Merge branch 'master' of gitlab.ext.cyber.ee:cdoc2/cdoc2-java-ref-impl

Author: jann0k

cdoc2-cli/src/test/java/CDocCliTest.java

@@ -1,12 +1,15 @@
 import ee.cyber.cdoc2.cli.CDocCli;
+
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.PrintStream;
 import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.util.Base64;
+import java.util.Map;
 import java.util.Properties;
+import java.util.TreeMap;
 
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
@@ -194,7 +197,7 @@ void infoShouldDisplayKeyLabelInDefaultFormatForPassword() throws IOException {
         encrypt(PASSWORD_OPTION);
         decrypt(PASSWORD_OPTION, SUCCESSFUL_EXIT_CODE);
 
-        String expectedKeyLabel = "Password: V:1, LABEL:passwordlabel, TYPE:pw ";
+        String expectedKeyLabel = "Password: V:1, LABEL:passwordlabel, TYPE:pw";
         executeInfo(expectedKeyLabel, cdocFile);
     }
 
@@ -205,7 +208,7 @@ void infoShouldDisplayKeyLabelInPlainText() throws IOException {
         encrypt(PASSWORD_OPTION);
         decrypt(PASSWORD_OPTION, SUCCESSFUL_EXIT_CODE);
 
-        String expectedKeyLabel = "Password: LABEL:passwordlabel ";
+        String expectedKeyLabel = "Password: LABEL:passwordlabel";
         executeInfo(expectedKeyLabel, cdocFile);
 
         restoreDefaultKeyLabelFormat();
@@ -217,7 +220,7 @@ void infoShouldDisplayKeyLabelInDefaultFormatForSecret() throws IOException {
         decrypt(SECRET_OPTION, SUCCESSFUL_EXIT_CODE);
 
         String expectedKeyLabel
-            = "SymmetricKey: V:1, LABEL:label_b64secret, TYPE:secret ";
+            = "SymmetricKey: V:1, LABEL:label_b64secret, TYPE:secret";
         executeInfo(expectedKeyLabel, cdocFile);
     }
 
@@ -228,7 +231,7 @@ void infoShouldDisplayKeyLabelInPlainTextForSecret() throws IOException {
         encrypt(SECRET_OPTION);
         decrypt(SECRET_OPTION, SUCCESSFUL_EXIT_CODE);
 
-        String expectedKeyLabel = "SymmetricKey: LABEL:label_b64secret ";
+        String expectedKeyLabel = "SymmetricKey: LABEL:label_b64secret";
         executeInfo(expectedKeyLabel, cdocFile);
 
         restoreDefaultKeyLabelFormat();
@@ -238,7 +241,7 @@ void infoShouldDisplayKeyLabelInPlainTextForSecret() throws IOException {
     void infoShouldDisplayKeyLabelInDefaultFormatForEc() throws IOException {
         successfullyDecryptDocWithPublicKey("keys/bob_pub.pem", "keys/bob.pem");
 
-        String expectedKeyLabel = "EC PublicKey: V:1, FILE:bob_pub.pem, TYPE:pub_key ";
+        String expectedKeyLabel = "EC PublicKey: V:1, FILE:bob_pub.pem, TYPE:pub_key";
         executeInfo(expectedKeyLabel, cdocFile);
     }
 
@@ -249,7 +252,7 @@ void infoShouldDisplayKeyLabelInDefaultFormatForRsa() throws IOException {
 
         successfullyDecryptDocWithPublicKey(publicKey, privateKey);
 
-        String expectedKeyLabel = "RSA PublicKey: V:1, FILE:rsa_pub.pem, TYPE:pub_key ";
+        String expectedKeyLabel = "RSA PublicKey: V:1, FILE:rsa_pub.pem, TYPE:pub_key";
         executeInfo(expectedKeyLabel, cdocFile);
     }
 
@@ -521,7 +524,36 @@ private void executeInfo(String expectedKeyLabel, Path cdoc2File) {
         String[] split = outputWithoutBreaks.split("README.md");
         String actualOutputKeyLabel = split[split.length - 1];
 
