From a99f8196bc150b1088002047d16752664953b5ed Mon Sep 17 00:00:00 2001 From: Lachlan Roberts Date: Thu, 7 Jan 2021 15:05:42 +1100 Subject: [PATCH] Issue #1673 - bring in bouncycastle jars with the .mod file Signed-off-by: Lachlan Roberts --- jetty-test-keystore/pom.xml | 7 ++++--- .../src/main/config/modules/test-keystore.mod | 7 +++++++ .../org/eclipse/jetty/keystore/KeystoreGenerator.java | 10 +++++----- 3 files changed, 16 insertions(+), 8 deletions(-) diff --git a/jetty-test-keystore/pom.xml b/jetty-test-keystore/pom.xml index 1dcd1faec36..42a82b8621c 100644 --- a/jetty-test-keystore/pom.xml +++ b/jetty-test-keystore/pom.xml @@ -7,23 +7,24 @@ 4.0.0 jetty-test-keystore + jar Jetty :: Test Keystore Test keystore with self-signed SSL Certificate. - 1.60 + 1.62 org.bouncycastle bcpkix-jdk15on - ${bouncycastle-version} + ${bouncycastle.version} org.bouncycastle bcprov-jdk15on - ${bouncycastle-version} + ${bouncycastle.version} org.eclipse.jetty diff --git a/jetty-test-keystore/src/main/config/modules/test-keystore.mod b/jetty-test-keystore/src/main/config/modules/test-keystore.mod index 7511fd50bd8..2369688efd7 100644 --- a/jetty-test-keystore/src/main/config/modules/test-keystore.mod +++ b/jetty-test-keystore/src/main/config/modules/test-keystore.mod @@ -9,13 +9,20 @@ ssl [depend] ssl +[files] +maven://org.bouncycastle/bcpkix-jdk15on/${bouncycastle.version}|lib/bouncycastle/bcpkix-jdk15on-${bouncycastle.version}.jar +maven://org.bouncycastle/bcprov-jdk15on/${bouncycastle.version}|lib/bouncycastle/bcprov-jdk15on-${bouncycastle.version}.jar + [lib] lib/jetty-test-keystore-${jetty.version}.jar +lib/bouncycastle/bcpkix-jdk15on-${bouncycastle.version}.jar +lib/bouncycastle/bcprov-jdk15on-${bouncycastle.version}.jar [xml] etc/jetty-test-keystore.xml [ini] +bouncycastle.version?=1.62 jetty.sslContext.keyStorePath?=etc/test-keystore.p12 jetty.sslContext.keyStoreType?=PKCS12 jetty.sslContext.keyStorePassword?=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 diff --git a/jetty-test-keystore/src/main/java/org/eclipse/jetty/keystore/KeystoreGenerator.java b/jetty-test-keystore/src/main/java/org/eclipse/jetty/keystore/KeystoreGenerator.java index 1fc8b115211..af04fb04822 100644 --- a/jetty-test-keystore/src/main/java/org/eclipse/jetty/keystore/KeystoreGenerator.java +++ b/jetty-test-keystore/src/main/java/org/eclipse/jetty/keystore/KeystoreGenerator.java @@ -43,7 +43,7 @@ public class KeystoreGenerator generateTestKeystore("test-keystore.p12", "storepwd"); } - public static void generateTestKeystore(String location, String password) throws Exception + public static File generateTestKeystore(String location, String password) throws Exception { // Generate an RSA key pair. KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); @@ -51,9 +51,9 @@ public class KeystoreGenerator KeyPair keyPair = keyPairGenerator.generateKeyPair(); // Create a self-signed certificate. - Instant now = Instant.now(); - Date notBefore = Date.from(now); - Date notAfter = Date.from(now.plus(Duration.ofDays(365))); + Instant start = Instant.now().minus(Duration.ofDays(1)); + Date notBefore = Date.from(start); + Date notAfter = Date.from(start.plus(Duration.ofDays(365))); BigInteger serial = BigInteger.valueOf(new SecureRandom().nextLong()); X500Name x500Name = new X500Name("C=US,ST=NE,L=Omaha,O=Webtide,OU=Jetty,CN=localhost"); X509v3CertificateBuilder certBuilder = new JcaX509v3CertificateBuilder(x500Name, serial, notBefore, notAfter, x500Name, keyPair.getPublic()); @@ -76,6 +76,6 @@ public class KeystoreGenerator { keystore.store(fos, pwdCharArray); } + return keystoreFile; } - }