public SSLContext getSslContext()

in src/main/java/com/awslabs/resultsiterator/implementations/BasicSslContextHelper.java [48:99]

• 22 lines of code
• 1 McCabe index (conditional complexity)

    public SSLContext getSslContext(ImmutableCaCertFilename caCertFilename,
                                    ImmutableClientCertFilename clientCertFilename,
                                    ImmutableClientPrivateKeyFilename clientPrivateKeyFilename,
                                    ImmutablePassword password) {

        JcaX509CertificateConverter jcaX509CertificateConverter = new JcaX509CertificateConverter()
                .setProvider(BOUNCY_CASTLE_PROVIDER_NAME);

        // Load CA certificate
        X509Certificate caCertificate = getCertificate(jcaX509CertificateConverter, Paths.get(caCertFilename.getCaCertFilename()));

        // Load client certificate
        X509Certificate clientCertificate = getCertificate(jcaX509CertificateConverter, Paths.get(clientCertFilename.getClientCertFilename()));

        // Load client private key
        KeyPair key = getKeyPair(Paths.get(clientPrivateKeyFilename.getClientPrivateKeyFilename()), password);

        // Get the CA keystore and rethrow all exceptions
        KeyStore caKeyStore = getDefaultKeystore();

        // Add the CA certificate and rethrow all exceptions
        Try.run(() -> caKeyStore.setCertificateEntry(CA_CERTIFICATE, caCertificate));

        // Get a trust manager factory and rethrow all exceptions
        TrustManagerFactory trustManagerFactory = Try.of(() -> TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm())).get();

        // Initialize the trust manager factory with the CA keystore and rethrow all exceptions
        Try.run(() -> trustManagerFactory.init(caKeyStore)).get();

        // Get the client keystore and rethrow all exceptions
        KeyStore clientKeyStore = getDefaultKeystore();

        // Add the client certificate and rethrow all exceptions
        Try.run(() -> clientKeyStore.setCertificateEntry(CERTIFICATE, clientCertificate)).get();

        // Add the client private key and rethrow all exceptions
        Try.run(() -> clientKeyStore.setKeyEntry(PRIVATE_KEY, key.getPrivate(), Password.BLANK_PASSWORD, new Certificate[]{clientCertificate})).get();

        // Get a key manager factory and rethrow all exceptions
        KeyManagerFactory keyManagerFactory = Try.of(() -> KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm())).get();

        // Initialize the key manager factory with the client keystore and a blank password and rethrow all exceptions
        Try.run(() -> keyManagerFactory.init(clientKeyStore, Password.BLANK_PASSWORD)).get();

        // Create the SSL context and rethrow all exceptions
        SSLContext sslContext = Try.of(() -> SSLContext.getInstance(TLSV1_2)).get();

        // Initialize the SSL context and rethrow all exceptions
        Try.run(() -> sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null)).get();

        return sslContext;
    }