ENT-1565 Documentation and Bugfix for native SSL (#1432)

* Add documentation for the useOpenSsl flag

* Use delegation for wrapping unchanged methods (removing actual and potential bugs)

* Replace reflective shorthands with proper argument names in wrappers.

* Mention default for useOpenSsl in documentation

node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/AliasProvidingKeyMangerWrapper.kt

@@ -2,8 +2,6 @@ package net.corda.nodeapi.internal.protonwrapper.netty
 
 import java.net.Socket
 import java.security.Principal
-import java.security.PrivateKey
-import java.security.cert.X509Certificate
 import javax.net.ssl.SSLEngine
 import javax.net.ssl.X509ExtendedKeyManager
 import javax.net.ssl.X509KeyManager
@@ -13,31 +11,15 @@ interface AliasProvidingKeyMangerWrapper : X509KeyManager {
 }
 
 
-class AliasProvidingKeyMangerWrapperImpl(private val keyManager: X509KeyManager) : AliasProvidingKeyMangerWrapper {
+class AliasProvidingKeyMangerWrapperImpl(private val keyManager: X509KeyManager) : AliasProvidingKeyMangerWrapper, X509KeyManager by keyManager {
     override var lastAlias: String? = null
 
-    override fun getClientAliases(p0: String?, p1: Array<out Principal>?): Array<String> {
-        return keyManager.getClientAliases(p0, p1)
+    override fun chooseServerAlias(keyType: String?, issuers: Array<out Principal>?, socket: Socket?): String? {
+        return storeIfNotNull { keyManager.chooseServerAlias(keyType, issuers, socket) }
     }
 
-    override fun getServerAliases(p0: String?, p1: Array<out Principal>?): Array<String> {
-        return getServerAliases(p0, p1)
-    }
-
-    override fun chooseServerAlias(p0: String?, p1: Array<out Principal>?, p2: Socket?): String? {
-        return storeIfNotNull { keyManager.chooseServerAlias(p0, p1, p2) }
-    }
-
-    override fun getCertificateChain(p0: String?): Array<X509Certificate> {
-        return keyManager.getCertificateChain(p0)
-    }
-
-    override fun getPrivateKey(p0: String?): PrivateKey {
-        return keyManager.getPrivateKey(p0)
-    }
-
-    override fun chooseClientAlias(p0: Array<out String>?, p1: Array<out Principal>?, p2: Socket?): String? {
-        return storeIfNotNull { keyManager.chooseClientAlias(p0, p1, p2) }
+    override fun chooseClientAlias(keyType: Array<out String>?, issuers: Array<out Principal>?, socket: Socket?): String? {
+        return storeIfNotNull { keyManager.chooseClientAlias(keyType, issuers, socket) }
     }
 
     private fun storeIfNotNull(func: () -> String?): String? {
@@ -49,39 +31,23 @@ class AliasProvidingKeyMangerWrapperImpl(private val keyManager: X509KeyManager)
     }
 }
 
-class AliasProvidingExtendedKeyMangerWrapper(private val keyManager: X509ExtendedKeyManager) : X509ExtendedKeyManager(), AliasProvidingKeyMangerWrapper {
+class AliasProvidingExtendedKeyMangerWrapper(private val keyManager: X509ExtendedKeyManager) : X509ExtendedKeyManager(), X509KeyManager by keyManager, AliasProvidingKeyMangerWrapper {
     override var lastAlias: String? = null
 
-    override fun getClientAliases(p0: String?, p1: Array<out Principal>?): Array<String> {
-        return keyManager.getClientAliases(p0, p1)
+    override fun chooseServerAlias(keyType: String?, issuers: Array<out Principal>?, socket: Socket?): String? {
+        return storeIfNotNull { keyManager.chooseServerAlias(keyType, issuers, socket) }
     }
 
-    override fun getServerAliases(p0: String?, p1: Array<out Principal>?): Array<String> {
-        return keyManager.getServerAliases(p0, p1)
+    override fun chooseClientAlias(keyType: Array<out String>?, issuers: Array<out Principal>?, socket: Socket?): String? {
+        return storeIfNotNull { keyManager.chooseClientAlias(keyType, issuers, socket) }
     }
 
