From 26674d82ed42d4f20526cd6c2ba91f355fb45583 Mon Sep 17 00:00:00 2001
From: Thendo20 <164035253+Thendo20@users.noreply.github.com>
Date: Wed, 10 Jul 2024 09:06:37 +0200
Subject: [PATCH] Improvement of test coverage of datasafe (#328)
* Added mutable encryption config to SimpleDatasafeServiceImpl
* Added mutable encryption config to BasicFunctionalityIT
* Added mutable encryption config to BasicFunctionalityIT
* Added removeKey test for KeyStoreService and made changes to KeyStoreAuthTest noPasswords test
* Added two new tests for KeyStoreService and one test for CmsEncryptionServiceImpl
* Added two new tests for KeyStoreService and one test for CmsEncryptionServiceImpl
* Added new test to KeyStoreServiceTest and change made to pom.xml
* Added test for PublicKeySerdeImpl class and tests for BucketAccessServiceImpl and DefaultDFSConfig
* fix for PublicKeySerdeImpl test
* Removed updateKeyStoreReadKeyPassword test
* fixes made
* fixes made
* fixes made
---
datasafe-business/pom.xml | 10 ++-
.../impl/e2e/BasicFunctionalityIT.java | 68 ++++++++++++++++++-
.../impl/e2e/DatasafeServicesProvider.java | 9 +++
.../src/test/resources/config/mutable.yaml | 30 ++++++++
.../dfs/BucketAccessServiceImplTest.java | 7 ++
.../profile/dfs/DefaultDFSConfigTest.java | 12 ++++
.../encryption/MutableEncryptionConfig.java | 8 +--
.../CmsEncryptionServiceImplTest.java | 58 +++++++++++++---
.../impl/keystore/KeyStoreAuthTest.java | 4 +-
.../impl/keystore/KeyStoreServiceTest.java | 33 +++++++++
.../impl/keystore/PublicKeySerdeImplTest.java | 56 +++++++++++++++
11 files changed, 276 insertions(+), 19 deletions(-)
create mode 100644 datasafe-business/src/test/resources/config/mutable.yaml
create mode 100644 datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/keystore/PublicKeySerdeImplTest.java
diff --git a/datasafe-business/pom.xml b/datasafe-business/pom.xml
index 2ea45d796..315a0f278 100644
--- a/datasafe-business/pom.xml
+++ b/datasafe-business/pom.xml
@@ -184,8 +184,13 @@
javax.xml.bind
jaxb-api
+
+ com.fasterxml.jackson.dataformat
+ jackson-dataformat-yaml
+ ${jackson.version}
+ test
+
-
@@ -226,6 +231,9 @@
javax.xml.bind:jaxb-api:jar
+ com.fasterxml.jackson.core:jackson-annotations
+ com.fasterxml.jackson.core:jackson-core
+ com.fasterxml.jackson.core:jackson-databind
javax.inject:javax.inject
com.amazonaws
org.bouncycastle
diff --git a/datasafe-business/src/test/java/de/adorsys/datasafe/business/impl/e2e/BasicFunctionalityIT.java b/datasafe-business/src/test/java/de/adorsys/datasafe/business/impl/e2e/BasicFunctionalityIT.java
index 511e7a50e..5dad99547 100644
--- a/datasafe-business/src/test/java/de/adorsys/datasafe/business/impl/e2e/BasicFunctionalityIT.java
+++ b/datasafe-business/src/test/java/de/adorsys/datasafe/business/impl/e2e/BasicFunctionalityIT.java
@@ -1,8 +1,14 @@
package de.adorsys.datasafe.business.impl.e2e;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
+import com.fasterxml.jackson.dataformat.yaml.YAMLGenerator;
+import com.google.common.io.Resources;
import de.adorsys.datasafe.business.impl.service.DefaultDatasafeServices;
import de.adorsys.datasafe.encrypiton.api.types.UserID;
import de.adorsys.datasafe.encrypiton.api.types.UserIDAuth;
+import de.adorsys.datasafe.encrypiton.api.types.encryption.MutableEncryptionConfig;
