directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r540415 - in /directory/apacheds/trunk: kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/ kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/ kerberos-share...
Date Tue, 22 May 2007 04:14:42 GMT
Author: erodriguez
Date: Mon May 21 21:14:41 2007
New Revision: 540415

URL: http://svn.apache.org/viewvc?view=rev&rev=540415
Log:
Enabled test cases to work with and without unlimited strength policy installed.

Modified:
    directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactory.java
    directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandlerTest.java
    directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactoryTest.java
    directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KeyTypeTest.java
    directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/RandomKeyFactoryTest.java
    directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/keytab/KeytabTest.java
    directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/KeyDerivationServiceITest.java

Modified: directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactory.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactory.java?view=diff&rev=540415&r1=540414&r2=540415
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactory.java
(original)
+++ directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactory.java
Mon May 21 21:14:41 2007
@@ -95,11 +95,18 @@
             EncryptionType encryptionType = it.next();
             String algorithm = DEFAULT_CIPHERS.get( encryptionType );
 
-            KerberosKey kerberosKey = new KerberosKey( principal, passPhrase.toCharArray(),
algorithm );
-            EncryptionKey encryptionKey = new EncryptionKey( encryptionType, kerberosKey.getEncoded(),
kerberosKey
-                .getVersionNumber() );
+            try
+            {
+                KerberosKey kerberosKey = new KerberosKey( principal, passPhrase.toCharArray(),
algorithm );
+                EncryptionKey encryptionKey = new EncryptionKey( encryptionType, kerberosKey.getEncoded(),
kerberosKey
+                    .getVersionNumber() );
 
-            kerberosKeys.put( encryptionType, encryptionKey );
+                kerberosKeys.put( encryptionType, encryptionKey );
+            }
+            catch ( IllegalArgumentException iae )
+            {
+                // Algorithm AES256 not enabled
+            }
         }
 
         return kerberosKeys;

Modified: directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandlerTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandlerTest.java?view=diff&rev=540415&r1=540414&r2=540415
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandlerTest.java
(original)
+++ directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandlerTest.java
Mon May 21 21:14:41 2007
@@ -321,13 +321,25 @@
      * Tests the unsealing of Kerberos CipherText with a good password.  After decryption
and
      * an integrity check, an attempt is made to decode the bytes as an EncryptedTimestamp.
 The
      * result is timestamp data.
-     *
+     */
     public void testAes256GoodPasswordDecrypt()
     {
         CipherTextHandler lockBox = new CipherTextHandler();
         Class hint = EncryptedTimeStamp.class;
-        KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
-        KerberosKey kerberosKey = new KerberosKey( principal, "secret".toCharArray(), "AES256"
);
+
+        KerberosKey kerberosKey;
+
+        try
+        {
+            KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
+            kerberosKey = new KerberosKey( principal, "secret".toCharArray(), "AES256" );
+        }
+        catch ( IllegalArgumentException iae )
+        {
+            // Algorithm AES256 not enabled
+            return;
+        }
+
         EncryptionKey key = new EncryptionKey( EncryptionType.AES256_CTS_HMAC_SHA1_96, kerberosKey.getEncoded()
);
         EncryptedData data = new EncryptedData( EncryptionType.AES256_CTS_HMAC_SHA1_96, 0,
aes256EncryptedTimeStamp );
 
@@ -342,7 +354,6 @@
             fail( "Should not have caught exception." );
         }
     }
-    commented out until test if fixed for stock jvm */
 
 
     /**
@@ -351,12 +362,24 @@
      * as an EncryptedTimestamp.  The result is timestamp data.
      * 
      * @throws ParseException 
-     *
+     */
     public void testAes256GoodPasswordEncrypt() throws ParseException
     {
         CipherTextHandler lockBox = new CipherTextHandler();
-        KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
-        KerberosKey kerberosKey = new KerberosKey( principal, "secret".toCharArray(), "AES256"
);
+
+        KerberosKey kerberosKey;
+
+        try
+        {
+            KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
+            kerberosKey = new KerberosKey( principal, "secret".toCharArray(), "AES256" );
+        }
+        catch ( IllegalArgumentException iae )
+        {
+            // Algorithm AES256 not enabled
+            return;
+        }
+
         EncryptionKey key = new EncryptionKey( EncryptionType.AES256_CTS_HMAC_SHA1_96, kerberosKey.getEncoded()
);
 
