2 * Copyright (c) 2018 ZTE Corporation. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 package org.opendaylight.netconf.client.mdsal.impl;
10 import static org.mockito.ArgumentMatchers.any;
11 import static org.mockito.Mockito.doNothing;
12 import static org.mockito.Mockito.doReturn;
13 import static org.mockito.Mockito.times;
14 import static org.mockito.Mockito.verify;
15 import static org.opendaylight.mdsal.common.api.CommitInfo.emptyFluentFuture;
17 import java.util.ArrayList;
18 import java.util.HashMap;
19 import java.util.List;
21 import org.junit.Before;
22 import org.junit.Test;
23 import org.junit.runner.RunWith;
24 import org.mockito.Mock;
25 import org.mockito.junit.MockitoJUnitRunner;
26 import org.opendaylight.aaa.encrypt.AAAEncryptionService;
27 import org.opendaylight.mdsal.binding.api.DataBroker;
28 import org.opendaylight.mdsal.binding.api.RpcProviderService;
29 import org.opendaylight.mdsal.binding.api.WriteTransaction;
30 import org.opendaylight.mdsal.common.api.LogicalDatastoreType;
31 import org.opendaylight.netconf.api.xml.XmlUtil;
32 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.AddPrivateKeyInput;
33 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.AddPrivateKeyInputBuilder;
34 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.AddTrustedCertificateInput;
35 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.AddTrustedCertificateInputBuilder;
36 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017._private.keys.PrivateKey;
37 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017._private.keys.PrivateKeyBuilder;
38 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017._private.keys.PrivateKeyKey;
39 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.trusted.certificates.TrustedCertificate;
40 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.trusted.certificates.TrustedCertificateBuilder;
41 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.trusted.certificates.TrustedCertificateKey;
42 import org.opendaylight.yangtools.concepts.ObjectRegistration;
43 import org.opendaylight.yangtools.yang.binding.DataObject;
44 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
45 import org.w3c.dom.Document;
46 import org.w3c.dom.Element;
47 import org.w3c.dom.Node;
48 import org.w3c.dom.NodeList;
50 @RunWith(MockitoJUnitRunner.StrictStubs.class)
51 public class NetconfSalKeystoreRpcsTest {
52 private static final String XML_ELEMENT_PRIVATE_KEY = "private-key";
53 private static final String XML_ELEMENT_NAME = "name";
54 private static final String XML_ELEMENT_DATA = "data";
55 private static final String XML_ELEMENT_CERT_CHAIN = "certificate-chain";
56 private static final String XML_ELEMENT_TRUSTED_CERT = "trusted-certificate";
57 private static final String XML_ELEMENT_CERT = "certificate";
60 private WriteTransaction writeTx;
62 private DataBroker dataBroker;
64 private AAAEncryptionService encryptionService;
66 private RpcProviderService rpcProvider;
68 private ObjectRegistration<?> rpcReg;
72 doReturn(writeTx).when(dataBroker).newWriteOnlyTransaction();
73 doNothing().when(writeTx)
74 .merge(any(LogicalDatastoreType.class), any(InstanceIdentifier.class), any(DataObject.class));
75 doReturn(rpcReg).when(rpcProvider).registerRpcImplementations(any());
76 doNothing().when(rpcReg).close();
80 public void testAddPrivateKey() throws Exception {
81 doReturn(emptyFluentFuture()).when(writeTx).commit();
82 try (var keystoreService = new NetconfSalKeystoreRpcs(dataBroker, encryptionService, rpcProvider)) {
83 final AddPrivateKeyInput input = getPrivateKeyInput();
84 keystoreService.addPrivateKey(input).get();
86 verify(writeTx, times(input.nonnullPrivateKey().size()))
87 .merge(any(LogicalDatastoreType.class), any(InstanceIdentifier.class), any(DataObject.class));
92 public void testAddTrustedCertificate() throws Exception {
93 doReturn(emptyFluentFuture()).when(writeTx).commit();
94 try (var keystoreService = new NetconfSalKeystoreRpcs(dataBroker, encryptionService, rpcProvider)) {
95 final var input = getTrustedCertificateInput();
96 keystoreService.addTrustedCertificate(input).get();
98 verify(writeTx, times(input.nonnullTrustedCertificate().size()))
99 .merge(any(LogicalDatastoreType.class), any(InstanceIdentifier.class), any(DataObject.class));
103 private AddPrivateKeyInput getPrivateKeyInput() throws Exception {
104 final Map<PrivateKeyKey, PrivateKey> privateKeys = new HashMap<>();
105 final Document document = readKeystoreXML();
106 final NodeList nodeList = document.getElementsByTagName(XML_ELEMENT_PRIVATE_KEY);
107 for (int i = 0; i < nodeList.getLength(); i++) {
108 final Node node = nodeList.item(i);
109 if (node.getNodeType() != Node.ELEMENT_NODE) {
112 final Element element = (Element)node;
113 final String keyName = element.getElementsByTagName(XML_ELEMENT_NAME).item(0).getTextContent();
114 final String keyData = element.getElementsByTagName(XML_ELEMENT_DATA).item(0).getTextContent();
115 final NodeList certNodes = element.getElementsByTagName(XML_ELEMENT_CERT_CHAIN);
116 final List<String> certChain = new ArrayList<>();
117 for (int j = 0; j < certNodes.getLength(); j++) {
118 final Node certNode = certNodes.item(j);
119 if (certNode.getNodeType() != Node.ELEMENT_NODE) {
122 certChain.add(certNode.getTextContent());
125 final PrivateKeyKey key = new PrivateKeyKey(keyName);
126 privateKeys.put(key, new PrivateKeyBuilder()
129 .setCertificateChain(certChain)
133 return new AddPrivateKeyInputBuilder().setPrivateKey(privateKeys).build();
136 private AddTrustedCertificateInput getTrustedCertificateInput() throws Exception {
137 final Map<TrustedCertificateKey, TrustedCertificate> trustedCertificates = new HashMap<>();
138 final Document document = readKeystoreXML();
139 final NodeList nodeList = document.getElementsByTagName(XML_ELEMENT_TRUSTED_CERT);
140 for (int i = 0; i < nodeList.getLength(); i++) {
141 final Node node = nodeList.item(i);
142 if (node.getNodeType() != Node.ELEMENT_NODE) {
145 final Element element = (Element)node;
146 final String certName = element.getElementsByTagName(XML_ELEMENT_NAME).item(0).getTextContent();
147 final String certData = element.getElementsByTagName(XML_ELEMENT_CERT).item(0).getTextContent();
149 final TrustedCertificateKey key = new TrustedCertificateKey(certName);
150 trustedCertificates.put(key, new TrustedCertificateBuilder()
153 .setCertificate(certData)
157 return new AddTrustedCertificateInputBuilder().setTrustedCertificate(trustedCertificates).build();
160 private Document readKeystoreXML() throws Exception {
161 return XmlUtil.readXmlToDocument(getClass().getResourceAsStream("/netconf-keystore.xml"));