QPID-8281: [Broker-J][Tests] Explicitly specify type of keystores and truststores in tests
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java
index 6eaf8f4..3d75ac0 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java
@@ -22,6 +22,7 @@
import static org.apache.qpid.server.security.FileTrustStoreTest.SYMMETRIC_KEY_KEYSTORE_RESOURCE;
import static org.apache.qpid.server.security.FileTrustStoreTest.createDataUrlForFile;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
@@ -88,6 +89,7 @@
attributes.put(FileKeyStore.NAME, "myFileKeyStore");
attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH);
attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes, _broker);
@@ -105,6 +107,7 @@
attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH);
attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
attributes.put(FileKeyStore.CERTIFICATE_ALIAS, BROKER_KEYSTORE_ALIAS);
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes, _broker);
@@ -121,6 +124,7 @@
attributes.put(FileKeyStore.NAME, "myFileKeyStore");
attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH);
attributes.put(FileKeyStore.PASSWORD, "wrong");
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -144,6 +148,7 @@
attributes.put(FileKeyStore.STORE_URL, CLIENT_KEYSTORE_PATH);
attributes.put(FileKeyStore.PASSWORD, CLIENT_KEYSTORE_PASSWORD);
attributes.put(FileKeyStore.CERTIFICATE_ALIAS, "notknown");
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -166,6 +171,7 @@
attributes.put(FileKeyStore.STORE_URL, CLIENT_KEYSTORE_PATH);
attributes.put(FileKeyStore.PASSWORD, CLIENT_KEYSTORE_PASSWORD);
attributes.put(FileKeyStore.CERTIFICATE_ALIAS, "rootca");
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -189,6 +195,7 @@
attributes.put(FileKeyStore.NAME, "myFileKeyStore");
attributes.put(FileKeyStore.STORE_URL, trustStoreAsDataUrl);
attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes, _broker);
@@ -208,6 +215,7 @@
attributes.put(FileKeyStore.STORE_URL, trustStoreAsDataUrl);
attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
attributes.put(FileKeyStore.CERTIFICATE_ALIAS, BROKER_KEYSTORE_ALIAS);
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes, _broker);
@@ -226,6 +234,7 @@
attributes.put(FileKeyStore.NAME, "myFileKeyStore");
attributes.put(FileKeyStore.PASSWORD, "wrong");
attributes.put(FileKeyStore.STORE_URL, keyStoreAsDataUrl);
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -273,6 +282,7 @@
attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
attributes.put(FileKeyStore.STORE_URL, keyStoreAsDataUrl);
attributes.put(FileKeyStore.CERTIFICATE_ALIAS, "notknown");
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -319,7 +329,7 @@
attributes.put(FileKeyStore.NAME, getTestName());
attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
attributes.put(FileKeyStore.STORE_URL, keystoreUrl);
- attributes.put(FileKeyStore.KEY_STORE_TYPE, "PKCS12");
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -344,7 +354,7 @@
attributes.put(FileKeyStore.NAME, "myFileKeyStore");
attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
attributes.put(FileKeyStore.STORE_URL, keystoreUrl);
- attributes.put(FileKeyStore.KEY_STORE_TYPE, "PKCS12");
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
KeyStore keyStore = _factory.create(KeyStore.class, attributes, _broker);
assertNotNull(keyStore);
@@ -357,6 +367,7 @@
attributes.put(FileKeyStore.NAME, "myFileKeyStore");
attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH);
attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes, _broker);
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/FileTrustStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/FileTrustStoreTest.java
index c904f4c..4e99790 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/FileTrustStoreTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/FileTrustStoreTest.java
