net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImplTest.java Source code

Java tutorial

Introduction

Here is the source code for net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImplTest.java

Source

/*******************************************************************************
 * Copyright (C) 2008-2010 The University of Manchester   
 * 
 *  Modifications to the initial code base are copyright of their
 *  respective authors, or their employers as appropriate.
 * 
 *  This program is free software; you can redistribute it and/or
 *  modify it under the terms of the GNU Lesser General Public License
 *  as published by the Free Software Foundation; either version 2.1 of
 *  the License, or (at your option) any later version.
 *    
 *  This program is distributed in the hope that it will be useful, but
 *  WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  Lesser General Public License for more details.
 *    
 *  You should have received a copy of the GNU Lesser General Public
 *  License along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
 ******************************************************************************/
package net.sf.taverna.t2.security.credentialmanager.impl;

import static org.junit.Assert.*;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.List;
import java.util.Random;

import javax.net.ssl.SSLSocketFactory;

import net.sf.taverna.t2.lang.observer.Observable;
import net.sf.taverna.t2.lang.observer.Observer;
import net.sf.taverna.t2.security.credentialmanager.CMException;
import net.sf.taverna.t2.security.credentialmanager.CredentialManager;
import net.sf.taverna.t2.security.credentialmanager.CredentialManager.KeystoreType;
import net.sf.taverna.t2.security.credentialmanager.JavaTruststorePasswordProvider;
import net.sf.taverna.t2.security.credentialmanager.KeystoreChangedEvent;
import net.sf.taverna.t2.security.credentialmanager.MasterPasswordProvider;
import net.sf.taverna.t2.security.credentialmanager.ServiceUsernameAndPasswordProvider;
import net.sf.taverna.t2.security.credentialmanager.TrustConfirmationProvider;
import net.sf.taverna.t2.security.credentialmanager.UsernamePassword;

import org.apache.commons.io.FileUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.junit.After;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;

/**
 * Tests here should not require Java strong/unlimited cryptography policy to be
 * installed, although if something goes wrong that is the first thing to be
 * checked for.
 * <p>
 * Java by default comes with the weak policy that disables the use of certain
 * cryto algorithms and bigger key sizes. Although it is claimed that as of Java
 * 6 the default policy is strong, we have seen otherwise, so make sure you
 * install it.
 * <p>
 * For Java 6, strong/unlimited cryptography policy can be downloaded (together
 * with the installation instructions) from:
 * http://www.oracle.com/technetwork/java
 * /javase/downloads/jce-6-download-429243.html
 * <p>
 * An empty Keystore/Truststore is created before each test so we always start
 * afresh (see the {@link #setUp()} method).
 * 
 * @author Alex Nenadic
 *
 */
public class CredentialManagerImplTest {

    private CredentialManagerImpl credentialManager;
    private String masterPassword = "uber";
    private DummyMasterPasswordProvider masterPasswordProvider;
    private File credentialManagerDirectory;

    private static UsernamePassword usernamePassword;
    private static URI serviceURI;

    private static Key privateKey;
    private static Certificate[] privateKeyCertChain;
    private static URL privateKeyFileURL = CredentialManagerImplTest.class
            .getResource("/security/test-private-key-cert.p12");
    private static final String privateKeyAndPKCS12KeystorePassword = "test"; // password for the test PKCS#12 keystore in resources

    private static X509Certificate trustedCertficate;
    private static URL trustedCertficateFileURL = CredentialManagerImplTest.class
            .getResource("/security/google-trusted-certificate.pem");

    private static Observer<KeystoreChangedEvent> keystoreChangedObserver;

    /**
     * @throws java.lang.Exception
     */
    @BeforeClass
    public static void setUpBeforeClass() throws Exception {

        // Just in case, add the BouncyCastle provider
        // It gets added from the CredentialManagerImpl constructor as well
        // but we may need some crypto operations before we invoke the Cred. Manager 
        Security.addProvider(new BouncyCastleProvider());

        // Create a test username and password for a service
        serviceURI = new URI("http://someservice");
        usernamePassword = new UsernamePassword("testuser", "testpasswd");

