You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by or...@apache.org on 2019/03/06 16:15:31 UTC
[qpid-broker-j] 02/03: QPID-8281: [Broker-J][Tests] Explicitly
specify type of keystores and truststores in tests
This is an automated email from the ASF dual-hosted git repository.
orudyy pushed a commit to branch 7.0.x
in repository https://gitbox.apache.org/repos/asf/qpid-broker-j.git
commit 96f57f6765df2d6ef1bf361c088195041dba1f05
Author: Alex Rudyy <or...@apache.org>
AuthorDate: Wed Mar 6 16:13:31 2019 +0000
QPID-8281: [Broker-J][Tests] Explicitly specify type of keystores and truststores in tests
---
.../berkeleydb/BDBVirtualHostImplTest.java | 2 +-
.../apache/qpid/server/model/BrokerTestHelper.java | 4 ++
.../qpid/server/security/FileKeyStoreTest.java | 16 ++++-
.../qpid/server/security/FileTrustStoreTest.java | 24 +++++--
.../qpid/server/security/NonJavaKeyStoreTest.java | 5 +-
.../server/security/NonJavaTrustStoreTest.java | 3 +-
.../security/SiteSpecificTrustStoreTest.java | 3 +-
.../manager/oauth2/OAuth2MockEndpointHolder.java | 17 ++++-
.../apache/qpid/server/ssl/TrustManagerTest.java | 2 +-
.../server/transport/TCPandSSLTransportTest.java | 8 +++
.../virtualhost/jdbc/JDBCVirtualHostTest.java | 3 +-
.../org/apache/qpid/test/utils/QpidTestCase.java | 31 +++++++++
.../apache/qpid/test/utils/TestSSLConstants.java | 2 +
systests/etc/config-systests.json | 6 +-
.../apache/qpid/systest/rest/RestTestHelper.java | 74 ++++++++++++++--------
.../java/org/apache/qpid/client/ssl/SSLTest.java | 9 ++-
.../auth/manager/ExternalAuthenticationTest.java | 7 +-
.../management/amqp/AmqpManagementTest.java | 3 +
.../messageencryption/MessageEncryptionTest.java | 17 +++++
.../apache/qpid/systest/rest/KeyStoreRestTest.java | 3 +-
.../qpid/systest/rest/TrustStoreRestTest.java | 11 ++--
.../qpid/systest/rest/acl/BrokerACLTest.java | 2 +
22 files changed, 201 insertions(+), 51 deletions(-)
diff --git a/bdbstore/src/test/java/org/apache/qpid/server/virtualhost/berkeleydb/BDBVirtualHostImplTest.java b/bdbstore/src/test/java/org/apache/qpid/server/virtualhost/berkeleydb/BDBVirtualHostImplTest.java
index 36227c8..76d2b99 100644
--- a/bdbstore/src/test/java/org/apache/qpid/server/virtualhost/berkeleydb/BDBVirtualHostImplTest.java
+++ b/bdbstore/src/test/java/org/apache/qpid/server/virtualhost/berkeleydb/BDBVirtualHostImplTest.java
@@ -58,7 +58,7 @@ public class BDBVirtualHostImplTest extends QpidTestCase
_storePath = TestFileUtils.createTestDirectory();
- _node = mock(VirtualHostNode.class);
+ _node = BrokerTestHelper.mockWithSystemPrincipal(VirtualHostNode.class);
when(_node.getParent()).thenReturn(broker);
when(_node.getModel()).thenReturn(BrokerModel.getInstance());
when(_node.getTaskExecutor()).thenReturn(taskExecutor);
diff --git a/broker-core/src/test/java/org/apache/qpid/server/model/BrokerTestHelper.java b/broker-core/src/test/java/org/apache/qpid/server/model/BrokerTestHelper.java
index f1958ff..9573bdb 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/model/BrokerTestHelper.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/model/BrokerTestHelper.java
@@ -299,6 +299,10 @@ public class BrokerTestHelper
public interface TestableSystemPrincipalSource extends SystemPrincipalSource {}
public interface TestableAccessControlSource extends AccessControlSource {}
+ public static <X extends ConfiguredObject> X mockWithSystemPrincipal(Class<X> clazzl)
+ {
+ return mockWithSystemPrincipal(clazzl, SYSTEM_PRINCIPAL);
+ }
public static <X extends ConfiguredObject> X mockWithSystemPrincipal(Class<X> clazz, Principal principal)
{
synchronized (SYSTEM_PRINCIPAL_SOURCE_MOCKS)
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java
index 28f49d1..348ebd6 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java
@@ -21,6 +21,7 @@ package org.apache.qpid.server.security;
import static org.apache.qpid.server.security.FileTrustStoreTest.createDataUrlForFile;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
@@ -81,6 +82,7 @@ public class FileKeyStoreTest extends QpidTestCase
attributes.put(FileKeyStore.NAME, "myFileKeyStore");
attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH);
attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes, _broker);
@@ -97,6 +99,7 @@ public class FileKeyStoreTest extends QpidTestCase
attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH);
attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
attributes.put(FileKeyStore.CERTIFICATE_ALIAS, BROKER_KEYSTORE_ALIAS);
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes, _broker);
@@ -112,6 +115,7 @@ public class FileKeyStoreTest extends QpidTestCase
attributes.put(FileKeyStore.NAME, "myFileKeyStore");
attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH);
attributes.put(FileKeyStore.PASSWORD, "wrong");
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -132,6 +136,7 @@ public class FileKeyStoreTest extends QpidTestCase
attributes.put(FileKeyStore.STORE_URL, CLIENT_KEYSTORE_PATH);
attributes.put(FileKeyStore.PASSWORD, CLIENT_KEYSTORE_PASSWORD);
attributes.put(FileKeyStore.CERTIFICATE_ALIAS, "notknown");
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -141,7 +146,8 @@ public class FileKeyStoreTest extends QpidTestCase
catch (IllegalConfigurationException ice)
{
String message = ice.getMessage();
- assertTrue("Exception text not as unexpected:" + message, message.contains("Cannot find a certificate with alias 'notknown' in key store"));
