From 20144fb9f20657c5d86768d9b3a6a23d3f8ccbbf Mon Sep 17 00:00:00 2001 From: Robert Varga Date: Sun, 28 Jan 2024 01:54:25 +0100 Subject: [PATCH] Remove aaa.encrypt.PKIUtil PKIUtil requires Bouncy Castle, which means we are leaking it from an API artifact. There is only a single downstream user in netconf, which can very easily do what PKIUtil provides itself. JIRA: AAA-269 Change-Id: Icf509e1bd989f7609f7e072068dc4fb001b339eb Signed-off-by: Robert Varga --- aaa-cert/pom.xml | 4 + aaa-encrypt-service/api/pom.xml | 11 - .../org/opendaylight/aaa/encrypt/PKIUtil.java | 242 ------------------ .../opendaylight/aaa/encrypt/PKIUtilTest.java | 192 -------------- .../api/src/test/resources/dsa | 12 - .../api/src/test/resources/dsa_encrypted | 15 -- .../api/src/test/resources/ecdsa | 5 - .../api/src/test/resources/ecdsa_encrypted | 8 - .../api/src/test/resources/rsa | 27 -- .../api/src/test/resources/rsa_encrypted | 30 --- 10 files changed, 4 insertions(+), 542 deletions(-) delete mode 100644 aaa-encrypt-service/api/src/main/java/org/opendaylight/aaa/encrypt/PKIUtil.java delete mode 100644 aaa-encrypt-service/api/src/test/java/org/opendaylight/aaa/encrypt/PKIUtilTest.java delete mode 100644 aaa-encrypt-service/api/src/test/resources/dsa delete mode 100644 aaa-encrypt-service/api/src/test/resources/dsa_encrypted delete mode 100644 aaa-encrypt-service/api/src/test/resources/ecdsa delete mode 100644 aaa-encrypt-service/api/src/test/resources/ecdsa_encrypted delete mode 100644 aaa-encrypt-service/api/src/test/resources/rsa delete mode 100644 aaa-encrypt-service/api/src/test/resources/rsa_encrypted diff --git a/aaa-cert/pom.xml b/aaa-cert/pom.xml index 9ed5306c3..4f355c57e 100644 --- a/aaa-cert/pom.xml +++ b/aaa-cert/pom.xml @@ -30,6 +30,10 @@ and is available at http://www.eclipse.org/legal/epl-v10.html INTERNAL org.apache.commons commons-lang3 + + org.bouncycastle + bcpkix-jdk18on + org.bouncycastle bcprov-jdk18on diff --git a/aaa-encrypt-service/api/pom.xml b/aaa-encrypt-service/api/pom.xml index a61581e80..7ca281d45 100644 --- a/aaa-encrypt-service/api/pom.xml +++ b/aaa-encrypt-service/api/pom.xml @@ -12,15 +12,4 @@ aaa-encrypt-service ODL :: aaa :: ${project.artifactId} bundle - - - - org.bouncycastle - bcpkix-jdk18on - - - org.bouncycastle - bcprov-jdk18on - - diff --git a/aaa-encrypt-service/api/src/main/java/org/opendaylight/aaa/encrypt/PKIUtil.java b/aaa-encrypt-service/api/src/main/java/org/opendaylight/aaa/encrypt/PKIUtil.java deleted file mode 100644 index 97c5b067a..000000000 --- a/aaa-encrypt-service/api/src/main/java/org/opendaylight/aaa/encrypt/PKIUtil.java +++ /dev/null @@ -1,242 +0,0 @@ -/* - * Copyright (c) 2017 Brocade Communication Systems and others. All rights reserved. - * - * This program and the accompanying materials are made available under the - * terms of the Eclipse Public License v1.0 which accompanies this distribution, - * and is available at http://www.eclipse.org/legal/epl-v10.html - */ -package org.opendaylight.aaa.encrypt; - -import java.io.ByteArrayOutputStream; -import java.io.DataOutputStream; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStreamReader; -import java.io.Reader; -import java.io.StringReader; -import java.math.BigInteger; -import java.nio.charset.StandardCharsets; -import java.security.GeneralSecurityException; -import java.security.KeyFactory; -import java.security.KeyPair; -import java.security.NoSuchAlgorithmException; -import java.security.Provider; -import