NIFI-4942 This closes #2690. Resolved test failures in JCE limited mode.

Signed-off-by: joewitt <joewitt@apache.org>
2018-05-08 12:28:10 -07:00 · 2018-05-08 12:28:10 -07:00 · 4f1444c0e0
parent 02ba4cf2c8
commit 4f1444c0e0
3 changed files with 146 additions and 11 deletions
--- a/nifi-toolkit/nifi-toolkit-encrypt-config/src/test/groovy/org/apache/nifi/properties/ConfigEncryptionToolTest.groovy
+++ b/nifi-toolkit/nifi-toolkit-encrypt-config/src/test/groovy/org/apache/nifi/properties/ConfigEncryptionToolTest.groovy
@ -2221,7 +2221,7 @@ class ConfigEncryptionToolTest extends GroovyTestCase {
    /**
     * Ideally all of the combination tests would be a single test with iterative argument lists, but due to the System.exit(), it can only be captured once per test.
     */
-    @Ignore
+//    @Ignore
    // TODO re-enable once this is passing on all platforms
    @Test
    void testShouldMigrateFromHashedPasswordToPassword() {
@ -2237,7 +2237,7 @@ class ConfigEncryptionToolTest extends GroovyTestCase {
        // Assertions in common method above
    }
-    @Ignore
+//    @Ignore
    // TODO re-enable once this is passing on all platforms
    @Test
    void testShouldMigrateFromHashedPasswordToKey() {
@ -2253,7 +2253,7 @@ class ConfigEncryptionToolTest extends GroovyTestCase {
        // Assertions in common method above
    }
-    @Ignore
+//    @Ignore
    // TODO re-enable once this is passing on all platforms
    @Test
    void testShouldMigrateFromHashedKeyToPassword() {
@ -2269,7 +2269,7 @@ class ConfigEncryptionToolTest extends GroovyTestCase {
        // Assertions in common method above
    }
-    @Ignore
+//    @Ignore
    // TODO re-enable once this is passing on all platforms
    @Test
    void testShouldMigrateFromHashedKeyToKey() {
@ -2285,7 +2285,7 @@ class ConfigEncryptionToolTest extends GroovyTestCase {
        // Assertions in common method above
    }
-    @Ignore
+//    @Ignore
    // TODO re-enable once this is passing on all platforms
    @Test
    void testShouldFailToMigrateFromIncorrectHashedPasswordToPassword() {
@ -5519,13 +5519,17 @@ class ConfigEncryptionToolTest extends GroovyTestCase {
        tmpDir.mkdirs()
        setFilePermissions(tmpDir, [PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE, PosixFilePermission.GROUP_READ, PosixFilePermission.GROUP_WRITE, PosixFilePermission.GROUP_EXECUTE, PosixFilePermission.OTHERS_READ, PosixFilePermission.OTHERS_WRITE, PosixFilePermission.OTHERS_EXECUTE])
-        File masterKeyFile = new File("src/test/resources/bootstrap_with_master_key.conf")
+        String bootstrapPath = isUnlimitedStrengthCryptoAvailable() ? "src/test/resources/bootstrap_with_master_key.conf" :
                "src/test/resources/bootstrap_with_master_key_128.conf"
        File masterKeyFile = new File(bootstrapPath)
        File bootstrapFile = new File("target/tmp/tmp_bootstrap.conf")
        bootstrapFile.delete()
        Files.copy(masterKeyFile.toPath(), bootstrapFile.toPath())
-        File inputPropertiesFile = new File("src/test/resources/nifi_with_sensitive_properties_protected_aes.properties")
+        String inputPropertiesPath = isUnlimitedStrengthCryptoAvailable() ? "src/test/resources/nifi_with_sensitive_properties_protected_aes.properties" :
                "src/test/resources/nifi_with_sensitive_properties_protected_aes_128.properties"
        File inputPropertiesFile = new File(inputPropertiesPath)
        NiFiProperties inputProperties = NiFiPropertiesLoader.withKey(KEY_HEX).load(inputPropertiesFile)
        logger.info("Loaded ${inputProperties.size()} properties from input file")
@ -5589,13 +5593,17 @@ class ConfigEncryptionToolTest extends GroovyTestCase {
        tmpDir.mkdirs()
