activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From hadr...@apache.org
Subject activemq git commit: [AMQ-5789] Add support for keystore type (other than jks)
Date Wed, 03 Jun 2015 02:18:08 GMT
Repository: activemq
Updated Branches:
  refs/heads/activemq-5.10.x e94fc230b -> e85441f39


[AMQ-5789] Add support for keystore type (other than jks)


Project: http://git-wip-us.apache.org/repos/asf/activemq/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq/commit/e85441f3
Tree: http://git-wip-us.apache.org/repos/asf/activemq/tree/e85441f3
Diff: http://git-wip-us.apache.org/repos/asf/activemq/diff/e85441f3

Branch: refs/heads/activemq-5.10.x
Commit: e85441f39336bd726f7822fbe7b3bb50f7322c77
Parents: e94fc23
Author: Hadrian Zbarcea <hadrian@apache.org>
Authored: Tue Jun 2 22:01:35 2015 -0400
Committer: Hadrian Zbarcea <hadrian@apache.org>
Committed: Tue Jun 2 22:12:08 2015 -0400

----------------------------------------------------------------------
 .../activemq/ActiveMQSslConnectionFactory.java  |  23 ++++++++++++++--
 .../ActiveMQSslConnectionFactoryTest.java       |  26 +++++++++++++++++++
 .../test/resources/ssl/client-pkcs12.keystore   | Bin 0 -> 2586 bytes
 3 files changed, 47 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq/blob/e85441f3/activemq-client/src/main/java/org/apache/activemq/ActiveMQSslConnectionFactory.java
----------------------------------------------------------------------
diff --git a/activemq-client/src/main/java/org/apache/activemq/ActiveMQSslConnectionFactory.java
b/activemq-client/src/main/java/org/apache/activemq/ActiveMQSslConnectionFactory.java
index fe9d52f..2097f91 100644
--- a/activemq-client/src/main/java/org/apache/activemq/ActiveMQSslConnectionFactory.java
+++ b/activemq-client/src/main/java/org/apache/activemq/ActiveMQSslConnectionFactory.java
@@ -62,8 +62,10 @@ public class ActiveMQSslConnectionFactory extends ActiveMQConnectionFactory
{
     protected KeyManager[] keyManager;
     protected TrustManager[] trustManager;
     protected SecureRandom secureRandom;
+    protected String trustStoreType = KeyStore.getDefaultType();
     protected String trustStore;
     protected String trustStorePassword;
+    protected String keyStoreType = KeyStore.getDefaultType();
     protected String keyStore;
     protected String keyStorePassword;
 
@@ -124,7 +126,7 @@ public class ActiveMQSslConnectionFactory extends ActiveMQConnectionFactory
{
 
     protected TrustManager[] createTrustManager() throws Exception {
         TrustManager[] trustStoreManagers = null;
-        KeyStore trustedCertStore = KeyStore.getInstance("jks");
+        KeyStore trustedCertStore = KeyStore.getInstance(getTrustStoreType());
 
         if (trustStore != null) {
             InputStream tsStream = getInputStream(trustStore);
@@ -140,7 +142,7 @@ public class ActiveMQSslConnectionFactory extends ActiveMQConnectionFactory
{
 
     protected KeyManager[] createKeyManager() throws Exception {
         KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
-        KeyStore ks = KeyStore.getInstance("jks");
+        KeyStore ks = KeyStore.getInstance(getKeyStoreType());
         KeyManager[] keystoreManagers = null;
         if (keyStore != null) {
             byte[] sslCert = loadClientCredential(keyStore);
@@ -204,6 +206,14 @@ public class ActiveMQSslConnectionFactory extends ActiveMQConnectionFactory
{
         return ins;
     }
 
+    public String getTrustStoreType() {
+        return trustStoreType;
+    }
+
+    public void setTrustStoreType(String type) {
+        trustStoreType = type;
+    }
+
     public String getTrustStore() {
         return trustStore;
     }
@@ -235,6 +245,15 @@ public class ActiveMQSslConnectionFactory extends ActiveMQConnectionFactory
{
         this.trustStorePassword = trustStorePassword;
     }
 
