package at.gv.egiz.eaaf.core.test.builder; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.PublicKey; import java.security.SecureRandom; import java.security.spec.ECGenParameterSpec; import org.apache.commons.lang3.RandomStringUtils; import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers; import org.jose4j.jwe.JsonWebEncryption; import org.jose4j.jwe.KeyManagementAlgorithmIdentifiers; import org.jose4j.lang.JoseException; import org.junit.Assert; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.BlockJUnit4ClassRunner; import at.gv.egiz.eaaf.core.api.data.EaafConstants; import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException; import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder; import at.gv.egiz.eaaf.core.impl.data.Pair; @RunWith(BlockJUnit4ClassRunner.class) public class BpkBuilderTest { private static final String BASEID = "RUxHQVRlc3RQQjBYWFjFkHpnw7xyX1hYWFTDvHpla8OnaQ=="; private KeyPair keyPair; /** * jUnit test initializer. * @throws NoSuchProviderException In case of an error * @throws NoSuchAlgorithmException In case of an error */ @Before public void initialize() throws NoSuchAlgorithmException, NoSuchProviderException { KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA"); keyGen.initialize(2048); keyPair = keyGen.generateKeyPair(); } @Test public void encBpkTextualLength() throws EaafBuilderException, InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, JoseException { String bpk = "MDEyMzQ1Njc4OWFiY2RIZg+CU"; String target = EaafConstants.URN_PREFIX_CDID + "AA"; printResult("Legacy RSA 1024:", BpkBuilder.encryptBpk(bpk, target, generateRsaPubKey(1024))); printResult("Legacy RSA 2048:", BpkBuilder.encryptBpk(bpk, target, generateRsaPubKey(2048))); printResult("Legacy RSA 3072:", BpkBuilder.encryptBpk(bpk, target, generateRsaPubKey(3072))); printResult("Legacy RSA 4096:", BpkBuilder.encryptBpk(bpk, target, generateRsaPubKey(4096))); bpk = "V1::urn:publicid:gv.at:cdid+BW::MDEyMzQ1Njc 4OW FiY2RIZg+CU&g=::2004-01-22T20:57:12"; printResult("RSA 2048:", createJsonEnc(generateRsaPubKey(2048), bpk, target, KeyManagementAlgorithmIdentifiers.RSA_OAEP_256)); printResult("RSA 3072:", createJsonEnc(generateRsaPubKey(3072), bpk, target, KeyManagementAlgorithmIdentifiers.RSA_OAEP_256)); printResult("RSA 4096:", createJsonEnc(generateRsaPubKey(4048), bpk, target, KeyManagementAlgorithmIdentifiers.RSA_OAEP_256)); printResult("ECC 256:", createJsonEnc(generateEcPubKey("secp256r1"), bpk, target, KeyManagementAlgorithmIdentifiers.ECDH_ES_A128KW)); printResult("ECC 384:", createJsonEnc(generateEcPubKey("secp384r1"), bpk, target, KeyManagementAlgorithmIdentifiers.ECDH_ES_A128KW)); printResult("ECC 521:", createJsonEnc(generateEcPubKey("secp521r1"), bpk, target, KeyManagementAlgorithmIdentifiers.ECDH_ES_A128KW)); System.out.println("Finished!"); } private void printResult(String prefix, String body) { System.out.println(prefix + " " + body.length() + " full:" + body); } private String createJsonEnc(PublicKey pubKey, String bpk, String target, String keyWrapAlg) throws JoseException { JsonWebEncryption enc = new JsonWebEncryption(); enc.setKey(pubKey); enc.setPayload(bpk); enc.setAlgorithmHeaderValue(keyWrapAlg); enc.