@@ -23,6 +23,7 @@
import static org.apache.qpid.server.security.FileKeyStoreTest.EMPTY_KEYSTORE_RESOURCE;
import static org.apache.qpid.server.transport.network.security.ssl.SSLUtil.getInitializedKeyStore;
import static org.apache.qpid.test.utils.JvmVendor.IBM;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import static org.hamcrest.CoreMatchers.equalTo;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.not;
@@ -112,6 +113,7 @@
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.STORE_URL, TRUST_STORE_PATH);
attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
TrustStore<?> fileTrustStore = _factory.create(TrustStore.class, attributes, _broker);
@@ -128,6 +130,7 @@
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.STORE_URL, TRUST_STORE_PATH);
attributes.put(FileTrustStore.PASSWORD, "wrong");
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -151,6 +154,7 @@
attributes.put(FileTrustStore.STORE_URL, PEER_STORE_PATH);
attributes.put(FileTrustStore.PASSWORD, PEER_STORE_PASSWORD);
attributes.put(FileTrustStore.PEERS_ONLY, true);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
TrustStore<?> fileTrustStore = _factory.create(TrustStore.class, attributes, _broker);
@@ -174,6 +178,7 @@
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.STORE_URL, EXPIRED_TRUST_STORE_PATH);
attributes.put(FileTrustStore.PASSWORD, BROKER_TRUST_STORE_PASSWORD);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
TrustStore trustStore = _factory.create(TrustStore.class, attributes, _broker);
@@ -186,7 +191,7 @@
KeyStore clientStore = getInitializedKeyStore(EXPIRED_KEYSTORE_PATH,
KEYSTORE_PASSWORD,
- "pkcs12");
+ JAVA_KEYSTORE_TYPE);
String alias = clientStore.aliases().nextElement();
X509Certificate certificate = (X509Certificate) clientStore.getCertificate(alias);
@@ -201,6 +206,7 @@
attributes.put(FileTrustStore.STORE_URL, EXPIRED_TRUST_STORE_PATH);
attributes.put(FileTrustStore.PASSWORD, BROKER_TRUST_STORE_PASSWORD);
attributes.put(FileTrustStore.TRUST_ANCHOR_VALIDITY_ENFORCED, true);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
TrustStore trustStore = _factory.create(TrustStore.class, attributes, _broker);
@@ -213,7 +219,7 @@
KeyStore clientStore = getInitializedKeyStore(EXPIRED_KEYSTORE_PATH,
KEYSTORE_PASSWORD,
- KeyStore.getDefaultType());
+ JAVA_KEYSTORE_TYPE);
String alias = clientStore.aliases().nextElement();
X509Certificate certificate = (X509Certificate) clientStore.getCertificate(alias);
@@ -246,6 +252,7 @@
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.STORE_URL, trustStoreAsDataUrl);
attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
TrustStore<?> fileTrustStore = _factory.create(TrustStore.class, attributes, _broker);
@@ -264,6 +271,7 @@
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.PASSWORD, "wrong");
attributes.put(FileTrustStore.STORE_URL, trustStoreAsDataUrl);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -287,6 +295,7 @@
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
attributes.put(FileTrustStore.STORE_URL, trustStoreAsDataUrl);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -308,6 +317,7 @@
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.STORE_URL, TRUST_STORE_PATH);
attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
FileTrustStore<?> fileTrustStore = (FileTrustStore<?>) _factory.create(TrustStore.class, attributes, _broker);
@@ -356,6 +366,7 @@
attributes.put(FileKeyStore.NAME, "myFileTrustStore");
attributes.put(FileKeyStore.PASSWORD, KEYSTORE_PASSWORD);
attributes.put(FileKeyStore.STORE_URL, emptyKeystore);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, "jks");
try
{
@@ -378,7 +389,7 @@
attributes.put(FileTrustStore.NAME, getTestName());
attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
attributes.put(FileTrustStore.STORE_URL, keystoreUrl);
