diff options
Diffstat (limited to 'certService/src/test')
6 files changed, 136 insertions, 55 deletions
diff --git a/certService/src/test/java/org/onap/oom/certservice/certification/conversion/CsrModelFactoryTest.java b/certService/src/test/java/org/onap/oom/certservice/certification/conversion/CsrModelFactoryTest.java index 26624867..54508e4b 100644 --- a/certService/src/test/java/org/onap/oom/certservice/certification/conversion/CsrModelFactoryTest.java +++ b/certService/src/test/java/org/onap/oom/certservice/certification/conversion/CsrModelFactoryTest.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * Cert Service * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. + * Copyright (C) 2020-2021 Nokia. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,13 +20,6 @@ package org.onap.oom.certservice.certification.conversion; -import static org.junit.jupiter.api.Assertions.assertThrows; -import static org.junit.jupiter.api.Assertions.assertTrue; -import static org.onap.oom.certservice.certification.TestData.TEST_CSR; -import static org.onap.oom.certservice.certification.TestData.TEST_PK; -import static org.onap.oom.certservice.certification.TestData.TEST_WRONG_CSR; -import static org.onap.oom.certservice.certification.TestData.TEST_WRONG_PEM; - import org.bouncycastle.util.encoders.Base64; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; @@ -36,6 +29,13 @@ import org.onap.oom.certservice.certification.exception.DecryptionException; import org.onap.oom.certservice.certification.exception.KeyDecryptionException; import org.onap.oom.certservice.certification.model.CsrModel; +import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.junit.jupiter.api.Assertions.assertTrue; +import static org.onap.oom.certservice.certification.TestData.TEST_CSR; +import static org.onap.oom.certservice.certification.TestData.TEST_PK; +import static org.onap.oom.certservice.certification.TestData.TEST_WRONG_CSR; +import static org.onap.oom.certservice.certification.TestData.TEST_WRONG_PEM; + class CsrModelFactoryTest { @@ -58,7 +58,6 @@ class CsrModelFactoryTest { assertTrue(decryptedCsr.toString() .contains(TestData.EXPECTED_CERT_SUBJECT)); - System.out.println(decryptedCsr.toString()); assertTrue(decryptedCsr.toString() .contains(TestData.EXPECTED_CERT_SANS)); } diff --git a/certService/src/test/java/org/onap/oom/certservice/certification/conversion/StringBase64ToPrivateKeyConverterTest.java b/certService/src/test/java/org/onap/oom/certservice/certification/conversion/StringBase64ToPrivateKeyConverterTest.java new file mode 100644 index 00000000..7a722b2c --- /dev/null +++ b/certService/src/test/java/org/onap/oom/certservice/certification/conversion/StringBase64ToPrivateKeyConverterTest.java @@ -0,0 +1,89 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2021 Nokia. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.oom.certservice.certification.conversion; + +import org.bouncycastle.util.encoders.Base64; +import org.junit.jupiter.api.Test; +import org.onap.oom.certservice.certification.exception.KeyDecryptionException; + +import java.security.PrivateKey; + +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.junit.jupiter.api.Assertions.assertTrue; +import static org.onap.oom.certservice.certification.TestData.TEST_PEM; +import static org.onap.oom.certservice.certification.TestData.TEST_PK; + +class StringBase64ToPrivateKeyConverterTest { + + private static final String RSA = "RSA"; + public static final String PKCS_8 = "PKCS#8"; + + @Test + void shouldUseProperAlgorithmWhenConverting() throws KeyDecryptionException { + // Given + StringBase64ToPrivateKeyConverter stringBase64ToPrivateKeyConverter = new StringBase64ToPrivateKeyConverter(); + String encodedPK = new String(Base64.encode(TEST_PK.getBytes())); + // When + PrivateKey privateKey = stringBase64ToPrivateKeyConverter.convert(new StringBase64(encodedPK)); + // Then + assertEquals(RSA, privateKey.getAlgorithm()); + } + + @Test + void shouldUsePkcs8FormatWhenConverting() throws KeyDecryptionException { + // Given + StringBase64ToPrivateKeyConverter stringBase64ToPrivateKeyConverter = new StringBase64ToPrivateKeyConverter(); + String encodedPK = new String(Base64.encode(TEST_PK.getBytes())); + // When + PrivateKey privateKey = stringBase64ToPrivateKeyConverter.convert(new StringBase64(encodedPK)); + // Then + assertEquals(PKCS_8, privateKey.getFormat()); + } + + @Test + void shouldCorrectlyConvertWhenPrivateKeyPemIsProper() throws KeyDecryptionException { + // Given + StringBase64ToPrivateKeyConverter stringBase64ToPrivateKeyConverter = new StringBase64ToPrivateKeyConverter(); + String encodedPK = new String(Base64.encode(TEST_PK.getBytes())); + // When + PrivateKey privateKey = stringBase64ToPrivateKeyConverter.convert(new StringBase64(encodedPK)); + // Then + assertNotNull(privateKey.getEncoded()); + } + + @Test + void shouldThrowExceptionWhenPrivateKeyPemIsNotProperPrivateKey() { + // Given + StringBase64ToPrivateKeyConverter