From bbf70c87ea50320589c99e9435b6253690dcd256 Mon Sep 17 00:00:00 2001 From: 13009 Date: Tue, 18 Jun 2024 17:52:24 +0800 Subject: [PATCH] =?UTF-8?q?test:=20=E6=B7=BB=E5=8A=A0=E8=AF=81=E4=B9=A6?= =?UTF-8?q?=E7=BC=96=E5=8F=B7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/czcb/scfs/api/core/KeyText.java | 54 ++++++++ .../api/core/cipher/DefaultSignatureTest.java | 2 +- .../api/core/cipher/DefaultValidatorTest.java | 40 +++++- .../cipher/LocalCertificateProviderTest.java | 30 +++-- .../api/core/http/ApiClientBuilderTest.java | 6 +- .../client/ApacheHttpclientProxyTest.java | 4 +- .../http/client/ApacheHttpclientTest.java | 4 +- .../client/ApacheHttpclientTestProxyTest.java | 4 +- .../http/client/ApacheHttpclientV2Test.java | 4 +- .../http/client/ApacheHttpclientV3Test.java | 4 +- .../client/ApacheHttpclientValidTest.java | 125 ++++++++++++++++++ .../scfs/api/core/http/client/TestSigner.java | 4 +- 12 files changed, 255 insertions(+), 26 deletions(-) create mode 100644 scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientValidTest.java diff --git a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/KeyText.java b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/KeyText.java index cacee91..11cd025 100644 --- a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/KeyText.java +++ b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/KeyText.java @@ -39,6 +39,7 @@ public final class KeyText { "E6ZWsef5uyYdyjLp2C4cl2A=\n" + "-----END PRIVATE KEY-----\n"; + // 证书编号 6CDDAA92CAD75998325027647847330C1756291 public static final String CERTIFICATE_TEXT_RSA = "-----BEGIN CERTIFICATE-----\n" + "MIIDyzCCArOgAwIBAgIUBs3aqSytdZmDJQJ2R4RzMMF1YpEwDQYJKoZIhvcNAQEL\n" + "BQAwgY0xCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAnmtZnmsZ/nnIExEjAQBgNVBAcM\n" + @@ -117,6 +118,52 @@ public final class KeyText { "ZPZc8varEGWYvhF+K+hl70kdaBz7hwOX6dg3e2/yuOEzkD3LeTwpA4M=\n" + "-----END CERTIFICATE-----"; + // 失效的 + public static final String PRIVATE_RSA_INVALID = "-----BEGIN PRIVATE KEY-----\n" + + "MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCfHOgnUYbFi780EX9xQTdWPvCy\n" + + "BhaEnU5Y2p1bW4dHoumgEtjQOkLlRe3Ug1lu6TfhuE9YOQ9+V+Dsnzt7MXIRI7KlOuwpfwXn3e/M\n" + + "YP5ZtDBUiuSGNNVSP39wgb6aYXhvFY/Lm9gaO8Q4rauzK94Clw4sH3a7J6ST50xHss8VjSVFUkcP\n" + + "hpH+OJBTUrXWiccZCn01XDz0vmq6J3AujM55WBEmoz2r9iiVdCjZsgB4veQIpCKuMvJsEXVgRzUL\n" + + "UnaqdX+7BTDBs30kCGyyBarR+wXLAKNQ1nENFs1IGM99I+O8UsD6CvUnt2t7l3B8/qIlOSfds8x+\n" + + "BoUxQwhmUaMjAgMBAAECggEAQ+meKz4QdJvnse0wBKKN4Hl/2bRggxzzVliFJnvEG27tIb45nXLo\n" + + "n5x/3R9tGjpf+C9namP8eXQ/1C9Iv5XEto0SkJS8PR/y4NspIYZaueX/ZO5diOzfCjqBBf/S32jv\n" + + "8xX0aLbtf5D3+SsjaJe2LEvWKD4Luuk6RUjJlaa73dnSuGFSuvYV8MvFdHtfU8L8ZRoqZwmM9QTg\n" + + "+Gpix4z6Hy/Mmi1xRl0EhIITq+mV9wR9Ock/0o12nvsNDyDSyrrt3niXTTkVCbct+t4UFwtnrZyH\n" + + "dwl1OQ+WleTkUQY+wNgpq4jLjwGowXnqXlKff3tvXEt+3tpdOS8i+kXYwIrvIQKBgQDVnldDo2iq\n" + + "TwLcZjXbreHskn/4hvWYUPqucEZ93jmyYNKUKPlXkVnc+kXnS0uuM5JZpi/7+FDkTqwHK83ET4/n\n" + + "kTC9zM+K7KyIBbljclPjzXYJAW7nwD8A/vKx6CWi++f4buYc+lttsTprdAZ4/kWPTnvNJSjhSTAR\n" + + "SQ32HxkiIQKBgQC+rjujW31WN4d2j48+K0B+7bIQON+VtmBZ48u2ZIQOi4PdoBvHv8HqQyhJlR+6\n" + + "z49k5WczSqAXdG2+nIgs8fpjj0lc7YiMIYs0VsLodOToH9J2MfXjWi+A4Y2vbfcjfUuCWhKSZs6B\n" + + "eMLNe1LPIBDmlT3A1X83qkCpvAYYQWAkwwKBgFVtslZRZk0dtfYwRf+phT1XxSe9yT/1uprCOd6i\n" + + "XY6RnAU2cajsbvSpfgUmnoh3BWMmy+/HeYokUDW