[
https://issues.apache.org/jira/browse/HBASE-11542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14169134#comment-14169134
]
pascal oliva commented on HBASE-11542:
--------------------------------------
I found a way to use external files to run the test (files created manually by
using :
openssl genrsa ; and openssl pkcs8) :
I have 4 key files to put into a test directory.
see tag "<==" below
KeyStoreTestUtil.java
public static void setupSSLConfig(
...
X509Certificate cCert =
KeyStoreTestUtil.generateCertificate("/tmp/client_crt"); <==
"/tmp/client_crt" temp location for first draft
KeyStoreTestUtil.createKeyStore(clientKS, clientPassword, "client",
KeyStoreTestUtil.getPrivateFromFile("/tmp/client_pkcs8"), cCert);
<== "/tmp/client_pkcs8" temp location for first draft
certs.put("client", cCert);
}
X509Certificate sCert =
KeyStoreTestUtil.generateCertificate("/tmp/server_crt"); <== temp
location for first draft
KeyStoreTestUtil.createKeyStore(serverKS, serverPassword, "server",
KeyStoreTestUtil.getPrivateFromFile("/tmp/server_pkcs8") ,
sCert); <== temp location for first draft
certs.put("server", sCert);
...
i updated the function : generateCertificate to generate a 509 certificate
with a test file
public static X509Certificate generateCertificate(String pathCrtFile)
throws IOException, GeneralSecurityException, FileNotFoundException
{
File certFile = new File(pathCrtFile);
FileInputStream input=null;
try {
input=new FileInputStream(certFile);
CertificateFactory cf=CertificateFactory.getInstance("X.509");
return (X509Certificate)cf.generateCertificate(input); }
finally {
input.close(); }
}
And added a new function
private static Key getPrivateFromFile(String filename)
throws NoSuchAlgorithmException, IOException,
InvalidKeySpecException, FileNotFoundException {
File privKeyFile = new File(filename);
RSAPrivateKey privKey = null;
BufferedInputStream bis = null;
try {
bis = new BufferedInputStream(new FileInputStream(privKeyFile));
byte[] privKeyBytes = new byte[(int)privKeyFile.length()];
bis.read(privKeyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
KeySpec ks = new PKCS8EncodedKeySpec(privKeyBytes);
privKey = (RSAPrivateKey) keyFactory.generatePrivate(ks);
return (Key)privKey;
}
finally {
bis.close(); }
(i) What do you suggest for the location of these files (client_crt,
client_pkcs8, server_crt, server_pkcs8) ?
Or
(ii) Do you prefer to add a script to generate these files in a specific
directory (this suppose
that openssl is available in the system) ?
Here in attachment : client_crt, client_pkcs8, server_crt, server_pkcs8 : the
key files used for the test.
and KeyStore TestUtil.java.new1 with the changes about the use of external key
files.
> Unit Test KeyStoreTestUtil.java compilation failure in IBM JDK
> ----------------------------------------------------------------
>
> Key: HBASE-11542
> URL: https://issues.apache.org/jira/browse/HBASE-11542
> Project: HBase
> Issue Type: Improvement
> Components: build, test
> Affects Versions: 0.99.0
> Environment: RHEL 6.3 ,IBM JDK 6
> Reporter: LinseyPang
> Priority: Minor
> Fix For: 2.0.0
>
> Attachments: HBASE-11542-4.patch, HBASE-11542-5.patch,
> HBASE_11542-1.patch, hbase11542-0.99-v3.patch, hbase11542-0.99-v3.patch,
> hbase11542-0.99-v3.patch, hbase_11542-v2.patch, sslkeystore.patch
>
>
> In trunk, jira HBase-10336 added a utility test KeyStoreTestUtil.java, which
> leverages the following sun classes:
> import sun.security.x509.AlgorithmId;
> import sun.security.x509.CertificateAlgorithmId;
> ....
> this cause hbase compiler failure if using IBM JDK,
> There are similar classes like below in IBM jdk:
> import com.ibm.security.x509.AlgorithmId;
> import com.ibm.security.x509.CertificateAlgorithmId;
> This jira is to add handling of the x509 references.
>
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
