Examples with EncryptedValue org.cloudfoundry.credhub.entity.EncryptedValue used on opensource projects

Search in sources :

Example 1 with EncryptedValue

use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.

the class PasswordCredentialVersion method setPasswordAndGenerationParameters.

public PasswordCredentialVersion setPasswordAndGenerationParameters(String password, StringGenerationParameters generationParameters) {
    EncryptedValue encryptedParameters, encryptedPassword;
    if (password == null) {
        throw new IllegalArgumentException("password cannot be null");
    }
    try {
        String generationParameterJson = generationParameters != null ? jsonObjectMapper.writeValueAsString(generationParameters) : null;
        if (generationParameterJson != null) {
            encryptedParameters = encryptor.encrypt(generationParameterJson);
            delegate.setEncryptedGenerationParameters(encryptedParameters);
        }
        encryptedPassword = encryptor.encrypt(password);
        delegate.setEncryptedValueData(encryptedPassword);
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
    return this;
}
Also used : EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) IOException(java.io.IOException)

Example 2 with EncryptedValue

use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.

the class LunaKeyProxyTest method beforeEach.

@Before
public void beforeEach() throws Exception {
    final InternalEncryptionService encryptionService = new InternalEncryptionService(new PasswordKeyProxyFactoryTestImpl());
    EncryptionKeyMetadata keyMetadata = new EncryptionKeyMetadata();
    keyMetadata.setEncryptionPassword("p@ssword");
    encryptionKey = encryptionService.createKeyProxy(keyMetadata).getKey();
    canary = new EncryptionKeyCanary();
    EncryptedValue encryptionData = encryptionService.encrypt(null, encryptionKey, CANARY_VALUE);
    canary.setEncryptedCanaryValue(encryptionData.getEncryptedValue());
    canary.setNonce(encryptionData.getNonce());
    deprecatedCanary = new EncryptionKeyCanary();
    EncryptedValue deprecatedEncryptionData = encryptionService.encrypt(null, encryptionKey, DEPRECATED_CANARY_VALUE);
    deprecatedCanary.setEncryptedCanaryValue(deprecatedEncryptionData.getEncryptedValue());
    deprecatedCanary.setNonce(deprecatedEncryptionData.getNonce());
}
Also used : EncryptionKeyCanary(org.cloudfoundry.credhub.entity.EncryptionKeyCanary) EncryptionKeyMetadata(org.cloudfoundry.credhub.config.EncryptionKeyMetadata) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) PasswordKeyProxyFactoryTestImpl(org.cloudfoundry.credhub.util.PasswordKeyProxyFactoryTestImpl) Before(org.junit.Before)

Example 3 with EncryptedValue

use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.

the class RetryingEncryptionServiceTest method encrypt_shouldEncryptTheStringWithoutAttemptingToReconnect.

@Test
public void encrypt_shouldEncryptTheStringWithoutAttemptingToReconnect() throws Exception {
    when(keySet.getActive()).thenReturn(firstActiveKey);
    EncryptedValue expectedEncryption = mock(EncryptedValue.class);
    when(firstActiveKey.encrypt("fake-plaintext")).thenReturn(expectedEncryption);
    EncryptedValue encryptedValue = subject.encrypt("fake-plaintext");
    assertThat(encryptedValue, equalTo(expectedEncryption));
    verify(encryptionService, times(0)).reconnect(any(IllegalBlockSizeException.class));
    verify(keySet, times(0)).reload();
}
Also used : IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) Test(org.junit.Test)

Example 4 with EncryptedValue

use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.

the class CredentialVersionDataRepositoryTest method canSaveCertificatesOfLength7000WhichMeans7016ForGCM.

@Test
public void canSaveCertificatesOfLength7000WhichMeans7016ForGCM() {
    byte[] encryptedValue = new byte[7016];
    Arrays.fill(encryptedValue, (byte) 'A');
    final StringBuilder stringBuilder = new StringBuilder(7000);
    Stream.generate(() -> "a").limit(stringBuilder.capacity()).forEach(stringBuilder::append);
    Credential credential = credentialRepository.save(new Credential(name));
    final String longString = stringBuilder.toString();
    CertificateCredentialVersionData entity = new CertificateCredentialVersionData();
    entity.setCredential(credential);
    entity.setCa(longString);
    entity.setCertificate(longString);
    entity.setEncryptedValueData(new EncryptedValue().setEncryptionKeyUuid(canaryUuid).setEncryptedValue(encryptedValue).setNonce("nonce".getBytes()));
    subject.save(entity);
    CertificateCredentialVersionData credentialData = (CertificateCredentialVersionData) subject.findFirstByCredentialUuidOrderByVersionCreatedAtDesc(credential.getUuid());
    assertThat(credentialData.getCa().length(), equalTo(7000));
    assertThat(credentialData.getCertificate().length(), equalTo(7000));
    assertThat(credentialData.getEncryptedValueData().getEncryptedValue(), equalTo(encryptedValue));
    assertThat(credentialData.getEncryptedValueData().getEncryptedValue().length, equalTo(7016));
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) CertificateCredentialVersionData(org.cloudfoundry.credhub.entity.CertificateCredentialVersionData) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) Test(org.junit.Test) DataJpaTest(org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest)

Example 5 with EncryptedValue

use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.

the class EncryptionKeyCanaryMapperTest method beforeEach.

