diff options
author | Stefan Seelmann <mail@stefan-seelmann.de> | 2020-04-04 15:20:27 +0300 |
---|---|---|
committer | Stefan Seelmann <mail@stefan-seelmann.de> | 2020-04-04 15:20:27 +0300 |
commit | 88ebd2a4c8b61415d1d533c95b524063d6c200fd (patch) | |
tree | 8f3bc24f19f047c3bb44851b551ae24fae3f71f6 | |
parent | 7eff154afa7095ddcb3b9699eeaef1d4d6415759 (diff) |
Add explicit HTTP client to avoid version conflict. Fix certificate validation test, inline addKeyPair to allow creation of CA certificate.
8 files changed, 129 insertions, 5 deletions
diff --git a/eclipse-trgt-platform/pom-first.xml b/eclipse-trgt-platform/pom-first.xml index 07adae7bf..527296845 100644 --- a/eclipse-trgt-platform/pom-first.xml +++ b/eclipse-trgt-platform/pom-first.xml @@ -89,6 +89,18 @@ <version>${com.github.ben-manes.caffeine.version}</version> </dependency> + <!-- HTTP client module --> + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpclient-osgi</artifactId> + <version>${org.apache.httpcomponents.httpclient.version}</version> + </dependency> + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore-osgi</artifactId> + <version>${org.apache.httpcomponents.httpcore.version}</version> + </dependency> + <!-- LDAP API modules --> <dependency> <groupId>org.apache.directory.api</groupId> diff --git a/eclipse-trgt-platform/template/org.apache.directory.studio.eclipse-trgt-platform.template b/eclipse-trgt-platform/template/org.apache.directory.studio.eclipse-trgt-platform.template index 8469d584f..d67e09043 100644 --- a/eclipse-trgt-platform/template/org.apache.directory.studio.eclipse-trgt-platform.template +++ b/eclipse-trgt-platform/template/org.apache.directory.studio.eclipse-trgt-platform.template @@ -19,7 +19,7 @@ @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> --> <?pde version="3.8"?> -<target name="Apache Directory Studio Platform" sequenceNumber="449"> +<target name="Apache Directory Studio Platform" sequenceNumber="453"> <locations> <location includeAllPlatforms="false" includeConfigurePhase="true" includeMode="planner" includeSource="true" type="InstallableUnit"> @@ -28,6 +28,8 @@ <unit id="org.apache.servicemix.bundles.dom4j" version="2.1.1.1"/> <unit id="org.apache.servicemix.bundles.xpp3" version="1.1.4.c"/> <unit id="com.github.ben-manes.caffeine" version="${com.github.ben-manes.caffeine.bundleversion}"/> + <unit id="org.apache.httpcomponents.httpclient" version="${org.apache.httpcomponents.httpclient.bundleversion}"/> + <unit id="org.apache.httpcomponents.httpcore" version="${org.apache.httpcomponents.httpcore.bundleversion}"/> <!-- Commons jars --> <unit id="org.apache.commons.commons-codec" version="${org.apache.commons.codec.bundleversion}"/> diff --git a/features/rcp.feature/feature.xml b/features/rcp.feature/feature.xml index 922eef011..8d07579bb 100644 --- a/features/rcp.feature/feature.xml +++ b/features/rcp.feature/feature.xml @@ -274,6 +274,20 @@ http://www.apache.org/licenses/ unpack="false"/> <plugin + id="org.apache.httpcomponents.httpclient" + download-size="0" + install-size="0" + version="0.0.0" + unpack="false"/> + + <plugin + id="org.apache.httpcomponents.httpcore" + download-size="0" + install-size="0" + version="0.0.0" + unpack="false"/> + + <plugin id="bcprov" download-size="0" install-size="0" diff --git a/plugins/connection.core/pom-first.xml b/plugins/connection.core/pom-first.xml index d8076c0a0..b8b59a754 100644 --- a/plugins/connection.core/pom-first.xml +++ b/plugins/connection.core/pom-first.xml @@ -71,7 +71,6 @@ org.apache.directory.api.util;bundle-version="${org.apache.directory.api.bundleversion}", org.apache.directory.studio.common.core, org.apache.directory.studio.ldifparser, - org.apache.commons.codec, org.eclipse.core.runtime, org.eclipse.ui </Require-Bundle> @@ -79,6 +79,10 @@ <log4j.log4j.bundleversion>1.2.17</log4j.log4j.bundleversion> <com.github.ben-manes.caffeine.version>2.7.0</com.github.ben-manes.caffeine.version> <com.github.ben-manes.caffeine.bundleversion>2.7.0</com.github.ben-manes.caffeine.bundleversion> + <org.apache.httpcomponents.httpclient.version>4.5.12</org.apache.httpcomponents.httpclient.version> + <org.apache.httpcomponents.httpclient.bundleversion>4.5.12</org.apache.httpcomponents.httpclient.bundleversion> + <org.apache.httpcomponents.httpcore.version>4.4.13</org.apache.httpcomponents.httpcore.version> + <org.apache.httpcomponents.httpcore.bundleversion>4.4.13</org.apache.httpcomponents.httpcore.bundleversion> <org.apache.commons.codec.version>1.14</org.apache.commons.codec.version> <org.apache.commons.codec.bundleversion>1.14.0</org.apache.commons.codec.bundleversion> <org.apache.commons.collections4.version>4.4</org.apache.commons.collections4.version> diff --git a/product/org.apache.directory.studio.product b/product/org.apache.directory.studio.product index 35001b1e6..787a4897b 100644 --- a/product/org.apache.directory.studio.product +++ b/product/org.apache.directory.studio.product @@ -239,7 +239,6 @@ http://www.apache.org/licenses/ <feature id="org.eclipse.e4.rcp"/> <feature id="org.eclipse.emf.common"/> <feature id="org.eclipse.platform"/> - <feature id="org.eclipse.ecf.filetransfer.httpclient45.feature"/> <feature id="org.eclipse.ecf.filetransfer.feature"/> <feature id="org.eclipse.equinox.p2.core.feature"/> <feature id="org.eclipse.ecf.core.ssl.feature"/> diff --git a/tests/test.integration.ui/pom-first.xml b/tests/test.integration.ui/pom-first.xml index f577b204d..59db61fde 100644 --- a/tests/test.integration.ui/pom-first.xml +++ b/tests/test.integration.ui/pom-first.xml @@ -98,7 +98,7 @@ org.apache.directory.studio.schemaeditor, org.apache.directory.studio.schemaeditor.help, org.apache.directory.studio.valueeditors, - + bcprov, org.eclipse.core.runtime, org.eclipse.ui</Require-Bundle> diff --git a/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java b/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java index 03d78f803..305f4ad35 100644 --- a/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java +++ b/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java @@ -31,15 +31,25 @@ import static org.junit.Assert.assertTrue; import java.io.File; import java.io.FileOutputStream; +import java.math.BigInteger; import java.security.KeyPair; +import java.security.KeyPairGenerator; import java.security.KeyStore; +import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.Security; import java.security.cert.Certificate; import java.security.cert.X509Certificate; import java.util.Date; +import javax.security.auth.x500.X500Principal; + +import org.apache.directory.api.ldap.model.constants.SchemaConstants; +import org.apache.directory.api.ldap.model.entry.Attribute; import org.apache.directory.api.ldap.model.entry.DefaultEntry; import org.apache.directory.api.ldap.model.entry.Entry; +import org.apache.directory.api.ldap.model.exception.LdapException; import org.apache.directory.server.annotations.CreateLdapServer; import org.apache.directory.server.annotations.CreateTransport; import org.apache.directory.server.core.integ.AbstractLdapTestUnit; @@ -56,6 +66,12 @@ import org.apache.directory.studio.test.integration.ui.bots.PreferencesBot; import org.apache.directory.studio.test.integration.ui.bots.StudioBot; import org.apache.directory.studio.test.integration.ui.bots.utils.Assertions; import