import de.adorsys.datasafe.storage.api.StorageService;
import de.adorsys.datasafe.teststorage.WithStorageProvider;
import de.adorsys.datasafe.types.api.actions.ListRequest;
@@ -21,11 +27,11 @@
import lombok.extern.slf4j.Slf4j;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.MethodSource;
+import org.junit.jupiter.params.provider.ValueSource;
import org.testcontainers.shaded.com.google.common.collect.ImmutableSet;
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-import java.io.OutputStream;
+import java.io.*;
+import java.nio.charset.StandardCharsets;
import java.security.UnrecoverableKeyException;
import java.util.Arrays;
import java.util.List;
@@ -54,6 +60,7 @@ class BasicFunctionalityIT extends BaseE2EIT {
private StorageService storage;
private Uri location;
+ private static ObjectMapper mapper = createMapper();
/**
@@ -277,6 +284,37 @@ void testWriteToPrivateListPrivateReadPrivateAndSendToAndReadFromInbox(
removeFromPrivate(jane, privateJane.getResource().asPrivate());
removeFromInbox(john, inboxJohn.getResource().asPrivate());
}
+ @ParameterizedTest
+ @MethodSource("allStorages")
+ void testWriteToPrivateListPrivateReadPrivateAndSendToAndReadFromInboxCustom( WithStorageProvider.StorageDescriptor descriptor) {
+ String yamlFixture = "config/mutable.yaml";
+ customInit(descriptor, yamlFixture);
+
+ registerJohnAndJane();
+
+ writeDataToPrivate(jane, PRIVATE_FILE_PATH, MESSAGE_ONE);
+
+ AbsoluteLocation privateJane = getFirstFileInPrivate(jane);
+
+ String privateContentJane = readPrivateUsingPrivateKey(jane, privateJane.getResource().asPrivate());
+
+ sendToInbox(jane, john.getUserID(), SHARED_FILE_PATH, privateContentJane);
+
+ AbsoluteLocation inboxJohn = getFirstFileInInbox(john);
+
+ String result = readInboxUsingPrivateKey(john, inboxJohn.getResource().asPrivate());
+
+ assertThat(result).isEqualTo(MESSAGE_ONE);
+ assertThat(privateJane.getResource().asPrivate().decryptedPath())
+ .extracting(Uri::toASCIIString).isEqualTo(PRIVATE_FILE_PATH);
+ assertThat(privateJane.getResource().asPrivate().encryptedPath())
+ .extracting(Uri::toASCIIString).isNotEqualTo(PRIVATE_FILE_PATH);
+ validateInboxStructAndEncryption(inboxJohn);
+ validatePrivateStructAndEncryption(privateJane);
+
+ removeFromPrivate(jane, privateJane.getResource().asPrivate());
+ removeFromInbox(john, inboxJohn.getResource().asPrivate());
+ }
@ParameterizedTest
@MethodSource("allStorages")
@@ -387,4 +425,28 @@ private void init(WithStorageProvider.StorageDescriptor descriptor) {
this.location = descriptor.getLocation();
this.storage = descriptor.getStorageService().get();
}
+ private void customInit(WithStorageProvider.StorageDescriptor descriptor, String yamlFixture) {
+ MutableEncryptionConfig config = readResource(mapper, yamlFixture, MutableEncryptionConfig.class);
+ DefaultDatasafeServices datasafeServices = DatasafeServicesProvider
+ .customConfigDatasafeServices(descriptor.getStorageService().get(), descriptor.getLocation(), config);
+ initialize(DatasafeServicesProvider.dfsConfig(descriptor.getLocation()), datasafeServices);
+
+ this.location = descriptor.getLocation();
+ this.storage = descriptor.getStorageService().get();
+ }
+
+ private static T readResource(ObjectMapper mapper, String path, Class type) {
