EncryptionUtilsTest.java example

Explorer
cassa-master
- cassandra-trunk
/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.cassandra.security;

import java.io.File;
import java.io.IOException;
import java.io.RandomAccessFile;
import java.nio.ByteBuffer;
import java.nio.channels.FileChannel;
import java.util.HashMap;
import java.util.Random;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.ShortBufferException;

import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;

import org.apache.cassandra.config.DatabaseDescriptor;
import org.apache.cassandra.config.TransparentDataEncryptionOptions;
import org.apache.cassandra.io.compress.ICompressor;
import org.apache.cassandra.io.compress.LZ4Compressor;
import org.apache.cassandra.io.util.RandomAccessReader;

public class EncryptionUtilsTest
{
    @BeforeClass
    public static void initDD()
    {
        DatabaseDescriptor.daemonInitialization();
    }

    final Random random = new Random();
    ICompressor compressor;
    TransparentDataEncryptionOptions tdeOptions;

    @Before
    public void setup()
    {
        compressor = LZ4Compressor.create(new HashMap<>());
        tdeOptions = EncryptionContextGenerator.createEncryptionOptions();
    }

    @Test
    public void compress() throws IOException
    {
        byte[] buf = new byte[(1 << 13) - 13];
        random.nextBytes(buf);
        ByteBuffer compressedBuffer = EncryptionUtils.compress(ByteBuffer.wrap(buf), ByteBuffer.allocate(0), true, compressor);
        ByteBuffer uncompressedBuffer = EncryptionUtils.uncompress(compressedBuffer, ByteBuffer.allocate(0), true, compressor);
        Assert.assertArrayEquals(buf, uncompressedBuffer.array());
    }

    @Test
    public void encrypt() throws BadPaddingException, ShortBufferException, IllegalBlockSizeException, IOException
    {
        byte[] buf = new byte[(1 << 12) - 7];
        random.nextBytes(buf);

        // encrypt
        CipherFactory cipherFactory = new CipherFactory(tdeOptions);
        Cipher encryptor = cipherFactory.getEncryptor(tdeOptions.cipher, tdeOptions.key_alias);

        File f = File.createTempFile("commitlog-enc-utils-", ".tmp");
        f.deleteOnExit();
        FileChannel channel = new RandomAccessFile(f, "rw").getChannel();
        EncryptionUtils.encryptAndWrite(ByteBuffer.wrap(buf), channel, true, encryptor);
        channel.close();

        // decrypt
        Cipher decryptor = cipherFactory.getDecryptor(tdeOptions.cipher, tdeOptions.key_alias, encryptor.getIV());
        ByteBuffer decryptedBuffer = EncryptionUtils.decrypt(RandomAccessReader.open(f), ByteBuffer.allocate(0), true, decryptor);

        // normally, we'd just call BB.array(), but that gives you the *entire* backing array, not with any of the offsets (position,limit) applied.
        // thus, just for this test, we copy the array and perform an array-level comparison with those offsets
        decryptedBuffer.limit(buf.length);
        byte[] b = new byte[buf.length];
        System.arraycopy(decryptedBuffer.array(), 0, b, 0, buf.length);
        Assert.assertArrayEquals(buf, b);
    }

    @Test
    public void fullRoundTrip() throws IOException, BadPaddingException, ShortBufferException, IllegalBlockSizeException
    {
        // compress
        byte[] buf = new byte[(1 << 12) - 7];
        random.nextBytes(buf);
        ByteBuffer compressedBuffer = EncryptionUtils.compress(ByteBuffer.wrap(buf), ByteBuffer.allocate(0), true, compressor);

        // encrypt
        CipherFactory cipherFactory = new CipherFactory(tdeOptions);
        Cipher encryptor = cipherFactory.getEncryptor(tdeOptions.cipher, tdeOptions.key_alias);
        File f = File.createTempFile("commitlog-enc-utils-", ".tmp");
        f.deleteOnExit();
        FileChannel channel = new RandomAccessFile(f, "rw").getChannel();
        EncryptionUtils.encryptAndWrite(compressedBuffer, channel, true, encryptor);

        // decrypt
        Cipher decryptor = cipherFactory.getDecryptor(tdeOptions.cipher, tdeOptions.key_alias, encryptor.getIV());
        ByteBuffer decryptedBuffer = EncryptionUtils.decrypt(RandomAccessReader.open(f), ByteBuffer.allocate(0), true, decryptor);

        // uncompress
        ByteBuffer uncompressedBuffer = EncryptionUtils.uncompress(decryptedBuffer, ByteBuffer.allocate(0), true, compressor);
        Assert.assertArrayEquals(buf, uncompressedBuffer.array());
    }
}