summaryrefslogtreecommitdiffstats
path: root/certService/src/test
diff options
context:
space:
mode:
authorEmmettCox <emmett.cox@est.tech>2020-02-17 13:54:05 +0000
committerEmmettCox <emmett.cox@est.tech>2020-02-20 14:28:00 +0000
commit153a7ac15d804178e7c52f69117e1a9478862df1 (patch)
tree2a574f2a593b55531631ba02c97f318a136f1510 /certService/src/test
parente93c679bc9c22e034ba93a48460830716e1f7457 (diff)
Refactoring of Cmpv2Client code for sending CertRequest
Issue-ID: AAF-1036 Signed-off-by: EmmettCox <emmett.cox@est.tech> Change-Id: Ic0d95b35abb3ca2406b77bbe6e0cd51da0968684
Diffstat (limited to 'certService/src/test')
-rw-r--r--certService/src/test/java/org/onap/aaf/certservice/cmpv2Client/Cmpv2ClientTest.java211
-rw-r--r--certService/src/test/resources/ReturnedFailurePKIMessageBadPassword2
-rw-r--r--certService/src/test/resources/ReturnedSuccessPKIMessageWithCertificateFilebin0 -> 4297 bytes
3 files changed, 213 insertions, 0 deletions
diff --git a/certService/src/test/java/org/onap/aaf/certservice/cmpv2Client/Cmpv2ClientTest.java b/certService/src/test/java/org/onap/aaf/certservice/cmpv2Client/Cmpv2ClientTest.java
new file mode 100644
index 00000000..74eb098f
--- /dev/null
+++ b/certService/src/test/java/org/onap/aaf/certservice/cmpv2Client/Cmpv2ClientTest.java
@@ -0,0 +1,211 @@
+/*
+ * Copyright (C) 2019 Ericsson Software Technology AB. All rights reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+package org.onap.aaf.certservice.cmpv2Client;
+
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.doAnswer;
+import static org.mockito.Mockito.spy;
+import static org.mockito.Mockito.when;
+import static org.mockito.MockitoAnnotations.initMocks;
+
+import java.io.BufferedInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.Security;
+import java.security.cert.Certificate;
+import java.security.cert.X509Certificate;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+import java.util.Optional;
+import org.apache.commons.io.IOUtils;
+import org.apache.http.HttpEntity;
+import org.apache.http.client.methods.CloseableHttpResponse;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.bouncycastle.cert.CertException;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.mockito.Mock;
+import org.onap.aaf.certservice.cmpv2client.exceptions.CmpClientException;
+import org.onap.aaf.certservice.cmpv2client.external.CSRMeta;
+import org.onap.aaf.certservice.cmpv2client.external.RDN;
+import org.onap.aaf.certservice.cmpv2client.impl.CmpClientImpl;
+
+class Cmpv2ClientTest {
+
+ static {
+ Security.addProvider(new BouncyCastleProvider());
+ }
+
+ private CSRMeta csrMeta;
+ private Date notBefore;
+ private Date notAfter;
+
+ @Mock KeyPairGenerator kpg;
+
+ @Mock X509Certificate cert;
+
+ @Mock CloseableHttpClient httpClient;
+
+ @Mock CloseableHttpResponse httpResponse;
+
+ @Mock HttpEntity httpEntity;
+
+ private static KeyPair keyPair;
+ private static ArrayList<RDN> rdns;
+
+ @BeforeEach
+ void setUp() throws NoSuchProviderException, NoSuchAlgorithmException {
+ KeyPairGenerator keyGenerator;
+ keyGenerator = KeyPairGenerator.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
+ keyGenerator.initialize(2048);
+ keyPair = keyGenerator.generateKeyPair();
+ rdns = new ArrayList<>();
+ try {
+ rdns.add(new RDN("O=CommonCompany"));
+ } catch (CertException e) {
+ e.printStackTrace();
+ }
+ initMocks(this);
+ }
+
+ @Test
+ void shouldReturnValidPkiMessageWhenCreateCertificateRequestMessageMethodCalledWithValidCsr()
+ throws Exception {
+ // given
+ Date beforeDate = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss").parse("2019/11/11 12:00:00");
+ Date afterDate = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss").parse("2020/11/11 12:00:00");
+ setCsrMetaValuesAndDateValues(
+ rdns,
+ "CN=CommonName",
+ "CN=ManagementCA",
+ "CommonName.com",
+ "CommonName@cn.com",
+ "password",
+ "http://127.0.0.1/ejbca/publicweb/cmp/cmp",
