summaryrefslogtreecommitdiff
path: root/eaaf_core_utils/src/test
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2020-02-14 15:22:13 +0100
committerThomas Lenz <thomas.lenz@egiz.gv.at>2020-02-14 15:22:13 +0100
commitc4e1a45e7958cab402d83f6f4ae208df1bb2ab58 (patch)
tree73d8118a00bc4eaf5e5a9b0981d3c660843f5a38 /eaaf_core_utils/src/test
parente23226c47807be597bbbae3891dbb94069d56836 (diff)
downloadEAAF-Components-c4e1a45e7958cab402d83f6f4ae208df1bb2ab58.tar.gz
EAAF-Components-c4e1a45e7958cab402d83f6f4ae208df1bb2ab58.tar.bz2
EAAF-Components-c4e1a45e7958cab402d83f6f4ae208df1bb2ab58.zip
add common-code for KeyStore and Credential handling
Diffstat (limited to 'eaaf_core_utils/src/test')
-rw-r--r--eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java81
-rw-r--r--eaaf_core_utils/src/test/resources/data/junit.jksbin0 -> 3980 bytes
2 files changed, 81 insertions, 0 deletions
diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java
index 805000cb..c47805e8 100644
--- a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java
@@ -1,6 +1,10 @@
package at.gv.egiz.eaaf.core.test.credentials;
+import java.security.Key;
import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.cert.X509Certificate;
+import java.util.List;
import org.apache.commons.lang3.RandomStringUtils;
import org.junit.Assert;
@@ -20,12 +24,15 @@ import com.google.common.base.Predicates;
import com.google.common.base.Throwables;
import com.google.common.collect.FluentIterable;
+import at.gv.egiz.eaaf.core.exception.EaafKeyAccessException;
import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException;
import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils;
import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
import at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap;
import io.grpc.StatusRuntimeException;
@@ -34,6 +41,8 @@ import io.grpc.StatusRuntimeException;
@DirtiesContext(methodMode = MethodMode.BEFORE_METHOD)
public class EaafKeyStoreFactoryTest {
+ private static final String PATH_TO_SOFTWARE_KEYSTORE_JKS_WITH_TRUSTED_CERTS =
+ "src/test/resources/data/junit.jks";
private static final String PATH_TO_SOFTWARE_KEYSTORE_JKS =
"src/test/resources/data/junit_without_trustcerts.jks";
private static final String PATH_TO_SOFTWARE_KEYSTORE_PKCS12 =
@@ -254,11 +263,79 @@ public class EaafKeyStoreFactoryTest {
keyStoreConfig.setSoftKeyStoreFilePath(PATH_TO_SOFTWARE_KEYSTORE_JKS);
keyStoreConfig.setSoftKeyStorePassword(SOFTWARE_KEYSTORE_PASSWORD);
+ keyStoreConfig.validate();
final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(keyStoreConfig);
Assert.assertNotNull("KeyStore is null", keyStore);
}
+
+ @Test
+ @DirtiesContext
+ public void softwareKeyStoreAccessOperations() throws EaafException, KeyStoreException {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
+ keyStoreConfig.setKeyStoreType(KeyStoreType.JKS);
+ keyStoreConfig.setSoftKeyStoreFilePath(PATH_TO_SOFTWARE_KEYSTORE_JKS_WITH_TRUSTED_CERTS);
+ keyStoreConfig.setSoftKeyStorePassword(SOFTWARE_KEYSTORE_PASSWORD);
+
+ keyStoreConfig.validate();
+
+ final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(keyStoreConfig);
+ Assert.assertNotNull("KeyStore is null", keyStore);
+
+ //read trusted certs
+ List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore);
+ Assert.assertNotNull("Trusted certs", trustedCerts);
+ Assert.assertEquals("Trusted certs size", 2, trustedCerts.size());
+
+ //read priv. key
+ Pair<Key, X509Certificate[]> privCred1 = EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+ keyStore, "meta", "password".toCharArray(), true, "jUnit test");
+ Assert.assertNotNull("Credential 1", privCred1);
+ Assert.assertNotNull("Credential 1 priv. key", privCred1.getFirst());
+ Assert.assertNotNull("Credential 1 certificate", privCred1.getSecond());
+
+ //read priv. key
+ Pair<Key, X509Certificate[]> privCred2 = EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+ keyStore, "sig", "password".toCharArray(), true, "jUnit test");
+ Assert.assertNotNull("Credential 2", privCred2);
+ Assert.assertNotNull("Credential 2 priv. key", privCred2.getFirst());
+ Assert.assertNotNull("Credential 2 certificate", privCred2.getSecond());
+
+
+ //read priv. key
+ Pair<Key, X509Certificate[]> privCred3 = EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+ keyStore, "notexist", "password".toCharArray(), false, "jUnit test");
+ Assert.assertNull("Credential 3", privCred3);
+
+ //read priv. key
+ Pair<Key, X509Certificate[]> privCred4 = EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+ keyStore, "meta", "wrong".toCharArray(), false, "jUnit test");
+ Assert.assertNull("Credential 3", privCred4);
+
+ try {
+ EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+ keyStore, "meta", "wrong".toCharArray(), true, "jUnit test");
+ Assert.fail("Wrong password not detected");
+
+ } catch (EaafKeyAccessException e) {
+ Assert.assertEquals("wrong errorcode", "internal.keystore.09", e.getErrorId());
+ }
+
+ try {
+ EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+ keyStore, "wrong", "password".toCharArray(), true, "jUnit test");
+ Assert.fail("Wrong alias not detected");
+
+ } catch (EaafKeyAccessException e) {
+ Assert.assertEquals("wrong errorcode", "internal.keystore.09", e.getErrorId());
+ }
+
+
+ }
@Test
@DirtiesContext
@@ -271,6 +348,8 @@ public class EaafKeyStoreFactoryTest {
keyStoreConfig.setSoftKeyStoreFilePath(PATH_TO_SOFTWARE_KEYSTORE_PKCS12);
keyStoreConfig.setSoftKeyStorePassword(SOFTWARE_KEYSTORE_PASSWORD);
+ keyStoreConfig.validate();
+
final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(keyStoreConfig);
Assert.assertNotNull("KeyStore is null", keyStore);
@@ -524,6 +603,8 @@ public class EaafKeyStoreFactoryTest {
keyStoreConfig.setKeyStoreType(KeyStoreType.HSMFACADE);
keyStoreConfig.setKeyStoreName("testkeyStore");
+ keyStoreConfig.validate();
+
try {
final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(keyStoreConfig);
Assert.assertNotNull("KeyStore is null", keyStore);
diff --git a/eaaf_core_utils/src/test/resources/data/junit.jks b/eaaf_core_utils/src/test/resources/data/junit.jks
new file mode 100644
index 00000000..59e6ad13
--- /dev/null
+++ b/eaaf_core_utils/src/test/resources/data/junit.jks
Binary files differ