Deduplicate the default Java Keystore password

apps/i2ptunnel/java/src/net/i2p/i2ptunnel/SSLClientUtil.java

@@ -25,7 +25,6 @@ import net.i2p.util.SecureDirectory;
 public class SSLClientUtil {
 
     private static final String PROP_KEYSTORE_PASSWORD = "keystorePassword";
-    private static final String DEFAULT_KEYSTORE_PASSWORD = "changeit";
     private static final String PROP_KEY_PASSWORD = "keyPassword";
     private static final String PROP_KEY_ALIAS = "keyAlias";
     private static final String ASCII_KEYFILE_SUFFIX = ".local.crt";
@@ -111,7 +110,7 @@ public class SSLClientUtil {
         if (success) {
             success = ks.exists();
             if (success) {
-                opts.setProperty(optPfx + PROP_KEYSTORE_PASSWORD, DEFAULT_KEYSTORE_PASSWORD);
+                opts.setProperty(optPfx + PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD);
                 opts.setProperty(optPfx + PROP_KEY_PASSWORD, keyPassword);
             }
         }
@@ -139,7 +138,7 @@ public class SSLClientUtil {
         File sdir = new SecureDirectory(I2PAppContext.getGlobalContext().getConfigDir(), CERT_DIR);
         if (sdir.exists() || sdir.mkdirs()) {
             String keyAlias = opts.getProperty(optPfx + PROP_KEY_ALIAS);
-            String ksPass = opts.getProperty(optPfx + PROP_KEYSTORE_PASSWORD, DEFAULT_KEYSTORE_PASSWORD);
+            String ksPass = opts.getProperty(optPfx + PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD);
             File out = new File(sdir, PREFIX + name + ASCII_KEYFILE_SUFFIX);
             boolean success = KeyStoreUtil.exportCert(ks, ksPass, keyAlias, out);
             if (!success)
@@ -157,7 +156,7 @@ public class SSLClientUtil {
      * @return factory, throws on all errors
      */
     public static SSLServerSocketFactory initializeFactory(Properties opts) throws IOException {
-        String ksPass = opts.getProperty(PROP_KEYSTORE_PASSWORD, DEFAULT_KEYSTORE_PASSWORD);
+        String ksPass = opts.getProperty(PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD);
         String keyPass = opts.getProperty(PROP_KEY_PASSWORD);
         if (keyPass == null) {
             throw new IOException("No key password, set " + PROP_KEY_PASSWORD + " in " +

apps/routerconsole/java/src/net/i2p/router/web/RouterConsoleRunner.java

@@ -126,7 +126,6 @@ public class RouterConsoleRunner implements RouterApp {
     public static final String PREFIX = "webapps.";
     public static final String ENABLED = ".startOnLoad";
     private static final String PROP_KEYSTORE_PASSWORD = "routerconsole.keystorePassword";
-    private static final String DEFAULT_KEYSTORE_PASSWORD = "changeit";
     private static final String PROP_KEY_PASSWORD = "routerconsole.keyPassword";
     public static final int DEFAULT_LISTEN_PORT = 7657;
     private static final String DEFAULT_LISTEN_HOST = "127.0.0.1";
@@ -578,7 +577,7 @@ public class RouterConsoleRunner implements RouterApp {
                 if (verifyKeyStore(keyStore)) {
                     // the keystore path and password
                     SslContextFactory sslFactory = new SslContextFactory(keyStore.getAbsolutePath());
-                    sslFactory.setKeyStorePassword(_context.getProperty(PROP_KEYSTORE_PASSWORD, DEFAULT_KEYSTORE_PASSWORD));
+                    sslFactory.setKeyStorePassword(_context.getProperty(PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD));
                     // the X.509 cert password (if not present, verifyKeyStore() returned false)
                     sslFactory.setKeyManagerPassword(_context.getProperty(PROP_KEY_PASSWORD, "thisWontWork"));
                     sslFactory.addExcludeProtocols(I2PSSLSocketFactory.EXCLUDE_PROTOCOLS.toArray(
@@ -870,7 +869,7 @@ public class RouterConsoleRunner implements RouterApp {
             if (success) {
                 try {
                     Map<String, String> changes = new HashMap<String, String>();
-                    changes.put(PROP_KEYSTORE_PASSWORD, DEFAULT_KEYSTORE_PASSWORD);
+                    changes.put(PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD);
                     changes.put(PROP_KEY_PASSWORD, keyPassword);
                     _context.router().saveConfig(changes, null);
                 } catch (Exception e) {}  // class cast exception
@@ -880,7 +879,7 @@ public class RouterConsoleRunner implements RouterApp {
                 dir = new SecureDirectory(dir, "console");
                 dir.mkdir();
                 File certFile = new File(dir, "console.local.crt");
-                KeyStoreUtil.exportCert(ks, DEFAULT_KEYSTORE_PASSWORD, "console", certFile);
+                KeyStoreUtil.exportCert(ks, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD, "console", certFile);
             }
         }
         if (success) {

