From e23226c47807be597bbbae3891dbb94069d56836 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Fri, 14 Feb 2020 08:46:52 +0100
Subject: Integrate HSM Facade from A-SIT+ The EaafKeyStoreFactory can be used
to build KeyStores from differend providers and types
---
.../impl/logging/EaafUtilsMessageSourceTest.java | 36 ++
.../impl/logging/JUnitTestStatusMessenger.java | 3 +-
.../core/impl/utils/test/KeyValueUtilsTest.java | 6 +-
.../test/credentials/EaafKeyStoreFactoryTest.java | 555 +++++++++++++++++++++
.../credentials/KeyStoreConfigurationTest.java | 190 +++++++
.../eaaf/core/test/dummy/DummyAuthConfigMap.java | 142 ++++++
6 files changed, 929 insertions(+), 3 deletions(-)
create mode 100644 eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/impl/logging/EaafUtilsMessageSourceTest.java
create mode 100644 eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java
create mode 100644 eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/KeyStoreConfigurationTest.java
create mode 100644 eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/dummy/DummyAuthConfigMap.java
(limited to 'eaaf_core_utils/src/test/java')
diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/impl/logging/EaafUtilsMessageSourceTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/impl/logging/EaafUtilsMessageSourceTest.java
new file mode 100644
index 00000000..f6df60ae
--- /dev/null
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/impl/logging/EaafUtilsMessageSourceTest.java
@@ -0,0 +1,36 @@
+package at.gv.egiz.eaaf.core.impl.logging;
+
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/spring/test_eaaf_pvp_not_lazy.beans.xml")
+public class EaafUtilsMessageSourceTest {
+
+ @Autowired
+ private ResourceLoader loader;
+ @Autowired(required = false)
+ private IMessageSourceLocation messageSource;
+
+ @Test
+ public void simpleTests() {
+ Assert.assertNotNull("No messageSource", messageSource);
+
+ Assert.assertNotNull("No sourcePath", messageSource.getMessageSourceLocation());
+
+ for (final String el : messageSource.getMessageSourceLocation()) {
+ final Resource messages = loader.getResource(el + ".properties");
+ Assert.assertTrue("Source not exist", messages.exists());
+
+ }
+
+ }
+}
diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/impl/logging/JUnitTestStatusMessenger.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/impl/logging/JUnitTestStatusMessenger.java
index be5d95b1..9c1d0c82 100644
--- a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/impl/logging/JUnitTestStatusMessenger.java
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/impl/logging/JUnitTestStatusMessenger.java
@@ -3,6 +3,7 @@ package at.gv.egiz.eaaf.core.impl.logging;
import java.text.MessageFormat;
import java.util.HashMap;
import java.util.Map;
+
import at.gv.egiz.eaaf.core.api.IStatusMessenger;
public class JUnitTestStatusMessenger implements IStatusMessenger {
@@ -48,7 +49,7 @@ public class JUnitTestStatusMessenger implements IStatusMessenger {
* Add a message into Message-Store.
*
* @param msgCode message-code
- * @param msg message
+ * @param msg message
*/
public void addMsg(final String msgCode, final String msg) {
if (!msgStore.containsKey(msgCode)) {
diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/impl/utils/test/KeyValueUtilsTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/impl/utils/test/KeyValueUtilsTest.java
index 258c3210..58788392 100644
--- a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/impl/utils/test/KeyValueUtilsTest.java
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/impl/utils/test/KeyValueUtilsTest.java
@@ -6,14 +6,17 @@ import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
-import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+
import org.apache.commons.lang3.RandomStringUtils;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.BlockJUnit4ClassRunner;
+
import com.google.common.collect.Sets;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+
@RunWith(BlockJUnit4ClassRunner.class)
public class KeyValueUtilsTest {
@@ -442,5 +445,4 @@ public class KeyValueUtilsTest {
}
-
}
diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java
new file mode 100644
index 00000000..805000cb
--- /dev/null
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java
@@ -0,0 +1,555 @@
+package at.gv.egiz.eaaf.core.test.credentials;
+
+import java.security.KeyStore;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.BeansException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.MethodMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import com.google.common.base.Optional;
+import com.google.common.base.Predicates;
+import com.google.common.base.Throwables;
+import com.google.common.collect.FluentIterable;
+
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
+import at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap;
+import io.grpc.StatusRuntimeException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration("/spring/test_eaaf_pvp_lazy.beans.xml")
+@DirtiesContext(methodMode = MethodMode.BEFORE_METHOD)
+public class EaafKeyStoreFactoryTest {
+
+ private static final String PATH_TO_SOFTWARE_KEYSTORE_JKS =
+ "src/test/resources/data/junit_without_trustcerts.jks";
+ private static final String PATH_TO_SOFTWARE_KEYSTORE_PKCS12 =
+ "src/test/resources/data/junit_without_trustcerts.p12";
+ private static final String PATH_TO_HSM_FACADE_TRUST_CERT = "src/test/resources/data/test.crt";
+ private static final String SOFTWARE_KEYSTORE_PASSWORD = "password";
+
+ @Autowired
+ private DummyAuthConfigMap mapConfig;
+ @Autowired
+ private ApplicationContext context;
+
+ /**
+ * jUnit test set-up.