         String zuluTime = "20070410190400Z";
@@ -388,7 +411,6 @@
             fail( "Should not have caught exception." );
         }
     }
-    commented out until test is fixed */
 
 
     protected EncryptedTimeStamp getEncryptedTimeStamp( String zuluTime, int microSeconds
) throws ParseException

Modified: directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactoryTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactoryTest.java?view=diff&rev=540415&r1=540414&r2=540415
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactoryTest.java
(original)
+++ directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactoryTest.java
Mon May 21 21:14:41 2007
@@ -93,27 +93,26 @@
 
 
     /**
-     * Tests that key derivation can be performed for an AES-256 key.  This test
-     * will fail if "unlimited strength" policy is not installed.
-     *
-     * @throws Exception
+     * Tests that key derivation can be performed for an AES-256 key.
      */
-    public void testAes256KerberosKey() throws Exception
+    public void testAes256KerberosKey()
     {
-        // KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
-        // KerberosKey key = new KerberosKey( principal, "secret".toCharArray(), "AES256"
);
-        //
-        // assertEquals( "AES256 key length", 32, key.getEncoded().length );
-        //
-        // SecretKey skey = new SecretKeySpec( key.getEncoded(), "AES" );
-        //
-        // aesCipher( skey );
+        try
+        {
+            KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
+            KerberosKey kerberosKey = new KerberosKey( principal, "secret".toCharArray(),
"AES256" );
+            assertEquals( "AES256 key length", 32, kerberosKey.getEncoded().length );
+        }
+        catch ( IllegalArgumentException iae )
+        {
+            // Algorithm AES256 not enabled
+        }
     }
 
 
     /**
      * Tests that key derivation can be performed by the factory for multiple cipher types.
-     *
+     */
     public void testKerberosKeyFactory()
     {
         String principalName = "hnelson@EXAMPLE.COM";
@@ -174,22 +173,27 @@
                 ( byte ) 0x41, ( byte ) 0x7B, ( byte ) 0x90 };
         assertTrue( Arrays.equals( expectedBytes, keyBytes ) );
 
-        // kerberosKey = map.get( EncryptionType.AES256_CTS_HMAC_SHA1_96 );
-        // keyType = kerberosKey.getKeyType();
-        // keyLength = kerberosKey.getKeyValue().length;
-        // keyBytes = kerberosKey.getKeyValue();
-        //
-        // assertEquals( keyType, EncryptionType.AES256_CTS_HMAC_SHA1_96 );
-        // assertEquals( keyLength, 32 );
-        // expectedBytes = new byte[]
-        //     { ( byte ) 0x3D, ( byte ) 0x33, ( byte ) 0x31, ( byte ) 0x8F, ( byte ) 0xBE,
( byte ) 0x47, ( byte ) 0xE5,
-        //         ( byte ) 0x2A, ( byte ) 0x21, ( byte ) 0x50, ( byte ) 0x77, ( byte ) 0xA4,
( byte ) 0x15,
-        //         ( byte ) 0x58, ( byte ) 0xCA, ( byte ) 0xE7, ( byte ) 0x36, ( byte ) 0x50,
( byte ) 0x1F,
-        //         ( byte ) 0xA7, ( byte ) 0xA4, ( byte ) 0x85, ( byte ) 0x82, ( byte ) 0x05,
( byte ) 0xF6,
-        //         ( byte ) 0x8F, ( byte ) 0x67, ( byte ) 0xA2, ( byte ) 0xB5, ( byte ) 0xEA,
( byte ) 0x0E, ( byte ) 0xBF };
-        // assertTrue( Arrays.equals( expectedBytes, keyBytes ) );
+        kerberosKey = map.get( EncryptionType.AES256_CTS_HMAC_SHA1_96 );
+
+        if ( kerberosKey != null )
+        {
+            keyType = kerberosKey.getKeyType();
+            keyLength = kerberosKey.getKeyValue().length;
+            keyBytes = kerberosKey.getKeyValue();
+
+            assertEquals( keyType, EncryptionType.AES256_CTS_HMAC_SHA1_96 );
+            assertEquals( keyLength, 32 );
+            expectedBytes = new byte[]
+                { ( byte ) 0x3D, ( byte ) 0x33, ( byte ) 0x31, ( byte ) 0x8F, ( byte ) 0xBE,
( byte ) 0x47,
+                    ( byte ) 0xE5, ( byte ) 0x2A, ( byte ) 0x21, ( byte ) 0x50, ( byte )
0x77, ( byte ) 0xA4,
+                    ( byte ) 0x15, ( byte ) 0x58, ( byte ) 0xCA, ( byte ) 0xE7, ( byte )
0x36, ( byte ) 0x50,
+                    ( byte ) 0x1F, ( byte ) 0xA7, ( byte ) 0xA4, ( byte ) 0x85, ( byte )
0x82, ( byte ) 0x05,
+                    ( byte ) 0xF6, ( byte ) 0x8F, ( byte ) 0x67, ( byte ) 0xA2, ( byte )
0xB5, ( byte ) 0xEA,
+                    ( byte ) 0x0E, ( byte ) 0xBF };
+            assertTrue( Arrays.equals( expectedBytes, keyBytes ) );
+        }
     }
-    commented out until test case is fixed */
+
 
