summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java')
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java477
1 files changed, 477 insertions, 0 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java
new file mode 100644
index 00000000..1183bb49
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java
@@ -0,0 +1,477 @@
+package at.gv.egiz.eaaf.modules.pvp2.test;
+
+import java.security.cert.X509Certificate;
+import java.util.List;
+
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyAuthConfigMap;
+import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
+import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.BeansException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+ "/spring/test_eaaf_core_spring_config.beans.xml",
+ "/spring/SpringTest-context_lazy.xml"
+ })
+@TestPropertySource(locations = {"/config/config_1.props"})
+public class CredentialProviderTest {
+
+ private static final String PATH_JKS_WITH_TRUST_CERTS = "src/test/resources/data/junit.jks";
+ private static final String PATH_JKS_WITHOUT_TRUST_CERTS = "src/test/resources/data/junit_without_trustcerts.jks";
+ private static final String ALIAS_METADATA = "meta";
+ private static final String ALIAS_SIGN = "sig";
+ private static final String ALIAS_ENC = "meta";
+ private static final String PASSWORD = "password";
+
+
+ @Autowired private ApplicationContext context;
+ @Autowired private DummyAuthConfigMap config;
+
+ /**
+ * jUnit test initializer.
+ */
+ @Before
+ public void initialize() {
+ config.putConfigValue(DummyCredentialProvider.KEYSTORE_PATH, PATH_JKS_WITH_TRUST_CERTS);
+ config.putConfigValue(DummyCredentialProvider.KEYSTORE_PASSWORD, PASSWORD);
+
+ config.removeConfigValue(DummyCredentialProvider.KEY_METADATA_ALIAS);
+ config.removeConfigValue(DummyCredentialProvider.KEY_METADATA_PASSWORD);
+
+ config.removeConfigValue(DummyCredentialProvider.KEY_SIGNING_ALIAS);
+ config.removeConfigValue(DummyCredentialProvider.KEY_SIGNING_PASSWORD);
+
+ config.removeConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_ALIAS);
+ config.removeConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_PASSWORD);
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void noKeyStoreUrl() {
+ config.removeConfigValue(DummyCredentialProvider.KEYSTORE_PATH);
+ try {
+ context.getBean(DummyCredentialProvider.class);
+ Assert.fail("No KeyStore not detected");
+
+ } catch (final BeansException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class,
+ e.getCause(), "Wrong exception");
+ }
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void noKeyStore() {
+ config.putConfigValue(DummyCredentialProvider.KEYSTORE_PATH, "src/test/resources/config/notExist.p12");
+ try {
+ context.getBean(DummyCredentialProvider.class);
+ Assert.fail("No KeyStore not detected");
+
+ } catch (final BeansException e) {
+ org.springframework.util.Assert.isInstanceOf(java.io.FileNotFoundException.class,
+ e.getCause(), "Wrong exception");
+ }
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void noWrongKeyStorePassword() {
+ config.putConfigValue(DummyCredentialProvider.KEYSTORE_PASSWORD, "test");
+ try {
+ context.getBean(DummyCredentialProvider.class);
+ Assert.fail("No KeyStore not detected");
+
+ } catch (final BeansException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class,
+ e.getCause(), "Wrong exception");
+
+ }
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void notKeyConfigurationWrongAlias() {
+ final DummyCredentialProvider credential = context.getBean(DummyCredentialProvider.class);
+
+ Assert.assertNotNull("Credetialprovider", credential);
+ Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+ try {
+ config.putConfigValue(DummyCredentialProvider.KEY_METADATA_ALIAS,
+ RandomStringUtils.randomAlphabetic(5));
+ credential.getMetaDataSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_ALIAS,
+ RandomStringUtils.randomAlphabetic(5));
+ credential.getMessageSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_ALIAS,
+ RandomStringUtils.randomAlphabetic(5));
+ credential.getMessageEncryptionCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void notKeyConfigurationWrongPassword() {
+ final DummyCredentialProvider credential = context.getBean(DummyCredentialProvider.class);
+
+ Assert.assertNotNull("Credetialprovider", credential);
+ Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+ try {
+ config.putConfigValue(DummyCredentialProvider.KEY_METADATA_PASSWORD,
+ RandomStringUtils.randomAlphabetic(5));
