From 17859b83a2558e2d0ebee622f589bd28b4db65df Mon Sep 17 00:00:00 2001 From: Chris Webb Date: Sun, 10 Mar 2019 23:23:08 +0000 Subject: [PATCH] #1298: Unified the private key fetching Task-Url: https://github.com/playframework/play1/issues/1298 --- .../ssl/SslHttpServerContextFactory.java | 25 ++++++++----------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/framework/src/play/server/ssl/SslHttpServerContextFactory.java b/framework/src/play/server/ssl/SslHttpServerContextFactory.java index d8bda6bc69..644ea9fc74 100644 --- a/framework/src/play/server/ssl/SslHttpServerContextFactory.java +++ b/framework/src/play/server/ssl/SslHttpServerContextFactory.java @@ -91,23 +91,20 @@ public PEMKeyManager() { try (PEMParser keyReader = new PEMParser(new FileReader(Play.getFile(keyFile)))) { final Object object = keyReader.readObject(); - + + PrivateKeyInfo privateKeyInfo = null; if (object instanceof PrivateKeyInfo) { - key = BouncyCastleProvider.getPrivateKey((PrivateKeyInfo)object); - } else if (object instanceof PEMEncryptedKeyPair || object instanceof PEMKeyPair) { - JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC"); - final KeyPair keyPair; - if (object instanceof PEMEncryptedKeyPair) { - PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder() - .build(Play.configuration.getProperty("certificate.password", "secret").toCharArray()); - keyPair = converter.getKeyPair(((PEMEncryptedKeyPair) object).decryptKeyPair(decProv)); - } else { - keyPair = converter.getKeyPair((PEMKeyPair) object); - } - key = keyPair.getPrivate(); + privateKeyInfo = (PrivateKeyInfo)object; + } else if (object instanceof PEMKeyPair) { + privateKeyInfo = ((PEMKeyPair)object).getPrivateKeyInfo(); + } else if (object instanceof PEMEncryptedKeyPair) { + PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder() + .build(Play.configuration.getProperty("certificate.password", "secret").toCharArray()); + privateKeyInfo = ((PEMEncryptedKeyPair) object).decryptKeyPair(decProv).getPrivateKeyInfo(); } else { - throw new UnsupportedOperationException("Unsupported key type '" + object.getClass() + "'"); + throw new UnsupportedOperationException("Unsupported PEM content '" + object.getClass() + "'"); } + key = BouncyCastleProvider.getPrivateKey(privateKeyInfo); final File hostCertFile = Play.getFile(p.getProperty("certificate.file", "conf/host.cert")); final Collection collection = new CertificateFactory().engineGenerateCertificates(new FileInputStream(hostCertFile));