summaryrefslogtreecommitdiff
path: root/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EncryptionTask.java
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EncryptionTask.java')
-rw-r--r--eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EncryptionTask.java156
1 files changed, 156 insertions, 0 deletions
diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EncryptionTask.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EncryptionTask.java
new file mode 100644
index 00000000..ac456c13
--- /dev/null
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EncryptionTask.java
@@ -0,0 +1,156 @@
+package at.gv.egiz.eaaf.core.test.credentials;
+
+import static org.junit.Assert.assertArrayEquals;
+
+import java.security.Provider;
+import java.util.concurrent.CompletableFuture;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.GCMParameterSpec;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.scheduling.annotation.Async;
+import org.springframework.scheduling.annotation.AsyncResult;
+
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.credential.SymmetricKeyConfiguration;
+import at.gv.egiz.eaaf.core.impl.credential.SymmetricKeyConfiguration.SymmetricKeyType;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap;
+import lombok.Getter;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+@Getter
+public class EncryptionTask implements Runnable {
+
+ private static final String HSM_FACASE_HOST = "eid.a-sit.at";
+ private static final String HSM_FACASE_PORT = "9050";
+ private static final String HSM_FACASE_SSL_TRUST = "src/test/resources/data/hsm_facade_trust_root.crt";
+ private static final String HSM_FACASE_USERNAME = "authhandler-junit";
+ private static final String HSM_FACASE_PASSWORD = "supersecret123";
+ private static final String PATH_TO_SOFTWARE_KEYSTORE_JKS_WITH_TRUSTED_CERTS =
+ "src/test/resources/data/junit.jks";
+ private static final String PATH_TO_SOFTWARE_KEYSTORE_JKS =
+ "src/test/resources/data/junit_without_trustcerts.jks";
+ private static final String PATH_TO_SOFTWARE_KEYSTORE_PKCS12 =
+ "src/test/resources/data/junit_without_trustcerts.p12";
+ private static final String SOFTWARE_KEYSTORE_PASSWORD = "password";
+
+ private static final String HSM_FACADE_KEY_ALIAS = "authhandler-sign";
+
+ private static final String CIPHER_MODE = "AES/GCM/NoPadding";
+ private static final int GCM_NONCE_LENGTH = 12; // in bytes
+ private static final int GCM_TAG_LENGTH = 16; // in bytes
+
+ protected static final String KEYNAME = "AES";
+
+ @Autowired
+ private DummyAuthConfigMap mapConfig;
+ @Autowired
+ private ApplicationContext context;
+
+ String keyName;
+ int rounds;
+ private Exception error;
+
+ public EncryptionTask(ApplicationContext context2, DummyAuthConfigMap mapConfig2,
+ String keyName, int rounds) {
+ this.context = context2;
+ this.mapConfig = mapConfig2;
+
+ this.keyName = keyName;
+ this.rounds = rounds;
+
+ }
+
+ @Override
+ public void run() {
+ run(this.keyName, this.rounds);
+
+ }
+
+ @Async
+ public CompletableFuture<String> run(String keyName, int rounds) {
+ try {
+ Pair<SecretKey, Provider> key = loadSymmetricKey(keyName);
+ Assert.assertNotNull("Key container is null", key);
+
+ for(int i = 0; i < rounds; i++) {
+
+ log.info("Starting threat: {} Round: {}", Thread.currentThread().getName(), i);
+
+ byte[] data = RandomStringUtils.randomAlphanumeric(1024*64).getBytes();
+ Pair<byte[], byte[]> enc = encryptData(key.getFirst(), data);
+
+ byte[] checkData = decryptData(enc, key.getFirst());
+ log.info("Finishing threat: {} Round: {}", Thread.currentThread().getName(), i);
+
+
+ assertArrayEquals("plaintext not match", data, checkData);
+
+
+
+ }
+
+ } catch (Exception e) {
+ this.error = e;
+ throw new RuntimeException(e);
+
+ }
+
+ return new AsyncResult<>("finished").completable();
+
+ }
+
+ private byte[] decryptData(Pair<byte[], byte[]> enc, SecretKey secret) throws Exception {
+ final GCMParameterSpec iv = new GCMParameterSpec(GCM_TAG_LENGTH * 8, enc.getSecond());
+ final Cipher cipher = Cipher.getInstance(CIPHER_MODE);
+ cipher.init(Cipher.DECRYPT_MODE, secret, iv);
+ return cipher.doFinal(enc.getFirst());
+
+ }
+
+
+
+ private Pair<byte[], byte[]> encryptData(SecretKey secret, byte[] toEncrypt) throws Exception {
+ final byte[] nonce = Random.nextBytes(GCM_NONCE_LENGTH);
+ final GCMParameterSpec spec = new GCMParameterSpec(GCM_TAG_LENGTH * 8, nonce);
+ final Cipher cipher = Cipher.getInstance(CIPHER_MODE);
+ cipher.init(Cipher.ENCRYPT_MODE, secret, spec);
+
+ final byte[] encdata = cipher.doFinal(toEncrypt);
+ final byte[] iv = cipher.getIV();
+
+ return Pair.newInstance(encdata, iv);
+
+ }
+
+ private Pair<SecretKey, Provider> loadSymmetricKey(String keyName) throws EaafException {
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST, HSM_FACASE_HOST);
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_PORT, HSM_FACASE_PORT);
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_SSLTRUST, HSM_FACASE_SSL_TRUST);
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME, HSM_FACASE_USERNAME);
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD, HSM_FACASE_PASSWORD);
+
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertTrue("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ SymmetricKeyConfiguration keyConfig = new SymmetricKeyConfiguration();
+ keyConfig.setFriendlyName("jUnit test");
+ keyConfig.setKeyType(SymmetricKeyType.HSMFACADE);
+ keyConfig.setKeyStoreName("authhandler");
+ keyConfig.setKeyAlias(keyName);
+
+ return keyStoreFactory.buildNewSymmetricKey(keyConfig);
+ }
+
+
+
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-30 03:09:59 +0000