Skip to content

Commit 9a1343a

Browse files
authored
Merge pull request #9 from MobileID-Strong-Authentication/dev-sslcontext-cfg
Dev sslcontext cfg #8
2 parents 70498b6 + 2b9509b commit 9a1343a

10 files changed

Lines changed: 26 additions & 3 deletions

File tree

README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -106,6 +106,7 @@ tls.setKeyStoreKeyPassword("secret");
106106
tls.setKeyStoreCertificateAlias("mid-cert");
107107
tls.setTrustStoreFile("truststore.jks");
108108
tls.setTrustStorePassword("secret");
109+
tls.setSslContext("SSLv3");
109110

110111
HttpConfiguration http = config.getHttp();
111112
http.setConnectionTimeoutInMs(20 * 1000);

docs/configure-the-client.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -99,6 +99,7 @@ tls.setKeyStoreKeyPassword("secret");
9999
tls.setKeyStoreCertificateAlias("mid-cert");
100100
tls.setTrustStoreFile("truststore.jks");
101101
tls.setTrustStorePassword("secret");
102+
tls.setSslContext("SSLv3");
102103

103104
HttpConfiguration http = config.getHttp();
104105
http.setConnectionTimeoutInMs(20 * 1000);

docs/use-the-client-programmatically.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -70,6 +70,7 @@ tls.setKeyStoreKeyPassword("secret");
7070
tls.setKeyStoreCertificateAlias("mid-cert");
7171
tls.setTrustStoreFile("truststore.jks");
7272
tls.setTrustStorePassword("secret");
73+
tls.setSslContext("SSLv3");
7374

7475
HttpConfiguration http = config.getHttp();
7576
http.setConnectionTimeoutInMs(20 * 1000);

docs/version-history.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,8 @@
11
# Version history
22

3+
# v1.5.3
4+
Add support for sslContext configuration for mid-java-client-soap via sslContext property in TlsConfiguration instance.
5+
36
# v1.5.2
47
Update most of the libraries to their latest versions. Fix two vulnerabilities reported by Dependabot for the Jackson Databind libraries.
58

mid-java-client-core/src/main/java/ch/swisscom/mid/client/config/TlsConfiguration.java

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,7 @@ public class TlsConfiguration {
4242

4343
private boolean hostnameVerification = true;
4444

45+
private String sslContext;
4546
// ----------------------------------------------------------------------------------------------------
4647

4748
public String getKeyStoreFile() {
@@ -148,6 +149,14 @@ public void setHostnameVerification(boolean hostnameVerification) {
148149
this.hostnameVerification = hostnameVerification;
149150
}
150151

152+
public String getSslContext() {
153+
return sslContext;
154+
}
155+
156+
public void setSslContext(String sslContext) {
157+
this.sslContext = sslContext;
158+
}
159+
151160
// ----------------------------------------------------------------------------------------------------
152161

153162
public void validateYourself() {

mid-java-client-rest/src/main/java/ch/swisscom/mid/client/rest/model/signresp/ServiceResponse.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ public class ServiceResponse {
1414

1515
@JsonProperty("Description")
1616
private String description;
17+
1718
@JsonProperty("Geofencing")
1819
private Geofencing geofencing;
1920

mid-java-client-soap/src/main/java/ch/swisscom/mid/client/soap/MssServiceFactory.java

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -187,9 +187,14 @@ private SSLSocketFactory produceAnSslSocketFactory(ClientConfiguration config) {
187187
logTlsConfiguration(tlsConfig);
188188

189189
try {
190-
SSLContext sslContext = SSLContext.getInstance("SSLv3");
191-
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
190+
SSLContext sslContext;
191+
if (tlsConfig.getSslContext() == null) {
192+
sslContext = SSLContext.getInstance("Default");
193+
} else {
194+
sslContext = SSLContext.getInstance(tlsConfig.getSslContext());
195+
}
192196

197+
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
193198
keyManagerFactory.init(produceAKeyStore(tlsConfig), tlsConfig.getKeyStoreKeyPassword().toCharArray());
194199
KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
195200

mid-java-client-soap/src/test/java/ch/swisscom/mid/client/soap/TestSupport.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,7 @@ public static ClientConfiguration buildConfig() {
5353
tls.setTrustStoreBytes(fileToBytes("/empty-store.jks"));
5454
tls.setTrustStorePassword("secret");
5555
tls.setHostnameVerification(false);
56-
56+
tls.setSslContext("SSLv3");
5757
HttpConfiguration http = config.getHttp();
5858
http.setConnectionTimeoutInMs(2 * 1000);
5959
http.setResponseTimeoutInMs(2 * 1000);

mid-java-client-usage/src/main/java/ch/swisscom/mid/client/cli/Cli.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -125,6 +125,7 @@ public static void main(String[] args) {
125125
tls.setKeyStorePassword(properties.getProperty("client.keyStore.password"));
126126
tls.setKeyStoreKeyPassword(properties.getProperty("client.keyStore.keyPassword"));
127127
tls.setKeyStoreCertificateAlias(properties.getProperty("client.keyStore.certAlias"));
128+
tls.setSslContext(properties.getProperty("client.tls.sslContext"));
128129
tls.setTrustStoreFile(properties.getProperty("server.trustStore.file"));
129130
tls.setTrustStorePassword(properties.getProperty("server.trustStore.password"));
130131
tls.setHostnameVerification(Boolean.parseBoolean(properties.getProperty("server.hostnameVerification")));

mid-java-client-usage/src/main/resources/cli-files/config-sample.properties

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ client.keyStore.file=keystore.jks
55
client.keyStore.password=secret
66
client.keyStore.keyPassword=secret
77
client.keyStore.certAlias=my-cert-alias
8+
client.tls.sslContext=SSLv3
89
# --
910
client.http.connectionTimeoutInSeconds=20
1011
client.http.responseTimeoutInSeconds=100

0 commit comments

Comments
 (0)