverableKeyException;
 
-import javax.net.ssl.KeyManager;
-import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSocket;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.TrustManagerFactory;
-import javax.net.ssl.X509TrustManager;
 
 import org.apache.http.HttpHost;
 import org.apache.http.annotation.ThreadSafe;
@@ -187,59 +182,8 @@ public class SSLSocketFactory implements
     // TODO: make final
     private volatile X509HostnameVerifier hostnameVerifier;
 
-    private static SSLContext createSSLContext(
-            String algorithm,
-            final KeyStore keystore,
-            final char[] keystorePassword,
-            final KeyStore truststore,
-            final SecureRandom random,
-            final TrustStrategy trustStrategy)
-                throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException,
KeyManagementException {
-        if (algorithm == null) {
-            algorithm = TLS;
-        }
-        final KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(
-                KeyManagerFactory.getDefaultAlgorithm());
-        kmfactory.init(keystore, keystorePassword);
-        final KeyManager[] keymanagers =  kmfactory.getKeyManagers();
-        final TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(
-                TrustManagerFactory.getDefaultAlgorithm());
-        tmfactory.init(truststore);
-        final TrustManager[] trustmanagers = tmfactory.getTrustManagers();
-        if (trustmanagers != null && trustStrategy != null) {
-            for (int i = 0; i < trustmanagers.length; i++) {
-                final TrustManager tm = trustmanagers[i];
-                if (tm instanceof X509TrustManager) {
-                    trustmanagers[i] = new TrustManagerDecorator(
-                            (X509TrustManager) tm, trustStrategy);
-                }
-            }
-        }
-
-        final SSLContext sslcontext = SSLContext.getInstance(algorithm);
-        sslcontext.init(keymanagers, trustmanagers, random);
-        return sslcontext;
-    }
-
-    /**
-     * @since 4.3
-     */
-    public SSLSocketFactory(
-            final String algorithm,
-            final KeyStore keystore,
-            final char[] keystorePassword,
-            final KeyStore truststore,
-            final SecureRandom random,
-            final TrustStrategy trustStrategy,
-            final X509HostnameVerifier hostnameVerifier)
-                throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException,
UnrecoverableKeyException {
-        this(createSSLContext(algorithm, keystore, keystorePassword, truststore, random,
trustStrategy),
-                hostnameVerifier);
-    }
-
     /**
-     * @deprecated (4.1) Use {@link #SSLSocketFactory(String, KeyStore, char[], KeyStore,
-     *   SecureRandom, X509HostnameVerifier)}
+     * @deprecated (4.1) Use {@link SSLContextBuilder} and {@link #SSLSocketFactory(SSLContext))}.
      */
     @Deprecated
     public SSLSocketFactory(
@@ -250,16 +194,19 @@ public class SSLSocketFactory implements
             final SecureRandom random,
             final HostNameResolver nameResolver)
                 throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException,
UnrecoverableKeyException {
-        this(createSSLContext(
-                algorithm, keystore, keystorePassword != null ? keystorePassword.toCharArray()
: null,
-                        truststore, random, null), nameResolver);
+        this(SSLContexts.custom()
+                .useProtocol(algorithm)
+                .loadKeyMaterial(keystore, keystorePassword != null ? keystorePassword.toCharArray()
: null)
+                .loadTrustMaterial(truststore)
+                .build(),
+                nameResolver);
     }
 
     /**
      * @since 4.1
      *
-     * @deprecated (4.3) Use {@link SSLSocketFactory#SSLSocketFactory(String, KeyStore, char[],
-     *   KeyStore, SecureRandom, TrustStrategy, X509HostnameVerifier)}
+     * @deprecated (4.3) Use {@link SSLContextBuilder} and {@link #SSLSocketFactory(SSLContext,
+     *   X509HostnameVerifier)))}
      */
     @Deprecated
     public SSLSocketFactory(
@@ -271,16 +218,19 @@ public class SSLSocketFactory implements
             final TrustStrategy trustStrategy,
             final X509HostnameVerifier hostnameVerifier)
                 throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException,
UnrecoverableKeyException {
-        this(createSSLContext(
-                algorithm, keystore, keystorePassword != null ? keystorePassword.toCharArray()
: null,
-                        truststore, random, trustStrategy), hostnameVerifier);
+        this(SSLContexts.custom()
+                .useProtocol(algorithm)
+                .loadKeyMaterial(keystore, keystorePassword != null ? keystorePassword.toCharArray()
: null)
+                .loadTrustMaterial(truststore, trustStrategy)
+                .build(),
+                hostnameVerifier);
     }
 
