169 lines
10 KiB
Java
169 lines
10 KiB
Java
package api;
|
|
|
|
import com.sunyard.chsm.param.*;
|
|
import com.sunyard.chsm.utils.CodecUtils;
|
|
import lombok.extern.slf4j.Slf4j;
|
|
import org.junit.jupiter.api.AfterAll;
|
|
import org.junit.jupiter.api.Assertions;
|
|
import org.junit.jupiter.api.BeforeAll;
|
|
import org.junit.jupiter.api.Test;
|
|
|
|
import java.util.Collections;
|
|
|
|
/**
|
|
* @author liulu
|
|
* @since 2024/12/24
|
|
*/
|
|
@Slf4j
|
|
public class AsymKeyTest extends BaseTest {
|
|
|
|
private static Long keyId;
|
|
private static final byte[] plain = "hjsu234127qikqwasdqweqwewqdasdasdasdasdasndqqw13412as324".getBytes();
|
|
private static final Long certKeyId = 1871443220005818369L;
|
|
private static final String dn = "CN=cert-test,O=SYD,L=HZ,ST=ZJ,C=CN";
|
|
|
|
private static final String enc_cert = "MIICdjCCAhqgAwIBAgINLGdqVePOjZMIDvBZqDAMBggqgRzPVQGDdQUAMEMxCzAJBgNVBAYTAkNOMQ0wCwYDVQQKDARCSkNBMQ0wCwYDVQQLDARCSkNBMRYwFAYDVQQDDA1URVNUU00yU1VCX1pYMB4XDTI0MTIyNDA1MzQxMVoXDTI1MTIyNDA2MzQxMVowSTELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAlpKMQswCQYDVQQHDAJIWjEMMAoGA1UECgwDU1lEMRIwEAYDVQQDDAljZXJ0LXRlc3QwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAAQDJI7orEc8QVQMblzomR3SPeEqVJdfM46cxquj/JWJ318TZ0gZC1M9YPN9K5NDyaUwnExvGNpnz3PYxbs5nokXo4HqMIHnMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgM4MB0GA1UdDgQWBBSstrPACaBcow1prbZb2mkgzFOatzAfBgNVHSMEGDAWgBSqoPASv2D/pNLeAnE6J6XPnJ71KjA9BgNVHSAENjA0MDIGCSqBHIbvMgICBDAlMCMGCCsGAQUFBwIBFhdodHRwczovL3d3dy5iamNhLmNuL0NQUzBLBgNVHR8ERDBCMECgPqA8hjpodHRwczovL2NybC5pc2lnbmV0LmNuL2NybC9URVNUU00yU1VCX1pYL1RFU1RTTTJTVUJfWlguY3JsMAwGCCqBHM9VAYN1BQADSAAwRQIhAIJj1ERuVaKh+1YtDlE4kDwrK5ewMeH1ADnK+/7DBrwMAiAJ7J9HBqJkwul1yblnX52W4aQhPZt9LLDZZqJhjEd7Sg==";
|
|
private static final String signAttachHsm = "MIIDPQYKKoEcz1UGAQQCAqCCAy0wggMpAgEBMQ4wDAYIKoEcz1UBgxEFADAYBgoqgRzPVQYBBAIBoAoECDEyMzQ1Njc4oIICMjCCAi4wggHSoAMCAQICBgGUAQHeQjAMBggqgRzPVQGDdQUAMEsxCzAJBgNVBAYTAkNOMQ4wDAYDVQQKEwVHTVNTTDEQMA4GA1UECxMHUEtJL1NNMjEaMBgGA1UEAxMRTWlkZGxlQ0EgZm9yIFRlc3QwIhgPMjAyNDEyMjUxNjAwMDBaGA8yMDI1MTIyNTE2MDAwMFowXTELMAkGA1UEBgwCQ04xCzAJBgNVBAgMAnpqMQswCQYDVQQHDAJoejEQMA4GA1UECgwHc3VueWFyZDEQMA4GA1UECwwHc3VueWFyZDEQMA4GA1UEAwwHdGVzdDEyMzBZMBMGByqGSM49AgEGCCqBHM9VAYItA0IABBNw7w5PxepQWwg5tfYoRIwilnqp01YvdY3ZnZD1ShHw6DX4f8cLblHagNazkOU9C5zeXvUWvtrcvZz5s92TLTGjgYkwgYYwGwYDVR0jBBQwEoAQ+X9VtCeUM2KmVspvzF0a/zAZBgNVHQ4EEgQQCR6s1jJA8ENWsIEo61LkMjAxBggrBgEFBQcBAQQlMCMwIQYIKwYBBQUHMAGGFWh0dHBzOi8vb2NzcC5nbXNzbC5jbjAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIAwDAMBggqgRzPVQGDdQUAA0gAMEUCIEaCtRZ8G4OgwhqI6NqxVwfUELvHS7ojkTGbImLX1ZkiAiEApFb7utbtgvL5hkV0Gj/k/CLY0vl+RbYSqAVoPtNEr1oxgcMwgcACAQEwVTBLMQswCQYDVQQGEwJDTjEOMAwGA1UEChMFR01TU0wxEDAOBgNVBAsTB1BLSS9TTTIxGjAYBgNVBAMTEU1pZGRsZUNBIGZvciBUZXN0AgYBlAEB3kIwDAYIKoEcz1UBgxEFADANBgkqgRzPVQGCLQEFAARHMEUCIAt4OoCaP1/AmDZgMFWOfK046l+lNcfXdIYjhAw/nds4AiEA49yH+OAhi+4orHswRRzXE94x7kT9y7+l92kCjaS9EYA=";
|
|
private static final String signDetachHsm = "MIIDMQYKKoEcz1UGAQQCAqCCAyEwggMdAgEBMQ4wDAYIKoEcz1UBgxEFADAMBgoqgRzPVQYBBAIBoIICMjCCAi4wggHSoAMCAQICBgGUAQHeQjAMBggqgRzPVQGDdQUAMEsxCzAJBgNVBAYTAkNOMQ4wDAYDVQQKEwVHTVNTTDEQMA4GA1UECxMHUEtJL1NNMjEaMBgGA1UEAxMRTWlkZGxlQ0EgZm9yIFRlc3QwIhgPMjAyNDEyMjUxNjAwMDBaGA8yMDI1MTIyNTE2MDAwMFowXTELMAkGA1UEBgwCQ04xCzAJBgNVBAgMAnpqMQswCQYDVQQHDAJoejEQMA4GA1UECgwHc3VueWFyZDEQMA4GA1UECwwHc3VueWFyZDEQMA4GA1UEAwwHdGVzdDEyMzBZMBMGByqGSM49AgEGCCqBHM9VAYItA0IABBNw7w5PxepQWwg5tfYoRIwilnqp01YvdY3ZnZD1ShHw6DX4f8cLblHagNazkOU9C5zeXvUWvtrcvZz5s92TLTGjgYkwgYYwGwYDVR0jBBQwEoAQ+X9VtCeUM2KmVspvzF0a/zAZBgNVHQ4EEgQQCR6s1jJA8ENWsIEo61LkMjAxBggrBgEFBQcBAQQlMCMwIQYIKwYBBQUHMAGGFWh0dHBzOi8vb2NzcC5nbXNzbC5jbjAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIAwDAMBggqgRzPVQGDdQUAA0gAMEUCIEaCtRZ8G4OgwhqI6NqxVwfUELvHS7ojkTGbImLX1ZkiAiEApFb7utbtgvL5hkV0Gj/k/CLY0vl+RbYSqAVoPtNEr1oxgcMwgcACAQEwVTBLMQswCQYDVQQGEwJDTjEOMAwGA1UEChMFR01TU0wxEDAOBgNVBAsTB1BLSS9TTTIxGjAYBgNVBAMTEU1pZGRsZUNBIGZvciBUZXN0AgYBlAEB3kIwDAYIKoEcz1UBgxEFADANBgkqgRzPVQGCLQEFAARHMEUCIEzIJwjBsG6/2VemCJuQ0/eJhNS+Nwcz+7+WqJwlsgV5AiEA4ILu0NFEaM3IC4d9gAFswOZnACwYnKR2/gm9eZB4GsY=";
|
|
private static final byte[] plainHsm = "12345678".getBytes();
|
|
|
|
@BeforeAll
|
|
public static void beforeAll() {
|
|
keyId = execute("/key/gen", KeyCreateReq.builder().keyTemplateCode(asymKeyTemplate).genNumber(1).build(), Long.class);
|
|
Assertions.assertTrue(keyId > 0);
|
|
}
|
|
|
|
@AfterAll
|
|
public static void afterAll() {
|
|
KeyManageReq keyManageReq = new KeyManageReq();
|
|
keyManageReq.setIds(Collections.singletonList(keyId));
|
|
execute("/key/disable", keyManageReq, Void.class);
|
|
execute("/key/destroy", keyManageReq, Void.class);
|
|
}
|
|
|
|
@Test
|
|
public void testExportKey() {
|
|
ExportPubKeyReq req = new ExportPubKeyReq();
|
|
req.setKeyId(keyId);
|
|
ExportPubKeyResp exportPubKeyResp = execute("/asym/exportPubKey", req, ExportPubKeyResp.class);
|
|
Assertions.assertNotNull(exportPubKeyResp);
|
|
log.info("ExportPubKeyResp: {}", exportPubKeyResp.getPubKey());
|
|
}
|
|
|
|
@Test
|
|
public void testRaw() {
|
|
