diff options
author | Thomas <> | 2021-04-08 10:48:50 +0200 |
---|---|---|
committer | Thomas <> | 2021-04-08 10:48:50 +0200 |
commit | 458817bd97058c5a975006dca45cdfe6eead07b5 (patch) | |
tree | d6cade442dabafe2e645a5a36a95502e5fc103b9 /eaaf_modules/eaaf_module_moa-sig/src/test/java | |
parent | b28e12c77d655ec0d9c6c879025426c594bef7f2 (diff) | |
download | EAAF-Components-458817bd97058c5a975006dca45cdfe6eead07b5.tar.gz EAAF-Components-458817bd97058c5a975006dca45cdfe6eead07b5.tar.bz2 EAAF-Components-458817bd97058c5a975006dca45cdfe6eead07b5.zip |
add new verification methods into MOA-Sig module to verify PAdES documents and to perform extended validation
Diffstat (limited to 'eaaf_modules/eaaf_module_moa-sig/src/test/java')
-rw-r--r-- | eaaf_modules/eaaf_module_moa-sig/src/test/java/at/gv/egiz/eaaf/modules/sigverify/moasig/test/verify/SignatureVerificationServiceTest.java | 106 |
1 files changed, 106 insertions, 0 deletions
diff --git a/eaaf_modules/eaaf_module_moa-sig/src/test/java/at/gv/egiz/eaaf/modules/sigverify/moasig/test/verify/SignatureVerificationServiceTest.java b/eaaf_modules/eaaf_module_moa-sig/src/test/java/at/gv/egiz/eaaf/modules/sigverify/moasig/test/verify/SignatureVerificationServiceTest.java index 5066d220..71c4b1af 100644 --- a/eaaf_modules/eaaf_module_moa-sig/src/test/java/at/gv/egiz/eaaf/modules/sigverify/moasig/test/verify/SignatureVerificationServiceTest.java +++ b/eaaf_modules/eaaf_module_moa-sig/src/test/java/at/gv/egiz/eaaf/modules/sigverify/moasig/test/verify/SignatureVerificationServiceTest.java @@ -1,8 +1,14 @@ package at.gv.egiz.eaaf.modules.sigverify.moasig.test.verify; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; import static org.junit.Assert.assertThrows; +import static org.junit.Assert.assertTrue; import java.io.IOException; +import java.util.List; import org.apache.commons.io.IOUtils; import org.junit.AfterClass; @@ -10,6 +16,7 @@ import org.junit.Assert; import org.junit.BeforeClass; import org.junit.Test; import org.junit.runner.RunWith; +import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.annotation.DirtiesContext.ClassMode; @@ -17,9 +24,13 @@ import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import at.gv.egiz.eaaf.modules.sigverify.moasig.api.ISignatureVerificationService; +import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.IPdfSignatureVerificationResponse; import at.gv.egiz.eaaf.modules.sigverify.moasig.api.data.IXmlSignatureVerificationResponse; import at.gv.egiz.eaaf.modules.sigverify.moasig.exceptions.MoaSigServiceException; +import at.gv.egiz.eaaf.modules.sigverify.moasig.impl.data.VerifyPdfSignatureResponse.CoversFullDocument; import at.gv.egovernment.moa.spss.server.config.ConfigurationException; +import ch.qos.logback.classic.Level; +import ch.qos.logback.classic.Logger; import lombok.extern.slf4j.Slf4j; @Slf4j @@ -43,6 +54,10 @@ public class SignatureVerificationServiceTest { System.setProperty("moa.spss.server.configuration", current + "/src/test/resources/config/moaspss_config/MOASPSSConfiguration.xml"); + ((Logger) LoggerFactory.getLogger("at.gv.egovernment.moa")).setLevel(Level.DEBUG); + ((Logger) LoggerFactory.getLogger("iaik.server")).setLevel(Level.INFO); + ((Logger) LoggerFactory.getLogger("iaik.pki")).setLevel(Level.INFO); + } /** @@ -92,5 +107,96 @@ public class SignatureVerificationServiceTest { Assert.assertFalse("qcCert flag", result.isQualifiedCertificate()); } + + @Test + public void noCertPathByMissingX509Extensions() throws MoaSigServiceException, IOException { + // load signature + byte[] signature = IOUtils.resourceToByteArray("/data/zuse/signed-notification-with-pdf.xml"); + + //start verification + IXmlSignatureVerificationResponse result = + service.verifyXmlSignature(signature, "default-trustprofile"); + + //verify