Bug 6220 – create unit test for JKS credential

Bug 6220 - create unit test for JKS credential

Summary:

create unit test for JKS credential

Status:	RESOLVED FIXED

Product:	GridShib
Component:	SAML/Binding Tools
Version:	0.5
Platform:	All All

Importance:	P3 normal
Target Milestone:	beta
Assigned To:	Tom Scavo

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2008-07-15 10:52 by Tom Scavo
Modified:	2008-07-15 13:33 (History)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description From Tom Scavo 2008-07-15 10:52:32

Create a unit test for the following method:

GSIUtil.createCredential(File, char[], String, char[])

Rachana has provided a patch for Bug 4933 and Bug 6029 (which are mostly
duplicate bugs).  The unit test should test the above method and simultaneously
validate the patch.

------- Comment #1 From Tom Scavo 2008-07-15 12:07:04 -------

Resurrected target "create-keystore" in the GS-ST build file (see Bug 5263). 
Added method testCreateCredential() to GSIUtilTest.  This new test loads an
issuing credential from a Java KeyStore and then attempts to issue an
X.509-bound SAML token using method

GSIUtil.createCredential(GlobusCredential, X509ExtensionSet, int)

This method fails due to an implemented workaround to Bug 5261.  I commented
out this workaround, and also commented out the workaround to Bug 4933 in the
above method, and the original bug returned:

java.lang.ClassCastException: sun.security.x509.X500Name
at
org.globus.gsi.bc.BouncyCastleCertProcessingFactory.createProxyCertificate(BouncyCastleCertProcessingFactory.java:602)
at
org.globus.gsi.bc.BouncyCastleCertProcessingFactory.createCredential(BouncyCastleCertProcessingFactory.java:278)
at org.globus.gridshib.security.util.GSIUtil.createCredential(GSIUtil.java:410)
at org.globus.gridshib.security.util.GSIUtil.bindAssertion(GSIUtil.java:206)
at org.globus.gridshib.security.util.GSIUtil.bindAssertion(GSIUtil.java:170)
at
org.globus.gridshib.security.saml.SelfIssuedAssertion.bindToX509Proxy(SelfIssuedAssertion.java:308)
at
org.globus.gridshib.security.x509.GlobusSAMLCredential.issue(GlobusSAMLCredential.java:1022)
at
org.globus.gridshib.security.x509.GlobusSAMLCredential.issue(GlobusSAMLCredential.java:971)
at
org.globus.gridshib.security.util.GSIUtilTest.testCreateCredential(GSIUtilTest.java:109)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

I then replaced the old jglobus JAR in GS-ST with the patched JAR obtained from
Rachana and the exception went away.  This confirms that Rachana's patch is
working.

------- Comment #2 From Tom Scavo 2008-07-15 12:11:18 -------

I committed the new test and the updated build file to CVS HEAD, so the test
will be distributed with GS-ST v0.5.0.  However, I will leave this bug open
until the test is sufficiently generalized.  In particular, specific details
regarding the KeyStore are hardcoded in the source, which needs to be fixed.

------- Comment #3 From Tom Scavo 2008-07-15 13:33:49 -------

Add the KeyStore properties to the build.properties file and the bootstrap
properties file.  Load the KeyStore properties in the BootstrapConfigLoader. 
Expose the KeyStore properties in public methods.  Invoke these methods in
GSIUtilTest.

Committed all resources to CVS HEAD.  This new feature will appear in GS-ST
v0.5.0.