java.security.PublicKey; -import java.security.Security; -import java.security.interfaces.DSAParams; -import java.security.interfaces.DSAPublicKey; -import java.security.interfaces.RSAPublicKey; -import java.security.spec.DSAPublicKeySpec; -import java.security.spec.ECPoint; -import java.security.spec.ECPublicKeySpec; -import java.security.spec.RSAPublicKeySpec; -import java.util.Arrays; -import java.util.Base64; -import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey; -import org.bouncycastle.jce.ECNamedCurveTable; -import org.bouncycastle.jce.ECPointUtil; -import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; -import org.bouncycastle.jce.spec.ECNamedCurveSpec; -import org.bouncycastle.openssl.PEMDecryptorProvider; -import org.bouncycastle.openssl.PEMEncryptedKeyPair; -import org.bouncycastle.openssl.PEMKeyPair; -import org.bouncycastle.openssl.PEMParser; -import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; -import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder; - -/** - * PKI related utilities. - */ -public class PKIUtil { - @FunctionalInterface - private interface KeyFactorySupplier { - KeyFactory get() throws NoSuchAlgorithmException; - } - - private static final Provider BCPROV; - - static { - final Provider prov = Security.getProvider(BouncyCastleProvider.PROVIDER_NAME); - BCPROV = prov != null ? prov : new BouncyCastleProvider(); - } - - private static final String KEY_FACTORY_TYPE_RSA = "RSA"; - private static final String KEY_FACTORY_TYPE_DSA = "DSA"; - private static final String KEY_FACTORY_TYPE_ECDSA = "EC"; - - private static final KeyFactorySupplier RSA_KEY_FACTORY_SUPPLIER = resolveKeyFactory(KEY_FACTORY_TYPE_RSA); - private static final KeyFactorySupplier DSA_KEY_FACTORY_SUPPLIER = resolveKeyFactory(KEY_FACTORY_TYPE_DSA); - private static final KeyFactorySupplier ECDSA_KEY_FACTORY_SUPPLIER = resolveKeyFactory(KEY_FACTORY_TYPE_ECDSA); - - private static KeyFactorySupplier resolveKeyFactory(final String algorithm) { - final KeyFactory factory; - try { - factory = KeyFactory.getInstance(algorithm); - } catch (NoSuchAlgorithmException e) { - return () -> { - throw e; - }; - } - return () -> factory; - } - - private static final String ECDSA_SUPPORTED_CURVE_NAME = "nistp256"; - private static final String ECDSA_SUPPORTED_CURVE_NAME_SPEC = "secp256r1"; - private static final int ECDSA_THIRD_STR_LEN = 65; - private static final int ECDSA_TOTAL_STR_LEN = 104; - - private static final String KEY_TYPE_RSA = "ssh-rsa"; - private static final String KEY_TYPE_DSA = "ssh-dss"; - private static final String KEY_TYPE_ECDSA = "ecdsa-sha2-" + ECDSA_SUPPORTED_CURVE_NAME; - - private byte[] bytes = new byte[0]; - private int pos = 0; - - public PublicKey decodePublicKey(final String keyLine) throws GeneralSecurityException { - - // look for the Base64 encoded part of the line to decode - // both ssh-rsa and ssh-dss begin with "AAAA" due to the length bytes - bytes = Base64.getDecoder().decode(keyLine.getBytes(StandardCharsets.UTF_8)); - if (bytes.length == 0) { - throw new IllegalArgumentException("No Base64 part to decode in " + keyLine); - } - pos = 0; - - String type = decodeType(); - return switch (type) { - case KEY_TYPE_RSA -> decodeAsRSA(); - case KEY_TYPE_DSA -> decodeAsDSA(); - case KEY_TYPE_ECDSA -> decodeAsECDSA(); - default -> throw new IllegalArgumentException("Unknown decode key type " + type + " in " + keyLine); - }; - } - - @SuppressWarnings("AbbreviationAsWordInName") - private