use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.
the class ConfigCipherUpdaterTest method shouldMigrateEncryptedValuesEncryptedWithFlawedCipher.
@Test
public void shouldMigrateEncryptedValuesEncryptedWithFlawedCipher() throws Exception {
String originalConfig = readFileToString(originalConfigFile, UTF_8);
assertThat(originalConfig, containsString("<encryptedValue>" + passwordEncryptedWithFlawedCipher + "</encryptedValue>"));
updater.migrate();
writeStringToFile(new File(systemEnvironment.getCruiseConfigFile()), ConfigMigrator.migrate(readFileToString(new File(systemEnvironment.getCruiseConfigFile()), UTF_8)), UTF_8);
File copyOfOldConfig = new File(systemEnvironment.getConfigDir(), "cipher.original." + timestamp);
assertThat(copyOfOldConfig.exists(), is(true));
assertThat(readFileToString(copyOfOldConfig, UTF_8).equals(FLAWED_VALUE), is(true));
assertThat(readFileToString(systemEnvironment.getDESCipherFile(), UTF_8).equals(FLAWED_VALUE), is(false));
File editedConfigFile = new File(systemEnvironment.getCruiseConfigFile());
String editedConfig = readFileToString(editedConfigFile, UTF_8);
assertThat(editedConfig.contains("<encryptedValue>" + passwordEncryptedWithFlawedCipher + "</encryptedValue>"), is(false));
CruiseConfig config = magicalGoConfigXmlLoader.loadConfigHolder(editedConfig).config;
EnvironmentVariablesConfig secureVariables = config.getAllPipelineConfigs().get(0).getSecureVariables();
assertThat(secureVariables.first().getValue(), is(password));
assertThat(new GoCipher().decrypt(secureVariables.first().getEncryptedValue()), is(password));
}
use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.
the class ConfigCipherUpdaterTest method shouldMigrateEncryptedPasswordsThatWereEncryptedWithFlawedCipher.
@Test
public void shouldMigrateEncryptedPasswordsThatWereEncryptedWithFlawedCipher() throws Exception {
String originalConfig = readFileToString(originalConfigFile, UTF_8);
assertThat(originalConfig, containsString("encryptedPassword=\"" + passwordEncryptedWithFlawedCipher + "\""));
updater.migrate();
writeStringToFile(new File(systemEnvironment.getCruiseConfigFile()), ConfigMigrator.migrate(readFileToString(new File(systemEnvironment.getCruiseConfigFile()), UTF_8)), UTF_8);
File copyOfOldConfig = new File(systemEnvironment.getConfigDir(), "cipher.original." + timestamp);
assertThat(copyOfOldConfig.exists(), is(true));
assertThat(readFileToString(copyOfOldConfig, UTF_8).equals(FLAWED_VALUE), is(true));
String newCipher = readFileToString(systemEnvironment.getDESCipherFile(), UTF_8);
assertThat(newCipher.equals(FLAWED_VALUE), is(false));
File editedConfigFile = new File(systemEnvironment.getCruiseConfigFile());
String editedConfig = readFileToString(editedConfigFile, UTF_8);
assertThat(editedConfig.contains("encryptedPassword=\"" + passwordEncryptedWithFlawedCipher + "\""), is(false));
CruiseConfig config = magicalGoConfigXmlLoader.loadConfigHolder(editedConfig).config;
MaterialConfigs materialConfigs = config.getAllPipelineConfigs().get(0).materialConfigs();
SvnMaterialConfig svnMaterial = materialConfigs.getSvnMaterial();
assertThat(svnMaterial.getPassword(), is(password));
assertThat(svnMaterial.getEncryptedPassword(), startsWith("AES:"));
assertThat(new GoCipher().decrypt(svnMaterial.getEncryptedPassword()), is("password"));
P4MaterialConfig p4Material = materialConfigs.getP4Material();
assertThat(p4Material.getPassword(), is(password));
assertThat(p4Material.getEncryptedPassword(), startsWith("AES:"));
assertThat(new GoCipher().decrypt(p4Material.getEncryptedPassword()), is("password"));
TfsMaterialConfig tfsMaterial = materialConfigs.getTfsMaterial();
assertThat(tfsMaterial.getPassword(), is(password));
assertThat(tfsMaterial.getEncryptedPassword(), startsWith("AES:"));
assertThat(new GoCipher().decrypt(tfsMaterial.getEncryptedPassword()), is("password"));
}
use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.
the class ConfigConverterTest method shouldConvertGitMaterialConfigToCRGitMaterialWhenPlainPassword.
