deliver dragonwell security provider jar

openjdk/src/main/java/com/alibaba/dragonwell/security/DragonwellSecurity.java

@@ -0,0 +1,9 @@
+package com.alibaba.dragonwell.security;
+
+import org.conscrypt.Conscrypt;
+
+public final class DragonwellSecurity {
+    public static void setUseEngineSocketByDefault(boolean useEngineSocket) {
+        Conscrypt.setUseEngineSocketByDefault(useEngineSocket);
+    }
+}

openjdk/src/main/java/com/alibaba/dragonwell/security/DragonwellTlcpCertIndicate.java

@@ -0,0 +1,11 @@
+package com.alibaba.dragonwell.security;
+
+public interface DragonwellTlcpCertIndicate {
+    String getTlcpSignAlias();
+
+    void setTlcpSignAlias(String alias);
+
+    String getTlcpEncAlias();
+
+    void setTlcpEncAlias(String alias);
+}

openjdk/src/main/java/com/alibaba/dragonwell/security/DragonwellX509Certificate.java

@@ -1,20 +1,9 @@
-/*
- * Copyright 2023 The Tongsuo Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://github.com/Tongsuo-Project/Tongsuo/blob/master/LICENSE.txt
- */
-
 package com.alibaba.dragonwell.security;
 
 import org.conscrypt.OpenSSLX509Certificate;
 
-public class DragonwellX509Certificate extends OpenSSLX509Certificate {
-    private static final long serialVersionUID = 8644387307092462038L;
-
-    DragonwellX509Certificate(long ctx) throws Exception {
+public final class DragonwellX509Certificate extends OpenSSLX509Certificate {
+    public DragonwellX509Certificate(long ctx) throws Exception {
         super(ctx);
     }
 }

openjdk/src/main/java/com/alibaba/dragonwell/security/TlcpKeyManagerFactoryImpl.java

@@ -7,12 +7,11 @@
 import javax.net.ssl.ManagerFactoryParameters;
 import java.io.File;
 import java.io.FileInputStream;
-import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.security.*;
 import java.security.cert.CertificateException;
 
-public class TlcpKeyManagerFactoryImpl extends KeyManagerFactorySpi {
+public final class TlcpKeyManagerFactoryImpl extends KeyManagerFactorySpi {
     private static final char[] EMPTY_KEY = new char[0];
 
     // source of key material

openjdk/src/main/java/com/alibaba/dragonwell/security/TlcpKeyManagerImpl.java

@@ -8,7 +8,7 @@
 import java.security.cert.X509Certificate;
 import java.util.*;
 
-public final class TlcpKeyManagerImpl extends X509ExtendedKeyManager {
+public final class TlcpKeyManagerImpl extends X509ExtendedKeyManager implements DragonwellTlcpCertIndicate {
     private static final String[] STRING0 = new String[0];
 
     /*

openjdk/src/test/java/org/conscrypt/TlcpDoubleCertTest.java

@@ -14,8 +14,10 @@
 import java.util.Map;
 import java.util.concurrent.CountDownLatch;
 
-import com.alibaba.dragonwell.security.TlcpKeyManagerImpl;
 import com.alibaba.dragonwell.security.DragonwellSecurityProvider;
+import com.alibaba.dragonwell.security.DragonwellSecurity;
+import com.alibaba.dragonwell.security.DragonwellX509Certificate;
+import com.alibaba.dragonwell.security.DragonwellTlcpCertIndicate;
 
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 
@@ -86,7 +88,7 @@ public class TlcpDoubleCertTest {
 
     @Before
     public final void before() throws Exception {
-        Conscrypt.setUseEngineSocketByDefault(false);
+        DragonwellSecurity.setUseEngineSocketByDefault(false);
         // Initial cipher suit map.
         CIPHER_SUIT_MAP.put("ECC-SM2-WITH-SM4-SM3", "ECC-SM2-SM4-CBC-SM3");
         CIPHER_SUIT_MAP.put("ECC-SM2-SM4-CBC-SM3", "ECC-SM2-SM4-CBC-SM3");
@@ -104,21 +106,21 @@ public final void before() throws Exception {
 
