- Revert irrelevant formatting changes
- Rename resource files
  - Add .pem
  - Remove 'netty' from names
This commit is contained in:
Trustin Lee 2014-08-04 10:45:39 -07:00
parent 2b12640960
commit 2506dc778c
5 changed files with 43 additions and 43 deletions

View File

@ -13,8 +13,22 @@
* License for the specific language governing permissions and limitations * License for the specific language governing permissions and limitations
* under the License. * under the License.
*/ */
package io.netty.handler.ssl; package io.netty.handler.ssl;
import io.netty.buffer.ByteBuf;
import io.netty.buffer.ByteBufInputStream;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSessionContext;
import java.io.File; import java.io.File;
import java.io.IOException; import java.io.IOException;
import java.security.InvalidAlgorithmParameterException; import java.security.InvalidAlgorithmParameterException;
@ -32,20 +46,6 @@ import java.util.ArrayList;
import java.util.Collections; import java.util.Collections;
import java.util.List; import java.util.List;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSessionContext;
import io.netty.buffer.ByteBuf;
import io.netty.buffer.ByteBufInputStream;
/** /**
* A server-side {@link SslContext} which uses JDK's SSL/TLS implementation. * A server-side {@link SslContext} which uses JDK's SSL/TLS implementation.
*/ */
@ -69,7 +69,8 @@ public final class JdkSslServerContext extends JdkSslContext {
* *
* @param certChainFile an X.509 certificate chain file in PEM format * @param certChainFile an X.509 certificate chain file in PEM format
* @param keyFile a PKCS#8 private key file in PEM format * @param keyFile a PKCS#8 private key file in PEM format
* @param keyPassword the password of the {@code keyFile}. {@code null} if it's not password-protected. * @param keyPassword the password of the {@code keyFile}.
* {@code null} if it's not password-protected.
*/ */
public JdkSslServerContext(File certChainFile, File keyFile, String keyPassword) throws SSLException { public JdkSslServerContext(File certChainFile, File keyFile, String keyPassword) throws SSLException {
this(certChainFile, keyFile, keyPassword, null, null, 0, 0); this(certChainFile, keyFile, keyPassword, null, null, 0, 0);
@ -80,15 +81,16 @@ public final class JdkSslServerContext extends JdkSslContext {
* *
* @param certChainFile an X.509 certificate chain file in PEM format * @param certChainFile an X.509 certificate chain file in PEM format
* @param keyFile a PKCS#8 private key file in PEM format * @param keyFile a PKCS#8 private key file in PEM format
* @param keyPassword the password of the {@code keyFile}. {@code null} if it's not password-protected. * @param keyPassword the password of the {@code keyFile}.
* @param ciphers the cipher suites to enable, in the order of preference. {@code null} to use the default cipher * {@code null} if it's not password-protected.
* suites. * @param ciphers the cipher suites to enable, in the order of preference.
* @param nextProtocols the application layer protocols to accept, in the order of preference. {@code null} to * {@code null} to use the default cipher suites.
* disable TLS NPN/ALPN extension. * @param nextProtocols the application layer protocols to accept, in the order of preference.
* @param sessionCacheSize the size of the cache used for storing SSL session objects. {@code 0} to use the default * {@code null} to disable TLS NPN/ALPN extension.
* value. * @param sessionCacheSize the size of the cache used for storing SSL session objects.
* @param sessionTimeout the timeout for the cached SSL session objects, in seconds. {@code 0} to use the default * {@code 0} to use the default value.
* value. * @param sessionTimeout the timeout for the cached SSL session objects, in seconds.
* {@code 0} to use the default value.
*/ */
public JdkSslServerContext( public JdkSslServerContext(
File certChainFile, File keyFile, String keyPassword, File certChainFile, File keyFile, String keyPassword,
@ -206,17 +208,20 @@ public final class JdkSslServerContext extends JdkSslContext {
* *
* @param password characters, if {@code null} or empty an unencrypted key is assumed * @param password characters, if {@code null} or empty an unencrypted key is assumed
* @param key bytes of the DER encoded private key * @param key bytes of the DER encoded private key
*
* @return a key specification * @return a key specification
*
* @throws IOException if parsing {@code key} fails * @throws IOException if parsing {@code key} fails
* @throws NoSuchAlgorithmException if the algorithm used to encrypt {@code key} is unkown * @throws NoSuchAlgorithmException if the algorithm used to encrypt {@code key} is unkown
* @throws NoSuchPaddingException if the padding scheme specified in the decryption algorithm is unkown * @throws NoSuchPaddingException if the padding scheme specified in the decryption algorithm is unkown
* @throws InvalidKeySpecException if the decryption key based on {@code password} cannot be generated * @throws InvalidKeySpecException if the decryption key based on {@code password} cannot be generated
* @throws InvalidKeyException if the decryption key based on {@code password} cannot be used to decrypt {@code key} * @throws InvalidKeyException if the decryption key based on {@code password} cannot be used to decrypt
* {@code key}
* @throws InvalidAlgorithmParameterException if decryption algorithm parameters are somehow faulty * @throws InvalidAlgorithmParameterException if decryption algorithm parameters are somehow faulty
*/ */
private static PKCS8EncodedKeySpec generateKeySpec(char[] password, byte[] key) throws IOException, private static PKCS8EncodedKeySpec generateKeySpec(char[] password, byte[] key)
NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException, InvalidKeyException, throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException,
InvalidAlgorithmParameterException { InvalidKeyException, InvalidAlgorithmParameterException {
if (password == null || password.length == 0) { if (password == null || password.length == 0) {
return new PKCS8EncodedKeySpec(key); return new PKCS8EncodedKeySpec(key);

View File

@ -16,32 +16,27 @@
package io.netty.handler.ssl; package io.netty.handler.ssl;
import java.io.File;
import javax.net.ssl.SSLException;
import org.junit.Test; import org.junit.Test;
/** import javax.net.ssl.SSLException;
* Tests for JDK SSL Server Context. import java.io.File;
*/
public class JdkSslServerContextTest { public class JdkSslServerContextTest {
@Test @Test
public void testJdkSslServerWithEncryptedPrivateKey() throws SSLException { public void testJdkSslServerWithEncryptedPrivateKey() throws SSLException {
File keyFile = new File(getClass().getResource("netty_test").getFile()); File keyFile = new File(getClass().getResource("test_encrypted.pem").getFile());
File crtFile = new File(getClass().getResource("netty_test.crt").getFile()); File crtFile = new File(getClass().getResource("test.crt").getFile());
new JdkSslServerContext(crtFile, keyFile, "12345"); new JdkSslServerContext(crtFile, keyFile, "12345");
} }
@Test @Test
public void testJdkSslServerWithUnencryptedPrivateKey() throws SSLException { public void testJdkSslServerWithUnencryptedPrivateKey() throws SSLException {
File keyFile = new File(getClass().getResource("netty_test_unencrypted").getFile()); File keyFile = new File(getClass().getResource("test_unencrypted.pem").getFile());
File crtFile = new File(getClass().getResource("netty_test.crt").getFile()); File crtFile = new File(getClass().getResource("test.crt").getFile());
new JdkSslServerContext(crtFile, keyFile, ""); new JdkSslServerContext(crtFile, keyFile, "");
new JdkSslServerContext(crtFile, keyFile, null); new JdkSslServerContext(crtFile, keyFile, null);
} }
} }