     /**
      * @since 4.1
      *
-     * @deprecated (4.3) Use {@link SSLSocketFactory#SSLSocketFactory(String, KeyStore, char[],
-     *   KeyStore, SecureRandom, X509HostnameVerifier)}
+     * @deprecated (4.3) Use {@link SSLContextBuilder} and {@link #SSLSocketFactory(SSLContext,
+     *   X509HostnameVerifier)))}
      */
     @Deprecated
     public SSLSocketFactory(
@@ -291,28 +241,16 @@ public class SSLSocketFactory implements
             final SecureRandom random,
             final X509HostnameVerifier hostnameVerifier)
                 throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException,
UnrecoverableKeyException {
-        this(createSSLContext(
-                algorithm, keystore, keystorePassword != null ? keystorePassword.toCharArray()
: null,
-                        truststore, random, null), hostnameVerifier);
-    }
-
-    /**
-     * @since 4.3
-     */
-    public SSLSocketFactory(
-            final String algorithm,
-            final KeyStore keystore,
-            final char[] keystorePassword,
-            final KeyStore truststore,
-            final SecureRandom random,
-            final X509HostnameVerifier hostnameVerifier)
-                throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException,
UnrecoverableKeyException {
-        this(createSSLContext(algorithm, keystore, keystorePassword, truststore, random,
null),
+        this(SSLContexts.custom()
+                .useProtocol(algorithm)
+                .loadKeyMaterial(keystore, keystorePassword != null ? keystorePassword.toCharArray()
: null)
+                .loadTrustMaterial(truststore)
+                .build(),
                 hostnameVerifier);
     }
 
     /**
-     * @deprecated (4.3) Use {@link SSLSocketFactory#SSLSocketFactory(KeyStore, char[], KeyStore)}
+     * @deprecated (4.3) Use {@link SSLContextBuilder} and {@link #SSLSocketFactory(SSLContext)))}
      */
     @Deprecated
     public SSLSocketFactory(
@@ -320,69 +258,69 @@ public class SSLSocketFactory implements
             final String keystorePassword,
             final KeyStore truststore)
                 throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException,
UnrecoverableKeyException {
-        this(TLS, keystore, keystorePassword, truststore, null, null, BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
-    }
-
-    /**
-     * @since 4.3
-     */
-    public SSLSocketFactory(
-            final KeyStore keystore,
-            final char[] keystorePassword,
-            final KeyStore truststore)
-                throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException,
UnrecoverableKeyException{
-        this(createSSLContext(TLS, keystore, keystorePassword, truststore, null, null),
+        this(SSLContexts.custom()
+                .loadKeyMaterial(keystore, keystorePassword != null ? keystorePassword.toCharArray()
: null)
+                .loadTrustMaterial(truststore)
+                .build(),
                 BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
     }
 
     /**
-     * @deprecated (4.3) Use {@link SSLSocketFactory#SSLSocketFactory(KeyStore, char[])}
+     * @deprecated (4.3) Use {@link SSLContextBuilder} and {@link #SSLSocketFactory(SSLContext)))}
      */
     @Deprecated
     public SSLSocketFactory(
             final KeyStore keystore,
             final String keystorePassword)
                 throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException,
UnrecoverableKeyException{
-        this(createSSLContext(TLS, keystore, keystorePassword != null ? keystorePassword.toCharArray()
: null,
-                null, null, null),
+        this(SSLContexts.custom()
+                .loadKeyMaterial(keystore, keystorePassword != null ? keystorePassword.toCharArray()
: null)
+                .build(),
                 BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
     }
 
     /**
-     * @since 4.3
+     * @deprecated (4.3) Use {@link SSLContextBuilder} and {@link #SSLSocketFactory(SSLContext)))}
      */
-    public SSLSocketFactory(
-            final KeyStore keystore,
-            final char[] keystorePassword)
-                throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException,
UnrecoverableKeyException{
-        this(createSSLContext(TLS, keystore, keystorePassword, null, null, null),
-                BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
-    }
-
+    @Deprecated
     public SSLSocketFactory(
             final KeyStore truststore)
                 throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException,
UnrecoverableKeyException {
-        this(createSSLContext(TLS, null, null, truststore, null, null),
+        this(SSLContexts.custom()
+                .loadTrustMaterial(truststore)
+                .build(),
                 BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
     }
 
     /**
      * @since 4.1
+     *
+     * @deprecated (4.3) Use {@link SSLContextBuilder} and {@link #SSLSocketFactory(SSLContext,
X509HostnameVerifier))))}
      */
+    @Deprecated
     public SSLSocketFactory(
             final TrustStrategy trustStrategy,
             final X509HostnameVerifier hostnameVerifier)
                 throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException,
UnrecoverableKeyException {
-        this(createSSLContext(TLS, null, null, null, null, trustStrategy), hostnameVerifier);
+        this(SSLContexts.custom()
+                .loadTrustMaterial(null, null, trustStrategy)
+                .build(),
+                hostnameVerifier);
     }
 
     /**
      * @since 4.1
+     *
+     * @deprecated (4.3) Use {@link SSLContextBuilder} and {@link #SSLSocketFactory(SSLContext))))}
      */
+    @Deprecated
     public SSLSocketFactory(
             final TrustStrategy trustStrategy)
                 throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException,
UnrecoverableKeyException {
-        this(createSSLContext(TLS, null, null, null, null, trustStrategy), BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
+        this(SSLContexts.custom()
+                .loadTrustMaterial(null, null, trustStrategy)
+                .build(),
+                BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
     }
 
     public SSLSocketFactory(final SSLContext sslContext) {



Mime
View raw message