You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by db...@apache.org on 2022/09/09 16:23:17 UTC
[tomee] 01/03: Tests for public key resolution
This is an automated email from the ASF dual-hosted git repository.
dblevins pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit 9f1f46b61edb5710e6e93afc9ed09b912146f567
Author: David Blevins <db...@tomitribe.com>
AuthorDate: Thu Sep 8 19:18:27 2022 -0700
Tests for public key resolution
---
.../tomee/microprofile/jwt/CurveAsserts.java | 52 +++++++++++++++
.../apache/tomee/microprofile/jwt/KeyAsserts.java | 54 +++++++++++++++
.../jwt/config/PublicKeyResolverTest.java | 78 ++++++++++++++++++++++
3 files changed, 184 insertions(+)
diff --git a/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/CurveAsserts.java b/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/CurveAsserts.java
new file mode 100644
index 0000000000..9de1e8734f
--- /dev/null
+++ b/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/CurveAsserts.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2021 Tomitribe and community
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomee.microprofile.jwt;
+
+
+import io.churchkey.shade.util.Hex;
+
+import java.math.BigInteger;
+import java.security.spec.ECFieldF2m;
+import java.security.spec.ECFieldFp;
+import java.security.spec.ECParameterSpec;
+
+import static org.junit.Assert.assertEquals;
+
+public class CurveAsserts {
+
+ public static void assertParamSpec(final ECParameterSpec expected, final ECParameterSpec actual) {
+ assertEquals(expected.getCofactor(), actual.getCofactor());
+ assertBigInt(expected.getOrder(), actual.getOrder());
+ assertBigInt(expected.getCurve().getA(), actual.getCurve().getA());
+ assertBigInt(expected.getCurve().getB(), actual.getCurve().getB());
+ assertBigInt(expected.getGenerator().getAffineX(), actual.getGenerator().getAffineX());
+ assertBigInt(expected.getGenerator().getAffineY(), actual.getGenerator().getAffineY());
+
+ if (expected.getCurve().getField() instanceof ECFieldFp) {
+ assertBigInt(((ECFieldFp) expected.getCurve().getField()).getP(), ((ECFieldFp) actual.getCurve().getField()).getP());
+ }
+ if (expected.getCurve().getField() instanceof ECFieldF2m) {
+ assertBigInt(((ECFieldF2m) expected.getCurve().getField()).getReductionPolynomial(), ((ECFieldF2m) actual.getCurve().getField()).getReductionPolynomial());
+ }
+
+ }
+
+ public static void assertBigInt(final BigInteger expected, final BigInteger actual) {
+ final String e1 = Hex.toString(expected.toByteArray()).replaceFirst("^00", "");
+ final String a1 = Hex.toString(actual.toByteArray()).replaceFirst("^00", "");
+ assertEquals(e1, a1);
+ }
+}
diff --git a/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/KeyAsserts.java b/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/KeyAsserts.java
new file mode 100644
index 0000000000..5ff253a457
--- /dev/null
+++ b/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/KeyAsserts.java
@@ -0,0 +1,54 @@
+package org.apache.tomee.microprofile.jwt;
+
+
+import java.security.interfaces.DSAPrivateKey;
+import java.security.interfaces.DSAPublicKey;
+import java.security.interfaces.ECPrivateKey;
+import java.security.interfaces.ECPublicKey;
+import java.security.interfaces.RSAPrivateCrtKey;
+import java.security.interfaces.RSAPublicKey;
+
+import static org.junit.Assert.assertEquals;
+
+public class KeyAsserts {
+ public static void assertRsaPrivateKey(final RSAPrivateCrtKey expected, final RSAPrivateCrtKey actual) {
+ assertEquals(expected.getPublicExponent(), actual.getPublicExponent());
+ assertEquals(expected.getCrtCoefficient(), actual.getCrtCoefficient());
+ assertEquals(expected.getPrimeExponentP(), actual.getPrimeExponentP());
+ assertEquals(expected.getPrimeExponentQ(), actual.getPrimeExponentQ());
+ assertEquals(expected.getPrimeP(), actual.getPrimeP());
+ assertEquals(expected.getPrimeQ(), actual.getPrimeQ());
+ assertEquals(expected.getPrivateExponent(), actual.getPrivateExponent());
