add method

hutool-core/src/main/java/org/dromara/hutool/core/net/ssl/SSLUtil.java

@@ -12,11 +12,15 @@
 
 package org.dromara.hutool.core.net.ssl;
 
+import org.dromara.hutool.core.exceptions.UtilException;
 import org.dromara.hutool.core.io.IORuntimeException;
+import org.dromara.hutool.core.text.StrUtil;
 
-import javax.net.ssl.KeyManager;
+import javax.net.ssl.*;
-import javax.net.ssl.SSLContext;
+import java.security.KeyStore;
-import javax.net.ssl.TrustManager;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.Provider;
 
 /**
  * SSL(Secure Sockets Layer 安全套接字协议)相关工具封装
@@ -26,6 +30,60 @@ import javax.net.ssl.TrustManager;
  */
 public class SSLUtil {
 
+	/**
+	 * 获取指定的{@link X509TrustManager}<br>
+	 * 此方法主要用于获取自签证书的{@link X509TrustManager}
+	 *
+	 * @param keyStore  {@link KeyStore}
+	 * @param provider  算法提供者，如bc，{@code null}表示默认
+	 * @return {@link X509TrustManager} or {@code null}
+	 * @since 6.0.0
+	 */
+	public static X509TrustManager getTrustManager(final KeyStore keyStore, final Provider provider) {
+		return getTrustManager(keyStore, null, provider);
+	}
+
+	/**
+	 * 获取指定的{@link X509TrustManager}<br>
+	 * 此方法主要用于获取自签证书的{@link X509TrustManager}
+	 *
+	 * @param keyStore  {@link KeyStore}
+	 * @param algorithm 算法名称，如"SunX509"，{@code null}表示默认SunX509
+	 * @param provider  算法提供者，如bc，{@code null}表示默认SunJSSE
+	 * @return {@link X509TrustManager} or {@code null}
+	 * @since 6.0.0
+	 */
+	public static X509TrustManager getTrustManager(final KeyStore keyStore, String algorithm, final Provider provider) {
+		final TrustManagerFactory tmf;
+
+		if(StrUtil.isEmpty(algorithm)){
+			algorithm = TrustManagerFactory.getDefaultAlgorithm();
+		}
+		try {
+			if(null == provider){
+				tmf = TrustManagerFactory.getInstance(algorithm);
+			} else{
+				tmf = TrustManagerFactory.getInstance(algorithm, provider);
+			}
+		} catch (final NoSuchAlgorithmException e) {
+			throw new UtilException(e);
+		}
+		try {
+			tmf.init(keyStore);
+		} catch (final KeyStoreException e) {
+			throw new UtilException(e);
+		}
+
+		final TrustManager[] tms = tmf.getTrustManagers();
+		for (final TrustManager tm : tms) {
+			if (tm instanceof X509TrustManager) {
+				return (X509TrustManager) tm;
+			}
+		}
+
+		return null;
+	}
+
 	/**
 	 * 创建{@link SSLContext}，信任全部，协议为TLS
 	 *
@@ -46,10 +104,10 @@ public class SSLUtil {
 	 */
 	public static SSLContext createTrustAnySSLContext(final String protocol) throws IORuntimeException {
 		return SSLContextBuilder.of()
-				.setProtocol(protocol)
+			.setProtocol(protocol)
-				// 信任所有服务端
+			// 信任所有服务端
-				.setTrustManagers(new TrustManager[]{TrustAnyTrustManager.INSTANCE})
+			.setTrustManagers(new TrustManager[]{TrustAnyTrustManager.INSTANCE})
-				.build();
+			.build();
 	}
 
 	/**
@@ -62,10 +120,10 @@ public class SSLUtil {
 	 * @throws IORuntimeException 包装 GeneralSecurityException异常
 	 */
 	public static SSLContext createSSLContext(final String protocol, final KeyManager keyManager, final TrustManager trustManager)
-			throws IORuntimeException {
+		throws IORuntimeException {
 		return createSSLContext(protocol,
-				keyManager == null ? null : new KeyManager[]{keyManager},
+			keyManager == null ? null : new KeyManager[]{keyManager},
-				trustManager == null ? null : new TrustManager[]{trustManager});
+			trustManager == null ? null : new TrustManager[]{trustManager});
 	}
 
 	/**
@@ -79,8 +137,8 @@ public class SSLUtil {
 	 */
 	public static SSLContext createSSLContext(final String protocol, final KeyManager[] keyManagers, final TrustManager[] trustManagers) throws IORuntimeException {
 		return SSLContextBuilder.of()
-				.setProtocol(protocol)
+			.setProtocol(protocol)
-				.setKeyManagers(keyManagers)
+			.setKeyManagers(keyManagers)
-				.setTrustManagers(trustManagers).build();
+			.setTrustManagers(trustManagers).build();
 	}
 }