1. Project Clover database Sat Feb 2 2019 06:45:20 CET
  2. Package org.xwiki.crypto.signer.internal.cms

File DefaultCMSSignedDataTest.java

 

Code metrics

2
81
9
1
282
216
10
0.12
9
9
1.11

Classes

Class Line # Actions
DefaultCMSSignedDataTest 67 81 0% 10 0
1.0100%
 

Contributing tests

This file is covered by 7 tests. .

Source view

1    /*
2    * See the NOTICE file distributed with this work for additional
3    * information regarding copyright ownership.
4    *
5    * This is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU Lesser General Public License as
7    * published by the Free Software Foundation; either version 2.1 of
8    * the License, or (at your option) any later version.
9    *
10    * This software is distributed in the hope that it will be useful,
11    * but WITHOUT ANY WARRANTY; without even the implied warranty of
12    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13    * Lesser General Public License for more details.
14    *
15    * You should have received a copy of the GNU Lesser General Public
16    * License along with this software; if not, write to the Free
17    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
19    */
20   
21    package org.xwiki.crypto.signer.internal.cms;
22   
23    import java.util.Arrays;
24   
25    import org.junit.Before;
26    import org.junit.Rule;
27    import org.junit.Test;
28    import org.xwiki.crypto.AbstractPKIXTest;
29    import org.xwiki.crypto.AsymmetricKeyFactory;
30    import org.xwiki.crypto.BinaryStringEncoder;
31    import org.xwiki.crypto.internal.asymmetric.keyfactory.BcDSAKeyFactory;
32    import org.xwiki.crypto.internal.asymmetric.keyfactory.BcRSAKeyFactory;
33    import org.xwiki.crypto.internal.digest.factory.BcSHA1DigestFactory;
34    import org.xwiki.crypto.internal.digest.factory.DefaultDigestFactory;
35    import org.xwiki.crypto.internal.encoder.Base64BinaryStringEncoder;
36    import org.xwiki.crypto.params.cipher.asymmetric.PrivateKeyParameters;
37    import org.xwiki.crypto.pkix.CertificateFactory;
38    import org.xwiki.crypto.pkix.CertifyingSigner;
39    import org.xwiki.crypto.pkix.internal.BcStoreX509CertificateProvider;
40    import org.xwiki.crypto.pkix.internal.BcX509CertificateChainBuilder;
41    import org.xwiki.crypto.pkix.internal.BcX509CertificateFactory;
42    import org.xwiki.crypto.pkix.params.CertifiedKeyPair;
43    import org.xwiki.crypto.pkix.params.CertifiedPublicKey;
44    import org.xwiki.crypto.signer.CMSSignedDataGenerator;
45    import org.xwiki.crypto.signer.CMSSignedDataVerifier;
46    import org.xwiki.crypto.signer.SignerFactory;
47    import org.xwiki.crypto.signer.internal.DefaultBcContentVerifierProviderBuilder;
48    import org.xwiki.crypto.signer.internal.factory.BcDSAwithSHA1SignerFactory;
49    import org.xwiki.crypto.signer.internal.factory.BcSHA1withRsaSignerFactory;
50    import org.xwiki.crypto.signer.internal.factory.DefaultSignerFactory;
51    import org.xwiki.crypto.signer.param.CMSSignedDataGeneratorParameters;
52    import org.xwiki.crypto.signer.param.CMSSignedDataVerified;
53    import org.xwiki.crypto.signer.param.CMSSignerVerifiedInformation;
54    import org.xwiki.test.annotation.ComponentList;
55    import org.xwiki.test.mockito.MockitoComponentMockingRule;
56   
57    import static org.hamcrest.Matchers.contains;
58    import static org.hamcrest.Matchers.containsInAnyOrder;
59    import static org.hamcrest.Matchers.equalTo;
60    import static org.junit.Assert.assertThat;
61   
62    @ComponentList({Base64BinaryStringEncoder.class, BcRSAKeyFactory.class, BcDSAKeyFactory.class,
63    DefaultDigestFactory.class, BcSHA1DigestFactory.class, BcSHA1withRsaSignerFactory.class,
64    BcDSAwithSHA1SignerFactory.class, DefaultSignerFactory.class, BcX509CertificateFactory.class,
65    DefaultBcContentVerifierProviderBuilder.class, BcStoreX509CertificateProvider.class,
66    BcX509CertificateChainBuilder.class})
 