     /**
      * Tests that key derivation can be performed by the factory for a specified cipher type.

Modified: directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KeyTypeTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KeyTypeTest.java?view=diff&rev=540415&r1=540414&r2=540415
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KeyTypeTest.java
(original)
+++ directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KeyTypeTest.java
Mon May 21 21:14:41 2007
@@ -20,6 +20,7 @@
 package org.apache.directory.server.kerberos.shared.crypto.encryption;
 
 
+import java.security.InvalidKeyException;
 import java.security.Provider;
 import java.security.Security;
 import java.util.Arrays;
@@ -171,18 +172,47 @@
 
 
     /**
-     * Tests that a CTS-mode AES cipher can be initialized.
+     * Tests that a CTS-mode AES cipher can be initialized
+     * with an AES-128 key.
      *
      * @throws Exception
      */
-    public void testAesCipher() throws Exception
+    public void testAes128Cipher() throws Exception
     {
-        KeyGenerator keygen = KeyGenerator.getInstance( "AES" );
-        SecretKey desKey = keygen.generateKey();
+        KeyGenerator keyGenerator = KeyGenerator.getInstance( "AES" );
+        keyGenerator.init( 128 );
+
+        SecretKey key = keyGenerator.generateKey();
 
         Cipher ecipher = Cipher.getInstance( "AES/CTS/NoPadding" );
-        ecipher.init( Cipher.ENCRYPT_MODE, desKey );
+        ecipher.init( Cipher.ENCRYPT_MODE, key );
         assertEquals( "Block size", 16, ecipher.getBlockSize() );
+    }
+
+
+    /**
+     * Tests that a CTS-mode AES cipher can be initialized
+     * with an AES-256 key.
+     *
+     * @throws Exception
+     */
+    public void testAes256Cipher() throws Exception
+    {
+        KeyGenerator keyGenerator = KeyGenerator.getInstance( "AES" );
+        keyGenerator.init( 256 );
+
+        SecretKey key = keyGenerator.generateKey();
+
+        try
+        {
+            Cipher ecipher = Cipher.getInstance( "AES/CTS/NoPadding" );
+            ecipher.init( Cipher.ENCRYPT_MODE, key );
+            assertEquals( "Block size", 16, ecipher.getBlockSize() );
+        }
+        catch ( InvalidKeyException ike )
+        {
+            // Without unlimited-strength crypto this will throw an exception.
+        }
     }
 
 