59ds5OkKQVN7CpolXZxQqvd4gXZ4vj7HASfsS\n" + + "bd/XFXXCcjLA7R70MsCJ+sBebQ+F4gTHI0hRSb9bygJ2g2uWPKgd/a4hAoGABCtZIHxKpEz4iE4h\n" + + "SrG1alEWOKaVtPdU6gJCHQ3bmVnRm1H56Yc23UF0qw84r2QEdadSd1ulXn3sPGO90oXD/NNQPljv\n" + + "SGkfWxiekGil7LFtb6ot/zeknEPSTkiwQ7VkpkgD6fGXiFs0nzuYFvFTjUcsH4BLlNMDMPLsizE6\n" + + "wfMCgYANvw4Lq1cVfHAl3f6IZlpWHPFEEJbPcBLu9+qtUlZjleCaWA8WXuiBxkqaIkeVi3JMst34\n" + + "adfIfBsAk4FeyLpkiTYNjOckZvXFXYKA3a05l/RJ5rsnnI9GRh+3Gk3V+87OU7HwMU6jNZmQiPIO\n" + + "/jerEvZ9A5tbuzKkfJj2F0ZXfw==\n" + + "-----END PRIVATE KEY-----"; + + // 失效的证书 823CF3E310F2E2ED1AF85506E74A95DC4301006FDEF2FD019953FAF4DE12A8BF + public static final String CERTIFICATE_RSA_INVALID = "-----BEGIN CERTIFICATE-----\n" + + "MIIDeTCCAmGgAwIBAgIhAII88+MQ8uLtGvhVBudKldxDAQBv3vL9AZlT+vTeEqi/MA0GCSqGSIb3\n" + + "DQEBCwUAMIGNMQswCQYDVQQGEwJDTjESMBAGA1UECAwJ5rWZ5rGf55yBMRIwEAYDVQQHDAnmna3l\n" + + "t57luIIxITAfBgNVBAoMGOa1meaxn+eooOW3nuWVhuS4mumTtuihjDEYMBYGA1UECwwP5pWw5a2X\n" + + "6YeR6J6N6YOoMRkwFwYDVQQDDBBzY2ZzLmN6Y2IuY29tLmNuMB4XDTIzMDYxODA5MDczMVoXDTI0\n" + + "MDYxODA5MDczMVowUjELMAkGA1UEBhMCQ04xEjAQBgNVBAgMCea1meaxn+ecgTESMBAGA1UEBwwJ\n" + + "5p2t5bee5biCMRswGQYDVQQKDBLnqKDlt57llYbkuJrpk7booYwwggEiMA0GCSqGSIb3DQEBAQUA\n" + + "A4IBDwAwggEKAoIBAQCfHOgnUYbFi780EX9xQTdWPvCyBhaEnU5Y2p1bW4dHoumgEtjQOkLlRe3U\n" + + "g1lu6TfhuE9YOQ9+V+Dsnzt7MXIRI7KlOuwpfwXn3e/MYP5ZtDBUiuSGNNVSP39wgb6aYXhvFY/L\n" + + "m9gaO8Q4rauzK94Clw4sH3a7J6ST50xHss8VjSVFUkcPhpH+OJBTUrXWiccZCn01XDz0vmq6J3Au\n" + + "jM55WBEmoz2r9iiVdCjZsgB4veQIpCKuMvJsEXVgRzULUnaqdX+7BTDBs30kCGyyBarR+wXLAKNQ\n" + + "1nENFs1IGM99I+O8UsD6CvUnt2t7l3B8/qIlOSfds8x+BoUxQwhmUaMjAgMBAAEwDQYJKoZIhvcN\n" + + "AQELBQADggEBACRCHOYH8ncOiYjMm3As7OFdnVDuGByMoZsDucqwrs0mJZVdp3OMgvGhC9zkzdZX\n" + + "sJFKQeIRp/13cD1SKxtwfU7w4J+/FWpWPEG9Jf2bLqurYivu0tTa1xe5SDL4unNaj/o7BA0vaKJe\n" + + "gagyULAilNCGBCfy59BSR/GQbgAC6pdl3soMx/s1c9BcZVplbq12/rmStGce6h3QqNjwpRMowbVW\n" + + "XswXhr08AUevF7UriDjHkCsa6MqQ5x+ShV9qO1f2LDYBQRnM2Ty44EV5eUbHyKOJAYF+WqT6IRiA\n" + + "2sMZrKRTHaNZB4j0Vc87HuxDtTNh/EEXU2sO31WZHs3ymAChbC4=\n" + + "-----END CERTIFICATE-----"; + public static PrivateKey loadTestPrivateKeyRSA2() { return PemFile.loadPrivateKeyFromString(PRIVATE_RSA_2); } @@ -125,4 +172,11 @@ public final class KeyText { return PemFile.loadX509FromString(CERTIFICATE_RSA_2); } + public static PrivateKey loadPrivateKeyInvalid() { + return PemFile.loadPrivateKeyFromString(PRIVATE_RSA_INVALID); + } + + public static X509Certificate loadCertificateInvalid() { + return PemFile.loadX509FromString(CERTIFICATE_RSA_INVALID); + } } diff --git a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/cipher/DefaultSignatureTest.java b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/cipher/DefaultSignatureTest.java index ae4e4dd..a095a57 100644 --- a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/cipher/DefaultSignatureTest.java +++ b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/cipher/DefaultSignatureTest.java @@ -18,7 +18,7 @@ class DefaultSignatureTest { certificates.add(KeyText.loadTestRSA()); CertificateProvider provider = new LocalCertificateProvider(certificates); - Signer signer = new TestSigner(KeyText.loadTestPrivateKeyRSA()); + Signer signer = new TestSigner(KeyText.loadTestPrivateKeyRSA(), ""); Verifier verifier = new TestVerifier(provider); DefaultSignature signature = new DefaultSignature(provider, signer, verifier); diff --git a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/cipher/DefaultValidatorTest.java b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/cipher/DefaultValidatorTest.java index 23ffec4..a79f5b0 100644 --- a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/cipher/DefaultValidatorTest.java +++ b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/cipher/DefaultValidatorTest.java @@ -32,7 +32,36 @@ class DefaultValidatorTest { list.add(certificate); CertificateProvider certificateProvider = new LocalCertificateProvider(list); Privacy privacy = new TestPrivacy(privateKey, certificateProvider); - Signature signature = new DefaultSignature(certificateProvider, new TestSigner(privateKey), new TestVerifier(certificateProvider)); + Signature signature = new DefaultSignature(certificateProvider, + new TestSigner(privateKey, "6CDDAA92CAD75998325027647847330C1756291"), + new TestVerifier(certificateProvider)); + + return new TestProfile( + privacy, + signature, + new DefaultChannel.Builder() + .channelNo("000000") + .appNo("111111") + .build(), + new DefaultHttpProfile.Builder() + .online(false) + .logLevel(LogLevel.basic) + .compressionEnabled(false) + .host("http://127.0.0.1:8888") + .build() + ); + } + + Profile buildProfileInvalid() { + PrivateKey privateKey = KeyText.loadPrivateKeyInvalid(); + X509Certificate certificate = KeyText.loadCertificateInvalid(); + List list = new ArrayList<>(); + list.add(certificate); + CertificateProvider certificateProvider = new LocalCertificateProvider(list); + Privacy privacy = new TestPrivacy(privateKey, certificateProvider); + Signature signature = new DefaultSignature(certificateProvider, + new TestSigner(privateKey, "823CF3E310F2E2ED1AF85506E74A95DC4301006FDEF2FD019953FAF4DE12A8BF"), + new TestVerifier(certificateProvider)); return new TestProfile( privacy, @@ -281,4 +310,13 @@ class DefaultValidatorTest { Assertions.assertNotNull(defaultValidator.getProfile()); Assertions.assertEquals("000000", defaultValidator.getProfile().getChannel().getChannelNo()); } + + @Test + void testValidate() { + Assertions.assertDoesNotThrow(() -> new DefaultValidator(buildProfile()).validate(null)); + + DefaultValidator defaultValidator = new DefaultValidator(buildProfileInvalid()); + ValidationException exception = Assertions.assertThrows(ValidationException.class, () -> defaultValidator.validate(null)); + Assertions.assertEquals("证书已失效, 序列号:823CF3E310F2E2ED1AF85506E74A95DC4301006FDEF2FD019953FAF4DE12A8BF", exception.getMessage()); + } } \ No newline at end of file diff --git a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/cipher/LocalCertificateProviderTest.java b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/cipher/LocalCertificateProviderTest.java index 2dbe369..316c16f 100644 --- a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/cipher/LocalCertificateProviderTest.java +++ b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/cipher/LocalCertificateProviderTest.java @@ -10,17 +10,6 @@ import java.util.List; class LocalCertificateProviderTest { -// @Test -// void getCertificate() { -// String xx = "38844645436081632637265568516991627875287655057"; -// X509Certificate certificate = KeyText.loadTestRSA(); -// -// List list = new ArrayList<>(); -// list.add(certificate); -// LocalCertificateProvider provider = new