package org.jruby.ext.openssl;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertSame;
import static org.junit.Assert.fail;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.security.Signature;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
/**
* @author kares
*/
public class SecurityHelperTest {
// @BeforeClass
public static void setBouncyCastleProvider() {
SecurityHelper.setBouncyCastleProvider();
}
private Provider savedProvider;
@Before
public void saveSecurityProvider() {
savedProvider = SecurityHelper.getSecurityProvider();
}
@After
public void restoreSecurityProvider() {
SecurityHelper.securityProvider = savedProvider;
}
public void disableSecurityProvider() {
SecurityHelper.securityProvider = null;
SecurityHelper.setBouncyCastleProvider = false;
}
@Test
public void injectCipherImpl() throws Exception {
SecurityHelper.addCipher("fake", CipherSpiFake.class);
javax.crypto.Cipher cipher = SecurityHelper.getCipher("fake");
assertEquals(cipher.getProvider(), savedProvider);
java.lang.reflect.Field spi = cipher.getClass().getDeclaredField("spi");
spi.setAccessible(true);
assertEquals(spi.get(cipher).getClass(), CipherSpiFake.class);
}
@Test
public void injectSignatureImpl() throws Exception {
SecurityHelper.addSignature("fake", SignatureSpiFake.class);
Signature signature = SecurityHelper.getSignature("fake");
assertEquals(signature.getProvider(), savedProvider);
assertEquals(signature.getClass(), SignatureSpiFake.class);
}
@Test
public void usesBouncyCastleSecurityProviderByDefault() {
assertNotNull(SecurityHelper.getSecurityProvider());
assertEquals("org.bouncycastle.jce.provider.BouncyCastleProvider",
SecurityHelper.getSecurityProvider().getClass().getName()
);
}
@Test
public void allowsToSetSecurityProvider() {
final Provider provider;
try {
Class providerClass = Class.forName("sun.security.provider.Sun");
provider = (Provider) providerClass.newInstance();
}
catch (Exception e) {
System.out.println("allowsToSetSecurityProvider() skipped due: " + e);
return;
}
SecurityHelper.setSecurityProvider(provider);
assertSame(provider, SecurityHelper.getSecurityProvider());
}
@Test
public void doesNotRegisterBouncyCastleSecurityProviderByDefault() {
SecurityHelper.getSecurityProvider();
assertNull(java.security.Security.getProvider("BC"));
}
@Test
public void registersSecurityProviderWhenRequested() {
SecurityHelper.setRegisterProvider(true);
try {
SecurityHelper.getSecurityProvider();
assertNotNull(java.security.Security.getProvider("BC"));
}
finally {
java.security.Security.removeProvider("BC");
SecurityHelper.setRegisterProvider(false);
}
}
// Standart java.security
@Test
public void testGetKeyFactory() throws Exception {
assertNotNull( SecurityHelper.getKeyFactory("RSA") );
assertNotNull( SecurityHelper.getKeyFactory("DSA") );
}
@Test
public void testGetKeyFactoryWithoutBC() throws Exception {
disableSecurityProvider();
assertNotNull( SecurityHelper.getKeyFactory("RSA") );
assertNotNull( SecurityHelper.getKeyFactory("DSA") );
}
@Test
public void testGetKeyFactoryThrows() throws Exception {
try {
SecurityHelper.getKeyFactory("USA");
fail();
}
catch (NoSuchAlgorithmException e) {
// OK
}
try {
SecurityHelper.getKeyFactory("USA", savedProvider);
fail();
}
catch (NoSuchAlgorithmException e) {
// OK
}
}
//
@Test
public void testGetKeyPairGenerator() throws Exception {
assertNotNull( SecurityHelper.getKeyPairGenerator("RSA") );
