1 13 14 package se.anatom.ejbca.protect; 15 16 import java.security.cert.X509Certificate ; 17 import java.util.ArrayList ; 18 import java.util.Date ; 19 import java.util.Iterator ; 20 import java.util.Random ; 21 22 import javax.naming.Context ; 23 import javax.naming.NamingException ; 24 25 import junit.framework.TestCase; 26 27 import org.apache.log4j.Logger; 28 import org.ejbca.core.ejb.ca.store.CertificateDataBean; 29 import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionHome; 30 import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionRemote; 31 import org.ejbca.core.ejb.protect.TableProtectSessionHome; 32 import org.ejbca.core.ejb.protect.TableProtectSessionRemote; 33 import org.ejbca.core.model.ca.crl.RevokedCertInfo; 34 import org.ejbca.core.model.ca.store.CertificateInfo; 35 import org.ejbca.core.model.log.Admin; 36 import org.ejbca.core.model.log.LogEntry; 37 import org.ejbca.core.model.protect.TableVerifyResult; 38 import org.ejbca.util.Base64; 39 import org.ejbca.util.CertTools; 40 41 46 public class TestProtect extends TestCase { 47 private static Logger log = Logger.getLogger(TestProtect.class); 48 49 private TableProtectSessionRemote cacheAdmin = null; 50 51 private static TableProtectSessionHome cacheHome = null; 52 53 private static ArrayList entrys = null; 54 55 private Admin admin = new Admin(Admin.TYPE_INTERNALUSER); 56 57 62 public TestProtect(String name) { 63 super(name); 64 } 65 66 protected void setUp() throws Exception { 67 log.debug(">setUp()"); 68 CertTools.installBCProvider(); 69 if (cacheAdmin == null) { 70 if (cacheHome == null) { 71 Context jndiContext = getInitialContext(); 72 Object obj1 = jndiContext.lookup("TableProtectSession"); 73 cacheHome = (TableProtectSessionHome) javax.rmi.PortableRemoteObject.narrow(obj1, TableProtectSessionHome.class); 74 75 } 76 cacheAdmin = cacheHome.create(); 77 } 78 if (entrys == null) createLogEntrys(); 79 log.debug("<setUp()"); 80 } 81 82 protected void tearDown() throws Exception { 83 } 84 85 private Context getInitialContext() throws NamingException { 86 log.debug(">getInitialContext"); 87 Context ctx = new javax.naming.InitialContext (); 88 log.debug("<getInitialContext"); 89 return ctx; 90 } 91 92 private void createLogEntrys() { 93 entrys = new ArrayList (); 94 Random rand = new Random (); 95 LogEntry le1 = new LogEntry(rand.nextInt(),Admin.TYPE_INTERNALUSER, "12345", -1, LogEntry.MODULE_CA, new Date (2), "foo", "123456", LogEntry.EVENT_ERROR_ADDEDENDENTITY, "foo comment 1"); 96 LogEntry le2 = new LogEntry(rand.nextInt(),Admin.TYPE_INTERNALUSER, "12345", -1, LogEntry.MODULE_CA, new Date (3), "foo", "123456", LogEntry.EVENT_ERROR_ADDEDENDENTITY, "foo comment 2"); 97 LogEntry le3 = new LogEntry(rand.nextInt(),Admin.TYPE_INTERNALUSER, "12345", -1, LogEntry.MODULE_CA, new Date (4), "foo", "123456", LogEntry.EVENT_ERROR_ADDEDENDENTITY, "foo comment 3"); 98 LogEntry le4 = new LogEntry(rand.nextInt(),Admin.TYPE_INTERNALUSER, "12345", -1, LogEntry.MODULE_CA, new Date (5), "foo", "123456", LogEntry.EVENT_ERROR_ADDEDENDENTITY, "foo comment 4"); 99 LogEntry le5 = new LogEntry(rand.nextInt(),Admin.TYPE_INTERNALUSER, "12345", -1, LogEntry.MODULE_CA, new Date (6), "foo", "123456", LogEntry.EVENT_ERROR_ADDEDENDENTITY, "foo comment 5"); 100 entrys.add(le1); 101 entrys.add(le2); 102 entrys.add(le3); 103 entrys.add(le4); 104 entrys.add(le5); 105 } 106 107 112 public void test01ProtectLogEntry() throws Exception { 113 log.debug(">test01ProtectLogEntry()"); 114 Iterator iter = entrys.iterator(); 115 while (iter.hasNext()) { 116 LogEntry le = (LogEntry)iter.next(); 117 cacheAdmin.protect(admin, le); 118 } 119 log.debug("<test01ProtectLogEntry()"); 120 } 121 122 127 public void test02VerifyLogEntry() throws Exception { 128 log.debug(">test02VerifyLogEntry()"); 129 Iterator iter = entrys.iterator(); 130 while (iter.hasNext()) { 131 LogEntry le = (LogEntry)iter.next(); 132 TableVerifyResult res = cacheAdmin.verify(le); 133 assertEquals(res.getResultCode(), TableVerifyResult.VERIFY_SUCCESS); 134 } 135 LogEntry le = (LogEntry)entrys.get(2); 136 LogEntry le1 = new LogEntry(le.getId(), le.getAdminType(), le.getAdminData(), le.getCAId(), le.getModule(), le.getTime(), le.getUsername(), le.getCertificateSNR(), le.getEvent(), "modified"); 137 entrys.set(2, le1); 138 iter = entrys.iterator(); 139 while (iter.hasNext()) { 140 LogEntry le2 = (LogEntry)iter.next(); 141 TableVerifyResult res = cacheAdmin.verify(le2); 142 if (le2.getId() == le.getId()) { 143 assertEquals(res.getResultCode(), TableVerifyResult.VERIFY_FAILED); 144 } else { 145 assertEquals(res.getResultCode(), TableVerifyResult.VERIFY_SUCCESS); 146 } 147 } 148 le1 = new LogEntry(le.getId(), le.getAdminType(), le.getAdminData(), le.getCAId(), le.getModule(), le.getTime(), le.getUsername(), le.getCertificateSNR(), le.getEvent(), le.getComment()); 149 entrys.set(2, le1); 150 le = (LogEntry)entrys.get(3); 151 le1 = new LogEntry(le.getId(), le.getAdminType(), le.getAdminData(), le.getCAId(), le.getModule(), le.getTime(), le.getUsername(), le.getCertificateSNR(), LogEntry.EVENT_INFO_CAEDITED, le.getComment()); 152 entrys.set(3, le1); 153 iter = entrys.iterator(); 154 while (iter.hasNext()) { 155 LogEntry le2 = (LogEntry)iter.next(); 156 TableVerifyResult res = cacheAdmin.verify(le2); 157 if (le2.getId() == le.getId()) { 158 assertEquals(res.getResultCode(), TableVerifyResult.VERIFY_FAILED); 159 } else { 160 assertEquals(res.getResultCode(), TableVerifyResult.VERIFY_SUCCESS); 161 } 162 } 163 le1 = new LogEntry(le.getId(), le.getAdminType(), le.getAdminData(), le.getCAId(), le.getModule(), le.getTime(), le.getUsername(), le.getCertificateSNR(), le.getEvent(), le.getComment()); 164 entrys.set(3, le1); 165 le = (LogEntry)entrys.get(4); 166 le1 = new LogEntry(le.getId(), le.getAdminType(), le.getAdminData(), le.getCAId(), le.getModule(), new Date (), le.getUsername(), le.getCertificateSNR(), LogEntry.EVENT_INFO_CAEDITED, le.getComment()); 167 entrys.set(4, le1); 168 iter = entrys.iterator(); 169 while (iter.hasNext()) { 170 LogEntry le2 = (LogEntry)iter.next(); 171 TableVerifyResult res = cacheAdmin.verify(le2); 172 if (le2.getId() == le.getId()) { 173 assertEquals(res.getResultCode(), TableVerifyResult.VERIFY_FAILED); 174 } else { 175 assertEquals(res.getResultCode(), TableVerifyResult.VERIFY_SUCCESS); 176 } 177 } 178 179 log.debug("<test02VerifyLogEntry()"); 180 } 181 182 187 public void test03VerifyCertEntry() throws Exception { 188 log.debug(">test03VerifyCertEntry()"); 189 Context ctx = getInitialContext(); 190 Object obj2 = ctx.lookup("CertificateStoreSession"); 191 ICertificateStoreSessionHome storehome = (ICertificateStoreSessionHome) javax.rmi.PortableRemoteObject.narrow(obj2, 192 ICertificateStoreSessionHome.class); 193 ICertificateStoreSessionRemote store = storehome.create(); 194 X509Certificate cert = CertTools.getCertfromByteArray(testcert); 195 String endEntityFp = CertTools.getFingerprintAsString(cert); 196 if (store.findCertificateByFingerprint(admin, endEntityFp) == null) { 197 store.storeCertificate(admin 198 , cert 