+ */
+ @Before
+ public void testSetup() {
+ mapConfig.clearAllConfig();
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void startWithoutConfigHsmFacadeConfig() {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void buildyStoreWithOutConfig() {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
+ try {
+ keyStoreFactory.buildNewKeyStore(keyStoreConfig);
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e, "Wong ExceptionType");
+ Assert.assertEquals("wrong errorCode", "internal.keystore.01", e.getErrorId());
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void buildyStoreWithPkcs11() {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
+ keyStoreConfig.setKeyStoreType(KeyStoreType.PKCS11);
+ try {
+ keyStoreFactory.buildNewKeyStore(keyStoreConfig);
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e, "Wong ExceptionType");
+ Assert.assertEquals("wrong errorCode", "internal.keystore.02", e.getErrorId());
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void softwareKeyStoreWithoutConfig() {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
+ keyStoreConfig.setKeyStoreType(KeyStoreType.JKS);
+ try {
+ keyStoreFactory.buildNewKeyStore(keyStoreConfig);
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e, "Wong ExceptionType");
+ Assert.assertEquals("wrong errorCode", "internal.keystore.06", e.getErrorId());
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void softwareKeyStoreWithoutConfigSecond() {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
+ keyStoreConfig.setKeyStoreType(KeyStoreType.PKCS12);
+ try {
+ keyStoreFactory.buildNewKeyStore(keyStoreConfig);
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e, "Wong ExceptionType");
+ Assert.assertEquals("wrong errorCode", "internal.keystore.06", e.getErrorId());
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void softwareKeyStoreWithoutPassword() {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
+ keyStoreConfig.setKeyStoreType(KeyStoreType.JKS);
+ keyStoreConfig.setSoftKeyStoreFilePath(PATH_TO_SOFTWARE_KEYSTORE_JKS);
+
+ try {
+ keyStoreFactory.buildNewKeyStore(keyStoreConfig);
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e, "Wong ExceptionType");
+ Assert.assertEquals("wrong errorCode", "internal.keystore.06", e.getErrorId());
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void softwareKeyStoreWithoutPath() {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
+ keyStoreConfig.setKeyStoreType(KeyStoreType.JKS);
+ keyStoreConfig.setSoftKeyStorePassword(SOFTWARE_KEYSTORE_PASSWORD);
+
+
+ try {
+ keyStoreFactory.buildNewKeyStore(keyStoreConfig);
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e, "Wong ExceptionType");
+ Assert.assertEquals("wrong errorCode", "internal.keystore.06", e.getErrorId());
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void softwareKeyStoreWithoutType() throws EaafException {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
+ keyStoreConfig.setKeyStoreType(KeyStoreType.JKS);
+ keyStoreConfig.setSoftKeyStoreFilePath(PATH_TO_SOFTWARE_KEYSTORE_JKS);
+ keyStoreConfig.setSoftKeyStorePassword(SOFTWARE_KEYSTORE_PASSWORD);
+
+ final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(keyStoreConfig);
+ Assert.assertNotNull("KeyStore is null", keyStore);
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void softwareKeyStoreWithWrongPath() {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
+ keyStoreConfig.setKeyStoreType(KeyStoreType.JKS);
+ keyStoreConfig.setSoftKeyStoreFilePath("src/test/resources/notexist.jks");
+ keyStoreConfig.setSoftKeyStorePassword(SOFTWARE_KEYSTORE_PASSWORD);
+
+
+ try {
+ keyStoreFactory.buildNewKeyStore(keyStoreConfig);
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e, "Wong ExceptionType");
+ Assert.assertEquals("wrong errorCode", "internal.keystore.05", e.getErrorId());
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void softwareKeyStoreWithWrongPassword() {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
+ keyStoreConfig.setKeyStoreType(KeyStoreType.JKS);
+ keyStoreConfig.setSoftKeyStoreFilePath(PATH_TO_SOFTWARE_KEYSTORE_JKS);
