From 075dcb3781f6da07542b6883c6e9b811bc9edf68 Mon Sep 17 00:00:00 2001 From: sugan0tech Date: Sun, 22 Oct 2023 22:55:41 +0530 Subject: [PATCH] [ELY-2684] Update tests in OTPTest to use a common helper method for the tests with unchanged passwords. --- .../wildfly/security/sasl/otp/OTPTest.java | 128 +++++------------- 1 file changed, 37 insertions(+), 91 deletions(-) diff --git a/tests/base/src/test/java/org/wildfly/security/sasl/otp/OTPTest.java b/tests/base/src/test/java/org/wildfly/security/sasl/otp/OTPTest.java index 69da63105c3..6ab00211f03 100644 --- a/tests/base/src/test/java/org/wildfly/security/sasl/otp/OTPTest.java +++ b/tests/base/src/test/java/org/wildfly/security/sasl/otp/OTPTest.java @@ -819,106 +819,18 @@ public void testAuthenticationWithInvalidPassPhrase() throws Exception { @Test public void testAuthenticationWithLongSeed() throws Exception { - final String algorithm = ALGORITHM_OTP_MD5; - final SaslClientFactory clientFactory = obtainSaslClientFactory(OTPSaslClientFactory.class); - assertNotNull(clientFactory); - - PasswordFactory passwordFactory = PasswordFactory.getInstance(algorithm); - final Password password = passwordFactory.generatePassword(new OneTimePasswordSpec(CodePointIterator.ofString("505d889f90085847").hexDecode().drain(), - "thisSeedIsTooLong", 500)); - final SaslServerBuilder.BuilderReference securityDomainReference = new SaslServerBuilder.BuilderReference<>(); - final SaslServerBuilder.BuilderReference closeableReference = new SaslServerBuilder.BuilderReference<>(); - try { - final SaslServer saslServer = createSaslServer(password, closeableReference, securityDomainReference); - - final CallbackHandler cbh = createClientCallbackHandler("userName", "This is a test.", PASS_PHRASE, algorithm, HEX_RESPONSE); - final SaslClient saslClient = clientFactory.createSaslClient(new String[]{SaslMechanismInformation.Names.OTP}, null, "test", "testserver1.example.com", - Collections.emptyMap(), cbh); - - byte[] message = saslClient.evaluateChallenge(new byte[0]); - try { - saslServer.evaluateResponse(message); - fail("Expected SaslException not thrown"); - } catch (SaslException expected) { - } - saslClient.dispose(); - saslServer.dispose(); - - // The password should remain unchanged - checkPassword(securityDomainReference, "userName", (OneTimePassword) password, algorithm); - } finally { - closeableReference.getReference().close(); - } + testPasswordRemainsUnchanged("thisSeedIsTooLong", 500); } @Test public void testAuthenticationWithNonAlphanumericSeed() throws Exception { - final String algorithm = ALGORITHM_OTP_MD5; - - final SaslClientFactory clientFactory = obtainSaslClientFactory(OTPSaslClientFactory.class); - assertNotNull(clientFactory); - - PasswordFactory passwordFactory = PasswordFactory.getInstance(algorithm); - final Password password = passwordFactory.generatePassword(new OneTimePasswordSpec(CodePointIterator.ofString("505d889f90085847").hexDecode().drain(), - "A seed!", 500)); - final SaslServerBuilder.BuilderReference securityDomainReference = new SaslServerBuilder.BuilderReference<>(); - final SaslServerBuilder.BuilderReference closeableReference = new SaslServerBuilder.BuilderReference<>(); - try { - final SaslServer saslServer = createSaslServer(password, closeableReference, securityDomainReference); - - final CallbackHandler cbh = createClientCallbackHandler("userName", "This is a test.", PASS_PHRASE, algorithm, HEX_RESPONSE); - final SaslClient saslClient = clientFactory.createSaslClient(new String[]{SaslMechanismInformation.Names.OTP}, null, "test", "testserver1.example.com", - Collections.emptyMap(), cbh); - - byte[] message = saslClient.evaluateChallenge(new byte[0]); - try { - saslServer.evaluateResponse(message); - fail("Expected SaslException not thrown"); - } catch (SaslException expected) { - } - saslClient.dispose(); - saslServer.dispose(); - - // The