diff options
author | Thomas <> | 2021-03-25 15:24:48 +0100 |
---|---|---|
committer | Thomas <> | 2021-03-25 15:24:48 +0100 |
commit | 44a005e0e68e882a50d9bc061ca8daef4d84efa0 (patch) | |
tree | f411eb5e7133d2dea3c163f3733000788260f6d7 /moaSig/moa-sig-lib/src/test | |
parent | 56bbd2ea411e050a300b89f47d8787968d244546 (diff) | |
download | moa-sig-44a005e0e68e882a50d9bc061ca8daef4d84efa0.tar.gz moa-sig-44a005e0e68e882a50d9bc061ca8daef4d84efa0.tar.bz2 moa-sig-44a005e0e68e882a50d9bc061ca8daef4d84efa0.zip |
add masking pattern to clear personal information from certificate logging
Diffstat (limited to 'moaSig/moa-sig-lib/src/test')
2 files changed, 238 insertions, 0 deletions
diff --git a/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/logger/IaikLoggerMaskingTest.java b/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/logger/IaikLoggerMaskingTest.java new file mode 100644 index 0000000..b3bf0e8 --- /dev/null +++ b/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/logger/IaikLoggerMaskingTest.java @@ -0,0 +1,182 @@ +package test.at.gv.egovernment.moa.spss.logger; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +import java.util.Arrays; +import java.util.List; + +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; +import org.slf4j.LoggerFactory; + +import at.gv.egovernment.moa.spss.server.logging.IaikLog; +import at.gv.egovernment.moa.spss.server.logging.TransactionId; +import ch.qos.logback.classic.Level; +import ch.qos.logback.classic.Logger; +import ch.qos.logback.classic.LoggerContext; + +@RunWith(BlockJUnit4ClassRunner.class) +public class IaikLoggerMaskingTest { + + private IaikLog log; + private TransactionId transId; + + private MemoryLoggingAppender memoryAppender = null; + + private static final String LOGMSG_1 = + "Signature OK from signer: serialNumber=882486130371,givenName=XXXĤáčęk,SN=XXXMûstérfřău,CN=XXXĤáčęk XXXMûstérfřău,C=AT"; + + private static final String LOGMSG_2 = + "storing cert \"serialNumber=882486130371,givenName=XXXĤáčęk,SN=XXXMûstérfřău,CN=XXXĤáčęk XXXMûstérfřău,C=AT\" to: /data/eID/springboot-authhandler/config/moa-spss/certstore/subjectdn/518D25DA7380CF1967B5014DDB74E862E5E52827/9E1D7A221A7D1A522A9E169FA6F9A2E81EEAB643"; + + @Before + public void initialize() { + log = new IaikLog(RandomStringUtils.randomAlphabetic(5)); + transId = new TransactionId(RandomStringUtils.randomAlphanumeric(5)); + + // setup log appender + if (memoryAppender == null) { + final Logger logger = (Logger) LoggerFactory.getLogger("iaik.server"); + memoryAppender = new MemoryLoggingAppender(); + memoryAppender.setContext((LoggerContext) LoggerFactory.getILoggerFactory()); + logger.setLevel(Level.DEBUG); + logger.addAppender(memoryAppender); + memoryAppender.start(); + + } else { + memoryAppender.reset(); + + } + + } + + @Test + public void certificateMaskingInfoLevelMorePatterns() { + // patterns + IaikLog.addMaskPattern("(C=)(.*?)(,|$)"); + IaikLog.addMaskPattern("(CN=)(.*?)(,|$)"); + IaikLog.addMaskPattern("(SN=)(.*?)(,|$)"); + IaikLog.addMaskPattern("(serialNumber=)(.*?)(,|$)"); + IaikLog.addMaskPattern("(givenName=)(.*?)(,|$)"); + + //test + log.info(transId, LOGMSG_1, null); + + //verify log + verifyLogMessge(Arrays.asList("882486130371", "ûsté", "XĤáčę", "AT")); + + } + + @Test + public void certificateMaskingInfoLevelOnePattern() { + // Patterns + IaikLog.addMaskPattern(IaikLog.X509_INFO_CLEARING_PATTERN); + + //test + log.info(transId, LOGMSG_1, null); + + //verify log + verifyLogMessge(Arrays.asList("882486130371", "ûsté", "XĤáčę", "AT")); + + } + + @Test + public void certificateMaskingSecondMessage() { + // Patterns + IaikLog.addMaskPattern(IaikLog.X509_INFO_CLEARING_PATTERN); + + //test + log.info(transId, LOGMSG_2, null); + + //verify log + verifyLogMessge(Arrays.asList("882486130371", "ûsté", "XĤáčę", "AT")); + + } + + @Test + public void certificateMaskingWarnLevelMorePatterns() { + // patterns + IaikLog.addMaskPattern("(C=)(.