Added support for saving keystore files and switched the Jetty94 brow…

…ser proxying CA cert setup code to use this
wiremock · Jun 29, 2020 · 500ebec · 500ebec
1 parent 4feaff3
commit 500ebec
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 36 deletions.
diff --git a/java8/src/main/java/com/github/tomakehurst/wiremock/jetty94/SslContexts.java b/java8/src/main/java/com/github/tomakehurst/wiremock/jetty94/SslContexts.java
@@ -2,8 +2,8 @@
 
 import com.github.tomakehurst.wiremock.common.BrowserProxySettings;
 import com.github.tomakehurst.wiremock.common.HttpsSettings;
-import com.github.tomakehurst.wiremock.common.ssl.KeyStoreSettings;
 import com.github.tomakehurst.wiremock.common.Notifier;
+import com.github.tomakehurst.wiremock.common.ssl.KeyStoreSettings;
 import com.github.tomakehurst.wiremock.core.Options;
 import com.github.tomakehurst.wiremock.http.ssl.CertificateAuthority;
 import com.github.tomakehurst.wiremock.http.ssl.CertificateGenerationUnsupportedException;
@@ -13,22 +13,13 @@
 import org.eclipse.jetty.server.SslConnectionFactory;
 import org.eclipse.jetty.util.ssl.SslContextFactory;
 
-import java.io.FileOutputStream;
 import java.io.IOException;
-import java.nio.file.FileSystems;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.nio.file.Paths;
-import java.nio.file.attribute.FileAttribute;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.CertificateException;
-import java.util.EnumSet;
 
 import static com.github.tomakehurst.wiremock.common.Exceptions.throwUnchecked;
-import static java.nio.file.attribute.PosixFilePermission.*;
-import static java.nio.file.attribute.PosixFilePermissions.asFileAttribute;
 
 public class SslContexts {
 
@@ -136,27 +127,8 @@ private static X509KeyStore buildKeyStore(KeyStoreSettings browserProxyCaKeyStor
         keyStore.load(null, password);
         keyStore.setKeyEntry("wiremock-ca", certificateAuthority.key(), password, certificateAuthority.certificateChain());
 
-        Path created = createCaKeystoreFile(Paths.get(browserProxyCaKeyStore.path()));
-        try (FileOutputStream fos = new FileOutputStream(created.toFile())) {
-            try {
-                keyStore.store(fos, password);
-            } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
-                throwUnchecked(e);
-            }
-        }
-        return new X509KeyStore(keyStore, password);
-    }
+        browserProxyCaKeyStore.getSource().save(keyStore);
 
-    private static Path createCaKeystoreFile(Path path) throws IOException {
-        FileAttribute<?>[] privateDirAttrs = new FileAttribute<?>[0];
-        FileAttribute<?>[] privateFileAttrs = new FileAttribute<?>[0];
-        if (FileSystems.getDefault().supportedFileAttributeViews().contains("posix")) {
-            privateDirAttrs = new FileAttribute<?>[] { asFileAttribute(EnumSet.of(OWNER_READ, OWNER_WRITE, OWNER_EXECUTE)) };
-            privateFileAttrs = new FileAttribute<?>[] { asFileAttribute(EnumSet.of(OWNER_READ, OWNER_WRITE)) };
-        }
-        if (!Files.exists(path.getParent())) {
-            Files.createDirectories(path.getParent(), privateDirAttrs);
-        }
-        return Files.createFile(path, privateFileAttrs);
+        return new X509KeyStore(keyStore, password);
     }
 }
diff --git a/src/main/java/com/github/tomakehurst/wiremock/common/ssl/FileOrClasspathKeyStoreSource.java b/src/main/java/com/github/tomakehurst/wiremock/common/ssl/FileOrClasspathKeyStoreSource.java
@@ -2,14 +2,22 @@
 
 import com.google.common.io.Resources;
 
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
+import java.io.*;
+import java.nio.file.FileSystems;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.nio.file.attribute.FileAttribute;
 import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.util.EnumSet;
 import java.util.Objects;
 
 import static com.github.tomakehurst.wiremock.common.Exceptions.throwUnchecked;
+import static java.nio.file.attribute.PosixFilePermission.*;
+import static java.nio.file.attribute.PosixFilePermissions.asFileAttribute;
 
 public class FileOrClasspathKeyStoreSource extends AbstractKeyStoreSource {
 
@@ -40,8 +48,31 @@ public boolean exists() {
     }
 
     @Override
-    public void save(KeyStore item) {
+    public void save(KeyStore keyStore) {
+        Path created = createKeystoreFile(Paths.get(path));
+        try (FileOutputStream fos = new FileOutputStream(created.toFile())) {
+            keyStore.store(fos, keyStorePassword);
+        } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException | IOException e) {
+            throwUnchecked(e);
+        }
+    }
+
+    private static Path createKeystoreFile(Path path) {
+        FileAttribute<?>[] privateDirAttrs = new FileAttribute<?>[0];
+        FileAttribute<?>[] privateFileAttrs = new FileAttribute<?>[0];
+        if (FileSystems.getDefault().supportedFileAttributeViews().contains("posix")) {
+            privateDirAttrs = new FileAttribute<?>[] { asFileAttribute(EnumSet.of(OWNER_READ, OWNER_WRITE, OWNER_EXECUTE)) };
+            privateFileAttrs = new FileAttribute<?>[] { asFileAttribute(EnumSet.of(OWNER_READ, OWNER_WRITE)) };
+        }
 
+        try {
+            if (!Files.exists(path.getParent())) {
+                Files.createDirectories(path.getParent(), privateDirAttrs);
+            }
+            return Files.createFile(path, privateFileAttrs);
+        } catch (IOException e) {
+            return throwUnchecked(e, Path.class);
+        }
     }
 
     public String getPath() {

diff --git a/src/main/java/com/github/tomakehurst/wiremock/common/ssl/KeyStoreSettings.java b/src/main/java/com/github/tomakehurst/wiremock/common/ssl/KeyStoreSettings.java
@@ -15,6 +15,8 @@
  */
 package com.github.tomakehurst.wiremock.common.ssl;
 
+import com.github.tomakehurst.wiremock.common.Source;
+
 import java.security.KeyStore;
 
 public class KeyStoreSettings {
@@ -57,6 +59,10 @@ public KeyStore loadStore() {
         return keyStoreSource.load();
     }
 
+    public Source<KeyStore> getSource() {
+        return keyStoreSource;
+    }
+
     public boolean exists() {
         return keyStoreSource.exists();
     }