add jUnit tests for HSM Facade integration.

1 files changed, 32 insertions, 2 deletions

diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java
index b5727015..01c3d6f1 100644
--- a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java
@@ -42,7 +42,7 @@ import io.grpc.StatusRuntimeException;
 public class EaafKeyStoreFactoryTest {
 
   private static final String HSM_FACASE_HOST = "eid.a-sit.at";
-  private static final String HSM_FACASE_PORT = "9000";
+  private static final String HSM_FACASE_PORT = "9050";
   private static final String HSM_FACASE_SSL_TRUST = "src/test/resources/data/hsm_facade_trust_root.crt";
   private static final String HSM_FACASE_USERNAME = "authhandler-junit";
   private static final String HSM_FACASE_PASSWORD = "supersecret123";
@@ -57,6 +57,8 @@ public class EaafKeyStoreFactoryTest {
   private static final String PATH_TO_HSM_FACADE_TRUST_CERT = "src/test/resources/data/hsm_facade_trust_root.crt";
   private static final String SOFTWARE_KEYSTORE_PASSWORD = "password";
 
+  private static final String HSM_FACADE_KEY_ALIAS = "authhandler-sign";
+
   @Autowired
   private DummyAuthConfigMap mapConfig;
   @Autowired
@@ -604,7 +606,7 @@ public class EaafKeyStoreFactoryTest {
 
   @Test
   @DirtiesContext
-  public void hsmFacadeKeyStoreSuccessASitTestFacade() throws EaafException {
+  public void hsmFacadeKeyStoreSuccessASitTestFacade() throws EaafException, KeyStoreException {
     configureHsmFacade();
 
     final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
@@ -619,6 +621,34 @@ public class EaafKeyStoreFactoryTest {
     final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(keyStoreConfig);
     Assert.assertNotNull("KeyStore is null", keyStore);
 
+    //read trusted certs
+    final List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore);
+    Assert.assertNotNull("Trusted certs", trustedCerts);
+    Assert.assertEquals("Trusted certs size", 0, trustedCerts.size());
+
+    //read priv. key
+    final Pair<Key, X509Certificate[]> privCred1 = EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+        keyStore, HSM_FACADE_KEY_ALIAS, null, true, "jUnit test");
+    Assert.assertNotNull("Credential 1", privCred1);
+    Assert.assertNotNull("Credential 1 priv. key", privCred1.getFirst());
+    Assert.assertNotNull("Credential 1 certificate", privCred1.getSecond());
+
+    //read priv. key
+    final Pair<Key, X509Certificate[]> privCred2 = EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+        keyStore, HSM_FACADE_KEY_ALIAS, "shouldBeIgnord".toCharArray(), true, "jUnit test");
+    Assert.assertNotNull("Credential 2", privCred2);
+    Assert.assertNotNull("Credential 2 priv. key", privCred2.getFirst());
+    Assert.assertNotNull("Credential 2 certificate", privCred2.getSecond());
+
+    try {
+      EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+          keyStore, "notExist", "wrong".toCharArray(), true, "jUnit test");
+      Assert.fail("Wrong password not detected");
+
+    } catch (final EaafKeyAccessException e) {
+      Assert.assertEquals("wrong errorcode", "internal.keystore.09", e.getErrorId());
+    }
+
   }
 
   private void configureHsmFacade() {