options.setCipher("AES/CTR/NoPadding"); options.setBitLength(128); kpce.createKey("k6", options);
options.setCipher("AES/CTR/NoPadding"); options.setBitLength(128); kpce.createKey("k6", options);
@Override public KeyVersion createKey(String name, byte[] material, Options options) throws IOException { writeLock.lock(); try { authorizeCreateKey(name, options, getUser()); return provider.createKey(name, material, options); } finally { writeLock.unlock(); } }
@Override public KeyVersion createKey(String name, Options options) throws NoSuchAlgorithmException, IOException { writeLock.lock(); try { authorizeCreateKey(name, options, getUser()); return provider.createKey(name, options); } finally { writeLock.unlock(); } }
@Override public Void run() throws Exception { try { kpExt.createKey("foo", SecureRandom.getSeed(16), newOptions(conf)); Assert.fail("User should NOT be Authorized !!"); } catch (IOException ioe) { // Ignore } return null; } }
@Override public Void run() throws Exception { try { kpExt.createKey("foo", SecureRandom.getSeed(16), newOptions(conf)); Assert.fail("User should NOT be Authorized !!"); } catch (IOException ioe) { // Ignore } return null; } }
@Override public Void run() throws Exception { try { kpExt.createKey("foo", SecureRandom.getSeed(16), newOptions(conf)); } catch (IOException ioe) { Assert.fail("User should be Authorized !!"); } // "bar" key not configured try { kpExt.createKey("bar", SecureRandom.getSeed(16), newOptions(conf)); Assert.fail("User should NOT be Authorized !!"); } catch (IOException ioe) { // Ignore } return null; } }
@Override public Void run() throws Exception { try { kpExt.createKey("foo", SecureRandom.getSeed(16), newOptions(conf)); } catch (IOException ioe) { Assert.fail("User should be Authorized !!"); } // "bar" key not configured try { kpExt.createKey("bar", SecureRandom.getSeed(16), newOptions(conf)); Assert.fail("User should NOT be Authorized !!"); } catch (IOException ioe) { // Ignore } return null; } }
@Override public KeyVersion run() throws Exception { Options opt = newOptions(conf); Map<String, String> m = new HashMap<String, String>(); m.put("key.acl.name", "testKey"); opt.setAttributes(m); try { KeyVersion kv = kpExt.createKey("foo", SecureRandom.getSeed(16), opt); kpExt.rollNewVersion(kv.getName()); kpExt.rollNewVersion(kv.getName(), SecureRandom.getSeed(16)); kpExt.deleteKey(kv.getName()); } catch (IOException ioe) { Assert.fail("User should be Authorized !!"); } KeyVersion retkv = null; try { retkv = kpExt.createKey("bar", SecureRandom.getSeed(16), opt); kpExt.generateEncryptedKey(retkv.getName()); Assert.fail("User should NOT be Authorized to generate EEK !!"); } catch (IOException ioe) { } Assert.assertNotNull(retkv); return retkv; } }
@Override public KeyVersion run() throws Exception { Options opt = newOptions(conf); Map<String, String> m = new HashMap<String, String>(); m.put("key.acl.name", "testKey"); opt.setAttributes(m); try { KeyVersion kv = kpExt.createKey("foo", SecureRandom.getSeed(16), opt); kpExt.rollNewVersion(kv.getName()); kpExt.rollNewVersion(kv.getName(), SecureRandom.getSeed(16)); kpExt.deleteKey(kv.getName()); } catch (IOException ioe) { Assert.fail("User should be Authorized !!"); } KeyVersion retkv = null; try { retkv = kpExt.createKey("bar", SecureRandom.getSeed(16), opt); kpExt.generateEncryptedKey(retkv.getName()); Assert.fail("User should NOT be Authorized to generate EEK !!"); } catch (IOException ioe) { } Assert.assertNotNull(retkv); return retkv; } }
@Override public Void run() throws Exception { Options opt = newOptions(conf); Map<String, String> m = new HashMap<String, String>(); m.put("key.acl.name", "testKey"); opt.setAttributes(m); try { KeyVersion kv = kpExt.createKey("foo", SecureRandom.getSeed(16), opt); kpExt.rollNewVersion(kv.getName()); kpExt.rollNewVersion(kv.getName(), SecureRandom.getSeed(16)); EncryptedKeyVersion ekv = kpExt.generateEncryptedKey(kv.getName()); kpExt.decryptEncryptedKey(ekv); kpExt.deleteKey(kv.getName()); } catch (IOException ioe) { Assert.fail("User should be Allowed to do everything !!"); } return null; } }
@Override public Void run() throws Exception { Options opt = newOptions(conf); Map<String, String> m = new HashMap<String, String>(); m.put("key.acl.name", "testKey"); opt.setAttributes(m); try { KeyVersion kv = kpExt.createKey("foo", SecureRandom.getSeed(16), opt); kpExt.rollNewVersion(kv.getName()); kpExt.rollNewVersion(kv.getName(), SecureRandom.getSeed(16)); EncryptedKeyVersion ekv = kpExt.generateEncryptedKey(kv.getName()); kpExt.decryptEncryptedKey(ekv); kpExt.deleteKey(kv.getName()); } catch (IOException ioe) { Assert.fail("User should be Allowed to do everything !!"); } return null; } }
@Override public Void run() throws Exception { Options opt = newOptions(conf); Map<String, String> m = new HashMap<String, String>(); m.put("key.acl.name", "testKey"); opt.setAttributes(m); KeyVersion kv = kpExt.createKey("foo", SecureRandom.getSeed(16), opt); kpExt.rollNewVersion(kv.getName()); kpExt.rollNewVersion(kv.getName(), SecureRandom.getSeed(16)); EncryptedKeyVersion ekv = kpExt.generateEncryptedKey(kv.getName()); ekv = EncryptedKeyVersion.createForDecryption( ekv.getEncryptionKeyName() + "x", ekv.getEncryptionKeyVersionName(), ekv.getEncryptedKeyIv(), ekv.getEncryptedKeyVersion().getMaterial()); kpExt.decryptEncryptedKey(ekv); return null; } }
@Override public Void run() throws Exception { Options opt = newOptions(conf); Map<String, String> m = new HashMap<String, String>(); m.put("key.acl.name", "testKey"); opt.setAttributes(m); KeyVersion kv = kpExt.createKey("foo", SecureRandom.getSeed(16), opt); kpExt.rollNewVersion(kv.getName()); kpExt.rollNewVersion(kv.getName(), SecureRandom.getSeed(16)); EncryptedKeyVersion ekv = kpExt.generateEncryptedKey(kv.getName()); ekv = EncryptedKeyVersion.createForDecryption( ekv.getEncryptionKeyName() + "x", ekv.getEncryptionKeyVersionName(), ekv.getEncryptedKeyIv(), ekv.getEncryptedKeyVersion().getMaterial()); kpExt.decryptEncryptedKey(ekv); return null; } }