Google Git
Sign in
apache / incubator-taverna-engine / refs/tags/apache-retire-2020-03-12 / . / taverna-credential-manager-impl / src / test / java / org / apache / taverna / security / credentialmanager / impl / CredentialManagerImplTest.java
blob: f07347992b3cccf3aa2f61f6dc208d26e57f958e [file] [log] [blame]
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.taverna.security.credentialmanager.impl;
import static org.junit.Assert.*;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.List;
import java.util.Random;
import javax.net.ssl.SSLSocketFactory;
import org.apache.taverna.lang.observer.Observable;
import org.apache.taverna.lang.observer.Observer;
import org.apache.taverna.security.credentialmanager.CMException;
import org.apache.taverna.security.credentialmanager.CredentialManager;
import org.apache.taverna.security.credentialmanager.CredentialManager.KeystoreType;
import org.apache.taverna.security.credentialmanager.JavaTruststorePasswordProvider;
import org.apache.taverna.security.credentialmanager.KeystoreChangedEvent;
import org.apache.taverna.security.credentialmanager.MasterPasswordProvider;
import org.apache.taverna.security.credentialmanager.ServiceUsernameAndPasswordProvider;
import org.apache.taverna.security.credentialmanager.TrustConfirmationProvider;
import org.apache.taverna.security.credentialmanager.UsernamePassword;
import org.apache.commons.io.FileUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.junit.After;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
/**
* Tests here should not require Java strong/unlimited cryptography policy to be installed,
* although if something goes wrong that is the first thing to be checked for.
*
* Java by default comes with the weak policy
* that disables the use of certain cryto algorithms and bigger key sizes. Although
* it is claimed that as of Java 6 the default policy is strong, we have seen otherwise,
* so make sure you install it.
*
* For Java 6, strong/unlimited cryptography policy can be downloaded
* (together with the installation instructions) from:
* http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html
*
* An empty Keystore/Truststore is created before each test so we always start afresh
* (see the setUp() method).
* s
* @author Alex Nenadic
*
*/
public class CredentialManagerImplTest {
private CredentialManagerImpl credentialManager;
private String masterPassword = "uber";
private DummyMasterPasswordProvider masterPasswordProvider;
private File credentialManagerDirectory;
private static UsernamePassword usernamePassword;
private static URI serviceURI;
private static Key privateKey;
private static Certificate[] privateKeyCertChain;
private static URL privateKeyFileURL = CredentialManagerImplTest.class.getResource(
"/security/test-private-key-cert.p12");
private static final String privateKeyAndPKCS12KeystorePassword = "test"; // password for the test PKCS#12 keystore in resources
private static X509Certificate trustedCertficate;
private static URL trustedCertficateFileURL = CredentialManagerImplTest.class.getResource(
"/security/google-trusted-certificate.pem");
private static Observer<KeystoreChangedEvent> keystoreChangedObserver;
/**
* @throws java.lang.Exception
*/
@BeforeClass
public static void setUpBeforeClass() throws Exception {
// Just in case, add the BouncyCastle provider
// It gets added from the CredentialManagerImpl constructor as well
// but we may need some crypto operations before we invoke the Cred. Manager
Security.addProvider(new BouncyCastleProvider());
// Create a test username and password for a service
serviceURI = new URI("http://someservice");
usernamePassword = new UsernamePassword("testuser", "testpasswd");
// Load the test private key and its certificate
File privateKeyCertFile = new File(privateKeyFileURL.getPath());
KeyStore pkcs12Keystore = java.security.KeyStore.getInstance("PKCS12", "BC"); // We have to use the BC provider here as the certificate chain is not loaded if we use whichever provider is first in Java!!!
