hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "pascal oliva (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-11542) Unit Test KeyStoreTestUtil.java compilation failure in IBM JDK
Date Mon, 13 Oct 2014 09:27:34 GMT

    [ https://issues.apache.org/jira/browse/HBASE-11542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14169134#comment-14169134
] 

pascal oliva commented on HBASE-11542:
--------------------------------------

I found a way to use external files to run the test (files created manually  by using  :
openssl genrsa ; and openssl pkcs8) :
I have 4 key files to put into a test directory. 

see tag "<==" below

KeyStoreTestUtil.java
 public static void setupSSLConfig(
 ...
    X509Certificate cCert =
        KeyStoreTestUtil.generateCertificate("/tmp/client_crt"); <== "/tmp/client_crt"
temp location for first draft
      KeyStoreTestUtil.createKeyStore(clientKS, clientPassword, "client",
              KeyStoreTestUtil.getPrivateFromFile("/tmp/client_pkcs8"), cCert); <== "/tmp/client_pkcs8"
temp location for first draft
      certs.put("client", cCert);
    }

    X509Certificate sCert =
      KeyStoreTestUtil.generateCertificate("/tmp/server_crt"); <==  temp location for first
draft
    KeyStoreTestUtil.createKeyStore(serverKS, serverPassword, "server",
              KeyStoreTestUtil.getPrivateFromFile("/tmp/server_pkcs8") , sCert); <== temp
location for first draft
    certs.put("server", sCert);
...

i updated the function  : generateCertificate to generate a 509 certificate with a test file
public static X509Certificate generateCertificate(String pathCrtFile)
            throws IOException, GeneralSecurityException, FileNotFoundException
    {
      File certFile = new File(pathCrtFile);
      FileInputStream input=null;
      try {
      input=new FileInputStream(certFile);
      CertificateFactory cf=CertificateFactory.getInstance("X.509");
      return (X509Certificate)cf.generateCertificate(input); }
      finally {
      input.close(); }
    }

And added a new function 
 private static Key getPrivateFromFile(String filename)
                throws NoSuchAlgorithmException, IOException, InvalidKeySpecException, FileNotFoundException
{
        File privKeyFile = new File(filename);
        RSAPrivateKey privKey = null;
        BufferedInputStream bis = null;
        try {
          bis = new BufferedInputStream(new FileInputStream(privKeyFile));
          byte[] privKeyBytes = new byte[(int)privKeyFile.length()];
          bis.read(privKeyBytes);
          KeyFactory keyFactory = KeyFactory.getInstance("RSA");
          KeySpec ks = new PKCS8EncodedKeySpec(privKeyBytes);
          privKey = (RSAPrivateKey) keyFactory.generatePrivate(ks);
          return (Key)privKey;
        }
      finally {
      bis.close(); }
	  


(i) What do you suggest for the location of these files (client_crt, client_pkcs8, server_crt,
server_pkcs8) ?
Or 
(ii) Do you prefer to add a script to generate these files in a specific directory (this suppose
that openssl is available in the system) ?

Here in attachment : client_crt, client_pkcs8, server_crt, server_pkcs8 : the key files used
for the test.
and KeyStore TestUtil.java.new1 with the changes about the use of external key files.


> Unit Test  KeyStoreTestUtil.java compilation failure in IBM JDK 
> ----------------------------------------------------------------
>
>                 Key: HBASE-11542
>                 URL: https://issues.apache.org/jira/browse/HBASE-11542
>             Project: HBase
>          Issue Type: Improvement
>          Components: build, test
>    Affects Versions: 0.99.0
>         Environment: RHEL 6.3 ,IBM JDK 6
>            Reporter: LinseyPang
>            Priority: Minor
>             Fix For: 2.0.0
>
>         Attachments: HBASE-11542-4.patch, HBASE-11542-5.patch, HBASE_11542-1.patch, hbase11542-0.99-v3.patch,
hbase11542-0.99-v3.patch, hbase11542-0.99-v3.patch, hbase_11542-v2.patch, sslkeystore.patch
>
>
> In trunk,  jira HBase-10336 added a utility test KeyStoreTestUtil.java, which leverages
the following sun classes:
>    import sun.security.x509.AlgorithmId;
>    import sun.security.x509.CertificateAlgorithmId;
>   ....
> this cause hbase compiler failure if using IBM JDK,  
> There are similar classes like below in IBM jdk: 
> import com.ibm.security.x509.AlgorithmId;
> import com.ibm.security.x509.CertificateAlgorithmId; 
> This jira is to add handling of the x509 references. 
>   



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message