@Test
void shouldConvertGitMaterialConfigToCRGitMaterialWhenPlainPassword() throws CryptoException {
GitMaterialConfig gitMaterialConfig = git("url", "branch", true);
gitMaterialConfig.setName(new CaseInsensitiveString("name"));
gitMaterialConfig.setFolder("folder");
gitMaterialConfig.setAutoUpdate(true);
gitMaterialConfig.setInvertFilter(false);
gitMaterialConfig.setFilter(Filter.create("filter"));
gitMaterialConfig.setPassword("secret");
CRGitMaterial crGitMaterial = (CRGitMaterial) configConverter.materialToCRMaterial(gitMaterialConfig);
assertThat(crGitMaterial.getName()).isEqualTo("name");
assertThat(crGitMaterial.getDestination()).isEqualTo("folder");
assertThat(crGitMaterial.isAutoUpdate()).isTrue();
assertThat(crGitMaterial.isWhitelist()).isFalse();
assertThat(crGitMaterial.getFilterList()).contains("filter");
assertThat(crGitMaterial.getUrl()).isEqualTo("url");
assertThat(crGitMaterial.getBranch()).isEqualTo("branch");
assertThat(crGitMaterial.isShallowClone()).isTrue();
assertThat(crGitMaterial.getPassword()).isNull();
assertThat(crGitMaterial.getEncryptedPassword()).isEqualTo(new GoCipher().encrypt("secret"));
}
use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.
the class ConfigConverterTest method shouldConvertGitMaterialConfigToCRGitMaterialWhenEncryptedPassword.
@Test
void shouldConvertGitMaterialConfigToCRGitMaterialWhenEncryptedPassword() throws CryptoException {
GitMaterialConfig gitMaterialConfig = git("url", "branch", true);
gitMaterialConfig.setName(new CaseInsensitiveString("name"));
gitMaterialConfig.setFolder("folder");
gitMaterialConfig.setAutoUpdate(true);
gitMaterialConfig.setInvertFilter(false);
gitMaterialConfig.setFilter(Filter.create("filter"));
gitMaterialConfig.setEncryptedPassword(new GoCipher().encrypt("secret"));
CRGitMaterial crGitMaterial = (CRGitMaterial) configConverter.materialToCRMaterial(gitMaterialConfig);
assertThat(crGitMaterial.getName()).isEqualTo("name");
assertThat(crGitMaterial.getDestination()).isEqualTo("folder");
assertThat(crGitMaterial.isAutoUpdate()).isTrue();
assertThat(crGitMaterial.isWhitelist()).isFalse();
assertThat(crGitMaterial.getFilterList()).contains("filter");
assertThat(crGitMaterial.getUrl()).isEqualTo("url");
assertThat(crGitMaterial.getBranch()).isEqualTo("branch");
assertThat(crGitMaterial.isShallowClone()).isTrue();
assertThat(crGitMaterial.getEncryptedPassword()).isEqualTo(new GoCipher().encrypt("secret"));
}
use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.
the class ConfigConverterTest method shouldConvertGitMaterialWhenEncryptedPassword.
@Test
void shouldConvertGitMaterialWhenEncryptedPassword() throws CryptoException {
CRGitMaterial crGitMaterial = new CRGitMaterial("name", "folder", true, false, null, filter, "url", "branch", true);
crGitMaterial.setEncryptedPassword(new GoCipher().encrypt("secret"));
GitMaterialConfig gitMaterialConfig = (GitMaterialConfig) configConverter.toMaterialConfig(crGitMaterial, context, new SCMs());
assertThat(gitMaterialConfig.getName().toLower()).isEqualTo("name");
assertThat(gitMaterialConfig.getFolder()).isEqualTo("folder");
assertThat(gitMaterialConfig.getAutoUpdate()).isTrue();
assertThat(gitMaterialConfig.isInvertFilter()).isFalse();
assertThat(gitMaterialConfig.getFilterAsString()).isEqualTo("filter");
assertThat(gitMaterialConfig.getUrl()).isEqualTo("url");
assertThat(gitMaterialConfig.getBranch()).isEqualTo("branch");
assertThat(gitMaterialConfig.getPassword()).isEqualTo("secret");
}
Aggregations