Improvement of test coverage of datasafe

datasafe-business/pom.xml

@@ -184,6 +184,12 @@
  <groupId>javax.xml.bind</groupId>
  <artifactId>jaxb-api</artifactId>
  </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.dataformat</groupId>
+ <artifactId>jackson-dataformat-yaml</artifactId>
+ <version>2.15.4</version>
+ <scope>test</scope>
+ </dependency>
  </dependencies>
 
  <build>

datasafe-business/src/test/java/de/adorsys/datasafe/business/impl/e2e/BasicFunctionalityIT.java

@@ -1,8 +1,14 @@
 package de.adorsys.datasafe.business.impl.e2e;
 
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
+import com.fasterxml.jackson.dataformat.yaml.YAMLGenerator;
+import com.google.common.io.Resources;
 import de.adorsys.datasafe.business.impl.service.DefaultDatasafeServices;
 import de.adorsys.datasafe.encrypiton.api.types.UserID;
 import de.adorsys.datasafe.encrypiton.api.types.UserIDAuth;
+import de.adorsys.datasafe.encrypiton.api.types.encryption.MutableEncryptionConfig;
 import de.adorsys.datasafe.storage.api.StorageService;
 import de.adorsys.datasafe.teststorage.WithStorageProvider;
 import de.adorsys.datasafe.types.api.actions.ListRequest;
@@ -21,11 +27,11 @@
 import lombok.extern.slf4j.Slf4j;
 import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.MethodSource;
+import org.junit.jupiter.params.provider.ValueSource;
 import org.testcontainers.shaded.com.google.common.collect.ImmutableSet;
 
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-import java.io.OutputStream;
+import java.io.*;
+import java.nio.charset.StandardCharsets;
 import java.security.UnrecoverableKeyException;
 import java.util.Arrays;
 import java.util.List;
@@ -54,6 +60,7 @@ class BasicFunctionalityIT extends BaseE2EIT {
 
  private StorageService storage;
  private Uri location;
+ private static ObjectMapper mapper = createMapper();
 
 
  /**
@@ -277,6 +284,37 @@ void testWriteToPrivateListPrivateReadPrivateAndSendToAndReadFromInbox(
  removeFromPrivate(jane, privateJane.getResource().asPrivate());
  removeFromInbox(john, inboxJohn.getResource().asPrivate());
  }
+ @ParameterizedTest
+ @MethodSource("allStorages")
+ void testWriteToPrivateListPrivateReadPrivateAndSendToAndReadFromInboxCustom( WithStorageProvider.StorageDescriptor descriptor) {
+ String yamlFixture = "config/mutable.yaml";
+ customInit(descriptor, yamlFixture);
+
+ registerJohnAndJane();
+
+ writeDataToPrivate(jane, PRIVATE_FILE_PATH, MESSAGE_ONE);
+
+ AbsoluteLocation<ResolvedResource> privateJane = getFirstFileInPrivate(jane);
+
+ String privateContentJane = readPrivateUsingPrivateKey(jane, privateJane.getResource().asPrivate());
+
+ sendToInbox(jane, john.getUserID(), SHARED_FILE_PATH, privateContentJane);
+
+ AbsoluteLocation<ResolvedResource> inboxJohn = getFirstFileInInbox(john);
+
+ String result = readInboxUsingPrivateKey(john, inboxJohn.getResource().asPrivate());
+
+ assertThat(result).isEqualTo(MESSAGE_ONE);
+ assertThat(privateJane.getResource().asPrivate().decryptedPath())
+ .extracting(Uri::toASCIIString).isEqualTo(PRIVATE_FILE_PATH);
+ assertThat(privateJane.getResource().asPrivate().encryptedPath())
+ .extracting(Uri::toASCIIString).isNotEqualTo(PRIVATE_FILE_PATH);
+ validateInboxStructAndEncryption(inboxJohn);
+ validatePrivateStructAndEncryption(privateJane);
+
+ removeFromPrivate(jane, privateJane.getResource().asPrivate());
+ removeFromInbox(john, inboxJohn.getResource().asPrivate());
+ }
 