-        assertEquals(expectedKeyLabel, actualOutputKeyLabel);
+        assertEqualKeyLabels(expectedKeyLabel, actualOutputKeyLabel);
+    }
+
+    private void assertEqualKeyLabels(String expectedKeyLabelMsg, String actualOutputKeyLabelMsg) {
+        int delimiterIndexOfExpected = expectedKeyLabelMsg.indexOf(":");
+        int delimiterIndexOfActual = actualOutputKeyLabelMsg.indexOf(":");
+        String expectedKeyLabel = expectedKeyLabelMsg
+            .substring(delimiterIndexOfExpected + 1).trim();
+        String actualOutputKeyLabel = actualOutputKeyLabelMsg
+            .substring(delimiterIndexOfActual + 1).trim();
+        Map<String, String> expectedParams = convertStringToKeyLabelParamsMap(expectedKeyLabel);
+        Map<String, String> actualParams = convertStringToKeyLabelParamsMap(actualOutputKeyLabel);
+
+        for (var entry : expectedParams.entrySet()) {
+            assertTrue(actualParams.containsKey(entry.getKey()));
+            assertTrue(actualParams.containsValue(entry.getValue()));
+        }
+    }
+
+    private static Map<String, String> convertStringToKeyLabelParamsMap(String data) {
+        Map<String, String> result = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
+
+        String[] parts = data.split(", ");
+
+        for (String keyValue : parts) {
+            String[] params = keyValue.split(":");
+            result.put(params[0], params[1]);
+        }
+
+        return result;
     }
 
     private void disableKeyLabelFormatting() {

cdoc2-lib/src/main/java/ee/cyber/cdoc2/crypto/KeyLabelTools.java

@@ -8,9 +8,9 @@
 import java.net.URLEncoder;
 import java.nio.charset.StandardCharsets;
 import java.util.Base64;
-import java.util.HashMap;
 import java.util.Locale;
 import java.util.Map;
+import java.util.TreeMap;
 import java.util.regex.Pattern;
 import java.util.stream.Collectors;
 
@@ -25,6 +25,7 @@
  */
 public final class KeyLabelTools {
 
+    private static final String DATA = "data:";
     private static final String DATA_DELIMITER = ",";
     private static final String DATA_PARAMETERS_DELIMITER = "&";
     private static final String DATA_PARAMETERS_KEY_VALUE_DELIMITER = "=";
@@ -61,7 +62,7 @@ public static Object checkKeyLabelFormatAndGet(
         }
         if (keyLabelIsFormatted(encryptionKeyLabel) && !keyLabelIsFormatted(decryptionKeyLabel)) {
             String encryptedKeyLabel = extractKeyLabel(encryptionKeyLabel.toString());
-            if (encryptedKeyLabel.equals(decryptionKeyLabel)) {
+            if (null != encryptedKeyLabel && encryptedKeyLabel.equals(decryptionKeyLabel)) {
                 return encryptionKeyLabel;
             }
         }
@@ -96,13 +97,8 @@ public static Map<String, String> extractKeyLabelParams(String keyLabel) {
 
     private static Map<String, String> decodeKeyLabelParamsFromUrlScheme(String keyLabel) {
         String keyLabelData = fromDataUrlScheme(keyLabel);
-        Map<String, String> keyLabelParams = convertStringToKeyLabelParamsMap(keyLabelData);
 
-        return keyLabelParams.entrySet().stream()
-            .collect(Collectors.toMap(
-                Map.Entry::getKey,
-                param -> urlDecodeValue(param.getValue()))
-            );
+        return convertStringToKeyLabelParamsMap(keyLabelData);
     }
 
     /**
@@ -260,7 +256,7 @@ private static KeyLabelParams createKeyLabelCommonParams(
         EncryptionKeyOrigin encryptionKeyOrigin,
         KeyLabelTools.KeyLabelDataVersion version
     ) {
-        Map<String, String> keyLabelParams = new HashMap<>();
+        Map<String, String> keyLabelParams = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
         keyLabelParams.put(
             KeyLabelDataFields.V.name(),
             urlEncodeValue(toNumbericString(version))
@@ -309,12 +305,15 @@ private static String extractKeyLabelByType(
         Map<String, String> keyLabelParams
     ) {
         switch (keyLabelType) {
-            case AUTH -> { // +
+            case AUTH -> {
                 return keyLabelParams.get(KeyLabelDataFields.PNO.name());
             }
-            case PW, SECRET -> { // +
+            case PW, SECRET -> {
                 return keyLabelParams.get(KeyLabelDataFields.LABEL.name());
             }
+            case PUB_KEY -> {
+                return null;
+            }
             default -> throw new IllegalArgumentException("Wrong key label type");
         }
     }
@@ -326,7 +325,7 @@ private static String extractKeyLabelByType(
      */
     private static String toDataUrlScheme(String data) {
         StringBuilder sb = new StringBuilder();
-        sb.append("data:");
+        sb.append(DATA);
 
         if (isEncoded(data)) {
             sb.append(BASE_64_DELIMITER + "base64");
@@ -357,15 +356,15 @@ private static String fromDataUrlScheme(String dataUrlScheme) {
     }
 
     private static boolean keyLabelIsFormatted(Object keyLabel) {
-        return keyLabel.toString().contains("data:");
+        return keyLabel.toString().contains(DATA);
     }
 
     public static boolean isFormatted(String keyLabel) {
         if (keyLabel == null) {
             return false;
         }
 
