Test that the right exception is thrown when BouncyCastle is needed but fails to load

emlun · emlun · commit 2370f12e2182 · 2021-03-10T20:05:41.000+01:00
diff --git a/test-dependent-projects/java-dep-webauthn-server-core-minimal/build.gradle.kts b/test-dependent-projects/java-dep-webauthn-server-core-minimal/build.gradle.kts
@@ -2,8 +2,18 @@ plugins {
     `java-library`
 }
 
+val coreTestsOutput = project(":webauthn-server-core-minimal").extensions.getByType(SourceSetContainer::class).test.get().output
+
 dependencies {
     implementation(project(":webauthn-server-core-minimal"))
+
+    testImplementation(coreTestsOutput)
     testImplementation("junit:junit:4.12")
     testImplementation("org.mockito:mockito-core:[2.27.0,3)")
+
+    // Runtime-only internal dependency of webauthn-server-core-minimal
+    testImplementation("com.augustcellars.cose:cose-java:[1.0.0,2)")
+
+    // Transitive dependencies from coreTestOutput
+    testImplementation("org.scala-lang:scala-library:[2.13.1,3)")
 }
diff --git a/test-dependent-projects/java-dep-webauthn-server-core-minimal/src/test/java/com/yubico/webauthn/BouncyCastleProviderPresenceTest.java b/test-dependent-projects/java-dep-webauthn-server-core-minimal/src/test/java/com/yubico/webauthn/BouncyCastleProviderPresenceTest.java
@@ -1,13 +1,20 @@
 package com.yubico.webauthn;
 
+import COSE.CoseException;
+import com.yubico.webauthn.data.AttestationObject;
 import com.yubico.webauthn.data.RelyingPartyIdentity;
+import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PublicKey;
+import java.security.spec.InvalidKeySpecException;
 import org.junit.Test;
 import org.mockito.Mockito;
 
 import java.security.Security;
 import java.util.Arrays;
 
 import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
 
 /**
  * Test that the BouncyCastle provider is not loaded by default
@@ -46,4 +53,26 @@ public void bouncyCastleProviderIsNotLoadedAfterInstantiatingRelyingParty() {
         ));
     }
 
+    @Test
+    public void bouncyCastleProviderIsNotLoadedAfterAttemptingToLoadEddsaKey() throws IOException, CoseException, NoSuchAlgorithmException, InvalidKeySpecException {
+        try {
+            WebAuthnCodecs.importCosePublicKey(
+                new AttestationObject(RegistrationTestData.Packed$.MODULE$.BasicAttestationEdDsa().attestationObject())
+                    .getAuthenticatorData()
+                    .getAttestedCredentialData()
+                    .get()
+                    .getCredentialPublicKey()
+            );
+        } catch (NoSuchAlgorithmException e) {
+            // OK
+        }
+
+        assertTrue(
+            Arrays.stream(Security.getProviders())
+                .noneMatch(prov ->
+                    prov.getName().equals("BC")
+                        || prov.getClass().getCanonicalName().contains("bouncy")
+        ));
+    }
+
 }
