diff options
6 files changed, 558 insertions, 282 deletions
diff --git a/connector/src/main/webapp/css/css_country.css b/connector/src/main/webapp/css/css_country.css index 59282da3..297f0366 100644 --- a/connector/src/main/webapp/css/css_country.css +++ b/connector/src/main/webapp/css/css_country.css @@ -1,24 +1,28 @@ @charset "utf-8"; body { - background-image: url(../img/globus_eu.png); + background-image: url(img/globus_eu.png); background-repeat: no-repeat; background-attachment: fixed; background-position: top; background-color: #F9F9F9; + font-family: Arial, Helvetica, sans-serif; } #page { padding-top: 2%; - padding-right: 5%; padding-left: 10%; } #country { - float:left; + display: flex; + flex-direction: row; + flex-wrap: wrap; + align-items: center; } .block { - float:left; display: flex; + flex-direction: row; + flex-wrap: wrap; cursor: pointer; text-decoration: none; padding-right:2%; @@ -26,7 +30,6 @@ } .countryimage { - display:flex; width:50px; height:50px; padding-right: 2%; @@ -34,18 +37,12 @@ } input[type=button], input[type=submit], input[type=reset] { - + display:flex; background-color:transparent; border:none; color: black; - padding: 10px 20px; text-decoration: none; - margin: 3px 2px; - cursor: pointer; - height: 3%; - display: inline-block; - vertical-align: middle; - width: 50%; + cursor: pointer; } #testEnvironment { border: none; @@ -59,8 +56,6 @@ width: 40%; } #button{ - display:flex; - height: 3%; background-color: transparent; border:none; } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java index 64cf6af2..85743585 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java @@ -60,6 +60,7 @@ public class Constants { public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE = CONIG_PROPS_EIDAS_SZRCLIENT + ".params.issuingdate"; public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY = CONIG_PROPS_EIDAS_SZRCLIENT + ".params.issuingauthority"; public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY= CONIG_PROPS_EIDAS_SZRCLIENT + ".params.usedummykeys"; + public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USESRZFORBPKGENERATION= CONIG_PROPS_EIDAS_SZRCLIENT + ".params.useSZRForbPKCalculation"; //http endpoint descriptions public static final String eIDAS_HTTP_ENDPOINT_SP_POST = "/eidas/light/sp/post"; @@ -99,12 +100,16 @@ public class Constants { public static final String HTTP_CLIENT_DEFAULT_TIMEOUT_RESPONSE = "60"; //seconds + public static final String SZR_SCHEMA_LOCATIONS = + ("urn:SZRServices" + " " + "/szr_client/szr.xsd"); + //Default values for SZR communication public static final String SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE = "ELEKTR_DOKUMENT"; //TODO remove!!! public static final String SZR_CONSTANTS_DEFAULT_ISSUING_DATE = "2014-01-01"; public static final String SZR_CONSTANTS_DEFAULT_ISSUING_AUTHORITY = "ms-specific eIDAS-Node for AT"; - public final static byte[] SZR_CONSTANTS_DEFAULT_PUBL_KEY = new byte[] {48, -127, -97, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 1, 5, 0, 3, -127, -115, 0, 48, -127, -119, 2, -127, -127, 0, -106, 114, -113, -1, -84, 116, 35, 3, 70, -81, 81, -110, -10, -59, 114, 4, -109, 86, 127, -50, 125, 47, 4, 80, 79, 53, 117, -36, 15, -16, -61, 110, 39, 89, 29, -43, 37, -127, 80, -109, -38, 65, 125, -119, 44, -111, -21, 47, -98, 38, -112, -24, 107, -110, 17, -10, 51, -4, -36, -72, -28, -18, -14, 117, -67, 76, -31, 32, 92, 104, -21, 68, 31, -12, 30, -104, -104, 42, -107, 126, 84, 50, 85, -117, 44, -100, -4, 102, -100, 52, -68, 77, -32, 9, -16, -30, -104, -90, 107, -88, 7, 97, -94, 72, -61, -40, 80, -112, -65, -25, -72, -19, -95, -54, 31, 15, 24, -105, 123, -81, 23, -123, 92, -103, -101, 47, 47, -105, 2, 3, 1, 0, 1}; - + public static final String SZR_CONSTANTS_DEFAULT_PUBKEY_EXPONENT = "AQAB"; + public static final String SZR_CONSTANTS_DEFAULT_PUBKEY_MODULUS = "AJZyj/+sdCMDRq9RkvbFcgSTVn/OfS8EUE81ddwP8MNuJ1kd1SWBUJPaQX2JLJHrL54mkOhrkhH2M/zcuOTu8nW9TOEgXGjrRB/0HpiYKpV+VDJViyyc/GacNLxN4Anw4pima6gHYaJIw9hQkL/nuO2hyh8PGJd7rxeFXJmbLy+X"; + } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java index cec36d4b..4840a5e0 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java @@ -88,21 +88,28 @@ public class SZRClient { private SZRService szrService = null; private String szrURL = null; private QName qname = null; - - public IdentityLinkType getIdentityLink(PersonInfoType personInfo, List<KeyValueType> keyValue, Boolean insertERnP) throws SZRCommunicationException { - try { - return szr.getIdentityLink( - personInfo, - keyValue, - insertERnP); - - } catch (SZRException_Exception e) { - log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e); - throw new SZRCommunicationException("ernb.02", new Object[] {e.getMessage()}, e); - - } - - } + + /* + * This method does not return a valid signed IDL, because Apache CXF XML parser switch namespaces!!!! + */ +// public IdentityLinkType getIdentityLink(PersonInfoType personInfo, List<KeyValueType> keyValue, Boolean insertERnP) throws SZRCommunicationException { +// try { +// return szr.getIdentityLink( +// personInfo, +// keyValue, +// insertERnP); +// +// } catch (SZRException_Exception | SOAPFaultException e) { +// log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e); +// throw new SZRCommunicationException("ernb.02", new Object[] {e.getMessage()}, e); +// +// } catch (Exception e) { +// log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e); +// throw new SZRCommunicationException("ernb.02", new Object[] {e.getMessage()}, e); +// +// } +// +// } public IdentityLinkType getIdentityLinkInRawMode(PersonInfoType personInfo, List<KeyValueType> keyValue, Boolean insertERnP) throws SZRCommunicationException { try { @@ -139,7 +146,9 @@ public class SZRClient { // ok, we have success Document doc = DOMUtils.parseDocument( new ByteArrayInputStream(szrResponse), - true, XMLNamespaceConstants.ALL_SCHEMA_LOCATIONS, null, null + true, + XMLNamespaceConstants.ALL_SCHEMA_LOCATIONS + " " + Constants.SZR_SCHEMA_LOCATIONS, + null, null ); String xpathExpression = "//saml:Assertion"; Element nsNode = doc.createElementNS("urn:oasis:names:tc:SAML:1.0:assertion", "saml:NSNode"); @@ -288,7 +297,8 @@ public class SZRClient { LoggingHandler loggingHandler = new LoggingHandler(); handlerList.add(loggingHandler); - } + } + bindingProvider.getBinding().setHandlerChain(handlerList); } private SSLContext createSSLContext(String clientType) { diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java index 8ad529e8..9882bab2 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java @@ -3,13 +3,7 @@ package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks; import java.io.InputStream; -import java.math.BigInteger; -import java.security.KeyFactory; -import java.security.NoSuchAlgorithmException; -import java.security.PublicKey; -import java.security.interfaces.RSAPublicKey; -import java.security.spec.InvalidKeySpecException; -import java.security.spec.PKCS8EncodedKeySpec; +import java.security.MessageDigest; import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.HashMap; @@ -38,6 +32,7 @@ import at.asitplus.eidas.specific.connector.MSConnectorEventCodes; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SZRCommunicationException; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils; import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType; @@ -172,13 +167,13 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { //parse some eID attributes String dateOfBirth = new SimpleDateFormat("yyyy-MM-dd").format(((DateTime)dateOfBirthObj).toDate()); - - // eID attribute has format <SOURCE-COUNTRY>/<DESTINATION-COUNTRY>/IDENTIFIER - Trible<String, String, String> eIdentifier = + Trible<String, String, String> eIdentifier = eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj); - // TODO: Shall we really use entire eID value (including countries information) or only identifier value? - String uniqueId = (String)eIdentifierObj; String citizenCountry = eIdentifier.getFirst(); + + //hash unique identifier as work-around for uniqueId length restriction + String uniqueId = createHashFromUniqueId(eIdentifier.getThird()); + //person information personName.setFamilyName((String)familyNameObj); @@ -194,20 +189,14 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { //TODO: that should be removed eDocument.setIssueDate(basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE, - Constants.SZR_CONSTANTS_DEFAULT_ISSUING_DATE)); + Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE)); eDocument.setIssuingAuthority(basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY, - Constants.SZR_CONSTANTS_DEFAULT_ISSUING_AUTHORITY)); + Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY)); //TODO: keys are not available in eIDAS List<KeyValueType> keyValue = dummyCodeForKeys(); - /*TODO: - * Validate if IDL signature is valid after using this method - * MAYBE we had to switch to 'getIdentityLinkInRawMode' method! - */ - IdentityLinkType result = szrClient.getIdentityLink( + IdentityLinkType result = szrClient.getIdentityLinkInRawMode( personInfo, keyValue, basicConfig.getBasicMOAIDConfigurationBoolean( @@ -220,12 +209,24 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { //get bPK from SZR - bPK = szrClient.getBPK( + if (basicConfig.getBasicMOAIDConfigurationBoolean( + Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USESRZFORBPKGENERATION, true)) { + bPK = szrClient.getBPK( personInfo, pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier(), basicConfig.getBasicConfiguration( Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, "no VKZ defined")); + + } else { + log.debug("Calculating bPK from baseId ... "); + Pair<String, String> bPKCalc = new BPKBuilder().generateAreaSpecificPersonIdentifier( + identityLink.getIdentificationValue(), + identityLink.getIdentificationType(), + pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()); + bPK = bPKCalc.getFirst(); + + } } @@ -281,36 +282,36 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { } } + private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException { + try { + MessageDigest md = MessageDigest.getInstance("SHA-256"); + byte[] hash = md.digest(uniqueId.getBytes("UTF-8")); + String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", ""); + return hashBase64; + + } catch (Exception ex) { + throw new eIDASAuthenticationException("internal.03", new Object[]{}, ex); + + } + } + private List<KeyValueType> dummyCodeForKeys() { if (basicConfig.getBasicMOAIDConfigurationBoolean( Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY, false)) { List<KeyValueType> keyvalueList = new ArrayList<KeyValueType>(); - try { - PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(Constants.SZR_CONSTANTS_DEFAULT_PUBL_KEY); - KeyFactory kf = KeyFactory.getInstance("RSA"); - PublicKey pb = kf.generatePublic(spec); - - RSAPublicKey rsapb = (RSAPublicKey)pb; - BigInteger modulus = rsapb.getModulus(); - BigInteger exponent = rsapb.getPublicExponent(); - - // set key values - RSAKeyValueType rsa = new RSAKeyValueType(); - rsa.setExponent(new String(Base64Utils.encode(exponent.toByteArray()))); - rsa.setModulus(new String(Base64Utils.encode(modulus.toByteArray()))); + // set key values + RSAKeyValueType rsa = new RSAKeyValueType(); + rsa.setExponent(Constants.SZR_CONSTANTS_DEFAULT_PUBKEY_EXPONENT); + rsa.setModulus(Constants.SZR_CONSTANTS_DEFAULT_PUBKEY_MODULUS); + + KeyValueType key = new KeyValueType(); + key.setRSAKeyValue(rsa); - KeyValueType key = new KeyValueType(); - key.setRSAKeyValue(rsa); - - keyvalueList.add(key); - - return keyvalueList; - } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { - log.error("TestCode has an internal ERROR", e); - - } + keyvalueList.add(key); + + return keyvalueList; } diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr.xsd b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr.xsd new file mode 100644 index 00000000..85acfb65 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr.xsd @@ -0,0 +1,388 @@ +<xs:schema elementFormDefault="qualified" targetNamespace="urn:SZRServices" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pd="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:szr="urn:SZRServices" xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <xs:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" /> + <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" /> + <xs:element name="SZRException" type="szr:SZRException" /> + <xs:complexType name="SZRException" /> + <xs:complexType name="PersonInfoType"> + <xs:sequence> + <xs:element name="Person" type="pd:PhysicalPersonType" /> + <xs:element minOccurs="0" name="RegularDomicile" type="pd:PostalAddressType" /> + <xs:element minOccurs="0" name="AddressCodes" type="szr:AddressCodesType" /> + <xs:element minOccurs="0" name="TravelDocument" type="szr:TravelDocumentType" /> + <xs:element minOccurs="0" name="DateOfBirthWildcard" type="xs:boolean" /> + <xs:element minOccurs="0" name="AuskunftssperreGesetzt" type="xs:boolean" /> + </xs:sequence> + </xs:complexType> + <xs:complexType name="TravelDocumentType"> + <xs:sequence> + <xs:element minOccurs="0" name="DocumentNumber" type="xs:string" /> + <xs:element minOccurs="0" name="DocumentType" type="xs:string" /> + <xs:element minOccurs="0" name="IssueDate" type="xs:string" /> + <xs:element minOccurs="0" name="IssuingAuthority" type="xs:string" /> + <xs:element minOccurs="0" name="IssuingCountry" type="xs:string" /> + </xs:sequence> + </xs:complexType> + <xs:complexType name="AddressCodesType"> + <xs:sequence> + <xs:element minOccurs="0" name="GKZ" type="xs:string" /> + <xs:element minOccurs="0" name="OKZ" type="xs:string" /> + <xs:element minOccurs="0" name="SKZ" type="xs:string" /> + <xs:element minOccurs="0" name="ADRCD" type="xs:string" /> + <xs:element minOccurs="0" name="SUBCD" type="xs:string" /> + <xs:element minOccurs="0" name="OBJNR" type="xs:string" /> + <xs:element minOccurs="0" name="NTZLNR" type="xs:string" /> + </xs:sequence> + </xs:complexType> + <xs:element name="TransformBPK"> + <xs:complexType> + <xs:sequence> + <xs:element name="PersonInfo" type="szr:PersonInfoType" /> + <xs:element name="InputBPK" type="xs:string" /> + <xs:element name="InputBereichsKennung" type="xs:string" /> + <xs:element name="Begruendung" type="xs:string" /> + <xs:element maxOccurs="unbounded" name="Target" type="szr:FremdBPKRequestType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="TransformBPKResponse"> + <xs:complexType> + <xs:sequence> + <xs:element maxOccurs="unbounded" name="TransformBPKReturn" type="szr:FremdBPKType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetVKZPermission"> + <xs:complexType> + <xs:sequence> + <xs:element name="VKZ" type="xs:string" /> + <xs:element name="BereichsKennung" type="xs:string" /> + <xs:element minOccurs="0" name="ParticipantId" type="xs:string" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetVKZPermissionResponse"> + <xs:complexType> + <xs:sequence> + <xs:element