1. Project Clover database Tue Dec 20 2016 21:24:09 CET
  2. Package org.xwiki.crypto.store.filesystem.internal

File X509KeyFileSystemStoreTest.java

 

Code metrics

0
89
15
1
307
226
15
0.17
5.93
15
1

Classes

Class Line # Actions
X509KeyFileSystemStoreTest 60 89 0% 15 0
1.0100%
 

Contributing tests

This file is covered by 13 tests. .

Source view

1    /*
2    * See the NOTICE file distributed with this work for additional
3    * information regarding copyright ownership.
4    *
5    * This is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU Lesser General Public License as
7    * published by the Free Software Foundation; either version 2.1 of
8    * the License, or (at your option) any later version.
9    *
10    * This software is distributed in the hope that it will be useful,
11    * but WITHOUT ANY WARRANTY; without even the implied warranty of
12    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13    * Lesser General Public License for more details.
14    *
15    * You should have received a copy of the GNU Lesser General Public
16    * License along with this software; if not, write to the Free
17    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
19    */
20   
21   
22    package org.xwiki.crypto.store.filesystem.internal;
23   
24    import java.io.File;
25    import java.math.BigInteger;
26   
27    import org.apache.commons.io.FileUtils;
28    import org.junit.After;
29    import org.junit.Before;
30    import org.junit.Rule;
31    import org.junit.Test;
32    import org.xwiki.crypto.AsymmetricKeyFactory;
33    import org.xwiki.crypto.BinaryStringEncoder;
34    import org.xwiki.crypto.params.cipher.asymmetric.PrivateKeyParameters;
35    import org.xwiki.crypto.password.PrivateKeyPasswordBasedEncryptor;
36    import org.xwiki.crypto.pkix.CertificateFactory;
37    import org.xwiki.crypto.pkix.params.CertifiedKeyPair;
38    import org.xwiki.crypto.pkix.params.CertifiedPublicKey;
39    import org.xwiki.crypto.pkix.params.x509certificate.DistinguishedName;
40    import org.xwiki.crypto.pkix.params.x509certificate.X509CertifiedPublicKey;
41    import org.xwiki.crypto.pkix.params.x509certificate.extension.X509Extensions;
42    import org.xwiki.crypto.store.FileStoreReference;
43    import org.xwiki.crypto.store.KeyStore;
44    import org.xwiki.crypto.store.StoreReference;
45    import org.xwiki.test.mockito.MockitoComponentMockingRule;
46   
47    import static org.hamcrest.CoreMatchers.equalTo;
48    import static org.hamcrest.CoreMatchers.notNullValue;
49    import static org.hamcrest.CoreMatchers.nullValue;
50    import static org.junit.Assert.assertThat;
51    import static org.mockito.Mockito.mock;
52    import static org.mockito.Mockito.when;
53   
54    /**
55    * Unit text form {@link org.xwiki.crypto.store.filesystem.internal.X509KeyFileSystemStore}
56    *
57    * @version $Id: 88d4406a2a1dfaef6ffd2e8ed8903ab45a53b6be $
58    * @since 6.1M2
59    */
 
