Bug 64776

Summary: Add the ability to install additional SecurityProvider
Product: JMeter Reporter: Timo Leefers <ASF.Software.Timo>
Component: MainAssignee: JMeter issues mailing list <issues>
Status: RESOLVED FIXED    
Severity: enhancement CC: p.mouawad
Priority: P2 Keywords: FixedInTrunk
Version: 5.3   
Target Milestone: JMETER_5.4   
Hardware: All   
OS: All   
Attachments: My Solution of the Problem

Description Timo Leefers 2020-09-29 06:18:36 UTC
Created attachment 37476 [details]
My Solution of the Problem

Hello,

I need to test an HTTP Endpoint, that requires the use of eliptic-curve algorithms (i.e. brainPool256r1), but these curves are not supported by the jvm. To make this possible it is required to install additional security proivders (in my case: BouncyCastleProvider and BouncyCastleJsseProvider).

My problem is: the BouncyCastleJsseProvider needs to be configured to use the BouncyCastleProvider ( new BouncyCastleJsseProvider("BC") ).

I tried these ways, but this won't work:
1.) Adding these SecurityProvider to the java config file (java.security) - here I can add a security provider, but I can't configure it.
2.) Create a plugin that installs these at Test-Start (via the TestStateListener-Interface)

Than I tried this (and this is working):

I add the Security-Provider as soon a possible in the startup of JMeter - direct in the Method: start() of org.apache.jmeter.JMeter (Module: core) - And this is working.

But I do not know if this is the best place to add...

I attach you my version of the JMeter.java file.
My changes:

the two functions:
  private void addSecurityProvider(Properties properties)
  private void addSecurityProvider(String securityProviderConfig)
 
and the call of the first method in the start-method (line:560 - direct after initializeProperties(parser))

The usage is:
With these changes you could add a security-provider by adding jmeter-properties (security.provider and security.provider.x) to the command line. The format of the property-value musst be: <full qualified classname>:<position>:<config-string>
full qualified classname: The full qualifiedname of the SecurityProviderClass
position: The position of the SecurityProvider in the SecurityProviderList (Security.insertProviderAt(provider,position)
conifg: if present the Constructor with one String argument will be called and this will be given as argument. (As fallback the default constructor will be used)

jmeter -J security.provider.2="org.bouncycastle.jsse.provider.BouncyCastleJsseProvider:2:BC" -J security.provider="org.bouncycastle.jce.provider.BouncyCastleProvider:1"

The provider will be installed in order of the propertynames (security.provider,security.provider.1,security.provider.2,...)
Comment 1 Timo Leefers 2020-10-08 14:06:15 UTC
Created a Pull-Request: [https://github.com/apache/jmeter/pull/629#commitcomment-43072022]
Comment 2 Philippe Mouawad 2020-10-25 08:36:33 UTC
pmouawad pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/jmeter.git.


    from da95029  Mention 64711 fix
     add 0cfa2bc  Fix to Bug64776
     new dcf584a  Merge branch 'Bug64776' of https://github.com/FackelAB/jmeter into FackelAB-Bug64776
     new eb03d31  Minor cleanup + mention contributor
     new 9dcf9d0  Merge branch 'FackelAB-Bug64776'

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../src/main/java/org/apache/jmeter/JMeter.java    |   3 +
 .../apache/jmeter/util/SecurityProviderLoader.java |  78 +++++++++
 .../jmeter/util/SecurityProviderLoaderTest.java    | 183 +++++++++++++++++++++
 xdocs/changes.xml                                  |   2 +
 xdocs/usermanual/properties_reference.xml          |  22 +++
 5 files changed, 288 insertions(+)
 create mode 100644 src/core/src/main/java/org/apache/jmeter/util/SecurityProviderLoader.java
 create mode 100644 src/core/src/test/java/org/apache/jmeter/util/SecurityProviderLoaderTest.java
Comment 3 Philippe Mouawad 2020-10-25 08:42:09 UTC
Thanks for contribution.
This will be available in next nightly build from here:

- https://ci.apache.org/projects/jmeter/nightlies/

Please test it and confirm everything works fine.
Thanks
Regards
Comment 4 Timo Leefers 2020-10-27 09:30:18 UTC
Today I followed the link to the nightlies and downloaded the this zip: "apache-jmeter-5.3.1-SNAPSHOT.zip", but it seems not be in this nightly build.

So I can't test the new functionality in this nightly release. I will try it next week again :)
Comment 5 Philippe Mouawad 2020-10-27 09:34:42 UTC
Hello,
The zip name is always like this.
Ensure you take the one LATEST (r1864-51e1853e900bda5794717f33b3030c09c6eaca47) from 27 october

Regards
Comment 6 Timo Leefers 2020-10-27 12:05:06 UTC
Hello,

That is what I've done (twice - before I've written the last post and just now again). I downloaded the .zip from the first row (LATEST - 2020-10-27 - yellow marked row) and tried to check it. 

After that that I've downloaded the coresseponding src-archive and saw that the changes are not in there.

Regards
 Timo
Comment 7 Philippe Mouawad 2020-10-27 13:39:59 UTC
Hello,
Indeed sorry for my wrong link.
Correct link is:

https://ci-builds.apache.org/job/JMeter/job/JMeter-trunk/lastSuccessfulBuild/artifact/src/dist/build/distributions/apache-jmeter-5.3.1-SNAPSHOT.tgz

Regards
Comment 8 Timo Leefers 2020-10-28 09:32:15 UTC
Hello,

No Problem, but today I've checked it and it works well.

Regards