You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@cloudstack.apache.org by Friðvin Logi Oddbjörnsson <fr...@greenqloud.com> on 2017/03/09 13:46:36 UTC

Unit testing with (database) encryption enabled

Hello all,

I’ve encountered a couple of issues when running CloudStack’s unit tests
after adding the following to cloudstack/utils/conf/db.properties:

db.cloud.encryption.type=env
db.cloud.encrypt.secret=secret

and setting environment variable CLOUD_SECRET_KEY with a non-empty value.

Unit test UriUtilsTest.getUpdateUri has the following check:
        // there is password param but still no request for encryption,
should
        // be unchanged
        Assert.assertEquals("http://localhost/foo/bar?password=1234",
UriUtils
                .getUpdateUri("http://localhost/foo/bar?password=1234",
false));

However, looking at the implementation of UriUtils.getUpdateUri(String url,
boolean encrypt), when parameter encrypt is specified as false, a parameter
with name “password” will have its value decrypted!  This means that, when
encryption is actually enabled, this check will fail because “1234” is not
an encrypted value (the value will actually be replaced by “null”).

Should UriUtils.getUpdateUri(String url, boolean encrypt) really be
decrypting the value of “password” parameter and, if so, shouldn’t it check
whether the decryption returned null? (in which case, it would leave the
original value)

As for the other issue I encountered, unit test
EncryptionSecretKeyCheckerTest.testKeyFileDoesNotExists failing, just
mentioning here that this unit test fails when encryption is enabled.
Unlike the UriUtilsTest issue, the cause for this fail is straightforward
(the test simply assumes that encryption isn’t enabled) and I’ve already
fixed the unit test locally so that it works properly regardless of whether
encryption is enabled or not.

P.s. running the unit tests simply by executing `mvn -Pdeveloper -Dnoredist
-Dsimulator -Djna.nosys=true clean install`

Friðvin Logi Oddbjörnsson

Senior Developer

Tel: (+354) 415 0200 | fridvin@greenqloud.com

Mobile: (+354) 696 6528 | PGP Key: 57CA1B00
<ht...@greenqloud.com>

Twitter: @greenqloud <https://twitter.com/greenqloud> | @qstackcloud
<https://twitter.com/qstackcloud>

www.greenqloud.com | www.qstack.com

[image: qstack_blue_landscape_byqreenqloud-01.png]