diff options
Diffstat (limited to 'eaaf_modules/eaaf_module_auth_sl20/src/test')
18 files changed, 790 insertions, 0 deletions
diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/AbstractJsonSecurityUtilsTest.java b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/AbstractJsonSecurityUtilsTest.java new file mode 100644 index 00000000..ae4284d5 --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/AbstractJsonSecurityUtilsTest.java @@ -0,0 +1,394 @@ +package at.gv.egiz.eaaf.modules.auth.sl20.utils; + +import java.io.IOException; +import java.security.Key; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.Provider; +import java.security.Security; +import java.security.cert.CertificateEncodingException; +import java.security.cert.X509Certificate; + +import org.apache.commons.lang3.RandomStringUtils; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.jose4j.base64url.Base64Url; +import org.jose4j.jca.ProviderContext; +import org.jose4j.jwa.AlgorithmConstraints; +import org.jose4j.jwa.AlgorithmConstraints.ConstraintType; +import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; +import org.jose4j.jwe.JsonWebEncryption; +import org.jose4j.jwe.KeyManagementAlgorithmIdentifiers; +import org.jose4j.lang.JoseException; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import com.fasterxml.jackson.databind.JsonNode; + +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; +import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils; +import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration; +import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType; +import at.gv.egiz.eaaf.core.impl.data.Pair; +import at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap; +import at.gv.egiz.eaaf.modules.auth.sl20.data.VerificationResult; +import iaik.security.ec.provider.ECCelerate; +import iaik.security.provider.IAIK; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration("/spring/test_eaaf_sl20_hsm.beans.xml") +public abstract class AbstractJsonSecurityUtilsTest { + + @Autowired protected DummyAuthConfigMap config; + @Autowired protected IJoseTools joseTools; + @Autowired protected EaafKeyStoreFactory keyStoreFactory; + + /** + *jUnit test class initializer. + */ + @BeforeClass + public static void classInitializer() { + IAIK.addAsProvider(); + ECCelerate.addAsProvider(); + + Security.addProvider(new BouncyCastleProvider()); + } + + /** + * jUnit test class cleaner. + */ + @AfterClass + public static final void classFinisher() { + Security.removeProvider(IAIK.getInstance().getName()); + Security.removeProvider(ECCelerate.getInstance().getName()); + + } + + protected abstract void setRsaSigningKey(); + + protected abstract void setEcSigningKey(); + + protected abstract void setRsaEncryptionKey(); + + protected abstract void setEcEncryptionKey(); + + protected abstract Pair<KeyStore, Provider> getEncryptionKeyStore() throws EaafException; + + protected abstract String getRsaKeyAlias(); + + protected abstract String getRsaKeyPassword(); + + protected abstract String getEcKeyAlias(); + + protected abstract String getEcKeyPassword(); + + + @Test + public void fullEncryptDecrypt() throws JoseException, EaafException { + final String payLoad = "{\"aac\":\"" + RandomStringUtils.randomAlphanumeric(100) + "\"}"; + + final JsonWebEncryption jwe = new JsonWebEncryption(); + jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.ECDH_ES_A256KW); + jwe.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); + jwe.setKey(JoseUtils.convertToBcKeyIfRequired(joseTools.getEncryptionCertificate().getPublicKey())); + jwe.setX509CertSha256ThumbprintHeaderValue(joseTools.getEncryptionCertificate()); + jwe.setPayload(payLoad); + + // set special provider if required + final Pair<KeyStore, Provider> rsaEncKeyStore = getEncryptionKeyStore(); + if (rsaEncKeyStore.getSecond() != null) { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( + rsaEncKeyStore.getSecond().getName()); + providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME); + jwe.setProviderContext(providerCtx); + + } else { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME); + jwe.setProviderContext(providerCtx); + + } + + final String encData = jwe.getCompactSerialization(); + Assert.assertNotNull("JWE Encryption", encData); + + + final JsonNode decData = joseTools.decryptPayload(encData); + Assert.assertNotNull("JWE Decryption", decData); + + } + + @Test + public void encryptionRsa() throws JoseException, EaafException { + final String payLoad = "{\"aac\":\"" + RandomStringUtils.randomAlphanumeric(100) + "\"}"; + final Pair<KeyStore, Provider> rsaEncKeyStore = getEncryptionKeyStore(); + final Pair<Key, X509Certificate[]> key = EaafKeyStoreUtils.getPrivateKeyAndCertificates( + rsaEncKeyStore.getFirst(), getRsaKeyAlias(), getRsaKeyPassword().toCharArray(), + true, "jUnit RSA JWE"); + + final JsonWebEncryption jwe = new JsonWebEncryption(); + jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.RSA_OAEP_256); + jwe.