makeSSLSocketFactory method that accepts preloaded KeyStore/KeyManagerFactory

The existing makeSSLSocketFactory() method only supports loading a KeyStore
from a classpath relative file using a provided passphrase. An additional
makeSSLSocketFactory added in this commit allows the caller to provided a
preloaded KeyStore/KeyManagerFactory. This can be used by callers that have a
KeyStore/KeyManagerFactory loaded in memory, or from an arbitrary InputStream
not on the classpath.

1 files changed, 20 insertions, 0 deletions

diff --git a/core/src/main/java/fi/iki/elonen/NanoHTTPD.java b/core/src/main/java/fi/iki/elonen/NanoHTTPD.java
index 37e465d..1b46dab 100644
--- a/core/src/main/java/fi/iki/elonen/NanoHTTPD.java
+++ b/core/src/main/java/fi/iki/elonen/NanoHTTPD.java
@@ -210,6 +210,26 @@ public abstract class NanoHTTPD {
       }
       return res;
    }
+   
+   /**
+    * Creates an SSLSocketFactory for HTTPS.
+    *
+    * Pass a loaded KeyStore and a loaded KeyManagerFactory.
+    * These objects must properly loaded/initialized by the caller.
+    */
+   public static SSLServerSocketFactory makeSSLSocketFactory(KeyStore loadedKeyStore, KeyManagerFactory loadedKeyFactory) throws IOException {
+      SSLServerSocketFactory res = null;
+      try {
+         TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+         trustManagerFactory.init(loadedKeyStore);
+         SSLContext ctx = SSLContext.getInstance("TLS");
+         ctx.init(loadedKeyFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
+         res = ctx.getServerSocketFactory();
+      } catch (Exception e) {
+         throw new IOException(e);
+      }
+      return res;
+   }
 
   /**
    * Call before start() to serve over HTTPS instead of HTTP