        setFilePermissions(tmpDir, [PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE, PosixFilePermission.GROUP_READ, PosixFilePermission.GROUP_WRITE, PosixFilePermission.GROUP_EXECUTE, PosixFilePermission.OTHERS_READ, PosixFilePermission.OTHERS_WRITE, PosixFilePermission.OTHERS_EXECUTE])
-        File masterKeyFile = new File("src/test/resources/bootstrap_with_master_key.conf")
+        String bootstrapPath = isUnlimitedStrengthCryptoAvailable() ? "src/test/resources/bootstrap_with_master_key.conf" :
                "src/test/resources/bootstrap_with_master_key_128.conf"
        File masterKeyFile = new File(bootstrapPath)
        File bootstrapFile = new File("target/tmp/tmp_bootstrap.conf")
        bootstrapFile.delete()
        Files.copy(masterKeyFile.toPath(), bootstrapFile.toPath())
-        File inputPropertiesFile = new File("src/test/resources/nifi_with_sensitive_properties_protected_aes.properties")
+        String inputPropertiesPath = isUnlimitedStrengthCryptoAvailable() ? "src/test/resources/nifi_with_sensitive_properties_protected_aes.properties" :
                "src/test/resources/nifi_with_sensitive_properties_protected_aes_128.properties"
        File inputPropertiesFile = new File(inputPropertiesPath)
        NiFiProperties inputProperties = NiFiPropertiesLoader.withKey(KEY_HEX).load(inputPropertiesFile)
        logger.info("Loaded ${inputProperties.size()} properties from input file")
--- a/nifi-toolkit/nifi-toolkit-encrypt-config/src/test/resources/nifi_with_sensitive_properties_protected_aes_128.properties
+++ b/nifi-toolkit/nifi-toolkit-encrypt-config/src/test/resources/nifi_with_sensitive_properties_protected_aes_128.properties
@ -0,0 +1,127 @@
 # Licensed to the Apache Software Foundation (ASF) under one or more
 # contributor license agreements.  See the NOTICE file distributed with
 # this work for additional information regarding copyright ownership.
 # The ASF licenses this file to You under the Apache License, Version 2.0
 # (the "License"); you may not use this file except in compliance with
 # the License.  You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 # Core Properties #
 nifi.flow.configuration.file=./target/flow.xml.gz
 nifi.flow.configuration.archive.dir=./target/archive/
 nifi.flowcontroller.autoResumeState=true
 nifi.flowcontroller.graceful.shutdown.period=10 sec
 nifi.flowservice.writedelay.interval=2 sec
 nifi.administrative.yield.duration=30 sec
 nifi.reporting.task.configuration.file=./target/reporting-tasks.xml
 nifi.controller.service.configuration.file=./target/controller-services.xml
 nifi.templates.directory=./target/templates
 nifi.ui.banner.text=UI Banner Text
 nifi.ui.autorefresh.interval=30 sec
 nifi.nar.library.directory=./target/resources/NiFiProperties/lib/
 nifi.nar.library.directory.alt=./target/resources/NiFiProperties/lib2/
 nifi.nar.working.directory=./target/work/nar/
 # H2 Settings
 nifi.database.directory=./target/database_repository
 nifi.h2.url.append=;LOCK_TIMEOUT=25000;WRITE_DELAY=0;AUTO_SERVER=FALSE
 # FlowFile Repository
 nifi.flowfile.repository.directory=./target/test-repo
 nifi.flowfile.repository.partitions=1
 nifi.flowfile.repository.checkpoint.interval=2 mins
 nifi.queue.swap.threshold=20000
 nifi.swap.storage.directory=./target/test-repo/swap
 nifi.swap.in.period=5 sec
 nifi.swap.in.threads=1
 nifi.swap.out.period=5 sec
 nifi.swap.out.threads=4
 # Content Repository
 nifi.content.claim.max.appendable.size=10 MB
 nifi.content.claim.max.flow.files=100
 nifi.content.repository.directory.default=./target/content_repository
 # Provenance Repository Properties
 nifi.provenance.repository.storage.directory=./target/provenance_repository
 nifi.provenance.repository.max.storage.time=24 hours
 nifi.provenance.repository.max.storage.size=1 GB
