Migrate CertificateTest class to HIRS_Utils and update unit test dependencies following migration

2025-04-11 05:10:26 +00:00 · 2023-10-18 09:46:42 -04:00 · 2023-10-18 09:46:42 -04:00 · 55f80fe0e6
commit 55f80fe0e6
parent f96fa87138
13 changed files with 156 additions and 67 deletions
--- a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidationTest.java
+++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/SupplyChainValidationTest.java
@ -3,11 +3,16 @@ package hirs.attestationca.persist.entity.userdefined;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertThrows;

-import hirs.attestationca.persist.entity.ArchivableEntity;
+import hirs.utils.ArchivableEntity;
+import hirs.utils.CertificateAuthorityCredential;
 import hirs.attestationca.persist.enums.AppraisalStatus;
+import org.junit.jupiter.api.BeforeAll;
 import org.junit.jupiter.api.Test;

 import java.io.IOException;
+import java.net.URISyntaxException;
+import java.nio.file.Paths;
+import java.util.ArrayList;
 import java.util.List;

 /**
@ -17,6 +22,40 @@ import java.util.List;
 class SupplyChainValidationTest {
    private static final String MESSAGE = "Some message.";

+    /**
+     * Location of a test (fake) root CA certificate.
+     */
+    public static final String FAKE_ROOT_CA_FILE = "/certificates/fakeRootCA.cer";
+
+    /**
+     * Location of a test (fake) Intel intermediate CA certificate.
+     */
+    public static final String FAKE_INTEL_INT_CA_FILE =
+            "/certificates/fakeIntelIntermediateCA.cer";
+
+    /**
+     * Location of a test (fake) SGI intermediate CA certificate.
+     */
+    public static final String FAKE_SGI_INT_CA_FILE = "/certificates/fakeSGIIntermediateCA.cer";
+    private static final List<ArchivableEntity> allTestCertificates =
+            new ArrayList<ArchivableEntity>(3);
+
+    @BeforeAll
+    private static void setAllTestCertificates() throws URISyntaxException, IOException {
+        allTestCertificates.add(
+                new CertificateAuthorityCredential(
+                        Paths.get(SupplyChainValidationTest.class.getResource(
+                                FAKE_SGI_INT_CA_FILE).toURI())));
+        allTestCertificates.add(
+                new CertificateAuthorityCredential(
+                        Paths.get(SupplyChainValidationTest.class.getResource(
+                                FAKE_INTEL_INT_CA_FILE).toURI())));
+        allTestCertificates.add(
+                new CertificateAuthorityCredential(
+                        Paths.get(SupplyChainValidationTest.class.getResource(
+                                FAKE_ROOT_CA_FILE).toURI())));
+    }
+    
    /**
     * Test that this class' getter methods work properly.
     *
@ -31,7 +70,7 @@ class SupplyChainValidationTest {
        );
        assertEquals(
                validation.getCertificatesUsed(),
-                CertificateTest.getAllTestCertificates()
+                allTestCertificates
        );
        assertEquals(validation.getMessage(), MESSAGE);
    }
@ -47,7 +86,7 @@ class SupplyChainValidationTest {
                new SupplyChainValidation(
                        null,
                        AppraisalStatus.Status.PASS,
-                        CertificateTest.getAllTestCertificates(),
+                        allTestCertificates,
                        MESSAGE
                ));
    }
@ -78,7 +117,7 @@ class SupplyChainValidationTest {
        new SupplyChainValidation(
                SupplyChainValidation.ValidationType.ENDORSEMENT_CREDENTIAL,
                AppraisalStatus.Status.PASS,
-                CertificateTest.getAllTestCertificates(),
+                allTestCertificates,
                MESSAGE
        );
    }
@ -95,7 +134,7 @@ class SupplyChainValidationTest {
        return getTestSupplyChainValidation(
                SupplyChainValidation.ValidationType.ENDORSEMENT_CREDENTIAL,
                AppraisalStatus.Status.PASS,
-                CertificateTest.getAllTestCertificates()
+                allTestCertificates
        );
    }

