David Lloyd created ELY-814:
-------------------------------
Summary: Comprehensive credential store tests
Key: ELY-814
URL:
https://issues.jboss.org/browse/ELY-814
Project: WildFly Elytron
Issue Type: Task
Components: Credential Store
Reporter: David Lloyd
We need comprehensive credential store tests, which include (but are not limited to):
* All credential store implementations:
** {{org.wildfly.security.credential.store.impl.KeyStoreCredentialStore}} (called {{K}}
below)
** {{org.wildfly.security.credential.store.impl.MapCredentialStore}} (called {{M}} below)
** {{org.wildfly.security.credential.store.impl.VaultCredentialStore}} (called {{V}}
below)
* Operation tests:
** Store and retrieve credentials of the following type:
*** Passwords (all variant algorithms of the following password types):
**** Clear ({{K}}, {{V}}, {{M}})
**** Digest ({{K}}, {{M}})
**** BCrypt ({{K}}, {{M}})
**** BSD UNIX DES ({{K}}, {{M}})
**** Masked passwords ({{K}}, {{M}})
**** SCRAM ({{K}}, {{M}})
**** Sun UNIX ({{K}}, {{M}})
**** UNIX DES ({{K}}, {{M}})
**** UNIX MD5 Crypt ({{K}}, {{M}})
**** UNIX SHA Crypt ({{K}}, {{M}})
*** Bearer tokens ({{K}}, {{M}})
*** GSS Credentials (GSSCredentialCredential) (just {{M}})
*** Key Pairs of the following algorithms:
**** RSA ({{K}}, {{M}})
**** DSA ({{K}}, {{M}})
**** EC ({{K}}, {{M}})
*** Public Keys of the following algorithms:
**** RSA ({{K}}, {{M}})
**** DSA ({{K}}, {{M}})
**** EC ({{K}}, {{M}})
*** X509 Certificate Chains (X509CertificateChainPrivateCredential) with keys of the
following algorithms:
**** RSA ({{K}}, {{M}})
**** DSA ({{K}}, {{M}})
*** Secret Keys of the following types:
**** AES ({{K}}, {{M}})
**** DES ({{K}}, {{M}})
**** DESede ({{K}}, {{M}})
** Flush to disk (ELY-813) ({{K}}, {{V}})
** Remove credentials ({{K}}, {{V}}, {{M}})
** Test credential matching (the same matching logic is used by retrieve, remove, and
store (replace)) ({{K}}, {{V}}, {{M}})
*** By credential type only ({{V}} will only support PasswordCredential)
*** By credential type and algorithm name ({{V}} will only support
ClearPassword.ALGORITHM_CLEAR)
*** By credential type, algorithm name, and parameters ({{V}} does not support
parameters)
** Iterate credentials by alias ({{K}}, {{V}}, {{M}})
** Apply a protection parameter to whole credential stores ({{K}}, {{V}})
*** Verify enforcement and failure if incorrect or missing
** Apply a protection parameter to individual credential store entries ({{K}}, {{V}},
{{M}})
*** Verify enforcement and failure if incorrect or missing
** Open existing credential store file and recover data ({{K}}, {{V}})
** Open and create new credential store file ({{K}}, {{V}})
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)