67    public class DefaultCMSSignedDataTest extends AbstractPKIXTest
68    {
69    @Rule
70    public final MockitoComponentMockingRule<CMSSignedDataGenerator> generatorMocker =
71    new MockitoComponentMockingRule<CMSSignedDataGenerator>(DefaultCMSSignedDataGenerator.class);
72   
73    @Rule
74    public final MockitoComponentMockingRule<CMSSignedDataVerifier> verifierMocker =
75    new MockitoComponentMockingRule<CMSSignedDataVerifier>(DefaultCMSSignedDataVerifier.class);
76   
77    private CMSSignedDataGenerator generator;
78    private CMSSignedDataVerifier verifier;
79    @SuppressWarnings("unused")
80    private static SignerFactory rsaSignerFactory;
81    private static SignerFactory dsaSignerFactory;
82    private static PrivateKeyParameters rsaPrivateKey;
83    private static PrivateKeyParameters dsaPrivateKey;
84    private static CertifiedPublicKey v3CaCert;
85    private static CertifiedPublicKey v3InterCaCert;
86    private static CertifiedPublicKey v3Cert;
87    protected static byte[] text;
88   
 
89  7 toggle public void setupTest(MockitoComponentMockingRule<CMSSignedDataGenerator> mocker) throws Exception
90    {
91    // Decode keys once for all tests.
92  7 if (rsaPrivateKey == null) {
93  1 BinaryStringEncoder base64encoder = mocker.getInstance(BinaryStringEncoder.class, "Base64");
94  1 AsymmetricKeyFactory rsaKeyFactory = mocker.getInstance(AsymmetricKeyFactory.class, "RSA");
95  1 AsymmetricKeyFactory dsaKeyFactory = mocker.getInstance(AsymmetricKeyFactory.class, "DSA");
96  1 CertificateFactory certFactory = mocker.getInstance(CertificateFactory.class, "X509");
97  1 rsaPrivateKey = rsaKeyFactory.fromPKCS8(base64encoder.decode(RSA_PRIVATE_KEY));
98  1 dsaPrivateKey = dsaKeyFactory.fromPKCS8(base64encoder.decode(DSA_PRIVATE_KEY));
99  1 v3CaCert = certFactory.decode(base64encoder.decode(V3_CA_CERT));
100  1 v3InterCaCert = certFactory.decode(base64encoder.decode(V3_ITERCA_CERT));
101  1 v3Cert = certFactory.decode(base64encoder.decode(V3_CERT));
102  1 text = TEXT.getBytes("UTF-8");
103  1 rsaSignerFactory = mocker.getInstance(SignerFactory.class, "SHA1withRSAEncryption");
104  1 dsaSignerFactory = mocker.getInstance(SignerFactory.class, "DSAwithSHA1");
105    }
106    }
107   
 
108  7 toggle @Before
109    public void configure() throws Exception
110    {
111  7 generator = generatorMocker.getComponentUnderTest();
112  7 verifier = verifierMocker.getComponentUnderTest();
113  7 setupTest(generatorMocker);
114    }
115   
 
116  1 toggle @Test
117    public void testDSASignatureAllEmbedded() throws Exception
118    {
119  1 byte[] signature = generator.generate(text,
120    new CMSSignedDataGeneratorParameters()
121    .addSigner(CertifyingSigner.getInstance(true,
122    new CertifiedKeyPair(dsaPrivateKey, v3Cert), dsaSignerFactory))
123    .addCertificate(v3Cert)
124    .addCertificate(v3InterCaCert)
125    .addCertificate(v3CaCert), true);
126   
127  1 CMSSignedDataVerified result = verifier.verify(signature);
128   
129  1 assertThat(result.isVerified(), equalTo(true));
130  1 assertThat(result.getCertificates(), containsInAnyOrder(v3CaCert, v3InterCaCert, v3Cert));
131  1 assertThat(result.getContent(), equalTo(text));
132  1 assertThat(result.getContentType(), equalTo("1.2.840.113549.1.7.1"));
133  1 assertThat(result.getSignatures().size(),equalTo(1));
134   
135  1 CMSSignerVerifiedInformation signerInfo = result.getSignatures().iterator().next();
136   
137  1 assertThat(signerInfo.isVerified(), equalTo(true));
138  1 assertThat(signerInfo.getCertificateChain(), contains(v3CaCert, v3InterCaCert, v3Cert));
139    }
140   
 
