DomGarguilo commented on a change in pull request #2224: URL: https://github.com/apache/accumulo/pull/2224#discussion_r717538865
########## File path: server/base/src/test/java/org/apache/accumulo/server/conf/codec/VersionedPropEncryptCodecTest.java ########## @@ -0,0 +1,251 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.accumulo.server.conf.codec; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotEquals; +import static org.junit.Assert.assertTrue; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.security.NoSuchAlgorithmException; +import java.time.Instant; +import java.util.Base64; +import java.util.HashMap; +import java.util.Map; + +import javax.crypto.Cipher; +import javax.crypto.CipherInputStream; +import javax.crypto.CipherOutputStream; +import javax.crypto.KeyGenerator; +import javax.crypto.SecretKey; + +import org.junit.Test; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class VersionedPropEncryptCodecTest { + + private final Logger log = LoggerFactory.getLogger(VersionedPropEncryptCodecTest.class); + + /** + * Perform a round trip - encode, decode set of operations. + * + * @throws Exception + * an exception is a test failure. + */ + @Test + public void roundTripSample() throws Exception { + + // set-up sample "secret" key - for testing only. + final char[] pass = {'a', 'b', 'c'}; + final byte[] salt = {1, 2, 3}; + + VersionedPropEncryptCodec.GCMCipherParams cipherProps = + new VersionedPropEncryptCodec.GCMCipherParams(pass, salt); + + Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); + cipher.init(Cipher.ENCRYPT_MODE, cipherProps.getSecretKey(), cipherProps.getParameterSpec()); + + byte[] payload; + + try (ByteArrayOutputStream bos = new ByteArrayOutputStream()) { + + CipherOutputStream cos = new CipherOutputStream(bos, cipher); + + DataOutputStream dos = new DataOutputStream(cos); + + dos.writeUTF("A"); + dos.writeUTF("B"); + dos.writeUTF("C"); + + cos.flush(); + cos.close(); + + payload = bos.toByteArray(); + + log.debug("Output: {}", payload); + + } + + cipher.init(Cipher.DECRYPT_MODE, cipherProps.getSecretKey(), cipherProps.getParameterSpec()); + try (ByteArrayInputStream bis = new ByteArrayInputStream(payload)) { + + // write the property map keys, values. + try (CipherInputStream cis = new CipherInputStream(bis, cipher); + + DataInputStream cdis = new DataInputStream(cis)) { + + assertEquals("A", cdis.readUTF()); + assertEquals("B", cdis.readUTF()); + assertEquals("C", cdis.readUTF()); + } + } + } + + /** + * Validate versioning with something other than default. + */ + @Test + public void roundTripEncryption() throws Exception { + + int aVersion = 13; + Instant now = Instant.now(); + + Map<String,String> p = new HashMap<>(); + p.put("k1", "v1"); + + VersionedProperties vProps = new VersionedProperties(aVersion, now, p); + + final char[] pass = {'a', 'b', 'c'}; + final byte[] salt = {1, 2, 3}; + + VersionedPropCodec encoder = VersionedPropEncryptCodec.codec(false, + new VersionedPropEncryptCodec.GCMCipherParams(pass, salt)); + + byte[] encodedBytes = encoder.toBytes(vProps); + + log.debug("Encoded: {}", encodedBytes); + + VersionedProperties decodedProps = encoder.fromBytes(encodedBytes); + + log.debug("Decoded: {}", decodedProps.print(true)); + + assertEquals(vProps.getProperties(), decodedProps.getProperties()); + + // validate that the expected node version matches original version. + assertEquals(aVersion, vProps.getDataVersion()); + + // validate encoded version incremented. + assertEquals(aVersion + 1, decodedProps.getDataVersion()); + + assertEquals("encoded version should be 1 up", aVersion + 1, decodedProps.getDataVersion()); + assertEquals("version written should be the source next version", vProps.getNextVersion(), + decodedProps.getDataVersion()); + assertEquals("the next version in decoded should be +2", aVersion + 2, + decodedProps.getNextVersion()); + + assertTrue("timestamp should be now or earlier", + vProps.getTimestamp().compareTo(Instant.now()) <= 0); + + } + + /** + * Validate versioning with something other than default. + */ + @Test + public void roundTripEncryptionCompressed() throws Exception { + + int aVersion = 13; + Instant now = Instant.now(); + + // compression friendly + Map<String,String> p = new HashMap<>(); + p.put("accumulo.prop.key_name.1", "value1"); + p.put("accumulo.prop.key_name.2", "value2"); + p.put("accumulo.prop.key_name.3", "value3"); + p.put("accumulo.prop.key_name.4", "value4"); + p.put("accumulo.prop.key_name.5", "value5"); + p.put("accumulo.prop.key_name.6", "value9"); + + VersionedProperties vProps = new VersionedProperties(aVersion, now, p); Review comment: `Map.of` in this case is a little less readable in my opinion. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
