From 8b4b3a97cdbdfc4158781982f6e9fc2900871198 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 17 Jan 2014 11:56:10 +0100 Subject: Exthex Version 0.2 --- .../gv/egovernment/moa/id/auth/oauth/CertTest.java | 63 +++++++++++++++------- .../moa/id/auth/oauth/OAuth20ErrorsTests.java | 8 +-- .../id/auth/oauth/OAuth20GoogleClientTestCase.java | 8 +-- 3 files changed, 48 insertions(+), 31 deletions(-) (limited to 'id/server/idserverlib/src/test') diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java index 6452d5ae6..d9d61ee1d 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java @@ -1,24 +1,28 @@ package test.at.gv.egovernment.moa.id.auth.oauth; +import iaik.security.ecc.provider.ECCProvider; + import java.security.KeyStore; import java.security.PrivateKey; import java.security.cert.X509Certificate; -import java.security.interfaces.RSAPrivateKey; -import net.oauth.jsontoken.crypto.RsaSHA256Signer; -import net.oauth.jsontoken.crypto.RsaSHA256Verifier; +import net.oauth.jsontoken.crypto.Signer; +import net.oauth.jsontoken.crypto.Verifier; import org.opensaml.xml.security.x509.BasicX509Credential; +import org.testng.Assert; import org.testng.annotations.Test; +import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuth20SHA256Signer; +import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuth20SHA256Verifier; import at.gv.egovernment.moa.util.KeyStoreUtils; -import at.gv.egovernment.moa.util.StringUtils; -import eu.stork.vidp.messages.exception.SAMLException; public class CertTest { /** KeyStore Path */ - private String keyStorePath = "file:/D:/dev/work/exthex/workspace/OAuthTesting/resources/keys/test_keystore.jks"; + private String rsaKeyStorePath = "file:/D:/dev/work/exthex/workspace/OAuthTesting/resources/keys/test_keystore.jks"; + + private String ecdsaKeyStorePath = "file:/D:/dev/work/exthex/workspace/OAuthTesting/resources/keys/ECDSA_keystore.jks"; /** KeyStore Password */ private String keyStorePassword = "test12"; @@ -29,19 +33,14 @@ public class CertTest { /** Key password */ private String keyPassword = "test12"; - - - - @Test(enabled = false) - public void loadCert() throws Exception { - - if (StringUtils.isEmpty(this.keyStorePath)) throw new SAMLException("No keyStorePath specified"); + private BasicX509Credential getCredentials(String keyStorePath) { + Assert.assertNotNull(keyStorePath); // KeyStorePassword optional // if (StringUtils.isEmpty(this.keyStorePassword)) // throw new SAMLException("No keyStorePassword specified"); - if (StringUtils.isEmpty(this.keyName)) throw new SAMLException("No keyName specified"); + Assert.assertNotNull(this.keyName); // KeyStorePassword optional // if (StringUtils.isEmpty(this.keyPassword)) @@ -49,7 +48,8 @@ public class CertTest { KeyStore ks = null; try { - ks = KeyStoreUtils.loadKeyStore(this.keyStorePath, this.keyStorePassword); + ks = KeyStoreUtils.loadKeyStore(keyStorePath, this.keyStorePassword); + } catch (Exception e) { e.printStackTrace(); @@ -58,29 +58,52 @@ public class CertTest { // return new KeyStoreX509CredentialAdapter(ks, keyName, keyPwd.toCharArray()); BasicX509Credential credential = null; try { - java.security.cert.X509Certificate certificate = (X509Certificate) ks.getCertificate(this.keyName); + X509Certificate certificate = (X509Certificate) ks.getCertificate(this.keyName); PrivateKey privateKey = (PrivateKey) ks.getKey(this.keyName, this.keyPassword.toCharArray()); + + // System.out.println("KS Provider:" + privateKey.getClass()); credential = new BasicX509Credential(); credential.setEntityCertificate(certificate); credential.setPrivateKey(privateKey); - System.out.println(privateKey); + System.out.println("Private Key: " + privateKey); } catch (Exception e) { e.printStackTrace(); } - System.out.println(credential); + return credential; + } + + private void signAndVerify(BasicX509Credential credential) throws Exception { String data = "someData"; - RsaSHA256Signer signer = new RsaSHA256Signer("signer1", keyName, (RSAPrivateKey) credential.getPrivateKey()); + Signer signer = new OAuth20SHA256Signer("signer1", keyName, credential.getPrivateKey()); byte[] signedData = signer.sign(data.getBytes()); - RsaSHA256Verifier verifier = new RsaSHA256Verifier(credential.getPublicKey()); + Verifier verifier = new OAuth20SHA256Verifier(credential.getPublicKey()); verifier.verifySignature(data.getBytes(), signedData); } + + @Test + // (enabled = false) + public void testRSA() throws Exception { + BasicX509Credential credential = this.getCredentials(this.rsaKeyStorePath); + + // System.out.println(credential); + this.signAndVerify(credential); + } + + @Test + public void testECDSA() throws Exception { + ECCProvider.addAsProvider(); + + // Security.addProvider(new ECCProvider()); + BasicX509Credential credential = this.getCredentials(this.ecdsaKeyStorePath); + this.signAndVerify(credential); + } } diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java index 64179d75a..9aede62e3 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java @@ -1,8 +1,6 @@ package test.at.gv.egovernment.moa.id.auth.oauth; import java.io.IOException; -import java.util.Arrays; -import java.util.List; import javax.servlet.http.HttpServletResponse; @@ -22,10 +20,6 @@ import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util; import com.google.api.client.extensions.java6.auth.oauth2.VerificationCodeReceiver; import com.google.api.client.extensions.jetty.auth.oauth2.LocalServerReceiver; -import com.google.api.client.http.HttpTransport; -import com.google.api.client.http.javanet.NetHttpTransport; -import com.google.api.client.json.JsonFactory; -import com.google.api.client.json.jackson2.JacksonFactory; public class OAuth20ErrorsTests { @@ -45,7 +39,7 @@ public class OAuth20ErrorsTests { // client secret private static String CLIENT_SECRET = "d435cf0a-3933-48f7-b142-339710c8f070"; // OAuth 2.0 scopes - private static List SCOPES = Arrays.asList("testScope1", "testScope2"); + //private static List SCOPES = Arrays.asList("testScope1", "testScope2"); // state private static String STATE = "testState"; // code diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20GoogleClientTestCase.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20GoogleClientTestCase.java index 7cf2ac82b..b2c17f062 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20GoogleClientTestCase.java +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20GoogleClientTestCase.java @@ -62,7 +62,8 @@ public class OAuth20GoogleClientTestCase { // open browser for bku login private void openURL(String url) { Assert.assertNotNull(url); - System.out.println(url); + log.info("Please open the following URL in your browser:"); + log.info(url); if (Desktop.isDesktopSupported()) { Desktop desktop = Desktop.getDesktop(); if (desktop.isSupported(Action.BROWSE)) { @@ -75,10 +76,7 @@ public class OAuth20GoogleClientTestCase { } } } - // Finally just ask user to open in their browser using copy-paste - log.info("Please open the following URL in your browser:"); - log.info(url); } private TokenResponse authorize() throws Exception { @@ -123,6 +121,8 @@ public class OAuth20GoogleClientTestCase { Assert.assertTrue(idToken.verifyIssuer(ISS)); log.info(idToken.getPayload().toPrettyString()); + log.info(idToken.getHeader().toPrettyString()); + } @Test(enabled = false) -- cgit v1.2.3