Merge pull request quarkusio#39243 from cescoffier/add-keystore-and-t…

…ruststore-extension-as-jks Detect .truststore and .keystore files as JKS
jerboaa · Mar 7, 2024 · e62c12c · e62c12c
2 parents 3e74f4a + 312fa4b
commit e62c12c
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 12 deletions.
diff --git a/...ions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/TlsUtils.java b/...ions/vertx-http/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/TlsUtils.java
@@ -114,23 +114,38 @@ static String getTruststoreType(Path singleTrustStoreFile, Optional<String> user
  if (userType.isPresent()) {
  type = userType.get().toLowerCase();
  } else {
- type = getTypeFromFileName("truststore", singleTrustStoreFile);
+ type = getTruststoreTypeFromFileName(singleTrustStoreFile);
  }
  return type;
  }
 
- private static String getTypeFromFileName(String keystoreOrTruststore, Path path) {
+ private static String getKeystoreTypeFromFileName(Path path) {
  String name = path.getFileName().toString().toLowerCase();
  if (name.endsWith(".p12") || name.endsWith(".pkcs12") || name.endsWith(".pfx")) {
  return "pkcs12";
- } else if (name.endsWith(".jks")) {
+ } else if (name.endsWith(".jks") || name.endsWith(".keystore")) {
  return "jks";
  } else if (name.endsWith(".key") || name.endsWith(".crt") || name.endsWith(".pem")) {
  return "pem";
  } else {
- throw new IllegalArgumentException("Could not determine the " + keystoreOrTruststore
- + " type from the file name: " + path
- + ". Configure the `quarkus.http.ssl.certificate.[key-store|trust-store]-file-type` property.");
+ throw new IllegalArgumentException("Could not determine the keystore type from the file name: " + path
+ + ". Configure the `quarkus.http.ssl.certificate.key-store-file-type` property.");
+
+ }
+
+ }
+
+ private static String getTruststoreTypeFromFileName(Path path) {
+ String name = path.getFileName().toString().toLowerCase();
+ if (name.endsWith(".p12") || name.endsWith(".pkcs12") || name.endsWith(".pfx")) {
+ return "pkcs12";
+ } else if (name.endsWith(".jks") || name.endsWith(".truststore")) {
+ return "jks";
+ } else if (name.endsWith(".ca") || name.endsWith(".crt") || name.endsWith(".pem")) {
+ return "pem";
+ } else {
+ throw new IllegalArgumentException("Could not determine the truststore type from the file name: " + path
+ + ". Configure the `quarkus.http.ssl.certificate.trust-store-file-type` property.");
 
  }
 
@@ -154,7 +169,7 @@ static String getKeyStoreType(Path path, Optional<String> fileType) {
  if (fileType.isPresent()) {
  type = fileType.get().toLowerCase();
  } else {
- type = getTypeFromFileName("keystore", path);
+ type = getKeystoreTypeFromFileName(path);
  }
  return type;
  }

diff --git a/.../vertx-http/runtime/src/test/java/io/quarkus/vertx/http/runtime/options/TlsUtilsTest.java b/.../vertx-http/runtime/src/test/java/io/quarkus/vertx/http/runtime/options/TlsUtilsTest.java
@@ -17,7 +17,10 @@ class TlsUtilsTest {
  "server-keystore.jks, jKs, JKS",
  "server-keystore.jks, null, JKS",
  "server-keystore.jks, PKCS12, PKCS12",
- "server.keystore, null, null", // Failure expected
+ "server.foo, null, null", // Failure expected
+ "server.truststore, null, null", // Failure expected
+ "server, null, null", // Failure expected
+ "server.keystore, null, JKS",
  "server-keystore.p12, PKCS12, PKCS12",
  "server-keystore.p12, pKCs12, PKCS12",
  "server-keystore.p12, null, PKCS12",
@@ -29,14 +32,15 @@ class TlsUtilsTest {
  "server.keystore.pem, null, PEM",
  "server.keystore.key, JKS, JKS",
  "server.keystore.pom, PeM, PEM",
+ "server.keystore.ca, null, null", // .ca is a truststore file
  })
  void testKeyStoreTypeDetection(String file, String userType, String expectedType) {
  Path path = new File("target/certs/" + file).toPath();
  Optional<String> type = Optional.ofNullable(userType.equals("null") ? null : userType);
  if (expectedType.equals("null")) {
  String message = assertThrows(IllegalArgumentException.class, () -> TlsUtils.getKeyStoreType(path, type))
  .getMessage();
- assertTrue(message.contains("keystore"));
+ assertTrue(message.contains("keystore") && message.contains("key-store-file-type"));
  } else {
  assertEquals(expectedType.toLowerCase(), TlsUtils.getKeyStoreType(path, type));
  }
@@ -48,26 +52,30 @@ void testKeyStoreTypeDetection(String file, String userType, String expectedType
  "server-truststore.jks, jKs, JKS",
  "server-truststore.jks, null, JKS",
  "server-truststore.jks, PKCS12, PKCS12",
- "server.truststore, null, null", // Failure expected
+ "server.foo, null, null", // Failure expected
+ "server.keystore, null, null", // Failure expected
+ "server, null, null", // Failure expected
+ "server.truststore, null, JKS",
  "server-truststore.p12, PKCS12, PKCS12",
  "server-truststore.p12, pKCs12, PKCS12",
  "server-truststore.p12, null, PKCS12",
  "server-truststore.pfx, null, PKCS12",
  "server-truststore.pkcs12, null, PKCS12",
  "server-truststore.pkcs12, JKS, JKS",
- "server.truststore.key, null, PEM",
  "server.truststore.crt, null, PEM",
  "server.truststore.pem, null, PEM",
  "server.truststore.key, JKS, JKS",
  "server.truststore.pom, PeM, PEM",
+ "server.keystore.ca, null, PEM",
+ "server.keystore.key, null, null", // .key is a key file
  })
  void testTrustStoreTypeDetection(String file, String userType, String expectedType) {
  Path path = new File("target/certs/" + file).toPath();
  Optional<String> type = Optional.ofNullable(userType.equals("null") ? null : userType);
  if (expectedType.equals("null")) {
  String message = assertThrows(IllegalArgumentException.class, () -> TlsUtils.getTruststoreType(path, type))
  .getMessage();
- assertTrue(message.contains("truststore"));
+ assertTrue(message.contains("truststore") && message.contains("trust-store-file-type"));
  } else {
  assertEquals(expectedType.toLowerCase(), TlsUtils.getTruststoreType(path, type));
  }