Examples with SecureRandom java.security.SecureRandom used on opensource projects

Example 16 with SecureRandom

use of java.security.SecureRandom in project hbase by apache.

the class TestMobCompactor method testMajorCompactionFromAdmin.

@Test(timeout = 300000)
public void testMajorCompactionFromAdmin() throws Exception {
    resetConf();
    int mergeSize = 5000;
    // change the mob compaction merge size
    conf.setLong(MobConstants.MOB_COMPACTION_MERGEABLE_THRESHOLD, mergeSize);
    SecureRandom rng = new SecureRandom();
    byte[] keyBytes = new byte[AES.KEY_LENGTH];
    rng.nextBytes(keyBytes);
    String algorithm = conf.get(HConstants.CRYPTO_KEY_ALGORITHM_CONF_KEY, HConstants.CIPHER_AES);
    Key cfKey = new SecretKeySpec(keyBytes, algorithm);
    byte[] encryptionKey = EncryptionUtil.wrapKey(conf, conf.get(HConstants.CRYPTO_MASTERKEY_NAME_CONF_KEY, User.getCurrent().getShortName()), cfKey);
    final TableName tableName = TableName.valueOf(name.getMethodName());
    HTableDescriptor desc = new HTableDescriptor(tableName);
    HColumnDescriptor hcd1 = new HColumnDescriptor(family1);
    hcd1.setMobEnabled(true);
    hcd1.setMobThreshold(0);
    hcd1.setEncryptionType(algorithm);
    hcd1.setEncryptionKey(encryptionKey);
    HColumnDescriptor hcd2 = new HColumnDescriptor(family2);
    hcd2.setMobEnabled(true);
    hcd2.setMobThreshold(0);
    desc.addFamily(hcd1);
    desc.addFamily(hcd2);
    admin.createTable(desc, getSplitKeys());
    Table table = conn.getTable(tableName);
    BufferedMutator bufMut = conn.getBufferedMutator(tableName);
    int count = 4;
    // generate mob files
    loadData(admin, bufMut, tableName, count, rowNumPerFile);
    int rowNumPerRegion = count * rowNumPerFile;
    assertEquals("Before deleting: mob rows count", regionNum * rowNumPerRegion, countMobRows(table));
    assertEquals("Before deleting: mob cells count", regionNum * cellNumPerRow * rowNumPerRegion, countMobCells(table));
    assertEquals("Before deleting: mob file count", regionNum * count, countFiles(tableName, true, family1));
    createDelFile(table, tableName, Bytes.toBytes(family1), Bytes.toBytes(qf1));
    assertEquals("Before compaction: mob rows count", regionNum * (rowNumPerRegion - delRowNum), countMobRows(table));
    assertEquals("Before compaction: mob cells count", regionNum * (cellNumPerRow * rowNumPerRegion - delCellNum), countMobCells(table));
    assertEquals("Before compaction: family1 mob file count", regionNum * count, countFiles(tableName, true, family1));
    assertEquals("Before compaction: family2 mob file count", regionNum * count, countFiles(tableName, true, family2));
    assertEquals("Before compaction: family1 del file count", regionNum, countFiles(tableName, false, family1));
    assertEquals("Before compaction: family2 del file count", regionNum, countFiles(tableName, false, family2));
    // do the major mob compaction, it will force all files to compaction
    admin.majorCompact(tableName, hcd1.getName(), CompactType.MOB);
    waitUntilMobCompactionFinished(tableName);
    assertEquals("After compaction: mob rows count", regionNum * (rowNumPerRegion - delRowNum), countMobRows(table));
    assertEquals("After compaction: mob cells count", regionNum * (cellNumPerRow * rowNumPerRegion - delCellNum), countMobCells(table));
    assertEquals("After compaction: family1 mob file count", regionNum, countFiles(tableName, true, family1));
    assertEquals("After compaction: family2 mob file count", regionNum * count, countFiles(tableName, true, family2));
    assertEquals("After compaction: family1 del file count", 0, countFiles(tableName, false, family1));
    assertEquals("After compaction: family2 del file count", regionNum, countFiles(tableName, false, family2));
    Assert.assertTrue(verifyEncryption(tableName, family1));
    table.close();
}

Example 17 with SecureRandom

use of java.security.SecureRandom in project hbase by apache.

the class TestReplicationSink method testReplicateEntriesForHFiles.