name="GetVKZPermissionReturn" type="szr:GetVKZPermissionResponseType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:complexType name="IdentityLinkType"> + <xs:sequence> + <xs:element name="PersonInfo" type="szr:PersonInfoType" /> + <xs:element name="Assertion" type="xs:anyType" /> + <xs:element minOccurs="0" name="AdditionalInfo" type="xs:string" /> + </xs:sequence> + </xs:complexType> + <xs:complexType name="ResultRecord"> + <xs:sequence> + <xs:element name="PersonInfo" type="szr:PersonInfoType" /> + <xs:element name="Register" type="xs:string" /> + <xs:element name="bPK" type="xs:string" /> + <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" /> + </xs:sequence> + </xs:complexType> + <xs:complexType name="GetBPKKombiRequestType"> + <xs:sequence> + <xs:element name="PersonInfo" type="szr:PersonInfoType" /> + <xs:element minOccurs="0" name="InsertERnP"> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:enumeration value="NoInsert" /> + <xs:enumeration value="InsertOnNoMatch" /> + <xs:enumeration value="ForceInsert" /> + </xs:restriction> + </xs:simpleType> + </xs:element> + <xs:element minOccurs="0" name="Suchwizard" type="xs:boolean" /> + <xs:element name="VKZ" type="xs:string" nillable="true" /> + <xs:element minOccurs="0" name="BehoerdenKennzeichen" type="xs:string" /> + <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> + <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> + <xs:element minOccurs="0" name="Sessionid" type="xs:string" /> + </xs:sequence> + </xs:complexType> + <xs:complexType name="GetBPKKombiResponseType"> + <xs:complexContent> + <xs:extension base="szr:GetBPKZPVResponseType"> + <xs:sequence> + <xs:element name="FoundWithSuchwizard" type="xs:boolean" /> + <xs:element name="Sessionid" type="xs:string" /> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:complexType name="GetBPKZPVRequestType"> + <xs:sequence> + <xs:element name="PersonInfo" type="szr:PersonInfoType" /> + <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" default="false" /> + <xs:element minOccurs="1" name="VKZ" type="xs:string" /> + <xs:element minOccurs="0" name="BehoerdenKennzeichen" type="xs:string" /> + <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> + <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> + </xs:sequence> + </xs:complexType> + <xs:complexType name="GetBPKZPVResponseType"> + <xs:sequence> + <xs:element maxOccurs="unbounded" name="ResultRecord" type="szr:ResultRecord" /> + <xs:element name="InsertERnPResult" type="xs:boolean" /> + </xs:sequence> + </xs:complexType> + <xs:complexType name="GetBPKFromStammzahlEncryptedRequestType"> + <xs:sequence> + <xs:element minOccurs="1" name="StammzahlEncrypted" type="xs:string" /> + <xs:element minOccurs="0" name="PersonInfo" type="szr:PersonInfoType" /> + <xs:element minOccurs="1" name="VKZ" type="xs:string" /> + <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> + <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> + </xs:sequence> + </xs:complexType> + <xs:complexType name="GetBPKFromStammzahlEncryptedResponseType"> + <xs:sequence> + <xs:element minOccurs="0" name="bPK" type="xs:string" /> + <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" /> + </xs:sequence> + </xs:complexType> + <xs:element name="GetIdentityLink"> + <xs:complexType> + <xs:sequence> + <xs:element name="PersonInfo" type="szr:PersonInfoType" /> + <xs:element maxOccurs="unbounded" name="KeyValue" type="dsig:KeyValueType" /> + <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetIdentityLinkResponse"> + <xs:complexType> + <xs:sequence> + <xs:element name="GetIdentityLinkReturn" type="szr:IdentityLinkType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetBPK"> + <xs:complexType> + <xs:sequence> + <xs:element name="PersonInfo" type="szr:PersonInfoType" /> + <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> + <xs:element minOccurs="0" name="VKZ" type="xs:string" /> + <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> + <xs:element minOccurs="0" name="ListMultiplePersons" type="xs:boolean" /> + <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetBPKResponse"> + <xs:complexType> + <xs:sequence> + <xs:element minOccurs="0" name="GetBPKReturn" type="xs:string" /> + <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" /> + <xs:element maxOccurs="5" minOccurs="0" name="PersonInfo" type="szr:PersonInfoType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetBPKs"> + <xs:complexType> + <xs:sequence> + <xs:element maxOccurs="unbounded" name="PersonInfo" type="szr:PersonInfoType" /> + <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" /> + <xs:element name="VKZ" type="xs:string" /> + <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetBPKsResponse"> + <xs:complexType> + <xs:sequence> + <xs:element maxOccurs="unbounded" name="ResultRecord" type="szr:GetBPKsResponseType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:complexType name="GetBPKsResponseType"> + <xs:sequence> + <xs:element minOccurs="0" name="BPK" type="xs:string" /> + <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" /> + <xs:element