diff --git a/src/main/kotlin/com/vauthenticator/server/keys/KeyConfig.kt b/src/main/kotlin/com/vauthenticator/server/keys/KeyConfig.kt index 78155565..ce7a88c4 100644 --- a/src/main/kotlin/com/vauthenticator/server/keys/KeyConfig.kt +++ b/src/main/kotlin/com/vauthenticator/server/keys/KeyConfig.kt @@ -29,7 +29,7 @@ class KeyConfig { kmsClient: KmsClient, storage: KeyGeneratorMasterKeyStorage ): KeyGenerator = JavaSecurityKeyGenerator( - KeyCryptographicOperations( + JavaSecurityCryptographicOperations( KeyGeneratorMasterKeyRepository(storage) ) ) @@ -45,7 +45,7 @@ class KeyConfig { storage: KeyGeneratorMasterKeyStorage ): KeyDecrypter = JavaSecurityKeyDecrypter( maserKid, - KeyCryptographicOperations( + JavaSecurityCryptographicOperations( KeyGeneratorMasterKeyRepository(storage) ) ) diff --git a/src/main/kotlin/com/vauthenticator/server/keys/adapter/java/KeyCryptographicOperations.kt b/src/main/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityCryptographicOperations.kt similarity index 97% rename from src/main/kotlin/com/vauthenticator/server/keys/adapter/java/KeyCryptographicOperations.kt rename to src/main/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityCryptographicOperations.kt index 9b65acfe..32f65301 100644 --- a/src/main/kotlin/com/vauthenticator/server/keys/adapter/java/KeyCryptographicOperations.kt +++ b/src/main/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityCryptographicOperations.kt @@ -11,7 +11,7 @@ import javax.crypto.Cipher import javax.crypto.spec.SecretKeySpec -class KeyCryptographicOperations( +class JavaSecurityCryptographicOperations( private val repository: KeyGeneratorMasterKeyRepository ) { companion object { diff --git a/src/main/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityKeyDecrypter.kt b/src/main/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityKeyDecrypter.kt index a3ed3ccb..570019d4 100644 --- a/src/main/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityKeyDecrypter.kt +++ b/src/main/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityKeyDecrypter.kt @@ -6,10 +6,10 @@ import com.vauthenticator.server.keys.domain.MasterKid class JavaSecurityKeyDecrypter( private val maserKid: String, - private val keyCryptographicOperations: KeyCryptographicOperations + private val javaSecurityCryptographicOperations: JavaSecurityCryptographicOperations ) : KeyDecrypter { override fun decryptKey(encrypted: String): String { - return encoder.encode(keyCryptographicOperations.decryptKeyWith(MasterKid(maserKid), encrypted.toByteArray())) + return encoder.encode(javaSecurityCryptographicOperations.decryptKeyWith(MasterKid(maserKid), encrypted.toByteArray())) .decodeToString() } } \ No newline at end of file diff --git a/src/main/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityKeyGenerator.kt b/src/main/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityKeyGenerator.kt index 746b05a2..5f541e93 100644 --- a/src/main/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityKeyGenerator.kt +++ b/src/main/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityKeyGenerator.kt @@ -7,22 +7,22 @@ import java.util.* class JavaSecurityKeyGenerator( - private val keyCryptographicOperations: KeyCryptographicOperations + private val javaSecurityCryptographicOperations: JavaSecurityCryptographicOperations ) : KeyGenerator { override fun dataKeyPairFor(masterKid: MasterKid): DataKey { - val generateRSAKeyPair = keyCryptographicOperations.generateRSAKeyPair() + val generateRSAKeyPair = javaSecurityCryptographicOperations.generateRSAKeyPair() return DataKey( - keyCryptographicOperations.encryptKeyWith(masterKid, generateRSAKeyPair.private.encoded), + javaSecurityCryptographicOperations.encryptKeyWith(masterKid, generateRSAKeyPair.private.encoded), Optional.of(generateRSAKeyPair.public.encoded) ) } override fun dataKeyFor(masterKid: MasterKid): DataKey { - val