| | |
|---|
| | | import java.security.MessageDigest; |
|---|
| | | import java.util.Arrays; |
|---|
| | | import java.util.List; |
|---|
| | | import java.util.UUID; |
|---|
| | | |
|---|
| | | import javax.crypto.Mac; |
|---|
| | | |
|---|
| | |
|---|
| | | import org.opends.admin.ads.ADSContext; |
|---|
| | | import org.opends.server.TestCaseUtils; |
|---|
| | | import org.opends.server.core.DirectoryServer; |
|---|
| | | import org.opends.server.protocols.internal.InternalClientConnection; |
|---|
| | | import org.opends.server.protocols.internal.InternalSearchOperation; |
|---|
| | | import org.opends.server.protocols.internal.SearchRequest; |
|---|
| | | import org.opends.server.protocols.ldap.LDAPAttribute; |
|---|
| | |
|---|
| | | import org.opends.server.types.CryptoManager; |
|---|
| | | import org.opends.server.types.CryptoManagerException; |
|---|
| | | import org.forgerock.opendj.ldap.DN; |
|---|
| | | import org.opends.server.types.DirectoryException; |
|---|
| | | import org.opends.server.types.Entry; |
|---|
| | | import org.opends.server.types.Modification; |
|---|
| | | import org.opends.server.util.EmbeddedUtils; |
|---|
| | | import org.opends.server.util.StaticUtils; |
|---|
| | | import org.opends.server.util.TimeThread; |
|---|
| | | import org.testng.Assert; |
|---|
| | | import org.testng.annotations.AfterClass; |
|---|
| | | import org.testng.annotations.BeforeClass; |
|---|
| | | import org.testng.annotations.DataProvider; |
|---|
| | | import org.testng.annotations.Test; |
|---|
| | | |
|---|
| | | import static org.assertj.core.api.Assertions.*; |
|---|
| | | import static org.forgerock.opendj.ldap.ModificationType.*; |
|---|
| | | import static org.opends.server.config.ConfigConstants.*; |
|---|
| | | import static org.opends.server.protocols.internal.InternalClientConnection.*; |
|---|
| | | import static org.opends.server.protocols.internal.Requests.*; |
|---|
| | | import static org.opends.server.types.Attributes.create; |
|---|
| | | import static org.testng.Assert.*; |
|---|
| | | |
|---|
| | | /** |
|---|
| | |
|---|
| | | TestCaseUtils.restartServer(); |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Test(expectedExceptions = CryptoManagerException.class) |
|---|
| | | public void testImportKeysReplacesExistingKeys() |
|---|
| | | throws Exception { |
|---|
| | | final CryptoManagerImpl cm = DirectoryServer.getCryptoManager(); |
|---|
| | | final int keyLength = 56; |
|---|
| | | final String cipher = "DES/CFB/NoPadding"; |
|---|
| | | byte[] cipherText = cm.encrypt(cipher, keyLength, new byte[56]); |
|---|
| | | Entry oldKey = getKeyForCipher(cipher, keyLength); |
|---|
| | | // Force import by changing the keyID |
|---|
| | | Modification mod = new Modification(REPLACE, create("ds-cfg-key-id", UUID.randomUUID().toString())); |
|---|
| | | oldKey.applyModification(mod); |
|---|
| | | cm.importCipherKeyEntry(oldKey); |
|---|
| | | try |
|---|
| | | { |
|---|
| | | cm.decrypt(cipherText); |
|---|
| | | Assert.fail("Was expecting a CryptoManager exception, the key should be invalid."); |
|---|
| | | } |
|---|
| | | finally |
|---|
| | | { |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | private Entry getKeyForCipher(String cipher, int keyLength) throws DirectoryException |
|---|
| | | { |
|---|
| | | SearchRequest request = newSearchRequest("cn=secret keys, cn=admin data", SearchScope.WHOLE_SUBTREE, |
|---|
| | | "&(ds-cfg-cipher-transformation-name=" + cipher + ")(ds-cfg-key-length-bits=" + keyLength + ")"); |
|---|
| | | InternalClientConnection conn = getRootConnection(); |
|---|
| | | InternalSearchOperation search = conn.processSearch(request); |
|---|
| | | return search.getSearchEntries().get(0); |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Test |
|---|
| | | public void testGetInstanceKeyCertificate() |
|---|
