hcq/oceanbase
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

close source unittest/share/test_master_key_getter.cpp and unittest/share/test_encryption_util.cpp

Browse Source
This commit is contained in:
wenxingsen
2023-08-15 08:47:58 +00:00
committed by ob-robot
parent f4aff366fd
commit f8b3a10f73
2 changed files with 0 additions and 647 deletions
Download Patch File Download Diff File Expand all files Collapse all files

247
unittest/share/test_encryption_util.cpp
View File

@ -1,247 +0,0 @@
/**
* Copyright (c) 2021 OceanBase
* OceanBase CE is licensed under Mulan PubL v2.
* You can use this software according to the terms and conditions of the Mulan PubL v2.
* You may obtain a copy of Mulan PubL v2 at:
* http://license.coscl.org.cn/MulanPubL-2.0
* THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
* EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
* MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
* See the Mulan PubL v2 for more details.
*/
#define USING_LOG_PREFIX SHARE
#include <gtest/gtest.h>
#include <gmock/gmock.h>
#define private public
#include "share/ob_encryption_util.h"
#include "share/ob_master_key_getter.h"
#undef private
namespace oceanbase
{
using namespace common;
namespace share
{
// TEST(TestEncryptionUtil, basic)
// {
// const int64_t invalid_buf_len = 12;
// char invalid_key[32] = "aabb";
// char invalid_data[invalid_buf_len] = "123456789";
// const int64_t buf_len = 128;
// char key[32] = "abababab";
// char origin_data[buf_len] = "123456789";
// char origin_data2[buf_len] = "12345678";
// char data[buf_len] = "123456789";
// char data2[buf_len] = "12345678";
// int64_t invalid_data_len = strlen(invalid_data);
// int64_t data_len = strlen(data);
// ASSERT_EQ(OB_INVALID_ARGUMENT, ObDesEncryption::des_encrypt(invalid_key, invalid_data, invalid_data_len, invalid_buf_len));
// ASSERT_EQ(OB_INVALID_ARGUMENT, ObDesEncryption::des_encrypt(invalid_key, data, data_len, invalid_buf_len));
// ASSERT_EQ(OB_SUCCESS, ObDesEncryption::des_encrypt(key, data, data_len, buf_len));
// ASSERT_EQ(OB_SUCCESS, ObDesEncryption::des_decrypt(key, data, 16));
// ASSERT_EQ(0, STRNCMP(data, origin_data, strlen(origin_data)));
// ASSERT_EQ(OB_SUCCESS, ObDesEncryption::des_encrypt(key, data2, data_len, buf_len));
// ASSERT_EQ(OB_SUCCESS, ObDesEncryption::des_decrypt(key, data2, 8));
// ASSERT_EQ(0, STRNCMP(data2, origin_data2, strlen(origin_data2)));
// }
TEST(TestEncryptionUtil, aes_encrypt)
{
const int64_t buf_len = 128;
char key[OB_MAX_MASTER_KEY_LENGTH] = {0};
const int64_t key_len = OB_MAX_MASTER_KEY_LENGTH;
char iv[buf_len] = {0};
const int64_t iv_len = OB_MAX_MASTER_KEY_LENGTH;
char data[buf_len] = {0};
int64_t data_len = 16;
char encrypt_buf[buf_len] = {0};
int64_t encrypt_len = 0;
char out_buf[buf_len] = {0};
int64_t out_len = 0;
for (int i = ObAesOpMode::ob_invalid_mode + 1; i < ObAesOpMode::ob_max_mode; ++i) {
ObAesOpMode mode = static_cast<ObAesOpMode>(i);
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(key, key_len));
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(iv, iv_len));
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(data, data_len));
