summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_moa-sig/src/test/java/at/gv
diff options
context:
space:
mode:
authorThomas <>2021-04-08 10:48:50 +0200
committerThomas <>2021-04-08 10:48:50 +0200
commit458817bd97058c5a975006dca45cdfe6eead07b5 (patch)
treed6cade442dabafe2e645a5a36a95502e5fc103b9 /eaaf_modules/eaaf_module_moa-sig/src/test/java/at/gv
parentb28e12c77d655ec0d9c6c879025426c594bef7f2 (diff)
downloadEAAF-Components-458817bd97058c5a975006dca45cdfe6eead07b5.tar.gz
EAAF-Components-458817bd97058c5a975006dca45cdfe6eead07b5.tar.bz2
EAAF-Components-458817bd97058c5a975006dca45cdfe6eead07b5.zip
add new verification methods into MOA-Sig module to verify PAdES documents and to perform extended validation
Diffstat (limited to 'eaaf_modules/eaaf_module_moa-sig/src/test/java/at/gv')
-rw-r--r--eaaf_modules/eaaf_module_moa-sig/src/test/java/at/gv/egiz/eaaf/modules/sigverify/moasig/test/verify/SignatureVerificationServiceTest.java106
1 files changed, 106 insertions, 0 deletions
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/test/java/at/gv/egiz/eaaf/modules/sigverify/moasig/test/verify/SignatureVerificationServiceTest.java b/eaaf_modules/eaaf_module_moa-sig/src/test/java/at/gv/egiz/eaaf/modules/sigverify/moasig/test/verify/SignatureVerificationServiceTest.java
index 5066d220..71c4b1af 100644
--- a/eaaf_modules/eaaf_module_moa-sig/src/test/java/at/gv/egiz/eaaf/modules/sigverify/moasig/test/verify/SignatureVerificationServiceTest.java
+++ b/eaaf_modules/eaaf_module_moa-sig/src/test/java/at/gv/egiz/eaaf/modules/sigverify/moasig/test/verify/SignatureVerificationServiceTest.java
@@ -1,8 +1,14 @@
package at.gv.egiz.eaaf.modules.sigverify.moasig.test.verify;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
import java.io.IOException;
+import java.util.List;
import org.apache.commons.io.IOUtils;
import org.junit.AfterClass;
@@ -10,6 +16,7 @@ import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
+import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.annotation.DirtiesContext.ClassMode;
@@ -17,9 +24,13 @@ import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import at.gv.egiz.eaaf.modules.sigverify.moasig.api.ISignatureVerificationService;
+import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.IPdfSignatureVerificationResponse;
import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse;
import at.gv.egiz.eaaf.modules.sigverify.moasig.exceptions.MoaSigServiceException;
+import at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data.VerifyPdfSignatureResponse.CoversFullDocument;
import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
+import ch.qos.logback.classic.Level;
+import ch.qos.logback.classic.Logger;
import lombok.extern.slf4j.Slf4j;
@Slf4j
@@ -43,6 +54,10 @@ public class SignatureVerificationServiceTest {
System.setProperty("moa.spss.server.configuration",
current + "/src/test/resources/config/moaspss_config/MOASPSSConfiguration.xml");
+ ((Logger) LoggerFactory.getLogger("at.gv.egovernment.moa")).setLevel(Level.DEBUG);
+ ((Logger) LoggerFactory.getLogger("iaik.server")).setLevel(Level.INFO);
+ ((Logger) LoggerFactory.getLogger("iaik.pki")).setLevel(Level.INFO);
+
}
/**
@@ -92,5 +107,96 @@ public class SignatureVerificationServiceTest {
Assert.assertFalse("qcCert flag", result.isQualifiedCertificate());
}
+
+ @Test
+ public void noCertPathByMissingX509Extensions() throws MoaSigServiceException, IOException {
+ // load signature
+ byte[] signature = IOUtils.resourceToByteArray("/data/zuse/signed-notification-with-pdf.xml");
+
+ //start verification
+ IXmlSignatureVerificationResponse result =
+ service.verifyXmlSignature(signature, "default-trustprofile");
+
+ //verify result