+ assertTrue("Exception text not as unexpected:" + message,
+ message.contains("Cannot find a certificate with alias 'notknown' in key store"));
}
}
@@ -153,6 +159,7 @@ public class FileKeyStoreTest extends QpidTestCase
attributes.put(FileKeyStore.NAME, "myFileKeyStore");
attributes.put(FileKeyStore.STORE_URL, trustStoreAsDataUrl);
attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes, _broker);
@@ -171,6 +178,7 @@ public class FileKeyStoreTest extends QpidTestCase
attributes.put(FileKeyStore.STORE_URL, trustStoreAsDataUrl);
attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
attributes.put(FileKeyStore.CERTIFICATE_ALIAS, BROKER_KEYSTORE_ALIAS);
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes, _broker);
@@ -188,6 +196,7 @@ public class FileKeyStoreTest extends QpidTestCase
attributes.put(FileKeyStore.NAME, "myFileKeyStore");
attributes.put(FileKeyStore.PASSWORD, "wrong");
attributes.put(FileKeyStore.STORE_URL, keyStoreAsDataUrl);
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -232,6 +241,7 @@ public class FileKeyStoreTest extends QpidTestCase
attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
attributes.put(FileKeyStore.STORE_URL, keyStoreAsDataUrl);
attributes.put(FileKeyStore.CERTIFICATE_ALIAS, "notknown");
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -251,6 +261,7 @@ public class FileKeyStoreTest extends QpidTestCase
attributes.put(FileKeyStore.NAME, "myFileKeyStore");
attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH);
attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes, _broker);
@@ -289,7 +300,7 @@ public class FileKeyStoreTest extends QpidTestCase
attributes.put(FileKeyStore.NAME, "myFileKeyStore");
attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH);
- attributes.put(FileKeyStore.KEY_STORE_TYPE, "PKCS12");
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes, _broker);
@@ -302,6 +313,7 @@ public class FileKeyStoreTest extends QpidTestCase
attributes.put(FileKeyStore.NAME, "myFileKeyStore");
attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH);
attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD);
+ attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE);
FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes, _broker);
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/FileTrustStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/FileTrustStoreTest.java
index d0cc0a2..28af9e5 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/FileTrustStoreTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/FileTrustStoreTest.java
@@ -20,6 +20,7 @@
package org.apache.qpid.server.security;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
@@ -97,6 +98,7 @@ public class FileTrustStoreTest extends QpidTestCase
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.STORE_URL, TRUST_STORE_PATH);
attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
TrustStore<?> fileTrustStore = _factory.create(TrustStore.class, attributes, _broker);
@@ -112,6 +114,7 @@ public class FileTrustStoreTest extends QpidTestCase
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.STORE_URL, TRUST_STORE_PATH);
attributes.put(FileTrustStore.PASSWORD, "wrong");
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -132,6 +135,7 @@ public class FileTrustStoreTest extends QpidTestCase
attributes.put(FileTrustStore.STORE_URL, PEER_STORE_PATH);
attributes.put(FileTrustStore.PASSWORD, PEER_STORE_PASSWORD);
attributes.put(FileTrustStore.PEERS_ONLY, true);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
TrustStore<?> fileTrustStore = _factory.create(TrustStore.class, attributes, _broker);
@@ -144,10 +148,16 @@ public class FileTrustStoreTest extends QpidTestCase
public void testUseOfExpiredTrustAnchorAllowed() throws Exception
{
+ if (getJvmVendor() == JvmVendor.IBM)
+ {
+ //IBMJSSE2 trust factory (IbmX509) validates the entire chain, including trusted certificates.
+ return;
+ }
Map<String,Object> attributes = new HashMap<>();
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.STORE_URL, EXPIRED_TRUST_STORE_PATH);
attributes.put(FileTrustStore.PASSWORD, BROKER_TRUST_STORE_PASSWORD);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
TrustStore trustStore = _factory.create(TrustStore.class, attributes, _broker);
@@ -159,7 +169,7 @@ public class FileTrustStoreTest extends QpidTestCase
KeyStore clientStore = SSLUtil.getInitializedKeyStore(EXPIRED_KEYSTORE_PATH,
KEYSTORE_PASSWORD,
- "pkcs12");
+ JAVA_KEYSTORE_TYPE);
String alias = clientStore.aliases().nextElement();
X509Certificate certificate = (X509Certificate) clientStore.getCertificate(alias);
@@ -173,6 +183,7 @@ public class FileTrustStoreTest extends QpidTestCase
attributes.put(FileTrustStore.STORE_URL, EXPIRED_TRUST_STORE_PATH);
attributes.put(FileTrustStore.PASSWORD, BROKER_TRUST_STORE_PASSWORD);
attributes.put(FileTrustStore.TRUST_ANCHOR_VALIDITY_ENFORCED, true);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
TrustStore trustStore = _factory.create(TrustStore.class, attributes, _broker);
@@ -184,7 +195,7 @@ public class FileTrustStoreTest extends QpidTestCase
KeyStore clientStore = SSLUtil.getInitializedKeyStore(EXPIRED_KEYSTORE_PATH,
KEYSTORE_PASSWORD,
- KeyStore.getDefaultType());
+ JAVA_KEYSTORE_TYPE);
String alias = clientStore.aliases().nextElement();
X509Certificate certificate = (X509Certificate) clientStore.getCertificate(alias);
