2 * ============LICENSE_START=======================================================
3 * Copyright (C) 2021 Nordix Foundation
4 * ================================================================================
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 * SPDX-License-Identifier: Apache-2.0
17 * ============LICENSE_END=========================================================
20 package org.openecomp.sdc.be.csar.security;
22 import static org.hamcrest.MatcherAssert.assertThat;
23 import static org.hamcrest.Matchers.is;
24 import static org.hamcrest.Matchers.notNullValue;
25 import static org.junit.jupiter.api.Assertions.fail;
26 import static org.mockito.ArgumentMatchers.any;
27 import static org.mockito.Mockito.doNothing;
28 import static org.mockito.Mockito.when;
29 import static org.openecomp.sdc.be.csar.security.CertificateManagerImpl.CERT_DIR_ENV_VARIABLE;
32 import java.nio.file.Path;
33 import java.nio.file.Paths;
34 import java.security.cert.CertificateExpiredException;
35 import java.security.cert.CertificateNotYetValidException;
36 import java.security.cert.X509Certificate;
37 import java.util.Optional;
38 import org.junit.jupiter.api.BeforeAll;
39 import org.junit.jupiter.api.BeforeEach;
40 import org.junit.jupiter.api.Test;
41 import org.mockito.ArgumentMatchers;
42 import org.mockito.Mock;
43 import org.mockito.MockitoAnnotations;
44 import org.openecomp.sdc.be.csar.security.api.CertificateReader;
45 import org.openecomp.sdc.be.csar.security.api.PrivateKeyReader;
46 import org.openecomp.sdc.be.csar.security.api.model.CertificateInfo;
47 import org.springframework.core.env.Environment;
49 class CertificateManagerImplTest {
52 private Environment environment;
54 private PrivateKeyReader privateKeyReader;
56 private CertificateReader certificateReader;
58 private X509Certificate certificateMock;
59 private CertificateManagerImpl certificateManager;
61 static Path certificateFolderPath;
64 static void beforeAll() {
65 final String resourceFolder = "certificateManager";
66 final URL certificateManager = CertificateManagerImplTest.class.getClassLoader().getResource(resourceFolder);
67 if (certificateManager == null) {
68 fail("Could not find resource folder " + resourceFolder);
70 certificateFolderPath = Paths.get(certificateManager.getPath());
74 void setUp() throws CertificateNotYetValidException, CertificateExpiredException {
75 MockitoAnnotations.openMocks(this);
76 when(environment.getProperty(CERT_DIR_ENV_VARIABLE)).thenReturn(certificateFolderPath.toString());
77 when(certificateMock.getType()).thenReturn("X.509");
78 doNothing().when(certificateMock).checkValidity();
79 when(certificateReader.loadCertificate(ArgumentMatchers.any())).thenReturn(certificateMock);
80 certificateManager = new CertificateManagerImpl(privateKeyReader, certificateReader, environment);
84 void getCertificateSuccessTest() {
85 final String certificateName = "fakeCert1";
86 final Optional<CertificateInfo> certificateOpt = certificateManager.getCertificate(certificateName);
87 assertThat(certificateOpt.isPresent(), is(true));
88 final CertificateInfo certificateInfo = certificateOpt.get();
89 assertThat(certificateInfo.getName(), is(certificateName));
90 assertThat(certificateInfo.getPrivateKeyFile(), is(notNullValue()));
91 assertThat(certificateInfo.getPrivateKeyFile().getAbsolutePath(),
92 is(certificateFolderPath.resolve(certificateName + ".key").toString()));
93 assertThat(certificateInfo.getCertificateFile(), is(notNullValue()));
94 assertThat(certificateInfo.getCertificateFile().getAbsolutePath(),
95 is(certificateFolderPath.resolve(certificateName + ".cert").toString()));
99 void initCertificateSuccessTest() {
100 final String certificateName1 = "fakeCert1";
101 final String certificateName2 = "fakeCert2";
102 final String certificateName3 = "fakeCert3";
103 assertThat("Certificate " + certificateName1 + " should be present",
104 certificateManager.getCertificate(certificateName1).isPresent(), is(true));
105 assertThat("Certificate " + certificateName2 + " should be present",
106 certificateManager.getCertificate(certificateName2).isPresent(), is(true));
107 assertThat("Certificate " + certificateName3 + " should not be present",
108 certificateManager.getCertificate(certificateName3).isEmpty(), is(true));
112 void invalidCertificateFolderTest() {
113 final String certificateName1 = "fakeCert1";
114 when(environment.getProperty(CERT_DIR_ENV_VARIABLE)).thenReturn("/an/invalid/folder");
115 final CertificateManagerImpl certificateManager =
116 new CertificateManagerImpl(privateKeyReader, certificateReader, environment);
117 assertThat("Certificate " + certificateName1 + " should be present",
118 certificateManager.getCertificate(certificateName1).isPresent(), is(false));
122 void noEnvironmentVariableConfiguredTest() {
123 final String certificateName1 = "fakeCert1";
124 when(environment.getProperty(CERT_DIR_ENV_VARIABLE)).thenReturn(null);
125 final CertificateManagerImpl certificateManager =
126 new CertificateManagerImpl(privateKeyReader, certificateReader, environment);
127 assertThat("Certificate " + certificateName1 + " should be present",
128 certificateManager.getCertificate(certificateName1).isPresent(), is(false));
132 void loadCertificateExceptionTest() {
133 final String certificateName1 = "fakeCert1";
134 when(certificateReader.loadCertificate(any())).thenThrow(new RuntimeException());
135 final CertificateManagerImpl certificateManager =
136 new CertificateManagerImpl(privateKeyReader, certificateReader, environment);
137 assertThat("Certificate " + certificateName1 + " should be present",
138 certificateManager.getCertificate(certificateName1).isPresent(), is(false));