FileInputStream inStream = new FileInputStream(privateKeyCertFile);
pkcs12Keystore.load(inStream, privateKeyAndPKCS12KeystorePassword.toCharArray());
// KeyStore pkcs12Keystore = credentialManager.loadPKCS12Keystore(privateKeyCertFile, privateKeyPassword);
Enumeration<String> aliases = pkcs12Keystore.aliases();
while (aliases.hasMoreElements()) {
// The test-private-key-cert.p12 file contains only one private key
// and corresponding certificate entry
String alias = aliases.nextElement();
if (pkcs12Keystore.isKeyEntry(alias)) { // is it a (private) key entry?
privateKey = pkcs12Keystore.getKey(alias,
privateKeyAndPKCS12KeystorePassword.toCharArray());
privateKeyCertChain = pkcs12Keystore.getCertificateChain(alias);
break;
}
}
inStream.close();
// Load the test trusted certificate (belonging to *.Google.com)
File trustedCertFile = new File(trustedCertficateFileURL.getPath());
inStream = new FileInputStream(trustedCertFile);
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
trustedCertficate = (X509Certificate) certFactory.generateCertificate(inStream);
try{
inStream.close();
}
catch (Exception e) {
// Ignore
}
keystoreChangedObserver = new Observer<KeystoreChangedEvent>() {
@Override
public void notify(Observable<KeystoreChangedEvent> sender,
KeystoreChangedEvent message) throws Exception {
// TODO Auto-generated method stub
}
};
}
/**
* @throws java.lang.Exception
*/
@Before
public void setUp() throws Exception {
try {
credentialManager = new CredentialManagerImpl();
} catch (CMException e) {
System.out.println(e.getStackTrace());
}
Random randomGenerator = new Random();
String credentialManagerDirectoryPath = System
.getProperty("java.io.tmpdir")
+ System.getProperty("file.separator")
+ "taverna-security-"
+ randomGenerator.nextInt(1000000);
System.out.println("Credential Manager's directory path: "
+ credentialManagerDirectoryPath);
credentialManagerDirectory = new File(credentialManagerDirectoryPath);
try {
credentialManager
.setConfigurationDirectoryPath(credentialManagerDirectory.toPath());
} catch (CMException e) {
System.out.println(e.getStackTrace());
}
// Create the dummy master password provider
masterPasswordProvider = new DummyMasterPasswordProvider();
masterPasswordProvider.setMasterPassword(masterPassword);
List<MasterPasswordProvider> masterPasswordProviders = new ArrayList<MasterPasswordProvider>();
masterPasswordProviders.add(masterPasswordProvider);
credentialManager.setMasterPasswordProviders(masterPasswordProviders);
// Set an empty list for service username and password providers
credentialManager.setServiceUsernameAndPasswordProviders(new ArrayList<ServiceUsernameAndPasswordProvider>());
credentialManager.setJavaTruststorePasswordProviders(new ArrayList<JavaTruststorePasswordProvider>());
credentialManager.setTrustConfirmationProviders(new ArrayList<TrustConfirmationProvider>());
}
@After
// Clean up the credentialManagerDirectory we created for testing
public void cleanUp(){
// assertTrue(credentialManagerDirectory.exists());
// assertFalse(credentialManagerDirectory.listFiles().length == 0); // something was created there
if (credentialManagerDirectory.exists()){
try {
FileUtils.deleteDirectory(credentialManagerDirectory);
System.out.println("Deleting Credential Manager's directory: "
+ credentialManagerDirectory.getAbsolutePath());
} catch (IOException e) {
System.out.println(e.getStackTrace());
}
}
}
/**
* Test method for {@link org.apache.taverna.security.credentialmanager.impl.CredentialManagerImpl#CredentialManagerImpl()}.
* @throws CMException
*/
@Test
public void testCredentialManagerImpl() throws CMException {
new CredentialManagerImpl();
}
/**
* Test method for {@link org.apache.taverna.security.credentialmanager.impl.CredentialManagerImpl#getUsernameAndPasswordForService(java.net.URI, boolean, java.lang.String)}.