@@ -216,6 +227,7 @@ public class FileTrustStoreTest extends QpidTestCase
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.STORE_URL, trustStoreAsDataUrl);
attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
TrustStore<?> fileTrustStore = _factory.create(TrustStore.class, attributes, _broker);
@@ -233,6 +245,7 @@ public class FileTrustStoreTest extends QpidTestCase
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.PASSWORD, "wrong");
attributes.put(FileTrustStore.STORE_URL, trustStoreAsDataUrl);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -254,6 +267,7 @@ public class FileTrustStoreTest extends QpidTestCase
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
attributes.put(FileTrustStore.STORE_URL, trustStoreAsDataUrl);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
try
{
@@ -274,6 +288,7 @@ public class FileTrustStoreTest extends QpidTestCase
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.STORE_URL, TRUST_STORE_PATH);
attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
FileTrustStore<?> fileTrustStore = (FileTrustStore<?>) _factory.create(TrustStore.class, attributes, _broker);
@@ -312,6 +327,7 @@ public class FileTrustStoreTest extends QpidTestCase
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.STORE_URL, BROKER_TRUST_STORE_PATH);
attributes.put(FileTrustStore.PASSWORD, KEYSTORE_PASSWORD);
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
TrustStore<?> fileTrustStore = _factory.create(TrustStore.class, attributes, _broker);
@@ -324,7 +340,7 @@ public class FileTrustStoreTest extends QpidTestCase
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
attributes.put(FileTrustStore.STORE_URL, TRUST_STORE_PATH);
- attributes.put(FileTrustStore.TRUST_STORE_TYPE, "PKCS12");
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
TrustStore<?> fileTrustStore = _factory.create(TrustStore.class, attributes, _broker);
@@ -351,7 +367,7 @@ public class FileTrustStoreTest extends QpidTestCase
attributes.put(FileTrustStore.NAME, "myFileTrustStore");
attributes.put(FileTrustStore.STORE_URL, TRUST_STORE_PATH);
attributes.put(FileTrustStore.PASSWORD, TRUSTSTORE_PASSWORD);
- attributes.put(FileTrustStore.TRUST_STORE_TYPE, "PKCS12");
+ attributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
TrustStore<?> fileTrustStore = _factory.create(TrustStore.class, attributes, _broker);
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaKeyStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaKeyStoreTest.java
index e4e14d1..df578c0 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaKeyStoreTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaKeyStoreTest.java
@@ -20,6 +20,7 @@
package org.apache.qpid.server.security;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import static org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE_PASSWORD;
import static org.mockito.Matchers.any;
import static org.mockito.Matchers.anyLong;
@@ -114,7 +115,7 @@ public class NonJavaKeyStoreTest extends QpidTestCase
private File[] extractResourcesFromTestKeyStore(boolean pem, final String storeResource) throws Exception
{
- java.security.KeyStore ks = java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());
+ java.security.KeyStore ks = java.security.KeyStore.getInstance(JAVA_KEYSTORE_TYPE);
try(InputStream is = getClass().getResourceAsStream(storeResource))
{
ks.load(is, KEYSTORE_PASSWORD.toCharArray() );
@@ -275,7 +276,7 @@ public class NonJavaKeyStoreTest extends QpidTestCase
{
when(_broker.scheduleHouseKeepingTask(anyLong(), any(TimeUnit.class), any(Runnable.class))).thenReturn(mock(ScheduledFuture.class));
- java.security.KeyStore ks = java.security.KeyStore.getInstance("pkcs12");
+ java.security.KeyStore ks = java.security.KeyStore.getInstance(JAVA_KEYSTORE_TYPE);
final String storeLocation = KEYSTORE;
try(InputStream is = getClass().getResourceAsStream(storeLocation))
{
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaTrustStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaTrustStoreTest.java
index 3ab6f83..e7b3598 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaTrustStoreTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/NonJavaTrustStoreTest.java
@@ -19,6 +19,7 @@
package org.apache.qpid.server.security;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
@@ -100,7 +101,7 @@ public class NonJavaTrustStoreTest extends QpidTestCase
KeyStore clientStore = SSLUtil.getInitializedKeyStore(EXPIRED_KEYSTORE,
KEYSTORE_PASSWORD,
- "PKCS12");
+ JAVA_KEYSTORE_TYPE);
String alias = clientStore.aliases().nextElement();
X509Certificate certificate = (X509Certificate) clientStore.getCertificate(alias);
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/SiteSpecificTrustStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/SiteSpecificTrustStoreTest.java
index f012173..c72ba1c 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/SiteSpecificTrustStoreTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/SiteSpecificTrustStoreTest.java
@@ -21,6 +21,7 @@
package org.apache.qpid.server.security;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
@@ -253,7 +254,7 @@ public class SiteSpecificTrustStoreTest extends QpidTestCase
char[] keyPassword = KEYSTORE_PASSWORD.toCharArray();
try(InputStream inputStream = getClass().getResourceAsStream(KEYSTORE))
{
- KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+ KeyStore keyStore = KeyStore.getInstance(JAVA_KEYSTORE_TYPE);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyStore.load(inputStream, keyPassword);