199 , "o=AnaTom,c=SE" 200 , endEntityFp 201 , CertificateDataBean.CERT_ACTIVE 202 , CertificateDataBean.CERTTYPE_ENDENTITY); 203 } 204 CertificateInfo entry = store.getCertificateInfo(admin, endEntityFp); 205 entry.setFingerprint("1"); 206 cacheAdmin.protect(admin, entry); 207 TableVerifyResult res = cacheAdmin.verify(entry); 208 assertEquals(res.getResultCode(), TableVerifyResult.VERIFY_SUCCESS); 209 entry.setStatus(RevokedCertInfo.REVOKATION_REASON_AACOMPROMISE); 210 res = cacheAdmin.verify(entry); 211 assertEquals(res.getResultCode(), TableVerifyResult.VERIFY_FAILED); 212 cacheAdmin.protect(admin, entry); 213 res = cacheAdmin.verify(entry); 214 assertEquals(res.getResultCode(), TableVerifyResult.VERIFY_SUCCESS); 215 entry.setRevocationDate(new Date ()); 216 res = cacheAdmin.verify(entry); 217 assertEquals(res.getResultCode(), TableVerifyResult.VERIFY_FAILED); 218 219 log.debug("<test03VerifyCertEntry()"); 220 } 221 222 227 public void test04VerifyCertEntryExternal() throws Exception { 228 log.debug(">test04VerifyCertEntryExternal()"); 229 String dataSource = "java:/EjbcaDS"; 230 Context ctx = getInitialContext(); 231 Object obj2 = ctx.lookup("CertificateStoreSession"); 232 ICertificateStoreSessionHome storehome = (ICertificateStoreSessionHome) javax.rmi.PortableRemoteObject.narrow(obj2, 233 ICertificateStoreSessionHome.class); 234 ICertificateStoreSessionRemote store = storehome.create(); 235 X509Certificate cert = CertTools.getCertfromByteArray(testcert); 236 String endEntityFp = CertTools.getFingerprintAsString(cert); 237 if (store.findCertificateByFingerprint(admin, endEntityFp) == null) { 238 store.storeCertificate(admin 239 , cert 240 , "o=AnaTom,c=SE" 241 , endEntityFp 242 , CertificateDataBean.CERT_ACTIVE 243 , CertificateDataBean.CERTTYPE_ENDENTITY); 244 } 245 CertificateInfo entry = store.getCertificateInfo(admin, endEntityFp); 246 entry.setFingerprint("2"); 247 cacheAdmin.protectExternal(admin, entry, dataSource); 248 TableVerifyResult res = cacheAdmin.verify(entry); 249 assertEquals(res.getResultCode(), TableVerifyResult.VERIFY_SUCCESS); 250 entry.setStatus(RevokedCertInfo.REVOKATION_REASON_AACOMPROMISE); 251 res = cacheAdmin.verify(entry); 252 assertEquals(res.getResultCode(), TableVerifyResult.VERIFY_FAILED); 253 cacheAdmin.protectExternal(admin, entry, dataSource); 254 res = cacheAdmin.verify(entry); 255 assertEquals(res.getResultCode(), TableVerifyResult.VERIFY_SUCCESS); 256 entry.setRevocationDate(new Date ()); 257 res = cacheAdmin.verify(entry); 258 assertEquals(res.getResultCode(), TableVerifyResult.VERIFY_FAILED); 259 260 log.debug("<test04VerifyCertEntryExternal()"); 261 } 262 263 static byte[] testcert = Base64.decode(("MIICBDCCAW0CAQMwDQYJKoZIhvcNAQEEBQAwTDELMAkGA1UEBhMCU0UxEzARBgNV" 264 + "BAgTClNvbWUtU3RhdGUxDzANBgNVBAoTBkFuYXRvbTEXMBUGA1UEAxMOU3Vib3Jk" 265 + "aW5hdGUgQ0EwHhcNMDMwOTIyMDkxNTEzWhcNMTMwNDIyMDkxNTEzWjBJMQswCQYD" 266 + "VQQGEwJTRTETMBEGA1UECBMKU29tZS1TdGF0ZTEPMA0GA1UEChMGQW5hdG9tMRQw" 267 + "EgYDVQQDEwtGb29CYXIgVXNlcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA" 268 + "xPpmVYVBzlGJxUfZa6IsHsk+HrMTbHWr/EUkiZIam95t+0SIFZHUers2PIv+GWVp" 269 + "TmH/FTXNWVWw+W6bFlb17rfbatAkVfAYuBGRh+nUS/CPTPNw1jDeCuZRweD+DCNr" 270 + "icx/svv0Hi/9scUqrADwtO2O7oBy7Lb/Vfa6BOnBdiECAwEAATANBgkqhkiG9w0B" 271 + "AQQFAAOBgQAo5RzuUkLdHdAyJIG2IRptIJDOa0xq8eH2Duw9Xa3ieI9+ogCNaqWy" 272 + "V5Oqx2lLsdn9CXxAwT/AsqwZ0ZFOJY1V2BgLTPH+vxnPOm0Xu61fl2XLtRBAycva" 273 + "9iknwKZ3PCILvA5qjL9VedxiFhcG/p83SnPOrIOdsHykMTvO8/j8mA==").getBytes()); 274 } 275 | Popular Tags |