Example 11 with EncryptedValue
use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.
the class CredentialVersionDataServiceTest method setupTestFixtureForFindMostRecent.
private void setupTestFixtureForFindMostRecent() {
Credential credential = credentialDataService.save(new Credential("/my-CREDENTIAL"));
namedPasswordCredential1 = new PasswordCredentialVersionData();
namedPasswordCredential1.setCredential(credential);
namedPasswordCredential1.setEncryptedValueData(new EncryptedValue().setEncryptionKeyUuid(activeCanaryUuid).setEncryptedValue("/my-old-password".getBytes()).setNonce(new byte[] {}));
passwordCredential2 = new PasswordCredentialVersionData();
passwordCredential2.setCredential(credential);
passwordCredential2.setEncryptedValueData(new EncryptedValue().setEncryptionKeyUuid(activeCanaryUuid).setEncryptedValue("/my-new-password".getBytes()).setNonce(new byte[] {}));
subject.save(namedPasswordCredential1);
// 1 second later
fakeTimeSetter.accept(345346L);
subject.save(passwordCredential2);
}
Also used :
Credential(org.cloudfoundry.credhub.entity.Credential)
PasswordCredentialVersionData(org.cloudfoundry.credhub.entity.PasswordCredentialVersionData)
EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue)
Example 12 with EncryptedValue
use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.
the class CredentialVersionDataServiceTest method delete_onACredentialName_deletesAllCredentialsWithTheName.
@Test
public void delete_onACredentialName_deletesAllCredentialsWithTheName() {
Credential credential = credentialDataService.save(new Credential("/my-credential"));
PasswordCredentialVersionData credentialData = new PasswordCredentialVersionData();
credentialData.setCredential(credential);
credentialData.setEncryptedValueData(new EncryptedValue().setEncryptionKeyUuid(activeCanaryUuid).setEncryptedValue("credential-password".getBytes()).setNonce("nonce".getBytes()));
subject.save(credentialData);
credentialData = new PasswordCredentialVersionData("/my-credential");
credentialData.setCredential(credential);
credentialData.setEncryptedValueData(new EncryptedValue().setEncryptionKeyUuid(activeCanaryUuid).setEncryptedValue("another password".getBytes()).setNonce("nonce".getBytes()));
subject.save(credentialData);
assertThat(subject.findAllByName("/my-credential"), hasSize(2));
subject.delete("/my-credential");
assertThat(subject.findAllByName("/my-credential"), hasSize(0));
assertNull(credentialDataService.find("/my-credential"));
}
Also used :
Credential(org.cloudfoundry.credhub.entity.Credential)
PasswordCredentialVersionData(org.cloudfoundry.credhub.entity.PasswordCredentialVersionData)
EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Test(org.junit.Test)
Example 13 with EncryptedValue
use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.
the class EncryptedValueDataServiceTest method rotate.
@Test
public void rotate() throws Exception {
EncryptedValue newEncryption = new EncryptedValue(UUID.randomUUID(), "expected value".getBytes(), "nonce".getBytes());
EncryptedValue value = new EncryptedValue();
value.setEncryptedValue("bytes".getBytes());
value.setEncryptionKeyUuid(UUID.randomUUID());
value.setNonce("nonce".getBytes());
when(encryptor.decrypt(any(EncryptedValue.class))).thenReturn("expected value");
when(encryptor.encrypt("expected value")).thenReturn(newEncryption);
subject.rotate(value);
verify(encryptedValueRepository).saveAndFlush(newEncryption);
assertThat(newEncryption.getUuid(), equalTo(value.getUuid()));
}
Also used :
EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue)
Test(org.junit.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Example 14 with EncryptedValue
use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.
the class CredentialFactoryTest method setup.
@Before
public void setup() throws JsonProcessingException {
Encryptor encryptor = mock(Encryptor.class);
subject = new CredentialFactory(encryptor);
objectMapper = new JsonObjectMapper();
generationParameters = new StringGenerationParameters().setExcludeNumber(true).setLength(PLAINTEXT_VALUE.length());
UUID encryptionKeyUuid = UUID.randomUUID();
EncryptedValue encryption = new EncryptedValue(encryptionKeyUuid, PLAINTEXT_VALUE.getBytes(), "test-nonce".getBytes());
when(encryptor.encrypt(PLAINTEXT_VALUE)).thenReturn(encryption);
when(encryptor.decrypt(encryption)).thenReturn(PLAINTEXT_VALUE);
String generationParametersJsonString = objectMapper.writeValueAsString(generationParameters);
EncryptedValue parametersEncryption = new EncryptedValue(encryptionKeyUuid, "test-parameters".getBytes(), "test-parameters-nonce".getBytes());
when(encryptor.encrypt(generationParametersJsonString)).thenReturn(parametersEncryption);
when(encryptor.decrypt(parametersEncryption)).thenReturn(generationParametersJsonString);
EncryptedValue jsonEncryption = new EncryptedValue(encryptionKeyUuid, jsonValueJsonString.getBytes(), "test-nonce".getBytes());
when(encryptor.encrypt(jsonValueJsonString)).thenReturn(jsonEncryption);
when(encryptor.decrypt(jsonEncryption)).thenReturn(jsonValueJsonString);
}
Also used :
JsonObjectMapper(org.cloudfoundry.credhub.util.JsonObjectMapper)
UUID(java.util.UUID)
EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue)
StringGenerationParameters(org.cloudfoundry.credhub.request.StringGenerationParameters)
Before(org.junit.Before)
Example 15 with EncryptedValue
use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.
