Added test cases for passwprd storage schemes, AES, 3DES, RC4, and blowfish...

mkeyes

19.06.2007 8ba94491e9b4ee06e8f7d10799124052ffba5026

Added test cases for passwprd storage schemes, AES, 3DES, RC4, and blowfish (Issues 315, 316, 317, and 318).

 opends/tests/functional-tests/testcases/security/pwd_storage/security_pwd_3DES.xml

New file
@@ -0,0 +1,196 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
<!--
 ! CDDL HEADER START
 !
 ! The contents of this file are subject to the terms of the
 ! Common Development and Distribution License, Version 1.0 only
 ! (the "License").  You may not use this file except in compliance
 ! with the License.
 !
 ! You can obtain a copy of the license at
 ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
 ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
 ! See the License for the specific language governing permissions
 ! and limitations under the License.
 !
 ! When distributing Covered Code, include this CDDL HEADER in each
 ! file and include the License file at
 ! trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
 ! add the following below this CDDL HEADER, with the fields enclosed
 ! by brackets "[]" replaced with your own identifying information:
 !      Portions Copyright [yyyy] [name of copyright owner]
 !
 ! CDDL HEADER END
 !
 !      Portions Copyright 2006-2007 Sun Microsystems, Inc.
 ! -->
<stax>

  <defaultcall function="pwd_3DES"/>

  <function name="pwd_3DES">
      <!---
            Place suite-specific test information here.
            #@TestSuiteName             3DES Tests
            #@TestSuitePurpose          Test the 3DES storage scheme.
            #@TestSuiteGroup            3DES Storage Scheme Tests
            #@TestScript                security_pwd_3DES.xml
      -->
      <sequence>

        <!--- Test case: Admin Change To 3DES Storage Scheme -->
       <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                3DES Tests
            #@TestName                  3DES Preamble
            #@TestIssue                 315
            #@TestPurpose               Change password storage scheme to 3DES.
            #@TestPreamble              none
            #@TestStep                  Client calls ldapmodify 
                                        with the filename to the appropriate file.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0
        -->
        <testcase name="getTestCaseName('3DES - Preamble')">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'Security: Pwd Storage 3DES: Preamble - Admin Changing to 3DES Storage Scheme'
            </message>

            <call function="'modifyPwdPolicy'">
                  { 'dsInstanceHost'         : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'         : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'           : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'         : DIRECTORY_INSTANCE_PSWD ,
                    'propertyName'           : 'Default Password Policy' ,
                    'attributeName'          : 'default-password-storage-scheme' ,
                    'attributeValue'         : '3DES' }
            </call>
            
            <call function="'testCase_Postamble'"/>
            
          </sequence>
        </testcase>

        <!--- Test Case : User Change Password 3DES Scheme-->
       <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                3DES Tests
            #@TestName                  3DES Test 1
            #@TestIssue                 315
            #@TestPurpose               Test 3DES password storage scheme.
            #@TestPreamble              none
            #@TestStep                  Admin changes a user's password to convert 
                                        so it is stored as 3DES scheme. 
            #@TestStep                  The user binds with the new password.
            #@TestStep                  Admin retrieves the user's password and 
                                        checks for the required {3DES} prefix.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0 for the ldap
                                        operations and the password has the {3DES} prefix.
        -->
        <testcase name="getTestCaseName('3DES - Pwd Change')">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'Security: Pwd Storage 3DES: User Changing Password'
            </message>

            <call function="'modifyAnAttribute'">
                  { 'dsInstanceHost'         : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'         : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'           : 'uid=cschmith,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
                    'dsInstancePswd'         : 'hypotenuse' ,
                    'DNToModify'             : 'uid=cschmith,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
                    'attributeName'          : 'userpassword' ,
                    'newAttributeValue'      : '3DEShypotenuse' ,
                    'changetype'             : 'replace' }
            </call>
            
            <message>
               'Security: Pwd Storage 3DES: User Binding With New Password'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=cschmith,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : '3DEShypotenuse' ,
                'dsBaseDN'         : 'dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'extraParams'      : '-s base' }
            </call>

            <message>
               'Security: Pwd Storage 3DES: Checking for 3DES Scheme On New Password'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'dsBaseDN'         : 'uid=cschmith,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'userpassword' }
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'checktestString'">
                { 'returnString'       : returnString ,
                  'expectedString'     : '{3DES}' }
            </call>
            