 nifi.provenance.repository.rollover.time=30 secs
 nifi.provenance.repository.rollover.size=100 MB
 # Site to Site properties
 nifi.remote.input.socket.port=9990
 nifi.remote.input.secure=true
 # web properties #
 nifi.web.war.directory=./target/lib
 nifi.web.http.host=
 nifi.web.http.port=
 nifi.web.https.host=nifi.nifi.apache.org
 nifi.web.https.port=8443
 nifi.web.jetty.working.directory=./target/work/jetty
 # security properties #
 nifi.sensitive.props.key=xPqEWK8a34r19J4z||UOFzOfZE/NQK4Xua8WWblf1/Ld+Pf7eQ1zg0U/qYW2sPwxyhhOXWwQmrUft6qA
 nifi.sensitive.props.key.protected=aes/gcm/128
 nifi.sensitive.props.algorithm=PBEWITHMD5AND256BITAES-CBC-OPENSSL
 nifi.sensitive.props.provider=BC
 nifi.sensitive.props.additional.keys=
 nifi.security.keystore=/path/to/keystore.jks
 nifi.security.keystoreType=JKS
 nifi.security.keystorePasswd=UgWHU87DcSqBXHPz||eGkTFRuxfp8TQ/1crRBGQDGc5bd0BTX3jLrNjVOyfFFRXS4uDopI2IT5
 nifi.security.keystorePasswd.protected=aes/gcm/128
 nifi.security.keyPasswd=ScVhGZYyiWttT67v||BVoQckHv/05rdIJ1HCvp6ICmTTPF9ZBFgEpj5J8epFZherA53Q
 nifi.security.keyPasswd.protected=aes/gcm/128
 nifi.security.truststore=
 nifi.security.truststoreType=
 nifi.security.truststorePasswd=
 nifi.security.needClientAuth=
 nifi.security.user.authorizer=
 # cluster common properties (cluster manager and nodes must have same values) #
 nifi.cluster.protocol.heartbeat.interval=5 sec
 nifi.cluster.protocol.is.secure=false
 nifi.cluster.protocol.socket.timeout=30 sec
 nifi.cluster.protocol.connection.handshake.timeout=45 sec
 # if multicast is used, then nifi.cluster.protocol.multicast.xxx properties must be configured #
 nifi.cluster.protocol.use.multicast=false
 nifi.cluster.protocol.multicast.address=
 nifi.cluster.protocol.multicast.port=
 nifi.cluster.protocol.multicast.service.broadcast.delay=500 ms
 nifi.cluster.protocol.multicast.service.locator.attempts=3
 nifi.cluster.protocol.multicast.service.locator.attempts.delay=1 sec
 # cluster node properties (only configure for cluster nodes) #
 nifi.cluster.is.node=false
 nifi.cluster.node.address=
 nifi.cluster.node.protocol.port=
 nifi.cluster.node.protocol.threads=2
 # if multicast is not used, nifi.cluster.node.unicast.xxx must have same values as nifi.cluster.manager.xxx #
 nifi.cluster.node.unicast.manager.address=
 nifi.cluster.node.unicast.manager.protocol.port=
 nifi.cluster.node.unicast.manager.authority.provider.port=
 # cluster manager properties (only configure for cluster manager) #
 nifi.cluster.is.manager=false
 nifi.cluster.manager.address=
 nifi.cluster.manager.protocol.port=
 nifi.cluster.manager.authority.provider.port=
 nifi.cluster.manager.authority.provider.threads=10
 nifi.cluster.manager.node.firewall.file=
 nifi.cluster.manager.node.event.history.size=10
 nifi.cluster.manager.node.api.connection.timeout=30 sec
 nifi.cluster.manager.node.api.read.timeout=30 sec
 nifi.cluster.manager.node.api.request.threads=10
 nifi.cluster.manager.flow.retrieval.delay=5 sec
 nifi.cluster.manager.protocol.threads=10
 nifi.cluster.manager.safemode.duration=0 sec
--- a/nifi-toolkit/nifi-toolkit-encrypt-config/src/test/resources/secure_hash_128.key
+++ b/nifi-toolkit/nifi-toolkit-encrypt-config/src/test/resources/secure_hash_128.key
@ -1,2 +1,2 @@
-secureHashKey=
+secureHashKey=$s0$40801$AAAAAAAAAAAAAAAAAAAAAA$pJOGA9sPL+pRzynnwt6G2FfVTyLQdbKSbk6W8IKId8E
-secureHashPassword=
+secureHashPassword=$s0$40801$AAAAAAAAAAAAAAAAAAAAAA$gLSh7ChbHdOIMvZ74XGjV6qF65d9qvQ8n75FeGnM8YM
`@ -1,2 +1,2 @@`
	`secureHashKey=`	`secureHashKey=$s0$40801$AAAAAAAAAAAAAAAAAAAAAA$pJOGA9sPL+pRzynnwt6G2FfVTyLQdbKSbk6W8IKId8E`
	`secureHashPassword=`	`secureHashPassword=$s0$40801$AAAAAAAAAAAAAAAAAAAAAA$gLSh7ChbHdOIMvZ74XGjV6qF65d9qvQ8n75FeGnM8YM`