     @After
     public final void after() {
-        Conscrypt.setUseEngineSocketByDefault(true);
+        DragonwellSecurity.setUseEngineSocketByDefault(true);
     }
 
     private void buildCaCert() throws Exception {
-        caCert = OpenSSLX509Certificate.fromX509PemInputStream(TestUtils.openTestFile(CA_CERT_PATH));
-        subCaCert = OpenSSLX509Certificate.fromX509PemInputStream(TestUtils.openTestFile(SUB_CA_CERT_PATH));
+        caCert = DragonwellX509Certificate.fromX509PemInputStream(TestUtils.openTestFile(CA_CERT_PATH));
+        subCaCert = DragonwellX509Certificate.fromX509PemInputStream(TestUtils.openTestFile(SUB_CA_CERT_PATH));
     }
 
     private void buildClientKeyStore() throws Exception {
         // build client private key.
         clientSignPrivateKey = TestUtils.readSM2PrivateKeyPemFile(CLIENT_SIGN_KEY_PATH);
         clientEncPrivateKey = TestUtils.readSM2PrivateKeyPemFile(CLIENT_ENC_KEY_PATH);
         // build client sign and enc certification.
-        clientSignCert = OpenSSLX509Certificate.fromX509PemInputStream(TestUtils.openTestFile(CLIENT_SIGN_CERT_PATH));
-        clientEncCert = OpenSSLX509Certificate.fromX509PemInputStream(TestUtils.openTestFile(CLIENT_ENC_CERT_PATH));
+        clientSignCert = DragonwellX509Certificate.fromX509PemInputStream(TestUtils.openTestFile(CLIENT_SIGN_CERT_PATH));
+        clientEncCert = DragonwellX509Certificate.fromX509PemInputStream(TestUtils.openTestFile(CLIENT_ENC_CERT_PATH));
 
         X509Certificate[] clientSignCertChain = new X509Certificate[]{clientSignCert, subCaCert, caCert};
         X509Certificate[] clientEncCertChain = new X509Certificate[]{clientEncCert, subCaCert, caCert};
@@ -133,8 +135,8 @@ private void buildClientKeyStore() throws Exception {
         KeyManagerFactory kmf = KeyManagerFactory.getInstance("TlcpKeyManagerFactory", new DragonwellSecurityProvider());
         kmf.init(ks, EMPTY_PASSWORD);
         KeyManager clientKey = (kmf.getKeyManagers())[0];
-        if (clientKey instanceof TlcpKeyManagerImpl) {
-            TlcpKeyManagerImpl tlcpKeyManager = (TlcpKeyManagerImpl) clientKey;
+        if (clientKey instanceof DragonwellTlcpCertIndicate) {
+            DragonwellTlcpCertIndicate tlcpKeyManager = (DragonwellTlcpCertIndicate) clientKey;
             clientKeyManager = new KeyManager[]{clientKey};
             tlcpKeyManager.setTlcpEncAlias(CLIENT_ENC_ALIAS);
             tlcpKeyManager.setTlcpSignAlias(CLIENT_SIGN_ALIAS);
@@ -153,8 +155,8 @@ private void buildServerKeyStore() throws Exception {
         serverSignPrivateKey = TestUtils.readSM2PrivateKeyPemFile(SERVER_SIGN_KEY_PATH);
         serverEncPrivateKey = TestUtils.readSM2PrivateKeyPemFile(SERVER_ENC_KEY_PATH);
         // build server sign and enc certification.
-        serverSignCert = OpenSSLX509Certificate.fromX509PemInputStream(TestUtils.openTestFile(SERVER_SIGN_CERT_PATH));
-        serverEncCert = OpenSSLX509Certificate.fromX509PemInputStream(TestUtils.openTestFile(SERVER_ENC_CERT_PATH));
+        serverSignCert = DragonwellX509Certificate.fromX509PemInputStream(TestUtils.openTestFile(SERVER_SIGN_CERT_PATH));
+        serverEncCert = DragonwellX509Certificate.fromX509PemInputStream(TestUtils.openTestFile(SERVER_ENC_CERT_PATH));
 
         X509Certificate[] serverSignCertChain = new X509Certificate[]{serverSignCert, subCaCert, caCert};
         X509Certificate[] serverEncCertChain = new X509Certificate[]{serverEncCert, subCaCert, caCert};
@@ -169,8 +171,8 @@ private void buildServerKeyStore() throws Exception {
         KeyManagerFactory kmf = KeyManagerFactory.getInstance("TlcpKeyManagerFactory", new DragonwellSecurityProvider());
         kmf.init(ks, EMPTY_PASSWORD);
         KeyManager serverKey = (kmf.getKeyManagers())[0];
-        if (serverKey instanceof TlcpKeyManagerImpl) {
-            TlcpKeyManagerImpl tlcpKeyManager = (TlcpKeyManagerImpl) serverKey;
+        if (serverKey instanceof DragonwellTlcpCertIndicate) {
+            DragonwellTlcpCertIndicate tlcpKeyManager = (DragonwellTlcpCertIndicate) serverKey;
             serverKeyManager = new KeyManager[]{serverKey};
             tlcpKeyManager.setTlcpEncAlias(SERVER_ENC_ALIAS);
             tlcpKeyManager.setTlcpSignAlias(SERVER_SIGN_ALIAS);