@Before()
public void beforeEach() throws Exception {
    encryptionKeyCanaryDataService = mock(EncryptionKeyCanaryDataService.class);
    encryptionService = mock(EncryptionService.class);
    encryptionKeysConfiguration = mock(EncryptionKeysConfiguration.class);
    keySet = new EncryptionKeySet();
    providerFactory = mock(EncryptionProviderFactory.class);
    activeCanaryUuid = UUID.randomUUID();
    existingCanaryUuid1 = UUID.randomUUID();
    existingCanaryUuid2 = UUID.randomUUID();
    unknownCanaryUuid = UUID.randomUUID();
    activeKeyData = new EncryptionKeyMetadata();
    activeKeyData.setEncryptionPassword("this-is-active");
    activeKeyData.setActive(true);
    activeKeyData.setProviderType(ProviderType.INTERNAL);
    existingKey1Data = new EncryptionKeyMetadata();
    existingKey1Data.setEncryptionPassword("existing-key-1");
    existingKey1Data.setActive(false);
    existingKey1Data.setProviderType(ProviderType.INTERNAL);
    existingKey2Data = new EncryptionKeyMetadata();
    existingKey2Data.setEncryptionPassword("existing-key-2");
    existingKey2Data.setActive(false);
    existingKey2Data.setProviderType(ProviderType.INTERNAL);
    activeKey = mock(Key.class, "active key");
    existingKey1 = mock(Key.class, "key 1");
    existingKey2 = mock(Key.class, "key 2");
    unknownKey = mock(Key.class, "key 3");
    activeKeyProxy = mock(KeyProxy.class);
    existingKey1Proxy = mock(KeyProxy.class);
    existingKey2Proxy = mock(KeyProxy.class);
    activeKeyCanary = createEncryptionCanary(activeCanaryUuid, "fake-active-encrypted-value", "fake-active-nonce", activeKey);
    existingKeyCanary1 = createEncryptionCanary(existingCanaryUuid1, "fake-existing-encrypted-value1", "fake-existing-nonce1", existingKey1);
    existingKeyCanary2 = createEncryptionCanary(existingCanaryUuid2, "fake-existing-encrypted-value2", "fake-existing-nonce2", existingKey2);
    unknownCanary = createEncryptionCanary(unknownCanaryUuid, "fake-existing-encrypted-value3", "fake-existing-nonce3", unknownKey);
    when(encryptionService.encrypt(null, activeKey, CANARY_VALUE)).thenReturn(new EncryptedValue(null, "fake-encrypted-value", "fake-nonce"));
    when(encryptionKeysConfiguration.getKeys()).thenReturn(newArrayList(existingKey1Data, activeKeyData, existingKey2Data));
    when(providerFactory.getEncryptionService(ProviderType.INTERNAL)).thenReturn(encryptionService);
    when(encryptionService.createKeyProxy(eq(activeKeyData))).thenReturn(activeKeyProxy);
    when(encryptionService.createKeyProxy(eq(existingKey1Data))).thenReturn(existingKey1Proxy);
    when(encryptionService.createKeyProxy(eq(existingKey2Data))).thenReturn(existingKey2Proxy);
    when(activeKeyProxy.matchesCanary(eq(activeKeyCanary))).thenReturn(true);
    when(existingKey1Proxy.matchesCanary(eq(existingKeyCanary1))).thenReturn(true);
    when(existingKey2Proxy.matchesCanary(eq(existingKeyCanary2))).thenReturn(true);
    when(activeKeyProxy.getKey()).thenReturn(activeKey);
    when(existingKey1Proxy.getKey()).thenReturn(existingKey1);
    when(existingKey2Proxy.getKey()).thenReturn(existingKey2);
    when(encryptionKeyCanaryDataService.findAll()).thenReturn(new ArrayList<>(asArrayList(existingKeyCanary1, activeKeyCanary, existingKeyCanary2)));
    timedRetry = mock(TimedRetry.class);
    when(timedRetry.retryEverySecondUntil(anyLong(), any(Supplier.class))).thenAnswer(answer -> {
        Supplier<Boolean> retryableOperation = answer.getArgumentAt(1, Supplier.class);
        for (int i = 0; i < 10; ++i) {
            if (retryableOperation.get()) {
                return true;
            }
        }
        return false;
    });
}
Also used : TimedRetry(org.cloudfoundry.credhub.util.TimedRetry) EncryptionKeyCanaryDataService(org.cloudfoundry.credhub.data.EncryptionKeyCanaryDataService) EncryptionKeyMetadata(org.cloudfoundry.credhub.config.EncryptionKeyMetadata) EncryptionKeysConfiguration(org.cloudfoundry.credhub.config.EncryptionKeysConfiguration) Supplier(java.util.function.Supplier) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) Key(java.security.Key) Before(org.junit.Before)

Aggregations

EncryptedValue (org.cloudfoundry.credhub.entity.EncryptedValue)56 Test (org.junit.Test)31 PasswordCredentialVersionData (org.cloudfoundry.credhub.entity.PasswordCredentialVersionData)12 Before (org.junit.Before)11 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)8 CertificateCredentialVersionData (org.cloudfoundry.credhub.entity.CertificateCredentialVersionData)7 Credential (org.cloudfoundry.credhub.entity.Credential)7 UUID (java.util.UUID)6 PasswordCredentialVersion (org.cloudfoundry.credhub.domain.PasswordCredentialVersion)6 ValueCredentialVersionData (org.cloudfoundry.credhub.entity.ValueCredentialVersionData)6 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)5 UserCredentialVersionData (org.cloudfoundry.credhub.entity.UserCredentialVersionData)5 StringGenerationParameters (org.cloudfoundry.credhub.request.StringGenerationParameters)5 ProviderException (java.security.ProviderException)4 CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)4 ValueCredentialVersion (org.cloudfoundry.credhub.domain.ValueCredentialVersion)4 EncryptionKeyCanary (org.cloudfoundry.credhub.entity.EncryptionKeyCanary)4 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)3 Key (java.security.Key)3 KeyNotFoundException (org.cloudfoundry.credhub.exceptions.KeyNotFoundException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial