certService/src/test/java/org/onap/oom/certservice/certification/model/CsrModelTest.java

   1 /*
   2  * ============LICENSE_START=======================================================
   3  * PROJECT
   4  * ================================================================================
   5  * Copyright (C) 2020 Nokia. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20
  21 package org.onap.oom.certservice.certification.model;
  22
  23 import java.util.Arrays;
  24 import java.util.List;
  25 import java.util.stream.Collectors;
  26 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
  27 import org.bouncycastle.pkcs.PKCS10CertificationRequest;
  28 import org.bouncycastle.util.io.pem.PemObject;
  29 import org.junit.jupiter.api.Test;
  30 import org.onap.oom.certservice.certification.conversion.Pkcs10CertificationRequestFactory;
  31 import org.onap.oom.certservice.certification.conversion.PemObjectFactory;
  32 import org.onap.oom.certservice.certification.TestData;
  33 import org.onap.oom.certservice.certification.exception.CsrDecryptionException;
  34 import org.onap.oom.certservice.certification.exception.DecryptionException;
  35 import org.onap.oom.certservice.certification.exception.KeyDecryptionException;
  36
  37 import java.io.IOException;
  38
  39 import static org.assertj.core.api.Assertions.assertThat;
  40 import static org.junit.jupiter.api.Assertions.assertThrows;
  41 import static org.junit.jupiter.api.Assertions.assertTrue;
  42 import static org.mockito.Mockito.mock;
  43 import static org.mockito.Mockito.when;
  44 import static org.onap.oom.certservice.certification.TestData.LOCALHOST_IP_IN_HEX;
  45 import static org.onap.oom.certservice.certification.TestData.TEST_CSR;
  46 import static org.onap.oom.certservice.certification.TestData.TEST_PEM;
  47 import static org.onap.oom.certservice.certification.TestData.TEST_PK;
  48
  49
  50 class CsrModelTest {
  51
  52     private final Pkcs10CertificationRequestFactory certificationRequestFactory
  53         = new Pkcs10CertificationRequestFactory();
  54     private final PemObjectFactory pemObjectFactory
  55         = new PemObjectFactory();
  56
  57     @Test
  58     void shouldByConstructedAndReturnProperFields() throws DecryptionException, IOException {
  59         // Given
  60         PemObject testPrivateKey = getPemPrivateKey();
  61         PemObject testPublicKey = generateTestPublicKey();
  62         PKCS10CertificationRequest testCsr = generateTestCertificationRequest();
  63
  64         // When
  65         CsrModel csrModel = generateTestCsrModel(testCsr);
  66         List<String> sansList = Arrays.stream(csrModel.getSans())
  67             .map(generalName ->  generalName.getName().toString())
  68             .collect(Collectors.toList());
  69         // Then
  70         assertThat(csrModel.getCsr())
  71             .isEqualTo(testCsr);
  72         assertThat(csrModel.getPrivateKey().getEncoded())
  73             .contains(testPrivateKey.getContent());
  74         assertThat(csrModel.getPublicKey().getEncoded())
  75             .contains(testPublicKey.getContent());
  76         assertThat(sansList)
  77             .contains("localhost", "onap.org", "test.onap.org", "onap@onap.org", LOCALHOST_IP_IN_HEX,
  78                 "onap://cluster.local/");
  79
  80         assertThat(csrModel.getSubjectData().toString())
  81             .contains(TestData.EXPECTED_CERT_SUBJECT);
  82     }
  83
  84     @Test
  85     void shouldThrowExceptionWhenPublicKeyIsNotCorrect() throws DecryptionException, IOException {
  86         // Given
  87         PemObject testPrivateKey = getPemPrivateKey();
  88         PKCS10CertificationRequest testCsr = mock(PKCS10CertificationRequest.class);
  89         SubjectPublicKeyInfo wrongKryInfo = mock(SubjectPublicKeyInfo.class);
  90         when(testCsr.getSubjectPublicKeyInfo())
  91             .thenReturn(wrongKryInfo);
  92         when(wrongKryInfo.getEncoded())
  93             .thenThrow(new IOException());
  94
  95         // When
  96         Exception exception = assertThrows(
  97             CsrDecryptionException.class,
  98             () -> new CsrModel.CsrModelBuilder(testCsr, testPrivateKey).build()
