/**
* Creates trust managers using the receiver's trust store configuration.
*
* @param context context for status messages
* @return an array of trust managers or {@code null} if no trust store configuration was provided
* @throws NoSuchProviderException if a provider specified for one of the trust manager components
* is not known to the platform
* @throws NoSuchAlgorithmException if an algorithm specified for one of the trust manager
* components is not known to the relevant provider
* @throws KeyStoreException if an error occurs in reading a key store containing trust anchors
*/
private TrustManager[] createTrustManagers(ContextAware context)
throws NoSuchProviderException, NoSuchAlgorithmException, KeyStoreException {
if (getTrustStore() == null) return null;
KeyStore trustStore = getTrustStore().createKeyStore();
context.addInfo(
"trust store of type '"
+ trustStore.getType()
+ "' provider '"
+ trustStore.getProvider()
+ "': "
+ getTrustStore().getLocation());
TrustManagerFactory tmf = getTrustManagerFactory().createTrustManagerFactory();
context.addInfo(
"trust manager algorithm '"
+ tmf.getAlgorithm()
+ "' provider '"
+ tmf.getProvider()
+ "'");
tmf.init(trustStore);
return tmf.getTrustManagers();
}
private SecureRandom createSecureRandom(ContextAware context)
throws NoSuchProviderException, NoSuchAlgorithmException {
SecureRandom secureRandom = getSecureRandom().createSecureRandom();
context.addInfo(
"secure random algorithm '"
+ secureRandom.getAlgorithm()
+ "' provider '"
+ secureRandom.getProvider()
+ "'");
return secureRandom;
}
/**
* Creates key managers using the receiver's key store configuration.
*
* @param context context for status messages
* @return an array of key managers or {@code null} if no key store configuration was provided
* @throws NoSuchProviderException if a provider specified for one of the key manager components
* is not known to the platform
* @throws NoSuchAlgorithmException if an algorithm specified for one of the key manager
* components is not known to the relevant provider
* @throws KeyStoreException if an error occurs in reading a key store
*/
private KeyManager[] createKeyManagers(ContextAware context)
throws NoSuchProviderException, NoSuchAlgorithmException, UnrecoverableKeyException,
KeyStoreException {
if (getKeyStore() == null) return null;
KeyStore keyStore = getKeyStore().createKeyStore();
context.addInfo(
"key store of type '"
+ keyStore.getType()
+ "' provider '"
+ keyStore.getProvider()
+ "': "
+ getKeyStore().getLocation());
KeyManagerFactory kmf = getKeyManagerFactory().createKeyManagerFactory();
context.addInfo(
"key manager algorithm '" + kmf.getAlgorithm() + "' provider '" + kmf.getProvider() + "'");
char[] passphrase = getKeyStore().getPassword().toCharArray();
kmf.init(keyStore, passphrase);
return kmf.getKeyManagers();
}
/**
* Creates a new {@link SSLContext} using the receiver's configuration.
*
* @param context context for status messages
* @return {@link SSLContext} object
* @throws NoSuchProviderException if a provider specified for one of the JCA or JSSE components
* utilized in creating the context is not known to the platform
* @throws NoSuchAlgorithmException if a JCA or JSSE algorithm, protocol, or type name specified
* for one of the context's components is not known to a given provider (or platform default
* provider for the component)
* @throws KeyManagementException if an error occurs in creating a {@link KeyManager} for the
* context
* @throws UnrecoverableKeyException if a private key needed by a {@link KeyManager} cannot be
* obtained from a key store
* @throws KeyStoreException if an error occurs in reading the contents of a key store
* @throws CertificateException if an error occurs in reading the contents of a certificate
*/
public SSLContext createContext(ContextAware context)
throws NoSuchProviderException, NoSuchAlgorithmException, KeyManagementException,
UnrecoverableKeyException, KeyStoreException, CertificateException {
SSLContext sslContext =
getProvider() != null
? SSLContext.getInstance(getProtocol(), getProvider())
: SSLContext.getInstance(getProtocol());
context.addInfo(
"SSL protocol '"
+ sslContext.getProtocol()
+ "' provider '"
+ sslContext.getProvider()
+ "'");
KeyManager[] keyManagers = createKeyManagers(context);
TrustManager[] trustManagers = createTrustManagers(context);
SecureRandom secureRandom = createSecureRandom(context);
sslContext.init(keyManagers, trustManagers, secureRandom);
return sslContext;
}