apps/sam/java/src/net/i2p/sam/SSLUtil.java

@@ -25,7 +25,6 @@ import net.i2p.util.SecureDirectory;
 class SSLUtil {
 
     private static final String PROP_KEYSTORE_PASSWORD = "sam.keystorePassword";
-    private static final String DEFAULT_KEYSTORE_PASSWORD = "changeit";
     private static final String PROP_KEY_PASSWORD = "sam.keyPassword";
     private static final String PROP_KEY_ALIAS = "sam.keyAlias";
     private static final String ASCII_KEYFILE_SUFFIX = ".local.crt";
@@ -97,7 +96,7 @@ class SSLUtil {
         if (success) {
             success = ks.exists();
             if (success) {
-                opts.setProperty(PROP_KEYSTORE_PASSWORD, DEFAULT_KEYSTORE_PASSWORD);
+                opts.setProperty(PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD);
                 opts.setProperty(PROP_KEY_PASSWORD, keyPassword);
             }
         }
@@ -124,7 +123,7 @@ class SSLUtil {
         File sdir = new SecureDirectory(I2PAppContext.getGlobalContext().getConfigDir(), CERT_DIR);
         if (sdir.exists() || sdir.mkdirs()) {
             String keyAlias = opts.getProperty(PROP_KEY_ALIAS);
-            String ksPass = opts.getProperty(PROP_KEYSTORE_PASSWORD, DEFAULT_KEYSTORE_PASSWORD);
+            String ksPass = opts.getProperty(PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD);
             File out = new File(sdir, PREFIX + name + ASCII_KEYFILE_SUFFIX);
             boolean success = KeyStoreUtil.exportCert(ks, ksPass, keyAlias, out);
             if (!success)
@@ -142,7 +141,7 @@ class SSLUtil {
      * @return factory, throws on all errors
      */
     public static SSLServerSocketFactory initializeFactory(Properties opts) throws IOException {
-        String ksPass = opts.getProperty(PROP_KEYSTORE_PASSWORD, DEFAULT_KEYSTORE_PASSWORD);
+        String ksPass = opts.getProperty(PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD);
         String keyPass = opts.getProperty(PROP_KEY_PASSWORD);
         if (keyPass == null) {
             throw new IOException("No key password, set " + PROP_KEY_PASSWORD + " in " +