+ keyStoreConfig.setSoftKeyStorePassword("wrong password");
+
+
+ try {
+ keyStoreFactory.buildNewKeyStore(keyStoreConfig);
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafFactoryException.class, e, "Wong ExceptionType");
+ Assert.assertEquals("wrong errorCode", "internal.keystore.06", e.getErrorId());
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void softwareKeyStoreSuccessJks() throws EaafException {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
+ keyStoreConfig.setKeyStoreType(KeyStoreType.JKS);
+ keyStoreConfig.setSoftKeyStoreFilePath(PATH_TO_SOFTWARE_KEYSTORE_JKS);
+ keyStoreConfig.setSoftKeyStorePassword(SOFTWARE_KEYSTORE_PASSWORD);
+
+
+ final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(keyStoreConfig);
+ Assert.assertNotNull("KeyStore is null", keyStore);
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void softwareKeyStoreSuccessPkcs12() throws EaafException {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
+ keyStoreConfig.setKeyStoreType(KeyStoreType.PKCS12);
+ keyStoreConfig.setSoftKeyStoreFilePath(PATH_TO_SOFTWARE_KEYSTORE_PKCS12);
+ keyStoreConfig.setSoftKeyStorePassword(SOFTWARE_KEYSTORE_PASSWORD);
+
+ final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(keyStoreConfig);
+ Assert.assertNotNull("KeyStore is null", keyStore);
+
+ }
+
+ @Test
+ public void hsmFacadeOnlyHostConfig() {
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
+ RandomStringUtils.randomNumeric(10));
+ try {
+ context.getBean(EaafKeyStoreFactory.class);
+ Assert.fail("Missing HSM Facade not detected");
+
+ } catch (final BeansException e) {
+ checkMissingConfigException(e);
+
+ }
+ }
+
+ @Test
+ public void hsmFacadeMissingPort() {
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME,
+ RandomStringUtils.randomAlphanumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HSM_NAME,
+ RandomStringUtils.randomAlphanumeric(10));
+
+ try {
+ context.getBean(EaafKeyStoreFactory.class);
+ Assert.fail("Missing HSM Facade not detected");
+
+ } catch (final BeansException e) {
+ checkMissingConfigException(e);
+
+ }
+ }
+
+ @Test
+ public void hsmFacadeMissingUsername() {
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_PORT,
+ RandomStringUtils.randomNumeric(4));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HSM_NAME,
+ RandomStringUtils.randomAlphanumeric(10));
+
+ try {
+ context.getBean(EaafKeyStoreFactory.class);
+ Assert.fail("Missing HSM Facade not detected");
+
+ } catch (final BeansException e) {
+ checkMissingConfigException(e);
+
+ }
+ }
+
+ @Test
+ public void hsmFacadeMissingPassword() {
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_PORT,
+ RandomStringUtils.randomNumeric(4));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME,
+ RandomStringUtils.randomAlphanumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HSM_NAME,
+ RandomStringUtils.randomAlphanumeric(10));
+
+ try {
+ context.getBean(EaafKeyStoreFactory.class);
+ Assert.fail("Missing HSM Facade not detected");
+
+ } catch (final BeansException e) {
+ checkMissingConfigException(e);
+
+ }
+ }
+
+ @Test
+ public void hsmFacadeMissingKeyStoreName() {
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_PORT,
+ RandomStringUtils.randomNumeric(4));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME,
+ RandomStringUtils.randomAlphanumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD,
+ RandomStringUtils.randomAlphanumeric(10));
+
+ try {
+ context.getBean(EaafKeyStoreFactory.class);
+ Assert.fail("Missing HSM Facade not detected");
+
+ } catch (final BeansException e) {
+ checkMissingConfigException(e);
+
+ }
+ }
+
+ @Test
+ public void hsmFacadeMissingTrustedCertificate() {
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_PORT,
+ RandomStringUtils.randomNumeric(4));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD,
+ RandomStringUtils.randomAlphanumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HSM_NAME,
+ RandomStringUtils.randomAlphanumeric(10));
+
+ try {
+ context.getBean(EaafKeyStoreFactory.class);