PublicKey decodeAsECDSA() throws GeneralSecurityException { - KeyFactory ecdsaFactory = ECDSA_KEY_FACTORY_SUPPLIER.get(); - - ECNamedCurveParameterSpec spec256r1 = ECNamedCurveTable.getParameterSpec(ECDSA_SUPPORTED_CURVE_NAME_SPEC); - ECNamedCurveSpec params256r1 = new ECNamedCurveSpec(ECDSA_SUPPORTED_CURVE_NAME_SPEC, spec256r1.getCurve(), - spec256r1.getG(), spec256r1.getN()); - // The total length is 104 bytes, and the X and Y encoding uses the last 65 of these 104 bytes. - ECPoint point = ECPointUtil.decodePoint(params256r1.getCurve(), - Arrays.copyOfRange(bytes, ECDSA_TOTAL_STR_LEN - ECDSA_THIRD_STR_LEN, ECDSA_TOTAL_STR_LEN)); - ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(point, params256r1); - - return ecdsaFactory.generatePublic(pubKeySpec); - } - - private PublicKey decodeAsDSA() throws GeneralSecurityException { - KeyFactory dsaFactory = DSA_KEY_FACTORY_SUPPLIER.get(); - BigInteger var1 = decodeBigInt(); - BigInteger var2 = decodeBigInt(); - BigInteger var3 = decodeBigInt(); - BigInteger var4 = decodeBigInt(); - DSAPublicKeySpec spec = new DSAPublicKeySpec(var4, var1, var2, var3); - - return dsaFactory.generatePublic(spec); - } - - private PublicKey decodeAsRSA() throws GeneralSecurityException { - KeyFactory rsaFactory = RSA_KEY_FACTORY_SUPPLIER.get(); - BigInteger exponent = decodeBigInt(); - BigInteger modulus = decodeBigInt(); - RSAPublicKeySpec spec = new RSAPublicKeySpec(modulus, exponent); - - return rsaFactory.generatePublic(spec); - } - - private String decodeType() { - int len = decodeInt(); - String type = new String(bytes, pos, len, StandardCharsets.UTF_8); - pos += len; - return type; - } - - private int decodeInt() { - return (bytes[pos++] & 0xFF) << 24 | (bytes[pos++] & 0xFF) << 16 | (bytes[pos++] & 0xFF) << 8 - | bytes[pos++] & 0xFF; - } - - private BigInteger decodeBigInt() { - int len = decodeInt(); - byte[] bigIntBytes = new byte[len]; - System.arraycopy(bytes, pos, bigIntBytes, 0, len); - pos += len; - return new BigInteger(bigIntBytes); - } - - public String encodePublicKey(final PublicKey publicKey) throws IOException { - ByteArrayOutputStream byteOs = new ByteArrayOutputStream(); - if (publicKey instanceof RSAPublicKey rsaPublicKey - && rsaPublicKey.getAlgorithm().equals(KEY_FACTORY_TYPE_RSA)) { - DataOutputStream dataOutputStream = new DataOutputStream(byteOs); - dataOutputStream.writeInt(KEY_TYPE_RSA.getBytes(StandardCharsets.UTF_8).length); - dataOutputStream.write(KEY_TYPE_RSA.getBytes(StandardCharsets.UTF_8)); - dataOutputStream.writeInt(rsaPublicKey.getPublicExponent().toByteArray().length); - dataOutputStream.write(rsaPublicKey.getPublicExponent().toByteArray()); - dataOutputStream.writeInt(rsaPublicKey.getModulus().toByteArray().length); - dataOutputStream.write(rsaPublicKey.getModulus().toByteArray()); - } else if (publicKey instanceof DSAPublicKey dsaPublicKey - && dsaPublicKey.getAlgorithm().equals(KEY_FACTORY_TYPE_DSA)) { - DSAParams dsaParams = dsaPublicKey.getParams(); - DataOutputStream dataOutputStream = new DataOutputStream(byteOs); - dataOutputStream.writeInt(KEY_TYPE_DSA.getBytes(StandardCharsets.UTF_8).length); - dataOutputStream.write(KEY_TYPE_DSA.getBytes(StandardCharsets.UTF_8)); - dataOutputStream.writeInt(dsaParams.getP().toByteArray().length); - dataOutputStream.write(dsaParams.getP().toByteArray()); - dataOutputStream.writeInt(dsaParams.getQ().toByteArray().length); - dataOutputStream.write(dsaParams.getQ().toByteArray()); - dataOutputStream.writeInt(dsaParams.getG().toByteArray().length); - dataOutputStream.write(dsaParams.getG().toByteArray()); - dataOutputStream.writeInt(dsaPublicKey.getY().toByteArray().length); - dataOutputStream.write(dsaPublicKey.getY().toByteArray()); - } else