Making java tests reflect new structure of certificates and also use pkcs12 keycert store

Matthew Sackman · Matthew Sackman · commit 4269d23d4f66 · 2009-08-04T14:49:57.000+01:00
diff --git a/build.xml b/build.xml
@@ -112,6 +112,8 @@
     <property name="SSL_CERTS_DIR" value="${env.SSL_CERTS_DIR}"/>
     <available property="SSL_AVAILABLE" file="${SSL_CERTS_DIR}/client"/>
     <property name="CLIENT_KEYSTORE_PHRASE" value="bunnies"/>
+    <property environment="env"/>
+    <property name="SSL_P12_PASSWORD" value="${env.PASSWORD}"/>
   </target>
 
   <target name="make-client-keystore" if="SSL_AVAILABLE" depends="detect-ssl">
@@ -123,35 +125,37 @@
       <arg value="-alias"/>
       <arg value="server1"/>
       <arg value="-file"/>
-      <arg value="${SSL_CERTS_DIR}/server/cert.pem"/>
+      <arg value="${SSL_CERTS_DIR}/testca/cacert.pem"/>
       <arg value="-keystore"/>
       <arg value="${CLIENT_KEYSTORE}"/>
       <arg value="-noprompt"/>
       <arg value="-storepass"/>
       <arg value="${CLIENT_KEYSTORE_PHRASE}"/>
     </exec>
-    <exec executable="keytool" failonerror="true" osfamily="unix" inputstring="\n\n">
-      <arg value="-genkey"/>
+    <exec executable="mktemp" outputproperty="CLIENT_KEYSTORE_EMPTY" failonerror="true" osfamily="unix">
+      <arg value="-u"/>
+    </exec>
+    <!-- can't create an empty keystore, so add cert in and then delete it! -->
+    <exec executable="keytool" failonerror="true" osfamily="unix">
+      <arg line="-import"/>
+      <arg value="-alias"/>
+      <arg value="server1"/>
+      <arg value="-file"/>
+      <arg value="${SSL_CERTS_DIR}/testca/cacert.pem"/>
       <arg value="-keystore"/>
-      <arg value="${CLIENT_KEYSTORE}"/>
+      <arg value="${CLIENT_KEYSTORE_EMPTY}"/>
       <arg value="-noprompt"/>
       <arg value="-storepass"/>
       <arg value="${CLIENT_KEYSTORE_PHRASE}"/>
-      <arg value="-dname"/>
-      <arg value="CN=test, OU=test, O=test, L=test, S=test, C=pluto"/>
     </exec>
-    <exec executable="mktemp" outputproperty="CLIENT_KEYSTORE_EMPTY" failonerror="true" osfamily="unix">
-      <arg value="-u"/>
-    </exec>
-    <exec executable="keytool" failonerror="true" osfamily="unix" inputstring="\n\n">
-      <arg value="-genkey"/>
+    <exec executable="keytool" failonerror="true" osfamily="unix">
+      <arg line="-delete"/>
+      <arg value="-alias"/>
+      <arg value="server1"/>
       <arg value="-keystore"/>
       <arg value="${CLIENT_KEYSTORE_EMPTY}"/>
-      <arg value="-noprompt"/>
       <arg value="-storepass"/>
       <arg value="${CLIENT_KEYSTORE_PHRASE}"/>
-      <arg value="-dname"/>
-      <arg value="CN=test, OU=test, O=test, L=test, S=test, C=pluto"/>
     </exec>
   </target>
   
@@ -337,7 +341,10 @@
       <classpath refid="test.classpath"/>
       <jvmarg value="-Dkeystore.path=${CLIENT_KEYSTORE}"/>
       <jvmarg value="-Dkeystore.empty.path=${CLIENT_KEYSTORE_EMPTY}"/>
-      <jvmarg value="-Dkeystore.phrase=${CLIENT_KEYSTORE_PHRASE}"/>
+      <jvmarg value="-Dkeystore.passwd=${CLIENT_KEYSTORE_PHRASE}"/>
+      
+      <jvmarg value="-Dp12.path=${SSL_CERTS_DIR}/client/keycert.p12"/>
+      <jvmarg value="-Dp12.passwd=${SSL_P12_PASSWORD}"/>
 