* @throws URISyntaxException
* @throws CMException
*/
@Test
public void testGetUsernameAndPasswordForServiceURI() throws URISyntaxException, CMException {
// The Credential Manage's Keystore is empty so we should not be able to find anything initially
assertNull(credentialManager.getUsernameAndPasswordForService(serviceURI, false, ""));
credentialManager.addUsernameAndPasswordForService(usernamePassword,serviceURI);
UsernamePassword testUsernamePassword = credentialManager.getUsernameAndPasswordForService(serviceURI, false, "");
assertNotNull(testUsernamePassword);
assertTrue(Arrays.equals(usernamePassword.getPassword(), testUsernamePassword.getPassword()));
assertTrue(usernamePassword.getUsername().equals(testUsernamePassword.getUsername()));
}
/**
* Test method for {@link org.apache.taverna.security.credentialmanager.impl.CredentialManagerImpl#addUsernameAndPasswordForService(net.sf.taverna.t2.security.credentialmanager.UsernamePassword, java.net.URI)}.
* @throws URISyntaxException
* @throws CMException
*/
@Test
public void testAddUsernameAndPasswordForService() throws CMException, URISyntaxException {
String alias = credentialManager.addUsernameAndPasswordForService(usernamePassword,serviceURI);
UsernamePassword testUsernamePassword = credentialManager.getUsernameAndPasswordForService(serviceURI, false, "");
assertNotNull(testUsernamePassword);
assertTrue(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.KEYSTORE, alias));
assertTrue(Arrays.equals(usernamePassword.getPassword(), testUsernamePassword.getPassword()));
assertTrue(usernamePassword.getUsername().equals(testUsernamePassword.getUsername()));
}
/**
* Test method for {@link org.apache.taverna.security.credentialmanager.impl.CredentialManagerImpl#hasUsernamePasswordForService(java.net.URI)}.
* @throws CMException
*/
@Test
public void testHasUsernamePasswordForService() throws CMException {
UsernamePassword testUsernamePassword = credentialManager.getUsernameAndPasswordForService(serviceURI, false, "");
assertNull(testUsernamePassword);
String alias = credentialManager.addUsernameAndPasswordForService(usernamePassword,serviceURI);
testUsernamePassword = credentialManager.getUsernameAndPasswordForService(serviceURI, false, "");
assertNotNull(testUsernamePassword);
assertTrue(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.KEYSTORE, alias));
assertTrue(Arrays.equals(usernamePassword.getPassword(), testUsernamePassword.getPassword()));
assertTrue(usernamePassword.getUsername().equals(testUsernamePassword.getUsername()));
}
/**
* Test method for {@link org.apache.taverna.security.credentialmanager.impl.CredentialManagerImpl#deleteUsernameAndPasswordForService(java.net.URI)}.
* @throws URISyntaxException
* @throws CMException
*/
@Test
public void testDeleteUsernameAndPasswordForServiceURI() throws URISyntaxException, CMException {
// The Credential Manage's Keystore is empty initially so this should
// have no effect apart from initializing the Keystore/Truststore
credentialManager.deleteUsernameAndPasswordForService(serviceURI);
credentialManager.addUsernameAndPasswordForService(usernamePassword,serviceURI);
credentialManager.deleteUsernameAndPasswordForService(serviceURI);
assertNull(credentialManager.getUsernameAndPasswordForService(serviceURI, false, ""));
}
/**
* Test method for {@link org.apache.taverna.security.credentialmanager.impl.CredentialManagerImpl#addKeyPair(java.security.Key, java.security.cert.Certificate[])}.
* @throws CMException
* @throws KeyStoreException
* @throws NoSuchAlgorithmException
* @throws UnrecoverableKeyException
* @throws IOException
* @throws FileNotFoundException
* @throws CertificateException
*/
@Test
public void testAddKeyPair() throws CMException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
assertTrue(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
assertTrue(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.KEYSTORE, alias));
credentialManager.deleteKeyPair(alias);
assertFalse(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
assertFalse(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.KEYSTORE, alias));
}
/**
* Test method for {@link org.apache.taverna.security.credentialmanager.impl.CredentialManagerImpl#hasKeyPair(java.security.Key, java.security.cert.Certificate[])}.
* @throws CMException
* @throws KeyStoreException
* @throws NoSuchAlgorithmException
* @throws UnrecoverableKeyException
* @throws IOException
* @throws FileNotFoundException
* @throws CertificateException
*/
@Test
public void testHasKeyPair() throws CMException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
assertFalse(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
credentialManager.addKeyPair(privateKey, privateKeyCertChain);
assertTrue(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
}
/**
* Test method for {@link org.apache.taverna.security.credentialmanager.impl.CredentialManagerImpl#deleteKeyPair(java.lang.String)}.