EXPECT_EQ(OB_SUCCESS, ObAesEncryption::aes_encrypt(key, key_len, data, data_len, buf_len,
iv, iv_len, mode,
encrypt_buf, encrypt_len));
encrypt_buf[encrypt_len] = '\0';
EXPECT_STRNE(data, encrypt_buf);
EXPECT_EQ(OB_SUCCESS, ObAesEncryption::aes_decrypt(key, key_len, encrypt_buf, encrypt_len, buf_len,
iv, iv_len, mode,
out_buf, out_len));
EXPECT_EQ(data_len, out_len);
out_buf[out_len] = '\0';
EXPECT_STREQ(data, out_buf);
}
}
TEST(TestEncryptionUtil, encrypted_length)
{
const int64_t buf_len = 128;
char key[OB_MAX_MASTER_KEY_LENGTH] = {0};
const int64_t key_len = OB_MAX_MASTER_KEY_LENGTH;
char iv[buf_len] = {0};
const int64_t iv_len = OB_MAX_MASTER_KEY_LENGTH;
char data[buf_len] = {0};
int64_t data_len = 0;
char encrypt_buf[buf_len] = {0};
int64_t encrypt_len = 0;
for (int i = ObAesOpMode::ob_invalid_mode + 1; i < ObAesOpMode::ob_max_mode; ++i) {
ObAesOpMode mode = static_cast<ObAesOpMode>(i);
for (data_len = 1; data_len <= 2 * ObAesEncryption::OB_AES_BLOCK_SIZE; ++data_len) {
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(key, key_len));
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(iv, iv_len));
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(data, data_len));
EXPECT_EQ(OB_SUCCESS, ObAesEncryption::aes_encrypt(key, key_len, data, data_len, buf_len,
iv, iv_len, mode,
encrypt_buf, encrypt_len));
EXPECT_GE(ObEncryptionUtil::encrypted_length(data_len), encrypt_len);
}
}
}
TEST(TestEncryptionUtil, decrypted_length)
{
const int64_t buf_len = 128;
char key[OB_MAX_MASTER_KEY_LENGTH] = {0};
const int64_t key_len = OB_MAX_MASTER_KEY_LENGTH;
char iv[buf_len] = {0};
const int64_t iv_len = OB_MAX_MASTER_KEY_LENGTH;
char data[buf_len] = {0};
int64_t data_len = 0;
char encrypt_buf[buf_len] = {0};
int64_t encrypt_len = 0;
int64_t target_encrypt_len = 0;
for (int i = ObAesOpMode::ob_invalid_mode + 1; i < ObAesOpMode::ob_max_mode; ++i) {
ObAesOpMode mode = static_cast<ObAesOpMode>(i);
for (target_encrypt_len = ObAesEncryption::OB_AES_BLOCK_SIZE;
target_encrypt_len <= 3 * ObAesEncryption::OB_AES_BLOCK_SIZE; ++target_encrypt_len) {
data_len = ObEncryptionUtil::decrypted_length(target_encrypt_len);
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(key, key_len));
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(iv, iv_len));
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(data, data_len));
EXPECT_EQ(OB_SUCCESS, ObAesEncryption::aes_encrypt(key, key_len, data, data_len, buf_len,
iv, iv_len, mode,
encrypt_buf, encrypt_len));
EXPECT_LE(encrypt_len, target_encrypt_len);
}
}
}
TEST(TestEncryptionUtil, safe_buffer_length)
{
const int64_t buf_len = 128;
char key[OB_MAX_MASTER_KEY_LENGTH] = {0};
const int64_t key_len = OB_MAX_MASTER_KEY_LENGTH;
char iv[buf_len] = {0};
const int64_t iv_len = OB_MAX_MASTER_KEY_LENGTH;
char data[buf_len] = {0};
int64_t data_len = 0;
char encrypt_buf[buf_len] = {0};
int64_t encrypt_len = 0;
for (int i = ObAesOpMode::ob_invalid_mode + 1; i < ObAesOpMode::ob_max_mode; ++i) {
ObAesOpMode mode = static_cast<ObAesOpMode>(i);
for (data_len = 1; data_len <= 2 * ObAesEncryption::OB_AES_BLOCK_SIZE; ++data_len) {
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(key, key_len));
