From 86241863a1aebdc16e3bc273b63e5ce00fb86645 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 2 Nov 2020 12:23:29 +0100 Subject: change order of IAIK CryptoProvider registration Update JWS and JWE impl. to mitigate problems if IAIK and BC provider are loaded --- .../sl20/utils/AbstractJsonSecurityUtilsTest.java | 32 +++++++++++++++++++++- .../modules/auth/sl20/utils/JoseUtilsTest.java | 25 +++++++++++++++++ 2 files changed, 56 insertions(+), 1 deletion(-) (limited to 'eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules') diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/AbstractJsonSecurityUtilsTest.java b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/AbstractJsonSecurityUtilsTest.java index 8516a0ed..6550b026 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/AbstractJsonSecurityUtilsTest.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/AbstractJsonSecurityUtilsTest.java @@ -19,6 +19,7 @@ import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; import org.jose4j.jwe.JsonWebEncryption; import org.jose4j.jwe.KeyManagementAlgorithmIdentifiers; import org.jose4j.lang.JoseException; +import org.junit.AfterClass; import org.junit.Assert; import org.junit.BeforeClass; import org.junit.Test; @@ -37,6 +38,8 @@ import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType; import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap; import at.gv.egiz.eaaf.modules.auth.sl20.data.VerificationResult; +import iaik.security.ec.provider.ECCelerate; +import iaik.security.provider.IAIK; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration("/spring/test_eaaf_sl20_hsm.beans.xml") @@ -46,12 +49,27 @@ public abstract class AbstractJsonSecurityUtilsTest { @Autowired protected IJoseTools joseTools; @Autowired protected EaafKeyStoreFactory keyStoreFactory; + /** + *jUnit test class initializer. + */ @BeforeClass public static void classInitializer() { - Security.addProvider(new BouncyCastleProvider()); + IAIK.addAsProvider(); + ECCelerate.addAsProvider(); + Security.addProvider(new BouncyCastleProvider()); } + /** + * jUnit test class cleaner. + */ + @AfterClass + public static final void classFinisher() { + Security.removeProvider(IAIK.getInstance().getName()); + Security.removeProvider(ECCelerate.getInstance().getName()); + + } + protected abstract void setRsaSigningKey(); protected abstract void setEcSigningKey(); @@ -88,8 +106,14 @@ public abstract class AbstractJsonSecurityUtilsTest { final ProviderContext providerCtx = new ProviderContext(); providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( rsaEncKeyStore.getSecond().getName()); + providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME); jwe.setProviderContext(providerCtx); + } else { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME); + jwe.setProviderContext(providerCtx); + } final String encData = jwe.getCompactSerialization(); @@ -149,8 +173,14 @@ public abstract class AbstractJsonSecurityUtilsTest { final ProviderContext providerCtx = new ProviderContext(); providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( rsaEncKeyStore.getSecond().getName()); + providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME); jwe.setProviderContext(providerCtx); + } else { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getGeneralProviderContext().setGeneralProvider(BouncyCastleProvider.PROVIDER_NAME); + jwe.setProviderContext(providerCtx); + } final String encData = jwe.getCompactSerialization(); diff --git a/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtilsTest.java b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtilsTest.java index 7771ce60..b5a7639e 100644 --- a/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtilsTest.java +++ b/eaaf_modules/eaaf_module_auth_sl20/src/test/java/at/gv/egiz/eaaf/modules/auth/sl20/utils/JoseUtilsTest.java @@ -2,6 +2,7 @@ package at.gv.egiz.eaaf.modules.auth.sl20.utils; import java.io.IOException; import java.security.NoSuchProviderException; +import java.security.Security; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import java.util.Arrays; @@ -13,12 +14,16 @@ import org.jose4j.jwa.AlgorithmConstraints; import org.jose4j.jwa.AlgorithmConstraints.ConstraintType; import org.jose4j.jws.AlgorithmIdentifiers; import org.jose4j.lang.JoseException; +import org.junit.AfterClass; import org.junit.Assert; +import org.junit.BeforeClass; import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.BlockJUnit4ClassRunner; import at.gv.egiz.eaaf.modules.auth.sl20.utils.JoseUtils.JwsResult; +import iaik.security.ec.provider.ECCelerate; +import iaik.security.provider.IAIK; @RunWith(BlockJUnit4ClassRunner.class) public class JoseUtilsTest { @@ -30,6 +35,26 @@ public class JoseUtilsTest { AlgorithmIdentifiers.RSA_PSS_USING_SHA256, AlgorithmIdentifiers.RSA_PSS_USING_SHA512)); + /** + *jUnit test class initializer. + */ + @BeforeClass + public static final void classInitializer() { + IAIK.addAsProvider(); + ECCelerate.addAsProvider(); + + } + + /** + * jUnit test class cleaner. + */ + @AfterClass + public static final void classFinisher() { + Security.removeProvider(IAIK.getInstance().getName()); + Security.removeProvider(ECCelerate.getInstance().getName()); + + } + @Test public void testBindingAuthBlock() throws JoseException, IOException, CertificateException, NoSuchProviderException { -- cgit v1.2.3