Code Review / oom / platform / cert-service.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
[OOM-CERT-SERVICE] Add logic for KUR/CR detection
[oom/platform/cert-service.git] / certService / src / test / java / org / onap / oom / certservice / certification / CertificationModelFactoryTest.java
1 /*
2  * ============LICENSE_START=======================================================
3  * Cert Service
4  * ================================================================================
5  * Copyright (C) 2020-2021 Nokia. All rights reserved.
6  * ================================================================================
7  * Licensed under the Apache License, Version 2.0 (the "License");
8  * you may not use this file except in compliance with the License.
9  * You may obtain a copy of the License at
10  *
11  *      http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing, software
14  * distributed under the License is distributed on an "AS IS" BASIS,
15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * See the License for the specific language governing permissions and
17  * limitations under the License.
18  * ============LICENSE_END=========================================================
19  */
20
21 package org.onap.oom.certservice.certification;
22
23 import static org.assertj.core.api.Assertions.assertThat;
24 import static org.junit.jupiter.api.Assertions.assertEquals;
25 import static org.junit.jupiter.api.Assertions.assertThrows;
26 import static org.junit.jupiter.api.Assertions.assertTrue;
27 import static org.mockito.ArgumentMatchers.any;
28 import static org.mockito.Mockito.mock;
29 import static org.mockito.Mockito.when;
30 import static org.onap.oom.certservice.certification.CertificationData.CA_CERT;
31 import static org.onap.oom.certservice.certification.CertificationData.ENTITY_CERT;
32 import static org.onap.oom.certservice.certification.CertificationData.EXTRA_CA_CERT;
33 import static org.onap.oom.certservice.certification.CertificationData.INTERMEDIATE_CERT;
34 import static org.onap.oom.certservice.certification.TestData.TEST_CSR;
35 import static org.onap.oom.certservice.certification.TestData.TEST_PK;
36 import static org.onap.oom.certservice.certification.TestData.TEST_WRONG_CSR;
37 import static org.onap.oom.certservice.certification.TestData.TEST_WRONG_PEM;
38
39 import java.util.Arrays;
40 import java.util.Base64;
41 import java.util.List;
42 import org.junit.jupiter.api.BeforeEach;
43 import org.junit.jupiter.api.Test;
44 import org.junit.jupiter.api.extension.ExtendWith;
45 import org.mockito.Mock;
46 import org.mockito.junit.jupiter.MockitoExtension;
47 import org.onap.oom.certservice.certification.configuration.Cmpv2ServerProvider;
48 import org.onap.oom.certservice.certification.configuration.model.Cmpv2Server;
49 import org.onap.oom.certservice.certification.exception.CertificateDecryptionException;
50 import org.onap.oom.certservice.certification.exception.Cmpv2ClientAdapterException;
51 import org.onap.oom.certservice.certification.exception.Cmpv2ServerNotFoundException;
52 import org.onap.oom.certservice.certification.exception.CsrDecryptionException;
53 import org.onap.oom.certservice.certification.exception.DecryptionException;
54 import org.onap.oom.certservice.certification.model.CertificateUpdateModel;
55 import org.onap.oom.certservice.certification.model.CertificateUpdateModel.CertificateUpdateModelBuilder;
56 import org.onap.oom.certservice.certification.model.CertificationModel;
57 import org.onap.oom.certservice.certification.model.CsrModel;
58 import org.onap.oom.certservice.certification.model.X509CertificateModel;
59 import org.onap.oom.certservice.cmpv2client.exceptions.CmpClientException;
60
61 @ExtendWith(MockitoExtension.class)
62 class CertificationModelFactoryTest {
63
64     private static final String TEST_CA = "testCA";
65     private static final String ENCODED_CSR = getEncodedString(TEST_CSR);
66     private static final String ENCODED_PK = getEncodedString(TEST_PK);
67     private static final String ENCODED_WRONG_CSR = getEncodedString(TEST_WRONG_CSR);
68     private static final String ENCODED_WRONG_PK = getEncodedString(TEST_WRONG_PEM);
69     private static final String TEST_CA_NAME = "TestCa";
70     private static final String TEST_ENCODED_CSR = "encodedCSR";
71     private static final String TEST_ENCODED_PK = "encodedPK";
72     private static final String TEST_ENCODED_OLD_PK = "encodedOldPK";
