View Javadoc

1   package com.atlassian.asap.core.keys;
2   
3   import com.atlassian.asap.api.exception.CannotRetrieveKeyException;
4   import org.junit.Test;
5   
6   import java.io.Reader;
7   import java.io.StringReader;
8   import java.math.BigInteger;
9   import java.security.interfaces.ECPrivateKey;
10  import java.security.interfaces.ECPublicKey;
11  import java.security.interfaces.RSAPrivateKey;
12  import java.security.interfaces.RSAPublicKey;
13  
14  import static org.hamcrest.MatcherAssert.assertThat;
15  import static org.hamcrest.Matchers.instanceOf;
16  import static org.junit.Assert.assertEquals;
17  
18  public class PemReaderTest {
19      public static final String RSA_PRIVATE_KEY = "-----BEGIN RSA PRIVATE KEY-----\n" +
20              "MIICXgIBAAKBgQDPpV0EjiFQ0ZEJ3m7Nyz+pmY+t2t2aqUe/uqW6PLvePe7b9/I0\n" +
21              "7Znz65koGidfmsZxy88waj1GO0y9nGwvZ5yicE8dfDId2GruMzgcSWJCmgJ/2/OH\n" +
22              "53KaYd9AXLI1ynl5rjwWy8KPrX8XhpTrlEo+Pu57Kc/LHlXL9ubs1sW6ZQIDAQAB\n" +
23              "AoGBAJJdyfeQCEPjtQzz0b8WacWvDOxLvrFqabzoYDGq5fJ+TYSYfg54/XBGvira\n" +
24              "ZK6rdv5335ANEywSWMG/JTM1Id7JVDI6/Mdbp2Wzu8slNcXUMqS9jb6WY/KlVrdq\n" +
25              "ZRhlinTjachnNtK9K2O3EdSxQb9aLwHNboOnu7qPvsBP+p3xAkEA8T7CP0KPpjKo\n" +
26              "adrfRo6RI1znivny3+oPPF/0ZnQ1h5vUCKVlRD899w0T71CyS2tIbPbgJ2UTFZ/2\n" +
27              "TjljVi3D0wJBANxYiF+WXe/+UnLLydnWDFW6I1fPgm5ZbySluqejIYS02O34KQXj\n" +
28              "VVNqif6TW/U+5KQ/Oayb4MNxkkxNmbw0fecCQQDaB1xLC/8Dt7jZooQ0Ilkt2qMw\n" +
29              "yWEl2UXXzOj3R4OxgbYJ8mEpYva/tsQTf50D6HvWbvB66jBrVNyoKdmLY2UdAkAs\n" +
30              "vl2S63nPzhj37qHidjCzB8U9g4m81rRXAMBSYjHgPMkAKbBK3crp0WyMIWg++LJ9\n" +
31              "F8miX1TY2ysWC3v4V8BpAkEAzwUaRygWfprUbYZLiTcqO3MaUEKvBnf+WswUqxkP\n" +
32              "jPu20i22yqAHpkqagruNMz9RHS4WCrYLVXHC0+lb1HlGQg==\n" +
33              "-----END RSA PRIVATE KEY-----";
34  
35      // generated with "openssl ecparam -name secp256k1 -genkey -noout"
36      public static final String EC_PRIVATE_KEY = "-----BEGIN EC PRIVATE KEY-----\n" +
37              "MHQCAQEEIOcCNQVWSNrUzvqkPQChzSm4ndoN2T0fr7YIh2+5uqgQoAcGBSuBBAAK\n" +
38              "oUQDQgAEE9qA2C6bKD+9h6qtuTwYM2yDWI35J6VYK4cTtTE/9rvhvvHuGp8moqeW\n" +
39              "dHBRsG2MdblU5+HXrH8FwOHc299UVQ==\n" +
40              "-----END EC PRIVATE KEY-----";
41  
42      public static final String RSA_PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----\n" +
43              "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPpV0EjiFQ0ZEJ3m7Nyz+pmY+t\n" +
44              "2t2aqUe/uqW6PLvePe7b9/I07Znz65koGidfmsZxy88waj1GO0y9nGwvZ5yicE8d\n" +
45              "fDId2GruMzgcSWJCmgJ/2/OH53KaYd9AXLI1ynl5rjwWy8KPrX8XhpTrlEo+Pu57\n" +
46              "Kc/LHlXL9ubs1sW6ZQIDAQAB\n" +
47              "-----END PUBLIC KEY-----";
48  
49      // generated from the private key using "openssl ec -in $PRIVATE_KEY -pubout -out $PUBLIC_KEY"
50      public static final String EC_PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----\n" +
51              "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEE9qA2C6bKD+9h6qtuTwYM2yDWI35J6VY\n" +
52              "K4cTtTE/9rvhvvHuGp8moqeWdHBRsG2MdblU5+HXrH8FwOHc299UVQ==\n" +
53              "-----END PUBLIC KEY-----";
54  
55      public static final String UNPARSEABLE_RSA_KEY = "-----BEGIN RSA PRIVATE KEY-----\n" +
56              "MIICXgIBAAKBgQDPpV0EjiFQ0ZEJ3m7Nyz+pmY+t2t2aqUe/uqW6PLvePe7b9/I0\n" +
57              "7Znz65koGidfmsZxy88waj1GO0y9nGwvZ5yicE8dfDId2GruMzgcSWJCmgJ/2/OH\n" +
58              "53KaYd9AXLI1ynl5rjwWy8KPrX8XhpTrlEo+Pu57Kc/LHlXL9ubs1sW6ZQIDAQAB\n" +
59              "AoGBAJJdyfeQCEPjtQzz0b8WacWvDOxLvrFqabzoYDGq5fJ+TYSYfg54/XBGvira\n" +
60              "THIS IS AN ERRONEOUS FILE\n" +                                           // <-- error
61              "adrfRo6RI1znivny3+oPPF/0ZnQ1h5vUCKVlRD899w0T71CyS2tIbPbgJ2UTFZ/2\n" +
62              "TjljVi3D0wJBANxYiF+WXe/+UnLLydnWDFW6I1fPgm5ZbySluqejIYS02O34KQXj\n" +
63              "VVNqif6TW/U+5KQ/Oayb4MNxkkxNmbw0fecCQQDaB1xLC/8Dt7jZooQ0Ilkt2qMw\n" +
64              "yWEl2UXXzOj3R4OxgbYJ8mEpYva/tsQTf50D6HvWbvB66jBrVNyoKdmLY2UdAkAs\n" +
