From 8b4b3a97cdbdfc4158781982f6e9fc2900871198 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 17 Jan 2014 11:56:10 +0100
Subject: Exthex Version 0.2

---
 .../gv/egovernment/moa/id/auth/oauth/CertTest.java | 63 +++++++++++++++-------
 .../moa/id/auth/oauth/OAuth20ErrorsTests.java      |  8 +--
 .../id/auth/oauth/OAuth20GoogleClientTestCase.java |  8 +--
 3 files changed, 48 insertions(+), 31 deletions(-)

(limited to 'id/server/idserverlib/src/test/java')

diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java
index 6452d5ae6..d9d61ee1d 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java
@@ -1,24 +1,28 @@
 package test.at.gv.egovernment.moa.id.auth.oauth;
 
+import iaik.security.ecc.provider.ECCProvider;
+
 import java.security.KeyStore;
 import java.security.PrivateKey;
 import java.security.cert.X509Certificate;
-import java.security.interfaces.RSAPrivateKey;
 
-import net.oauth.jsontoken.crypto.RsaSHA256Signer;
-import net.oauth.jsontoken.crypto.RsaSHA256Verifier;
+import net.oauth.jsontoken.crypto.Signer;
+import net.oauth.jsontoken.crypto.Verifier;
 
 import org.opensaml.xml.security.x509.BasicX509Credential;
+import org.testng.Assert;
 import org.testng.annotations.Test;
 
+import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuth20SHA256Signer;
+import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuth20SHA256Verifier;
 import at.gv.egovernment.moa.util.KeyStoreUtils;
-import at.gv.egovernment.moa.util.StringUtils;
-import eu.stork.vidp.messages.exception.SAMLException;
 
 public class CertTest {
 	
 	/** KeyStore Path */
-	private String keyStorePath = "file:/D:/dev/work/exthex/workspace/OAuthTesting/resources/keys/test_keystore.jks";
+	private String rsaKeyStorePath = "file:/D:/dev/work/exthex/workspace/OAuthTesting/resources/keys/test_keystore.jks";
+	
+	private String ecdsaKeyStorePath = "file:/D:/dev/work/exthex/workspace/OAuthTesting/resources/keys/ECDSA_keystore.jks";
 	
 	/** KeyStore Password */
 	private String keyStorePassword = "test12";
@@ -29,19 +33,14 @@ public class CertTest {
 	/** Key password */
 	private String keyPassword = "test12";
 	
-
-	
-	
-	@Test(enabled = false)
-	public void loadCert() throws Exception {
-		
-		if (StringUtils.isEmpty(this.keyStorePath)) throw new SAMLException("No keyStorePath specified");
+	private BasicX509Credential getCredentials(String keyStorePath) {
+		Assert.assertNotNull(keyStorePath);
 		
 		// KeyStorePassword optional
 		// if (StringUtils.isEmpty(this.keyStorePassword))
 		// throw new SAMLException("No keyStorePassword specified");
 		
-		if (StringUtils.isEmpty(this.keyName)) throw new SAMLException("No keyName specified");
+		Assert.assertNotNull(this.keyName);
 		
 		// KeyStorePassword optional
 		// if (StringUtils.isEmpty(this.keyPassword))
@@ -49,7 +48,8 @@ public class CertTest {
 		
 		KeyStore ks = null;
 		try {
-			ks = KeyStoreUtils.loadKeyStore(this.keyStorePath, this.keyStorePassword);
+			ks = KeyStoreUtils.loadKeyStore(keyStorePath, this.keyStorePassword);
+			
 		}
 		catch (Exception e) {
 			e.printStackTrace();
@@ -58,29 +58,52 @@ public class CertTest {
 		// return new KeyStoreX509CredentialAdapter(ks, keyName, keyPwd.toCharArray());
 		BasicX509Credential credential = null;
 		try {
-			java.security.cert.X509Certificate certificate = (X509Certificate) ks.getCertificate(this.keyName);
+			X509Certificate certificate = (X509Certificate) ks.getCertificate(this.keyName);
 			
 			PrivateKey privateKey = (PrivateKey) ks.getKey(this.keyName, this.keyPassword.toCharArray());
+			
+			// System.out.println("KS Provider:" + privateKey.getClass());
 			credential = new BasicX509Credential();
 			credential.setEntityCertificate(certificate);
 			credential.setPrivateKey(privateKey);
 			