* @throws CMException
* @throws KeyStoreException
* @throws NoSuchAlgorithmException
* @throws UnrecoverableKeyException
* @throws IOException
* @throws FileNotFoundException
* @throws CertificateException
*/
@Test
public void testDeleteKeyPair() throws CMException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
// The Credential Manage's Keystore is empty initially so this should
// have no effect apart from initializing the Keystore/Truststore
credentialManager.deleteKeyPair("somealias");
String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
credentialManager.deleteKeyPair(alias);
assertFalse(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.KEYSTORE, alias));
}
/**
* Test method for {@link org.apache.taverna.security.credentialmanager.impl.CredentialManagerImpl#deleteKeyPair(Key, Certificate[])}.
* @throws CMException
*/
@Test
public void testDeleteKeyPair2() throws CMException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
credentialManager.addKeyPair(privateKey, privateKeyCertChain);
assertTrue(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
credentialManager.deleteKeyPair(privateKey, privateKeyCertChain);
assertFalse(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
}
/**
* Test method for {@link org.apache.taverna.security.credentialmanager.impl.CredentialManagerImpl#exportKeyPair(java.lang.String, java.io.File, java.lang.String)}.
* @throws CMException
* @throws KeyStoreException
* @throws NoSuchAlgorithmException
* @throws UnrecoverableKeyException
*/
@Test
public void testExportKeyPair() throws CMException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException {
String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
File fileToExportTo = new File(credentialManagerDirectory, "test-export-key.p12");
credentialManager.exportKeyPair(alias, fileToExportTo.toPath(), privateKeyAndPKCS12KeystorePassword);
assertTrue(fileToExportTo.exists());
// Load it back from the file we just saved
KeyStore ks = credentialManager.loadPKCS12Keystore(fileToExportTo.toPath(), privateKeyAndPKCS12KeystorePassword);
Enumeration<String> aliases = ks.aliases();
Key newPrivateKey = null;
Certificate[] newPrivateKeyCerts = null;
while (aliases.hasMoreElements()) {
// The test-private-key-cert.p12 file contains only one private key
// and corresponding certificate entry
alias = aliases.nextElement();
if (ks.isKeyEntry(alias)) { // is it a (private) key entry?
newPrivateKey = ks.getKey(alias,
privateKeyAndPKCS12KeystorePassword.toCharArray());
newPrivateKeyCerts = ks.getCertificateChain(alias);
break;
}
}
assertNotNull(newPrivateKey);
assertNotNull(newPrivateKeyCerts);
//assertTrue(Arrays.equals(newPrivateKey.getEncoded(), privateKey.getEncoded()));
assertTrue(newPrivateKey.equals(privateKey));
assertTrue(Arrays.equals(newPrivateKeyCerts, privateKeyCertChain));
}
/**
* Test method for {@link org.apache.taverna.security.credentialmanager.impl.CredentialManagerImpl#getCertificate(java.lang.String, java.lang.String)}.
* @throws CMException
*/
@Test
public void testGetCertificate() throws CMException {
String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
// Get certificate from the Keystore associated with the private key we just inserted
Certificate privateKeyCertificate = credentialManager.getCertificate(CredentialManager.KeystoreType.KEYSTORE, alias);
assertNotNull(privateKeyCertificate);
assertTrue(privateKeyCertChain[0].equals(privateKeyCertificate));
// We should also have some trusted certificates in the Truststore
// Need to get their aliases
ArrayList<String> truststoreAliases = credentialManager.getAliases(CredentialManager.KeystoreType.TRUSTSTORE);
assertTrue(!truststoreAliases.isEmpty());
// Just get the first one
Certificate trustedCertificate = credentialManager.getCertificate(CredentialManager.KeystoreType.TRUSTSTORE, truststoreAliases.get(0));
assertNotNull(trustedCertificate);
}
/**
* Test method for {@link org.apache.taverna.security.credentialmanager.impl.CredentialManagerImpl#getKeyPairsCertificateChain(java.lang.String)}.