/**
   * Test replicateEntries with a bulk load entry for 25 HFiles
   */
@Test
public void testReplicateEntriesForHFiles() throws Exception {
    Path dir = TEST_UTIL.getDataTestDirOnTestFS("testReplicateEntries");
    Path familyDir = new Path(dir, Bytes.toString(FAM_NAME1));
    int numRows = 10;
    List<Path> p = new ArrayList<>(1);
    // 1. Generate 25 hfile ranges
    Random rng = new SecureRandom();
    Set<Integer> numbers = new HashSet<>();
    while (numbers.size() < 50) {
        numbers.add(rng.nextInt(1000));
    }
    List<Integer> numberList = new ArrayList<>(numbers);
    Collections.sort(numberList);
    Map<String, Long> storeFilesSize = new HashMap<>(1);
    // 2. Create 25 hfiles
    Configuration conf = TEST_UTIL.getConfiguration();
    FileSystem fs = dir.getFileSystem(conf);
    Iterator<Integer> numbersItr = numberList.iterator();
    for (int i = 0; i < 25; i++) {
        Path hfilePath = new Path(familyDir, "hfile_" + i);
        HFileTestUtil.createHFile(conf, fs, hfilePath, FAM_NAME1, FAM_NAME1, Bytes.toBytes(numbersItr.next()), Bytes.toBytes(numbersItr.next()), numRows);
        p.add(hfilePath);
        storeFilesSize.put(hfilePath.getName(), fs.getFileStatus(hfilePath).getLen());
    }
    // 3. Create a BulkLoadDescriptor and a WALEdit
    Map<byte[], List<Path>> storeFiles = new HashMap<>(1);
    storeFiles.put(FAM_NAME1, p);
    WALEdit edit = null;
    WALProtos.BulkLoadDescriptor loadDescriptor = null;
    try (Connection c = ConnectionFactory.createConnection(conf);
        RegionLocator l = c.getRegionLocator(TABLE_NAME1)) {
        HRegionInfo regionInfo = l.getAllRegionLocations().get(0).getRegionInfo();
        loadDescriptor = ProtobufUtil.toBulkLoadDescriptor(TABLE_NAME1, UnsafeByteOperations.unsafeWrap(regionInfo.getEncodedNameAsBytes()), storeFiles, storeFilesSize, 1);
        edit = WALEdit.createBulkLoadEvent(regionInfo, loadDescriptor);
    }
    List<WALEntry> entries = new ArrayList<>(1);
    // 4. Create a WALEntryBuilder
    WALEntry.Builder builder = createWALEntryBuilder(TABLE_NAME1);
    // 5. Copy the hfile to the path as it is in reality
    for (int i = 0; i < 25; i++) {
        String pathToHfileFromNS = new StringBuilder(100).append(TABLE_NAME1.getNamespaceAsString()).append(Path.SEPARATOR).append(Bytes.toString(TABLE_NAME1.getName())).append(Path.SEPARATOR).append(Bytes.toString(loadDescriptor.getEncodedRegionName().toByteArray())).append(Path.SEPARATOR).append(Bytes.toString(FAM_NAME1)).append(Path.SEPARATOR).append("hfile_" + i).toString();
        String dst = baseNamespaceDir + Path.SEPARATOR + pathToHfileFromNS;
        FileUtil.copy(fs, p.get(0), fs, new Path(dst), false, conf);
    }
    entries.add(builder.build());
    try (ResultScanner scanner = table1.getScanner(new Scan())) {
        // 6. Assert no existing data in table
        assertEquals(0, scanner.next(numRows).length);
    }
    // 7. Replicate the bulk loaded entry
    SINK.replicateEntries(entries, CellUtil.createCellScanner(edit.getCells().iterator()), replicationClusterId, baseNamespaceDir, hfileArchiveDir);
    try (ResultScanner scanner = table1.getScanner(new Scan())) {
        // 8. Assert data is replicated
        assertEquals(numRows, scanner.next(numRows).length);
    }
}

Example 18 with SecureRandom

use of java.security.SecureRandom in project tomcat by apache.

the class Util method generateMask.

static byte[] generateMask() {
    // SecureRandom is not thread-safe so need to make sure only one thread
    // uses it at a time. In theory, the pool could grow to the same size
    // as the number of request processing threads. In reality it will be
    // a lot smaller.
    // Get a SecureRandom from the pool
    SecureRandom sr = randoms.poll();
    // If one isn't available, generate a new one
    if (sr == null) {
        try {
            sr = SecureRandom.getInstance("SHA1PRNG");
        } catch (NoSuchAlgorithmException e) {
            // Fall back to platform default
            sr = new SecureRandom();
        }
    }
    // Generate the mask
    byte[] result = new byte[4];
    sr.nextBytes(result);
    // Put the SecureRandom back in the poll
    randoms.add(sr);
    return result;
}

Example 19 with SecureRandom

use of java.security.SecureRandom in project cas by apereo.

the class Beans method newPasswordEncoder.

