james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From btell...@apache.org
Subject [20/20] james-project git commit: JAMES-2437 When the publickey is missing in the keystore a NPE is thrown
Date Tue, 26 Jun 2018 09:13:16 GMT
JAMES-2437 When the publickey is missing in the keystore a NPE is thrown


Project: http://git-wip-us.apache.org/repos/asf/james-project/repo
Commit: http://git-wip-us.apache.org/repos/asf/james-project/commit/b10fa18a
Tree: http://git-wip-us.apache.org/repos/asf/james-project/tree/b10fa18a
Diff: http://git-wip-us.apache.org/repos/asf/james-project/diff/b10fa18a

Branch: refs/heads/master
Commit: b10fa18aa252624ce178e064919d92c7929d7d50
Parents: 25e9a11
Author: Gautier DI FOLCO <gdifolco@linagora.com>
Authored: Thu Jun 21 12:58:44 2018 +0200
Committer: benwa <btellier@linagora.com>
Committed: Tue Jun 26 16:12:07 2018 +0700

----------------------------------------------------------------------
 .../jmap/crypto/JamesSignatureHandler.java      |  16 ++++++---
 .../crypto/JamesSignatureHandlerProvider.java   |  33 ++++++++++++-------
 .../jmap/crypto/JamesSignatureHandlerTest.java  |  17 +++++++++-
 .../jmap/src/test/resources/badAliasKeystore    | Bin 0 -> 2246 bytes
 4 files changed, 50 insertions(+), 16 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/james-project/blob/b10fa18a/server/protocols/jmap/src/main/java/org/apache/james/jmap/crypto/JamesSignatureHandler.java
----------------------------------------------------------------------
diff --git a/server/protocols/jmap/src/main/java/org/apache/james/jmap/crypto/JamesSignatureHandler.java
b/server/protocols/jmap/src/main/java/org/apache/james/jmap/crypto/JamesSignatureHandler.java
index 5ba69b9..5d3dd4f 100644
--- a/server/protocols/jmap/src/main/java/org/apache/james/jmap/crypto/JamesSignatureHandler.java
+++ b/server/protocols/jmap/src/main/java/org/apache/james/jmap/crypto/JamesSignatureHandler.java
@@ -23,11 +23,14 @@ import java.io.InputStream;
 import java.security.InvalidKeyException;
 import java.security.Key;
 import java.security.KeyStore;
+import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.security.Signature;
 import java.security.SignatureException;
+import java.security.cert.Certificate;
+import java.util.Optional;
 
 import javax.inject.Inject;
 
@@ -65,11 +68,16 @@ public class JamesSignatureHandler implements SignatureHandler {
     public void init() throws Exception {
         KeyStore keystore = KeyStore.getInstance(JKS);
         InputStream fis = fileSystem.getResource(jmapConfiguration.getKeystore());
-        keystore.load(fis, jmapConfiguration.getSecret().toCharArray());
-        publicKey = keystore.getCertificate(ALIAS).getPublicKey();
-        Key key = keystore.getKey(ALIAS, jmapConfiguration.getSecret().toCharArray());
+        char[] secret = jmapConfiguration.getSecret().toCharArray();
+        keystore.load(fis, secret);
+        Certificate aliasCertificate = Optional
+                .ofNullable(keystore.getCertificate(ALIAS))
+                .orElseThrow(() -> new KeyStoreException("Alias '" + ALIAS + "' keystore
can't be found"));
+
+        publicKey = aliasCertificate.getPublicKey();
+        Key key = keystore.getKey(ALIAS, secret);
         if (! (key instanceof PrivateKey)) {
-            throw new Exception("Provided key is not a PrivateKey");
+            throw new KeyStoreException("Provided key is not a PrivateKey");
         }
         privateKey = (PrivateKey) key;
     }

http://git-wip-us.apache.org/repos/asf/james-project/blob/b10fa18a/server/protocols/jmap/src/test/java/org/apache/james/jmap/crypto/JamesSignatureHandlerProvider.java
----------------------------------------------------------------------
diff --git a/server/protocols/jmap/src/test/java/org/apache/james/jmap/crypto/JamesSignatureHandlerProvider.java
b/server/protocols/jmap/src/test/java/org/apache/james/jmap/crypto/JamesSignatureHandlerProvider.java
index b2b84bf..c531581 100644
--- a/server/protocols/jmap/src/test/java/org/apache/james/jmap/crypto/JamesSignatureHandlerProvider.java
+++ b/server/protocols/jmap/src/test/java/org/apache/james/jmap/crypto/JamesSignatureHandlerProvider.java
@@ -27,8 +27,10 @@ import java.util.Optional;
 
 import org.apache.james.filesystem.api.FileSystem;
 import org.apache.james.jmap.JMAPConfiguration;
+import org.apache.james.jmap.JMAPConfiguration.Builder;
 
 public class JamesSignatureHandlerProvider {
+
     private static final String JWT_PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----\n" +
         "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlChO/nlVP27MpdkG0Bh\n" +
         "16XrMRf6M4NeyGa7j5+1UKm42IKUf3lM28oe82MqIIRyvskPc11NuzSor8HmvH8H\n" +
@@ -39,11 +41,29 @@ public class JamesSignatureHandlerProvider {
         "kwIDAQAB\n" +
         "-----END PUBLIC KEY-----";
 
