Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature | client certificate authentication #1284

Merged
merged 61 commits into from
Mar 27, 2020
Merged

Feature | client certificate authentication #1284

merged 61 commits into from
Mar 27, 2020

Conversation

peterbae
Copy link
Contributor

The JDBC driver will add three connection properties for this feature:

clientCertificate – specifies the certificate to be used for authentication. The JDBC driver will support PFX, PEM, DER and CER file extensions. Format:
• clientCertificate=<file_location>
The driver uses a certificate file. For certificates in PEM, DER and CER formats clientKey attribute is required.

clientKey – specifies a file location of the private key for PEM, DER and CER certificates specified by the clientCertificate attribute. Format:
• clientKey=<file_location>
Specifies location of the private key file. In case if private key file is password protected then password keyword is required.
clientKeyPassword – optional password string provided to access the clientKey file’s private key.

lilgreenbird and others added 27 commits February 5, 2020 11:03
@lilgreenbird
Fix AEv2 tests exclude for reqExternalSetup and cleanup (microsoft#1247)
c97b863
@peterbae
Fix | Add null check for getObject() with LocalTime and LocalDate (mi…
54b5a19 
…crosoft#1250)
@lilgreenbird
added all AKV tests to use reqExternalSetup tag so they will be skipp…
672b7d6 
…ed by default (microsoft#1254)

* skip AKV test properly

* removed enclave properties string to failed errors as enclave tests could be skipped
@ulvii
Added new Azure endpoints to the list of trusted endpoints (#1264)
f006c4e
@peterbae
Release | Changes for 8.2.1 HotFix release (microsoft#1260)
5f33c57
@ulvii
Sync master with dev for 8.2.1 Release
10f9737
@ulvii
Release | 8.3.0-SNAPSHOT
77d25cb
@ulvii
Sync dev with master for 8.2.1 Release
166add5
@ulvii
Release | Add snapshot to pom file
3346b3a
@ulvii
Release | Update version to 8.3.0-SNAPSHOT
bef72c5
@peterbae
initial stuff
560be4c
@peterbae
Merge branch 'dev' of https://github.com/Microsoft/mssql-jdbc into cl…
bcc4a03 
…ientcertauth
@rene-ye
Add support for PKCS8 and PKCS1 private keys
2508f53
@rene-ye
Remove imports
15293af
@rene-ye
Remove imports from iobuffer
e1e7c42
@rene-ye
more import cleanup
9d20136
@peterbae
Merge pull request #11 from rene-ye/clientcertauth
e2d5f88 
Add support for PKCS8 and PKCS1 private keys
@rene-ye
change logic for decryptprovider
fa15950
@rene-ye
Add PVK support
45a7a25
@peterbae
changes
b51d9b9
@rene-ye
Merge branch 'clientcertauth' of https://github.com/peterbae/mssql-jdbc
a743065 
… into clientcertauth
@peterbae
Merge pull request #12 from rene-ye/clientcertauth
13db002 
change logic for decryptprovider
@rene-ye
hw
fb19534
@peterbae
Merge pull request #13 from rene-ye/clientcertauth
f94a3da 
hw
@peterbae
initial changes
3f5a958
@peterbae
update
58fb495
@peterbae
try
e521b60
ulvii
ulvii reviewed Mar 27, 2020
View reviewed changes
src/test/java/com/microsoft/sqlserver/clientcertauth/ClientCertificateAuthenticationTest.java Outdated
+ ";";
try (Connection conn = DriverManager.getConnection(conStr)) {
} catch (SQLServerException e) {
assertTrue(e.getMessage().contains(TestResource.getResource("R_invalidPath")));
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can use R_clientCertError from SQLServerResource.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SQLServerResource is not visible in this package, we can just use the TestResource for test related texts.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See SQLServerConnectionTest.executeInvalidFmt() for example use.

assertTrue(e.getMessage().matches(TestUtils.formatErrorMsg("R_invalidArgument")));

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks. done.

ulvii
ulvii reviewed Mar 27, 2020
View reviewed changes
src/test/java/com/microsoft/sqlserver/clientcertauth/ClientCertificateAuthenticationTest.java Outdated

@Test
public void testDataSource() throws Exception {
String conStr = connectionString + ";clientCertificate=" + clientCertificate + ".pem;" + "clientKey="
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why aren't you using new DataSource APIs? setClientCertificate(), setClientKey(), setClientKeyPassword

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@peterbae peterbae merged commit 9732e1b into microsoft:dev Mar 27, 2020
@ulvii ulvii added the Public API Changes in Public API label Jul 29, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@saurabh500 saurabh500 saurabh500 left review comments

@rene-ye rene-ye rene-ye approved these changes

@lilgreenbird lilgreenbird lilgreenbird approved these changes

@ulvii ulvii ulvii approved these changes

Assignees
No one assigned
Labels
Public API Changes in Public API
Projects
None yet
Milestone
8.3.0
Development

Successfully merging this pull request may close these issues.
5 participants
@peterbae @saurabh500 @rene-ye @lilgreenbird @ulvii