            <call function="'testCase_Postamble'"/>
          
          </sequence>
        </testcase>

        <!--- Test case: Admin Reset To SSHA Storage Scheme -->
        <testcase name="getTestCaseName('3DES - Postamble')">
        <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                3DES Tests
            #@TestName                  3DES Postamble
            #@TestIssue                 315
            #@TestPurpose               Reset password storage scheme to the default, SSHA.
            #@TestPreamble              none
            #@TestStep                  Client calls ldapmodify 
                                        with the filename to the appropriate file.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0
         -->
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'Security: Pwd Storage 3DES: Postamble - Admin Resetting to SSHA Storage Scheme'
            </message>

            <call function="'modifyPwdPolicy'">
                  { 'dsInstanceHost'         : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'         : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'           : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'         : DIRECTORY_INSTANCE_PSWD ,
                    'propertyName'           : 'Default Password Policy' ,
                    'attributeName'          : 'default-password-storage-scheme' ,
                    'attributeValue'         : 'Salted SHA-1' }
            </call>
            
            <call function="'testCase_Postamble'"/>
              
          </sequence>
        </testcase>

     </sequence>

  </function>

</stax>

 opends/tests/functional-tests/testcases/security/pwd_storage/security_pwd_AES.xml

New file
@@ -0,0 +1,196 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
<!--
 ! CDDL HEADER START
 !
 ! The contents of this file are subject to the terms of the
 ! Common Development and Distribution License, Version 1.0 only
 ! (the "License").  You may not use this file except in compliance
 ! with the License.
 !
 ! You can obtain a copy of the license at
 ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
 ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
 ! See the License for the specific language governing permissions
 ! and limitations under the License.
 !
 ! When distributing Covered Code, include this CDDL HEADER in each
 ! file and include the License file at
 ! trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
 ! add the following below this CDDL HEADER, with the fields enclosed
 ! by brackets "[]" replaced with your own identifying information:
 !      Portions Copyright [yyyy] [name of copyright owner]
 !
 ! CDDL HEADER END
 !
 !      Portions Copyright 2006-2007 Sun Microsystems, Inc.
 ! -->
<stax>

  <defaultcall function="pwd_AES"/>

  <function name="pwd_AES">
      <!---
            Place suite-specific test information here.
            #@TestSuiteName             AES Tests
            #@TestSuitePurpose          Test the AES storage scheme.
            #@TestSuiteGroup            AES Storage Scheme Tests
            #@TestScript                security_pwd_AES.xml
      -->
      <sequence>

        <!--- Test case: Admin Change To AES Storage Scheme -->
       <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                AES Tests
            #@TestName                  AES Preamble
            #@TestIssue                 316
            #@TestPurpose               Change password storage scheme to AES.
            #@TestPreamble              none
            #@TestStep                  Client calls ldapmodify 
                                        with the filename to the appropriate file.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0
        -->
        <testcase name="getTestCaseName('AES - Preamble')">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'Security: Pwd Storage AES: Preamble - Admin Changing to AES Storage Scheme'
            </message>

            <call function="'modifyPwdPolicy'">
                  { 'dsInstanceHost'         : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'         : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'           : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'         : DIRECTORY_INSTANCE_PSWD ,
                    'propertyName'           : 'Default Password Policy' ,
                    'attributeName'          : 'default-password-storage-scheme' ,
                    'attributeValue'         : 'AES' }
            </call>
            
            <call function="'testCase_Postamble'"/>
            
          </sequence>
        </testcase>

        <!--- Test Case : User Change Password AES Scheme-->
       <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                AES Tests
            #@TestName                  AES Test 1
            #@TestIssue                 316
            #@TestPurpose               Test AES password storage scheme.
            #@TestPreamble              none
            #@TestStep                  Admin changes a user's password to convert 
                                        so it is stored as AES scheme. 
            #@TestStep                  The user binds with the new password.
            #@TestStep                  Admin retrieves the user's password and 
                                        checks for the required {AES} prefix.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0 for the ldap
                                        operations and the password has the {AES} prefix.
        -->
        <testcase name="getTestCaseName('AES - Pwd Change')">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'Security: Pwd Storage AES: User Changing Password'
            </message>

