You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by se...@apache.org on 2020/04/04 12:20:40 UTC
[directory-studio] branch master updated: Add explicit HTTP client
to avoid version conflict. Fix certificate validation test,
inline addKeyPair to allow creation of CA certificate.
This is an automated email from the ASF dual-hosted git repository.
seelmann pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/directory-studio.git
The following commit(s) were added to refs/heads/master by this push:
new 88ebd2a Add explicit HTTP client to avoid version conflict. Fix certificate validation test, inline addKeyPair to allow creation of CA certificate.
88ebd2a is described below
commit 88ebd2a4c8b61415d1d533c95b524063d6c200fd
Author: Stefan Seelmann <ma...@stefan-seelmann.de>
AuthorDate: Sat Apr 4 14:20:27 2020 +0200
Add explicit HTTP client to avoid version conflict. Fix certificate validation test, inline addKeyPair to allow creation of CA certificate.
---
eclipse-trgt-platform/pom-first.xml | 12 +++
...directory.studio.eclipse-trgt-platform.template | 4 +-
features/rcp.feature/feature.xml | 14 ++++
plugins/connection.core/pom-first.xml | 1 -
pom.xml | 4 +
product/org.apache.directory.studio.product | 1 -
tests/test.integration.ui/pom-first.xml | 2 +-
.../integration/ui/CertificateValidationTest.java | 96 +++++++++++++++++++++-
8 files changed, 129 insertions(+), 5 deletions(-)
diff --git a/eclipse-trgt-platform/pom-first.xml b/eclipse-trgt-platform/pom-first.xml
index 07adae7..5272968 100644
--- a/eclipse-trgt-platform/pom-first.xml
+++ b/eclipse-trgt-platform/pom-first.xml
@@ -89,6 +89,18 @@
<version>${com.github.ben-manes.caffeine.version}</version>
</dependency>
+ <!-- HTTP client module -->
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient-osgi</artifactId>
+ <version>${org.apache.httpcomponents.httpclient.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpcore-osgi</artifactId>
+ <version>${org.apache.httpcomponents.httpcore.version}</version>
+ </dependency>
+
<!-- LDAP API modules -->
<dependency>
<groupId>org.apache.directory.api</groupId>
diff --git a/eclipse-trgt-platform/template/org.apache.directory.studio.eclipse-trgt-platform.template b/eclipse-trgt-platform/template/org.apache.directory.studio.eclipse-trgt-platform.template
index 8469d58..d67e090 100644
--- a/eclipse-trgt-platform/template/org.apache.directory.studio.eclipse-trgt-platform.template
+++ b/eclipse-trgt-platform/template/org.apache.directory.studio.eclipse-trgt-platform.template
@@ -19,7 +19,7 @@
@author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
-->
<?pde version="3.8"?>
-<target name="Apache Directory Studio Platform" sequenceNumber="449">
+<target name="Apache Directory Studio Platform" sequenceNumber="453">
<locations>
<location includeAllPlatforms="false" includeConfigurePhase="true" includeMode="planner" includeSource="true" type="InstallableUnit">
@@ -28,6 +28,8 @@
<unit id="org.apache.servicemix.bundles.dom4j" version="2.1.1.1"/>
<unit id="org.apache.servicemix.bundles.xpp3" version="1.1.4.c"/>
<unit id="com.github.ben-manes.caffeine" version="${com.github.ben-manes.caffeine.bundleversion}"/>
+ <unit id="org.apache.httpcomponents.httpclient" version="${org.apache.httpcomponents.httpclient.bundleversion}"/>
+ <unit id="org.apache.httpcomponents.httpcore" version="${org.apache.httpcomponents.httpcore.bundleversion}"/>
<!-- Commons jars -->
<unit id="org.apache.commons.commons-codec" version="${org.apache.commons.codec.bundleversion}"/>
diff --git a/features/rcp.feature/feature.xml b/features/rcp.feature/feature.xml
index 922eef0..8d07579 100644
--- a/features/rcp.feature/feature.xml
+++ b/features/rcp.feature/feature.xml
@@ -274,6 +274,20 @@ http://www.apache.org/licenses/
unpack="false"/>
<plugin
+ id="org.apache.httpcomponents.httpclient"
+ download-size="0"
+ install-size="0"
+ version="0.0.0"
+ unpack="false"/>
+
+ <plugin
