In KeystoreWrapper class we determine if the error to decrypt a given keystore is caused by a wrong password based on the exception that the SunJCE implementation of AES is throwing(AEADBadTagException). Other implementations from other Security Providers fail with a different exception and as such we cannot differentiate between a corrupted file and a wrong password in a foolproof way. As in other tests such as in KeyStoreWrapperTests#testDecryptKeyStoreWithWrongPassword we handle this by matching both possible exception messages.
This commit is contained in:
Ioannis Kakavas
GitHub
parent
0f233b1b0b
commit
38e55cd348
|
|
@ -18,7 +18,9 @@ setup:
|
|||
- is_true: nodes
|
||||
- is_true: cluster_name
|
||||
- match: { nodes.$node_id.reload_exception.type: "security_exception" }
|
||||
- match: { nodes.$node_id.reload_exception.reason: "Provided keystore password was incorrect" }
|
||||
- match: { nodes.$node_id.reload_exception.reason:
|
||||
/^(Provided\skeystore\spassword\swas\sincorrect|
|
||||
Keystore\shas\sbeen\scorrupted\sor\stampered\swith)$/ }
|
||||
|
||||
---
|
||||
"node_reload_secure_settings test correct(empty) password":
|
||||
|
|
|
|||
Loading…
Reference in New Issue