assertNotNull( SecurityHelper.getKeyPairGenerator("DSA") );
assertNotNull( SecurityHelper.getKeyPairGenerator("RSA", savedProvider) );
}
@Test
public void testGetKeyPairGeneratorWithoutBC() throws Exception {
disableSecurityProvider();
assertNotNull( SecurityHelper.getKeyPairGenerator("RSA") );
assertNotNull( SecurityHelper.getKeyPairGenerator("DSA") );
}
@Test
public void testGetKeyPairGeneratorThrows() throws Exception {
try {
SecurityHelper.getKeyPairGenerator("USA");
fail();
}
catch (NoSuchAlgorithmException e) {
// OK
}
try {
SecurityHelper.getKeyPairGenerator("USA", savedProvider);
fail();
}
catch (NoSuchAlgorithmException e) {
// OK
}
}
//
@Test
public void testGetKeyStore() throws Exception {
assertNotNull( SecurityHelper.getKeyStore("PKCS12") );
assertNotNull( SecurityHelper.getKeyStore("PKCS12", savedProvider) );
}
@Test
public void testGetKeyStoreWithoutBC() throws Exception {
disableSecurityProvider();
assertNotNull( SecurityHelper.getKeyStore("PKCS12") );
}
@Test
public void testGetKeyStoreThrows() throws Exception {
try {
SecurityHelper.getKeyStore("PKCS42");
fail();
}
catch (KeyStoreException e) {
// OK
}
try {
SecurityHelper.getKeyStore("PKCS42", savedProvider);
fail();
}
catch (KeyStoreException e) {
// OK
}
}
//
@Test
public void testGetMessageDigest() throws Exception {
assertNotNull( SecurityHelper.getMessageDigest("MD5") );
assertNotNull( SecurityHelper.getMessageDigest("SHA-1") );
assertNotNull( SecurityHelper.getMessageDigest("MD5", savedProvider) );
}
@Test
public void testGetMessageDigestWithoutBC() throws Exception {
disableSecurityProvider();
assertNotNull( SecurityHelper.getMessageDigest("MD5") );
assertNotNull( SecurityHelper.getMessageDigest("SHA-1") );
}
@Test
public void testGetMessageDigestThrows() throws Exception {
try {
SecurityHelper.getMessageDigest("XXL");
fail();
}
catch (NoSuchAlgorithmException e) {
// OK
}
try {
SecurityHelper.getMessageDigest("XXL", savedProvider);
fail();
}
catch (NoSuchAlgorithmException e) {
// OK
}
}
//
@Test
public void testGetSignature() throws Exception {
assertNotNull( SecurityHelper.getSignature("NONEwithRSA") );
assertNotNull( SecurityHelper.getSignature("NONEwithRSA", savedProvider) );
}
@Test
public void testGetSignatureWithoutBC() throws Exception {
disableSecurityProvider();
assertNotNull( SecurityHelper.getSignature("NONEwithRSA") );
}
@Test
public void testGetSignatureThrows() throws Exception {
try {
SecurityHelper.getSignature("SOMEwithRSA");
fail();
}
catch (NoSuchAlgorithmException e) {
// OK
}
try {
SecurityHelper.getSignature("SOMEwithRSA", savedProvider);
fail();
}
catch (NoSuchAlgorithmException e) {
// OK
}
}
//
@Test
public void testGetCertificateFactory() throws Exception {
assertNotNull( SecurityHelper.getCertificateFactory("X.509") );
assertNotNull( SecurityHelper.getCertificateFactory("X.509", savedProvider) );
}
@Test
public void testGetCertificateFactoryWithoutBC() throws Exception {
disableSecurityProvider();
assertNotNull( SecurityHelper.getCertificateFactory("X.509") );
}
@Test
public void testGetCertificateFactoryThrows() throws Exception {
try {
SecurityHelper.getCertificateFactory("X.510");
fail();
}
catch (CertificateException e) {
// OK
}
try {
SecurityHelper.getCertificateFactory("X.510", savedProvider);
fail();
}
catch (CertificateException e) {
// OK
}
}
@Test
public void testGetSecureRandom() throws Exception {