result + Assert.assertEquals("cert. checkCode", 1, result.getCertificateCheckCode()); + + } + + @Test + public void simplePdfSignatureTest() throws IOException, MoaSigServiceException { + // load signature + byte[] signature = IOUtils.resourceToByteArray( + "/data/pades/Plugtest2019_ESIG-P_AT_SIT_Signature-P-AT_SIT-4.pdf"); + + List<IPdfSignatureVerificationResponse> result = + service.verifyPdfSignature(signature, "MOAIDBuergerkarteAuthentisierungsDaten"); + + assertNotNull("result", result); + assertFalse("result is empty", result.isEmpty()); + assertEquals("missing signature", 2, result.size()); + + assertNull("sigAlg 1", result.get(0).getSignatureAlgorithmIdentifier()); + assertNull("formCheck 1", result.get(0).getExtendedCertificateValidation()); + assertTrue("ext. certCheck 1", result.get(0).getFormValidationResults().isEmpty()); + assertEquals("coversFullDoc 1", CoversFullDocument.UNKNOWN, result.get(0).getSignatureCoversFullDocument()); + + assertNull("SigAlg 2", result.get(1).getSignatureAlgorithmIdentifier()); + assertNull("formCheck 2", result.get(1).getExtendedCertificateValidation()); + assertTrue("ext. certCheck 2", result.get(1).getFormValidationResults().isEmpty()); + assertEquals("coversFullDoc 2", CoversFullDocument.UNKNOWN, result.get(1).getSignatureCoversFullDocument()); + + } + + @Test + public void extendedPdfSignatureTest() throws IOException, MoaSigServiceException { + // load signature + byte[] signature = IOUtils.resourceToByteArray( + "/data/pades/Plugtest2019_ESIG-P_AT_SIT_Signature-P-AT_SIT-4.pdf"); + + List<IPdfSignatureVerificationResponse> result = + service.verifyPdfSignature(signature, "MOAIDBuergerkarteAuthentisierungsDaten", true); + + assertNotNull("result", result); + assertFalse("result is empty", result.isEmpty()); + assertEquals("missing signature", 2, result.size()); + + assertEquals("sigCheckCode", 0, result.get(0).getSignatureCheckCode()); + assertEquals("certCheckCode", 0, result.get(0).getCertificateCheckCode()); + + assertNotNull("sigAlg 1", result.get(0).getSignatureAlgorithmIdentifier()); + assertNotNull("formCheck 1", result.get(0).getExtendedCertificateValidation()); + assertFalse("ext. certCheck 1", result.get(0).getFormValidationResults().isEmpty()); + assertEquals("coversFullDoc 1", CoversFullDocument.NO, result.get(0).getSignatureCoversFullDocument()); + + //valid ext. cert result + assertEquals("ext. cert. check code", 2, + result.get(0).getExtendedCertificateValidation().getMajorResult().getCode()); + assertEquals("ext. cert. check info", "INDETERMINATE", + result.get(0).getExtendedCertificateValidation().getMajorResult().getInfo()); + assertEquals("ext. cert. check code", 24, + result.get(0).getExtendedCertificateValidation().getMinorResult().getCode()); + assertEquals("ext. cert. check info", "ERROR", + result.get(0).getExtendedCertificateValidation().getMinorResult().getInfo()); + + + //validate form-check result + assertEquals("ext. formcheck size", 4, result.get(0).getFormValidationResults().size()); + assertEquals("wrong PAdES-B Code", 0, result.get(0).getFormValidationResults().stream() + .filter(el -> el.getInfo().equals("B-B")) + .findFirst() + .get().getCode()); + + result.get(0).getFormValidationResults().stream() + .filter(el -> !el.getInfo().equals("B-B")) + .forEach(el -> assertEquals("wrong form check-code", 2, el.getCode())); + + + assertNotNull("SigAlg 2", result.get(1).getSignatureAlgorithmIdentifier()); + assertNotNull("formCheck 2", result.get(1).getExtendedCertificateValidation()); + assertFalse("ext. certCheck 2", result.get(1).getFormValidationResults().isEmpty()); + assertEquals("coversFullDoc 2", CoversFullDocument.YES, result.get(1).getSignatureCoversFullDocument()); + + } } + |