+ try (Reader reader = Resources.asCharSource(Resources.getResource(path), StandardCharsets.UTF_8).openStream()) {
+ return mapper.readValue(reader, type);
+ }
+ catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ private static ObjectMapper createMapper() {
+ ObjectMapper mapper = new ObjectMapper(new YAMLFactory().enable(YAMLGenerator.Feature.MINIMIZE_QUOTES));
+ mapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
+ return mapper;
+ }
}
diff --git a/datasafe-business/src/test/java/de/adorsys/datasafe/business/impl/e2e/DatasafeServicesProvider.java b/datasafe-business/src/test/java/de/adorsys/datasafe/business/impl/e2e/DatasafeServicesProvider.java
index 2b06b3e91..6353bc7cd 100644
--- a/datasafe-business/src/test/java/de/adorsys/datasafe/business/impl/e2e/DatasafeServicesProvider.java
+++ b/datasafe-business/src/test/java/de/adorsys/datasafe/business/impl/e2e/DatasafeServicesProvider.java
@@ -6,6 +6,7 @@
import de.adorsys.datasafe.business.impl.service.VersionedDatasafeServices;
import de.adorsys.datasafe.directory.api.config.DFSConfig;
import de.adorsys.datasafe.directory.impl.profile.config.DefaultDFSConfig;
+import de.adorsys.datasafe.encrypiton.api.types.encryption.MutableEncryptionConfig;
import de.adorsys.datasafe.storage.api.StorageService;
import de.adorsys.datasafe.types.api.resource.Uri;
import de.adorsys.datasafe.types.api.types.ReadStorePassword;
@@ -26,6 +27,14 @@ public static DefaultDatasafeServices defaultDatasafeServices(StorageService sto
.storage(storageService)
.build();
}
+ public static DefaultDatasafeServices customConfigDatasafeServices(StorageService storageService, Uri systemRoot, MutableEncryptionConfig config) {
+ return DaggerDefaultDatasafeServices
+ .builder()
+ .config(dfsConfig(systemRoot))
+ .encryption(config.toEncryptionConfig())
+ .storage(storageService)
+ .build();
+ }
public static VersionedDatasafeServices versionedDatasafeServices(StorageService storageService, Uri systemRoot) {
return DaggerVersionedDatasafeServices
diff --git a/datasafe-business/src/test/resources/config/mutable.yaml b/datasafe-business/src/test/resources/config/mutable.yaml
new file mode 100644
index 000000000..61460e89b
--- /dev/null
+++ b/datasafe-business/src/test/resources/config/mutable.yaml
@@ -0,0 +1,30 @@
+---
+keystore:
+ type: BCFKS
+ encryptionAlgo: AES256_KWP
+ pbkdf:
+ scrypt:
+ cost: 16384
+ blockSize: 8
+ parallelization: 1
+ saltLength: 16
+ macAlgo: HmacSHA3_512
+ passwordKeysAlgo: PBEWithHmacSHA256AndAES_256
+keys:
+ encKeyNumber: 1
+ signKeyNumber: 2
+ secret:
+ algo: AES
+ size: 256
+ encrypting:
+ algo: RSA
+ size: 2048
+ sigAlgo: SHA256withRSA
+# curve:
+ signing:
+ algo: RSA
+ size: 2048
+ sigAlgo: SHA256withRSA
+# curve:
+cms:
+ algo: AES256_GCM
\ No newline at end of file
diff --git a/datasafe-directory/datasafe-directory-impl/src/test/java/de/adorsys/datasafe/directory/impl/profile/dfs/BucketAccessServiceImplTest.java b/datasafe-directory/datasafe-directory-impl/src/test/java/de/adorsys/datasafe/directory/impl/profile/dfs/BucketAccessServiceImplTest.java
index 2aa1091de..88c5d369f 100644
--- a/datasafe-directory/datasafe-directory-impl/src/test/java/de/adorsys/datasafe/directory/impl/profile/dfs/BucketAccessServiceImplTest.java
+++ b/datasafe-directory/datasafe-directory-impl/src/test/java/de/adorsys/datasafe/directory/impl/profile/dfs/BucketAccessServiceImplTest.java
