2 * Copyright (c) 2016 Inocybe Technologies. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.aaa.cert.test;
11 import org.bouncycastle.jce.provider.BouncyCastleProvider;
12 import org.junit.BeforeClass;
13 import org.junit.Test;
14 import org.opendaylight.aaa.cert.impl.AaaCertMdsalProvider;
15 import org.opendaylight.aaa.cert.impl.KeyStoreConstant;
16 import org.opendaylight.aaa.cert.impl.ODLKeyTool;
17 import org.opendaylight.aaa.cert.utils.KeyStoresDataUtils;
18 import org.opendaylight.aaa.encrypt.AAAEncryptionService;
19 import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.mdsal.rev160321.cipher.suite.CipherSuites;
20 import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.mdsal.rev160321.cipher.suite.CipherSuitesBuilder;
21 import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.mdsal.rev160321.key.stores.SslData;
22 import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.mdsal.rev160321.key.stores.SslDataBuilder;
23 import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.mdsal.rev160321.ssl.data.OdlKeystore;
24 import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.mdsal.rev160321.ssl.data.OdlKeystoreBuilder;
25 import org.opendaylight.yang.gen.v1.urn.opendaylight.yang.aaa.cert.mdsal.rev160321.ssl.data.TrustKeystore;
28 import java.security.KeyStore;
29 import java.security.Security;
30 import java.util.ArrayList;
31 import java.util.Arrays;
32 import java.util.List;
34 import static org.junit.Assert.assertNotNull;
35 import static org.junit.Assert.assertTrue;
36 import static org.mockito.Matchers.any;
37 import static org.mockito.Matchers.isA;
38 import static org.mockito.Mockito.mock;
39 import static org.mockito.Mockito.when;
40 import static org.opendaylight.aaa.cert.test.TestUtils.mockDataBroker;
42 public class AaaCertMdsalProviderTest {
43 private static final String alias = TestUtils.dummyAlias;
44 private static final String bundleName = "opendaylight";
45 private static final String certificate = TestUtils.dummyCert;
46 private static final String cipherSuiteName = "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256";
47 private static final String[] cipherSuitesArray = {cipherSuiteName};
48 private static final String dName = "CN=ODL, OU=Dev, O=LinuxFoundation, L=QC Montreal, C=CA";
49 private static final String odlName = "odlTest.jks";
50 private static final String password = "passWord";
51 private static final String protocol = "SSLv2Hello";
52 private static final String testPath = "target" + File.separator + "test" + File.separator;
53 private static final String trustName = "trustTest.jks";
54 private static AAAEncryptionService aaaEncryptionService;
55 private static AaaCertMdsalProvider aaaCertMdsalProvider;
56 private static SslData signedSslData;
57 private static SslData unsignedSslData;
60 Security.addProvider(new BouncyCastleProvider());
64 public static void setUpBeforeClass() throws Exception {
66 final AAAEncryptionService aaaEncryptionServiceInit = mock(AAAEncryptionService.class);
67 final ODLKeyTool odlKeyTool = new ODLKeyTool(testPath);
68 final KeyStoresDataUtils keyStoresDataUtils = new KeyStoresDataUtils(aaaEncryptionServiceInit);
70 final OdlKeystore signedOdlKeystore = keyStoresDataUtils.createOdlKeystore(odlName, alias, password,
71 dName, KeyStoreConstant.DEFAULT_SIGN_ALG, KeyStoreConstant.DEFAULT_KEY_ALG,
72 KeyStoreConstant.DEFAULT_VALIDITY, KeyStoreConstant.DEFAULT_KEY_SIZE, odlKeyTool);
73 final TrustKeystore signedTrustKeyStore = keyStoresDataUtils.createTrustKeystore(trustName, password,
74 signedOdlKeystore.getKeystoreFile());
75 final TrustKeystore unsignedTrustKeyStore = keyStoresDataUtils.createTrustKeystore(trustName,password, odlKeyTool);
77 final CipherSuites cipherSuite = new CipherSuitesBuilder()
78 .setSuiteName(cipherSuiteName)
81 final List<CipherSuites> cipherSuites = new ArrayList<>(Arrays.asList(cipherSuite));
83 signedSslData = new SslDataBuilder()
84 .setCipherSuites(cipherSuites)
85 .setOdlKeystore(signedOdlKeystore)
86 .setTrustKeystore(signedTrustKeyStore)
87 .setTlsProtocols(protocol)
90 final OdlKeystore unsignedOdlKeystore = new OdlKeystoreBuilder()
94 .setStorePassword(password)
95 .setValidity(KeyStoreConstant.DEFAULT_VALIDITY)
96 .setKeyAlg(KeyStoreConstant.DEFAULT_KEY_ALG)
97 .setKeysize(KeyStoreConstant.DEFAULT_KEY_SIZE)
98 .setSignAlg(KeyStoreConstant.DEFAULT_SIGN_ALG)
