Hakky54 · Hakky54 · Oct 23, 2024 · Oct 23, 2024
diff --git a/...ext-kickstart-for-apache5/src/main/java/nl/altindag/ssl/apache5/util/Apache5SslUtils.java b/...ext-kickstart-for-apache5/src/main/java/nl/altindag/ssl/apache5/util/Apache5SslUtils.java
@@ -16,9 +16,7 @@
 package nl.altindag.ssl.apache5.util;
 
 import nl.altindag.ssl.SSLFactory;
-import org.apache.hc.client5.http.socket.LayeredConnectionSocketFactory;
 import org.apache.hc.client5.http.ssl.DefaultClientTlsStrategy;
-import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
 import org.apache.hc.client5.http.ssl.TlsSocketStrategy;
 import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
 import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
@@ -30,16 +28,6 @@ public final class Apache5SslUtils {
 
     private Apache5SslUtils() {}
 
-    @Deprecated
-    public static LayeredConnectionSocketFactory toSocketFactory(SSLFactory sslFactory) {
-        return new SSLConnectionSocketFactory(
-                sslFactory.getSslContext(),
-                sslFactory.getSslParameters().getProtocols(),
-                sslFactory.getSslParameters().getCipherSuites(),
-                sslFactory.getHostnameVerifier()
-        );
-    }
-
     public static TlsStrategy toTlsStrategy(SSLFactory sslFactory) {
         return createClientTlsStrategy(sslFactory);
     }

diff --git a/sslcontext-kickstart-for-apache5/src/test/java/nl/altindag/ssl/apache5/SSLFactoryIT.java b/sslcontext-kickstart-for-apache5/src/test/java/nl/altindag/ssl/apache5/SSLFactoryIT.java
@@ -29,7 +29,7 @@
 import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
 import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager;
 import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManagerBuilder;
-import org.apache.hc.client5.http.socket.LayeredConnectionSocketFactory;
+import org.apache.hc.client5.http.ssl.TlsSocketStrategy;
 import org.apache.hc.core5.http.HttpResponse;
 import org.apache.hc.core5.http.Method;
 import org.apache.hc.core5.http.nio.support.BasicRequestProducer;
@@ -76,9 +76,9 @@ void executeHttpsRequestWithMutualAuthentication() throws IOException {
                 .withTrustMaterial("keystore/client-server/client-one/truststore.jks", "secret".toCharArray())
                 .build();
 
-        LayeredConnectionSocketFactory socketFactory = Apache5SslUtils.toSocketFactory(sslFactoryForClient);
+        TlsSocketStrategy tlsSocketStrategy = Apache5SslUtils.toTlsSocketStrategy(sslFactoryForClient);
         PoolingHttpClientConnectionManager connectionManager = PoolingHttpClientConnectionManagerBuilder.create()
-                .setSSLSocketFactory(socketFactory)
+                .setTlsSocketStrategy(tlsSocketStrategy)
                 .build();
 
         HttpClient httpClient = HttpClients.custom()

diff --git a/...ckstart-for-apache5/src/test/java/nl/altindag/ssl/apache5/util/Apache5SslUtilsShould.java b/...ckstart-for-apache5/src/test/java/nl/altindag/ssl/apache5/util/Apache5SslUtilsShould.java
@@ -17,7 +17,6 @@
 
 import nl.altindag.ssl.SSLFactory;
 import nl.altindag.ssl.util.KeyStoreUtils;
-import org.apache.hc.client5.http.socket.LayeredConnectionSocketFactory;
 import org.apache.hc.client5.http.ssl.TlsSocketStrategy;
 import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
 import org.junit.jupiter.api.Test;
@@ -38,49 +37,6 @@ class Apache5SslUtilsShould {
     private static final char[] TRUSTSTORE_PASSWORD = "secret".toCharArray();
     private static final String KEYSTORE_LOCATION = "keystore/";
 