@@ -4,6 +4,7 @@
import de.adorsys.datasafe.encrypiton.api.types.UserIDAuth;
import de.adorsys.datasafe.types.api.resource.BasePrivateResource;
import de.adorsys.datasafe.types.api.resource.BasePublicResource;
+import de.adorsys.datasafe.types.api.resource.Uri;
import de.adorsys.datasafe.types.api.shared.BaseMockitoTest;
import de.adorsys.datasafe.types.api.utils.ReadKeyPasswordTestFactory;
import org.junit.jupiter.api.Test;
@@ -35,4 +36,10 @@ void publicAccessFor() {
BasePublicResource.forAbsolutePublic(ABSOLUTE_BUCKET).getResource()).location().asURI()
).asString().isEqualTo(ABSOLUTE_BUCKET);
}
+ @Test
+ void withSystemAccess() {
+ assertThat(bucketAccessService.withSystemAccess(
+ BasePublicResource.forAbsolutePublic(ABSOLUTE_BUCKET)).location().asURI()
+ ).asString().isEqualTo(ABSOLUTE_BUCKET);
+ }
}
diff --git a/datasafe-directory/datasafe-directory-impl/src/test/java/de/adorsys/datasafe/directory/impl/profile/dfs/DefaultDFSConfigTest.java b/datasafe-directory/datasafe-directory-impl/src/test/java/de/adorsys/datasafe/directory/impl/profile/dfs/DefaultDFSConfigTest.java
index 95c9a57e1..d5916117a 100644
--- a/datasafe-directory/datasafe-directory-impl/src/test/java/de/adorsys/datasafe/directory/impl/profile/dfs/DefaultDFSConfigTest.java
+++ b/datasafe-directory/datasafe-directory-impl/src/test/java/de/adorsys/datasafe/directory/impl/profile/dfs/DefaultDFSConfigTest.java
@@ -1,7 +1,10 @@
package de.adorsys.datasafe.directory.impl.profile.dfs;
+import de.adorsys.datasafe.directory.api.types.CreateUserPublicProfile;
import de.adorsys.datasafe.directory.impl.profile.config.DefaultDFSConfig;
+import de.adorsys.datasafe.encrypiton.api.types.UserID;
import de.adorsys.datasafe.types.api.resource.Uri;
+import de.adorsys.datasafe.types.api.types.ReadStorePassword;
import lombok.SneakyThrows;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
@@ -38,5 +41,14 @@ public void checkUriWithSlash() {
Uri result2 = DefaultDFSConfig.addTrailingSlashIfNeeded(result1);
Assertions.assertEquals(new Uri(uriString + "/"), result2);
}
+ @Test
+ @SneakyThrows
+ public void createDefaultPublicTemplate() {
+ ReadStorePassword systemPassword = new ReadStorePassword("storePassword");
+ DefaultDFSConfig config = new DefaultDFSConfig(new URI(uriString), systemPassword);
+ CreateUserPublicProfile template = config.defaultPublicTemplate(new UserID("user1"));
+ Assertions.assertEquals(new UserID("user1"), template.getId());
+
+ }
}
diff --git a/datasafe-encryption/datasafe-encryption-api/src/main/java/de/adorsys/datasafe/encrypiton/api/types/encryption/MutableEncryptionConfig.java b/datasafe-encryption/datasafe-encryption-api/src/main/java/de/adorsys/datasafe/encrypiton/api/types/encryption/MutableEncryptionConfig.java
index 37f42ae24..7c13e358c 100644
--- a/datasafe-encryption/datasafe-encryption-api/src/main/java/de/adorsys/datasafe/encrypiton/api/types/encryption/MutableEncryptionConfig.java
+++ b/datasafe-encryption/datasafe-encryption-api/src/main/java/de/adorsys/datasafe/encrypiton/api/types/encryption/MutableEncryptionConfig.java
@@ -200,9 +200,9 @@ KeyCreationConfig.EncryptingKeyCreationCfg toEncryptingKeyCreationCfg() {
builder.sigAlgo(sigAlgo);
}
- if (null != curve) {
+
builder.curve(curve);
- }
+
return builder.build();
}
