From 628ed81f0e56f7163b08b57a8d54833b646239d5 Mon Sep 17 00:00:00 2001 From: Bartosz Gardziejewski Date: Wed, 26 Feb 2020 14:46:14 +0100 Subject: Refactor CSR model to be POJO Issue-ID: AAF-997 Signed-off-by: Bartosz Gardziejewski Change-Id: Ia06dd580a64e56dcf1d8bf5f3db6fe6394cdb1c8 --- .../configuration/CmpServersConfigLoaderTest.java | 4 +- .../configuration/Cmpv2ServerProviderTest.java | 3 +- .../Cmpv2ServerConfigurationValidatorTest.java | 14 +-- .../certification/model/CsrModelTest.java | 100 ++++++++++++++++----- 4 files changed, 86 insertions(+), 35 deletions(-) (limited to 'certService/src/test') diff --git a/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoaderTest.java b/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoaderTest.java index b4eec400..cf8c07a1 100644 --- a/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoaderTest.java +++ b/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoaderTest.java @@ -88,9 +88,9 @@ class CmpServersConfigLoaderTest { private void verifyThatCmpServerEquals(Cmpv2Server cmpv2Server, Map expected) { assertThat(cmpv2Server.getCaName()).isEqualTo(expected.get("CA_NAME")); assertThat(cmpv2Server.getUrl()).isEqualTo(expected.get("URL")); - assertThat(cmpv2Server.getIssuerDN()).isEqualTo(expected.get("ISSUER_DN")); + assertThat(cmpv2Server.getIssuerDN().toString()).isEqualTo(expected.get("ISSUER_DN")); assertThat(cmpv2Server.getCaMode().name()).isEqualTo(expected.get("CA_MODE")); assertThat(cmpv2Server.getAuthentication().getIak()).isEqualTo(expected.get("IAK")); assertThat(cmpv2Server.getAuthentication().getRv()).isEqualTo(expected.get("RV")); } -} \ No newline at end of file +} diff --git a/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/Cmpv2ServerProviderTest.java b/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/Cmpv2ServerProviderTest.java index d3c09e9c..20a85783 100644 --- a/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/Cmpv2ServerProviderTest.java +++ b/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/Cmpv2ServerProviderTest.java @@ -20,6 +20,7 @@ package org.onap.aaf.certservice.certification.configuration; +import org.bouncycastle.asn1.x500.X500Name; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; @@ -83,7 +84,7 @@ class Cmpv2ServerProviderTest { private Cmpv2Server createTestServer() { Cmpv2Server testServer = new Cmpv2Server(); testServer.setCaName(TEST_CA); - testServer.setIssuerDN("testIssuer"); + testServer.setIssuerDN(new X500Name("CN=testIssuer")); testServer.setUrl("http://test.ca.server"); Authentication testAuthentication = new Authentication(); testAuthentication.setIak("testIak"); diff --git a/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidatorTest.java b/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidatorTest.java index ea15740c..18097608 100644 --- a/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidatorTest.java +++ b/certService/src/test/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidatorTest.java @@ -20,6 +20,7 @@ package org.onap.aaf.certservice.certification.configuration.validation; +import org.bouncycastle.asn1.x500.X500Name; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; @@ -83,15 +84,6 @@ class Cmpv2ServerConfigurationValidatorTest { assertThrows(IllegalArgumentException.class, () -> validator.validate(server)); } - @Test - public void givenWrongIssuerDNLengthInURLServerDetailsWhenValidatingShouldThrowException() { - //given - server.setIssuerDN("123"); - - //then - assertThrows(IllegalArgumentException.class, () -> validator.validate(server)); - } - @Test public void givenWrongRVLengthInURLServerDetailsWhenValidatingShouldThrowException() { //given @@ -114,7 +106,7 @@ class Cmpv2ServerConfigurationValidatorTest { server = new Cmpv2Server(); server.setCaMode(CaMode.CLIENT); server.setCaName("TEST"); - server.setIssuerDN("CN=ManagementCA"); + server.setIssuerDN(new X500Name("CN=ManagementCA")); server.setUrl("http://127.0.0.1/ejbca/publicweb/cmp/cmp"); server.setAuthentication(authentication); } @@ -124,4 +116,4 @@ class Cmpv2ServerConfigurationValidatorTest { authentication.setRv("testRV"); authentication.setIak("testIAK"); } -} \ No newline at end of file +} diff --git a/certService/src/test/java/org/onap/aaf/certservice/certification/model/CsrModelTest.java b/certService/src/test/java/org/onap/aaf/certservice/certification/model/CsrModelTest.java index bde1dcce..f47f495f 100644 --- a/certService/src/test/java/org/onap/aaf/certservice/certification/model/CsrModelTest.java +++ b/certService/src/test/java/org/onap/aaf/certservice/certification/model/CsrModelTest.java @@ -33,14 +33,13 @@ import org.onap.aaf.certservice.certification.exception.KeyDecryptionException; import java.io.IOException; import static org.assertj.core.api.Assertions.assertThat; -import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertThrows; import static org.junit.jupiter.api.Assertions.assertTrue; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; import static org.onap.aaf.certservice.certification.TestData.TEST_CSR; +import static org.onap.aaf.certservice.certification.TestData.TEST_PEM; import static org.onap.aaf.certservice.certification.TestData.TEST_PK; -import