+ credential.getMetaDataSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_PASSWORD,
+ RandomStringUtils.randomAlphabetic(5));
+ credential.getMessageSigningCredential();
+ Assert.fail("No message signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_PASSWORD,
+ RandomStringUtils.randomAlphabetic(5));
+ final EaafX509Credential encCred = credential.getMessageEncryptionCredential();
+ Assert.assertNull("No encryption credentials not detected", encCred);
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void notKeyConfigurationValidAliasWrongPassword() {
+ final DummyCredentialProvider credential = context.getBean(DummyCredentialProvider.class);
+
+ Assert.assertNotNull("Credetialprovider", credential);
+ Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+ try {
+ config.putConfigValue(DummyCredentialProvider.KEY_METADATA_ALIAS,
+ ALIAS_METADATA);
+ config.putConfigValue(DummyCredentialProvider.KEY_METADATA_PASSWORD,
+ RandomStringUtils.randomAlphabetic(5));
+ credential.getMetaDataSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_ALIAS,
+ ALIAS_SIGN);
+ config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_PASSWORD,
+ RandomStringUtils.randomAlphabetic(5));
+ credential.getMessageSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_ALIAS,
+ ALIAS_ENC);
+ config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_PASSWORD,
+ RandomStringUtils.randomAlphabetic(5));
+ credential.getMessageEncryptionCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void notKeyConfigurationWrongAliasValidPassword() {
+ final DummyCredentialProvider credential = context.getBean(DummyCredentialProvider.class);
+
+ Assert.assertNotNull("Credetialprovider", credential);
+ Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+ try {
+ config.putConfigValue(DummyCredentialProvider.KEY_METADATA_ALIAS,
+ RandomStringUtils.randomAlphabetic(5));
+ config.putConfigValue(DummyCredentialProvider.KEY_METADATA_PASSWORD,
+ PASSWORD);
+ credential.getMetaDataSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_ALIAS,
+ RandomStringUtils.randomAlphabetic(5));
+ config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_PASSWORD,
+ PASSWORD);
+ credential.getMessageSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_ALIAS,
+ RandomStringUtils.randomAlphabetic(5));
+ config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_PASSWORD,
+ PASSWORD);
+ credential.getMessageEncryptionCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void validonfiguration() throws CredentialsNotAvailableException {
+ final DummyCredentialProvider credential = context.getBean(DummyCredentialProvider.class);
+
+ Assert.assertNotNull("Credetialprovider", credential);
+ Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+
+ config.putConfigValue(DummyCredentialProvider.KEY_METADATA_ALIAS,
+ ALIAS_METADATA);
+ config.putConfigValue(DummyCredentialProvider.KEY_METADATA_PASSWORD,
+ PASSWORD);
+
+ checkCredential(credential.getMetaDataSigningCredential(),
+ PvpConstants.DEFAULT_SIGNING_METHODE_RSA,
+ PvpConstants.DEFAULT_ASYM_ENCRYPTION_METHODE_RSA);
+
+ config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_ALIAS,
+ ALIAS_SIGN);
+ config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_PASSWORD,
+ PASSWORD);
+ checkCredential(credential.getMessageSigningCredential(),
+ PvpConstants.DEFAULT_SIGNING_METHODE_EC,
+ PvpConstants.DEFAULT_ASYM_ENCRYPTION_METHODE_EC);
+
+ config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_ALIAS,
+ ALIAS_ENC);
+ config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_PASSWORD,
+ PASSWORD);
+ checkCredential(credential.getMessageEncryptionCredential(),
+ PvpConstants.DEFAULT_SIGNING_METHODE_RSA,
+ PvpConstants.DEFAULT_ASYM_ENCRYPTION_METHODE_RSA);
+
+
+ final List<X509Certificate> trustCerts = credential.getTrustedCertificates();
+ Assert.assertNotNull("TrustCerts are null", trustCerts);
+ Assert.assertFalse("TrustCerts not empty", trustCerts.isEmpty());
+ Assert.assertEquals("# of Trustcerts", 2, trustCerts.size());
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void validonfigurationWithOutTrustCerts() throws CredentialsNotAvailableException {
+ config.putConfigValue(DummyCredentialProvider.KEYSTORE_PATH, PATH_JKS_WITHOUT_TRUST_CERTS);
+
+ config.putConfigValue(PvpConstants.CONFIG_PROP_SEC_SIGNING_RSA_ALG,
+ "RSA-SIG_" + RandomStringUtils.randomAlphabetic(10));
+ config.putConfigValue(PvpConstants.CONFIG_PROP_SEC_SIGNING_EC_ALG,
+ "EC-SIG_" + RandomStringUtils.randomAlphabetic(10));
+ config.putConfigValue(PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_RSA_ALG,