/**
     * New password encoder password encoder.
     *
     * @param properties the properties
     * @return the password encoder
     */
public static PasswordEncoder newPasswordEncoder(final PasswordEncoderProperties properties) {
    final String type = properties.getType();
    if (StringUtils.isBlank(type)) {
        LOGGER.debug("No password encoder type is defined, and so none shall be created");
        return NoOpPasswordEncoder.getInstance();
    }
    if (type.contains(".")) {
        try {
            LOGGER.debug("Configuration indicates use of a custom password encoder [{}]", type);
            final Class<PasswordEncoder> clazz = (Class<PasswordEncoder>) Class.forName(type);
            return clazz.newInstance();
        } catch (final Exception e) {
            LOGGER.error("Falling back to a no-op password encoder as CAS has failed to create " + "an instance of the custom password encoder class " + type, e);
            return NoOpPasswordEncoder.getInstance();
        }
    }
    final PasswordEncoderProperties.PasswordEncoderTypes encoderType = PasswordEncoderProperties.PasswordEncoderTypes.valueOf(type);
    switch(encoderType) {
        case DEFAULT:
            LOGGER.debug("Creating default password encoder with encoding alg [{}] and character encoding [{}]", properties.getEncodingAlgorithm(), properties.getCharacterEncoding());
            return new DefaultPasswordEncoder(properties.getEncodingAlgorithm(), properties.getCharacterEncoding());
        case STANDARD:
            LOGGER.debug("Creating standard password encoder with the secret defined in the configuration");
            return new StandardPasswordEncoder(properties.getSecret());
        case BCRYPT:
            LOGGER.debug("Creating BCRYPT password encoder given the strength [{}] and secret in the configuration", properties.getStrength());
            if (StringUtils.isBlank(properties.getSecret())) {
                LOGGER.debug("Creating BCRYPT encoder without secret");
                return new BCryptPasswordEncoder(properties.getStrength());
            }
            LOGGER.debug("Creating BCRYPT encoder with secret");
            return new BCryptPasswordEncoder(properties.getStrength(), new SecureRandom(properties.getSecret().getBytes(StandardCharsets.UTF_8)));
        case SCRYPT:
            LOGGER.debug("Creating SCRYPT encoder");
            return new SCryptPasswordEncoder();
        case PBKDF2:
            if (StringUtils.isBlank(properties.getSecret())) {
                LOGGER.debug("Creating PBKDF2 encoder without secret");
                return new Pbkdf2PasswordEncoder();
            }
            final int hashWidth = 256;
            return new Pbkdf2PasswordEncoder(properties.getSecret(), properties.getStrength(), hashWidth);
        case NONE:
        default:
            LOGGER.debug("No password encoder shall be created given the requested encoder type [{}]", type);
            return NoOpPasswordEncoder.getInstance();
    }
}

Example 20 with SecureRandom

use of java.security.SecureRandom in project cas by apereo.

the class QueryDatabaseAuthenticationHandlerTests method verifyBCryptSuccess.

/**
     * This test proves that in case BCRYPT and
     * using raw password test can authenticate
     */
@Test
public void verifyBCryptSuccess() throws Exception {
    final BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(6, new SecureRandom("secret2".getBytes(StandardCharsets.UTF_8)));
    final String sql = SQL.replace("*", "'" + encoder.encode("pswbc2") + "' password");
    final QueryDatabaseAuthenticationHandler q = new QueryDatabaseAuthenticationHandler("", null, null, null, this.dataSource, sql, PASSWORD_FIELD, null, null, Collections.emptyMap());
    q.setPasswordEncoder(encoder);
    assertNotNull(q.authenticate(CoreAuthenticationTestUtils.getCredentialsWithDifferentUsernameAndPassword("user3", "pswbc2")));
}