Search in sources :

Example 36 with GoCipher

use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.

the class ConfigCipherUpdaterTest method shouldMigrateEncryptedValuesEncryptedWithFlawedCipher.

@Test
public void shouldMigrateEncryptedValuesEncryptedWithFlawedCipher() throws Exception {
    String originalConfig = readFileToString(originalConfigFile, UTF_8);
    assertThat(originalConfig, containsString("<encryptedValue>" + passwordEncryptedWithFlawedCipher + "</encryptedValue>"));
    updater.migrate();
    writeStringToFile(new File(systemEnvironment.getCruiseConfigFile()), ConfigMigrator.migrate(readFileToString(new File(systemEnvironment.getCruiseConfigFile()), UTF_8)), UTF_8);
    File copyOfOldConfig = new File(systemEnvironment.getConfigDir(), "cipher.original." + timestamp);
    assertThat(copyOfOldConfig.exists(), is(true));
    assertThat(readFileToString(copyOfOldConfig, UTF_8).equals(FLAWED_VALUE), is(true));
    assertThat(readFileToString(systemEnvironment.getDESCipherFile(), UTF_8).equals(FLAWED_VALUE), is(false));
    File editedConfigFile = new File(systemEnvironment.getCruiseConfigFile());
    String editedConfig = readFileToString(editedConfigFile, UTF_8);
    assertThat(editedConfig.contains("<encryptedValue>" + passwordEncryptedWithFlawedCipher + "</encryptedValue>"), is(false));
    CruiseConfig config = magicalGoConfigXmlLoader.loadConfigHolder(editedConfig).config;
    EnvironmentVariablesConfig secureVariables = config.getAllPipelineConfigs().get(0).getSecureVariables();
    assertThat(secureVariables.first().getValue(), is(password));
    assertThat(new GoCipher().decrypt(secureVariables.first().getEncryptedValue()), is(password));
}
Also used : GoCipher(com.thoughtworks.go.security.GoCipher) File(java.io.File) Test(org.junit.jupiter.api.Test)

Example 37 with GoCipher

use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.

the class ConfigCipherUpdaterTest method shouldMigrateEncryptedPasswordsThatWereEncryptedWithFlawedCipher.

@Test
public void shouldMigrateEncryptedPasswordsThatWereEncryptedWithFlawedCipher() throws Exception {
    String originalConfig = readFileToString(originalConfigFile, UTF_8);
    assertThat(originalConfig, containsString("encryptedPassword=\"" + passwordEncryptedWithFlawedCipher + "\""));
    updater.migrate();
    writeStringToFile(new File(systemEnvironment.getCruiseConfigFile()), ConfigMigrator.migrate(readFileToString(new File(systemEnvironment.getCruiseConfigFile()), UTF_8)), UTF_8);
    File copyOfOldConfig = new File(systemEnvironment.getConfigDir(), "cipher.original." + timestamp);
    assertThat(copyOfOldConfig.exists(), is(true));
    assertThat(readFileToString(copyOfOldConfig, UTF_8).equals(FLAWED_VALUE), is(true));
    String newCipher = readFileToString(systemEnvironment.getDESCipherFile(), UTF_8);
    assertThat(newCipher.equals(FLAWED_VALUE), is(false));
    File editedConfigFile = new File(systemEnvironment.getCruiseConfigFile());
    String editedConfig = readFileToString(editedConfigFile, UTF_8);
    assertThat(editedConfig.contains("encryptedPassword=\"" + passwordEncryptedWithFlawedCipher + "\""), is(false));
    CruiseConfig config = magicalGoConfigXmlLoader.loadConfigHolder(editedConfig).config;
    MaterialConfigs materialConfigs = config.getAllPipelineConfigs().get(0).materialConfigs();
    SvnMaterialConfig svnMaterial = materialConfigs.getSvnMaterial();
    assertThat(svnMaterial.getPassword(), is(password));
    assertThat(svnMaterial.getEncryptedPassword(), startsWith("AES:"));
    assertThat(new GoCipher().decrypt(svnMaterial.getEncryptedPassword()), is("password"));
    P4MaterialConfig p4Material = materialConfigs.getP4Material();
    assertThat(p4Material.getPassword(), is(password));
    assertThat(p4Material.getEncryptedPassword(), startsWith("AES:"));
    assertThat(new GoCipher().decrypt(p4Material.getEncryptedPassword()), is("password"));
    TfsMaterialConfig tfsMaterial = materialConfigs.getTfsMaterial();
    assertThat(tfsMaterial.getPassword(), is(password));
    assertThat(tfsMaterial.getEncryptedPassword(), startsWith("AES:"));
    assertThat(new GoCipher().decrypt(tfsMaterial.getEncryptedPassword()), is("password"));
}
Also used : MaterialConfigs(com.thoughtworks.go.config.materials.MaterialConfigs) GoCipher(com.thoughtworks.go.security.GoCipher) P4MaterialConfig(com.thoughtworks.go.config.materials.perforce.P4MaterialConfig) TfsMaterialConfig(com.thoughtworks.go.config.materials.tfs.TfsMaterialConfig) SvnMaterialConfig(com.thoughtworks.go.config.materials.svn.SvnMaterialConfig) File(java.io.File) Test(org.junit.jupiter.api.Test)