if (publicKey instanceof BCECPublicKey ecPublicKey - && ecPublicKey.getAlgorithm().equals(KEY_FACTORY_TYPE_ECDSA)) { - DataOutputStream dataOutputStream = new DataOutputStream(byteOs); - dataOutputStream.writeInt(KEY_TYPE_ECDSA.getBytes(StandardCharsets.UTF_8).length); - dataOutputStream.write(KEY_TYPE_ECDSA.getBytes(StandardCharsets.UTF_8)); - dataOutputStream.writeInt(ECDSA_SUPPORTED_CURVE_NAME.getBytes(StandardCharsets.UTF_8).length); - dataOutputStream.write(ECDSA_SUPPORTED_CURVE_NAME.getBytes(StandardCharsets.UTF_8)); - byte[] affineXCoord = ecPublicKey.getQ().getAffineXCoord().getEncoded(); - byte[] affineYCoord = ecPublicKey.getQ().getAffineYCoord().getEncoded(); - dataOutputStream.writeInt(affineXCoord.length + affineYCoord.length + 1); - dataOutputStream.writeByte(0x04); - dataOutputStream.write(affineXCoord); - dataOutputStream.write(affineYCoord); - } else { - throw new IllegalArgumentException("Unknown public key encoding: " + publicKey.getAlgorithm()); - } - - return Base64.getEncoder().encodeToString(byteOs.toByteArray()); - - } - - public KeyPair decodePrivateKey(final StringReader reader, final String passphrase) throws IOException { - return doDecodePrivateKey(reader, passphrase); - } - - public KeyPair decodePrivateKey(final String keyPath, final String passphrase) throws IOException { - try (Reader reader = new InputStreamReader(new FileInputStream(keyPath), StandardCharsets.UTF_8)) { - return doDecodePrivateKey(reader, passphrase); - } - } - - private static KeyPair doDecodePrivateKey(final Reader reader, final String passphrase) throws IOException { - try (PEMParser keyReader = new PEMParser(reader)) { - JcaPEMKeyConverter converter = new JcaPEMKeyConverter(); - PEMDecryptorProvider decryptionProv = new JcePEMDecryptorProviderBuilder().setProvider(BCPROV) - .build(passphrase.toCharArray()); - - Object privateKey = keyReader.readObject(); - KeyPair keyPair; - if (privateKey instanceof PEMEncryptedKeyPair pemPrivateKey) { - keyPair = converter.getKeyPair(pemPrivateKey.decryptKeyPair(decryptionProv)); - } else { - keyPair = converter.getKeyPair((PEMKeyPair) privateKey); - } - return keyPair; - } - } -} diff --git a/aaa-encrypt-service/api/src/test/java/org/opendaylight/aaa/encrypt/PKIUtilTest.java b/aaa-encrypt-service/api/src/test/java/org/opendaylight/aaa/encrypt/PKIUtilTest.java deleted file mode 100644 index 4c96e120e..000000000 --- a/aaa-encrypt-service/api/src/test/java/org/opendaylight/aaa/encrypt/PKIUtilTest.java +++ /dev/null @@ -1,192 +0,0 @@ -/* - * Copyright (c) 2017 Brocade Communication Systems and others. All rights reserved. - * - * This program and the accompanying materials are made available under the - * terms of the Eclipse Public License v1.0 which accompanies this distribution, - * and is available at http://www.eclipse.org/legal/epl-v10.html - */ -package org.opendaylight.aaa.encrypt; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertNull; - -import java.io.IOException; -import java.security.GeneralSecurityException; -import java.security.KeyPair; -import java.security.PublicKey; -import org.bouncycastle.openssl.EncryptionException; -import org.junit.Before; -import org.junit.Test; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class