stringBase64ToPrivateKeyConverter = new StringBase64ToPrivateKeyConverter(); + StringBase64 privateKey = new StringBase64(TEST_PEM); + // When + Exception exception = assertThrows( + KeyDecryptionException.class, () -> stringBase64ToPrivateKeyConverter.convert(privateKey)); + + String expectedMessage = "Incorrect Key, decryption failed"; + String actualMessage = exception.getMessage(); + // Then + assertTrue(actualMessage.contains(expectedMessage)); + } + +} diff --git a/certService/src/test/java/org/onap/oom/certservice/certification/model/CsrModelTest.java b/certService/src/test/java/org/onap/oom/certservice/certification/model/CsrModelTest.java index 72837e56..c3bd4d78 100644 --- a/certService/src/test/java/org/onap/oom/certservice/certification/model/CsrModelTest.java +++ b/certService/src/test/java/org/onap/oom/certservice/certification/model/CsrModelTest.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * PROJECT * ================================================================================ - * Copyright (C) 2020 Nokia. All rights reserved. + * Copyright (C) 2020-2021 Nokia. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,21 +20,26 @@ package org.onap.oom.certservice.certification.model; -import java.util.Arrays; -import java.util.List; -import java.util.stream.Collectors; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.pkcs.PKCS10CertificationRequest; import org.bouncycastle.util.io.pem.PemObject; import org.junit.jupiter.api.Test; -import org.onap.oom.certservice.certification.conversion.Pkcs10CertificationRequestFactory; -import org.onap.oom.certservice.certification.conversion.PemObjectFactory; import org.onap.oom.certservice.certification.TestData; +import org.onap.oom.certservice.certification.conversion.PemObjectFactory; +import org.onap.oom.certservice.certification.conversion.Pkcs10CertificationRequestFactory; import org.onap.oom.certservice.certification.exception.CsrDecryptionException; import org.onap.oom.certservice.certification.exception.DecryptionException; import org.onap.oom.certservice.certification.exception.KeyDecryptionException; import java.io.IOException; +import java.security.KeyFactory; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.PKCS8EncodedKeySpec; +import java.util.Arrays; +import java.util.List; +import java.util.stream.Collectors; import static org.assertj.core.api.Assertions.assertThat; import static org.junit.jupiter.api.Assertions.assertThrows; @@ -57,7 +62,7 @@ class CsrModelTest { @Test void shouldByConstructedAndReturnProperFields() throws DecryptionException, IOException { // Given - PemObject testPrivateKey = getPemPrivateKey(); + PrivateKey testPrivateKey = getPemPrivateKey(); PemObject testPublicKey = generateTestPublicKey(); PKCS10CertificationRequest testCsr = generateTestCertificationRequest(); @@ -70,7 +75,7 @@ class CsrModelTest { assertThat(csrModel.getCsr()) .isEqualTo(testCsr); assertThat(csrModel.getPrivateKey().getEncoded()) - .contains(testPrivateKey.getContent()); + .isEqualTo(testPrivateKey.getEncoded()); assertThat(csrModel.getPublicKey().getEncoded()) .contains(testPublicKey.getContent()); assertThat(sansList) @@ -84,7 +89,7 @@ class CsrModelTest { @Test void shouldThrowExceptionWhenPublicKeyIsNotCorrect() throws DecryptionException, IOException { // Given - PemObject testPrivateKey = getPemPrivateKey(); + PrivateKey testPrivateKey = getPemPrivateKey(); PKCS10CertificationRequest testCsr = mock(PKCS10CertificationRequest.class); SubjectPublicKeyInfo wrongKryInfo = mock(SubjectPublicKeyInfo.class); when(testCsr.getSubjectPublicKeyInfo()) @@ -106,33 +111,9 @@ class CsrModelTest { } @Test - void shouldThrowExceptionWhenPrivateKeyPemIsNotProperPrivateKey() throws KeyDecryptionException, IOException { - // Given - PemObject testPrivateKey = getPemWrongKey(); - PKCS10CertificationRequest testCsr = mock(PKCS10CertificationRequest.class); - SubjectPublicKeyInfo wrongKryInfo = mock(SubjectPublicKeyInfo.class); - when(testCsr.getSubjectPublicKeyInfo()) - .thenReturn(wrongKryInfo); - when(wrongKryInfo.getEncoded()) - .thenThrow(new IOException()); - - // When - Exception exception = assertThrows( - KeyDecryptionException.class, - () -> new CsrModel.CsrModelBuilder(testCsr, testPrivateKey).build() - ); - - String expectedMessage = "Converting Private Key failed"; - String actualMessage = exception.getMessage(); - - // Then - assertTrue(actualMessage.contains(expectedMessage)); - } - - @Test void shouldThrowExceptionWhenPublicKeyPemIsNotProperPublicKey() throws KeyDecryptionException, IOException { // Given - PemObject testPrivateKey = getPemPrivateKey(); + PrivateKey testPrivateKey = getPemPrivateKey(); PemObject testPublicKey = getPemWrongKey(); PKCS10CertificationRequest testCsr = mock(PKCS10CertificationRequest.class); SubjectPublicKeyInfo wrongKryInfo = mock(SubjectPublicKeyInfo.class); @@ -154,11 +135,12 @@ class CsrModelTest { assertTrue(actualMessage.contains(expectedMessage)); } - private