- attributes.put(FileTrustStore.TRUST_STORE_TYPE, "PKCS12");
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -403,13 +414,13 @@
attributes.put(FileTrustStore.NAME, getTestName());
attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
attributes.put(FileTrustStore.STORE_URL, keystoreUrl);
- attributes.put(FileTrustStore.TRUST_STORE_TYPE, "PKCS12");
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
TrustStore trustStore = _factory.create(TrustStore.class, attributes, _broker);
Certificate[] certificates = trustStore.getCertificates();
assertEquals("Unexpected number of certificates",
- (long) getNumberOfCertificates(keystoreUrl, "PKCS12"),
+ (long) getNumberOfCertificates(keystoreUrl, JAVA_KEYSTORE_TYPE),
(long) certificates.length);
}
@@ -423,12 +434,13 @@
attributes.put(FileTrustStore.NAME, getTestName());
attributes.put(FileTrustStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
attributes.put(FileTrustStore.STORE_URL, keystoreUrl);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
TrustStore trustStore = _factory.create(TrustStore.class, attributes, _broker);
Certificate[] certificates = trustStore.getCertificates();
assertEquals("Unexpected number of certificates",
- (long) getNumberOfCertificates(keystoreUrl, "jks"),
+ (long) getNumberOfCertificates(keystoreUrl, JAVA_KEYSTORE_TYPE),
(long) certificates.length);
}
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaKeyStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaKeyStoreTest.java
index 16cc2b0..2352591 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaKeyStoreTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaKeyStoreTest.java
@@ -20,6 +20,7 @@
package org.apache.qpid.server.security;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import static org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE_PASSWORD;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
@@ -104,7 +105,7 @@
private File[] extractResourcesFromTestKeyStore(boolean pem, final String storeResource) throws Exception
{
- java.security.KeyStore ks = java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());
+ java.security.KeyStore ks = java.security.KeyStore.getInstance(JAVA_KEYSTORE_TYPE);
try(InputStream is = getClass().getResourceAsStream(storeResource))
{
ks.load(is, KEYSTORE_PASSWORD.toCharArray() );
@@ -271,7 +272,7 @@
{
when(_broker.scheduleHouseKeepingTask(anyLong(), any(TimeUnit.class), any(Runnable.class))).thenReturn(mock(ScheduledFuture.class));
- java.security.KeyStore ks = java.security.KeyStore.getInstance("pkcs12");
+ java.security.KeyStore ks = java.security.KeyStore.getInstance(JAVA_KEYSTORE_TYPE);
final String storeLocation = KEYSTORE;
try(InputStream is = getClass().getResourceAsStream(storeLocation))
{
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaTrustStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaTrustStoreTest.java
index 1466e57..69262dc 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaTrustStoreTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaTrustStoreTest.java
@@ -19,6 +19,7 @@
package org.apache.qpid.server.security;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
@@ -108,7 +109,7 @@
KeyStore clientStore = SSLUtil.getInitializedKeyStore(EXPIRED_KEYSTORE,
KEYSTORE_PASSWORD,
- "PKCS12");
+ JAVA_KEYSTORE_TYPE);
String alias = clientStore.aliases().nextElement();
X509Certificate certificate = (X509Certificate) clientStore.getCertificate(alias);
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/SiteSpecificTrustStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/SiteSpecificTrustStoreTest.java
index b2f95e6..bca9b79 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/SiteSpecificTrustStoreTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/SiteSpecificTrustStoreTest.java
@@ -21,6 +21,7 @@
