From 16569099ba0daa390b23c7cfab3c83f0809d34fc Mon Sep 17 00:00:00 2001
From: Moritz Halbritter <mkammerer@vmware.com>
Date: Thu, 1 Dec 2022 12:17:34 +0100
Subject: [PATCH] Polish "Fix bug in webserver start when loading PKCS#11
 KeyStore"

See gh-32179
---
 .../boot/web/embedded/jetty/SslServerCustomizer.java      | 8 +++-----
 .../boot/web/embedded/netty/SslServerCustomizer.java      | 4 +---
 .../boot/web/embedded/tomcat/SslConnectorCustomizer.java  | 8 +++-----
 .../boot/web/embedded/undertow/SslBuilderCustomizer.java  | 3 +--
 .../web/embedded/netty/MockPkcs11SecurityProvider.java    | 2 +-
 .../web/embedded/tomcat/SslConnectorCustomizerTests.java  | 2 +-
 6 files changed, 10 insertions(+), 17 deletions(-)

diff --git a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/jetty/SslServerCustomizer.java b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/jetty/SslServerCustomizer.java
index f2fb7458fb1..c60cb4d983f 100644
--- a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/jetty/SslServerCustomizer.java
+++ b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/jetty/SslServerCustomizer.java
@@ -19,7 +19,6 @@ package org.springframework.boot.web.embedded.jetty;
 import java.io.IOException;
 import java.net.InetSocketAddress;
 import java.net.URL;
-import java.util.Objects;
 
 import org.eclipse.jetty.alpn.server.ALPNServerConnectionFactory;
 import org.eclipse.jetty.http.HttpVersion;
@@ -222,10 +221,10 @@ class SslServerCustomizer implements JettyServerCustomizer {
 	}
 
 	private void configureSslKeyStore(SslContextFactory.Server factory, Ssl ssl) {
-		final String keystoreType = Objects.requireNonNullElse(ssl.getKeyStoreType(), "JKS");
-		final String keystoreLocation = ssl.getKeyStore();
+		String keystoreType = (ssl.getKeyStoreType() != null) ? ssl.getKeyStoreType() : "JKS";
+		String keystoreLocation = ssl.getKeyStore();
 		if (keystoreType.equalsIgnoreCase("PKCS11")) {
-			if (keystoreLocation != null && !keystoreLocation.isBlank()) {
+			if (keystoreLocation != null && !keystoreLocation.isEmpty()) {
 				throw new IllegalArgumentException("Input keystore location is not valid for keystore type 'PKCS11': '"
 						+ keystoreLocation + "'. Must be undefined / null.");
 			}
@@ -239,7 +238,6 @@ class SslServerCustomizer implements JettyServerCustomizer {
 				throw new WebServerException("Could not load key store '" + keystoreLocation + "'", ex);
 			}
 		}
-
 		factory.setKeyStoreType(keystoreType);
 		if (ssl.getKeyStoreProvider() != null) {
 			factory.setKeyStoreProvider(ssl.getKeyStoreProvider());
diff --git a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/netty/SslServerCustomizer.java b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/netty/SslServerCustomizer.java
index cfa809ab958..d00ff005ed6 100644
--- a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/netty/SslServerCustomizer.java
+++ b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/netty/SslServerCustomizer.java
@@ -173,11 +173,10 @@ public class SslServerCustomizer implements NettyServerCustomizer {
 		type = (type != null) ? type : "JKS";
 		KeyStore store = (provider != null) ? KeyStore.getInstance(type, provider) : KeyStore.getInstance(type);
 		if (type.equalsIgnoreCase("PKCS11")) {
-			if (resource != null && !resource.isBlank()) {
+			if (resource != null && !resource.isEmpty()) {
 				throw new IllegalArgumentException("Input keystore location is not valid for keystore type 'PKCS11': '"
 						+ resource + "'. Must be undefined / null.");
 			}
-
 			store.load(null, (password != null) ? password.toCharArray() : null);
 		}
 		else {
@@ -191,7 +190,6 @@ public class SslServerCustomizer implements NettyServerCustomizer {
 				throw new WebServerException("Could not load key store '" + resource + "'", ex);
 			}
 		}
-
 		return store;
 	}
 
diff --git a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/tomcat/SslConnectorCustomizer.java b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/tomcat/SslConnectorCustomizer.java
index 134b2e8883f..c243d88ef4b 100644
--- a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/tomcat/SslConnectorCustomizer.java
+++ b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/tomcat/SslConnectorCustomizer.java
@@ -17,7 +17,6 @@
 package org.springframework.boot.web.embedded.tomcat;
 