+ id="org.apache.httpcomponents.httpcore"
+ download-size="0"
+ install-size="0"
+ version="0.0.0"
+ unpack="false"/>
+
+ <plugin
id="bcprov"
download-size="0"
install-size="0"
diff --git a/plugins/connection.core/pom-first.xml b/plugins/connection.core/pom-first.xml
index d8076c0..b8b59a7 100644
--- a/plugins/connection.core/pom-first.xml
+++ b/plugins/connection.core/pom-first.xml
@@ -71,7 +71,6 @@
org.apache.directory.api.util;bundle-version="${org.apache.directory.api.bundleversion}",
org.apache.directory.studio.common.core,
org.apache.directory.studio.ldifparser,
- org.apache.commons.codec,
org.eclipse.core.runtime,
org.eclipse.ui
</Require-Bundle>
diff --git a/pom.xml b/pom.xml
index 3e00f44..cfa3722 100644
--- a/pom.xml
+++ b/pom.xml
@@ -79,6 +79,10 @@
<log4j.log4j.bundleversion>1.2.17</log4j.log4j.bundleversion>
<com.github.ben-manes.caffeine.version>2.7.0</com.github.ben-manes.caffeine.version>
<com.github.ben-manes.caffeine.bundleversion>2.7.0</com.github.ben-manes.caffeine.bundleversion>
+ <org.apache.httpcomponents.httpclient.version>4.5.12</org.apache.httpcomponents.httpclient.version>
+ <org.apache.httpcomponents.httpclient.bundleversion>4.5.12</org.apache.httpcomponents.httpclient.bundleversion>
+ <org.apache.httpcomponents.httpcore.version>4.4.13</org.apache.httpcomponents.httpcore.version>
+ <org.apache.httpcomponents.httpcore.bundleversion>4.4.13</org.apache.httpcomponents.httpcore.bundleversion>
<org.apache.commons.codec.version>1.14</org.apache.commons.codec.version>
<org.apache.commons.codec.bundleversion>1.14.0</org.apache.commons.codec.bundleversion>
<org.apache.commons.collections4.version>4.4</org.apache.commons.collections4.version>
diff --git a/product/org.apache.directory.studio.product b/product/org.apache.directory.studio.product
index 35001b1..787a489 100644
--- a/product/org.apache.directory.studio.product
+++ b/product/org.apache.directory.studio.product
@@ -239,7 +239,6 @@ http://www.apache.org/licenses/
<feature id="org.eclipse.e4.rcp"/>
<feature id="org.eclipse.emf.common"/>
<feature id="org.eclipse.platform"/>
- <feature id="org.eclipse.ecf.filetransfer.httpclient45.feature"/>
<feature id="org.eclipse.ecf.filetransfer.feature"/>
<feature id="org.eclipse.equinox.p2.core.feature"/>
<feature id="org.eclipse.ecf.core.ssl.feature"/>
diff --git a/tests/test.integration.ui/pom-first.xml b/tests/test.integration.ui/pom-first.xml
index f577b20..59db61f 100644
--- a/tests/test.integration.ui/pom-first.xml
+++ b/tests/test.integration.ui/pom-first.xml
@@ -98,7 +98,7 @@
org.apache.directory.studio.schemaeditor,
org.apache.directory.studio.schemaeditor.help,
org.apache.directory.studio.valueeditors,
-
+ bcprov,
org.eclipse.core.runtime,
org.eclipse.ui</Require-Bundle>
diff --git a/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java b/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java
index 03d78f8..305f4ad 100644
--- a/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java
+++ b/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java
@@ -31,15 +31,25 @@ import static org.junit.Assert.assertTrue;
import java.io.File;
import java.io.FileOutputStream;
+import java.math.BigInteger;
import java.security.KeyPair;
+import java.security.KeyPairGenerator;
import java.security.KeyStore;
+import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Date;
+import javax.security.auth.x500.X500Principal;
+
+import org.apache.directory.api.ldap.model.constants.SchemaConstants;
+import org.apache.directory.api.ldap.model.entry.Attribute;
import org.apache.directory.api.ldap.model.entry.DefaultEntry;
import org.apache.directory.api.ldap.model.entry.Entry;
+import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.server.annotations.CreateLdapServer;
import org.apache.directory.server.annotations.CreateTransport;
import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
@@ -56,6 +66,12 @@ import org.apache.directory.studio.test.integration.ui.bots.PreferencesBot;
