*/
package org.opendaylight.aaa.encrypt.impl;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotEquals;
-import java.nio.charset.StandardCharsets;
-import java.util.Base64;
-import org.junit.Before;
-import org.junit.Test;
+import static org.junit.jupiter.api.Assertions.assertArrayEquals;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+import java.util.Arrays;
+import javax.crypto.BadPaddingException;
+import javax.crypto.IllegalBlockSizeException;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
import org.opendaylight.yang.gen.v1.config.aaa.authn.encrypt.service.config.rev160915.AaaEncryptServiceConfigBuilder;
/*
* @author - Sharon Aicler (saichler@gmail.com)
*/
@Deprecated
-public class AAAEncryptServiceImplTest {
+class AAAEncryptServiceImplTest {
private AAAEncryptionServiceImpl impl;
- @Before
- public void setup() {
+ @BeforeEach
+ void setup() {
impl = new AAAEncryptionServiceImpl(new EncryptServiceConfigImpl(
OSGiEncryptionServiceConfigurator.generateConfig(new AaaEncryptServiceConfigBuilder()
.setCipherTransforms("AES/CBC/PKCS5Padding")
.build())));
}
+ private void changePadding() {
+ impl = new AAAEncryptionServiceImpl(new EncryptServiceConfigImpl(
+ OSGiEncryptionServiceConfigurator.generateConfig(new AaaEncryptServiceConfigBuilder()
+ .setCipherTransforms("AES/CBC/NoPadding")
+ .setEncryptIterationCount(32768)
+ .setEncryptKey("")
+ .setEncryptKeyLength(128)
+ .setEncryptMethod("PBKDF2WithHmacSHA1")
+ .setEncryptSalt("")
+ .setEncryptType("AES")
+ .setPasswordLength(12)
+ .build())));
+ }
+
@Test
- public void testShortString() {
- String before = "shortone";
- String encrypt = impl.encrypt(before);
- assertNotEquals(before, encrypt);
- String after = impl.decrypt(encrypt);
- assertEquals(before, after);
+ void testShortString() throws Exception {
+ final var before = "shortone".getBytes();
+ final var encrypt = impl.encrypt(before);
+ assertFalse(Arrays.equals(before, encrypt));
+ assertArrayEquals(before, impl.decrypt(encrypt));
}
@Test
- public void testLongString() {
- String before = "This is a very long string to encrypt for testing 1...2...3";
- String encrypt = impl.encrypt(before);
- assertNotEquals(before, encrypt);
- String after = impl.decrypt(encrypt);
- assertEquals(before, after);
+ void testLongString() throws Exception {
+ final var before = "This is a very long string to encrypt for testing 1...2...3".getBytes();
+ final var encrypt = impl.encrypt(before);
+ assertFalse(Arrays.equals(before, encrypt));
+ assertArrayEquals(before, impl.decrypt(encrypt));
}
@Test
- public void testNetconfEncodedPasswordWithoutPadding() {
+ void testNetconfEncodedPasswordWithoutPadding() {
changePadding();
- String password = "bmV0Y29uZgo=";
- String unencrypted = impl.decrypt(password);
- assertEquals(password, unencrypted);
+ final var ex = assertThrows(IllegalBlockSizeException.class, () -> impl.decrypt("netconf\n".getBytes()));
+ assertEquals("Input length not multiple of 16 bytes", ex.getMessage());
}
@Test
- public void testNetconfEncodedPasswordWithPadding() {
- String password = "bmV0Y29uZgo=";
- String unencrypted = impl.decrypt(password);
- assertEquals(password, unencrypted);
+ void testNetconfEncodedPasswordWithPadding() {
+ final var ex = assertThrows(IllegalBlockSizeException.class, () -> impl.decrypt("netconf\n".getBytes()));
+ assertEquals("Input length must be multiple of 16 when decrypting with padded cipher", ex.getMessage());
}
@Test
- public void testNetconfPasswordWithoutPadding() {
+ void testNetconfPasswordWithoutPadding() {
changePadding();
- String password = "netconf";
- String encodedPassword = Base64.getEncoder().encodeToString(password.getBytes(StandardCharsets.UTF_8));
- String unencrypted = impl.decrypt(encodedPassword);
- assertEquals(encodedPassword, unencrypted);