*?)(,|$)"); + IaikLog.addMaskPattern("(CN=)(.*?)(,|$)"); + IaikLog.addMaskPattern("(SN=)(.*?)(,|$)"); + IaikLog.addMaskPattern("(serialNumber=)(.*?)(,|$)"); + IaikLog.addMaskPattern("(givenName=)(.*?)(,|$)"); + + //test + log.warn(transId, LOGMSG_1, null); + + //verify log + verifyLogMessge(Arrays.asList("882486130371", "ûsté", "XĤáčę", "AT")); + + } + + @Test + public void certificateMaskingWarnLevelOnePattern() { + // Patterns + IaikLog.addMaskPattern(IaikLog.X509_INFO_CLEARING_PATTERN); + + //test + log.warn(transId, LOGMSG_1, null); + + //verify log + verifyLogMessge(Arrays.asList("882486130371", "ûsté", "XĤáčę", "AT")); + + } + + + @Test + public void certificateMaskingErrorLevelOnePattern() { + // Patterns + IaikLog.addMaskPattern(IaikLog.X509_INFO_CLEARING_PATTERN); + + //test + log.error(transId, LOGMSG_1, null); + + //verify log + verifyLogMessge(Arrays.asList("882486130371", "ûsté", "XĤáčę", "AT")); + + } + + @Test + public void certificateMaskingFatalLevelOnePattern() { + // Patterns + IaikLog.addMaskPattern(IaikLog.X509_INFO_CLEARING_PATTERN); + + //test + log.fatal(transId, LOGMSG_1, null); + + //verify log + verifyLogMessge(Arrays.asList("882486130371", "ûsté", "XĤáčę", "AT")); + + } + + @Test + public void randomMessage() { + // Patterns + IaikLog.addMaskPattern(IaikLog.X509_INFO_CLEARING_PATTERN); + String msg = RandomStringUtils.randomAlphanumeric(25); + + //test + log.info(transId, msg, null); + + //verify log + Arrays.asList(msg) + .stream().forEach( + el -> assertTrue("find wrong element", memoryAppender.getLoggedEvents().get(0).getMessage().contains(el))); + + } + + + private void verifyLogMessge(List<String> checks) { + assertEquals("no log", 1, memoryAppender.getSize()); + checks.stream().forEach( + el -> assertFalse("find wrong element", memoryAppender.getLoggedEvents().get(0).getMessage().contains(el))); + + } + +} diff --git a/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/logger/MemoryLoggingAppender.java b/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/logger/MemoryLoggingAppender.java new file mode 100644 index 0000000..e1c6fce --- /dev/null +++ b/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/logger/MemoryLoggingAppender.java @@ -0,0 +1,56 @@ +package test.at.gv.egovernment.moa.spss.logger; + +import java.util.Collections; +import java.util.List; +import java.util.stream.Collectors; + +import ch.qos.logback.classic.Level; +import ch.qos.logback.classic.spi.ILoggingEvent; +import ch.qos.logback.core.read.ListAppender; + +/** + * In-Memory Logging-Appender to check log messages. + * + * @author tlenz + * + */ +public class MemoryLoggingAppender extends ListAppender<ILoggingEvent> { + + public void reset() { + this.list.clear(); + } + + public boolean contains(String string, Level level) { + return this.list.stream() + .anyMatch(event -> event.getMessage().toString().contains(string) + && event.getLevel().equals(level)); + } + + public int countEventsForLogger(String loggerName) { + return (int) this.list.stream() + .filter(event -> event.getLoggerName().contains(loggerName)) + .count(); + } + + public List<ILoggingEvent> search(String string) { + return this.list.stream() + .filter(event -> event.getMessage().toString().contains(string)) + .collect(Collectors.toList()); + } + + public List<ILoggingEvent> search(String string, Level level) { + return this.list.stream() + .filter(event -> event.getMessage().toString().contains(string) + && event.getLevel().equals(level)) + .collect(Collectors.toList()); + } + + public int getSize() { + return this.list.size(); + } + + public List<ILoggingEvent> getLoggedEvents() { + return Collections.unmodifiableList(this.list); + } + +} |