From d5aa15227f0c8a8bd57b668fdc25eb3935be81c5 Mon Sep 17 00:00:00 2001
From: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Date: Tue, 3 Mar 2020 09:49:04 +0100
Subject: Fix PrivateKey encoding in certservice-client, refactor CsrFactory

Add PrivateKeyToPemEncoder with tests
Refactor CsrFactory to return not encoded PEM string (less responsibility and easier to test later)

Issue-ID: AAF-996
Change-Id: Ia8124d43ef7fb8b1d3077c98929c52f30b6512c6
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
---
 .../client/certification/CsrFactoryTest.java       |  2 +-
 .../certification/PrivateKeyToPemEncoderTest.java  | 66 ++++++++++++++++++++++
 2 files changed, 67 insertions(+), 1 deletion(-)
 create mode 100644 certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/PrivateKeyToPemEncoderTest.java

(limited to 'certServiceClient/src/test/java/org/onap')

diff --git a/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/CsrFactoryTest.java b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/CsrFactoryTest.java
index 16b5e03b..809a91f2 100644
--- a/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/CsrFactoryTest.java
+++ b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/CsrFactoryTest.java
@@ -52,7 +52,7 @@ public class CsrFactoryTest {
         when(config.getOrganizationUnit()).thenReturn("ONAP");
         when(config.getState()).thenReturn("California");
 
-        assertThat(new CsrFactory(config).createEncodedCsr(keyPair)).isNotEmpty();
+        assertThat(new CsrFactory(config).createCsrInPem(keyPair)).isNotEmpty();
      }
 }
 
diff --git a/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/PrivateKeyToPemEncoderTest.java b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/PrivateKeyToPemEncoderTest.java
new file mode 100644
index 00000000..def9c1d5
--- /dev/null
+++ b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/PrivateKeyToPemEncoderTest.java
@@ -0,0 +1,66 @@
+/*============LICENSE_START=======================================================
+ * aaf-certservice-client
+ * ================================================================================
+ * Copyright (C) 2020 Nokia. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.aaf.certservice.client.certification;
+
+
+import org.bouncycastle.util.io.pem.PemObject;
+import org.bouncycastle.util.io.pem.PemReader;
+import org.junit.jupiter.api.Test;
+import org.onap.aaf.certservice.client.certification.exception.PkEncodingException;
+
+import java.io.IOException;
+import java.io.StringReader;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.PKCS8EncodedKeySpec;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+class PrivateKeyToPemEncoderTest {
+
+    private static final String ENCRYPTION_ALGORITHM = "RSA";
+    private static final String RESOURCES_DIR = "src/test/resources/";
+    private static final String PRIVATE_KEY_PEM_PATH = RESOURCES_DIR + "rsaPrivateKeyPem";
+
+    @Test
+    public void shouldReturnProperlyEncodedPrivateKey() throws InvalidKeySpecException, NoSuchAlgorithmException, PkEncodingException, IOException {
+        //given
+        String expectedPem = Files.readString(Paths.get(PRIVATE_KEY_PEM_PATH));
+        PrivateKeyToPemEncoder testedPkEncoder = new PrivateKeyToPemEncoder();
+        //when
+        PrivateKey privateKey = extractPrivateKeyFromPem(expectedPem);
+        String resultPkInPem = testedPkEncoder.encodePrivateKeyToPem(privateKey);
+        //then
+        assertThat(resultPkInPem).isEqualTo(expectedPem);
+    }
+
+    private PrivateKey extractPrivateKeyFromPem(String pem) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
+        PemReader pemReader = new PemReader(new StringReader(pem));
+        PemObject pemObject = pemReader.readPemObject();
+        pemReader.close();
+        PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(pemObject.getContent());
+        KeyFactory kf = KeyFactory.getInstance(ENCRYPTION_ALGORITHM);
+        return kf.generatePrivate(spec);
+    }
+}
\ No newline at end of file
-- 
cgit 1.2.3-korg