diff options
| author | Robert Godfrey <rgodfrey@apache.org> | 2014-08-20 09:03:56 +0000 |
|---|---|---|
| committer | Robert Godfrey <rgodfrey@apache.org> | 2014-08-20 09:03:56 +0000 |
| commit | 0a8364aeb6fd44519bb2887f2628f08297f1591f (patch) | |
| tree | df28eb109b337a877666044a8929611319c24daf /qpid/java | |
| parent | d52c2ef8fdc4a7e2b9d38eefe31887d5b9dc8354 (diff) | |
| download | qpid-python-0a8364aeb6fd44519bb2887f2628f08297f1591f.tar.gz | |
QPID-6017 : Attempt 2 to skip tests that require strong encryption when strong encryption is not available in the Java environment
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1619054 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'qpid/java')
2 files changed, 196 insertions, 173 deletions
diff --git a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypterFactoryTest.java b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypterFactoryTest.java index ac853a1242..320c5dbdc8 100644 --- a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypterFactoryTest.java +++ b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypterFactoryTest.java @@ -44,7 +44,6 @@ import java.util.UUID; import javax.crypto.Cipher; -import org.junit.Assume; import org.mockito.ArgumentCaptor; import org.mockito.invocation.InvocationOnMock; import org.mockito.stubbing.Answer; @@ -88,18 +87,19 @@ public class AESKeyFileEncrypterFactoryTest extends QpidTestCase public void testCreateKeyInDefaultLocation() throws Exception { - Assume.assumeTrue(isStrongEncryptionEnabled()); - - ConfigurationSecretEncrypter encrypter = _factory.createEncrypter(_broker); + if(isStrongEncryptionEnabled()) + { + ConfigurationSecretEncrypter encrypter = _factory.createEncrypter(_broker); - KeyFilePathChecker keyFilePathChecker = new KeyFilePathChecker(); + KeyFilePathChecker keyFilePathChecker = new KeyFilePathChecker(); - doChecks(encrypter, keyFilePathChecker); + doChecks(encrypter, keyFilePathChecker); - String pathName = (String) _broker.getContext().get(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE); + String pathName = (String) _broker.getContext().get(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE); - // check the context variable was set - assertEquals(keyFilePathChecker.getKeyFile().toString(), pathName); + // check the context variable was set + assertEquals(keyFilePathChecker.getKeyFile().toString(), pathName); + } } private void doChecks(final ConfigurationSecretEncrypter encrypter, @@ -120,105 +120,116 @@ public class AESKeyFileEncrypterFactoryTest extends QpidTestCase public void testSettingContextKeyLeadsToFileCreation() throws Exception { - Assume.assumeTrue(isStrongEncryptionEnabled()); - - String filename = UUID.randomUUID().toString() + ".key"; - String subdirName = getTestName() + File.separator + "test"; - String fileLocation = _tmpDir.toString() + File.separator + subdirName + File.separator + filename; - - when(_broker.getContextKeys(eq(false))).thenReturn(Collections.singleton(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE)); - when(_broker.getContextValue(eq(String.class), eq(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE))).thenReturn(fileLocation); + if(isStrongEncryptionEnabled()) + { + String filename = UUID.randomUUID().toString() + ".key"; + String subdirName = getTestName() + File.separator + "test"; + String fileLocation = _tmpDir.toString() + File.separator + subdirName + File.separator + filename; - ConfigurationSecretEncrypter encrypter = _factory.createEncrypter(_broker); + when(_broker.getContextKeys(eq(false))).thenReturn(Collections.singleton(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE)); + when(_broker.getContextValue(eq(String.class), + eq(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE))).thenReturn(fileLocation); - KeyFilePathChecker keyFilePathChecker = new KeyFilePathChecker(subdirName, filename); + ConfigurationSecretEncrypter encrypter = _factory.createEncrypter(_broker); - doChecks(encrypter, keyFilePathChecker); + KeyFilePathChecker keyFilePathChecker = new KeyFilePathChecker(subdirName, filename); + doChecks(encrypter, keyFilePathChecker); + } } public void testUnableToCreateFileInSpecifiedLocation() throws Exception { - Assume.assumeTrue(isStrongEncryptionEnabled()); + if(isStrongEncryptionEnabled()) + { - String