        // Load the test private key and its certificate
        File privateKeyCertFile = new File(privateKeyFileURL.getPath());
        KeyStore pkcs12Keystore = java.security.KeyStore.getInstance("PKCS12", "BC"); // We have to use the BC provider here as the certificate chain is not loaded if we use whichever provider is first in Java!!!
        FileInputStream inStream = new FileInputStream(privateKeyCertFile);
        pkcs12Keystore.load(inStream, privateKeyAndPKCS12KeystorePassword.toCharArray());
        // KeyStore pkcs12Keystore = credentialManager.loadPKCS12Keystore(privateKeyCertFile, privateKeyPassword);
        Enumeration<String> aliases = pkcs12Keystore.aliases();
        while (aliases.hasMoreElements()) {
            // The test-private-key-cert.p12 file contains only one private key
            // and corresponding certificate entry
            String alias = aliases.nextElement();
            if (pkcs12Keystore.isKeyEntry(alias)) { // is it a (private) key entry?
                privateKey = pkcs12Keystore.getKey(alias, privateKeyAndPKCS12KeystorePassword.toCharArray());
                privateKeyCertChain = pkcs12Keystore.getCertificateChain(alias);
                break;
            }
        }
        inStream.close();

        // Load the test trusted certificate (belonging to *.Google.com)
        File trustedCertFile = new File(trustedCertficateFileURL.getPath());
        inStream = new FileInputStream(trustedCertFile);
        CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
        trustedCertficate = (X509Certificate) certFactory.generateCertificate(inStream);
        try {
            inStream.close();
        } catch (Exception e) {
            // Ignore
        }

        keystoreChangedObserver = new Observer<KeystoreChangedEvent>() {
            @Override
            public void notify(Observable<KeystoreChangedEvent> sender, KeystoreChangedEvent message)
                    throws Exception {
                // TODO Auto-generated method stub
            }
        };
    }

    /**
     * @throws java.lang.Exception
     */
    @Before
    public void setUp() throws Exception {
        credentialManager = new CredentialManagerImpl();
        Random randomGenerator = new Random();
        String credentialManagerDirectoryPath = System.getProperty("java.io.tmpdir")
                + System.getProperty("file.separator") + "taverna-security-" + randomGenerator.nextInt(1000000);
        System.out.println("Credential Manager's directory path: " + credentialManagerDirectoryPath);
        credentialManagerDirectory = new File(credentialManagerDirectoryPath);
        credentialManager.setConfigurationDirectoryPath(credentialManagerDirectory);

        // Create the dummy master password provider
        masterPasswordProvider = new DummyMasterPasswordProvider();
        masterPasswordProvider.setMasterPassword(masterPassword);
        List<MasterPasswordProvider> masterPasswordProviders = new ArrayList<MasterPasswordProvider>();
        masterPasswordProviders.add(masterPasswordProvider);
        credentialManager.setMasterPasswordProviders(masterPasswordProviders);

        // Set an empty list for service username and password providers
        credentialManager
                .setServiceUsernameAndPasswordProviders(new ArrayList<ServiceUsernameAndPasswordProvider>());

        credentialManager.setJavaTruststorePasswordProviders(new ArrayList<JavaTruststorePasswordProvider>());

        credentialManager.setTrustConfirmationProviders(new ArrayList<TrustConfirmationProvider>());

    }

    @After
    // Clean up the credentialManagerDirectory we created for testing
    public void cleanUp() throws IOException {
        //      assertTrue(credentialManagerDirectory.exists());
        //      assertFalse(credentialManagerDirectory.listFiles().length == 0); // something was created there

        if (credentialManagerDirectory.exists()) {
            FileUtils.deleteDirectory(credentialManagerDirectory);
            System.out.println(
                    "Deleting Credential Manager's directory: " + credentialManagerDirectory.getAbsolutePath());
        }
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#CredentialManagerImpl()}.
     * @throws CMException 
     */
    @Test
    public void testCredentialManagerImpl() throws CMException {
        new CredentialManagerImpl();
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getUsernameAndPasswordForService(java.net.URI, boolean, java.lang.String)}.
     * @throws URISyntaxException 
     * @throws CMException 
     */
    @Test
    public void testGetUsernameAndPasswordForServiceURI() throws URISyntaxException, CMException {
        // The Credential Manage's Keystore is empty so we should not be able to find anything initially
        assertNull(credentialManager.getUsernameAndPasswordForService(serviceURI, false, ""));

        credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI);