-        return  keyLabel.startsWith("data:");
+        return  keyLabel.startsWith(DATA);
     }
 
 
@@ -395,7 +394,7 @@ private static String convertKeyLabelParamsMapToString(Map<String, String> map)
     }
 
     private static Map<String, String> convertStringToKeyLabelParamsMap(String data) {
-        Map<String, String> result = new HashMap<>();
+        Map<String, String> result = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
         if (data.isBlank()) {
             return result;
         }
@@ -404,7 +403,7 @@ private static Map<String, String> convertStringToKeyLabelParamsMap(String data)
 
         for (String keyValue : parts) {
             String[] params = keyValue.split(DATA_PARAMETERS_KEY_VALUE_DELIMITER);
-            result.put(params[0], params[1]);
+            result.put(params[0], urlDecodeValue(params[1]));
         }
 
         return result;
@@ -441,8 +440,18 @@ public static String ofType(KeyLabelType type) {
             return type.name().toLowerCase(Locale.ROOT);
         }
 
-        public static KeyLabelType fromParams(String typeInLowerCase) {
-            return KeyLabelType.valueOf(typeInLowerCase.toUpperCase());
+        public static KeyLabelType fromParams(String type) {
+            return KeyLabelType.getName(type);
+        }
+
+        public static KeyLabelType getName(String keyLabelType) {
+            for (var type : KeyLabelType.values()) {
+                if (null != keyLabelType && type.name().compareToIgnoreCase(keyLabelType) == 0) {
+                    return type;
+                }
+            }
+
+            return null;
         }
     }
 

cdoc2-lib/src/test/java/ee/cyber/cdoc2/KeyLabelToolsTest.java

@@ -1,34 +1,44 @@
 package ee.cyber.cdoc2;
 
+import ee.cyber.cdoc2.crypto.EncryptionKeyOrigin;
 import ee.cyber.cdoc2.crypto.KeyLabelParams;
 import ee.cyber.cdoc2.crypto.KeyLabelTools;
 import org.junit.jupiter.api.Test;
 
 import java.util.Map;
+import java.util.TreeMap;
 
 import static org.junit.jupiter.api.Assertions.*;
 
-class KeyLabelToolsTest {
 
-    static final KeyLabelParams defaultPubKeyParams =
-        KeyLabelTools.createPublicKeyLabelParams(null, null);
-    @Test
-    void testFormatKeyLabel() {
-        String actual = KeyLabelTools.formatKeyLabel(defaultPubKeyParams);
-        String expected = "data:,V=1&TYPE=pub_key";
-        assertEquals(expected, actual);
-    }
+class KeyLabelToolsTest {
 
     @Test
     void testExtractKeyLabelParams() {
         final String defaultPubKeyFormattedLabel = "data:,V=1&TYPE=pub_key";
         Map<String, String> paramsMap = KeyLabelTools.extractKeyLabelParams(defaultPubKeyFormattedLabel);
 
         Map<String, String> expected = Map.of(
-            "V", "1",
-            "TYPE", "pub_key"
+            "v", "1",
+            "type", "pub_key"
         );
 
         assertEquals(expected, paramsMap);
     }
+
+    @Test
+    void testKeyLabelExtractionInSensitiveCase() {
+        Map<String, String> paramsMap = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
+        paramsMap.put("v", "1");
+        paramsMap.put("tYpE", "pub_key");
+
+        KeyLabelParams params = new KeyLabelParams(
+            EncryptionKeyOrigin.PUBLIC_KEY,
+            paramsMap
+        );
+
+        String formattedKeyLabel = KeyLabelTools.formatKeyLabel(params);
+        assertDoesNotThrow(() -> KeyLabelTools.extractKeyLabel(formattedKeyLabel));
+    }
+
 }

test/bats/cdoc2_tests.bats

@@ -382,7 +382,12 @@ EOF
   assertSuccessfulExitCode
   local expected_output_info="EC PublicKey: CERT_SHA1:5d5d9c00eeb79d89e3a54e791a6256f892ad9411, V:1, CN:cdoc20-client, FILE:cdoc2client-certificate.pem, TYPE:cert "
   echo "# $expected_output_info">&3
-  assert_equal "$output" "$expected_output_info"
+  assert_output --partial "EC PublicKey:"
+  assert_output --partial "CERT_SHA1:5d5d9c00eeb79d89e3a54e791a6256f892ad9411"
+  assert_output --partial "V:1"
+  assert_output --partial "CN:cdoc20-client"
+  assert_output --partial "FILE:cdoc2client-certificate.pem"
+  assert_output --partial "TYPE:cert"
 