+ "RSA_ENC_" + RandomStringUtils.randomAlphabetic(10));
+ config.putConfigValue(PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_EC_ALG,
+ "EC-ENC_" + RandomStringUtils.randomAlphabetic(10));
+
+ final DummyCredentialProvider credential = context.getBean(DummyCredentialProvider.class);
+
+ Assert.assertNotNull("Credetialprovider", credential);
+ Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+ config.putConfigValue(DummyCredentialProvider.KEY_METADATA_ALIAS,
+ ALIAS_METADATA);
+ config.putConfigValue(DummyCredentialProvider.KEY_METADATA_PASSWORD,
+ PASSWORD);
+
+ checkCredential(credential.getMetaDataSigningCredential(),
+ config.getBasicConfiguration(PvpConstants.CONFIG_PROP_SEC_SIGNING_RSA_ALG),
+ config.getBasicConfiguration(PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_RSA_ALG));
+
+ config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_ALIAS,
+ ALIAS_SIGN);
+ config.putConfigValue(DummyCredentialProvider.KEY_SIGNING_PASSWORD,
+ PASSWORD);
+ checkCredential(credential.getMessageSigningCredential(),
+ config.getBasicConfiguration(PvpConstants.CONFIG_PROP_SEC_SIGNING_EC_ALG),
+ config.getBasicConfiguration(PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_EC_ALG));
+
+ config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_ALIAS,
+ ALIAS_ENC);
+ config.putConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_PASSWORD,
+ PASSWORD);
+ checkCredential(credential.getMessageEncryptionCredential(),
+ config.getBasicConfiguration(PvpConstants.CONFIG_PROP_SEC_SIGNING_RSA_ALG),
+ config.getBasicConfiguration(PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_RSA_ALG));
+
+ final List<X509Certificate> trustCerts = credential.getTrustedCertificates();
+ Assert.assertNotNull("TrustCerts are null", trustCerts);
+ Assert.assertTrue("TrustCerts not empty", trustCerts.isEmpty());
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void notKeyConfiguration() {
+ final DummyCredentialProvider credential = context.getBean(DummyCredentialProvider.class);
+
+ Assert.assertNotNull("Credetialprovider", credential);
+ Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+ try {
+ credential.getMetaDataSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ credential.getMessageSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ final EaafX509Credential encCred = credential.getMessageEncryptionCredential();
+ Assert.assertNull("No encryption signing credentials not detected", encCred);
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void notKeyConfigurationPkcs12() {
+ config.putConfigValue(DummyCredentialProvider.KEYSTORE_PATH,
+ "src/test/resources/data/junit_without_trustcerts.p12");
+ final DummyCredentialProvider credential = context.getBean(DummyCredentialProvider.class);
+
+ Assert.assertNotNull("Credetialprovider", credential);
+ Assert.assertNotNull("Friendlyname", credential.getFriendlyName());
+
+ try {
+ credential.getMetaDataSigningCredential();
+ Assert.fail("No Metadata signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ credential.getMessageSigningCredential();
+ Assert.fail("No message signing credentials not detected");
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+
+ try {
+ final EaafX509Credential encCred = credential.getMessageEncryptionCredential();
+ Assert.assertNull("No encryption signing credentials not detected", encCred);
+
+ } catch (final CredentialsNotAvailableException e) {
+ Assert.assertTrue("Wrong errorCode", e.getMessage().contains("internal.pvp.01"));
+
+ }
+ }
+
+ private void checkCredential(EaafX509Credential metaDataSigningCredential, String sigAlg, String keyEncAlg) {
+ Assert.assertNotNull("No metadata signing credentials", metaDataSigningCredential);
+ Assert.assertNotNull("SigAlg is null",
+ metaDataSigningCredential.getSignatureAlgorithmForSigning());
+ Assert.assertNotNull("KeyEncAlg is null",
+ metaDataSigningCredential.getKeyEncryptionAlgorithmForDataEncryption());
+ Assert.assertFalse("SigAlg is empty",
+ metaDataSigningCredential.getSignatureAlgorithmForSigning().isEmpty());
+ Assert.assertFalse("KeyEncAlg is empty",
+ metaDataSigningCredential.getKeyEncryptionAlgorithmForDataEncryption().isEmpty());
+
+ Assert.assertEquals("Wrong SigAlg", sigAlg,
+ metaDataSigningCredential.getSignatureAlgorithmForSigning());
+ Assert.assertEquals("Wrong KeyEncAlg", keyEncAlg,
+ metaDataSigningCredential.getKeyEncryptionAlgorithmForDataEncryption());
+
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-13 07:43:05 +0000