        UsernamePassword testUsernamePassword = credentialManager.getUsernameAndPasswordForService(serviceURI,
                false, "");
        assertNotNull(testUsernamePassword);
        assertTrue(Arrays.equals(usernamePassword.getPassword(), testUsernamePassword.getPassword()));
        assertTrue(usernamePassword.getUsername().equals(testUsernamePassword.getUsername()));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#addUsernameAndPasswordForService(net.sf.taverna.t2.security.credentialmanager.UsernamePassword, java.net.URI)}.
     * @throws URISyntaxException 
     * @throws CMException 
     */
    @Test
    public void testAddUsernameAndPasswordForService() throws CMException, URISyntaxException {

        String alias = credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI);

        UsernamePassword testUsernamePassword = credentialManager.getUsernameAndPasswordForService(serviceURI,
                false, "");
        assertNotNull(testUsernamePassword);
        assertTrue(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.KEYSTORE, alias));
        assertTrue(Arrays.equals(usernamePassword.getPassword(), testUsernamePassword.getPassword()));
        assertTrue(usernamePassword.getUsername().equals(testUsernamePassword.getUsername()));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#hasUsernamePasswordForService(java.net.URI)}.
     * @throws CMException 
     */
    @Test
    public void testHasUsernamePasswordForService() throws CMException {

        UsernamePassword testUsernamePassword = credentialManager.getUsernameAndPasswordForService(serviceURI,
                false, "");
        assertNull(testUsernamePassword);

        String alias = credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI);
        testUsernamePassword = credentialManager.getUsernameAndPasswordForService(serviceURI, false, "");
        assertNotNull(testUsernamePassword);
        assertTrue(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.KEYSTORE, alias));
        assertTrue(Arrays.equals(usernamePassword.getPassword(), testUsernamePassword.getPassword()));
        assertTrue(usernamePassword.getUsername().equals(testUsernamePassword.getUsername()));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#deleteUsernameAndPasswordForService(java.net.URI)}.
     * @throws URISyntaxException 
     * @throws CMException 
     */
    @Test
    public void testDeleteUsernameAndPasswordForServiceURI() throws URISyntaxException, CMException {

        // The Credential Manage's Keystore is empty initially so this should 
        // have no effect apart from initializing the Keystore/Truststore
        credentialManager.deleteUsernameAndPasswordForService(serviceURI);

        credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI);
        credentialManager.deleteUsernameAndPasswordForService(serviceURI);

        assertNull(credentialManager.getUsernameAndPasswordForService(serviceURI, false, ""));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#addKeyPair(java.security.Key, java.security.cert.Certificate[])}.
     * @throws CMException 
     * @throws KeyStoreException 
     * @throws NoSuchAlgorithmException 
     * @throws UnrecoverableKeyException 
     * @throws IOException 
     * @throws FileNotFoundException 
     * @throws CertificateException 
     */
    @Test
    public void testAddKeyPair() throws CMException, KeyStoreException, UnrecoverableKeyException,
            NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {

        String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
        assertTrue(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
        assertTrue(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.KEYSTORE, alias));

        credentialManager.deleteKeyPair(alias);
        assertFalse(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
        assertFalse(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.KEYSTORE, alias));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#hasKeyPair(java.security.Key, java.security.cert.Certificate[])}.
     * @throws CMException 
     * @throws KeyStoreException 
     * @throws NoSuchAlgorithmException 
     * @throws UnrecoverableKeyException 
     * @throws IOException 
     * @throws FileNotFoundException 
     * @throws CertificateException 
     */
    @Test
    public void testHasKeyPair() throws CMException, KeyStoreException, UnrecoverableKeyException,
            NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
        assertFalse(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
        credentialManager.addKeyPair(privateKey, privateKeyCertChain);
        assertTrue(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#deleteKeyPair(java.lang.String)}.
     * @throws CMException 
     * @throws KeyStoreException 
     * @throws NoSuchAlgorithmException 
     * @throws UnrecoverableKeyException 
     * @throws IOException 
     * @throws FileNotFoundException 
     * @throws CertificateException 
     */
    @Test
    public void testDeleteKeyPair() throws CMException, KeyStoreException, UnrecoverableKeyException,
            NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
        // The Credential Manage's Keystore is empty initially so this should 
        // have no effect apart from initializing the Keystore/Truststore
        credentialManager.deleteKeyPair("somealias");