-			System.out.println(privateKey);
+			System.out.println("Private Key: " + privateKey);
 			
 		}
 		catch (Exception e) {
 			e.printStackTrace();
 			
 		}
-		System.out.println(credential);
 		
+		return credential;
+	}
+	
+	private void signAndVerify(BasicX509Credential credential) throws Exception {
 		String data = "someData";
 		
-		RsaSHA256Signer signer = new RsaSHA256Signer("signer1", keyName, (RSAPrivateKey) credential.getPrivateKey());
+		Signer signer = new OAuth20SHA256Signer("signer1", keyName, credential.getPrivateKey());
 		
 		byte[] signedData = signer.sign(data.getBytes());
 		
-		RsaSHA256Verifier verifier = new RsaSHA256Verifier(credential.getPublicKey());
+		Verifier verifier = new OAuth20SHA256Verifier(credential.getPublicKey());
 		verifier.verifySignature(data.getBytes(), signedData);
 	}
+	
+	@Test
+	// (enabled = false)
+	public void testRSA() throws Exception {
+		BasicX509Credential credential = this.getCredentials(this.rsaKeyStorePath);
+		
+		// System.out.println(credential);
+		this.signAndVerify(credential);
+	}
+	
+	@Test
+	public void testECDSA() throws Exception {
+		ECCProvider.addAsProvider();
+		
+		// Security.addProvider(new ECCProvider());
+		BasicX509Credential credential = this.getCredentials(this.ecdsaKeyStorePath);
+		this.signAndVerify(credential);
+	}
 }
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java
index 64179d75a..9aede62e3 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java
@@ -1,8 +1,6 @@
 package test.at.gv.egovernment.moa.id.auth.oauth;
 
 import java.io.IOException;
-import java.util.Arrays;
-import java.util.List;
 
 import javax.servlet.http.HttpServletResponse;
 
@@ -22,10 +20,6 @@ import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
 
 import com.google.api.client.extensions.java6.auth.oauth2.VerificationCodeReceiver;
 import com.google.api.client.extensions.jetty.auth.oauth2.LocalServerReceiver;
-import com.google.api.client.http.HttpTransport;
-import com.google.api.client.http.javanet.NetHttpTransport;
-import com.google.api.client.json.JsonFactory;
-import com.google.api.client.json.jackson2.JacksonFactory;
 
 public class OAuth20ErrorsTests {
 	
@@ -45,7 +39,7 @@ public class OAuth20ErrorsTests {
 	// client secret
 	private static String CLIENT_SECRET = "d435cf0a-3933-48f7-b142-339710c8f070";
 	// OAuth 2.0 scopes
-	private static List<String> SCOPES = Arrays.asList("testScope1", "testScope2");
+	//private static List<String> SCOPES = Arrays.asList("testScope1", "testScope2");
 	// state
 	private static String STATE = "testState";
 	// code
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20GoogleClientTestCase.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20GoogleClientTestCase.java
index 7cf2ac82b..b2c17f062 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20GoogleClientTestCase.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20GoogleClientTestCase.java
@@ -62,7 +62,8 @@ public class OAuth20GoogleClientTestCase {
 	// open browser for bku login
 	private void openURL(String url) {
 		Assert.assertNotNull(url);
-		System.out.println(url);
+		log.info("Please open the following URL in your browser:");
+		log.info(url);
 		if (Desktop.isDesktopSupported()) {
 			Desktop desktop = Desktop.getDesktop();
 			if (desktop.isSupported(Action.BROWSE)) {
@@ -75,10 +76,7 @@ public class OAuth20GoogleClientTestCase {
 				}
 			}
 		}
-		// Finally just ask user to open in their browser using copy-paste
 		
-		log.info("Please open the following URL in your browser:");
-		log.info(url);
 	}
 	
 	private TokenResponse authorize() throws Exception {
@@ -123,6 +121,8 @@ public class OAuth20GoogleClientTestCase {
 		Assert.assertTrue(idToken.verifyIssuer(ISS));
 		
 		log.info(idToken.getPayload().toPrettyString());
+		log.info(idToken.getHeader().toPrettyString());
+
 	}
 	
 	@Test(enabled = false)
-- 
cgit v1.2.3