Search in sources :

Example 1 with OSymmetricKey

use of com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey in project orientdb by orientechnologies.

the class OSymmetricKeySecurity method authenticate.

public OUser authenticate(final String username, final String password) {
    if (delegate == null)
        throw new OSecurityAccessException("OSymmetricKeySecurity.authenticate() Delegate is null for username: " + username);
    if (database == null)
        throw new OSecurityAccessException("OSymmetricKeySecurity.authenticate() Database is null for username: " + username);
    final String dbName = database.getName();
    OUser user = delegate.getUser(username);
    if (user == null)
        throw new OSecurityAccessException(dbName, "OSymmetricKeySecurity.authenticate() Username or Key is invalid for username: " + username);
    if (user.getAccountStatus() != OSecurityUser.STATUSES.ACTIVE)
        throw new OSecurityAccessException(dbName, "OSymmetricKeySecurity.authenticate() User '" + username + "' is not active");
    try {
        OUserSymmetricKeyConfig userConfig = new OUserSymmetricKeyConfig(user);
        OSymmetricKey sk = OSymmetricKey.fromConfig(userConfig);
        String decryptedUsername = sk.decryptAsString(password);
        if (OSecurityManager.instance().checkPassword(username, decryptedUsername))
            return user;
    } catch (Exception ex) {
        throw new OSecurityAccessException(dbName, "OSymmetricKeySecurity.authenticate() Exception for database: " + dbName + ", username: " + username + " " + ex.getMessage());
    }
    throw new OSecurityAccessException(dbName, "OSymmetricKeySecurity.authenticate() Username or Key is invalid for database: " + dbName + ", username: " + username);
}
Also used : OSecurityAccessException(com.orientechnologies.orient.core.exception.OSecurityAccessException) OSymmetricKey(com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey) OUser(com.orientechnologies.orient.core.metadata.security.OUser) OSecurityAccessException(com.orientechnologies.orient.core.exception.OSecurityAccessException) OUserSymmetricKeyConfig(com.orientechnologies.orient.core.security.symmetrickey.OUserSymmetricKeyConfig)

Example 2 with OSymmetricKey

use of com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey in project orientdb by orientechnologies.

the class OSymmetricKeyTest method shouldTestDefaultConstructor.

@Test
public void shouldTestDefaultConstructor() throws Exception {
    OSymmetricKey sk = new OSymmetricKey();
    String msgToEncrypt = "Please, encrypt this!";
    String magic = sk.encrypt(msgToEncrypt);
    String decryptedMsg = sk.decryptAsString(magic);
    assertThat(msgToEncrypt).isEqualTo(decryptedMsg);
}
Also used : OSymmetricKey(com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey) Test(org.junit.Test)

Example 3 with OSymmetricKey

use of com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey in project orientdb by orientechnologies.

the class OSymmetricKeyTest method shouldTestSpecificAESKey.

@Test
public void shouldTestSpecificAESKey() throws Exception {
    OSymmetricKey sk = new OSymmetricKey("AES", "8BC7LeGkFbmHEYNTz5GwDw==");
    String msgToEncrypt = "Please, encrypt this!";
    String magic = sk.encrypt("AES/CBC/PKCS5Padding", msgToEncrypt);
    String decryptedMsg = sk.decryptAsString(magic);
    assertThat(msgToEncrypt).isEqualTo(decryptedMsg);
}
Also used : OSymmetricKey(com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey) Test(org.junit.Test)

Example 4 with OSymmetricKey

use of com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey in project orientdb by orientechnologies.

the class OSymmetricKeyTest method shouldTestOSymmetricKeySecurity.

@Test
public void shouldTestOSymmetricKeySecurity() throws Exception {
    ODatabaseDocumentTx db = new ODatabaseDocumentTx("memory:" + OSymmetricKeyTest.class.getSimpleName());
    if (db.exists()) {
        db.open("admin", "admin");
        db.drop();
    }
    db.create();
    final String user = "test";
    command(db, "insert into OUser set name=?, password='password', status='ACTIVE', roles=(SELECT FROM ORole WHERE name = ?)", user, "admin");
    command(db, "update OUser set properties={'@type':'d', 'key':'8BC7LeGkFbmHEYNTz5GwDw==','keyAlgorithm':'AES'} where name = ?", user);
    db.close();
    db.setProperty(ODatabase.OPTIONS.SECURITY.toString(), OSymmetricKeySecurity.class);
    OSymmetricKey sk = new OSymmetricKey("AES", "8BC7LeGkFbmHEYNTz5GwDw==");
    // We encrypt the username and specify the Base64-encoded JSON document as the password.
    db.open(user, sk.encrypt("AES/CBC/PKCS5Padding", user));
    db.close();
}
Also used : OSymmetricKey(com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey) ODatabaseDocumentTx(com.orientechnologies.orient.core.db.document.ODatabaseDocumentTx) Test(org.junit.Test)

Example 5 with OSymmetricKey

use of com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey in project orientdb by orientechnologies.

the class OSymmetricKeyTest method shouldTestGeneratedAESKey.

@Test
public void shouldTestGeneratedAESKey() throws Exception {
    OSymmetricKey sk = new OSymmetricKey("AES", "AES/CBC/PKCS5Padding", 128);
    String key = sk.getBase64Key();
    String msgToEncrypt = "Please, encrypt this!";
    String magic = sk.encrypt(msgToEncrypt);
    OSymmetricKey sk2 = new OSymmetricKey("AES", key);
    String decryptedMsg = sk2.decryptAsString(magic);
    assertThat(msgToEncrypt).isEqualTo(decryptedMsg);
}
Also used : OSymmetricKey(com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey) Test(org.junit.Test)

Aggregations

OSymmetricKey (com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKey)5 Test (org.junit.Test)4 ODatabaseDocumentTx (com.orientechnologies.orient.core.db.document.ODatabaseDocumentTx)1 OSecurityAccessException (com.orientechnologies.orient.core.exception.OSecurityAccessException)1 OUser (com.orientechnologies.orient.core.metadata.security.OUser)1 OUserSymmetricKeyConfig (com.orientechnologies.orient.core.security.symmetrickey.OUserSymmetricKeyConfig)1