Search in sources :

Example 1 with TokenInfo

use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.

the class PossibleActionsRuleEngineTest method getPossibleKeyActionGenerateSignCsr.

@Test
public void getPossibleKeyActionGenerateSignCsr() {
    TokenInfo tokenInfo;
    EnumSet<PossibleActionEnum> actions;
    // basic happy case
    tokenInfo = new TokenTestUtils.TokenInfoBuilder().active(true).key(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.SIGNING).available(true).build()).build();
    actions = getPossibleKeyActions(tokenInfo);
    assertTrue(actions.contains(PossibleActionEnum.GENERATE_SIGN_CSR));
    assertFalse(actions.contains(PossibleActionEnum.GENERATE_AUTH_CSR));
    // generate is possible is usage = null (undefined)
    tokenInfo = new TokenTestUtils.TokenInfoBuilder().active(true).key(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(null).available(true).build()).build();
    actions = getPossibleKeyActions(tokenInfo);
    assertTrue(actions.contains(PossibleActionEnum.GENERATE_SIGN_CSR));
    // not possible if usage = auth
    tokenInfo = new TokenTestUtils.TokenInfoBuilder().active(true).key(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.AUTHENTICATION).available(true).build()).build();
    actions = getPossibleKeyActions(tokenInfo);
    assertFalse(actions.contains(PossibleActionEnum.GENERATE_SIGN_CSR));
    // not possible if key unavailable
    tokenInfo = new TokenTestUtils.TokenInfoBuilder().active(true).key(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.SIGNING).available(false).build()).build();
    actions = getPossibleKeyActions(tokenInfo);
    assertFalse(actions.contains(PossibleActionEnum.GENERATE_SIGN_CSR));
    // not possible if token inactive
    tokenInfo = new TokenTestUtils.TokenInfoBuilder().active(false).key(new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.SIGNING).available(true).build()).build();
    actions = getPossibleKeyActions(tokenInfo);
    assertFalse(actions.contains(PossibleActionEnum.GENERATE_SIGN_CSR));
}
Also used : TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo) Test(org.junit.Test)

Example 2 with TokenInfo

use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.

the class PossibleActionsRuleEngineTest method getPossibleKeyActionEditFriendlyName.

@Test
public void getPossibleKeyActionEditFriendlyName() {
    TokenInfo unsaved = new TokenTestUtils.TokenInfoBuilder().key(new TokenTestUtils.KeyInfoBuilder().cert(new CertificateTestUtils.CertificateInfoBuilder().savedToConfiguration(false).build()).build()).build();
    TokenInfo saved = new TokenTestUtils.TokenInfoBuilder().key(new TokenTestUtils.KeyInfoBuilder().cert(new CertificateTestUtils.CertificateInfoBuilder().savedToConfiguration(true).build()).build()).build();
    EnumSet<PossibleActionEnum> actions = getPossibleKeyActions(saved);
    assertTrue(actions.contains(PossibleActionEnum.EDIT_FRIENDLY_NAME));
    actions = getPossibleKeyActions(unsaved);
    assertTrue(actions.contains(PossibleActionEnum.EDIT_FRIENDLY_NAME));
}
Also used : TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo) Test(org.junit.Test)

Example 3 with TokenInfo

use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.

the class PossibleActionsRuleEngineTest method createTestToken.

