Fix KeyStoreSettings : Change KeyStore password to KeyEntry Password

Chandra158 · Chandra158 · commit e132e52a4417 · 2019-10-12T01:52:12.000+08:00
diff --git a/core/src/main/java/com/onelogin/saml2/model/KeyStoreSettings.java b/core/src/main/java/com/onelogin/saml2/model/KeyStoreSettings.java
@@ -19,9 +19,9 @@ public class KeyStoreSettings {
     private final String spAlias;
 
     /**
-     * Password for KeyStore
+     * Password for KeyEntry in KeyStore
      */
-    private final String storePass;
+    private final String spKeyPass;
 
     /**
      * Constructor
@@ -32,13 +32,13 @@ public class KeyStoreSettings {
      * @param spAlias
      *            Alias for SP key entry
      *
-     * @param storePass
-     *            password to access KeyStore
+     * @param spKeyPass
+     *            password to access Private KeyEntry in KeyStore
      */
-    public KeyStoreSettings(KeyStore keyStore, String spAlias, String storePass) {
+    public KeyStoreSettings(KeyStore keyStore, String spAlias, String spKeyPass) {
         this.keyStore = keyStore;
         this.spAlias = spAlias;
-        this.storePass = storePass;
+        this.spKeyPass = spKeyPass;
     }
 
     /**
@@ -56,10 +56,10 @@ public final String getSpAlias() {
     }
 
     /**
-     * @return the storePass
+     * @return the spKeyPass
      */
-    public final String getStorePass() {
-        return storePass;
+    public final String getSpKeyPass() {
+        return spKeyPass;
     }
 
 }
diff --git a/core/src/main/java/com/onelogin/saml2/settings/SettingsBuilder.java b/core/src/main/java/com/onelogin/saml2/settings/SettingsBuilder.java
@@ -70,7 +70,7 @@ public class SettingsBuilder {
 	// KeyStore
 	public final static String KEYSTORE_KEY = "onelogin.saml2.keystore.store";
 	public final static String KEYSTORE_ALIAS = "onelogin.saml2.keystore.alias";
-	public final static String KEYSTORE_PASSWORD = "onelogin.saml2.keystore.password";
+	public final static String KEYSTORE_KEY_PASSWORD = "onelogin.saml2.keystore.key.password";
 
 	// IDP
 	public final static String IDP_ENTITYID_PROPERTY_KEY = "onelogin.saml2.idp.entityid";
@@ -471,15 +471,15 @@ private void loadSpSetting() {
 			saml2Setting.setSpNameIDFormat(spNameIDFormat);
 
 		boolean keyStoreEnabled = this.samlData.get(KEYSTORE_KEY) != null && this.samlData.get(KEYSTORE_ALIAS) != null
-				&& this.samlData.get(KEYSTORE_PASSWORD) != null;
+				&& this.samlData.get(KEYSTORE_KEY_PASSWORD) != null;
 
 		X509Certificate spX509cert;
 		PrivateKey spPrivateKey;
 
 		if (keyStoreEnabled) {
 			KeyStore ks = (KeyStore) this.samlData.get(KEYSTORE_KEY);
 			String alias = (String) this.samlData.get(KEYSTORE_ALIAS);
-			String password = (String) this.samlData.get(KEYSTORE_PASSWORD);
+			String password = (String) this.samlData.get(KEYSTORE_KEY_PASSWORD);
 
 			spX509cert = getCertificateFromKeyStore(ks, alias, password);
 			spPrivateKey = getPrivateKeyFromKeyStore(ks, alias, password);
@@ -758,7 +758,7 @@ private void parseProperties(Properties properties) {
     private void parseKeyStore(KeyStoreSettings setting) {
 		this.samlData.put(KEYSTORE_KEY, setting.getKeyStore());
 		this.samlData.put(KEYSTORE_ALIAS, setting.getSpAlias());
-		this.samlData.put(KEYSTORE_PASSWORD, setting.getStorePass());
+		this.samlData.put(KEYSTORE_KEY_PASSWORD, setting.getSpKeyPass());
     }
 
 	/**
diff --git a/core/src/test/java/com/onelogin/saml2/test/settings/SettingBuilderTest.java b/core/src/test/java/com/onelogin/saml2/test/settings/SettingBuilderTest.java
@@ -78,13 +78,14 @@ public void testLoadFromFileNotExist() throws IOException, SettingsException, Er
      * @throws IOException
      */
     private KeyStoreSettings getKeyStoreSettings() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
-        String password = "changeit";
+        String storePassword = "changeit";
         String keyStoreFile = "src/test/resources/keystore/oneloginTestKeystore.jks";
-        String alias = "onelogintest";
+        String alias = "keywithpassword";
+        String keyPassword = "keypassword";
 
         KeyStore ks = KeyStore.getInstance("JKS");
-        ks.load(new FileInputStream(keyStoreFile), password.toCharArray());
-        return new KeyStoreSettings(ks, alias, password);
+        ks.load(new FileInputStream(keyStoreFile), storePassword.toCharArray());
+        return new KeyStoreSettings(ks, alias, keyPassword);
     }
 
 	/**
diff --git a/core/src/test/resources/keystore/oneloginTestKeystore.jks b/core/src/test/resources/keystore/oneloginTestKeystore.jks
diff --git a/toolkit/src/test/java/com/onelogin/saml2/test/AuthTest.java b/toolkit/src/test/java/com/onelogin/saml2/test/AuthTest.java
@@ -95,13 +95,14 @@ private String getSAMLRequestFromURL(String url) throws URISyntaxException, Unsu
 	 * @throws IOException
 	 */
 	private KeyStoreSettings getKeyStoreSettings() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
-		String password = "changeit";
+		String storePassword = "changeit";
 		String keyStoreFile = "src/test/resources/keystore/oneloginTestKeystore.jks";
-		String alias = "onelogintest";
+		String alias = "keywithpassword";
+		String keyPassword = "keypassword";
 
 		KeyStore ks = KeyStore.getInstance("JKS");
-		ks.load(new FileInputStream(keyStoreFile), password.toCharArray());
-		return new KeyStoreSettings(ks, alias, password);
+		ks.load(new FileInputStream(keyStoreFile), storePassword.toCharArray());
+		return new KeyStoreSettings(ks, alias, keyPassword);
 	}
 
 	/**
diff --git a/toolkit/src/test/resources/keystore/oneloginTestKeystore.jks b/toolkit/src/test/resources/keystore/oneloginTestKeystore.jks
