MOSIP-43923

commons-packet/commons-packet-manager/pom.xml

@@ -43,8 +43,8 @@
          <mockito.core.version>3.11.2</mockito.core.version>
         <sonar.coverage.exclusions>**/constants/**,**/config/**,**/audit/**,**/util/**,**/dto/**,**/entity/**,**/model/**,**/exception/**,**/repository/**,**/security/**,**/*Config.java,**/*BootApplication.java,**/*VertxApplication.java,**/cbeffutil/**,**/*Utils.java,**/*Validator.java,**/*Helper.java,**/verticle/**,**/VidWriter.java/**,**/masterdata/utils/**,**/spi/**,**/core/http/**,"**/LocationServiceImpl.java","**/RegistrationCenterMachineServiceImpl.java","**/RegistrationCenterServiceImpl.java","**/pridgenerator/**","**/idgenerator/prid","**/proxy/**","**/cryptosignature/**"</sonar.coverage.exclusions>
         <sonar.cpd.exclusions>**/dto/**,**/entity/**,**/config/**</sonar.cpd.exclusions>
+        <maven.sonar.plugin.version>5.2.0.4988</maven.sonar.plugin.version>
         <jacoco.maven.plugin.version>0.8.11</jacoco.maven.plugin.version>
-
  </properties>
     <dependencyManagement>
 		<dependencies>
@@ -149,6 +149,12 @@
 				<artifactId>mockito-core</artifactId>
 				 <version>${mockito.core.version}</version>
 			</dependency>
+        <dependency>
+            <groupId>org.mockito</groupId>
+            <artifactId>mockito-inline</artifactId>
+            <version>${mockito.core.version}</version>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
 
     <distributionManagement>
@@ -170,9 +176,7 @@
                     <configuration>
                         <skipTests>false</skipTests>
                         <skip>false</skip>
-                        <argLine>
-                             --add-opens java.xml/jdk.xml.internal=ALL-UNNAMED --add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/java.io=ALL-UNNAMED --enable-preview
-                        </argLine>
+                        <argLine>${jacocoArgLine} --add-opens java.xml/jdk.xml.internal=ALL-UNNAMED --add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/java.io=ALL-UNNAMED --enable-preview</argLine>
                     </configuration>
                 </plugin>
             <plugin>
@@ -263,8 +267,26 @@
                  <groupId>org.jacoco</groupId>
                  <artifactId>jacoco-maven-plugin</artifactId>
                  <version>${jacoco.maven.plugin.version}</version>
+                 <configuration>
+                     <propertyName>jacocoArgLine</propertyName>
+                     <excludes>
+                         <exclude>**/constants/**</exclude>
+                         <exclude>**/config/**</exclude>
+                         <exclude>**/audit/**</exclude>
+                         <exclude>**/dto/**</exclude>
+                         <exclude>**/entity/**</exclude>
+                         <exclude>**/model/**</exclude>
+                         <exclude>**/exception/**</exclude>
+                         <exclude>**/*Config.class</exclude>
+                         <exclude>**/*BootApplication.class</exclude>
+                         <exclude>**/*VertxApplication.class</exclude>
+                         <exclude>**/spi/**</exclude>
+                     </excludes>
+                 </configuration>
                  <executions>
                      <execution>
+                        <id>prepare-agent</id>
+                        <phase>initialize</phase>
                          <goals>
                              <goal>prepare-agent</goal>
                          </goals>
@@ -325,4 +347,36 @@
                   <organizationUrl>https://github.com/mosip/commons</organizationUrl>
                 </developer>
         </developers>
+    <profiles>
+        <profile>
+            <id>sonar</id>
+            <properties>
+                <sonar.sources>.</sonar.sources>
+                <sonar.inclusions>src/main/java/**,src/main/resources/**</sonar.inclusions>
+                <sonar.exclusions>${sonar.coverage.exclusions}</sonar.exclusions>
+                <sonar.host.url>https://sonarcloud.io</sonar.host.url>
+            </properties>
+            <activation>
+                <activeByDefault>false</activeByDefault>
+            </activation>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.sonarsource.scanner.maven</groupId>
+                        <artifactId>sonar-maven-plugin</artifactId>
+                        <version>${maven.sonar.plugin.version}</version>
+                        <executions>
+                            <execution>
+                                <phase>verify</phase>
+                                <goals>
+                                    <goal>sonar</goal>
+                                </goals>
+                            </execution>
+                        </executions>
+                    </plugin>
+
+                </plugins>
+            </build>
+        </profile>
+    </profiles>
 	</project>

