Replace key files in test with keys generated on the spot

rabobank · Oct 2, 2023 · a64a641 · a64a641
1 parent 4c7eb72
commit a64a641
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 78 deletions.
diff --git a/README.md b/README.md
@@ -192,39 +192,6 @@ Values are encrypted using the public key which is set up during the configurati
 The algorithm used is RSA with Electronic Codeblock mode (CBC) and `OAEPWITHSHA-256ANDMGF1PADDING` padding.
 You can create a runnable jar with the following code to decrypt the values. Continuing the example above (explaining how to enable encrypting data):
 
-### Example decrypting values of differences
-This can easily be a runnable jar that takes a file or a single line as an argument, when you want to inspect values.
-```java
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.io.pem.PemReader;
-import javax.crypto.Cipher;
-import java.io.File;
-import java.io.StringReader;
-import java.nio.charset.StandardCharsets;
-import java.nio.file.Files;
-import java.security.KeyFactory;
-import java.security.PrivateKey;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.util.Objects;
-
-void decrypt() throws Exception {
-    final var encryptedDifferences = "fr1vTtM0wM91neX0Fl+Owq6fuTgkRD0CRPGBwDKftV1rBCPmzpLtQDMSV6sAw89M+YKOqLTQGBYckj6ZUVG/TTQqcoNx8BThAA2GQAvnAWBDSOEykpWf39Dp7L1rqZUbNqmf/DCxY45MdSutjde+DVwtpdRjJHcF4BELfQS+dG5TscXfEyQ75HIdBqWhpdaTh2My+7BOzo88zZKVqQwdDBymW78SkJ3Ez3X9kNjxlTI7w4LR5y3Cis5rIEfBnoMz1YMilx+5s0Ku9flzciFxr81czIImTmpBmvAscmtOB8ABfdDcPVvAEZlDzHktIHpH2pQ0QLnvVum43QLCfyezDg==";
-    //Decrypt and verify
-    var privateKey = privateKey();
-    final var cipher = Cipher.getInstance("RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING");
-    cipher.init(Cipher.DECRYPT_MODE, privateKey);
-    final var cipherText = cipher.doFinal(Base64.decode(encryptedDifferences));
-    final var expectedUnencryptedResult = new String(cipherText, StandardCharsets.UTF_8);
-}
-
-private static PrivateKey privateKey() throws Exception {
-    final var privateKeyFile = new File(Objects.requireNonNull(EncryptionServiceTest.class.getClassLoader().getResource("private.key")).getFile());
-    final var reader = new StringReader(Files.readString(privateKeyFile.toPath()));
-    final var pemReader = new PemReader(reader);
-    final var factory = KeyFactory.getInstance("RSA");
-    final var pemObject = pemReader.readPemObject();
-    final var keyContentAsBytesFromBC = pemObject.getContent();
-    final var privKeySpec = new PKCS8EncodedKeySpec(keyContentAsBytesFromBC);
-    return factory.generatePrivate(privKeySpec);
-}
-```
+### Example of decrypting values of differences
+
+An example can be found in one of the tests: [EncryptionServiceTest](src/test/java/io/github/rabobank/shadow_tool/EncryptionServiceTest.java).
diff --git a/src/test/java/io/github/rabobank/shadow_tool/EncryptionServiceTest.java b/src/test/java/io/github/rabobank/shadow_tool/EncryptionServiceTest.java
@@ -1,62 +1,62 @@
 package io.github.rabobank.shadow_tool;
 
 import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.io.pem.PemReader;
 import org.junit.jupiter.api.Test;
 
 import javax.crypto.Cipher;
-import java.io.File;
-import java.io.StringReader;
 import java.nio.charset.StandardCharsets;
-import java.nio.file.Files;
-import java.security.KeyFactory;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
 import java.security.PublicKey;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.Objects;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 
 class EncryptionServiceTest {
+    private static final PrivateKey PRIVATE_KEY;
+    private static final PublicKey PUBLIC_KEY;
+
+    static {
+        try {
+            KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");
+            keyPairGen.initialize(2048);
+            KeyPair pair = keyPairGen.generateKeyPair();
+            PRIVATE_KEY = pair.getPrivate();
+            PUBLIC_KEY = pair.getPublic();
+        } catch (NoSuchAlgorithmException e) {
+            throw new RuntimeException(e);
+        }
+    }
 
