external-software/github_OpenIdentityPlatform_OpenDJ.git

parent: 4a0d4ef8 | patch | commit | ignore whitespace

Violette Roche-Montane

05.02.2014 942124d7038c11d0a4c292e02e8a4899b351fd91

Minor code cleanup.

2 files modified

	opendj3-server-dev/src/ads/org/opends/admin/ads/util/ApplicationKeyManager.java	60 ●●●●● patch \| view \| raw \| blame \| history
	opendj3-server-dev/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java	84 ●●●●● patch \| view \| raw \| blame \| history

 opendj3-server-dev/src/ads/org/opends/admin/ads/util/ApplicationKeyManager.java

@@ -59,7 +59,7 @@
 * it cannot be retrieved this class will only accept the certificates
 * explicitly accepted by the user (and specified by calling acceptCertificate).
 *
 * NOTE: this class is not aimed to be used when we have connections in paralel.
 * NOTE: this class is not aimed to be used when we have connections in parallel.
 */
public class ApplicationKeyManager implements X509KeyManager
{
@@ -86,28 +86,24 @@
    //Handle IBM specific cases if the user did not specify a algorithm and/or
    //provider.
    if(userSpecifiedAlgo == null && Platform.isVendor("IBM"))
    {
      userSpecifiedAlgo = "IbmX509";
    }
    if(userSpecifiedProvider == null && Platform.isVendor("IBM"))
    {
      userSpecifiedProvider = "IBMJSSE2";
    }

    // Have some fallbacks to choose the provider and algorith of the key
    // manager.  First see if the user wanted to use something specific,
    // then try with the SunJSSE provider and SunX509 algorithm. Finally,
    // fallback to the default algorithm of the JVM.
    String[] preferredProvider =
    {
        userSpecifiedProvider,
        "SunJSSE",
        null,
        null
    };
        { userSpecifiedProvider, "SunJSSE", null, null };
    String[] preferredAlgo =
    {
        userSpecifiedAlgo,
        "SunX509",
        "SunX509",
        TrustManagerFactory.getDefaultAlgorithm()
    };
        { userSpecifiedAlgo, "SunX509", "SunX509",
          TrustManagerFactory.getDefaultAlgorithm() };

    for (int i=0; i<preferredProvider.length && keyManager == null; i++)
    {
      String provider = preferredProvider[i];
@@ -145,25 +141,25 @@
      catch (NoSuchAlgorithmException e)
      {
        // Nothing to do. Maybe we should avoid this and be strict, but we are
        // in a best effor mode.
        // in a best effort mode.
        logger.warn(LocalizableMessage.raw("Error with the algorithm", e));
      }
      catch (KeyStoreException e)
      {
        // Nothing to do. Maybe we should avoid this and be strict, but we are
        // in a best effor mode..
        // in a best effort mode.
        logger.warn(LocalizableMessage.raw("Error with the keystore", e));
      }
      catch (UnrecoverableKeyException e)
      {
        // Nothing to do. Maybe we should avoid this and be strict, but we are
        // in a best effor mode.
        // in a best effort mode.
        logger.warn(LocalizableMessage.raw("Error with the key", e));
      }
      catch (NoSuchProviderException e)
      {
        // Nothing to do. Maybe we should avoid this and be strict, but we are
        // in a best effor mode.
        // in a best effort mode.
        logger.warn(LocalizableMessage.raw("Error with the provider", e));
      }
    }
@@ -195,10 +191,7 @@
    {
      return keyManager.chooseClientAlias(keyType, issuers, socket);
    }
    else
    {
      return null ;
    }
    return null;
  }

  /**
@@ -226,10 +219,7 @@
    {
      return keyManager.chooseServerAlias(keyType, issuers, socket);
    }
    else
    {
      return null;
    }
    return null;
  }

  /**
@@ -247,10 +237,7 @@
    {
      return keyManager.getCertificateChain(alias);
    }
    else
    {
      return null;
    }
    return null;
  }

  /**
@@ -272,10 +259,7 @@
    {
      return keyManager.getClientAliases(keyType, issuers);
    }
    else
    {
      return null;
    }
    return null;
  }

  /**
@@ -291,10 +275,7 @@
    {
      return keyManager.getPrivateKey(alias);
    }
    else
    {
      return null;
    }
    return null;
  }

  /**
@@ -316,9 +297,6 @@
    {
      return keyManager.getServerAliases(keyType, issuers);
    }
    else
    {
      return null;
    }
    return null;
  }
}

 opendj3-server-dev/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java

@@ -86,7 +86,7 @@
  private Cause lastRefusedCause = null;
  private KeyStore keystore = null;

