java - 如何检索 SSL 客户端正在使用的 KeyManager、TrustManager 和 SecureRandom 对象？

Question

我正在尝试创建一个使用 TSLv1.2 协议(protocol)执行握手的 SSL 套接字工厂。

我到目前为止[更新 1/18]:

SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
ServerSocketFactory sf = SSLServerSocketFactory.getDefault();
KeyManager[] km = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()).getKeyManagers();
TrustManager[] tm = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()).getTrustManagers();
SecureRandom random = new SecureRandom();
sslContext.init(km, tm, random);
requestContext.put(BindingProviderProperties.SSL_SOCKET_FACTORY, sslContext.getSocketFactory());

我希望从 SSLServerSocketFactory.getDefault() 中获取 KeyManager、TrustManager 和 SecureRandom 对象，但没有相应的 getter。
我可以从另一个地方提取这个吗？或者更有效的方法？

我不想手动创建 key 和信任管理器以避免系统特定配置的需要。

完整方法供引用:

    public MyOutBoundClientWSImpl(URL wsdlUrl){
        super(wsdlUrl, serviceName);
        this.wsUrl=wsdlUrl;
        this.mService = this.getMySoapHttpPort();
        Map<String, Object> requestContext = ((BindingProvider)mService).getRequestContext();
        requestContext.put(BindingProviderProperties.REQUEST_TIMEOUT, REQUEST_TIMEOUT); // Timeout in millis
        requestContext.put(BindingProviderProperties.CONNECT_TIMEOUT, CONNECT_TIMEOUT); // Timeout in millis
        try {
            SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
            ServerSocketFactory sf = SSLServerSocketFactory.getDefault();
            KeyManager[] km = ??;
            TrustManager[] tm = ??;
            SecureRandom random = ??;
            sslContext.init(km, tm, random);
            requestContext.put(BindingProviderProperties.SSL_SOCKET_FACTORY, sslContext.getSocketFactory());
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException(e.getMessage(), e);
        }
    }

Answer 1

查看官方文档:

https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLContext.html

public final void init(KeyManager[] km,
        TrustManager[] tm,
        SecureRandom random)
                throws KeyManagementException

Initializes this context. Either of the first two parameters may be null in which case the installed security providers will be searched for the highest priority implementation of the appropriate factory. Likewise, the secure random parameter may be null in which case the default implementation will be used.

事实证明这很容易做到，您只需将所有空值传递给 init 方法即可。

    public MyOutBoundClientWSImpl(URL wsdlUrl){
        super(wsdlUrl, serviceName);
        this.wsUrl=wsdlUrl;
        this.mService = this.getMySoapHttpPort();
        Map<String, Object> requestContext = ((BindingProvider)mService).getRequestContext();
        requestContext.put(BindingProviderProperties.REQUEST_TIMEOUT, REQUEST_TIMEOUT); // Timeout in millis
        requestContext.put(BindingProviderProperties.CONNECT_TIMEOUT, CONNECT_TIMEOUT); // Timeout in millis
        try {
            SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
            KeyManager[] km = null;
            TrustManager[] tm = null;
            SecureRandom random = null;                
            sslContext.init(km, tm, random);
            requestContext.put(BindingProviderProperties.SSL_SOCKET_FACTORY, sslContext.getSocketFactory());
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException(e.getMessage(), e);
        }
    }