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); + jwe.setKey(key.getSecond()[0].getPublicKey()); + jwe.setPayload(payLoad); + + // set special provider if required + if (rsaEncKeyStore.getSecond() != null) { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( + rsaEncKeyStore.getSecond().getName()); + jwe.setProviderContext(providerCtx); + + } + + final String encData = jwe.getCompactSerialization(); + Assert.assertNotNull("JWE", encData); + + + //decrypt it again + final JsonWebEncryption jweDecrypt = new JsonWebEncryption(); + jweDecrypt.setCompactSerialization(encData); + jweDecrypt.setKey(JoseUtils.convertToBcKeyIfRequired(key.getFirst())); + + + // set special provider if required + if (rsaEncKeyStore.getSecond() != null) { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getSuppliedKeyProviderContext().setGeneralProvider(rsaEncKeyStore.getSecond().getName()); + providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME); + jweDecrypt.setProviderContext(providerCtx); + + } else { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME); + jweDecrypt.setProviderContext(providerCtx); + + } + + String decPayload = jweDecrypt.getPayload(); + Assert.assertNotNull("decrypted Payload", decPayload); + Assert.assertEquals("Decrypted message not match", payLoad, decPayload); + + } + + @Test + public void encryptionEc() throws JoseException, EaafException { + final String payLoad = "{\"aac\":\"" + RandomStringUtils.randomAlphanumeric(100) + "\"}"; + final Pair<KeyStore, Provider> rsaEncKeyStore = getEncryptionKeyStore(); + final Pair<Key, X509Certificate[]> key = EaafKeyStoreUtils.getPrivateKeyAndCertificates( + rsaEncKeyStore.getFirst(), getEcKeyAlias(), getEcKeyPassword().toCharArray(), + true, "jUnit RSA JWE"); + + final JsonWebEncryption jwe = new JsonWebEncryption(); + jwe.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.ECDH_ES_A256KW); + jwe.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); + jwe.setKey(JoseUtils.convertToBcKeyIfRequired(key.getSecond()[0].getPublicKey())); + jwe.setPayload(payLoad); + + // set special provider if required + if (rsaEncKeyStore.getSecond() != null) { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getSuppliedKeyProviderContext().setGeneralProvider(rsaEncKeyStore.getSecond().getName()); + providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME); + jwe.setProviderContext(providerCtx); + + } else { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME); + jwe.setProviderContext(providerCtx); + + } + + final String encData = jwe.getCompactSerialization(); + + Assert.assertNotNull("JWE", encData); + + + //decrypt it again + final JsonWebEncryption jweDecrypt = new JsonWebEncryption(); + jweDecrypt.setCompactSerialization(encData); + jweDecrypt.setKey(JoseUtils.convertToBcKeyIfRequired(key.getFirst())); + + + // set special provider if required + if (rsaEncKeyStore.getSecond() != null) { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getSuppliedKeyProviderContext().setGeneralProvider(rsaEncKeyStore.getSecond().getName()); + providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME); + jweDecrypt.setProviderContext(providerCtx); + + } else { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME); + jweDecrypt.setProviderContext(providerCtx); + + } + + String decPayload = jweDecrypt.getPayload(); + Assert.assertNotNull("decrypted Payload", decPayload); + Assert.assertEquals("Decrypted message not match", payLoad, decPayload); + + } + + + @Test + public void noTrustedCert() throws CertificateEncodingException, KeyStoreException, + JoseException, IOException, EaafException { + setRsaSigningKey(); + setRsaEncryptionKey(); + + final String payLoad = "{\"aac\":\"" + RandomStringUtils.randomAlphanumeric(100) + "\"}"; + + final String jws = joseTools.createSignature(payLoad); + Assert.assertNotNull("Signed msg", jws); + + try { + joseTools.validateSignature( + jws, + keyStoreFactory.buildNewKeyStore(getSigTrustStoreConfigOnlyEc()).getFirst(), + getDefaultAlgorithmConstrains()); + Assert.fail("Wrong