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); enc.setKeyIdHeaderValue("myFirstKey"); enc.setContentTypeHeaderValue(target); return enc.getCompactSerialization(); } private PublicKey generateRsaPubKey(int size) throws NoSuchAlgorithmException { KeyPairGenerator keyGen3 = KeyPairGenerator.getInstance("RSA"); keyGen3.initialize(size); return keyGen3.generateKeyPair().getPublic(); } private PublicKey generateEcPubKey(String curve) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException { KeyPairGenerator generator = KeyPairGenerator.getInstance("EC"); ECGenParameterSpec ecSpec = new ECGenParameterSpec(curve); generator.initialize(ecSpec, new SecureRandom()); return generator.generateKeyPair().getPublic(); } @Test public void encBpkWrongTarget() throws InvalidKeyException { String bpk = RandomStringUtils.randomAlphanumeric(25); String target = RandomStringUtils.randomAlphanumeric(25); try { BpkBuilder.encryptBpk(bpk, target, keyPair.getPublic()); Assert.fail("Wrong parameters not detected"); } catch (EaafBuilderException e) { Assert.assertEquals("Wrong errorMsg", "builder.32", e.getErrorId()); } } @Test public void decBpkWrongTarget() throws InvalidKeyException { String bpk = RandomStringUtils.randomAlphanumeric(25); String target = RandomStringUtils.randomAlphanumeric(25); try { BpkBuilder.decryptBpk(bpk, target, keyPair.getPrivate()); Assert.fail("Wrong parameters not detected"); } catch (EaafBuilderException e) { Assert.assertEquals("Wrong errorMsg", "builder.32", e.getErrorId()); } } @Test public void decBpkWrongTargetInEncBpk() throws InvalidKeyException, EaafBuilderException { String bpk = RandomStringUtils.randomAlphanumeric(25); String target = EaafConstants.URN_PREFIX_CDID + "AA"; String encBpk = BpkBuilder.encryptBpk(bpk, target, keyPair.getPublic()); try { BpkBuilder.decryptBpk(encBpk, EaafConstants.URN_PREFIX_CDID + "BB", keyPair.getPrivate()); Assert.fail("Wrong parameters not detected"); } catch (EaafBuilderException e) { Assert.assertEquals("Wrong errorMsg", "builder.30", e.getErrorId()); } } @Test public void encBpkSuccess() throws EaafBuilderException, InvalidKeyException { String bpk = RandomStringUtils.randomAlphanumeric(25); String target = EaafConstants.URN_PREFIX_CDID + "AA"; String encBpk = BpkBuilder.encryptBpk(bpk, target, keyPair.getPublic()); Assert.assertNotNull("encBpk", encBpk); Pair decBpk = BpkBuilder.decryptBpk(encBpk, target, keyPair.getPrivate()); Assert.assertEquals("wrong bBK", bpk, decBpk.getFirst()); Assert.assertEquals("wrong bBK-Target", target, decBpk.getSecond()); } @Test public void encWbpkSuccess() throws EaafBuilderException, InvalidKeyException { String bpk = RandomStringUtils.randomAlphanumeric(25); String target = EaafConstants.URN_PREFIX_WBPK + "XFN+123456i"; String encBpk = BpkBuilder.encryptBpk(bpk, target, keyPair.getPublic()); Assert.assertNotNull("encBpk", encBpk); Pair decBpk = BpkBuilder.decryptBpk(encBpk, target, keyPair.getPrivate()); Assert.assertEquals("wrong bBK", bpk, decBpk.getFirst()); Assert.assertEquals("wrong bBK-Target", target, decBpk.getSecond()); } @Test public void encWbpkSuccessSecond() throws EaafBuilderException, InvalidKeyException { String bpk = RandomStringUtils.randomAlphanumeric(25); String target = EaafConstants.URN_PREFIX_WBPK + "FN+123456i"; String encBpk = BpkBuilder.encryptBpk(bpk, target, keyPair.getPublic()); Assert.assertNotNull("encBpk", encBpk); Pair decBpk = BpkBuilder.decryptBpk(encBpk, EaafConstants.URN_PREFIX_WBPK + "XFN+123456i", keyPair.getPrivate()); Assert.assertEquals("wrong