        String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
        credentialManager.deleteKeyPair(alias);
        assertFalse(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.KEYSTORE, alias));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#deleteKeyPair(Key, Certificate[])}.
     * @throws CMException 
     */
    @Test
    public void testDeleteKeyPair2() throws CMException, KeyStoreException, UnrecoverableKeyException,
            NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException {
        credentialManager.addKeyPair(privateKey, privateKeyCertChain);
        assertTrue(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
        credentialManager.deleteKeyPair(privateKey, privateKeyCertChain);
        assertFalse(credentialManager.hasKeyPair(privateKey, privateKeyCertChain));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#exportKeyPair(java.lang.String, java.io.File, java.lang.String)}.
     * @throws CMException 
     * @throws KeyStoreException 
     * @throws NoSuchAlgorithmException 
     * @throws UnrecoverableKeyException 
     */
    @Test
    public void testExportKeyPair()
            throws CMException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException {
        String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
        File fileToExportTo = new File(credentialManagerDirectory, "test-export-key.p12");
        credentialManager.exportKeyPair(alias, fileToExportTo, privateKeyAndPKCS12KeystorePassword);
        assertTrue(fileToExportTo.exists());
        // Load it back from the file we just saved
        KeyStore ks = credentialManager.loadPKCS12Keystore(fileToExportTo, privateKeyAndPKCS12KeystorePassword);
        Enumeration<String> aliases = ks.aliases();
        Key newPrivateKey = null;
        Certificate[] newPrivateKeyCerts = null;
        while (aliases.hasMoreElements()) {
            // The test-private-key-cert.p12 file contains only one private key
            // and corresponding certificate entry
            alias = aliases.nextElement();
            if (ks.isKeyEntry(alias)) { // is it a (private) key entry?
                newPrivateKey = ks.getKey(alias, privateKeyAndPKCS12KeystorePassword.toCharArray());
                newPrivateKeyCerts = ks.getCertificateChain(alias);
                break;
            }
        }
        assertNotNull(newPrivateKey);
        assertNotNull(newPrivateKeyCerts);
        //assertTrue(Arrays.equals(newPrivateKey.getEncoded(), privateKey.getEncoded()));
        assertTrue(newPrivateKey.equals(privateKey));
        assertTrue(Arrays.equals(newPrivateKeyCerts, privateKeyCertChain));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getCertificate(java.lang.String, java.lang.String)}.
     * @throws CMException 
     */
    @Test
    public void testGetCertificate() throws CMException {
        String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
        // Get certificate from the Keystore associated with the private key we just inserted
        Certificate privateKeyCertificate = credentialManager
                .getCertificate(CredentialManager.KeystoreType.KEYSTORE, alias);
        assertNotNull(privateKeyCertificate);
        assertTrue(privateKeyCertChain[0].equals(privateKeyCertificate));

        // We should also have some trusted certificates in the Truststore
        // Need to get their aliases
        ArrayList<String> truststoreAliases = credentialManager
                .getAliases(CredentialManager.KeystoreType.TRUSTSTORE);
        assertTrue(!truststoreAliases.isEmpty());
        // Just get the first one
        Certificate trustedCertificate = credentialManager.getCertificate(CredentialManager.KeystoreType.TRUSTSTORE,
                truststoreAliases.get(0));
        assertNotNull(trustedCertificate);
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getKeyPairsCertificateChain(java.lang.String)}.
     * @throws CMException 
     */
    @Test
    public void testGetKeyPairCertificateChain() throws CMException {
        String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
        Certificate[] keyPairCertificateChain = credentialManager.getKeyPairsCertificateChain(alias);
        assertNotNull(keyPairCertificateChain);
        assertTrue(Arrays.equals(privateKeyCertChain, keyPairCertificateChain));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getKeyPairsPrivateKey(java.lang.String)}.
     * @throws CMException 
     */
    @Test
    public void testGetKeyPairsPrivateKey() throws CMException {
        String alias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
        Key prvKey = credentialManager.getKeyPairsPrivateKey(alias);
        assertNotNull(prvKey);
        assertEquals(privateKey, prvKey);
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#addTrustedCertificate(java.security.cert.X509Certificate)}.
     * @throws CMException 
     */
    @Test
    public void testAddTrustedCertificate() throws CMException {