  /*
  /**
   * The following ArrayList contain information about the certificates
   * explicitly accepted by the user.
   */
@@ -115,28 +115,24 @@
    //Handle IBM specific cases if the user did not specify a algorithm and/or
    //provider.
    if(userSpecifiedAlgo == null && Platform.isVendor("IBM"))
    {
      userSpecifiedAlgo = "IbmX509";
    }
    if(userSpecifiedProvider == null && Platform.isVendor("IBM"))
    {
      userSpecifiedProvider = "IBMJSSE2";
    }

    // Have some fallbacks to choose the provider and algorith of the key
    // manager.  First see if the user wanted to use something specific,
    // then try with the SunJSSE provider and SunX509 algorithm. Finally,
    // fallback to the default algorithm of the JVM.
    String[] preferredProvider =
    {
        userSpecifiedProvider,
        "SunJSSE",
        null,
        null
    };
        { userSpecifiedProvider, "SunJSSE", null, null };
    String[] preferredAlgo =
    {
        userSpecifiedAlgo,
        "SunX509",
        "SunX509",
        TrustManagerFactory.getDefaultAlgorithm()
    };
        { userSpecifiedAlgo, "SunX509", "SunX509",
          TrustManagerFactory.getDefaultAlgorithm() };

      for (int i=0; i<preferredProvider.length && trustManager == null; i++)
      {
        String provider = preferredProvider[i];
@@ -181,9 +177,7 @@
      }
  }

  /**
   * {@inheritDoc}
   */
  /** {@inheritDoc} */
  public void checkClientTrusted(X509Certificate[] chain, String authType)
  throws CertificateException
  {
@@ -210,13 +204,7 @@
    }
    catch (CertificateException ce)
    {
      lastRefusedChain = chain;
      lastRefusedAuthType = authType;
      lastRefusedCause = Cause.NOT_TRUSTED;
      OpendsCertificateException e = new OpendsCertificateException(
          chain);
      e.initCause(ce);
      throw e;
      manageException(chain, authType, ce, Cause.NOT_TRUSTED);
    }

    if (!explicitlyAccepted)
@@ -227,20 +215,12 @@
      }
      catch (CertificateException ce)
      {
        lastRefusedChain = chain;
        lastRefusedAuthType = authType;
        lastRefusedCause = Cause.HOST_NAME_MISMATCH;
        OpendsCertificateException e = new OpendsCertificateException(
            chain);
        e.initCause(ce);
        throw e;
        manageException(chain, authType, ce, Cause.HOST_NAME_MISMATCH);
      }
    }
  }

  /**
   * {@inheritDoc}
   */
  /** {@inheritDoc} */
  public void checkServerTrusted(X509Certificate[] chain,
      String authType) throws CertificateException
  {
@@ -267,12 +247,7 @@
    }
    catch (CertificateException ce)
    {
      lastRefusedChain = chain;
      lastRefusedAuthType = authType;
      lastRefusedCause = Cause.NOT_TRUSTED;
      OpendsCertificateException e = new OpendsCertificateException(chain);
      e.initCause(ce);
      throw e;
      manageException(chain, authType, ce, Cause.NOT_TRUSTED);
    }

    if (!explicitlyAccepted)
@@ -283,30 +258,31 @@
      }
      catch (CertificateException ce)
      {
        lastRefusedChain = chain;
        lastRefusedAuthType = authType;
        lastRefusedCause = Cause.HOST_NAME_MISMATCH;
        OpendsCertificateException e = new OpendsCertificateException(
            chain);
        e.initCause(ce);
        throw e;
        manageException(chain, authType, ce, Cause.HOST_NAME_MISMATCH);
      }
    }
  }

  /**
   * {@inheritDoc}
   */
  private void manageException(final X509Certificate[] chain,
      final String authType, final CertificateException ce, final Cause cause)
      throws OpendsCertificateException
  {
    lastRefusedChain = chain;
    lastRefusedAuthType = authType;
    lastRefusedCause = cause;
    final OpendsCertificateException e = new OpendsCertificateException(chain);
    e.initCause(ce);
    throw e;
  }

  /** {@inheritDoc} */
  public X509Certificate[] getAcceptedIssuers()
  {
    if (trustManager != null)
    {
      return trustManager.getAcceptedIssuers();
    }
    else
    {
      return new X509Certificate[0];
    }
    return new X509Certificate[0];
  }