65              "vl2S63nPzhj37qHidjCzB8U9g4m81rRXAMBSYjHgPMkAKbBK3crp0WyMIWg++LJ9\n" +
66              "F8miX1TY2ysWC3v4V8BpAkEAzwUaRygWfprUbYZLiTcqO3MaUEKvBnf+WswUqxkP\n" +
67              "jPu20i22yqAHpkqagruNMz9RHS4WCrYLVXHC0+lb1HlGQg==\n" +
68              "-----END RSA PRIVATE KEY-----";
69  
70      private PemReader pemReader = new PemReader();
71  
72      @Test
73      public void shouldReadRsaPrivateKey() throws Exception {
74          Reader reader = new StringReader(RSA_PRIVATE_KEY);
75          RSAPrivateKey privateKey = (RSAPrivateKey) pemReader.readPrivateKey(reader);
76  
77          assertEquals("PKCS#8", privateKey.getFormat());
78          assertEquals("RSA", privateKey.getAlgorithm());
79  
80          // we got this expected hex string by running "openssl rsa -text -in <private-key-pem-file-name>", and formatting the 'private exponent' hex output by stripping out the ':' characters
81          String expectedPrivateExponentHexString = "00925dc9f7900843e3b50cf3d1bf1669c5af0cec4bbeb16a69bce86031aae5f27e4d84987e0e78fd7046be2ada64aeab76fe77df900d132c1258c1bf25333521dec954323afcc75ba765b3bbcb2535c5d432a4bd8dbe9663f2a556b76a6518658a74e369c86736d2bd2b63b711d4b141bf5a2f01cd6e83a7bbba8fbec04ffa9df1";
82          BigInteger expectedPrivateExponent = new BigInteger(expectedPrivateExponentHexString, 16);
83  
84          assertEquals(expectedPrivateExponent, privateKey.getPrivateExponent());
85      }
86  
87      @Test
88      public void shouldReadRsaPublicKey() throws Exception {
89          Reader reader = new StringReader(RSA_PUBLIC_KEY);
90          RSAPublicKey publicKey = (RSAPublicKey) pemReader.readPublicKey(reader);
91  
92          // we got this expected hex string by running "openssl rsa -text -pubin -in <public-key-pem-file-name>", and formatting the 'modulus' hex output by stripping out the ':' characters
93          String expectedModulusHexString =
94                  "00cfa55d048e2150d19109de6ecdcb" +
95                  "3fa9998faddadd9aa947bfbaa5ba3c" +
96                  "bbde3deedbf7f234ed99f3eb99281a" +
97                  "275f9ac671cbcf306a3d463b4cbd9c" +
98                  "6c2f679ca2704f1d7c321dd86aee33" +
99                  "381c4962429a027fdbf387e7729a61" +
100                 "df405cb235ca7979ae3c16cbc28fad" +
101                 "7f178694eb944a3e3eee7b29cfcb1e" +
102                 "55cbf6e6ecd6c5ba65";
103 
104         BigInteger expectedModulus = new BigInteger(expectedModulusHexString, 16);
105 
106         // also from "openssl rsa -text -pubin -in <public-key-pem-file-name>"
107         BigInteger expectedPublicExponent = new BigInteger("65537");
108 
109         assertEquals(expectedModulus, publicKey.getModulus());
110         assertEquals(expectedPublicExponent, publicKey.getPublicExponent());
111 
112     }
113 
114     @Test
115     public void shouldReadEcPrivateKey() throws Exception {
116         Reader reader = new StringReader(EC_PRIVATE_KEY);
117         ECPrivateKey privateKey = (ECPrivateKey) pemReader.readPrivateKey(reader);
118 
119         assertEquals("PKCS#8", privateKey.getFormat());
120         assertEquals("ECDSA", privateKey.getAlgorithm());
121 
122         // we got this expected hex string by running "openssl ec -text -in $PRIVATE_KEY", and formatting the 'priv' hex output by stripping out the ':' characters
123         String expectedPrivateKeyHexString =
124                 "00e70235055648dad4cefaa43d00a1" +
125                 "cd29b89dda0dd93d1fafb608876fb9" +
126                 "baa810";
127         BigInteger expectedPrivateKey = new BigInteger(expectedPrivateKeyHexString, 16);
128 
129         assertEquals(expectedPrivateKey, privateKey.getS());
130     }
131 
132     @Test
133     public void shouldReadEcPublicKey() throws Exception {
134         Reader reader = new StringReader(EC_PUBLIC_KEY);
135 
136         assertThat(pemReader.readPublicKey(reader), instanceOf(ECPublicKey.class));
137     }
138 
139     @Test(expected = CannotRetrieveKeyException.class)
140     public void shouldFailToReadBadPrivateKey() throws Exception {
141         Reader reader = new StringReader(UNPARSEABLE_RSA_KEY);
142         pemReader.readPrivateKey(reader);
143     }
144 }