Example 1 with AESCipherProvider
use of com.thoughtworks.go.security.AESCipherProvider in project gocd by gocd.
the class BackupServiceIntegrationTest method shouldPerformConfigBackupForAllConfigFiles.
@Test
public void shouldPerformConfigBackupForAllConfigFiles() throws Exception {
try {
createConfigFile("foo", "foo_foo");
createConfigFile("bar", "bar_bar");
createConfigFile("baz", "hazar_bar");
createConfigFile("hello/world/file", "hello world!");
createConfigFile("some_dir/cruise-config.xml", "some-other-cruise-config");
createConfigFile("some_dir/cipher", "some-cipher");
ServerBackup backup = backupService.startBackup(admin);
assertThat(backup.isSuccessful(), is(true));
assertThat(backup.getMessage(), is("Backup was generated successfully."));
File configZip = backedUpFile("config-dir.zip");
assertThat(fileContents(configZip, "foo"), is("foo_foo"));
assertThat(fileContents(configZip, "bar"), is("bar_bar"));
assertThat(fileContents(configZip, "baz"), is("hazar_bar"));
assertThat(fileContents(configZip, FilenameUtils.separatorsToSystem("hello/world/file")), is("hello world!"));
assertThat(fileContents(configZip, FilenameUtils.separatorsToSystem("some_dir/cruise-config.xml")), is("some-other-cruise-config"));
assertThat(fileContents(configZip, FilenameUtils.separatorsToSystem("some_dir/cipher")), is("some-cipher"));
assertThat(fileContents(configZip, "cruise-config.xml"), is(goConfigService.xml()));
byte[] realDesCipher = new DESCipherProvider(systemEnvironment).getKey();
byte[] realAESCipher = new AESCipherProvider(systemEnvironment).getKey();
assertThat(fileContents(configZip, "cipher"), is(encodeHexString(realDesCipher)));
assertThat(fileContents(configZip, "cipher.aes"), is(encodeHexString(realAESCipher)));
} finally {
deleteConfigFileIfExists("foo", "bar", "baz", "hello", "some_dir");
}
}
Also used :
ServerBackup(com.thoughtworks.go.server.domain.ServerBackup)
DESCipherProvider(com.thoughtworks.go.security.DESCipherProvider)
AESCipherProvider(com.thoughtworks.go.security.AESCipherProvider)
Test(org.junit.jupiter.api.Test)
Example 2 with AESCipherProvider
use of com.thoughtworks.go.security.AESCipherProvider in project gocd by gocd.
the class DirectoryStructureWalker method backupConfig.
private void backupConfig(File backupDir, List<BackupUpdateListener> backupUpdateListeners) throws IOException {
notifyUpdateToListeners(backupUpdateListeners, BackupProgressStatus.BACKUP_CONFIG);
String configDirectory = systemEnvironment.getConfigDir();
try (ZipOutputStream configZip = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(new File(backupDir, CONFIG_BACKUP_ZIP))))) {
File cruiseConfigFile = new File(systemEnvironment.getCruiseConfigFile());
File desCipherFile = systemEnvironment.getDESCipherFile();
File aesCipherFile = systemEnvironment.getAESCipherFile();
new DirectoryStructureWalker(configDirectory, configZip, cruiseConfigFile, desCipherFile, aesCipherFile).walk();
configZip.putNextEntry(new ZipEntry(cruiseConfigFile.getName()));
IOUtils.write(goConfigService.xml(), configZip, UTF_8);
if (desCipherFile.exists()) {
configZip.putNextEntry(new ZipEntry(desCipherFile.getName()));
IOUtils.write(encodeHexString(new DESCipherProvider(systemEnvironment).getKey()), configZip, UTF_8);
}
configZip.putNextEntry(new ZipEntry(aesCipherFile.getName()));
IOUtils.write(encodeHexString(new AESCipherProvider(systemEnvironment).getKey()), configZip, UTF_8);
}
}
Also used :
DESCipherProvider(com.thoughtworks.go.security.DESCipherProvider)
ZipOutputStream(java.util.zip.ZipOutputStream)
ZipEntry(java.util.zip.ZipEntry)
AESCipherProvider(com.thoughtworks.go.security.AESCipherProvider)
Hex.encodeHexString(org.apache.commons.codec.binary.Hex.encodeHexString)
Example 3 with AESCipherProvider
use of com.thoughtworks.go.security.AESCipherProvider in project gocd by gocd.
the class MagicalGoConfigXmlLoaderTest method shouldMigrateDESEncryptedPluginPropertyValue_XslMigrationFrom108To109.