  /**
@@ -506,7 +482,7 @@
    boolean hostMatch = h1.length == h2.length;
    for (int i=0; i<h1.length && hostMatch; i++)
    {
      if (!h1[i].equals("*") && !h2[i].equals("*"))
      if (!"*".equals(h1[i]) && !"*".equals(h2[i]))
      {
        hostMatch = h1[i].equalsIgnoreCase(h2[i]);
      }

			@@ -59,7 +59,7 @@
			* it cannot be retrieved this class will only accept the certificates
			* explicitly accepted by the user (and specified by calling acceptCertificate).
			*
			* NOTE: this class is not aimed to be used when we have connections in paralel.
			* NOTE: this class is not aimed to be used when we have connections in parallel.
			*/
			public class ApplicationKeyManager implements X509KeyManager
			{
			@@ -86,28 +86,24 @@
			//Handle IBM specific cases if the user did not specify a algorithm and/or
			//provider.
			if(userSpecifiedAlgo == null && Platform.isVendor("IBM"))
			{
			userSpecifiedAlgo = "IbmX509";
			}
			if(userSpecifiedProvider == null && Platform.isVendor("IBM"))
			{
			userSpecifiedProvider = "IBMJSSE2";
			}

			// Have some fallbacks to choose the provider and algorith of the key
			// manager. First see if the user wanted to use something specific,
			// then try with the SunJSSE provider and SunX509 algorithm. Finally,
			// fallback to the default algorithm of the JVM.
			String[] preferredProvider =
			{
			userSpecifiedProvider,
			"SunJSSE",
			null,
			null
			};
			{ userSpecifiedProvider, "SunJSSE", null, null };
			String[] preferredAlgo =
			{
			userSpecifiedAlgo,
			"SunX509",
			"SunX509",
			TrustManagerFactory.getDefaultAlgorithm()
			};
			{ userSpecifiedAlgo, "SunX509", "SunX509",
			TrustManagerFactory.getDefaultAlgorithm() };

			for (int i=0; i<preferredProvider.length && keyManager == null; i++)
			{
			String provider = preferredProvider[i];
			@@ -145,25 +141,25 @@
			catch (NoSuchAlgorithmException e)
			{
			// Nothing to do. Maybe we should avoid this and be strict, but we are
			// in a best effor mode.
			// in a best effort mode.
			logger.warn(LocalizableMessage.raw("Error with the algorithm", e));
			}
			catch (KeyStoreException e)
			{
			// Nothing to do. Maybe we should avoid this and be strict, but we are
			// in a best effor mode..
			// in a best effort mode.
			logger.warn(LocalizableMessage.raw("Error with the keystore", e));
			}
			catch (UnrecoverableKeyException e)
			{
			// Nothing to do. Maybe we should avoid this and be strict, but we are
			// in a best effor mode.
			// in a best effort mode.
			logger.warn(LocalizableMessage.raw("Error with the key", e));
			}
			catch (NoSuchProviderException e)
			{
			// Nothing to do. Maybe we should avoid this and be strict, but we are
			// in a best effor mode.
			// in a best effort mode.
			logger.warn(LocalizableMessage.raw("Error with the provider", e));
			}
			}
			@@ -195,10 +191,7 @@
			{
			return keyManager.chooseClientAlias(keyType, issuers, socket);
			}
			else
			{
			return null ;
			}
			return null;
			}

			/**
			@@ -226,10 +219,7 @@
			{
			return keyManager.chooseServerAlias(keyType, issuers, socket);
			}
			else
			{
			return null;
			}
			return null;
			}

			/**
			@@ -247,10 +237,7 @@
			{
			return keyManager.getCertificateChain(alias);
			}
			else
			{
			return null;
			}
			return null;
			}

			/**
			@@ -272,10 +259,7 @@
			{
			return keyManager.getClientAliases(keyType, issuers);
			}
			else
			{
			return null;
			}
			return null;
			}

			/**
			@@ -291,10 +275,7 @@
			{
			return keyManager.getPrivateKey(alias);
			}
			else
			{
			return null;
			}
			return null;
			}

			/**
			@@ -316,9 +297,6 @@
			{
			return keyManager.getServerAliases(keyType, issuers);
			}
			else
			{
			return null;
			}
			return null;
			}
			}

			@@ -86,7 +86,7 @@
			private Cause lastRefusedCause = null;
			private KeyStore keystore = null;