 import java.io.FileNotFoundException;
-import java.util.Objects;
 
 import org.apache.catalina.connector.Connector;
 import org.apache.coyote.ProtocolHandler;
@@ -141,10 +140,10 @@ class SslConnectorCustomizer implements TomcatConnectorCustomizer {
 	}
 
 	private void configureSslKeyStore(SSLHostConfigCertificate certificate, Ssl ssl) {
-		final String keystoreType = Objects.requireNonNullElse(ssl.getKeyStoreType(), "JKS");
-		final String keystoreLocation = ssl.getKeyStore();
+		String keystoreType = (ssl.getKeyStoreType() != null) ? ssl.getKeyStoreType() : "JKS";
+		String keystoreLocation = ssl.getKeyStore();
 		if (keystoreType.equalsIgnoreCase("PKCS11")) {
-			if (keystoreLocation != null && !keystoreLocation.isBlank()) {
+			if (keystoreLocation != null && !keystoreLocation.isEmpty()) {
 				throw new IllegalArgumentException("Input keystore location is not valid for keystore type 'PKCS11': '"
 						+ keystoreLocation + "'. Must be undefined / null.");
 			}
@@ -157,7 +156,6 @@ class SslConnectorCustomizer implements TomcatConnectorCustomizer {
 				throw new WebServerException("Could not load key store '" + keystoreLocation + "'", ex);
 			}
 		}
-
 		certificate.setCertificateKeystoreType(keystoreType);
 		if (ssl.getKeyStoreProvider() != null) {
 			certificate.setCertificateKeystoreProvider(ssl.getKeyStoreProvider());
diff --git a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/undertow/SslBuilderCustomizer.java b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/undertow/SslBuilderCustomizer.java
index 3cfd1b817b6..d8615085b40 100644
--- a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/undertow/SslBuilderCustomizer.java
+++ b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/undertow/SslBuilderCustomizer.java
@@ -182,11 +182,10 @@ class SslBuilderCustomizer implements UndertowBuilderCustomizer {
 		type = (type != null) ? type : "JKS";
 		KeyStore store = (provider != null) ? KeyStore.getInstance(type, provider) : KeyStore.getInstance(type);
 		if (type.equalsIgnoreCase("PKCS11")) {
-			if (resource != null && !resource.isBlank()) {
+			if (resource != null && !resource.isEmpty()) {
 				throw new IllegalArgumentException("Input keystore location is not valid for keystore type 'PKCS11': '"
 						+ resource + "'. Must be undefined / null.");
 			}
-
 			store.load(null, (password != null) ? password.toCharArray() : null);
 		}
 		else {
diff --git a/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/netty/MockPkcs11SecurityProvider.java b/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/netty/MockPkcs11SecurityProvider.java
index 31bc824e629..5bc49afbd73 100644
--- a/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/netty/MockPkcs11SecurityProvider.java
+++ b/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/netty/MockPkcs11SecurityProvider.java
@@ -29,7 +29,7 @@ public class MockPkcs11SecurityProvider extends Provider {
 
 	private static final String DEFAULT_PROVIDER_NAME = "Mock-PKCS11";
 
-	private static final String VERSION = "0.1";
+	private static final double VERSION = 0.1;
 
 	private static final String DESCRIPTION = "Mock PKCS11 Provider";
 
diff --git a/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/tomcat/SslConnectorCustomizerTests.java b/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/tomcat/SslConnectorCustomizerTests.java
index be18d9ee4e2..3ab6d5a8436 100644
--- a/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/tomcat/SslConnectorCustomizerTests.java
+++ b/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/tomcat/SslConnectorCustomizerTests.java
@@ -40,8 +40,8 @@ import org.junit.jupiter.api.extension.ExtendWith;
 
 import org.springframework.boot.testsupport.system.CapturedOutput;
 import org.springframework.boot.testsupport.system.OutputCaptureExtension;
-import org.springframework.boot.web.embedded.netty.MockPkcs11SecurityProvider;
 import org.springframework.boot.testsupport.web.servlet.DirtiesUrlFactories;
+import org.springframework.boot.web.embedded.netty.MockPkcs11SecurityProvider;
 import org.springframework.boot.web.server.Ssl;
 import org.springframework.boot.web.server.SslStoreProvider;
 import org.springframework.boot.web.server.WebServerException;