minOccurs="0" name="Fault"> + <xs:complexType> + <xs:attribute name="Code" type="xs:string" /> + <xs:attribute name="String" type="xs:string" /> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + <xs:element name="GetBPKKombi"> + <xs:complexType> + <xs:sequence> + <xs:element name="GetBPKKombiRequest" type="szr:GetBPKKombiRequestType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetBPKKombiResponse"> + <xs:complexType> + <xs:sequence> + <xs:element name="GetBPKKombiResponse" type="szr:GetBPKKombiResponseType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetBPKZPV"> + <xs:complexType> + <xs:sequence> + <xs:element name="GetBPKZPVRequest" type="szr:GetBPKZPVRequestType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetBPKZPVResponse"> + <xs:complexType> + <xs:sequence> + <xs:element name="GetBPKZPVResponse" type="szr:GetBPKZPVResponseType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetBPKFromStammzahlEncrypted"> + <xs:complexType> + <xs:sequence> + <xs:element name="GetBPKFromStammzahlEncryptedRequest" type="szr:GetBPKFromStammzahlEncryptedRequestType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetBPKFromStammzahlEncryptedResponse"> + <xs:complexType> + <xs:sequence> + <xs:element name="GetBPKFromStammzahlEncryptedResponse" type="szr:GetBPKFromStammzahlEncryptedResponseType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="ValidateIdentityLink"> + <xs:complexType> + <xs:sequence> + <xs:element name="IdentityLink" type="szr:IdentityLinkType" /> + <xs:element name="BereichsKennung" type="xs:string" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="ValidateIdentityLinkResponse"> + <xs:complexType> + <xs:sequence> + <xs:element name="ValidateIdentityLinkReturn" type="xs:string" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="BPKzuBasiszahl"> + <xs:complexType> + <xs:sequence> + <xs:element name="Bereich" type="xs:string" /> + <xs:element name="BPK" type="xs:string" /> + <xs:element maxOccurs="unbounded" name="BasisZahl" type="xs:string" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="BPKzuBasiszahlResponse"> + <xs:complexType> + <xs:sequence> + <xs:element name="BPKzuBasiszahlReturn" type="xs:string" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:complexType name="FremdBPKRequestType"> + <xs:sequence> + <xs:element name="BereichsKennung" type="xs:string" /> + <xs:element name="VKZ" type="xs:string" /> + </xs:sequence> + </xs:complexType> + <xs:complexType name="FremdBPKType"> + <xs:sequence> + <xs:element name="BereichsKennung" type="xs:string" /> + <xs:element name="FremdBPK" type="xs:string" /> + </xs:sequence> + </xs:complexType> + <xs:complexType name="GetVKZPermissionResponseType"> + <xs:sequence> + <xs:element name="isAllowed" type="xs:boolean" /> + <xs:element minOccurs="0" name="behSchluessel" type="xs:string" /> + </xs:sequence> + </xs:complexType> + <xs:element name="BasiszahlZuBPK"> + <xs:complexType> + <xs:sequence> + <xs:element minOccurs="0" name="VKZ" type="xs:string" /> + <xs:element maxOccurs="unbounded" name="BasisZahl" type="xs:string" /> + <xs:element maxOccurs="unbounded" minOccurs="0" name="Bereich" type="xs:string" /> + <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKTargets" type="szr:FremdBPKRequestType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:complexType name="BasiszahlZuBPKReturnType"> + <xs:sequence> + <xs:element maxOccurs="unbounded" minOccurs="0" name="BPK" type="xs:string" /> + <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKs" type="szr:FremdBPKType" /> + </xs:sequence> + </xs:complexType> + <xs:element name="BasiszahlZuBPKResponse"> + <xs:complexType> + <xs:sequence> + <xs:element maxOccurs="unbounded" name="BasiszahlZuBPKReturn" type="szr:BasiszahlZuBPKReturnType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="ZMRAnwendungsIntegration"> + <xs:complexType> + <xs:sequence> + <xs:element name="Bereich" type="xs:string" /> + <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKTargets" type="szr:FremdBPKRequestType" /> + <xs:element maxOccurs="unbounded" name="ZMRfremdbPK" type="xs:string" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:complexType name="ZMRAnwendungsIntegrationReturnType"> + <xs:sequence> + <xs:element name="BPK" type="xs:string" /> + <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKs" type="szr:FremdBPKType" /> + </xs:sequence> + </xs:complexType> + <xs:element name="ZMRAnwendungsIntegrationResponse"> + <xs:complexType> + <xs:sequence> + <xs:element maxOccurs="unbounded" name="ZMRAnwendungsIntegrationReturn" type="szr:ZMRAnwendungsIntegrationReturnType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetStammzahl"> + <xs:complexType> + <xs:sequence> + <xs:element name="PersonInfo" type="szr:PersonInfoType" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetStammzahlResponse"> + <xs:complexType> + <xs:sequence> + <xs:element name="Stammzahl" type="xs:string" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetStammzahlEncrypted"> + <xs:complexType> + <xs:sequence> + <xs:element name="PersonInfo" type="szr:PersonInfoType" /> + <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetStammzahlEncryptedResponse"> + <xs:complexType> + <xs:sequence> + <xs:element name="Stammzahl" type="xs:string" /> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:element name="GetVersion" /> + <xs:element name="GetVersionResponse"> + <xs:complexType> + <xs:sequence> + <xs:element name="Version" type="xs:string" /> + <xs:element name="Revision" type="xs:string" /> + <xs:element name="Time" type="xs:string" /> + <xs:element name="IdentityLinkNotAfter" type="xs:string" /> + </xs:sequence> + </xs:complexType> + </xs:element> +</xs:schema>
