use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.
the class PossibleActionsRuleEngineTest method getPossibleKeyActionGenerateSignCsr.
@Test
public void getPossibleKeyActionGenerateSignCsr() {
TokenInfo tokenInfo;
EnumSet<PossibleActionEnum> actions;
// basic happy case
tokenInfo = new TokenTestUtils.TokenInfoBuilder().active(true).key(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.SIGNING).available(true).build()).build();
actions = getPossibleKeyActions(tokenInfo);
assertTrue(actions.contains(PossibleActionEnum.GENERATE_SIGN_CSR));
assertFalse(actions.contains(PossibleActionEnum.GENERATE_AUTH_CSR));
// generate is possible is usage = null (undefined)
tokenInfo = new TokenTestUtils.TokenInfoBuilder().active(true).key(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(null).available(true).build()).build();
actions = getPossibleKeyActions(tokenInfo);
assertTrue(actions.contains(PossibleActionEnum.GENERATE_SIGN_CSR));
// not possible if usage = auth
tokenInfo = new TokenTestUtils.TokenInfoBuilder().active(true).key(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.AUTHENTICATION).available(true).build()).build();
actions = getPossibleKeyActions(tokenInfo);
assertFalse(actions.contains(PossibleActionEnum.GENERATE_SIGN_CSR));
// not possible if key unavailable
tokenInfo = new TokenTestUtils.TokenInfoBuilder().active(true).key(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.SIGNING).available(false).build()).build();
actions = getPossibleKeyActions(tokenInfo);
assertFalse(actions.contains(PossibleActionEnum.GENERATE_SIGN_CSR));
// not possible if token inactive
tokenInfo = new TokenTestUtils.TokenInfoBuilder().active(false).key(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.SIGNING).available(true).build()).build();
actions = getPossibleKeyActions(tokenInfo);
assertFalse(actions.contains(PossibleActionEnum.GENERATE_SIGN_CSR));
}
use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.
the class PossibleActionsRuleEngineTest method getPossibleKeyActionEditFriendlyName.
@Test
public void getPossibleKeyActionEditFriendlyName() {
TokenInfo unsaved = new TokenTestUtils.TokenInfoBuilder().key(new TokenTestUtils.KeyInfoBuilder().cert(new CertificateTestUtils.CertificateInfoBuilder().savedToConfiguration(false).build()).build()).build();
TokenInfo saved = new TokenTestUtils.TokenInfoBuilder().key(new TokenTestUtils.KeyInfoBuilder().cert(new CertificateTestUtils.CertificateInfoBuilder().savedToConfiguration(true).build()).build()).build();
EnumSet<PossibleActionEnum> actions = getPossibleKeyActions(saved);
assertTrue(actions.contains(PossibleActionEnum.EDIT_FRIENDLY_NAME));
actions = getPossibleKeyActions(unsaved);
assertTrue(actions.contains(PossibleActionEnum.EDIT_FRIENDLY_NAME));
}
use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.
the class PossibleActionsRuleEngineTest method createTestToken.
/**
* Create a specific token-key combination
*/
private TokenInfo createTestToken(boolean tokenSaved, boolean tokenReadOnly, boolean tokenActive, boolean keyNotSupported) {
CertificateInfo cert = new CertificateTestUtils.CertificateInfoBuilder().savedToConfiguration(tokenSaved).build();
String tokenId;
KeyUsageInfo usage;
if (keyNotSupported) {
tokenId = PossibleActionsRuleEngine.SOFTWARE_TOKEN_ID + 1;
usage = KeyUsageInfo.AUTHENTICATION;
} else {
tokenId = PossibleActionsRuleEngine.SOFTWARE_TOKEN_ID;
usage = KeyUsageInfo.AUTHENTICATION;
}
KeyInfo key = new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(usage).cert(cert).build();
TokenInfo tokenInfo = new TokenTestUtils.TokenInfoBuilder().readOnly(tokenReadOnly).active(tokenActive).key(key).id(tokenId).build();
return tokenInfo;
}
use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.
the class PossibleActionsRuleEngineTest method getPossibleCertificateActionRegister.