       <formatter type="plain"/>
       <formatter type="xml"/>
diff --git a/test/src/com/rabbitmq/client/test/ssl/BadVerifiedConnection.java b/test/src/com/rabbitmq/client/test/ssl/BadVerifiedConnection.java
@@ -54,26 +54,34 @@ public class BadVerifiedConnection extends UnverifiedConnection {
     public void openConnection()
         throws IOException
     {
-        connectionFactory = new ConnectionFactory();
         try {
             String keystorePath = System.getProperty("keystore.empty.path");
             assertNotNull(keystorePath);
-            String keystorePasswd = System.getProperty("keystore.phrase");
+            String keystorePasswd = System.getProperty("keystore.passwd");
             assertNotNull(keystorePasswd);
-            char [] passphrase = keystorePasswd.toCharArray();
+            char [] keystorePassword = keystorePasswd.toCharArray();
 
-            KeyStore ks = KeyStore.getInstance("JKS");
-            ks.load(new FileInputStream(keystorePath), passphrase);
-
-            KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
-            kmf.init(ks, passphrase);
+            KeyStore tks = KeyStore.getInstance("JKS");
+            tks.load(new FileInputStream(keystorePath), keystorePassword);
 
             TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
-            tmf.init(ks);
+            tmf.init(tks);
 
+            String p12Path = System.getProperty("p12.path");
+            assertNotNull(p12Path);
+            String p12Passwd = System.getProperty("p12.passwd");
+            assertNotNull(p12Passwd);
+            KeyStore ks = KeyStore.getInstance("PKCS12");
+            char [] p12Password = p12Passwd.toCharArray();
+            ks.load(new FileInputStream(p12Path), p12Password);
+
+            KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
+            kmf.init(ks, p12Password);
+            
             SSLContext c = SSLContext.getInstance("SSLv3");
             c.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
 
+            connectionFactory = new ConnectionFactory();
             connectionFactory.useSslProtocol(c);
         } catch (NoSuchAlgorithmException ex) {
             throw new IOException(ex.toString());
diff --git a/test/src/com/rabbitmq/client/test/ssl/VerifiedConnection.java b/test/src/com/rabbitmq/client/test/ssl/VerifiedConnection.java
@@ -57,19 +57,27 @@ public void openConnection()
         try {
             String keystorePath = System.getProperty("keystore.path");
             assertNotNull(keystorePath);
-            String keystorePasswd = System.getProperty("keystore.phrase");
+            String keystorePasswd = System.getProperty("keystore.passwd");
             assertNotNull(keystorePasswd);
-            char [] passphrase = keystorePasswd.toCharArray();
+            char [] keystorePassword = keystorePasswd.toCharArray();
 
-            KeyStore ks = KeyStore.getInstance("JKS");
-            ks.load(new FileInputStream(keystorePath), passphrase);
-
-            KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
-            kmf.init(ks, passphrase);
+            KeyStore tks = KeyStore.getInstance("JKS");
+            tks.load(new FileInputStream(keystorePath), keystorePassword);
 
             TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
-            tmf.init(ks);
+            tmf.init(tks);
 
+            String p12Path = System.getProperty("p12.path");
+            assertNotNull(p12Path);
+            String p12Passwd = System.getProperty("p12.passwd");
+            assertNotNull(p12Passwd);
+            KeyStore ks = KeyStore.getInstance("PKCS12");
+            char [] p12Password = p12Passwd.toCharArray();
+            ks.load(new FileInputStream(p12Path), p12Password);
+
+            KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
+            kmf.init(ks, p12Password);
+            
             SSLContext c = SSLContext.getInstance("SSLv3");
             c.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
 
