This is an automated email from the ASF dual-hosted git repository. jamesnetherton pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/camel-quarkus.git
The following commit(s) were added to refs/heads/main by this push: new 294f70ce46 MySql test does not work on FIPS enabled system 294f70ce46 is described below commit 294f70ce46b2aee22d782550a573cb05bf7410a1 Author: JiriOndrusek <ondrusek.j...@gmail.com> AuthorDate: Thu May 2 09:53:28 2024 +0200 MySql test does not work on FIPS enabled system --- integration-test-groups/jdbc/mysql/README.adoc | 26 ++++++++++++++ integration-test-groups/jdbc/mysql/pom.xml | 41 +++++++++++++++++++++- .../jdbc/mysql/Sha256FIPSPasswordPlugin.java | 36 +++++++++++++++++++ 3 files changed, 102 insertions(+), 1 deletion(-) diff --git a/integration-test-groups/jdbc/mysql/README.adoc b/integration-test-groups/jdbc/mysql/README.adoc new file mode 100644 index 0000000000..14b0704560 --- /dev/null +++ b/integration-test-groups/jdbc/mysql/README.adoc @@ -0,0 +1,26 @@ +== JDBC MySql tests + +=== FIPS + +* To execute the tests on FIPS enabled system add `-Dfips` property so that tests will use prooper transformation for the password. Example of usage: + +`mvn clean test -Dfips` + +* Dev service (MySql docker image) does not start correctly on FIPS enabled system. Please use external database. + +To execute the tests against external database, provide the database's connection information by setting environment variables + +``` +export MYSQL_JDBC_URL=#jdbc_url +export MYSQL_JDBC_USERNAME=#username +export MYSQL_JDBC_PASSWORD=#password +``` + +or for windows: + +``` +$Env:MYSQL_JDBC_URL = "#jdbc_url" +$Env:MYSQL_JDBC_USERNAME="#username" +$Env:MYSQL_JDBC_PASSWORD +``` +. \ No newline at end of file diff --git a/integration-test-groups/jdbc/mysql/pom.xml b/integration-test-groups/jdbc/mysql/pom.xml index 171de324a4..af5c79e8e3 100644 --- a/integration-test-groups/jdbc/mysql/pom.xml +++ b/integration-test-groups/jdbc/mysql/pom.xml @@ -265,6 +265,45 @@ <skipTests>true</skipTests> </properties> </profile> + <profile> + <id>fips</id> + <activation> + <property> + <name>fips</name> + </property> + </activation> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <configuration> + <systemPropertyVariables> + <quarkus.datasource.mysql.jdbc.additional-jdbc-properties.authenticationPlugins>org.apache.camel.quarkus.component.jdbc.mysql.Sha256FIPSPasswordPlugin</quarkus.datasource.mysql.jdbc.additional-jdbc-properties.authenticationPlugins> + <quarkus.datasource.mysql.jdbc.additional-jdbc-properties.defaultAuthenticationPlugin>cq_fips_plugin</quarkus.datasource.mysql.jdbc.additional-jdbc-properties.defaultAuthenticationPlugin> + <quarkus.datasource.mysql.devservices.enabled>false</quarkus.datasource.mysql.devservices.enabled> + <quarkus.datasource.mysql.username>${env.MYSQL_JDBC_USERNAME}</quarkus.datasource.mysql.username> + <quarkus.datasource.mysql.password>${env.MYSQL_JDBC_PASSWORD}</quarkus.datasource.mysql.password> + <quarkus.datasource.mysql.jdbc.url>${env.MYSQL_JDBC_URL}</quarkus.datasource.mysql.jdbc.url> + </systemPropertyVariables> + </configuration> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-failsafe-plugin</artifactId> + <configuration> + <systemPropertyVariables> + <quarkus.datasource.mysql.jdbc.additional-jdbc-properties.authenticationPlugins>org.apache.camel.quarkus.component.jdbc.mysql.Sha256FIPSPasswordPlugin</quarkus.datasource.mysql.jdbc.additional-jdbc-properties.authenticationPlugins> + <quarkus.datasource.mysql.jdbc.additional-jdbc-properties.defaultAuthenticationPlugin>cq_fips_plugin</quarkus.datasource.mysql.jdbc.additional-jdbc-properties.defaultAuthenticationPlugin> + <quarkus.datasource.mysql.devservices.enabled>false</quarkus.datasource.mysql.devservices.enabled> + <quarkus.datasource.mysql.username>${env.MYSQL_JDBC_USERNAME}</quarkus.datasource.mysql.username> + <quarkus.datasource.mysql.password>${env.MYSQL_JDBC_PASSWORD}</quarkus.datasource.mysql.password> + <quarkus.datasource.mysql.jdbc.url>${env.MYSQL_JDBC_URL}</quarkus.datasource.mysql.jdbc.url> + </systemPropertyVariables> + </configuration> + </plugin> + </plugins> + </build> + </profile> </profiles> - </project> \ No newline at end of file diff --git a/integration-test-groups/jdbc/mysql/src/main/java/org/apache/camel/quarkus/component/jdbc/mysql/Sha256FIPSPasswordPlugin.java b/integration-test-groups/jdbc/mysql/src/main/java/org/apache/camel/quarkus/component/jdbc/mysql/Sha256FIPSPasswordPlugin.java new file mode 100644 index 0000000000..58d3977f5f --- /dev/null +++ b/integration-test-groups/jdbc/mysql/src/main/java/org/apache/camel/quarkus/component/jdbc/mysql/Sha256FIPSPasswordPlugin.java @@ -0,0 +1,36 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.jdbc.mysql; + +import com.mysql.cj.protocol.a.authentication.Sha256PasswordPlugin; + +public class Sha256FIPSPasswordPlugin extends Sha256PasswordPlugin { + + public Sha256FIPSPasswordPlugin() { + super(); + } + + @Override + public String getProtocolPluginName() { + return "cq_fips_plugin"; + } + + @Override + protected byte[] encryptPassword() { + return encryptPassword("RSA/ECB/PKCS1Padding"); + } +}