filename = UUID.randomUUID().toString() + ".key"; - String subdirName = getTestName() + File.separator + "test"; - String fileLocation = _tmpDir.toString() + File.separator + subdirName + File.separator + filename; + String filename = UUID.randomUUID().toString() + ".key"; + String subdirName = getTestName() + File.separator + "test"; + String fileLocation = _tmpDir.toString() + File.separator + subdirName + File.separator + filename; - when(_broker.getContextKeys(eq(false))).thenReturn(Collections.singleton(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE)); - when(_broker.getContextValue(eq(String.class), eq(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE))).thenReturn(fileLocation); + when(_broker.getContextKeys(eq(false))).thenReturn(Collections.singleton(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE)); + when(_broker.getContextValue(eq(String.class), + eq(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE))).thenReturn(fileLocation); - Files.createDirectories(Paths.get(fileLocation)); + Files.createDirectories(Paths.get(fileLocation)); - try - { - ConfigurationSecretEncrypter encrypter = _factory.createEncrypter(_broker); - fail("should not be able to create a key file where a directory currently is"); - } - catch(IllegalArgumentException e) - { - // pass + try + { + ConfigurationSecretEncrypter encrypter = _factory.createEncrypter(_broker); + fail("should not be able to create a key file where a directory currently is"); + } + catch (IllegalArgumentException e) + { + // pass + } } } public void testPermissionsAreChecked() throws Exception { - Assume.assumeTrue(isStrongEncryptionEnabled()); + if(isStrongEncryptionEnabled()) + { - String filename = UUID.randomUUID().toString() + ".key"; - String subdirName = getTestName() + File.separator + "test"; - String fileLocation = _tmpDir.toString() + File.separator + subdirName + File.separator + filename; + String filename = UUID.randomUUID().toString() + ".key"; + String subdirName = getTestName() + File.separator + "test"; + String fileLocation = _tmpDir.toString() + File.separator + subdirName + File.separator + filename; - when(_broker.getContextKeys(eq(false))).thenReturn(Collections.singleton(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE)); - when(_broker.getContextValue(eq(String.class), eq(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE))).thenReturn(fileLocation); + when(_broker.getContextKeys(eq(false))).thenReturn(Collections.singleton(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE)); + when(_broker.getContextValue(eq(String.class), + eq(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE))).thenReturn(fileLocation); - Files.createDirectories(Paths.get(_tmpDir.toString(), subdirName)); + Files.createDirectories(Paths.get(_tmpDir.toString(), subdirName)); - File file = new File(fileLocation); - file.createNewFile(); - Files.setPosixFilePermissions(file.toPath(), EnumSet.of(PosixFilePermission.OWNER_READ,PosixFilePermission.GROUP_READ)); + File file = new File(fileLocation); + file.createNewFile(); + Files.setPosixFilePermissions(file.toPath(), + EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.GROUP_READ)); - try - { - ConfigurationSecretEncrypter encrypter = _factory.createEncrypter(_broker); - fail("should not be able to create a key file where the file is readable"); - } - catch(IllegalArgumentException e) - { - // pass + try + { + ConfigurationSecretEncrypter encrypter = _factory.createEncrypter(_broker); + fail("should not be able to create a key file where the file is readable"); + } + catch (IllegalArgumentException e) + { + // pass + } } } public void testInvalidKey() throws Exception { - Assume.assumeTrue(isStrongEncryptionEnabled()); - - String filename = UUID.randomUUID().toString() + ".key"; - String subdirName = getTestName() + File.separator + "test"; - String fileLocation = _tmpDir.toString() + File.separator + subdirName + File.separator + filename; + if(isStrongEncryptionEnabled()) + { + String filename = UUID.randomUUID().toString() + ".key"; + String subdirName = getTestName() + File.separator + "test"; + String fileLocation = _tmpDir.toString() + File.separator + subdirName + File.separator + filename; - when(_broker.getContextKeys(eq(false))).thenReturn(Collections.singleton(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE)); - when(_broker.getContextValue(eq(String.class), eq(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE))).thenReturn(fileLocation); + when(_broker.getContextKeys(eq(false))).thenReturn(Collections.singleton(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE)); + when(_broker.getContextValue(eq(String.class), + eq(AESKeyFileEncrypterFactory.ENCRYPTER_KEY_FILE))).thenReturn(fileLocation); - Files.createDirectories(Paths.get(_tmpDir.toString(), subdirName)); + Files.createDirectories(Paths.get(_tmpDir.toString(), subdirName)); - File file = new File(fileLocation); - try(FileOutputStream fos = new FileOutputStream(file)) - { - fos.write("This is not an AES key. It is a string saying it is not an AES key".getBytes(StandardCharsets.US_ASCII)); - } - Files.setPosixFilePermissions(file.toPath(), EnumSet.of(PosixFilePermission.OWNER_READ)); + File file = new File(fileLocation); + try (FileOutputStream fos = new FileOutputStream(file)) + { + fos.write("This is not an AES key. It is a string saying it is not an AES key".getBytes( + StandardCharsets.US_ASCII)); + } + Files.setPosixFilePermissions(file.toPath(), EnumSet.of(PosixFilePermission.OWNER_READ)); - try - { - ConfigurationSecretEncrypter encrypter = _factory.createEncrypter(_broker); - fail("should not be able to start where the key is not a valid key"); - } - catch(IllegalArgumentException e) - { - // pass + try + { + ConfigurationSecretEncrypter encrypter = _factory.createEncrypter(_broker); + fail("should not be able to start where the key is not a valid key"); + } + catch (IllegalArgumentException e) + { + // pass + } } } diff --git a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypterTest.java b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypterTest.java index 252ae23e78..3feb458a8b 100644 --- a/qpid/java/broker-core/src/test/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypterTest.java +++ b/qpid/java/broker-core/src/test/java/org/apache/qpid/server/security/encryption/AESKeyFileEncrypterTest.java @@ -32,8 +32,6 @@ import javax.crypto.SecretKeyFactory; import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.SecretKeySpec; -import org.junit.Assume; - import org.apache.qpid.test.utils.QpidTestCase; public class AESKeyFileEncrypterTest extends QpidTestCase @@ -43,65 +41,73 @@ public class AESKeyFileEncrypterTest extends QpidTestCase public void testSimpleEncryptDecrypt() throws Exception { - Assume.assumeTrue(isStrongEncryptionEnabled()); - doTestSimpleEncryptDecrypt(PLAINTEXT); + if(isStrongEncryptionEnabled()) + { + doTestSimpleEncryptDecrypt(PLAINTEXT); + } } public void testRepeatedEncryptionsReturnDifferentValues() throws Exception { - Assume.assumeTrue(isStrongEncryptionEnabled()); - SecretKeySpec secretKey = createSecretKey(); - AESKeyFileEncrypter encrypter = new AESKeyFileEncrypter(secretKey); + if(isStrongEncryptionEnabled()) + { + SecretKeySpec secretKey = createSecretKey(); + AESKeyFileEncrypter encrypter = new AESKeyFileEncrypter(secretKey); - Set<String> encryptions = new HashSet<>(); + Set<String> encryptions = new HashSet<>(); - int iterations = 100; + int iterations = 100; - for(int i = 0; i < iterations; i++) - { - encryptions.add(encrypter.encrypt(PLAINTEXT)); - } + for (int i = 0; i < iterations; i++) + { + encryptions.add(encrypter.encrypt(PLAINTEXT)); + } - assertEquals("Not all encryptions were distinct", iterations, encryptions.size()); + assertEquals("Not all encryptions were distinct", iterations, encryptions.size()); - for(String encrypted : encryptions) - { - assertEquals("Not all encryptions decrypt correctly", PLAINTEXT, encrypter.decrypt(encrypted)); + for (String encrypted : encryptions) + { + assertEquals("Not all encryptions decrypt correctly", PLAINTEXT, encrypter.decrypt(encrypted)); + } } } public void testCreationFailsOnInvalidSecret() throws Exception { - Assume.assumeTrue(isStrongEncryptionEnabled()); - try - { - new AESKeyFileEncrypter(null); - fail("An encrypter should not be creatable from a null key"); - } - catch(NullPointerException e) - { - // pass - } - - try - { - PBEKeySpec keySpec = new PBEKeySpec("password".toCharArray()); - SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWithMD5AndDES"); - new AESKeyFileEncrypter(factory.generateSecret(keySpec)); - fail("An