summaryrefslogtreecommitdiff
path: root/eaaf_modules
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2020-02-17 11:33:09 +0100
committerThomas Lenz <thomas.lenz@egiz.gv.at>2020-02-17 11:33:09 +0100
commit3b7eb43b0df868e492ccd7ad2daca5e4c0053bb2 (patch)
tree93fb63193581f49f2679dc0f2e9263845927afc8 /eaaf_modules
parentdfd7c39666563e7f56fc63c275b58cc37bc2a952 (diff)
downloadEAAF-Components-3b7eb43b0df868e492ccd7ad2daca5e4c0053bb2.tar.gz
EAAF-Components-3b7eb43b0df868e492ccd7ad2daca5e4c0053bb2.tar.bz2
EAAF-Components-3b7eb43b0df868e492ccd7ad2daca5e4c0053bb2.zip
update jUnit tests to operate on HSM Facade from A-Sit+
Diffstat (limited to 'eaaf_modules')
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java50
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyCredentialProvider.java30
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt20
3 files changed, 72 insertions, 28 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java
index 22ee389f..be3f9a8f 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java
@@ -3,6 +3,15 @@ package at.gv.egiz.eaaf.modules.pvp2.test;
import java.security.cert.X509Certificate;
import java.util.List;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyAuthConfigMap;
+import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
+import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
+
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.xml.security.algorithms.JCEMapper;
import org.junit.Assert;
@@ -14,36 +23,31 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyAuthConfigMap;
-import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
-import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
-import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
-import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
-
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration({
"/spring/test_eaaf_core_map_config.beans.xml",
"/spring/SpringTest-context_lazy.xml"
})
-@TestPropertySource(locations = {"/config/config_1.props"})
public class CredentialProviderTest {
+ private static final String HSM_FACASE_HOST = "eid.a-sit.at";
+ private static final String HSM_FACASE_PORT = "9000";
+ private static final String HSM_FACASE_USERNAME = "authhandler-junit";
+ private static final String HSM_FACASE_PASSWORD = "supersecret123";
+ private static final String HSM_FACASE_SSL_TRUST = "src/test/resources/data/hsm_facade_trust_root.crt";
+
private static final String PATH_JKS_WITH_TRUST_CERTS = "src/test/resources/data/junit.jks";
private static final String PATH_JKS_WITHOUT_TRUST_CERTS = "src/test/resources/data/junit_without_trustcerts.jks";
- //private static final String HSMF_ALIAS_METADATA = "shibboleth-sign";
- //private static final String HSMF_ALIAS_SIGN = "shibboleth-sign";
- //private static final String HSMF_ALIAS_ENC = "shibboleth-sign";
-
+
+ private static final String HSM_FACASE_KEYSTORE_NAME = "authhandler";
+
private static final String ALIAS_METADATA = "meta";
private static final String ALIAS_SIGN = "sig";
private static final String ALIAS_ENC = "meta";
-
+
private static final String PASSWORD = "password";
@@ -55,6 +59,14 @@ public class CredentialProviderTest {
*/
@Before
public void initialize() {
+ config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST, HSM_FACASE_HOST);
+ config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_PORT, HSM_FACASE_PORT);
+ config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME, HSM_FACASE_USERNAME);
+ config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD, HSM_FACASE_PASSWORD);
+ config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_SSLTRUST, HSM_FACASE_SSL_TRUST);
+
+ config.putConfigValue(DummyCredentialProvider.KEYSTORE_NAME, HSM_FACASE_KEYSTORE_NAME);
+
config.putConfigValue(DummyCredentialProvider.KEYSTORE_PATH, PATH_JKS_WITH_TRUST_CERTS);
config.putConfigValue(DummyCredentialProvider.KEYSTORE_PASSWORD, PASSWORD);
@@ -66,7 +78,7 @@ public class CredentialProviderTest {
config.removeConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_ALIAS);
config.removeConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_PASSWORD);
-
+
JCEMapper.setProviderId(null);
}
@@ -404,10 +416,10 @@ public class CredentialProviderTest {
