View Javadoc

1   package com.atlassian.asap.core.keys;
2   
3   import com.atlassian.asap.api.exception.CannotRetrieveKeyException;
4   import com.atlassian.asap.core.SecurityProvider;
5   import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
6   import org.junit.Test;
7   
8   import java.io.IOException;
9   import java.io.StringReader;
10  import java.io.StringWriter;
11  import java.nio.charset.StandardCharsets;
12  import java.security.KeyPairGenerator;
13  import java.security.PrivateKey;
14  import java.security.Provider;
15  import java.security.PublicKey;
16  import java.util.Base64;
17  
18  import static com.atlassian.asap.api.AlgorithmType.ECDSA;
19  import static com.atlassian.asap.api.AlgorithmType.RSA;
20  import static com.atlassian.asap.core.keys.DataUriKeyReader.DATA_URI_PEM_HEADER;
21  import static com.atlassian.asap.core.keys.DataUriKeyReader.DATA_URI_PKCS8_HEADER;
22  import static org.hamcrest.Matchers.is;
23  import static org.junit.Assert.assertThat;
24  
25  public class DataUriKeyReaderTest {
26      private static final Provider PROVIDER = SecurityProvider.getProvider();
27  
28      private static final String PKCS_KEY_PREFIX = DATA_URI_PKCS8_HEADER + "kid=identifier;base64,";
29      private static final String PEM_KEY_PREFIX = DATA_URI_PEM_HEADER + "kid=identifier;base64,";
30  
31      @Test
32      public void shouldReadRsaPrivateKey() throws Exception {
33          KeyPairGenerator rsaGenerator = KeyPairGenerator.getInstance(RSA.algorithmName(), PROVIDER);
34          PrivateKey privateKey = rsaGenerator.generateKeyPair().getPrivate();
35          String privateKeyData = Base64.getEncoder().encodeToString(privateKey.getEncoded());
36  
37          PrivateKey decodedPrivateKey = new DataUriKeyReader(PROVIDER).readPrivateKey(new StringReader(PKCS_KEY_PREFIX + privateKeyData));
38  
39          assertThat(decodedPrivateKey.getFormat(), is(privateKey.getFormat()));
40          assertThat(decodedPrivateKey.getEncoded(), is(privateKey.getEncoded()));
41          assertThat(decodedPrivateKey.getAlgorithm(), is(privateKey.getAlgorithm()));
42      }
43  
44      @Test
45      public void shouldReadRsaPublicKey() throws Exception {
46          KeyPairGenerator rsaGenerator = KeyPairGenerator.getInstance(RSA.algorithmName(), PROVIDER);
47          PublicKey publicKey = rsaGenerator.generateKeyPair().getPublic();
48          String publicKeyData = Base64.getEncoder().encodeToString(convertToPemData(publicKey));
49  
50          PublicKey decodedPublicKey = new DataUriKeyReader(PROVIDER).readPublicKey(new StringReader(PEM_KEY_PREFIX + publicKeyData));
51  
52          assertThat(decodedPublicKey.getFormat(), is(publicKey.getFormat()));
53          assertThat(decodedPublicKey.getEncoded(), is(publicKey.getEncoded()));
54          assertThat(decodedPublicKey.getAlgorithm(), is(publicKey.getAlgorithm()));
55      }
56  
57      @Test
58      public void shouldReadEcdsaPrivateKey() throws Exception {
59          KeyPairGenerator rsaGenerator = KeyPairGenerator.getInstance(ECDSA.algorithmName(), PROVIDER);
60          PrivateKey privateKey = rsaGenerator.generateKeyPair().getPrivate();
61          String privateKeyData = Base64.getEncoder().encodeToString(privateKey.getEncoded());
62  
63          PrivateKey decodedPrivateKey = new DataUriKeyReader(PROVIDER).readPrivateKey(new StringReader(PKCS_KEY_PREFIX + privateKeyData));
64  
65          assertThat(decodedPrivateKey.getFormat(), is(privateKey.getFormat()));
66          assertThat(decodedPrivateKey.getEncoded(), is(privateKey.getEncoded()));
67          assertThat(decodedPrivateKey.getAlgorithm(), is(privateKey.getAlgorithm()));
68      }
69  
70      @Test
71      public void shouldReadEcdsaPublicKey() throws Exception {
72          KeyPairGenerator rsaGenerator = KeyPairGenerator.getInstance(ECDSA.algorithmName(), PROVIDER);
73          PublicKey publicKey = rsaGenerator.generateKeyPair().getPublic();
74          String publicKeyData = Base64.getEncoder().encodeToString(convertToPemData(publicKey));
75  
76          PublicKey decodedPublicKey = new DataUriKeyReader(PROVIDER).readPublicKey(new StringReader(PEM_KEY_PREFIX + publicKeyData));
77  
78          assertThat(decodedPublicKey.getFormat(), is(publicKey.getFormat()));
79          assertThat(decodedPublicKey.getEncoded(), is(publicKey.getEncoded()));
80          assertThat(decodedPublicKey.getAlgorithm(), is(ECDSA.name()));
81      }
82  
83      @Test(expected = CannotRetrieveKeyException.class)
84      public void shouldThrowExceptionForUnsupportedPrivateKeyDataUri() throws Exception {
85          new DataUriKeyReader(PROVIDER).readPrivateKey(new StringReader("data:image/gif;base64,R0lGODlhyAAiALMsGLHJgSDYGFTFafas=="));
86      }
87  
88      @Test(expected = CannotRetrieveKeyException.class)
89      public void shouldThrowExceptionForUnsupportedPublicKeyDataUri() throws Exception {
90          new DataUriKeyReader(PROVIDER).readPublicKey(new StringReader("data:image/gif;base64,R0lGODlhyAAiALMsGLHJgSDYGFTFafas=="));
91      }
92  
93      @Test(expected = CannotRetrieveKeyException.class)
94      public void shouldThrowExceptionForBadPrivateKeyData() throws Exception {
95          new DataUriKeyReader(PROVIDER).readPrivateKey(new StringReader(DATA_URI_PKCS8_HEADER + "R0lGODlhyAAiALMsGLHJgSDYGFTFafas=="));
96      }
97  
98      @Test(expected = CannotRetrieveKeyException.class)
99      public void shouldThrowExceptionForBadPublicKeyData() throws Exception {
100         new DataUriKeyReader(PROVIDER).readPublicKey(new StringReader(DATA_URI_PEM_HEADER + "R0lGODlhyAAiALMsGLHJgSDYGFTFafas=="));
101     }
102 
103     private byte[] convertToPemData(PublicKey publicKey) throws IOException {
104         StringWriter stringWriter = new StringWriter();
105         JcaPEMWriter pemWriter = new JcaPEMWriter(stringWriter);
106         pemWriter.writeObject(publicKey);
107         pemWriter.close();
108         return stringWriter.toString().getBytes(StandardCharsets.US_ASCII);
109     }
110 }