password should remain unchanged - checkPassword(securityDomainReference, "userName", (OneTimePassword) password, algorithm); - } finally { - closeableReference.getReference().close(); - } + testPasswordRemainsUnchanged("A seed!", 500); } @Test public void testAuthenticationWithInvalidSequenceNumber() throws Exception { - final String algorithm = ALGORITHM_OTP_MD5; - final SaslClientFactory clientFactory = obtainSaslClientFactory(OTPSaslClientFactory.class); - assertNotNull(clientFactory); - - PasswordFactory passwordFactory = PasswordFactory.getInstance(algorithm); - final Password password = passwordFactory.generatePassword(new OneTimePasswordSpec(CodePointIterator.ofString("505d889f90085847").hexDecode().drain(), - "ke1234", 0)); - final SaslServerBuilder.BuilderReference securityDomainReference = new SaslServerBuilder.BuilderReference<>(); - final SaslServerBuilder.BuilderReference closeableReference = new SaslServerBuilder.BuilderReference<>(); - try { - final SaslServer saslServer = createSaslServer(password, closeableReference, securityDomainReference); - - final CallbackHandler cbh = createClientCallbackHandler("userName", "This is a test.", PASS_PHRASE, algorithm, HEX_RESPONSE); - final SaslClient saslClient = clientFactory.createSaslClient(new String[] { SaslMechanismInformation.Names.OTP }, null, "test", "testserver1.example.com", - Collections.emptyMap(), cbh); - - byte[] message = saslClient.evaluateChallenge(new byte[0]); - try { - saslServer.evaluateResponse(message); - fail("Expected SaslException not thrown"); - } catch (SaslException expected) { - } - saslClient.dispose(); - saslServer.dispose(); - - // The password should remain unchanged - checkPassword(securityDomainReference, "userName", (OneTimePassword) password, algorithm); - } finally { - closeableReference.getReference().close(); - } + testPasswordRemainsUnchanged("ke1234", 0); } @Test @@ -1082,6 +994,40 @@ private CallbackHandler createClientCallbackHandler(String username, String pass return ClientUtils.getCallbackHandler(new URI("remote://localhost"), context); } + private void testPasswordRemainsUnchanged(String seed, int sequenceNumber) throws Exception { + final String algorithm = ALGORITHM_OTP_MD5; + final SaslClientFactory clientFactory = obtainSaslClientFactory(OTPSaslClientFactory.class); + assertNotNull(clientFactory); + + PasswordFactory passwordFactory = PasswordFactory.getInstance(algorithm); + final Password password = passwordFactory.generatePassword(new OneTimePasswordSpec(CodePointIterator.ofString("505d889f90085847").hexDecode().drain(), + seed, sequenceNumber)); + final SaslServerBuilder.BuilderReference securityDomainReference = new SaslServerBuilder.BuilderReference<>(); + final SaslServerBuilder.BuilderReference closeableReference = new SaslServerBuilder.BuilderReference<>(); + try { + final SaslServer saslServer = createSaslServer(password, closeableReference, securityDomainReference); + + final CallbackHandler cbh = createClientCallbackHandler("userName", "This is a test.", PASS_PHRASE, algorithm, HEX_RESPONSE); + final SaslClient saslClient = clientFactory.createSaslClient(new String[]{SaslMechanismInformation.Names.OTP}, null, "test", "testserver1.example.com", + Collections.emptyMap(), cbh); + + byte[] message = saslClient.evaluateChallenge(new byte[0]); + try { + saslServer.evaluateResponse(message); + fail("Expected SaslException not thrown"); + } catch (SaslException expected) { + } + saslClient.dispose(); + saslServer.dispose(); + + // The password should remain unchanged + checkPassword(securityDomainReference, "userName", (OneTimePassword) password, algorithm); + } finally { + closeableReference.getReference().close(); + } + + } + private static final String[] ALTERNATE_DICTIONARY = new String[] { "poel", "qewn", "xlob", "preg", "qome", "zarm", "sas", "oerk", "sct", "seb", "ilan", "wct", "bp", "sft",