Finally: Add _real_ server authentication. (this challengeresponse thing)

2 files changed, 189 insertions, 131 deletions

diff --git a/src/test/java/org/openslx/imagemaster/AppTest.java b/src/test/java/org/openslx/imagemaster/AppTest.java
index 291206b..2b20b77 100644
--- a/src/test/java/org/openslx/imagemaster/AppTest.java
+++ b/src/test/java/org/openslx/imagemaster/AppTest.java
@@ -1,38 +1,25 @@
 package org.openslx.imagemaster;
 
-import java.io.FileInputStream;
+import java.io.FileNotFoundException;
 import java.io.IOException;
-import java.io.InputStream;
-import java.net.ConnectException;
-import java.net.SocketException;
-import java.util.Date;
-import java.util.UUID;
+import java.security.InvalidKeyException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SignatureException;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateException;
 
 import junit.framework.Test;
 import junit.framework.TestCase;
 import junit.framework.TestSuite;
 
-import org.apache.commons.net.ftp.FTP;
-import org.apache.commons.net.ftp.FTPClient;
-import org.apache.commons.net.ftp.FTPReply;
-import org.apache.thrift.TException;
-import org.apache.thrift.protocol.TBinaryProtocol;
-import org.apache.thrift.protocol.TProtocol;
-import org.apache.thrift.transport.TSocket;
-import org.apache.thrift.transport.TTransport;
-import org.openslx.imagemaster.thrift.iface.FtpCredentials;
-import org.openslx.imagemaster.thrift.iface.ImageData;
-import org.openslx.imagemaster.thrift.iface.ImageServer.Client;
-import org.openslx.imagemaster.thrift.iface.ServerSessionData;
-import org.openslx.imagemaster.thrift.iface.SessionData;
-import org.openslx.imagemaster.thrift.iface.UserInfo;
+import org.openslx.imagemaster.util.AsymMessageSign;
 import org.openslx.imagemaster.util.Sha512Crypt;
 
 /**
  * Unit test for simple App.
  */
-public class AppTest
-		extends TestCase
+public class AppTest extends TestCase
 {
 