--- a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/certificate/PlatformCredentialTest.java
+++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/certificate/PlatformCredentialTest.java
@ -1,6 +1,7 @@
 package hirs.attestationca.persist.entity.userdefined.certificate;

-import hirs.attestationca.persist.entity.userdefined.Certificate;
+import hirs.utils.Certificate;
+import hirs.utils.CertificateAuthorityCredential;
 import hirs.attestationca.persist.entity.userdefined.certificate.attributes.ComponentIdentifier;
 import hirs.attestationca.persist.entity.userdefined.certificate.attributes.PlatformConfiguration;
 import hirs.attestationca.persist.entity.userdefined.certificate.attributes.PlatformProperty;
--- a/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/CertificateTest.java
+++ b/HIRS_AttestationCA/src/test/java/hirs/attestationca/persist/entity/userdefined/CertificateTest.java
@ -1,6 +1,4 @@
-package hirs.attestationca.persist.entity.userdefined;
-
-import hirs.attestationca.persist.entity.ArchivableEntity;
+package hirs.utils;

 import java.io.FileInputStream;
 import java.io.IOException;
@ -29,6 +27,30 @@ import static org.junit.jupiter.api.Assertions.assertThrows;
 * This class tests functionality of the {@link Certificate} class.
 */
 public class CertificateTest {
+    /**
+     * Location of another, slightly different platform attribute cert.
+     */
+    public static final String TEST_PLATFORM_CERT_3 =
+            "/validation/platform_credentials/Intel_pc3.cer";
+
+    /**
+     * Platform cert with comma separated baseboard and chassis serial number.
+     */
+    public static final String TEST_PLATFORM_CERT_4 =
+            "/validation/platform_credentials/Intel_pc4.pem";
+
+    /**
+     * Another platform cert with comma separated baseboard and chassis serial number.
+     */
+    public static final String TEST_PLATFORM_CERT_5 =
+            "/validation/platform_credentials/Intel_pc5.pem";
+
+    /**
+     * Location of another, slightly different platform attribute cert.
+     */
+    public static final String TEST_PLATFORM_CERT_6 =
+            "/validation/platform_credentials/TPM_INTC_Platform_Cert_RSA.txt";
+
    /**
     * Location of a test (fake) root CA certificate.
     */
@ -51,59 +73,8 @@ public class CertificateTest {
     */
    public static final String FAKE_SGI_INT_CA_FILE = "/certificates/fakeSGIIntermediateCA.cer";

-    /**
-     * Location of another test self-signed certificate.
-     */
-    public static final String ANOTHER_SELF_SIGNED_FILE =
-            "/certificates/fakeSelfSigned.cer";
-
-    /**
-     * Location of the NUC EC.
-     */
-    public static final String STM_NUC1_EC = "/certificates/nuc-1/tpmcert.pem";
-
-    /**
-     * Location of the ST Micro Intermediate 02 CA certificate.
-     */
-    public static final String STM_INT_02_CA = "/certificates/stMicroCaCerts/stmtpmekint02.crt";
-
-    /**
-     * Location of the ST Micro Root CA certificate.
-     */
-    public static final String STM_ROOT_CA = "/certificates/stMicroCaCerts/stmtpmekroot.crt";
-
-    /**
-     * Location of the GlobalSign Root CA certificate.
-     */
-    public static final String GS_ROOT_CA = "/certificates/stMicroCaCerts/gstpmroot.crt";
-
-    /**
-     * Hex-encoded subject key identifier for the FAKE_ROOT_CA_FILE.
-     */
-    public static final String FAKE_ROOT_CA_SUBJECT_KEY_IDENTIFIER_HEX =
-            "58ec313a1699f94c1c8c4e2c6412402b258f0177";
-
-    /**
-     * Location of a test STM endorsement credential.
-     */
-    public static final String TEST_EC = "/certificates/ab21ccf2-tpmcert.pem";
-
-    /**
-     * Location of a test client cert.
-     */
-    public static final String ISSUED_CLIENT_CERT =
-            "/tpm/sample_identity_cert.cer";
-
    private static final String INT_CA_CERT02 = "/certificates/fakestmtpmekint02.pem";

