@Test
public void testCreateMasterKeyNoSalt()
throws InvalidKeySpecException, NoSuchAlgorithmException, NoSuchProviderException {
SaltedSecretKey masterKeyForPasswordTestNoSalt1 = CipherUtil.createMasterKey("Test");
SaltedSecretKey masterKeyForPasswordTestNoSalt2 = CipherUtil.createMasterKey("Test");
logger.log(Level.INFO, "Key comparison for password 'Test':");
logger.log(
Level.INFO,
"- Master key 1: " + StringUtil.toHex(masterKeyForPasswordTestNoSalt1.getEncoded()));
logger.log(
Level.INFO,
" with salt: " + StringUtil.toHex(masterKeyForPasswordTestNoSalt1.getSalt()));
logger.log(
Level.INFO,
"- Master key 2: " + StringUtil.toHex(masterKeyForPasswordTestNoSalt2.getEncoded()));
logger.log(
Level.INFO,
" with salt: " + StringUtil.toHex(masterKeyForPasswordTestNoSalt2.getSalt()));
assertFalse(
Arrays.equals(
masterKeyForPasswordTestNoSalt1.getSalt(), masterKeyForPasswordTestNoSalt2.getSalt()));
assertFalse(
Arrays.equals(
masterKeyForPasswordTestNoSalt1.getEncoded(),
masterKeyForPasswordTestNoSalt2.getEncoded()));
}
@Test
public void testCreateRandomArray()
throws InvalidKeySpecException, NoSuchAlgorithmException, NoSuchProviderException {
byte[] randomArray1 = CipherUtil.createRandomArray(10);
byte[] randomArray2 = CipherUtil.createRandomArray(10);
assertEquals(10, randomArray1.length);
assertEquals(10, randomArray2.length);
assertFalse(Arrays.equals(randomArray1, randomArray2));
}
private void testEncrypt(byte[] originalData, List<CipherSpec> cipherSpecs) throws IOException {
SaltedSecretKey masterKey = createDummyMasterKey();
byte[] ciphertext =
CipherUtil.encrypt(new ByteArrayInputStream(originalData), cipherSpecs, masterKey);
byte[] plaintext = CipherUtil.decrypt(new ByteArrayInputStream(ciphertext), masterKey);
assertFalse(Arrays.equals(originalData, ciphertext));
assertTrue(Arrays.equals(originalData, plaintext));
}
@Test
public void testCreateMasterKeyWithSalt()
throws InvalidKeySpecException, NoSuchAlgorithmException, NoSuchProviderException {
long timeStart = System.currentTimeMillis();
SaltedSecretKey masterKeyForPasswordTestAndSalt123 =
CipherUtil.createMasterKey("Test", new byte[] {1, 2, 3});
long timeEnd = System.currentTimeMillis();
long timeDuration = timeEnd - timeStart;
logger.log(Level.INFO, "Creating master key took " + timeDuration + "ms:");
logger.log(
Level.INFO,
" - Key: " + StringUtil.toHex(masterKeyForPasswordTestAndSalt123.getEncoded()));
logger.log(
Level.INFO, " - Salt: " + StringUtil.toHex(masterKeyForPasswordTestAndSalt123.getSalt()));
assertEquals("010203", StringUtil.toHex(masterKeyForPasswordTestAndSalt123.getSalt()));
assertEquals(
"44fda24d53b29828b62c362529bd9df5c8a92c2736bcae3a28b3d7b44488e36e246106aa5334813028abb2048eeb5e177df1c702d93cf82aeb7b6d59a8534ff0",
StringUtil.toHex(masterKeyForPasswordTestAndSalt123.getEncoded()));
assertEquals(
CipherUtil.MASTER_KEY_SIZE / 8, masterKeyForPasswordTestAndSalt123.getEncoded().length);
assertEquals("PBKDF2WithHmacSHA1", masterKeyForPasswordTestAndSalt123.getAlgorithm());
assertEquals("RAW", masterKeyForPasswordTestAndSalt123.getFormat());
assertTrue(timeDuration > 5000);
}
public static Config createTestLocalConfig(String machineName, TransferSettings connection)
throws Exception {
File tempLocalDir =
TestFileUtil.createTempDirectoryInSystemTemp(
createUniqueName("client-" + machineName, connection));
tempLocalDir.mkdirs();
RepoTO repoTO = createRepoTO();
// Create config TO
ConfigTO configTO = new ConfigTO();
configTO.setMachineName(machineName + CipherUtil.createRandomAlphabeticString(20));
// Get Masterkey
SaltedSecretKey masterKey = getMasterKey();
configTO.setMasterKey(masterKey);
LocalConnection localConnection = (LocalConnection) connection;
// Create connection TO
Map<String, String> localConnectionSettings = new HashMap<String, String>();
localConnectionSettings.put("path", localConnection.getRepositoryPath().getAbsolutePath());