+ final var ex = assertThrows(IllegalBlockSizeException.class, () -> impl.decrypt("netconf".getBytes()));
+ assertEquals("Input length not multiple of 16 bytes", ex.getMessage());
}
@Test
- public void testNetconfPasswordWithPadding() {
- String password = "netconf";
- String encodedPassword = Base64.getEncoder().encodeToString(password.getBytes(StandardCharsets.UTF_8));
- String unencrypted = impl.decrypt(encodedPassword);
- assertEquals(encodedPassword, unencrypted);
+ void testNetconfPasswordWithPadding() {
+ final var ex = assertThrows(IllegalBlockSizeException.class, () -> impl.decrypt("netconf".getBytes()));
+ assertEquals("Input length must be multiple of 16 when decrypting with padded cipher", ex.getMessage());
}
@Test
- public void testAdminEncodedPasswordWithoutPadding() {
+ void testAdminEncodedPasswordWithoutPadding() {
changePadding();
- String password = "YWRtaW4K";
- String unencrypted = impl.decrypt(password);
- assertEquals(password, unencrypted);
+ final var ex = assertThrows(IllegalBlockSizeException.class, () -> impl.decrypt("admin\n".getBytes()));
+ assertEquals("Input length not multiple of 16 bytes", ex.getMessage());
}
@Test
- public void testAdminEncodedPasswordWithPadding() {
- String password = "YWRtaW4K";
- String unencrypted = impl.decrypt(password);
- assertEquals(password, unencrypted);
+ void testAdminEncodedPasswordWithPadding() {
+ final var ex = assertThrows(IllegalBlockSizeException.class, () -> impl.decrypt("admin\n".getBytes()));
+ assertEquals("Input length must be multiple of 16 when decrypting with padded cipher", ex.getMessage());
}
@Test
- public void testAdminPasswordWithoutPadding() {
+ void testAdminPasswordWithoutPadding() {
changePadding();
- String password = "admin";
- String encodedPassword = Base64.getEncoder().encodeToString(password.getBytes(StandardCharsets.UTF_8));
- String unencrypted = impl.decrypt(encodedPassword);
- assertEquals(encodedPassword, unencrypted);
+ final var ex = assertThrows(IllegalBlockSizeException.class, () -> impl.decrypt("admin".getBytes()));
+ assertEquals("Input length not multiple of 16 bytes", ex.getMessage());
}
@Test
- public void testAdminPasswordWithPadding() {
- String password = "admin";
- String encodedPassword = Base64.getEncoder().encodeToString(password.getBytes(StandardCharsets.UTF_8));
- String unencrypted = impl.decrypt(encodedPassword);
- assertEquals(encodedPassword, unencrypted);
+ void testAdminPasswordWithPadding() {
+ final var ex = assertThrows(IllegalBlockSizeException.class, () -> impl.decrypt("admin".getBytes()));
+ assertEquals("Input length must be multiple of 16 when decrypting with padded cipher", ex.getMessage());
}
- private void changePadding() {
- impl = new AAAEncryptionServiceImpl(new EncryptServiceConfigImpl(
- OSGiEncryptionServiceConfigurator.generateConfig(new AaaEncryptServiceConfigBuilder()
- .setCipherTransforms("AES/CBC/NoPadding")
- .setEncryptIterationCount(32768)
- .setEncryptKey("")
- .setEncryptKeyLength(128)
- .setEncryptMethod("PBKDF2WithHmacSHA1")
- .setEncryptSalt("")
- .setEncryptType("AES")
- .setPasswordLength(12)
- .build())));
+ @Test
+ void testDecryptWithIllegalBlockSizeException() {
+ final var ex = assertThrows(IllegalBlockSizeException.class, () -> impl.decrypt("adminadmin".getBytes()));
+ assertEquals("Input length must be multiple of 16 when decrypting with padded cipher", ex.getMessage());
+ }
+
+ @Test
+ void testDecryptWithBadPaddingException() {
+ final var bytes = new byte[] { 85, -87, 98, 116, -23, -84, 123, -82, 4, -99, -54, 29, 121, -48, -38, -75 };
+ final var ex = assertThrows(BadPaddingException.class, () -> impl.decrypt(bytes));
+ assertEquals(
+ "Given final block not properly padded. Such issues can arise if a bad key is used during decryption.",
+ ex.getMessage());
}
}