From 171dfc223718ae5f723344934f886e8749b85873 Mon Sep 17 00:00:00 2001
From: Lachlan Roberts <lachlan@webtide.com>
Date: Mon, 11 Jan 2021 23:06:17 +1100
Subject: [PATCH] Issue #1673 - warn using test-keystore, hide bouncycastle
 from webapp

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
---
 jetty-keystore/src/main/config/modules/test-keystore.mod    | 1 +
 .../java/org/eclipse/jetty/keystore/KeystoreGenerator.java  | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/jetty-keystore/src/main/config/modules/test-keystore.mod b/jetty-keystore/src/main/config/modules/test-keystore.mod
index 82765ab4d32..6198f30e36e 100644
--- a/jetty-keystore/src/main/config/modules/test-keystore.mod
+++ b/jetty-keystore/src/main/config/modules/test-keystore.mod
@@ -23,6 +23,7 @@ etc/jetty-test-keystore.xml
 
 [ini]
 bouncycastle.version?=1.62
+jetty.webapp.addServerClasses+=,${jetty.base.uri}/lib/bouncycastle/
 jetty.sslContext.keyStorePath?=etc/test-keystore.p12
 jetty.sslContext.keyStoreType?=PKCS12
 jetty.sslContext.keyStorePassword?=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
diff --git a/jetty-keystore/src/main/java/org/eclipse/jetty/keystore/KeystoreGenerator.java b/jetty-keystore/src/main/java/org/eclipse/jetty/keystore/KeystoreGenerator.java
index 791c659d67b..c06cdc315ca 100644
--- a/jetty-keystore/src/main/java/org/eclipse/jetty/keystore/KeystoreGenerator.java
+++ b/jetty-keystore/src/main/java/org/eclipse/jetty/keystore/KeystoreGenerator.java
@@ -35,12 +35,18 @@ import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.bouncycastle.operator.ContentSigner;
 import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
 import org.eclipse.jetty.util.security.Password;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 public class KeystoreGenerator
 {
+    private static final Logger LOG = LoggerFactory.getLogger(KeystoreGenerator.class);
+
     @SuppressWarnings("unused")
     public static File generateTestKeystore(String location, String password) throws Exception
     {
+        LOG.warn("Generating Test Keystore: DO NOT USE IN PRODUCTION!");
+
         // Generate an RSA key pair.
         KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
         keyPairGenerator.initialize(2048);