@@ -231,9 +231,9 @@ KeyCreationConfig.SigningKeyCreationCfg toSigningKeyCreationCfg() {
builder.sigAlgo(sigAlgo);
}
- if (null != curve) {
+
builder.curve(curve);
- }
+
return builder.build();
}
diff --git a/datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/cmsencryption/CmsEncryptionServiceImplTest.java b/datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/cmsencryption/CmsEncryptionServiceImplTest.java
index 3c0168b08..a46bd2a37 100644
--- a/datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/cmsencryption/CmsEncryptionServiceImplTest.java
+++ b/datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/cmsencryption/CmsEncryptionServiceImplTest.java
@@ -1,6 +1,11 @@
package de.adorsys.datasafe.encrypiton.impl.cmsencryption;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
+import com.fasterxml.jackson.dataformat.yaml.YAMLGenerator;
import com.google.common.io.ByteStreams;
+import com.google.common.io.Resources;
import de.adorsys.datasafe.encrypiton.api.cmsencryption.CMSEncryptionService;
import de.adorsys.datasafe.encrypiton.api.keystore.KeyStoreService;
import de.adorsys.datasafe.encrypiton.api.types.encryption.CmsEncryptionConfig;
@@ -28,17 +33,10 @@
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.io.RandomAccessFile;
+import java.io.*;
import java.nio.MappedByteBuffer;
import java.nio.channels.FileChannel;
+import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.Key;
@@ -145,6 +143,48 @@ void cmsStreamEnvelopeEncryptAndDecryptTest() {
assertThat(TEST_MESSAGE_CONTENT).isEqualTo(new String(actualResult));
}
+ @Test
+ @SneakyThrows
+ void cmsStreamEnvelopeEncryptAndDecryptTestCustom() {
+ ReadKeyPassword readKeyPassword = ReadKeyPasswordTestFactory.getForString("readkeypassword");
+ ReadStorePassword readStorePassword = new ReadStorePassword("readstorepassword");
+
+ KeyStoreAuth keyStoreAuth = new KeyStoreAuth(readStorePassword, readKeyPassword);
+ KeyCreationConfig config = KeyCreationConfig.builder()
+ .signing(KeyCreationConfig.SigningKeyCreationCfg.builder().algo("RSA").size(2048).sigAlgo( "SHA256withRSA").curve(null).build())
+ .encrypting(KeyCreationConfig.EncryptingKeyCreationCfg.builder().algo("RSA").size(2048).sigAlgo("SHA256withRSA").curve(null).build())
+ .build();
+
+ KeyStore keyStore = keyStoreService.createKeyStore(keyStoreAuth, config);
+ KeyStoreAccess keyStoreAccess = new KeyStoreAccess(keyStore, keyStoreAuth);
+
+ PublicKeyIDWithPublicKey publicKeyIDWithPublicKey = keyStoreService.getPublicKeys(keyStoreAccess).get(0);
+ ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
+
+ KeyStoreAccess keyStoreAccessSender = getKeyStoreAccess("Sender");
+
+ OutputStream encryptionStream = cmsEncryptionService.buildEncryptionOutputStream(
+ outputStream,
+ Collections.singleton(new PublicKeyIDWithPublicKey(
+ publicKeyIDWithPublicKey.getKeyID(),
+ publicKeyIDWithPublicKey.getPublicKey()
+ )),
+ getKeyPair(keyStoreAccessSender, "Sender")
+ );
+
+ encryptionStream.write(TEST_MESSAGE_CONTENT.getBytes());
+ encryptionStream.close();
+
+ byte[] byteArray = outputStream.toByteArray();
+
+ ByteArrayInputStream inputStream = new ByteArrayInputStream(byteArray);
+ InputStream decryptionStream = cmsEncryptionService.buildDecryptionInputStream(
+ inputStream, keyIds -> getKeys(keyIds, keyStoreAccess)
+ );