* @throws CMException
*/
@Test
public void testGetKeyPairCertificateChain() throws CMException {
String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
Certificate[] keyPairCertificateChain = credentialManager.getKeyPairsCertificateChain(alias);
assertNotNull(keyPairCertificateChain);
assertTrue(Arrays.equals(privateKeyCertChain, keyPairCertificateChain));
}
/**
* Test method for {@link org.apache.taverna.security.credentialmanager.impl.CredentialManagerImpl#getKeyPairsPrivateKey(java.lang.String)}.
* @throws CMException
*/
@Test
public void testGetKeyPairsPrivateKey() throws CMException {
String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
Key prvKey = credentialManager.getKeyPairsPrivateKey(alias);
assertNotNull(prvKey);
assertEquals(privateKey, prvKey);
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#addTrustedCertificate(java.security.cert.X509Certificate)}.
* @throws CMException
*/
@Test
public void testAddTrustedCertificate() throws CMException {
String alias = credentialManager.addTrustedCertificate(trustedCertficate);
assertTrue(credentialManager.hasTrustedCertificate(trustedCertficate));
assertTrue(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.TRUSTSTORE, alias));
credentialManager.deleteTrustedCertificate(alias);
assertFalse(credentialManager.hasTrustedCertificate(trustedCertficate));
assertFalse(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.TRUSTSTORE, alias));
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#createTrustedCertificateAlias(java.security.cert.X509Certificate)}.
* @throws CMException
*/
@Test
public void testGetX509CertificateAlias() throws CMException {
String alias = credentialManager.createTrustedCertificateAlias(trustedCertficate);
String alias2 = credentialManager.addTrustedCertificate(trustedCertficate);
assertEquals(alias, alias2);
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#deleteTrustedCertificate(java.lang.String)}.
* @throws CMException
*/
@Test
public void testDeleteTrustedCertificate() throws CMException {
// The Credential Manage's Truststore is empty initially so this should
// have no effect apart from initializing the Keystore/Truststore
credentialManager.deleteTrustedCertificate("somealias");
String alias = credentialManager.addTrustedCertificate(trustedCertficate);
assertTrue(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.TRUSTSTORE, alias));
credentialManager.deleteTrustedCertificate(alias);
assertFalse(credentialManager.hasTrustedCertificate(trustedCertficate));
assertFalse(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.TRUSTSTORE, alias));
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#deleteTrustedCertificate(X509Certificate)}.
* @throws CMException
*/
@Test
public void testDeleteTrustedCertificate2() throws CMException {
credentialManager.addTrustedCertificate(trustedCertficate);
assertTrue(credentialManager.hasTrustedCertificate(trustedCertficate));
credentialManager.deleteTrustedCertificate(trustedCertficate);
assertFalse(credentialManager.hasTrustedCertificate(trustedCertficate));
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#isKeyEntry(java.lang.String)}.
* @throws CMException
*/
@Test
public void testIsKeyEntry() throws CMException {
// The Credential Manage's Keystore/Truststore is empty initially so this should
// have no effect apart from initializing them
// This should throw an exception
assertFalse(credentialManager.isKeyEntry("somealias"));
String aliasPassword = credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI);
String aliasKeyPair = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
String aliasTrustedCert = credentialManager.addTrustedCertificate(trustedCertficate);
assertTrue(credentialManager.isKeyEntry(aliasPassword)); // passwords are saves as symmetric key entries
assertTrue(credentialManager.isKeyEntry(aliasKeyPair));
assertFalse(credentialManager.isKeyEntry(aliasTrustedCert));
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#hasEntryWithAlias(java.lang.String, java.lang.String)}.
* @throws CMException
*/
@Test
public void testHasEntryWithAlias() throws CMException {
String aliasTrustedCert = credentialManager.createTrustedCertificateAlias(trustedCertficate);
assertFalse(credentialManager.hasEntryWithAlias(KeystoreType.TRUSTSTORE, aliasTrustedCert));
String aliasTrustedCert2 = credentialManager.addTrustedCertificate(trustedCertficate);
assertTrue(credentialManager.hasEntryWithAlias(KeystoreType.TRUSTSTORE, aliasTrustedCert2));
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getAliases(net.sf.taverna.t2.security.credentialmanager.CredentialManager.KeystoreType)}.