LocalCertificateProvider(list); -//// Assertions.assertNotNull(provider.getCertificate(xx)); -// } - @Test void getAvailableCertificate() { X509Certificate certificate = KeyText.loadTestRSA(); @@ -34,8 +23,21 @@ class LocalCertificateProviderTest { @Test void testGetAvailableCertificate() { List data = new ArrayList<>(); - Assertions.assertThrows(IllegalArgumentException.class, () -> { - new LocalCertificateProvider(data); - }); + Assertions.assertNull(new LocalCertificateProvider(data).getAvailableCertificate()); + Assertions.assertNull(new LocalCertificateProvider(null).getAvailableCertificate()); + } + + @Test + void testGetAvailableCertificateInvalid() { + List data = new ArrayList<>(); + data.add(KeyText.loadCertificateInvalid()); + LocalCertificateProvider provider = new LocalCertificateProvider(data); + X509Certificate certificate = provider.getAvailableCertificate(); + Assertions.assertNotNull(certificate); + + X509Certificate tmp = provider.getCertificate("823CF3E310F2E2ED1AF85506E74A95DC4301006FDEF2FD019953FAF4DE12A8BF"); + Assertions.assertNotNull(tmp); + + Assertions.assertFalse(provider.isAvailableCertificate("823CF3E310F2E2ED1AF85506E74A95DC4301006FDEF2FD019953FAF4DE12A8BF")); } } \ No newline at end of file diff --git a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/ApiClientBuilderTest.java b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/ApiClientBuilderTest.java index ae55f9c..72b0a02 100644 --- a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/ApiClientBuilderTest.java +++ b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/ApiClientBuilderTest.java @@ -29,7 +29,7 @@ class ApiClientBuilderTest { list.add(certificate); CertificateProvider certificateProvider = new LocalCertificateProvider(list); Privacy privacy = new TestPrivacy(privateKey, certificateProvider); - Signature signature = new DefaultSignature(certificateProvider, new TestSigner(privateKey), new TestVerifier(certificateProvider)); + Signature signature = new DefaultSignature(certificateProvider, new TestSigner(privateKey,""), new TestVerifier(certificateProvider)); return new TestProfile( privacy, @@ -106,7 +106,7 @@ class ApiClientBuilderTest { list.add(certificate); CertificateProvider certificateProvider = new LocalCertificateProvider(list); Privacy privacy = new TestPrivacy(privateKey, certificateProvider); - Signature signature = new DefaultSignature(certificateProvider, new TestSigner(privateKey), new TestVerifier(certificateProvider)); + Signature signature = new DefaultSignature(certificateProvider, new TestSigner(privateKey,""), new TestVerifier(certificateProvider)); return new TestProfile( privacy, @@ -126,7 +126,7 @@ class ApiClientBuilderTest { list.add(certificate); CertificateProvider certificateProvider = new LocalCertificateProvider(list); Privacy privacy = new TestPrivacy(privateKey, certificateProvider); - Signature signature = new DefaultSignature(certificateProvider, new TestSigner(privateKey), new TestVerifier(certificateProvider)); + Signature signature = new DefaultSignature(certificateProvider, new TestSigner(privateKey,""), new TestVerifier(certificateProvider)); return new TestProfile( privacy, diff --git a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientProxyTest.java b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientProxyTest.java index 