Polish "Fix bug in webserver start when loading PKCS#11 KeyStore"

See gh-32179

Author: mhalbritter

spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/jetty/SslServerCustomizer.java

@@ -19,7 +19,6 @@
 import java.io.IOException;
 import java.net.InetSocketAddress;
 import java.net.URL;
-import java.util.Objects;
 
 import org.eclipse.jetty.alpn.server.ALPNServerConnectionFactory;
 import org.eclipse.jetty.http.HttpVersion;
@@ -222,10 +221,10 @@ private void configureSslPasswords(SslContextFactory.Server factory, Ssl ssl) {
 	}
 
 	private void configureSslKeyStore(SslContextFactory.Server factory, Ssl ssl) {
-		final String keystoreType = Objects.requireNonNullElse(ssl.getKeyStoreType(), "JKS");
-		final String keystoreLocation = ssl.getKeyStore();
+		String keystoreType = (ssl.getKeyStoreType() != null) ? ssl.getKeyStoreType() : "JKS";
+		String keystoreLocation = ssl.getKeyStore();
 		if (keystoreType.equalsIgnoreCase("PKCS11")) {
-			if (keystoreLocation != null && !keystoreLocation.isBlank()) {
+			if (keystoreLocation != null && !keystoreLocation.isEmpty()) {
 				throw new IllegalArgumentException("Input keystore location is not valid for keystore type 'PKCS11': '"
 						+ keystoreLocation + "'. Must be undefined / null.");
 			}
@@ -239,7 +238,6 @@ private void configureSslKeyStore(SslContextFactory.Server factory, Ssl ssl) {
 				throw new WebServerException("Could not load key store '" + keystoreLocation + "'", ex);
 			}
 		}
-
 		factory.setKeyStoreType(keystoreType);
 		if (ssl.getKeyStoreProvider() != null) {
 			factory.setKeyStoreProvider(ssl.getKeyStoreProvider());

spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/netty/SslServerCustomizer.java

@@ -173,11 +173,10 @@ private KeyStore loadStore(String type, String provider, String resource, String
 		type = (type != null) ? type : "JKS";
 		KeyStore store = (provider != null) ? KeyStore.getInstance(type, provider) : KeyStore.getInstance(type);
 		if (type.equalsIgnoreCase("PKCS11")) {
-			if (resource != null && !resource.isBlank()) {
+			if (resource != null && !resource.isEmpty()) {
 				throw new IllegalArgumentException("Input keystore location is not valid for keystore type 'PKCS11': '"
 						+ resource + "'. Must be undefined / null.");
 			}
-
 			store.load(null, (password != null) ? password.toCharArray() : null);
 		}
 		else {
@@ -191,7 +190,6 @@ private KeyStore loadStore(String type, String provider, String resource, String
 				throw new WebServerException("Could not load key store '" + resource + "'", ex);
 			}
 		}
-
 		return store;
 	}
 

spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/tomcat/SslConnectorCustomizer.java

@@ -17,7 +17,6 @@
 package org.springframework.boot.web.embedded.tomcat;
 
 import java.io.FileNotFoundException;
-import java.util.Objects;
 
 import org.apache.catalina.connector.Connector;
 import org.apache.coyote.ProtocolHandler;
@@ -141,10 +140,10 @@ protected void configureSslStoreProvider(AbstractHttp11JsseProtocol<?> protocol,
 	}
 
 	private void configureSslKeyStore(SSLHostConfigCertificate certificate, Ssl ssl) {
-		final String keystoreType = Objects.requireNonNullElse(ssl.getKeyStoreType(), "JKS");
-		final String keystoreLocation = ssl.getKeyStore();
+		String keystoreType = (ssl.getKeyStoreType() != null) ? ssl.getKeyStoreType() : "JKS";
+		String keystoreLocation = ssl.getKeyStore();
 		if (keystoreType.equalsIgnoreCase("PKCS11")) {
-			if (keystoreLocation != null && !keystoreLocation.isBlank()) {
+			if (keystoreLocation != null && !keystoreLocation.isEmpty()) {
 				throw new IllegalArgumentException("Input keystore location is not valid for keystore type 'PKCS11': '"
 						+ keystoreLocation + "'. Must be undefined / null.");
 			}
@@ -157,7 +156,6 @@ private void configureSslKeyStore(SSLHostConfigCertificate certificate, Ssl ssl)
 				throw new WebServerException("Could not load key store '" + keystoreLocation + "'", ex);
 			}
 		}
-
 		certificate.setCertificateKeystoreType(keystoreType);
 		if (ssl.getKeyStoreProvider() != null) {
 			certificate.setCertificateKeystoreProvider(ssl.getKeyStoreProvider());

spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/undertow/SslBuilderCustomizer.java

@@ -182,11 +182,10 @@ private KeyStore loadStore(String type, String provider, String resource, String
 		type = (type != null) ? type : "JKS";
 		KeyStore store = (provider != null) ? KeyStore.getInstance(type, provider) : KeyStore.getInstance(type);
 		if (type.equalsIgnoreCase("PKCS11")) {
-			if (resource != null && !resource.isBlank()) {
+			if (resource != null && !resource.isEmpty()) {
 				throw new IllegalArgumentException("Input keystore location is not valid for keystore type 'PKCS11': '"
 						+ resource + "'. Must be undefined / null.");
 			}
-
 			store.load(null, (password != null) ? password.toCharArray() : null);
 		}
 		else {

spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/netty/MockPkcs11SecurityProvider.java

@@ -29,7 +29,7 @@ public class MockPkcs11SecurityProvider extends Provider {
 
 	private static final String DEFAULT_PROVIDER_NAME = "Mock-PKCS11";
 
-	private static final String VERSION = "0.1";
+	private static final double VERSION = 0.1;
 
 	private static final String DESCRIPTION = "Mock PKCS11 Provider";
 

spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/tomcat/SslConnectorCustomizerTests.java

@@ -40,8 +40,8 @@
 
 import org.springframework.boot.testsupport.system.CapturedOutput;
 import org.springframework.boot.testsupport.system.OutputCaptureExtension;
-import org.springframework.boot.web.embedded.netty.MockPkcs11SecurityProvider;
 import org.springframework.boot.testsupport.web.servlet.DirtiesUrlFactories;
+import org.springframework.boot.web.embedded.netty.MockPkcs11SecurityProvider;
 import org.springframework.boot.web.server.Ssl;
 import org.springframework.boot.web.server.SslStoreProvider;
 import org.springframework.boot.web.server.WebServerException;