ConnectionTO connectionTO = new ConnectionTO();
if (connection instanceof UnreliableLocalConnection) { // Dirty hack
UnreliableLocalConnection unreliableConnection = (UnreliableLocalConnection) connection;
String failingPatterns =
StringUtil.join(unreliableConnection.getFailingOperationPatterns(), ",");
localConnectionSettings.put("patterns", failingPatterns);
connectionTO.setType("unreliable_local");
connectionTO.setSettings(localConnectionSettings);
} else {
connectionTO.setType("local");
connectionTO.setSettings(localConnectionSettings);
}
configTO.setConnectionTO(connectionTO);
// Create
Config config = new Config(tempLocalDir, configTO, repoTO);
config.setConnection(connection);
config.getAppDir().mkdirs();
config.getCacheDir().mkdirs();
config.getDatabaseDir().mkdirs();
config.getLogDir().mkdirs();
config.getStateDir().mkdirs();
// Write to config folder (required for some tests)
new Persister().write(configTO, new File(config.getAppDir() + "/" + Config.FILE_CONFIG));
new Persister().write(repoTO, new File(config.getAppDir() + "/" + Config.FILE_REPO));
return config;
}
@Test
public void testIsEncryptedFileFalse() throws Exception {
File tempDirectory = TestFileUtil.createTempDirectoryInSystemTemp();
File testFile = new File(tempDirectory + "/somefile");
FileUtil.writeToFile(new byte[] {1, 2, 3}, testFile);
assertFalse(CipherUtil.isEncrypted(testFile));
TestFileUtil.deleteDirectory(tempDirectory);
}
private static SaltedSecretKey getMasterKey() throws Exception {
if (!cryptoEnabled) {
return null;
} else {
if (masterKey == null) {
masterKey = CipherUtil.createMasterKey("some password");
}
return masterKey;
}
}
@Test
public void testIsEncryptedFileTrue() throws Exception {
File tempDirectory = TestFileUtil.createTempDirectoryInSystemTemp();
File testFile = new File(tempDirectory + "/somefile");
RandomAccessFile testFileRaf = new RandomAccessFile(testFile, "rw");
testFileRaf.write(MultiCipherOutputStream.STREAM_MAGIC);
testFileRaf.write(MultiCipherOutputStream.STREAM_VERSION);
testFileRaf.close();
assertTrue(CipherUtil.isEncrypted(testFile));
TestFileUtil.deleteDirectory(tempDirectory);
}
@Test
public void testCreateDerivedKeys()
throws InvalidKeySpecException, NoSuchAlgorithmException, NoSuchProviderException {
SaltedSecretKey masterKey = createDummyMasterKey();
CipherSpec cipherSpec = CipherSpecs.getCipherSpec(CipherSpecs.AES_128_GCM);
byte[] derivedKeySalt1 = new byte[] {1, 2, 3};
byte[] derivedKeySalt2 = new byte[] {1, 2, 3, 4};
SaltedSecretKey derivedKey1 =
CipherUtil.createDerivedKey(masterKey, derivedKeySalt1, cipherSpec);
SaltedSecretKey derivedKey2 =
CipherUtil.createDerivedKey(masterKey, derivedKeySalt2, cipherSpec);
logger.log(Level.INFO, "- Derived key 1: " + StringUtil.toHex(derivedKey1.getEncoded()));
logger.log(Level.INFO, " with salt: " + StringUtil.toHex(derivedKey1.getSalt()));
logger.log(Level.INFO, "- Derived key 2: " + StringUtil.toHex(derivedKey2.getEncoded()));
logger.log(Level.INFO, " with salt: " + StringUtil.toHex(derivedKey2.getSalt()));
assertEquals(128 / 8, derivedKey1.getEncoded().length);
assertEquals(128 / 8, derivedKey2.getEncoded().length);
assertFalse(Arrays.equals(derivedKey1.getSalt(), derivedKey2.getSalt()));
assertFalse(Arrays.equals(derivedKey1.getEncoded(), derivedKey2.getEncoded()));
}
public static Cipher createCipher(
CipherSpec cipherSpec, int cipherInitMode, SecretKey secretKey, byte[] iv)
throws CipherException {
logger.log(Level.INFO, "Creating cipher using " + cipherSpec + " ...");
try {
if (cipherSpec.needsUnlimitedStrength()) {
CipherUtil.enableUnlimitedStrength();
}
Cipher cipher = Cipher.getInstance(cipherSpec.getAlgorithm(), PROVIDER);
cipher.init(cipherInitMode, secretKey, new IvParameterSpec(iv));
return cipher;
} catch (Exception e) {
throw new CipherException(e);
}
}