0004793: Trust store password is required when storing

JumpMind · Jan 27, 2021 · c50c2a5 · c50c2a5
1 parent d37e5cb
commit c50c2a5
Showing 1 changed file with 20 additions and 18 deletions.
diff --git a/symmetric-util/src/main/java/org/jumpmind/security/SecurityService.java b/symmetric-util/src/main/java/org/jumpmind/security/SecurityService.java
@@ -73,9 +73,9 @@ public void init() {
     public KeyStore getTrustStore() {
         try {
             KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
-            FileInputStream is = new FileInputStream(getTrustStoreFilename());
-            ks.load(is, getTrustStorePassword() == null ? null : getTrustStorePassword().toCharArray());
-            is.close();
+            try (FileInputStream is = new FileInputStream(getTrustStoreFilename())) {
+                ks.load(is, getTrustStorePassword().toCharArray());
+            }
             return ks;
         } catch (RuntimeException e) {
             throw e;
@@ -91,9 +91,9 @@ public KeyStore getKeyStore() {
             String keyStoreType = System.getProperty(SecurityConstants.SYSPROP_KEYSTORE_TYPE,
                     SecurityConstants.KEYSTORE_TYPE);
             KeyStore ks = KeyStore.getInstance(keyStoreType);
-            FileInputStream is = new FileInputStream(getKeyStoreFilename());
-            ks.load(is, getKeyStorePassword().toCharArray());
-            is.close();
+            try (FileInputStream is = new FileInputStream(getKeyStoreFilename())) {
+                ks.load(is, getKeyStorePassword().toCharArray());
+            }
             return ks;
         } catch (RuntimeException e) {
             throw e;
@@ -125,10 +125,10 @@ public void installTrustedCert(TrustedCertificateEntry entry) {
             if (alias == null) {
                 alias = new String(Base64.encodeBase64(DigestUtils.sha1(entry.getTrustedCertificate().getEncoded()), false));
                 keyStore.setEntry(alias, entry, null);
-                log.info("Installing trusted certificate: {}", ((X509Certificate) entry.getTrustedCertificate()).getIssuerX500Principal().getName());
+                log.info("Installing trusted certificate: {}", ((X509Certificate) entry.getTrustedCertificate()).getSubjectDN().getName());
                 saveTrustStore(keyStore);
             } else {
-                log.info("Trusted certificate already installed: {}", ((X509Certificate) entry.getTrustedCertificate()).getIssuerX500Principal().getName());
+                log.info("Trusted certificate already installed: {}", ((X509Certificate) entry.getTrustedCertificate()).getSubjectDN().getName());
             }
         } catch (RuntimeException e) {
             throw e;
@@ -184,9 +184,9 @@ protected void checkThatKeystoreFileExists() throws KeyStoreException, NoSuchAlg
                             SecurityConstants.KEYSTORE_TYPE);
                     KeyStore ks = KeyStore.getInstance(keyStoreType);
                     ks.load(null, getKeyStorePassword().toCharArray());
-                    FileOutputStream os = new FileOutputStream(getKeyStoreFilename());
-                    ks.store(os, getKeyStorePassword().toCharArray());
-                    os.close();
+                    try (FileOutputStream os = new FileOutputStream(getKeyStoreFilename())) {
+                        ks.store(os, getKeyStorePassword().toCharArray());
+                    }
                     keyStoreExists = true;
                 }
             }
@@ -277,7 +277,9 @@ protected void initializeCipher(Cipher cipher, int mode) throws Exception {
     }
 
     protected String getTrustStorePassword() {
-        return unobfuscateIfNeeded(SecurityConstants.SYSPROP_TRUSTSTORE_PASSWORD);
+        String password = unobfuscateIfNeeded(SecurityConstants.SYSPROP_TRUSTSTORE_PASSWORD);
+        password = (password != null) ? password : SecurityConstants.KEYSTORE_PASSWORD;
+        return password;
     }
 
     protected String getKeyStorePassword() {
@@ -367,15 +369,15 @@ protected byte[] getBytes(int byteSize) {
 
     @Override
     public void saveTrustStore(KeyStore ks) throws Exception {
-        FileOutputStream os = new FileOutputStream(getTrustStoreFilename());
-        ks.store(os, getTrustStorePassword().toCharArray());
-        os.close();
+        try (FileOutputStream os = new FileOutputStream(getTrustStoreFilename())) {
+            ks.store(os, getTrustStorePassword().toCharArray());
+        }
     }
 
     protected void saveKeyStore(KeyStore ks, String password) throws Exception {
-        FileOutputStream os = new FileOutputStream(getKeyStoreFilename());
-        ks.store(os, password.toCharArray());
-        os.close();
+        try (FileOutputStream os = new FileOutputStream(getKeyStoreFilename())) {
+            ks.store(os, password.toCharArray());
+        }
     }
 
     protected static String getTrustStoreFilename() {