73     private static final String TEST_ENCODED_OLD_CERT = "encodedOldCert";
74     private static final CertificateUpdateModel TEST_CERTIFICATE_UPDATE_MODEL = new CertificateUpdateModelBuilder()
75         .setEncodedCsr(TEST_ENCODED_CSR)
76         .setEncodedPrivateKey(TEST_ENCODED_PK)
77         .setEncodedOldCert(TEST_ENCODED_OLD_CERT)
78         .setEncodedOldPrivateKey(TEST_ENCODED_OLD_PK)
79         .setCaName(TEST_CA_NAME)
80         .build();
81
82     private CertificationModelFactory certificationModelFactory;
83
84     @Mock
85     private Cmpv2ServerProvider cmpv2ServerProvider;
86     @Mock
87     private CsrModelFactory csrModelFactory;
88     @Mock
89     private CertificationProvider certificationProvider;
90     @Mock
91     private X509CertificateModelFactory x509CertificateModelFactory;
92     @Mock
93     private UpdateRequestTypeDetector updateRequestTypeDetector;
94
95     private static String getEncodedString(String testCsr) {
96         return Base64.getEncoder().encodeToString(testCsr.getBytes());
97     }
98
99     @BeforeEach
100     void setUp() {
101         certificationModelFactory =
102             new CertificationModelFactory(csrModelFactory, cmpv2ServerProvider, certificationProvider,
103                 x509CertificateModelFactory, updateRequestTypeDetector);
104     }
105
106     @Test
107     void shouldCreateProperCertificationModelWhenGivenProperCsrModelAndCaName()
108         throws CmpClientException, DecryptionException, Cmpv2ClientAdapterException {
109
110         // Given
111         CsrModel csrModel = mockCsrFactoryModelCreation();
112         Cmpv2Server testServer = mockCmpv2ProviderServerSelection();
113         mockCertificateProviderCertificateSigning(csrModel, testServer);
114
115         // When
116         CertificationModel certificationModel =
117             certificationModelFactory.createCertificationModel(ENCODED_CSR, ENCODED_PK, TEST_CA);
118
119         // Then
120         assertEquals(2, certificationModel.getCertificateChain().size());
121         assertThat(certificationModel.getCertificateChain()).contains(INTERMEDIATE_CERT, ENTITY_CERT);
122         assertEquals(2, certificationModel.getTrustedCertificates().size());
123         assertThat(certificationModel.getTrustedCertificates()).contains(CA_CERT, EXTRA_CA_CERT);
124     }
125
126     @Test
127     void shouldThrowDecryptionExceptionWhenGivenWrongEncodedCsr()
128         throws DecryptionException {
129         // Given
130         String expectedMessage = "Incorrect CSR, decryption failed";
131         when(
132             csrModelFactory.createCsrModel(
133                 new StringBase64(ENCODED_WRONG_CSR),
134                 new StringBase64(ENCODED_WRONG_PK)
135             )
136         ).thenThrow(
137             new CsrDecryptionException(expectedMessage)
138         );
139
140         // When
141         Exception exception = assertThrows(
142             DecryptionException.class, () ->
143                 certificationModelFactory.createCertificationModel(ENCODED_WRONG_CSR, ENCODED_WRONG_PK, TEST_CA)
144         );
145
146         // Then
147         assertTrue(exception.getMessage().contains(expectedMessage));
148     }
149
150     @Test
151     void shouldThrowCmpv2ServerNotFoundExceptionWhenGivenWrongCaName()
152         throws DecryptionException {
153         // Given
154         String expectedMessage = "CA not found";
155         mockCsrFactoryModelCreation();
156         when(
157             cmpv2ServerProvider.getCmpv2Server(TEST_CA)
158         ).thenThrow(
159             new Cmpv2ServerNotFoundException(expectedMessage)
160         );
161
162         // When
163         Exception exception = assertThrows(
164             Cmpv2ServerNotFoundException.class, () ->
165                 certificationModelFactory.createCertificationModel(ENCODED_CSR, ENCODED_PK, TEST_CA)
166         );
167
168         // Then
169         assertTrue(exception.getMessage().contains(expectedMessage));
170     }
171
172     @Test
173     void shouldThrowCmpClientExceptionWhenSigningCsrFailed()
174         throws DecryptionException, CmpClientException, Cmpv2ClientAdapterException {
175         // Given
176         String expectedMessage = "failed to sign certificate";
177         CsrModel csrModel = mockCsrFactoryModelCreation();
178         Cmpv2Server testServer = mockCmpv2ProviderServerSelection();
