mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: 68fb6e7f | patch | commit | ignore whitespace
david_page
17.18.2007 e6e61549454f79ff9df47e7100e99f2b740362b5 
1. Fix API type error.
2. Add testcase to check that cached key is reused for successive encryptions that request the same algorithm and key length (instead of generating another key).
2 files modified
37 ■■■■ changed files
opends/src/server/org/opends/server/types/CryptoManager.java 8 ●●●● patch | view | raw | blame | history
opends/tests/unit-tests-testng/src/server/org/opends/server/types/CryptoManagerTestCase.java 29 ●●●●● patch | view | raw | blame | history 
 opends/src/server/org/opends/server/types/CryptoManager.java


@@ -1442,7 +1442,7 @@


     *


     * @param cryptoManager  The CryptoManager instance.


     *


     * @param keyIDBytes  The key identifier.


     * @param keyIDString  The key identifier.


     *


     * @param transformation  The cipher transformation for which the


     * key entry was produced.


@@ -1468,18 +1468,18 @@


     */


    public static CipherKeyEntry importCipherKeyEntry(


            final CryptoManager cryptoManager,


            final byte[] keyIDBytes,


            final String keyIDString,


            final String transformation,


            final String keyAlgorithm,


            final byte[] key,


            final int ivLengthBits,


            final boolean isCompromised)


            throws CryptoManagerException {


      Validator.ensureNotNull(keyIDBytes, transformation,


      Validator.ensureNotNull(keyIDString, transformation,


              keyAlgorithm, key);


      Validator.ensureTrue(0 <= ivLengthBits);




      final KeyEntryID keyID = new KeyEntryID(keyIDBytes);


      final KeyEntryID keyID = new KeyEntryID(keyIDString);




      // Check map for existing key entry with the supplied keyID.


      CipherKeyEntry keyEntry = getKeyEntry(cryptoManager, keyID);




 opends/tests/unit-tests-testng/src/server/org/opends/server/types/CryptoManagerTestCase.java


@@ -43,6 +43,7 @@


import java.util.List;


import java.util.LinkedList;


import java.util.Arrays;


import java.lang.reflect.Method;




import org.testng.annotations.AfterClass;


import org.testng.annotations.BeforeClass;


@@ -144,6 +145,7 @@


    // default (preferred) AES/CBC/PKCS5Padding 128bit key.


    paramList.add(new CipherParameters(null, null, null, 128, 128));


    // custom


//    paramList.add(new CipherParameters("Blowfish", "CFB", "NoPadding", 192, 64));


    paramList.add(new CipherParameters("Blowfish", "CFB", "NoPadding", 128, 64));


    paramList.add(new CipherParameters("RC4", null, null, 104, 0));


    paramList.add(new CipherParameters("DES", "CFB", "NoPadding", 56, 56));


@@ -220,4 +222,31 @@


    is.close();


    assertEquals(new String(plainText), secretMessage);


  }




  /**


   Tests to ensure the same key identifier (and hence, key) is used for


   successive encryptions specifying the same algorithm and key length.




   @throws Exception  In case an error occurs in the encryption routine.


   */


  @Test


  public void testKeyEntryReuse()


          throws Exception {




    final CryptoManager cm = DirectoryServer.getCryptoManager();


    final String secretMessage = "1234";




    try {


      Method m = Arrays.class.getMethod("copyOfRange", (new byte[16]).getClass(),


              Integer.TYPE, Integer.TYPE);


      final byte[] cipherText = cm.encrypt(secretMessage.getBytes());


      final byte[] keyID = (byte[])m.invoke(null, cipherText, 0, 16);


      final byte[] cipherText2 = cm.encrypt(secretMessage.getBytes());


      final byte[] keyID2 = (byte[])m.invoke(null, cipherText2, 0, 16);


      assertTrue(Arrays.equals(keyID, keyID2));


    }


    catch (NoSuchMethodException ex) {


      // ignore - requires Java 6


    }


  }


}