			/*
			/**
			* The following ArrayList contain information about the certificates
			* explicitly accepted by the user.
			*/
			@@ -115,28 +115,24 @@
			//Handle IBM specific cases if the user did not specify a algorithm and/or
			//provider.
			if(userSpecifiedAlgo == null && Platform.isVendor("IBM"))
			{
			userSpecifiedAlgo = "IbmX509";
			}
			if(userSpecifiedProvider == null && Platform.isVendor("IBM"))
			{
			userSpecifiedProvider = "IBMJSSE2";
			}

			// Have some fallbacks to choose the provider and algorith of the key
			// manager. First see if the user wanted to use something specific,
			// then try with the SunJSSE provider and SunX509 algorithm. Finally,
			// fallback to the default algorithm of the JVM.
			String[] preferredProvider =
			{
			userSpecifiedProvider,
			"SunJSSE",
			null,
			null
			};
			{ userSpecifiedProvider, "SunJSSE", null, null };
			String[] preferredAlgo =
			{
			userSpecifiedAlgo,
			"SunX509",
			"SunX509",
			TrustManagerFactory.getDefaultAlgorithm()
			};
			{ userSpecifiedAlgo, "SunX509", "SunX509",
			TrustManagerFactory.getDefaultAlgorithm() };

			for (int i=0; i<preferredProvider.length && trustManager == null; i++)
			{
			String provider = preferredProvider[i];
			@@ -181,9 +177,7 @@
			}
			}

			/**
			* {@inheritDoc}
			*/
			/** {@inheritDoc} */
			public void checkClientTrusted(X509Certificate[] chain, String authType)
			throws CertificateException
			{
			@@ -210,13 +204,7 @@
			}
			catch (CertificateException ce)
			{
			lastRefusedChain = chain;
			lastRefusedAuthType = authType;
			lastRefusedCause = Cause.NOT_TRUSTED;
			OpendsCertificateException e = new OpendsCertificateException(
			chain);
			e.initCause(ce);
			throw e;
			manageException(chain, authType, ce, Cause.NOT_TRUSTED);
			}

			if (!explicitlyAccepted)
			@@ -227,20 +215,12 @@
			}
			catch (CertificateException ce)
			{
			lastRefusedChain = chain;
			lastRefusedAuthType = authType;
			lastRefusedCause = Cause.HOST_NAME_MISMATCH;
			OpendsCertificateException e = new OpendsCertificateException(
			chain);
			e.initCause(ce);
			throw e;
			manageException(chain, authType, ce, Cause.HOST_NAME_MISMATCH);
			}
			}
			}

			/**
			* {@inheritDoc}
			*/
			/** {@inheritDoc} */
			public void checkServerTrusted(X509Certificate[] chain,
			String authType) throws CertificateException
			{
			@@ -267,12 +247,7 @@
			}
			catch (CertificateException ce)
			{
			lastRefusedChain = chain;
			lastRefusedAuthType = authType;
			lastRefusedCause = Cause.NOT_TRUSTED;
			OpendsCertificateException e = new OpendsCertificateException(chain);
			e.initCause(ce);
			throw e;
			manageException(chain, authType, ce, Cause.NOT_TRUSTED);
			}

			if (!explicitlyAccepted)
			@@ -283,30 +258,31 @@
			}
			catch (CertificateException ce)
			{
			lastRefusedChain = chain;
			lastRefusedAuthType = authType;
			lastRefusedCause = Cause.HOST_NAME_MISMATCH;
			OpendsCertificateException e = new OpendsCertificateException(
			chain);
			e.initCause(ce);
			throw e;
			manageException(chain, authType, ce, Cause.HOST_NAME_MISMATCH);
			}
			}
			}

			/**
			* {@inheritDoc}
			*/
			private void manageException(final X509Certificate[] chain,
			final String authType, final CertificateException ce, final Cause cause)
			throws OpendsCertificateException
			{
			lastRefusedChain = chain;
			lastRefusedAuthType = authType;
			lastRefusedCause = cause;
			final OpendsCertificateException e = new OpendsCertificateException(chain);
			e.initCause(ce);
			throw e;
			}

			/** {@inheritDoc} */
			public X509Certificate[] getAcceptedIssuers()
			{
			if (trustManager != null)
			{
			return trustManager.getAcceptedIssuers();
			}
			else
			{
			return new X509Certificate[0];
			}
			return new X509Certificate[0];
			}

			/**
			@@ -506,7 +482,7 @@
			boolean hostMatch = h1.length == h2.length;
			for (int i=0; i<h1.length && hostMatch; i++)
			{
			if (!h1[i].equals("") && !h2[i].equals(""))
			if (!"".equals(h1[i]) && !"".equals(h2[i]))
			{
			hostMatch = h1[i].equalsIgnoreCase(h2[i]);
			}