package org.apache.qpid.server.security;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;
import static org.mockito.Mockito.mock;
@@ -262,7 +263,7 @@
char[] keyPassword = KEYSTORE_PASSWORD.toCharArray();
try(InputStream inputStream = getClass().getResourceAsStream(KEYSTORE))
{
- KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+ KeyStore keyStore = KeyStore.getInstance(JAVA_KEYSTORE_TYPE);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyStore.load(inputStream, keyPassword);
keyManagerFactory.init(keyStore, keyPassword);
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java b/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java
index 4c4aa0a..afd4c4d 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java
@@ -20,6 +20,9 @@
*/
package org.apache.qpid.server.security.auth.manager.oauth2;
+import static java.nio.charset.StandardCharsets.UTF_8;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
+
import java.io.IOException;
import java.util.Arrays;
import java.util.Collections;
@@ -31,6 +34,8 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import com.fasterxml.jackson.core.type.TypeReference;
+import com.fasterxml.jackson.databind.ObjectMapper;
import junit.framework.TestCase;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Server;
@@ -84,6 +89,7 @@
};
sslContextFactory.setKeyStorePassword(KEYSTORE_PASSWORD);
sslContextFactory.setKeyStoreResource(Resource.newClassPathResource(KEYSTORE_RESOURCE));
+ sslContextFactory.setKeyStoreType(JAVA_KEYSTORE_TYPE);
// override default jetty excludes as valid IBM JDK are excluded
// causing SSL handshake failure (due to default exclude '^SSL_.*$')
@@ -153,7 +159,16 @@
List<String> listOfStrings = Collections.emptyList();
if(listAsString != null && !"".equals(listAsString))
{
- listOfStrings = Arrays.asList(listAsString.split("\\s*,\\s*"));
+ try
+ {
+ listOfStrings = new ObjectMapper().readValue(listAsString.getBytes(UTF_8), new TypeReference<List<String>>()
+ {
+ });
+ }
+ catch (IOException e)
+ {
+ listOfStrings = Arrays.asList(listAsString.split("\\s*,\\s*"));
+ }
}
return listOfStrings;
}
diff --git a/broker-core/src/test/java/org/apache/qpid/server/ssl/TrustManagerTest.java b/broker-core/src/test/java/org/apache/qpid/server/ssl/TrustManagerTest.java
index 12dfb54..df2611d 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/ssl/TrustManagerTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/ssl/TrustManagerTest.java
@@ -43,7 +43,7 @@
public class TrustManagerTest extends UnitTestBase
{
- private static final String STORE_TYPE = "pkcs12";
+ private static final String STORE_TYPE = TestSSLConstants.JAVA_KEYSTORE_TYPE;
private static final String DEFAULT_TRUST_MANAGER_ALGORITHM = TrustManagerFactory.getDefaultAlgorithm();
private static final String KEYSTORE_PASSWORD = TestSSLConstants.KEYSTORE_PASSWORD;
private static final String PEER_STORE = "ssl/java_broker_peerstore.pkcs12";
diff --git a/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/TestSSLConstants.java b/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/TestSSLConstants.java
index 949b450..9bdb282 100644
--- a/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/TestSSLConstants.java
+++ b/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/TestSSLConstants.java
@@ -39,4 +39,6 @@
String BROKER_TRUSTSTORE = "test-profiles/test_resources/ssl/java_broker_truststore.jks";
String BROKER_TRUSTSTORE_PASSWORD = "password";
+
+ String JAVA_KEYSTORE_TYPE = "pkcs12";
}
diff --git a/systests/qpid-systests-http-management/src/main/java/org/apache/qpid/tests/http/HttpTestHelper.java b/systests/qpid-systests-http-management/src/main/java/org/apache/qpid/tests/http/HttpTestHelper.java
index ef6d9b1..5efc3aa 100644
--- a/systests/qpid-systests-http-management/src/main/java/org/apache/qpid/tests/http/HttpTestHelper.java