@Test
void shouldMigrateDESEncryptedPluginPropertyValue_XslMigrationFrom108To109(ResetCipher resetCipher) throws Exception {
resetCipher.setupDESCipherFile();
String clearText = "user-password!";
// "user-password!" encrypted using the above key
String desEncryptedPassword = "mvcX9yrQsM4iPgm1tDxN1A==";
String content = configWithPluggableScm("" + " <scm id='f7c309f5-ea4d-41c5-9c43-95d79fa9ec7b' name='gocd-private'>" + " <pluginConfiguration id='github.pr' version='1' />" + " <configuration>" + " <property>" + " <key>plainTextKey</key>" + " <value>https://url/some_path</value>" + " </property>" + " <property>" + " <key>secureKey</key>" + " <encryptedValue>" + desEncryptedPassword + "</encryptedValue>" + " </property>" + " </configuration>" + " </scm>", 108);
CruiseConfig config = ConfigMigrator.loadWithMigration(content).config;
assertThat(config.getSCMs().get(0).getConfiguration().getProperty("secureKey").getValue()).isEqualTo(clearText);
String encryptedValue = config.getSCMs().get(0).getConfiguration().getProperty("secureKey").getEncryptedValue();
assertThat(encryptedValue).startsWith("AES:");
assertThat(new AESEncrypter(new AESCipherProvider(systemEnvironment)).decrypt(encryptedValue)).isEqualTo("user-password!");
assertThat(config.getSCMs().get(0).getConfiguration().getProperty("plainTextKey").getValue()).isEqualTo("https://url/some_path");
}
Also used :
AESEncrypter(com.thoughtworks.go.security.AESEncrypter)
AESCipherProvider(com.thoughtworks.go.security.AESCipherProvider)
Test(org.junit.jupiter.api.Test)
Example 4 with AESCipherProvider
use of com.thoughtworks.go.security.AESCipherProvider in project gocd by gocd.
the class MagicalGoConfigXmlLoaderTest method shouldMigrateDESEncryptedEnvironmentVariables_XslMigrationFrom108To109.
@Test
void shouldMigrateDESEncryptedEnvironmentVariables_XslMigrationFrom108To109(ResetCipher resetCipher) throws Exception {
resetCipher.setupDESCipherFile();
String clearText = "user-password!";
// "user-password!" encrypted using the above key
String desEncryptedPassword = "mvcX9yrQsM4iPgm1tDxN1A==";
String content = configWithPipeline("" + "<pipeline name='some_pipeline'>" + " <environmentvariables>" + " <variable name='var_name' secure='true'>" + " <encryptedValue>" + desEncryptedPassword + "</encryptedValue>" + " </variable>" + " </environmentvariables>" + " <materials>" + " <svn url='svnurl'/>" + " </materials>" + " <stage name='some_stage'>" + " <jobs>" + " <job name='some_job'><tasks><exec command='echo'><runif status='passed' /></exec></tasks>" + " </job>" + " </jobs>" + " </stage>" + "</pipeline>", 108);
CruiseConfig config = ConfigMigrator.loadWithMigration(content).config;
assertThat(config.allPipelines().get(0).getVariables().get(0).getValue()).isEqualTo(clearText);
String encryptedValue = config.allPipelines().get(0).getVariables().get(0).getEncryptedValue();
assertThat(encryptedValue).startsWith("AES:");
assertThat(new AESEncrypter(new AESCipherProvider(systemEnvironment)).decrypt(encryptedValue)).isEqualTo("user-password!");
}
Also used :
AESEncrypter(com.thoughtworks.go.security.AESEncrypter)
AESCipherProvider(com.thoughtworks.go.security.AESCipherProvider)
Test(org.junit.jupiter.api.Test)
Aggregations
AESCipherProvider (com.thoughtworks.go.security.AESCipherProvider)4
Test (org.junit.jupiter.api.Test)3
AESEncrypter (com.thoughtworks.go.security.AESEncrypter)2
DESCipherProvider (com.thoughtworks.go.security.DESCipherProvider)2
ServerBackup (com.thoughtworks.go.server.domain.ServerBackup)1
ZipEntry (java.util.zip.ZipEntry)1
ZipOutputStream (java.util.zip.ZipOutputStream)1
Hex.encodeHexString (org.apache.commons.codec.binary.Hex.encodeHexString)1