JOSE Sig not detected"); + + } catch (final JoseException e) { + Assert.assertEquals("Wrong errorCode", + "Can NOT select verification key for JWS. Signature verification FAILED", + e.getMessage()); + + } + } + + @Test + public void invalidSignature() throws CertificateEncodingException, KeyStoreException, + JoseException, IOException, EaafException { + setRsaSigningKey(); + setRsaEncryptionKey(); + + final String payLoad = "{\"aac\":\"" + RandomStringUtils.randomAlphanumeric(100) + "\"}"; + + final String jws = joseTools.createSignature(payLoad); + Assert.assertNotNull("Signed msg", jws); + + final String invalidJws = jws.substring(0, jws.indexOf(".")) + + "." + + Base64Url.encodeUtf8ByteRepresentation("{\"aac\":\"" + RandomStringUtils.randomAlphabetic(25) + "\"}") + + "." + + jws.substring(jws.lastIndexOf(".") + 1); + + + final VerificationResult result = joseTools.validateSignature( + invalidJws, + keyStoreFactory.buildNewKeyStore(getSigTrustStoreConfigValid()).getFirst(), + getDefaultAlgorithmConstrains()); + + Assert.assertFalse("wrong sig. verification state", result.isValidSigned()); + + } + + @Test + public void validSigningRsa() throws CertificateEncodingException, KeyStoreException, + JoseException, IOException, EaafException { + setRsaSigningKey(); + setRsaEncryptionKey(); + + final String payLoad = "{\"aac\":\"" + RandomStringUtils.randomAlphanumeric(100) + "\"}"; + + final String jws = joseTools.createSignature(payLoad); + Assert.assertNotNull("Signed msg", jws); + + final VerificationResult verify = joseTools.validateSignature( + jws, + keyStoreFactory.buildNewKeyStore(getSigTrustStoreConfigValid()).getFirst(), + getDefaultAlgorithmConstrains()); + Assert.assertTrue("wrong verify state", verify.isValidSigned()); + Assert.assertNotNull("JWS Header", verify.getJoseHeader()); + Assert.assertNotNull("JWS Payload", verify.getPayload()); + Assert.assertNotNull("CertChain", verify.getCertChain()); + + + } + + @Test + public void validSigningRsaPss() throws CertificateEncodingException, KeyStoreException, + JoseException, IOException, EaafException { + + // + config.putConfigValue("modules.sl20.security.sigalg.rsa", "PS256"); + + setRsaSigningKey(); + setRsaEncryptionKey(); + + final String payLoad = "{\"aac\":\"" + RandomStringUtils.randomAlphanumeric(100) + "\"}"; + + final String jws = joseTools.createSignature(payLoad); + Assert.assertNotNull("Signed msg", jws); + + final VerificationResult verify = joseTools.validateSignature( + jws, + keyStoreFactory.buildNewKeyStore(getSigTrustStoreConfigValid()).getFirst(), + getDefaultAlgorithmConstrains()); + Assert.assertTrue("wrong verify state", verify.isValidSigned()); + Assert.assertNotNull("JWS Header", verify.getJoseHeader()); + Assert.assertNotNull("JWS Payload", verify.getPayload()); + Assert.assertNotNull("CertChain", verify.getCertChain()); + + + } + + @Test + public void validSigningEc() throws CertificateEncodingException, KeyStoreException, + JoseException, IOException, EaafException { + setEcSigningKey(); + setEcEncryptionKey(); + + final String payLoad = "{\"aac\":\"" + RandomStringUtils.randomAlphanumeric(100) + "\"}"; + + final String jws = joseTools.createSignature(payLoad); + Assert.assertNotNull("Signed msg", jws); + + final VerificationResult verify = joseTools.validateSignature( + jws, + keyStoreFactory.buildNewKeyStore(getSigTrustStoreConfigValid()).getFirst(), + getDefaultAlgorithmConstrains()); + Assert.assertTrue("wrong verify state", verify.isValidSigned()); + Assert.assertNotNull("JWS Header", verify.getJoseHeader()); + Assert.assertNotNull("JWS Payload", verify.getPayload()); + Assert.assertNotNull("CertChain", verify.getCertChain()); + + } + + protected KeyStoreConfiguration getSigTrustStoreConfigValid() { + final KeyStoreConfiguration trustConfig = new KeyStoreConfiguration(); + trustConfig.setFriendlyName("jUnit TrustStore"); + trustConfig.setKeyStoreType(KeyStoreType.JKS); + trustConfig.setSoftKeyStoreFilePath("src/test/resources/data/junit.jks"); + trustConfig.setSoftKeyStorePassword("password"); + + return trustConfig; + + } + + protected KeyStoreConfiguration getSigTrustStoreConfigOnlyEc() { + final KeyStoreConfiguration trustConfig = new KeyStoreConfiguration(); + trustConfig.setFriendlyName("jUnit TrustStore"); + trustConfig.setKeyStoreType(KeyStoreType.JKS); + trustConfig.setSoftKeyStoreFilePath("src/test/resources/data/junit_no_rsa.jks"); + trustConfig.setSoftKeyStorePassword("password"); + + return trustConfig; + + } + + private