summaryrefslogtreecommitdiff
path: root/eaaf_core_utils/src/test/java
diff options
context:
space:
mode:
authorThomas <>2022-08-11 22:02:16 +0200
committerThomas <>2022-08-11 22:02:16 +0200
commitd0309843cf6775c215bb132283116b6442b082d6 (patch)
tree3840a8d340a0d5827d401ed9fa17b9949e5cf1e9 /eaaf_core_utils/src/test/java
parent7cd38fb12ca3329dee99d0032f7e3d4b1d7cc2ce (diff)
downloadEAAF-Components-d0309843cf6775c215bb132283116b6442b082d6.tar.gz
EAAF-Components-d0309843cf6775c215bb132283116b6442b082d6.tar.bz2
EAAF-Components-d0309843cf6775c215bb132283116b6442b082d6.zip
refact(core): move JoseUtils into 'eaaf-utils' module
Diffstat (limited to 'eaaf_core_utils/src/test/java')
-rw-r--r--eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/JoseUtilsTest.java84
1 files changed, 84 insertions, 0 deletions
diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/JoseUtilsTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/JoseUtilsTest.java
new file mode 100644
index 00000000..43002688
--- /dev/null
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/JoseUtilsTest.java
@@ -0,0 +1,84 @@
+package at.gv.egiz.eaaf.core.test.utils;
+
+import java.io.IOException;
+import java.security.NoSuchProviderException;
+import java.security.Security;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+import org.apache.commons.io.IOUtils;
+import org.jose4j.jwa.AlgorithmConstraints;
+import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
+import org.jose4j.jws.AlgorithmIdentifiers;
+import org.jose4j.lang.JoseException;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.impl.utils.JoseUtils;
+import at.gv.egiz.eaaf.core.impl.utils.JoseUtils.JwsResult;
+import iaik.security.ec.provider.ECCelerate;
+import iaik.security.provider.IAIK;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class JoseUtilsTest {
+
+ private static final List<String> BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList(
+ Arrays.asList(
+ AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256,
+ AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512,
+ AlgorithmIdentifiers.RSA_PSS_USING_SHA256,
+ AlgorithmIdentifiers.RSA_PSS_USING_SHA512));
+
+ /**
+ *jUnit test class initializer.
+ */
+ @BeforeClass
+ public static final void classInitializer() {
+ IAIK.addAsProvider();
+ ECCelerate.addAsProvider();
+
+ }
+
+ /**
+ * jUnit test class cleaner.
+ */
+ @AfterClass
+ public static final void classFinisher() {
+ Security.removeProvider(IAIK.getInstance().getName());
+ Security.removeProvider(ECCelerate.getInstance().getName());
+
+ }
+
+ @Test
+ public void testBindingAuthBlock() throws JoseException, IOException, CertificateException, NoSuchProviderException {
+
+ final String serializedContent = IOUtils.toString(JoseUtils.class.getResourceAsStream(
+ "/data/bindingAuth1.jws"), "UTF-8");
+
+ final iaik.x509.X509Certificate trustedCert = new iaik.x509.X509Certificate(JoseUtils.class
+ .getResourceAsStream("/data/bindingAuth1.crt"));
+
+ final List<X509Certificate> trustedCerts = Arrays.asList(trustedCert);
+ final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
+ BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING
+ .toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
+
+ final JwsResult result = JoseUtils.validateSignature(serializedContent, trustedCerts, constraints);
+
+ Assert.assertNotNull("JWS verify result", result);
+ Assert.assertTrue("JWS not valid", result.isValid());
+ Assert.assertNotNull("JWS payload", result.getPayLoad());
+ Assert.assertNotNull("JWS Headers", result.getFullJoseHeader());
+ Assert.assertNotNull("JWS Signercerts", result.getX5cCerts());
+ Assert.assertEquals("Signercerts size", 1, result.getX5cCerts().size());
+ Assert.assertArrayEquals("Signercerts", trustedCert.getEncoded(), result.getX5cCerts().get(0).getEncoded());
+
+ }
+}