generateRSAKeyPair = keyCryptographicOperations.generateRSAKeyPair() + val generateRSAKeyPair = javaSecurityCryptographicOperations.generateRSAKeyPair() return DataKey( - keyCryptographicOperations.encryptKeyWith(masterKid, generateRSAKeyPair.private.encoded), + javaSecurityCryptographicOperations.encryptKeyWith(masterKid, generateRSAKeyPair.private.encoded), Optional.empty() ) } diff --git a/src/test/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityCryptographicOperationsTest.kt b/src/test/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityCryptographicOperationsTest.kt new file mode 100644 index 00000000..352eecfc --- /dev/null +++ b/src/test/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityCryptographicOperationsTest.kt @@ -0,0 +1,81 @@ +package com.vauthenticator.server.keys.adapter.java + +import com.vauthenticator.server.extentions.decoder +import com.vauthenticator.server.support.KeysUtils +import io.mockk.* +import io.mockk.impl.annotations.MockK +import io.mockk.junit5.MockKExtension +import org.junit.jupiter.api.Assertions +import org.junit.jupiter.api.BeforeEach +import org.junit.jupiter.api.Test +import org.junit.jupiter.api.extension.ExtendWith +import java.security.KeyPair +import java.security.KeyPairGenerator +import java.security.spec.RSAKeyGenParameterSpec +import javax.crypto.Cipher +import javax.crypto.spec.SecretKeySpec + +@ExtendWith(MockKExtension::class) +class JavaSecurityCryptographicOperationsTest { + + @MockK + lateinit var repository: KeyGeneratorMasterKeyRepository + + lateinit var uut: JavaSecurityCryptographicOperations + + @BeforeEach + fun setUp() { + uut = JavaSecurityCryptographicOperations(repository) + } + + @Test + fun `when a new rsa key pair is created`() { + mockkStatic(KeyPairGenerator::class) + val expected = mockk() + val generator = mockk(relaxed = true) + every { KeyPairGenerator.getInstance("RSA", "BC") } returns generator + every { generator.initialize(RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4)) } just runs + every { generator.generateKeyPair() } returns expected + + val actual = uut.generateRSAKeyPair() + Assertions.assertEquals(expected, actual) + } + + @Test + fun `when an encoded plain text is encrypted with some master key`() { + val expected = "ENCRYPTED_DATA".toByteArray() + val encodedPlainText = "INPUT_TEXT".toByteArray() + val masterKeyValue = "QV9LRVk=" + val key = SecretKeySpec(decoder.decode(masterKeyValue), "AES") + val cipher = mockk(relaxed = true) + mockkStatic(Cipher::class) + + every { repository.maskerKeyFor(KeysUtils.aMasterKey) } returns masterKeyValue + every { Cipher.getInstance("AES") } returns cipher + every { cipher.init(Cipher.ENCRYPT_MODE, key) } just runs + every { cipher.doFinal(encodedPlainText) } returns expected + + val actual = uut.encryptKeyWith(KeysUtils.aMasterKey, encodedPlainText) + Assertions.assertEquals(expected, actual) + } + + @Test + fun `when an encoded encrypted text is decrypted with some master key`() { + val expected = "DECRYPTED_DATA".toByteArray() + val encodedEncryptedText = "RU5DUllQVEVEX0lOUFVUX1RFWFQ=".toByteArray() + val masterKeyValue = "QV9LRVk=" + val key = SecretKeySpec(decoder.decode(masterKeyValue), "AES") + val cipher = mockk(relaxed = true) + mockkStatic(Cipher::class) + + every { repository.maskerKeyFor(KeysUtils.aMasterKey) } returns masterKeyValue + every { Cipher.getInstance("AES") } returns cipher + every { cipher.init(Cipher.DECRYPT_MODE, key) } just runs + every { cipher.doFinal(decoder.decode(encodedEncryptedText)) } returns expected + + val actual = uut.decryptKeyWith(KeysUtils.aMasterKey, encodedEncryptedText) + Assertions.assertEquals(expected, actual) + } + + +} \ No newline at end of file diff --git a/src/test/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityKeyDecrypterTest.kt b/src/test/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityKeyDecrypterTest.kt