bBK", bpk, decBpk.getFirst()); Assert.assertEquals("wrong bBK-Target", EaafConstants.URN_PREFIX_WBPK + "XFN+123456i", decBpk.getSecond()); } @Test public void noBaseId() { try { BpkBuilder.generateAreaSpecificPersonIdentifier(null, EaafConstants.URN_PREFIX_CDID + "AA"); } catch (EaafBuilderException e) { Assert.assertEquals("Wrong errorCode", "builder.33", e.getErrorId()); } } @Test public void noTarget() { try { BpkBuilder.generateAreaSpecificPersonIdentifier(BASEID, null); } catch (EaafBuilderException e) { Assert.assertEquals("Wrong errorCode", "builder.33", e.getErrorId()); } } @Test public void noBaseIdType() { try { BpkBuilder.generateAreaSpecificPersonIdentifier(BASEID, null, EaafConstants.URN_PREFIX_CDID + "AA"); } catch (EaafBuilderException e) { Assert.assertEquals("Wrong errorCode", "builder.33", e.getErrorId()); } } @Test public void wrongBaseIdType() { try { BpkBuilder.generateAreaSpecificPersonIdentifier(BASEID, EaafConstants.URN_PREFIX_CDID + "BB", EaafConstants.URN_PREFIX_CDID + "AA"); } catch (EaafBuilderException e) { Assert.assertEquals("Wrong errorCode", "builder.33", e.getErrorId()); } } @Test public void baseIdTypeEqualsTarget() throws EaafBuilderException { Pair result1 = BpkBuilder.generateAreaSpecificPersonIdentifier(BASEID, EaafConstants.URN_PREFIX_CDID + "AA", EaafConstants.URN_PREFIX_CDID + "AA"); Assert.assertEquals("first bPK", BASEID, result1.getFirst()); Assert.assertEquals("first bPK", "urn:publicid:gv.at:cdid+AA", result1.getSecond()); } @Test public void buildBpk() throws EaafBuilderException { Pair result1 = BpkBuilder.generateAreaSpecificPersonIdentifier( BASEID, EaafConstants.URN_PREFIX_CDID + "AA"); Pair result2 = BpkBuilder.generateAreaSpecificPersonIdentifier( BASEID, EaafConstants.URN_PREFIX_CDID + "BB"); Assert.assertEquals("first bPK", "b1Ip610zZq/Or/uCqgb51lnAdZM=", result1.getFirst()); Assert.assertEquals("first bPK", "urn:publicid:gv.at:cdid+AA", result1.getSecond()); Assert.assertEquals("second bPK", "uYst6hjKJvyp7s/ezD8zsnkcj9k=", result2.getFirst()); Assert.assertEquals("second bPK", "urn:publicid:gv.at:cdid+BB", result2.getSecond()); } @Test public void buildWbpkFn() throws EaafBuilderException { Pair result1 = BpkBuilder.generateAreaSpecificPersonIdentifier( BASEID, EaafConstants.URN_PREFIX_WBPK + "FN+123456i"); Assert.assertEquals("wbPK", "k65HRxpVcoZ2OPZHo3j2LEn/JQE=", result1.getFirst()); Assert.assertEquals("wbPK", "urn:publicid:gv.at:wbpk+XFN+123456i", result1.getSecond()); } @Test public void buildWbpkZvr() throws EaafBuilderException { Pair result1 = BpkBuilder.generateAreaSpecificPersonIdentifier( BASEID, EaafConstants.URN_PREFIX_WBPK + "ZVR+123456"); Assert.assertEquals("wbPK", "1WvaBLiTxcc3kVzfB71Zh2sCtvA=", result1.getFirst()); Assert.assertEquals("wbPK", "urn:publicid:gv.at:wbpk+XZVR+123456", result1.getSecond()); } @Test public void buildWbpkErsb() throws EaafBuilderException { Pair result1 = BpkBuilder.generateAreaSpecificPersonIdentifier( BASEID, EaafConstants.URN_PREFIX_WBPK + "ERSB+123456"); Assert.assertEquals("wbPK", "xtAWGAiblvhYJiCpUB3dwdRFPpg=", result1.getFirst()); Assert.assertEquals("wbPK", "urn:publicid:gv.at:wbpk+XERSB+123456", result1.getSecond()); } @Test public void buildWbpkXFn() throws EaafBuilderException { Pair result1 = BpkBuilder.generateAreaSpecificPersonIdentifier( BASEID, EaafConstants.URN_PREFIX_WBPK + "XFN+123456i"); Assert.assertEquals("wbPK", "k65HRxpVcoZ2OPZHo3j2LEn/JQE=", result1.getFirst()); Assert.assertEquals("wbPK", "urn:publicid:gv.at:wbpk+XFN+123456i", result1.getSecond()); } @Test public void buildWbpkXZvr() throws EaafBuilderException { Pair result1 = BpkBuilder.generateAreaSpecificPersonIdentifier( BASEID, EaafConstants.URN_PREFIX_WBPK + "XZVR+123456"); Assert.assertEquals("wbPK", "1WvaBLiTxcc3kVzfB71Zh2sCtvA=", result1.getFirst()); Assert.assertEquals("wbPK", "urn:publicid:gv.at:wbpk+XZVR+123456", result1.getSecond()); } @Test public void buildWbpkXErsb() throws EaafBuilderException { Pair result1 = BpkBuilder.generateAreaSpecificPersonIdentifier( BASEID, EaafConstants.URN_PREFIX_WBPK + "XERSB+123456"); Assert.assertEquals("wbPK", "xtAWGAiblvhYJiCpUB3dwdRFPpg=", result1.getFirst()); Assert.assertEquals("wbPK", "urn:publicid:gv.at:wbpk+XERSB+123456", result1.getSecond()); } @Test public void buildWbpkOthers() throws EaafBuilderException { Pair result1 = BpkBuilder.generateAreaSpecificPersonIdentifier( BASEID, EaafConstants.URN_PREFIX_WBPK + "XABC+123456"); Assert.assertEquals("wbPK", "wv96/xKUyi6YoYGv7IcIlFTsJIk=", result1.getFirst()); Assert.assertEquals("wbPK", "urn:publicid:gv.at:wbpk+XABC+123456", result1.getSecond()); } @Test public void buildEidasId() throws EaafBuilderException { Pair result1 = BpkBuilder.generateAreaSpecificPersonIdentifier( BASEID, EaafConstants.URN_PREFIX_EIDAS + "AT+ES"); Assert.assertEquals("eidas", "AT/ES/7AuLZNKsiRr97yvLsQ16SZ6r0q0=", result1.getFirst()); Assert.assertEquals("wbPK", "urn:publicid:gv.at:eidasid+AT+ES", result1.getSecond()); } @Test public void normalizeNullTarget() { Assert.assertNull("Wrong normalized target", BpkBuilder.normalizeBpkTargetIdentifierToCommonFormat(null)); } @Test public void normalizeBpkTarget() { String target = EaafConstants.URN_PREFIX_CDID + RandomStringUtils.randomAlphabetic(2); Assert.assertEquals("Wrong normalized target", target, BpkBuilder.normalizeBpkTargetIdentifierToCommonFormat(target)); } @Test public void normalizeWbpkTargetWithX() { String target = EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + RandomStringUtils.randomAlphabetic(2); Assert.assertEquals("Wrong normalized target", target, BpkBuilder.normalizeBpkTargetIdentifierToCommonFormat(target)); } @Test public void normalizeWbpkTargetWithOutXNoMapping() { String target = EaafConstants.URN_PREFIX_WBPK + RandomStringUtils.randomAlphabetic(2); Assert.assertEquals("Wrong normalized target", target, BpkBuilder.normalizeBpkTargetIdentifierToCommonFormat(target)); } @Test public void normalizeWbpkTargetWithOutXMappingFn() { Assert.assertEquals("Wrong normalized target", EaafConstants.URN_PREFIX_WBPK + "XFN+123456i", BpkBuilder.normalizeBpkTargetIdentifierToCommonFormat(EaafConstants.URN_PREFIX_WBPK + "FN+123456i")); } @Test public void normalizeWbpkTargetWithOutXMappingZvr() { Assert.assertEquals("Wrong normalized target", EaafConstants.URN_PREFIX_WBPK + "XZVR+1122334455", BpkBuilder.normalizeBpkTargetIdentifierToCommonFormat(EaafConstants.URN_PREFIX_WBPK + "ZVR+1122334455")); } @Test public void normalizeWbpkTargetWithOutXMappingErsb() { Assert.assertEquals("Wrong normalized target", EaafConstants.URN_PREFIX_WBPK + "XERSB+998877665544", BpkBuilder.normalizeBpkTargetIdentifierToCommonFormat(EaafConstants.URN_PREFIX_WBPK + "ERSB+998877665544")); } @Test