You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jmeter.apache.org by se...@apache.org on 2011/11/05 03:44:50 UTC
svn commit: r1197871 - in /jmeter/trunk/src/core/org/apache/jmeter/util:
JsseSSLManager.java SSLManager.java keystore/JmeterKeyStore.java
Author: sebb
Date: Sat Nov 5 02:44:50 2011
New Revision: 1197871
URL: http://svn.apache.org/viewvc?rev=1197871&view=rev
Log:
Bug 52131 - Eliminate DefaultKeyStore and simplify code - part 2
Modified:
jmeter/trunk/src/core/org/apache/jmeter/util/JsseSSLManager.java
jmeter/trunk/src/core/org/apache/jmeter/util/SSLManager.java
jmeter/trunk/src/core/org/apache/jmeter/util/keystore/JmeterKeyStore.java
Modified: jmeter/trunk/src/core/org/apache/jmeter/util/JsseSSLManager.java
URL: http://svn.apache.org/viewvc/jmeter/trunk/src/core/org/apache/jmeter/util/JsseSSLManager.java?rev=1197871&r1=1197870&r2=1197871&view=diff
==============================================================================
--- jmeter/trunk/src/core/org/apache/jmeter/util/JsseSSLManager.java (original)
+++ jmeter/trunk/src/core/org/apache/jmeter/util/JsseSSLManager.java Sat Nov 5 02:44:50 2011
@@ -304,23 +304,16 @@ public class JsseSSLManager extends SSLM
/**
* Compiles the list of all client aliases with a private key.
- * Currently, keyType and issuers are both ignored.
*
- * @param keyType
- * the type of private key the server expects (RSA, DSA,
- * etc.)
- * @param issuers
- * the CA certificates we are narrowing our selection on.
- * @return the ClientAliases value
+ * @param keyType the key algorithm type name (RSA, DSA, etc.)
+ * @param issuers the CA certificates we are narrowing our selection on.
+ *
+ * @return the array of aliases; may be empty
*/
public String[] getClientAliases(String keyType, Principal[] issuers) {
log.debug("WrappedX509Manager: getClientAliases: ");
- int count = this.store.getAliasCount();
- String[] aliases = new String[count];
- for(int i = 0; i < aliases.length; i++) {
- aliases[i] = this.store.getAlias(i);
- }
- return aliases;
+ // implementation moved to JmeterKeystore as only that has the keyType info
+ return this.store.getClientAliases(keyType, issuers);
}
/**
@@ -374,7 +367,12 @@ public class JsseSSLManager extends SSLM
* have to match one in the keystore.
*
* TODO? - does not actually allow the user to choose an alias at present
- *
+ *
+ * @param keyType the key algorithm type name(s), ordered with the most-preferred key type first.
+ * @param issuers the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
+ * @param socket the socket to be used for this connection.
+ * This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket.
+ *
* @see javax.net.ssl.X509KeyManager#chooseClientAlias(String[], Principal[], Socket)
*/
public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket) {
Modified: jmeter/trunk/src/core/org/apache/jmeter/util/SSLManager.java
URL: http://svn.apache.org/viewvc/jmeter/trunk/src/core/org/apache/jmeter/util/SSLManager.java?rev=1197871&r1=1197870&r2=1197871&view=diff
==============================================================================
--- jmeter/trunk/src/core/org/apache/jmeter/util/SSLManager.java (original)
+++ jmeter/trunk/src/core/org/apache/jmeter/util/SSLManager.java Sat Nov 5 02:44:50 2011
@@ -24,6 +24,7 @@ import java.net.HttpURLConnection;
import java.security.KeyStore;
import java.security.Provider;
import java.security.Security;
+import java.util.Locale;
import javax.swing.JOptionPane;
@@ -53,6 +54,8 @@ public abstract class SSLManager {
public static final String JAVAX_NET_SSL_KEY_STORE = "javax.net.ssl.keyStore"; // $NON-NLS-1$
+ private static final String JAVAX_NET_SSL_KEY_STORE_TYPE = "javax.net.ssl.keyStoreType"; // $NON-NLS-1$
+
private static final String PKCS12 = "pkcs12"; // $NON-NLS-1$
/** Singleton instance of the manager */
@@ -103,27 +106,17 @@ public abstract class SSLManager {
*/
protected JmeterKeyStore getKeyStore() {
if (null == this.keyStore) {
