2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2020-2021 Nokia. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.onap.oom.certservice.certification;
23 import static org.assertj.core.api.Assertions.assertThat;
24 import static org.junit.jupiter.api.Assertions.assertEquals;
25 import static org.junit.jupiter.api.Assertions.assertThrows;
26 import static org.junit.jupiter.api.Assertions.assertTrue;
27 import static org.mockito.ArgumentMatchers.any;
28 import static org.mockito.Mockito.mock;
29 import static org.mockito.Mockito.when;
30 import static org.onap.oom.certservice.certification.CertificationData.CA_CERT;
31 import static org.onap.oom.certservice.certification.CertificationData.ENTITY_CERT;
32 import static org.onap.oom.certservice.certification.CertificationData.EXTRA_CA_CERT;
33 import static org.onap.oom.certservice.certification.CertificationData.INTERMEDIATE_CERT;
34 import static org.onap.oom.certservice.certification.TestData.TEST_CSR;
35 import static org.onap.oom.certservice.certification.TestData.TEST_PK;
36 import static org.onap.oom.certservice.certification.TestData.TEST_WRONG_CSR;
37 import static org.onap.oom.certservice.certification.TestData.TEST_WRONG_PEM;
39 import java.util.Arrays;
40 import java.util.Base64;
41 import java.util.List;
42 import org.junit.jupiter.api.BeforeEach;
43 import org.junit.jupiter.api.Test;
44 import org.junit.jupiter.api.extension.ExtendWith;
45 import org.mockito.Mock;
46 import org.mockito.junit.jupiter.MockitoExtension;
47 import org.onap.oom.certservice.certification.configuration.Cmpv2ServerProvider;
48 import org.onap.oom.certservice.certification.configuration.model.Cmpv2Server;
49 import org.onap.oom.certservice.certification.exception.CertificateDecryptionException;
50 import org.onap.oom.certservice.certification.exception.Cmpv2ClientAdapterException;
51 import org.onap.oom.certservice.certification.exception.Cmpv2ServerNotFoundException;
52 import org.onap.oom.certservice.certification.exception.CsrDecryptionException;
53 import org.onap.oom.certservice.certification.exception.DecryptionException;
54 import org.onap.oom.certservice.certification.model.CertificateUpdateModel;
55 import org.onap.oom.certservice.certification.model.CertificateUpdateModel.CertificateUpdateModelBuilder;
56 import org.onap.oom.certservice.certification.model.CertificationModel;
57 import org.onap.oom.certservice.certification.model.CsrModel;
58 import org.onap.oom.certservice.certification.model.X509CertificateModel;
59 import org.onap.oom.certservice.cmpv2client.exceptions.CmpClientException;
61 @ExtendWith(MockitoExtension.class)
62 class CertificationModelFactoryTest {
64 private static final String TEST_CA = "testCA";
65 private static final String ENCODED_CSR = getEncodedString(TEST_CSR);
66 private static final String ENCODED_PK = getEncodedString(TEST_PK);
67 private static final String ENCODED_WRONG_CSR = getEncodedString(TEST_WRONG_CSR);
68 private static final String ENCODED_WRONG_PK = getEncodedString(TEST_WRONG_PEM);
69 private static final String TEST_CA_NAME = "TestCa";
70 private static final String TEST_ENCODED_CSR = "encodedCSR";
71 private static final String TEST_ENCODED_PK = "encodedPK";
72 private static final String TEST_ENCODED_OLD_PK = "encodedOldPK";
73 private static final String TEST_ENCODED_OLD_CERT = "encodedOldCert";
74 private static final CertificateUpdateModel TEST_CERTIFICATE_UPDATE_MODEL = new CertificateUpdateModelBuilder()
75 .setEncodedCsr(TEST_ENCODED_CSR)
76 .setEncodedPrivateKey(TEST_ENCODED_PK)
77 .setEncodedOldCert(TEST_ENCODED_OLD_CERT)
78 .setEncodedOldPrivateKey(TEST_ENCODED_OLD_PK)
79 .setCaName(TEST_CA_NAME)
82 private CertificationModelFactory certificationModelFactory;
85 private Cmpv2ServerProvider cmpv2ServerProvider;
87 private CsrModelFactory csrModelFactory;
89 private CertificationProvider certificationProvider;
91 private X509CertificateModelFactory x509CertificateModelFactory;
93 private UpdateRequestTypeDetector updateRequestTypeDetector;
95 private static String getEncodedString(String testCsr) {
96 return Base64.getEncoder().encodeToString(testCsr.getBytes());
101 certificationModelFactory =
102 new CertificationModelFactory(csrModelFactory, cmpv2ServerProvider, certificationProvider,
103 x509CertificateModelFactory, updateRequestTypeDetector);
107 void shouldCreateProperCertificationModelWhenGivenProperCsrModelAndCaName()
108 throws CmpClientException, DecryptionException, Cmpv2ClientAdapterException {
111 CsrModel csrModel = mockCsrFactoryModelCreation();
112 Cmpv2Server testServer = mockCmpv2ProviderServerSelection();
113 mockCertificateProviderCertificateSigning(csrModel, testServer);
116 CertificationModel certificationModel =
117 certificationModelFactory.createCertificationModel(ENCODED_CSR, ENCODED_PK, TEST_CA);
120 assertEquals(2, certificationModel.getCertificateChain().size());