+ assertEquals(expected.getModulus(), actual.getModulus());
+ }
+
+ public static void assertRsaPublicKey(final RSAPublicKey expected, final RSAPublicKey actual) {
+ assertEquals(expected.getPublicExponent(), actual.getPublicExponent());
+ assertEquals(expected.getModulus(), actual.getModulus());
+ }
+
+ public static void assertDsaPrivateKey(final DSAPrivateKey expected, final DSAPrivateKey actual) {
+ assertEquals(expected.getParams().getG(), actual.getParams().getG());
+ assertEquals(expected.getParams().getQ(), actual.getParams().getQ());
+ assertEquals(expected.getParams().getP(), actual.getParams().getP());
+ assertEquals(expected.getX(), actual.getX());
+ }
+
+ public static void assertDsaPublicKey(final DSAPublicKey expected, final DSAPublicKey actual) {
+ assertEquals(expected.getParams().getG(), actual.getParams().getG());
+ assertEquals(expected.getParams().getQ(), actual.getParams().getQ());
+ assertEquals(expected.getParams().getP(), actual.getParams().getP());
+ assertEquals(expected.getY(), actual.getY());
+ }
+
+ public static void assertEcPrivateKey(final ECPrivateKey expected, final ECPrivateKey actual) {
+ assertEquals("d", expected.getS(), actual.getS());
+ CurveAsserts.assertParamSpec(expected.getParams(), actual.getParams());
+ }
+
+ public static void assertEcPublicKey(final ECPublicKey expected, final ECPublicKey actual) {
+ assertEquals("x", expected.getW().getAffineX(), actual.getW().getAffineX());
+ assertEquals("y", expected.getW().getAffineY(), actual.getW().getAffineY());
+ CurveAsserts.assertParamSpec(expected.getParams(), actual.getParams());
+ }
+}
diff --git a/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/config/PublicKeyResolverTest.java b/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/config/PublicKeyResolverTest.java
new file mode 100644
index 0000000000..e792870ee9
--- /dev/null
+++ b/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/config/PublicKeyResolverTest.java
@@ -0,0 +1,78 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomee.microprofile.jwt.config;
+
+import io.churchkey.Key;
+import io.churchkey.Keys;
+import org.apache.openejb.loader.Files;
+import org.apache.openejb.loader.IO;
+import org.apache.tomee.microprofile.jwt.KeyAsserts;
+import org.junit.Test;
+
+import java.io.File;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.interfaces.RSAPublicKey;
+import java.util.Map;
+import java.util.Optional;
+
+import static org.junit.Assert.assertEquals;
+
+public class PublicKeyResolverTest {
+
+ @Test
+ public void publicKeyPemFromFileUrl() throws Exception {
+ final File dir = Files.tmpdir();
+ final Key privateKey = generate(Key.Algorithm.RSA);
+ final Key expected = privateKey.getPublicKey();
+
+ final File file = new File(dir, "publicKey.pem");
+ IO.copy(expected.encode(Key.Format.PEM), file);
+
+ final Map<String, java.security.Key> keys = new PublicKeyResolver().resolve(
+ Optional.empty(),
+ Optional.of(file.toURI().toASCIIString())).get();
+
+ assertEquals(1, keys.size());
+ final java.security.Key actual = keys.values().iterator().next();
+
+ KeyAsserts.assertRsaPublicKey((RSAPublicKey) expected.getKey(), (RSAPublicKey) actual);
+ }
+
+ @Test
+ public void publicKeyPemContents() throws Exception {
+ final Key privateKey = generate(Key.Algorithm.RSA);
+ final Key expected = privateKey.getPublicKey();
+
+ final Map<String, java.security.Key> keys = new PublicKeyResolver().resolve(
+ Optional.of(expected.toPem()),
+ Optional.empty()).get();
+
+ assertEquals(1, keys.size());
+ final java.security.Key actual = keys.values().iterator().next();
+
+ KeyAsserts.assertRsaPublicKey((RSAPublicKey) expected.getKey(), (RSAPublicKey) actual);
+ }
+
+ private Key generate(final Key.Algorithm algorithm) throws NoSuchAlgorithmException {
+ final KeyPairGenerator generator = KeyPairGenerator.getInstance(algorithm.name());
+ final KeyPair pair = generator.generateKeyPair();
+ return Keys.of(pair);
+ }
+
+}