AsymSignRawReq signRawReq = new AsymSignRawReq();
|
|
signRawReq.setKeyId(keyId);
|
|
signRawReq.setPlainData(CodecUtils.encodeBase64(plain));
|
|
AsymSignRawResp signRawResp = execute("/asym/sign/raw", signRawReq, AsymSignRawResp.class);
|
|
Assertions.assertNotNull(signRawResp);
|
|
log.info("AsymSignRawResp: {}", signRawResp);
|
|
|
|
AsymVerifyRawReq verifyRawReq = new AsymVerifyRawReq();
|
|
verifyRawReq.setKeyId(keyId);
|
|
verifyRawReq.setKeyIndex(signRawResp.getKeyIndex());
|
|
verifyRawReq.setPlainData(CodecUtils.encodeBase64(plain));
|
|
verifyRawReq.setSignData(signRawResp.getSignData());
|
|
VerifyResp verifyResp = execute("/asym/verify/raw", verifyRawReq, VerifyResp.class);
|
|
Assertions.assertNotNull(verifyResp);
|
|
log.info("verifyResp: {}", verifyResp);
|
|
|
|
Assertions.assertTrue(verifyResp.getVerified());
|
|
}
|
|
|
|
@Test
|
|
public void testAttach() {
|
|
AsymSignP7Req signP7Req = new AsymSignP7Req();
|
|
signP7Req.setSubject(dn);
|
|
signP7Req.setPlainData(CodecUtils.encodeBase64(plain));
|
|
AsymSignP7Resp signP7Resp = execute("/asym/sign/P7Attach", signP7Req, AsymSignP7Resp.class);
|
|
Assertions.assertNotNull(signP7Resp);
|
|
log.info("AsymSignP7Resp: {}", signP7Resp.getSignData());
|
|
|
|
AsymVerifyP7Req verifyP7Req = new AsymVerifyP7Req();
|
|
verifyP7Req.setSignData(signP7Resp.getSignData());
|
|
VerifyResp verifyResp = execute("/asym/verify/P7Attach", verifyP7Req, VerifyResp.class);
|
|
Assertions.assertNotNull(verifyResp);
|
|
log.info("verifyResp: {}", verifyResp);
|
|
|
|
Assertions.assertTrue(verifyResp.getVerified());
|
|
}
|
|
|
|
@Test
|
|
public void testDetach() {
|
|
AsymSignP7Req signP7Req = new AsymSignP7Req();
|
|
signP7Req.setSubject(dn);
|
|
signP7Req.setPlainData(CodecUtils.encodeBase64(plain));
|
|
AsymSignP7Resp signP7Resp = execute("/asym/sign/P7Detach", signP7Req, AsymSignP7Resp.class);
|
|
Assertions.assertNotNull(signP7Resp);
|
|
log.info("AsymSignP7Resp: {}", signP7Resp.getSignData());
|
|
|
|
AsymVerifyP7Req verifyP7Req = new AsymVerifyP7Req();
|
|
verifyP7Req.setSignData(signP7Resp.getSignData());
|
|
verifyP7Req.setPlainData(CodecUtils.encodeBase64(plain));
|
|
VerifyResp verifyResp = execute("/asym/verify/P7Detach", verifyP7Req, VerifyResp.class);
|
|
Assertions.assertNotNull(verifyResp);
|
|
log.info("verifyResp: {}", verifyResp);
|
|
|
|
Assertions.assertTrue(verifyResp.getVerified());
|
|
}
|
|
|
|
@Test
|
|
public void testHsm() {
|
|
AsymVerifyP7Req verifyP7Req = new AsymVerifyP7Req();
|
|
verifyP7Req.setSignData(signAttachHsm);
|
|