+ Assert.fail("Missing HSM Facade not detected");
+
+ } catch (final BeansException e) {
+ checkMissingConfigException(e);
+
+ }
+ }
+
+ @Test
+ public void hsmFacadeMissingTrustedCertificateFile() {
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_PORT,
+ RandomStringUtils.randomNumeric(4));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD,
+ RandomStringUtils.randomAlphanumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HSM_NAME,
+ RandomStringUtils.randomAlphanumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_SSLTRUST,
+ "src/test/resources/data/notexist.crt");
+
+ try {
+ context.getBean(EaafKeyStoreFactory.class);
+ Assert.fail("Missing HSM Facade not detected");
+
+ } catch (final BeansException e) {
+ checkMissingConfigException(e, "internal.keystore.05");
+
+ }
+ }
+
+ @Test
+ public void hsmFacadeMissingWrongTrustedCertificate() {
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_PORT,
+ RandomStringUtils.randomNumeric(4));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD,
+ RandomStringUtils.randomAlphanumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HSM_NAME,
+ RandomStringUtils.randomAlphanumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_SSLTRUST,
+ "src/test/resources/spring/test_eaaf_pvp_lazy.beans.xml");
+
+ try {
+ context.getBean(EaafKeyStoreFactory.class);
+ Assert.fail("Missing HSM Facade not detected");
+
+ } catch (final BeansException e) {
+ checkMissingConfigException(e, "internal.keystore.05");
+
+ }
+ }
+
+ @Test
+ @DirtiesContext
+ public void hsmFacadeInitialized() {
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_PORT,
+ RandomStringUtils.randomNumeric(4));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD,
+ RandomStringUtils.randomAlphanumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HSM_NAME,
+ RandomStringUtils.randomAlphanumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_SSLTRUST,
+ PATH_TO_HSM_FACADE_TRUST_CERT);
+
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertTrue("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void hsmFacadeKeyStoreNoKeyStoreName() {
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_PORT,
+ RandomStringUtils.randomNumeric(4));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD,
+ RandomStringUtils.randomAlphanumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HSM_NAME,
+ RandomStringUtils.randomAlphanumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_SSLTRUST,
+ PATH_TO_HSM_FACADE_TRUST_CERT);
+
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertTrue("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
+ keyStoreConfig.setKeyStoreType(KeyStoreType.HSMFACADE);
+
+ try {
+ keyStoreFactory.buildNewKeyStore(keyStoreConfig);
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafException e) {
+ org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e, "Wong ExceptionType");
+ Assert.assertEquals("wrong errorCode", "internal.keystore.06", e.getErrorId());
+ }
+
+ }
+
+ @Test
+ @DirtiesContext
+ public void hsmFacadeKeyStoreSuccess() throws EaafException {
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_PORT,
+ RandomStringUtils.randomNumeric(4));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME,
+ RandomStringUtils.randomNumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD,
+ RandomStringUtils.randomAlphanumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HSM_NAME,
+ RandomStringUtils.randomAlphanumeric(10));
+ mapConfig.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_SSLTRUST,
+ PATH_TO_HSM_FACADE_TRUST_CERT);
+
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertTrue("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
+ keyStoreConfig.setKeyStoreType(KeyStoreType.HSMFACADE);
+ keyStoreConfig.setKeyStoreName("testkeyStore");
+
+ try {
+ final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(keyStoreConfig);
+ Assert.assertNotNull("KeyStore is null", keyStore);
+
+ } catch (final StatusRuntimeException e) {
+ // because there is no mockup of HSM facade available
+ // Assert.assertTrue("Wrong exception", e.getMessage().contains("io
