From aea1bf678d462f5a64e2885ed2a8a0d0268e8cd1 Mon Sep 17 00:00:00 2001
From: Steven Glover <steven.glover@alfresco.com>
Date: Tue, 19 Jul 2011 11:34:36 +0000
Subject: [PATCH] More missing files for ALF-8791: "RSOLR 036: Update
 IndexChecker to support SOLR"

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@29181 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 .../alfresco/encryption/EncryptorTest.java    |  72 +++++++
 .../encryption/KeyStoreKeyProviderTest.java   | 181 ++++++++++++++++++
 2 files changed, 253 insertions(+)
 create mode 100644 source/java/org/alfresco/encryption/EncryptorTest.java
 create mode 100644 source/java/org/alfresco/encryption/KeyStoreKeyProviderTest.java

diff --git a/source/java/org/alfresco/encryption/EncryptorTest.java b/source/java/org/alfresco/encryption/EncryptorTest.java
new file mode 100644
index 0000000000..9e230ef805
--- /dev/null
+++ b/source/java/org/alfresco/encryption/EncryptorTest.java
@@ -0,0 +1,72 @@
+package org.alfresco.encryption;
+
+import java.io.Serializable;
+import java.security.AlgorithmParameters;
+
+import junit.framework.TestCase;
+
+import org.alfresco.encryption.DefaultEncryptor;
+import org.alfresco.util.Pair;
+import org.bouncycastle.util.Arrays;
+
+/**
+ * @since 4.0
+ */
+public class EncryptorTest extends TestCase
+{
+    private DefaultEncryptor encryptor;
+    
+    public void setUp() throws Exception
+    {
+        encryptor = new DefaultEncryptor(
+                KeyStoreKeyProviderTest.getTestKeyStoreProvider(),
+                "DESede/CBC/PKCS5Padding",
+                null);
+        encryptor.init();        // Not currently necessary
+    }
+    
+    public void testBasicBytes_NoKey()
+    {
+        byte[] bytes = new byte[] {11, 12, 13};
+
+        Pair<byte[], AlgorithmParameters> encryptedPair = encryptor.encrypt("fluff", null, bytes);
+        byte[] decrypted = encryptor.decrypt(
+                "fluff",
+                encryptedPair.getSecond(),
+                encryptedPair.getFirst());
+        assertTrue("Encryption round trip failed. ", Arrays.areEqual(bytes, decrypted));
+    }
+    
+    public void testBasicBytes_WithKey()
+    {
+        byte[] bytes = new byte[] {11, 12, 13};
+
+        Pair<byte[], AlgorithmParameters> encryptedPair = encryptor.encrypt("mykey1", null, bytes);
+        byte[] decrypted = encryptor.decrypt(
+                "mykey1",
+                encryptedPair.getSecond(),
+                encryptedPair.getFirst());
+        assertTrue("Encryption round trip failed. ", Arrays.areEqual(bytes, decrypted));
+    }
+    
+    public void testBasicObject()
+    {
+        Object testObject = "   This is a string, but will be serialized    ";
+
+        Pair<byte[], AlgorithmParameters> encryptedPair = encryptor.encryptObject("mykey2", null, testObject);
+        Object output = encryptor.decryptObject(
+                "mykey2",
+                encryptedPair.getSecond(),
+                encryptedPair.getFirst());
+        assertEquals("Encryption round trip failed. ", testObject, output);
+    }
+    
+    public void testSealedObject()
+    {
+        Serializable testObject = "   This is a string, but will be serialized    ";
+
+        Serializable sealedObject = encryptor.sealObject("mykey2", null, testObject);
+        Object output = encryptor.unsealObject("mykey2", sealedObject);
+        assertEquals("Encryption round trip failed. ", testObject, output);
+    }
+}
diff --git a/source/java/org/alfresco/encryption/KeyStoreKeyProviderTest.java b/source/java/org/alfresco/encryption/KeyStoreKeyProviderTest.java
new file mode 100644
index 0000000000..575ab39461
--- /dev/null
+++ b/source/java/org/alfresco/encryption/KeyStoreKeyProviderTest.java
@@ -0,0 +1,181 @@
+package org.alfresco.encryption;
+
+import java.io.FileNotFoundException;
+import java.io.InputStream;
+import java.security.Key;
+import java.security.KeyStore;
+import java.security.UnrecoverableKeyException;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+import junit.framework.TestCase;
+
+import org.alfresco.encryption.KeyStoreLoader;
+import org.alfresco.encryption.KeystoreKeyProvider;
+import org.alfresco.error.AlfrescoRuntimeException;
+import org.alfresco.util.ApplicationContextHelper;
+import org.springframework.context.ApplicationContext;
+
+/**
+ * Tests {@link KeystoreKeyProvider}
+ * 
+ * @author Derek Hulley
+ * @since 4.0
+ */
+public class KeyStoreKeyProviderTest extends TestCase
+{
+    private static final String FILE_ONE = "classpath:alfresco/keystore-tests/ks-test-1.jks";
+    private static final String FILE_TWO = "classpath:alfresco/keystore-tests/ks-test-2.jks";
+    private static final String FILE_THREE = "classpath:alfresco/keystore-tests/ks-test-3.jks";
+    private static final String ALIAS_ONE = "mykey1";
+    private static final String ALIAS_TWO = "mykey2";
+    private static final String ALIAS_THREE = "mykey3";
+    
+    /**
+     * Helper utility to create a two-alias keystore.