  99         );
 100
 101         String expectedMessage = "Reading Public Key from CSR failed";
 102         String actualMessage = exception.getMessage();
 103
 104         // Then
 105         assertTrue(actualMessage.contains(expectedMessage));
 106     }
 107
 108     @Test
 109     void shouldThrowExceptionWhenPrivateKeyPemIsNotProperPrivateKey() throws KeyDecryptionException, IOException {
 110         // Given
 111         PemObject testPrivateKey = getPemWrongKey();
 112         PKCS10CertificationRequest testCsr = mock(PKCS10CertificationRequest.class);
 113         SubjectPublicKeyInfo wrongKryInfo = mock(SubjectPublicKeyInfo.class);
 114         when(testCsr.getSubjectPublicKeyInfo())
 115             .thenReturn(wrongKryInfo);
 116         when(wrongKryInfo.getEncoded())
 117             .thenThrow(new IOException());
 118
 119         // When
 120         Exception exception = assertThrows(
 121             KeyDecryptionException.class,
 122             () -> new CsrModel.CsrModelBuilder(testCsr, testPrivateKey).build()
 123         );
 124
 125         String expectedMessage = "Converting Private Key failed";
 126         String actualMessage = exception.getMessage();
 127
 128         // Then
 129         assertTrue(actualMessage.contains(expectedMessage));
 130     }
 131
 132     @Test
 133     void shouldThrowExceptionWhenPublicKeyPemIsNotProperPublicKey() throws KeyDecryptionException, IOException {
 134         // Given
 135         PemObject testPrivateKey = getPemPrivateKey();
 136         PemObject testPublicKey = getPemWrongKey();
 137         PKCS10CertificationRequest testCsr = mock(PKCS10CertificationRequest.class);
 138         SubjectPublicKeyInfo wrongKryInfo = mock(SubjectPublicKeyInfo.class);
 139         when(testCsr.getSubjectPublicKeyInfo())
 140             .thenReturn(wrongKryInfo);
 141         when(wrongKryInfo.getEncoded())
 142             .thenReturn(testPublicKey.getContent());
 143
 144         // When
 145         Exception exception = assertThrows(
 146             KeyDecryptionException.class,
 147             () -> new CsrModel.CsrModelBuilder(testCsr, testPrivateKey).build()
 148         );
 149
 150         String expectedMessage = "Converting Public Key from CSR failed";
 151         String actualMessage = exception.getMessage();
 152
 153         // Then
 154         assertTrue(actualMessage.contains(expectedMessage));
 155     }
 156
 157     private PemObject getPemPrivateKey() throws KeyDecryptionException {
 158         PemObjectFactory pemObjectFactory = new PemObjectFactory();
 159         return pemObjectFactory.createPemObject(TEST_PK).orElseThrow(
 160             () -> new KeyDecryptionException("Private key decoding fail")
 161         );
 162     }
 163
 164     private PemObject getPemWrongKey() throws KeyDecryptionException {
 165         PemObjectFactory pemObjectFactory = new PemObjectFactory();
 166         return pemObjectFactory.createPemObject(TEST_PEM).orElseThrow(
 167             () -> new KeyDecryptionException("Private key decoding fail")
 168         );
 169     }
 170
 171     private CsrModel generateTestCsrModel(PKCS10CertificationRequest testCsr) throws DecryptionException {
 172         PemObject testPrivateKey = pemObjectFactory.createPemObject(TEST_PK).orElseThrow(
 173             () -> new DecryptionException("Incorrect Private Key, decryption failed")
 174         );
 175         return new CsrModel.CsrModelBuilder(testCsr, testPrivateKey).build();
 176     }
 177
 178     private PemObject generateTestPublicKey() throws DecryptionException, IOException {
 179         PKCS10CertificationRequest testCsr = generateTestCertificationRequest();
 180         return new PemObject("PUBLIC KEY", testCsr.getSubjectPublicKeyInfo().getEncoded());
 181     }
 182
 183     private PKCS10CertificationRequest generateTestCertificationRequest() throws DecryptionException {
 184         return pemObjectFactory.createPemObject(TEST_CSR)
 185             .flatMap(
 186                 certificationRequestFactory::createPkcs10CertificationRequest
 187             ).orElseThrow(
 188                 () -> new DecryptionException("Incorrect CSR, decryption failed")
 189             );
 190     }
 191
 192 }