From 8b4b3a97cdbdfc4158781982f6e9fc2900871198 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 17 Jan 2014 11:56:10 +0100
Subject: Exthex Version 0.2
---
.../gv/egovernment/moa/id/auth/oauth/CertTest.java | 63 +++++++++++++++-------
.../moa/id/auth/oauth/OAuth20ErrorsTests.java | 8 +--
.../id/auth/oauth/OAuth20GoogleClientTestCase.java | 8 +--
3 files changed, 48 insertions(+), 31 deletions(-)
(limited to 'id/server/idserverlib/src/test')
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java
index 6452d5ae6..d9d61ee1d 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java
@@ -1,24 +1,28 @@
package test.at.gv.egovernment.moa.id.auth.oauth;
+import iaik.security.ecc.provider.ECCProvider;
+
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
-import java.security.interfaces.RSAPrivateKey;
-import net.oauth.jsontoken.crypto.RsaSHA256Signer;
-import net.oauth.jsontoken.crypto.RsaSHA256Verifier;
+import net.oauth.jsontoken.crypto.Signer;
+import net.oauth.jsontoken.crypto.Verifier;
import org.opensaml.xml.security.x509.BasicX509Credential;
+import org.testng.Assert;
import org.testng.annotations.Test;
+import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuth20SHA256Signer;
+import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuth20SHA256Verifier;
import at.gv.egovernment.moa.util.KeyStoreUtils;
-import at.gv.egovernment.moa.util.StringUtils;
-import eu.stork.vidp.messages.exception.SAMLException;
public class CertTest {
/** KeyStore Path */
- private String keyStorePath = "file:/D:/dev/work/exthex/workspace/OAuthTesting/resources/keys/test_keystore.jks";
+ private String rsaKeyStorePath = "file:/D:/dev/work/exthex/workspace/OAuthTesting/resources/keys/test_keystore.jks";
+
+ private String ecdsaKeyStorePath = "file:/D:/dev/work/exthex/workspace/OAuthTesting/resources/keys/ECDSA_keystore.jks";
/** KeyStore Password */
private String keyStorePassword = "test12";
@@ -29,19 +33,14 @@ public class CertTest {
/** Key password */
private String keyPassword = "test12";
-
-
-
- @Test(enabled = false)
- public void loadCert() throws Exception {
-
- if (StringUtils.isEmpty(this.keyStorePath)) throw new SAMLException("No keyStorePath specified");
+ private BasicX509Credential getCredentials(String keyStorePath) {
+ Assert.assertNotNull(keyStorePath);
// KeyStorePassword optional
// if (StringUtils.isEmpty(this.keyStorePassword))
// throw new SAMLException("No keyStorePassword specified");
- if (StringUtils.isEmpty(this.keyName)) throw new SAMLException("No keyName specified");
+ Assert.assertNotNull(this.keyName);
// KeyStorePassword optional
// if (StringUtils.isEmpty(this.keyPassword))
@@ -49,7 +48,8 @@ public class CertTest {
KeyStore ks = null;
try {
- ks = KeyStoreUtils.loadKeyStore(this.keyStorePath, this.keyStorePassword);
+ ks = KeyStoreUtils.loadKeyStore(keyStorePath, this.keyStorePassword);
+
}
catch (Exception e) {
e.printStackTrace();
@@ -58,29 +58,52 @@ public class CertTest {
// return new KeyStoreX509CredentialAdapter(ks, keyName, keyPwd.toCharArray());
BasicX509Credential credential = null;
try {
- java.security.cert.X509Certificate certificate = (X509Certificate) ks.getCertificate(this.keyName);
+ X509Certificate certificate = (X509Certificate) ks.getCertificate(this.keyName);
PrivateKey privateKey = (PrivateKey) ks.getKey(this.keyName, this.keyPassword.toCharArray());
+
+ // System.out.println("KS Provider:" + privateKey.getClass());
credential = new BasicX509Credential();
credential.setEntityCertificate(certificate);
credential.setPrivateKey(privateKey);
- System.out.println(privateKey);
+ System.out.println("Private Key: " + privateKey);
