Index: core/src/main/java/quickfix/mina/acceptor/AbstractSocketAcceptor.java =================================================================== 59c59 < import quickfix.mina.ssl.AcceptorSSLContextFactory; --- > import quickfix.mina.ssl.SSLContextFactory; 135c135 < SSLContext sslContext = AcceptorSSLContextFactory.getInstance(descriptor.getKeyStoreName(), --- > SSLContext sslContext = SSLContextFactory.getInstance(descriptor.getKeyStoreName(), 172,185c172,173 < < if (getSettings().isSetting(sessionID, SSLSupport.SETTING_KEY_STORE_NAME)) { < keyStoreName = getSettings().getString(sessionID, < SSLSupport.SETTING_KEY_STORE_NAME); < } else { < keyStoreName = "quickfixj.cert"; < } < < if (getSettings().isSetting(sessionID, SSLSupport.SETTING_KEY_STORE_PWD)) { < keyStorePassword = getSettings().getString(sessionID, < SSLSupport.SETTING_KEY_STORE_PWD); < } else { < keyStorePassword = "quickfixjpw"; < } --- > keyStoreName = SSLSupport.getKeystoreName(getSettings(), sessionID); > keyStorePassword = SSLSupport.getKeystorePasswd(getSettings(), sessionID); Index: core/src/main/java/quickfix/mina/ssl/AcceptorSSLContextFactory.java =================================================================== 1,109d0 < /******************************************************************************* < * Copyright (c) quickfixengine.org All rights reserved. < * < * This file is part of the QuickFIX FIX Engine < * < * This file may be distributed under the terms of the quickfixengine.org < * license as defined by quickfixengine.org and appearing in the file < * LICENSE included in the packaging of this file. < * < * This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING < * THE WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A < * PARTICULAR PURPOSE. < * < * See http://www.quickfixengine.org/LICENSE for licensing information. < * < * Contact ask@quickfixengine.org if any conditions of this licensing < * are not clear to you. < ******************************************************************************/ < < package quickfix.mina.ssl; < < import java.io.IOException; < import java.io.InputStream; < import java.security.GeneralSecurityException; < import java.security.KeyStore; < import java.security.KeyStoreException; < import java.security.NoSuchAlgorithmException; < import java.security.Security; < import java.security.UnrecoverableKeyException; < import java.security.cert.CertificateException; < import java.util.HashMap; < import java.util.Map; < < import javax.net.ssl.KeyManagerFactory; < import javax.net.ssl.SSLContext; < < public class AcceptorSSLContextFactory { < private static final String PROTOCOL = "TLS"; < < private static final String KEY_MANAGER_FACTORY_ALGORITHM; < < static { < String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm"); < if (algorithm == null) { < algorithm = "SunX509"; < } < < KEY_MANAGER_FACTORY_ALGORITHM = algorithm; < } < < private static Map contextCache = new HashMap(); < < public static synchronized SSLContext getInstance(String keyStoreName, char[] keyStorePassword) < throws GeneralSecurityException { < synchronized (contextCache) { < SSLContext context = (SSLContext) contextCache.get(keyStoreName); < if (context == null) { < try { < context = createSSLContext(keyStoreName, keyStorePassword); < contextCache.put(keyStoreName, context); < } catch (Exception ioe) { < throw new GeneralSecurityException("Can't create Server SSLContext:" + ioe); < } < } < return context; < } < } < < private static SSLContext createSSLContext(String keyStoreName, char[] keyStorePassword) < throws GeneralSecurityException, IOException { < KeyManagerFactory kmf = initializeKeyManager(keyStoreName, keyStorePassword); < < SSLContext sslContext = SSLContext.getInstance(PROTOCOL); < sslContext.init(kmf.getKeyManagers(), SimpleTrustManagerFactory.X509_MANAGERS, null); < < return sslContext; < } < < private static KeyManagerFactory initializeKeyManager(String keyStoreName, < char[] keyStorePassword) throws KeyStoreException, IOException, < NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException { < KeyStore ks = initializeKeyStore(keyStoreName, keyStorePassword); < KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM); < kmf.init(ks, keyStorePassword); < return kmf; < } < < private static KeyStore initializeKeyStore(String keyStoreName, char[] keyStorePassword) < throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException { < KeyStore keyStore = KeyStore.getInstance("JKS"); < InputStream in = null; < try { < in = AcceptorSSLContextFactory.class.getResourceAsStream(keyStoreName); < if (in == null) { < in = AcceptorSSLContextFactory.class.getClassLoader().getResourceAsStream( < keyStoreName); < } < keyStore.load(in, keyStorePassword); < } finally { < if (in != null) { < try { < in.close(); < } catch (IOException ignored) { < } < } < } < return keyStore; < } < } Index: core/src/main/java/quickfix/mina/ssl/InitiatorSSLContextFactory.java =================================================================== 1,50d0 < /******************************************************************************* < * Copyright (c) quickfixengine.org All rights reserved. < * < * This file is part of the QuickFIX FIX Engine < * < * This file may be distributed under the terms of the quickfixengine.org < * license as defined by quickfixengine.org and appearing in the file < * LICENSE included in the packaging of this file. < * < * This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING < * THE WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A < * PARTICULAR PURPOSE. < * < * See http://www.quickfixengine.org/LICENSE for licensing information. < * < * Contact ask@quickfixengine.org if any conditions of this licensing < * are not clear to you. < ******************************************************************************/ < < package quickfix.mina.ssl; < < import java.security.GeneralSecurityException; < < import javax.net.ssl.SSLContext; < < public class InitiatorSSLContextFactory { < < /** < * Protocol to use. < */ < private static final String PROTOCOL = "TLS"; < < private static SSLContext clientInstance = null; < < /** < * Get SSLContext singleton. < * < * @return SSLContext < * @throws java.security.GeneralSecurityException < * < */ < public static synchronized SSLContext getInstance() throws GeneralSecurityException { < if (clientInstance == null) { < SSLContext context = SSLContext.getInstance(PROTOCOL); < context.init(null, SimpleTrustManagerFactory.X509_MANAGERS, null); < clientInstance = context; < } < return clientInstance; < } < } Index: core/src/main/java/quickfix/mina/ssl/SSLContextFactory.java =================================================================== 0a1,88 > package quickfix.mina.ssl; > > import javax.net.ssl.SSLContext; > import javax.net.ssl.KeyManagerFactory; > import java.security.*; > import java.security.cert.CertificateException; > import java.io.IOException; > import java.io.InputStream; > import java.util.Map; > import java.util.HashMap; > > /** > * SSL context factory that deals with Keystores. > * Caches the created SSL contexts for future reuse. > */ > > public class SSLContextFactory { > private static final String PROTOCOL = "TLS"; > private static final String KEY_MANAGER_FACTORY_ALGORITHM; > final private static Map contextCache = new HashMap(); > > static { > String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm"); > if (algorithm == null) { > algorithm = "SunX509"; > } > > KEY_MANAGER_FACTORY_ALGORITHM = algorithm; > } > > /** Creates an {@link SSLContext} with a specified keystore and password for that keystore */ > public static synchronized SSLContext getInstance(String keyStoreName, char[] keyStorePassword) > throws GeneralSecurityException { > synchronized (contextCache) { > SSLContext context = (SSLContext) contextCache.get(keyStoreName); > if (context == null) { > try { > context = createSSLContext(keyStoreName, keyStorePassword); > contextCache.put(keyStoreName, context); > } catch (Exception ioe) { > throw new GeneralSecurityException("Can't create Server SSLContext:" + ioe); > } > } > return context; > } > } > > private static SSLContext createSSLContext(String keyStoreName, char[] keyStorePassword) > throws GeneralSecurityException, IOException { > KeyManagerFactory kmf = initializeKeyManager(keyStoreName, keyStorePassword); > > SSLContext sslContext = SSLContext.getInstance(PROTOCOL); > sslContext.init(kmf.getKeyManagers(), SimpleTrustManagerFactory.X509_MANAGERS, null); > > return sslContext; > } > > private static KeyManagerFactory initializeKeyManager(String keyStoreName, > char[] keyStorePassword) throws KeyStoreException, IOException, > NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException { > KeyStore ks = initializeKeyStore(keyStoreName, keyStorePassword); > KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEY_MANAGER_FACTORY_ALGORITHM); > kmf.init(ks, keyStorePassword); > return kmf; > } > > private static KeyStore initializeKeyStore(String keyStoreName, char[] keyStorePassword) > throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException { > KeyStore keyStore = KeyStore.getInstance("JKS"); > InputStream in = null; > try { > in = SSLContextFactory.class.getResourceAsStream(keyStoreName); > if (in == null) { > in = SSLContextFactory.class.getClassLoader().getResourceAsStream( > keyStoreName); > } > keyStore.load(in, keyStorePassword); > } finally { > if (in != null) { > try { > in.close(); > } catch (IOException ignored) { > } > } > } > return keyStore; > } > } Index: core/src/main/java/quickfix/mina/ssl/SSLSupport.java =================================================================== 21a22,26 > import quickfix.SessionID; > import quickfix.SessionSettings; > import quickfix.ConfigError; > import quickfix.FieldConvertError; > 29a35,58 > public static String getKeystoreName(SessionSettings settings, SessionID sessionID) { > String keyStoreName = "quickfixj.cert"; > if (settings.isSetting(sessionID, SSLSupport.SETTING_KEY_STORE_NAME)) { > try { > keyStoreName = settings.getString(sessionID, SSLSupport.SETTING_KEY_STORE_NAME); > } catch (ConfigError ignored) { > } catch (FieldConvertError ignored) { > } > } > return keyStoreName; > } > > public static String getKeystorePasswd(SessionSettings settings, SessionID sessionID) { > String keyStorePassword = "quickfixjpw"; > if (settings.isSetting(sessionID, SSLSupport.SETTING_KEY_STORE_PWD)) { > try { > keyStorePassword = settings.getString(sessionID, SSLSupport.SETTING_KEY_STORE_PWD); > } catch (ConfigError ignored) { > } catch (FieldConvertError ignored) { > } > } > return keyStorePassword; > } > Index: core/src/main/java/quickfix/mina/ssl/SimpleTrustManagerFactory.java =================================================================== 33c33 < class SimpleTrustManagerFactory extends TrustManagerFactorySpi --- > public class SimpleTrustManagerFactory extends TrustManagerFactorySpi 54c54 < static final TrustManager[] X509_MANAGERS = new TrustManager[] { X509 }; --- > public static final TrustManager[] X509_MANAGERS = new TrustManager[] { X509 }; Index: core/src/main/java/quickfix/mina/initiator/AbstractSocketInitiator.java =================================================================== 99a100,101 > String keyStoreName = SSLSupport.getKeystoreName(getSettings(), sessionID); > String keyStorePassword = SSLSupport.getKeystorePasswd(getSettings(), sessionID); 104c106 < sslEnabled); --- > sslEnabled, keyStoreName, keyStorePassword); Index: core/src/main/java/quickfix/mina/initiator/IoSessionInitiator.java =================================================================== 22,31c22,25 < import java.io.IOException; < import java.net.SocketAddress; < import java.security.GeneralSecurityException; < < import org.apache.mina.common.ConnectFuture; < import org.apache.mina.common.IoConnector; < import org.apache.mina.common.IoFilterChainBuilder; < import org.apache.mina.common.IoServiceConfig; < import org.apache.mina.common.IoSession; < import org.apache.mina.common.ThreadModel; --- > import edu.emory.mathcs.backport.java.util.concurrent.Future; > import edu.emory.mathcs.backport.java.util.concurrent.ScheduledExecutorService; > import edu.emory.mathcs.backport.java.util.concurrent.TimeUnit; > import org.apache.mina.common.*; 34d27 < 44c37 < import quickfix.mina.ssl.InitiatorSSLContextFactory; --- > import quickfix.mina.ssl.SSLContextFactory; 46,48c39,42 < import edu.emory.mathcs.backport.java.util.concurrent.Future; < import edu.emory.mathcs.backport.java.util.concurrent.ScheduledExecutorService; < import edu.emory.mathcs.backport.java.util.concurrent.TimeUnit; --- > > import java.io.IOException; > import java.net.SocketAddress; > import java.security.GeneralSecurityException; 59c53,54 < IoFilterChainBuilder userIoFilterChainBuilder, boolean sslEnabled) throws ConfigError { --- > IoFilterChainBuilder userIoFilterChainBuilder, boolean sslEnabled, > String keyStoreName, String keyStorePassword) throws ConfigError { 64c59 < eventHandlingStrategy); --- > eventHandlingStrategy, keyStoreName, keyStorePassword); 74a70,71 > private String keyStoreName; > private String keyStorePassword; 86c83,84 < EventHandlingStrategy eventHandlingStrategy) throws ConfigError, --- > EventHandlingStrategy eventHandlingStrategy, > String keyStoreName, String keyStorePassword) throws ConfigError, 90a89,90 > this.keyStoreName = keyStoreName; > this.keyStorePassword = keyStorePassword; 111c111 < SSLFilter sslFilter = new SSLFilter(InitiatorSSLContextFactory.getInstance()); --- > SSLFilter sslFilter = new SSLFilter(SSLContextFactory.getInstance(keyStoreName, keyStorePassword.toCharArray())); Index: core/src/main/java/quickfix/Message.java =================================================================== 216c216 < return trailerHasGroup(num, group.field()); --- > return trailerHasGroup(num, group.getFieldTag()); 220c220 < return trailerHasGroup(group.field()); --- > return trailerHasGroup(group.getFieldTag());