        String alias = credentialManager.addTrustedCertificate(trustedCertficate);
        assertTrue(credentialManager.hasTrustedCertificate(trustedCertficate));
        assertTrue(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.TRUSTSTORE, alias));

        credentialManager.deleteTrustedCertificate(alias);
        assertFalse(credentialManager.hasTrustedCertificate(trustedCertficate));
        assertFalse(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.TRUSTSTORE, alias));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#createTrustedCertificateAlias(java.security.cert.X509Certificate)}.
     * @throws CMException 
     */
    @Test
    public void testGetX509CertificateAlias() throws CMException {

        String alias = credentialManager.createTrustedCertificateAlias(trustedCertficate);
        String alias2 = credentialManager.addTrustedCertificate(trustedCertficate);
        assertEquals(alias, alias2);

    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#deleteTrustedCertificate(java.lang.String)}.
     * @throws CMException 
     */
    @Test
    public void testDeleteTrustedCertificate() throws CMException {
        // The Credential Manage's Truststore is empty initially so this should 
        // have no effect apart from initializing the Keystore/Truststore
        credentialManager.deleteTrustedCertificate("somealias");

        String alias = credentialManager.addTrustedCertificate(trustedCertficate);
        assertTrue(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.TRUSTSTORE, alias));
        credentialManager.deleteTrustedCertificate(alias);
        assertFalse(credentialManager.hasTrustedCertificate(trustedCertficate));
        assertFalse(credentialManager.hasEntryWithAlias(CredentialManager.KeystoreType.TRUSTSTORE, alias));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#deleteTrustedCertificate(X509Certificate)}.
     * @throws CMException 
     */
    @Test
    public void testDeleteTrustedCertificate2() throws CMException {

        credentialManager.addTrustedCertificate(trustedCertficate);
        assertTrue(credentialManager.hasTrustedCertificate(trustedCertficate));
        credentialManager.deleteTrustedCertificate(trustedCertficate);
        assertFalse(credentialManager.hasTrustedCertificate(trustedCertficate));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#isKeyEntry(java.lang.String)}.
     * @throws CMException 
     */
    @Test
    public void testIsKeyEntry() throws CMException {
        // The Credential Manage's Keystore/Truststore is empty initially so this should 
        // have no effect apart from initializing them
        // This should throw an exception
        assertFalse(credentialManager.isKeyEntry("somealias"));

        String aliasPassword = credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI);
        String aliasKeyPair = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
        String aliasTrustedCert = credentialManager.addTrustedCertificate(trustedCertficate);

        assertTrue(credentialManager.isKeyEntry(aliasPassword)); // passwords are saves as symmetric key entries
        assertTrue(credentialManager.isKeyEntry(aliasKeyPair));
        assertFalse(credentialManager.isKeyEntry(aliasTrustedCert));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#hasEntryWithAlias(java.lang.String, java.lang.String)}.
     * @throws CMException 
     */
    @Test
    public void testHasEntryWithAlias() throws CMException {

        String aliasTrustedCert = credentialManager.createTrustedCertificateAlias(trustedCertficate);
        assertFalse(credentialManager.hasEntryWithAlias(KeystoreType.TRUSTSTORE, aliasTrustedCert));

        String aliasTrustedCert2 = credentialManager.addTrustedCertificate(trustedCertficate);
        assertTrue(credentialManager.hasEntryWithAlias(KeystoreType.TRUSTSTORE, aliasTrustedCert2));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getAliases(net.sf.taverna.t2.security.credentialmanager.CredentialManager.KeystoreType)}.
     * @throws CMException 
     */
    @Test
    public void testGetAliases() throws CMException {

