From 2d79198176cd88a4a2c3d9a9edb61853183cce09 Mon Sep 17 00:00:00 2001 From: "Doroszlai, Attila" Date: Mon, 3 Apr 2023 09:09:02 +0200 Subject: [PATCH 1/7] HDDS-8361. Useless object in TestOzoneBlockTokenIdentifier --- .../hdds/security/token/TestOzoneBlockTokenIdentifier.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java b/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java index dd8c2778587f..f4b35c89b71b 100644 --- a/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java +++ b/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java @@ -302,7 +302,7 @@ public void testSymmetricTokenPerfHelper(String hmacAlgorithm, int keyLen) { } long duration = Time.monotonicNowNanos() - startTime; LOG.info("Average token sign time with {}({} symmetric key) is {} ns", - hmacAlgorithm, keyLen, duration / testTokenCount); + hmacAlgorithm, keyLen, duration / tokenPasswordSym.size()); } // TODO: verify certificate with a trust store From 332e05cf037f71d5ef68365736ae7ac2454cc9be Mon Sep 17 00:00:00 2001 From: "Doroszlai, Attila" Date: Mon, 3 Apr 2023 09:09:23 +0200 Subject: [PATCH 2/7] Delete unused method --- .../hdds/security/token/TestOzoneBlockTokenIdentifier.java | 5 ----- 1 file changed, 5 deletions(-) diff --git a/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java b/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java index f4b35c89b71b..f44fde1e074c 100644 --- a/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java +++ b/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java @@ -304,9 +304,4 @@ public void testSymmetricTokenPerfHelper(String hmacAlgorithm, int keyLen) { LOG.info("Average token sign time with {}({} symmetric key) is {} ns", hmacAlgorithm, keyLen, duration / tokenPasswordSym.size()); } - - // TODO: verify certificate with a trust store - public boolean verifyCert(Certificate certificate) { - return true; - } } From 00fbb4463740ea59a821e091129c27c71d742688 Mon Sep 17 00:00:00 2001 From: "Doroszlai, Attila" Date: Mon, 3 Apr 2023 09:10:31 +0200 Subject: [PATCH 3/7] Raw use of parameterized class --- .../hdds/security/token/TestOzoneBlockTokenIdentifier.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java b/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java index f44fde1e074c..dbc1d6d5e98e 100644 --- a/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java +++ b/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java @@ -162,12 +162,12 @@ public void testTokenSerialization() throws GeneralSecurityException, byte[] signedToken = signTokenAsymmetric(tokenId, privateKey); - Token token = new Token(tokenId.getBytes(), + Token token = new Token<>(tokenId.getBytes(), signedToken, tokenId.getKind(), new Text("host:port")); String encodeToUrlString = token.encodeToUrlString(); - TokendecodedToken = new Token(); + TokendecodedToken = new Token<>(); decodedToken.decodeFromUrlString(encodeToUrlString); OzoneBlockTokenIdentifier decodedTokenId = new OzoneBlockTokenIdentifier(); From 895da622d25cdc394445a090a8d5ef3643f14be1 Mon Sep 17 00:00:00 2001 From: "Doroszlai, Attila" Date: Mon, 3 Apr 2023 09:10:46 +0200 Subject: [PATCH 4/7] Inline variable --- .../hdds/security/token/TestOzoneBlockTokenIdentifier.java | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java b/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java index dbc1d6d5e98e..5b8737b37abd 100644 --- a/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java +++ b/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java @@ -190,8 +190,7 @@ public byte[] signTokenAsymmetric(OzoneBlockTokenIdentifier tokenId, Signature rsaSignature = Signature.getInstance("SHA256withRSA"); rsaSignature.initSign(privateKey); rsaSignature.update(tokenId.getBytes()); - byte[] signature = rsaSignature.sign(); - return signature; + return rsaSignature.sign(); } public boolean verifyTokenAsymmetric(OzoneBlockTokenIdentifier tokenId, @@ -200,8 +199,7 @@ public boolean verifyTokenAsymmetric(OzoneBlockTokenIdentifier tokenId, Signature rsaSignature = Signature.getInstance("SHA256withRSA"); rsaSignature.initVerify(certificate); rsaSignature.update(tokenId.getBytes()); - boolean isValid = rsaSignature.verify(signature); - return isValid; + return rsaSignature.verify(signature); } private byte[] signTokenSymmetric(OzoneBlockTokenIdentifier identifier, From 012d3e0d8a039ac7648009d82837f37c35701801 Mon Sep 17 00:00:00 2001 From: "Doroszlai, Attila" Date: Mon, 3 Apr 2023 09:13:35 +0200 Subject: [PATCH 5/7] Reduce method visibility --- .../token/TestOzoneBlockTokenIdentifier.java | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java b/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java index 5b8737b37abd..bfbb02ae0a87 100644 --- a/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java +++ b/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java @@ -60,7 +60,7 @@ /** * Test class for {@link OzoneBlockTokenIdentifier}. */ -public class TestOzoneBlockTokenIdentifier { +class TestOzoneBlockTokenIdentifier { private static final Logger LOG = LoggerFactory .getLogger(TestOzoneBlockTokenIdentifier.class); @@ -73,7 +73,7 @@ public class TestOzoneBlockTokenIdentifier { private static X509Certificate cert; @BeforeAll - public static void setUp() throws Exception { + static void setUp() throws Exception { File base = new File(BASEDIR); FileUtil.fullyDelete(base); base.mkdirs(); @@ -87,12 +87,12 @@ public static void setUp() throws Exception { } @AfterEach - public void cleanUp() throws Exception { + void cleanUp() { // KeyStoreTestUtil.cleanupSSLConfig(KEYSTORES_DIR, sslConfsDir); } @Test - public void testSignToken() throws GeneralSecurityException, IOException { + void testSignToken() throws GeneralSecurityException, IOException { String keystore = new File(KEYSTORES_DIR, "keystore.jks") .getAbsolutePath(); String truststore = new File(KEYSTORES_DIR, "truststore.jks") @@ -134,7 +134,7 @@ public void testSignToken() throws GeneralSecurityException, IOException { } @Test - public void testTokenSerialization() throws GeneralSecurityException, + void testTokenSerialization() throws GeneralSecurityException, IOException { String keystore = new File(KEYSTORES_DIR, "keystore.jks") .getAbsolutePath(); @@ -184,7 +184,7 @@ public void testTokenSerialization() throws GeneralSecurityException, } - public byte[] signTokenAsymmetric(OzoneBlockTokenIdentifier tokenId, + private byte[] signTokenAsymmetric(OzoneBlockTokenIdentifier tokenId, PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException { Signature rsaSignature = Signature.getInstance("SHA256withRSA"); @@ -193,7 +193,7 @@ public byte[] signTokenAsymmetric(OzoneBlockTokenIdentifier tokenId, return rsaSignature.sign(); } - public boolean verifyTokenAsymmetric(OzoneBlockTokenIdentifier tokenId, + private boolean verifyTokenAsymmetric(OzoneBlockTokenIdentifier tokenId, byte[] signature, Certificate certificate) throws InvalidKeyException, NoSuchAlgorithmException, SignatureException { Signature rsaSignature = Signature.getInstance("SHA256withRSA"); @@ -213,7 +213,7 @@ private byte[] signTokenSymmetric(OzoneBlockTokenIdentifier identifier, return mac.doFinal(identifier.getBytes()); } - OzoneBlockTokenIdentifier generateTestToken() { + private OzoneBlockTokenIdentifier generateTestToken() { return new OzoneBlockTokenIdentifier(RandomStringUtils.randomAlphabetic(6), RandomStringUtils.randomAlphabetic(5), EnumSet.allOf(HddsProtos.BlockTokenSecretProto.AccessModeProto.class), @@ -221,7 +221,7 @@ OzoneBlockTokenIdentifier