60    public class X509KeyFileSystemStoreTest
61    {
62    private static final byte[] PASSWORD = "password".getBytes();
63    private static final byte[] PRIVATEKEY = "privatekey".getBytes();
64    private static final String ENCODED_PRIVATEKEY = "encoded_privatekey";
65    private static final byte[] ENCRYPTED_PRIVATEKEY = "encrypted_privatekey".getBytes();
66    private static final String ENCODED_ENCRYPTED_PRIVATEKEY = "encoded_encrypted_privatekey";
67    private static final byte[] CERTIFICATE = "certificate".getBytes();
68    private static final String ENCODED_CERTIFICATE = "encoded_certificate";
69    private static final byte[] SUBJECT_KEYID = "subjectKeyId".getBytes();
70    private static final String ENCODED_SUBJECTKEYID = "encoded_subjectKeyId";
71    private static final String HEXENCODED_SUBJECTKEYID = "hex_encoded_subjectKeyId";
72    private static final String SUBJECT = "CN=Subject";
73    private static final String ISSUER = "CN=Issuer";
74    private static final BigInteger SERIAL = new BigInteger("1234567890");
75   
76    private static final File TEST_DIR = new File("target/tmp");
77   
78    private static final File FILE = new File(TEST_DIR, "my.key");
79    private static final File DIRECTORY = new File(TEST_DIR, "keystore");
80   
81    private static final File CERT_FILE = new File(DIRECTORY, HEXENCODED_SUBJECTKEYID + ".cert");
82   
83    private static final File KEY_FILE = new File(DIRECTORY, HEXENCODED_SUBJECTKEYID + ".key");
84   
85    private static final StoreReference SINGLE_STORE_REF = new FileStoreReference(FILE);
86    private static final StoreReference MULTI_STORE_REF = new FileStoreReference(DIRECTORY, true);
87   
88    private static final String BEGIN_PRIVATE_KEY = "-----BEGIN PRIVATE KEY-----\n";
89    private static final String BEGIN_ENCRYPTED_PRIVATE_KEY = "-----BEGIN ENCRYPTED PRIVATE KEY-----\n";
90    private static final String BEGIN_CERTIFICATE = "-----BEGIN CERTIFICATE-----\n";
91    private static final String END_PRIVATE_KEY = "-----END PRIVATE KEY-----\n";
92    private static final String END_ENCRYPTED_PRIVATE_KEY = "-----END ENCRYPTED PRIVATE KEY-----\n";
93    private static final String END_CERTIFICATE = "-----END CERTIFICATE-----\n";
94    private static final String NEWLINE = "\n";
95   
96    private static final String KEY_FILE_CONTENT = BEGIN_PRIVATE_KEY + ENCODED_PRIVATEKEY + NEWLINE + END_PRIVATE_KEY;
97    private static final String ENCRYTEDKEY_FILE_CONTENT = BEGIN_ENCRYPTED_PRIVATE_KEY + ENCODED_ENCRYPTED_PRIVATEKEY
98    + NEWLINE + END_ENCRYPTED_PRIVATE_KEY;
99    private static final String CERTIFICATE_FILE_CONTENT = BEGIN_CERTIFICATE + ENCODED_CERTIFICATE + NEWLINE
100    + END_CERTIFICATE;
101    private static final String FILE_CONTENT = KEY_FILE_CONTENT + CERTIFICATE_FILE_CONTENT;
102    private static final String ENCRYPTED_FILE_CONTENT = ENCRYTEDKEY_FILE_CONTENT + CERTIFICATE_FILE_CONTENT;
103   
104    @Rule
105    public MockitoComponentMockingRule<KeyStore> mocker =
106    new MockitoComponentMockingRule<KeyStore>(X509KeyFileSystemStore.class);
107   
108    private KeyStore store;
109   
110    PrivateKeyParameters privateKey;
111    X509CertifiedPublicKey certificate;
112    CertifiedKeyPair keyPair;
113   
 
114  13 toggle @Before
115    public void setUp() throws Exception
116    {
117  13 BinaryStringEncoder base64Encoder = mocker.getInstance(BinaryStringEncoder.class, "Base64");
118  13 when(base64Encoder.encode(PRIVATEKEY, 64)).thenReturn(ENCODED_PRIVATEKEY);
119  13 when(base64Encoder.decode(ENCODED_PRIVATEKEY)).thenReturn(PRIVATEKEY);
120  13 when(base64Encoder.encode(ENCRYPTED_PRIVATEKEY, 64)).thenReturn(ENCODED_ENCRYPTED_PRIVATEKEY);
121  13 when(base64Encoder.decode(ENCODED_ENCRYPTED_PRIVATEKEY)).thenReturn(ENCRYPTED_PRIVATEKEY);
122  13 when(base64Encoder.encode(CERTIFICATE, 64)).thenReturn(ENCODED_CERTIFICATE);
123  13 when(base64Encoder.decode(ENCODED_CERTIFICATE)).thenReturn(CERTIFICATE);
124  13 when(base64Encoder.encode(SUBJECT_KEYID)).thenReturn(ENCODED_SUBJECTKEYID);
125  13 when(base64Encoder.decode(ENCODED_SUBJECTKEYID)).thenReturn(SUBJECT_KEYID);
126   
127  13 BinaryStringEncoder hexEncoder = mocker.getInstance(BinaryStringEncoder.class, "Hex");
128  13 when(hexEncoder.encode(SUBJECT_KEYID)).thenReturn(HEXENCODED_SUBJECTKEYID);
129   
130  13 privateKey = mock(PrivateKeyParameters.class);
131  13 when(privateKey.getEncoded()).thenReturn(PRIVATEKEY);
132   
133  13 AsymmetricKeyFactory keyFactory = mocker.getInstance(AsymmetricKeyFactory.class);
134  13 when(keyFactory.fromPKCS8(PRIVATEKEY)).thenReturn(privateKey);
135   
136  13 PrivateKeyPasswordBasedEncryptor encryptor = mocker.getInstance(PrivateKeyPasswordBasedEncryptor.class);
137  13 when(encryptor.encrypt(PASSWORD, privateKey)).thenReturn(ENCRYPTED_PRIVATEKEY);
138  13 when(encryptor.decrypt(PASSWORD, ENCRYPTED_PRIVATEKEY)).thenReturn(privateKey);
139   
140  13 certificate = mock(X509CertifiedPublicKey.class);
141  13 when(certificate.getSerialNumber()).thenReturn(SERIAL);
142  13 when(certificate.getIssuer()).thenReturn(new DistinguishedName(ISSUER));
143  13 when(certificate.getSubject()).thenReturn(new DistinguishedName(SUBJECT));
144  13 when(certificate.getEncoded()).thenReturn(CERTIFICATE);
145   
146  13 CertificateFactory certificateFactory = mocker.getInstance(CertificateFactory.class, "X509");
147  13 when(certificateFactory.decode(CERTIFICATE)).thenReturn(certificate);
148   
149  13 X509Extensions extensions = mock(X509Extensions.class);
150  13 when(certificate.getExtensions()).thenReturn(extensions);
151  13 when(extensions.getSubjectKeyIdentifier()).thenReturn(SUBJECT_KEYID);
152  13 when(certificate.getSubjectKeyIdentifier()).thenReturn(SUBJECT_KEYID);
153   
154  13 keyPair = new CertifiedKeyPair(privateKey, certificate);
155   
156  13 store = mocker.getComponentUnderTest();
157   
158  13 FileUtils.deleteDirectory(TEST_DIR);
159  13 TEST_DIR.mkdirs();
160    }
161   
 