static org.onap.aaf.certservice.certification.TestUtils.pemObjectToString; class CsrModelTest { @@ -52,20 +51,21 @@ class CsrModelTest { @Test void shouldByConstructedAndReturnProperFields() throws DecryptionException, IOException { // given + PemObject testPrivateKey = getPemPrivateKey(); PemObject testPublicKey = generateTestPublicKey(); + PKCS10CertificationRequest testCsr = generateTestCertificationRequest(); // when - CsrModel csrModel = generateTestCsrModel(); - + CsrModel csrModel = generateTestCsrModel(testCsr); // then - assertEquals( - pemObjectToString(csrModel.getPrivateKey()).trim(), - TEST_PK.trim()); - assertEquals( - pemObjectToString(csrModel.getPublicKey()).trim(), - pemObjectToString((testPublicKey)).trim()); - assertThat(csrModel.getSansData()) + assertThat(csrModel.getCsr()) + .isEqualTo(testCsr); + assertThat(csrModel.getPrivateKey().getEncoded()) + .contains(testPrivateKey.getContent()); + assertThat(csrModel.getPublicKey().getEncoded()) + .contains(testPublicKey.getContent()); + assertThat(csrModel.getSans()) .contains( "gerrit.onap.org", "test.onap.org", "onap.com"); assertThat(csrModel.getSubjectData().toString()) @@ -74,24 +74,20 @@ class CsrModelTest { } @Test - void shouldThrowExceptionWhenPublicKeyIsNotCorrect() throws KeyDecryptionException, IOException { + void shouldThrowExceptionWhenPublicKeyIsNotCorrect() throws DecryptionException, IOException { // given - PemObjectFactory pemObjectFactory = new PemObjectFactory(); + PemObject testPrivateKey = getPemPrivateKey(); PKCS10CertificationRequest testCsr = mock(PKCS10CertificationRequest.class); SubjectPublicKeyInfo wrongKryInfo = mock(SubjectPublicKeyInfo.class); when(testCsr.getSubjectPublicKeyInfo()) .thenReturn(wrongKryInfo); when(wrongKryInfo.getEncoded()) .thenThrow(new IOException()); - PemObject testPrivateKey = pemObjectFactory.createPemObject(TEST_PK).orElseThrow( - () -> new KeyDecryptionException("Private key decoding fail") - ); - CsrModel csrModel = new CsrModel(testCsr, testPrivateKey); // when Exception exception = assertThrows( CsrDecryptionException.class, - csrModel::getPublicKey + () -> new CsrModel.CsrModelBuilder(testCsr, testPrivateKey).build() ); String expectedMessage = "Reading Public Key from CSR failed"; @@ -101,12 +97,74 @@ class CsrModelTest { assertTrue(actualMessage.contains(expectedMessage)); } - private CsrModel generateTestCsrModel() throws DecryptionException { + @Test + void shouldThrowExceptionWhenPrivateKeyPemIsNotProperPrivateKey() throws KeyDecryptionException, IOException { + // given + PemObject testPrivateKey = getPemWrongKey(); + PKCS10CertificationRequest testCsr = mock(PKCS10CertificationRequest.class); + SubjectPublicKeyInfo wrongKryInfo = mock(SubjectPublicKeyInfo.class); + when(testCsr.getSubjectPublicKeyInfo()) + .thenReturn(wrongKryInfo); + when(wrongKryInfo.getEncoded()) + .thenThrow(new IOException()); + + // when + Exception exception = assertThrows( + KeyDecryptionException.class, + () -> new CsrModel.CsrModelBuilder(testCsr, testPrivateKey).build() + ); + + String expectedMessage = "Converting Private Key failed"; + String actualMessage = exception.getMessage(); + + // then + assertTrue(actualMessage.contains(expectedMessage)); + } + + @Test + void shouldThrowExceptionWhenPublicKeyPemIsNotProperPublicKey() throws KeyDecryptionException, IOException { + // given + PemObject testPrivateKey = getPemPrivateKey(); + PemObject testPublicKey = getPemWrongKey(); + PKCS10CertificationRequest testCsr = mock(PKCS10CertificationRequest.class); + SubjectPublicKeyInfo wrongKryInfo = mock(SubjectPublicKeyInfo.class); + when(testCsr.getSubjectPublicKeyInfo()) + .thenReturn(wrongKryInfo); + when(wrongKryInfo.getEncoded()) + .thenReturn(testPublicKey.getContent()); + + // when + Exception exception = assertThrows( + KeyDecryptionException.class, + () -> new CsrModel.CsrModelBuilder(testCsr, testPrivateKey).build() + ); + + String expectedMessage = "Converting Public Key from CSR failed"; + String actualMessage = exception.getMessage(); + + // then + assertTrue(actualMessage.contains(expectedMessage)); + } + + private PemObject getPemPrivateKey() throws KeyDecryptionException { + PemObjectFactory pemObjectFactory = new PemObjectFactory(); + return pemObjectFactory.createPemObject(TEST_PK).orElseThrow( + () -> new KeyDecryptionException("Private key decoding fail") + ); + } + + private PemObject getPemWrongKey() throws KeyDecryptionException { + PemObjectFactory pemObjectFactory = new PemObjectFactory(); + return pemObjectFactory.createPemObject(TEST_PEM).orElseThrow( + () -> new KeyDecryptionException("Private key decoding fail") + ); + } + + private CsrModel generateTestCsrModel(PKCS10CertificationRequest testCsr) throws DecryptionException { PemObject testPrivateKey = pemObjectFactory.createPemObject(TEST_PK).orElseThrow( () -> new DecryptionException("Incorrect Private Key, decryption failed") ); - PKCS10CertificationRequest testCsr = generateTestCertificationRequest(); - return new CsrModel(testCsr, testPrivateKey); + return new CsrModel.CsrModelBuilder(testCsr, testPrivateKey).build(); } private PemObject generateTestPublicKey() throws DecryptionException, IOException { -- cgit 1.2.3-korg