* @throws CMException
*/
@Test
public void testGetAliases() throws CMException {
ArrayList<String> keystoreAliases = credentialManager.getAliases(KeystoreType.KEYSTORE);
ArrayList<String> truststoreAliases = credentialManager.getAliases(KeystoreType.TRUSTSTORE);
// Initially Keystore/Truststore is empty
assertTrue(keystoreAliases.isEmpty());
String aliasPassword = credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI);
String aliasKeyPair = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
String aliasTrustedCert = credentialManager.addTrustedCertificate(trustedCertficate);
keystoreAliases = credentialManager.getAliases(KeystoreType.KEYSTORE);
truststoreAliases = credentialManager.getAliases(KeystoreType.TRUSTSTORE);
assertTrue(keystoreAliases.size() == 2);
assertTrue(truststoreAliases.size() >= 1); // we at least have the one we inserted but could be more copied from Java's defauls truststore
assertTrue(keystoreAliases.contains(aliasPassword));
assertTrue(keystoreAliases.contains(aliasKeyPair));
assertTrue(truststoreAliases.contains(aliasTrustedCert));
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getServiceURIsForAllUsernameAndPasswordPairs()}.
* @throws CMException
* @throws URISyntaxException
*/
@Test
public void testGetServiceURIsForAllUsernameAndPasswordPairs() throws CMException, URISyntaxException {
// Initially empty so this
assertTrue(credentialManager.getServiceURIsForAllUsernameAndPasswordPairs().isEmpty());
credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI);
URI serviceURI2 = new URI("http://someservice2");
UsernamePassword usernamePassword2 = new UsernamePassword("testuser2", "testpasswd2");
credentialManager.addUsernameAndPasswordForService(usernamePassword2, serviceURI2);
List<URI> serviceURIs = credentialManager.getServiceURIsForAllUsernameAndPasswordPairs();
assertTrue(credentialManager.getServiceURIsForAllUsernameAndPasswordPairs().size() == 2);
assertTrue(serviceURIs.contains(serviceURI));
assertTrue(serviceURIs.contains(serviceURI2));
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#loadPKCS12Keystore(java.io.File, java.lang.String)}.
* @throws CMException
* @throws KeyStoreException
* @throws NoSuchAlgorithmException
* @throws UnrecoverableKeyException
*/
@Test
public void testLoadPKCS12Keystore() throws CMException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException {
KeyStore pkcs12Keystore = credentialManager.loadPKCS12Keystore(new File(privateKeyFileURL.getPath()).toPath(), privateKeyAndPKCS12KeystorePassword);
Key privateKey2 = null;
Certificate[] privateKeyCertChain2 = null;
Enumeration<String> aliases = pkcs12Keystore.aliases();
while (aliases.hasMoreElements()) {
// The test-private-key-cert.p12 file contains only one private key
// and corresponding certificate entry
String alias = aliases.nextElement();
if (pkcs12Keystore.isKeyEntry(alias)) { // is it a (private) key entry?
privateKey2 = pkcs12Keystore.getKey(alias,
privateKeyAndPKCS12KeystorePassword.toCharArray());
privateKeyCertChain2 = pkcs12Keystore.getCertificateChain(alias);
break;
}
}
assertNotNull(privateKey2);
assertNotNull(privateKeyCertChain2);
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#addObserver(net.sf.taverna.t2.lang.observer.Observer)}.
*/
@Test
public void testAddObserver() {
credentialManager.addObserver(keystoreChangedObserver);
assertEquals(keystoreChangedObserver, credentialManager.getObservers().get(0));
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getObservers()}.
*/
@Test
public void testGetObservers() {
// Initially there are no observers
assertTrue(credentialManager.getObservers().isEmpty());
credentialManager.addObserver(keystoreChangedObserver);
assertEquals(keystoreChangedObserver, credentialManager.getObservers().get(0));
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#removeObserver(net.sf.taverna.t2.lang.observer.Observer)}.