Example 38 with GoCipher

use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.

the class ConfigConverterTest method shouldConvertGitMaterialConfigToCRGitMaterialWhenPlainPassword.

@Test
void shouldConvertGitMaterialConfigToCRGitMaterialWhenPlainPassword() throws CryptoException {
    GitMaterialConfig gitMaterialConfig = git("url", "branch", true);
    gitMaterialConfig.setName(new CaseInsensitiveString("name"));
    gitMaterialConfig.setFolder("folder");
    gitMaterialConfig.setAutoUpdate(true);
    gitMaterialConfig.setInvertFilter(false);
    gitMaterialConfig.setFilter(Filter.create("filter"));
    gitMaterialConfig.setPassword("secret");
    CRGitMaterial crGitMaterial = (CRGitMaterial) configConverter.materialToCRMaterial(gitMaterialConfig);
    assertThat(crGitMaterial.getName()).isEqualTo("name");
    assertThat(crGitMaterial.getDestination()).isEqualTo("folder");
    assertThat(crGitMaterial.isAutoUpdate()).isTrue();
    assertThat(crGitMaterial.isWhitelist()).isFalse();
    assertThat(crGitMaterial.getFilterList()).contains("filter");
    assertThat(crGitMaterial.getUrl()).isEqualTo("url");
    assertThat(crGitMaterial.getBranch()).isEqualTo("branch");
    assertThat(crGitMaterial.isShallowClone()).isTrue();
    assertThat(crGitMaterial.getPassword()).isNull();
    assertThat(crGitMaterial.getEncryptedPassword()).isEqualTo(new GoCipher().encrypt("secret"));
}
Also used : GoCipher(com.thoughtworks.go.security.GoCipher) GitMaterialConfig(com.thoughtworks.go.config.materials.git.GitMaterialConfig) Test(org.junit.jupiter.api.Test)

Example 39 with GoCipher

use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.

the class ConfigConverterTest method shouldConvertGitMaterialConfigToCRGitMaterialWhenEncryptedPassword.