        ArrayList<String> keystoreAliases = credentialManager.getAliases(KeystoreType.KEYSTORE);
        ArrayList<String> truststoreAliases = credentialManager.getAliases(KeystoreType.TRUSTSTORE);

        // Initially Keystore/Truststore is empty
        assertTrue(keystoreAliases.isEmpty());

        String aliasPassword = credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI);
        String aliasKeyPair = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
        String aliasTrustedCert = credentialManager.addTrustedCertificate(trustedCertficate);

        keystoreAliases = credentialManager.getAliases(KeystoreType.KEYSTORE);
        truststoreAliases = credentialManager.getAliases(KeystoreType.TRUSTSTORE);

        assertTrue(keystoreAliases.size() == 2);
        assertTrue(truststoreAliases.size() >= 1); // we at least have the one we inserted but could be more copied from Java's defauls truststore

        assertTrue(keystoreAliases.contains(aliasPassword));
        assertTrue(keystoreAliases.contains(aliasKeyPair));
        assertTrue(truststoreAliases.contains(aliasTrustedCert));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getServiceURIsForAllUsernameAndPasswordPairs()}.
     * @throws CMException 
     * @throws URISyntaxException 
     */
    @Test
    public void testGetServiceURIsForAllUsernameAndPasswordPairs() throws CMException, URISyntaxException {
        // Initially empty so this
        assertTrue(credentialManager.getServiceURIsForAllUsernameAndPasswordPairs().isEmpty());

        credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI);

        URI serviceURI2 = new URI("http://someservice2");
        UsernamePassword usernamePassword2 = new UsernamePassword("testuser2", "testpasswd2");
        credentialManager.addUsernameAndPasswordForService(usernamePassword2, serviceURI2);

        List<URI> serviceURIs = credentialManager.getServiceURIsForAllUsernameAndPasswordPairs();
        assertTrue(credentialManager.getServiceURIsForAllUsernameAndPasswordPairs().size() == 2);
        assertTrue(serviceURIs.contains(serviceURI));
        assertTrue(serviceURIs.contains(serviceURI2));

    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#loadPKCS12Keystore(java.io.File, java.lang.String)}.
     * @throws CMException 
     * @throws KeyStoreException 
     * @throws NoSuchAlgorithmException 
     * @throws UnrecoverableKeyException 
     */
    @Test
    public void testLoadPKCS12Keystore()
            throws CMException, KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException {
        KeyStore pkcs12Keystore = credentialManager.loadPKCS12Keystore(new File(privateKeyFileURL.getPath()),
                privateKeyAndPKCS12KeystorePassword);

        Key privateKey2 = null;
        Certificate[] privateKeyCertChain2 = null;

        Enumeration<String> aliases = pkcs12Keystore.aliases();
        while (aliases.hasMoreElements()) {
            // The test-private-key-cert.p12 file contains only one private key
            // and corresponding certificate entry
            String alias = aliases.nextElement();
            if (pkcs12Keystore.isKeyEntry(alias)) { // is it a (private) key entry?
                privateKey2 = pkcs12Keystore.getKey(alias, privateKeyAndPKCS12KeystorePassword.toCharArray());
                privateKeyCertChain2 = pkcs12Keystore.getCertificateChain(alias);
                break;
            }
        }
        assertNotNull(privateKey2);
        assertNotNull(privateKeyCertChain2);
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#addObserver(net.sf.taverna.t2.lang.observer.Observer)}.
     */
    @Test
    public void testAddObserver() {

        credentialManager.addObserver(keystoreChangedObserver);
        assertEquals(keystoreChangedObserver, credentialManager.getObservers().get(0));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getObservers()}.
     */
    @Test
    public void testGetObservers() {
        // Initially there are no observers
        assertTrue(credentialManager.getObservers().isEmpty());

        credentialManager.addObserver(keystoreChangedObserver);