encrypter should not be creatable from the wrong type of secret key"); - } - catch (IllegalArgumentException e) - { - // pass + if(isStrongEncryptionEnabled()) + { + try + { + new AESKeyFileEncrypter(null); + fail("An encrypter should not be creatable from a null key"); + } + catch (NullPointerException e) + { + // pass + } + + try + { + PBEKeySpec keySpec = new PBEKeySpec("password".toCharArray()); + SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWithMD5AndDES"); + new AESKeyFileEncrypter(factory.generateSecret(keySpec)); + fail("An encrypter should not be creatable from the wrong type of secret key"); + } + catch (IllegalArgumentException e) + { + // pass + } } } public void testEncryptionOfEmptyString() throws Exception { - Assume.assumeTrue(isStrongEncryptionEnabled()); - String text = ""; - doTestSimpleEncryptDecrypt(text); + if(isStrongEncryptionEnabled()) + { + String text = ""; + doTestSimpleEncryptDecrypt(text); + } } private void doTestSimpleEncryptDecrypt(final String text) @@ -119,32 +125,36 @@ public class AESKeyFileEncrypterTest extends QpidTestCase public void testEncryptingNullFails() throws Exception { - Assume.assumeTrue(isStrongEncryptionEnabled()); - try + if(isStrongEncryptionEnabled()) { - SecretKeySpec secretKey = createSecretKey(); - AESKeyFileEncrypter encrypter = new AESKeyFileEncrypter(secretKey); + try + { + SecretKeySpec secretKey = createSecretKey(); + AESKeyFileEncrypter encrypter = new AESKeyFileEncrypter(secretKey); - String encrypted = encrypter.encrypt(null); - fail("Attempting to encrypt null should fail"); - } - catch(NullPointerException e) - { - // pass + String encrypted = encrypter.encrypt(null); + fail("Attempting to encrypt null should fail"); + } + catch (NullPointerException e) + { + // pass + } } } public void testEncryptingVeryLargeSecret() throws Exception { - Assume.assumeTrue(isStrongEncryptionEnabled()); - Random random = new Random(); - byte[] data = new byte[4096]; - random.nextBytes(data); - for(int i = 0; i < data.length; i++) + if(isStrongEncryptionEnabled()) { - data[i] = (byte)(data[i] & 0xEF); + Random random = new Random(); + byte[] data = new byte[4096]; + random.nextBytes(data); + for (int i = 0; i < data.length; i++) + { + data[i] = (byte) (data[i] & 0xEF); + } + doTestSimpleEncryptDecrypt(new String(data, StandardCharsets.US_ASCII)); } - doTestSimpleEncryptDecrypt(new String(data, StandardCharsets.US_ASCII)); } private boolean isStrongEncryptionEnabled() throws NoSuchAlgorithmException @@ -154,49 +164,51 @@ public class AESKeyFileEncrypterTest extends QpidTestCase public void testDecryptNonsense() throws Exception { - Assume.assumeTrue(isStrongEncryptionEnabled()); - SecretKeySpec secretKey = createSecretKey(); - AESKeyFileEncrypter encrypter = new AESKeyFileEncrypter(secretKey); - - - try + if(isStrongEncryptionEnabled()) { - encrypter.decrypt(null); - fail("Should not decrypt a null value"); - } - catch(NullPointerException e) - { - // pass - } - - try - { - encrypter.decrypt(""); - fail("Should not decrypt the empty String"); - } - catch(IllegalArgumentException e) - { - // pass - } + SecretKeySpec secretKey = createSecretKey(); + AESKeyFileEncrypter encrypter = new AESKeyFileEncrypter(secretKey); - try - { - encrypter.decrypt("thisisnonsense"); - fail("Should not decrypt a small amount of nonsense"); - } - catch(IllegalArgumentException e) - { - // pass - } - try - { - String answer = encrypter.decrypt("thisisn'tvalidBase64!soitshouldfailwithanIllegalArgumentException"); - fail("Should not decrypt a larger amount of nonsense"); - } - catch(IllegalArgumentException e) - { - // pass + try + { + encrypter.decrypt(null); + fail("Should not decrypt a null value"); + } + catch (NullPointerException e) + { + // pass + } + + try + { + encrypter.decrypt(""); + fail("Should not decrypt the empty String"); + } + catch (IllegalArgumentException e) + { + // pass + } + + try + { + encrypter.decrypt("thisisnonsense"); + fail("Should not decrypt a small amount of nonsense"); + } + catch (IllegalArgumentException e) + { + // pass + } + + try + { + String answer = encrypter.decrypt("thisisn'tvalidBase64!soitshouldfailwithanIllegalArgumentException"); + fail("Should not decrypt a larger amount of nonsense"); + } + catch (IllegalArgumentException e) + { + // pass + } } } |