            <call function="'modifyAnAttribute'">
                  { 'dsInstanceHost'         : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'         : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'           : 'uid=tclow,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
                    'dsInstancePswd'         : 'cardreader' ,
                    'DNToModify'             : 'uid=tclow,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
                    'attributeName'          : 'userpassword' ,
                    'newAttributeValue'      : 'AEScardreader' ,
                    'changetype'             : 'replace' }
            </call>
            
            <message>
               'Security: Pwd Storage AES: User Binding With New Password'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=tclow,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'AEScardreader' ,
                'dsBaseDN'         : 'dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'extraParams'      : '-s base' }
            </call>

            <message>
               'Security: Pwd Storage AES: Checking for AES Scheme On New Password'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'dsBaseDN'         : 'uid=tclow,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'userpassword' }
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'checktestString'">
                { 'returnString'       : returnString ,
                  'expectedString'     : '{AES}' }
            </call>
            
            <call function="'testCase_Postamble'"/>
          
          </sequence>
        </testcase>

        <!--- Test case: Admin Reset To SSHA Storage Scheme -->
        <testcase name="getTestCaseName('AES - Postamble')">
        <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                AES Tests
            #@TestName                  AES Postamble
            #@TestIssue                 316
            #@TestPurpose               Reset password storage scheme to the default, SSHA.
            #@TestPreamble              none
            #@TestStep                  Client calls ldapmodify 
                                        with the filename to the appropriate file.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0
         -->
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'Security: Pwd Storage AES: Postamble - Admin Resetting to SSHA Storage Scheme'
            </message>

            <call function="'modifyPwdPolicy'">
                  { 'dsInstanceHost'         : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'         : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'           : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'         : DIRECTORY_INSTANCE_PSWD ,
                    'propertyName'           : 'Default Password Policy' ,
                    'attributeName'          : 'default-password-storage-scheme' ,
                    'attributeValue'         : 'Salted SHA-1' }
            </call>
            
            <call function="'testCase_Postamble'"/>
              
          </sequence>
        </testcase>

     </sequence>

  </function>

</stax>

 opends/tests/functional-tests/testcases/security/pwd_storage/security_pwd_RC4.xml

New file
@@ -0,0 +1,196 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
<!--
 ! CDDL HEADER START
 !
 ! The contents of this file are subject to the terms of the
 ! Common Development and Distribution License, Version 1.0 only
 ! (the "License").  You may not use this file except in compliance
 ! with the License.
 !
 ! You can obtain a copy of the license at
 ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
 ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
 ! See the License for the specific language governing permissions
 ! and limitations under the License.
 !
 ! When distributing Covered Code, include this CDDL HEADER in each
 ! file and include the License file at
 ! trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
 ! add the following below this CDDL HEADER, with the fields enclosed
 ! by brackets "[]" replaced with your own identifying information:
 !      Portions Copyright [yyyy] [name of copyright owner]
 !
 ! CDDL HEADER END
 !
 !      Portions Copyright 2006-2007 Sun Microsystems, Inc.
 ! -->
<stax>

  <defaultcall function="pwd_RC4"/>

  <function name="pwd_RC4">
      <!---
            Place suite-specific test information here.
            #@TestSuiteName             RC4 Tests
            #@TestSuitePurpose          Test the RC4 storage scheme.
            #@TestSuiteGroup            RC4 Storage Scheme Tests
            #@TestScript                security_pwd_RC4.xml
      -->
      <sequence>

        <!--- Test case: Admin Change To RC4 Storage Scheme -->
       <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                RC4 Tests
            #@TestName                  RC4 Preamble
            #@TestIssue                 317
            #@TestPurpose               Change password storage scheme to RC4.
            #@TestPreamble              none
            #@TestStep                  Client calls ldapmodify 
                                        with the filename to the appropriate file.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0
        -->
        <testcase name="getTestCaseName('RC4 - Preamble')">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'Security: Pwd Storage RC4: Preamble - Admin Changing to RC4 Storage Scheme'
            </message>