keyManagerFactory.init(keyStore, keyPassword);
diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java b/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java
index 4c4aa0a..afd4c4d 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java
@@ -20,6 +20,9 @@
*/
package org.apache.qpid.server.security.auth.manager.oauth2;
+import static java.nio.charset.StandardCharsets.UTF_8;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
+
import java.io.IOException;
import java.util.Arrays;
import java.util.Collections;
@@ -31,6 +34,8 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import com.fasterxml.jackson.core.type.TypeReference;
+import com.fasterxml.jackson.databind.ObjectMapper;
import junit.framework.TestCase;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Server;
@@ -84,6 +89,7 @@ class OAuth2MockEndpointHolder
};
sslContextFactory.setKeyStorePassword(KEYSTORE_PASSWORD);
sslContextFactory.setKeyStoreResource(Resource.newClassPathResource(KEYSTORE_RESOURCE));
+ sslContextFactory.setKeyStoreType(JAVA_KEYSTORE_TYPE);
// override default jetty excludes as valid IBM JDK are excluded
// causing SSL handshake failure (due to default exclude '^SSL_.*$')
@@ -153,7 +159,16 @@ class OAuth2MockEndpointHolder
List<String> listOfStrings = Collections.emptyList();
if(listAsString != null && !"".equals(listAsString))
{
- listOfStrings = Arrays.asList(listAsString.split("\\s*,\\s*"));
+ try
+ {
+ listOfStrings = new ObjectMapper().readValue(listAsString.getBytes(UTF_8), new TypeReference<List<String>>()
+ {
+ });
+ }
+ catch (IOException e)
+ {
+ listOfStrings = Arrays.asList(listAsString.split("\\s*,\\s*"));
+ }
}
return listOfStrings;
}
diff --git a/broker-core/src/test/java/org/apache/qpid/server/ssl/TrustManagerTest.java b/broker-core/src/test/java/org/apache/qpid/server/ssl/TrustManagerTest.java
index 3dcddff..cafbfc8 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/ssl/TrustManagerTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/ssl/TrustManagerTest.java
@@ -38,7 +38,7 @@ import org.apache.qpid.server.transport.network.security.ssl.SSLUtil;
public class TrustManagerTest extends QpidTestCase
{
- private static final String STORE_TYPE = "pkcs12";
+ private static final String STORE_TYPE = TestSSLConstants.JAVA_KEYSTORE_TYPE;
private static final String DEFAULT_TRUST_MANAGER_ALGORITHM = TrustManagerFactory.getDefaultAlgorithm();
private static final String KEYSTORE_PASSWORD = TestSSLConstants.KEYSTORE_PASSWORD;
private static final String PEER_STORE = "ssl/java_broker_peerstore.pkcs12";
diff --git a/broker-core/src/test/java/org/apache/qpid/server/transport/TCPandSSLTransportTest.java b/broker-core/src/test/java/org/apache/qpid/server/transport/TCPandSSLTransportTest.java
index e83cdd1..08b3d2f 100644
--- a/broker-core/src/test/java/org/apache/qpid/server/transport/TCPandSSLTransportTest.java
+++ b/broker-core/src/test/java/org/apache/qpid/server/transport/TCPandSSLTransportTest.java
@@ -57,6 +57,10 @@ public class TCPandSSLTransportTest extends QpidTestCase
public void testNoSSLv3SupportOnSSLOnlyPort() throws Exception
{
+ if (getJvmVendor() == JvmVendor.IBM)
+ {
+ return;
+ }
try
{
checkSSLExcluded("SSLv3", Transport.SSL);
@@ -99,6 +103,10 @@ public class TCPandSSLTransportTest extends QpidTestCase
public void testNoSSLv3SupportOnSharedPort() throws Exception
{
+ if (getJvmVendor() == JvmVendor.IBM)
+ {
+ return;
+ }
try
{
checkSSLExcluded("SSLv3", Transport.TCP, Transport.SSL);
diff --git a/broker-plugins/jdbc-store/src/test/java/org/apache/qpid/server/virtualhost/jdbc/JDBCVirtualHostTest.java b/broker-plugins/jdbc-store/src/test/java/org/apache/qpid/server/virtualhost/jdbc/JDBCVirtualHostTest.java
index 3af9000..069735f 100644
--- a/broker-plugins/jdbc-store/src/test/java/org/apache/qpid/server/virtualhost/jdbc/JDBCVirtualHostTest.java
+++ b/broker-plugins/jdbc-store/src/test/java/org/apache/qpid/server/virtualhost/jdbc/JDBCVirtualHostTest.java
@@ -33,6 +33,7 @@ import org.apache.qpid.server.configuration.updater.CurrentThreadTaskExecutor;
import org.apache.qpid.server.logging.EventLogger;
import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.model.BrokerModel;
+import org.apache.qpid.server.model.BrokerTestHelper;
import org.apache.qpid.server.model.ConfiguredObject;
import org.apache.qpid.server.model.ConfiguredObjectFactoryImpl;
import org.apache.qpid.server.model.SystemConfig;
@@ -60,7 +61,7 @@ public class JDBCVirtualHostTest extends QpidTestCase
public void testInvalidTableNamePrefix() throws Exception
{
- final VirtualHostNode vhn = mock(VirtualHostNode.class);
+ final VirtualHostNode vhn = BrokerTestHelper.mockWithSystemPrincipal(VirtualHostNode.class);
when(vhn.getCategoryClass()).thenReturn(VirtualHostNode.class);
when(vhn.getChildExecutor()).thenReturn(_taskExecutor);
final ConfiguredObjectFactoryImpl factory = new ConfiguredObjectFactoryImpl(BrokerModel.getInstance());
diff --git a/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/QpidTestCase.java b/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/QpidTestCase.java
index 630dbe0..7e8664f 100644
--- a/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/QpidTestCase.java
+++ b/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/QpidTestCase.java
@@ -351,4 +351,35 @@ public class QpidTestCase extends TestCase
}
return properties;
}
+