121 assertThat(certificationModel.getCertificateChain()).contains(INTERMEDIATE_CERT, ENTITY_CERT);
122 assertEquals(2, certificationModel.getTrustedCertificates().size());
123 assertThat(certificationModel.getTrustedCertificates()).contains(CA_CERT, EXTRA_CA_CERT);
127 void shouldThrowDecryptionExceptionWhenGivenWrongEncodedCsr()
128 throws DecryptionException {
130 String expectedMessage = "Incorrect CSR, decryption failed";
132 csrModelFactory.createCsrModel(
133 new StringBase64(ENCODED_WRONG_CSR),
134 new StringBase64(ENCODED_WRONG_PK)
137 new CsrDecryptionException(expectedMessage)
141 Exception exception = assertThrows(
142 DecryptionException.class, () ->
143 certificationModelFactory.createCertificationModel(ENCODED_WRONG_CSR, ENCODED_WRONG_PK, TEST_CA)
147 assertTrue(exception.getMessage().contains(expectedMessage));
151 void shouldThrowCmpv2ServerNotFoundExceptionWhenGivenWrongCaName()
152 throws DecryptionException {
154 String expectedMessage = "CA not found";
155 mockCsrFactoryModelCreation();
157 cmpv2ServerProvider.getCmpv2Server(TEST_CA)
159 new Cmpv2ServerNotFoundException(expectedMessage)
163 Exception exception = assertThrows(
164 Cmpv2ServerNotFoundException.class, () ->
165 certificationModelFactory.createCertificationModel(ENCODED_CSR, ENCODED_PK, TEST_CA)
169 assertTrue(exception.getMessage().contains(expectedMessage));
173 void shouldThrowCmpClientExceptionWhenSigningCsrFailed()
174 throws DecryptionException, CmpClientException, Cmpv2ClientAdapterException {
176 String expectedMessage = "failed to sign certificate";
177 CsrModel csrModel = mockCsrFactoryModelCreation();
178 Cmpv2Server testServer = mockCmpv2ProviderServerSelection();
180 certificationProvider.signCsr(csrModel, testServer)
182 new CmpClientException(expectedMessage)
186 Exception exception = assertThrows(
187 CmpClientException.class, () ->
188 certificationModelFactory.createCertificationModel(ENCODED_CSR, ENCODED_PK, TEST_CA)
192 assertTrue(exception.getMessage().contains(expectedMessage));
196 void shouldPerformKurWhenCsrAndOldCertDataMatch() throws CertificateDecryptionException, DecryptionException {
198 mockCsrFactoryModelCreation();
199 mockCertificateFactoryModelCreation();
200 when(updateRequestTypeDetector.isKur(any(), any())).thenReturn(true);
202 Exception exception = assertThrows(
203 UnsupportedOperationException.class, () ->
204 certificationModelFactory.createCertificationModel(TEST_CERTIFICATE_UPDATE_MODEL)
206 assertEquals(exception.getMessage(), "TODO: implement KUR in separate MR");
210 void shouldPerformCrWhenCsrAndOldCertDataMatch() throws CertificateDecryptionException, DecryptionException {
212 mockCsrFactoryModelCreation();
213 mockCertificateFactoryModelCreation();
214 when(updateRequestTypeDetector.isKur(any(), any())).thenReturn(false);
216 Exception exception = assertThrows(
217 UnsupportedOperationException.class, () ->
218 certificationModelFactory.createCertificationModel(TEST_CERTIFICATE_UPDATE_MODEL)
220 assertEquals(exception.getMessage(), "TODO: implement CR in separate MR");
224 void shouldThrowCertificateDecryptionExceptionWhenOldCertificateInvalid()
225 throws CertificateDecryptionException {
227 when(x509CertificateModelFactory.createCertificateModel(any()))
228 .thenThrow(new CertificateDecryptionException("Incorrect certificate, decryption failed"));
231 CertificateDecryptionException.class, () ->
232 certificationModelFactory.createCertificationModel(TEST_CERTIFICATE_UPDATE_MODEL)
236 private void mockCertificateProviderCertificateSigning(CsrModel csrModel, Cmpv2Server testServer)
237 throws CmpClientException, Cmpv2ClientAdapterException {
238 CertificationModel expectedCertificationModel = getCertificationModel();
240 certificationProvider.signCsr(csrModel, testServer)
241 ).thenReturn(expectedCertificationModel);
244 private Cmpv2Server mockCmpv2ProviderServerSelection() {
245 Cmpv2Server testServer = getCmpv2Server();
247 cmpv2ServerProvider.getCmpv2Server(TEST_CA)
248 ).thenReturn(testServer);
252 private CsrModel mockCsrFactoryModelCreation()
253 throws DecryptionException {
254 CsrModel csrModel = getCsrModel();
255 when(csrModelFactory.createCsrModel(any(), any())).thenReturn(csrModel);
259 private X509CertificateModel mockCertificateFactoryModelCreation()
260 throws CertificateDecryptionException {
261 final X509CertificateModel certificateModel = mock(X509CertificateModel.class);
262 when(x509CertificateModelFactory.createCertificateModel(any())).thenReturn(certificateModel);
263 return certificateModel;
266 private Cmpv2Server getCmpv2Server() {
267 return new Cmpv2Server();
270 private CsrModel getCsrModel() {
271 return mock(CsrModel.class);
274 private CertificationModel getCertificationModel() {
275 List<String> testTrustedCertificates = Arrays.asList(CA_CERT, EXTRA_CA_CERT);
276 List<String> testCertificationChain = Arrays.asList(INTERMEDIATE_CERT, ENTITY_CERT);
277 return new CertificationModel(testCertificationChain, testTrustedCertificates);