This is an automated email from the ASF dual-hosted git repository. pradeep pushed a commit to branch RANGER-4076_master in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 91ee400f7b2c230a3eb2f6c3134fb7d4395d73d1 Author: Kishor Gollapalliwar <[email protected]> AuthorDate: Tue Dec 9 17:59:56 2025 +0530 RANGER-4076: Unix Auth Client remove deprecated APIs --- unixauthclient/pom.xml | 6 +++ .../unix/jaas/TestRemoteUnixLoginModule.java | 44 +++++++++++----------- 2 files changed, 28 insertions(+), 22 deletions(-) diff --git a/unixauthclient/pom.xml b/unixauthclient/pom.xml index e5c9659f0..2f2d2d90f 100644 --- a/unixauthclient/pom.xml +++ b/unixauthclient/pom.xml @@ -102,6 +102,12 @@ <artifactId>libpam4j</artifactId> <version>${libpam4j.version}</version> </dependency> + <dependency> + <groupId>org.bouncycastle</groupId> + <artifactId>bcpkix-jdk18on</artifactId> + <version>${bouncycastle.version}</version> + <scope>test</scope> + </dependency> <dependency> <groupId>org.mockito</groupId> <artifactId>mockito-inline</artifactId> diff --git a/unixauthclient/src/test/java/org/apache/ranger/authentication/unix/jaas/TestRemoteUnixLoginModule.java b/unixauthclient/src/test/java/org/apache/ranger/authentication/unix/jaas/TestRemoteUnixLoginModule.java index 7d7dae165..ba29cf04e 100644 --- a/unixauthclient/src/test/java/org/apache/ranger/authentication/unix/jaas/TestRemoteUnixLoginModule.java +++ b/unixauthclient/src/test/java/org/apache/ranger/authentication/unix/jaas/TestRemoteUnixLoginModule.java @@ -18,20 +18,17 @@ */ package org.apache.ranger.authentication.unix.jaas; +import org.bouncycastle.asn1.x500.X500Name; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.cert.X509v3CertificateBuilder; +import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; +import org.bouncycastle.operator.ContentSigner; +import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; import org.junit.jupiter.api.MethodOrderer; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.TestMethodOrder; import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.junit.jupiter.MockitoExtension; -import sun.security.x509.AlgorithmId; -import sun.security.x509.CertificateAlgorithmId; -import sun.security.x509.CertificateSerialNumber; -import sun.security.x509.CertificateValidity; -import sun.security.x509.CertificateVersion; -import sun.security.x509.CertificateX509Key; -import sun.security.x509.X500Name; -import sun.security.x509.X509CertImpl; -import sun.security.x509.X509CertInfo; import javax.net.ssl.KeyManager; import javax.net.ssl.KeyManagerFactory; @@ -387,19 +384,22 @@ private static X509Certificate generateSelfSigned(String dn, KeyPair keyPair) th Date from = new Date(now - 60000); Date to = new Date(now + 86400000L); - X509CertInfo info = new X509CertInfo(); - info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3)); - info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(new BigInteger(64, new SecureRandom()))); - X500Name owner = new X500Name(dn); - info.set(X509CertInfo.SUBJECT, owner); - info.set(X509CertInfo.ISSUER, owner); - info.set(X509CertInfo.VALIDITY, new CertificateValidity(from, to)); - info.set(X509CertInfo.KEY, new CertificateX509Key(keyPair.getPublic())); - info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(AlgorithmId.get("SHA256withRSA"))); - - X509CertImpl cert = new X509CertImpl(info); - cert.sign(keyPair.getPrivate(), "SHA256withRSA"); - return cert; + X500Name issuer = new X500Name(dn); + X500Name subject = new X500Name(dn); + BigInteger serialNumber = new BigInteger(64, new SecureRandom()); + + X509v3CertificateBuilder certBuilder = new X509v3CertificateBuilder( + issuer, + serialNumber, + from, + to, + subject, + SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded())); + + ContentSigner signer = new JcaContentSignerBuilder("SHA256withRSA") + .build(keyPair.getPrivate()); + + return new JcaX509CertificateConverter().getCertificate(certBuilder.build(signer)); } } }