     @Test
     void encryptAndDecrypt() throws Exception {
-        final var encryptionService = new EncryptionService(publicKey());
+        final var encryptCipher = Cipher.getInstance("RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING");
+        encryptCipher.init(Cipher.ENCRYPT_MODE, PUBLIC_KEY);
+        final var encryptionService = new DefaultEncryptionService(encryptCipher);
         final var plainDifferences = "'place' changed: 'Dintelooord' -> 'Dinteloord'\n" +
                 "'madrigals' collection changes :\n" +
                 "   1. 'Bruno' changed to 'Mirabel'\n" +
                 "   0. 'Bruno' added";
         final var encryptedDifferences = encryptionService.encrypt(plainDifferences);
         //Decrypt and verify
-        var privateKey = privateKey();
-        final var cipher = Cipher.getInstance("RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING");
-        cipher.init(Cipher.DECRYPT_MODE, privateKey);
-        final var cipherText = cipher.doFinal(Base64.decode(encryptedDifferences));
+        final var decryptCipher = Cipher.getInstance("RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING");
+        decryptCipher.init(Cipher.DECRYPT_MODE, PRIVATE_KEY);
+        final var cipherText = decryptCipher.doFinal(Base64.decode(encryptedDifferences));
         final var expectedUnencryptedResult = new String(cipherText, StandardCharsets.UTF_8);
 
         assertEquals(expectedUnencryptedResult, plainDifferences);
     }
 
-    private static PrivateKey privateKey() throws Exception {
-        final var privateKeyFile = new File(Objects.requireNonNull(EncryptionServiceTest.class.getClassLoader().getResource("private.key")).getFile());
-        final var reader = new StringReader(Files.readString(privateKeyFile.toPath()));
-        final var pemReader = new PemReader(reader);
-        final var factory = KeyFactory.getInstance("RSA");
-        final var pemObject = pemReader.readPemObject();
-        final var keyContentAsBytesFromBC = pemObject.getContent();
-        final var privKeySpec = new PKCS8EncodedKeySpec(keyContentAsBytesFromBC);
-        return factory.generatePrivate(privKeySpec);
-    }
-
-    private static PublicKey publicKey() throws Exception {
-        final var publicKeyFile = new File(Objects.requireNonNull(EncryptionServiceTest.class.getClassLoader().getResource("public.key")).getFile());
-        final var reader = new StringReader(Files.readString(publicKeyFile.toPath()));
-        final var pemReader = new PemReader(reader);
-        final var factory = KeyFactory.getInstance("RSA");
-        final var pemObject = pemReader.readPemObject();
-        final var keyContentAsBytesFromBC = pemObject.getContent();
-        final var pubKeySpec = new X509EncodedKeySpec(keyContentAsBytesFromBC);
-        return factory.generatePublic(pubKeySpec);
+    @Test
+    void encryptAndForgotToInitCipher() throws Exception {
+        final var encryptCipher = Cipher.getInstance("RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING");
+        final var encryptionService = new DefaultEncryptionService(encryptCipher);
+        final var plainDifferences = "'place' changed: 'Dintelooord' -> 'Dinteloord'\n" +
+                "'madrigals' collection changes :\n" +
+                "   1. 'Bruno' changed to 'Mirabel'\n" +
+                "   0. 'Bruno' added";
+        final var exception = assertThrows(SecurityException.class, () -> encryptionService.encrypt(plainDifferences));
+        assertEquals("java.lang.IllegalStateException: Cipher not initialized", exception.getMessage());
     }
 }
diff --git a/src/test/resources/public.key b/src/test/resources/public.key