"RSA_ENC_" + RandomStringUtils.randomAlphabetic(10));
config.putConfigValue(PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_EC_ALG,
"EC-ENC_" + RandomStringUtils.randomAlphabetic(10));
-
+
try {
JCEMapper.setProviderId(RandomStringUtils.randomAlphabetic(5));
-
+
context.getBean(DummyCredentialProvider.class);
} catch (final BeansException e) {
@@ -417,7 +429,7 @@ public class CredentialProviderTest {
}
}
-
+
@Test
@DirtiesContext
public void notKeyConfiguration() {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyCredentialProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyCredentialProvider.java
index 0f8eff72..7418e1b3 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyCredentialProvider.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyCredentialProvider.java
@@ -1,18 +1,22 @@
package at.gv.egiz.eaaf.modules.pvp2.test.dummy;
-import org.springframework.beans.factory.annotation.Autowired;
-
import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider;
+import org.springframework.beans.factory.annotation.Autowired;
+
public class DummyCredentialProvider extends AbstractCredentialProvider {
@Autowired IConfiguration basicConfig;
+ public static final String KEYSTORE_TYPE = "keystore.type";
public static final String KEYSTORE_PATH = "keystore.path";
public static final String KEYSTORE_PASSWORD = "keystore.pass";
+ public static final String KEYSTORE_NAME = "keystore.name";
+
public static final String KEY_METADATA_ALIAS = "key.metadata.alias";
public static final String KEY_METADATA_PASSWORD = "key.metadata.pass";
@@ -24,23 +28,31 @@ public class DummyCredentialProvider extends AbstractCredentialProvider {
public static final String KEY_ENCRYPTION_PASSWORD = "key.enc.pass";
private static final String KEYSTORENAME = "jUnit test credential provider";
-
+
@Override
- public KeyStoreConfiguration getBasicKeyStoreConfig() {
- KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
- keyStoreConfig.setKeyStoreType(KeyStoreType.JKS);
+ public KeyStoreConfiguration getBasicKeyStoreConfig() throws EaafConfigurationException {
+ final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
keyStoreConfig.setFriendlyName(KEYSTORENAME);
-
+ keyStoreConfig.setKeyStoreType(getKeyStoreType());
+
+ keyStoreConfig.setKeyStoreName(
+ basicConfig.getBasicConfiguration(KEYSTORE_NAME));
+
keyStoreConfig.setSoftKeyStoreFilePath(getKeyStoreFilePath());
keyStoreConfig.setSoftKeyStorePassword(getKeyStorePassword());
-
+
return keyStoreConfig;
}
+ public String getKeyStoreType() {
+ return basicConfig.getBasicConfiguration(KEYSTORE_TYPE, KeyStoreType.JKS.getKeyStoreType());
+
+ }
+
public String getKeyStoreFilePath() {
final String path = basicConfig.getBasicConfiguration(KEYSTORE_PATH);
return path;
-
+
}
public String getKeyStorePassword() {
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt b/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt
new file mode 100644
index 00000000..37fdc389
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDFDCCAfygAwIBAgIEXIjqbjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARy
+b290MB4XDTE5MDMxMzExMzMwMloXDTIwMDMxMjExMzMwMlowDzENMAsGA1UEAwwE
+cm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKijWXfb7bvQ7CIw
+FuyuPUz+aN7uBgSSnpYamtzjagacdtGR2V2OVHfjVHhw+cSoNPaEEV2x0O9A+w8F
+FCatBT30l7/2scuJmrdXYlIhd17NU6HG/HKYvRYROkXrprsbdZobWqdF/zShLIvv
+0bwconAu7AxwlDgNJQz2pL0e94OkCT5rZyA4HFgzJ34XynXaCMbUbVXxVk6EuNaX
+hbyco0qhjOjSn7Rwk3iXp21V4vcYRVq44sG3ieU6jHq6LKmYSGJ1y0yv9ADYJwSp
+jCzRbOEKe/7QVvZIyzzqjhO3SAHONuFNX0V6zPCgMCjUOgHuOIEKLJR9p0YYYocX
+GBLcVuECAwEAAaN4MHYwDAYDVR0TBAUwAwEB/zA6BgNVHSMEMzAxgBQueuDUlVbB
+LBjP+iRFr6lUDBh58qETpBEwDzENMAsGA1UEAwwEcm9vdIIEXIjqbjAdBgNVHQ4E
+FgQULnrg1JVWwSwYz/okRa+pVAwYefIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB
+CwUAA4IBAQCEYSVpiKFO7FjCqTlkxNBY7e7891dq43DfX9i/Hb/AIvZDPe/RC46t
+EXd9LN7QYaXe35U5ZD1q7qmK7NoFJ9zp4D4mxA2iiBHz40GnRt+0abNdQiyw913W
+s/VIElAOv0tvCw+3SwzvLRU/AVCM1weW6IUbYv/Ty5zmLBsG3do3MmVF3cqXho2m
+pNaiubuaUsR8Ms1LqIr6R7Yf8MKSrgYWCOw60gj5O64RHnEJli52D+S/8Cue5GvG
+ECckmgLgGsRcWfFwRqqS7+XWt8Dv8xxD5vurvcs547Hn28kSHtF2i+KYLDVH2QjN
+dbO0qgEJlMPi7oGrsNjIkndrWseNrPA4
+-----END CERTIFICATE-----
+ \ No newline at end of file