-    @Test
-    void createLayeredConnectionSocketFactoryWithTrustMaterial() {
-        KeyStore trustStore = KeyStoreUtils.loadKeyStore(KEYSTORE_LOCATION + TRUSTSTORE_FILE_NAME, TRUSTSTORE_PASSWORD);
-
-        SSLFactory sslFactory = SSLFactory.builder()
-                .withTrustMaterial(trustStore)
-                .build();
-
-        assertThat(sslFactory.getSslContext()).isNotNull();
-
-        assertThat(sslFactory.getKeyManager()).isNotPresent();
-
-        assertThat(sslFactory.getTrustManager()).isNotNull();
-        assertThat(sslFactory.getTrustedCertificates()).isNotEmpty();
-        assertThat(sslFactory.getTrustManager()).isNotNull();
-        assertThat(sslFactory.getHostnameVerifier()).isNotNull();
-
-        LayeredConnectionSocketFactory socketFactory = Apache5SslUtils.toSocketFactory(sslFactory);
-        assertThat(socketFactory).isNotNull();
-    }
-
-    @Test
-    void createLayeredConnectionSocketFactoryWithIdentityMaterialAndTrustMaterial() {
-        KeyStore identity = KeyStoreUtils.loadKeyStore(KEYSTORE_LOCATION + IDENTITY_FILE_NAME, IDENTITY_PASSWORD);
-        KeyStore trustStore = KeyStoreUtils.loadKeyStore(KEYSTORE_LOCATION + TRUSTSTORE_FILE_NAME, TRUSTSTORE_PASSWORD);
-
-        SSLFactory sslFactory = SSLFactory.builder()
-                .withIdentityMaterial(identity, IDENTITY_PASSWORD)
-                .withTrustMaterial(trustStore)
-                .build();
-
-        assertThat(sslFactory.getSslContext()).isNotNull();
-        assertThat(sslFactory.getKeyManager()).isPresent();
-
-        assertThat(sslFactory.getTrustManager()).isNotNull();
-        assertThat(sslFactory.getTrustedCertificates()).isNotEmpty();
-        assertThat(sslFactory.getTrustManager()).isNotNull();
-        assertThat(sslFactory.getHostnameVerifier()).isNotNull();
-
-        LayeredConnectionSocketFactory socketFactory = Apache5SslUtils.toSocketFactory(sslFactory);
-        assertThat(socketFactory).isNotNull();
-    }
-
     @Test
     void createTlsStrategy() {
         KeyStore identity = KeyStoreUtils.loadKeyStore(KEYSTORE_LOCATION + IDENTITY_FILE_NAME, IDENTITY_PASSWORD);

diff --git a/sslcontext-kickstart/src/main/java/module-info.java b/sslcontext-kickstart/src/main/java/module-info.java
@@ -20,7 +20,6 @@
     exports nl.altindag.ssl;
     exports nl.altindag.ssl.exception;
     exports nl.altindag.ssl.model;
-    exports nl.altindag.ssl.trustmanager.validator;
     exports nl.altindag.ssl.trustmanager.trustoptions;
     exports nl.altindag.ssl.util;
     exports nl.altindag.ssl.sslcontext to java.base;

diff --git a/sslcontext-kickstart/src/main/java/nl/altindag/ssl/SSLFactory.java b/sslcontext-kickstart/src/main/java/nl/altindag/ssl/SSLFactory.java
@@ -24,9 +24,6 @@
 import nl.altindag.ssl.sslcontext.FenixSSLContext;
 import nl.altindag.ssl.trustmanager.trustoptions.TrustAnchorTrustOptions;
 import nl.altindag.ssl.trustmanager.trustoptions.TrustStoreTrustOptions;
-import nl.altindag.ssl.trustmanager.validator.ChainAndAuthTypeValidator;
-import nl.altindag.ssl.trustmanager.validator.ChainAndAuthTypeWithSSLEngineValidator;
-import nl.altindag.ssl.trustmanager.validator.ChainAndAuthTypeWithSocketValidator;
 import nl.altindag.ssl.util.HostnameVerifierUtils;
 import nl.altindag.ssl.util.KeyManagerUtils;
 import nl.altindag.ssl.util.KeyStoreUtils;
@@ -72,7 +69,6 @@
 import java.util.Map;
 import java.util.Optional;
 import java.util.Set;
-import java.util.function.BiPredicate;
 import java.util.function.Predicate;
 import java.util.stream.Collectors;
 
@@ -199,9 +195,6 @@ public static class Builder {
         private int sessionTimeoutInSeconds = -1;
         private int sessionCacheSizeInBytes = -1;
 
-        private ChainAndAuthTypeValidator chainAndAuthTypeValidator = null;
-        private ChainAndAuthTypeWithSocketValidator chainAndAuthTypeWithSocketValidator = null;
-        private ChainAndAuthTypeWithSSLEngineValidator chainAndAuthTypeWithSSLEngineValidator = null;
         private Predicate<TrustManagerParameters> trustManagerParametersValidator = null;
         private boolean shouldTrustedCertificatesBeConcealed = false;
 
