From 65a6e3594c2a75f8dc18c1d10b15b464b0ddb613 Mon Sep 17 00:00:00 2001
From: Jean-Noel Rouvignac <jean-noel.rouvignac@forgerock.com>
Date: Fri, 25 Jul 2014 13:01:06 +0000
Subject: [PATCH] Fixed regressions introduced in r10929.
---
opends/src/server/org/opends/server/extensions/PBKDF2PasswordStorageScheme.java | 10 ++++
opends/tests/unit-tests-testng/src/server/org/opends/server/extensions/PBKDF2PasswordStorageSchemeTestCase.java | 88 ++++++++++++++++++++++++++++++++++++++++++++
opends/src/server/org/opends/server/extensions/PKCS5S2PasswordStorageScheme.java | 4 ++
3 files changed, 101 insertions(+), 1 deletions(-)
diff --git a/opends/src/server/org/opends/server/extensions/PBKDF2PasswordStorageScheme.java b/opends/src/server/org/opends/server/extensions/PBKDF2PasswordStorageScheme.java
index 56662cb..445f6f5 100644
--- a/opends/src/server/org/opends/server/extensions/PBKDF2PasswordStorageScheme.java
+++ b/opends/src/server/org/opends/server/extensions/PBKDF2PasswordStorageScheme.java
@@ -163,7 +163,7 @@
System.arraycopy(saltBytes, 0, hashPlusSalt, digestBytes.length,
NUM_SALT_BYTES);
- return ByteString.valueOf(iterations + ':' + Base64.encode(hashPlusSalt));
+ return ByteString.valueOf(iterations + ":" + Base64.encode(hashPlusSalt));
}
/** {@inheritDoc} */
@@ -186,6 +186,10 @@
{
String stored = storedPassword.toString();
int pos = stored.indexOf(':');
+ if (pos == -1)
+ {
+ throw new Exception();
+ }
final int iterations = Integer.parseInt(stored.substring(0, pos));
byte[] decodedBytes = Base64.decode(stored.substring(pos + 1));
@@ -335,6 +339,10 @@
try
{
int pos = authInfo.indexOf(':');
+ if (pos == -1)
+ {
+ throw new Exception();
+ }
int iterations = Integer.parseInt(authInfo.substring(0, pos));
byte[] saltBytes = Base64.decode(authInfo.substring(pos + 1));
byte[] digestBytes = Base64.decode(authValue);
diff --git a/opends/src/server/org/opends/server/extensions/PKCS5S2PasswordStorageScheme.java b/opends/src/server/org/opends/server/extensions/PKCS5S2PasswordStorageScheme.java
index 76adad2..ebb2eef 100644
--- a/opends/src/server/org/opends/server/extensions/PKCS5S2PasswordStorageScheme.java
+++ b/opends/src/server/org/opends/server/extensions/PKCS5S2PasswordStorageScheme.java
@@ -223,6 +223,10 @@
try
{
int pos = authInfo.indexOf(':');
+ if (pos == -1)
+ {
+ return false;
+ }
int iterations = Integer.parseInt(authInfo.substring(0, pos));
byte[] saltBytes = Base64.decode(authInfo.substring(pos + 1));
byte[] digestBytes = Base64.decode(authValue);
diff --git a/opends/tests/unit-tests-testng/src/server/org/opends/server/extensions/PBKDF2PasswordStorageSchemeTestCase.java b/opends/tests/unit-tests-testng/src/server/org/opends/server/extensions/PBKDF2PasswordStorageSchemeTestCase.java
new file mode 100644
index 0000000..567461e
--- /dev/null
+++ b/opends/tests/unit-tests-testng/src/server/org/opends/server/extensions/PBKDF2PasswordStorageSchemeTestCase.java
@@ -0,0 +1,88 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License, Version 1.0 only
+ * (the "License"). You may not use this file except in compliance
+ * with the License.
+ *
+ * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
+ * or http://forgerock.org/license/CDDLv1.0.html.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at legal-notices/CDDLv1_0.txt.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information:
+ * Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ *
+ *
+ * Copyright 2014 ForgeRock AS.
+ */
+package org.opends.server.extensions;
+
+import org.opends.server.admin.server.AdminTestCaseUtils;
+import org.opends.server.admin.std.meta.PBKDF2PasswordStorageSchemeCfgDefn;
+import org.opends.server.admin.std.server.PBKDF2PasswordStorageSchemeCfg;
+import org.opends.server.api.PasswordStorageScheme;
+import org.testng.annotations.DataProvider;
+
+/**
+ * A set of test cases for the PBKDF2 password storage scheme.
+ */
+@SuppressWarnings("javadoc")
+public class PBKDF2PasswordStorageSchemeTestCase
+ extends PasswordStorageSchemeTestCase
+{
+ /** Creates a new instance of this storage scheme test case. */
+ public PBKDF2PasswordStorageSchemeTestCase()
+ {
+ super("cn=PBKDF2,cn=Password Storage Schemes,cn=config");
+ }
+
+ /**
+ * Retrieves a set of passwords that may be used to test the password storage scheme.
+ *
+ * @return A set of passwords that may be used to test the password storage scheme.
+ */
+ @Override
+ @DataProvider(name = "testPasswords")
+ public Object[][] getTestPasswords()
+ {
+ final Object[][] testPasswords = super.getTestPasswords();
+
+ // JDK Bug 6879540. Empty passwords are not accepted when generating PBESpecKey.
+ // The bug is present in Java 6 and some version of Java 7.
+ final int newLength = testPasswords.length - 2;
+ final Object[][] results = new Object[newLength][];
+ System.arraycopy(testPasswords, 2, results, 0, newLength);
+ return results;
+ }
+
+
+ /**
+ * Retrieves an initialized instance of this password storage scheme.
+ *
+ * @return An initialized instance of this password storage scheme.
+ */
+ @Override
+ protected PasswordStorageScheme<?> getScheme() throws Exception
+ {
+ PBKDF2PasswordStorageScheme scheme =
+ new PBKDF2PasswordStorageScheme();
+
+ PBKDF2PasswordStorageSchemeCfg configuration =
+ AdminTestCaseUtils.getConfiguration(
+ PBKDF2PasswordStorageSchemeCfgDefn.getInstance(),
+ configEntry.getEntry()
+ );
+
+ scheme.initializePasswordStorageScheme(configuration);
+ return scheme;
+ }
+
+}
--
Gitblit v1.10.0