/**
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.camel.component.crypto;
import java.io.InputStream;
import java.lang.reflect.Constructor;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Map;
import org.apache.camel.CamelContext;
import org.apache.camel.Exchange;
import org.apache.camel.ProducerTemplate;
import org.apache.camel.builder.RouteBuilder;
import org.apache.camel.component.mock.MockEndpoint;
import org.apache.camel.impl.DefaultCamelContext;
import org.apache.camel.test.junit4.CamelTestSupport;
import org.junit.Before;
import org.junit.Test;
public class ECDSASignatureTest extends CamelTestSupport {
private String payload = "Dear Alice, Rest assured it's me, signed Bob";
private boolean ibmJDK;
private PrivateKey privateKey;
private X509Certificate x509;
private boolean canRun = true;
public ECDSASignatureTest() throws Exception {
// BouncyCastle is required for ECDSA support for JDK 1.6
if (isJava16()
&& Security.getProvider("BC") == null) {
Constructor<?> cons;
Class<?> c = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider");
cons = c.getConstructor(new Class[] {});
Provider provider = (java.security.Provider)cons.newInstance();
Security.insertProviderAt(provider, 2);
}
// This test fails with the IBM JDK
if (isJavaVendor("IBM")) {
ibmJDK = true;
}
// see if we can load the keystore et all
try {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
InputStream in = ECDSASignatureTest.class.getResourceAsStream("/org/apache/camel/component/crypto/ecdsa.jks");
keyStore.load(in, "security".toCharArray());
privateKey = (PrivateKey) keyStore.getKey("ECDSA", "security".toCharArray());
x509 = (X509Certificate)keyStore.getCertificate("ECDSA");
} catch (Throwable e) {
log.warn("Cannot setup keystore for running this test due " + e.getMessage() + ". This test is skipped.", e);
canRun = false;
}
}
@Override
protected RouteBuilder[] createRouteBuilders() throws Exception {
if (ibmJDK || !canRun) {
return new RouteBuilder[] {};
}
return new RouteBuilder[]{new RouteBuilder() {
public void configure() throws Exception {
// START SNIPPET: ecdsa-sha1
// we can set the keys explicitly on the endpoint instances.
context.getEndpoint("crypto:sign:ecdsa-sha1?algorithm=SHA1withECDSA", DigitalSignatureEndpoint.class)
.setPrivateKey(privateKey);
context.getEndpoint("crypto:verify:ecdsa-sha1?algorithm=SHA1withECDSA", DigitalSignatureEndpoint.class)
.setPublicKey(x509.getPublicKey());
from("direct:ecdsa-sha1")
.to("crypto:sign:ecdsa-sha1?algorithm=SHA1withECDSA")
.to("crypto:verify:ecdsa-sha1?algorithm=SHA1withECDSA")
.to("mock:result");
// END SNIPPET: ecdsa-sha1
}
}};
}
@Test
public void testECDSASHA1() throws Exception {
if (ibmJDK || !canRun) {
return;
}
setupMock();
sendBody("direct:ecdsa-sha1", payload);
assertMockEndpointsSatisfied();
}
private MockEndpoint setupMock() {
MockEndpoint mock = getMockEndpoint("mock:result");
mock.expectedBodiesReceived(payload);
return mock;
}
public Exchange doTestSignatureRoute(RouteBuilder builder) throws Exception {
return doSignatureRouteTest(builder, null, Collections.<String, Object>emptyMap());
}
public Exchange doSignatureRouteTest(RouteBuilder builder, Exchange e, Map<String, Object> headers) throws Exception {
CamelContext context = new DefaultCamelContext();
try {
context.addRoutes(builder);
context.start();
MockEndpoint mock = context.getEndpoint("mock:result", MockEndpoint.class);
mock.setExpectedMessageCount(1);
ProducerTemplate template = context.createProducerTemplate();
if (e != null) {
template.send("direct:in", e);
} else {
template.sendBodyAndHeaders("direct:in", payload, headers);
}
assertMockEndpointsSatisfied();
return mock.getReceivedExchanges().get(0);
} finally {
context.stop();
}
}
@Before
public void setUp() throws Exception {
disableJMX();
super.setUp();
}
}