hc-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ol...@apache.org
Subject svn commit: r1478893 - in /httpcomponents/httpclient/branches/4.2.x: ./ httpclient/src/main/java/org/apache/http/conn/ssl/ httpclient/src/test/java/org/apache/http/conn/ssl/ httpclient/src/test/resources/
Date Fri, 03 May 2013 18:11:18 GMT
Author: olegk
Date: Fri May  3 18:11:17 2013
New Revision: 1478893

URL: http://svn.apache.org/r1478893
Log:
HTTPCLIENT-1349: SSLSocketFactory incorrectly identifies key passed with keystore as the keystore
password
Contributed by David Graff <djgraff209 at gmail.com>

Added:
    httpcomponents/httpclient/branches/4.2.x/httpclient/src/test/resources/test-keypasswd.keystore
Modified:
    httpcomponents/httpclient/branches/4.2.x/RELEASE_NOTES.txt
    httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
    httpcomponents/httpclient/branches/4.2.x/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java

Modified: httpcomponents/httpclient/branches/4.2.x/RELEASE_NOTES.txt
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.2.x/RELEASE_NOTES.txt?rev=1478893&r1=1478892&r2=1478893&view=diff
==============================================================================
--- httpcomponents/httpclient/branches/4.2.x/RELEASE_NOTES.txt (original)
+++ httpcomponents/httpclient/branches/4.2.x/RELEASE_NOTES.txt Fri May  3 18:11:17 2013
@@ -1,6 +1,10 @@
 Changes since Release 4.2.5
 -------------------
 
+* [HTTPCLIENT-1349] SSLSocketFactory incorrectly identifies key passed with keystore as 
+  the keystore password.
+  Contributed by David Graff <djgraff209 at gmail.com>
+
 * [HTTPCLIENT-1346] Ensure propagation of SSL handshake exceptions.
   Contributed by Pasi Eronen <pe at iki.fi>
 

Modified: httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java?rev=1478893&r1=1478892&r2=1478893&view=diff
==============================================================================
--- httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
(original)
+++ httpcomponents/httpclient/branches/4.2.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
Fri May  3 18:11:17 2013
@@ -203,7 +203,7 @@ public class SSLSocketFactory implements
     private static SSLContext createSSLContext(
             String algorithm,
             final KeyStore keystore,
-            final String keystorePassword,
+            final String keyPassword,
             final KeyStore truststore,
             final SecureRandom random,
             final TrustStrategy trustStrategy)
@@ -213,7 +213,7 @@ public class SSLSocketFactory implements
         }
         KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(
                 KeyManagerFactory.getDefaultAlgorithm());
-        kmfactory.init(keystore, keystorePassword != null ? keystorePassword.toCharArray():
null);
+        kmfactory.init(keystore, keyPassword != null ? keyPassword.toCharArray(): null);
         KeyManager[] keymanagers =  kmfactory.getKeyManagers();
         TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(
                 TrustManagerFactory.getDefaultAlgorithm());
@@ -241,13 +241,13 @@ public class SSLSocketFactory implements
     public SSLSocketFactory(
             final String algorithm,
             final KeyStore keystore,
-            final String keystorePassword,
+            final String keyPassword,
             final KeyStore truststore,
             final SecureRandom random,
             final HostNameResolver nameResolver)
                 throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException,
UnrecoverableKeyException {
         this(createSSLContext(
-                algorithm, keystore, keystorePassword, truststore, random, null),
+                algorithm, keystore, keyPassword, truststore, random, null),
                 nameResolver);
     }
 
@@ -257,13 +257,13 @@ public class SSLSocketFactory implements
     public SSLSocketFactory(
             String algorithm,
             final KeyStore keystore,
-            final String keystorePassword,
+            final String keyPassword,
             final KeyStore truststore,
             final SecureRandom random,
             final X509HostnameVerifier hostnameVerifier)
                 throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException,
UnrecoverableKeyException {
         this(createSSLContext(
-                algorithm, keystore, keystorePassword, truststore, random, null),
+                algorithm, keystore, keyPassword, truststore, random, null),
                 hostnameVerifier);
     }
 
@@ -273,14 +273,14 @@ public class SSLSocketFactory implements
     public SSLSocketFactory(
             String algorithm,
             final KeyStore keystore,
-            final String keystorePassword,
+            final String keyPassword,
             final KeyStore truststore,
             final SecureRandom random,
             final TrustStrategy trustStrategy,
             final X509HostnameVerifier hostnameVerifier)
                 throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException,
UnrecoverableKeyException {
         this(createSSLContext(
-                algorithm, keystore, keystorePassword, truststore, random, trustStrategy),
+                algorithm, keystore, keyPassword, truststore, random, trustStrategy),
                 hostnameVerifier);
     }
 

Modified: httpcomponents/httpclient/branches/4.2.x/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.2.x/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java?rev=1478893&r1=1478892&r2=1478893&view=diff
==============================================================================
--- httpcomponents/httpclient/branches/4.2.x/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java
(original)
+++ httpcomponents/httpclient/branches/4.2.x/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java
Fri May  3 18:11:17 2013
@@ -32,6 +32,7 @@ import java.net.InetSocketAddress;
 import java.net.URL;
 import java.security.KeyStore;
 import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
 
@@ -202,4 +203,29 @@ public class TestSSLSocketFactory extend
         Assert.assertEquals(200, response.getStatusLine().getStatusCode());
     }
 
+    @Test
+    public void testKeyWithAlternatePassword() throws Exception {
+        String keystorePassword = "nopassword";
+        String keyPassword = "password";
+
+        ClassLoader cl = getClass().getClassLoader();
+        URL url = cl.getResource("test-keypasswd.keystore");
+        KeyStore keystore  = KeyStore.getInstance("jks");
+        keystore.load(url.openStream(), keystorePassword.toCharArray());
+
+        new SSLSocketFactory(keystore, keyPassword, keystore);
+    }
+
+    @Test(expected=UnrecoverableKeyException.class)
+    public void testKeyWithAlternatePasswordInvalid() throws Exception {
+        String keystorePassword = "nopassword";
+        String keyPassword = "!password";
+
+        ClassLoader cl = getClass().getClassLoader();
+        URL url = cl.getResource("test-keypasswd.keystore");
+        KeyStore keystore  = KeyStore.getInstance("jks");
+        keystore.load(url.openStream(), keystorePassword.toCharArray());
+
+        new SSLSocketFactory(keystore, keyPassword, keystore);
+    }
 }

Added: httpcomponents/httpclient/branches/4.2.x/httpclient/src/test/resources/test-keypasswd.keystore
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.2.x/httpclient/src/test/resources/test-keypasswd.keystore?rev=1478893&view=auto
==============================================================================
Files httpcomponents/httpclient/branches/4.2.x/httpclient/src/test/resources/test-keypasswd.keystore
(added) and httpcomponents/httpclient/branches/4.2.x/httpclient/src/test/resources/test-keypasswd.keystore
Fri May  3 18:11:17 2013 differ



Mime
View raw message