AlgorithmConstraints getDefaultAlgorithmConstrains() { + return new AlgorithmConstraints(ConstraintType.WHITELIST, + SL20Constants.SL20_ALGORITHM_WHITELIST_SIGNING + .toArray(new String[SL20Constants.SL20_ALGORITHM_WHITELIST_SIGNING.size()])); + } + +} diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtilsTest.java b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtilsTest.java new file mode 100644 index 00000000..b5a7639e --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtilsTest.java @@ -0,0 +1,83 @@ +package at.gv.egiz.eaaf.modules.auth.sl20.utils; + +import java.io.IOException; +import java.security.NoSuchProviderException; +import java.security.Security; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import java.util.Arrays; +import java.util.Collections; +import java.util.List; + +import org.apache.commons.io.IOUtils; +import org.jose4j.jwa.AlgorithmConstraints; +import org.jose4j.jwa.AlgorithmConstraints.ConstraintType; +import org.jose4j.jws.AlgorithmIdentifiers; +import org.jose4j.lang.JoseException; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +import at.gv.egiz.eaaf.modules.auth.sl20.utils.JoseUtils.JwsResult; +import iaik.security.ec.provider.ECCelerate; +import iaik.security.provider.IAIK; + +@RunWith(BlockJUnit4ClassRunner.class) +public class JoseUtilsTest { + + private static final List<String> BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList( + Arrays.asList( + AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256, + AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512, + AlgorithmIdentifiers.RSA_PSS_USING_SHA256, + AlgorithmIdentifiers.RSA_PSS_USING_SHA512)); + + /** + *jUnit test class initializer. + */ + @BeforeClass + public static final void classInitializer() { + IAIK.addAsProvider(); + ECCelerate.addAsProvider(); + + } + + /** + * jUnit test class cleaner. + */ + @AfterClass + public static final void classFinisher() { + Security.removeProvider(IAIK.getInstance().getName()); + Security.removeProvider(ECCelerate.getInstance().getName()); + + } + + @Test + public void testBindingAuthBlock() throws JoseException, IOException, CertificateException, NoSuchProviderException { + + final String serializedContent = IOUtils.toString(JoseUtils.class.getResourceAsStream( + "/data/bindingAuth1.jws"), "UTF-8"); + + final iaik.x509.X509Certificate trustedCert = new iaik.x509.X509Certificate(JoseUtils.class + .getResourceAsStream("/data/bindingAuth1.crt")); + + final List<X509Certificate> trustedCerts = Arrays.asList(trustedCert); + final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT, + BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING + .toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()])); + + final JwsResult result = JoseUtils.validateSignature(serializedContent, trustedCerts, constraints); + + Assert.assertNotNull("JWS verify result", result); + Assert.assertTrue("JWS not valid", result.isValid()); + Assert.assertNotNull("JWS payload", result.getPayLoad()); + Assert.assertNotNull("JWS Headers", result.getFullJoseHeader()); + Assert.assertNotNull("JWS Signercerts", result.getX5cCerts()); + Assert.assertEquals("Signercerts size", 1, result.getX5cCerts().size()); + Assert.assertArrayEquals("Signercerts", trustedCert.getEncoded(), result.getX5cCerts().get(0).getEncoded()); + + } +} diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtilsHsmKeyTest.java b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtilsHsmKeyTest.java new file mode 100644 index 00000000..b01330d2 --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtilsHsmKeyTest.java @@ -0,0 +1,86 @@ +package at.gv.egiz.eaaf.modules.auth.sl20.utils; + +import java.security.KeyStore; +import java.security.Provider; + +import org.apache.commons.lang3.StringUtils; +import org.junit.Before; +import org.junit.runner.RunWith; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration; +import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType; +import at.gv.egiz.eaaf.core.impl.data.Pair; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration("/spring/test_eaaf_sl20_hsm.beans.xml") +public class JsonSecurityUtilsHsmKeyTest extends AbstractJsonSecurityUtilsTest { + + /** + * Initialize jUnit test. + */ + @Before + public void initialize() { + config.putConfigValue("modules.sl20.security.sigalg.rsa", "RS256"); + config.putConfigValue("modules.sl20.security.sigalg.ecc", "ES256"); + + } + + @Override + protected void setRsaSigningKey() { + config.putConfigValue("modules.sl20.security.sign.alias", "rsa-key-1"); + + } + + @Override + protected void setEcSigningKey() { + config.putConfigValue("modules.sl20.security.sign.alias", "ec-key-1"); + + } + + @Override + protected void setRsaEncryptionKey() { + config.putConfigValue("modules.sl20.security.encryption.alias", "rsa-key-1"); + + } + + @Override + protected void setEcEncryptionKey() { + config.putConfigValue("modules.sl20.security.encryption.alias", "ec-key-1"); + + } + + @Override + protected Pair<KeyStore, Provider> getEncryptionKeyStore() throws EaafException { + final KeyStoreConfiguration keyConfig = new KeyStoreConfiguration(); + keyConfig.setFriendlyName("Junit Enc Key Rsa"); + keyConfig.setKeyStoreType(KeyStoreType.HSMFACADE); + keyConfig.setKeyStoreName("eid-junit"); + + return keyStoreFactory.buildNewKeyStore(keyConfig); + } + + @Override + protected String getRsaKeyAlias() { + return "rsa-key-1"; + } + + @Override + protected String getRsaKeyPassword() { + return StringUtils.EMPTY; + } + + @Override + protected String getEcKeyAlias() { + return "ec-key-1"; + } + + @Override + protected String getEcKeyPassword() { + return StringUtils.EMPTY; + } + + +} diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtilsSoftwareKeyTest.java b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtilsSoftwareKeyTest.java new file mode 100644 index 00000000..d78bdbd7 --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JsonSecurityUtilsSoftwareKeyTest.java @@ -0,0 +1,110 @@ +package at.gv.egiz.eaaf.modules.auth.sl20.utils; + +import java.security.KeyStore; +import java.security.Provider; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import org.springframework.util.Base64Utils; + +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration; +import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType; +import at.gv.egiz.eaaf.core.impl.data.Pair; +import at.gv.egiz.eaaf.modules.auth.sl20.exceptions.SL20Exception; + + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration("/spring/test_eaaf_sl20.beans.xml") +public class JsonSecurityUtilsSoftwareKeyTest extends AbstractJsonSecurityUtilsTest { + + @Test + public void invalidSignatureRandomString() { + try { + joseTools.validateSignature(RandomStringUtils.randomAlphabetic(10)); + Assert.fail("Wrong JOSE Sig not detected"); + + } catch (SL20Exception e) { + Assert.assertEquals("Wrong errorCode", "sl20.05", e.getErrorId()); + } + + } + + @Test + public void invalidSignatureRandomBase64UrlEncoded() { + String testValue = Base64Utils.encodeToUrlSafeString(RandomStringUtils.randomAlphanumeric(10).getBytes()) + + "." + + Base64Utils.encodeToUrlSafeString(RandomStringUtils.randomAlphanumeric(10).getBytes()) + + "." + + Base64Utils.encodeToUrlSafeString(RandomStringUtils.randomAlphanumeric(10).getBytes()); + + try { + joseTools.validateSignature(testValue); + Assert.fail("Wrong JOSE Sig not detected"); + + } catch (SL20Exception e) { + Assert.assertEquals("Wrong errorCode", "sl20.05", e.getErrorId()); + } + + } + + @Override + protected void setRsaSigningKey() { + config.putConfigValue("modules.sl20.security.sign.alias", "meta"); + + } + + @Override + protected void setEcSigningKey() { + config.putConfigValue("modules.sl20.security.sign.alias", "sig"); + + } + + @Override + protected void setRsaEncryptionKey() { + config.putConfigValue("modules.sl20.security.encryption.alias", "meta"); + + } + + @Override + protected void setEcEncryptionKey() { + config.putConfigValue("modules.sl20.security.encryption.alias", "sig"); + + } + + @Override + protected Pair<KeyStore, Provider> getEncryptionKeyStore() throws EaafException { + KeyStoreConfiguration keyConfig = new KeyStoreConfiguration(); + keyConfig.setFriendlyName("Junit Enc Key Rsa"); + keyConfig.setKeyStoreType(KeyStoreType.JKS); + keyConfig.setSoftKeyStoreFilePath("src/test/resources/data/junit.jks"); + keyConfig.setSoftKeyStorePassword("password"); + + return keyStoreFactory.buildNewKeyStore(keyConfig); + } + + @Override + protected String getRsaKeyAlias() { + return "meta"; + } + + @Override + protected String getRsaKeyPassword() { + return "password"; + } + + @Override + protected String getEcKeyAlias() { + return "sig"; + } + + @Override + protected String getEcKeyPassword() { + return "password"; + } + +} diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/bindingAuth1.crt b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/bindingAuth1.crt new file mode 100644 index 00000000..11c17e71 --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/bindingAuth1.crt @@ -0,0 +1,3 @@ +-----BEGIN CERTIFICATE----- +MIIBXzCCAQWgAwIBAgIIPuBGtvo16nUwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPRHVtbXlQa2lTZXJ2aWNlMB4XDTIwMTAwNzEyMTAyMVoXDTIxMTAwNzEyMTAyMVowUTEpMCcGA1UEAwwgNWMzM2Q3MjdlY2YzZTAyYTE2NmYzYWI2NWZiYTEzOGExFDASBgNVBAoMC0VJRC1ERVYtUEtJMQ4wDAYDVQQLDAVULUVudjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABACA6RBPYIX3i0+TqYq2gb3XAD0B1/tee3/lP8sPc+tt6GFDN0Vsos77VojhRQnGRndmoWi9OW7KS5uQe+5++W8wCgYIKoZIzj0EAwIDSAAwRQIhAO7NlM4YfnapZ9Vam/LF/5ASPGbN4SK0fK4bhGHQw8yIAiB77JHkZIaDtgCcv7CSPf/mvldSf5ViPelhuZBPSLRUsQ== +-----END CERTIFICATE----- diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/bindingAuth1.jws b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/bindingAuth1.jws new file mode 100644 index 00000000..6ba84d97 --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/bindingAuth1.jws @@ -0,0 +1 @@ +eyJ4NWMiOlsiTUlJQlh6Q0NBUVdnQXdJQkFnSUlQdUJHdHZvMTZuVXdDZ1lJS29aSXpqMEVBd0l3R2pFWU1CWUdBMVVFQXd3UFJIVnRiWGxRYTJsVFpYSjJhV05sTUI0WERUSXdNVEF3TnpFeU1UQXlNVm9YRFRJeE1UQXdOekV5TVRBeU1Wb3dVVEVwTUNjR0ExVUVBd3dnTldNek0yUTNNamRsWTJZelpUQXlZVEUyTm1ZellXSTJOV1ppWVRFek9HRXhGREFTQmdOVkJBb01DMFZKUkMxRVJWWXRVRXRKTVE0d0RBWURWUVFMREFWVUxVVnVkakJaTUJNR0J5cUdTTTQ5QWdFR0NDcUdTTTQ5QXdFSEEwSUFCQUNBNlJCUFlJWDNpMCtUcVlxMmdiM1hBRDBCMVwvdGVlM1wvbFA4c1BjK3R0NkdGRE4wVnNvczc3Vm9qaFJRbkdSbmRtb1dpOU9XN0tTNXVRZSs1KytXOHdDZ1lJS29aSXpqMEVBd0lEU0FBd1JRSWhBTzdObE00WWZuYXBaOVZhbVwvTEZcLzVBU1BHYk40U0swZks0YmhHSFF3OHlJQWlCNzdKSGtaSWFEdGdDY3Y3Q1NQZlwvbXZsZFNmNVZpUGVsaHVaQlBTTFJVc1E9PSJdLCJ0eXAiOiJiaW5kaW5nQXV0aCIsImFsZyI6IkVTMjU2In0.MzIxZmVmYTQtODVkOC00YmE5LWE0MmUtYWY4MzM3YTEyNTA1.diiXXegwv3Gu6ezJRxf7F5BnRxNhTnBXJ0D5RX4OqDxs2QvfzSPA4mOkUed18_56aILMBLVL-XIMszNILfp7OA
\ No newline at end of file diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/config1.properties b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/config1.properties new file mode 100644 index 00000000..f58e3da9 --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/config1.properties @@ -0,0 +1,19 @@ +security.hsmfacade.host=eid.a-sit.at +security.hsmfacade.port=9050 +security.hsmfacade.trustedsslcert=src/test/resources/data/hsm_facade_trust_root.crt +security.hsmfacade.username=authhandler-junit +security.hsmfacade.password=supersecret123 + +modules.sl20.security.keystore.type=jks +modules.sl20.security.keystore.path=src/test/resources/data/junit.jks +modules.sl20.security.keystore.password=password +modules.sl20.security.keystore.name= +modules.sl20.security.sign.alias=sig +modules.sl20.security.sign.password=password +modules.sl20.security.encryption.alias=meta +modules.sl20.security.encryption.password=password + +modules.sl20.security.truststore.type=jks +modules.sl20.security.truststore.path=src/test/resources/data/junit.jks +modules.sl20.security.truststore.password=password +modules.sl20.security.truststore.name=
\ No newline at end of file diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/config2.properties b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/config2.properties new file mode 100644 index 00000000..ff99dcef --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/config2.properties @@ -0,0 +1,19 @@ +security.hsmfacade.host=eid.a-sit.at +security.hsmfacade.port=9050 +security.hsmfacade.trustedsslcert=src/test/resources/data/hsm_facade_trust_root.crt +security.hsmfacade.username=authhandler-junit +security.hsmfacade.password=supersecret123 + +modules.sl20.security.keystore.type=hsmfacade +modules.sl20.security.keystore.path= +modules.sl20.security.keystore.password= +modules.sl20.security.keystore.name=eid-junit +modules.sl20.security.sign.alias=rsa-key-1 +modules.sl20.security.sign.password= +modules.sl20.security.encryption.alias=ec-key-1 +modules.sl20.security.encryption.password= + +modules.sl20.security.truststore.type=hsmfacade +modules.sl20.security.truststore.path=src/test/resources/data/junit.jks +modules.sl20.security.truststore.password= +modules.sl20.security.truststore.name=eid-junit
