-
Notifications
You must be signed in to change notification settings - Fork 215
/
FingerprintVerifierTest.java
98 lines (81 loc) · 3.94 KB
/
FingerprintVerifierTest.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
/*
* Copyright (c) 2021 Contributors to the Eclipse Foundation
*
* See the NOTICE file(s) distributed with this work for additional
* information regarding copyright ownership.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0
*
* SPDX-License-Identifier: EPL-2.0
*/
package org.eclipse.ditto.connectivity.service.messaging.tunnel;
import static org.assertj.core.api.Assertions.assertThat;
import static org.eclipse.ditto.connectivity.service.messaging.TestConstants.Certificates.SERVER_PUBKEY_FINGERPRINT_MD5;
import static org.eclipse.ditto.connectivity.service.messaging.TestConstants.Certificates.SERVER_PUBKEY_FINGERPRINT_SHA256;
import static org.eclipse.ditto.connectivity.service.messaging.TestConstants.Certificates.SERVER_PUBLIC_KEY;
import static org.mutabilitydetector.unittesting.MutabilityAssert.assertInstancesOf;
import static org.mutabilitydetector.unittesting.MutabilityMatchers.areImmutable;
import java.net.SocketAddress;
import java.util.Collections;
import java.util.List;
import org.apache.sshd.client.keyverifier.ServerKeyVerifier;
import org.apache.sshd.client.session.ClientSession;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mockito;
import nl.jqno.equalsverifier.EqualsVerifier;
public class FingerprintVerifierTest {
private static final String MD5 = "MD5";
private static final String SHA256 = "SHA256";
private static final String SHA512 = "SHA512";
private ClientSession mockSession;
private SocketAddress mockAddress;
@Before
public void setUp() throws Exception {
mockSession = Mockito.mock(ClientSession.class);
mockAddress = Mockito.mock(SocketAddress.class);
}
@Test
public void assertImmutability() {
assertInstancesOf(FingerprintVerifier.class, areImmutable());
}
@Test
public void testHashCodeAndEquals() {
EqualsVerifier.forClass(FingerprintVerifier.class).usingGetClass().verify();
}
@Test
public void verifyServerKeySHA256() {
final ServerKeyVerifier underTest = new FingerprintVerifier(List.of(SERVER_PUBKEY_FINGERPRINT_SHA256));
assertThat(underTest.verifyServerKey(mockSession, mockAddress, SERVER_PUBLIC_KEY)).isTrue();
}
@Test
public void verifyServerKeyMD5() {
final ServerKeyVerifier underTest = new FingerprintVerifier(List.of(SERVER_PUBKEY_FINGERPRINT_MD5));
assertThat(underTest.verifyServerKey(mockSession, mockAddress, SERVER_PUBLIC_KEY)).isTrue();
}
@Test
public void verifyServerKeyDefaultMD5() {
final String noPrefix = SERVER_PUBKEY_FINGERPRINT_MD5.replaceFirst(MD5 + ":", "");
final ServerKeyVerifier underTest = new FingerprintVerifier(List.of(noPrefix));
assertThat(underTest.verifyServerKey(mockSession, mockAddress, SERVER_PUBLIC_KEY)).isTrue();
}
@Test
public void verifyServerKeyFailsForEmptyList() {
final ServerKeyVerifier fingerPrintVerifier = new FingerprintVerifier(Collections.emptyList());
assertThat(fingerPrintVerifier.verifyServerKey(mockSession, mockAddress, SERVER_PUBLIC_KEY)).isFalse();
}
@Test
public void verifyServerKeyFailsForWrongAlgorithm() {
final List<String> knownHosts = List.of(SERVER_PUBKEY_FINGERPRINT_SHA256.replaceFirst(SHA256, SHA512));
final ServerKeyVerifier fingerPrintVerifier = new FingerprintVerifier(knownHosts);
assertThat(fingerPrintVerifier.verifyServerKey(mockSession, mockAddress, SERVER_PUBLIC_KEY)).isFalse();
}
@Test
public void verifyServerKeyFailsForEmptyAlgorithm() {
final List<String> knownHosts = List.of(SERVER_PUBKEY_FINGERPRINT_SHA256.replaceFirst(SHA256, SHA512));
final ServerKeyVerifier fingerPrintVerifier = new FingerprintVerifier(knownHosts);
assertThat(fingerPrintVerifier.verifyServerKey(mockSession, mockAddress, SERVER_PUBLIC_KEY)).isFalse();
}
}