generateTestToken() { } @Test - public void testAsymmetricTokenPerf() throws NoSuchAlgorithmException, + void testAsymmetricTokenPerf() throws NoSuchAlgorithmException, CertificateEncodingException, NoSuchProviderException, InvalidKeyException, SignatureException { final int testTokenCount = 1000; @@ -258,7 +258,7 @@ public void testAsymmetricTokenPerf() throws NoSuchAlgorithmException, } @Test - public void testSymmetricTokenPerf() { + void testSymmetricTokenPerf() { String hmacSHA1 = "HmacSHA1"; String hmacSHA256 = "HmacSHA256"; @@ -266,7 +266,7 @@ public void testSymmetricTokenPerf() { testSymmetricTokenPerfHelper(hmacSHA256, 1024); } - public void testSymmetricTokenPerfHelper(String hmacAlgorithm, int keyLen) { + private void testSymmetricTokenPerfHelper(String hmacAlgorithm, int keyLen) { final int testTokenCount = 1000; List tokenIds = new ArrayList<>(); List tokenPasswordSym = new ArrayList<>(); From 5da9471845bd30ab352239f6e45c59f5f24b659a Mon Sep 17 00:00:00 2001 From: "Doroszlai, Attila" Date: Mon, 3 Apr 2023 09:17:00 +0200 Subject: [PATCH 6/7] Move TestOzoneBlockTokenIdentifier to hdds-common --- .../hdds/security/token/TestOzoneBlockTokenIdentifier.java | 0 hadoop-hdds/hadoop-dependency-test/pom.xml | 4 ++++ 2 files changed, 4 insertions(+) rename hadoop-hdds/{framework => common}/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java (100%) diff --git a/hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java b/hadoop-hdds/common/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java similarity index 100% rename from hadoop-hdds/framework/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java rename to hadoop-hdds/common/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java diff --git a/hadoop-hdds/hadoop-dependency-test/pom.xml b/hadoop-hdds/hadoop-dependency-test/pom.xml index b379355d446d..a290a9e2bc64 100644 --- a/hadoop-hdds/hadoop-dependency-test/pom.xml +++ b/hadoop-hdds/hadoop-dependency-test/pom.xml @@ -54,6 +54,10 @@ https://maven.apache.org/xsd/maven-4.0.0.xsd"> + + commons-codec + commons-codec + org.apache.commons commons-compress From 62cf4e1fa8a4ced516d29eebbd0656ae305f818d Mon Sep 17 00:00:00 2001 From: "Doroszlai, Attila" Date: Mon, 3 Apr 2023 09:21:46 +0200 Subject: [PATCH 7/7] Do not ignore return value --- .../hdds/security/token/TestOzoneBlockTokenIdentifier.java | 3 ++- hadoop-hdds/framework/dev-support/findbugsExcludeFile.xml | 4 ---- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/hadoop-hdds/common/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java b/hadoop-hdds/common/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java index bfbb02ae0a87..c834e8c89c59 100644 --- a/hadoop-hdds/common/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java +++ b/hadoop-hdds/common/src/test/java/org/apache/hadoop/hdds/security/token/TestOzoneBlockTokenIdentifier.java @@ -52,6 +52,7 @@ import org.apache.hadoop.util.Time; import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.Assertions; +import org.junit.jupiter.api.Assumptions; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Test; import org.slf4j.Logger; @@ -76,7 +77,7 @@ class TestOzoneBlockTokenIdentifier { static void setUp() throws Exception { File base = new File(BASEDIR); FileUtil.fullyDelete(base); - base.mkdirs(); + Assumptions.assumeTrue(base.mkdirs()); expiryTime = Time.monotonicNow() + 60 * 60 * 24; // Create Ozone Master key pair. diff --git a/hadoop-hdds/framework/dev-support/findbugsExcludeFile.xml b/hadoop-hdds/framework/dev-support/findbugsExcludeFile.xml index a111802321e3..2f6d6d30eff2 100644 --- a/hadoop-hdds/framework/dev-support/findbugsExcludeFile.xml +++ b/hadoop-hdds/framework/dev-support/findbugsExcludeFile.xml @@ -29,8 +29,4 @@ - - - -