9daa86e..493c87d 100644 --- a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientProxyTest.java +++ b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientProxyTest.java @@ -43,7 +43,9 @@ class ApacheHttpclientProxyTest { list.add(certificate); CertificateProvider certificateProvider = new LocalCertificateProvider(list); Privacy privacy = new TestPrivacy(privateKey, certificateProvider); - Signature signature = new DefaultSignature(certificateProvider, new TestSigner(privateKey), new TestVerifier(certificateProvider)); + Signature signature = new DefaultSignature(certificateProvider, + new TestSigner(privateKey, "6CDDAA92CAD75998325027647847330C1756291"), + new TestVerifier(certificateProvider)); return new TestProfile( privacy, signature, new DefaultChannel.Builder() diff --git a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientTest.java b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientTest.java index 4ac9b9b..1164869 100644 --- a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientTest.java +++ b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientTest.java @@ -48,7 +48,9 @@ class ApacheHttpclientTest { list.add(certificate); CertificateProvider certificateProvider = new LocalCertificateProvider(list); Privacy privacy = new TestPrivacy(privateKey, certificateProvider); - Signature signature = new DefaultSignature(certificateProvider, new TestSigner(privateKey), new TestVerifier(certificateProvider)); + Signature signature = new DefaultSignature(certificateProvider, + new TestSigner(privateKey, "6CDDAA92CAD75998325027647847330C1756291"), + new TestVerifier(certificateProvider)); return new TestProfile( privacy, signature, new DefaultChannel.Builder() diff --git a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientTestProxyTest.java b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientTestProxyTest.java index 108d3ee..614832d 100644 --- a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientTestProxyTest.java +++ b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientTestProxyTest.java @@ -43,7 +43,9 @@ class ApacheHttpclientTestProxyTest { list.add(certificate); CertificateProvider certificateProvider = new LocalCertificateProvider(list); Privacy privacy = new TestPrivacy(privateKey, certificateProvider); - Signature signature = new DefaultSignature(certificateProvider, new TestSigner(privateKey), new TestVerifier(certificateProvider)); + Signature signature = new DefaultSignature(certificateProvider, + new TestSigner(privateKey, "6CDDAA92CAD75998325027647847330C1756291"), + new TestVerifier(certificateProvider)); return new TestProfile( privacy, signature, new DefaultChannel.Builder() diff --git a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientV2Test.java b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientV2Test.java index 6d0a808..4cfe9c4 100644 --- a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientV2Test.java +++ b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientV2Test.java @@ -44,7 +44,9 @@ class ApacheHttpclientV2Test { list.add(certificate); CertificateProvider certificateProvider = new LocalCertificateProvider(list); Privacy privacy = new TestPrivacy(privateKey, certificateProvider); - Signature signature = new DefaultSignature(certificateProvider, new TestSigner(privateKey), new TestVerifier(certificateProvider)); + Signature