   rm -f $TEST_RESULTS_DIR/$cdoc_file
 }
@@ -396,7 +401,12 @@ EOF
   assertSuccessfulExitCode
   local expected_output_info="EC PublicKey: CERT_SHA1:5d5d9c00eeb79d89e3a54e791a6256f892ad9411, V:1, CN:cdoc20-client, FILE:cdoc2client-certificate.pem, TYPE:cert "
   echo "# $expected_output_info">&3
-  assert_equal "$output" "$expected_output_info"
+  assert_output --partial "EC PublicKey:"
+  assert_output --partial "CERT_SHA1:5d5d9c00eeb79d89e3a54e791a6256f892ad9411"
+  assert_output --partial "V:1"
+  assert_output --partial "CN:cdoc20-client"
+  assert_output --partial "FILE:cdoc2client-certificate.pem"
+  assert_output --partial "TYPE:cert"
 
   # ensure encrypted container can be decrypted successfully
   run run_alias cdoc-cli decrypt -f $TEST_VECTORS_V_1_2/$existing_test_vector -k $CLI_KEYS_DIR/cdoc2client.pem -o $TEST_RESULTS_DIR
@@ -416,7 +426,10 @@ EOF
   assertSuccessfulExitCode
   local expected_output_info="RSA PublicKey: V:1, FILE:rsa_pub.pem, TYPE:pub_key "
   echo "# $expected_output_info">&3
-  assert_equal "$output" "$expected_output_info"
+  assert_output --partial "RSA PublicKey:"
+  assert_output --partial "V:1"
+  assert_output --partial "FILE:rsa_pub.pem"
+  assert_output --partial "TYPE:pub_key"
 
   rm -f $TEST_RESULTS_DIR/$cdoc_file
 }
@@ -430,7 +443,10 @@ EOF
   assertSuccessfulExitCode
   local expected_output_info="RSA PublicKey: V:1, FILE:rsa_pub.pem, TYPE:pub_key "
   echo "# $expected_output_info">&3
-  assert_equal "$output" "$expected_output_info"
+  assert_output --partial "RSA PublicKey:"
+  assert_output --partial "V:1"
+  assert_output --partial "FILE:rsa_pub.pem"
+  assert_output --partial "TYPE:pub_key"
 
   # ensure encrypted container can be decrypted successfully
   run run_alias cdoc-cli decrypt -f $TEST_VECTORS_V_1_2/$existing_test_vector -k $CLI_KEYS_DIR/rsa_priv.pem -o $TEST_RESULTS_DIR
@@ -449,7 +465,10 @@ EOF
   assertSuccessfulExitCode
   local expected_output_info="SymmetricKey: V:1, LABEL:$SECRET_LABEL, TYPE:secret "
   echo "# $expected_output_info">&3
-  assert_equal "$output" "$expected_output_info"
+  assert_output --partial "SymmetricKey:"
+  assert_output --partial "V:1"
+  assert_output --partial "LABEL:$SECRET_LABEL"
+  assert_output --partial "TYPE:secret"
 
   rm -f $TEST_RESULTS_DIR/$cdoc_file
 }
@@ -463,7 +482,10 @@ EOF
   assertSuccessfulExitCode
   local expected_output_info="SymmetricKey: V:1, LABEL:$SECRET_LABEL, FILE:$existing_test_vector, TYPE:secret "
   echo "# $expected_output_info">&3
-  assert_equal "$output" "$expected_output_info"
+  assert_output --partial "SymmetricKey:"
+  assert_output --partial "V:1"
+  assert_output --partial "LABEL:$SECRET_LABEL"
+  assert_output --partial "TYPE:secret"
 
   # ensure encrypted container can be decrypted successfully
   echo "# Decrypting ${existing_test_vector}">&3
@@ -486,7 +508,10 @@ EOF
   assertSuccessfulExitCode
   local expected_output_info="Password: V:1, LABEL:${PW_LABEL}, TYPE:pw "
   echo "# $expected_output_info">&3
-  assert_equal "$output" "$expected_output_info"
+  assert_output --partial "Password:"
+  assert_output --partial "V:1"
+  assert_output --partial "LABEL:${PW_LABEL}"
+  assert_output --partial "TYPE:pw"
 
   rm -f $TEST_RESULTS_DIR/$cdoc_file
 }
@@ -500,7 +525,10 @@ EOF
   assertSuccessfulExitCode
   local expected_output_info="Password: V:1, LABEL:${PW_LABEL}, TYPE:pw "
   echo "# $expected_output_info">&3
-  assert_equal "$output" "$expected_output_info"
+  assert_output --partial "Password:"
+  assert_output --partial "V:1"
+  assert_output --partial "LABEL:${PW_LABEL}"
+  assert_output --partial "TYPE:pw"
 
   # ensure encrypted container can be decrypted successfully
   echo "# Decrypting ${existing_test_vector}">&3