-    private static final String RDN_COMMA_SEPARATED =
-            "CN=STM TPM EK Intermediate CA 02, O=STMicroelectronics NV, C=CH";
-    private static final String RDN_MULTIVALUE =
-            "CN=Nuvoton TPM Root CA 2010+O=Nuvoton Technology Corporation+C=TW";
-
-    private static final String RDN_COMMA_SEPARATED_ORGANIZATION = "STMicroelectronics NV";
-    private static final String RDN_MULTIVALUE_ORGANIZATION = "Nuvoton Technology Corporation";
-
    private static final String EK_CERT_WITH_PADDED_BYTES =
            "/certificates/ek_cert_with_padded_bytes.cer";

@ -197,11 +168,11 @@ public class CertificateTest {

        assertNotEquals(getTestCertificate(
                        PlatformCredential.class,
-                        PlatformCredentialTest.TEST_PLATFORM_CERT_3).getCertificateType(),
+                        TEST_PLATFORM_CERT_3).getCertificateType(),
                Certificate.CertificateType.X509_CERTIFICATE);
        assertEquals(getTestCertificate(
                        PlatformCredential.class,
-                        PlatformCredentialTest.TEST_PLATFORM_CERT_3).getCertificateType(),
+                        TEST_PLATFORM_CERT_3).getCertificateType(),
                Certificate.CertificateType.ATTRIBUTE_CERTIFICATE);

    }
@ -215,7 +186,7 @@ public class CertificateTest {
    @Test
    public void testImportPem() throws IOException {
        Certificate platformCredential = getTestCertificate(
-                PlatformCredential.class, PlatformCredentialTest.TEST_PLATFORM_CERT_4
+                PlatformCredential.class, TEST_PLATFORM_CERT_4
        );

        assertEquals(platformCredential.getCertificateType(),
@ -226,7 +197,7 @@ public class CertificateTest {
        );

        platformCredential = getTestCertificate(
-                PlatformCredential.class, PlatformCredentialTest.TEST_PLATFORM_CERT_5
+                PlatformCredential.class, TEST_PLATFORM_CERT_5
        );

        assertEquals(platformCredential.getCertificateType(),
@ -286,12 +257,12 @@ public class CertificateTest {
    public void testX509AttributeCertificateParsing() throws IOException, URISyntaxException {
        Certificate platformCert = getTestCertificate(
                PlatformCredential.class,
-                PlatformCredentialTest.TEST_PLATFORM_CERT_3
+                TEST_PLATFORM_CERT_3
        );

        X509AttributeCertificateHolder attrCertHolder = new X509AttributeCertificateHolder(
                Files.readAllBytes(Paths.get(this.getClass().getResource(
-                        PlatformCredentialTest.TEST_PLATFORM_CERT_3
+                        TEST_PLATFORM_CERT_3
                ).toURI()))
        );

@ -321,7 +292,7 @@ public class CertificateTest {
    public void testX509AttributeCertificateParsingExtended()
            throws IOException, URISyntaxException {
        Certificate platformCert = getTestCertificate(
-                PlatformCredential.class, PlatformCredentialTest.TEST_PLATFORM_CERT_6);
+                PlatformCredential.class, TEST_PLATFORM_CERT_6);