+ // exception"));
+
+ }
+
+ }
+
+ private void checkMissingConfigException(Exception e) {
+ checkMissingConfigException(e, "internal.keystore.04");
+
+ }
+
+ private void checkMissingConfigException(Exception e, String errorCode) {
+ final Optional<Throwable> eaafException = FluentIterable.from(
+ Throwables.getCausalChain(e)).filter(
+ Predicates.instanceOf(EaafConfigurationException.class)).first();
+ Assert.assertTrue("Wrong exception", eaafException.isPresent());
+ Assert.assertEquals("Wrong errorCode",
+ errorCode, ((EaafException) eaafException.get()).getErrorId());
+
+ }
+
+}
diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/KeyStoreConfigurationTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/KeyStoreConfigurationTest.java
new file mode 100644
index 00000000..8cb81107
--- /dev/null
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/KeyStoreConfigurationTest.java
@@ -0,0 +1,190 @@
+package at.gv.egiz.eaaf.core.test.credentials;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class KeyStoreConfigurationTest {
+
+ private Map<String, String> config;
+
+ @Before
+ public void testSetup() {
+ config = new HashMap<>();
+
+ }
+
+ @Test
+ public void emptyConfigMap() {
+ try {
+ KeyStoreConfiguration.buildFromConfigurationMap(config, "jUnitTest");
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafConfigurationException e) {
+ Assert.assertEquals("wrong errorCode", "internal.keystore.04", e.getErrorId());
+ }
+ }
+
+ @Test
+ public void emptyKeyStoreType() {
+ try {
+ config.put("keystore.type", "");
+
+ KeyStoreConfiguration.buildFromConfigurationMap(config, "jUnitTest");
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafConfigurationException e) {
+ Assert.assertEquals("wrong errorCode", "internal.keystore.04", e.getErrorId());
+ }
+ }
+
+ @Test
+ public void unknownKeyStoreType() {
+ try {
+ config.put("keystore.type", "test");
+
+ KeyStoreConfiguration.buildFromConfigurationMap(config, "jUnitTest");
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafConfigurationException e) {
+ Assert.assertEquals("wrong errorCode", "internal.keystore.01", e.getErrorId());
+ }
+ }
+
+ @Test
+ public void pkcs11KeyStoreType() throws EaafConfigurationException {
+ config.put("keystore.type", "pkcs11");
+ try {
+ final KeyStoreConfiguration keyStoreConfig = KeyStoreConfiguration.buildFromConfigurationMap(config,
+ "jUnitTest");
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafConfigurationException e) {
+ Assert.assertEquals("wrong errorCode", "internal.keystore.02", e.getErrorId());
+ }
+ }
+
+ @Test
+ public void hsmFacadeKeyStoreTypeMissingName() {
+ try {
+ config.put("keystore.type", "hsmfacade");
+
+ KeyStoreConfiguration.buildFromConfigurationMap(config, "jUnitTest");
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafConfigurationException e) {
+ Assert.assertEquals("wrong errorCode", "internal.keystore.04", e.getErrorId());
+ }
+ }
+
+ @Test
+ public void hsmFacadeKeyStoreTypeSucces() throws EaafConfigurationException {
+ final String keyStoreName = RandomStringUtils.randomAlphabetic(5);
+ config.put("keystore.type", "hsmfacade");
+ config.put("keystore.name", keyStoreName);
+
+ final KeyStoreConfiguration keyStoreConfig = KeyStoreConfiguration.buildFromConfigurationMap(config,
+ "jUnitTest");
+
+ Assert.assertNotNull("KeyStore config object", keyStoreConfig);
+ Assert.assertEquals("Wrong Type", KeyStoreType.HSMFACADE, keyStoreConfig.getKeyStoreType());
+ Assert.assertEquals("Wrong KeyStoreName", keyStoreName, keyStoreConfig.getKeyStoreName());
+
+ }
+
+ @Test
+ public void softwareKeyStoreTypeMissingPath() {
+ try {
+ final String keyStorePass = RandomStringUtils.randomAlphabetic(5);
+ config.put("keystore.type", "software");
+ config.put("keystore.password", keyStorePass);
+ config.put("keystore.type", "jks");
+
+ KeyStoreConfiguration.buildFromConfigurationMap(config, "jUnitTest");
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafConfigurationException e) {
+ Assert.assertEquals("wrong errorCode", "internal.keystore.04", e.getErrorId());
+ }
+ }
+
+ @Test
