Browse Source

Use KeyStoreLocator in CertificateManager.

Closes #664
pull/672/head
Chris Smith 8 years ago
parent
commit
c30a2756fb
1 changed files with 13 additions and 15 deletions
  1. 13
    15
      src/com/dmdirc/tls/CertificateManager.java

+ 13
- 15
src/com/dmdirc/tls/CertificateManager.java View File

29
 import com.dmdirc.interfaces.config.AggregateConfigProvider;
29
 import com.dmdirc.interfaces.config.AggregateConfigProvider;
30
 import com.dmdirc.interfaces.config.ConfigProvider;
30
 import com.dmdirc.interfaces.config.ConfigProvider;
31
 
31
 
32
-import java.io.File;
33
 import java.io.FileInputStream;
32
 import java.io.FileInputStream;
34
 import java.io.FileNotFoundException;
33
 import java.io.FileNotFoundException;
35
 import java.io.IOException;
34
 import java.io.IOException;
37
 import java.security.InvalidAlgorithmParameterException;
36
 import java.security.InvalidAlgorithmParameterException;
38
 import java.security.KeyStore;
37
 import java.security.KeyStore;
39
 import java.security.KeyStoreException;
38
 import java.security.KeyStoreException;
40
-import java.security.NoSuchAlgorithmException;
41
 import java.security.cert.CertificateException;
39
 import java.security.cert.CertificateException;
42
 import java.security.cert.CertificateParsingException;
40
 import java.security.cert.CertificateParsingException;
43
 import java.security.cert.PKIXParameters;
41
 import java.security.cert.PKIXParameters;
101
     private X509Certificate[] chain;
99
     private X509Certificate[] chain;
102
     /** The user settings to write to. */
100
     /** The user settings to write to. */
103
     private final ConfigProvider userSettings;
101
     private final ConfigProvider userSettings;
102
+    /** Locator to use to find a system keystore. */
103
+    private final KeyStoreLocator keyStoreLocator;
104
 
104
 
105
     /**
105
     /**
106
      * Creates a new certificate manager for a client connecting to the specified server.
106
      * Creates a new certificate manager for a client connecting to the specified server.
124
         this.checkHost = config.getOptionBool("ssl", "checkhost");
124
         this.checkHost = config.getOptionBool("ssl", "checkhost");
125
         this.userSettings = userSettings;
125
         this.userSettings = userSettings;
126
         this.eventBus = eventBus;
126
         this.eventBus = eventBus;
127
+        this.keyStoreLocator = new KeyStoreLocator();
127
 
128
 
128
         loadTrustedCAs();
129
         loadTrustedCAs();
129
     }
130
     }
131
     /**
132
     /**
132
      * Loads the trusted CA certificates from the Java cacerts store.
133
      * Loads the trusted CA certificates from the Java cacerts store.
133
      */
134
      */
134
-    protected void loadTrustedCAs() {
135
-        final String filename = System.getProperty("java.home")
136
-                + "/lib/security/cacerts".replace('/', File.separatorChar);
137
-        try (FileInputStream is = new FileInputStream(filename)) {
138
-            final KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
139
-            keystore.load(is, null);
140
-
141
-            final PKIXParameters params = new PKIXParameters(keystore);
142
-            globalTrustedCAs
143
-                    .addAll(params.getTrustAnchors().stream().map(TrustAnchor::getTrustedCert)
144
-                            .collect(Collectors.toList()));
145
-        } catch (CertificateException | IOException | InvalidAlgorithmParameterException |
146
-                KeyStoreException | NoSuchAlgorithmException ex) {
135
+    private void loadTrustedCAs() {
136
+        try {
137
+            final KeyStore keyStore = keyStoreLocator.getKeyStore();
138
+            if (keyStore != null) {
139
+                final PKIXParameters params = new PKIXParameters(keyStore);
140
+                globalTrustedCAs.addAll(params.getTrustAnchors().stream()
141
+                        .map(TrustAnchor::getTrustedCert)
142
+                        .collect(Collectors.toList()));
143
+            }
144
+        } catch (InvalidAlgorithmParameterException | KeyStoreException ex) {
147
             LOG.warn(USER_ERROR, "Unable to load trusted certificates", ex);
145
             LOG.warn(USER_ERROR, "Unable to load trusted certificates", ex);
148
         }
146
         }
149
     }
147
     }

Loading…
Cancel
Save