*/
@Test
public void testRemoveObserver() {
credentialManager.addObserver(keystoreChangedObserver);
assertTrue(credentialManager.getObservers().size() == 1);
credentialManager.removeObserver(keystoreChangedObserver);
assertTrue(credentialManager.getObservers().size() == 0);
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#confirmMasterPassword(java.lang.String)}.
* @throws CMException
*/
@Test
public void testConfirmMasterPassword() throws CMException {
credentialManager.confirmMasterPassword("uber");
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#changeMasterPassword(java.lang.String)}.
* @throws CMException
*/
@Test
public void testChangeMasterPassword() throws CMException {
// Test the changeMasterPassword() method first to see if
// it will initialize Credential Manager properly
credentialManager.changeMasterPassword("blah");
credentialManager.confirmMasterPassword("blah");
// Add new stuff - key pair and password entries - under the new master password
String keyPairAlias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI);
// Change the master password again and try to retrieve the private key and password
credentialManager.changeMasterPassword("hlab");
assertArrayEquals(credentialManager.getUsernameAndPasswordForService(serviceURI, false, "").getPassword(), usernamePassword.getPassword());
assertEquals(privateKey, credentialManager.getKeyPairsPrivateKey(keyPairAlias));
assertTrue(Arrays.equals(privateKeyCertChain, credentialManager.getKeyPairsCertificateChain(keyPairAlias)));
// Load the Credential Manager back from the saved file to see of entries will be picked up properly
CredentialManagerImpl credentialManagerNew = null;
try {
credentialManagerNew = new CredentialManagerImpl();
} catch (CMException e) {
System.out.println(e.getStackTrace());
}
try {
credentialManagerNew
.setConfigurationDirectoryPath(credentialManagerDirectory.toPath());
} catch (CMException e) {
System.out.println(e.getStackTrace());
}
// Create the dummy master password provider
masterPasswordProvider = new DummyMasterPasswordProvider();
masterPasswordProvider.setMasterPassword("hlab");
List<MasterPasswordProvider> masterPasswordProviders = new ArrayList<MasterPasswordProvider>();
masterPasswordProviders.add(masterPasswordProvider);
credentialManager.setMasterPasswordProviders(masterPasswordProviders);
// Set an empty list for service username and password providers
credentialManagerNew.setServiceUsernameAndPasswordProviders(new ArrayList<ServiceUsernameAndPasswordProvider>());
credentialManager.setJavaTruststorePasswordProviders(new ArrayList<JavaTruststorePasswordProvider>());
credentialManager.setTrustConfirmationProviders(new ArrayList<TrustConfirmationProvider>());
assertArrayEquals(credentialManager.getUsernameAndPasswordForService(serviceURI, false, "").getPassword(), usernamePassword.getPassword());
assertEquals(privateKey, credentialManager.getKeyPairsPrivateKey(keyPairAlias));
assertTrue(Arrays.equals(privateKeyCertChain, credentialManager.getKeyPairsCertificateChain(keyPairAlias)));
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#initializeSSL()}.
* @throws CMException
*/
@Test
public void testInitializeSSL() throws CMException {
//credentialManager.initializeSSL();
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getTavernaSSLSocketFactory()}.
* @throws CMException
*/
@Test
public void testGetTavernaSSLSocketFactory() throws CMException {
SSLSocketFactory sslSocketFactory = credentialManager.getTavernaSSLSocketFactory();
assertNotNull(sslSocketFactory);
// This should also create Taverna's SSLSocketFactory backed by Credential Manager's Keystore and Truststore
// if not already created
credentialManager.initializeSSL();
assertEquals(sslSocketFactory, credentialManager.getTavernaSSLSocketFactory());
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#setMasterPasswordProviders(java.util.List)}.