+ public void softwareKeyStoreTypeMissingPassword() {
+ try {
+ final String keyStorePath = RandomStringUtils.randomAlphabetic(5);
+ config.put("keystore.type", "software");
+ config.put("keystore.software.path", keyStorePath);
+ config.put("keystore.type", "jks");
+
+ KeyStoreConfiguration.buildFromConfigurationMap(config, "jUnitTest");
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafConfigurationException e) {
+ Assert.assertEquals("wrong errorCode", "internal.keystore.04", e.getErrorId());
+ }
+ }
+
+ @Test
+ public void softwareKeyStoreTypeUnknownType() {
+ try {
+ final String keyStorePath = RandomStringUtils.randomAlphabetic(5);
+ final String keyStorePass = RandomStringUtils.randomAlphabetic(5);
+ config.put("keystore.path", keyStorePath);
+ config.put("keystore.password", keyStorePass);
+ config.put("keystore.type", RandomStringUtils.randomAlphabetic(4));
+
+ KeyStoreConfiguration.buildFromConfigurationMap(config, "jUnitTest");
+ Assert.fail("Wrong config not detected");
+
+ } catch (final EaafConfigurationException e) {
+ Assert.assertEquals("wrong errorCode", "internal.keystore.01", e.getErrorId());
+ }
+ }
+
+ @Test
+ public void softwareKeyStoreTypeSuccesJks() throws EaafConfigurationException {
+ final String keyStorePath = RandomStringUtils.randomAlphabetic(5);
+ final String keyStorePass = RandomStringUtils.randomAlphabetic(5);
+ config.put("keystore.type", "jks");
+ config.put("keystore.path", keyStorePath);
+ config.put("keystore.password", keyStorePass);
+
+ final KeyStoreConfiguration keyStoreConfig = KeyStoreConfiguration.buildFromConfigurationMap(config,
+ "jUnitTest");
+
+ Assert.assertNotNull("KeyStore config object", keyStoreConfig);
+ Assert.assertEquals("Wrong Type", KeyStoreType.JKS, keyStoreConfig.getKeyStoreType());
+ Assert.assertEquals("Wrong KeyStoreName", keyStorePath, keyStoreConfig.getSoftKeyStoreFilePath());
+ Assert.assertEquals("Wrong KeyStoreName", keyStorePass, keyStoreConfig.getSoftKeyStorePassword());
+
+ }
+
+ @Test
+ public void softwareKeyStoreTypeSuccesPkcs12() throws EaafConfigurationException {
+ final String keyStorePath = RandomStringUtils.randomAlphabetic(5);
+ final String keyStorePass = RandomStringUtils.randomAlphabetic(5);
+ config.put("keystore.type", "pkcs12");
+ config.put("keystore.path", keyStorePath);
+ config.put("keystore.password", keyStorePass);
+
+ final KeyStoreConfiguration keyStoreConfig = KeyStoreConfiguration.buildFromConfigurationMap(config,
+ "jUnitTest");
+
+ Assert.assertNotNull("KeyStore config object", keyStoreConfig);
+ Assert.assertEquals("Wrong Type", KeyStoreType.PKCS12, keyStoreConfig.getKeyStoreType());
+ Assert.assertEquals("Wrong KeyStoreName", keyStorePath, keyStoreConfig.getSoftKeyStoreFilePath());
+ Assert.assertEquals("Wrong KeyStoreName", keyStorePass, keyStoreConfig.getSoftKeyStorePassword());
+
+ }
+}
diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/dummy/DummyAuthConfigMap.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/dummy/DummyAuthConfigMap.java
new file mode 100644
index 00000000..bf1dfd03
--- /dev/null
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/dummy/DummyAuthConfigMap.java
@@ -0,0 +1,142 @@
+package at.gv.egiz.eaaf.core.test.dummy;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URI;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+
+/**
+ * Dummy Application-configuration implementation for jUnit tests.
+ *
+ * @author tlenz
+ *
+ */
+public class DummyAuthConfigMap implements IConfigurationWithSP {
+
+ private Map<String, String> config = new HashMap<>();
+
+ /**
+ * Creates an emptry configuration.
+ *
+ */
+ public DummyAuthConfigMap() {
+
+ }
+
+ /**
+ * Dummy Application-configuration.
+ *
+ * @param configIs Property based configuration
+ * @throws IOException In case of an configuration read error
+ */
+ public DummyAuthConfigMap(final InputStream configIs) throws IOException {
+
+ final Properties props = new Properties();
+ props.load(configIs);
+
+ config = KeyValueUtils.convertPropertiesToMap(props);
+
+ }
+
+ /**
+ * Dummy Application-configuration.