        assertEquals(keystoreChangedObserver, credentialManager.getObservers().get(0));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#removeObserver(net.sf.taverna.t2.lang.observer.Observer)}.
     */
    @Test
    public void testRemoveObserver() {
        credentialManager.addObserver(keystoreChangedObserver);
        assertTrue(credentialManager.getObservers().size() == 1);
        credentialManager.removeObserver(keystoreChangedObserver);
        assertTrue(credentialManager.getObservers().size() == 0);
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#confirmMasterPassword(java.lang.String)}.
     * @throws CMException 
     */
    @Test
    public void testConfirmMasterPassword() throws CMException {
        credentialManager.confirmMasterPassword("uber");
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#changeMasterPassword(java.lang.String)}.
     * @throws CMException 
     */
    @Test
    public void testChangeMasterPassword() throws CMException {
        // Test the changeMasterPassword() method first to see if 
        // it will initialize Credential Manager properly
        credentialManager.changeMasterPassword("blah");
        credentialManager.confirmMasterPassword("blah");

        // Add new stuff - key pair and password entries - under the new master password
        String keyPairAlias = credentialManager.addKeyPair(privateKey, privateKeyCertChain);
        credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI);

        // Change the master password again and try to retrieve the private key and password
        credentialManager.changeMasterPassword("hlab");
        assertArrayEquals(credentialManager.getUsernameAndPasswordForService(serviceURI, false, "").getPassword(),
                usernamePassword.getPassword());
        assertEquals(privateKey, credentialManager.getKeyPairsPrivateKey(keyPairAlias));
        assertTrue(Arrays.equals(privateKeyCertChain, credentialManager.getKeyPairsCertificateChain(keyPairAlias)));

        // Load the Credential Manager back from the saved file to see of entries will be picked up properly
        CredentialManagerImpl credentialManagerNew = null;
        credentialManagerNew = new CredentialManagerImpl();
        credentialManagerNew.setConfigurationDirectoryPath(credentialManagerDirectory);

        // Create the dummy master password provider
        masterPasswordProvider = new DummyMasterPasswordProvider();
        masterPasswordProvider.setMasterPassword("hlab");
        List<MasterPasswordProvider> masterPasswordProviders = new ArrayList<>();
        masterPasswordProviders.add(masterPasswordProvider);
        credentialManager.setMasterPasswordProviders(masterPasswordProviders);

        // Set an empty list for service username and password providers
        credentialManagerNew
                .setServiceUsernameAndPasswordProviders(new ArrayList<ServiceUsernameAndPasswordProvider>());

        credentialManager.setJavaTruststorePasswordProviders(new ArrayList<JavaTruststorePasswordProvider>());

        credentialManager.setTrustConfirmationProviders(new ArrayList<TrustConfirmationProvider>());

        assertArrayEquals(credentialManager.getUsernameAndPasswordForService(serviceURI, false, "").getPassword(),
                usernamePassword.getPassword());
        assertEquals(privateKey, credentialManager.getKeyPairsPrivateKey(keyPairAlias));
        assertTrue(Arrays.equals(privateKeyCertChain, credentialManager.getKeyPairsCertificateChain(keyPairAlias)));

    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#initializeSSL()}.
     * @throws CMException 
     */
    @Test
    public void testInitializeSSL() throws CMException {
        //credentialManager.initializeSSL();
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getTavernaSSLSocketFactory()}.
     * @throws CMException 
     */
    @Test
    public void testGetTavernaSSLSocketFactory() throws CMException {
        SSLSocketFactory sslSocketFactory = credentialManager.getTavernaSSLSocketFactory();
        assertNotNull(sslSocketFactory);

        // This should also create Taverna's SSLSocketFactory backed by Credential Manager's Keystore and Truststore
        // if not already created
        credentialManager.initializeSSL();
        assertEquals(sslSocketFactory, credentialManager.getTavernaSSLSocketFactory());

    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#setMasterPasswordProviders(java.util.List)}.
     */
    @Test
    public void testSetMasterPasswordProviders() {

        List<MasterPasswordProvider> masterPasswordProviders = new ArrayList<MasterPasswordProvider>();
        masterPasswordProviders.add(masterPasswordProvider);

        credentialManager.setMasterPasswordProviders(masterPasswordProviders);

        assertTrue(credentialManager.getMasterPasswordProviders().contains(masterPasswordProvider));