141  1 toggle @Test
142    public void testDSASignatureWithExternalCerts() throws Exception
143    {
144  1 byte[] signature = generator.generate(text,
145    new CMSSignedDataGeneratorParameters()
146    .addSigner(CertifyingSigner.getInstance(true,
147    new CertifiedKeyPair(dsaPrivateKey, v3Cert), dsaSignerFactory)), true);
148   
149  1 CMSSignedDataVerified result = verifier.verify(signature, Arrays.asList(v3Cert, v3InterCaCert, v3CaCert));
150   
151  1 assertThat(result.isVerified(), equalTo(true));
152  1 assertThat(result.getCertificates().isEmpty(), equalTo(true));
153  1 assertThat(result.getContent(), equalTo(text));
154  1 assertThat(result.getContentType(), equalTo("1.2.840.113549.1.7.1"));
155  1 assertThat(result.getSignatures().size(),equalTo(1));
156   
157  1 CMSSignerVerifiedInformation signerInfo = result.getSignatures().iterator().next();
158   
159  1 assertThat(signerInfo.isVerified(), equalTo(true));
160  1 assertThat(signerInfo.getCertificateChain(), contains(v3CaCert, v3InterCaCert, v3Cert));
161    }
162   
 
163  1 toggle @Test
164    public void testDSADetachedSignatureWithEmbeddedCerts() throws Exception
165    {
166  1 byte[] signature = generator.generate(text,
167    new CMSSignedDataGeneratorParameters()
168    .addSigner(CertifyingSigner.getInstance(true,
169    new CertifiedKeyPair(dsaPrivateKey, v3Cert), dsaSignerFactory))
170    .addCertificate(v3Cert)
171    .addCertificate(v3InterCaCert)
172    .addCertificate(v3CaCert));
173   
174  1 CMSSignedDataVerified result = verifier.verify(signature, text);
175   
176  1 assertThat(result.isVerified(), equalTo(true));
177  1 assertThat(result.getCertificates(), containsInAnyOrder(v3CaCert, v3InterCaCert, v3Cert));
178  1 assertThat(result.getContent(), equalTo(text));
179  1 assertThat(result.getContentType(), equalTo("1.2.840.113549.1.7.1"));
180  1 assertThat(result.getSignatures().size(),equalTo(1));
181   
182  1 CMSSignerVerifiedInformation signerInfo = result.getSignatures().iterator().next();
183   
184  1 assertThat(signerInfo.isVerified(), equalTo(true));
185  1 assertThat(signerInfo.getCertificateChain(), contains(v3CaCert, v3InterCaCert, v3Cert));
186    }
187   
 
188  1 toggle @Test
189    public void testDSADetachedSignatureWithExternalCerts() throws Exception
190    {
191  1 byte[] signature = generator.generate(text,
192    new CMSSignedDataGeneratorParameters()
193    .addSigner(CertifyingSigner.getInstance(true,
194    new CertifiedKeyPair(dsaPrivateKey, v3Cert), dsaSignerFactory)));
195   
196  1 CMSSignedDataVerified result = verifier.verify(signature, text, Arrays.asList(v3Cert, v3InterCaCert, v3CaCert));
197   
198  1 assertThat(result.isVerified(), equalTo(true));
199  1 assertThat(result.getCertificates().isEmpty(), equalTo(true));
200  1 assertThat(result.getContent(), equalTo(text));
201  1 assertThat(result.getContentType(), equalTo("1.2.840.113549.1.7.1"));
202  1 assertThat(result.getSignatures().size(),equalTo(1));
203   
204  1 CMSSignerVerifiedInformation signerInfo = result.getSignatures().iterator().next();
205   
206  1 assertThat(signerInfo.isVerified(), equalTo(true));
207  1 assertThat(signerInfo.getCertificateChain(), contains(v3CaCert, v3InterCaCert, v3Cert));
208    }
209   
 