+ beforeDate,
+ afterDate);
+ when(httpClient.execute(any())).thenReturn(httpResponse);
+ when(httpResponse.getEntity()).thenReturn(httpEntity);
+
+ try (final InputStream is =
+ this.getClass().getResourceAsStream("/ReturnedSuccessPKIMessageWithCertificateFile");
+ BufferedInputStream bis = new BufferedInputStream(is)) {
+
+ byte[] ba = IOUtils.toByteArray(bis);
+ doAnswer(
+ invocation -> {
+ OutputStream os = (ByteArrayOutputStream) invocation.getArguments()[0];
+ os.write(ba);
+ return null;
+ })
+ .when(httpEntity)
+ .writeTo(any(OutputStream.class));
+ }
+ CmpClientImpl cmpClient = spy(new CmpClientImpl(httpClient));
+ // when
+ Certificate certificate =
+ cmpClient.createCertificate("data", "RA", csrMeta, cert, notBefore, notAfter);
+ // then
+ assertNull(certificate);
+ }
+
+ @Test
+ void shouldThrowIllegalArgumentExceptionWhencreateCertificateCalledWithInvalidCsr()
+ throws ParseException {
+ // given
+ Date beforeDate = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss").parse("2020/11/11 12:00:00");
+ Date afterDate = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss").parse("2019/11/11 12:00:00");
+ setCsrMetaValuesAndDateValues(
+ rdns,
+ "CN=CommonName",
+ "CN=ManagementCA",
+ "CommonName.com",
+ "CommonName@cn.com",
+ "password",
+ "http://127.0.0.1/ejbca/publicweb/cmp/cmp",
+ beforeDate,
+ afterDate);
+ CmpClientImpl cmpClient = new CmpClientImpl(httpClient);
+ // then
+ Assertions.assertThrows(
+ IllegalArgumentException.class,
+ () ->
+ cmpClient.createCertificate(
+ "data", "RA", csrMeta, cert, notBefore, notAfter));
+ }
+
+ @Test
+ void shouldThrowIOExceptionWhenCreateCertificateCalledWithNoServerAvailable()
+ throws IOException, ParseException {
+ // given
+ Date beforeDate = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss").parse("2019/11/11 12:00:00");
+ Date afterDate = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss").parse("2020/11/11 12:00:00");
+ setCsrMetaValuesAndDateValues(
+ rdns,
+ "CN=Common",
+ "CN=CommonCA",
+ "Common.com",
+ "Common@cn.com",
+ "myPassword",
+ "http://127.0.0.1/ejbca/publicweb/cmp/cmpTest",
+ beforeDate,
+ afterDate);
+ when(httpClient.execute(any())).thenThrow(IOException.class);
+ CmpClientImpl cmpClient = spy(new CmpClientImpl(httpClient));
+ // then
+ Assertions.assertThrows(
+ CmpClientException.class,
+ () ->
+ cmpClient.createCertificate(
+ "data", "RA", csrMeta, cert, notBefore, notAfter));
+ }
+
+ private void setCsrMetaValuesAndDateValues(
+ List<RDN> rdns,
+ String cn,
+ String issuerCn,
+ String san,
+ String email,
+ String password,
+ String externalCaUrl,
+ Date notBefore,
+ Date notAfter) {
+ csrMeta = new CSRMeta(rdns);
+ csrMeta.cn(cn);
+ csrMeta.san(san);
+ csrMeta.password(password);
+ csrMeta.email(email);
+ csrMeta.issuerCn(issuerCn);
+ when(kpg.generateKeyPair()).thenReturn(keyPair);
+ csrMeta.keypair();
+ csrMeta.caUrl(externalCaUrl);
+
+ this.notBefore = notBefore;
+ this.notAfter = notAfter;
+ }
+}
diff --git a/certService/src/test/resources/ReturnedFailurePKIMessageBadPassword b/certService/src/test/resources/ReturnedFailurePKIMessageBadPassword
new file mode 100644
index 00000000..7d815814
--- /dev/null
+++ b/certService/src/test/resources/ReturnedFailurePKIMessageBadPassword
@@ -0,0 +1,2 @@
+0‚00ä010U ManagementCA¤T0R10U CN=CommonName1 0 *†H†÷  CommonName@cn.com10U
+ CommonCompany 20191127135043Z¤ox eå×Öpî­1Â`ï¥ ›ˆ¢ŠSI\q–eè#«¦eþCÑÁrZÇÊ’ˆa®·h0f0d0[ YFailed to verify message using both Global Shared Secret and CMP RA Authentication Secret \ No newline at end of file
diff --git a/certService/src/test/resources/ReturnedSuccessPKIMessageWithCertificateFile b/certService/src/test/resources/ReturnedSuccessPKIMessageWithCertificateFile
new file mode 100644
index 00000000..94cc3461
--- /dev/null
+++ b/certService/src/test/resources/ReturnedSuccessPKIMessageWithCertificateFile
Binary files differ