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(iv, iv_len));
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(data, data_len));
EXPECT_EQ(OB_SUCCESS, ObAesEncryption::aes_encrypt(key, key_len, data, data_len, buf_len,
iv, iv_len, mode,
encrypt_buf, encrypt_len));
EXPECT_GE(ObEncryptionUtil::safe_buffer_length(encrypt_len), data_len);
}
}
}
TEST(TestEncryptionUtil, encrypt_master_key)
{
const int64_t buf_len = 128;
char data[buf_len] = {0};
int64_t data_len = OB_MAX_MASTER_KEY_LENGTH;
char encrypt_buf[buf_len] = {0};
int64_t encrypt_len = 0;
char out_buf[buf_len] = {0};
int64_t out_len = 0;
uint64_t tenant_id = 123;
system("rm -rf wallet");
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().init(NULL));
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().set_root_key(tenant_id,
obrpc::RootKeyType::DEFAULT, ObString()));
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(data, data_len));
EXPECT_EQ(OB_SUCCESS, ObEncryptionUtil::encrypt_master_key(tenant_id, data, data_len,
encrypt_buf, buf_len, encrypt_len));
EXPECT_LE(encrypt_len, OB_MAX_ENCRYPTED_KEY_LENGTH);
encrypt_buf[encrypt_len] = '\0';
EXPECT_STRNE(data, encrypt_buf);
EXPECT_EQ(OB_SUCCESS, ObEncryptionUtil::decrypt_master_key(tenant_id, encrypt_buf, encrypt_len,
out_buf, buf_len, out_len));
EXPECT_EQ(data_len, out_len);
out_buf[out_len] = '\0';
EXPECT_STREQ(data, out_buf);
ObMasterKeyGetter::instance().destroy();
}
//TEST(TestWebService, store)
//{
// ObWebServiceRootAddr ws;
// ObSystemConfig sys_config;
// ASSERT_EQ(OB_SUCCESS, sys_config.init());
// ObServerConfig &config = ObServerConfig::get_instance();
// ASSERT_EQ(OB_SUCCESS, config.init(sys_config));
// ws.init(config);
// config.obconfig_url.set_value("");
// config.cluster_id.set_value("1");
// config.cluster.set_value("xr.admin");
// ObArray<ObRootAddr> rs_list;
// ObArray<ObRootAddr> readonly_rs_list;
// for (int64_t i = 0; i < 10; i++) {
// ObRootAddr rs;
// rs.server_.set_ip_addr("127.0.0.1", 9988);
// rs.sql_port_ = 1;
// ASSERT_EQ(OB_SUCCESS, rs_list.push_back(rs));
// }
// for (int64_t i = 0; i < 5; i++) {
// ObRootAddr rs;
// rs.server_.set_ip_addr("127.0.0.1", 9988);
// rs.sql_port_ = 1;
// ASSERT_EQ(OB_SUCCESS, readonly_rs_list.push_back(rs));
// }
// ASSERT_EQ(OB_SUCCESS, ws.store(rs_list, readonly_rs_list, true));
// for (int64_t i = 0; i < 800; i++) {
// ObRootAddr rs;
// rs.server_.set_ip_addr("127.0.0.1", 9988);
// rs.sql_port_ = 1;
// ASSERT_EQ(OB_SUCCESS, rs_list.push_back(rs));
// }
// for (int64_t i = 0; i < 300; i++) {
// ObRootAddr rs;
// rs.server_.set_ip_addr("127.0.0.1", 9988);
// rs.sql_port_ = 1;
// ASSERT_EQ(OB_SUCCESS, readonly_rs_list.push_back(rs));
// }
// ASSERT_EQ(OB_OBCONFIG_RETURN_ERROR, ws.store(rs_list, readonly_rs_list, true));
//
//}
} // end namespace share
} // end namespace oceanbase
int main(int argc, char **argv)
{
oceanbase::common::ObLogger::get_logger().set_log_level("INFO");
testing::InitGoogleTest(&argc, argv);
return RUN_ALL_TESTS();
}

400
unittest/share/test_master_key_getter.cpp
View File

@ -1,400 +0,0 @@
/**
* Copyright (c) 2021 OceanBase
* OceanBase CE is licensed under Mulan PubL v2.