+ *
+ * @param path Path to property based configuration
+ * @throws IOException In case of an configuration read error
+ */
+ public DummyAuthConfigMap(final String path) throws IOException {
+
+ final Properties props = new Properties();
+ props.load(this.getClass().getResourceAsStream(path));
+
+ config = KeyValueUtils.convertPropertiesToMap(props);
+
+ }
+
+ @Override
+ public String getBasicConfiguration(final String key) {
+ return config.get(key);
+
+ }
+
+ @Override
+ public String getBasicConfiguration(final String key, final String defaultValue) {
+ final String value = getBasicConfiguration(key);
+ if (StringUtils.isEmpty(value)) {
+ return defaultValue;
+ } else {
+ return value;
+ }
+
+ }
+
+ @Override
+ public boolean getBasicConfigurationBoolean(final String key) {
+ final String value = getBasicConfiguration(key);
+ if (StringUtils.isEmpty(value)) {
+ return false;
+ } else {
+ return Boolean.valueOf(value);
+ }
+ }
+
+ @Override
+ public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue) {
+ return Boolean.parseBoolean(getBasicConfiguration(key, String.valueOf(defaultValue)));
+
+ }
+
+ @Override
+ public Map<String, String> getBasicConfigurationWithPrefix(final String prefix) {
+ return KeyValueUtils.getSubSetWithPrefix(config, prefix);
+
+ }
+
+ @Override
+ public ISpConfiguration getServiceProviderConfiguration(final String uniqueID)
+ throws EaafConfigurationException {
+ return null;
+ }
+
+ @Override
+ public <T> T getServiceProviderConfiguration(final String spIdentifier, final Class<T> decorator)
+ throws EaafConfigurationException {
+ return null;
+ }
+
+ @Override
+ public URI getConfigurationRootDirectory() {
+ return new java.io.File(".").toURI();
+
+ }
+
+ @Override
+ public String validateIdpUrl(final URL authReqUrl) throws EaafException {
+ return null;
+ }
+
+ public void putConfigValue(final String key, final String value) {
+ config.put(key, value);
+ }
+
+ public void removeConfigValue(final String key) {
+ config.remove(key);
+
+ }
+
+ public void clearAllConfig() {
+ config.clear();
+ }
+
+}
--
cgit v1.2.3
From c4e1a45e7958cab402d83f6f4ae208df1bb2ab58 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Fri, 14 Feb 2020 15:22:13 +0100
Subject: add common-code for KeyStore and Credential handling
---
.../test/credentials/EaafKeyStoreFactoryTest.java | 81 ++++++++++++++++++++++
1 file changed, 81 insertions(+)
(limited to 'eaaf_core_utils/src/test/java')
diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java
index 805000cb..c47805e8 100644
--- a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java
+++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/credentials/EaafKeyStoreFactoryTest.java
@@ -1,6 +1,10 @@
package at.gv.egiz.eaaf.core.test.credentials;
+import java.security.Key;
import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.cert.X509Certificate;
+import java.util.List;
import org.apache.commons.lang3.RandomStringUtils;
import org.junit.Assert;
@@ -20,12 +24,15 @@ import com.google.common.base.Predicates;
import com.google.common.base.Throwables;
import com.google.common.collect.FluentIterable;
+import at.gv.egiz.eaaf.core.exception.EaafKeyAccessException;
import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException;
import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils;
import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
import at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap;
import io.grpc.StatusRuntimeException;
@@ -34,6 +41,8 @@ import io.grpc.StatusRuntimeException;
@DirtiesContext(methodMode = MethodMode.BEFORE_METHOD)
public class EaafKeyStoreFactoryTest {
+ private static final String PATH_TO_SOFTWARE_KEYSTORE_JKS_WITH_TRUSTED_CERTS =
+ "src/test/resources/data/junit.jks";
private static final String PATH_TO_SOFTWARE_KEYSTORE_JKS =
"src/test/resources/data/junit_without_trustcerts.jks";
private static final String PATH_TO_SOFTWARE_KEYSTORE_PKCS12 =
