Removed KeyStoreType.reuseKeyStorePassword()

ebourg · ebourg · commit ed82d53029e7 · 2024-11-14T19:12:38.000+01:00
diff --git a/jsign-cli/src/test/java/net/jsign/JsignCLITest.java b/jsign-cli/src/test/java/net/jsign/JsignCLITest.java
@@ -327,6 +327,17 @@ public void testSigningJCEKS() throws Exception {
         }
     }
 
+    @Test
+    public void testSigningJKS() throws Exception {
+        cli.execute("--name=WinEyes", "--url=http://www.steelblue.com/WinEyes", "--alg=SHA-256", "--keystore=target/test-classes/keystores/keystore.jks", "--alias=test", "--storepass=password", "" + targetFile);
+
+        assertTrue("The file " + targetFile + " wasn't changed", SOURCE_FILE_CRC32 != FileUtils.checksumCRC32(targetFile));
+
+        try (PEFile peFile = new PEFile(targetFile)) {
+            SignatureAssert.assertSigned(peFile, SHA256);
+        }
+    }
+
     @Test
     public void testSigningPVKSPC() throws Exception {
         cli.execute("--url=http://www.steelblue.com/WinEyes", "--certfile=target/test-classes/keystores/jsign-test-certificate-full-chain.spc", "--keyfile=target/test-classes/keystores/privatekey-encrypted.pvk", "--storepass=password", "" + targetFile);
diff --git a/jsign-core/src/main/java/net/jsign/SignerHelper.java b/jsign-core/src/main/java/net/jsign/SignerHelper.java
@@ -383,13 +383,8 @@ private AuthenticodeSigner build() throws SignerException {
             }
         }
 
-        String storepass = ksparams.storepass();
         String keypass = ksparams.keypass();
-        char[] password = keypass != null ? keypass.toCharArray() : null;
-        if (password == null && storepass != null && storetype.reuseKeyStorePassword()) {
-            // use the storepass as the keypass
-            password = storepass.toCharArray();
-        }
+        char[] password = keypass != null ? keypass.toCharArray() : new char[0];
 
         PrivateKey privateKey;
         try {
diff --git a/jsign-crypto/src/main/java/net/jsign/KeyStoreType.java b/jsign-crypto/src/main/java/net/jsign/KeyStoreType.java
@@ -100,9 +100,6 @@ KeyStore getKeystore(KeyStoreBuilder params, Provider provider) throws KeyStoreE
             try {
                 ks.load(null, null);
                 String keypass = params.keypass();
-                if (keypass == null) {
-                    keypass = params.storepass();
-                }
                 ks.setKeyEntry("jsign", privateKey, keypass != null ? keypass.toCharArray() : new char[0], chain);
             } catch (Exception e) {
                 throw new KeyStoreException(e);
@@ -122,6 +119,10 @@ void validate(KeyStoreBuilder params) {
             if (!params.createFile(params.keystore()).exists()) {
                 throw new IllegalArgumentException("The keystore " + params.keystore() + " couldn't be found");
             }
+            if (params.keypass() == null && params.storepass() != null) {
+                // reuse the storepass as the keypass
+                params.keypass(params.storepass());
+            }
         }
     },
 
@@ -135,6 +136,10 @@ void validate(KeyStoreBuilder params) {
             if (!params.createFile(params.keystore()).exists()) {
                 throw new IllegalArgumentException("The keystore " + params.keystore() + " couldn't be found");
             }
+            if (params.keypass() == null && params.storepass() != null) {
+                // reuse the storepass as the keypass
+                params.keypass(params.storepass());
+            }
         }
     },
 
@@ -148,6 +153,10 @@ void validate(KeyStoreBuilder params) {
             if (!params.createFile(params.keystore()).exists()) {
                 throw new IllegalArgumentException("The keystore " + params.keystore() + " couldn't be found");
             }
+            if (params.keypass() == null && params.storepass() != null) {
+                // reuse the storepass as the keypass
+                params.keypass(params.storepass());
+            }
         }
     },
 
@@ -385,11 +394,6 @@ Provider getProvider(KeyStoreBuilder params) {
                 throw new IllegalStateException("Authentication failed with SSL.com", e);
             }
         }
-
-        @Override
-        boolean reuseKeyStorePassword() {
-            return false;
-        }
     },
 
     /**
@@ -656,13 +660,6 @@ Set<String> getAliases(KeyStore keystore) throws KeyStoreException {
         return new LinkedHashSet<>(Collections.list(keystore.aliases()));
     }
 
-    /**
-     * Tells if the keystore password can be reused as the key password.
-     */
-    boolean reuseKeyStorePassword() {
-        return true;
-    }
-
     /**
      * Guess the type of the keystore from the header or the extension of the file.
      *

Original file line number	Diff line number	Diff line change
`@@ -383,13 +383,8 @@ private AuthenticodeSigner build() throws SignerException {`
`383`	`383`	`}`
`384`	`384`	`}`
`385`	`385`
`386`		`- String storepass = ksparams.storepass();`
`387`	`386`	`String keypass = ksparams.keypass();`
`388`		`- char[] password = keypass != null ? keypass.toCharArray() : null;`
`389`		`- if (password == null && storepass != null && storetype.reuseKeyStorePassword()) {`
`390`		`- // use the storepass as the keypass`
`391`		`- password = storepass.toCharArray();`
`392`		`- }`
	`387`	`+ char[] password = keypass != null ? keypass.toCharArray() : new char[0];`
`393`	`388`
`394`	`389`	`PrivateKey privateKey;`
`395`	`390`	`try {`