@@ -570,15 +563,6 @@ public Builder withInflatableTrustMaterial() {
             return this;
         }
 
-        @Deprecated
-        public Builder withInflatableTrustMaterial(Path trustStorePath,
-                                                   char[] trustStorePassword,
-                                                   String trustStoreType,
-                                                   BiPredicate<X509Certificate[], String> certificateAndAuthTypeTrustPredicate) {
-            trustManagers.add(TrustManagerUtils.createInflatableTrustManager(trustStorePath, trustStorePassword, trustStoreType, certificateAndAuthTypeTrustPredicate));
-            return this;
-        }
-
         public Builder withInflatableTrustMaterial(Path trustStorePath,
                                                    char[] trustStorePassword,
                                                    String trustStoreType,
@@ -747,24 +731,6 @@ public Builder withTrustingAllCertificatesWithoutValidation() {
             return this;
         }
 
-        @Deprecated
-        public Builder withTrustEnhancer(ChainAndAuthTypeValidator validator) {
-            this.chainAndAuthTypeValidator = validator;
-            return this;
-        }
-
-        @Deprecated
-        public Builder withTrustEnhancer(ChainAndAuthTypeWithSocketValidator validator) {
-            this.chainAndAuthTypeWithSocketValidator = validator;
-            return this;
-        }
-
-        @Deprecated
-        public Builder withTrustEnhancer(ChainAndAuthTypeWithSSLEngineValidator validator) {
-            this.chainAndAuthTypeWithSSLEngineValidator = validator;
-            return this;
-        }
-
         public Builder withTrustEnhancer(Predicate<TrustManagerParameters> validator) {
             this.trustManagerParametersValidator = validator;
             return this;
@@ -845,9 +811,6 @@ private X509ExtendedTrustManager createTrustManager() {
                     .withLoggingTrustManager(loggingTrustManagerEnabled)
                     .withTrustEnhancer(trustManagerParametersValidator)
                     .withTrustEnhancer(shouldTrustedCertificatesBeConcealed)
-                    .withTrustEnhancer(chainAndAuthTypeValidator)
-                    .withTrustEnhancer(chainAndAuthTypeWithSocketValidator)
-                    .withTrustEnhancer(chainAndAuthTypeWithSSLEngineValidator)
                     .build();
         }
 

diff --git a/...start/src/main/java/nl/altindag/ssl/trustmanager/validator/ChainAndAuthTypeValidator.java b/...start/src/main/java/nl/altindag/ssl/trustmanager/validator/ChainAndAuthTypeValidator.java
diff --git a/...n/java/nl/altindag/ssl/trustmanager/validator/ChainAndAuthTypeWithSSLEngineValidator.java b/...n/java/nl/altindag/ssl/trustmanager/validator/ChainAndAuthTypeWithSSLEngineValidator.java
diff --git a/...main/java/nl/altindag/ssl/trustmanager/validator/ChainAndAuthTypeWithSocketValidator.java b/...main/java/nl/altindag/ssl/trustmanager/validator/ChainAndAuthTypeWithSocketValidator.java
diff --git a/sslcontext-kickstart/src/main/java/nl/altindag/ssl/util/HostnameVerifierUtils.java b/sslcontext-kickstart/src/main/java/nl/altindag/ssl/util/HostnameVerifierUtils.java
@@ -33,7 +33,7 @@ private HostnameVerifierUtils() {}
 
     /**
      * Creates a basic hostname verifier which validates the hostname against the peer host from the ssl session.
-     * This basic hostname verifier provides minimal security. It is recommended to use {@link HostnameVerifierUtils#createFenix()}
+     * This basic hostname verifier provides minimal security. It is recommended to use {@link HostnameVerifierUtils#createDefault()}
      */
     public static HostnameVerifier createBasic() {
         return BasicHostnameVerifier.getInstance();
@@ -47,14 +47,6 @@ public static HostnameVerifier createUnsafe() {
         return UnsafeHostnameVerifier.getInstance();
     }
 
-    /**
-     * Creates a fenix hostname verifier which validates the hostname against the SAN field of the peer certificate.
-     */
-    @Deprecated
-    public static HostnameVerifier createFenix() {
-        return createDefault();
-    }
-
     /**
      * Creates the default hostname verifier which is able to validate the hostname against the SAN field of the peer certificate.
      */