@Test
public void getPossibleCertificateActionRegister() {
TokenInfo tokenInfo = new TokenTestUtils.TokenInfoBuilder().build();
assertTrue(possibleActionsRuleEngine.getPossibleCertificateActions(tokenInfo, new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.AUTHENTICATION).build(), new CertificateTestUtils.CertificateInfoBuilder().certificateStatus(CertificateInfo.STATUS_SAVED).build()).contains(PossibleActionEnum.REGISTER));
assertFalse(possibleActionsRuleEngine.getPossibleCertificateActions(tokenInfo, new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.AUTHENTICATION).build(), new CertificateTestUtils.CertificateInfoBuilder().certificateStatus(CertificateInfo.STATUS_REGINPROG).build()).contains(PossibleActionEnum.REGISTER));
assertFalse(possibleActionsRuleEngine.getPossibleCertificateActions(tokenInfo, new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.SIGNING).build(), new CertificateTestUtils.CertificateInfoBuilder().certificateStatus(CertificateInfo.STATUS_SAVED).build()).contains(PossibleActionEnum.REGISTER));
}
use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.
the class TokenServiceTest method setup.
@Before
public void setup() throws Exception {
doAnswer(invocation -> {
Object[] args = invocation.getArguments();
String tokenId = (String) args[0];
if (WRONG_SOFTTOKEN_PIN_TOKEN_ID.equals(tokenId)) {
throw new CodedException(TokenService.PIN_INCORRECT_FAULT_CODE);
} else if (WRONG_HSM_PIN_TOKEN_ID.equals(tokenId)) {
throw new CodedException(TokenService.LOGIN_FAILED_FAULT_CODE, TokenService.CKR_PIN_INCORRECT_MESSAGE);
} else if (UNKNOWN_LOGIN_FAIL_TOKEN_ID.equals(tokenId)) {
throw new CodedException(TokenService.LOGIN_FAILED_FAULT_CODE, "dont know what happened");
} else if (TOKEN_NOT_FOUND_TOKEN_ID.equals(tokenId)) {
throw new CodedException(TokenService.TOKEN_NOT_FOUND_FAULT_CODE, "did not find it");
} else if (UNRECOGNIZED_FAULT_CODE_TOKEN_ID.equals(tokenId)) {
throw new CodedException("foo", "bar");
} else {
log.debug("activate successful");
}
return null;
}).when(signerProxyFacade).activateToken(any(), any());
doAnswer(invocation -> {
Object[] args = invocation.getArguments();
String oldPin = new String((char[]) args[1]);
String newPin = new String((char[]) args[2]);
if (WRONG_SOFTTOKEN_PIN_TOKEN_ID.equals(oldPin)) {
throw new CodedException(TokenService.PIN_INCORRECT_FAULT_CODE);
} else {
log.debug("activate successful");
}
return null;
}).when(signerProxyFacade).updateSoftwareTokenPin(any(), any(), any());
doAnswer(invocation -> {
Object[] args = invocation.getArguments();
String tokenId = (String) args[0];
if (TOKEN_NOT_FOUND_TOKEN_ID.equals(tokenId)) {
throw new CodedException(TokenService.TOKEN_NOT_FOUND_FAULT_CODE, "did not find it");
} else if (UNRECOGNIZED_FAULT_CODE_TOKEN_ID.equals(tokenId)) {
throw new CodedException("foo", "bar");
} else {
log.debug("deactivate successful");
}
return null;
}).when(signerProxyFacade).deactivateToken(any());
TokenInfo tokenInfo = new TokenTestUtils.TokenInfoBuilder().friendlyName(GOOD_TOKEN_NAME).build();
KeyInfo keyInfo = new TokenTestUtils.KeyInfoBuilder().id(GOOD_KEY_ID).build();
tokenInfo.getKeyInfo().add(keyInfo);
doAnswer(invocation -> {
Object[] args = invocation.getArguments();
String tokenId = (String) args[0];
if (TOKEN_NOT_FOUND_TOKEN_ID.equals(tokenId)) {
throw new CodedException(TokenService.TOKEN_NOT_FOUND_FAULT_CODE, "did not find it");
} else {
return tokenInfo;
}
}).when(signerProxyFacade).getToken(any());
doAnswer(invocation -> {
Object[] args = invocation.getArguments();
String newTokenName = (String) args[1];
ReflectionTestUtils.setField(tokenInfo, "friendlyName", newTokenName);
return null;
}).when(signerProxyFacade).setTokenFriendlyName(any(), any());
mockPossibleActionsRuleEngineAllowAll();
}
Aggregations