signature = new DefaultSignature(certificateProvider, + new TestSigner(privateKey, "6CDDAA92CAD75998325027647847330C1756291"), + new TestVerifier(certificateProvider)); return new TestProfile( privacy, signature, new DefaultChannel.Builder() diff --git a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientV3Test.java b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientV3Test.java index b4d480b..ac15e08 100644 --- a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientV3Test.java +++ b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientV3Test.java @@ -44,7 +44,9 @@ class ApacheHttpclientV3Test { list.add(certificate); CertificateProvider certificateProvider = new LocalCertificateProvider(list); Privacy privacy = new TestPrivacy(privateKey, certificateProvider); - Signature signature = new DefaultSignature(certificateProvider, new TestSigner(privateKey), new TestVerifier(certificateProvider)); + Signature signature = new DefaultSignature(certificateProvider, + new TestSigner(privateKey,"6CDDAA92CAD75998325027647847330C1756291"), + new TestVerifier(certificateProvider)); return new TestProfile( privacy, signature, new DefaultChannel.Builder() diff --git a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientValidTest.java b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientValidTest.java new file mode 100644 index 0000000..70f854f --- /dev/null +++ b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientValidTest.java @@ -0,0 +1,125 @@ +package com.czcb.scfs.api.core.http.client; + +import com.czcb.scfs.api.core.*; +import com.czcb.scfs.api.core.cipher.*; +import com.czcb.scfs.api.core.exception.ValidationException; +import com.czcb.scfs.api.core.http.*; +import com.czcb.scfs.api.core.util.DateTimes; +import com.czcb.scfs.api.core.util.Nonce; +import com.czcb.scfs.api.core.util.Strings; +import com.google.gson.Gson; +import org.junit.jupiter.api.Assertions; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; +import org.mockserver.client.MockServerClient; +import org.mockserver.junit.jupiter.MockServerExtension; +import org.mockserver.junit.jupiter.MockServerSettings; + +import java.nio.charset.StandardCharsets; +import java.security.PrivateKey; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.List; + +import static com.czcb.scfs.api.core.Constants.*; +import static org.mockserver.model.HttpRequest.request; +import static org.mockserver.model.HttpResponse.response; + +@ExtendWith(MockServerExtension.class) +@MockServerSettings(ports = {8888}) +class ApacheHttpclientValidTest { + private MockServerClient client; + + @BeforeEach + public void beforeEachLifecyleMethod(MockServerClient client) { + this.client = client; + } + + private Profile profile() { + PrivateKey privateKey = KeyText.loadPrivateKeyInvalid(); + X509Certificate certificate = KeyText.loadCertificateInvalid(); + List list = new ArrayList<>(); + list.add(certificate); + CertificateProvider certificateProvider = new LocalCertificateProvider(list); + Privacy privacy = new TestPrivacy(privateKey, certificateProvider); + Signature signature = new DefaultSignature(certificateProvider, + new TestSigner(privateKey, "823CF3E310F2E2ED1AF85506E74A95DC4301006FDEF2FD019953FAF4DE12A8BF"), + new TestVerifier(certificateProvider)); + + return new TestProfile( + privacy, signature, new