2 * Copyright (c) 2018 ZTE Corporation. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 package org.opendaylight.netconf.keystore.legacy.impl;
10 import static org.mockito.ArgumentMatchers.any;
11 import static org.mockito.Mockito.doReturn;
12 import static org.mockito.Mockito.times;
13 import static org.mockito.Mockito.verify;
14 import static org.opendaylight.mdsal.common.api.CommitInfo.emptyFluentFuture;
16 import java.util.ArrayList;
17 import java.util.HashMap;
18 import org.junit.jupiter.api.BeforeAll;
19 import org.junit.jupiter.api.BeforeEach;
20 import org.junit.jupiter.api.Test;
21 import org.junit.jupiter.api.extension.ExtendWith;
22 import org.mockito.Mock;
23 import org.mockito.junit.jupiter.MockitoExtension;
24 import org.opendaylight.aaa.encrypt.AAAEncryptionService;
25 import org.opendaylight.mdsal.binding.api.DataBroker;
26 import org.opendaylight.mdsal.binding.api.RpcProviderService;
27 import org.opendaylight.mdsal.binding.api.WriteTransaction;
28 import org.opendaylight.mdsal.common.api.LogicalDatastoreType;
29 import org.opendaylight.netconf.api.xml.XmlUtil;
30 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.AddPrivateKeyInput;
31 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.AddPrivateKeyInputBuilder;
32 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.AddTrustedCertificateInput;
33 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.AddTrustedCertificateInputBuilder;
34 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017._private.keys.PrivateKey;
35 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017._private.keys.PrivateKeyBuilder;
36 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017._private.keys.PrivateKeyKey;
37 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.trusted.certificates.TrustedCertificate;
38 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.trusted.certificates.TrustedCertificateBuilder;
39 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.trusted.certificates.TrustedCertificateKey;
40 import org.opendaylight.yangtools.concepts.ObjectRegistration;
41 import org.opendaylight.yangtools.yang.binding.DataObject;
42 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
43 import org.w3c.dom.Document;
44 import org.w3c.dom.Element;
46 @ExtendWith(MockitoExtension.class)
47 class NetconfKeystoreRpcsTest {
48 private static final String XML_ELEMENT_PRIVATE_KEY = "private-key";
49 private static final String XML_ELEMENT_NAME = "name";
50 private static final String XML_ELEMENT_DATA = "data";
51 private static final String XML_ELEMENT_CERT_CHAIN = "certificate-chain";
52 private static final String XML_ELEMENT_TRUSTED_CERT = "trusted-certificate";
53 private static final String XML_ELEMENT_CERT = "certificate";
55 private static Document KEYSTORE;
58 private WriteTransaction writeTx;
60 private DataBroker dataBroker;
62 private AAAEncryptionService encryptionService;
64 private RpcProviderService rpcProvider;
66 private ObjectRegistration<?> rpcReg;
69 static void beforeAll() throws Exception {
70 KEYSTORE = XmlUtil.readXmlToDocument(
71 NetconfKeystoreRpcsTest.class.getResourceAsStream("/netconf-keystore.xml"));
76 doReturn(writeTx).when(dataBroker).newWriteOnlyTransaction();
80 void testAddPrivateKey() throws Exception {
81 doReturn(emptyFluentFuture()).when(writeTx).commit();
83 final var rpc = new DefaultAddPrivateKey(dataBroker);
84 final var input = getPrivateKeyInput();
85 rpc.invoke(input).get();
87 verify(writeTx, times(input.nonnullPrivateKey().size()))
88 .put(any(LogicalDatastoreType.class), any(InstanceIdentifier.class), any(DataObject.class));
91 private static AddPrivateKeyInput getPrivateKeyInput() throws Exception {
92 final var privateKeys = new HashMap<PrivateKeyKey, PrivateKey>();
93 final var nodeList = KEYSTORE.getElementsByTagName(XML_ELEMENT_PRIVATE_KEY);
94 for (int i = 0; i < nodeList.getLength(); i++) {
95 if (nodeList.item(i) instanceof Element element) {
96 final var keyName = element.getElementsByTagName(XML_ELEMENT_NAME).item(0).getTextContent();
97 final var keyData = element.getElementsByTagName(XML_ELEMENT_DATA).item(0).getTextContent();
98 final var certNodes = element.getElementsByTagName(XML_ELEMENT_CERT_CHAIN);
99 final var certChain = new ArrayList<String>();
100 for (int j = 0; j < certNodes.getLength(); j++) {
101 if (certNodes.item(j) instanceof Element certElement) {
102 certChain.add(certElement.getTextContent());
106 final var key = new PrivateKeyKey(keyName);
107 privateKeys.put(key, new PrivateKeyBuilder()
110 .setCertificateChain(certChain)
115 return new AddPrivateKeyInputBuilder().setPrivateKey(privateKeys).build();
119 void testAddTrustedCertificate() throws Exception {
120 doReturn(emptyFluentFuture()).when(writeTx).commit();
122 final var rpc = new DefaultAddTrustedCertificate(dataBroker);
123 final var input = getTrustedCertificateInput();
124 rpc.invoke(input).get();
126 verify(writeTx, times(input.nonnullTrustedCertificate().size()))
127 .put(any(LogicalDatastoreType.class), any(InstanceIdentifier.class), any(DataObject.class));
130 private static AddTrustedCertificateInput getTrustedCertificateInput() throws Exception {
131 final var trustedCertificates = new HashMap<TrustedCertificateKey, TrustedCertificate>();
132 final var nodeList = KEYSTORE.getElementsByTagName(XML_ELEMENT_TRUSTED_CERT);
133 for (int i = 0; i < nodeList.getLength(); i++) {
134 if (nodeList.item(i) instanceof Element element) {
135 final var certName = element.getElementsByTagName(XML_ELEMENT_NAME).item(0).getTextContent();
136 final var certData = element.getElementsByTagName(XML_ELEMENT_CERT).item(0).getTextContent();
138 final var key = new TrustedCertificateKey(certName);
139 trustedCertificates.put(key, new TrustedCertificateBuilder()
142 .setCertificate(certData)
147 return new AddTrustedCertificateInputBuilder().setTrustedCertificate(trustedCertificates).build();