commons-packet/commons-packet-manager/src/test/java/io/mosip/commons/packet/test/config/TestConfig.java

@@ -45,4 +45,4 @@ public RestTemplate restTemplate()
 
 	}
 
-}
+}

commons-packet/commons-packet-manager/src/test/java/io/mosip/commons/packet/test/dto/packet/RegistrationPacketTest.java

@@ -22,7 +22,7 @@ public void before(){
     }
 
     @Test
-    public void setFields_withArrayOfString_thenPass()
+    public void setFieldsWithArrayOfStringThenPass()
     {
         String arrayOfString="[\"handle1\", \"handle2\", \"handle3\"]";
         registrationPacket.setField("handle",arrayOfString);
@@ -35,7 +35,7 @@ public void setFields_withArrayOfString_thenPass()
     }
 
     @Test
-    public void setFields_withObjectofMap_thenPass()
+    public void setFieldsWithObjectofMapThenPass()
     {
         String arrayofMapAsString="[\n" +
                 "        {\n" +
@@ -56,7 +56,7 @@ public void setFields_withObjectofMap_thenPass()
     }
 
     @Test
-    public void setFields_withHashmap_thenPass()
+    public void setFieldsWithHashmapThenPass()
     {
         String mapAsString="{\n" +
                 "        \"format\": \"pdf\",\n" +
@@ -71,7 +71,7 @@ public void setFields_withHashmap_thenPass()
     }
 
     @Test
-    public void setFields_withString_thenPass()
+    public void setFieldsWithStringThenPass()
     {
         String string="ExpString";
         registrationPacket.setField("StringExp",string);

commons-packet/commons-packet-manager/src/test/java/io/mosip/commons/packet/test/impl/OfflinePacketCryptoServiceTest.java

@@ -2,43 +2,32 @@
 
 import io.mosip.commons.packet.constants.CryptomanagerConstant;
 import io.mosip.commons.packet.impl.OfflinePacketCryptoServiceImpl;
-import io.mosip.commons.packet.util.ZipUtils;
 import io.mosip.kernel.clientcrypto.dto.TpmSignResponseDto;
 import io.mosip.kernel.clientcrypto.dto.TpmSignVerifyResponseDto;
 import io.mosip.kernel.clientcrypto.service.spi.ClientCryptoManagerService;
-import io.mosip.kernel.core.signatureutil.model.SignatureResponse;
 import io.mosip.kernel.core.util.CryptoUtil;
-import io.mosip.kernel.core.util.JsonUtils;
 import io.mosip.kernel.cryptomanager.dto.CryptomanagerResponseDto;
 import io.mosip.kernel.cryptomanager.service.impl.CryptomanagerServiceImpl;
 import io.mosip.kernel.signature.service.SignatureService;
 import io.mosip.kernel.signature.service.impl.SignatureServiceImpl;
-import org.apache.commons.io.IOUtils;
-import org.apache.commons.lang3.ArrayUtils;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.Mockito;
-import org.powermock.core.classloader.annotations.PowerMockIgnore;
-import org.powermock.core.classloader.annotations.PrepareForTest;
-import org.powermock.modules.junit4.PowerMockRunner;
+import org.mockito.junit.MockitoJUnitRunner;
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.annotation.PropertySource;
 import org.springframework.test.util.ReflectionTestUtils;
 
 import java.nio.charset.StandardCharsets;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.*;
 import static org.mockito.ArgumentMatchers.any;
 