@@ -254,10 +263,78 @@ public class EaafKeyStoreFactoryTest {
keyStoreConfig.setSoftKeyStoreFilePath(PATH_TO_SOFTWARE_KEYSTORE_JKS);
keyStoreConfig.setSoftKeyStorePassword(SOFTWARE_KEYSTORE_PASSWORD);
+ keyStoreConfig.validate();
final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(keyStoreConfig);
Assert.assertNotNull("KeyStore is null", keyStore);
+ }
+
+ @Test
+ @DirtiesContext
+ public void softwareKeyStoreAccessOperations() throws EaafException, KeyStoreException {
+ final EaafKeyStoreFactory keyStoreFactory = context.getBean(EaafKeyStoreFactory.class);
+ Assert.assertFalse("HSM Facade state wrong", keyStoreFactory.isHsmFacadeInitialized());
+
+ final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration();
+ keyStoreConfig.setKeyStoreType(KeyStoreType.JKS);
+ keyStoreConfig.setSoftKeyStoreFilePath(PATH_TO_SOFTWARE_KEYSTORE_JKS_WITH_TRUSTED_CERTS);
+ keyStoreConfig.setSoftKeyStorePassword(SOFTWARE_KEYSTORE_PASSWORD);
+
+ keyStoreConfig.validate();
+
+ final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(keyStoreConfig);
+ Assert.assertNotNull("KeyStore is null", keyStore);
+
+ //read trusted certs
+ List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore);
+ Assert.assertNotNull("Trusted certs", trustedCerts);
+ Assert.assertEquals("Trusted certs size", 2, trustedCerts.size());
+
+ //read priv. key
+ Pair<Key, X509Certificate[]> privCred1 = EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+ keyStore, "meta", "password".toCharArray(), true, "jUnit test");
+ Assert.assertNotNull("Credential 1", privCred1);
+ Assert.assertNotNull("Credential 1 priv. key", privCred1.getFirst());
+ Assert.assertNotNull("Credential 1 certificate", privCred1.getSecond());
+
+ //read priv. key
+ Pair<Key, X509Certificate[]> privCred2 = EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+ keyStore, "sig", "password".toCharArray(), true, "jUnit test");
+ Assert.assertNotNull("Credential 2", privCred2);
+ Assert.assertNotNull("Credential 2 priv. key", privCred2.getFirst());
+ Assert.assertNotNull("Credential 2 certificate", privCred2.getSecond());
+
+
+ //read priv. key
+ Pair<Key, X509Certificate[]> privCred3 = EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+ keyStore, "notexist", "password".toCharArray(), false, "jUnit test");
+ Assert.assertNull("Credential 3", privCred3);
+
+ //read priv. key
+ Pair<Key, X509Certificate[]> privCred4 = EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+ keyStore, "meta", "wrong".toCharArray(), false, "jUnit test");
+ Assert.assertNull("Credential 3", privCred4);
+
+ try {
+ EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+ keyStore, "meta", "wrong".toCharArray(), true, "jUnit test");
+ Assert.fail("Wrong password not detected");
+
+ } catch (EaafKeyAccessException e) {
+ Assert.assertEquals("wrong errorcode", "internal.keystore.09", e.getErrorId());
+ }
+
+ try {
+ EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+ keyStore, "wrong", "password".toCharArray(), true, "jUnit test");
+ Assert.fail("Wrong alias not detected");
+
+ } catch (EaafKeyAccessException e) {
+ Assert.assertEquals("wrong errorcode", "internal.keystore.09", e.getErrorId());
+ }
+
+
}
@Test
@@ -271,6 +348,8 @@ public class EaafKeyStoreFactoryTest {
keyStoreConfig.setSoftKeyStoreFilePath(PATH_TO_SOFTWARE_KEYSTORE_PKCS12);
keyStoreConfig.setSoftKeyStorePassword(SOFTWARE_KEYSTORE_PASSWORD);
+ keyStoreConfig.validate();
+
final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(keyStoreConfig);
Assert.assertNotNull("KeyStore is null", keyStore);
@@ -524,6 +603,8 @@ public class EaafKeyStoreFactoryTest {
keyStoreConfig.setKeyStoreType(KeyStoreType.HSMFACADE);
keyStoreConfig.setKeyStoreName("testkeyStore");
+ keyStoreConfig.validate();
+
try {
final KeyStore keyStore = keyStoreFactory.buildNewKeyStore(keyStoreConfig);
Assert.assertNotNull("KeyStore is null", keyStore);
--
cgit v1.2.3