1 package ca.uhn.hl7v2.hoh.sign;
2
3 import static org.junit.Assert.*;
4
5 import java.io.IOException;
6 import java.io.InputStream;
7 import java.security.KeyStore;
8 import java.security.KeyStoreException;
9 import java.security.NoSuchAlgorithmException;
10 import java.security.cert.CertificateException;
11
12 import org.junit.Test;
13
14 public class BouncyCastleCmsMessageSignerTest {
15
16 private static final String HELLO_WORLD = "HELLO WORLD!!!!!aa";
17
18 private static final org.slf4j.Logger ourLog = org.slf4j.LoggerFactory.getLogger(BouncyCastleCmsMessageSignerTest.class);
19
20 @Test
21 public void testSignAndVerify() throws Exception {
22
23 BouncyCastleCmsMessageSigner signer = createSigner();
24 String signed = signer.sign(HELLO_WORLD.getBytes("US-ASCII"));
25
26 ourLog.info("Signed ({} bytes): {}", signed.length(), signed);
27
28
29 signer = createVerifier();
30 signer.verify(HELLO_WORLD.getBytes("US-ASCII"), signed);
31
32 }
33
34 public static BouncyCastleCmsMessageSigner createVerifier() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
35 BouncyCastleCmsMessageSigner signer;
36 signer = new BouncyCastleCmsMessageSigner();
37 signer.setKeyStore(loadTrustStore());
38 signer.setKeyAlias(getKeystoreKeyAlias());
39 signer.setAliasPassword(getKeystoreKeyAliasPassword());
40 return signer;
41 }
42
43 public static BouncyCastleCmsMessageSigner createSigner() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
44 BouncyCastleCmsMessageSigner signer = new BouncyCastleCmsMessageSigner();
45 signer.setKeyStore(getKeystore());
46 signer.setKeyAlias(getKeystoreKeyAlias());
47 signer.setAliasPassword(getKeystoreKeyAliasPassword());
48 return signer;
49 }
50
51 private static KeyStore loadTrustStore() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
52 KeyStore trustStore = KeyStore.getInstance("JKS");
53 InputStream trustStream = BouncyCastleCmsMessageSignerTest.class.getResourceAsStream("/truststore.jks");
54 trustStore.load(trustStream, getKeystoreKeyAliasPassword().toCharArray());
55 return trustStore;
56 }
57
58 private static String getKeystoreKeyAliasPassword() {
59 return "changeit";
60 }
61
62 private static String getKeystoreKeyAlias() {
63 return "testcert";
64 }
65
66 private static KeyStore getKeystore() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
67 KeyStore keyStore = KeyStore.getInstance("JKS");
68 InputStream ksStream = BouncyCastleCmsMessageSignerTest.class.getResourceAsStream("/keystore.jks");
69 keyStore.load(ksStream, getKeystoreKeyAliasPassword().toCharArray());
70 return keyStore;
71 }
72
73 @Test
74 public void testTryToSignWithPublicKey() throws Exception {
75 BouncyCastleCmsMessageSigner signer = createSigner();
76 signer.setKeyStore(loadTrustStore());
77
78 try {
79 signer.sign(HELLO_WORLD.getBytes("US-ASCII"));
80 fail();
81 } catch (SignatureFailureException e) {
82 assertTrue(e.toString(), e.getMessage().contains(BouncyCastleCmsMessageSigner.MSG_KEY_IS_NOT_A_PRIVATE_KEY));
83 }
84 }
85
86 @Test
87 public void testSignAndVerifyStringChanged() throws Exception {
88 BouncyCastleCmsMessageSigner signer = createSigner();
89 String signed = signer.sign(HELLO_WORLD.getBytes("US-ASCII"));
90
91 ourLog.info("Signed ({} bytes): {}", signed.length(), signed);
92
93
94 signer = createVerifier();
95
96 try {
97 signer.verify("HELLO WORLD....".getBytes("US-ASCII"), signed);
98 fail();
99 } catch (SignatureVerificationException e) {
100
101 }
102
103 }
104
105 }