* You can use this software according to the terms and conditions of the Mulan PubL v2.
* You may obtain a copy of Mulan PubL v2 at:
* http://license.coscl.org.cn/MulanPubL-2.0
* THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
* EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
* MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
* See the Mulan PubL v2 for more details.
*/
#define USING_LOG_PREFIX SHARE
#include <gtest/gtest.h>
#define private public
#include "share/ob_encryption_util.h"
#include "share/ob_master_key_getter.h"
#undef private
namespace oceanbase
{
namespace share
{
using namespace common;
class TestMasterKeyGetter : public ::testing::Test
{
public:
virtual void SetUp();
virtual void TearDown();
};
void TestMasterKeyGetter::SetUp()
{
system("rm -rf wallet");
int ret = ObMasterKeyGetter::instance().init(NULL);
ASSERT_EQ(OB_SUCCESS, ret);
}
void TestMasterKeyGetter::TearDown()
{
ObMasterKeyGetter::instance().stop();
ObMasterKeyGetter::instance().wait();
ObMasterKeyGetter::instance().reset();
}
TEST_F(TestMasterKeyGetter, master_key)
{
const int key_num = 3;
char orig_key_list[][key_num][OB_MAX_MASTER_KEY_LENGTH] = {
{"12345", "abcde", "54321"},
{"67890", "edcba", "09876"},
{"aaaaa", "12345", "ccccc"}
};
char *cur_key;
char data[OB_MAX_MASTER_KEY_LENGTH] = {0};
int64_t data_len = 0;
int tenant_num = sizeof(orig_key_list) / sizeof(orig_key_list[0]);
for (int i = 0; i < tenant_num; ++i) {
for (int j = 0; j < key_num; ++j) {
cur_key = orig_key_list[i][j];
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().set_master_key(i, j + 1, cur_key, strlen(cur_key)));
}
}
for (int i = 0; i < tenant_num; ++i) {
for (int j = 0; j < key_num; ++j) {
memset(data, 0, OB_MAX_MASTER_KEY_LENGTH);
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::get_master_key(i, j + 1, data, OB_MAX_MASTER_KEY_LENGTH, data_len));
EXPECT_STREQ(data, orig_key_list[i][j]);
}
}
}
TEST_F(TestMasterKeyGetter, key_serialize)
{
char orig_key_list[][OB_MAX_MASTER_KEY_LENGTH] = {
"12345",
"abcde",
"54321",
};
ObMasterKey cur_key;
ObMasterKey new_key;
int key_num = sizeof(orig_key_list) / sizeof(orig_key_list[0]);
int64_t buf_len = 2048;
char buf[buf_len];
int64_t pos = 0;
int64_t deserialize_pos = 0;
for (int i = 0; i < key_num; ++i) {
cur_key.reset();
cur_key.len_ = strlen(orig_key_list[i]);
MEMCPY(cur_key.key_, orig_key_list[i], cur_key.len_);
MEMSET(buf, 0, buf_len);
pos = 0;
deserialize_pos = 0;
new_key.reset();
EXPECT_EQ(OB_SUCCESS, cur_key.serialize(buf, buf_len, pos));
EXPECT_EQ(OB_SUCCESS, new_key.deserialize(buf, pos, deserialize_pos));
EXPECT_EQ(pos, new_key.get_serialize_size());
EXPECT_EQ(cur_key.len_, new_key.len_);
EXPECT_STREQ(cur_key.key_, new_key.key_);
}
}
TEST_F(TestMasterKeyGetter, key_algorithm)
{
uint64_t tenant_id = 1001;
ObAesOpMode key_algorithm = ObAesOpMode::ob_invalid_mode;
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::get_table_key_algorithm(tenant_id, key_algorithm));
EXPECT_EQ(ObAesOpMode::ob_aes_128_ecb, key_algorithm);
EXPECT_EQ(0, ObMasterKeyGetter::instance().tenant_table_key_algorithm_map_.size());
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().tenant_table_key_algorithm_map_.set_refactored(tenant_id, ObAesOpMode::ob_sm4_mode));