public void normalizeEidasTarget() { String target = EaafConstants.URN_PREFIX_EIDAS + RandomStringUtils.randomAlphabetic(2) + "+" + RandomStringUtils.randomAlphabetic(2); Assert.assertEquals("Wrong normalized target", target, BpkBuilder.normalizeBpkTargetIdentifierToCommonFormat(target)); } @Test public void calcNormalizeNullTarget() { Assert.assertNull("Wrong normalized target", BpkBuilder.normalizeBpkTargetIdentifierToNonXFormat(null)); } @Test public void calcNormalizeBpkTarget() { String target = EaafConstants.URN_PREFIX_CDID + RandomStringUtils.randomAlphabetic(2); Assert.assertEquals("Wrong normalized target", target, BpkBuilder.normalizeBpkTargetIdentifierToNonXFormat(target)); } @Test public void calcNormalizeWbpkTargetWithoutX() { Assert.assertEquals("Wrong normalized target", EaafConstants.URN_PREFIX_WBPK + "FN+123456i", BpkBuilder.normalizeBpkTargetIdentifierToNonXFormat(EaafConstants.URN_PREFIX_WBPK + "FN+123456i")); } @Test public void calcNormalizeWbpkTargetWithOutXNoMapping() { String target = EaafConstants.URN_PREFIX_WBPK + RandomStringUtils.randomAlphabetic(2); Assert.assertEquals("Wrong normalized target", target, BpkBuilder.normalizeBpkTargetIdentifierToNonXFormat(target)); } @Test public void calcNormalizeWbpkTargetWithXMappingFn() { Assert.assertEquals("Wrong normalized target", EaafConstants.URN_PREFIX_WBPK + "FN+123456i", BpkBuilder.normalizeBpkTargetIdentifierToNonXFormat(EaafConstants.URN_PREFIX_WBPK + "XFN+123456i")); } @Test public void calcNormalizeWbpkTargetWithXMappingZvr() { Assert.assertEquals("Wrong normalized target", EaafConstants.URN_PREFIX_WBPK + "ZVR+1122334455", BpkBuilder.normalizeBpkTargetIdentifierToNonXFormat(EaafConstants.URN_PREFIX_WBPK + "XZVR+1122334455")); } @Test public void calcNormalizeWbpkTargetWithXMappingErsb() { Assert.assertEquals("Wrong normalized target", EaafConstants.URN_PREFIX_WBPK + "ERSB+998877665544", BpkBuilder.normalizeBpkTargetIdentifierToNonXFormat( EaafConstants.URN_PREFIX_WBPK + "XERSB+998877665544")); } @Test public void calcNormalizeEidasTarget() { String target = EaafConstants.URN_PREFIX_EIDAS + RandomStringUtils.randomAlphabetic(2) + "+" + RandomStringUtils.randomAlphabetic(2); Assert.assertEquals("Wrong normalized target", target, BpkBuilder.normalizeBpkTargetIdentifierToNonXFormat(target)); } @Test public void removeBpkPrefix() { String spTarget = RandomStringUtils.randomAlphabetic(2); Assert.assertEquals("Wrong SP target without prefix", spTarget, BpkBuilder.removeBpkTypePrefix(EaafConstants.URN_PREFIX_CDID + spTarget)); } @Test public void removeWpbkPrefix() { String spTarget = RandomStringUtils.randomAlphabetic(10); Assert.assertEquals("Wrong SP target without prefix", spTarget, BpkBuilder.removeBpkTypePrefix(EaafConstants.URN_PREFIX_WBPK + spTarget)); } @Test public void removeEidasPbkPrefix() { String spTarget = RandomStringUtils.randomAlphabetic(2) + "+" + RandomStringUtils.randomAlphabetic(2); Assert.assertEquals("Wrong SP target without prefix", spTarget, BpkBuilder.removeBpkTypePrefix(EaafConstants.URN_PREFIX_EIDAS + spTarget)); } @Test public void removeUnknownPbkPrefix() { String spTarget = RandomStringUtils.randomAlphabetic(10); Assert.assertEquals("Wrong SP target without prefix", EaafConstants.URN_PREFIX_BASEID + spTarget, BpkBuilder.removeBpkTypePrefix(EaafConstants.URN_PREFIX_BASEID + spTarget)); } }