activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From hadr...@apache.org
Subject activemq git commit: [AMQ-5789] Add support for keystore type (other than jks)
Date Wed, 03 Jun 2015 02:01:48 GMT
Repository: activemq
Updated Branches:
  refs/heads/master 2d7280f33 -> 9810e61b1


[AMQ-5789] Add support for keystore type (other than jks)


Project: http://git-wip-us.apache.org/repos/asf/activemq/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq/commit/9810e61b
Tree: http://git-wip-us.apache.org/repos/asf/activemq/tree/9810e61b
Diff: http://git-wip-us.apache.org/repos/asf/activemq/diff/9810e61b

Branch: refs/heads/master
Commit: 9810e61b1bcfde63d3156beed6f8043ef70a283d
Parents: 2d7280f
Author: Hadrian Zbarcea <hadrian@apache.org>
Authored: Tue Jun 2 22:01:35 2015 -0400
Committer: Hadrian Zbarcea <hadrian@apache.org>
Committed: Tue Jun 2 22:01:35 2015 -0400

----------------------------------------------------------------------
 .../activemq/ActiveMQSslConnectionFactory.java  |  23 ++++++++++++++--
 .../ActiveMQSslConnectionFactoryTest.java       |  26 +++++++++++++++++++
 .../test/resources/ssl/client-pkcs12.keystore   | Bin 0 -> 2586 bytes
 3 files changed, 47 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq/blob/9810e61b/activemq-client/src/main/java/org/apache/activemq/ActiveMQSslConnectionFactory.java
----------------------------------------------------------------------
diff --git a/activemq-client/src/main/java/org/apache/activemq/ActiveMQSslConnectionFactory.java
b/activemq-client/src/main/java/org/apache/activemq/ActiveMQSslConnectionFactory.java
index 7a0e063..b6b75da 100644
--- a/activemq-client/src/main/java/org/apache/activemq/ActiveMQSslConnectionFactory.java
+++ b/activemq-client/src/main/java/org/apache/activemq/ActiveMQSslConnectionFactory.java
@@ -62,8 +62,10 @@ public class ActiveMQSslConnectionFactory extends ActiveMQConnectionFactory
{
     protected KeyManager[] keyManager;
     protected TrustManager[] trustManager;
     protected SecureRandom secureRandom;
+    protected String trustStoreType = KeyStore.getDefaultType();
     protected String trustStore;
     protected String trustStorePassword;
+    protected String keyStoreType = KeyStore.getDefaultType();
     protected String keyStore;
     protected String keyStorePassword;
     protected String keyStoreKeyPassword;
@@ -125,7 +127,7 @@ public class ActiveMQSslConnectionFactory extends ActiveMQConnectionFactory
{
 
     protected TrustManager[] createTrustManager() throws Exception {
         TrustManager[] trustStoreManagers = null;
-        KeyStore trustedCertStore = KeyStore.getInstance("jks");
+        KeyStore trustedCertStore = KeyStore.getInstance(getTrustStoreType());
 
         if (trustStore != null) {
             InputStream tsStream = getInputStream(trustStore);
@@ -141,7 +143,7 @@ public class ActiveMQSslConnectionFactory extends ActiveMQConnectionFactory
{
 
     protected KeyManager[] createKeyManager() throws Exception {
         KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
-        KeyStore ks = KeyStore.getInstance("jks");
+        KeyStore ks = KeyStore.getInstance(getKeyStoreType());
         KeyManager[] keystoreManagers = null;
         if (keyStore != null) {
             byte[] sslCert = loadClientCredential(keyStore);
@@ -205,6 +207,14 @@ public class ActiveMQSslConnectionFactory extends ActiveMQConnectionFactory
{
         return ins;
     }
 
+    public String getTrustStoreType() {
+        return trustStoreType;
+    }
+
+    public void setTrustStoreType(String type) {
+        trustStoreType = type;
+    }
+
     public String getTrustStore() {
         return trustStore;
     }
@@ -236,6 +246,15 @@ public class ActiveMQSslConnectionFactory extends ActiveMQConnectionFactory
{
         this.trustStorePassword = trustStorePassword;
     }
 