\ No newline at end of file diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/hsm_ec.crt b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/hsm_ec.crt new file mode 100644 index 00000000..ad780a21 --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/hsm_ec.crt @@ -0,0 +1,3 @@ +-----BEGIN CERTIFICATE----- +MIIBQTCB56ADAgECAghqWvzGZbotTjAKBggqhkjOPQQDAjASMRAwDgYDVQQDDAdFQy1Sb290MB4XDTIwMDYxODA3MzYwOVoXDTI1MDYxODA3MzYwOVowOzEaMBgGA1UEAwwRaW50LWVjLWtleS0xLTAwMDExETAPBgNVBAoMCHNvZnR3YXJlMQowCAYDVQQFEwExMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEMYva5n1ISLX4bZdG9ecGVNVId7OEY4Yjeu+4kk+nbppxNMj6JX5tO2iCCpgHlKC5WWTSJyxSQh3CoLzc8XLUmjAKBggqhkjOPQQDAgNJADBGAiEAiegmUzDThtinnuUwsHXwdr4Y/XUednOyIy7RBeClvyYCIQC/v5NZzg+H6FUrQ2nds2hlB6sD7z5cZPJcqm8+S0wYCw== +-----END CERTIFICATE----- diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/hsm_facade_trust_root.crt b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/hsm_facade_trust_root.crt new file mode 100644 index 00000000..204ddccf --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/hsm_facade_trust_root.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIByzCCAXGgAwIBAgIEYC5cIjAKBggqhkjOPQQDAjA7MRMwEQYDVQQKDApBLVNJ +VCBQbHVzMRIwEAYDVQQLDAlIc21GYWNhZGUxEDAOBgNVBAMMB0VDIFJvb3QwHhcN +MjEwMjE4MTIyMjU4WhcNMzEwMjE4MTIyMjU4WjA7MRMwEQYDVQQKDApBLVNJVCBQ +bHVzMRIwEAYDVQQLDAlIc21GYWNhZGUxEDAOBgNVBAMMB0VDIFJvb3QwWTATBgcq +hkjOPQIBBggqhkjOPQMBBwNCAARK1UAE+T3xYsoI0VkRcP20jPwTd2MePMkXRsSR +lpqPMQ6dPMlxPmAzWK33DWPFAFMY8+ecF0J8t2D+5RiJSSB+o2MwYTAPBgNVHRMB +Af8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBT1v6FCAwJIM8kv +JD7gVjdGXqhcYjAdBgNVHQ4EFgQU9b+hQgMCSDPJLyQ+4FY3Rl6oXGIwCgYIKoZI +zj0EAwIDSAAwRQIhAI+5lHyNCQfyj8c0pdBDVWY3fkCOj9ZTJ/hqgW+6TIQBAiBS +jn7uIj7tGm+f0RgXMbhcgtQhYgVwf0x8OnRwmDOwaw== +-----END CERTIFICATE----- diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/hsm_rsa.crt b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/hsm_rsa.crt new file mode 100644 index 00000000..aa83c8d9 --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/hsm_rsa.crt @@ -0,0 +1,3 @@ +-----BEGIN CERTIFICATE----- +MIICDTCCAbOgAwIBAgIIVLxIFI8kRpkwCgYIKoZIzj0EAwIwEjEQMA4GA1UEAwwHRUMtUm9vdDAeFw0yMDA2MTgwNzM2MTBaFw0yNTA2MTgwNzM2MTBaMDwxGzAZBgNVBAMMEmludC1yc2Eta2V5LTEtMDAwMTERMA8GA1UECgwIc29mdHdhcmUxCjAIBgNVBAUTATEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrM1ocQqtch95Dm21JHi0V35nlWZibsjLqR+g8ERdD1qFgun/X0I/Rbft+KxB8QsDX7UmIjXGdavNcEjY/XcbiJxUcpv7vn/2+x3JxZO6Iye/ut001okICt3OGIqP93ZEnIaTTNhDsK7OnvD/eUjlmuHiTaFq1dZLKYDQlz9jl/9F4axfrz1V7oo60iqFIW+7tlUeh8VGDUPjQpHghzjHXTJv/OIAt752K31Tn8KR3kvkn6WTPo8eOWVaPQ480Dik0e2afTPPJNZJ7BW111IwqBAOKp586yVsQ4XVEF8H64Cq+s+b4/HBboo9TDJKTJvo2yQmcTsahbH+Rlm20ifUTAgMBAAEwCgYIKoZIzj0EAwIDSAAwRQIhANKN/N2Atb5fbeHSB2Myv/JcNf9JonxFe92AOu4f62NNAiBjOEeg4OyJZKPiDl6aqYVtz1Qroo6xzUC9UVA4qNe4LA== +-----END CERTIFICATE----- diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/junit.jks b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/junit.jks Binary files differnew file mode 100644 index 00000000..a18df332 --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/junit.jks diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/junit_no_rsa.jks b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/junit_no_rsa.jks Binary files differnew file mode 100644 index 00000000..370cf19e --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/junit_no_rsa.jks diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/software_ec.crt b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/software_ec.crt new file mode 100644 index 00000000..5311f3f1 --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/software_ec.crt @@ -0,0 +1,3 @@ +-----BEGIN CERTIFICATE----- +MIIBbTCCARKgAwIBAgIEXjF+qTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJBVDENMAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcwHhcNMjAwMTI5MTI0NjMzWhcNMjcwMTI4MTI0NjMzWjA+MQswCQYDVQQGEwJBVDENMAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxEDAOBgNVBAMMB3NpZ25pbmcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASRt7gZRrr4rSEE7Q922oKQJF+mlkwCLZnv8ZzHtH54s4VdyQFIBjQF1PPf9PTn+5tid8QJehZPndcoeD7J8fPJMAoGCCqGSM49BAMCA0kAMEYCIQDFUO0owvqMVRO2FmD+vb8mqJBpWCE6Cl5pEHaygTa5LwIhANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L +-----END CERTIFICATE----- diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/software_rsa.crt b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/software_rsa.crt new file mode 100644 index 00000000..c70f5031 --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/software_rsa.crt @@ -0,0 +1,3 @@ +-----BEGIN