            <call function="'modifyPwdPolicy'">
                  { 'dsInstanceHost'         : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'         : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'           : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'         : DIRECTORY_INSTANCE_PSWD ,
                    'propertyName'           : 'Default Password Policy' ,
                    'attributeName'          : 'default-password-storage-scheme' ,
                    'attributeValue'         : 'RC4' }
            </call>
            
            <call function="'testCase_Postamble'"/>
            
          </sequence>
        </testcase>

        <!--- Test Case : User Change Password RC4 Scheme-->
       <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                RC4 Tests
            #@TestName                  RC4 Test 1
            #@TestIssue                 317
            #@TestPurpose               Test RC4 password storage scheme.
            #@TestPreamble              none
            #@TestStep                  Admin changes a user's password to convert 
                                        so it is stored as RC4 scheme. 
            #@TestStep                  The user binds with the new password.
            #@TestStep                  Admin retrieves the user's password and 
                                        checks for the required {RC4} prefix.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0 for the ldap
                                        operations and the password has the {RC4} prefix.
        -->
        <testcase name="getTestCaseName('RC4 - Pwd Change')">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'Security: Pwd Storage RC4: User Changing Password'
            </message>

            <call function="'modifyAnAttribute'">
                  { 'dsInstanceHost'         : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'         : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'           : 'uid=jreuter,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
                    'dsInstancePswd'         : 'destroy' ,
                    'DNToModify'             : 'uid=jreuter,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
                    'attributeName'          : 'userpassword' ,
                    'newAttributeValue'      : 'RC4destroy' ,
                    'changetype'             : 'replace' }
            </call>
            
            <message>
               'Security: Pwd Storage RC4: User Binding With New Password'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=jreuter,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'RC4destroy' ,
                'dsBaseDN'         : 'dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'extraParams'      : '-s base' }
            </call>

            <message>
               'Security: Pwd Storage RC4: Checking for RC4 Scheme On New Password'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'dsBaseDN'         : 'uid=jreuter,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'userpassword' }
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'checktestString'">
                { 'returnString'       : returnString ,
                  'expectedString'     : '{RC4}' }
            </call>
            
            <call function="'testCase_Postamble'"/>
          
          </sequence>
        </testcase>

        <!--- Test case: Admin Reset To SSHA Storage Scheme -->
        <testcase name="getTestCaseName('RC4 - Postamble')">
        <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                RC4 Tests
            #@TestName                  RC4 Postamble
            #@TestIssue                 317
            #@TestPurpose               Reset password storage scheme to the default, SSHA.
            #@TestPreamble              none
            #@TestStep                  Client calls ldapmodify 
                                        with the filename to the appropriate file.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0
         -->
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'Security: Pwd Storage RC4: Postamble - Admin Resetting to SSHA Storage Scheme'
            </message>

            <call function="'modifyPwdPolicy'">
                  { 'dsInstanceHost'         : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'         : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'           : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'         : DIRECTORY_INSTANCE_PSWD ,
                    'propertyName'           : 'Default Password Policy' ,
                    'attributeName'          : 'default-password-storage-scheme' ,
                    'attributeValue'         : 'Salted SHA-1' }
            </call>
            
            <call function="'testCase_Postamble'"/>
              
          </sequence>
        </testcase>

     </sequence>

  </function>

</stax>

 opends/tests/functional-tests/testcases/security/pwd_storage/security_pwd_blowfish.xml

New file
@@ -0,0 +1,196 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE stax SYSTEM "../../../shared/stax.dtd">
<!--
 ! CDDL HEADER START
 !
 ! The contents of this file are subject to the terms of the
 ! Common Development and Distribution License, Version 1.0 only
 ! (the "License").  You may not use this file except in compliance
 ! with the License.
 !
 ! You can obtain a copy of the license at
 ! trunk/opends/resource/legal-notices/OpenDS.LICENSE
 ! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
 ! See the License for the specific language governing permissions
 ! and limitations under the License.
 !
 ! When distributing Covered Code, include this CDDL HEADER in each
 ! file and include the License file at
 ! trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
 ! add the following below this CDDL HEADER, with the fields enclosed
 ! by brackets "[]" replaced with your own identifying information:
 !      Portions Copyright [yyyy] [name of copyright owner]
 !
 ! CDDL HEADER END
 !
 !      Portions Copyright 2006-2007 Sun Microsystems, Inc.
 ! -->
<stax>