  @ParameterizedTest
  @MethodSource("allStorages")
@@ -387,4 +425,28 @@ private void init(WithStorageProvider.StorageDescriptor descriptor) {
  this.location = descriptor.getLocation();
  this.storage = descriptor.getStorageService().get();
  }
+ private void customInit(WithStorageProvider.StorageDescriptor descriptor, String yamlFixture) {
+ MutableEncryptionConfig config = readResource(mapper, yamlFixture, MutableEncryptionConfig.class);
+ DefaultDatasafeServices datasafeServices = DatasafeServicesProvider
+ .customConfigDatasafeServices(descriptor.getStorageService().get(), descriptor.getLocation(), config);
+ initialize(DatasafeServicesProvider.dfsConfig(descriptor.getLocation()), datasafeServices);
+
+ this.location = descriptor.getLocation();
+ this.storage = descriptor.getStorageService().get();
+ }
+
+ private static <T> T readResource(ObjectMapper mapper, String path, Class<T> type) {
+ try (Reader reader = Resources.asCharSource(Resources.getResource(path), StandardCharsets.UTF_8).openStream()) {
+ return mapper.readValue(reader, type);
+ }
+ catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ private static ObjectMapper createMapper() {
+ ObjectMapper mapper = new ObjectMapper(new YAMLFactory().enable(YAMLGenerator.Feature.MINIMIZE_QUOTES));
+ mapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
+ return mapper;
+ }
 }

datasafe-business/src/test/java/de/adorsys/datasafe/business/impl/e2e/DatasafeServicesProvider.java

@@ -6,6 +6,7 @@
 import de.adorsys.datasafe.business.impl.service.VersionedDatasafeServices;
 import de.adorsys.datasafe.directory.api.config.DFSConfig;
 import de.adorsys.datasafe.directory.impl.profile.config.DefaultDFSConfig;
+import de.adorsys.datasafe.encrypiton.api.types.encryption.MutableEncryptionConfig;
 import de.adorsys.datasafe.storage.api.StorageService;
 import de.adorsys.datasafe.types.api.resource.Uri;
 import de.adorsys.datasafe.types.api.types.ReadStorePassword;
@@ -26,6 +27,14 @@ public static DefaultDatasafeServices defaultDatasafeServices(StorageService sto
  .storage(storageService)
  .build();
  }
+ public static DefaultDatasafeServices customConfigDatasafeServices(StorageService storageService, Uri systemRoot, MutableEncryptionConfig config) {
+ return DaggerDefaultDatasafeServices
+ .builder()
+ .config(dfsConfig(systemRoot))
+ .encryption(config.toEncryptionConfig())
+ .storage(storageService)
+ .build();
+ }
 
  public static VersionedDatasafeServices versionedDatasafeServices(StorageService storageService, Uri systemRoot) {
  return DaggerVersionedDatasafeServices

datasafe-business/src/test/resources/config/mutable.yaml

@@ -0,0 +1,30 @@
+---
+keystore:
+ type: BCFKS
+ encryptionAlgo: AES256_KWP
+ pbkdf:
+ scrypt:
+ cost: 16384
+ blockSize: 8
+ parallelization: 1
+ saltLength: 16
+ macAlgo: HmacSHA3_512
+ passwordKeysAlgo: PBEWithHmacSHA256AndAES_256
+keys:
+ encKeyNumber: 1
+ signKeyNumber: 2
+ secret:
+ algo: AES
+ size: 256
+ encrypting:
+ algo: RSA
+ size: 2048
+ sigAlgo: SHA256withRSA
+# curve: NULL
+ signing:
+ algo: RSA
+ size: 2048
+ sigAlgo: SHA256withRSA
+# curve: NULL
+cms:
+ algo: AES256_GCM

datasafe-encryption/datasafe-encryption-api/src/main/java/de/adorsys/datasafe/encrypiton/api/types/encryption/MutableEncryptionConfig.java

@@ -200,9 +200,9 @@ KeyCreationConfig.EncryptingKeyCreationCfg toEncryptingKeyCreationCfg() {
  builder.sigAlgo(sigAlgo);
  }
 