VerifyResp verifyResp = execute("/asym/verify/P7Attach", verifyP7Req, VerifyResp.class);
|
|
Assertions.assertNotNull(verifyResp);
|
|
log.info("verifyResp: {}", verifyResp);
|
|
Assertions.assertTrue(verifyResp.getVerified());
|
|
|
|
verifyP7Req.setSignData(signDetachHsm);
|
|
verifyP7Req.setPlainData(CodecUtils.encodeBase64(plainHsm));
|
|
VerifyResp verifyResp2 = execute("/asym/verify/P7Detach", verifyP7Req, VerifyResp.class);
|
|
Assertions.assertNotNull(verifyResp2);
|
|
log.info("verifyResp: {}", verifyResp2);
|
|
Assertions.assertTrue(verifyResp2.getVerified());
|
|
}
|
|
|
|
@Test
|
|
public void testEnvelopedData() {
|
|
AsymEnvelopeSealReq sealReq = new AsymEnvelopeSealReq();
|
|
sealReq.setEncCert(enc_cert);
|
|
sealReq.setPlainData(CodecUtils.encodeBase64(plain));
|
|
AsymEnvelopeSealResp sealResp = execute("/asym/envelope/seal", sealReq, AsymEnvelopeSealResp.class);
|
|
Assertions.assertNotNull(sealResp);
|
|
log.info("AsymEnvelopeSealResp: {}", sealResp);
|
|
|
|
AsymEnvelopeUnsealReq unsealReq = new AsymEnvelopeUnsealReq();
|
|
unsealReq.setEnvelopeData(sealResp.getEnvelopeData());
|
|
AsymEnvelopeUnsealResp unsealResp = execute("/asym/envelope/unseal", unsealReq, AsymEnvelopeUnsealResp.class);
|
|
Assertions.assertNotNull(unsealResp);
|
|
log.info("AsymEnvelopeUnsealResp: {}", unsealResp);
|
|
log.info("AsymEnvelopeUnsealResp: {}", new String(CodecUtils.decodeBase64(unsealResp.getPlainData())));
|
|
|
|
Assertions.assertArrayEquals(plain, CodecUtils.decodeBase64(unsealResp.getPlainData()));
|
|
}
|
|
|
|
@Test
|
|
public void testSignedEnvelopedData() {
|
|
AsymEnvelopeSealReq sealReq = new AsymEnvelopeSealReq();
|
|
sealReq.setSignSubject(dn);
|
|
sealReq.setEncCert(enc_cert);
|
|
sealReq.setPlainData(CodecUtils.encodeBase64(plain));
|
|
AsymEnvelopeSealResp sealResp = execute("/asym/signedEnvelope/seal", sealReq, AsymEnvelopeSealResp.class);
|
|
Assertions.assertNotNull(sealResp);
|
|
log.info("SignedEnvelopeEnvelopeSealResp: {}", sealResp);
|
|
|
|
AsymEnvelopeUnsealReq unsealReq = new AsymEnvelopeUnsealReq();
|
|
unsealReq.setEnvelopeData(sealResp.getEnvelopeData());
|
|
AsymEnvelopeUnsealResp unsealResp = execute("/asym/signedEnvelope/unseal", unsealReq, AsymEnvelopeUnsealResp.class);
|
|
Assertions.assertNotNull(unsealResp);
|
|
log.info("AsymEnvelopeUnsealResp: {}", unsealResp);
|
|
log.info("AsymEnvelopeUnsealResp: {}", new String(CodecUtils.decodeBase64(unsealResp.getPlainData())));
|
|
|
|
Assertions.assertArrayEquals(plain, CodecUtils.decodeBase64(unsealResp.getPlainData()));
|
|
}
|
|
|
|
|
|
}
|