        // Set it to null and see what happens
        credentialManager.setMasterPasswordProviders(null);
        assertNull(credentialManager.getMasterPasswordProviders());
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getMasterPasswordProviders()}.
     */
    @Test
    public void testGetMasterPasswordProviders() {

        assertFalse(credentialManager.getMasterPasswordProviders().isEmpty());
        assertTrue(credentialManager.getMasterPasswordProviders().contains(masterPasswordProvider));
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#setJavaTruststorePasswordProviders(java.util.List)}.
     */
    @Test
    public void testSetJavaTruststorePasswordProviders() {

        List<JavaTruststorePasswordProvider> javaTruststorePasswordProviders = new ArrayList<JavaTruststorePasswordProvider>();
        JavaTruststorePasswordProvider javaTruststorePasswordProvider = new DummyJavaTruststorePasswordProvider();
        javaTruststorePasswordProvider.setJavaTruststorePassword("blah");
        javaTruststorePasswordProviders.add(javaTruststorePasswordProvider);

        credentialManager.setJavaTruststorePasswordProviders(javaTruststorePasswordProviders);

        assertTrue(credentialManager.getJavaTruststorePasswordProviders().contains(javaTruststorePasswordProvider));

        // Set it to null and see what happens
        credentialManager.setJavaTruststorePasswordProviders(null);
        assertNull(credentialManager.getJavaTruststorePasswordProviders());
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getJavaTruststorePasswordProviders()}.
     */
    @Test
    public void testGetJavaTruststorePasswordProviders() {

        assertTrue(credentialManager.getJavaTruststorePasswordProviders().isEmpty());
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#setServiceUsernameAndPasswordProviders(java.util.List)}.
     * @throws URISyntaxException 
     */
    @Test
    public void testSetServiceUsernameAndPasswordProviders() throws URISyntaxException {

        List<ServiceUsernameAndPasswordProvider> serviceUsernameAndPasswordProviders = new ArrayList<ServiceUsernameAndPasswordProvider>();
        ServiceUsernameAndPasswordProvider serviceUsernameAndPasswordProvider = new DummyServiceUsernameAndPasswordProvider();
        serviceUsernameAndPasswordProvider.setServiceUsernameAndPassword(new URI("http://someservice"),
                new UsernamePassword("blah", "blah"));
        serviceUsernameAndPasswordProviders.add(serviceUsernameAndPasswordProvider);

        credentialManager.setServiceUsernameAndPasswordProviders(serviceUsernameAndPasswordProviders);

        assertTrue(credentialManager.getServiceUsernameAndPasswordProviders()
                .contains(serviceUsernameAndPasswordProvider));

        // Set it to null and see what happens
        credentialManager.setServiceUsernameAndPasswordProviders(null);
        assertNull(credentialManager.getServiceUsernameAndPasswordProviders());
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getServiceUsernameAndPasswordProviders()}.
     */
    @Test
    public void testGetServiceUsernameAndPasswordProviders() {

        assertTrue(credentialManager.getServiceUsernameAndPasswordProviders().isEmpty());
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#setTrustConfirmationProviders(java.util.List)}.
     * @throws IOException 
     */
    @Test
    public void testSetTrustConfirmationProviders() throws IOException {
        List<TrustConfirmationProvider> trustConfirmationProviders = new ArrayList<TrustConfirmationProvider>();
        TrustConfirmationProvider trustConfirmationProvider = new TrustAlwaysTrustConfirmationProvider();
        trustConfirmationProviders.add(trustConfirmationProvider);

        credentialManager.setTrustConfirmationProviders(trustConfirmationProviders);

        assertTrue(credentialManager.getTrustConfirmationProviders().contains(trustConfirmationProvider));

        // Set it to null and see what happens
        credentialManager.setTrustConfirmationProviders(null);
        assertNull(credentialManager.getTrustConfirmationProviders());
    }

    /**
     * Test method for {@link net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl#getTrustConfirmationProviders()}.
     */
    @Test
    public void testGetTrustConfirmationProviders() {

        assertTrue(credentialManager.getTrustConfirmationProviders().isEmpty());
    }
}