- String defaultName = JMeterUtils.getJMeterProperties()
- .getProperty("user.home") // $NON-NLS-1$
- + File.separator
- + ".keystore"; // $NON-NLS-1$
- String fileName = System.getProperty(JAVAX_NET_SSL_KEY_STORE, defaultName);
- log.info("JmeterKeyStore Location: " + fileName);
+ String fileName = System.getProperty(JAVAX_NET_SSL_KEY_STORE);
+ String fileType = System.getProperty(JAVAX_NET_SSL_KEY_STORE_TYPE, // use the system property to determine the type
+ fileName.toLowerCase(Locale.UK).endsWith(".p12") ? PKCS12 : "JKS"); // otherwise use the name
+ log.info("JmeterKeyStore Location: " + fileName + " type " + fileType);
try {
- if (fileName.endsWith(".p12") || fileName.endsWith(".P12")) { // $NON-NLS-1$ // $NON-NLS-2$
- this.keyStore = JmeterKeyStore.getInstance(PKCS12);
- log.info("KeyStore created OK, Type: PKCS 12");
- System.setProperty("javax.net.ssl.keyStoreType", PKCS12); // $NON-NLS-1$
- } else {
- this.keyStore = JmeterKeyStore.getInstance("JKS"); // $NON-NLS-1$
- log.info("KeyStore created OK, Type: JKS");
- }
+ this.keyStore = JmeterKeyStore.getInstance(fileType, keystoreAliasStartIndex, keystoreAliasEndIndex);
+ log.info("KeyStore created OK");
} catch (Exception e) {
this.keyStore = null;
throw new RuntimeException("Could not create keystore: "+e.getMessage());
}
- this.keyStore.setAliasStartIndex(keystoreAliasStartIndex);
- this.keyStore.setAliasEndIndex(keystoreAliasEndIndex);
FileInputStream fileInputStream = null;
try {
File initStore = new File(fileName);
Modified: jmeter/trunk/src/core/org/apache/jmeter/util/keystore/JmeterKeyStore.java
URL: http://svn.apache.org/viewvc/jmeter/trunk/src/core/org/apache/jmeter/util/keystore/JmeterKeyStore.java?rev=1197871&r1=1197870&r2=1197871&view=diff
==============================================================================
--- jmeter/trunk/src/core/org/apache/jmeter/util/keystore/JmeterKeyStore.java (original)
+++ jmeter/trunk/src/core/org/apache/jmeter/util/keystore/JmeterKeyStore.java Sat Nov 5 02:44:50 2011
@@ -20,13 +20,15 @@ package org.apache.jmeter.util.keystore;
import java.io.InputStream;
import java.security.KeyStore;
+import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
-import org.apache.jmeter.util.JMeterUtils;
+import org.apache.jorphan.logging.LoggingManager;
+import org.apache.log.Logger;
/**
* Use this Keystore for JMeter specific KeyStores.
@@ -34,20 +36,26 @@ import org.apache.jmeter.util.JMeterUtil
*/
public class JmeterKeyStore {
+ private static final Logger LOG = LoggingManager.getLoggerForClass();
+
+ private final KeyStore store;
+ private final int startIndex;
+ private final int endIndex;
+
private X509Certificate[][] certChains;
private PrivateKey[] keys;
private String[] names;
- protected final KeyStore store;
+
+ //@GuardedBy("this")
private int last_user;
- protected static final String KEY_STORE_START_INDEX = "https.keyStoreStartIndex";
- protected static final String KEY_STORE_END_INDEX = "https.keyStoreEndIndex";
- protected int startIndex;
- protected int endIndex;
- public JmeterKeyStore(String type) throws Exception {
+ private JmeterKeyStore(String type, int startIndex, int endIndex) throws Exception {
+ if (startIndex < 0 || endIndex < 0 || endIndex < startIndex) {
+ throw new IllegalArgumentException("Invalid index(es). Start="+startIndex+", end="+endIndex);
+ }
this.store = KeyStore.getInstance(type);
- startIndex = JMeterUtils.getPropDefault(KEY_STORE_START_INDEX, 0);
- endIndex = JMeterUtils.getPropDefault(KEY_STORE_END_INDEX, 0);
+ this.startIndex = startIndex;
+ this.endIndex = endIndex;
}
/**
@@ -91,6 +99,9 @@ public class JmeterKeyStore {
if (null == _key) {
throw new Exception("No key(s) found");
}
+ if (index <= endIndex-startIndex) {
+ LOG.warn("Did not find all requested aliases. Start="+startIndex+", end="+endIndex+", found="+index);
+ }
}
/*
@@ -112,7 +123,7 @@ public class JmeterKeyStore {
/**
* Get the ordered certificate chain for a specific alias.