Modified: directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/RandomKeyFactoryTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/RandomKeyFactoryTest.java?view=diff&rev=540415&r1=540414&r2=540415
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/RandomKeyFactoryTest.java
(original)
+++ directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/RandomKeyFactoryTest.java
Mon May 21 21:14:41 2007
@@ -90,10 +90,10 @@
      */
     public void testGenerateAes256Key() throws Exception
     {
-        // KeyGenerator keygen = KeyGenerator.getInstance( "AES" );
-        // keygen.init( 256 );
-        // SecretKey key = keygen.generateKey();
-        // assertEquals( "AES key size", 32, key.getEncoded().length );
+        KeyGenerator keygen = KeyGenerator.getInstance( "AES" );
+        keygen.init( 256 );
+        SecretKey key = keygen.generateKey();
+        assertEquals( "AES key size", 32, key.getEncoded().length );
     }
 
 
@@ -161,12 +161,12 @@
         assertEquals( keyType, EncryptionType.AES128_CTS_HMAC_SHA1_96 );
         assertEquals( keyLength, 16 );
 
-        // kerberosKey = map.get( EncryptionType.AES256_CTS_HMAC_SHA1_96 );
-        // keyType = kerberosKey.getKeyType();
-        // keyLength = kerberosKey.getKeyValue().length;
+        kerberosKey = map.get( EncryptionType.AES256_CTS_HMAC_SHA1_96 );
+        keyType = kerberosKey.getKeyType();
+        keyLength = kerberosKey.getKeyValue().length;
 
-        // assertEquals( keyType, EncryptionType.AES256_CTS_HMAC_SHA1_96 );
-        // assertEquals( keyLength, 32 );
+        assertEquals( keyType, EncryptionType.AES256_CTS_HMAC_SHA1_96 );
+        assertEquals( keyLength, 32 );
     }
 
 

Modified: directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/keytab/KeytabTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/keytab/KeytabTest.java?view=diff&rev=540415&r1=540414&r2=540415
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/keytab/KeytabTest.java
(original)
+++ directory/apacheds/trunk/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/keytab/KeytabTest.java
Mon May 21 21:14:41 2007
@@ -141,7 +141,7 @@
      * Test the writing of a keytab file.
      *
      * @throws Exception
-     *
+     */
     public void testWriteKeytab() throws Exception
     {
         List<KeytabEntry> entries = new ArrayList<KeytabEntry>();
@@ -154,7 +154,6 @@
         ByteBuffer buffer = writer.write();
         assertEquals( "Expected file size.", 130, buffer.limit() );
     }
-    commented out until testcase is fixed */
 
 
     private KeytabEntry getEntry1() throws ParseException

Modified: directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/KeyDerivationServiceITest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/KeyDerivationServiceITest.java?view=diff&rev=540415&r1=540414&r2=540415
==============================================================================
--- directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/KeyDerivationServiceITest.java
(original)
+++ directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/KeyDerivationServiceITest.java
Mon May 21 21:14:41 2007
@@ -197,7 +197,8 @@
             userPassword = ( byte[] ) attributes.get( "userPassword" ).get();
         }
 
-        assertEquals( "Number of keys", 5, attributes.get( "krb5key" ).size() );
+        // Could be 4 or 5 depending on whether AES-256 is enabled or not.
+        assertTrue( "Number of keys", attributes.get( "krb5key" ).size() > 3 );
 
         byte[] testPasswordBytes =
             { ( byte ) 0x73, ( byte ) 0x65, ( byte ) 0x63, ( byte ) 0x72, ( byte ) 0x65,
( byte ) 0x74 };
@@ -259,7 +260,8 @@
             userPassword = ( byte[] ) attributes.get( "userPassword" ).get();
         }
 
-        assertEquals( "Number of keys", 5, attributes.get( "krb5key" ).size() );
+        // Could be 4 or 5 depending on whether AES-256 is enabled or not.
+        assertTrue( "Number of keys", attributes.get( "krb5key" ).size() > 3 );
 
         byte[] testBytes =
             { 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74 };



Mime
View raw message