/**
 * Create a specific token-key combination
 */
private TokenInfo createTestToken(boolean tokenSaved, boolean tokenReadOnly, boolean tokenActive, boolean keyNotSupported) {
    CertificateInfo cert = new CertificateTestUtils.CertificateInfoBuilder().savedToConfiguration(tokenSaved).build();
    String tokenId;
    KeyUsageInfo usage;
    if (keyNotSupported) {
        tokenId = PossibleActionsRuleEngine.SOFTWARE_TOKEN_ID + 1;
        usage = KeyUsageInfo.AUTHENTICATION;
    } else {
        tokenId = PossibleActionsRuleEngine.SOFTWARE_TOKEN_ID;
        usage = KeyUsageInfo.AUTHENTICATION;
    }
    KeyInfo key = new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(usage).cert(cert).build();
    TokenInfo tokenInfo = new TokenTestUtils.TokenInfoBuilder().readOnly(tokenReadOnly).active(tokenActive).key(key).id(tokenId).build();
    return tokenInfo;
}
Also used : KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) CertificateInfo(ee.ria.xroad.signer.protocol.dto.CertificateInfo) TokenTestUtils(org.niis.xroad.securityserver.restapi.util.TokenTestUtils) TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo) KeyUsageInfo(ee.ria.xroad.signer.protocol.dto.KeyUsageInfo)

Example 4 with TokenInfo

use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.

the class PossibleActionsRuleEngineTest method getPossibleCertificateActionRegister.

@Test
public void getPossibleCertificateActionRegister() {
    TokenInfo tokenInfo = new TokenTestUtils.TokenInfoBuilder().build();
    assertTrue(possibleActionsRuleEngine.getPossibleCertificateActions(tokenInfo, new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.AUTHENTICATION).build(), new CertificateTestUtils.CertificateInfoBuilder().certificateStatus(CertificateInfo.STATUS_SAVED).build()).contains(PossibleActionEnum.REGISTER));
    assertFalse(possibleActionsRuleEngine.getPossibleCertificateActions(tokenInfo, new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.AUTHENTICATION).build(), new CertificateTestUtils.CertificateInfoBuilder().certificateStatus(CertificateInfo.STATUS_REGINPROG).build()).contains(PossibleActionEnum.REGISTER));
    assertFalse(possibleActionsRuleEngine.getPossibleCertificateActions(tokenInfo, new TokenTestUtils.KeyInfoBuilder().keyUsageInfo(KeyUsageInfo.SIGNING).build(), new CertificateTestUtils.CertificateInfoBuilder().certificateStatus(CertificateInfo.STATUS_SAVED).build()).contains(PossibleActionEnum.REGISTER));
}
Also used : CertificateTestUtils(org.niis.xroad.securityserver.restapi.util.CertificateTestUtils) TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo) TokenTestUtils(org.niis.xroad.securityserver.restapi.util.TokenTestUtils) Test(org.junit.Test)

Example 5 with TokenInfo

use of ee.ria.xroad.signer.protocol.dto.TokenInfo in project X-Road by nordic-institute.

the class TokenServiceTest method setup.