EXPECT_EQ(1, ObMasterKeyGetter::instance().tenant_table_key_algorithm_map_.size());
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::get_table_key_algorithm(tenant_id, key_algorithm));
EXPECT_EQ(ObAesOpMode::ob_sm4_mode, key_algorithm);
}
TEST_F(TestMasterKeyGetter, key_getter_serialize)
{
const int key_num = 3;
char orig_key_list[][key_num][OB_MAX_MASTER_KEY_LENGTH] = {
{"12345", "abcde", "54321"},
{"67890", "edcba", "09876"},
{"aaaaa", "12345", "ccccc"}
};
char *cur_key;
char data[OB_MAX_MASTER_KEY_LENGTH] = {0};
int64_t data_len = 0;
int tenant_num = sizeof(orig_key_list) / sizeof(orig_key_list[0]);
ObString root_key("123456");
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().set_root_key(OB_SYS_TENANT_ID,
obrpc::RootKeyType::NORMAL, root_key, false));
for (int i = 0; i < tenant_num; ++i) {
for (int j = 0; j < key_num; ++j) {
cur_key = orig_key_list[i][j];
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().set_master_key(i, j + 1, cur_key, strlen(cur_key)));
}
}
int64_t buf_len = 2048;
char buf[buf_len];
int64_t pos = 0;
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().serialize(buf, buf_len, pos));
ObMasterKeyGetter::instance().id_value_map_.reuse();
EXPECT_EQ(0, ObMasterKeyGetter::instance().id_value_map_.size());
int64_t pos_result = 0;
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().deserialize(buf, pos, pos_result));
EXPECT_EQ(pos, pos_result);
EXPECT_EQ(tenant_num * key_num, ObMasterKeyGetter::instance().id_value_map_.size());
for (int i = 0; i < tenant_num; ++i) {
for (int j = 0; j < key_num; ++j) {
memset(data, 0, OB_MAX_MASTER_KEY_LENGTH);
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::get_master_key(i, j + 1, data, OB_MAX_MASTER_KEY_LENGTH, data_len));
EXPECT_STREQ(data, orig_key_list[i][j]);
}
}
}
TEST_F(TestMasterKeyGetter, dump2file)
{
const int key_num = 3;
char orig_key_list[][key_num][OB_MAX_MASTER_KEY_LENGTH] = {
{"12345", "abcde", "54321"},
{"67890", "edcba", "09876"},
{"aaaaa", "12345", "ccccc"}
};
char *cur_key;
char data[OB_MAX_MASTER_KEY_LENGTH] = {0};
int64_t data_len = 0;
int tenant_num = sizeof(orig_key_list) / sizeof(orig_key_list[0]);
uint64_t key_version = 0;
ObAesOpMode key_algorithm = ObAesOpMode::ob_invalid_mode;
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().set_root_key(OB_SYS_TENANT_ID,
obrpc::RootKeyType::DEFAULT, ObString(), false));
for (int i = 0; i < tenant_num; ++i) {
for (int j = 0; j < key_num; ++j) {
cur_key = orig_key_list[i][j];
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().set_master_key(i, j + 1, cur_key, strlen(cur_key)));
}
}
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().set_expect_version(0, key_num + 2));
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().set_max_stored_version(0, key_num));
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().set_max_active_version(0, key_num - 2));
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().tenant_table_key_algorithm_map_.set_refactored(1, ObAesOpMode::ob_sm4_mode));
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().tenant_table_key_algorithm_map_.set_refactored(2, ObAesOpMode::ob_aes_128_ecb));
