Search in sources :

Example 1 with ConfigurableEncryptor

use of org.apache.knox.gateway.services.security.impl.ConfigurableEncryptor in project knox by apache.

the class SecureQueryEncryptProcessor method initialize.

@Override
public void initialize(UrlRewriteEnvironment environment, SecureQueryEncryptDescriptor descriptor) throws Exception {
    encryptor = new ConfigurableEncryptor("encryptQueryString");
    encryptor.init((GatewayConfig) environment.getAttribute(GatewayConfig.GATEWAY_CONFIG_ATTRIBUTE));
}
Also used : ConfigurableEncryptor(org.apache.knox.gateway.services.security.impl.ConfigurableEncryptor)

Example 2 with ConfigurableEncryptor

use of org.apache.knox.gateway.services.security.impl.ConfigurableEncryptor in project knox by apache.

the class CryptoServiceTest method testConfigurableEncryptor.

@Test
public void testConfigurableEncryptor() throws Exception {
    GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
    EasyMock.expect(config.getAlgorithm()).andReturn("AES");
    EasyMock.expect(config.getPBEAlgorithm()).andReturn("PBKDF2WithHmacSHA1");
    EasyMock.expect(config.getSaltSize()).andReturn("16");
    EasyMock.expect(config.getIterationCount()).andReturn("65536");
    EasyMock.expect(config.getKeyLength()).andReturn("128");
    EasyMock.expect(config.getTransformation()).andReturn("AES/CBC/PKCS5Padding");
    EasyMock.replay(config);
    // password to create key - same Encryptor
    ConfigurableEncryptor aes = new ConfigurableEncryptor("Test");
    aes.init(config);
    EncryptionResult result = aes.encrypt("larry".getBytes("UTF8"));
    byte[] decrypted = aes.decrypt(result.salt, result.iv, result.cipher);
    assertEquals(new String(decrypted, "UTF8"), "larry");
    // password to create key - different Encryptor
    ConfigurableEncryptor aes2 = new ConfigurableEncryptor("Test");
    aes2.init(config);
    decrypted = aes2.decrypt(result.salt, result.iv, result.cipher);
    assertEquals(new String(decrypted, "UTF8"), "larry");
    // password to create key resolved from alias - same Encryptor
    ConfigurableEncryptor aes3 = new ConfigurableEncryptor(new String(as.getPasswordFromAliasForCluster("test", "encrypt_url")));
    aes3.init(config);
    result = aes3.encrypt("larry".getBytes("UTF8"));
    decrypted = aes3.decrypt(result.salt, result.iv, result.cipher);
    assertEquals(new String(decrypted, "UTF8"), "larry");
    // password to create key resolved from alias - different Encryptor
    ConfigurableEncryptor aes4 = new ConfigurableEncryptor(new String(as.getPasswordFromAliasForCluster("test", "encrypt_url")));
    aes4.init(config);
    decrypted = aes4.decrypt(result.salt, result.iv, result.cipher);
    assertEquals(new String(decrypted, "UTF8"), "larry");
}
Also used : GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) ConfigurableEncryptor(org.apache.knox.gateway.services.security.impl.ConfigurableEncryptor) Test(org.junit.Test)

Example 3 with ConfigurableEncryptor

use of org.apache.knox.gateway.services.security.impl.ConfigurableEncryptor in project knox by apache.

the class CryptoServiceTest method testCryptoServiceDES.

@Test
public void testCryptoServiceDES() throws Exception {
    GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
    EasyMock.expect(config.getAlgorithm()).andReturn("DES");
    EasyMock.expect(config.getPBEAlgorithm()).andReturn("PBKDF2WithHmacSHA1");
    EasyMock.expect(config.getSaltSize()).andReturn("16");
    EasyMock.expect(config.getIterationCount()).andReturn("65536");
    EasyMock.expect(config.getKeyLength()).andReturn("128");
    EasyMock.expect(config.getTransformation()).andReturn("DES");
    EasyMock.replay(config);
    // password to create key - same Encryptor
    String queryString = "url=http://localhost:50070/api/v1/blahblah";
    ConfigurableEncryptor aes0 = new ConfigurableEncryptor("password");
    aes0.init(config);
    cs.init(config, new HashMap<String, String>());
    EncryptionResult result0 = cs.encryptForCluster("Test", "encrypt_url", queryString.getBytes("UTF8"));
    byte[] decrypted0 = cs.decryptForCluster("Test", "encrypt_url", result0.cipher, result0.iv, result0.salt);
    assertEquals(queryString, new String(decrypted0, "UTF8"));
    assertEquals(queryString.getBytes("UTF8").length, decrypted0.length);
    assertEquals(queryString.getBytes("UTF8").length, new String(decrypted0, "UTF8").toCharArray().length);
}
Also used : GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) ConfigurableEncryptor(org.apache.knox.gateway.services.security.impl.ConfigurableEncryptor) Test(org.junit.Test)

Example 4 with ConfigurableEncryptor

use of org.apache.knox.gateway.services.security.impl.ConfigurableEncryptor in project knox by apache.

the class SecureQueryDecryptProcessor method initialize.

@Override
public void initialize(UrlRewriteEnvironment environment, SecureQueryDecryptDescriptor descriptor) throws Exception {
    encryptor = new ConfigurableEncryptor("encryptQueryString");
    encryptor.init((GatewayConfig) environment.getAttribute(GatewayConfig.GATEWAY_CONFIG_ATTRIBUTE));
}
Also used : ConfigurableEncryptor(org.apache.knox.gateway.services.security.impl.ConfigurableEncryptor)

Example 5 with ConfigurableEncryptor

use of org.apache.knox.gateway.services.security.impl.ConfigurableEncryptor in project knox by apache.

the class CryptoServiceTest method testCryptoServiceAES.

@Test
public void testCryptoServiceAES() throws Exception {
    GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
    EasyMock.expect(config.getAlgorithm()).andReturn("AES");
    EasyMock.expect(config.getPBEAlgorithm()).andReturn("PBKDF2WithHmacSHA1");
    EasyMock.expect(config.getSaltSize()).andReturn("16");
    EasyMock.expect(config.getIterationCount()).andReturn("65536");
    EasyMock.expect(config.getKeyLength()).andReturn("128");
    EasyMock.expect(config.getTransformation()).andReturn("AES/CBC/PKCS5Padding");
    EasyMock.replay(config);
    // password to create key - same Encryptor
    String queryString = "url=http://localhost:50070/api/v1/blahblah";
    ConfigurableEncryptor aes0 = new ConfigurableEncryptor("password");
    aes0.init(config);
    cs.init(config, new HashMap<String, String>());
    EncryptionResult result0 = cs.encryptForCluster("Test", "encrypt_url", queryString.getBytes("UTF8"));
    byte[] decrypted0 = cs.decryptForCluster("Test", "encrypt_url", result0.cipher, result0.iv, result0.salt);
    assertEquals(queryString, new String(decrypted0, "UTF8"));
    assertEquals(queryString.getBytes("UTF8").length, decrypted0.length);
    assertEquals(queryString.getBytes("UTF8").length, new String(decrypted0, "UTF8").toCharArray().length);
}
Also used : GatewayConfig(org.apache.knox.gateway.config.GatewayConfig) ConfigurableEncryptor(org.apache.knox.gateway.services.security.impl.ConfigurableEncryptor) Test(org.junit.Test)

Aggregations

ConfigurableEncryptor (org.apache.knox.gateway.services.security.impl.ConfigurableEncryptor)5 GatewayConfig (org.apache.knox.gateway.config.GatewayConfig)3 Test (org.junit.Test)3