summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtilsSoftwareKeyTest.java
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtilsSoftwareKeyTest.java')
-rw-r--r--eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtilsSoftwareKeyTest.java106
1 files changed, 87 insertions, 19 deletions
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtilsSoftwareKeyTest.java b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtilsSoftwareKeyTest.java
index 5b8acb16..d78bdbd7 100644
--- a/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtilsSoftwareKeyTest.java
+++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtilsSoftwareKeyTest.java
@@ -1,42 +1,110 @@
package at.gv.egiz.eaaf.modules.auth.sl20.utils;
-import java.security.Security;
+import java.security.KeyStore;
+import java.security.Provider;
import org.apache.commons.lang3.RandomStringUtils;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.junit.Assert;
-import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Base64Utils;
-import at.gv.egiz.eaaf.modules.auth.sl20.data.VerificationResult;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception;
+
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration("/spring/test_eaaf_sl20.beans.xml")
-public class JsonSecurityUtilsSoftwareKeyTest {
+public class JsonSecurityUtilsSoftwareKeyTest extends AbstractJsonSecurityUtilsTest {
- @Autowired private IJoseTools joseTools;
-
- @BeforeClass
- public static void classInitializer() {
- Security.addProvider(new BouncyCastleProvider());
-
+ @Test
+ public void invalidSignatureRandomString() {
+ try {
+ joseTools.validateSignature(RandomStringUtils.randomAlphabetic(10));
+ Assert.fail("Wrong JOSE Sig not detected");
+
+ } catch (SL20Exception e) {
+ Assert.assertEquals("Wrong errorCode", "sl20.05", e.getErrorId());
+ }
+
}
@Test
- public void simpleSigningTest() throws SL20Exception {
- String payLoad = "{\"aac\":\"" + RandomStringUtils.randomAlphanumeric(100) + "\"}";
-
- String jws = joseTools.createSignature(payLoad);
- Assert.assertNotNull("Signed msg", jws);
+ public void invalidSignatureRandomBase64UrlEncoded() {
+ String testValue = Base64Utils.encodeToUrlSafeString(RandomStringUtils.randomAlphanumeric(10).getBytes())
+ + "."
+ + Base64Utils.encodeToUrlSafeString(RandomStringUtils.randomAlphanumeric(10).getBytes())
+ + "."
+ + Base64Utils.encodeToUrlSafeString(RandomStringUtils.randomAlphanumeric(10).getBytes());
+
+ try {
+ joseTools.validateSignature(testValue);
+ Assert.fail("Wrong JOSE Sig not detected");
+
+ } catch (SL20Exception e) {
+ Assert.assertEquals("Wrong errorCode", "sl20.05", e.getErrorId());
+ }
- VerificationResult verify = joseTools.validateSignature(jws);
- Assert.assertTrue("wrong verify state", verify.isValidSigned());
+ }
+
+ @Override
+ protected void setRsaSigningKey() {
+ config.putConfigValue("modules.sl20.security.sign.alias", "meta");
+
+ }
+
+ @Override
+ protected void setEcSigningKey() {
+ config.putConfigValue("modules.sl20.security.sign.alias", "sig");
+
+ }
+
+ @Override
+ protected void setRsaEncryptionKey() {
+ config.putConfigValue("modules.sl20.security.encryption.alias", "meta");
+
+ }
+
+ @Override
+ protected void setEcEncryptionKey() {
+ config.putConfigValue("modules.sl20.security.encryption.alias", "sig");
}
+
+ @Override
+ protected Pair<KeyStore, Provider> getEncryptionKeyStore() throws EaafException {
+ KeyStoreConfiguration keyConfig = new KeyStoreConfiguration();
+ keyConfig.setFriendlyName("Junit Enc Key Rsa");
+ keyConfig.setKeyStoreType(KeyStoreType.JKS);
+ keyConfig.setSoftKeyStoreFilePath("src/test/resources/data/junit.jks");
+ keyConfig.setSoftKeyStorePassword("password");
+
+ return keyStoreFactory.buildNewKeyStore(keyConfig);
+ }
+
+ @Override
+ protected String getRsaKeyAlias() {
+ return "meta";
+ }
+
+ @Override
+ protected String getRsaKeyPassword() {
+ return "password";
+ }
+
+ @Override
+ protected String getEcKeyAlias() {
+ return "sig";
+ }
+
+ @Override
+ protected String getEcKeyPassword() {
+ return "password";
+ }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-02 23:07:30 +0000