+++ b/systests/qpid-systests-http-management/src/main/java/org/apache/qpid/tests/http/HttpTestHelper.java
@@ -21,6 +21,7 @@
package org.apache.qpid.tests.http;
import static java.nio.charset.StandardCharsets.UTF_8;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import java.io.ByteArrayInputStream;
import java.io.IOException;
@@ -349,11 +350,11 @@
try
{
URL ks = new URL(keystore);
- _keyStore = SSLUtil.getInitializedKeyStore(ks, password, KeyStore.getDefaultType());
+ _keyStore = SSLUtil.getInitializedKeyStore(ks, password, JAVA_KEYSTORE_TYPE);
}
catch (MalformedURLException e)
{
- _keyStore = SSLUtil.getInitializedKeyStore(keystore, password, KeyStore.getDefaultType());
+ _keyStore = SSLUtil.getInitializedKeyStore(keystore, password, JAVA_KEYSTORE_TYPE);
}
}
else
diff --git a/systests/qpid-systests-http-management/src/main/resources/config-http-management-tests.json b/systests/qpid-systests-http-management/src/main/resources/config-http-management-tests.json
index f8405de..946e545 100644
--- a/systests/qpid-systests-http-management/src/main/resources/config-http-management-tests.json
+++ b/systests/qpid-systests-http-management/src/main/resources/config-http-management-tests.json
@@ -25,7 +25,8 @@
{
"name": "systestsKeyStore",
"storeUrl": "classpath:java_broker_keystore.jks",
- "password": "password"
+ "password": "password",
+ "keyStoreType": "pkcs12"
}
],
"authenticationproviders": [
diff --git a/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/authentication/PreemptiveAuthenticationTest.java b/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/authentication/PreemptiveAuthenticationTest.java
index c7d0146..940d51c 100644
--- a/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/authentication/PreemptiveAuthenticationTest.java
+++ b/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/authentication/PreemptiveAuthenticationTest.java
@@ -25,6 +25,7 @@
import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
import static org.apache.qpid.server.transport.network.security.ssl.SSLUtil.canGenerateCerts;
import static org.apache.qpid.server.transport.network.security.ssl.SSLUtil.generateSelfSignedCertificate;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import static org.hamcrest.Matchers.equalTo;
import static org.hamcrest.Matchers.greaterThan;
import static org.hamcrest.Matchers.hasKey;
@@ -231,6 +232,7 @@
keystoreAttr.put(FileKeyStore.TYPE, "FileKeyStore");
keystoreAttr.put(FileKeyStore.STORE_URL, "classpath:java_broker_keystore.jks");
keystoreAttr.put(FileKeyStore.PASSWORD, STORE_PASSWORD);
+ keystoreAttr.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
getHelper().submitRequest("keystore/mykeystore","PUT", keystoreAttr, SC_CREATED);
deleteActions.add(object -> getHelper().submitRequest("keystore/mykeystore", "DELETE", SC_OK));
@@ -307,7 +309,7 @@
private String createKeyStoreDataUrl(final KeyCertPair keyCertPair, final String password) throws Exception
{
- final KeyStore keyStore = KeyStore.getInstance("JKS");
+ final KeyStore keyStore = KeyStore.getInstance(JAVA_KEYSTORE_TYPE);
keyStore.load(null, null);
Certificate[] certChain = new Certificate[] {keyCertPair.getCertificate()};
keyStore.setKeyEntry("key1", keyCertPair.getPrivateKey(), password.toCharArray(), certChain);
diff --git a/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/QpidJmsClientConnectionBuilder.java b/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/QpidJmsClientConnectionBuilder.java
index 551ba20..6da37ca 100644
--- a/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/QpidJmsClientConnectionBuilder.java
+++ b/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/QpidJmsClientConnectionBuilder.java
@@ -39,6 +39,8 @@
import javax.naming.InitialContext;
import javax.naming.NamingException;
+import org.apache.qpid.test.utils.TestSSLConstants;
+
public class QpidJmsClientConnectionBuilder implements ConnectionBuilder