+     * <p/>
+     * TODO: Allow the required aliases and key types to be specified and generate
+     *       a keystore on the fly
+     */
+    /* package */ static KeystoreKeyProvider getTestKeyStoreProvider()
+    {
+        Map<String, String> passwords = new HashMap<String, String>(5);
+        passwords.put(KeystoreKeyProvider.KEY_KEYSTORE_PASSWORD, "ksPwd2");
+        passwords.put(ALIAS_ONE, "aliasPwd1");
+        passwords.put(ALIAS_TWO, "aliasPwd2");
+        KeystoreKeyProvider ks = new KeystoreKeyProvider(
+                FILE_TWO,
+                getKeyStoreLoader(),
+                "SunJCE",
+                "JCEKS",
+                passwords);
+        return ks;
+    }
+    
+    protected static KeyStoreLoader getKeyStoreLoader()
+    {
+    	return new SpringKeyStoreLoader();
+    }
+    
+    public void setUp() throws Exception
+    {
+    }
+    
+    public void testNoKeyStorePasswords() throws Exception
+    {
+        KeystoreKeyProvider keyProvider = new KeystoreKeyProvider(
+                FILE_ONE,
+                getKeyStoreLoader(),
+                "SunJCE",
+                "JCEKS",
+                Collections.<String,String>emptyMap());
+        // This has succeeded because we have not attempted to access it
+        assertNull("Should be no keys available", keyProvider.getKey(ALIAS_ONE));
+    }
+    
+    public void testKeyStoreWithOnlyAliasPasswords() throws Exception
+    {
+        KeystoreKeyProvider keyProvider = new KeystoreKeyProvider(
+                FILE_TWO,
+                getKeyStoreLoader(),
+                "SunJCE",
+                "JCEKS",
+                Collections.singletonMap(ALIAS_ONE, "aliasPwd1"));
+        // This has succeeded because we have not attempted to access it
+        assertNotNull("Should be able to key alias with same password", keyProvider.getKey(ALIAS_ONE));
+    }
+    
+    public void testAliasWithIncorrectPassword_One() throws Exception
+    {
+        try
+        {
+            new KeystoreKeyProvider(
+                    FILE_ONE,
+                    getKeyStoreLoader(),
+                    "SunJCE",
+                    "JCEKS",
+                    Collections.singletonMap(ALIAS_ONE, "password_fail"));
+            fail("Expect to fail because password is incorrect");
+        }
+        catch (AlfrescoRuntimeException e)
+        {
+            // Expected
+            assertTrue(e.getCause() instanceof UnrecoverableKeyException);
+        }
+    }
+    
+    public void testAliasWithIncorrectPassword_Two() throws Exception
+    {
+        try
+        {
+            new KeystoreKeyProvider(
+                    FILE_TWO,
+                    getKeyStoreLoader(),
+                    "SunJCE",
+                    "JCEKS",
+                    Collections.singletonMap(ALIAS_TWO, "password_fail"));
+            fail("Expect to fail because password is incorrect");
+        }
+        catch (AlfrescoRuntimeException e)
+        {
+            // Expected
+            assertTrue(e.getCause() instanceof UnrecoverableKeyException);
+        }
+    }
+    
+    public void testAliasWithCorrectPassword_One() throws Exception
+    {
+        KeystoreKeyProvider ks = new KeystoreKeyProvider(
+                FILE_ONE,
+                getKeyStoreLoader(),
+                "SunJCE",
+                "JCEKS",
+                Collections.singletonMap(ALIAS_ONE, "aliasPwd1"));
+        Key keyOne = ks.getKey(ALIAS_ONE);
+        assertNotNull(keyOne);
+    }
+    
+    public void testAliasWithCorrectPassword_Two() throws Exception
+    {
+        Map<String, String> passwords = new HashMap<String, String>(5);
+        passwords.put(ALIAS_ONE, "aliasPwd1");
+        passwords.put(ALIAS_TWO, "aliasPwd2");
+        KeystoreKeyProvider ks = new KeystoreKeyProvider(
+                FILE_TWO,
+                getKeyStoreLoader(),
+                "SunJCE",
+                "JCEKS",
+                passwords);
+        assertNotNull(ks.getKey(ALIAS_ONE));
+        assertNotNull(ks.getKey(ALIAS_TWO));
+    }
+    
+    public void testAliasWithCorrectPassword_Three() throws Exception
+    {
+        Map<String, String> passwords = new HashMap<String, String>(5);
+        passwords.put(ALIAS_ONE, "aliasPwd1");
+        passwords.put(ALIAS_TWO, "aliasPwd2");
+        passwords.put(ALIAS_THREE, "aliasPwd3");
+        KeystoreKeyProvider ks = new KeystoreKeyProvider(
+                FILE_THREE,
+                getKeyStoreLoader(),
+                "SunJCE",
+                "JCEKS",
+                passwords);
+        assertNotNull(ks.getKey(ALIAS_ONE));
+        assertNotNull(ks.getKey(ALIAS_TWO));
+        assertNull(ks.getKey(ALIAS_THREE));
+    }
+    
+    /**
+     * TODO: Do we need spring-crypto when it is V1.0?
+     */
+    public void DISABLED_testSpringCrypto() throws Throwable
+    {
+        ApplicationContext ctx = ApplicationContextHelper.getApplicationContext(
+                new String[] {"alfresco/keystore-tests/encryption-test-context.xml"});
+        @SuppressWarnings("unused")
+        KeyStore ks1 = (KeyStore) ctx.getBean("ks-test-1");
+    }
+}