+ public JvmVendor getJvmVendor()
+ {
+ final String property = String.valueOf(System.getProperty("java.vendor")).toUpperCase();
+ if (property.contains("IBM"))
+ {
+ return JvmVendor.IBM;
+ }
+ else if (property.contains("ORACLE"))
+ {
+ return JvmVendor.ORACLE;
+ }
+ else if (property.contains("OPENJDK"))
+ {
+ return JvmVendor.OPENJDK;
+ }
+ else
+ {
+ return JvmVendor.UNKNOWN;
+ }
+ }
+
+ public enum JvmVendor
+ {
+ ORACLE,
+ IBM,
+ OPENJDK,
+ UNKNOWN
+ }
+
+
}
diff --git a/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/TestSSLConstants.java b/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/TestSSLConstants.java
index 360ecc9..1d4cc82 100644
--- a/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/TestSSLConstants.java
+++ b/qpid-test-utils/src/main/java/org/apache/qpid/test/utils/TestSSLConstants.java
@@ -41,4 +41,6 @@ public interface TestSSLConstants
String BROKER_TRUSTSTORE = "test-profiles/test_resources/ssl/java_broker_truststore.jks";
String BROKER_EXPIRED_TRUSTSTORE = "test-profiles/test_resources/ssl/java_broker_expired_truststore.jks";
String BROKER_TRUSTSTORE_PASSWORD = "password";
+
+ String JAVA_KEYSTORE_TYPE = "pkcs12";
}
diff --git a/systests/etc/config-systests.json b/systests/etc/config-systests.json
index c342413..5d644b5 100644
--- a/systests/etc/config-systests.json
+++ b/systests/etc/config-systests.json
@@ -29,12 +29,14 @@
"keystores" : [ {
"name" : "systestsKeyStore",
"storeUrl" : "${qpid.home_dir}${file.separator}..${file.separator}test-profiles${file.separator}test_resources${file.separator}ssl${file.separator}java_broker_keystore.jks",
- "password" : "password"
+ "password" : "password",
+ "keyStoreType": "pkcs12"
} ],
"truststores" : [ {
"name" : "systestsTrustStore",
"storeUrl" : "${qpid.home_dir}${file.separator}..${file.separator}test-profiles${file.separator}test_resources${file.separator}ssl${file.separator}java_broker_truststore.jks",
- "password" : "password"
+ "password" : "password",
+ "trustStoreType": "pkcs12"
} ],
"ports" : [ {
"name" : "amqp",
diff --git a/systests/src/main/java/org/apache/qpid/systest/rest/RestTestHelper.java b/systests/src/main/java/org/apache/qpid/systest/rest/RestTestHelper.java
index 4ba8687..b0a1cdd 100644
--- a/systests/src/main/java/org/apache/qpid/systest/rest/RestTestHelper.java
+++ b/systests/src/main/java/org/apache/qpid/systest/rest/RestTestHelper.java
@@ -19,9 +19,11 @@
package org.apache.qpid.systest.rest;
import static java.nio.charset.StandardCharsets.UTF_8;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
+import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
@@ -33,6 +35,7 @@ import java.net.URL;
import java.net.URLEncoder;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
+import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedHashMap;
@@ -47,6 +50,7 @@ import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.X509TrustManager;
import javax.servlet.http.HttpServletResponse;
import javax.xml.bind.DatatypeConverter;
@@ -58,10 +62,10 @@ import org.slf4j.LoggerFactory;
import org.apache.qpid.server.model.Queue;
import org.apache.qpid.server.model.SystemConfig;
-import org.apache.qpid.ssl.SSLContextFactory;
+import org.apache.qpid.server.transport.network.security.ssl.QpidServerX509KeyManager;
+import org.apache.qpid.server.transport.network.security.ssl.SSLUtil;
import org.apache.qpid.test.utils.QpidBrokerTestCase;
import org.apache.qpid.test.utils.TestBrokerConfiguration;
-import org.apache.qpid.transport.network.security.ssl.SSLUtil;
public class RestTestHelper
{
@@ -160,31 +164,38 @@ public class RestTestHelper
if(_useSslAuth)
{
+ if (_keystore == null)
+ {
+ throw new IllegalStateException("Cannot use SSL client auth without providing a keystore");
+ }
try
{
// We have to use a SSLSocketFactory from a new SSLContext so that we don't re-use
// the JVM's defaults that may have been initialised in previous tests.
-
final TrustManager[] trustManagers;
final KeyManager[] keyManagers;
- trustManagers =
- SSLContextFactory.getTrustManagers(_truststore,
- _truststorePassword,
- KeyStore.getDefaultType(),
- TrustManagerFactory.getDefaultAlgorithm());
+ KeyStore ts = SSLUtil.getInitializedKeyStore(_truststore, _truststorePassword, JAVA_KEYSTORE_TYPE);
+ TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ tmf.init(ts);
+ trustManagers = tmf.getTrustManagers();
- if (_keystore == null)
+ if (_clientAuthAlias != null)
{
- throw new IllegalStateException("Cannot use SSL client auth without providing a keystore");
+ keyManagers = new KeyManager[]{new QpidServerX509KeyManager(_clientAuthAlias,
+ new File(_keystore).toURI().toURL(),
+ JAVA_KEYSTORE_TYPE,
+ _keystorePassword,
+ KeyManagerFactory.getDefaultAlgorithm())};
+ }
+ else
+ {
+ KeyStore ks = SSLUtil.getInitializedKeyStore(_keystore, _keystorePassword, JAVA_KEYSTORE_TYPE);
+ char[] keyStoreCharPassword = _keystorePassword == null ? null : _keystorePassword.toCharArray();
+ KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+ kmf.init(ks, keyStoreCharPassword);
+ keyManagers = kmf.getKeyManagers();
}
-
- keyManagers =
- SSLContextFactory.getKeyManagers(_keystore,
- _keystorePassword,
- KeyStore.getDefaultType(),
- KeyManagerFactory.getDefaultAlgorithm(),
- _clientAuthAlias);
final SSLContext sslContext = SSLUtil.tryGetSSLContext();
@@ -207,16 +218,29 @@ public class RestTestHelper
// the JVM's defaults that may have been initialised in previous tests.
