gerrit.onap Code Review - oom/platform/cert-service.git/blob

   1 /*
   2  * ============LICENSE_START=======================================================
   3  * Cert Service
   4  * ================================================================================
   5  * Copyright (C) 2020 Nokia. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20
  21 package org.onap.aaf.certservice.certification.adapter;
  22
  23 import java.io.IOException;
  24 import java.io.InputStream;
  25 import java.io.StringWriter;
  26 import java.nio.charset.StandardCharsets;
  27 import java.security.NoSuchProviderException;
  28 import java.security.PrivateKey;
  29 import java.security.cert.CertificateException;
  30 import java.security.cert.X509Certificate;
  31 import java.util.Arrays;
  32 import java.util.Collections;
  33 import java.util.List;
  34 import java.util.Objects;
  35 import org.apache.commons.io.IOUtils;
  36 import org.bouncycastle.asn1.x509.Certificate;
  37 import org.bouncycastle.cert.X509CertificateHolder;
  38 import org.bouncycastle.cert.X509v3CertificateBuilder;
  39 import org.bouncycastle.operator.ContentSigner;
  40 import org.bouncycastle.operator.OperatorCreationException;
  41 import org.bouncycastle.pkcs.PKCS10CertificationRequest;
  42 import org.junit.jupiter.api.Assertions;
  43 import org.junit.jupiter.api.Test;
  44 import org.mockito.InjectMocks;
  45 import org.mockito.Mock;
  46 import org.mockito.Mockito;
  47 import org.onap.aaf.certservice.certification.configuration.model.CaMode;
  48 import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server;
  49 import org.onap.aaf.certservice.certification.exception.Cmpv2ClientAdapterException;
  50 import org.onap.aaf.certservice.certification.model.CertificationModel;
  51 import org.onap.aaf.certservice.certification.model.CsrModel;
  52 import org.onap.aaf.certservice.cmpv2client.api.CmpClient;
  53 import org.onap.aaf.certservice.cmpv2client.exceptions.CmpClientException;
  54 import org.onap.aaf.certservice.cmpv2client.external.CSRMeta;
  55 import org.springframework.boot.test.context.SpringBootTest;
  56
  57 @SpringBootTest
  58 class Cmpv2ClientAdapterTest {
  59
  60     @Mock
  61     private CmpClient cmpClient;
  62     @Mock
  63     private CsrModel csrModel;
  64     @Mock
  65     private Cmpv2Server server;
  66     @Mock
  67     private RSAContentSignerBuilder rsaContentSignerBuilder;
  68     @Mock
  69     private X509CertificateBuilder x509CertificateBuilder;
  70     @Mock
  71     private PKCS10CertificationRequest csr;
  72     @Mock
  73     private PrivateKey privateKey;
  74     @Mock
  75     private X509v3CertificateBuilder x509V3CertificateBuilder;
  76     @Mock
  77     private ContentSigner contentSigner;
  78     @Mock
  79     private X509CertificateHolder holder;
  80     @Mock
  81     private Certificate asn1Certificate;
  82     @Mock
  83     private X509Certificate certificate;
  84     @Mock
  85     private CertificateFactoryProvider certificateFactoryProvider;
  86     @Mock
  87     private CSRMetaBuilder csrMetaBuilder;
  88     @Mock
  89     private CSRMeta csrMeta;
  90
  91     @InjectMocks
  92     private Cmpv2ClientAdapter adapter;
  93
  94     private static final CaMode CA_MODEL = CaMode.CLIENT;
  95     private static final String TEST_MSG = "Test";
  96
  97     @Test
  98     void adapterShouldRethrowClientExceptionOnFailure()
  99             throws CmpClientException, IOException, OperatorCreationException, CertificateException,
 100                            NoSuchProviderException {
 101         // Given
 102         stubInternalProperties();
 103
 104         // When
 105         Mockito.when(cmpClient.createCertificate(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any()))
 106                 .thenThrow(new CmpClientException(TEST_MSG));
 107
 108         // Then
 109         Assertions.assertThrows(CmpClientException.class, () -> adapter.callCmpClient(csrModel, server));
 110     }
 111
 112     @Test
 113     void shouldConvertToCertificationModel()
 114             throws OperatorCreationException, CertificateException, NoSuchProviderException, IOException,
 115                            CmpClientException, Cmpv2ClientAdapterException {