\ No newline at end of file diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java index e68dcb9b..7f9497fc 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java @@ -1,185 +1,9 @@ -<<<<<<< HEAD:eidas_modules/authmodule-eIDAS-v2/src/test/java/at/gv/egiz/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java -//package at.gv.egiz.test.eidas.specific.modules.authmodule_eIDASv2; -// -//import java.io.IOException; -//import java.math.BigInteger; -//import java.security.InvalidKeyException; -//import java.security.NoSuchProviderException; -//import java.security.PublicKey; -//import java.security.interfaces.RSAPublicKey; -//import java.util.ArrayList; -//import java.util.List; -// -//import org.apache.commons.lang3.StringUtils; -//import org.junit.Test; -//import org.junit.runner.RunWith; -//import org.slf4j.Logger; -//import org.slf4j.LoggerFactory; -//import org.springframework.beans.factory.annotation.Autowired; -//import org.springframework.test.context.ContextConfiguration; -//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -//import org.springframework.util.Base64Utils; -//import org.w3._2000._09.xmldsig.KeyValueType; -//import org.w3._2000._09.xmldsig.RSAKeyValueType; -//import org.w3c.dom.Element; -// -//import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType; -//import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType; -//import at.gv.egiz.eaaf.core.api.data.EAAFConstants; -//import at.gv.egiz.eaaf.core.api.idp.IConfiguration; -//import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; -//import at.gv.egiz.eaaf.core.exceptions.EAAFParserException; -//import at.gv.egiz.eaaf.core.impl.data.Trible; -//import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser; -//import at.gv.egiz.eidas.specific.modules.authmodule_eIDASv2.Constants; -//import at.gv.egiz.eidas.specific.modules.authmodule_eIDASv2.exception.SZRCommunicationException; -//import at.gv.egiz.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient; -//import at.gv.egiz.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils; -//import szrservices.IdentityLinkType; -//import szrservices.PersonInfoType; -//import szrservices.SZRException_Exception; -//import szrservices.TravelDocumentType; -// -//@RunWith(SpringJUnit4ClassRunner.class) -//@ContextConfiguration("/SpringTest-context_basic_test.xml") -//public class SZRClientTest { -// private static final Logger log = LoggerFactory.getLogger(SZRClientTest.class); -// -// @Autowired SZRClient szrClient; -// @Autowired IConfiguration basicConfig; -// -// private static final String givenName = "Franz"; -// private static final String familyName = "Mustermann"; -// private static final String dateOfBirth = "1987-05-05"; -// private static final String eIDASeID = "IS/AT/123456789ABCDE"; -// -// private static final String DUMMY_TARGET = EAAFConstants.URN_PREFIX_CDID + "ZP"; -// -// @Test -// public void dummyTest() { -// -// } -// -// -// //@Test -// public void getIdentityLink() throws SZRException_Exception, EAAFParserException, NoSuchProviderException, IOException, InvalidKeyException, SZRCommunicationException { -// log.debug("Starting connecting SZR Gateway"); -// IdentityLinkType result = szrClient.getIdentityLink( -// getPersonInfo(), -// dummyCodeForKeys(), -// basicConfig.getBasicMOAIDConfigurationBoolean( -// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_INSERTERNB, -// true) -// ); -// -// Element idlFromSZR = (Element)result.getAssertion(); -// IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSZR).parseIdentityLink(); -// if (identityLink == null) -// throw new SZRCommunicationException("ernb.00", new Object[] {"bPK is null or empty"}); -// -// } -// -// //@Test -// public void getbPKTest() throws SZRException_Exception, SZRCommunicationException { -// String bPK = szrClient.getBPK(getPersonInfo(), DUMMY_TARGET, -// basicConfig.getBasicConfiguration( -// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, -// "no VKZ defined")); -// -// if (StringUtils.isEmpty(bPK)) -// throw new SZRCommunicationException("ernb.01", new Object[] {"bPK is null or empty"}); -// -// -// } -// -// private PersonInfoType getPersonInfo() { -// PersonInfoType personInfo = new PersonInfoType(); -// PersonNameType personName = new PersonNameType(); -// PhysicalPersonType