org.apache.directory.studio.test.integration.ui.bots.utils.FrameworkRunnerWithScreenshotCaptureListener; +import org.bouncycastle.asn1.x509.BasicConstraints; +import org.bouncycastle.asn1.x509.ExtendedKeyUsage; +import org.bouncycastle.asn1.x509.Extension; +import org.bouncycastle.asn1.x509.KeyPurposeId; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.x509.X509V3CertificateGenerator; import org.junit.After; import org.junit.Before; import org.junit.BeforeClass; @@ -230,7 +246,7 @@ public class CertificateValidationTest extends AbstractLdapTestUnit goodKeyStoreFile.delete(); } Entry entry = new DefaultEntry(); - TlsKeyGenerator.addKeyPair( entry, issuerDn, subjectDn, startDate, expiryDate, keyAlgo, keySize, + addKeyPair( entry, issuerDn, subjectDn, startDate, expiryDate, keyAlgo, keySize, optionalSigningKey ); KeyPair keyPair = TlsKeyGenerator.getKeyPair( entry ); X509Certificate cert = TlsKeyGenerator.getCertificate( entry ); @@ -248,6 +264,84 @@ public class CertificateValidationTest extends AbstractLdapTestUnit return keyStore; } + static + { + Security.addProvider( new BouncyCastleProvider() ); + } + + public static void addKeyPair( Entry entry, String issuerDN, String subjectDN, Date startDate, Date expiryDate, + String keyAlgo, int keySize, PrivateKey optionalSigningKey ) throws LdapException + { + Attribute objectClass = entry.get( SchemaConstants.OBJECT_CLASS_AT ); + + if ( objectClass == null ) + { + entry.put( SchemaConstants.OBJECT_CLASS_AT, TlsKeyGenerator.TLS_KEY_INFO_OC, + SchemaConstants.INET_ORG_PERSON_OC ); + } + else + { + objectClass.add( TlsKeyGenerator.TLS_KEY_INFO_OC, SchemaConstants.INET_ORG_PERSON_OC ); + } + + KeyPairGenerator generator = null; + try + { + generator = KeyPairGenerator.getInstance( keyAlgo ); + } + catch ( NoSuchAlgorithmException e ) + { + LdapException ne = new LdapException( "" ); + ne.initCause( e ); + throw ne; + } + + generator.initialize( keySize ); + KeyPair keypair = generator.genKeyPair(); + entry.put( TlsKeyGenerator.KEY_ALGORITHM_AT, keyAlgo ); + + // Generate the private key attributes + PrivateKey privateKey = keypair.getPrivate(); + entry.put( TlsKeyGenerator.PRIVATE_KEY_AT, privateKey.getEncoded() ); + entry.put( TlsKeyGenerator.PRIVATE_KEY_FORMAT_AT, privateKey.getFormat() ); + + PublicKey publicKey = keypair.getPublic(); + entry.put( TlsKeyGenerator.PUBLIC_KEY_AT, publicKey.getEncoded() ); + entry.put( TlsKeyGenerator.PUBLIC_KEY_FORMAT_AT, publicKey.getFormat() ); + + // Generate the self-signed certificate + BigInteger serialNumber = BigInteger.valueOf( System.currentTimeMillis() ); + + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + X500Principal issuerName = new X500Principal( issuerDN ); + X500Principal subjectName = new X500Principal( subjectDN ); + + certGen.setSerialNumber( serialNumber ); + certGen.setIssuerDN( issuerName ); + certGen.setNotBefore( startDate ); + certGen.setNotAfter( expiryDate ); + certGen.setSubjectDN( subjectName ); + certGen.setPublicKey( publicKey ); + certGen.setSignatureAlgorithm( "SHA256With" + keyAlgo ); + certGen.addExtension( Extension.basicConstraints, false, new BasicConstraints( true ) ); + certGen.addExtension( Extension.extendedKeyUsage, true, new ExtendedKeyUsage( + new KeyPurposeId[] + { KeyPurposeId.id_kp_clientAuth, KeyPurposeId.id_kp_serverAuth } ) ); + + try + { + PrivateKey signingKey = optionalSigningKey != null ? optionalSigningKey : privateKey; + X509Certificate cert = certGen.generate( signingKey, "BC" ); + entry.put( TlsKeyGenerator.USER_CERTIFICATE_AT, cert.getEncoded() ); + } + catch ( Exception e ) + { + LdapException ne = new LdapException( "" ); + ne.initCause( e ); + throw ne; + } + } + private String getConnectionName() { |