+    public JamesSignatureHandlerProvider() {
+    }
+
     public JamesSignatureHandler provide() throws Exception {
-        FileSystem fileSystem = new FileSystem() {
+        JamesSignatureHandler signatureHandler = new JamesSignatureHandler(newFileSystem(),
+                newConfigurationBuilder().build());
+        signatureHandler.init();
+        return signatureHandler;
+    }
+
+    public static Builder newConfigurationBuilder() {
+        return JMAPConfiguration.builder()
+            .enable()
+            .keystore("keystore")
+            .secret("james72laBalle")
+            .jwtPublicKeyPem(Optional.of(JWT_PUBLIC_KEY));
+    }
+
+    public static FileSystem newFileSystem() {
+        return new FileSystem() {
             @Override
             public InputStream getResource(String url) throws IOException {
-                return ClassLoader.getSystemResourceAsStream("keystore");
+                return ClassLoader.getSystemResourceAsStream(url);
             }
 
             @Override
@@ -56,15 +76,6 @@ public class JamesSignatureHandlerProvider {
                 return null;
             }
         };
-        JamesSignatureHandler signatureHandler = new JamesSignatureHandler(fileSystem, 
-                JMAPConfiguration.builder()
-                    .enable()
-                    .keystore("keystore")
-                    .secret("james72laBalle")
-                    .jwtPublicKeyPem(Optional.of(JWT_PUBLIC_KEY))
-                    .build());
-        signatureHandler.init();
-        return signatureHandler;
     }
 
 }

http://git-wip-us.apache.org/repos/asf/james-project/blob/b10fa18a/server/protocols/jmap/src/test/java/org/apache/james/jmap/crypto/JamesSignatureHandlerTest.java
----------------------------------------------------------------------
diff --git a/server/protocols/jmap/src/test/java/org/apache/james/jmap/crypto/JamesSignatureHandlerTest.java
b/server/protocols/jmap/src/test/java/org/apache/james/jmap/crypto/JamesSignatureHandlerTest.java
index 7aec75f..e885f41 100644
--- a/server/protocols/jmap/src/test/java/org/apache/james/jmap/crypto/JamesSignatureHandlerTest.java
+++ b/server/protocols/jmap/src/test/java/org/apache/james/jmap/crypto/JamesSignatureHandlerTest.java
@@ -21,6 +21,9 @@ package org.apache.james.jmap.crypto;
 
 import static org.assertj.core.api.Assertions.assertThat;
 
+import java.security.KeyStoreException;
+
+import org.apache.james.jmap.JMAPConfiguration;
 import org.junit.Before;
 import org.junit.Test;
 
@@ -34,7 +37,19 @@ public class JamesSignatureHandlerTest {
 
     @Before
     public void setUp() throws Exception {
-        signatureHandler = new JamesSignatureHandlerProvider().provide();
+       signatureHandler = new JamesSignatureHandlerProvider().provide();
+    }
+
+    @Test(expected = KeyStoreException.class)
+    public void initShouldThrowOnUnknownKeystore() throws Exception {
+        JMAPConfiguration jmapConfiguration = JamesSignatureHandlerProvider.newConfigurationBuilder()
+            .keystore("badAliasKeystore")
+            .secret("password")
+            .build();
+
+        JamesSignatureHandler signatureHandler = new JamesSignatureHandler(JamesSignatureHandlerProvider.newFileSystem(),
+                jmapConfiguration);
+        signatureHandler.init();
     }
 
     @Test

http://git-wip-us.apache.org/repos/asf/james-project/blob/b10fa18a/server/protocols/jmap/src/test/resources/badAliasKeystore
----------------------------------------------------------------------
diff --git a/server/protocols/jmap/src/test/resources/badAliasKeystore b/server/protocols/jmap/src/test/resources/badAliasKeystore
new file mode 100644
index 0000000..0a4de22
Binary files /dev/null and b/server/protocols/jmap/src/test/resources/badAliasKeystore differ


---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org


Mime
View raw message