Mercurial > hg > release > icedtea-web-1.6
changeset 1202:6c166ac38f89
Removed redundant occurrence of default keystore password
author | Jiri Vanek <jvanek@redhat.com> |
---|---|
date | Mon, 13 Apr 2015 14:37:56 +0200 |
parents | 037811f1055e |
children | ebcd2aaa59c7 |
files | ChangeLog netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java netx/net/sourceforge/jnlp/security/CertificateUtils.java netx/net/sourceforge/jnlp/security/KeyStores.java netx/net/sourceforge/jnlp/security/SecurityUtil.java netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java |
diffstat | 7 files changed, 29 insertions(+), 25 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Mon Apr 13 13:55:20 2015 +0200 +++ b/ChangeLog Mon Apr 13 14:37:56 2015 +0200 @@ -1,3 +1,14 @@ +2015-04-13 Jiri Vanek <jvanek@redhat.com> + + Removed redundant occurrence of default keystore password + */netx/net/sourceforge/jnlp/security/KeyStores.java: removed redundant DEFAULT_PASSWORD + */netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java: call to KeyStores.getPassword + replaced by SecurityUtil.getTrustedCertsPassword + */netx/net/sourceforge/jnlp/security/CertificateUtils.java: same + */netx/net/sourceforge/jnlp/security/SecurityUtil.java: same + */netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java: same + */netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java: same + 2015-04-13 Jiri Vanek <jvanek@redhat.com> reverted "Kill processes in Integration Tests more cleanly"
--- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Mon Apr 13 13:55:20 2015 +0200 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Mon Apr 13 14:37:56 2015 +0200 @@ -65,6 +65,7 @@ import net.sourceforge.jnlp.security.JNLPAuthenticator; import net.sourceforge.jnlp.security.KeyStores; import net.sourceforge.jnlp.security.SecurityDialogMessageHandler; +import net.sourceforge.jnlp.security.SecurityUtil; import net.sourceforge.jnlp.services.XServiceManagerStub; import net.sourceforge.jnlp.util.FileUtils; import net.sourceforge.jnlp.util.logging.JavaConsole; @@ -269,7 +270,7 @@ SSLContext context = SSLContext.getInstance("SSL"); KeyStore ks = KeyStores.getKeyStore(KeyStores.Level.USER, KeyStores.Type.CLIENT_CERTS); KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); - kmf.init(ks, KeyStores.getPassword()); + kmf.init(ks, SecurityUtil.getTrustedCertsPassword()); TrustManager[] trust = new TrustManager[] { getSSLSocketTrustManager() }; context.init(kmf.getKeyManagers(), trust, null); sslSocketFactory = context.getSocketFactory();
--- a/netx/net/sourceforge/jnlp/security/CertificateUtils.java Mon Apr 13 13:55:20 2015 +0200 +++ b/netx/net/sourceforge/jnlp/security/CertificateUtils.java Mon Apr 13 14:37:56 2015 +0200 @@ -147,7 +147,7 @@ alias = new BigInteger(20, random).toString(); } while (ks.getCertificate(alias) != null); - ks.setKeyEntry(alias, key, KeyStores.getPassword(), certChain); + ks.setKeyEntry(alias, key, SecurityUtil.getTrustedCertsPassword(), certChain); } /** @@ -196,7 +196,7 @@ public static void dumpPKCS12(String alias, File file, KeyStore ks, char[] password) throws Exception { Certificate[] certChain = ks.getCertificateChain(alias); - Key key = ks.getKey(alias, KeyStores.getPassword()); + Key key = ks.getKey(alias, SecurityUtil.getTrustedCertsPassword()); BufferedOutputStream bos = new BufferedOutputStream(new FileOutputStream(file)); KeyStore keyStore = KeyStore.getInstance("PKCS12"); keyStore.load(null, null);
--- a/netx/net/sourceforge/jnlp/security/KeyStores.java Mon Apr 13 13:55:20 2015 +0200 +++ b/netx/net/sourceforge/jnlp/security/KeyStores.java Mon Apr 13 14:37:56 2015 +0200 @@ -83,12 +83,6 @@ public static final Map<Integer,String> keystoresPaths=new HashMap<Integer, String>(); private static final String KEYSTORE_TYPE = "JKS"; - /** the default password used to protect the KeyStores */ - private static final String DEFAULT_PASSWORD = "changeit"; - - public static char[] getPassword() { - return DEFAULT_PASSWORD.toCharArray(); - } /** * Returns a KeyStore corresponding to the appropriate level level (user or @@ -127,7 +121,7 @@ String location = getKeyStoreLocation(level, type).getFullPath(); KeyStore ks = null; try { - ks = createKeyStoreFromFile(new File(location), create, DEFAULT_PASSWORD); + ks = createKeyStoreFromFile(new File(location), create); //hashcode is used instead of instance so when no references are left //to keystore, then this will not be blocker for garbage collection keystoresPaths.put(ks.hashCode(),location); @@ -329,11 +323,9 @@ * it returns an empty but initialized KeyStore * * @param file the file to load information from - * @param password the password to unlock the KeyStore file. * @return a KeyStore containing data from the file */ - private static final KeyStore createKeyStoreFromFile(File file, boolean createIfNotFound, - String password) throws IOException, KeyStoreException, NoSuchAlgorithmException, + private static final KeyStore createKeyStoreFromFile(File file, boolean createIfNotFound) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException { FileInputStream fis = null; KeyStore ks = null; @@ -347,9 +339,9 @@ FileUtils.createRestrictedFile(file, true); ks = KeyStore.getInstance(KEYSTORE_TYPE); - ks.load(null, password.toCharArray()); + ks.load(null, SecurityUtil.getTrustedCertsPassword()); FileOutputStream fos = new FileOutputStream(file); - ks.store(fos, password.toCharArray()); + ks.store(fos,SecurityUtil.getTrustedCertsPassword()); fos.close(); } @@ -358,10 +350,10 @@ if (file.exists()) { fis = new FileInputStream(file); ks = KeyStore.getInstance(KEYSTORE_TYPE); - ks.load(fis, password.toCharArray()); + ks.load(fis, SecurityUtil.getTrustedCertsPassword()); } else { ks = KeyStore.getInstance(KEYSTORE_TYPE); - ks.load(null, password.toCharArray()); + ks.load(null, SecurityUtil.getTrustedCertsPassword()); } } finally { if (fis != null) {
--- a/netx/net/sourceforge/jnlp/security/SecurityUtil.java Mon Apr 13 13:55:20 2015 +0200 +++ b/netx/net/sourceforge/jnlp/security/SecurityUtil.java Mon Apr 13 14:37:56 2015 +0200 @@ -48,14 +48,14 @@ public class SecurityUtil { - private static final char[] password = "changeit".toCharArray(); + private static final char[] DEFAULT_PASSWORD = "changeit".toCharArray(); public static String getTrustedCertsFilename() throws Exception { return KeyStores.getKeyStoreLocation(Level.USER, Type.CERTS).getFullPath(); } public static char[] getTrustedCertsPassword() { - return password; + return DEFAULT_PASSWORD; } /** @@ -179,9 +179,9 @@ //made directory, or directory exists if (madeDir || dir.isDirectory()) { KeyStore ks = KeyStore.getInstance("JKS"); - ks.load(null, password); + ks.load(null, getTrustedCertsPassword()); FileOutputStream fos = new FileOutputStream(certFile); - ks.store(fos, password); + ks.store(fos, getTrustedCertsPassword()); fos.close(); return true; } else { @@ -208,7 +208,7 @@ if (file.exists()) { fis = new FileInputStream(file); ks = KeyStore.getInstance("JKS"); - ks.load(fis, password); + ks.load(fis, getTrustedCertsPassword()); } } catch (Exception e) { OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
--- a/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java Mon Apr 13 13:55:20 2015 +0200 +++ b/netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java Mon Apr 13 14:37:56 2015 +0200 @@ -360,7 +360,7 @@ OutputStream os = new FileOutputStream(keyStoreFile); try { - ks.store(os, KeyStores.getPassword()); + ks.store(os, SecurityUtil.getTrustedCertsPassword()); } finally { os.close(); }
--- a/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java Mon Apr 13 13:55:20 2015 +0200 +++ b/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java Mon Apr 13 14:37:56 2015 +0200 @@ -401,7 +401,7 @@ OutputStream os = new FileOutputStream(keyStoreFile); try { - ks.store(os, KeyStores.getPassword()); + ks.store(os, SecurityUtil.getTrustedCertsPassword()); } finally { os.close(); } @@ -489,7 +489,7 @@ FileUtils.createRestrictedFile(keyStoreFile, true); } FileOutputStream fos = new FileOutputStream(keyStoreFile); - keyStore.store(fos, KeyStores.getPassword()); + keyStore.store(fos, SecurityUtil.getTrustedCertsPassword()); fos.close(); } }