162  13 toggle @After
163    public void deleteTestFiles() throws Exception {
164  13 FileUtils.deleteDirectory(TEST_DIR);
165    }
166   
 
167  1 toggle @Test
168    public void testStoringPrivateKeyToFile() throws Exception
169    {
170  1 store.store(SINGLE_STORE_REF, keyPair);
171   
172  1 assertThat(FileUtils.readFileToString(FILE), equalTo(FILE_CONTENT));
173    }
174   
 
175  1 toggle @Test
176    public void testStoringPrivateKeyToDirectory() throws Exception
177    {
178  1 store.store(MULTI_STORE_REF, keyPair);
179   
180  1 assertThat(FileUtils.readFileToString(KEY_FILE),
181    equalTo(KEY_FILE_CONTENT));
182  1 assertThat(FileUtils.readFileToString(CERT_FILE),
183    equalTo(CERTIFICATE_FILE_CONTENT));
184    }
185   
 
186  1 toggle @Test
187    public void testStoringEncryptedPrivateKeyToFile() throws Exception
188    {
189  1 store.store(SINGLE_STORE_REF, keyPair, PASSWORD);
190   
191  1 assertThat(FileUtils.readFileToString(FILE), equalTo(ENCRYPTED_FILE_CONTENT));
192    }
193   
 
194  1 toggle @Test
195    public void testStoringEncryptedPrivateKeyToDirectory() throws Exception
196    {
197  1 store.store(MULTI_STORE_REF, keyPair, PASSWORD);
198   
199  1 assertThat(FileUtils.readFileToString(KEY_FILE),
200    equalTo(ENCRYTEDKEY_FILE_CONTENT));
201  1 assertThat(FileUtils.readFileToString(CERT_FILE),
202    equalTo(CERTIFICATE_FILE_CONTENT));
203    }
204   
 
205  1 toggle @Test
206    public void testRetrievePrivateKeyFromFile() throws Exception
207    {
208  1 FileUtils.writeStringToFile(FILE, FILE_CONTENT);
209   
210  1 CertifiedKeyPair keyPair = store.retrieve(SINGLE_STORE_REF);
211  1 assertThat(keyPair, notNullValue());
212  1 assertThat(keyPair.getPrivateKey(), equalTo(privateKey));
213  1 assertThat(keyPair.getCertificate(), equalTo((CertifiedPublicKey) certificate));
214    }
215   
 
216  1 toggle @Test
217    public void testRetrieveEncryptedPrivateKeyFromFile() throws Exception
218    {
219  1 FileUtils.writeStringToFile(FILE, ENCRYPTED_FILE_CONTENT);
220   
221  1 CertifiedKeyPair keyPair = store.retrieve(SINGLE_STORE_REF, PASSWORD);
222  1 assertThat(keyPair, notNullValue());
223  1 assertThat(keyPair.getPrivateKey(), equalTo(privateKey));
224  1 assertThat(keyPair.getCertificate(), equalTo((CertifiedPublicKey) certificate));
225    }
226   
 