assertNotNull( SecurityHelper.getSecureRandom() );
}
// JCE
@Test
public void testGetCipher() throws Exception {
assertNotNull( SecurityHelper.getCipher("DES") );
assertNotNull( SecurityHelper.getCipher("AES") );
assertNotNull( SecurityHelper.getCipher("DES/CBC/PKCS5Padding") );
}
@Test
public void testGetCipherBC() throws Exception {
assertNotNull( SecurityHelper.getCipher("AES", savedProvider) );
assertNotNull( SecurityHelper.getCipher("DES/CBC/PKCS5Padding", savedProvider) );
}
@Test
public void testGetCipherWithoutBC() throws Exception {
disableSecurityProvider();
assertNotNull( SecurityHelper.getCipher("DES") );
assertNotNull( SecurityHelper.getCipher("AES") );
}
@Test
public void testGetSecretKeyFactory() throws Exception {
assertNotNull( SecurityHelper.getSecretKeyFactory("DES") );
assertNotNull( SecurityHelper.getSecretKeyFactory("DESede", savedProvider) );
}
@Test
public void testGetSecretKeyFactoryWithoutBC() throws Exception {
disableSecurityProvider();
assertNotNull( SecurityHelper.getSecretKeyFactory("DES") );
assertNotNull( SecurityHelper.getSecretKeyFactory("DESede") );
}
@Test
public void testGetSecretKeyFactoryThrows() throws Exception {
try {
SecurityHelper.getSecretKeyFactory("MESS");
fail();
}
catch (NoSuchAlgorithmException e) {
// OK
}
try {
SecurityHelper.getSecretKeyFactory("MESS", savedProvider);
fail();
}
catch (NoSuchAlgorithmException e) {
// OK
}
}
//
@Test
public void testGetMac() throws Exception {
assertNotNull( SecurityHelper.getMac("HmacMD5") );
assertNotNull( SecurityHelper.getMac("HmacSHA1") );
assertNotNull( SecurityHelper.getMac("HmacMD5", savedProvider) );
}
@Test
public void testGetMacWithoutBC() throws Exception {
disableSecurityProvider();
assertNotNull( SecurityHelper.getMac("HMacMD5") );
}
@Test
public void testGetMacThrows() throws Exception {
try {
SecurityHelper.getMac("HmacMDX");
fail();
}
catch (NoSuchAlgorithmException e) {
// OK
}
try {
SecurityHelper.getMac("HmacMDX", savedProvider);
fail();
}
catch (NoSuchAlgorithmException e) {
// OK
}
}
//
@Test
public void testGetKeyGenerator() throws Exception {
assertNotNull( SecurityHelper.getKeyGenerator("AES") );
assertNotNull( SecurityHelper.getKeyGenerator("AES", savedProvider) );
}
@Test
public void testGetKeyGeneratorWithoutBC() throws Exception {
disableSecurityProvider();
assertNotNull( SecurityHelper.getKeyGenerator("AES") );
}
@Test
public void testGetKeyGeneratorThrows() throws Exception {
try {
SecurityHelper.getKeyGenerator("AMD");
fail();
}
catch (NoSuchAlgorithmException e) {
// OK
}
try {
SecurityHelper.getKeyGenerator("AMD", savedProvider);
fail();
}
catch (NoSuchAlgorithmException e) {
// OK
}
}
@Test
public void testCertificateFactoryProviderStaysConstant() throws Exception {
Provider[] registeredProviders = Security.getProviders();
try {
// clear previous providers
for (Provider provider : registeredProviders) Security.removeProvider(provider.getName());
CertificateFactory certFactory1 = SecurityHelper.getCertificateFactory("X.509");
CertificateFactory certFactory2 = SecurityHelper.getCertificateFactory("X.509");
assertSame(certFactory1.getProvider(), certFactory2.getProvider());
} finally {
// clear any added by the test
for (Provider provider : Security.getProviders()) Security.removeProvider(provider.getName());
// restore previous providers
for (Provider provider : registeredProviders) Security.addProvider(provider);
}
}
}