final TrustManager[] trustManagers;
- final KeyManager[] keyManagers;
+ KeyManager[] keyManagers = null;
- trustManagers =
- SSLContextFactory.getTrustManagers(_truststore,
- _truststorePassword,
- KeyStore.getDefaultType(),
- TrustManagerFactory.getDefaultAlgorithm());
+ KeyStore ts = SSLUtil.getInitializedKeyStore(_truststore, _truststorePassword, JAVA_KEYSTORE_TYPE);
+ TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ tmf.init(ts);
+ trustManagers = tmf.getTrustManagers();
- keyManagers =
- SSLContextFactory.getKeyManagers(null, null, null, null, null);
+ if (_keystore != null)
+ {
+ KeyStore _keyStore;
+ try
+ {
+ URL ks = new File(_keystore).toURI().toURL();
+ _keyStore = SSLUtil.getInitializedKeyStore(ks, _keystorePassword, JAVA_KEYSTORE_TYPE);
+ }
+ catch (MalformedURLException e)
+ {
+ _keyStore = SSLUtil.getInitializedKeyStore(_keystore, _keystorePassword, JAVA_KEYSTORE_TYPE);
+ }
+ KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+ kmf.init(_keyStore, _keystorePassword.toCharArray());
+ keyManagers = kmf.getKeyManagers();
+ }
final SSLContext sslContext = SSLUtil.tryGetSSLContext();
diff --git a/systests/src/test/java/org/apache/qpid/client/ssl/SSLTest.java b/systests/src/test/java/org/apache/qpid/client/ssl/SSLTest.java
index 5703473..898acd6 100644
--- a/systests/src/test/java/org/apache/qpid/client/ssl/SSLTest.java
+++ b/systests/src/test/java/org/apache/qpid/client/ssl/SSLTest.java
@@ -20,6 +20,7 @@
*/
package org.apache.qpid.client.ssl;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import static org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE;
import static org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE_PASSWORD;
import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE;
@@ -72,6 +73,9 @@ public class SSLTest extends QpidBrokerTestCase
setSslStoreSystemProperties();
+ setSystemProperty("javax.net.ssl.trustStoreType", JAVA_KEYSTORE_TYPE);
+ setSystemProperty("javax.net.ssl.keyStoreType", JAVA_KEYSTORE_TYPE);
+
super.setUp();
}
@@ -106,6 +110,7 @@ public class SSLTest extends QpidBrokerTestCase
options.put("transport.keyStorePassword", KEYSTORE_PASSWORD);
options.put("transport.trustStoreLocation", TRUSTSTORE);
options.put("transport.trustStorePassword", TRUSTSTORE_PASSWORD);
+ options.put("transport.storeType", JAVA_KEYSTORE_TYPE);
con = getConnectionWithOptions(options);
}
@@ -675,7 +680,7 @@ public class SSLTest extends QpidBrokerTestCase
private File[] extractResourcesFromTestKeyStore() throws Exception
{
- java.security.KeyStore ks = java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());
+ java.security.KeyStore ks = java.security.KeyStore.getInstance(JAVA_KEYSTORE_TYPE);
try(InputStream is = new FileInputStream(KEYSTORE))
{
ks.load(is, KEYSTORE_PASSWORD.toCharArray() );
@@ -727,7 +732,7 @@ public class SSLTest extends QpidBrokerTestCase
private File extractCertFileFromTestTrustStore() throws Exception
{
- java.security.KeyStore ks = java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());
+ java.security.KeyStore ks = java.security.KeyStore.getInstance(JAVA_KEYSTORE_TYPE);
try(InputStream is = new FileInputStream(TRUSTSTORE))
{
ks.load(is, TRUSTSTORE_PASSWORD.toCharArray() );
diff --git a/systests/src/test/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationTest.java b/systests/src/test/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationTest.java
index 7a6a336..b8fb940 100644
--- a/systests/src/test/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationTest.java
+++ b/systests/src/test/java/org/apache/qpid/server/security/auth/manager/ExternalAuthenticationTest.java
@@ -60,7 +60,8 @@ public class ExternalAuthenticationTest extends QpidBrokerTestCase
setSystemProperty("javax.net.ssl.keyStorePassword", null);
setSystemProperty("javax.net.ssl.trustStore", null);
setSystemProperty("javax.net.ssl.trustStorePassword", null);
-
+ setSystemProperty("javax.net.ssl.trustStoreType", JAVA_KEYSTORE_TYPE);
+ setSystemProperty("javax.net.ssl.keyStoreType", JAVA_KEYSTORE_TYPE);
}
@Override
@@ -236,6 +237,7 @@ public class ExternalAuthenticationTest extends QpidBrokerTestCase
sslTrustStoreAttributes.put(FileTrustStore.STORE_URL, BROKER_PEERSTORE);
sslTrustStoreAttributes.put(FileTrustStore.PASSWORD, BROKER_PEERSTORE_PASSWORD);
sslTrustStoreAttributes.put(FileTrustStore.PEERS_ONLY, true);
+ sslTrustStoreAttributes.put(FileTrustStore.TRUST_STORE_TYPE, JAVA_KEYSTORE_TYPE);
getDefaultBrokerConfiguration().addObjectConfiguration(TrustStore.class, sslTrustStoreAttributes);
super.startDefaultBroker();
@@ -380,6 +382,7 @@ public class ExternalAuthenticationTest extends QpidBrokerTestCase
if(trustStoreLocation != null)
{
options.put("transport.trustStoreLocation", trustStoreLocation);
+ options.put("transport.trustStoreType", JAVA_KEYSTORE_TYPE);
}
if(trustStorePassword != null)
{
@@ -388,7 +391,7 @@ public class ExternalAuthenticationTest extends QpidBrokerTestCase
if(keyStoreLocation != null)
{
options.put("transport.keyStoreLocation", keyStoreLocation);