 	/**
@@ -61,117 +48,16 @@ public class AppTest
 		assertTrue( true );
 	}
 
-	/**
-	 * Test the authentication
-	 * 
-	 * @throws TException
-	 */
-	public void testAuthentication() throws TException
-	{
-		TTransport transport = new TSocket( "localhost", 9090 );
-		transport.open();
-
-		TProtocol protocol = new TBinaryProtocol( transport );
-		Client client = new Client( protocol );
-
-		assertTrue( "Could not ping server", client.ping() );
-
-		SessionData sessionData = client.authenticate( "ns202", "xxxxxxxxxxxx" );
-		UserInfo userInfo = client.getUserFromToken( sessionData.getAuthToken() );
-		System.out.println( "User info: " + userInfo );
-		System.out.println( "Server address from MySQL: " + sessionData.serverAddress );
-	}
-
-	/**
-	 * Test the server authentication and FTP Upload.
-	 * 
-	 * @throws TException
-	 * @throws IOException
-	 * @throws SocketException
-	 */
-	public void testServerAuth() throws TException, SocketException, IOException
-	{
-		TTransport transport = new TSocket( "localhost", 9090 );
-		transport.open();
-
-		TProtocol protocol = new TBinaryProtocol( transport );
-		Client client = new Client( protocol );
-
-		assertTrue( "Could not ping server", client.ping() );
-
-		String stringToEncrypt = client.startServerAuthentication( "Test Organization" );
-		System.out.println( "Authentication started. Got string: " + stringToEncrypt );
-
-		String response = stringToEncrypt;
-
-		ServerSessionData data = client.serverAuthenticate( "Test Organization", response );
-		System.out.println( "Authenticated and got sid: '" + data.getSessionId() + "'" );
-
-		// Create ImageData
-		int version = 1;
-		String imageName = "maschine.vmkd";
-		UUID uuid = UUID.randomUUID();
-		int imageCreateTime = (int)new Date().getTime();
-		int imageUpdateTime = imageCreateTime;
-		String imageOwner = "ns202";
-		String contentOperatingSystem = "win7";
-		boolean statusIsValid = true;
-		boolean statusIsDeleted = false;
-		String imageShortDescrption = "EIN SUPER TOLLES IMAGE!";
-		String imageLongDescription = "Lorem ipsum dolor sit amet.";
-
-		ImageData imageData = new ImageData( uuid.toString(), version, imageName,
-				imageCreateTime, imageUpdateTime, imageOwner, contentOperatingSystem,
-				statusIsValid, statusIsDeleted, imageShortDescrption, imageLongDescription );
-
-		System.out.println( "Created imageData" );
-
-		FtpCredentials ftpCredentials = client.submitImage( data.sessionId, imageData );
-		System.out.println( "Got FTP credentials. User: " + ftpCredentials.username + ", password: " + ftpCredentials.password );
-
-		FTPClient FtpClient = new FTPClient();
-		String host = "localhost";
-		int port = 2221;
-		String user = ftpCredentials.username;
-		String password = ftpCredentials.password;
-		String fileName = "/home/nils/file_to_upload.bin";
-
-		try {
-			FtpClient.connect( host, port );
-			System.out.println( "Connected to " + host + ":" + port + ". Reply code: " + FtpClient.getReplyCode() );
-			if ( !FTPReply.isPositiveCompletion( FtpClient.getReplyCode() ) ) {
-				ConnectException ce = new ConnectException( "No positive reply code." );
-				throw ce;
-			}
-			if ( !FtpClient.login( user, password ) ) {
-				ConnectException ce = new ConnectException( "Could not login." );
-				throw ce;
-			}
-			System.out.println( "Logged in with user: " + user );
-			FtpClient.setFileType( FTP.BINARY_FILE_TYPE );
-			FtpClient.enterLocalPassiveMode();
-			System.out.println( "Entered PASSIVE MODE" );
-			InputStream input = new FileInputStream( fileName );
-			System.out.print( "Starting file upload ... " );
-			FtpClient.storeFile( "xcvb.vmdk", input );
-			System.out.println( "done." );
-			FtpClient.noop();
-			client.finshedUpload( data.sessionId, imageData );
-		} finally {
-			if ( FtpClient.isConnected() ) {
-				try {
-					FtpClient.logout();
-					FtpClient.disconnect();
-				} catch ( IOException e ) {
-					e.printStackTrace();
-				}
-			}
-		}
-
-	}
-
 	public void testSha512_Crypt()
 	{
 		Sha512Crypt.selfTest();
 	}
+	
+	public void testMessageSigning() throws UnrecoverableKeyException, InvalidKeyException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, KeyStoreException, SignatureException, IOException {
+		String asdf = "Hallo";
+		AsymMessageSign mySigner = new AsymMessageSign( "ftp", "password", "./config/keystore.jks" );
+		byte[] signedMessage = mySigner.signMessage( asdf );
+		System.out.println("The signed message: " + signedMessage + " with length: " + signedMessage.length);
+		assertTrue("Message could not be verified.", mySigner.verifyMessage( signedMessage, asdf.getBytes() ));
+	}
 }
diff --git a/src/test/java/org/openslx/imagemaster/ServerTest.java b/src/test/java/org/openslx/imagemaster/ServerTest.java
new file mode 100644
index 0000000..c791f52
--- /dev/null
+++ b/src/test/java/org/openslx/imagemaster/ServerTest.java
@@ -0,0 +1,172 @@
+package org.openslx.imagemaster;
+
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.ConnectException;
+import java.net.SocketException;
+import java.nio.ByteBuffer;
+import java.security.InvalidKeyException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SignatureException;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateException;
+import java.util.Date;
+import java.util.UUID;
+
+import org.apache.commons.net.ftp.FTP;
+import org.apache.commons.net.ftp.FTPClient;
+import org.apache.commons.net.ftp.FTPReply;
+import org.apache.thrift.TException;