PemObject getPemPrivateKey() throws KeyDecryptionException { + private PrivateKey getPemPrivateKey() throws KeyDecryptionException { PemObjectFactory pemObjectFactory = new PemObjectFactory(); - return pemObjectFactory.createPemObject(TEST_PK).orElseThrow( - () -> new KeyDecryptionException("Private key decoding fail") + PemObject pemObject = pemObjectFactory.createPemObject(TEST_PK).orElseThrow( + () -> new KeyDecryptionException("Private key decoding fail") ); + return convertToPrivateKey(pemObject); } private PemObject getPemWrongKey() throws KeyDecryptionException { @@ -172,7 +154,7 @@ class CsrModelTest { PemObject testPrivateKey = pemObjectFactory.createPemObject(TEST_PK).orElseThrow( () -> new DecryptionException("Incorrect Private Key, decryption failed") ); - return new CsrModel.CsrModelBuilder(testCsr, testPrivateKey).build(); + return new CsrModel.CsrModelBuilder(testCsr, convertToPrivateKey(testPrivateKey)).build(); } private PemObject generateTestPublicKey() throws DecryptionException, IOException { @@ -189,4 +171,15 @@ class CsrModelTest { ); } + private PrivateKey convertToPrivateKey(PemObject privateKey) + throws KeyDecryptionException { + try { + KeyFactory factory = KeyFactory.getInstance("RSA"); + PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(privateKey.getContent()); + return factory.generatePrivate(keySpec); + } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { + throw new KeyDecryptionException("Converting Private Key failed", e.getCause()); + } + } + } diff --git a/certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/PasswordBasedProtectionTest.java b/certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/protections/PasswordBasedProtectionTest.java index b280a2e6..c249fab7 100644 --- a/certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/PasswordBasedProtectionTest.java +++ b/certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/protections/PasswordBasedProtectionTest.java @@ -18,7 +18,7 @@ * ============LICENSE_END========================================================= */ -package org.onap.oom.certservice.cmpv2client.impl; +package org.onap.oom.certservice.cmpv2client.impl.protections; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.DERBitString; @@ -44,8 +44,8 @@ import java.security.Security; import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertTrue; -import static org.onap.oom.certservice.cmpv2client.impl.PkiTestUtils.getProtectedPkiMessage; -import static org.onap.oom.certservice.cmpv2client.impl.PkiTestUtils.getTestPkiHeader; +import static org.onap.oom.certservice.cmpv2client.impl.protections.PkiTestUtils.getProtectedPkiMessage; +import static org.onap.oom.certservice.cmpv2client.impl.protections.PkiTestUtils.getTestPkiHeader; class PasswordBasedProtectionTest { diff --git a/certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/PkiTestUtils.java b/certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/protections/PkiTestUtils.java index 7f7df455..74af51c1 100644 --- a/certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/PkiTestUtils.java +++ b/certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/protections/PkiTestUtils.java @@ -18,7 +18,7 @@ * ============LICENSE_END========================================================= */ -package org.onap.oom.certservice.cmpv2client.impl; +package org.onap.oom.certservice.cmpv2client.impl.protections; import org.bouncycastle.asn1.DERBitString; import org.bouncycastle.asn1.DERGeneralizedTime; diff --git a/certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/SignatureProtectionTest.java b/certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/protections/SignatureProtectionTest.java index ba382c42..a97a3c6e 100644 --- a/certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/SignatureProtectionTest.java +++ b/certService/src/test/java/org/onap/oom/certservice/cmpv2client/impl/protections/SignatureProtectionTest.java @@ -18,7 +18,7 @@ * ============LICENSE_END========================================================= */ -package org.onap.oom.certservice.cmpv2client.impl; +package org.onap.oom.certservice.cmpv2client.impl.protections; import org.bouncycastle.asn1.DERBitString; import org.bouncycastle.asn1.cmp.PKIBody; @@ -42,9 +42,9 @@ import java.security.Security; import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertTrue; -import static org.onap.oom.certservice.cmpv2client.impl.PkiTestUtils.getProtectedPkiMessage; -import static org.onap.oom.certservice.cmpv2client.impl.PkiTestUtils.getTestPkiBody; -import static org.onap.oom.certservice.cmpv2client.impl.PkiTestUtils.getTestPkiHeader; +import static org.onap.oom.certservice.cmpv2client.impl.protections.PkiTestUtils.getProtectedPkiMessage; +import static org.onap.oom.certservice.cmpv2client.impl.protections.PkiTestUtils.getTestPkiBody; +import static org.onap.oom.certservice.cmpv2client.impl.protections.PkiTestUtils.getTestPkiHeader; class SignatureProtectionTest { |