-
+ options.put("transport.keyStoreType", JAVA_KEYSTORE_TYPE);
}
if(keyStorePassword != null)
{
diff --git a/systests/src/test/java/org/apache/qpid/systest/management/amqp/AmqpManagementTest.java b/systests/src/test/java/org/apache/qpid/systest/management/amqp/AmqpManagementTest.java
index 58bc844..050ae42 100644
--- a/systests/src/test/java/org/apache/qpid/systest/management/amqp/AmqpManagementTest.java
+++ b/systests/src/test/java/org/apache/qpid/systest/management/amqp/AmqpManagementTest.java
@@ -21,6 +21,7 @@
package org.apache.qpid.systest.management.amqp;
import static org.apache.qpid.server.model.Queue.ALERT_THRESHOLD_QUEUE_DEPTH_MESSAGES;
+import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE;
import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE;
import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE_PASSWORD;
@@ -97,6 +98,8 @@ public class AmqpManagementTest extends QpidBrokerTestCase
// set the ssl system properties
setSystemProperty("javax.net.ssl.trustStore", TRUSTSTORE);
setSystemProperty("javax.net.ssl.trustStorePassword", TRUSTSTORE_PASSWORD);
+ setSystemProperty("javax.net.ssl.trustStoreType", JAVA_KEYSTORE_TYPE);
+ setSystemProperty("javax.net.ssl.keyStoreType", JAVA_KEYSTORE_TYPE);
super.setUp();
diff --git a/systests/src/test/java/org/apache/qpid/systest/messageencryption/MessageEncryptionTest.java b/systests/src/test/java/org/apache/qpid/systest/messageencryption/MessageEncryptionTest.java
index 1ba42ef..e55a35f 100644
--- a/systests/src/test/java/org/apache/qpid/systest/messageencryption/MessageEncryptionTest.java
+++ b/systests/src/test/java/org/apache/qpid/systest/messageencryption/MessageEncryptionTest.java
@@ -49,6 +49,23 @@ public class MessageEncryptionTest extends QpidBrokerTestCase implements TestSSL
public static final String INCLUDED_VIRTUAL_HOST_NODE_NAME = "includedVirtualHostNode";
@Override
+ public void setUp() throws Exception
+ {
+ super.setUp();
+
+ // Encryption trust store password is set using system property due to client defect QPID-8283
+ setSystemProperty("javax.net.ssl.trustStorePassword", TestSSLConstants.KEYSTORE_PASSWORD);
+ setSystemProperty("javax.net.ssl.trustStoreType", "pkcs12");
+ setSystemProperty("javax.net.ssl.keyStoreType", "pkcs12");
+ }
+
+ @Override
+ public void tearDown() throws Exception
+ {
+ super.tearDown();
+ }
+
+ @Override
public void startDefaultBroker() throws Exception
{
// tests start broker
diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/KeyStoreRestTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/KeyStoreRestTest.java
index 1b34545..9a7cfeb 100644
--- a/systests/src/test/java/org/apache/qpid/systest/rest/KeyStoreRestTest.java
+++ b/systests/src/test/java/org/apache/qpid/systest/rest/KeyStoreRestTest.java
@@ -49,7 +49,7 @@ public class KeyStoreRestTest extends QpidRestTestCase
assertEquals("Unexpected name", TestBrokerConfiguration.ENTRY_NAME_SSL_KEYSTORE, keystore.get(KeyStore.NAME));
assertEquals("unexpected path to key store", ConfiguredObject.OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT, keystore.get(FileKeyStore.STORE_URL));
assertEquals("unexpected (dummy) password of default systests key store", AbstractConfiguredObject.SECURED_STRING_VALUE, keystore.get(FileKeyStore.PASSWORD));
- assertEquals("unexpected type of default systests key store", java.security.KeyStore.getDefaultType(), keystore.get(FileKeyStore.KEY_STORE_TYPE));
+ assertEquals("unexpected type of default systests key store", TestSSLConstants.JAVA_KEYSTORE_TYPE, keystore.get(FileKeyStore.KEY_STORE_TYPE));
assertFalse("should not be a certificateAlias attribute", keystore.containsKey(FileKeyStore.CERTIFICATE_ALIAS));
}
@@ -147,6 +147,7 @@ public class KeyStoreRestTest extends QpidRestTestCase
keyStoreAttributes.put(KeyStore.NAME, name);
keyStoreAttributes.put(FileKeyStore.STORE_URL, keyStorePath);
keyStoreAttributes.put(FileKeyStore.PASSWORD, keystorePassword);
+ keyStoreAttributes.put(FileKeyStore.KEY_STORE_TYPE, TestSSLConstants.JAVA_KEYSTORE_TYPE);
if (certAlias != null)
{
keyStoreAttributes.put(FileKeyStore.CERTIFICATE_ALIAS, certAlias);
diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/TrustStoreRestTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/TrustStoreRestTest.java
index 70759f9..b9ce1bd 100644
--- a/systests/src/test/java/org/apache/qpid/systest/rest/TrustStoreRestTest.java
+++ b/systests/src/test/java/org/apache/qpid/systest/rest/TrustStoreRestTest.java
@@ -50,7 +50,7 @@ public class TrustStoreRestTest extends QpidRestTestCase
assertEquals("unexpected (dummy) password of default systests trust store",
AbstractConfiguredObject.SECURED_STRING_VALUE, truststore.get(FileTrustStore.PASSWORD));
assertEquals("unexpected type of default systests trust store",
- java.security.KeyStore.getDefaultType(), truststore.get(FileTrustStore.TRUST_STORE_TYPE));
+ TestSSLConstants.JAVA_KEYSTORE_TYPE, truststore.get(FileTrustStore.TRUST_STORE_TYPE));
