init

java/org/apache/tomcat/util/net/jsse/JSSESSLContext.java

@@ -0,0 +1,110 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.tomcat.util.net.jsse;
+
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.cert.X509Certificate;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.SSLParameters;
+import javax.net.ssl.SSLServerSocketFactory;
+import javax.net.ssl.SSLSessionContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509KeyManager;
+import javax.net.ssl.X509TrustManager;
+
+import org.apache.tomcat.util.net.SSLContext;
+
+class JSSESSLContext implements SSLContext {
+
+    private javax.net.ssl.SSLContext context;
+    private KeyManager[] kms;
+    private TrustManager[] tms;
+
+    JSSESSLContext(String protocol) throws NoSuchAlgorithmException {
+        context = javax.net.ssl.SSLContext.getInstance(protocol);
+    }
+
+    @Override
+    public void init(KeyManager[] kms, TrustManager[] tms, SecureRandom sr)
+            throws KeyManagementException {
+        this.kms = kms;
+        this.tms = tms;
+        context.init(kms, tms, sr);
+    }
+
+    @Override
+    public void destroy() {
+    }
+
+    @Override
+    public SSLSessionContext getServerSessionContext() {
+        return context.getServerSessionContext();
+    }
+
+    @Override
+    public SSLEngine createSSLEngine() {
+        return context.createSSLEngine();
+    }
+
+    @Override
+    public SSLServerSocketFactory getServerSocketFactory() {
+        return context.getServerSocketFactory();
+    }
+
+    @Override
+    public SSLParameters getSupportedSSLParameters() {
+        return context.getSupportedSSLParameters();
+    }
+
+    @Override
+    public X509Certificate[] getCertificateChain(String alias) {
+        X509Certificate[] result = null;
+        if (kms != null) {
+            for (int i = 0; i < kms.length && result == null; i++) {
+                if (kms[i] instanceof X509KeyManager) {
+                    result = ((X509KeyManager) kms[i]).getCertificateChain(alias);
+                }
+            }
+        }
+        return result;
+    }
+
+    @Override
+    public X509Certificate[] getAcceptedIssuers() {
+        Set<X509Certificate> certs = new HashSet<>();
+        if (tms != null) {
+            for (TrustManager tm : tms) {
+                if (tm instanceof X509TrustManager) {
+                    X509Certificate[] accepted = ((X509TrustManager) tm).getAcceptedIssuers();
+                    if (accepted != null) {
+                        for (X509Certificate c : accepted) {
+                            certs.add(c);
+                        }
+                    }
+                }
+            }
+        }
+        return certs.toArray(new X509Certificate[certs.size()]);
+    }
+}