*/
- public final X509Certificate[] getCertificateChain(String alias) {
+ public X509Certificate[] getCertificateChain(String alias) {
int entry = findAlias(alias);
if (entry >=0) {
return this.certChains[entry];
@@ -124,7 +135,7 @@ public class JmeterKeyStore {
* Get the next or only alias.
* @return the next or only alias.
*/
- public final String getAlias() {
+ public String getAlias() {
int length = this.names.length;
if (length == 0) { // i.e. is == null
return null;
@@ -136,7 +147,7 @@ public class JmeterKeyStore {
return this.names.length;
}
- public final String getAlias(int index) {
+ public String getAlias(int index) {
int length = this.names.length;
if (length == 0 && index == 0) { // i.e. is == null
return null;
@@ -150,7 +161,7 @@ public class JmeterKeyStore {
/**
* Return the private Key for a specific alias
*/
- public final PrivateKey getPrivateKey(String alias) {
+ public PrivateKey getPrivateKey(String alias) {
int entry = findAlias(alias);
if (entry >=0) {
return this.keys[entry];
@@ -158,38 +169,28 @@ public class JmeterKeyStore {
return null;
}
- public static final JmeterKeyStore getInstance(String type) throws Exception {
- // JAVA 1.4 now handles all keystore types, so just use default
- return new JmeterKeyStore(type);
- }
-
- /**
- * @param startIndex the startIndex to set
- */
- public void setAliasStartIndex(int startIndex) {
- this.startIndex = startIndex;
- }
-
/**
- * @return the endIndex
+ * Create a keystore which returns a range of aliases (if available)
+ * @param type store type (e.g. JKS)
+ * @param startIndex first index (from 0)
+ * @param endIndex last index (to count -1)
+ * @return the keystore
+ * @throws Exception
*/
- public int getAliasEndIndex() {
- return endIndex;
+ public static JmeterKeyStore getInstance(String type, int startIndex, int endIndex) throws Exception {
+ return new JmeterKeyStore(type, startIndex, endIndex);
}
/**
- * @param endIndex the endIndex to set
- */
- public void setAliasEndIndex(int endIndex) {
- this.endIndex = endIndex;
- }
- /**
- * @return the startIndex
+ * Create a keystore which returns the first alias only.
+ * @param type e.g. JKS
+ * @return the keystore
+ * @throws Exception
*/
- public int getAliasStartIndex() {
- return startIndex;
+ public static JmeterKeyStore getInstance(String type) throws Exception {
+ return new JmeterKeyStore(type, 0, 0);
}
-
+
private int findAlias(String alias) {
for(int i = 0; i < names.length; i++) {
if (alias.equals(names[i])){
@@ -209,4 +210,25 @@ public class JmeterKeyStore {
}
}
+ /**
+ * Compiles the list of all client aliases with a private key.
+ * TODO Currently, keyType and issuers are both ignored.
+ *
+ * @param keyType the key algorithm type name (RSA, DSA, etc.)
+ * @param issuers the CA certificates we are narrowing our selection on.
+ *
+ * @return the array of aliases; may be empty
+ */
+ public String[] getClientAliases(String keyType, Principal[] issuers) {
+ int count = getAliasCount();
+ String[] aliases = new String[count];
+ for(int i = 0; i < aliases.length; i++) {
+// if (keys[i].getAlgorithm().equals(keyType)){
+//
+// }
+ aliases[i] = this.names[i];
+ }
+ return aliases;
+ }
+
}
\ No newline at end of file