+ byte[] actualResult = toByteArray(decryptionStream);
+
+ assertThat(TEST_MESSAGE_CONTENT).isEqualTo(new String(actualResult));
+ }
@Test
@SneakyThrows
diff --git a/datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/keystore/KeyStoreAuthTest.java b/datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/keystore/KeyStoreAuthTest.java
index 0df5c8412..ba4ed0c55 100644
--- a/datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/keystore/KeyStoreAuthTest.java
+++ b/datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/keystore/KeyStoreAuthTest.java
@@ -13,8 +13,8 @@ class KeyStoreAuthTest extends BaseMockitoTest {
@Test
void noPasswords() {
KeyStoreAuth keyStoreAuth = new KeyStoreAuth(null, null);
- assertThrows(KeyStoreAuthException.class, () -> keyStoreAuth.getReadKeyPassword());
- assertThrows(KeyStoreAuthException.class, () -> keyStoreAuth.getReadKeyPassword());
+ assertThrows(KeyStoreAuthException.class, keyStoreAuth::getReadKeyPassword);
+ assertThrows(KeyStoreAuthException.class, keyStoreAuth::getReadStorePassword);
}
@Test
diff --git a/datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/keystore/KeyStoreServiceTest.java b/datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/keystore/KeyStoreServiceTest.java
index f6ac17bed..f61faf415 100644
--- a/datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/keystore/KeyStoreServiceTest.java
+++ b/datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/keystore/KeyStoreServiceTest.java
@@ -26,6 +26,7 @@
import javax.crypto.SecretKey;
import java.security.KeyStore;
import java.security.PrivateKey;
+import java.util.Arrays;
import java.util.Collections;
import java.util.List;
@@ -69,7 +70,28 @@ void createKeyStoreEmptyConfig() throws Exception {
// One additional secret key being generated for path encryption and one for private doc encryption.
Assertions.assertEquals(4, list.size());
}
+ @Test
+ void serializeAndDeserializeKeyStore() {
+ KeyStore keyStore = keyStoreService.createKeyStore(keyStoreAuth, KeyCreationConfig.builder().build());
+ ReadStorePassword password = new ReadStorePassword("storepass");
+
+ byte[] serializedKeyStore = keyStoreService.serialize(keyStore, password);
+ KeyStore deserializedKeyStore = keyStoreService.deserialize(serializedKeyStore, password);
+
+ Assertions.assertEquals(keyStore.getType(), deserializedKeyStore.getType());
+ Assertions.assertEquals(keyStore.getProvider(), deserializedKeyStore.getProvider());
+ }
+ @Test
+ void addPasswordBasedSecretKey() {
+ KeyStore keyStore = keyStoreService.createKeyStore(keyStoreAuth, KeyCreationConfig.builder().build());
+ KeyStoreAccess keyStoreAccess = new KeyStoreAccess(keyStore, keyStoreAuth);
+
+ keyStoreService.addPasswordBasedSecretKey(keyStoreAccess, "alias", "secret".toCharArray());
+ SecretKey secretKey = keyStoreService.getSecretKey(keyStoreAccess, new KeyID("alias"));
+
+ Assertions.assertEquals("secret", new String(secretKey.getEncoded()));
+ }
@Test
void getPublicKeys() {
KeyStore keyStore = keyStoreService.createKeyStore(keyStoreAuth, KeyCreationConfig.builder().build());
@@ -119,4 +141,15 @@ void getSecretKey() {
SecretKey secretKey = keyStoreService.getSecretKey(keyStoreAccess, keyID);
Assertions.assertNotNull(secretKey);
}
+ @Test
+ void removeKey() {