assertEquals("unexpected peersOnly value", false, truststore.get(FileTrustStore.PEERS_ONLY));
}
@@ -67,7 +67,7 @@ public class TrustStoreRestTest extends QpidRestTestCase
assertEquals("unexpected trust store name", name, truststore.get(TrustStore.NAME));
assertEquals("unexpected store URL", TestSSLConstants.TRUSTSTORE, truststore.get(FileTrustStore.STORE_URL));
assertEquals("unexpected password value", AbstractConfiguredObject.SECURED_STRING_VALUE, truststore.get(FileTrustStore.PASSWORD));
- assertEquals("unexpected type", java.security.KeyStore.getDefaultType(), truststore.get(FileTrustStore.TRUST_STORE_TYPE));
+ assertEquals("unexpected type", TestSSLConstants.JAVA_KEYSTORE_TYPE, truststore.get(FileTrustStore.TRUST_STORE_TYPE));
assertEquals("unexpected peersOnly value", true, truststore.get(FileTrustStore.PEERS_ONLY));
}
@@ -88,7 +88,7 @@ public class TrustStoreRestTest extends QpidRestTestCase
assertEquals("nexpected trust store name", name, truststore.get(TrustStore.NAME));
assertEquals("unexpected store URL value", ConfiguredObject.OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT, truststore.get(FileTrustStore.STORE_URL));
assertEquals("unexpected password value", AbstractConfiguredObject.SECURED_STRING_VALUE, truststore.get(FileTrustStore.PASSWORD));
- assertEquals("unexpected type of trust store", java.security.KeyStore.getDefaultType(), truststore.get(FileTrustStore.TRUST_STORE_TYPE));
+ assertEquals("unexpected type of trust store", TestSSLConstants.JAVA_KEYSTORE_TYPE, truststore.get(FileTrustStore.TRUST_STORE_TYPE));
assertEquals("unexpected peersOnly value", false, truststore.get(FileTrustStore.PEERS_ONLY));
}
@@ -109,7 +109,7 @@ public class TrustStoreRestTest extends QpidRestTestCase
assertEquals("unexpected name", TestBrokerConfiguration.ENTRY_NAME_SSL_TRUSTSTORE, truststore.get(TrustStore.NAME));
assertEquals("unexpected store URL value", ConfiguredObject.OVER_SIZED_ATTRIBUTE_ALTERNATIVE_TEXT, truststore.get(FileTrustStore.STORE_URL));
assertEquals("unexpected password value", AbstractConfiguredObject.SECURED_STRING_VALUE, truststore.get(FileTrustStore.PASSWORD));
- assertEquals("unexpected type of trust store", java.security.KeyStore.getDefaultType(), truststore.get(FileTrustStore.TRUST_STORE_TYPE));
+ assertEquals("unexpected type of trust store", TestSSLConstants.JAVA_KEYSTORE_TYPE, truststore.get(FileTrustStore.TRUST_STORE_TYPE));
assertEquals("unexpected peersOnly value", false, truststore.get(FileTrustStore.PEERS_ONLY));
}
@@ -133,7 +133,7 @@ public class TrustStoreRestTest extends QpidRestTestCase
assertEquals("unexpected name", name, trustStore.get(TrustStore.NAME));
assertEquals("unexpected path to trust store", TestSSLConstants.TRUSTSTORE, trustStore.get(FileTrustStore.STORE_URL));
assertEquals("unexpected password", AbstractConfiguredObject.SECURED_STRING_VALUE, trustStore.get(FileTrustStore.PASSWORD));
- assertEquals("unexpected type", java.security.KeyStore.getDefaultType(), trustStore.get(FileTrustStore.TRUST_STORE_TYPE));
+ assertEquals("unexpected type", TestSSLConstants.JAVA_KEYSTORE_TYPE, trustStore.get(FileTrustStore.TRUST_STORE_TYPE));
assertEquals("unexpected peersOnly value", false, trustStore.get(FileTrustStore.PEERS_ONLY));
}
@@ -154,6 +154,7 @@ public class TrustStoreRestTest extends QpidRestTestCase
trustStoreAttributes.put(FileTrustStore.STORE_URL, truststorePath);
trustStoreAttributes.put(FileTrustStore.PASSWORD, truststorePassword);
trustStoreAttributes.put(FileTrustStore.PEERS_ONLY, peersOnly);
+ trustStoreAttributes.put(FileTrustStore.TRUST_STORE_TYPE, TestSSLConstants.JAVA_KEYSTORE_TYPE);
getRestTestHelper().submitRequest("truststore/" + name, "PUT", trustStoreAttributes, HttpServletResponse.SC_CREATED);
}
diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java
index 9f704cf..06a530b 100644
--- a/systests/src/test/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java
+++ b/systests/src/test/java/org/apache/qpid/systest/rest/acl/BrokerACLTest.java
@@ -1076,6 +1076,7 @@ public class BrokerACLTest extends QpidRestTestCase
keyStoreAttributes.put(FileKeyStore.STORE_URL, TestSSLConstants.KEYSTORE);
keyStoreAttributes.put(FileKeyStore.PASSWORD, TestSSLConstants.KEYSTORE_PASSWORD);
keyStoreAttributes.put(FileKeyStore.CERTIFICATE_ALIAS, certAlias);
+ keyStoreAttributes.put(FileKeyStore.KEY_STORE_TYPE, TestSSLConstants.JAVA_KEYSTORE_TYPE);
return getRestTestHelper().submitRequest("keystore/" + name, "PUT", keyStoreAttributes);
}
@@ -1087,6 +1088,7 @@ public class BrokerACLTest extends QpidRestTestCase
trustStoreAttributes.put(FileTrustStore.STORE_URL, TestSSLConstants.KEYSTORE);
trustStoreAttributes.put(FileTrustStore.PASSWORD, TestSSLConstants.KEYSTORE_PASSWORD);
trustStoreAttributes.put(FileTrustStore.PEERS_ONLY, peersOnly);
+ trustStoreAttributes.put(FileTrustStore.TRUST_STORE_TYPE, TestSSLConstants.JAVA_KEYSTORE_TYPE);
return getRestTestHelper().submitRequest("truststore/" + name, "PUT", trustStoreAttributes);
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org