  <defaultcall function="pwd_BLOWFISH"/>

  <function name="pwd_BLOWFISH">
      <!---
            Place suite-specific test information here.
            #@TestSuiteName             BLOWFISH Tests
            #@TestSuitePurpose          Test the BLOWFISH storage scheme.
            #@TestSuiteGroup            BLOWFISH Storage Scheme Tests
            #@TestScript                security_pwd_BLOWFISH.xml
      -->
      <sequence>

        <!--- Test case: Admin Change To BLOWFISH Storage Scheme -->
       <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                BLOWFISH Tests
            #@TestName                  BLOWFISH Preamble
            #@TestIssue                 318
            #@TestPurpose               Change password storage scheme to BLOWFISH.
            #@TestPreamble              none
            #@TestStep                  Client calls ldapmodify 
                                        with the filename to the appropriate file.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0
        -->
        <testcase name="getTestCaseName('BLOWFISH - Preamble')">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'Security: Pwd Storage BLOWFISH: Preamble - Admin Changing to BLOWFISH Storage Scheme'
            </message>

            <call function="'modifyPwdPolicy'">
                  { 'dsInstanceHost'         : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'         : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'           : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'         : DIRECTORY_INSTANCE_PSWD ,
                    'propertyName'           : 'Default Password Policy' ,
                    'attributeName'          : 'default-password-storage-scheme' ,
                    'attributeValue'         : 'BLOWFISH' }
            </call>
            
            <call function="'testCase_Postamble'"/>
            
          </sequence>
        </testcase>

        <!--- Test Case : User Change Password BLOWFISH Scheme-->
       <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                BLOWFISH Tests
            #@TestName                  BLOWFISH Test 1
            #@TestIssue                 318
            #@TestPurpose               Test BLOWFISH password storage scheme.
            #@TestPreamble              none
            #@TestStep                  Admin changes a user's password to convert 
                                        so it is stored as BLOWFISH scheme. 
            #@TestStep                  The user binds with the new password.
            #@TestStep                  Admin retrieves the user's password and 
                                        checks for the required {BLOWFISH} prefix.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0 for the ldap
                                        operations and the password has the {BLOWFISH} prefix.
        -->
        <testcase name="getTestCaseName('BLOWFISH - Pwd Change')">
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'Security: Pwd Storage BLOWFISH: User Changing Password'
            </message>

            <call function="'modifyAnAttribute'">
                  { 'dsInstanceHost'         : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'         : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'           : 'uid=abergin,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
                    'dsInstancePswd'         : 'inflict' ,
                    'DNToModify'             : 'uid=abergin,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
                    'attributeName'          : 'userpassword' ,
                    'newAttributeValue'      : 'BLOWFISHinflict' ,
                    'changetype'             : 'replace' }
            </call>
            
            <message>
               'Security: Pwd Storage BLOWFISH: User Binding With New Password'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : 'uid=abergin,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
                'dsInstancePswd'   : 'BLOWFISHinflict' ,
                'dsBaseDN'         : 'dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'extraParams'      : '-s base' }
            </call>

            <message>
               'Security: Pwd Storage BLOWFISH: Checking for BLOWFISH Scheme On New Password'
            </message>

            <call function="'SearchObject'">
              { 'dsInstanceHost'   : DIRECTORY_INSTANCE_HOST ,
                'dsInstancePort'   : DIRECTORY_INSTANCE_PORT ,
                'dsInstanceDn'     : DIRECTORY_INSTANCE_DN ,
                'dsInstancePswd'   : DIRECTORY_INSTANCE_PSWD ,
                'dsBaseDN'         : 'uid=abergin,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' ,
                'dsFilter'         : 'objectclass=*'  ,
                'attributes'       : 'userpassword' }
            </call>

            <script> 
             returnString = STAXResult[0][1]
            </script> 

            <call function="'checktestString'">
                { 'returnString'       : returnString ,
                  'expectedString'     : '{BLOWFISH}' }
            </call>
            
