Skip to content

Commit

Permalink
Removed KeyStoreType.reuseKeyStorePassword()
Browse files Browse the repository at this point in the history
  • Loading branch information
@ebourg
ebourg committed Nov 14, 2024
1 parent 1d21642 commit ed82d53
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 21 deletions.
11 changes: 11 additions & 0 deletions jsign-cli/src/test/java/net/jsign/JsignCLITest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -327,6 +327,17 @@ public void testSigningJCEKS() throws Exception {
}
}

@Test
public void testSigningJKS() throws Exception {
cli.execute("--name=WinEyes", "--url=http://www.steelblue.com/WinEyes", "--alg=SHA-256", "--keystore=target/test-classes/keystores/keystore.jks", "--alias=test", "--storepass=password", "" + targetFile);

assertTrue("The file " + targetFile + " wasn't changed", SOURCE_FILE_CRC32 != FileUtils.checksumCRC32(targetFile));

try (PEFile peFile = new PEFile(targetFile)) {
SignatureAssert.assertSigned(peFile, SHA256);
}
}

@Test
public void testSigningPVKSPC() throws Exception {
cli.execute("--url=http://www.steelblue.com/WinEyes", "--certfile=target/test-classes/keystores/jsign-test-certificate-full-chain.spc", "--keyfile=target/test-classes/keystores/privatekey-encrypted.pvk", "--storepass=password", "" + targetFile);
Expand Down
7 changes: 1 addition & 6 deletions jsign-core/src/main/java/net/jsign/SignerHelper.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -383,13 +383,8 @@ private AuthenticodeSigner build() throws SignerException {
}
}

String storepass = ksparams.storepass();
String keypass = ksparams.keypass();
char[] password = keypass != null ? keypass.toCharArray() : null;
if (password == null && storepass != null && storetype.reuseKeyStorePassword()) {
// use the storepass as the keypass
password = storepass.toCharArray();
}
char[] password = keypass != null ? keypass.toCharArray() : new char[0];

PrivateKey privateKey;
try {
Expand Down
27 changes: 12 additions & 15 deletions jsign-crypto/src/main/java/net/jsign/KeyStoreType.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,9 +100,6 @@ KeyStore getKeystore(KeyStoreBuilder params, Provider provider) throws KeyStoreE
try {
ks.load(null, null);
String keypass = params.keypass();
if (keypass == null) {
keypass = params.storepass();
}
ks.setKeyEntry("jsign", privateKey, keypass != null ? keypass.toCharArray() : new char[0], chain);
} catch (Exception e) {
throw new KeyStoreException(e);
Expand All @@ -122,6 +119,10 @@ void validate(KeyStoreBuilder params) {
if (!params.createFile(params.keystore()).exists()) {
throw new IllegalArgumentException("The keystore " + params.keystore() + " couldn't be found");
}
if (params.keypass() == null && params.storepass() != null) {
// reuse the storepass as the keypass
params.keypass(params.storepass());
}
}
},

Expand All @@ -135,6 +136,10 @@ void validate(KeyStoreBuilder params) {
if (!params.createFile(params.keystore()).exists()) {
throw new IllegalArgumentException("The keystore " + params.keystore() + " couldn't be found");
}
if (params.keypass() == null && params.storepass() != null) {
// reuse the storepass as the keypass
params.keypass(params.storepass());
}
}
},

Expand All @@ -148,6 +153,10 @@ void validate(KeyStoreBuilder params) {
if (!params.createFile(params.keystore()).exists()) {
throw new IllegalArgumentException("The keystore " + params.keystore() + " couldn't be found");
}
if (params.keypass() == null && params.storepass() != null) {
// reuse the storepass as the keypass
params.keypass(params.storepass());
}
}
},

Expand Down Expand Up @@ -385,11 +394,6 @@ Provider getProvider(KeyStoreBuilder params) {
throw new IllegalStateException("Authentication failed with SSL.com", e);
}
}

@Override
boolean reuseKeyStorePassword() {
return false;
}
},

/**
Expand Down Expand Up @@ -656,13 +660,6 @@ Set<String> getAliases(KeyStore keystore) throws KeyStoreException {
return new LinkedHashSet<>(Collections.list(keystore.aliases()));
}

/**
* Tells if the keystore password can be reused as the key password.
*/
boolean reuseKeyStorePassword() {
return true;
}

/**
* Guess the type of the keystore from the header or the extension of the file.
*
Expand Down

0 comments on commit ed82d53

Please sign in to comment.