apps/sam/java/src/net/i2p/sam/client/SSLUtil.java

@@ -26,7 +26,6 @@ class SSLUtil {
 
     public static final String DEFAULT_SAMCLIENT_CONFIGFILE = "samclient.config";
     private static final String PROP_KEYSTORE_PASSWORD = "samclient.keystorePassword";
-    private static final String DEFAULT_KEYSTORE_PASSWORD = "changeit";
     private static final String PROP_KEY_PASSWORD = "samclient.keyPassword";
     private static final String PROP_KEY_ALIAS = "samclient.keyAlias";
     private static final String ASCII_KEYFILE_SUFFIX = ".local.crt";
@@ -98,7 +97,7 @@ class SSLUtil {
         if (success) {
             success = ks.exists();
             if (success) {
-                opts.setProperty(PROP_KEYSTORE_PASSWORD, DEFAULT_KEYSTORE_PASSWORD);
+                opts.setProperty(PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD);
                 opts.setProperty(PROP_KEY_PASSWORD, keyPassword);
             }
         }
@@ -125,7 +124,7 @@ class SSLUtil {
         File sdir = new SecureDirectory(I2PAppContext.getGlobalContext().getConfigDir(), CERT_DIR);
         if (sdir.exists() || sdir.mkdirs()) {
             String keyAlias = opts.getProperty(PROP_KEY_ALIAS);
-            String ksPass = opts.getProperty(PROP_KEYSTORE_PASSWORD, DEFAULT_KEYSTORE_PASSWORD);
+            String ksPass = opts.getProperty(PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD);
             File out = new File(sdir, PREFIX + name + ASCII_KEYFILE_SUFFIX);
             boolean success = KeyStoreUtil.exportCert(ks, ksPass, keyAlias, out);
             if (!success)
@@ -143,7 +142,7 @@ class SSLUtil {
      * @return factory, throws on all errors
      */
     public static SSLServerSocketFactory initializeFactory(Properties opts) throws IOException {
-        String ksPass = opts.getProperty(PROP_KEYSTORE_PASSWORD, DEFAULT_KEYSTORE_PASSWORD);
+        String ksPass = opts.getProperty(PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD);
         String keyPass = opts.getProperty(PROP_KEY_PASSWORD);
         if (keyPass == null) {
             throw new IOException("No key password, set " + PROP_KEY_PASSWORD + " in " +

router/java/src/net/i2p/router/client/SSLClientListenerRunner.java

@@ -35,7 +35,6 @@ class SSLClientListenerRunner extends ClientListenerRunner {
     private SSLServerSocketFactory _factory;
 
     private static final String PROP_KEYSTORE_PASSWORD = "i2cp.keystorePassword";
-    private static final String DEFAULT_KEYSTORE_PASSWORD = "changeit";
     private static final String PROP_KEY_PASSWORD = "i2cp.keyPassword";
     private static final String KEY_ALIAS = "i2cp";
     private static final String ASCII_KEYFILE = "i2cp.local.crt";
@@ -91,7 +90,7 @@ class SSLClientListenerRunner extends ClientListenerRunner {
             success = ks.exists();
             if (success) {
                 Map<String, String> changes = new HashMap<String, String>();
-                changes.put(PROP_KEYSTORE_PASSWORD, DEFAULT_KEYSTORE_PASSWORD);
+                changes.put(PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD);
                 changes.put(PROP_KEY_PASSWORD, keyPassword);
                 _context.router().saveConfig(changes, null);
             }
@@ -116,7 +115,7 @@ class SSLClientListenerRunner extends ClientListenerRunner {
     private void exportCert(File ks) {
         File sdir = new SecureDirectory(_context.getConfigDir(), "certificates/i2cp");
         if (sdir.exists() || sdir.mkdirs()) {
-            String ksPass = _context.getProperty(PROP_KEYSTORE_PASSWORD, DEFAULT_KEYSTORE_PASSWORD);
+            String ksPass = _context.getProperty(PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD);
             File out = new File(sdir, ASCII_KEYFILE);
             boolean success = KeyStoreUtil.exportCert(ks, ksPass, KEY_ALIAS, out);
             if (!success)
@@ -131,7 +130,7 @@ class SSLClientListenerRunner extends ClientListenerRunner {
      * @return success
      */
     private boolean initializeFactory(File ks) {
-        String ksPass = _context.getProperty(PROP_KEYSTORE_PASSWORD, DEFAULT_KEYSTORE_PASSWORD);
+        String ksPass = _context.getProperty(PROP_KEYSTORE_PASSWORD, KeyStoreUtil.DEFAULT_KEYSTORE_PASSWORD);
         String keyPass = _context.getProperty(PROP_KEY_PASSWORD);
         if (keyPass == null) {
             _log.error("No key password, set " + PROP_KEY_PASSWORD +