{
private static final AtomicInteger CLIENTID_COUNTER = new AtomicInteger();
@@ -168,6 +170,14 @@
public ConnectionBuilder setTls(final boolean enableTls)
{
_enableTls = enableTls;
+ if (enableTls)
+ {
+ _options.put("transport.storeType", TestSSLConstants.JAVA_KEYSTORE_TYPE);
+ }
+ else
+ {
+ _options.remove("transport.storeType");
+ }
return this;
}
diff --git a/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/management/AmqpManagementTest.java b/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/management/AmqpManagementTest.java
index 2fbf21f..4704829 100644
--- a/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/management/AmqpManagementTest.java
+++ b/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/management/AmqpManagementTest.java
@@ -23,6 +23,7 @@
import static java.nio.charset.StandardCharsets.UTF_8;
import static org.apache.qpid.server.model.Queue.ALERT_THRESHOLD_QUEUE_DEPTH_MESSAGES;
import static org.apache.qpid.systests.jms_1_1.extensions.tls.TlsTest.TRUSTSTORE;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE_PASSWORD;
import static org.hamcrest.CoreMatchers.is;
import static org.junit.Assert.assertEquals;
@@ -54,6 +55,8 @@
import javax.naming.NamingException;
import com.fasterxml.jackson.databind.ObjectMapper;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
import org.junit.Test;
import org.apache.qpid.server.exchange.ExchangeDefaults;
@@ -72,6 +75,27 @@
private MessageConsumer _consumer;
private MessageProducer _producer;
+ @BeforeClass
+ public static void setUp() throws Exception
+ {
+ // legacy client keystore/truststore types can only be configured with JVM settings
+ if (getProtocol() != Protocol.AMQP_1_0)
+ {
+ System.setProperty("javax.net.ssl.trustStoreType", JAVA_KEYSTORE_TYPE);
+ System.setProperty("javax.net.ssl.keyStoreType", JAVA_KEYSTORE_TYPE);
+ }
+ }
+
+ @AfterClass
+ public static void tearDown() throws Exception
+ {
+ if (getProtocol() != Protocol.AMQP_1_0)
+ {
+ System.clearProperty("javax.net.ssl.trustStoreType");
+ System.clearProperty("javax.net.ssl.keyStoreType");
+ }
+ }
+
private void setUp(final Connection connection) throws Exception
{
connection.start();
diff --git a/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/sasl/AuthenticationTest.java b/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/sasl/AuthenticationTest.java
index 910f461..9661a6d 100644
--- a/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/sasl/AuthenticationTest.java
+++ b/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/sasl/AuthenticationTest.java
@@ -34,6 +34,7 @@
import static org.apache.qpid.test.utils.TestSSLConstants.EXPIRED_KEYSTORE;
import static org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE_PASSWORD;
import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE_PASSWORD;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import static org.hamcrest.CoreMatchers.anyOf;
import static org.hamcrest.CoreMatchers.equalTo;
import static org.hamcrest.CoreMatchers.is;
@@ -91,6 +92,13 @@
{
System.setProperty("amqj.MaximumStateWait", "4000");
}
+
+ // legacy client keystore/truststore types can only be configured with JVM settings
+ if (getProtocol() != Protocol.AMQP_1_0)
+ {
+ System.setProperty("javax.net.ssl.trustStoreType", JAVA_KEYSTORE_TYPE);
+ System.setProperty("javax.net.ssl.keyStoreType", JAVA_KEYSTORE_TYPE);
+ }
}
@AfterClass
@@ -101,6 +109,12 @@
{
System.clearProperty("amqj.MaximumStateWait");
}
+
+ if (getProtocol() != Protocol.AMQP_1_0)
+ {
+ System.clearProperty("javax.net.ssl.trustStoreType");
+ System.clearProperty("javax.net.ssl.keyStoreType");
+ }
}
@@ -278,6 +292,7 @@
Map<String, Object> trustStoreAttributes = new HashMap<>();
trustStoreAttributes.put(FileTrustStore.STORE_URL, BROKER_TRUSTSTORE);
