ISPN-6922 Support for loading keystores from classpath in the Hot Rod…

… client
infinispan · Aug 3, 2016 · 3ad0879 · 3ad0879
1 parent 34daadf
commit 3ad0879
Show file tree

Hide file tree

Showing 4 changed files with 52 additions and 6 deletions.
diff --git a/...nt/src/main/java/org/infinispan/client/hotrod/impl/transport/tcp/TcpTransportFactory.java b/...nt/src/main/java/org/infinispan/client/hotrod/impl/transport/tcp/TcpTransportFactory.java
@@ -124,7 +124,9 @@ public void start(Codec codec, Configuration configuration, AtomicInteger defaul
             if (ssl.sslContext() != null) {
                sslContext = ssl.sslContext();
             } else {
-               sslContext = SslContextFactory.getContext(ssl.keyStoreFileName(), ssl.keyStorePassword(), ssl.keyStoreCertificatePassword(), ssl.trustStoreFileName(), ssl.trustStorePassword(), ssl.protocol());
+               sslContext = SslContextFactory.getContext(ssl.keyStoreFileName(), ssl.keyStorePassword(),
+                       ssl.keyStoreCertificatePassword(), ssl.trustStoreFileName(), ssl.trustStorePassword(), ssl.protocol(),
+                       configuration.classLoader());
             }
             sniHostName = ssl.sniHostName();
          }

diff --git a/...c/test/java/org/infinispan/client/hotrod/configuration/SSLClassPathConfigurationTest.java b/...c/test/java/org/infinispan/client/hotrod/configuration/SSLClassPathConfigurationTest.java
@@ -0,0 +1,24 @@
+package org.infinispan.client.hotrod.configuration;
+
+
+import org.infinispan.commons.util.SslContextFactory;
+import static org.testng.Assert.assertNotNull;
+import org.testng.annotations.Test;
+
+import javax.net.ssl.SSLContext;
+
+@Test(testName = "client.hotrod.configuration.SSLClassPathConfigurationTest", groups = "functional")
+public class SSLClassPathConfigurationTest {
+
+   public void testLoadTrustStore() {
+      String keyStoreFileName = getClass().getResource("/keystore.jks").getPath();
+      String truststoreFileName = "classpath:truststore2.jks";
+      char[] password = "secret".toCharArray();
+
+      SSLContext context =
+              SslContextFactory.getContext(keyStoreFileName, password, truststoreFileName, password);
+
+      assertNotNull(context);
+   }
+
+}
diff --git a/commons/src/main/java/org/infinispan/commons/logging/Log.java b/commons/src/main/java/org/infinispan/commons/logging/Log.java
@@ -10,6 +10,8 @@
 import org.jboss.logging.annotations.Message;
 import org.jboss.logging.annotations.MessageLogger;
 
+import java.io.IOException;
+
 /**
  * Infinispan's log abstraction layer on top of JBoss Logging.
  * <p/>
@@ -103,5 +105,7 @@ public interface Log extends BasicLogger {
    @Message(value = "Cannot resize unbounded container", id = 917)
    UnsupportedOperationException cannotResizeUnboundedContainer();
 
+   @Message(value = "Cannot find resource '%s'", id = 918)
+   IOException cannotFindResource(String fileName);
 }
 
diff --git a/commons/src/main/java/org/infinispan/commons/util/SslContextFactory.java b/commons/src/main/java/org/infinispan/commons/util/SslContextFactory.java
@@ -25,6 +25,7 @@
 public class SslContextFactory {
    private static final Log log = LogFactory.getLog(SslContextFactory.class);
    private static final String DEFAULT_SSL_PROTOCOL = "TLSv1.2";
+   private static final String CLASSPATH_RESOURCE = "classpath:";
 
    public static SSLContext getContext(String keyStoreFileName, char[] keyStorePassword, String trustStoreFileName, char[] trustStorePassword) {
       return getContext(keyStoreFileName, keyStorePassword, null, trustStoreFileName, trustStorePassword, DEFAULT_SSL_PROTOCOL);
@@ -38,12 +39,18 @@ public static SSLContext getContext(String keyStoreFileName, char[] keyStorePass
       return getContext(keyStoreFileName, keyStorePassword, keyStoreCertificatePassword, trustStoreFileName, trustStorePassword, DEFAULT_SSL_PROTOCOL);
    }
 
-   public static SSLContext getContext(String keyStoreFileName, char[] keyStorePassword, char[] keyStoreCertificatePassword, String trustStoreFileName, char[] trustStorePassword, String sslProtocol) {
+   public static SSLContext getContext(String keyStoreFileName, char[] keyStorePassword, char[] keyStoreCertificatePassword,
+                                       String trustStoreFileName, char[] trustStorePassword, String sslProtocol) {
+      return getContext(keyStoreFileName, keyStorePassword, keyStoreCertificatePassword, trustStoreFileName, trustStorePassword, DEFAULT_SSL_PROTOCOL, null);
+   }
+
+   public static SSLContext getContext(String keyStoreFileName, char[] keyStorePassword, char[] keyStoreCertificatePassword,
+                                       String trustStoreFileName, char[] trustStorePassword, String sslProtocol, ClassLoader classLoader) {
       try {
          KeyManager[] keyManagers = null;
          if (keyStoreFileName != null) {
             KeyStore ks = KeyStore.getInstance("JKS");
-            loadKeyStore(ks, keyStoreFileName, keyStorePassword);
+            loadKeyStore(ks, keyStoreFileName, keyStorePassword, classLoader);
             KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
             kmf.init(ks, keyStoreCertificatePassword == null ? keyStorePassword : keyStoreCertificatePassword);
             keyManagers = kmf.getKeyManagers();
@@ -52,7 +59,7 @@ public static SSLContext getContext(String keyStoreFileName, char[] keyStorePass
          TrustManager[] trustManagers = null;
          if (trustStoreFileName != null) {
             KeyStore ks = KeyStore.getInstance("JKS");
-            loadKeyStore(ks, trustStoreFileName, trustStorePassword);
+            loadKeyStore(ks, trustStoreFileName, trustStorePassword, classLoader);
             TrustManagerFactory tmf = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
             tmf.init(ks);
             trustManagers = tmf.getTrustManagers();
@@ -73,9 +80,18 @@ public static SSLEngine getEngine(SSLContext sslContext, boolean useClientMode,
       return sslEngine;
    }
 
-   private static void loadKeyStore(KeyStore ks, String keyStoreFileName, char[] keyStorePassword) throws IOException, GeneralSecurityException {
-      InputStream is = new BufferedInputStream(new FileInputStream(keyStoreFileName));
+   private static void loadKeyStore(KeyStore ks, String keyStoreFileName, char[] keyStorePassword, ClassLoader classLoader) throws IOException, GeneralSecurityException {
+      InputStream is = null;
       try {
+         if (keyStoreFileName.startsWith(CLASSPATH_RESOURCE)) {
+            String fileName = keyStoreFileName.substring(keyStoreFileName.indexOf(":") + 1);
+            is = Util.getResourceAsStream(fileName, classLoader);
+            if (is == null) {
+               throw log.cannotFindResource(keyStoreFileName);
+            }
+         } else {
+            is = new BufferedInputStream(new FileInputStream(keyStoreFileName));
+         }
          ks.load(is, keyStorePassword);
       } finally {
          Util.close(is);