+    public String getKeyStoreType() {
+        return keyStoreType;
+    }
+
+    public void setKeyStoreType(String type) {
+        keyStoreType = type;
+    }
+
+
     public String getKeyStore() {
         return keyStore;
     }

http://git-wip-us.apache.org/repos/asf/activemq/blob/9810e61b/activemq-client/src/test/java/org/apache/activemq/ActiveMQSslConnectionFactoryTest.java
----------------------------------------------------------------------
diff --git a/activemq-client/src/test/java/org/apache/activemq/ActiveMQSslConnectionFactoryTest.java
b/activemq-client/src/test/java/org/apache/activemq/ActiveMQSslConnectionFactoryTest.java
index aa6b1c3..cde7cb5 100644
--- a/activemq-client/src/test/java/org/apache/activemq/ActiveMQSslConnectionFactoryTest.java
+++ b/activemq-client/src/test/java/org/apache/activemq/ActiveMQSslConnectionFactoryTest.java
@@ -26,6 +26,7 @@ import org.junit.Test;
 public class ActiveMQSslConnectionFactoryTest {
 
     final String TRUST_STORE_FILE_NAME = "client.keystore";
+    final String TRUST_STORE_PKCS12_FILE_NAME = "client-pkcs12.keystore";
     final String TRUST_STORE_DIRECTORY_NAME = "src/test/resources/ssl/";
     final String TRUST_STORE_RESOURCE_PREFIX = "ssl/";
     final String TRUST_STORE_PASSWORD = "password";
@@ -92,9 +93,34 @@ public class ActiveMQSslConnectionFactoryTest {
         executeTest(FAILOVER_SSL_TRANSPORT, TRUST_STORE_RESOURCE_PREFIX + TRUST_STORE_FILE_NAME
+ ".dummy");
     }
 
+    @Test(expected = ConnectException.class)
+    public void validPkcs12TrustStoreFileTest() throws Throwable {
+        executeTest(SSL_TRANSPORT, TRUST_STORE_DIRECTORY_NAME + TRUST_STORE_PKCS12_FILE_NAME,
"pkcs12");
+    }
+
+    @Test(expected = ConnectException.class)
+    public void validPkcs12TrustStoreURLTest() throws Throwable {
+        executeTest(SSL_TRANSPORT, new File(TRUST_STORE_DIRECTORY_NAME + TRUST_STORE_PKCS12_FILE_NAME).toURI().toString(),
"pkcs12");
+    }
+
+    @Test(expected = ConnectException.class)
+    public void validPkcs12TrustStoreResourceTest() throws Throwable {
+        executeTest(SSL_TRANSPORT, TRUST_STORE_RESOURCE_PREFIX + TRUST_STORE_PKCS12_FILE_NAME,
"pkcs12");
+    }
+
+    @Test(expected = IOException.class)	// Invalid keystore format
+    public void invalidTrustStoreTypeTest() throws Throwable {
+        executeTest(SSL_TRANSPORT, TRUST_STORE_RESOURCE_PREFIX + TRUST_STORE_PKCS12_FILE_NAME,
"jks");
+    }
+
     protected void executeTest(String transport, String name) throws Throwable {
+    	executeTest(transport, name, null);    	
+    }
+
+    protected void executeTest(String transport, String name, String type) throws Throwable
{
         try {
             ActiveMQSslConnectionFactory activeMQSslConnectionFactory = new ActiveMQSslConnectionFactory(transport);
+            activeMQSslConnectionFactory.setTrustStoreType(type != null ? type : activeMQSslConnectionFactory.getTrustStoreType());
             activeMQSslConnectionFactory.setTrustStore(name);
             activeMQSslConnectionFactory.setTrustStorePassword(TRUST_STORE_PASSWORD);
 

http://git-wip-us.apache.org/repos/asf/activemq/blob/9810e61b/activemq-client/src/test/resources/ssl/client-pkcs12.keystore
----------------------------------------------------------------------
diff --git a/activemq-client/src/test/resources/ssl/client-pkcs12.keystore b/activemq-client/src/test/resources/ssl/client-pkcs12.keystore
new file mode 100644
index 0000000..bf99cb5
Binary files /dev/null and b/activemq-client/src/test/resources/ssl/client-pkcs12.keystore
differ


Mime
View raw message