+ KeyCreationConfig config = KeyCreationConfig.builder().signKeyNumber(1).encKeyNumber(0).build();
+ KeyStore keyStore = keyStoreService.createKeyStore(keyStoreAuth, config);
+ KeyStoreAccess keyStoreAccess = new KeyStoreAccess(keyStore, keyStoreAuth);
+
+ KeyID keyID = KeystoreUtil.keyIdByPrefix(keyStore, DOCUMENT_KEY_ID_PREFIX);
+ keyStoreService.removeKey(keyStoreAccess, keyID.getValue());
+ SecretKey secretKey = keyStoreService.getSecretKey(keyStoreAccess, keyID);
+ Assertions.assertNull(secretKey);
+ }
}
diff --git a/datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/keystore/PublicKeySerdeImplTest.java b/datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/keystore/PublicKeySerdeImplTest.java
new file mode 100644
index 000000000..3d761cbdb
--- /dev/null
+++ b/datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/keystore/PublicKeySerdeImplTest.java
@@ -0,0 +1,56 @@
+package de.adorsys.datasafe.encrypiton.impl.keystore;
+
+import de.adorsys.datasafe.encrypiton.api.keystore.KeyStoreService;
+import de.adorsys.datasafe.encrypiton.api.types.encryption.EncryptionConfig;
+import de.adorsys.datasafe.encrypiton.api.types.encryption.KeyCreationConfig;
+import de.adorsys.datasafe.encrypiton.api.types.keystore.KeyStoreAccess;
+import de.adorsys.datasafe.encrypiton.api.types.keystore.KeyStoreAuth;
+import de.adorsys.datasafe.encrypiton.api.types.keystore.PublicKeyIDWithPublicKey;
+import de.adorsys.datasafe.types.api.shared.BaseMockitoTest;
+import de.adorsys.datasafe.types.api.types.ReadKeyPassword;
+import de.adorsys.datasafe.types.api.types.ReadStorePassword;
+import de.adorsys.datasafe.types.api.utils.ReadKeyPasswordTestFactory;
+import de.adorsys.keymanagement.juggler.services.DaggerBCJuggler;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.mockito.InjectMocks;
+
+import javax.inject.Inject;
+import java.security.KeyStore;
+import java.security.PublicKey;
+import java.util.Base64;
+import java.util.List;
+
+import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
+import static org.mockito.Mockito.mock;
+
+public class PublicKeySerdeImplTest extends BaseMockitoTest {
+ private final KeyStoreService keyStoreService = new KeyStoreServiceImpl(
+ EncryptionConfig.builder().build().getKeystore(),
+ DaggerBCJuggler.builder().build()
+ );
+
+ @Test
+ public void writeAndReadPubKey(){
+ ReadStorePassword readStorePassword = new ReadStorePassword("storepass");
+ ReadKeyPassword readKeyPassword = ReadKeyPasswordTestFactory.getForString("keypass");
+
+ KeyStoreAuth keyStoreAuth = new KeyStoreAuth(readStorePassword, readKeyPassword);
+ KeyCreationConfig config = KeyCreationConfig.builder().signKeyNumber(0).encKeyNumber(1).build();
+ KeyStore keyStore = keyStoreService.createKeyStore(keyStoreAuth, config);
+
+ KeyStoreAccess keyStoreAccess = new KeyStoreAccess(keyStore, keyStoreAuth);
+ PublicKeySerdeImpl publicKeySerde = new PublicKeySerdeImpl();
+
+ List publicKeys = keyStoreService.getPublicKeys(keyStoreAccess);
+
+ PublicKey publicKey = publicKeys.get(0).getPublicKey();
+ String encodedKey = publicKeySerde.writePubKey(publicKey);
+
+ assertThat(encodedKey).isEqualTo(Base64.getEncoder().encodeToString(publicKey.getEncoded()));
+
+ PublicKey readPublicKey = publicKeySerde.readPubKey(encodedKey);
+
+ assertThat(readPublicKey).isEqualTo(publicKey);
+ }
+}