-    override fun chooseServerAlias(p0: String?, p1: Array<out Principal>?, p2: Socket?): String? {
-        return storeIfNotNull { keyManager.chooseServerAlias(p0, p1, p2) }
+    override fun chooseEngineClientAlias(keyType: Array<out String>?, issuers: Array<out Principal>?, engine: SSLEngine?): String? {
+        return storeIfNotNull { keyManager.chooseEngineClientAlias(keyType, issuers, engine) }
     }
 
-    override fun getCertificateChain(p0: String?): Array<X509Certificate> {
-        return keyManager.getCertificateChain(p0)
-    }
-
-    override fun getPrivateKey(p0: String?): PrivateKey {
-        return keyManager.getPrivateKey(p0)
-    }
-
-    override fun chooseClientAlias(p0: Array<out String>?, p1: Array<out Principal>?, p2: Socket?): String? {
-        return storeIfNotNull { keyManager.chooseClientAlias(p0, p1, p2) }
-    }
-
-    override fun chooseEngineClientAlias(p0: Array<out String>?, p1: Array<out Principal>?, p2: SSLEngine?): String? {
-        return storeIfNotNull { keyManager.chooseEngineClientAlias(p0, p1, p2) }
-    }
-
-    override fun chooseEngineServerAlias(p0: String?, p1: Array<out Principal>?, p2: SSLEngine?): String? {
-        return storeIfNotNull { keyManager.chooseEngineServerAlias(p0, p1, p2) }
+    override fun chooseEngineServerAlias(keyType: String?, issuers: Array<out Principal>?, engine: SSLEngine?): String? {
+        return storeIfNotNull { keyManager.chooseEngineServerAlias(keyType, issuers, engine) }
     }
 
     private fun storeIfNotNull(func: () -> String?): String? {

node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/CertHoldingKeyManagerFactoryWrapper.kt

@@ -6,16 +6,16 @@ import javax.net.ssl.*
 
 
 class CertHoldingKeyManagerFactorySpiWrapper(private val factorySpi: KeyManagerFactorySpi) : KeyManagerFactorySpi() {
-    override fun engineInit(p0: KeyStore?, p1: CharArray?) {
+    override fun engineInit(keyStore: KeyStore?, password: CharArray?) {
         val engineInitMethod = KeyManagerFactorySpi::class.java.getDeclaredMethod("engineInit", KeyStore::class.java, CharArray::class.java)
         engineInitMethod.isAccessible = true
-        engineInitMethod.invoke(factorySpi, p0, p1)
+        engineInitMethod.invoke(factorySpi, keyStore, password)
     }
 
-    override fun engineInit(p0: ManagerFactoryParameters?) {
+    override fun engineInit(spec: ManagerFactoryParameters?) {
         val engineInitMethod = KeyManagerFactorySpi::class.java.getDeclaredMethod("engineInit", ManagerFactoryParameters::class.java)
         engineInitMethod.isAccessible = true
-        engineInitMethod.invoke(factorySpi, p0)
+        engineInitMethod.invoke(factorySpi, spec)
     }
 
     private fun getKeyManagersImpl(): Array<KeyManager> {

node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/TrustManagerFactoryWrapper.kt

@@ -12,16 +12,16 @@ class LoggingTrustManagerFactorySpiWrapper(private val factorySpi: TrustManagerF
         return if (factorySpi is LoggingTrustManagerFactorySpiWrapper) trustManagers else trustManagers.filterIsInstance(X509ExtendedTrustManager::class.java).map { LoggingTrustManagerWrapper(it) }.toTypedArray()
     }
 
-    override fun engineInit(p0: KeyStore?) {
+    override fun engineInit(ks: KeyStore?) {
         val engineInitMethod = TrustManagerFactorySpi::class.java.getDeclaredMethod("engineInit", KeyStore::class.java)
         engineInitMethod.isAccessible = true
-        engineInitMethod.invoke(factorySpi, p0)
+        engineInitMethod.invoke(factorySpi, ks)
     }
 
-    override fun engineInit(p0: ManagerFactoryParameters?) {
+    override fun engineInit(spec: ManagerFactoryParameters?) {
         val engineInitMethod = TrustManagerFactorySpi::class.java.getDeclaredMethod("engineInit", ManagerFactoryParameters::class.java)
         engineInitMethod.isAccessible = true
-        engineInitMethod.invoke(factorySpi, p0)
+        engineInitMethod.invoke(factorySpi, spec)
     }
 }