zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-07-26 04:28:34 +02:00
Code Issues Projects Releases Packages Wiki Activity

Expose the functionality to decrypt given data using keyring

Browse source 
This allows us to provide the keyring a blob of encrypted data and a key name, and have it decrypt it for us.

Also fixed javadoc length in Keyring.java. It seems like it was using a 80-character length limit.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=222995542
This commit is contained in:
jianglai 2018-11-27 08:31:55 -08:00
parent 0ed0bcc99f
commit 4416601a1d
6 changed files with 70 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

19
javatests/google/registry/keyring/kms/KmsKeyringTest.java
View file

@ -16,7 +16,7 @@ package google.registry.keyring.kms;
import static com.google.common.truth.Truth.assertThat;
import static google.registry.testing.DatastoreHelper.persistResources;
import static java.nio.charset.StandardCharsets.US_ASCII;
import static java.nio.charset.StandardCharsets.UTF_8;
import com.google.common.collect.ImmutableList;
import com.google.common.io.BaseEncoding;
@ -26,7 +26,6 @@ import google.registry.model.server.KmsSecretRevision;
import google.registry.model.server.KmsSecretRevision.Builder;
import google.registry.testing.AppEngineRule;
import google.registry.testing.BouncyCastleProviderRule;
import java.io.UnsupportedEncodingException;
import org.bouncycastle.openpgp.PGPKeyPair;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPPublicKey;
@ -179,14 +178,26 @@ public class KmsKeyringTest {
}
@Test
public void test_getEncryptedJsonCredential() throws UnsupportedEncodingException {
public void test_getEncryptedJsonCredential() {
saveCleartextSecret("json-credential-string");
String encryptedJsonCredential = keyring.getEncryptedData("json-credential-string");
assertThat(
new String(
Arrays.reverse(BaseEncoding.base64().decode(encryptedJsonCredential)), US_ASCII))
Arrays.reverse(BaseEncoding.base64().decode(encryptedJsonCredential)), UTF_8))
.isEqualTo("json-credential-stringmoo");
}
@Test
public void test_decryptJsonCredential() {
saveCleartextSecret("json-credential-string");
String encryptedJsonCredential = keyring.getEncryptedData("json-credential-string");
assertThat(
new String(
keyring.getDecryptedData("json-credential-string", encryptedJsonCredential), UTF_8))
.isEqualTo("json-credential-stringmoo");
}