99 .setKeystoreFile(unsignedTrustKeyStore.getKeystoreFile())
102 unsignedSslData = new SslDataBuilder()
103 .setOdlKeystore(unsignedOdlKeystore)
104 .setTrustKeystore(unsignedTrustKeyStore)
107 when(aaaEncryptionServiceInit.decrypt(unsignedTrustKeyStore.getKeystoreFile())).thenReturn(unsignedTrustKeyStore.getKeystoreFile());
108 when(aaaEncryptionServiceInit.decrypt(signedOdlKeystore.getKeystoreFile())).thenReturn(signedOdlKeystore.getKeystoreFile());
109 when(aaaEncryptionServiceInit.decrypt(isA(String.class))).thenReturn(password);
110 aaaEncryptionService = aaaEncryptionServiceInit;
113 aaaCertMdsalProvider = new AaaCertMdsalProvider(mockDataBroker(signedSslData), aaaEncryptionService);
114 assertNotNull(aaaCertMdsalProvider);
118 public void addSslDataKeystoresTest() throws Exception {
119 SslData result = new AaaCertMdsalProvider(mockDataBroker(signedSslData), aaaEncryptionService).addSslDataKeystores(bundleName, odlName, password,
120 alias, dName, trustName, password, cipherSuitesArray , protocol);
121 assertTrue(result.getOdlKeystore().getDname() == dName);
122 assertTrue(result.getOdlKeystore().getName() == odlName);
123 assertTrue(result.getTrustKeystore().getName() == trustName);
127 public void genODLKeyStoreCertificateReqTest() {
128 String result = aaaCertMdsalProvider.genODLKeyStoreCertificateReq(bundleName, true);
129 assertTrue(result != null && !result.isEmpty());
130 assertTrue(result.contains(KeyStoreConstant.END_CERTIFICATE_REQUEST));
131 result = aaaCertMdsalProvider.genODLKeyStoreCertificateReq(bundleName, false);
132 assertTrue(!result.contains(KeyStoreConstant.END_CERTIFICATE_REQUEST));
136 public void getCipherSuitesTest() {
137 String[] result = aaaCertMdsalProvider.getCipherSuites(bundleName);
138 assertTrue(Arrays.equals(result, cipherSuitesArray));
142 public void getODLKeyStoreTest() {
143 KeyStore result = aaaCertMdsalProvider.getODLKeyStore(bundleName);
144 assertNotNull(result);
148 public void getODLStoreCertificateTest() {
149 String result = aaaCertMdsalProvider.getODLStoreCertificate(bundleName, true);
150 assertTrue(result != null && !result.isEmpty());
151 assertTrue(result.contains(KeyStoreConstant.END_CERTIFICATE));
152 result = aaaCertMdsalProvider.getODLStoreCertificate(bundleName, false);
153 assertTrue(!result.contains(KeyStoreConstant.END_CERTIFICATE));
157 public void getSslDataTest() {
158 SslData result = aaaCertMdsalProvider.getSslData(bundleName);
159 assertTrue(result.equals(signedSslData));
163 public void getTrustKeyStoreTest() {
164 KeyStore result = aaaCertMdsalProvider.getTrustKeyStore(bundleName);
165 assertNotNull(result);
169 public void getTrustStoreCertificateTest() {
170 String result = aaaCertMdsalProvider.getTrustStoreCertificate(bundleName, alias,true);
171 assertTrue(result != null && !result.isEmpty());
172 assertTrue(result.contains(KeyStoreConstant.END_CERTIFICATE));
173 result = aaaCertMdsalProvider.getTrustStoreCertificate(bundleName, alias, false);
174 assertTrue(!result.contains(KeyStoreConstant.END_CERTIFICATE));
178 public void importSslDataKeystoresTest() {
179 SslData result = aaaCertMdsalProvider.importSslDataKeystores(bundleName, odlName, password, alias, aaaCertMdsalProvider.getODLKeyStore(bundleName),
180 trustName, password, aaaCertMdsalProvider.getTrustKeyStore(bundleName), cipherSuitesArray, protocol);
181 assertTrue(result.getOdlKeystore().getKeystoreFile().length == signedSslData.getOdlKeystore().getKeystoreFile().length);
185 public void removeSslDataTest() {
186 Boolean result = aaaCertMdsalProvider.removeSslData(bundleName);
191 public void updateSslDataTest() {
192 SslData result = aaaCertMdsalProvider.updateSslData(signedSslData);
193 assertTrue(result.equals(signedSslData));
197 public void getTlsProtocolsTest() {
198 String[] result = aaaCertMdsalProvider.getTlsProtocols(bundleName);
199 assertNotNull(result);
200 assertTrue(result.length == 1);
201 assertTrue(result[0] == protocol);
205 public void addTrustNodeCertificateTest() throws Exception {
206 Boolean result = new AaaCertMdsalProvider(mockDataBroker(unsignedSslData), aaaEncryptionService)
207 .addTrustNodeCertificate(bundleName, alias, certificate);
212 public void addODLStoreSignedCertificate() throws Exception {
213 Boolean result = new AaaCertMdsalProvider(mockDataBroker(unsignedSslData), aaaEncryptionService)
214 .addODLStoreSignedCertificate(bundleName, alias, certificate);