*/
@Test
public void testSetMasterPasswordProviders() {
List<MasterPasswordProvider> masterPasswordProviders = new ArrayList<MasterPasswordProvider>();
masterPasswordProviders.add(masterPasswordProvider);
credentialManager.setMasterPasswordProviders(masterPasswordProviders);
assertTrue(credentialManager.getMasterPasswordProviders().contains(masterPasswordProvider));
// Set it to null and see what happens
credentialManager.setMasterPasswordProviders(null);
assertNull(credentialManager.getMasterPasswordProviders());
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getMasterPasswordProviders()}.
*/
@Test
public void testGetMasterPasswordProviders() {
assertFalse(credentialManager.getMasterPasswordProviders().isEmpty());
assertTrue(credentialManager.getMasterPasswordProviders().contains(masterPasswordProvider));
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#setJavaTruststorePasswordProviders(java.util.List)}.
*/
@Test
public void testSetJavaTruststorePasswordProviders() {
List<JavaTruststorePasswordProvider> javaTruststorePasswordProviders = new ArrayList<JavaTruststorePasswordProvider>();
JavaTruststorePasswordProvider javaTruststorePasswordProvider = new DummyJavaTruststorePasswordProvider();
javaTruststorePasswordProvider.setJavaTruststorePassword("blah");
javaTruststorePasswordProviders.add(javaTruststorePasswordProvider);
credentialManager.setJavaTruststorePasswordProviders(javaTruststorePasswordProviders);
assertTrue(credentialManager.getJavaTruststorePasswordProviders().contains(javaTruststorePasswordProvider));
// Set it to null and see what happens
credentialManager.setJavaTruststorePasswordProviders(null);
assertNull(credentialManager.getJavaTruststorePasswordProviders());
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getJavaTruststorePasswordProviders()}.
*/
@Test
public void testGetJavaTruststorePasswordProviders() {
assertTrue(credentialManager.getJavaTruststorePasswordProviders().isEmpty());
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#setServiceUsernameAndPasswordProviders(java.util.List)}.
* @throws URISyntaxException
*/
@Test
public void testSetServiceUsernameAndPasswordProviders() throws URISyntaxException {
List<ServiceUsernameAndPasswordProvider> serviceUsernameAndPasswordProviders = new ArrayList<ServiceUsernameAndPasswordProvider>();
ServiceUsernameAndPasswordProvider serviceUsernameAndPasswordProvider = new DummyServiceUsernameAndPasswordProvider();
serviceUsernameAndPasswordProvider.setServiceUsernameAndPassword(new URI("http://someservice"), new UsernamePassword("blah", "blah"));
serviceUsernameAndPasswordProviders.add(serviceUsernameAndPasswordProvider);
credentialManager.setServiceUsernameAndPasswordProviders(serviceUsernameAndPasswordProviders);
assertTrue(credentialManager.getServiceUsernameAndPasswordProviders().contains(serviceUsernameAndPasswordProvider));
// Set it to null and see what happens
credentialManager.setServiceUsernameAndPasswordProviders(null);
assertNull(credentialManager.getServiceUsernameAndPasswordProviders());
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getServiceUsernameAndPasswordProviders()}.
*/
@Test
public void testGetServiceUsernameAndPasswordProviders() {
assertTrue(credentialManager.getServiceUsernameAndPasswordProviders().isEmpty());
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#setTrustConfirmationProviders(java.util.List)}.
* @throws IOException
*/
@Test
public void testSetTrustConfirmationProviders() throws IOException {
List<TrustConfirmationProvider> trustConfirmationProviders = new ArrayList<TrustConfirmationProvider>();
TrustConfirmationProvider trustConfirmationProvider = new TrustAlwaysTrustConfirmationProvider();
trustConfirmationProviders.add(trustConfirmationProvider);
credentialManager.setTrustConfirmationProviders(trustConfirmationProviders);
assertTrue(credentialManager.getTrustConfirmationProviders().contains(trustConfirmationProvider));
// Set it to null and see what happens
credentialManager.setTrustConfirmationProviders(null);
assertNull(credentialManager.getTrustConfirmationProviders());
}
/**
* Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getTrustConfirmationProviders()}.
*/
@Test
public void testGetTrustConfirmationProviders() {
assertTrue(credentialManager.getTrustConfirmationProviders().isEmpty());
}
}