2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2020 Nokia. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.onap.aaf.certservice.certification.adapter;
23 import java.io.IOException;
24 import java.io.InputStream;
25 import java.nio.charset.StandardCharsets;
26 import java.security.NoSuchProviderException;
27 import java.security.PrivateKey;
28 import java.security.cert.CertificateException;
29 import java.security.cert.X509Certificate;
30 import java.util.Arrays;
31 import java.util.Collections;
32 import java.util.List;
33 import java.util.Objects;
35 import org.apache.commons.io.IOUtils;
36 import org.bouncycastle.asn1.x509.Certificate;
37 import org.bouncycastle.cert.X509CertificateHolder;
38 import org.bouncycastle.cert.X509v3CertificateBuilder;
39 import org.bouncycastle.operator.ContentSigner;
40 import org.bouncycastle.operator.OperatorCreationException;
41 import org.bouncycastle.pkcs.PKCS10CertificationRequest;
42 import org.junit.jupiter.api.Assertions;
43 import org.junit.jupiter.api.Test;
44 import org.mockito.InjectMocks;
45 import org.mockito.Mock;
46 import org.mockito.Mockito;
47 import org.onap.aaf.certservice.certification.configuration.model.CaMode;
48 import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server;
49 import org.onap.aaf.certservice.certification.exception.Cmpv2ClientAdapterException;
50 import org.onap.aaf.certservice.certification.model.CertificationModel;
51 import org.onap.aaf.certservice.certification.model.CsrModel;
52 import org.onap.aaf.certservice.cmpv2client.api.CmpClient;
53 import org.onap.aaf.certservice.cmpv2client.exceptions.CmpClientException;
54 import org.springframework.boot.test.context.SpringBootTest;
57 class Cmpv2ClientAdapterTest {
60 private CmpClient cmpClient;
62 private CsrModel csrModel;
64 private Cmpv2Server server;
66 private RsaContentSignerBuilder rsaContentSignerBuilder;
68 private X509CertificateBuilder x509CertificateBuilder;
70 private PKCS10CertificationRequest csr;
72 private PrivateKey privateKey;
74 private X509v3CertificateBuilder x509V3CertificateBuilder;
76 private ContentSigner contentSigner;
78 private X509CertificateHolder holder;
80 private Certificate asn1Certificate;
82 private X509Certificate certificate;
84 private CertificateFactoryProvider certificateFactoryProvider;
87 private Cmpv2ClientAdapter adapter;
89 private static final CaMode CA_MODEL = CaMode.CLIENT;
90 private static final String TEST_MSG = "Test";
93 void adapterShouldRethrowClientExceptionOnFailure()
94 throws CmpClientException, IOException, OperatorCreationException, CertificateException,
95 NoSuchProviderException {
97 stubInternalProperties();
100 Mockito.when(cmpClient.createCertificate(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any()))
101 .thenThrow(new CmpClientException(TEST_MSG));
104 Assertions.assertThrows(CmpClientException.class, () -> adapter.callCmpClient(csrModel, server));
108 void shouldConvertToCertificationModel()
109 throws OperatorCreationException, CertificateException, NoSuchProviderException, IOException,
110 CmpClientException, Cmpv2ClientAdapterException {
112 stubInternalProperties();
115 Mockito.when(cmpClient.createCertificate(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any()))
116 .thenReturn(createCorrectClientResponse());
117 CertificationModel certificationModel = adapter.callCmpClient(csrModel, server);
120 InputStream certificate = getClass().getClassLoader().getResourceAsStream("certificateModelChain.first");
121 InputStream trustedCertificate =
122 getClass().getClassLoader().getResourceAsStream("trustedCertificatesModel.first");
123 String certificateModel = removeLineEndings(certificationModel.getCertificateChain().get(0));
124 String expectedCertificate =
125 removeLineEndings(IOUtils.toString(Objects.requireNonNull(certificate), StandardCharsets.UTF_8));
126 String trustedCertificateModel = removeLineEndings(certificationModel.getTrustedCertificates().get(0));
127 String expectedTrustedCertificate =
128 removeLineEndings(IOUtils.toString(Objects.requireNonNull(trustedCertificate), StandardCharsets.UTF_8));
130 Assertions.assertEquals(certificateModel, expectedCertificate);
131 Assertions.assertEquals(trustedCertificateModel, expectedTrustedCertificate);
135 void adapterShouldThrowClientAdapterExceptionOnFailure()
136 throws OperatorCreationException, CertificateException, NoSuchProviderException, IOException,
139 stubInternalProperties();
142 Mockito.when(cmpClient.createCertificate(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any()))
143 .thenReturn(createCorrectClientResponse());
144 Mockito.when(certificateFactoryProvider.generateCertificate(Mockito.any()))
145 .thenThrow(new CertificateException(TEST_MSG));
148 Assertions.assertThrows(Cmpv2ClientAdapterException.class, () -> adapter.callCmpClient(csrModel, server));
151 private List<List<X509Certificate>> createCorrectClientResponse()
152 throws CertificateException, NoSuchProviderException {
153 InputStream certificateChain = getClass().getClassLoader().getResourceAsStream("certificateChain.first");
154 InputStream trustedCertificate = getClass().getClassLoader().getResourceAsStream("trustedCertificates.first");
155 X509Certificate x509Certificate = new CertificateFactoryProvider().generateCertificate(certificateChain);
156 X509Certificate x509TrustedCertificate =
157 new CertificateFactoryProvider().generateCertificate(trustedCertificate);
158 return Arrays.asList(Collections.singletonList(x509Certificate),
159 Collections.singletonList(x509TrustedCertificate));
162 private String removeLineEndings(String string) {
163 return string.replace("\n", "").replace("\r", "");
166 private void stubInternalProperties()
167 throws IOException, OperatorCreationException, CertificateException, NoSuchProviderException {
168 Mockito.when(server.getCaMode()).thenReturn(CA_MODEL);
169 Mockito.when(csrModel.getCsr()).thenReturn(csr);
170 Mockito.when(csrModel.getPrivateKey()).thenReturn(privateKey);
171 Mockito.when(x509CertificateBuilder.build(csr)).thenReturn(x509V3CertificateBuilder);
172 Mockito.when(rsaContentSignerBuilder.build(csr, privateKey)).thenReturn(contentSigner);
173 Mockito.when(x509V3CertificateBuilder.build(contentSigner)).thenReturn(holder);
174 Mockito.when(holder.toASN1Structure()).thenReturn(asn1Certificate);
175 Mockito.when(certificateFactoryProvider.generateCertificate(Mockito.any())).thenReturn(certificate);
176 Mockito.when(holder.toASN1Structure().getEncoded()).thenReturn("".getBytes());