ASF Bugzilla – Attachment 37679 Details for
Bug 64831
Create a certificate alias listing/sampler
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Log debug information about loaded certificates
0001-Log-debug-information-about-loaded-certs-from-keysto.patch (text/plain), 4.58 KB, created by
Felix Schumacher
on 2021-01-02 13:08:33 UTC
(
hide
)
Description:
Log debug information about loaded certificates
Filename:
MIME Type:
Creator:
Felix Schumacher
Created:
2021-01-02 13:08:33 UTC
Size:
4.58 KB
patch
obsolete
>From 98321d542a6b432dc326946ac695936383fedd69 Mon Sep 17 00:00:00 2001 >From: Felix Schumacher <felix.schumacher@internetallee.de> >Date: Sat, 2 Jan 2021 14:07:00 +0100 >Subject: [PATCH] Log debug information about loaded certs from keystore > >Bugzilla Id: 64831 >--- > .../jmeter/util/keystore/JmeterKeyStore.java | 60 +++++++++++++++++++ > 1 file changed, 60 insertions(+) > >diff --git a/src/core/src/main/java/org/apache/jmeter/util/keystore/JmeterKeyStore.java b/src/core/src/main/java/org/apache/jmeter/util/keystore/JmeterKeyStore.java >index 5a3afdf8a1..e9ad28f53e 100644 >--- a/src/core/src/main/java/org/apache/jmeter/util/keystore/JmeterKeyStore.java >+++ b/src/core/src/main/java/org/apache/jmeter/util/keystore/JmeterKeyStore.java >@@ -27,6 +27,7 @@ import java.security.PrivateKey; > import java.security.UnrecoverableKeyException; > import java.security.cert.Certificate; > import java.security.cert.CertificateException; >+import java.security.cert.CertificateParsingException; > import java.security.cert.X509Certificate; > import java.util.ArrayList; > import java.util.Arrays; >@@ -113,6 +114,9 @@ public final class JmeterKeyStore { > this.certsByAlias = new HashMap<>(); > > PrivateKey privateKey = null; >+ if (log.isDebugEnabled()) { >+ logDetailsOnKeystore(store); >+ } > int index = 0; > Enumeration<String> aliases = store.aliases(); > while (aliases.hasMoreElements()) { >@@ -148,6 +152,62 @@ public final class JmeterKeyStore { > this.names = aliasesList.toArray(new String[aliasesList.size()]); > } > >+ private static final Map<String, String> EXTENDED_KEY_USAGES = new HashMap<>(); >+ static { >+ EXTENDED_KEY_USAGES.put("1.3.6.1.5.5.7.3.9", "Signing Online Certificate Status Protocol (OCSP) responses"); >+ EXTENDED_KEY_USAGES.put("1.3.6.1.4.1.311.20.2.2", "Smartcard logon to Microsoft Windows"); >+ EXTENDED_KEY_USAGES.put("1.3.6.1.4.1.311.10.3.4", "Can use encrypted file systems (EFS) (EFS_CRYPTO)"); >+ EXTENDED_KEY_USAGES.put("1.3.6.1.4.1.311.10.3.4.1", "Can use encrypted file systems (EFS) (EFS_RECOVERY)"); >+ EXTENDED_KEY_USAGES.put("1.3.6.1.5.5.7.3.1", >+ "Transport Layer Security (TLS) World Wide Web (WWW) server authentication"); >+ EXTENDED_KEY_USAGES.put("1.3.6.1.5.5.7.3.2", >+ "Transport Layer Security (TLS) World Wide Web (WWW) client authentication"); >+ EXTENDED_KEY_USAGES.put("1.3.6.1.5.5.7.3.3", "Signing of downloadable executable code"); >+ EXTENDED_KEY_USAGES.put("1.3.6.1.5.5.7.3.4", "Email protection"); >+ EXTENDED_KEY_USAGES.put("1.3.6.1.5.5.7.3.8", "Time stamping"); >+ } >+ >+ private void logDetailsOnKeystore(KeyStore keystore) { >+ Enumeration<String> aliases; >+ try { >+ aliases = keystore.aliases(); >+ } catch (KeyStoreException e) { >+ log.debug("Problem reading the aliases from the store {}", keystore, e); >+ return; >+ } >+ int i = 1; >+ while(aliases.hasMoreElements()) { >+ String alias = aliases.nextElement(); >+ log.debug("{}: {}", i++, alias); >+ X509Certificate cert; >+ try { >+ cert = (X509Certificate) keystore.getCertificate(alias); >+ } catch (KeyStoreException e) { >+ log.debug("Can't read certificate for alias {}", alias, e); >+ continue; >+ } >+ log.debug("valid not after: {}", cert.getNotAfter().toInstant()); >+ log.debug("valid not before: {}", cert.getNotBefore().toInstant()); >+ log.debug("issuer DN: {}", cert.getIssuerDN()); >+ try { >+ log.debug("SAN: {}", cert.getSubjectAlternativeNames()); >+ } catch (CertificateParsingException e) { >+ log.debug("Problem parsing SAN for {}", alias, e); >+ } >+ List<String> extendedKeyUsage; >+ try { >+ extendedKeyUsage = cert.getExtendedKeyUsage(); >+ if (extendedKeyUsage != null) { >+ for (String keyUsage : extendedKeyUsage) { >+ log.debug("Extended Key Usage {} ({})", EXTENDED_KEY_USAGES.getOrDefault(keyUsage, keyUsage), keyUsage); >+ } >+ } >+ } catch (CertificateParsingException e) { >+ log.debug("Can't get extendedKeyUsage for alias {}", alias, e); >+ } >+ } >+ } >+ > private X509Certificate[] toX509Certificates(Certificate[] chain) { > X509Certificate[] x509certs = new X509Certificate[chain.length]; > for (int i = 0; i < x509certs.length; i++) { >-- >2.25.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 64831
:
37679
|
37756
|
37782