        assertEquals(platformCert.getAuthorityInfoAccess(),
                "https://trustedservices.intel.com/"
--- a/HIRS_Utils/src/test/resources/certificates/ek_cert_with_padded_bytes.cer
+++ b/HIRS_Utils/src/test/resources/certificates/ek_cert_with_padded_bytes.cer
--- a/HIRS_Utils/src/test/resources/certificates/fakeIntelIntermediateCA.cer
+++ b/HIRS_Utils/src/test/resources/certificates/fakeIntelIntermediateCA.cer
@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDGDCCAgKgAwIBAgIBAjALBgkqhkiG9w0BAQswFzEVMBMGA1UEAwwMRmFrZSBS
+b290IENBMB4XDTE3MDEyNDE1MjU0MVoXDTI3MDEyNDE1MjU0MVowJzElMCMGA1UE
+AwwcRmFrZSBJbnRlbCBJbnRlcm1lZGlhdGUgQ0EgMTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAKOwrvGN7liqE0Fv0Z5jSRuYdz5WHbxNgb9HNvllM9AK
+a61TKVL2yWjaDMeO3r/QmL6MbiVNLfSYzJtotbujpelZSucgFqq/6skr5K8ik1Lk
+se7DrZGsheC6g9ei5UyAJlIQtCmm26xIraQWtQbSrMvMoRo25vm2LNA9fY46hx/a
+zk9yPI9OLXOWuK/OnT7gmV/ESU1fLWXedVCxYZfu9KyMD2PxHG5eZc8e/Or/cVt1
+5wuP16ZbzCV8NsJFKPBvfKsngznb4WuGOPTbMJaslB5wJZPp+GyBe3L0g4vr2+GE
+WldoObtit9vdHj1HDcsxk2IHaQZ7zkJZ2vyGdDYn10ECAwEAAaNjMGEwDwYDVR0T
+AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFCEFgTDtdHY0MnCE
+8CeV32cOi9dzMB8GA1UdIwQYMBaAFFjsMToWmflMHIxOLGQSQCsljwF3MAsGCSqG
+SIb3DQEBCwOCAQEAb9OPfUQSOZG5JLNJTMJtBUXWPAAhR7xXvWtG17B3c8UrU4kN
+bfqAQnVkya+7vUPpaxVP5KJjzud8hBg5xqgaf7MO5mq/P+3RmtudB/AunTiBApSL
+f0nXEMl3UbGdfseWnrEC0QMetsBDgPyhUAJ+P+KwEWWndpaeZRV1pfvPc2OMqG3J
+or8hmfEVk2k9Di3GThsA5PnKehYE+FGHtT2+YO5Tpn75PdhN8r2N6MU7kXVPN9yi
+5RT5HKpee8ZmkzYdOhWe7+7W23j3Klh3yyVHW1Yk426PRuRym9RrPOZO8dSJY0n5
+abPM8+BCy4GpK/wdUuZhKBo1BX/Mq7fMfR07kQ==
+-----END CERTIFICATE-----
--- a/HIRS_Utils/src/test/resources/certificates/fakeRootCA.cer
+++ b/HIRS_Utils/src/test/resources/certificates/fakeRootCA.cer
@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC5zCCAdGgAwIBAgIBATALBgkqhkiG9w0BAQswFzEVMBMGA1UEAwwMRmFrZSBS
+b290IENBMB4XDTE3MDEyNDE1MjU0MVoXDTQ3MDEyNDE1MjU0MVowFzEVMBMGA1UE
+AwwMRmFrZSBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+geIXUAtrlc+FY8FC/bAGC6Vg1lbok+kILT/ZmG/4vdigZ2hzFR3dVjmgWd4hp3uP
+dY7E/JUEouBq24qDpPUWrHIxSCqGp9Rn+whGq6Yy7d1d0FGyskIJJ2aFr1QC+/jA
+4CptLbQGhqmyALrmXFai3scUmNciuTbEb3Ap9829IdsD4F9hT557zRSocaelVCUw