+ Assert.assertEquals("cert. checkCode", 1, result.getCertificateCheckCode());
+
+ }
+
+ @Test
+ public void simplePdfSignatureTest() throws IOException, MoaSigServiceException {
+ // load signature
+ byte[] signature = IOUtils.resourceToByteArray(
+ "/data/pades/Plugtest2019_ESIG-P_AT_SIT_Signature-P-AT_SIT-4.pdf");
+
+ List<IPdfSignatureVerificationResponse> result =
+ service.verifyPdfSignature(signature, "MOAIDBuergerkarteAuthentisierungsDaten");
+
+ assertNotNull("result", result);
+ assertFalse("result is empty", result.isEmpty());
+ assertEquals("missing signature", 2, result.size());
+
+ assertNull("sigAlg 1", result.get(0).getSignatureAlgorithmIdentifier());
+ assertNull("formCheck 1", result.get(0).getExtendedCertificateValidation());
+ assertTrue("ext. certCheck 1", result.get(0).getFormValidationResults().isEmpty());
+ assertEquals("coversFullDoc 1", CoversFullDocument.UNKNOWN, result.get(0).getSignatureCoversFullDocument());
+
+ assertNull("SigAlg 2", result.get(1).getSignatureAlgorithmIdentifier());
+ assertNull("formCheck 2", result.get(1).getExtendedCertificateValidation());
+ assertTrue("ext. certCheck 2", result.get(1).getFormValidationResults().isEmpty());
+ assertEquals("coversFullDoc 2", CoversFullDocument.UNKNOWN, result.get(1).getSignatureCoversFullDocument());
+
+ }
+
+ @Test
+ public void extendedPdfSignatureTest() throws IOException, MoaSigServiceException {
+ // load signature
+ byte[] signature = IOUtils.resourceToByteArray(
+ "/data/pades/Plugtest2019_ESIG-P_AT_SIT_Signature-P-AT_SIT-4.pdf");
+
+ List<IPdfSignatureVerificationResponse> result =
+ service.verifyPdfSignature(signature, "MOAIDBuergerkarteAuthentisierungsDaten", true);
+
+ assertNotNull("result", result);
+ assertFalse("result is empty", result.isEmpty());
+ assertEquals("missing signature", 2, result.size());
+
+ assertEquals("sigCheckCode", 0, result.get(0).getSignatureCheckCode());
+ assertEquals("certCheckCode", 0, result.get(0).getCertificateCheckCode());
+
+ assertNotNull("sigAlg 1", result.get(0).getSignatureAlgorithmIdentifier());
+ assertNotNull("formCheck 1", result.get(0).getExtendedCertificateValidation());
+ assertFalse("ext. certCheck 1", result.get(0).getFormValidationResults().isEmpty());
+ assertEquals("coversFullDoc 1", CoversFullDocument.NO, result.get(0).getSignatureCoversFullDocument());
+
+ //valid ext. cert result
+ assertEquals("ext. cert. check code", 2,
+ result.get(0).getExtendedCertificateValidation().getMajorResult().getCode());
+ assertEquals("ext. cert. check info", "INDETERMINATE",
+ result.get(0).getExtendedCertificateValidation().getMajorResult().getInfo());
+ assertEquals("ext. cert. check code", 24,
+ result.get(0).getExtendedCertificateValidation().getMinorResult().getCode());
+ assertEquals("ext. cert. check info", "ERROR",
+ result.get(0).getExtendedCertificateValidation().getMinorResult().getInfo());
+
+
+ //validate form-check result
+ assertEquals("ext. formcheck size", 4, result.get(0).getFormValidationResults().size());
+ assertEquals("wrong PAdES-B Code", 0, result.get(0).getFormValidationResults().stream()
+ .filter(el -> el.getInfo().equals("B-B"))
+ .findFirst()
+ .get().getCode());
+
+ result.get(0).getFormValidationResults().stream()
+ .filter(el -> !el.getInfo().equals("B-B"))
+ .forEach(el -> assertEquals("wrong form check-code", 2, el.getCode()));
+
+
+ assertNotNull("SigAlg 2", result.get(1).getSignatureAlgorithmIdentifier());
+ assertNotNull("formCheck 2", result.get(1).getExtendedCertificateValidation());
+ assertFalse("ext. certCheck 2", result.get(1).getFormValidationResults().isEmpty());
+ assertEquals("coversFullDoc 2", CoversFullDocument.YES, result.get(1).getSignatureCoversFullDocument());
+
+ }
}
+