-@RunWith(PowerMockRunner.class)
-@PrepareForTest({ZipUtils.class, IOUtils.class, JsonUtils.class})
+@RunWith(MockitoJUnitRunner.Silent.class)
 @PropertySource("classpath:application-test.properties")
-@PowerMockIgnore({"com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*", "javax.management.*"})
 public class OfflinePacketCryptoServiceTest {
 
     @InjectMocks
@@ -73,7 +62,26 @@ public void signTest() {
         Mockito.when(clientCryptoManagerService.csSign(any())).thenReturn(signatureResponse);
 
         byte[] result = offlinePacketCryptoService.sign(packetSignature.getBytes());
-        assertTrue(ArrayUtils.isEquals(packetSignature.getBytes(), result));
+        assertArrayEquals(packetSignature.getBytes(), result);
+    }
+
+    @Test(expected = NullPointerException.class)
+    public void signWhenCsSignReturnsNullThrowsNullPointerException() {
+        Mockito.when(clientCryptoManagerService.csSign(any())).thenReturn(null);
+        offlinePacketCryptoService.sign("packet".getBytes());
+    }
+
+    @Test
+    public void signWhenCsSignReturnsNullDataReturnsNull() {
+        TpmSignResponseDto signatureResponse = new TpmSignResponseDto();
+        signatureResponse.setData(null);
+
+        Mockito.when(clientCryptoManagerService.csSign(any()))
+                .thenReturn(signatureResponse);
+
+        byte[] result = offlinePacketCryptoService.sign("packet".getBytes());
+
+        assertNull(result);
     }
 
     @Test
@@ -89,6 +97,28 @@ public void encryptTest() {
         assertNotNull(result);
     }
 
+    @Test
+    public void encryptReturnsMergedBytesWhenCryptomanagerReturnsData() {
+        String id = "refId";
+        byte[] packet = "plain".getBytes();
+        byte[] encrypted = "encryptedBytes".getBytes();
+        String encBase64 = CryptoUtil.encodeToURLSafeBase64(encrypted);
+
+        CryptomanagerResponseDto cryptomanagerResponseDto = new CryptomanagerResponseDto();
+        cryptomanagerResponseDto.setData(encBase64);
+        Mockito.when(cryptomanagerService.encrypt(any())).thenReturn(cryptomanagerResponseDto);
+
+        // call real mergeEncryptedData from khazana (library present on classpath) and assert not null
+        byte[] result = offlinePacketCryptoService.encrypt(id, packet);
+        assertNotNull(result);
+    }
+
+    @Test(expected = NullPointerException.class)
+    public void encryptWhenCryptomanagerReturnsNullThrowsNullPointerException() {
+        Mockito.when(cryptomanagerService.encrypt(any())).thenReturn(null);
+        offlinePacketCryptoService.encrypt("id", "p".getBytes());
+    }
+
     @Test
     public void decryptTest() {
         String id = "10001100770000320200720092256";
@@ -102,6 +132,28 @@ public void decryptTest() {
         assertNotNull(result);
     }
 
+    @Test
+    public void decryptWithShortPacketCallsDecryptWithEmptyEncryptedData() {
+        String id = "10001100770000320200720092256";
+        // create packet with exactly nonce + aad (no encrypted data)
+        int len = CryptomanagerConstant.GCM_NONCE_LENGTH + CryptomanagerConstant.GCM_AAD_LENGTH;
+        byte[] shortPacket = new byte[len];
+
+        CryptomanagerResponseDto cryptomanagerResponseDto = new CryptomanagerResponseDto();
+        cryptomanagerResponseDto.setData(CryptoUtil.encodeToURLSafeBase64("result".getBytes()));
+        Mockito.when(cryptomanagerService.decrypt(any())).thenReturn(cryptomanagerResponseDto);
+
+        byte[] result = offlinePacketCryptoService.decrypt(id, shortPacket);
+        assertArrayEquals("result".getBytes(), result);
+    }
+
+    @Test(expected = NullPointerException.class)
+    public void decryptWhenCryptomanagerReturnsNullThrowsNullPointerException() {
+        Mockito.when(cryptomanagerService.decrypt(any())).thenReturn(null);
+        byte[] packet = new byte[CryptomanagerConstant.GCM_NONCE_LENGTH + CryptomanagerConstant.GCM_AAD_LENGTH + 5];
+        offlinePacketCryptoService.decrypt("id", packet);
+    }
+
     @Test
     public void verifyTest() {
         String packetSignature = "signature";
@@ -110,15 +162,32 @@ public void verifyTest() {
         tpmSignVerifyResponseDto.setVerified(true);
         Mockito.when(clientCryptoManagerService.csVerify(any())).thenReturn(tpmSignVerifyResponseDto);
 