const char *keystore_file = "wallet/wallet.bin";
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().dump2file(keystore_file));
ObMasterKeyGetter::instance().id_value_map_.reuse();
ObMasterKeyGetter::instance().tenant_key_version_map_.reuse();
ObMasterKeyGetter::instance().tenant_table_key_algorithm_map_.reuse();
ObMasterKeyGetter::instance().root_key_map_.reuse();
EXPECT_EQ(0, ObMasterKeyGetter::instance().id_value_map_.size());
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().load_key(keystore_file));
EXPECT_EQ(tenant_num * key_num, ObMasterKeyGetter::instance().id_value_map_.size());
for (int i = 0; i < tenant_num; ++i) {
for (int j = 0; j < key_num; ++j) {
memset(data, 0, OB_MAX_MASTER_KEY_LENGTH);
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::get_master_key(i, j + 1, data, OB_MAX_MASTER_KEY_LENGTH, data_len));
EXPECT_STREQ(data, orig_key_list[i][j]);
}
}
EXPECT_EQ(1, ObMasterKeyGetter::instance().tenant_key_version_map_.size());
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().get_max_active_version(0, key_version));
EXPECT_EQ(key_num - 2, key_version);
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().get_max_stored_version(0, key_version));
EXPECT_EQ(key_num, key_version);
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().get_expect_version(0, key_version));
EXPECT_EQ(key_num + 2, key_version);
EXPECT_EQ(2, ObMasterKeyGetter::instance().tenant_table_key_algorithm_map_.size());
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::get_table_key_algorithm(1, key_algorithm));
EXPECT_EQ(ObAesOpMode::ob_sm4_mode, key_algorithm);
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::get_table_key_algorithm(2, key_algorithm));
EXPECT_EQ(ObAesOpMode::ob_aes_128_ecb, key_algorithm);
}
// TEST_F(TestMasterKeyGetter, compat)
// {
// const char *keystore_file = "old_wallet.test";
// EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().load_key(keystore_file));
// EXPECT_EQ(2, ObMasterKeyGetter::instance().id_value_map_.size());
// EXPECT_EQ(1, ObMasterKeyGetter::instance().tenant_key_version_map_.size());
// EXPECT_EQ(0, ObMasterKeyGetter::instance().tenant_table_key_algorithm_map_.size());
// }
TEST_F(TestMasterKeyGetter, dump_tenant_keys)
{
int64_t key_num = 5;
char key[OB_MAX_MASTER_KEY_LENGTH] = {0};
const int64_t key_len = OB_MAX_MASTER_KEY_LENGTH;
int64_t tmp_len = 0;
uint64_t src_tenant_id = 1;
uint64_t dst_tenant_id = 2;
ObMasterKeyBackup key_backup;
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().set_root_key(OB_SYS_TENANT_ID,
obrpc::RootKeyType::DEFAULT, ObString(), false));
for (int64_t i = 0; i < key_num; ++i) {
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(key, key_len));
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().set_master_key(src_tenant_id, i + 1, key, key_len));
}
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().dump_tenant_keys(src_tenant_id, key_backup.master_key_list_));
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().load_tenant_keys(dst_tenant_id, ObAesOpMode::ob_aes_128_ecb, key_backup.master_key_list_));
EXPECT_EQ(key_num * 2, ObMasterKeyGetter::instance().id_value_map_.size());
char src_key[OB_MAX_MASTER_KEY_LENGTH + 1] = {0};