the class CredentialRotationTest method rotate_givenPasswordCredential_reEncryptsPasswordAndParametersWithActiveKey.
@Test
public void rotate_givenPasswordCredential_reEncryptsPasswordAndParametersWithActiveKey() throws Exception {
PasswordCredentialVersionData passwordCredentialData = new PasswordCredentialVersionData("some-name");
passwordCredentialData.setEncryptedValueData(new EncryptedValue().setEncryptionKeyUuid(oldEncryptionKeyUuid).setEncryptedValue("old-encrypted-value".getBytes()).setNonce("old-nonce".getBytes()));
PasswordCredentialVersion password = new PasswordCredentialVersion(passwordCredentialData);
password.setEncryptor(encryptor);
EncryptedValue encryption = new EncryptedValue(oldEncryptionKeyUuid, "old-encrypted-parameters".getBytes(), "old-parameters-nonce".getBytes());
passwordCredentialData.setEncryptedGenerationParameters(encryption);
stringifiedParameters = new ObjectMapper().writeValueAsString(new StringGenerationParameters());
when(encryptionService.decrypt(new EncryptedValue(oldEncryptionKeyUuid, "old-encrypted-parameters".getBytes(), "old-parameters-nonce".getBytes()))).thenReturn(stringifiedParameters);
when(encryptionService.encrypt(stringifiedParameters)).thenReturn(new EncryptedValue(activeEncryptionKeyUuid, "new-encrypted-parameters".getBytes(), "new-nonce-parameters".getBytes()));
password.rotate();
assertThat(passwordCredentialData.getEncryptionKeyUuid(), equalTo(activeEncryptionKeyUuid));
assertThat(passwordCredentialData.getEncryptedValueData().getEncryptedValue(), equalTo("new-encrypted-value".getBytes()));
assertThat(passwordCredentialData.getNonce(), equalTo("new-nonce".getBytes()));
assertThat(passwordCredentialData.getEncryptedGenerationParameters().getEncryptedValue(), equalTo("new-encrypted-parameters".getBytes()));
assertThat(passwordCredentialData.getEncryptedGenerationParameters().getNonce(), equalTo("new-nonce-parameters".getBytes()));
}
Also used :
PasswordCredentialVersionData(org.cloudfoundry.credhub.entity.PasswordCredentialVersionData)
EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
StringGenerationParameters(org.cloudfoundry.credhub.request.StringGenerationParameters)
Test(org.junit.Test)
Aggregations
EncryptedValue (org.cloudfoundry.credhub.entity.EncryptedValue)56
Test (org.junit.Test)31
PasswordCredentialVersionData (org.cloudfoundry.credhub.entity.PasswordCredentialVersionData)12
Before (org.junit.Before)11
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)8
CertificateCredentialVersionData (org.cloudfoundry.credhub.entity.CertificateCredentialVersionData)7
Credential (org.cloudfoundry.credhub.entity.Credential)7
UUID (java.util.UUID)6
PasswordCredentialVersion (org.cloudfoundry.credhub.domain.PasswordCredentialVersion)6
ValueCredentialVersionData (org.cloudfoundry.credhub.entity.ValueCredentialVersionData)6
IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)5
UserCredentialVersionData (org.cloudfoundry.credhub.entity.UserCredentialVersionData)5
StringGenerationParameters (org.cloudfoundry.credhub.request.StringGenerationParameters)5
ProviderException (java.security.ProviderException)4
CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)4
ValueCredentialVersion (org.cloudfoundry.credhub.domain.ValueCredentialVersion)4
EncryptionKeyCanary (org.cloudfoundry.credhub.entity.EncryptionKeyCanary)4
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)3
Key (java.security.Key)3
KeyNotFoundException (org.cloudfoundry.credhub.exceptions.KeyNotFoundException)3