-        boolean result = offlinePacketCryptoService.verify("12345","packet".getBytes(), packetSignature.getBytes());
+        byte[] pkt = packetSignature.getBytes();
+        boolean result = offlinePacketCryptoService.verify("12345", pkt, packetSignature.getBytes());
         assertTrue(result);
     }
 
+    @Test
+    public void verifyReturnsFalseWhenCsVerifyReturnsVerifiedFalse() {
+        TpmSignVerifyResponseDto tpmSignVerifyResponseDto = new TpmSignVerifyResponseDto();
+        tpmSignVerifyResponseDto.setVerified(false);
+        Mockito.when(clientCryptoManagerService.csVerify(any())).thenReturn(tpmSignVerifyResponseDto);
+
+        boolean result = offlinePacketCryptoService.verify("12345","packet".getBytes(), "sig".getBytes());
+        assertFalse(result);
+    }
+
+    @Test(expected = NullPointerException.class)
+    public void verifyWhenCsVerifyReturnsNullThrowsNullPointerException() {
+        Mockito.when(clientCryptoManagerService.csVerify(any())).thenReturn(null);
+        offlinePacketCryptoService.verify("12345","packet".getBytes(), "sig".getBytes());
+    }
+
     /**
      * Tests getCryptomanagerService method when service is null - should create and return new instance
      */
     @Test
-    public void testGetCryptomanagerService_WhenServiceIsNull_CreatesAndReturnsNewInstance() {
+    public void testGetCryptomanagerServiceWhenServiceIsNullCreatesAndReturnsNewInstance() {
         ReflectionTestUtils.setField(offlinePacketCryptoService, "cryptomanagerService", null);
         CryptomanagerServiceImpl result = ReflectionTestUtils.invokeMethod(offlinePacketCryptoService, "getCryptomanagerService");
         assertNotNull(result);
@@ -132,7 +201,7 @@ public void testGetCryptomanagerService_WhenServiceIsNull_CreatesAndReturnsNewIn
      * Tests getSignatureService method when service is null - should create and return new instance
      */
     @Test
-    public void testGetSignatureService_WhenServiceIsNull_CreatesAndReturnsNewInstance() {
+    public void testGetSignatureServiceWhenServiceIsNullCreatesAndReturnsNewInstance() {
         ReflectionTestUtils.setField(offlinePacketCryptoService, "signatureService", null);
         SignatureService result = ReflectionTestUtils.invokeMethod(offlinePacketCryptoService, "getSignatureService");
         assertNotNull(result);
@@ -146,7 +215,7 @@ public void testGetSignatureService_WhenServiceIsNull_CreatesAndReturnsNewInstan
      * Tests getTpmCryptoService method when service is null - should create and return new instance
      */
     @Test
-    public void testGetTpmCryptoService_WhenServiceIsNull_CreatesAndReturnsNewInstance() {
+    public void testGetTpmCryptoServiceWhenServiceIsNullCreatesAndReturnsNewInstance() {
         ReflectionTestUtils.setField(offlinePacketCryptoService, "tpmCryptoService", null);
         ClientCryptoManagerService result = ReflectionTestUtils.invokeMethod(offlinePacketCryptoService, "getTpmCryptoService");
         assertNotNull(result);