NIFI-5479: Using the SUN provider when the keystore type is JKS. This closes #2961.
Signed-off-by: Koji Kawamura <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/nifi/repo Commit: http://git-wip-us.apache.org/repos/asf/nifi/commit/f04cd868 Tree: http://git-wip-us.apache.org/repos/asf/nifi/tree/f04cd868 Diff: http://git-wip-us.apache.org/repos/asf/nifi/diff/f04cd868 Branch: refs/heads/master Commit: f04cd8681d3532f9c8f2eb7306962056a287e2ad Parents: a27ccd8 Author: Matt Gilman <[email protected]> Authored: Thu Aug 23 14:21:28 2018 -0400 Committer: Koji Kawamura <[email protected]> Committed: Tue Aug 28 15:28:30 2018 +0900 ---------------------------------------------------------------------- .../main/java/org/apache/nifi/security/util/KeyStoreUtils.java | 4 ++++ .../test/java/org/apache/nifi/web/server/JettyServerTest.java | 5 +++-- 2 files changed, 7 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/nifi/blob/f04cd868/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/util/KeyStoreUtils.java ---------------------------------------------------------------------- diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/util/KeyStoreUtils.java b/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/util/KeyStoreUtils.java index 50ed8c3..6b52009 100644 --- a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/util/KeyStoreUtils.java +++ b/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/util/KeyStoreUtils.java @@ -29,6 +29,8 @@ import java.security.Security; public class KeyStoreUtils { private static final Logger logger = LoggerFactory.getLogger(KeyStoreUtils.class); + public static final String SUN_PROVIDER_NAME = "SUN"; + static { Security.addProvider(new BouncyCastleProvider()); } @@ -42,6 +44,8 @@ public class KeyStoreUtils { public static String getKeyStoreProvider(String keyStoreType) { if (KeystoreType.PKCS12.toString().equalsIgnoreCase(keyStoreType)) { return BouncyCastleProvider.PROVIDER_NAME; + } else if (KeystoreType.JKS.toString().equalsIgnoreCase(keyStoreType)) { + return SUN_PROVIDER_NAME; } return null; } http://git-wip-us.apache.org/repos/asf/nifi/blob/f04cd868/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-jetty/src/test/java/org/apache/nifi/web/server/JettyServerTest.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-jetty/src/test/java/org/apache/nifi/web/server/JettyServerTest.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-jetty/src/test/java/org/apache/nifi/web/server/JettyServerTest.java index 618b2d7..d0b8396 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-jetty/src/test/java/org/apache/nifi/web/server/JettyServerTest.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-jetty/src/test/java/org/apache/nifi/web/server/JettyServerTest.java @@ -37,6 +37,7 @@ import java.lang.reflect.InvocationTargetException; import java.util.HashMap; import java.util.Map; +import static org.apache.nifi.security.util.KeyStoreUtils.SUN_PROVIDER_NAME; import static org.junit.Assert.assertEquals; import static org.mockito.Matchers.anyString; import static org.mockito.Mockito.mock; @@ -107,7 +108,7 @@ public class JettyServerTest { JettyServer.configureSslContextFactory(contextFactory, nifiProperties); verify(contextFactory).setKeyStoreType(keyStoreType); - verify(contextFactory, never()).setKeyStoreProvider(anyString()); + verify(contextFactory).setKeyStoreProvider(SUN_PROVIDER_NAME); } @Test @@ -137,7 +138,7 @@ public class JettyServerTest { JettyServer.configureSslContextFactory(contextFactory, nifiProperties); verify(contextFactory).setTrustStoreType(trustStoreType); - verify(contextFactory, never()).setTrustStoreProvider(anyString()); + verify(contextFactory).setTrustStoreProvider(SUN_PROVIDER_NAME); } @Test