210  1 toggle @Test
211    public void testDSADetachedSignatureWitMixedCerts() throws Exception
212    {
213  1 byte[] signature = generator.generate(text,
214    new CMSSignedDataGeneratorParameters()
215    .addSigner(CertifyingSigner.getInstance(true,
216    new CertifiedKeyPair(dsaPrivateKey, v3Cert), dsaSignerFactory))
217    .addCertificate(v3Cert));
218   
219  1 CMSSignedDataVerified result = verifier.verify(signature, text, Arrays.asList(v3InterCaCert, v3CaCert));
220   
221  1 assertThat(result.isVerified(), equalTo(true));
222  1 assertThat(result.getCertificates(), containsInAnyOrder(v3Cert));
223  1 assertThat(result.getContent(), equalTo(text));
224  1 assertThat(result.getContentType(), equalTo("1.2.840.113549.1.7.1"));
225  1 assertThat(result.getSignatures().size(),equalTo(1));
226   
227  1 CMSSignerVerifiedInformation signerInfo = result.getSignatures().iterator().next();
228   
229  1 assertThat(signerInfo.isVerified(), equalTo(true));
230  1 assertThat(signerInfo.getCertificateChain(), contains(v3CaCert, v3InterCaCert, v3Cert));
231    }
232   
 
233  1 toggle @Test
234    public void testPreCalculatedSignature() throws Exception
235    {
236  1 byte[] signature = generator.generate(text,
237    new CMSSignedDataGeneratorParameters()
238    .addSigner(CertifyingSigner.getInstance(true,
239    new CertifiedKeyPair(dsaPrivateKey, v3Cert), dsaSignerFactory))
240    );
241   
242  1 CMSSignedDataVerified result = verifier.verify(signature, text, Arrays.asList(v3Cert, v3InterCaCert, v3CaCert));
243   
244  1 byte[] signature2 = generator.generate(text,
245    new CMSSignedDataGeneratorParameters()
246    .addSignature(result.getSignatures().iterator().next())
247    );
248   
249  1 result = verifier.verify(signature2, text, Arrays.asList(v3Cert, v3InterCaCert, v3CaCert));
250   
251  1 assertThat(signature2, equalTo(signature));
252    }
253   
 
254  1 toggle @Test
255    public void testAddingCertificatesToSignature() throws Exception
256    {
257  1 byte[] signature = generator.generate(text,
258    new CMSSignedDataGeneratorParameters()
259    .addSigner(CertifyingSigner.getInstance(true,
260    new CertifiedKeyPair(dsaPrivateKey, v3Cert), dsaSignerFactory))
261    );
262   
263  1 CMSSignedDataVerified result = verifier.verify(signature, text, Arrays.asList(v3Cert, v3InterCaCert, v3CaCert));
264   
265  1 byte[] signature2 = generator.generate(text,
266    new CMSSignedDataGeneratorParameters()
267    .addSignature(result.getSignatures().iterator().next())
268    .addCertificates(result.getSignatures().iterator().next().getCertificateChain())
269    );
270   
271  1 result = verifier.verify(signature2, text);
272   
273  1 assertThat(result.isVerified(), equalTo(true));
274  1 assertThat(result.getCertificates(), containsInAnyOrder(v3CaCert, v3InterCaCert, v3Cert));
275  1 assertThat(result.getSignatures().size(),equalTo(1));
276   
277  1 CMSSignerVerifiedInformation signerInfo = result.getSignatures().iterator().next();
278   
279  1 assertThat(signerInfo.isVerified(), equalTo(true));
280  1 assertThat(signerInfo.getCertificateChain(), contains(v3CaCert, v3InterCaCert, v3Cert));
281    }
282    }