            <call function="'testCase_Postamble'"/>
          
          </sequence>
        </testcase>

        <!--- Test case: Admin Reset To SSHA Storage Scheme -->
        <testcase name="getTestCaseName('BLOWFISH - Postamble')">
        <!---
            Place test-specific test information here.
            The tag, TestMarker, must be the same as the tag, TestSuiteName.
            #@TestMarker                BLOWFISH Tests
            #@TestName                  BLOWFISH Postamble
            #@TestIssue                 318
            #@TestPurpose               Reset password storage scheme to the default, SSHA.
            #@TestPreamble              none
            #@TestStep                  Client calls ldapmodify 
                                        with the filename to the appropriate file.
            #@TestPostamble             none
            #@TestResult                Success if OpenDS returns 0
         -->
          <sequence>
            <call function="'testCase_Preamble'"/>
            <message>
               'Security: Pwd Storage BLOWFISH: Postamble - Admin Resetting to SSHA Storage Scheme'
            </message>

            <call function="'modifyPwdPolicy'">
                  { 'dsInstanceHost'         : DIRECTORY_INSTANCE_HOST ,
                    'dsInstancePort'         : DIRECTORY_INSTANCE_PORT ,
                    'dsInstanceDn'           : DIRECTORY_INSTANCE_DN ,
                    'dsInstancePswd'         : DIRECTORY_INSTANCE_PSWD ,
                    'propertyName'           : 'Default Password Policy' ,
                    'attributeName'          : 'default-password-storage-scheme' ,
                    'attributeValue'         : 'Salted SHA-1' }
            </call>
            
            <call function="'testCase_Postamble'"/>
              
          </sequence>
        </testcase>

     </sequence>

  </function>

</stax>

 opends/tests/functional-tests/testcases/security/pwd_storage/security_pwd_storage.xml

@@ -54,7 +54,7 @@
          <import machine="STAF_LOCAL_HOSTNAME"
            file="'%s/testcases/security/pwd_storage/security_setup_pwd_storage.xml' % (TESTS_DIR)"/>
          <call function="'setup_pwd_storage'" />
  
          
          <import machine="STAF_LOCAL_HOSTNAME"
            file="'%s/testcases/security/pwd_storage/security_pwd_SSHA.xml' % (TESTS_DIR)"/>
          <call function="'pwd_SSHA'" />
@@ -82,12 +82,28 @@
          <import machine="STAF_LOCAL_HOSTNAME"
            file="'%s/testcases/security/pwd_storage/security_pwd_SMD5.xml' % (TESTS_DIR)"/>
          <call function="'pwd_SMD5'" />
  
          
          <import machine="STAF_LOCAL_HOSTNAME"
            file="'%s/testcases/security/pwd_storage/security_pwd_BASE64.xml' % (TESTS_DIR)"/>
          <call function="'pwd_BASE64'" />
  
          <import machine="STAF_LOCAL_HOSTNAME"
            file="'%s/testcases/security/pwd_storage/security_pwd_3DES.xml' % (TESTS_DIR)"/>
          <call function="'pwd_3DES'" />
          
          <import machine="STAF_LOCAL_HOSTNAME"
            file="'%s/testcases/security/pwd_storage/security_pwd_AES.xml' % (TESTS_DIR)"/>
          <call function="'pwd_AES'" />
          
          <import machine="STAF_LOCAL_HOSTNAME"
            file="'%s/testcases/security/pwd_storage/security_pwd_RC4.xml' % (TESTS_DIR)"/>
          <call function="'pwd_RC4'" />
          
          <import machine="STAF_LOCAL_HOSTNAME"
            file="'%s/testcases/security/pwd_storage/security_pwd_blowfish.xml' % (TESTS_DIR)"/>
          <call function="'pwd_BLOWFISH'" />
          
          <import machine="STAF_LOCAL_HOSTNAME"
            file="'%s/testcases/security/pwd_storage/security_pwd_CLEAR.xml' % (TESTS_DIR)"/>
          <call function="'pwd_CLEAR'" />
  
@@ -102,7 +118,7 @@
          <import machine="STAF_LOCAL_HOSTNAME"
            file="'%s/testcases/security/pwd_storage/security_deprecated_schemes.xml' % (TESTS_DIR)"/>
          <call function="'deprecated_schemes'" />
  
          
          <import machine="STAF_LOCAL_HOSTNAME"
            file="'%s/testcases/security/pwd_storage/security_teardown_pwd_storage.xml' % (TESTS_DIR)"/>
          <call function="'teardown_pwd_storage'" />