Examples with EncryptedValue org.cloudfoundry.credhub.entity.EncryptedValue used on opensource projects

Example 31 with EncryptedValue

use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.

the class RetryingEncryptionServiceTest method usingTwoThread_wontRetryTwice.

@Test
public void usingTwoThread_wontRetryTwice() throws Exception {
    final Object lock = new Object();
    final Thread firstThread = new Thread("first") {

        @Override
        public void run() {
            try {
                subject.decrypt(new EncryptedValue(activeKeyUuid, "a value 1".getBytes(), "nonce".getBytes()));
            } catch (Exception e) {
            // do nothing
            }
        }
    };
    final Thread secondThread = new Thread("second") {

        @Override
        public void run() {
            try {
                subject.decrypt(new EncryptedValue(activeKeyUuid, "a value 2".getBytes(), "nonce".getBytes()));
            } catch (Exception e) {
            // do nothing
            }
        }
    };
    subject = new RacingRetryingEncryptionServiceForTest(firstThread, secondThread, lock);
    when(keySet.get(activeKeyUuid)).thenReturn(firstActiveKey);
    when(keySet.getActive()).thenReturn(firstActiveKey);
    when(firstActiveKey.decrypt(any(byte[].class), any(byte[].class))).thenThrow(new ProviderException("function 'C_GenerateRandom' returns 0x30"));
    firstThread.start();
    firstThread.join();
    secondThread.join();
    verify(keySet, times(1)).reload();
}

Example 32 with EncryptedValue

use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.

the class RetryingEncryptionServiceTest method decrypt_whenThrowsAnError_retriesDecryptionFailure.

@Test
public void decrypt_whenThrowsAnError_retriesDecryptionFailure() throws Exception {
    when(keySet.get(activeKeyUuid)).thenReturn(firstActiveKey);
    when(keySet.getActive()).thenReturn(firstActiveKey);
    when(firstActiveKey.decrypt(any(byte[].class), any(byte[].class))).thenThrow(new ProviderException("function 'C_GenerateRandom' returns 0x30"));
    try {
        subject.decrypt(new EncryptedValue(activeKeyUuid, "an encrypted value".getBytes(), "a nonce".getBytes()));
        fail("Expected exception");
    } catch (ProviderException e) {
    // expected
    }
    final InOrder inOrder = inOrder(firstActiveKey);
    inOrder.verify(firstActiveKey).decrypt(any(byte[].class), any(byte[].class));
    inOrder.verify(firstActiveKey).reconnect(any(ProviderException.class));
    inOrder.verify(firstActiveKey).decrypt(any(byte[].class), any(byte[].class));
}

Example 33 with EncryptedValue

use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.

the class RetryingEncryptionServiceTest method decrypt_whenTheOperationSucceedsOnlyAfterReconnection.

@Test
public void decrypt_whenTheOperationSucceedsOnlyAfterReconnection() throws Exception {
    when(keySet.get(activeKeyUuid)).thenReturn(firstActiveKey).thenReturn(secondActiveKey);
    when(keySet.getActive()).thenReturn(firstActiveKey);
    when(firstActiveKey.decrypt("fake-encrypted-value".getBytes(), "fake-nonce".getBytes())).thenThrow(new IllegalBlockSizeException("test exception"));
    when(secondActiveKey.decrypt("fake-encrypted-value".getBytes(), "fake-nonce".getBytes())).thenReturn("fake-plaintext");
    assertThat(subject.decrypt(new EncryptedValue(activeKeyUuid, "fake-encrypted-value".getBytes(), "fake-nonce".getBytes())), equalTo("fake-plaintext"));
    verify(keySet.getActive(), times(1)).reconnect(any(IllegalBlockSizeException.class));
    verify(keySet, times(1)).reload();
}

Example 34 with EncryptedValue

use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.

the class CredentialVersionDataRepositoryTest method canSaveStringsOfLength7000WhichMeans7016ForGCM.

@Test
public void canSaveStringsOfLength7000WhichMeans7016ForGCM() {
    byte[] encryptedValue = new byte[7016];
    Arrays.fill(encryptedValue, (byte) 'A');
    final StringBuilder stringBuilder = new StringBuilder(7000);
    Stream.generate(() -> "a").limit(stringBuilder.capacity()).forEach(stringBuilder::append);
    ValueCredentialVersionData entity = new ValueCredentialVersionData();
    Credential credential = credentialRepository.save(new Credential(name));
    entity.setCredential(credential);
    entity.setEncryptedValueData(new EncryptedValue().setEncryptedValue(encryptedValue).setEncryptionKeyUuid(canaryUuid).setNonce("nonce".getBytes()));
    subject.save(entity);
    assertThat(subject.findFirstByCredentialUuidOrderByVersionCreatedAtDesc(credential.getUuid()).getEncryptedValueData().getEncryptedValue().length, equalTo(7016));
}

Example 35 with EncryptedValue

use of org.cloudfoundry.credhub.entity.EncryptedValue in project credhub by cloudfoundry-incubator.

the class SshViewTest method beforeEach.

@Before
public void beforeEach() {
    Encryptor encryptor = mock(Encryptor.class);
    final EncryptedValue encryption = new EncryptedValue(UUID.randomUUID(), "encrypted".getBytes(), "nonce".getBytes());
    when(encryptor.encrypt(TestConstants.PRIVATE_KEY_4096)).thenReturn(encryption);
    when(encryptor.decrypt(encryption)).thenReturn(TestConstants.PRIVATE_KEY_4096);
    entity = new SshCredentialVersion(CREDENTIAL_NAME).setEncryptor(encryptor).setPublicKey(TestConstants.SSH_PUBLIC_KEY_4096_WITH_COMMENT).setPrivateKey(TestConstants.PRIVATE_KEY_4096);
    entity.setUuid(CREDENTIAL_UUID);
}