2 * Copyright (c) 2018 ZTE Corporation. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 package org.opendaylight.netconf.sal.connect.netconf.util;
10 import static org.mockito.ArgumentMatchers.any;
11 import static org.mockito.ArgumentMatchers.eq;
12 import static org.mockito.Mockito.doNothing;
13 import static org.mockito.Mockito.doReturn;
14 import static org.mockito.Mockito.times;
15 import static org.mockito.Mockito.verify;
16 import static org.opendaylight.mdsal.common.api.CommitInfo.emptyFluentFuture;
18 import java.util.ArrayList;
19 import java.util.HashMap;
20 import java.util.List;
22 import org.junit.Before;
23 import org.junit.Test;
24 import org.junit.runner.RunWith;
25 import org.mockito.Mock;
26 import org.mockito.junit.MockitoJUnitRunner;
27 import org.opendaylight.aaa.encrypt.AAAEncryptionService;
28 import org.opendaylight.mdsal.binding.api.DataBroker;
29 import org.opendaylight.mdsal.binding.api.RpcProviderService;
30 import org.opendaylight.mdsal.binding.api.WriteTransaction;
31 import org.opendaylight.mdsal.common.api.LogicalDatastoreType;
32 import org.opendaylight.netconf.api.xml.XmlUtil;
33 import org.opendaylight.netconf.sal.connect.util.NetconfSalKeystoreService;
34 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.AddPrivateKeyInput;
35 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.AddPrivateKeyInputBuilder;
36 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.AddTrustedCertificateInput;
37 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.AddTrustedCertificateInputBuilder;
38 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.NetconfKeystoreService;
39 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017._private.keys.PrivateKey;
40 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017._private.keys.PrivateKeyBuilder;
41 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017._private.keys.PrivateKeyKey;
42 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.trusted.certificates.TrustedCertificate;
43 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.trusted.certificates.TrustedCertificateBuilder;
44 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.trusted.certificates.TrustedCertificateKey;
45 import org.opendaylight.yangtools.concepts.ObjectRegistration;
46 import org.opendaylight.yangtools.yang.binding.DataObject;
47 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
48 import org.w3c.dom.Document;
49 import org.w3c.dom.Element;
50 import org.w3c.dom.Node;
51 import org.w3c.dom.NodeList;
53 @RunWith(MockitoJUnitRunner.StrictStubs.class)
54 public class NetconfSalKeystoreServiceTest {
55 private static final String XML_ELEMENT_PRIVATE_KEY = "private-key";
56 private static final String XML_ELEMENT_NAME = "name";
57 private static final String XML_ELEMENT_DATA = "data";
58 private static final String XML_ELEMENT_CERT_CHAIN = "certificate-chain";
59 private static final String XML_ELEMENT_TRUSTED_CERT = "trusted-certificate";
60 private static final String XML_ELEMENT_CERT = "certificate";
63 private WriteTransaction writeTx;
65 private DataBroker dataBroker;
67 private AAAEncryptionService encryptionService;
69 private RpcProviderService rpcProvider;
71 private ObjectRegistration<?> rpcReg;
75 doReturn(writeTx).when(dataBroker).newWriteOnlyTransaction();
76 doNothing().when(writeTx)
77 .merge(any(LogicalDatastoreType.class), any(InstanceIdentifier.class), any(DataObject.class));
78 doReturn(rpcReg).when(rpcProvider).registerRpcImplementation(eq(NetconfKeystoreService.class), any());
79 doNothing().when(rpcReg).close();
83 public void testAddPrivateKey() throws Exception {
84 doReturn(emptyFluentFuture()).when(writeTx).commit();
85 try (var keystoreService = new NetconfSalKeystoreService(dataBroker, encryptionService, rpcProvider)) {
86 final AddPrivateKeyInput input = getPrivateKeyInput();
87 keystoreService.addPrivateKey(input);
89 verify(writeTx, times(input.nonnullPrivateKey().size()))
90 .merge(any(LogicalDatastoreType.class), any(InstanceIdentifier.class), any(DataObject.class));
95 public void testAddTrustedCertificate() throws Exception {
96 doReturn(emptyFluentFuture()).when(writeTx).commit();
97 try (var keystoreService = new NetconfSalKeystoreService(dataBroker, encryptionService, rpcProvider)) {
98 final AddTrustedCertificateInput input = getTrustedCertificateInput();
99 keystoreService.addTrustedCertificate(input);
101 verify(writeTx, times(input.nonnullTrustedCertificate().size()))
102 .merge(any(LogicalDatastoreType.class), any(InstanceIdentifier.class), any(DataObject.class));
106 private AddPrivateKeyInput getPrivateKeyInput() throws Exception {
107 final Map<PrivateKeyKey, PrivateKey> privateKeys = new HashMap<>();
108 final Document document = readKeystoreXML();
109 final NodeList nodeList = document.getElementsByTagName(XML_ELEMENT_PRIVATE_KEY);
110 for (int i = 0; i < nodeList.getLength(); i++) {
111 final Node node = nodeList.item(i);
112 if (node.getNodeType() != Node.ELEMENT_NODE) {
115 final Element element = (Element)node;
116 final String keyName = element.getElementsByTagName(XML_ELEMENT_NAME).item(0).getTextContent();
117 final String keyData = element.getElementsByTagName(XML_ELEMENT_DATA).item(0).getTextContent();
118 final NodeList certNodes = element.getElementsByTagName(XML_ELEMENT_CERT_CHAIN);
119 final List<String> certChain = new ArrayList<>();
120 for (int j = 0; j < certNodes.getLength(); j++) {
121 final Node certNode = certNodes.item(j);
122 if (certNode.getNodeType() != Node.ELEMENT_NODE) {
125 certChain.add(certNode.getTextContent());
128 final PrivateKeyKey key = new PrivateKeyKey(keyName);
129 privateKeys.put(key, new PrivateKeyBuilder()
132 .setCertificateChain(certChain)
136 return new AddPrivateKeyInputBuilder().setPrivateKey(privateKeys).build();
139 private AddTrustedCertificateInput getTrustedCertificateInput() throws Exception {
140 final Map<TrustedCertificateKey, TrustedCertificate> trustedCertificates = new HashMap<>();
141 final Document document = readKeystoreXML();
142 final NodeList nodeList = document.getElementsByTagName(XML_ELEMENT_TRUSTED_CERT);
143 for (int i = 0; i < nodeList.getLength(); i++) {
144 final Node node = nodeList.item(i);
145 if (node.getNodeType() != Node.ELEMENT_NODE) {
148 final Element element = (Element)node;
149 final String certName = element.getElementsByTagName(XML_ELEMENT_NAME).item(0).getTextContent();
150 final String certData = element.getElementsByTagName(XML_ELEMENT_CERT).item(0).getTextContent();
152 final TrustedCertificateKey key = new TrustedCertificateKey(certName);
153 trustedCertificates.put(key, new TrustedCertificateBuilder()
156 .setCertificate(certData)
160 return new AddTrustedCertificateInputBuilder().setTrustedCertificate(trustedCertificates).build();
163 private Document readKeystoreXML() throws Exception {
164 return XmlUtil.readXmlToDocument(getClass().getResourceAsStream("/netconf-keystore.xml"));