View Javadoc
1   package civitas.crypto.rsapublickey;
2   
3   import static org.junit.jupiter.api.Assertions.assertFalse;
4   import static org.junit.jupiter.api.Assertions.assertThrows;
5   import static org.junit.jupiter.api.Assertions.assertTrue;
6   import static org.mockito.Mockito.verify;
7   
8   import java.security.InvalidKeyException;
9   import java.security.SignatureException;
10  
11  import org.bouncycastle.crypto.CryptoException;
12  import org.junit.jupiter.api.DisplayName;
13  import org.junit.jupiter.api.Test;
14  import org.mockito.InjectMocks;
15  
16  import civitas.common.RandomAwareTestBase;
17  import civitas.crypto.signature.SignatureTestData;
18  import civitas.util.BasicValuesTestData;
19  
20  class VerifyPublicKeySignatureTest extends RandomAwareTestBase implements SignatureTestData, BasicValuesTestData {
21  	@InjectMocks
22  	VerifyPublicKeySignature verifyPublicKeySignature;
23  
24  	@Test
25  	@DisplayName("verifies that the signature bytes are the signature of the bytes using the given public key")
26  	void test() throws CryptoException, InvalidKeyException, SignatureException {
27  		assertTrue(verifyPublicKeySignature.apply(
28  				SIGNATURE_OF_AUTH_NONCE_WITH_KEY, PUBLIC_KEY, AUTHENTICATION_NONCE.getBytes()));
29  		verify(verifyPublicKeySignature.cryptoBase.rsaSigner).initVerify(PUBLIC_KEY);
30  		verify(verifyPublicKeySignature.cryptoBase.rsaSigner).update(AUTHENTICATION_NONCE.getBytes());
31  		verify(verifyPublicKeySignature.cryptoBase.rsaSigner).verify(SIGNATURE_OF_AUTH_NONCE_WITH_KEY_BYTES);
32  	}
33  
34  	@Test
35  	@DisplayName("if the verification fails, returns false")
36  	void test_1() throws CryptoException {
37  		assertFalse(
38  				verifyPublicKeySignature.apply(SIGNATURE_BAD_WITH_KEY, PUBLIC_KEY, AUTHENTICATION_NONCE.getBytes()));
39  	}
40  
41  	@Test
42  	@DisplayName("if the key or the signature is bad, a  CryptoException is thrown")
43  	void test2() {
44  		assertThrows(
45  				CryptoException.class,
46  				() -> verifyPublicKeySignature.apply(
47  						SIGNATURE_OF_AUTH_NONCE_WITH_KEY, PUBLIC_KEY_BAD, AUTHENTICATION_NONCE.getBytes()));
48  	}
49  
50  	@Test
51  	@DisplayName("in case no public key given, the one in the signature is used"
52  			+ "- converts the string in the sigature to a public key\n"
53  			+ "- uses the check expecting the public key")
54  	void test1() throws CryptoException {
55  		assertTrue(verifyPublicKeySignature.apply(SIGNATURE_OF_AUTH_NONCE_WITH_KEY, AUTHENTICATION_NONCE.getBytes()));
56  		verify(verifyPublicKeySignature.convertStringToPublicKey).apply(PUBLIC_KEY_BASE64);
57  	}
58  
59  	@Test
60  	@DisplayName("bad signature does not check in case no public key given")
61  	void test1_1() throws CryptoException {
62  		assertFalse(verifyPublicKeySignature.apply(SIGNATURE_OF_AUTH_NONCE_WITH_KEY2, AUTHENTICATION_NONCE.getBytes()));
63  	}
64  
65  	@Test
66  	@DisplayName("when the message is a string, its hash is computed, and the signature of the hash is verified")
67  	void test3() throws CryptoException, InvalidKeyException, SignatureException {
68  		boolean expected = verifyPublicKeySignature.apply(SIGNATURE_OF_SOMESTRING_WITH_KEY, PUBLIC_KEY, SOMESTRING);
69  		verify(verifyPublicKeySignature.cryptoHash).apply(SOMESTRING.getBytes());
70  		verify(verifyPublicKeySignature.cryptoBase.rsaSigner).initVerify(PUBLIC_KEY);
71  		verify(verifyPublicKeySignature.cryptoBase.rsaSigner).update(SOMESTRING_HASH);
72  		verify(verifyPublicKeySignature.cryptoBase.rsaSigner).verify(SIGNATURE_OF_SOMESTRING_WITH_KEY_BYTES);
73  		assertTrue(expected);
74  	}
75  
76  	@Test
77  	@DisplayName("bad signature does not check when the message is a string")
78  	void test3_1() throws CryptoException {
79  		assertFalse(verifyPublicKeySignature.apply(SIGNATURE_BAD_WITH_KEY, PUBLIC_KEY, SOMESTRING));
80  	}
81  
82  	@Test
83  	@DisplayName(
84  			"when the message is a string and no explicit public key is given, then the check uses the hash of the string and the public key from the signature")
85  	void test4() throws CryptoException {
86  		boolean expected = verifyPublicKeySignature.apply(SIGNATURE_OF_SOMESTRING_WITH_KEY, SOMESTRING);
87  		verify(verifyPublicKeySignature.cryptoHash).apply(SOMESTRING.getBytes());
88  		assertTrue(expected);
89  	}
90  
91  	@Test
92  	@DisplayName("bad signature does not check when the message is a string and no explicit public key is given")
93  	void test4_1() throws CryptoException {
94  		assertFalse(verifyPublicKeySignature.apply(SIGNATURE_BAD_WITH_KEY, SOMESTRING_BASE64));
95  	}
96  }