- if (null != curve) {
+
  builder.curve(curve);
- }
+
 
  return builder.build();
  }
@@ -231,9 +231,9 @@ KeyCreationConfig.SigningKeyCreationCfg toSigningKeyCreationCfg() {
  builder.sigAlgo(sigAlgo);
  }
 
- if (null != curve) {
+
  builder.curve(curve);
- }
+
 
  return builder.build();
  }

datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/cmsencryption/CmsEncryptionServiceImplTest.java

@@ -1,6 +1,11 @@
 package de.adorsys.datasafe.encrypiton.impl.cmsencryption;
 
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
+import com.fasterxml.jackson.dataformat.yaml.YAMLGenerator;
 import com.google.common.io.ByteStreams;
+import com.google.common.io.Resources;
 import de.adorsys.datasafe.encrypiton.api.cmsencryption.CMSEncryptionService;
 import de.adorsys.datasafe.encrypiton.api.keystore.KeyStoreService;
 import de.adorsys.datasafe.encrypiton.api.types.encryption.CmsEncryptionConfig;
@@ -28,17 +33,10 @@
 import org.junit.jupiter.api.BeforeAll;
 import org.junit.jupiter.api.Test;
 
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.io.RandomAccessFile;
+import java.io.*;
 import java.nio.MappedByteBuffer;
 import java.nio.channels.FileChannel;
+import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.nio.file.Paths;
 import java.security.Key;
@@ -145,6 +143,48 @@ void cmsStreamEnvelopeEncryptAndDecryptTest() {
 
  assertThat(TEST_MESSAGE_CONTENT).isEqualTo(new String(actualResult));
  }
+ @Test
+ @SneakyThrows
+ void cmsStreamEnvelopeEncryptAndDecryptTestCustom() {
+ ReadKeyPassword readKeyPassword = ReadKeyPasswordTestFactory.getForString("readkeypassword");
+ ReadStorePassword readStorePassword = new ReadStorePassword("readstorepassword");
+
+ KeyStoreAuth keyStoreAuth = new KeyStoreAuth(readStorePassword, readKeyPassword);
+ KeyCreationConfig config = KeyCreationConfig.builder()
+ .signing(KeyCreationConfig.SigningKeyCreationCfg.builder().algo("RSA").size(2048).sigAlgo( "SHA256withRSA").curve(null).build())
+ .encrypting(KeyCreationConfig.EncryptingKeyCreationCfg.builder().algo("RSA").size(2048).sigAlgo("SHA256withRSA").curve(null).build())
+ .build();
+
+ KeyStore keyStore = keyStoreService.createKeyStore(keyStoreAuth, config);
+ KeyStoreAccess keyStoreAccess = new KeyStoreAccess(keyStore, keyStoreAuth);
+
+ PublicKeyIDWithPublicKey publicKeyIDWithPublicKey = keyStoreService.getPublicKeys(keyStoreAccess).get(0);
+ ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
+
+ KeyStoreAccess keyStoreAccessSender = getKeyStoreAccess("Sender");
+
+ OutputStream encryptionStream = cmsEncryptionService.buildEncryptionOutputStream(
+ outputStream,
+ Collections.singleton(new PublicKeyIDWithPublicKey(
+ publicKeyIDWithPublicKey.getKeyID(),
+ publicKeyIDWithPublicKey.getPublicKey()
+ )),
+ getKeyPair(keyStoreAccessSender, "Sender")
+ );
+
+ encryptionStream.write(TEST_MESSAGE_CONTENT.getBytes());
+ encryptionStream.close();
+
+ byte[] byteArray = outputStream.toByteArray();
+
+ ByteArrayInputStream inputStream = new ByteArrayInputStream(byteArray);
+ InputStream decryptionStream = cmsEncryptionService.buildDecryptionInputStream(
+ inputStream, keyIds -> getKeys(keyIds, keyStoreAccess)
+ );
+ byte[] actualResult = toByteArray(decryptionStream);
+
+ assertThat(TEST_MESSAGE_CONTENT).isEqualTo(new String(actualResult));
+ }
 
  @Test
  @SneakyThrows

datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/keystore/KeyStoreAuthTest.java