index 320e38aa..b043eb40 100644 --- a/src/test/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityKeyDecrypterTest.kt +++ b/src/test/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityKeyDecrypterTest.kt @@ -13,7 +13,7 @@ import org.junit.jupiter.api.extension.ExtendWith class JavaSecurityKeyDecrypterTest { @MockK - lateinit var keyCryptographicOperations: KeyCryptographicOperations + lateinit var javaSecurityCryptographicOperations: JavaSecurityCryptographicOperations @Test fun `happy path`() { @@ -21,9 +21,9 @@ class JavaSecurityKeyDecrypterTest { val decrypted = "AN_UNENCRYPTED_VALUE".toByteArray() val maserKid = "A_MASTER_KEY" - val uut = JavaSecurityKeyDecrypter(maserKid, keyCryptographicOperations) + val uut = JavaSecurityKeyDecrypter(maserKid, javaSecurityCryptographicOperations) - every { keyCryptographicOperations.decryptKeyWith(MasterKid(maserKid), encrypted.toByteArray()) } returns decrypted + every { javaSecurityCryptographicOperations.decryptKeyWith(MasterKid(maserKid), encrypted.toByteArray()) } returns decrypted val actual = uut.decryptKey(encrypted) val expected = encoder.encode(decrypted).decodeToString() diff --git a/src/test/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityKeyGeneratorTest.kt b/src/test/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityKeyGeneratorTest.kt index 008d81d1..026f578a 100644 --- a/src/test/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityKeyGeneratorTest.kt +++ b/src/test/kotlin/com/vauthenticator/server/keys/adapter/java/JavaSecurityKeyGeneratorTest.kt @@ -19,7 +19,7 @@ import java.security.PublicKey class JavaSecurityKeyGeneratorTest { @MockK - lateinit var keyCryptographicOperations: KeyCryptographicOperations + lateinit var javaSecurityCryptographicOperations: JavaSecurityCryptographicOperations private val masterKid = MasterKid("A_MASTER_KEY") private val anEncryptedPrivateKEyValueAsByteArray = "AN_ENCRYPTED_PRIVATE_KEY_VALUE".toByteArray() @@ -29,7 +29,7 @@ class JavaSecurityKeyGeneratorTest { @BeforeEach fun setUp() { - uut = JavaSecurityKeyGenerator(keyCryptographicOperations) + uut = JavaSecurityKeyGenerator(javaSecurityCryptographicOperations) } @Test @@ -37,12 +37,12 @@ class JavaSecurityKeyGeneratorTest { val keyPair = mockk() val privateKey = mockk() - every { keyCryptographicOperations.generateRSAKeyPair() } returns keyPair + every { javaSecurityCryptographicOperations.generateRSAKeyPair() } returns keyPair every { keyPair.private } returns privateKey every { privateKey.encoded } returns anEncryptedPrivateKEyValueAsByteArray every { - keyCryptographicOperations.encryptKeyWith( + javaSecurityCryptographicOperations.encryptKeyWith( masterKid, anEncryptedPrivateKEyValueAsByteArray ) @@ -60,7 +60,7 @@ class JavaSecurityKeyGeneratorTest { val privateKey = mockk() val publicKey = mockk() - every { keyCryptographicOperations.generateRSAKeyPair() } returns keyPair + every { javaSecurityCryptographicOperations.generateRSAKeyPair() } returns keyPair every { keyPair.private } returns privateKey every { privateKey.encoded } returns anEncryptedPrivateKEyValueAsByteArray @@ -68,7 +68,7 @@ class JavaSecurityKeyGeneratorTest { every { publicKey.encoded } returns aPublicKeyValueAsByteArray every { - keyCryptographicOperations.encryptKeyWith( + javaSecurityCryptographicOperations.encryptKeyWith( masterKid, anEncryptedPrivateKEyValueAsByteArray ) diff --git a/src/test/kotlin/com/vauthenticator/server/keys/adapter/java/KeyCryptographicOperationsTest.kt b/src/test/kotlin/com/vauthenticator/server/keys/adapter/java/KeyCryptographicOperationsTest.kt deleted file mode 100644 index 2f7be0e3..00000000 --- a/src/test/kotlin/com/vauthenticator/server/keys/adapter/java/KeyCryptographicOperationsTest.kt +++ /dev/null @@ -1,4 +0,0 @@ -package com.vauthenticator.server.keys.adapter.java - -//todo -class KeyCryptographicOperationsTest \ No newline at end of file