import org.apache.directory.studio.test.integration.ui.bots.StudioBot;
import org.apache.directory.studio.test.integration.ui.bots.utils.Assertions;
import org.apache.directory.studio.test.integration.ui.bots.utils.FrameworkRunnerWithScreenshotCaptureListener;
+import org.bouncycastle.asn1.x509.BasicConstraints;
+import org.bouncycastle.asn1.x509.ExtendedKeyUsage;
+import org.bouncycastle.asn1.x509.Extension;
+import org.bouncycastle.asn1.x509.KeyPurposeId;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.bouncycastle.x509.X509V3CertificateGenerator;
import org.junit.After;
import org.junit.Before;
import org.junit.BeforeClass;
@@ -230,7 +246,7 @@ public class CertificateValidationTest extends AbstractLdapTestUnit
goodKeyStoreFile.delete();
}
Entry entry = new DefaultEntry();
- TlsKeyGenerator.addKeyPair( entry, issuerDn, subjectDn, startDate, expiryDate, keyAlgo, keySize,
+ addKeyPair( entry, issuerDn, subjectDn, startDate, expiryDate, keyAlgo, keySize,
optionalSigningKey );
KeyPair keyPair = TlsKeyGenerator.getKeyPair( entry );
X509Certificate cert = TlsKeyGenerator.getCertificate( entry );
@@ -248,6 +264,84 @@ public class CertificateValidationTest extends AbstractLdapTestUnit
return keyStore;
}
+ static
+ {
+ Security.addProvider( new BouncyCastleProvider() );
+ }
+
+ public static void addKeyPair( Entry entry, String issuerDN, String subjectDN, Date startDate, Date expiryDate,
+ String keyAlgo, int keySize, PrivateKey optionalSigningKey ) throws LdapException
+ {
+ Attribute objectClass = entry.get( SchemaConstants.OBJECT_CLASS_AT );
+
+ if ( objectClass == null )
+ {
+ entry.put( SchemaConstants.OBJECT_CLASS_AT, TlsKeyGenerator.TLS_KEY_INFO_OC,
+ SchemaConstants.INET_ORG_PERSON_OC );
+ }
+ else
+ {
+ objectClass.add( TlsKeyGenerator.TLS_KEY_INFO_OC, SchemaConstants.INET_ORG_PERSON_OC );
+ }
+
+ KeyPairGenerator generator = null;
+ try
+ {
+ generator = KeyPairGenerator.getInstance( keyAlgo );
+ }
+ catch ( NoSuchAlgorithmException e )
+ {
+ LdapException ne = new LdapException( "" );
+ ne.initCause( e );
+ throw ne;
+ }
+
+ generator.initialize( keySize );
+ KeyPair keypair = generator.genKeyPair();
+ entry.put( TlsKeyGenerator.KEY_ALGORITHM_AT, keyAlgo );
+
+ // Generate the private key attributes
+ PrivateKey privateKey = keypair.getPrivate();
+ entry.put( TlsKeyGenerator.PRIVATE_KEY_AT, privateKey.getEncoded() );
+ entry.put( TlsKeyGenerator.PRIVATE_KEY_FORMAT_AT, privateKey.getFormat() );
+
+ PublicKey publicKey = keypair.getPublic();
+ entry.put( TlsKeyGenerator.PUBLIC_KEY_AT, publicKey.getEncoded() );
+ entry.put( TlsKeyGenerator.PUBLIC_KEY_FORMAT_AT, publicKey.getFormat() );
+
+ // Generate the self-signed certificate
+ BigInteger serialNumber = BigInteger.valueOf( System.currentTimeMillis() );
+
+ X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
+ X500Principal issuerName = new X500Principal( issuerDN );
+ X500Principal subjectName = new X500Principal( subjectDN );
+
+ certGen.setSerialNumber( serialNumber );
+ certGen.setIssuerDN( issuerName );
+ certGen.setNotBefore( startDate );
+ certGen.setNotAfter( expiryDate );
+ certGen.setSubjectDN( subjectName );
+ certGen.setPublicKey( publicKey );
+ certGen.setSignatureAlgorithm( "SHA256With" + keyAlgo );
+ certGen.addExtension( Extension.basicConstraints, false, new BasicConstraints( true ) );
+ certGen.addExtension( Extension.extendedKeyUsage, true, new ExtendedKeyUsage(
+ new KeyPurposeId[]
+ { KeyPurposeId.id_kp_clientAuth, KeyPurposeId.id_kp_serverAuth } ) );
+
+ try
+ {
+ PrivateKey signingKey = optionalSigningKey != null ? optionalSigningKey : privateKey;
+ X509Certificate cert = certGen.generate( signingKey, "BC" );
+ entry.put( TlsKeyGenerator.USER_CERTIFICATE_AT, cert.getEncoded() );
+ }
+ catch ( Exception e )
+ {
+ LdapException ne = new LdapException( "" );
+ ne.initCause( e );
+ throw ne;
+ }
+ }
+
private String getConnectionName()
{