@@ -13,8 +13,8 @@ class KeyStoreAuthTest extends BaseMockitoTest {
  @Test
  void noPasswords() {
  KeyStoreAuth keyStoreAuth = new KeyStoreAuth(null, null);
- assertThrows(KeyStoreAuthException.class, () -> keyStoreAuth.getReadKeyPassword());
- assertThrows(KeyStoreAuthException.class, () -> keyStoreAuth.getReadKeyPassword());
+ assertThrows(KeyStoreAuthException.class, keyStoreAuth::getReadKeyPassword);
+ assertThrows(KeyStoreAuthException.class, keyStoreAuth::getReadStorePassword);
  }
 
  @Test

datasafe-encryption/datasafe-encryption-impl/src/test/java/de/adorsys/datasafe/encrypiton/impl/keystore/KeyStoreServiceTest.java

@@ -26,6 +26,7 @@
 import javax.crypto.SecretKey;
 import java.security.KeyStore;
 import java.security.PrivateKey;
+import java.util.Arrays;
 import java.util.Collections;
 import java.util.List;
 
@@ -69,7 +70,24 @@ void createKeyStoreEmptyConfig() throws Exception {
  // One additional secret key being generated for path encryption and one for private doc encryption.
  Assertions.assertEquals(4, list.size());
  }
+ @Test
+ void updateKeyStoreReadKeyPassword() throws Exception {
+ KeyCreationConfig config = KeyCreationConfig.builder().signKeyNumber(0).encKeyNumber(1).build();
+ KeyStore keyStore = keyStoreService.createKeyStore(keyStoreAuth, config);
+ KeyStoreAuth newKeystoreAuth = new KeyStoreAuth(new ReadStorePassword("newstorepass"), new ReadKeyPassword("newkeypass".toCharArray()));
+ KeyStore updatedKeyStore = keyStoreService.updateKeyStoreReadKeyPassword(keyStore, keyStoreAuth, newKeystoreAuth);
+ Assertions.assertTrue(Arrays.equals("newkeypass".toCharArray(), newKeystoreAuth.getReadKeyPassword().getValue()));
+ }
+ @Test
+ void addPasswordBasedSecretKey() {
+ KeyStore keyStore = keyStoreService.createKeyStore(keyStoreAuth, KeyCreationConfig.builder().build());
+ KeyStoreAccess keyStoreAccess = new KeyStoreAccess(keyStore, keyStoreAuth);
 
+ keyStoreService.addPasswordBasedSecretKey(keyStoreAccess, "alias", "secret".toCharArray());
+ SecretKey secretKey = keyStoreService.getSecretKey(keyStoreAccess, new KeyID("alias"));
+
+ Assertions.assertEquals("secret", new String(secretKey.getEncoded()));
+ }
  @Test
  void getPublicKeys() {
  KeyStore keyStore = keyStoreService.createKeyStore(keyStoreAuth, KeyCreationConfig.builder().build());
@@ -119,4 +137,15 @@ void getSecretKey() {
  SecretKey secretKey = keyStoreService.getSecretKey(keyStoreAccess, keyID);
  Assertions.assertNotNull(secretKey);
  }
+ @Test
+ void removeKey() {
+ KeyCreationConfig config = KeyCreationConfig.builder().signKeyNumber(1).encKeyNumber(0).build();
+ KeyStore keyStore = keyStoreService.createKeyStore(keyStoreAuth, config);
+ KeyStoreAccess keyStoreAccess = new KeyStoreAccess(keyStore, keyStoreAuth);
+
+ KeyID keyID = KeystoreUtil.keyIdByPrefix(keyStore, DOCUMENT_KEY_ID_PREFIX);
+ keyStoreService.removeKey(keyStoreAccess, keyID.getValue());
+ SecretKey secretKey = keyStoreService.getSecretKey(keyStoreAccess, keyID);
+ Assertions.assertNull(secretKey);
+ }
 }

datasafe-simple-adapter/datasafe-simple-adapter-impl/pom.xml

@@ -73,6 +73,12 @@
  <artifactId>assertj-core</artifactId>
  <scope>test</scope>
  </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.dataformat</groupId>
+ <artifactId>jackson-dataformat-yaml</artifactId>
+ <version>2.15.4</version>
+ <scope>compile</scope>
+ </dependency>
  </dependencies>
 
  <build>