naturalPerson = new PhysicalPersonType(); -// TravelDocumentType eDocument = new TravelDocumentType(); -// -// naturalPerson.setName(personName ); -// personInfo.setPerson(naturalPerson ); -// personInfo.setTravelDocument(eDocument ); -// -// //parse some eID attributes -// Trible<String, String, String> eIdentifier = -// eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIDASeID); -// String uniqueId = (String)eIDASeID; -// String citizenCountry = eIdentifier.getFirst(); -// -// //person information -// personName.setFamilyName((String)familyName); -// personName.setGivenName((String)givenName); -// naturalPerson.setDateOfBirth(dateOfBirth); -// eDocument.setIssuingCountry(citizenCountry); -// eDocument.setDocumentNumber(uniqueId); -// -// //eID document information -// eDocument.setDocumentType(basicConfig.getBasicConfiguration( -// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE, -// Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE)); -// -// //TODO: that should be removed -// eDocument.setIssueDate(basicConfig.getBasicConfiguration( -// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE, -// Constants.SZR_CONSTANTS_DEFAULT_ISSUING_DATE)); -// eDocument.setIssuingAuthority(basicConfig.getBasicConfiguration( -// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY, -// Constants.SZR_CONSTANTS_DEFAULT_ISSUING_AUTHORITY)); -// -// return personInfo; -// } -// -// -// private List<KeyValueType> dummyCodeForKeys() throws IOException, NoSuchProviderException, InvalidKeyException { -// if (basicConfig.getBasicMOAIDConfigurationBoolean( -// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY, -// false)) { -// List<KeyValueType> keyvalueList = new ArrayList<KeyValueType>(); -// try { -// //Security.addProvider(new BouncyCastleProvider()); -// //PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(Constants.SZR_CONSTANTS_DEFAULT_PUBL_KEY); -// //KeyFactory kf = KeyFactory.getInstance("RSA", "BC"); -// -// //PublicKey pb = kf.generatePublic(spec); -// PublicKey pb = new iaik.security.rsa.RSAPublicKey(Constants.SZR_CONSTANTS_DEFAULT_PUBL_KEY); -// -// RSAPublicKey rsapb = (RSAPublicKey)pb; -// BigInteger modulus = rsapb.getModulus(); -// BigInteger exponent = rsapb.getPublicExponent(); -// -// // set key values -// RSAKeyValueType rsa = new RSAKeyValueType(); -// rsa.setExponent(new String(Base64Utils.encode(exponent.toByteArray()))); -// rsa.setModulus(new String(Base64Utils.encode(modulus.toByteArray()))); -// -// KeyValueType key = new KeyValueType(); -// key.setRSAKeyValue(rsa); -// -// keyvalueList.add(key); -// -// return keyvalueList; -// } catch (Exception e) { -// log.error("TestCode has an internal ERROR", e); -// throw e; -// } -// -// } -// -// return null; -// -// } -//} -======= package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2; import java.io.IOException; -import java.math.BigInteger; import java.security.InvalidKeyException; +import java.security.MessageDigest; import java.security.NoSuchProviderException; -import java.security.PublicKey; -import java.security.interfaces.RSAPublicKey; import java.util.ArrayList; import java.util.List; @@ -198,6 +22,7 @@ import org.w3c.dom.Element; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SZRCommunicationException; +import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient; import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils; import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType; @@ -223,8 +48,12 @@ public class SZRClientTest { private static final String givenName = "Franz"; private static final String familyName = "Mustermann"; - private static final String dateOfBirth = "1987-05-05"; - private static final String eIDASeID = "IS/AT/123456789ABCDE"; + private static final String dateOfBirth = "1988-05-05"; + private static final String eIDASeID = "IS/AT/123456789ABCDEF"; + + //Dummy public RSA Key + private static final String PUBKEY_EXPONENT = "AQAB"; + private static final String PUBKEY_MODULUS = "AJZyj/+sdCMDRq9RkvbFcgSTVn/OfS8EUE81ddwP8MNuJ1kd1SWBUJPaQX2JLJHrL54mkOhrkhH2M/zcuOTu8nW9TOEgXGjrRB/0HpiYKpV+VDJViyyc/GacNLxN4Anw4pima6gHYaJIw9hQkL/nuO2hyh8PGJd7rxeFXJmbLy+X"; private static final String DUMMY_TARGET = EAAFConstants.URN_PREFIX_CDID + "ZP"; @@ -234,10 +63,31 @@ public class SZRClientTest { } + /* + * getIdentityLink without RAW mode does not contain a valid signature + */ //@Test - public void getIdentityLink() throws SZRException_Exception, EAAFParserException, NoSuchProviderException, IOException, InvalidKeyException, SZRCommunicationException { +// public void getIdentityLink() throws SZRException_Exception, EAAFParserException, NoSuchProviderException, IOException, InvalidKeyException, eIDASAuthenticationException { +// log.debug("Starting connecting SZR Gateway"); +// IdentityLinkType result = szrClient.getIdentityLink( +// getPersonInfo(), +// dummyCodeForKeys(), +// basicConfig.getBasicMOAIDConfigurationBoolean( +// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_INSERTERNB, +// true) +// ); +// +// Element