package org.bouncycastle.est.jcajce;


import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;

import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509TrustManager;

A basic builder to allow configuration of an SSLContext used to create an SSLSocketFactory.
/** * A basic builder to allow configuration of an SSLContext used to create an SSLSocketFactory. */
class SSLSocketFactoryCreatorBuilder { protected String tlsVersion = "TLS"; protected Provider tlsProvider; protected KeyManager[] keyManagers; protected X509TrustManager[] trustManagers; protected SecureRandom secureRandom = new SecureRandom(); public SSLSocketFactoryCreatorBuilder(X509TrustManager trustManager) { if (trustManager == null) { throw new NullPointerException("Trust managers can not be null"); } this.trustManagers = new X509TrustManager[]{trustManager}; } public SSLSocketFactoryCreatorBuilder(X509TrustManager[] trustManagers) { if (trustManagers == null) { throw new NullPointerException("Trust managers can not be null"); } this.trustManagers = trustManagers; } public SSLSocketFactoryCreatorBuilder withTLSVersion(String tlsVersion) { this.tlsVersion = tlsVersion; return this; } public SSLSocketFactoryCreatorBuilder withSecureRandom(SecureRandom secureRandom) { this.secureRandom = secureRandom; return this; }
Configure this builder to use the provider with the passed in name.
Params:
  • tlsProviderName – the name JSSE Provider to use.
Throws:
Returns:the current builder instance.
/** * Configure this builder to use the provider with the passed in name. * * @param tlsProviderName the name JSSE Provider to use. * @return the current builder instance. * @throws NoSuchProviderException if the specified provider does not exist. */
public SSLSocketFactoryCreatorBuilder withProvider(String tlsProviderName) throws NoSuchProviderException { this.tlsProvider = Security.getProvider(tlsProviderName); if (this.tlsProvider == null) { throw new NoSuchProviderException("JSSE provider not found: " + tlsProviderName); } return this; }
Configure this builder to use the passed in provider.
Params:
  • tlsProvider – the JSSE Provider to use.
Returns:the current builder instance.
/** * Configure this builder to use the passed in provider. * * @param tlsProvider the JSSE Provider to use. * @return the current builder instance. */
public SSLSocketFactoryCreatorBuilder withProvider(Provider tlsProvider) { this.tlsProvider = tlsProvider; return this; } public SSLSocketFactoryCreatorBuilder withKeyManager(KeyManager keyManager) { if (keyManager == null) { this.keyManagers = null; } else { this.keyManagers = new KeyManager[]{keyManager}; } return this; } public SSLSocketFactoryCreatorBuilder withKeyManagers(KeyManager[] keyManagers) { this.keyManagers = keyManagers; return this; } public SSLSocketFactoryCreator build() { return new SSLSocketFactoryCreator() { public boolean isTrusted() { for (int i = 0; i != trustManagers.length; i++) { X509TrustManager tm = trustManagers[i]; if (tm.getAcceptedIssuers().length > 0) { return true; } } return false; } public SSLSocketFactory createFactory() throws NoSuchAlgorithmException, NoSuchProviderException, KeyManagementException { SSLContext ctx; if (tlsProvider != null) { ctx = SSLContext.getInstance(tlsVersion, tlsProvider); } else { ctx = SSLContext.getInstance(tlsVersion); } ctx.init(keyManagers, trustManagers, secureRandom); return ctx.getSocketFactory(); } }; } }