trustStoreAttributes.put(FileTrustStore.PASSWORD, BROKER_TRUSTSTORE_PASSWORD);
+ trustStoreAttributes.put(FileTrustStore.TRUST_STORE_TYPE, TestSSLConstants.JAVA_KEYSTORE_TYPE);
createEntity(trustStoreName,
FileTrustStore.class.getName(),
@@ -479,6 +494,7 @@
final Map<String, Object> keyStoreAttributes = new HashMap<>();
keyStoreAttributes.put("storeUrl", BROKER_KEYSTORE);
keyStoreAttributes.put("password", BROKER_KEYSTORE_PASSWORD);
+ keyStoreAttributes.put("keyStoreType", TestSSLConstants.JAVA_KEYSTORE_TYPE);
final String keyStoreName = providerName + "KeyStore";
createEntity(keyStoreName,
@@ -486,11 +502,12 @@
keyStoreAttributes,
connection);
-
+ Map<String, Object> trustStoreSettings = new HashMap<>(trustStoreAttributes);
+ trustStoreSettings.put("trustStoreType", TestSSLConstants.JAVA_KEYSTORE_TYPE);
final String trustStoreName = providerName + "TrustStore";
createEntity(trustStoreName,
FileTrustStore.class.getName(),
- trustStoreAttributes,
+ trustStoreSettings,
connection);
String portName = getPortName();
diff --git a/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/tls/TlsTest.java b/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/tls/TlsTest.java
index 8ece2c2..bb81620 100644
--- a/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/tls/TlsTest.java
+++ b/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/tls/TlsTest.java
@@ -20,6 +20,7 @@
*/
package org.apache.qpid.systests.jms_1_1.extensions.tls;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import static org.apache.qpid.test.utils.TestSSLConstants.BROKER_KEYSTORE_PASSWORD;
import static org.apache.qpid.test.utils.TestSSLConstants.BROKER_TRUSTSTORE_PASSWORD;
import static org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE_PASSWORD;
@@ -89,6 +90,13 @@
{
System.setProperty("amqj.MaximumStateWait", "4000");
}
+
+ // legacy client keystore/truststore types can only be configured with JVM settings
+ if (getProtocol() != Protocol.AMQP_1_0)
+ {
+ System.setProperty("javax.net.ssl.trustStoreType", JAVA_KEYSTORE_TYPE);
+ System.setProperty("javax.net.ssl.keyStoreType", JAVA_KEYSTORE_TYPE);
+ }
}
@AfterClass
@@ -99,6 +107,12 @@
{
System.clearProperty("amqj.MaximumStateWait");
}
+
+ if (getProtocol() != Protocol.AMQP_1_0)
+ {
+ System.clearProperty("javax.net.ssl.trustStoreType");
+ System.clearProperty("javax.net.ssl.keyStoreType");
+ }
}
@Test
@@ -586,6 +600,7 @@
final Map<String, Object> keyStoreAttributes = new HashMap<>();
keyStoreAttributes.put("storeUrl", BROKER_KEYSTORE);
keyStoreAttributes.put("password", BROKER_KEYSTORE_PASSWORD);
+ keyStoreAttributes.put("keyStoreType", JAVA_KEYSTORE_TYPE);
managementFacade.createEntityAndAssertResponse(keyStoreName,
FileKeyStore.class.getName(),
keyStoreAttributes,
@@ -602,6 +617,7 @@
final Map<String, Object> trustStoreAttributes = new HashMap<>();
trustStoreAttributes.put("storeUrl", BROKER_TRUSTSTORE);
trustStoreAttributes.put("password", BROKER_TRUSTSTORE_PASSWORD);
+ trustStoreAttributes.put("trustStoreType", JAVA_KEYSTORE_TYPE);
managementFacade.createEntityAndAssertResponse(trustStoreName,
FileTrustStore.class.getName(),
trustStoreAttributes,
@@ -678,7 +694,7 @@
private File[] extractResourcesFromTestKeyStore() throws Exception
{
- java.security.KeyStore ks = java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());
+ java.security.KeyStore ks = java.security.KeyStore.getInstance(JAVA_KEYSTORE_TYPE);
try (InputStream is = new FileInputStream(KEYSTORE))
{
ks.load(is, KEYSTORE_PASSWORD.toCharArray());
@@ -728,7 +744,7 @@
private File extractCertFileFromTestTrustStore() throws Exception
{
- java.security.KeyStore ks = java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());
+ java.security.KeyStore ks = java.security.KeyStore.getInstance(JAVA_KEYSTORE_TYPE);
try (InputStream is = new FileInputStream(TRUSTSTORE))
{
ks.load(is, TRUSTSTORE_PASSWORD.toCharArray());