+6sNLU78fJfG7K3dKmKemvtprqlDlfM3nya5P6IzkRKiPpXN6Q1sL7FDkKQ3HuyBM
+WqPU+AWhqhCR9hRenuTpwTxEPVPA8FRV78wkV3VLzXCG7lHPZ8xCDKAZzdbwymjU
+wfm9Wr5KperE83suIcIHxQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
+DwEB/wQEAwIBBjAdBgNVHQ4EFgQUWOwxOhaZ+UwcjE4sZBJAKyWPAXcwCwYJKoZI
+hvcNAQELA4IBAQA2qgdehg53y1ehnq9KKdV5JllGgPon1GigMrMJ8VMGo+zs7h2q
+CYlqCyuCI5hYWzZTRzwX6OAfZkIVEgY0O2lYJgTzsC+kz4EFArzq5eLqw2/hsn8c
+KveCz+6mIL9AoyAMx9NZB1IytkDWIOtIElxOoAojluEDp3L1gzr9PVHJkI9KMeVV
+eaH6Hg+Wg6I0jS1546oJnheEmcrwYaLJ0pHZR9NGpkICxDNMpNTLW9yy8e/kK+iB
+xzT6vc3p791ktO1UD5kfK0QW8oRyMX0eHdRlDK2so+VWA5pEka+ZPc9dPB5JSudm
+HBfbguS1HVpYAfJslzj31UpSnxr7ZA4OWiLf
+-----END CERTIFICATE-----
--- a/HIRS_Utils/src/test/resources/certificates/fakeSGIIntermediateCA.cer
+++ b/HIRS_Utils/src/test/resources/certificates/fakeSGIIntermediateCA.cer
@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDFjCCAgCgAwIBAgIBAzALBgkqhkiG9w0BAQswFzEVMBMGA1UEAwwMRmFrZSBS
+b290IENBMB4XDTE3MDEyNDE1MjU0MVoXDTI3MDEyNDE1MjU0MVowJTEjMCEGA1UE
+AwwaRmFrZSBTR0kgSW50ZXJtZWRpYXRlIENBIDEwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQC7tS739kM5cCJBVXGJtTgiV30AKtnDXeF5uw40DYfiXf1H
+H5QAHNdiLqiZpsYJPiTnS7drsdvlzT1zjkfu11cI0jdUjMqDfSP+2MfAvrcjpdSN
+R2YlcIJSNTeJyydvkxl6l0keXKdaoUkrMoJ+O0BWbSy7jXbicmndh4aoscq0Qp6s
+99n4bPwrKqV/GkuTRjaUqGoEx/h9gM05kUcO5kw9xwO21ogY1H+j3NNstmTAjko+
+PNEhVEp5Ax6XpqTZOqbFpiWQdA7oXJsXar0tXi0DWBWcVz0EXqoOSxhH4cpnBmSZ
+ioioIOCzcxitdcWIQS+phm/B+vhK4+YUKHCF2ds1AgMBAAGjYzBhMA8GA1UdEwEB
+/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQynzPkAJcEtxU2u0uy
+YG2QqJ+U/zAfBgNVHSMEGDAWgBRY7DE6Fpn5TByMTixkEkArJY8BdzALBgkqhkiG
+9w0BAQsDggEBAGs9uq0DKACdcgoNyJcHzyb11EhMe8+l/D+j8JjsRp3w6rXpw60U
+ptZVMh7/SpRte7NjUBJ7wk76IIhntu6rcf/ik4ptyOgSUxDzGDffQzPRHRmXmjj0
+eir+cVQP34O7gByj/n92S9GP4/0RYGt7X7PGGiNArSroeS83fUQMVHhN8PbFzcrk
+y9NHNR/In90Le/tPsFwGdTYzirgnjmcaVZFgCQfKuU3xr9vjANc2i5+QzzApjZ1i
+K3o3z1eLOz6x25C03J8MF6GRiSV9AjrP8P0vQc25zpsjKH/rvdwmLIC6IjprF3Wk
+nqakIzC7ABXdKhS8pOLkbmcoPlyt1rP9RgA=
+-----END CERTIFICATE-----
--- a/HIRS_Utils/src/test/resources/certificates/fakestmtpmekint02.pem
+++ b/HIRS_Utils/src/test/resources/certificates/fakestmtpmekint02.pem
@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDjzCCAnmgAwIBAgIBBTALBgkqhkiG9w0BAQswFzEVMBMGA1UEAwwMRmFrZSBS
