Apache
/
activemq
mirror of https://github.com/apache/activemq.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[AMQ-5789] Add support for keystore type (other than jks)

This commit is contained in:
Hadrian Zbarcea 2015-06-02 22:01:35 -04:00
parent 2d7280f33a
commit 9810e61b1b
3 changed files with 47 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
activemq-client/src/main/java/org/apache/activemq/ActiveMQSslConnectionFactory.java
View File

@ -62,8 +62,10 @@ public class ActiveMQSslConnectionFactory extends ActiveMQConnectionFactory {
protected KeyManager[] keyManager; protected KeyManager[] keyManager;
protected TrustManager[] trustManager; protected TrustManager[] trustManager;
protected SecureRandom secureRandom; protected SecureRandom secureRandom;
protected String trustStoreType = KeyStore.getDefaultType();
protected String trustStore; protected String trustStore;
protected String trustStorePassword; protected String trustStorePassword;
protected String keyStoreType = KeyStore.getDefaultType();
protected String keyStore; protected String keyStore;
protected String keyStorePassword; protected String keyStorePassword;
protected String keyStoreKeyPassword; protected String keyStoreKeyPassword;
@ -125,7 +127,7 @@ public class ActiveMQSslConnectionFactory extends ActiveMQConnectionFactory {
protected TrustManager[] createTrustManager() throws Exception { protected TrustManager[] createTrustManager() throws Exception {
TrustManager[] trustStoreManagers = null; TrustManager[] trustStoreManagers = null;
KeyStore trustedCertStore = KeyStore.getInstance("jks"); KeyStore trustedCertStore = KeyStore.getInstance(getTrustStoreType());
if (trustStore != null) { if (trustStore != null) {
InputStream tsStream = getInputStream(trustStore); InputStream tsStream = getInputStream(trustStore);
@ -141,7 +143,7 @@ public class ActiveMQSslConnectionFactory extends ActiveMQConnectionFactory {
protected KeyManager[] createKeyManager() throws Exception { protected KeyManager[] createKeyManager() throws Exception {
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
KeyStore ks = KeyStore.getInstance("jks"); KeyStore ks = KeyStore.getInstance(getKeyStoreType());
KeyManager[] keystoreManagers = null; KeyManager[] keystoreManagers = null;
if (keyStore != null) { if (keyStore != null) {
byte[] sslCert = loadClientCredential(keyStore); byte[] sslCert = loadClientCredential(keyStore);
@ -205,6 +207,14 @@ public class ActiveMQSslConnectionFactory extends ActiveMQConnectionFactory {
return ins; return ins;
} }
public String getTrustStoreType() {
return trustStoreType;
}
public void setTrustStoreType(String type) {
trustStoreType = type;
}
public String getTrustStore() { public String getTrustStore() {
return trustStore; return trustStore;
} }
@ -236,6 +246,15 @@ public class ActiveMQSslConnectionFactory extends ActiveMQConnectionFactory {
this.trustStorePassword = trustStorePassword; this.trustStorePassword = trustStorePassword;
} }
public String getKeyStoreType() {
return keyStoreType;
}
public void setKeyStoreType(String type) {
keyStoreType = type;
}
public String getKeyStore() { public String getKeyStore() {
return keyStore; return keyStore;
} }

26
activemq-client/src/test/java/org/apache/activemq/ActiveMQSslConnectionFactoryTest.java
View File

@ -26,6 +26,7 @@ import org.junit.Test;
public class ActiveMQSslConnectionFactoryTest { public class ActiveMQSslConnectionFactoryTest {
final String TRUST_STORE_FILE_NAME = "client.keystore"; final String TRUST_STORE_FILE_NAME = "client.keystore";
final String TRUST_STORE_PKCS12_FILE_NAME = "client-pkcs12.keystore";
final String TRUST_STORE_DIRECTORY_NAME = "src/test/resources/ssl/"; final String TRUST_STORE_DIRECTORY_NAME = "src/test/resources/ssl/";
final String TRUST_STORE_RESOURCE_PREFIX = "ssl/"; final String TRUST_STORE_RESOURCE_PREFIX = "ssl/";
final String TRUST_STORE_PASSWORD = "password"; final String TRUST_STORE_PASSWORD = "password";
@ -92,9 +93,34 @@ public class ActiveMQSslConnectionFactoryTest {
executeTest(FAILOVER_SSL_TRANSPORT, TRUST_STORE_RESOURCE_PREFIX + TRUST_STORE_FILE_NAME + ".dummy"); executeTest(FAILOVER_SSL_TRANSPORT, TRUST_STORE_RESOURCE_PREFIX + TRUST_STORE_FILE_NAME + ".dummy");
} }
@Test(expected = ConnectException.class)
public void validPkcs12TrustStoreFileTest() throws Throwable {
executeTest(SSL_TRANSPORT, TRUST_STORE_DIRECTORY_NAME + TRUST_STORE_PKCS12_FILE_NAME, "pkcs12");
}
@Test(expected = ConnectException.class)
public void validPkcs12TrustStoreURLTest() throws Throwable {
executeTest(SSL_TRANSPORT, new File(TRUST_STORE_DIRECTORY_NAME + TRUST_STORE_PKCS12_FILE_NAME).toURI().toString(), "pkcs12");
}
@Test(expected = ConnectException.class)
public void validPkcs12TrustStoreResourceTest() throws Throwable {
executeTest(SSL_TRANSPORT, TRUST_STORE_RESOURCE_PREFIX + TRUST_STORE_PKCS12_FILE_NAME, "pkcs12");
}
@Test(expected = IOException.class) // Invalid keystore format
public void invalidTrustStoreTypeTest() throws Throwable {
executeTest(SSL_TRANSPORT, TRUST_STORE_RESOURCE_PREFIX + TRUST_STORE_PKCS12_FILE_NAME, "jks");
}
protected void executeTest(String transport, String name) throws Throwable { protected void executeTest(String transport, String name) throws Throwable {
executeTest(transport, name, null);
}
protected void executeTest(String transport, String name, String type) throws Throwable {
try { try {
ActiveMQSslConnectionFactory activeMQSslConnectionFactory = new ActiveMQSslConnectionFactory(transport); ActiveMQSslConnectionFactory activeMQSslConnectionFactory = new ActiveMQSslConnectionFactory(transport);
activeMQSslConnectionFactory.setTrustStoreType(type != null ? type : activeMQSslConnectionFactory.getTrustStoreType());
activeMQSslConnectionFactory.setTrustStore(name); activeMQSslConnectionFactory.setTrustStore(name);
activeMQSslConnectionFactory.setTrustStorePassword(TRUST_STORE_PASSWORD); activeMQSslConnectionFactory.setTrustStorePassword(TRUST_STORE_PASSWORD);

BIN
activemq-client/src/test/resources/ssl/client-pkcs12.keystore Normal file
View File

Binary file not shown.