+    public String getKeyStoreType() {
+        return keyStoreType;
+    }
+
+    public void setKeyStoreType(String type) {
+        keyStoreType = type;
+    }
+
+
     public String getKeyStore() {
         return keyStore;
     }

http://git-wip-us.apache.org/repos/asf/activemq/blob/e85441f3/activemq-client/src/test/java/org/apache/activemq/ActiveMQSslConnectionFactoryTest.java
----------------------------------------------------------------------
diff --git a/activemq-client/src/test/java/org/apache/activemq/ActiveMQSslConnectionFactoryTest.java
b/activemq-client/src/test/java/org/apache/activemq/ActiveMQSslConnectionFactoryTest.java
index aa6b1c3..cde7cb5 100644
--- a/activemq-client/src/test/java/org/apache/activemq/ActiveMQSslConnectionFactoryTest.java
+++ b/activemq-client/src/test/java/org/apache/activemq/ActiveMQSslConnectionFactoryTest.java
@@ -26,6 +26,7 @@ import org.junit.Test;
 public class ActiveMQSslConnectionFactoryTest {
 
     final String TRUST_STORE_FILE_NAME = "client.keystore";
+    final String TRUST_STORE_PKCS12_FILE_NAME = "client-pkcs12.keystore";
     final String TRUST_STORE_DIRECTORY_NAME = "src/test/resources/ssl/";
     final String TRUST_STORE_RESOURCE_PREFIX = "ssl/";
     final String TRUST_STORE_PASSWORD = "password";
@@ -92,9 +93,34 @@ public class ActiveMQSslConnectionFactoryTest {
         executeTest(FAILOVER_SSL_TRANSPORT, TRUST_STORE_RESOURCE_PREFIX + TRUST_STORE_FILE_NAME
+ ".dummy");
     }
 
+    @Test(expected = ConnectException.class)
+    public void validPkcs12TrustStoreFileTest() throws Throwable {
+        executeTest(SSL_TRANSPORT, TRUST_STORE_DIRECTORY_NAME + TRUST_STORE_PKCS12_FILE_NAME,
"pkcs12");
+    }
+
+    @Test(expected = ConnectException.class)
+    public void validPkcs12TrustStoreURLTest() throws Throwable {
+        executeTest(SSL_TRANSPORT, new File(TRUST_STORE_DIRECTORY_NAME + TRUST_STORE_PKCS12_FILE_NAME).toURI().toString(),
"pkcs12");
+    }
+
+    @Test(expected = ConnectException.class)
+    public void validPkcs12TrustStoreResourceTest() throws Throwable {
+        executeTest(SSL_TRANSPORT, TRUST_STORE_RESOURCE_PREFIX + TRUST_STORE_PKCS12_FILE_NAME,
"pkcs12");
+    }
+
+    @Test(expected = IOException.class)	// Invalid keystore format
+    public void invalidTrustStoreTypeTest() throws Throwable {
+        executeTest(SSL_TRANSPORT, TRUST_STORE_RESOURCE_PREFIX + TRUST_STORE_PKCS12_FILE_NAME,
"jks");
+    }
+
     protected void executeTest(String transport, String name) throws Throwable {
+    	executeTest(transport, name, null);    	
+    }
+
+    protected void executeTest(String transport, String name, String type) throws Throwable
{
         try {
             ActiveMQSslConnectionFactory activeMQSslConnectionFactory = new ActiveMQSslConnectionFactory(transport);
+            activeMQSslConnectionFactory.setTrustStoreType(type != null ? type : activeMQSslConnectionFactory.getTrustStoreType());
             activeMQSslConnectionFactory.setTrustStore(name);
             activeMQSslConnectionFactory.setTrustStorePassword(TRUST_STORE_PASSWORD);
 

http://git-wip-us.apache.org/repos/asf/activemq/blob/e85441f3/activemq-client/src/test/resources/ssl/client-pkcs12.keystore
----------------------------------------------------------------------
diff --git a/activemq-client/src/test/resources/ssl/client-pkcs12.keystore b/activemq-client/src/test/resources/ssl/client-pkcs12.keystore
new file mode 100644
index 0000000..bf99cb5
Binary files /dev/null and b/activemq-client/src/test/resources/ssl/client-pkcs12.keystore
differ


Mime
View raw message