idlFromSZR = (Element)result.getAssertion(); +// IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSZR).parseIdentityLink(); +// if (identityLink == null) +// throw new SZRCommunicationException("ernb.00", new Object[] {"bPK is null or empty"}); +// +// } + +// @Test + public void getIdentityLinkRawMode() throws SZRException_Exception, EAAFParserException, NoSuchProviderException, IOException, InvalidKeyException, eIDASAuthenticationException { log.debug("Starting connecting SZR Gateway"); - IdentityLinkType result = szrClient.getIdentityLink( + IdentityLinkType result = szrClient.getIdentityLinkInRawMode( getPersonInfo(), dummyCodeForKeys(), basicConfig.getBasicMOAIDConfigurationBoolean( @@ -247,13 +97,39 @@ public class SZRClientTest { Element idlFromSZR = (Element)result.getAssertion(); IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSZR).parseIdentityLink(); + if (identityLink == null) - throw new SZRCommunicationException("ernb.00", new Object[] {"bPK is null or empty"}); - + throw new SZRCommunicationException("ernb.00", new Object[] {"NO IDL object"}); + + System.out.println(identityLink.getSerializedSamlAssertion()); + + if (StringUtils.isEmpty(identityLink.getFamilyName())) + throw new SZRCommunicationException("ernb.00", new Object[] {"NO FamilyName from IDL"}); + + if (StringUtils.isEmpty(identityLink.getGivenName())) + throw new SZRCommunicationException("ernb.00", new Object[] {"NO GivenName from IDL"}); + + if (StringUtils.isEmpty(identityLink.getDateOfBirth())) + throw new SZRCommunicationException("ernb.00", new Object[] {"NO DateOfBirthName from IDL"}); + + if (StringUtils.isEmpty(identityLink.getIdentificationType())) + throw new SZRCommunicationException("ernb.00", new Object[] {"NO baseIdType from IDL"}); + + if (StringUtils.isEmpty(identityLink.getIdentificationValue())) + throw new SZRCommunicationException("ernb.00", new Object[] {"NO baseId from IDL"}); + + if (StringUtils.isEmpty(identityLink.getSerializedSamlAssertion())) + throw new SZRCommunicationException("ernb.00", new Object[] {"NO serialized IDL"}); + + if (identityLink.getSamlAssertion() == null ) + throw new SZRCommunicationException("ernb.00", new Object[] {"NO raw IDL"}); + + + } - //@Test - public void getbPKTest() throws SZRException_Exception, SZRCommunicationException { +// @Test + public void getbPKTest() throws SZRException_Exception, eIDASAuthenticationException { String bPK = szrClient.getBPK(getPersonInfo(), DUMMY_TARGET, basicConfig.getBasicConfiguration( Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, @@ -265,7 +141,20 @@ public class SZRClientTest { } - private PersonInfoType getPersonInfo() { + private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException { + try { + MessageDigest md = MessageDigest.getInstance("SHA-256"); + byte[] hash = md.digest(uniqueId.getBytes("UTF-8")); + String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", ""); + return hashBase64; + + } catch (Exception ex) { + throw new eIDASAuthenticationException("internal.03", new Object[]{}, ex); + + } + } + + private PersonInfoType getPersonInfo() throws eIDASAuthenticationException { PersonInfoType personInfo = new PersonInfoType(); PersonNameType personName = new PersonNameType(); PhysicalPersonType naturalPerson = new PhysicalPersonType(); @@ -278,7 +167,7 @@ public class SZRClientTest { //parse some eID attributes Trible<String, String, String> eIdentifier = eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIDASeID); - String uniqueId = (String)eIDASeID; + String uniqueId = createHashFromUniqueId(eIdentifier.getThird()); String citizenCountry = eIdentifier.getFirst(); //person information @@ -311,31 +200,20 @@ public class SZRClientTest { false)) { List<KeyValueType> keyvalueList = new ArrayList<KeyValueType>(); try { - //Security.addProvider(new BouncyCastleProvider()); - //PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(Constants.SZR_CONSTANTS_DEFAULT_PUBL_KEY); - //KeyFactory kf = KeyFactory.getInstance("RSA", "BC"); - - //PublicKey pb = kf.generatePublic(spec); - PublicKey pb = new iaik.security.rsa.RSAPublicKey(Constants.SZR_CONSTANTS_DEFAULT_PUBL_KEY); - - RSAPublicKey rsapb = (RSAPublicKey)pb; - BigInteger modulus = rsapb.getModulus(); - BigInteger exponent = rsapb.getPublicExponent(); - // set key values RSAKeyValueType rsa = new RSAKeyValueType(); - rsa.setExponent(new String(Base64Utils.encode(exponent.toByteArray()))); - rsa.setModulus(new String(Base64Utils.encode(modulus.toByteArray()))); + rsa.setExponent(PUBKEY_EXPONENT); + rsa.setModulus(PUBKEY_MODULUS); KeyValueType key = new KeyValueType(); - key.setRSAKeyValue(rsa); - + key.setRSAKeyValue(rsa); keyvalueList.add(key); return keyvalueList; } catch (Exception e) { log.error("TestCode has an internal ERROR", e); throw e; + } } @@ -344,4 +222,3 @@ public class SZRClientTest { } } ->>>>>>> 6d09f43225ba2e0f6d7b0583f843c858a1015807:eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java |