char dst_key[OB_MAX_MASTER_KEY_LENGTH + 1] = {0};
for (int64_t i = 0; i < key_num; ++i) {
memset(src_key, 0, OB_MAX_MASTER_KEY_LENGTH + 1);
memset(dst_key, 0, OB_MAX_MASTER_KEY_LENGTH + 1);
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::get_master_key(src_tenant_id, i + 1, src_key, OB_MAX_MASTER_KEY_LENGTH, tmp_len));
EXPECT_EQ(tmp_len, key_len);
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::get_master_key(src_tenant_id, i + 1, dst_key, OB_MAX_MASTER_KEY_LENGTH, tmp_len));
EXPECT_EQ(tmp_len, key_len);
EXPECT_STREQ(src_key, dst_key);
}
}
TEST_F(TestMasterKeyGetter, backup_keys)
{
int64_t key_num = 5;
char key[OB_MAX_MASTER_KEY_LENGTH] = {0};
char encrypt_key[OB_MAX_MASTER_KEY_LENGTH] = {0};
const int64_t key_len = OB_MAX_MASTER_KEY_LENGTH;
int64_t tmp_len = 0;
uint64_t src_tenant_id = 1;
uint64_t dst_tenant_id = 2;
ObString backup_path("file://wallet/key.bak");
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().set_root_key(OB_SYS_TENANT_ID,
obrpc::RootKeyType::DEFAULT, ObString(), false));
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(encrypt_key, key_len));
for (int64_t i = 0; i < key_num; ++i) {
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(key, key_len));
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().set_master_key(src_tenant_id, i + 1, key, key_len));
}
ObString encrypt_key_str(key_len, encrypt_key);
EXPECT_EQ(OB_SUCCESS, ObMasterKeyUtil::backup_key(src_tenant_id, backup_path, encrypt_key_str));
EXPECT_EQ(OB_SUCCESS, ObMasterKeyUtil::restore_key(dst_tenant_id, backup_path, encrypt_key_str));
EXPECT_EQ(OB_SUCCESS, ObMasterKeyUtil::restore_key(dst_tenant_id, backup_path, encrypt_key_str));
EXPECT_EQ(key_num * 2, ObMasterKeyGetter::instance().id_value_map_.size());
char src_key[OB_MAX_MASTER_KEY_LENGTH + 1] = {0};
char dst_key[OB_MAX_MASTER_KEY_LENGTH + 1] = {0};
for (int64_t i = 0; i < key_num; ++i) {
memset(src_key, 0, OB_MAX_MASTER_KEY_LENGTH + 1);
memset(dst_key, 0, OB_MAX_MASTER_KEY_LENGTH + 1);
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::get_master_key(src_tenant_id, i + 1, src_key, OB_MAX_MASTER_KEY_LENGTH, tmp_len));
EXPECT_EQ(tmp_len, key_len);
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::get_master_key(dst_tenant_id, i + 1, dst_key, OB_MAX_MASTER_KEY_LENGTH, tmp_len));
EXPECT_EQ(tmp_len, key_len);
EXPECT_STREQ(src_key, dst_key);
}
}
TEST_F(TestMasterKeyGetter, dump_root_key)
{
const int key_num = 3;
ObRootKey key_list[key_num];
key_list[0].key_type_ = obrpc::RootKeyType::NORMAL;
key_list[0].key_ = ObString("123456");
key_list[1].key_type_ = obrpc::RootKeyType::DEFAULT;
key_list[2].key_type_ = obrpc::RootKeyType::NORMAL;
key_list[2].key_ = ObString("abcde");
for (int i = 0; i < key_num; ++i) {
ObRootKey &root_key = key_list[i];
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().set_root_key(i + 1, root_key.key_type_, root_key.key_));
}
EXPECT_EQ(key_num, ObMasterKeyGetter::instance().root_key_map_.size());
ObMasterKeyGetter::instance().root_key_map_.reuse();
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().load_root_key());
EXPECT_EQ(key_num, ObMasterKeyGetter::instance().root_key_map_.size());
for (int i = 0; i < key_num; ++i) {
ObRootKey &old_key = key_list[i];
