Need to Sign data with private key in jmeter using keystore

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Need to Sign data with private key in jmeter using keystore

Markus Obermann
Hi,
i have a HTTP Sampler and do some API Calls with my webserver using TLS with certificate checkup on both sides (client and server). This is called mutual TLS.This is working fine as i have a java keystore with my .p12 file and i use the Keystore element in my Testplan.As i have only one cert in my keystore its quite very simple configuration.OK so far.
Now i need to do some more stuff which is as follow.
1)
Take the privatekey and take a file on disk and sign the file using SHA-384 and save the sign-file as "file.sha384"
Then do a base64 on this "file.sha384" and put it in a HTTP-Header and sent this with the https request.
2)Take the URL the http-sampler in jmeter is using and do the same as in 1). This means take the whole URL as String - sign using priv. key and do base64 and put in HTTP-Header as 2nd element.

So far i can do 1) using my bash and using openssl like this:openssl dgst -sha384 -sign privkey.key -out file.sha384openssl base64 -in file.sha384 -out file.sign
For sure if i use curl i can somehow to the 2) too.Adding a HTTP-Header is the easiest part.


Thus i would like to do something like this:Use a BeanShell or a Pre-BeanShell to do 1) and 2).
So far i know i can access my JmeterKeyStore using API and i can do a "getPrivateKey()"Then i would need to do some "Signature" stuff - here i can use the Java API - right?
Question:
Can i somehow access the URL from the Sampler before it get executed to i can do 2)?I think there is a way to access the Jmeter Sampler Variables - right?
Can anyone help me out?Thanks in adviceBrMarkus



Reply | Threaded
Open this post in threaded view
|

Re: Need to Sign data with private key in jmeter using keystore

shettyd
Hi
> Can i somehow access the URL from the Sampler before it get executed to i
can do 2)?I think there is a way to access the Jmeter Sampler Variables -
right?
I am not sure I understand but
a. The HTTP Sampler can take a variable for the path field- So if you have
dynamically generated value , you can refer to it as ${variableName} in the
path field and so in your Beanshell you could set variableName to whatever
value you want OR if you mean you want to read the URL , yes thats possible
to in a pre -processor use something like sampler.getPath() (
https://jmeter.apache.org/api/org/apache/jmeter/protocol/http/sampler/HTTPSamplerBase.html
 )
b. >here i can use the Java API - right?
Yes, you can. Plenty of samples in Google (but sometimes confusing)

On Wed, Sep 4, 2019 at 8:16 AM Markus Obermann
<[hidden email]> wrote:

> Hi,
> i have a HTTP Sampler and do some API Calls with my webserver using TLS
> with certificate checkup on both sides (client and server). This is called
> mutual TLS.This is working fine as i have a java keystore with my .p12 file
> and i use the Keystore element in my Testplan.As i have only one cert in my
> keystore its quite very simple configuration.OK so far.
> Now i need to do some more stuff which is as follow.
> 1)
> Take the privatekey and take a file on disk and sign the file using
> SHA-384 and save the sign-file as "file.sha384"
> Then do a base64 on this "file.sha384" and put it in a HTTP-Header and
> sent this with the https request.
> 2)Take the URL the http-sampler in jmeter is using and do the same as in
> 1). This means take the whole URL as String - sign using priv. key and do
> base64 and put in HTTP-Header as 2nd element.
>
> So far i can do 1) using my bash and using openssl like this:openssl dgst
> -sha384 -sign privkey.key -out file.sha384openssl base64 -in file.sha384
> -out file.sign
> For sure if i use curl i can somehow to the 2) too.Adding a HTTP-Header is
> the easiest part.
>
>
> Thus i would like to do something like this:Use a BeanShell or a
> Pre-BeanShell to do 1) and 2).
> So far i know i can access my JmeterKeyStore using API and i can do a
> "getPrivateKey()"Then i would need to do some "Signature" stuff - here i
> can use the Java API - right?
> Question:
> Can i somehow access the URL from the Sampler before it get executed to i
> can do 2)?I think there is a way to access the Jmeter Sampler Variables -
> right?
> Can anyone help me out?Thanks in adviceBrMarkus
>
>
>
>