[jboss-cvs] Picketbox SVN: r363 - in trunk/security-jboss-sx/jbosssx/src: test/java/org/jboss/test/security/vault and 2 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Dec 11 16:13:19 EST 2012
Author: pskopek at redhat.com
Date: 2012-12-11 16:13:18 -0500 (Tue, 11 Dec 2012)
New Revision: 363
Added:
trunk/security-jboss-sx/jbosssx/src/test/resources/long_alias_keystore/
trunk/security-jboss-sx/jbosssx/src/test/resources/long_alias_keystore/readme.txt
trunk/security-jboss-sx/jbosssx/src/test/resources/long_alias_keystore/vault.jks
Modified:
trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/plugins/vault/PicketBoxSecurityVault.java
trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/vault/SecurityVaultUnitTestCase.java
Log:
[SECURITY-708] - Long vault alias name causes "Vault Mismatch" at startup of AS7/EAP6
- fix + testcase
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/plugins/vault/PicketBoxSecurityVault.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/plugins/vault/PicketBoxSecurityVault.java 2012-12-04 19:03:43 UTC (rev 362)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/plugins/vault/PicketBoxSecurityVault.java 2012-12-11 21:13:18 UTC (rev 363)
@@ -249,7 +249,7 @@
uuid.append("LINE_BREAK");
uuid.append(publicCert);
- return Base64.encodeBytes(uuid.toString().getBytes()).getBytes();
+ return Base64.encodeBytes(uuid.toString().getBytes(), Base64.DONT_BREAK_LINES).getBytes();
}
/*
Modified: trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/vault/SecurityVaultUnitTestCase.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/vault/SecurityVaultUnitTestCase.java 2012-12-04 19:03:43 UTC (rev 362)
+++ trunk/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/security/vault/SecurityVaultUnitTestCase.java 2012-12-11 21:13:18 UTC (rev 363)
@@ -60,7 +60,12 @@
@Before
public void setup() throws Exception
{
- String dir = StringUtil.getSystemPropertyAsString(dataDir);
+ setupEncryptionFilesDir(dataDir);
+ }
+
+ private void setupEncryptionFilesDir(String directoryName) {
+
+ String dir = StringUtil.getSystemPropertyAsString(directoryName);
File encDir = new File(dir);
if(encDir.exists() == false)
@@ -127,6 +132,42 @@
}
@Test
+ public void testHandshakeForLongAlias() throws Exception
+ {
+
+ SecurityVault vault = SecurityVaultFactory.get();
+ String maskedPassword = getMaskedPassword("password1234", "87654321", 23);
+ String encDir = "${java.io.tmpdir}/long_alias_keystore/";
+ setupEncryptionFilesDir(encDir);
+
+ Map<String,Object> options = new HashMap<String,Object>();
+ options.put(PicketBoxSecurityVault.KEYSTORE_URL, "src/test/resources/long_alias_keystore/vault.jks");
+ options.put(PicketBoxSecurityVault.KEYSTORE_PASSWORD, maskedPassword);
+ options.put(PicketBoxSecurityVault.KEYSTORE_ALIAS, "superverylongvaultname");
+ options.put(PicketBoxSecurityVault.SALT, "87654321");
+ options.put(PicketBoxSecurityVault.ITERATION_COUNT, String.valueOf(23));
+ options.put(PicketBoxSecurityVault.ENC_FILE_DIR, encDir);
+
+ vault.init(options);
+ assertTrue("Vault is supposed to be inicialized", vault.isInitialized());
+
+ Map<String,Object> handshakeOptions = new HashMap<String,Object>();
+ handshakeOptions.put(PicketBoxSecurityVault.PUBLIC_CERT, "superverylongvaultname");
+
+ byte[] sharedKey = vault.handshake(handshakeOptions);
+ assertNotNull(sharedKey);
+
+ boolean containsLineBreaks = false;
+ for (byte b: sharedKey) {
+ if (b == '\n') {
+ containsLineBreaks = true;
+ break;
+ }
+ }
+ assertFalse("Shared key returned from hadshake cannot contain line break character", containsLineBreaks);
+ }
+
+ @Test
public void testStoreAndRetrieve() throws Exception
{
String vaultBlock = "SecBean";
Added: trunk/security-jboss-sx/jbosssx/src/test/resources/long_alias_keystore/readme.txt
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/test/resources/long_alias_keystore/readme.txt (rev 0)
+++ trunk/security-jboss-sx/jbosssx/src/test/resources/long_alias_keystore/readme.txt 2012-12-11 21:13:18 UTC (rev 363)
@@ -0,0 +1,2 @@
+Keystore created using:
+keytool -genkey -alias superverylongvaultname -keyalg RSA -keysize 2048 -keystore vault.jks -storepass password1234 -keypass password1234 -dname "CN=vault,O=example.com"
Added: trunk/security-jboss-sx/jbosssx/src/test/resources/long_alias_keystore/vault.jks
===================================================================
(Binary files differ)
Property changes on: trunk/security-jboss-sx/jbosssx/src/test/resources/long_alias_keystore/vault.jks
___________________________________________________________________
Added: svn:mime-type
+ application/octet-stream
More information about the jboss-cvs-commits
mailing list