PKIUtilTest { - - private static final Logger LOG = LoggerFactory.getLogger(PKIUtilTest.class); - - private PKIUtil instance; - - @Before - public void setup() { - instance = new PKIUtil(); - } - - @Test - public void authorizedKeysDecoderValidRSAKey() throws GeneralSecurityException { - // given - String rsaStr = "AAAAB3NzaC1yc2EAAAADAQABAAABAQCvLigTfPZMqOQwHp051Co4lwwPwO21NFIXWgjQmCPEgRTqQpei7qQaxlLGkr" - + "IPjZtJQRgCuC+Sg8HFw1YpUaMybN0nFInInQLp/qe0yc9ByDZM2G86NX6W5W3+j87I8Fh1dnMov1iJ0DFVn8RLwdEGjreiZCRy" - + "JOMuHghh6y4EG7W8BwmZrse17zhSpc2wFOVhxeZnYAQFEw6g48LutFRDpoTjGgz1nz/L4zcaUxxigs8wdY+qTTOHxSTxlLqwSZ" - + "PFLyYrV2KJ9mKahMuYUy6o2b8snsjvnSjyK0kY+U0C6c8fmPDFUc0RqJqfdnsIUyh11U8d3NZdaFWg0UW0SNK3"; - // when - PublicKey serverKey = instance.decodePublicKey(rsaStr); - // then - assertEquals(serverKey.getAlgorithm(), "RSA"); - } - - @Test(expected = Exception.class) - public void authorizedKeysDecoderInvalidRSAKey() throws GeneralSecurityException { - // given - String rsaStr = "AAAB3NzaC1yc2EAAAADAQABAAABAQCvLigTfPZMqOQwHp051Co4lwwPwO21NFIXWgjQmCPEgRTqQpei7qQaxlLGkrI" - + "PjZtJQRgCuC+Sg8HFw1YpUaMybN0nFInInQLp/qe0yc9ByDZM2G86NX6W5W3+j87I8Fh1dnMov1iJ0DFVn8RLwdEGjreiZCRyJ" - + "OMuHghh6y4EG7W8BwmZrse17zhSpc2wFOVhxeZnYAQFEw6g48LutFRDpoTjGgz1nz/L4zcaUxxigs8wdY+qTTOHxSTxlLqwSZP" - + "FLyYrV2KJ9mKahMuYUy6o2b8snsjvnSjyK0kY+U0C6c8fmPDFUc0RqJqfdnsIUyh11U8d3NZdaFWg0UW0SNK3"; - // when - instance.decodePublicKey(rsaStr); - } - - @Test - public void authorizedKeysDecoderValidDSAKey() throws GeneralSecurityException { - // given - String dsaStr = "AAAAB3NzaC1kc3MAAACBANkM1e45lxlyV24QyWBAoESlHzhYYJUfk/yUd0+Dv28okyO71DmnJesYyUzsKDpnFLlnFh" - + "xTTUGSg90fdrdubLFkRTGnHhweegMCf6kU1xyE3U6bpyMdiOXH7fOS6Q2B+qtaQRB4R5TEhdoJX648Ng+YZvLwdbZh3r/et4P4" - + "6b3DAAAAFQDcu6qp67XRpzMoOS2fIL+VOxvmDwAAAIAeT3d/hbvzPoL8wV52gPtWJMU2EGoX/LJwc86Vn52NlxXB1EQSzZI50P" - + "gCKEckS80lj4GXO1ZyuBhdsBEz4rDtAIdZGW5z7WxTfcz0G2dOWmNOBqvu7j9ngfPrgtDVHYV2VL/4VpbmoPgkQLfbA9NWb6US" - + "2RnTO46rGbGurigDMQAAAIEAiI3REuOJAmgDow6HxbN0FM+RCe1JYDwJIsCRRK4JA9oYV4Pg897xqypOeXogutVu9usfcOJI6u" - + "k5OwwLqIUSaU+flgmL0LOXv4lH4+URqs7Or8+ABFTcVGGCxg0I3gwhlY2Vjc9nyHY15wqBYdUxLbe8HC6EQp9uwlLlb8LQ6a0="; - // when - PublicKey serverKey = instance.decodePublicKey(dsaStr); - // then - assertEquals(serverKey.getAlgorithm(), "DSA"); - } - - @Test(expected = IllegalArgumentException.class) - public void authorizedKeysDecoderInvalidDSAKey() throws GeneralSecurityException { - // given - String dsaStr = "AAAAB3Nzakc3MAAACBANkM1e45lxlyV24QyWBAoESlHzhYYJUfk/yUd0+Dv28okyO71DmnJesYyUzsKDpnFLlnFhxT" - + "TUGSg90fdrdubLFkRTGnHhweegMCf6kU1xyE3U6bpyMdiOXH7fOS6Q2B+qtaQRB4R5TEhdoJX648Ng+YZvLwdbZh3r/et4P46b" - + "3DAAAAFQDcu6qp67XRpzMoOS2fIL+VOxvmDwAAAIAeT3d/hbvzPoL8wV52gPtWJMU2EGoX/LJwc86Vn52NlxXB1EQSzZI50PgC" - + "KEckS80lj4GXO1ZyuBhdsBEz4rDtAIdZGW5z7WxTfcz0G2dOWmNOBqvu7j9ngfPrgtDVHYV2VL/4VpbmoPgkQLfbA9NWb6US2R" - + "nTO46rGbGurigDMQAAAIEAiI3REuOJAmgDow6HxbN0FM+RCe1JYDwJIsCRRK4JA9oYV4Pg897xqypOeXogutVu9usfcOJI6uk5" - + "OwwLqIUSaU+flgmL0LOXv4lH4+URqs7Or8+ABFTcVGGCxg0I3gwhlY2Vjc9nyHY15wqBYdUxLbe8HC6EQp9uwlLlb8LQ6a0="; - // when - instance.decodePublicKey(dsaStr); - } - - @Test - public void authorizedKeysDecoderValidEcDSAKey() throws GeneralSecurityException { - // given - String ecdsaStr = "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAP4dTrlwZmz8bZ1f901qWuFk7YelrL2WJG0" - + "jrCEAPo9UNM1wywpqjbaYUfoq+cevhLZaukDQ4N2Evux+YQ2zz0="; - // when - PublicKey