ObRootKey cur_key;
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().get_root_key(i + 1, cur_key.key_type_, cur_key.key_));
EXPECT_EQ(old_key.key_type_, cur_key.key_type_);
EXPECT_EQ(0, old_key.key_.compare(cur_key.key_));
}
}
TEST_F(TestMasterKeyGetter, backup_root_key)
{
const int key_num = 3;
char encrypt_key_buf[OB_MAX_MASTER_KEY_LENGTH] = {0};
const int64_t key_len = OB_MAX_MASTER_KEY_LENGTH;
const char *path_format = "file://wallet/key%d.bak";
ObString path_not_exist("file://wallet/not_exist.bak");
char root_key_buf[key_num][OB_MAX_MASTER_KEY_LENGTH] = {};
ObRootKey key_list[key_num];
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(encrypt_key_buf, key_len));
ObString encrypt_key(key_len, encrypt_key_buf);
for (int i = 0; i < key_num; ++i) {
ObRootKey &root_key = key_list[i];
if (i == 1) {
root_key.key_type_ = obrpc::RootKeyType::DEFAULT;
root_key.key_.reset();
} else {
EXPECT_EQ(OB_SUCCESS, ObKeyGenerator::generate_encrypt_key(root_key_buf[i], key_len));
root_key.key_type_ = obrpc::RootKeyType::NORMAL;
root_key.key_.assign_ptr(root_key_buf[i], key_len);
}
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().set_root_key(i, root_key.key_type_, root_key.key_));
}
EXPECT_EQ(key_num, ObMasterKeyGetter::instance().root_key_map_.size());
for (int i = 0; i < key_num; ++i) {
ObBackupDest backup_dest;
char bak_path[MAX_PATH_SIZE] = {};
snprintf(bak_path, MAX_PATH_SIZE, path_format, i);
EXPECT_EQ(OB_SUCCESS, backup_dest.set(bak_path));
EXPECT_EQ(OB_SUCCESS, ObMasterKeyUtil::backup_root_key(i, backup_dest.get_root_path(),
backup_dest.get_storage_info(), encrypt_key));
}
ObMasterKeyGetter::instance().root_key_map_.reuse();
for (int i = 0; i < key_num; ++i) {
ObBackupDest backup_dest;
char bak_path[MAX_PATH_SIZE] = {};
snprintf(bak_path, MAX_PATH_SIZE, path_format, i);
EXPECT_EQ(OB_SUCCESS, backup_dest.set(bak_path));
EXPECT_EQ(OB_SUCCESS, ObMasterKeyUtil::restore_root_key(i + key_num, backup_dest.get_root_path(),
backup_dest.get_storage_info(), encrypt_key));
}
EXPECT_EQ(key_num, ObMasterKeyGetter::instance().root_key_map_.size());
for (int i = 0; i < key_num; ++i) {
ObRootKey &old_key = key_list[i];
ObRootKey cur_key;
EXPECT_EQ(OB_SUCCESS, ObMasterKeyGetter::instance().get_root_key(i + key_num, cur_key.key_type_, cur_key.key_));
EXPECT_EQ(old_key.key_type_, cur_key.key_type_);
EXPECT_EQ(0, old_key.key_.compare(cur_key.key_));
}
ObMasterKeyGetter::instance().root_key_map_.reuse();
ObBackupDest backup_dest;
EXPECT_EQ(OB_SUCCESS, backup_dest.set(path_not_exist));
EXPECT_EQ(OB_SUCCESS, ObMasterKeyUtil::restore_root_key(1, backup_dest.get_root_path(),
backup_dest.get_storage_info(), encrypt_key));
EXPECT_EQ(0, ObMasterKeyGetter::instance().root_key_map_.size());
}
} // end namespace share
} // end namespace oceanbase
int main(int argc, char **argv)
{
system("rm -rf test_master_key_getter.log* wallet");
oceanbase::common::ObLogger::get_logger().set_file_name("test_master_key_getter.log", true);
oceanbase::common::ObLogger::get_logger().set_log_level("INFO");
oceanbase::common::ObClusterVersion::get_instance().update_cluster_version(CLUSTER_VERSION_4_2_0_0);
testing::InitGoogleTest(&argc, argv);
return RUN_ALL_TESTS();
}