diff options
Diffstat (limited to 'certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/protections/SignatureProtectionTest.java')
-rw-r--r-- | certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/protections/SignatureProtectionTest.java | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/protections/SignatureProtectionTest.java b/certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/protections/SignatureProtectionTest.java new file mode 100644 index 00000000..a97a3c6e --- /dev/null +++ b/certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/protections/SignatureProtectionTest.java @@ -0,0 +1,94 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2021 Nokia. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.certservice.cmpv2client.impl.protections; + +import org.bouncycastle.asn1.DERBitString; +import org.bouncycastle.asn1.cmp.PKIBody; +import org.bouncycastle.asn1.cmp.PKIHeader; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.cert.cmp.CMPException; +import org.bouncycastle.cert.cmp.ProtectedPKIMessage; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.operator.ContentVerifierProvider; +import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder; +import org.bouncycastle.operator.OperatorCreationException; +import org.junit.jupiter.api.AfterAll; +import org.junit.jupiter.api.BeforeAll; +import org.junit.jupiter.api.Test; +import org.onap.oom.certservice.cmpv2client.exceptions.CmpClientException; + +import java.security.GeneralSecurityException; +import java.security.KeyPair; +import java.security.Security; + +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertTrue; +import static org.onap.oom.certservice.cmpv2client.impl.protections.PkiTestUtils.getProtectedPkiMessage; +import static org.onap.oom.certservice.cmpv2client.impl.protections.PkiTestUtils.getTestPkiBody; +import static org.onap.oom.certservice.cmpv2client.impl.protections.PkiTestUtils.getTestPkiHeader; + +class SignatureProtectionTest { + + private static final String SHA256_RSA_OID = "1.2.840.113549.1.1.11"; + private static final AlgorithmIdentifier SHA256_RSA_ALGORITHM = new DefaultSignatureAlgorithmIdentifierFinder() + .find("SHA256withRSA"); + private static final String BC_PROVIDER = "BC"; + + @BeforeAll + static void setUp() { + Security.addProvider(new BouncyCastleProvider()); + } + + @AfterAll + static void clean() { + Security.removeProvider(BC_PROVIDER); + } + + @Test + void shouldReturnExpectedAlgorithmWhenGetAlgorithmMethodCalled() { + //Given + SignatureProtection signatureProtection = new SignatureProtection(null); + //When + AlgorithmIdentifier algorithmIdentifier = signatureProtection.getAlgorithmIdentifier(); + //Then + assertNotNull(algorithmIdentifier); + assertNotNull(algorithmIdentifier.getAlgorithm()); + assertEquals(SHA256_RSA_OID, algorithmIdentifier.getAlgorithm().toString()); + } + + @Test + void shouldReturnProtectionByPkWhenGenerateProtectionMethodCalled() + throws GeneralSecurityException, CmpClientException, OperatorCreationException, CMPException { + //Given + KeyPair keyPair = PkiTestUtils.getKeyPair(); + SignatureProtection signatureProtection = new SignatureProtection(keyPair.getPrivate()); + PKIHeader pkiHeader = getTestPkiHeader(SHA256_RSA_ALGORITHM); + PKIBody pkiBody = getTestPkiBody(SHA256_RSA_ALGORITHM); + //When + DERBitString protection = signatureProtection.generatePkiMessageProtection(pkiHeader, pkiBody); + //Then + ProtectedPKIMessage protectedPkiMessage = getProtectedPkiMessage(pkiHeader, pkiBody, protection); + ContentVerifierProvider verifierProvider = PkiTestUtils.getContentVerifierProvider(keyPair.getPublic()); + assertTrue(protectedPkiMessage.verify(verifierProvider)); + } + +} |