org.signserver.server.cryptotokens.KeystoreCryptoTokenTestBase.java Source code

Introduction

Here is the source code for org.signserver.server.cryptotokens.KeystoreCryptoTokenTestBase.java

Source

/*************************************************************************
 *                                                                       *
 *  SignServer: The OpenSource Automated Signing Server                  *
 *                                                                       *
 *  This software is free software; you can redistribute it and/or       *
 *  modify it under the terms of the GNU Lesser General Public           *
 *  License as published by the Free Software Foundation; either         *
 *  version 2.1 of the License, or any later version.                    *
 *                                                                       *
 *  See terms of license at gnu.org.                                     *
 *                                                                       *
 *************************************************************************/
package org.signserver.server.cryptotokens;

import java.math.BigInteger;
import java.security.KeyPair;
import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import static junit.framework.TestCase.assertEquals;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.X509v3CertificateBuilder;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.bouncycastle.util.encoders.Base64;
import org.signserver.common.Base64SignerCertReqData;
import org.signserver.common.GlobalConfiguration;
import org.signserver.common.KeyTestResult;
import org.signserver.common.PKCS10CertReqInfo;
import org.signserver.ejb.interfaces.IGlobalConfigurationSession;
import org.signserver.ejb.interfaces.IWorkerSession;
import org.signserver.test.utils.builders.CryptoUtils;
import org.signserver.testutils.ModulesTestCase;

/**
 * Abstract base class containing utility methods for the keystore crypto token
 * tests.
 * 
 * @author Marcus Lundblad
 * @version $Id: KeystoreCryptoTokenTestBase.java 5545 2014-12-04 13:01:44Z malu9369 $
 */
public abstract class KeystoreCryptoTokenTestBase extends ModulesTestCase {

    protected final IWorkerSession workerSession = getWorkerSession();
    protected final IGlobalConfigurationSession globalSession = getGlobalSession();
    protected static final String pin = "foo123";

    protected void cmsSigner(final int workerId) throws Exception {
        cmsSigner(workerId, true);
    }

    protected void cmsSigner(final int workerId, final boolean expectActive) throws Exception {
        // Generate CSR
        PKCS10CertReqInfo certReqInfo = new PKCS10CertReqInfo("SHA1WithRSA", "CN=Worker" + workerId, null);
        Base64SignerCertReqData reqData = (Base64SignerCertReqData) getWorkerSession()
                .getCertificateRequest(workerId, certReqInfo, false);

        // Issue certificate
        PKCS10CertificationRequest csr = new PKCS10CertificationRequest(Base64.decode(reqData.getBase64CertReq()));
        KeyPair issuerKeyPair = CryptoUtils.generateRSA(512);
        X509CertificateHolder cert = new X509v3CertificateBuilder(new X500Name("CN=TestP11 Issuer"), BigInteger.ONE,
                new Date(), new Date(System.currentTimeMillis() + TimeUnit.DAYS.toMillis(365)), csr.getSubject(),
                csr.getSubjectPublicKeyInfo())
                        .build(new JcaContentSignerBuilder("SHA256WithRSA").setProvider("BC")
                                .build(issuerKeyPair.getPrivate()));

        // Install certificate and chain
        workerSession.uploadSignerCertificate(workerId, cert.getEncoded(), GlobalConfiguration.SCOPE_GLOBAL);
        workerSession.uploadSignerCertificateChain(workerId, Arrays.asList(cert.getEncoded()),
                GlobalConfiguration.SCOPE_GLOBAL);
        workerSession.reloadConfiguration(workerId);

        if (expectActive) {
            // Test active
            List<String> errors = workerSession.getStatus(workerId).getFatalErrors();
            assertEquals("errors: " + errors, 0, errors.size());
        }

        // Test signing
        signGenericDocument(workerId, "Sample data".getBytes());
    }

    protected Set<String> getKeyAliases(final int workerId) throws Exception {
        Collection<KeyTestResult> testResults = workerSession.testKey(workerId, "all", pin.toCharArray());
        final HashSet<String> results = new HashSet<String>();
        for (KeyTestResult testResult : testResults) {
            results.add(testResult.getAlias());
        }
        return results;
    }
}