From 7dbfe7a8d3ced19b6b15278f22bac0d24b0638dd Mon Sep 17 00:00:00 2001 From: Rob Bygrave Date: Fri, 22 Aug 2025 11:49:12 +1200 Subject: [PATCH] Remove unnecessary public modifier - Remove unnecessary public modifier - private fields - Remove some whitespace --- .../java/io/avaje/jex/ssl/DSslPlugin.java | 7 ++----- .../java/io/avaje/jex/ssl/DTrustConfig.java | 14 ++++--------- .../java/io/avaje/jex/ssl/KeyStoreUtil.java | 15 ++----------- .../io/avaje/jex/ssl/SSLConfigurator.java | 21 +++++-------------- .../main/java/io/avaje/jex/ssl/SslConfig.java | 5 ++--- .../io/avaje/jex/ssl/SslConfigException.java | 3 +++ .../java/io/avaje/jex/ssl/TrustConfig.java | 3 +-- 7 files changed, 19 insertions(+), 49 deletions(-) diff --git a/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/DSslPlugin.java b/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/DSslPlugin.java index 43362663..10c8253f 100644 --- a/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/DSslPlugin.java +++ b/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/DSslPlugin.java @@ -8,19 +8,16 @@ final class DSslPlugin implements SslPlugin { - final HttpsConfigurator sslConfigurator; + private final HttpsConfigurator sslConfigurator; DSslPlugin(Consumer consumer) { - final var config = new DSslConfig(); - consumer.accept(config); - sslConfigurator = SSLConfigurator.create(config); + this.sslConfigurator = SSLConfigurator.create(config); } @Override public void apply(Jex jex) { - jex.config().httpsConfig(sslConfigurator); } } diff --git a/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/DTrustConfig.java b/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/DTrustConfig.java index 53850c1b..644a361b 100644 --- a/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/DTrustConfig.java +++ b/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/DTrustConfig.java @@ -26,9 +26,7 @@ public TrustConfig certificateFromClasspath(String certificateFile) { @Override public TrustConfig certificateFromInputStream(InputStream certificateInputStream) { - certificates.addAll(KeyStoreUtil.parseCertificates(certificateInputStream)); - return this; } @@ -42,11 +40,11 @@ public TrustConfig certificateFromPath(String certificatePath) { return this; } - public List certificates() { + List certificates() { return certificates; } - public List keyStores() { + List keyStores() { return keyStores; } @@ -62,12 +60,8 @@ public TrustConfig trustStoreFromClasspath(String trustStoreFile, String trustSt } @Override - public TrustConfig trustStoreFromInputStream( - InputStream trustStoreInputStream, String trustStorePassword) { - - keyStores.add( - KeyStoreUtil.loadKeyStore(trustStoreInputStream, trustStorePassword.toCharArray())); - + public TrustConfig trustStoreFromInputStream(InputStream trustStoreInputStream, String trustStorePassword) { + keyStores.add(KeyStoreUtil.loadKeyStore(trustStoreInputStream, trustStorePassword.toCharArray())); return this; } diff --git a/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/KeyStoreUtil.java b/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/KeyStoreUtil.java index 7ca94661..2fe32d6e 100644 --- a/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/KeyStoreUtil.java +++ b/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/KeyStoreUtil.java @@ -35,7 +35,6 @@ final class KeyStoreUtil { Pattern.DOTALL); static KeyStore loadKeyStore(InputStream inputStream, char[] password) { - // Read all bytes first so we can try different formats byte[] data; try { @@ -60,14 +59,12 @@ static KeyStore loadKeyStore(InputStream inputStream, char[] password) { return keyStore; } - throw new SslConfigException( - "Unable to load KeyStore - format not recognized or invalid password"); + throw new SslConfigException("Unable to load KeyStore - format not recognized or invalid password"); } private static KeyStore tryLoadKeyStore(byte[] data, String type, char[] password) { try (var bis = new ByteArrayInputStream(data)) { var keyStore = KeyStore.getInstance(type); - keyStore.load(bis, password); return keyStore; } catch (Exception e) { @@ -80,16 +77,13 @@ static X509ExtendedKeyManager loadIdentityFromPem( InputStream certificateInputStream, String privateKeyContent, char[] password) { try { var certificates = parseCertificates(certificateInputStream); - var privateKey = parsePrivateKey(privateKeyContent, password); - var keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null, null); var certChain = certificates.toArray(new Certificate[0]); var alias = "identity"; var keyPassword = password != null ? password : new char[0]; - keyStore.setKeyEntry(alias, privateKey, keyPassword, certChain); var kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); @@ -113,9 +107,8 @@ static X509ExtendedKeyManager loadIdentityFromPem( } static List parsePemCertificates(String content) { - List certs = new ArrayList<>(); - CertificateFactory factory = null; + CertificateFactory factory; try { factory = CertificateFactory.getInstance("X.509"); @@ -132,11 +125,9 @@ static List parsePemCertificates(String content) { } catch (Exception e) { throw new SslConfigException("Failed to parse PEM certificate", e); } - if (certs.isEmpty()) { throw new SslConfigException("No valid certificate found in PEM content"); } - return certs; } @@ -182,7 +173,6 @@ static List parseCertificates(InputStream inputStream) { // Try to parse as PEM first (check if it contains PEM markers) var content = new String(data, StandardCharsets.UTF_8); - if (content.contains("-----BEGIN CERTIFICATE-----")) { certs.addAll(parsePemCertificates(content)); } else { @@ -195,7 +185,6 @@ static List parseCertificates(InputStream inputStream) { throw new SslConfigException("Unable to load KeyStore", e); } } - return certs; } diff --git a/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/SSLConfigurator.java b/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/SSLConfigurator.java index 8f4c505c..bcb3e921 100644 --- a/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/SSLConfigurator.java +++ b/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/SSLConfigurator.java @@ -25,7 +25,7 @@ final class SSLConfigurator extends HttpsConfigurator { private final boolean clientAuth; - public SSLConfigurator(SSLContext context, boolean clientAuth) { + SSLConfigurator(SSLContext context, boolean clientAuth) { super(context); this.clientAuth = clientAuth; } @@ -40,7 +40,6 @@ public void configure(HttpsParameters params) { static SSLConfigurator create(DSslConfig sslConfig) throws SslConfigException { try { var sslContext = createContext(sslConfig); - var keyManagers = createKeyManagers(sslConfig); var trustManagers = createTrustManagers(sslConfig); @@ -60,7 +59,6 @@ private static SSLContext createContext(DSslConfig sslConfig) throws NoSuchAlgor } private static KeyManager[] createKeyManagers(DSslConfig sslConfig) throws SslConfigException { - try { return switch (sslConfig.loadedIdentity()) { case KEY_MANAGER -> new KeyManager[] {sslConfig.keyManager()}; @@ -81,18 +79,15 @@ private static KeyManager[] createKeyManagersFromKeyStore(DSslConfig sslConfig) return keyManagerFactory.getKeyManagers(); } - private static KeyManagerFactory createKeyManagerFactory(DSslConfig sslConfig) - throws NoSuchAlgorithmException { + private static KeyManagerFactory createKeyManagerFactory(DSslConfig sslConfig) throws NoSuchAlgorithmException { if (sslConfig.securityProvider() != null) { return KeyManagerFactory.getInstance(KEY_MANAGER_ALGORITHM, sslConfig.securityProvider()); } return KeyManagerFactory.getInstance(KEY_MANAGER_ALGORITHM); } - private static TrustManager[] createTrustManagers(DSslConfig sslConfig) - throws SslConfigException { + private static TrustManager[] createTrustManagers(DSslConfig sslConfig) throws SslConfigException { var trustConfig = sslConfig.trustConfig(); - if (trustConfig == null) { return null; // Use system default trust managers } @@ -100,13 +95,11 @@ private static TrustManager[] createTrustManagers(DSslConfig sslConfig) try { var trustStores = trustConfig.keyStores(); var certificates = trustConfig.certificates(); - if (trustStores.isEmpty() && certificates.isEmpty()) { return null; // No custom trust configuration } var trustStore = createCombinedTrustStore(trustStores, certificates); - var trustManagerFactory = createTrustManagerFactory(sslConfig); trustManagerFactory.init(trustStore); @@ -116,19 +109,15 @@ private static TrustManager[] createTrustManagers(DSslConfig sslConfig) } } - private static TrustManagerFactory createTrustManagerFactory(DSslConfig sslConfig) - throws NoSuchAlgorithmException { + private static TrustManagerFactory createTrustManagerFactory(DSslConfig sslConfig) throws NoSuchAlgorithmException { if (sslConfig.securityProvider() != null) { return TrustManagerFactory.getInstance(TRUST_MANAGER_ALGORITHM, sslConfig.securityProvider()); } return TrustManagerFactory.getInstance(TRUST_MANAGER_ALGORITHM); } - private static KeyStore createCombinedTrustStore( - List trustStores, List certificates) throws Exception { - + private static KeyStore createCombinedTrustStore(List trustStores, List certificates) throws Exception { var combinedTrustStore = KeyStore.getInstance(KeyStore.getDefaultType()); - combinedTrustStore.load(null, null); // Add certificates from existing trust stores diff --git a/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/SslConfig.java b/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/SslConfig.java index ccfbd1bd..5f12fbba 100644 --- a/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/SslConfig.java +++ b/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/SslConfig.java @@ -96,8 +96,7 @@ default void pemFromClasspath(String certificateFile, String privateKeyFile) { * @param certificateInputStream input stream to the certificate chain PEM file. * @param privateKeyInputStream input stream to the private key PEM file. */ - default void pemFromInputStream( - InputStream certificateInputStream, InputStream privateKeyInputStream) { + default void pemFromInputStream(InputStream certificateInputStream, InputStream privateKeyInputStream) { pemFromInputStream(certificateInputStream, privateKeyInputStream, null); } @@ -162,7 +161,7 @@ default void pemFromString(String certificateString, String privateKeyString) { /** * Configure the Provider for the SSLContext. * - * @param trustConfigConsumer consumer to configure the trust configuration. + * @param securityProvider the security provider to use. */ void securityProvider(Provider securityProvider); diff --git a/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/SslConfigException.java b/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/SslConfigException.java index 7f04f1e3..b8e6f5ff 100644 --- a/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/SslConfigException.java +++ b/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/SslConfigException.java @@ -1,5 +1,8 @@ package io.avaje.jex.ssl; +/** + * SSL Configuration exception. + */ public class SslConfigException extends RuntimeException { public SslConfigException(String message, Throwable t) { diff --git a/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/TrustConfig.java b/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/TrustConfig.java index 547cf8c1..a0ff2845 100644 --- a/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/TrustConfig.java +++ b/avaje-jex-ssl/src/main/java/io/avaje/jex/ssl/TrustConfig.java @@ -60,8 +60,7 @@ public interface TrustConfig { * @param trustStorePassword password for the trust store. * @return The updated TrustConfig instance for method chaining. */ - TrustConfig trustStoreFromInputStream( - InputStream trustStoreInputStream, String trustStorePassword); + TrustConfig trustStoreFromInputStream(InputStream trustStoreInputStream, String trustStorePassword); /** * Load a trust store from a given path in the system. The trust store can be in JKS or PKCS12