Examples with EncryptedValue org.cloudfoundry.credhub.entity.EncryptedValue used on opensource projects

Search in sources :

Example 26 with EncryptedValue

use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.

the class EncryptionKeyRotatorTest method createOldKey.

private Key createOldKey() throws Exception {
    final PasswordBasedKeyProxy keyProxy = new PasswordBasedKeyProxy("old-password", 1, encryptionService);
    Key oldKey = keyProxy.deriveKey();
    oldCanary = new EncryptionKeyCanary();
    final EncryptedValue canaryEncryption = encryptionService.encrypt(null, oldKey, CANARY_VALUE);
    oldCanary.setEncryptedCanaryValue(canaryEncryption.getEncryptedValue());
    oldCanary.setNonce(canaryEncryption.getNonce());
    oldCanary = encryptionKeyCanaryDataService.save(oldCanary);
    keySet.add(new EncryptionKey(encryptionService, oldCanary.getUuid(), oldKey));
    return oldKey;
}
Also used : EncryptionKeyCanary(org.cloudfoundry.credhub.entity.EncryptionKeyCanary) EncryptionKey(org.cloudfoundry.credhub.service.EncryptionKey) PasswordBasedKeyProxy(org.cloudfoundry.credhub.service.PasswordBasedKeyProxy) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) EncryptionKey(org.cloudfoundry.credhub.service.EncryptionKey) Key(java.security.Key)

Example 27 with EncryptedValue

use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.

the class PasswordBasedKeyProxyTest method matchesCanary_whenCanaryMatches_setsTheKey.

@Test
public void matchesCanary_whenCanaryMatches_setsTheKey() throws Exception {
    // Generate a key from the password and a new salt
    PasswordBasedKeyProxy oldProxy = new PasswordBasedKeyProxy(password, 1, encryptionService);
    Key derivedKey = oldProxy.deriveKey();
    final List<Byte> salt = oldProxy.getSalt();
    // Create a canary whose value is encrypted with this key
    final EncryptedValue encryptedCanaryValue = encryptionService.encrypt(null, derivedKey, CANARY_VALUE);
    EncryptionKeyCanary canary = new EncryptionKeyCanary();
    canary.setEncryptedCanaryValue(encryptedCanaryValue.getEncryptedValue());
    canary.setNonce(encryptedCanaryValue.getNonce());
    final Byte[] saltArray = new Byte[salt.size()];
    canary.setSalt(toPrimitive(salt.toArray(saltArray)));
    final boolean match = subject.matchesCanary(canary);
    assertTrue(match);
    assertThat(subject.getKey(), equalTo(derivedKey));
}
Also used : EncryptionKeyCanary(org.cloudfoundry.credhub.entity.EncryptionKeyCanary) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) Key(java.security.Key) Test(org.junit.Test)

Example 28 with EncryptedValue

use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.

the class RetryingEncryptionServiceTest method decrypt_whenThrowsErrors_unlocksAfterExceptionAndLocksAgainBeforeEncrypting.

@Test
public void decrypt_whenThrowsErrors_unlocksAfterExceptionAndLocksAgainBeforeEncrypting() throws Exception {
    when(keySet.get(activeKeyUuid)).thenReturn(firstActiveKey);
    when(keySet.getActive()).thenReturn(firstActiveKey);
    when(firstActiveKey.decrypt(any(byte[].class), any(byte[].class))).thenThrow(new ProviderException("function 'C_GenerateRandom' returns 0x30"));
    reset(writeLock);
    try {
        subject.decrypt(new EncryptedValue(activeKeyUuid, "an encrypted value".getBytes(), "a nonce".getBytes()));
    } catch (ProviderException e) {
    // expected
    }
    verify(readLock, times(2)).lock();
    verify(readLock, times(2)).unlock();
    verify(writeLock, times(1)).lock();
    verify(writeLock, times(1)).unlock();
}
Also used : ProviderException(java.security.ProviderException) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) Test(org.junit.Test)

Example 29 with EncryptedValue

use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.

the class RetryingEncryptionServiceTest method decrypt_whenTheEncryptionKeyCannotBeFound_throwsAnException.

@Test(expected = KeyNotFoundException.class)
public void decrypt_whenTheEncryptionKeyCannotBeFound_throwsAnException() throws Exception {
    UUID fakeUuid = UUID.randomUUID();
    reset(encryptionService);
    when(keySet.get(fakeUuid)).thenReturn(null);
    subject.decrypt(new EncryptedValue(fakeUuid, "something we cant read".getBytes(), "nonce".getBytes()));
}
Also used : UUID(java.util.UUID) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) Test(org.junit.Test)

Example 30 with EncryptedValue

use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.

the class RetryingEncryptionServiceTest method decryptionLocks_acquiresALunaUsageReadLock.

@Test
public void decryptionLocks_acquiresALunaUsageReadLock() throws Exception {
    when(keySet.get(activeKeyUuid)).thenReturn(firstActiveKey);
    subject.decrypt(new EncryptedValue(activeKeyUuid, "an encrypted value".getBytes(), "a nonce".getBytes()));
    verify(readLock, times(1)).lock();
    verify(readLock, times(1)).unlock();
    verify(writeLock, times(0)).lock();
    verify(writeLock, times(0)).unlock();
}
Also used : EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) Test(org.junit.Test)

Aggregations

EncryptedValue (org.cloudfoundry.credhub.entity.EncryptedValue)56 Test (org.junit.Test)31 PasswordCredentialVersionData (org.cloudfoundry.credhub.entity.PasswordCredentialVersionData)12 Before (org.junit.Before)11 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)8 CertificateCredentialVersionData (org.cloudfoundry.credhub.entity.CertificateCredentialVersionData)7 Credential (org.cloudfoundry.credhub.entity.Credential)7 UUID (java.util.UUID)6 PasswordCredentialVersion (org.cloudfoundry.credhub.domain.PasswordCredentialVersion)6 ValueCredentialVersionData (org.cloudfoundry.credhub.entity.ValueCredentialVersionData)6 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)5 UserCredentialVersionData (org.cloudfoundry.credhub.entity.UserCredentialVersionData)5 StringGenerationParameters (org.cloudfoundry.credhub.request.StringGenerationParameters)5 ProviderException (java.security.ProviderException)4 CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)4 ValueCredentialVersion (org.cloudfoundry.credhub.domain.ValueCredentialVersion)4 EncryptionKeyCanary (org.cloudfoundry.credhub.entity.EncryptionKeyCanary)4 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)3 Key (java.security.Key)3 KeyNotFoundException (org.cloudfoundry.credhub.exceptions.KeyNotFoundException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial