summaryrefslogtreecommitdiff
path: root/eaaf_core_utils/src/test
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2020-06-18 14:39:29 +0200
committerThomas Lenz <thomas.lenz@egiz.gv.at>2020-06-18 14:39:29 +0200
commit0d52fe861a46f8ba595bdd34b106c98096c4304b (patch)
tree566f30e8c6bfebddfa90b7062ec952b1bd945916 /eaaf_core_utils/src/test
parentf39a0a004bbe6b6b126218993767b897efa06745 (diff)
downloadEAAF-Components-0d52fe861a46f8ba595bdd34b106c98096c4304b.tar.gz
EAAF-Components-0d52fe861a46f8ba595bdd34b106c98096c4304b.tar.bz2
EAAF-Components-0d52fe861a46f8ba595bdd34b106c98096c4304b.zip
add symmetric-key functionality into EaafKeyStoreFactory that supports passphrase based symmetric keys and keys from HSM-Facade
Diffstat (limited to 'eaaf_core_utils/src/test')
-rw-r--r--eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java162
-rw-r--r--eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/SymmetricKeyConfigurationTest.java162
2 files changed, 324 insertions, 0 deletions
diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java
index cefb1e7e..fc945fdd 100644
--- a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java
@@ -7,6 +7,8 @@ import java.security.Provider;
import java.security.cert.X509Certificate;
import java.util.List;
+import javax.crypto.SecretKey;
+
import org.apache.commons.lang3.RandomStringUtils;
import org.junit.Assert;
import org.junit.Before;
@@ -33,6 +35,8 @@ import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils;
import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
+import at.gv.egiz.eaaf.core.impl.credential.SymmetricKeyConfiguration;
+import at.gv.egiz.eaaf.core.impl.credential.SymmetricKeyConfiguration.SymmetricKeyType;
import at.gv.egiz.eaaf.core.impl.data.Pair;
import at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap;
import io.grpc.StatusRuntimeException;
@@ -372,6 +376,67 @@ public class EaafKeyStoreFactoryTest {
}
@Test
+ @DirtiesContext
+ public void symmetricSoftwareKeyWithOutConfig() {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ SymmetricKeyConfiguration keyConfig = new SymmetricKeyConfiguration();
+ keyConfig.setFriendlyName("jUnit test");
+ keyConfig.setKeyType(SymmetricKeyType.PASSPHRASE);
+ try {
+ keyStoreFactory.buildNewSymmetricKey(keyConfig);
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e, "Wong ExceptionType");
+ Assert.assertEquals("wrong errorCode", "internal.key.00", e.getErrorId());
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void symmetricSoftwareKeyWithOutSalt() {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ SymmetricKeyConfiguration keyConfig = new SymmetricKeyConfiguration();
+ keyConfig.setFriendlyName("jUnit test");
+ keyConfig.setKeyType(SymmetricKeyType.PASSPHRASE);
+ keyConfig.setSoftKeyPassphrase(RandomStringUtils.randomAlphanumeric(10));
+ try {
+ keyStoreFactory.buildNewSymmetricKey(keyConfig);
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e, "Wong ExceptionType");
+ Assert.assertEquals("wrong errorCode", "internal.key.00", e.getErrorId());
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void symmetricSoftwareKeyValid() throws EaafException {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ SymmetricKeyConfiguration keyConfig = new SymmetricKeyConfiguration();
+ keyConfig.setFriendlyName("jUnit test");
+ keyConfig.setKeyType(SymmetricKeyType.PASSPHRASE);
+ keyConfig.setSoftKeyPassphrase(RandomStringUtils.randomAlphanumeric(10));
+ keyConfig.setSoftKeySalt(RandomStringUtils.randomAlphanumeric(10));
+
+ Pair<SecretKey, Provider> key = keyStoreFactory.buildNewSymmetricKey(keyConfig);
+ Assert.assertNotNull("Key container is null", key);
+ Assert.assertNotNull("Key is null", key.getFirst());
+ Assert.assertNull("Provider is not null", key.getSecond());
+
+ }
+
+ @Test
+ @DirtiesContext
public void hsmFacadeOnlyHostConfig() {
mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
RandomStringUtils.randomNumeric(10));
@@ -386,6 +451,7 @@ public class EaafKeyStoreFactoryTest {
}
@Test
+ @DirtiesContext
public void hsmFacadeMissingPort() {
mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
RandomStringUtils.randomNumeric(10));
@@ -405,6 +471,7 @@ public class EaafKeyStoreFactoryTest {
}
@Test
+ @DirtiesContext
public void hsmFacadeMissingUsername() {
mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
RandomStringUtils.randomNumeric(10));
@@ -423,6 +490,7 @@ public class EaafKeyStoreFactoryTest {
}
@Test
+ @DirtiesContext
public void hsmFacadeMissingPassword() {
mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
RandomStringUtils.randomNumeric(10));
@@ -442,6 +510,7 @@ public class EaafKeyStoreFactoryTest {
}
@Test
+ @DirtiesContext
public void hsmFacadeMissingTrustedCertificate() {
mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
RandomStringUtils.randomNumeric(10));
@@ -463,6 +532,7 @@ public class EaafKeyStoreFactoryTest {
}
@Test
+ @DirtiesContext
public void hsmFacadeMissingTrustedCertificateFile() {
mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
RandomStringUtils.randomNumeric(10));
@@ -486,6 +556,7 @@ public class EaafKeyStoreFactoryTest {
}
@Test
+ @DirtiesContext
public void hsmFacadeMissingWrongTrustedCertificate() {
mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
RandomStringUtils.randomNumeric(10));
@@ -579,6 +650,97 @@ public class EaafKeyStoreFactoryTest {
@Test
@DirtiesContext
+ public void symmetricHsmFacadeKeyWithOutConfig() {
+ configureHsmFacade();
+
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertTrue("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ SymmetricKeyConfiguration keyConfig = new SymmetricKeyConfiguration();
+ keyConfig.setFriendlyName("jUnit test");
+ keyConfig.setKeyType(SymmetricKeyType.HSMFACADE);
+ try {
+ keyStoreFactory.buildNewSymmetricKey(keyConfig);
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e, "Wong ExceptionType");
+ Assert.assertEquals("wrong errorCode", "internal.keystore.06", e.getErrorId());
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void symmetricHsmFacadeKeyWithOutKeyAlias() {
+ configureHsmFacade();
+
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertTrue("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ SymmetricKeyConfiguration keyConfig = new SymmetricKeyConfiguration();
+ keyConfig.setFriendlyName("jUnit test");
+ keyConfig.setKeyType(SymmetricKeyType.HSMFACADE);
+ keyConfig.setKeyStoreName("authhandler");
+ try {
+ keyStoreFactory.buildNewSymmetricKey(keyConfig);
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e, "Wong ExceptionType");
+ Assert.assertEquals("wrong errorCode", "internal.key.00", e.getErrorId());
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void symmetricHsmFacadeKeyWrongKeyAlias() {
+ configureHsmFacade();
+
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertTrue("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ SymmetricKeyConfiguration keyConfig = new SymmetricKeyConfiguration();
+ keyConfig.setFriendlyName("jUnit test");
+ keyConfig.setKeyType(SymmetricKeyType.HSMFACADE);
+ keyConfig.setKeyStoreName("authhandler");
+ keyConfig.setKeyAlias("notExist");
+
+ try {
+ keyStoreFactory.buildNewSymmetricKey(keyConfig);
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafKeyAccessException.class, e, "Wong ExceptionType");
+ Assert.assertEquals("wrong errorCode", "internal.keystore.09", e.getErrorId());
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void symmetricHsmFacadeKeyValid() throws EaafException {
+ configureHsmFacade();
+
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertTrue("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ SymmetricKeyConfiguration keyConfig = new SymmetricKeyConfiguration();
+ keyConfig.setFriendlyName("jUnit test");
+ keyConfig.setKeyType(SymmetricKeyType.HSMFACADE);
+ keyConfig.setKeyStoreName("authhandler");
+ keyConfig.setKeyAlias("aes-key-1");
+
+ Pair<SecretKey, Provider> key = keyStoreFactory.buildNewSymmetricKey(keyConfig);
+ Assert.assertNotNull("Key container is null", key);
+ Assert.assertNotNull("Key is null", key.getFirst());
+ Assert.assertNotNull("Provider is null", key.getFirst());
+
+ }
+
+ @Test
+ @DirtiesContext
public void hsmFacadeKeyStoreSuccessASitTestFacade() throws EaafException, KeyStoreException {
configureHsmFacade();
diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/SymmetricKeyConfigurationTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/SymmetricKeyConfigurationTest.java
new file mode 100644
index 00000000..eb4eb212
--- /dev/null
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/SymmetricKeyConfigurationTest.java
@@ -0,0 +1,162 @@
+package at.gv.egiz.eaaf.core.test.credentials;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.impl.credential.SymmetricKeyConfiguration;
+import at.gv.egiz.eaaf.core.impl.credential.SymmetricKeyConfiguration.SymmetricKeyType;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class SymmetricKeyConfigurationTest {
+
+ private Map<String, String> config;
+
+ @Before
+ public void testSetup() {
+ config = new HashMap<>();
+
+ }
+
+ @Test
+ public void emptyConfigMap() {
+ try {
+ SymmetricKeyConfiguration.buildFromConfigurationMap(config, "jUnitTest");
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafConfigurationException e) {
+ Assert.assertEquals("wrong errorCode", "internal.keystore.04", e.getErrorId());
+ }
+ }
+
+ @Test
+ public void emptyKeyType() {
+ try {
+ config.put("key.type", "");
+
+ SymmetricKeyConfiguration.buildFromConfigurationMap(config, "jUnitTest");
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafConfigurationException e) {
+ Assert.assertEquals("wrong errorCode", "internal.keystore.04", e.getErrorId());
+ }
+ }
+
+ @Test
+ public void unknownKeyType() {
+ try {
+ config.put("key.type", "test");
+
+ SymmetricKeyConfiguration.buildFromConfigurationMap(config, "jUnitTest");
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafConfigurationException e) {
+ Assert.assertEquals("wrong errorCode", "internal.keystore.01", e.getErrorId());
+ }
+ }
+
+ @Test
+ public void hsmFacadeKeyTypeMissingName() {
+ try {
+ config.put("key.type", "hsmfacade");
+
+ SymmetricKeyConfiguration.buildFromConfigurationMap(config, "jUnitTest");
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafConfigurationException e) {
+ Assert.assertEquals("wrong errorCode", "internal.keystore.04", e.getErrorId());
+ }
+ }
+
+ @Test
+ public void hsmFacadeKeyTypeMissingAlias() {
+ try {
+ final String keyStoreName = RandomStringUtils.randomAlphabetic(5);
+ config.put("key.type", "hsmfacade");
+ config.put("keystore.name", keyStoreName);
+
+ SymmetricKeyConfiguration.buildFromConfigurationMap(config, "jUnitTest");
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafConfigurationException e) {
+ Assert.assertEquals("wrong errorCode", "internal.keystore.04", e.getErrorId());
+ }
+ }
+
+ @Test
+ public void hsmFacadeKeyTypeSucces() throws EaafConfigurationException {
+ final String keyStoreName = RandomStringUtils.randomAlphabetic(5);
+ final String keyAlias = RandomStringUtils.randomAlphabetic(5);
+ config.put("key.type", "hsmfacade");
+ config.put("keystore.name", keyStoreName);
+ config.put("key.alias", keyAlias);
+
+ final SymmetricKeyConfiguration keyStoreConfig = SymmetricKeyConfiguration.buildFromConfigurationMap(config,
+ "jUnitTest");
+
+ Assert.assertNotNull("KeyStore config object", keyStoreConfig);
+ Assert.assertEquals("Wrong Type", SymmetricKeyType.HSMFACADE, keyStoreConfig.getKeyType());
+ Assert.assertEquals("Wrong KeyStoreName", keyStoreName, keyStoreConfig.getKeyStoreName());
+ Assert.assertEquals("Wrong KeyStoreName", keyAlias, keyStoreConfig.getKeyAlias());
+
+
+ keyStoreConfig.validate();
+
+ }
+
+ @Test
+ public void passphraseKeyTypeMissingPassphrase() {
+ try {
+ config.put("key.type", "passphrase");
+
+ SymmetricKeyConfiguration.buildFromConfigurationMap(config, "jUnitTest");
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafConfigurationException e) {
+ Assert.assertEquals("wrong errorCode", "internal.keystore.04", e.getErrorId());
+ }
+ }
+
+ @Test
+ public void passphraseKeyTypeMissingSalt() {
+ try {
+ final String passphrase = RandomStringUtils.randomAlphabetic(5);
+ config.put("key.type", "passphrase");
+ config.put("key.passphrase", passphrase);
+
+ SymmetricKeyConfiguration.buildFromConfigurationMap(config, "jUnitTest");
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafConfigurationException e) {
+ Assert.assertEquals("wrong errorCode", "internal.keystore.04", e.getErrorId());
+ }
+ }
+
+ @Test
+ public void passphraseKeyTypeSucces() throws EaafConfigurationException {
+ final String passphrase = RandomStringUtils.randomAlphabetic(5);
+ final String salt = RandomStringUtils.randomAlphabetic(5);
+ config.put("key.type", "passphrase");
+ config.put("key.passphrase", passphrase);
+ config.put("key.salt", salt);
+
+ final SymmetricKeyConfiguration keyStoreConfig = SymmetricKeyConfiguration.buildFromConfigurationMap(config,
+ "jUnitTest");
+
+ Assert.assertNotNull("KeyStore config object", keyStoreConfig);
+ Assert.assertEquals("Wrong Type", SymmetricKeyType.PASSPHRASE, keyStoreConfig.getKeyType());
+ Assert.assertEquals("Wrong KeyStoreName", passphrase, keyStoreConfig.getSoftKeyPassphrase());
+ Assert.assertEquals("Wrong KeyStoreName", salt, keyStoreConfig.getSoftKeySalt());
+
+ keyStoreConfig.validate();
+
+ }
+}
+