Examples with EncryptionKeyCanary org.cloudfoundry.credhub.entity.EncryptionKeyCanary used on opensource projects

Search in sources :

Example 11 with EncryptionKeyCanary

use of org.cloudfoundry.credhub.entity.EncryptionKeyCanary in project credhub by cloudfoundry-incubator.

the class EncryptionKeyCanaryDataServiceTest method findAll_whenThereAreCanaries_returnsCanariesAsAList.

@Test
public void findAll_whenThereAreCanaries_returnsCanariesAsAList() {
    EncryptionKeyCanary firstCanary = new EncryptionKeyCanary();
    EncryptionKeyCanary secondCanary = new EncryptionKeyCanary();
    subject.save(firstCanary);
    subject.save(secondCanary);
    List<EncryptionKeyCanary> canaries = subject.findAll();
    List<UUID> uuids = canaries.stream().map(canary -> canary.getUuid()).collect(Collectors.toList());
    assertThat(canaries, hasSize(2));
    assertThat(uuids, containsInAnyOrder(firstCanary.getUuid(), secondCanary.getUuid()));
}
Also used : Assert.assertNotNull(org.junit.Assert.assertNotNull) EncryptionKeyCanaryRepository(org.cloudfoundry.credhub.repository.EncryptionKeyCanaryRepository) RunWith(org.junit.runner.RunWith) IsEqual.equalTo(org.hamcrest.core.IsEqual.equalTo) Autowired(org.springframework.beans.factory.annotation.Autowired) Test(org.junit.Test) ActiveProfiles(org.springframework.test.context.ActiveProfiles) UUID(java.util.UUID) Collectors(java.util.stream.Collectors) IsCollectionWithSize.hasSize(org.hamcrest.collection.IsCollectionWithSize.hasSize) DataJpaTest(org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest) EncryptionKeyCanary(org.cloudfoundry.credhub.entity.EncryptionKeyCanary) List(java.util.List) Lists.newArrayList(com.google.common.collect.Lists.newArrayList) Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder) AutoConfigureTestDatabase(org.springframework.boot.test.autoconfigure.jdbc.AutoConfigureTestDatabase) Replace(org.springframework.boot.test.autoconfigure.jdbc.AutoConfigureTestDatabase.Replace) SpringRunner(org.springframework.test.context.junit4.SpringRunner) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) DatabaseProfileResolver(org.cloudfoundry.credhub.util.DatabaseProfileResolver) Before(org.junit.Before) EncryptionKeyCanary(org.cloudfoundry.credhub.entity.EncryptionKeyCanary) UUID(java.util.UUID) Test(org.junit.Test) DataJpaTest(org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest)

Example 12 with EncryptionKeyCanary

use of org.cloudfoundry.credhub.entity.EncryptionKeyCanary in project credhub by cloudfoundry-incubator.

the class EncryptionKeyRotatorTest method rotation_removesOldCanaries.

@Test
public void rotation_removesOldCanaries() throws Exception {
    setupInitialContext();
    setActiveKey(1);
    encryptionKeyRotator.rotate();
    List<UUID> oldCanaryUuids = keySet.getInactiveUuids();
    List<EncryptionKeyCanary> allCanaries = encryptionKeyCanaryDataService.findAll();
    List<UUID> remainingCanaryUuids = allCanaries.stream().map(EncryptionKeyCanary::getUuid).collect(Collectors.toList());
    assertThat(remainingCanaryUuids, hasItem(keySet.getActive().getUuid()));
    for (UUID uuid : oldCanaryUuids) {
        assertThat(remainingCanaryUuids, not(hasItem(uuid)));
    }
}
Also used : EncryptionKeyCanary(org.cloudfoundry.credhub.entity.EncryptionKeyCanary) UUID(java.util.UUID) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) Test(org.junit.Test)

Example 13 with EncryptionKeyCanary

use of org.cloudfoundry.credhub.entity.EncryptionKeyCanary in project credhub by cloudfoundry-incubator.

the class EncryptionKeyRotatorTest method createOldKey.