CERTIFICATE----- +MIIC+jCCAeKgAwIBAgIEXjF+fTANBgkqhkiG9w0BAQsFADA/MQswCQYDVQQGEwJBVDENMAsGA1UEBwwERUdJWjEOMAwGA1UECgwFalVuaXQxETAPBgNVBAMMCE1ldGFkYXRhMB4XDTIwMDEyOTEyNDU0OVoXDTI2MDEyODEyNDU0OVowPzELMAkGA1UEBhMCQVQxDTALBgNVBAcMBEVHSVoxDjAMBgNVBAoMBWpVbml0MREwDwYDVQQDDAhNZXRhZGF0YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK230G3dxNbNlSYAO5Kx/Js0aBAgxMt7q9m+dA35fK/dOvF/GjrqjWsMCnax+no9gLnq6x0gXiJclz6Hrp/YDOfLrJjMpNL/r0FWT947vbnEj7eT8TdY5d6Yi8AZulZmjiCI5nbZh2zwrP4+WqRroLoPhXQj8mDyp26M4xHBBUhLMRc2HV4S+XH4uNZ/vTmb8vBg31XGHCY33gl7/KA54JNGxJdN8Dxv6yHYsm91ZfVrX39W0iYLUNhUCkolwuQmjDVfrExM8BTLIONbf+erJoCm3A9ghZyDYRQ/e69/UEUqDa6XOzykr88INkQscEiAXCDS+EBPMpKo+t3lPIA9r7kCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAh/2mg4S03bdZy1OVtEAudBT9YZb9OF34hxPtNbkB/V04wSIg1d4TBr5KDhV7CdiUOxPZzHpS8LUCgfGX306FB6NXzh/b67uTOPaE72AB4VIT/Np0fsM7k5WhG9k9NoprIGiqCz2lXcfpZiT+LtSO1vWSYI87wR9KOSWjcw/5i5qZIAJuwvLCQj5JtUsmrhHK75222J3TJf4dS/gfN4xfY2rW9vcXtH6//8WdWp/zx9V7Z1ZsDb8TDKtBCEGuFDgVeU5ScKtVq8qRoUKD3Ve76cZipurO3KrRrVAuZP2EfLkZdHEHqe8GPigNnZ5kTn8V2VJ3iRAQ73hpJRR98tFd0A== +-----END CERTIFICATE----- diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/test.crt b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/test.crt new file mode 100644 index 00000000..76c18361 --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/data/test.crt @@ -0,0 +1,3 @@ +-----BEGIN CERTIFICATE----- +MIIEXDCCA0SgAwIBAgIEY4Qn3zANBgkqhkiG9w0BAQsFADCBpzELMAkGA1UEBhMCQVQxSDBGBgNVBAoMP0EtVHJ1c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUgaW0gZWxla3RyLiBEYXRlbnZlcmtlaHIgR21iSDEmMCQGA1UECwwdYS1zaWduLVRlc3QtUHJlbWl1bS1Nb2JpbGUtMDUxJjAkBgNVBAMMHWEtc2lnbi1UZXN0LVByZW1pdW0tTW9iaWxlLTA1MB4XDTE5MTIxMzEzNDg0N1oXDTI0MTIxMzEzNDg0N1owYDELMAkGA1UEBhMCQVQxFzAVBgNVBAMMDk1heCBNdXN0ZXJtYW5uMRMwEQYDVQQEDApNdXN0ZXJtYW5uMQwwCgYDVQQqDANNYXgxFTATBgNVBAUTDDgxNjkyMjY1ODM0ODBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABAUAVvbow4O/DMA5ZZoPHQXe0rtf86lvH8GLM/Crz1vvRYyQ5D4ESYRFy+s3zHdLqhE4l8I95i9jz2qTvof46mqjggGfMIIBmzCBggYIKwYBBQUHAQEEdjB0MEkGCCsGAQUFBzAChj1odHRwOi8vd3d3LmEtdHJ1c3QuYXQvY2VydHMvYS1zaWduLXRlc3QtcHJlbWl1bS1tb2JpbGUtMDUuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hLXRydXN0LmF0L29jc3AwEwYDVR0jBAwwCoAITuhoD/7N29AwEQYDVR0OBAoECEyqhgBwLul2MA4GA1UdDwEB/wQEAwIGwDAJBgNVHRMEAjAAMIGGBgNVHSAEfzB9MHsGBiooABEBBDBxMDgGCCsGAQUFBwICMCwaKkRpZXNlcyBaZXJ0aWZpa2F0IGRpZW50IG51ciB6dSBUZXN0endlY2tlbjA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVRFU1QwSAYDVR0fBEEwPzA9oDugOYY3aHR0cDovL2NybC5hLXRydXN0LmF0L2NybC9hLXNpZ24tdGVzdC1wcmVtaXVtLW1vYmlsZS0wNTANBgkqhkiG9w0BAQsFAAOCAQEATD4ZnrEV+xeT7PFI/idqHdElLZ1BVUO9G9qfQQn4oKNCWWHxMo/ZXSlvsOtTjFezCQFkcFO1eJtXNHCyqfr69jorzhZcicscNRMrDlJoB/sJr0l/Ekjlt/dgRaTuZ7NzWE/oTefI3M3xkkLd0ydAMrhrZx+9f82VE3k63I1fmT90kQ8PfDzAMMRmlwbZDA+2TB8iF7SQkOOL6H1j2L9qrhjlG2ekU4cyx6KMkRjLLbr1JVgS07qOzUkeQPR2KTJcWWR+/NQZWDKdOz97eVOulxeI+Y3y96arraGM7lIbV9ZrpkbUn/IxQ9TQTE5X02EipgnZdR7bZrwJ7hJ27vwnfQ== +-----END CERTIFICATE----- diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/spring/test_eaaf_sl20.beans.xml b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/spring/test_eaaf_sl20.beans.xml new file mode 100644 index 00000000..e4002a8f --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/spring/test_eaaf_sl20.beans.xml @@ -0,0 +1,24 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd" + default-lazy-init="true"> + + <bean id="dummyAuthConfigMap" + class="at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap"> + <constructor-arg value="/data/config1.properties" /> + </bean> + + <bean id="jwsJweUtils" + class="at.gv.egiz.eaaf.modules.auth.sl20.utils.JsonSecurityUtils"/> + + <import resource="classpath:/spring/eaaf_utils.beans.xml"/> + +</beans>
\ No newline at end of file diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/spring/test_eaaf_sl20_hsm.beans.xml b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/spring/test_eaaf_sl20_hsm.beans.xml new file mode 100644 index 00000000..a9f5dc80 --- /dev/null +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/resources/spring/test_eaaf_sl20_hsm.beans.xml @@ -0,0 +1,24 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<beans xmlns="http://www.springframework.org/schema/beans" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xmlns:context="http://www.springframework.org/schema/context" + xmlns:tx="http://www.springframework.org/schema/tx" + xmlns:aop="http://www.springframework.org/schema/aop" + xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd + http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd" + default-lazy-init="true"> + + <bean id="dummyAuthConfigMap" + class="at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap"> + <constructor-arg value="/data/config2.properties" /> + </bean> + + <bean id="jwsJweUtils" + class="at.gv.egiz.eaaf.modules.auth.sl20.utils.JsonSecurityUtils"/> + + <import resource="classpath:/spring/eaaf_utils.beans.xml"/> + +</beans>
\ No newline at end of file |