@Test
void shouldConvertGitMaterialConfigToCRGitMaterialWhenEncryptedPassword() throws CryptoException {
    GitMaterialConfig gitMaterialConfig = git("url", "branch", true);
    gitMaterialConfig.setName(new CaseInsensitiveString("name"));
    gitMaterialConfig.setFolder("folder");
    gitMaterialConfig.setAutoUpdate(true);
    gitMaterialConfig.setInvertFilter(false);
    gitMaterialConfig.setFilter(Filter.create("filter"));
    gitMaterialConfig.setEncryptedPassword(new GoCipher().encrypt("secret"));
    CRGitMaterial crGitMaterial = (CRGitMaterial) configConverter.materialToCRMaterial(gitMaterialConfig);
    assertThat(crGitMaterial.getName()).isEqualTo("name");
    assertThat(crGitMaterial.getDestination()).isEqualTo("folder");
    assertThat(crGitMaterial.isAutoUpdate()).isTrue();
    assertThat(crGitMaterial.isWhitelist()).isFalse();
    assertThat(crGitMaterial.getFilterList()).contains("filter");
    assertThat(crGitMaterial.getUrl()).isEqualTo("url");
    assertThat(crGitMaterial.getBranch()).isEqualTo("branch");
    assertThat(crGitMaterial.isShallowClone()).isTrue();
    assertThat(crGitMaterial.getEncryptedPassword()).isEqualTo(new GoCipher().encrypt("secret"));
}
Also used : GoCipher(com.thoughtworks.go.security.GoCipher) GitMaterialConfig(com.thoughtworks.go.config.materials.git.GitMaterialConfig) Test(org.junit.jupiter.api.Test)

Example 40 with GoCipher

use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.

the class ConfigConverterTest method shouldConvertGitMaterialWhenEncryptedPassword.

@Test
void shouldConvertGitMaterialWhenEncryptedPassword() throws CryptoException {
    CRGitMaterial crGitMaterial = new CRGitMaterial("name", "folder", true, false, null, filter, "url", "branch", true);
    crGitMaterial.setEncryptedPassword(new GoCipher().encrypt("secret"));
    GitMaterialConfig gitMaterialConfig = (GitMaterialConfig) configConverter.toMaterialConfig(crGitMaterial, context, new SCMs());
    assertThat(gitMaterialConfig.getName().toLower()).isEqualTo("name");
    assertThat(gitMaterialConfig.getFolder()).isEqualTo("folder");
    assertThat(gitMaterialConfig.getAutoUpdate()).isTrue();
    assertThat(gitMaterialConfig.isInvertFilter()).isFalse();
    assertThat(gitMaterialConfig.getFilterAsString()).isEqualTo("filter");
    assertThat(gitMaterialConfig.getUrl()).isEqualTo("url");
    assertThat(gitMaterialConfig.getBranch()).isEqualTo("branch");
    assertThat(gitMaterialConfig.getPassword()).isEqualTo("secret");
}
Also used : SCMs(com.thoughtworks.go.domain.scm.SCMs) GoCipher(com.thoughtworks.go.security.GoCipher) GitMaterialConfig(com.thoughtworks.go.config.materials.git.GitMaterialConfig) Test(org.junit.jupiter.api.Test)

Aggregations

GoCipher (com.thoughtworks.go.security.GoCipher)196 Test (org.junit.jupiter.api.Test)117 Test (org.junit.Test)57 UrlArgument (com.thoughtworks.go.util.command.UrlArgument)30 ArrayList (java.util.ArrayList)23 PluginConfiguration (com.thoughtworks.go.plugin.domain.common.PluginConfiguration)22 ConfigurationProperty (com.thoughtworks.go.domain.config.ConfigurationProperty)21 HttpLocalizedOperationResult (com.thoughtworks.go.server.service.result.HttpLocalizedOperationResult)19 HashMap (java.util.HashMap)19 CaseInsensitiveString (com.thoughtworks.go.config.CaseInsensitiveString)17 ConfigurationKey (com.thoughtworks.go.domain.config.ConfigurationKey)13 Metadata (com.thoughtworks.go.plugin.domain.common.Metadata)13 PluggableInstanceSettings (com.thoughtworks.go.plugin.domain.common.PluggableInstanceSettings)13 ConfigurationValue (com.thoughtworks.go.domain.config.ConfigurationValue)11 EnvironmentVariableConfig (com.thoughtworks.go.config.EnvironmentVariableConfig)10 SvnMaterialConfig (com.thoughtworks.go.config.materials.svn.SvnMaterialConfig)10 File (java.io.File)9 ConfigSaveValidationContext (com.thoughtworks.go.config.ConfigSaveValidationContext)8 TfsMaterialConfig (com.thoughtworks.go.config.materials.tfs.TfsMaterialConfig)8 Configuration (com.thoughtworks.go.domain.config.Configuration)8