serverKey = instance.decodePublicKey(ecdsaStr); - // then - assertEquals(serverKey.getAlgorithm(), "EC"); - } - - @Test(expected = IllegalArgumentException.class) - public void authorizedKeysDecoderInvalidEcDSAKey() throws GeneralSecurityException { - // given - String ecdsaStr = "AAAAE2VjZHNhLXNoItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAP4dTrlwZmz8bZ1f901qWuFk7YelrL2WJG0jr" - + "CEAPo9UNM1wywpqjbaYUfoq+cevhLZaukDQ4N2Evux+YQ2zz0="; - // when - instance.decodePublicKey(ecdsaStr); - } - - @Test(expected = IllegalArgumentException.class) - public void authorizedKeysDecoderInvalidKeyType() throws GeneralSecurityException { - // given - String ed25519Str = "AAAAC3NzaC1lZDI1NTE5AAAAICIvyX9C+u3KZmJ8x4DuqJg1iAKOPObCgkX9plrvu29R"; - // when - instance.decodePublicKey(ed25519Str); - } - - @Test(expected = IllegalArgumentException.class) - public void decodingOfBlankInputIsCaughtAsAnError() throws GeneralSecurityException { - // when - instance.decodePublicKey(""); - } - - @Test - public void testRSAKey() throws IOException { - KeyPair keyPair = instance.decodePrivateKey("src/test/resources/rsa", ""); - assertNotNull(keyPair); - } - - @Test - public void testRSAEncryptedKey() throws IOException { - KeyPair keyPair = null; - try { - keyPair = instance.decodePrivateKey("src/test/resources/rsa_encrypted", "passphrase"); - } catch (IOException e) { - LOG.error("Can not find file", e); - } - assertNotNull(keyPair); - } - - @Test(expected = EncryptionException.class) - public void testRSAWrongPassphrase() throws IOException { - KeyPair keyPair = instance.decodePrivateKey("src/test/resources/rsa_encrypted", "wrong"); - assertNull(keyPair); - } - - @Test - public void testDSAKey() throws IOException { - KeyPair keyPair = instance.decodePrivateKey("src/test/resources/dsa", ""); - assertNotNull(keyPair); - } - - @Test - public void testDSAEncryptedKey() throws IOException { - KeyPair keyPair = null; - try { - keyPair = instance.decodePrivateKey("src/test/resources/dsa_encrypted", "passphrase"); - } catch (IOException e) { - LOG.error("Can not find file", e); - } - assertNotNull(keyPair); - } - - @Test(expected = EncryptionException.class) - public void testDSAWrongPassphrase() throws IOException { - KeyPair keyPair = instance.decodePrivateKey("src/test/resources/dsa_encrypted", "wrong"); - assertNull(keyPair); - } - - @Test - @SuppressWarnings("AbbreviationAsWordInName") - public void testECDSAKey() throws IOException { - KeyPair keyPair = instance.decodePrivateKey("src/test/resources/ecdsa", ""); - assertNotNull(keyPair); - } - - @Test - @SuppressWarnings("AbbreviationAsWordInName") - public void testECDSAEncryptedKey() throws IOException { - KeyPair keyPair = null; - try { - keyPair = instance.decodePrivateKey("src/test/resources/ecdsa_encrypted", "passphrase"); - } catch (IOException e) { - LOG.error("Can not find file", e); - } - assertNotNull(keyPair); - } - - @Test(expected = EncryptionException.class) - @SuppressWarnings("AbbreviationAsWordInName") - public void testECDSAWrongPassphrase() throws IOException { - KeyPair keyPair = instance.decodePrivateKey("src/test/resources/ecdsa_encrypted", "wrong"); - assertNull(keyPair); - } -} diff --git a/aaa-encrypt-service/api/src/test/resources/dsa b/aaa-encrypt-service/api/src/test/resources/dsa deleted file mode 100644 index 68ed4d13a..000000000 --- a/aaa-encrypt-service/api/src/test/resources/dsa +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN DSA PRIVATE