 116         // Given
 117         stubInternalProperties();
 118
 119         // When
 120         Mockito.when(cmpClient.createCertificate(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any()))
 121                 .thenReturn(createCorrectClientResponse());
 122         CertificationModel certificationModel = adapter.callCmpClient(csrModel, server);
 123
 124         // Then
 125         InputStream certificate = getClass().getClassLoader().getResourceAsStream("certificateModelChain.first");
 126         InputStream trustedCertificate =
 127                 getClass().getClassLoader().getResourceAsStream("trustedCertificatesModel.first");
 128         String certificateModel = removeLineEndings(certificationModel.getCertificateChain().get(0));
 129         String expectedCertificate =
 130                 removeLineEndings(IOUtils.toString(Objects.requireNonNull(certificate), StandardCharsets.UTF_8));
 131         String trustedCertificateModel = removeLineEndings(certificationModel.getTrustedCertificates().get(0));
 132         String expectedTrustedCertificate =
 133                 removeLineEndings(IOUtils.toString(Objects.requireNonNull(trustedCertificate), StandardCharsets.UTF_8));
 134
 135         Assertions.assertEquals(certificateModel, expectedCertificate);
 136         Assertions.assertEquals(trustedCertificateModel, expectedTrustedCertificate);
 137     }
 138
 139     @Test
 140     void adapterShouldThrowClientAdapterExceptionOnFailure()
 141             throws OperatorCreationException, CertificateException, NoSuchProviderException, IOException,
 142                            CmpClientException {
 143         // Given
 144         stubInternalProperties();
 145
 146         // When
 147         Mockito.when(cmpClient.createCertificate(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any()))
 148                 .thenReturn(createCorrectClientResponse());
 149         Mockito.when(certificateFactoryProvider.generateCertificate(Mockito.any()))
 150                 .thenThrow(new CertificateException(TEST_MSG));
 151
 152         // Then
 153         Assertions.assertThrows(Cmpv2ClientAdapterException.class, () -> adapter.callCmpClient(csrModel, server));
 154     }
 155
 156     private List<List<X509Certificate>> createCorrectClientResponse()
 157             throws CertificateException, NoSuchProviderException {
 158         InputStream certificateChain = getClass().getClassLoader().getResourceAsStream("certificateChain.first");
 159         InputStream trustedCertificate = getClass().getClassLoader().getResourceAsStream("trustedCertificates.first");
 160         X509Certificate x509Certificate = new CertificateFactoryProvider().generateCertificate(certificateChain);
 161         X509Certificate x509TrustedCertificate =
 162                 new CertificateFactoryProvider().generateCertificate(trustedCertificate);
 163         return Arrays.asList(Collections.singletonList(x509Certificate),
 164                 Collections.singletonList(x509TrustedCertificate));
 165     }
 166
 167     private String removeLineEndings(String string) {
 168         return string.replace("\n", "").replace("\r", "");
 169     }
 170
 171     private void stubInternalProperties()
 172             throws IOException, OperatorCreationException, CertificateException, NoSuchProviderException {
 173         Mockito.when(server.getCaMode()).thenReturn(CA_MODEL);
 174         Mockito.when(csrModel.getCsr()).thenReturn(csr);
 175         Mockito.when(csrModel.getPrivateKey()).thenReturn(privateKey);
 176         Mockito.when(x509CertificateBuilder.build(csr)).thenReturn(x509V3CertificateBuilder);
 177         Mockito.when(rsaContentSignerBuilder.build(csr, privateKey)).thenReturn(contentSigner);
 178         Mockito.when(x509V3CertificateBuilder.build(contentSigner)).thenReturn(holder);
 179         Mockito.when(holder.toASN1Structure()).thenReturn(asn1Certificate);
 180         Mockito.when(certificateFactoryProvider.generateCertificate(Mockito.any())).thenReturn(certificate);
 181         Mockito.when(holder.toASN1Structure().getEncoded()).thenReturn("".getBytes());
 182         Mockito.when(csrMetaBuilder.build(csrModel, server)).thenReturn(csrMeta);
 183     }
 184
 185 }