}
catch (Exception e) {
e.printStackTrace();
}
- System.out.println(credential);
+ return credential;
+ }
+
+ private void signAndVerify(BasicX509Credential credential) throws Exception {
String data = "someData";
- RsaSHA256Signer signer = new RsaSHA256Signer("signer1", keyName, (RSAPrivateKey) credential.getPrivateKey());
+ Signer signer = new OAuth20SHA256Signer("signer1", keyName, credential.getPrivateKey());
byte[] signedData = signer.sign(data.getBytes());
- RsaSHA256Verifier verifier = new RsaSHA256Verifier(credential.getPublicKey());
+ Verifier verifier = new OAuth20SHA256Verifier(credential.getPublicKey());
verifier.verifySignature(data.getBytes(), signedData);
}
+
+ @Test
+ // (enabled = false)
+ public void testRSA() throws Exception {
+ BasicX509Credential credential = this.getCredentials(this.rsaKeyStorePath);
+
+ // System.out.println(credential);
+ this.signAndVerify(credential);
+ }
+
+ @Test
+ public void testECDSA() throws Exception {
+ ECCProvider.addAsProvider();
+
+ // Security.addProvider(new ECCProvider());
+ BasicX509Credential credential = this.getCredentials(this.ecdsaKeyStorePath);
+ this.signAndVerify(credential);
+ }
}
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java
index 64179d75a..9aede62e3 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java
@@ -1,8 +1,6 @@
package test.at.gv.egovernment.moa.id.auth.oauth;
import java.io.IOException;
-import java.util.Arrays;
-import java.util.List;
import javax.servlet.http.HttpServletResponse;
@@ -22,10 +20,6 @@ import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
import com.google.api.client.extensions.java6.auth.oauth2.VerificationCodeReceiver;
import com.google.api.client.extensions.jetty.auth.oauth2.LocalServerReceiver;
-import com.google.api.client.http.HttpTransport;
-import com.google.api.client.http.javanet.NetHttpTransport;
-import com.google.api.client.json.JsonFactory;
-import com.google.api.client.json.jackson2.JacksonFactory;
public class OAuth20ErrorsTests {
@@ -45,7 +39,7 @@ public class OAuth20ErrorsTests {
// client secret
private static String CLIENT_SECRET = "d435cf0a-3933-48f7-b142-339710c8f070";
// OAuth 2.0 scopes
- private static List<String> SCOPES = Arrays.asList("testScope1", "testScope2");
+ //private static List<String> SCOPES = Arrays.asList("testScope1", "testScope2");
// state
private static String STATE = "testState";
// code
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20GoogleClientTestCase.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20GoogleClientTestCase.java
index 7cf2ac82b..b2c17f062 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20GoogleClientTestCase.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20GoogleClientTestCase.java
@@ -62,7 +62,8 @@ public class OAuth20GoogleClientTestCase {
// open browser for bku login
private void openURL(String url) {
Assert.assertNotNull(url);
- System.out.println(url);
+ log.info("Please open the following URL in your browser:");
+ log.info(url);
if (Desktop.isDesktopSupported()) {
Desktop desktop = Desktop.getDesktop();
if (desktop.isSupported(Action.BROWSE)) {
@@ -75,10 +76,7 @@ public class OAuth20GoogleClientTestCase {
}
}
}
- // Finally just ask user to open in their browser using copy-paste
- log.info("Please open the following URL in your browser:");
- log.info(url);
}
private TokenResponse authorize() throws Exception {
@@ -123,6 +121,8 @@ public class OAuth20GoogleClientTestCase {
Assert.assertTrue(idToken.verifyIssuer(ISS));
log.info(idToken.getPayload().toPrettyString());
+ log.info(idToken.getHeader().toPrettyString());
+
}
@Test(enabled = false)
--
cgit v1.2.3