+b290IENBMB4XDTExMDEyMTAwMDAwMFoXDTI5MTIzMTAwMDAwMFowVTELMAkGA1UE
+BhMCQ0gxHjAcBgNVBAoTFVNUTWljcm9lbGVjdHJvbmljcyBOVjEmMCQGA1UEAxMd
+U1RNIFRQTSBFSyBJbnRlcm1lZGlhdGUgQ0EgMDIwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQCTt4oZ/7h4Fdx65T2ab/PtfsYPXHC396VVyaE+Z/Dxx4sT
+emUQZn/zYPOfzg2c8Z6LQuuFg/BhzC8kNAp2tzCRfjBiWeUeSZLiUQeArYEz8HE1
+WSLArrqdGg1pz82Kh8L32og9hQ9GmsQp0yiI1lPTs7Uw9iOtcVtiyhGOFXXvltwu
+1mYEuU6apG4Sc8tjSY+qEjAypJXyN1/I1X+254DHAkd19zXCKN+PSA7da9Rn8Afq
+Fq4aIGVZzBSSgKEmD/GkKyw1Ze0kDgIE189iAw+m6NY4Gv/Cm+9nQ4fA9qq5Kloe
+x8HWrN46qm2/boqujtnSSWPOhY3341z6N4xpRY07AgMBAAGjgaswgagwDwYDVR0T
+AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAgQwRQYDVR0gAQH/BDswOTA3BgRVHSAA
+MC8wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cuc3QuY29tL1RQTS9yZXBvc2l0b3J5
+LzAdBgNVHQ4EFgQUVx+Aa0fM55v6NZR87Yi40QBa4J4wHwYDVR0jBBgwFoAUWOwx
+OhaZ+UwcjE4sZBJAKyWPAXcwCwYJKoZIhvcNAQELA4IBAQB8IaDIWicxm7m2qyDv
+v4L253D3qRcx+sdM2GM0IpvK3u9z3BQraAhF6PPLlgFGP6slZdDY6ryrP8PEkvsH
+tHoapB1MWe+eMrxw7dXQLnpzm/P++8AWMtY8roziiO7x3AYTbRb9lB2HjOWc2aGZ
+1xW+su+aTnr9U4uYO1+HrDDKYgkypIcousRwUMW6c6szAZY2UtWS2e4346V3LVLz
+sv22n4rqWWRzJ2tl+jIqLepChqOdgscDL+aO2iowmzTSWV/WLJRaTs0AsOYJkdlG
+8wWRzygRbfGdIL7A/hKK42o0b7v3R/NI0nemwAzVN/QOYjTbkOCIUBg/6mT8CkYx
+pmiq
+-----END CERTIFICATE-----
--- a/HIRS_Utils/src/test/resources/validation/platform_credentials/Intel_pc3.cer
+++ b/HIRS_Utils/src/test/resources/validation/platform_credentials/Intel_pc3.cer
--- a/HIRS_Utils/src/test/resources/validation/platform_credentials/Intel_pc4.pem
+++ b/HIRS_Utils/src/test/resources/validation/platform_credentials/Intel_pc4.pem
--- a/HIRS_Utils/src/test/resources/validation/platform_credentials/Intel_pc5.pem
+++ b/HIRS_Utils/src/test/resources/validation/platform_credentials/Intel_pc5.pem
--- a/HIRS_Utils/src/test/resources/validation/platform_credentials/TPM_INTC_Platform_Cert_RSA.txt
+++ b/HIRS_Utils/src/test/resources/validation/platform_credentials/TPM_INTC_Platform_Cert_RSA.txt
--- a/HIRS_Utils/src/test/resources/validation/platform_credentials/intel_chain/root/intermediate2.cer
+++ b/HIRS_Utils/src/test/resources/validation/platform_credentials/intel_chain/root/intermediate2.cer