@Before
public void setup() throws Exception {
    doAnswer(invocation -> {
        Object[] args = invocation.getArguments();
        String tokenId = (String) args[0];
        if (WRONG_SOFTTOKEN_PIN_TOKEN_ID.equals(tokenId)) {
            throw new CodedException(TokenService.PIN_INCORRECT_FAULT_CODE);
        } else if (WRONG_HSM_PIN_TOKEN_ID.equals(tokenId)) {
            throw new CodedException(TokenService.LOGIN_FAILED_FAULT_CODE, TokenService.CKR_PIN_INCORRECT_MESSAGE);
        } else if (UNKNOWN_LOGIN_FAIL_TOKEN_ID.equals(tokenId)) {
            throw new CodedException(TokenService.LOGIN_FAILED_FAULT_CODE, "dont know what happened");
        } else if (TOKEN_NOT_FOUND_TOKEN_ID.equals(tokenId)) {
            throw new CodedException(TokenService.TOKEN_NOT_FOUND_FAULT_CODE, "did not find it");
        } else if (UNRECOGNIZED_FAULT_CODE_TOKEN_ID.equals(tokenId)) {
            throw new CodedException("foo", "bar");
        } else {
            log.debug("activate successful");
        }
        return null;
    }).when(signerProxyFacade).activateToken(any(), any());
    doAnswer(invocation -> {
        Object[] args = invocation.getArguments();
        String oldPin = new String((char[]) args[1]);
        String newPin = new String((char[]) args[2]);
        if (WRONG_SOFTTOKEN_PIN_TOKEN_ID.equals(oldPin)) {
            throw new CodedException(TokenService.PIN_INCORRECT_FAULT_CODE);
        } else {
            log.debug("activate successful");
        }
        return null;
    }).when(signerProxyFacade).updateSoftwareTokenPin(any(), any(), any());
    doAnswer(invocation -> {
        Object[] args = invocation.getArguments();
        String tokenId = (String) args[0];
        if (TOKEN_NOT_FOUND_TOKEN_ID.equals(tokenId)) {
            throw new CodedException(TokenService.TOKEN_NOT_FOUND_FAULT_CODE, "did not find it");
        } else if (UNRECOGNIZED_FAULT_CODE_TOKEN_ID.equals(tokenId)) {
            throw new CodedException("foo", "bar");
        } else {
            log.debug("deactivate successful");
        }
        return null;
    }).when(signerProxyFacade).deactivateToken(any());
    TokenInfo tokenInfo = new TokenTestUtils.TokenInfoBuilder().friendlyName(GOOD_TOKEN_NAME).build();
    KeyInfo keyInfo = new TokenTestUtils.KeyInfoBuilder().id(GOOD_KEY_ID).build();
    tokenInfo.getKeyInfo().add(keyInfo);
    doAnswer(invocation -> {
        Object[] args = invocation.getArguments();
        String tokenId = (String) args[0];
        if (TOKEN_NOT_FOUND_TOKEN_ID.equals(tokenId)) {
            throw new CodedException(TokenService.TOKEN_NOT_FOUND_FAULT_CODE, "did not find it");
        } else {
            return tokenInfo;
        }
    }).when(signerProxyFacade).getToken(any());
    doAnswer(invocation -> {
        Object[] args = invocation.getArguments();
        String newTokenName = (String) args[1];
        ReflectionTestUtils.setField(tokenInfo, "friendlyName", newTokenName);
        return null;
    }).when(signerProxyFacade).setTokenFriendlyName(any(), any());
    mockPossibleActionsRuleEngineAllowAll();
}
Also used : CodedException(ee.ria.xroad.common.CodedException) KeyInfo(ee.ria.xroad.signer.protocol.dto.KeyInfo) TokenInfo(ee.ria.xroad.signer.protocol.dto.TokenInfo) Before(org.junit.Before)

Aggregations

TokenInfo (ee.ria.xroad.signer.protocol.dto.TokenInfo)52 KeyInfo (ee.ria.xroad.signer.protocol.dto.KeyInfo)33 Test (org.junit.Test)19 TokenTestUtils (org.niis.xroad.securityserver.restapi.util.TokenTestUtils)16 CodedException (ee.ria.xroad.common.CodedException)14 CertificateInfo (ee.ria.xroad.signer.protocol.dto.CertificateInfo)13 SignerNotReachableException (org.niis.xroad.restapi.service.SignerNotReachableException)11 TokenInfoAndKeyId (ee.ria.xroad.signer.protocol.dto.TokenInfoAndKeyId)9 ServiceException (org.niis.xroad.restapi.service.ServiceException)8 Before (org.junit.Before)7 CertRequestInfo (ee.ria.xroad.signer.protocol.dto.CertRequestInfo)6 CertificateTestUtils (org.niis.xroad.securityserver.restapi.util.CertificateTestUtils)6 ClientId (ee.ria.xroad.common.identifier.ClientId)5 HashMap (java.util.HashMap)5 DeviationAwareRuntimeException (org.niis.xroad.restapi.exceptions.DeviationAwareRuntimeException)5 Command (asg.cliche.Command)4 Utils.printTokenInfo (ee.ria.xroad.signer.console.Utils.printTokenInfo)4 KeyUsageInfo (ee.ria.xroad.signer.protocol.dto.KeyUsageInfo)4 ListTokens (ee.ria.xroad.signer.protocol.message.ListTokens)4 ArrayList (java.util.ArrayList)4