227  1 toggle @Test
228    public void testRetrievePrivateKeyFromDirectory() throws Exception
229    {
230  1 DIRECTORY.mkdirs();
231  1 FileUtils.writeStringToFile(KEY_FILE, KEY_FILE_CONTENT);
232  1 FileUtils.writeStringToFile(CERT_FILE, CERTIFICATE_FILE_CONTENT);
233   
234  1 CertifiedKeyPair keyPair = store.retrieve(MULTI_STORE_REF, certificate);
235  1 assertThat(keyPair, notNullValue());
236  1 assertThat(keyPair.getPrivateKey(), equalTo(privateKey));
237  1 assertThat(keyPair.getCertificate(), equalTo((CertifiedPublicKey) certificate));
238    }
239   
 
240  1 toggle @Test
241    public void testRetrieveEncryptedPrivateKeyFromDirectory() throws Exception
242    {
243  1 DIRECTORY.mkdirs();
244  1 FileUtils.writeStringToFile(KEY_FILE, ENCRYTEDKEY_FILE_CONTENT);
245  1 FileUtils.writeStringToFile(CERT_FILE, CERTIFICATE_FILE_CONTENT);
246   
247  1 CertifiedKeyPair keyPair = store.retrieve(MULTI_STORE_REF, certificate, PASSWORD);
248  1 assertThat(keyPair, notNullValue());
249  1 assertThat(keyPair.getPrivateKey(), equalTo(privateKey));
250  1 assertThat(keyPair.getCertificate(), equalTo((CertifiedPublicKey) certificate));
251    }
252   
 
253  1 toggle @Test
254    public void testRetrieveMissingPrivateKeyFromFile() throws Exception
255    {
256  1 FileUtils.writeStringToFile(FILE, CERTIFICATE_FILE_CONTENT);
257   
258  1 CertifiedKeyPair keyPair = store.retrieve(SINGLE_STORE_REF);
259  1 assertThat(keyPair, nullValue());
260    }
261   
 
262  1 toggle @Test
263    public void testRetrieveMissingCertificateFromFile() throws Exception
264    {
265  1 FileUtils.writeStringToFile(FILE, KEY_FILE_CONTENT);
266   
267  1 CertifiedKeyPair keyPair = store.retrieve(SINGLE_STORE_REF);
268  1 assertThat(keyPair, nullValue());
269    }
270   
 
271  1 toggle @Test
272    public void testRetrieveMissingPrivateKeyFromDirectory() throws Exception
273    {
274  1 DIRECTORY.mkdirs();
275  1 FileUtils.writeStringToFile(CERT_FILE, CERTIFICATE_FILE_CONTENT);
276   
277  1 CertifiedKeyPair keyPair = store.retrieve(MULTI_STORE_REF, certificate);
278  1 assertThat(keyPair, nullValue());
279    }
280   
 
281  1 toggle @Test
282    public void testRetrieveMissingCertificateFromDirectory() throws Exception
283    {
284  1 DIRECTORY.mkdirs();
285  1 FileUtils.writeStringToFile(KEY_FILE, KEY_FILE_CONTENT);
286   
287  1 CertifiedKeyPair keyPair = store.retrieve(MULTI_STORE_REF, certificate);
288  1 assertThat(keyPair, notNullValue());
289  1 assertThat(keyPair.getPrivateKey(), equalTo(privateKey));
290  1 assertThat(keyPair.getCertificate(), equalTo((CertifiedPublicKey) certificate));
291    }
292   
 
293  1 toggle @Test
294    public void testStoringPrivateKeyToDirectoryWithoutSubjectID() throws Exception
295    {
296  1 when(certificate.getExtensions()).thenReturn(null);
297  1 when(certificate.getSubjectKeyIdentifier()).thenReturn(null);
298   
299  1 store.store(MULTI_STORE_REF, keyPair);
300   
301  1 assertThat(FileUtils.readFileToString(new File(DIRECTORY, SERIAL + ", " + ISSUER + ".key")),
302    equalTo(KEY_FILE_CONTENT));
303  1 assertThat(FileUtils.readFileToString(new File(DIRECTORY, SERIAL + ", " + ISSUER + ".cert")),
304    equalTo(CERTIFICATE_FILE_CONTENT));
305    }
306   
307    }