+import org.apache.thrift.protocol.TBinaryProtocol;
+import org.apache.thrift.protocol.TProtocol;
+import org.apache.thrift.transport.TSocket;
+import org.apache.thrift.transport.TTransport;
+import org.openslx.imagemaster.thrift.iface.FtpCredentials;
+import org.openslx.imagemaster.thrift.iface.ImageData;
+import org.openslx.imagemaster.thrift.iface.ServerSessionData;
+import org.openslx.imagemaster.thrift.iface.SessionData;
+import org.openslx.imagemaster.thrift.iface.UserInfo;
+import org.openslx.imagemaster.thrift.iface.ImageServer.Client;
+import org.openslx.imagemaster.util.AsymMessageSign;
+
+import junit.framework.TestCase;
+
+
+public class ServerTest extends TestCase
+{
+	@Override
+	public void setUp() throws Exception {
+		// start the server
+//		Thread t = new Thread(new Runnable() {
+//			
+//			@Override
+//			public void run()
+//			{
+//				App.main( null );
+//			}
+//		}, "App");
+//		t.start();
+//		Thread.sleep( 2000 );
+	}
+	
+	/**
+	 * Test the authentication
+	 * 
+	 * @throws TException
+	 */
+	public void testAuthentication() throws TException
+	{
+		TTransport transport = new TSocket( "localhost", 9090 );
+		transport.open();
+
+		TProtocol protocol = new TBinaryProtocol( transport );
+		Client client = new Client( protocol );
+
+		assertTrue( "Could not ping server", client.ping() );
+
+		SessionData sessionData = client.authenticate( "ns202", "xxxxxxxxxxxx" );
+		UserInfo userInfo = client.getUserFromToken( sessionData.getAuthToken() );
+		System.out.println( "User info: " + userInfo );
+		System.out.println( "Server address from MySQL: " + sessionData.serverAddress );
+	}
+
+	/**
+	 * Test the server authentication and FTP Upload.
+	 * 
+	 * @throws TException
+	 * @throws IOException
+	 * @throws SocketException
+	 * @throws KeyStoreException 
+	 * @throws CertificateException 
+	 * @throws NoSuchAlgorithmException 
+	 * @throws UnrecoverableKeyException 
+	 * @throws SignatureException 
+	 * @throws InvalidKeyException 
+	 */
+	public void testServerAuthAndFtpUpload() throws TException, SocketException, IOException, UnrecoverableKeyException, NoSuchAlgorithmException, CertificateException, KeyStoreException, InvalidKeyException, SignatureException
+	{
+		TTransport transport = new TSocket( "localhost", 9090 );
+		transport.open();
+
+		TProtocol protocol = new TBinaryProtocol( transport );
+		Client client = new Client( protocol );
+
+		assertTrue( "Could not ping server", client.ping() );
+
+		String stringToEncrypt = client.startServerAuthentication( "Test Organization" );
+		System.out.println( "Authentication started. Got string: " + stringToEncrypt );
+
+		AsymMessageSign messageSigner = new AsymMessageSign( "ftp", "password", "./config/keystore.jks" );
+		byte[] response = messageSigner.signMessage( stringToEncrypt );
+		
+		System.out.println( "Signed string: " + response );
+		ByteBuffer bBuffer = ByteBuffer.wrap( response );
+
+		ServerSessionData data = client.serverAuthenticate( "Test Organization", bBuffer );
+		System.out.println( "Authenticated and got sid: '" + data.getSessionId() + "'" );
+
+		// Create ImageData
+		int version = 1;
+		String imageName = "maschine.vmkd";
+		UUID uuid = UUID.randomUUID();
+		int imageCreateTime = (int)new Date().getTime();
+		int imageUpdateTime = imageCreateTime;
+		String imageOwner = "ns202";
+		String contentOperatingSystem = "win7";
+		boolean statusIsValid = true;
+		boolean statusIsDeleted = false;
+		String imageShortDescrption = "EIN SUPER TOLLES IMAGE!";
+		String imageLongDescription = "Lorem ipsum dolor sit amet.";
+
+		ImageData imageData = new ImageData( uuid.toString(), version, imageName,
+				imageCreateTime, imageUpdateTime, imageOwner, contentOperatingSystem,
+				statusIsValid, statusIsDeleted, imageShortDescrption, imageLongDescription );
+
+		System.out.println( "Created imageData" );
+
+		FtpCredentials ftpCredentials = client.submitImage( data.sessionId, imageData );
+		System.out.println( "Got FTP credentials. User: " + ftpCredentials.username + ", password: " + ftpCredentials.password );
+
+		FTPClient FtpClient = new FTPClient();
+		String host = "localhost";
+		int port = 2221;
+		String user = ftpCredentials.username;
+		String password = ftpCredentials.password;
+		String fileName = "/home/nils/file_to_upload.bin";
+
+		try {
+			FtpClient.connect( host, port );
+			System.out.println( "Connected to " + host + ":" + port + ". Reply code: " + FtpClient.getReplyCode() );
+			if ( !FTPReply.isPositiveCompletion( FtpClient.getReplyCode() ) ) {
+				ConnectException ce = new ConnectException( "No positive reply code." );
+				throw ce;
+			}
+			if ( !FtpClient.login( user, password ) ) {
+				ConnectException ce = new ConnectException( "Could not login." );
+				throw ce;
+			}
+			System.out.println( "Logged in with user: " + user );
+			FtpClient.setFileType( FTP.BINARY_FILE_TYPE );
+			FtpClient.enterLocalPassiveMode();
+			System.out.println( "Entered PASSIVE MODE" );
+			InputStream input = new FileInputStream( fileName );
+			System.out.print( "Starting file upload ... " );
+			FtpClient.storeFile( "xcvb.vmdk", input );
+			System.out.println( "done." );
+			FtpClient.noop();
+			client.finshedUpload( data.sessionId, imageData );
+		} finally {
+			if ( FtpClient.isConnected() ) {
+				try {
+					FtpClient.logout();
+					FtpClient.disconnect();
+				} catch ( IOException e ) {
+					e.printStackTrace();
+				}
+			}
+		}
+
+	}
+}