DefaultChannel.Builder() + .channelNo("0000") + .appNo("100000") + .build(), new DefaultHttpProfile.Builder() + .online(false) + .logLevel(LogLevel.basic) + .compressionEnabled(false) + .host("http://127.0.0.1:8888") + .build() + ); + } + + @Test + void doRemoteExecuteInvalid() { + ApiClient apiClient = ApiClientBuilder.custom() + .profile(profile()) + .build(); + + // 对称密钥 + byte[] secret = apiClient.getProfile().getPrivacy().getSecretCipher().getSecretKey(); + // 加密响应报文 + String responseBody = apiClient.getProfile().getPrivacy().getSecretCipher().encrypt(secret, "{\"a\":\"123\"}".getBytes(StandardCharsets.UTF_8)); + + // 加密对称密钥 + String secretKey = apiClient.getProfile().getPrivacy().getEncryptor().encrypt(Strings.toStr(secret)); + + org.mockserver.model.HttpResponse mock = response() + .withBody(responseBody) + .withHeader(NONCE, Nonce.ofNonce()) + .withHeader(SECRET_KEY, secretKey) + .withHeader(BANK_CERTIFICATE_SERIAL, "823CF3E310F2E2ED1AF85506E74A95DC4301006FDEF2FD019953FAF4DE12A8BF") + .withHeader(CHANNEL_CERTIFICATE_SERIAL, "823CF3E310F2E2ED1AF85506E74A95DC4301006FDEF2FD019953FAF4DE12A8BF") + .withHeader(REQUEST_ID, Nonce.ofNonce()) + .withHeader(TIMESTAMP, DateTimes.ofTimestamp() + 800); + + String buildAuth = NONCE + "=" + mock.getHeader(NONCE).get(0) + "," + + TIMESTAMP + "=" + mock.getHeader(TIMESTAMP).get(0) + "," + + BANK_CERTIFICATE_SERIAL + "=" + mock.getHeader(BANK_CERTIFICATE_SERIAL).get(0) + "," + + CHANNEL_CERTIFICATE_SERIAL + "=" + mock.getHeader(CHANNEL_CERTIFICATE_SERIAL).get(0) + "," + + SECRET_KEY + "=" + secretKey; + + String message = buildAuth + "\n" + "\n"; + mock.withHeader(SIGNATURE, apiClient.getProfile().getSignature().getSigner().sign(message).getSignature()); + + client.when(request() + .withMethod(HttpMethod.POST.getUpperName()) + .withPath("/mock/invalid") + ).respond(mock); + + TestRequest request = new TestRequest(); + RequestBody requestBody = new JsonRequestBody.Builder() + .body(new Gson().toJson(request)) + .build(); + + HttpHeaders headers = new HttpHeaders(); + ValidationException exception = Assertions.assertThrows(ValidationException.class, () -> apiClient.post("/mock/invalid", headers, requestBody, TestResponse.class)); + Assertions.assertEquals("证书已失效, 序列号:823CF3E310F2E2ED1AF85506E74A95DC4301006FDEF2FD019953FAF4DE12A8BF", exception.getMessage()); + } + + + public static class TestRequest implements ApiRequest { + } + + public static class TestResponse implements ApiResponse { + private String name; + + public String getName() { + return name; + } + + public void setName(String name) { + this.name = name; + } + } +} \ No newline at end of file diff --git a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/TestSigner.java b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/TestSigner.java index 5a5af34..a6cacb2 100644 --- a/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/TestSigner.java +++ b/scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/TestSigner.java @@ -13,7 +13,7 @@ public class TestSigner extends AbstractSigner { /** * @param privateKey API私钥 */ - public TestSigner(PrivateKey privateKey) { - super("SHA256withRSA", "SHA256withRSA", privateKey, null, ""); + public TestSigner(PrivateKey privateKey, String certificateSerialNumber) { + super("SHA256withRSA", "SHA256withRSA", privateKey, null, certificateSerialNumber); } }