View Javadoc

1   package ca.uhn.hl7v2.hoh.sign;
2   
3   import static org.junit.Assert.*;
4   
5   import java.io.IOException;
6   import java.io.InputStream;
7   import java.security.KeyStore;
8   import java.security.KeyStoreException;
9   import java.security.NoSuchAlgorithmException;
10  import java.security.cert.CertificateException;
11  
12  import org.junit.Test;
13  
14  public class BouncyCastleCmsMessageSignerTest {
15  
16  	private static final String HELLO_WORLD = "HELLO WORLD!!!!!aa";
17  
18  	private static final org.slf4j.Logger ourLog = org.slf4j.LoggerFactory.getLogger(BouncyCastleCmsMessageSignerTest.class);
19  
20  	@Test
21  	public void testSignAndVerify() throws Exception {
22  
23  		BouncyCastleCmsMessageSigner signer = createSigner();
24  		String signed = signer.sign(HELLO_WORLD.getBytes("US-ASCII"));
25  
26  		ourLog.info("Signed ({} bytes): {}", signed.length(), signed);
27  
28  		// Now verify
29  		signer = createVerifier();
30  		signer.verify(HELLO_WORLD.getBytes("US-ASCII"), signed);
31  
32  	}
33  
34  	public static BouncyCastleCmsMessageSigner createVerifier() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
35  		BouncyCastleCmsMessageSigner signer;
36  		signer = new BouncyCastleCmsMessageSigner();
37  		signer.setKeyStore(loadTrustStore());
38  		signer.setKeyAlias(getKeystoreKeyAlias());
39  		signer.setAliasPassword(getKeystoreKeyAliasPassword());
40  		return signer;
41  	}
42  
43  	public static BouncyCastleCmsMessageSigner createSigner() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
44  		BouncyCastleCmsMessageSigner signer = new BouncyCastleCmsMessageSigner();
45  		signer.setKeyStore(getKeystore());
46  		signer.setKeyAlias(getKeystoreKeyAlias());
47  		signer.setAliasPassword(getKeystoreKeyAliasPassword());
48  		return signer;
49  	}
50  
51  	private static KeyStore loadTrustStore() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
52  		KeyStore trustStore = KeyStore.getInstance("JKS");
53  		InputStream trustStream = BouncyCastleCmsMessageSignerTest.class.getResourceAsStream("/truststore.jks");
54  		trustStore.load(trustStream, getKeystoreKeyAliasPassword().toCharArray());
55  		return trustStore;
56  	}
57  
58  	private static String getKeystoreKeyAliasPassword() {
59  		return "changeit";
60  	}
61  
62  	private static String getKeystoreKeyAlias() {
63  		return "testcert";
64  	}
65  
66  	private static KeyStore getKeystore() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
67  		KeyStore keyStore = KeyStore.getInstance("JKS");
68  		InputStream ksStream = BouncyCastleCmsMessageSignerTest.class.getResourceAsStream("/keystore.jks");
69  		keyStore.load(ksStream, getKeystoreKeyAliasPassword().toCharArray());
70  		return keyStore;
71  	}
72  
73  	@Test
74  	public void testTryToSignWithPublicKey() throws Exception {
75  		BouncyCastleCmsMessageSigner signer = createSigner();
76  		signer.setKeyStore(loadTrustStore());
77  
78  		try {
79  			signer.sign(HELLO_WORLD.getBytes("US-ASCII"));
80  			fail();
81  		} catch (SignatureFailureException e) {
82  			assertTrue(e.toString(), e.getMessage().contains(BouncyCastleCmsMessageSigner.MSG_KEY_IS_NOT_A_PRIVATE_KEY));
83  		}
84  	}
85  
86  	@Test
87  	public void testSignAndVerifyStringChanged() throws Exception {
88  		BouncyCastleCmsMessageSigner signer = createSigner();
89  		String signed = signer.sign(HELLO_WORLD.getBytes("US-ASCII"));
90  
91  		ourLog.info("Signed ({} bytes): {}", signed.length(), signed);
92  
93  		// Now verify that non-matching fails
94  		signer = createVerifier();
95  
96  		try {
97  			signer.verify("HELLO WORLD....".getBytes("US-ASCII"), signed);
98  			fail();
99  		} catch (SignatureVerificationException e) {
100 
101 		}
102 
103 	}
104 
105 }