/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.tomcat.util.net.jsse;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.apache.tomcat.util.net.SSLContext;
class JSSESSLContext implements SSLContext {
private javax.net.ssl.SSLContext context;
private KeyManager[] kms;
private TrustManager[] tms;
JSSESSLContext(String protocol) throws NoSuchAlgorithmException {
context = javax.net.ssl.SSLContext.getInstance(protocol);
}
@Override
public void init(KeyManager[] kms, TrustManager[] tms, SecureRandom sr)
throws KeyManagementException {
this.kms = kms;
this.tms = tms;
context.init(kms, tms, sr);
}
@Override
public void destroy() {
}
@Override
public SSLSessionContext getServerSessionContext() {
return context.getServerSessionContext();
}
@Override
public SSLEngine createSSLEngine() {
return context.createSSLEngine();
}
@Override
public SSLServerSocketFactory getServerSocketFactory() {
return context.getServerSocketFactory();
}
@Override
public SSLParameters getSupportedSSLParameters() {
return context.getSupportedSSLParameters();
}
@Override
public X509Certificate[] getCertificateChain(String alias) {
X509Certificate[] result = null;
if (kms != null) {
for (int i = 0; i < kms.length && result == null; i++) {
if (kms[i] instanceof X509KeyManager) {
result = ((X509KeyManager) kms[i]).getCertificateChain(alias);
}
}
}
return result;
}
@Override
public X509Certificate[] getAcceptedIssuers() {
Set<X509Certificate> certs = new HashSet<>();
if (tms != null) {
for (TrustManager tm : tms) {
if (tm instanceof X509TrustManager) {
X509Certificate[] accepted = ((X509TrustManager) tm).getAcceptedIssuers();
if (accepted != null) {
certs.addAll(Arrays.asList(accepted));
}
}
}
}
return certs.toArray(new X509Certificate[0]);
}
}