From 3b7eb43b0df868e492ccd7ad2daca5e4c0053bb2 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 17 Feb 2020 11:33:09 +0100 Subject: update jUnit tests to operate on HSM Facade from A-Sit+ --- .../modules/pvp2/test/CredentialProviderTest.java | 50 ++++++++++++++-------- .../pvp2/test/dummy/DummyCredentialProvider.java | 30 +++++++++---- .../test/resources/data/hsm_facade_trust_root.crt | 20 +++++++++ 3 files changed, 72 insertions(+), 28 deletions(-) create mode 100644 eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt (limited to 'eaaf_modules') diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java index 22ee389f..be3f9a8f 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/CredentialProviderTest.java @@ -3,6 +3,15 @@ package at.gv.egiz.eaaf.modules.pvp2.test; import java.security.cert.X509Certificate; import java.util.List; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; +import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException; +import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory; +import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyAuthConfigMap; +import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; +import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential; +import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; +import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; + import org.apache.commons.lang3.RandomStringUtils; import org.apache.xml.security.algorithms.JCEMapper; import org.junit.Assert; @@ -14,36 +23,31 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.ApplicationContext; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.TestPropertySource; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; -import at.gv.egiz.eaaf.core.exceptions.EaafFactoryException; -import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyAuthConfigMap; -import at.gv.egiz.eaaf.modules.pvp2.PvpConstants; -import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential; -import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; -import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider; - @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration({ "/spring/test_eaaf_core_map_config.beans.xml", "/spring/SpringTest-context_lazy.xml" }) -@TestPropertySource(locations = {"/config/config_1.props"}) public class CredentialProviderTest { + private static final String HSM_FACASE_HOST = "eid.a-sit.at"; + private static final String HSM_FACASE_PORT = "9000"; + private static final String HSM_FACASE_USERNAME = "authhandler-junit"; + private static final String HSM_FACASE_PASSWORD = "supersecret123"; + private static final String HSM_FACASE_SSL_TRUST = "src/test/resources/data/hsm_facade_trust_root.crt"; + private static final String PATH_JKS_WITH_TRUST_CERTS = "src/test/resources/data/junit.jks"; private static final String PATH_JKS_WITHOUT_TRUST_CERTS = "src/test/resources/data/junit_without_trustcerts.jks"; - //private static final String HSMF_ALIAS_METADATA = "shibboleth-sign"; - //private static final String HSMF_ALIAS_SIGN = "shibboleth-sign"; - //private static final String HSMF_ALIAS_ENC = "shibboleth-sign"; - + + private static final String HSM_FACASE_KEYSTORE_NAME = "authhandler"; + private static final String ALIAS_METADATA = "meta"; private static final String ALIAS_SIGN = "sig"; private static final String ALIAS_ENC = "meta"; - + private static final String PASSWORD = "password"; @@ -55,6 +59,14 @@ public class CredentialProviderTest { */ @Before public void initialize() { + config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_HOST, HSM_FACASE_HOST); + config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_PORT, HSM_FACASE_PORT); + config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_USERNAME, HSM_FACASE_USERNAME); + config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_CLIENT_PASSWORD, HSM_FACASE_PASSWORD); + config.putConfigValue(EaafKeyStoreFactory.CONFIG_PROP_HSM_FACADE_SSLTRUST, HSM_FACASE_SSL_TRUST); + + config.putConfigValue(DummyCredentialProvider.KEYSTORE_NAME, HSM_FACASE_KEYSTORE_NAME); + config.putConfigValue(DummyCredentialProvider.KEYSTORE_PATH, PATH_JKS_WITH_TRUST_CERTS); config.putConfigValue(DummyCredentialProvider.KEYSTORE_PASSWORD, PASSWORD); @@ -66,7 +78,7 @@ public class CredentialProviderTest { config.removeConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_ALIAS); config.removeConfigValue(DummyCredentialProvider.KEY_ENCRYPTION_PASSWORD); - + JCEMapper.setProviderId(null); } @@ -404,10 +416,10 @@ public class CredentialProviderTest { "RSA_ENC_" + RandomStringUtils.randomAlphabetic(10)); config.putConfigValue(PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_EC_ALG, "EC-ENC_" + RandomStringUtils.randomAlphabetic(10)); - + try { JCEMapper.setProviderId(RandomStringUtils.randomAlphabetic(5)); - + context.getBean(DummyCredentialProvider.class); } catch (final BeansException e) { @@ -417,7 +429,7 @@ public class CredentialProviderTest { } } - + @Test @DirtiesContext public void notKeyConfiguration() { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyCredentialProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyCredentialProvider.java index 0f8eff72..7418e1b3 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyCredentialProvider.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/dummy/DummyCredentialProvider.java @@ -1,18 +1,22 @@ package at.gv.egiz.eaaf.modules.pvp2.test.dummy; -import org.springframework.beans.factory.annotation.Autowired; - import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException; import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration; import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType; import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider; +import org.springframework.beans.factory.annotation.Autowired; + public class DummyCredentialProvider extends AbstractCredentialProvider { @Autowired IConfiguration basicConfig; + public static final String KEYSTORE_TYPE = "keystore.type"; public static final String KEYSTORE_PATH = "keystore.path"; public static final String KEYSTORE_PASSWORD = "keystore.pass"; + public static final String KEYSTORE_NAME = "keystore.name"; + public static final String KEY_METADATA_ALIAS = "key.metadata.alias"; public static final String KEY_METADATA_PASSWORD = "key.metadata.pass"; @@ -24,23 +28,31 @@ public class DummyCredentialProvider extends AbstractCredentialProvider { public static final String KEY_ENCRYPTION_PASSWORD = "key.enc.pass"; private static final String KEYSTORENAME = "jUnit test credential provider"; - + @Override - public KeyStoreConfiguration getBasicKeyStoreConfig() { - KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration(); - keyStoreConfig.setKeyStoreType(KeyStoreType.JKS); + public KeyStoreConfiguration getBasicKeyStoreConfig() throws EaafConfigurationException { + final KeyStoreConfiguration keyStoreConfig = new KeyStoreConfiguration(); keyStoreConfig.setFriendlyName(KEYSTORENAME); - + keyStoreConfig.setKeyStoreType(getKeyStoreType()); + + keyStoreConfig.setKeyStoreName( + basicConfig.getBasicConfiguration(KEYSTORE_NAME)); + keyStoreConfig.setSoftKeyStoreFilePath(getKeyStoreFilePath()); keyStoreConfig.setSoftKeyStorePassword(getKeyStorePassword()); - + return keyStoreConfig; } + public String getKeyStoreType() { + return basicConfig.getBasicConfiguration(KEYSTORE_TYPE, KeyStoreType.JKS.getKeyStoreType()); + + } + public String getKeyStoreFilePath() { final String path = basicConfig.getBasicConfiguration(KEYSTORE_PATH); return path; - + } public String getKeyStorePassword() { diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt b/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt new file mode 100644 index 00000000..37fdc389 --- /dev/null +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/resources/data/hsm_facade_trust_root.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDFDCCAfygAwIBAgIEXIjqbjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARy +b290MB4XDTE5MDMxMzExMzMwMloXDTIwMDMxMjExMzMwMlowDzENMAsGA1UEAwwE +cm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKijWXfb7bvQ7CIw +FuyuPUz+aN7uBgSSnpYamtzjagacdtGR2V2OVHfjVHhw+cSoNPaEEV2x0O9A+w8F +FCatBT30l7/2scuJmrdXYlIhd17NU6HG/HKYvRYROkXrprsbdZobWqdF/zShLIvv +0bwconAu7AxwlDgNJQz2pL0e94OkCT5rZyA4HFgzJ34XynXaCMbUbVXxVk6EuNaX +hbyco0qhjOjSn7Rwk3iXp21V4vcYRVq44sG3ieU6jHq6LKmYSGJ1y0yv9ADYJwSp +jCzRbOEKe/7QVvZIyzzqjhO3SAHONuFNX0V6zPCgMCjUOgHuOIEKLJR9p0YYYocX +GBLcVuECAwEAAaN4MHYwDAYDVR0TBAUwAwEB/zA6BgNVHSMEMzAxgBQueuDUlVbB +LBjP+iRFr6lUDBh58qETpBEwDzENMAsGA1UEAwwEcm9vdIIEXIjqbjAdBgNVHQ4E +FgQULnrg1JVWwSwYz/okRa+pVAwYefIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB +CwUAA4IBAQCEYSVpiKFO7FjCqTlkxNBY7e7891dq43DfX9i/Hb/AIvZDPe/RC46t +EXd9LN7QYaXe35U5ZD1q7qmK7NoFJ9zp4D4mxA2iiBHz40GnRt+0abNdQiyw913W +s/VIElAOv0tvCw+3SwzvLRU/AVCM1weW6IUbYv/Ty5zmLBsG3do3MmVF3cqXho2m +pNaiubuaUsR8Ms1LqIr6R7Yf8MKSrgYWCOw60gj5O64RHnEJli52D+S/8Cue5GvG +ECckmgLgGsRcWfFwRqqS7+XWt8Dv8xxD5vurvcs547Hn28kSHtF2i+KYLDVH2QjN +dbO0qgEJlMPi7oGrsNjIkndrWseNrPA4 +-----END CERTIFICATE----- + \ No newline at end of file -- cgit v1.2.3