private Key createOldKey() throws Exception {
    final PasswordBasedKeyProxy keyProxy = new PasswordBasedKeyProxy("old-password", 1, encryptionService);
    Key oldKey = keyProxy.deriveKey();
    oldCanary = new EncryptionKeyCanary();
    final EncryptedValue canaryEncryption = encryptionService.encrypt(null, oldKey, CANARY_VALUE);
    oldCanary.setEncryptedCanaryValue(canaryEncryption.getEncryptedValue());
    oldCanary.setNonce(canaryEncryption.getNonce());
    oldCanary = encryptionKeyCanaryDataService.save(oldCanary);
    keySet.add(new EncryptionKey(encryptionService, oldCanary.getUuid(), oldKey));
    return oldKey;
}
Also used : EncryptionKeyCanary(org.cloudfoundry.credhub.entity.EncryptionKeyCanary) EncryptionKey(org.cloudfoundry.credhub.service.EncryptionKey) PasswordBasedKeyProxy(org.cloudfoundry.credhub.service.PasswordBasedKeyProxy) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) EncryptionKey(org.cloudfoundry.credhub.service.EncryptionKey) Key(java.security.Key)

Example 14 with EncryptionKeyCanary

use of org.cloudfoundry.credhub.entity.EncryptionKeyCanary in project credhub by cloudfoundry-incubator.

the class PasswordBasedKeyProxyTest method matchesCanary_whenCanaryDoesNotContainSalt_returnsFalse.

@Test
public void matchesCanary_whenCanaryDoesNotContainSalt_returnsFalse() {
    EncryptionKeyCanary canary = new EncryptionKeyCanary();
    canary.setSalt(null);
    assertFalse(subject.matchesCanary(canary));
}
Also used : EncryptionKeyCanary(org.cloudfoundry.credhub.entity.EncryptionKeyCanary) Test(org.junit.Test)

Example 15 with EncryptionKeyCanary

use of org.cloudfoundry.credhub.entity.EncryptionKeyCanary in project credhub by cloudfoundry-incubator.

the class PasswordBasedKeyProxyTest method matchesCanary_whenCanaryMatches_setsTheKey.

@Test
public void matchesCanary_whenCanaryMatches_setsTheKey() throws Exception {
    // Generate a key from the password and a new salt
    PasswordBasedKeyProxy oldProxy = new PasswordBasedKeyProxy(password, 1, encryptionService);
    Key derivedKey = oldProxy.deriveKey();
    final List<Byte> salt = oldProxy.getSalt();
    // Create a canary whose value is encrypted with this key
    final EncryptedValue encryptedCanaryValue = encryptionService.encrypt(null, derivedKey, CANARY_VALUE);
    EncryptionKeyCanary canary = new EncryptionKeyCanary();
    canary.setEncryptedCanaryValue(encryptedCanaryValue.getEncryptedValue());
    canary.setNonce(encryptedCanaryValue.getNonce());
    final Byte[] saltArray = new Byte[salt.size()];
    canary.setSalt(toPrimitive(salt.toArray(saltArray)));
    final boolean match = subject.matchesCanary(canary);
    assertTrue(match);
    assertThat(subject.getKey(), equalTo(derivedKey));
}
Also used : EncryptionKeyCanary(org.cloudfoundry.credhub.entity.EncryptionKeyCanary) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) Key(java.security.Key) Test(org.junit.Test)

Aggregations

EncryptionKeyCanary (org.cloudfoundry.credhub.entity.EncryptionKeyCanary)22 Test (org.junit.Test)13 EncryptedValue (org.cloudfoundry.credhub.entity.EncryptedValue)4 Before (org.junit.Before)4 Key (java.security.Key)3 UUID (java.util.UUID)3 DataJpaTest (org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest)3 Lists.newArrayList (com.google.common.collect.Lists.newArrayList)2 List (java.util.List)2 Collectors (java.util.stream.Collectors)2 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)2 EncryptionKeyMetadata (org.cloudfoundry.credhub.config.EncryptionKeyMetadata)2 EncryptionKeyCanaryRepository (org.cloudfoundry.credhub.repository.EncryptionKeyCanaryRepository)2 DatabaseProfileResolver (org.cloudfoundry.credhub.util.DatabaseProfileResolver)2 MatcherAssert.assertThat (org.hamcrest.MatcherAssert.assertThat)2 Matchers.containsInAnyOrder (org.hamcrest.Matchers.containsInAnyOrder)2 IsCollectionWithSize.hasSize (org.hamcrest.collection.IsCollectionWithSize.hasSize)2 IsEqual.equalTo (org.hamcrest.core.IsEqual.equalTo)2 Assert.assertNotNull (org.junit.Assert.assertNotNull)2 RunWith (org.junit.runner.RunWith)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial