Search in sources :

Example 1 with UserCredentialVersionData

use of org.cloudfoundry.credhub.entity.UserCredentialVersionData in project credhub by cloudfoundry-incubator.

the class UserCredentialVersionTest method getPassword_returnsDecryptedPassword_andOnlyDecryptsOnce.

@Test
public void getPassword_returnsDecryptedPassword_andOnlyDecryptsOnce() {
    final EncryptedValue encryption = new EncryptedValue(ENCRYPTION_KEY_UUID, ENCRYPTED_PASSWORD, NONCE);
    when(encryptor.decrypt(encryption)).thenReturn(USER_PASSWORD);
    userCredentialData = new UserCredentialVersionData().setEncryptedValueData(new EncryptedValue().setEncryptedValue(ENCRYPTED_PASSWORD).setNonce(NONCE).setEncryptionKeyUuid(ENCRYPTION_KEY_UUID));
    subject = new UserCredentialVersion(userCredentialData).setEncryptor(encryptor);
    String password = subject.getPassword();
    assertThat(password, equalTo(USER_PASSWORD));
    verify(encryptor, times(1)).decrypt(any());
}
Also used : UserCredentialVersionData(org.cloudfoundry.credhub.entity.UserCredentialVersionData) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) Test(org.junit.Test)

Example 2 with UserCredentialVersionData

use of org.cloudfoundry.credhub.entity.UserCredentialVersionData in project credhub by cloudfoundry-incubator.

the class UserCredentialVersionTest method getGenerationParameters_returnsNullIfTheGenerationParametersAreNull.

@Test
public void getGenerationParameters_returnsNullIfTheGenerationParametersAreNull() {
    userCredentialData = new UserCredentialVersionData();
    subject = new UserCredentialVersion(userCredentialData).setEncryptor(encryptor);
    subject.setGenerationParameters(null);
    StringGenerationParameters generationParameters = subject.getGenerationParameters();
    assertThat(generationParameters, equalTo(null));
}
Also used : UserCredentialVersionData(org.cloudfoundry.credhub.entity.UserCredentialVersionData) StringGenerationParameters(org.cloudfoundry.credhub.request.StringGenerationParameters) Test(org.junit.Test)

Example 3 with UserCredentialVersionData

use of org.cloudfoundry.credhub.entity.UserCredentialVersionData in project credhub by cloudfoundry-incubator.

the class UserCredentialVersionTest method getGenerationParameters_decryptsGenerationParameters.

@Test
public void getGenerationParameters_decryptsGenerationParameters() {
    final EncryptedValue parameterEncryption = new EncryptedValue(ENCRYPTION_KEY_UUID, ENCRYPTED_GENERATION_PARAMS, PARAMETERS_NONCE);
    final EncryptedValue passwordEncryption = new EncryptedValue(ENCRYPTION_KEY_UUID, ENCRYPTED_PASSWORD, NONCE);
    when(encryptor.decrypt(parameterEncryption)).thenReturn(USER_GENERATION_PARAMS_STRING);
    when(encryptor.decrypt(passwordEncryption)).thenReturn(USER_PASSWORD);
    userCredentialData = new UserCredentialVersionData().setEncryptedValueData(passwordEncryption).setEncryptedGenerationParameters(parameterEncryption);
    subject = new UserCredentialVersion(userCredentialData).setEncryptor(encryptor);
    StringGenerationParameters generationParameters = subject.getGenerationParameters();
    assertThat(generationParameters, samePropertyValuesAs(STRING_GENERATION_PARAMS));
    verify(encryptor, times(2)).decrypt(any());
}
Also used : UserCredentialVersionData(org.cloudfoundry.credhub.entity.UserCredentialVersionData) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) StringGenerationParameters(org.cloudfoundry.credhub.request.StringGenerationParameters) Test(org.junit.Test)

Example 4 with UserCredentialVersionData

use of org.cloudfoundry.credhub.entity.UserCredentialVersionData in project credhub by cloudfoundry-incubator.

the class UserCredentialVersionTest method setUsername_setsUsernameOnDelegate.

@Test
public void setUsername_setsUsernameOnDelegate() {
    UserCredentialVersionData delegate = new UserCredentialVersionData(CREDENTIAL_NAME);
    subject = new UserCredentialVersion(delegate);
    subject.setUsername("test-user");
    assertThat(delegate.getUsername(), equalTo("test-user"));
}
Also used : UserCredentialVersionData(org.cloudfoundry.credhub.entity.UserCredentialVersionData) Test(org.junit.Test)

Example 5 with UserCredentialVersionData

use of org.cloudfoundry.credhub.entity.UserCredentialVersionData in project credhub by cloudfoundry-incubator.

the class UserCredentialVersionTest method rotate_reEncryptsPasswordWithNewEncryptionKey.

@Test
public void rotate_reEncryptsPasswordWithNewEncryptionKey() {
    UUID oldEncryptionKeyUuid = UUID.randomUUID();
    byte[] oldEncryptedPassword = "old-encrypted-password".getBytes();
    byte[] oldEncryptedGenerationParams = "old-encrypted-generation-params".getBytes();
    byte[] oldNonce = "old-nonce".getBytes();
    byte[] oldParametersNonce = "old-parameters-nonce".getBytes();
    EncryptedValue parametersEncryption = new EncryptedValue(oldEncryptionKeyUuid, oldEncryptedGenerationParams, oldParametersNonce);
    EncryptedValue encryptedUserValue = new EncryptedValue().setEncryptionKeyUuid(oldEncryptionKeyUuid).setEncryptedValue(oldEncryptedPassword).setNonce(oldNonce);
    userCredentialData = new UserCredentialVersionData(CREDENTIAL_NAME).setEncryptedValueData(encryptedUserValue).setEncryptedGenerationParameters(parametersEncryption);
    subject = new UserCredentialVersion(userCredentialData).setEncryptor(encryptor);
    when(encryptor.decrypt(new EncryptedValue(oldEncryptionKeyUuid, oldEncryptedPassword, oldNonce))).thenReturn(USER_PASSWORD);
    when(encryptor.decrypt(new EncryptedValue(oldEncryptionKeyUuid, oldEncryptedGenerationParams, oldParametersNonce))).thenReturn(USER_GENERATION_PARAMS_STRING);
    when(encryptor.encrypt(eq(USER_PASSWORD))).thenReturn(new EncryptedValue(ENCRYPTION_KEY_UUID, ENCRYPTED_PASSWORD, NONCE));
    when(encryptor.encrypt(eq(USER_GENERATION_PARAMS_STRING))).thenReturn(new EncryptedValue(ENCRYPTION_KEY_UUID, ENCRYPTED_GENERATION_PARAMS, PARAMETERS_NONCE));
    subject.rotate();
    verify(encryptor, times(2)).decrypt(any());
    verify(encryptor).encrypt(USER_PASSWORD);
    verify(encryptor).encrypt(USER_GENERATION_PARAMS_STRING);
    assertThat(userCredentialData.getEncryptionKeyUuid(), equalTo(ENCRYPTION_KEY_UUID));
    assertThat(userCredentialData.getEncryptedValueData().getEncryptedValue(), equalTo(ENCRYPTED_PASSWORD));
    assertThat(userCredentialData.getEncryptedGenerationParameters().getEncryptedValue(), equalTo(ENCRYPTED_GENERATION_PARAMS));
    assertThat(userCredentialData.getNonce(), equalTo(NONCE));
    assertThat(userCredentialData.getEncryptedGenerationParameters().getNonce(), equalTo(PARAMETERS_NONCE));
}
Also used : UserCredentialVersionData(org.cloudfoundry.credhub.entity.UserCredentialVersionData) UUID(java.util.UUID) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) Test(org.junit.Test)

Aggregations

UserCredentialVersionData (org.cloudfoundry.credhub.entity.UserCredentialVersionData)8 Test (org.junit.Test)8 EncryptedValue (org.cloudfoundry.credhub.entity.EncryptedValue)5 StringGenerationParameters (org.cloudfoundry.credhub.request.StringGenerationParameters)2 UUID (java.util.UUID)1