KEY----- -MIIBugIBAAKBgQDX2jD1uOw2ouCMmYa3ONWd/79UtIBoh3yRnL098mse0Uenhfib -+OhoH89eQSsuzr7rYaQmTYbPJbiNJW4TNV6uKVUCxA94tz7Q8EGeQBdK6RJ1s4p5 -drjRjBpv7FECXAva4lbmt391mKXrT15/lRPHa+F0NiknSfCT9gswV+forwIVAKtd -cQ9lRCU7EF0jRTXyOzzgCJQdAoGAdUFEoZBGzu20Wh1hZLgnU4CJDaXgYViMQ7dZ -uOTnU2zh79FswQr80FlgD7ki4MrjNRKEP7gnzB/k0Ohxha0Jci/gOcdQ1l4IUEGH -IdHRjectiBGvjyoPUaWqCXNus4SGRVDdNWOy+LDHKgVe7oV0ogheJjutuR6hZJ6S -0bejpfUCgYBfEfz5iIoInPUHqCroAU8jhZQk0GKVtTrBYXAYfubFHrE84f9cjgOx -PfMSXq/nsctPlpRasAnPBX7PnK2+vRHATZxHKWBt04X5FjhkZFI8mb9hoxhEEUaN -aiAAk6T9ECO+dUpzkHdhe44SuMdbS5iF7siuWVI91x7fMhWaS+7M6wIUJn1Bxaxb -HjGSrtESj4x14sl1J9Y= ------END DSA PRIVATE KEY----- \ No newline at end of file diff --git a/aaa-encrypt-service/api/src/test/resources/dsa_encrypted b/aaa-encrypt-service/api/src/test/resources/dsa_encrypted deleted file mode 100644 index 471a986d3..000000000 --- a/aaa-encrypt-service/api/src/test/resources/dsa_encrypted +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN DSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: AES-128-CBC,CE6BEEFDDD9D34F115A3356B4189A05E - -Ml+tLoRvTkJUlDABwksLkOD2F0g8kOObX5tNuS7vOMKM3YM7DgjR0Au4J7x5rQzn -+0hzWDQbbFdY71Ybe7UA8aSpkiig01Ti2c3aNHcXMPNTSLpaHCPTWmGp5eVwmB1D -OxvfwHhhAu1N1yKJBdgwFI1n+8EFU4qjROsElNB05/jcDeVGQsk0pG9HgJlw7WXM -8MkOi0YKcB/ig51sYP+cb9ZNs9+lTwY708l5kWV8MrocMoA5fb16shCBRsijBE6p -O6u9wjjRcOFvk2qZzZCCStcBkhRZhr+FBsvcuU9aHgcTKb3JXIhwXTKxkYspWn/z -qcWiC+4FVT/QnrU1bA0a/DE4AqjX9/yS3tRSX50W2X8wEcYnjay9ziaYAglt0bNJ -laCYNFKn5fdYQtBAOV/JerfrjGCOD54I1Ml7KV93m6GvVUlMabWbHdi6khaJahYj -eh2Sa+243JnH2sFpMGmXtTLXqZ90r44M4LjoafcPyC9sEE5Wo4FlBSCit0qrzdiq -SeWmWkjzeiB+s4F5vamYjICuSiUy2w5pKUZUtxWIwbb3TR63yK0+zIhevPoeplsk -Ho5E5e+NIGl+XjpWar7UVw== ------END DSA PRIVATE KEY----- \ No newline at end of file diff --git a/aaa-encrypt-service/api/src/test/resources/ecdsa b/aaa-encrypt-service/api/src/test/resources/ecdsa deleted file mode 100644 index 396ab593c..000000000 --- a/aaa-encrypt-service/api/src/test/resources/ecdsa +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIDSsy5OjA1O8UoAZPVaLQW6AO94uZfpz613OYNfyrJ0ioAoGCCqGSM49 -AwEHoUQDQgAEGHbGMutC96N8UDSdU2xVMi6gSQTIr7XfhBBEUP6GIZJ5uMvb8yy1 -nZf3WwMCXBrUOOb3MRRxl+0kxb7MBCcrWA== ------END EC PRIVATE KEY----- \ No newline at end of file diff --git a/aaa-encrypt-service/api/src/test/resources/ecdsa_encrypted b/aaa-encrypt-service/api/src/test/resources/ecdsa_encrypted deleted file mode 100644 index eae5538ae..000000000 --- a/aaa-encrypt-service/api/src/test/resources/ecdsa_encrypted +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN EC PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: AES-128-CBC,44F79772666E794C848D5BFD39E9C880 - -8F7aUxNriYZ+JDwir6lREQYcaUck14MP27niojRCssZKTDfBkMsknUcWQgCDqh4E -kAkClTRfdfrcPGLMhHDKhwrd/1EbEskOpXHdxIBAcKc7KhUSQyb3gZlRZdkaZWNo -Vt31vRK7tHhmmhlEPmZr7nzilH1yySkcXhNUQzZJJc0= ------END EC PRIVATE KEY----- \ No newline at end of file diff --git a/aaa-encrypt-service/api/src/test/resources/rsa b/aaa-encrypt-service/api/src/test/resources/rsa deleted file mode 100644 index 68e61eb9c..000000000 --- a/aaa-encrypt-service/api/src/test/resources/rsa +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEAq8ypxe2iWBmnY3DfDffK5OyW5Z7FIeLug6m7kRsGoat5jRXf -G3tWcYGkHokWL7QMf+PsQfOxy46+c7mmx0u20TRIVQ5qcJpwvfkkJg6xfh5u1Wno -K/rTxZ2Tno28yXwnMxItRqnpGxXl/DaPdMtxdO+MW0EQvMWwlrKgSEXSrZHoLWyR -A6jUN1t1noi9fT2Pq9xadhJWkD0TNZBx0aMqeg91OlCcPKBenpfMi8D/u+uMa/F3 -iznD6HxARUz1UJRtDi7cFMi0pYw0tlTZOMWDneQwI/lRdZ6JDWea+qRKQ4R2LAyf -lFlYi0ILLgfrd7uHbhRa3f/+CIJU4Jbv/2B9OwIDAQABAoIBAAH+sWX7+WueeKQd -9mkaHIAGA0aNTmqzUOO0f9oSf0Q3UoUB4QJXr0xIHhjArMJHC/IcOm0VoFXlxW5g -lIAx7+CEA+cA8Nl34aFDGFlcyFDXl5/gx/Jiyjy8NK+do7iPOYFNT7tHU86dtXr1 -Qzsu9ZVPBsk0ezZF8WP+lP/h161uRG3Ztcc0veljBVDuwVQO9s7Rr66/CmlUWLqw -dw38BNJHboza/8W/sft9NyEPz5u+OumFL3AtlHpu2K7CrZ+6WJ23QMMtON6mrNpK -ro485qVhUFEJ/IRkZsfpXVAQciJ1v9B9KuBpgKyoNJwkl6m7LlgSSBZSJlX7Q29e -bSJdpyECgYEA1eC24tsBZiQNws7XgFL2jMFtv8Y6ewZnx6dTWcp2xSRllvexZZSD -w2R4g0HIqXGLu/S13JOBpPAg7TwylsrPzX0FZ4qk+4++EEshwGYUY1OInmeSjlup -zA65WWplUQYPuXUAFuYMn6DoV661MZ5WWQ+TTNowIGI1oM5ad1a9ftECgYEAzaJx -2kFfZqGfiyG/8+SLWG8kw5UGOkdOtzD9mboc/J07QA5Lk0BX5zD5EK48vLS7GDPr -jmYNWH12Mol8d/PH3yAs/qe/ddkR7OyImAJOmaLYI51ZyrYSnp0Tb9ek1fMmmaY8 -Lf6SU/EeZ7C0rvm99x1eWizF46kgKJbTAlDodksCgYEAzzXlOihAVLr9cg1/j93Q -7FHCiJf+tI5iIXalNEsJgrpeikLzZZzbg4RllZU4WaGeZb0SLN/kLO5QmEdII/ve -FBHaGJSkfuymkZaY3pSHkCuwIvfpb26zNPXW8SA5hKRAu8b1DTpYZJc6QykKd0YW -FjcW2NBS7Cz6FA+YaiJpeOECgYEAvdVKD7er754jIBkvEGOa9C/em6O2lRSBKYLT -ixgSbG5mZVMNF8odnDNMqsZ/EaIy2jwMKHAzv85K0Iq12jK2AFi+0PRhPtT+xF70 -FoiCsThxGifH3ehJth3B9Mz5wf1vVAbvpXJO+aktbYHmu2WYpkl5cfvFT88w/eeG -squofpMCgYEAmfpGOGhFP44FUGSQ3hu9B5oEVRgz5HlT7UFW91vG1QnkH2ki95xB -x6/miOzmAQTa8U5PataFPe/8FFOKk6nweo1ZP18/C4RY63WeQJxCstHSsqevYlZa -yhvFwUxJoz3u3JywcDHBrbRTDZTmQgz4qWGtqSpW35lYc1mX85OTc0I= ------END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/aaa-encrypt-service/api/src/test/resources/rsa_encrypted b/aaa-encrypt-service/api/src/test/resources/rsa_encrypted deleted file mode 100644 index d48b04fcb..000000000 --- a/aaa-encrypt-service/api/src/test/resources/rsa_encrypted +++ /dev/null @@ -1,30 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: AES-128-CBC,1BB466DFE9DCC889D4FA4A9B767D7C0B - -DR/EgP23gGyjT1yffiBHSWgREeMivLXEpTbZvx4Bu4ey+gNEASTZI3Gs31uV6PFO -EeCekNIKURdnqcBaJLkWitdRkaEWCJePYBFTg4U6S/IPcLaelUCUVaM+Bfs46End -Z48FQfn/yBOjU1r0vnvM8fFYw4fQ2ixmuGUltX3VYThyzcmIzBz7cPQFpFx2JkQn -boWMUUkHQTnSQNEG9o9pJA0Mf5rBawjwJ/ftvzjLJOIau7o2DbK3k6aDvZmqcD99 -2WD58yjiMiPogl74iXzKyJS7RTWG129juUKDM3m3LDhVzFxV902BKdNZRKOSJhOU -zdDAnlX2NZjnK/6gFjyE/WwAI4JiNAntxbKgtBp4T7+RjsfMvEwFhSJUN2xs8SEd -siEu6B7mqWE1VQVPLlrAuar3OHHhueXbDJlZxc+RMQ/4mLCvYXU7FLMzz8Cs72ME -eKWSpxYHCdbdrGUCgvnDI5tmGSgEoWG6dwJViLO4sXpktY6vnvj5B0oCt04JEbyL -DgKQtRA0idGFq/+reRyxiiom1Ot91+WBc86O8WWn0ReK5Mv86OZgPjvAY8x9Msss -iPYn/OCCUQW9qadQVaY/7QnM8AOIRiu4RDo9azKfHfkPE+3UAiJDNmM/VSeXiXlV -X2PZ0ObpNyAFiZDIabdQ2pmdLPVm9Iy/aYfpaIPUnBpIWfpW/AP9ffLojVk9HfR6 -pIiTfs2TJaZ/LttNi4wSgAA3nGmJWCCO0SyT80I6wivSSkPlnj3wKyVPtFRPelb8 -a5CAuLGKpx7nUlgYAyg4Bw9H+s7txpm3MqpD3VcTIYcNzDeskq1TTlzxJ02MZyxA -3WENOWtbq9ZdTj1imgJcL+XCNPfF7UogPM5xCSiT1pz4uK9KMYwpLaprfVX3Po2D -tAMlyrNBs3pvueSHhA44op8h3mSPcXG6KlJc9Z9NR+C3ox7rDhx/plP456Ivd8cq -j9ciMHEM37yQnike8AmkYD/IKr3aACKQbJcFuzspVk0eBHBNXourXFrUD9eovbqW -TKUfm5cYrDnsaAsLwYwJBEf4KU35umU7gcgLj9WAInpqSSi+kgbu8b58PnrKQC24 -zPYpniaFiaCzVmrTE6O1kyybsT61sKvSNLS9BQgc0CAFEyqB8xSxB/KCwu3pv0BO -gPGrze/fp1zUfv12Ns1he5WwlrY1f+3LjJ6r0Xm2+5PbZOv9PURZU/CqLoJRBeKg -rMVwVKMhediZE+mwvQex/Lx0djFOuZ3mYSR2WB5tAqf62gKlA5wW6/LdawuBOzv7 -VVcSTgzoz3SY5k15afSlJOPGPR7hgqKePR4z64AHmiEbCHm6nA0D1dT0R3ErcGFa -t2J6s4SnObswY2Yd1Eg+4e6FUgOJ/RAozpSKXETVbNk4iUoDxsgz7KYx0eVX52mI -1vVvoPs4LIp/IxYgpFXf70TRYcDmGINmPb6Oibe7jEX3CuMQkrHc3f98t7uKM2fg -UuSEhEkoZvHMDvNm3HnfRgzcqVr8RLol4+yD/3yJf6IGA2p5OWcEg064Nog4gIW8 -sRpWC8J4RgMlUrpqwtxrQtG/ymrg3mJV+37ktGUD60pAgqXpNFkGI6WR+A+3H2WP ------END RSA PRIVATE KEY----- \ No newline at end of file -- 2.36.6