179         when(
180             certificationProvider.signCsr(csrModel, testServer)
181         ).thenThrow(
182             new CmpClientException(expectedMessage)
183         );
184
185         // When
186         Exception exception = assertThrows(
187             CmpClientException.class, () ->
188                 certificationModelFactory.createCertificationModel(ENCODED_CSR, ENCODED_PK, TEST_CA)
189         );
190
191         // Then
192         assertTrue(exception.getMessage().contains(expectedMessage));
193     }
194
195     @Test
196     void shouldPerformKurWhenCsrAndOldCertDataMatch() throws CertificateDecryptionException, DecryptionException {
197         //given
198         mockCsrFactoryModelCreation();
199         mockCertificateFactoryModelCreation();
200         when(updateRequestTypeDetector.isKur(any(), any())).thenReturn(true);
201         //when, then
202         Exception exception = assertThrows(
203             UnsupportedOperationException.class, () ->
204                 certificationModelFactory.createCertificationModel(TEST_CERTIFICATE_UPDATE_MODEL)
205         );
206         assertEquals(exception.getMessage(), "TODO: implement KUR in separate MR");
207     }
208
209     @Test
210     void shouldPerformCrWhenCsrAndOldCertDataMatch() throws CertificateDecryptionException, DecryptionException {
211         //given
212         mockCsrFactoryModelCreation();
213         mockCertificateFactoryModelCreation();
214         when(updateRequestTypeDetector.isKur(any(), any())).thenReturn(false);
215         //when, then
216         Exception exception = assertThrows(
217             UnsupportedOperationException.class, () ->
218                 certificationModelFactory.createCertificationModel(TEST_CERTIFICATE_UPDATE_MODEL)
219         );
220         assertEquals(exception.getMessage(), "TODO: implement CR in separate MR");
221     }
222
223     @Test
224     void shouldThrowCertificateDecryptionExceptionWhenOldCertificateInvalid()
225         throws CertificateDecryptionException {
226         //given
227         when(x509CertificateModelFactory.createCertificateModel(any()))
228             .thenThrow(new CertificateDecryptionException("Incorrect certificate, decryption failed"));
229         //when, then
230         assertThrows(
231             CertificateDecryptionException.class, () ->
232                 certificationModelFactory.createCertificationModel(TEST_CERTIFICATE_UPDATE_MODEL)
233         );
234     }
235
236     private void mockCertificateProviderCertificateSigning(CsrModel csrModel, Cmpv2Server testServer)
237         throws CmpClientException, Cmpv2ClientAdapterException {
238         CertificationModel expectedCertificationModel = getCertificationModel();
239         when(
240             certificationProvider.signCsr(csrModel, testServer)
241         ).thenReturn(expectedCertificationModel);
242     }
243
244     private Cmpv2Server mockCmpv2ProviderServerSelection() {
245         Cmpv2Server testServer = getCmpv2Server();
246         when(
247             cmpv2ServerProvider.getCmpv2Server(TEST_CA)
248         ).thenReturn(testServer);
249         return testServer;
250     }
251
252     private CsrModel mockCsrFactoryModelCreation()
253         throws DecryptionException {
254         CsrModel csrModel = getCsrModel();
255         when(csrModelFactory.createCsrModel(any(), any())).thenReturn(csrModel);
256         return csrModel;
257     }
258
259     private X509CertificateModel mockCertificateFactoryModelCreation()
260         throws CertificateDecryptionException {
261         final X509CertificateModel certificateModel = mock(X509CertificateModel.class);
262         when(x509CertificateModelFactory.createCertificateModel(any())).thenReturn(certificateModel);
263         return certificateModel;
264     }
265
266     private Cmpv2Server getCmpv2Server() {
267         return new Cmpv2Server();
268     }
269
270     private CsrModel getCsrModel() {
271         return mock(CsrModel.class);
272     }
273
274     private CertificationModel getCertificationModel() {
275         List<String> testTrustedCertificates = Arrays.asList(CA_CERT, EXTRA_CA_CERT);
276         List<String> testCertificationChain = Arrays.asList(INTERMEDIATE_CERT, ENTITY_CERT);
277         return new CertificationModel(testCertificationChain, testTrustedCertificates);
278     }
279
280
281 }
"oom/platform/cert-service"