Summary: | Clean up use of deprecated api from bouncycastle | ||
---|---|---|---|
Product: | JMeter - Now in Github | Reporter: | Felix Schumacher <felix.schumacher> |
Component: | Main | Assignee: | JMeter issues mailing list <issues> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | P2 | ||
Version: | 2.13 | ||
Target Milestone: | --- | ||
Hardware: | All | ||
OS: | All | ||
Attachments: |
Change code to newer api of bouncycastle
Correct usage of bc api Change code to newer api of bouncycastle |
Created attachment 33161 [details]
Correct usage of bc api
The old change did not work correctly. This one tries to fix it up, by really using a certificate holder and extracting the email values from the RDNs.
Created attachment 33178 [details]
Change code to newer api of bouncycastle
I think I have found all occurrences of the old vs new api. The unit tests work in eclipse, but not with ant, yet.
When I used the test case with the old implementation, I found two further issues. First, the emailAddress (E) component would not be able to be parsed by the jdk X500Principal(String) constructor. I had to add a keywordMap with the name and oid pair to the constructor, to be able to parse cn=name, E=email@example.org, ... Second, the DN from the cert is constructed (probably by bouncycastle) in reverse order. Staying with the DN from above, it would be ..., E=email@example.org, cn=name I will commit the patch, that adds the keywordMap to the constructor, as I think this is a general problem and it will not change the overall behaviour of the code. The second problem is less of a concern, since the newer api will ignore the order of the DN components. Date: Mon Oct 12 19:58:56 2015 New Revision: 1708212 URL: http://svn.apache.org/viewvc?rev=1708212&view=rev Log: Add a keywordMap parameter when using the constructor of X500Principal. This is necessary for DNs which have emailAddress components, which where not parsed correctly by the jdk. For better debug logs both compared components will be logged now, when comparing the issuerDN/certDN with given ones for the assertion. Bugzilla Id: 58303 Modified: jmeter/trunk/src/components/org/apache/jmeter/assertions/SMIMEAssertion.java Date: Mon Oct 12 20:10:37 2015 New Revision: 1708223 URL: http://svn.apache.org/viewvc?rev=1708223&view=rev Log: Add test cases for SMIMEAssertion. Bugzilla Id: 58303 Added: jmeter/trunk/test/resources/org/ jmeter/trunk/test/resources/org/apache/ jmeter/trunk/test/resources/org/apache/jmeter/ jmeter/trunk/test/resources/org/apache/jmeter/assertions/ jmeter/trunk/test/resources/org/apache/jmeter/assertions/email.pem jmeter/trunk/test/resources/org/apache/jmeter/assertions/signed_email.eml jmeter/trunk/test/src/org/apache/jmeter/assertions/SMIMEAssertionTest.java Date: Mon Oct 12 20:19:11 2015 New Revision: 1708224 URL: http://svn.apache.org/viewvc?rev=1708224&view=rev Log: Change usage of bouncycastle api in SMIMEAssertion to get rid of the deprecation warnings. Bugzilla Id: 58303 Modified: jmeter/trunk/src/components/org/apache/jmeter/assertions/SMIMEAssertion.java jmeter/trunk/xdocs/changes.xml This issue has been migrated to GitHub: https://github.com/apache/jmeter/issues/3663 |
Created attachment 33054 [details] Change code to newer api of bouncycastle SMIMEAssertion uses deprecated api of bouncycastle. The added patch tries to rework the code and removes the deprecations.