aboutsummaryrefslogtreecommitdiff
path: root/eidas_modules/authmodule-eIDAS-v2/src
diff options
context:
space:
mode:
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2/src')
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java9
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java44
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java91
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr.xsd388
-rw-r--r--eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java283
5 files changed, 548 insertions, 267 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java
index 64cf6af2..85743585 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/Constants.java
@@ -60,6 +60,7 @@ public class Constants {
public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE = CONIG_PROPS_EIDAS_SZRCLIENT + ".params.issuingdate";
public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY = CONIG_PROPS_EIDAS_SZRCLIENT + ".params.issuingauthority";
public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY= CONIG_PROPS_EIDAS_SZRCLIENT + ".params.usedummykeys";
+ public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USESRZFORBPKGENERATION= CONIG_PROPS_EIDAS_SZRCLIENT + ".params.useSZRForbPKCalculation";
//http endpoint descriptions
public static final String eIDAS_HTTP_ENDPOINT_SP_POST = "/eidas/light/sp/post";
@@ -99,12 +100,16 @@ public class Constants {
public static final String HTTP_CLIENT_DEFAULT_TIMEOUT_RESPONSE = "60"; //seconds
+ public static final String SZR_SCHEMA_LOCATIONS =
+ ("urn:SZRServices" + " " + "/szr_client/szr.xsd");
+
//Default values for SZR communication
public static final String SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE = "ELEKTR_DOKUMENT";
//TODO remove!!!
public static final String SZR_CONSTANTS_DEFAULT_ISSUING_DATE = "2014-01-01";
public static final String SZR_CONSTANTS_DEFAULT_ISSUING_AUTHORITY = "ms-specific eIDAS-Node for AT";
- public final static byte[] SZR_CONSTANTS_DEFAULT_PUBL_KEY = new byte[] {48, -127, -97, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 1, 5, 0, 3, -127, -115, 0, 48, -127, -119, 2, -127, -127, 0, -106, 114, -113, -1, -84, 116, 35, 3, 70, -81, 81, -110, -10, -59, 114, 4, -109, 86, 127, -50, 125, 47, 4, 80, 79, 53, 117, -36, 15, -16, -61, 110, 39, 89, 29, -43, 37, -127, 80, -109, -38, 65, 125, -119, 44, -111, -21, 47, -98, 38, -112, -24, 107, -110, 17, -10, 51, -4, -36, -72, -28, -18, -14, 117, -67, 76, -31, 32, 92, 104, -21, 68, 31, -12, 30, -104, -104, 42, -107, 126, 84, 50, 85, -117, 44, -100, -4, 102, -100, 52, -68, 77, -32, 9, -16, -30, -104, -90, 107, -88, 7, 97, -94, 72, -61, -40, 80, -112, -65, -25, -72, -19, -95, -54, 31, 15, 24, -105, 123, -81, 23, -123, 92, -103, -101, 47, 47, -105, 2, 3, 1, 0, 1};
-
+ public static final String SZR_CONSTANTS_DEFAULT_PUBKEY_EXPONENT = "AQAB";
+ public static final String SZR_CONSTANTS_DEFAULT_PUBKEY_MODULUS = "AJZyj/+sdCMDRq9RkvbFcgSTVn/OfS8EUE81ddwP8MNuJ1kd1SWBUJPaQX2JLJHrL54mkOhrkhH2M/zcuOTu8nW9TOEgXGjrRB/0HpiYKpV+VDJViyyc/GacNLxN4Anw4pima6gHYaJIw9hQkL/nuO2hyh8PGJd7rxeFXJmbLy+X";
+
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java
index cec36d4b..4840a5e0 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/szr/SZRClient.java
@@ -88,21 +88,28 @@ public class SZRClient {
private SZRService szrService = null;
private String szrURL = null;
private QName qname = null;
-
- public IdentityLinkType getIdentityLink(PersonInfoType personInfo, List<KeyValueType> keyValue, Boolean insertERnP) throws SZRCommunicationException {
- try {
- return szr.getIdentityLink(
- personInfo,
- keyValue,
- insertERnP);
-
- } catch (SZRException_Exception e) {
- log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
- throw new SZRCommunicationException("ernb.02", new Object[] {e.getMessage()}, e);
-
- }
-
- }
+
+ /*
+ * This method does not return a valid signed IDL, because Apache CXF XML parser switch namespaces!!!!
+ */
+// public IdentityLinkType getIdentityLink(PersonInfoType personInfo, List<KeyValueType> keyValue, Boolean insertERnP) throws SZRCommunicationException {
+// try {
+// return szr.getIdentityLink(
+// personInfo,
+// keyValue,
+// insertERnP);
+//
+// } catch (SZRException_Exception | SOAPFaultException e) {
+// log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
+// throw new SZRCommunicationException("ernb.02", new Object[] {e.getMessage()}, e);
+//
+// } catch (Exception e) {
+// log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
+// throw new SZRCommunicationException("ernb.02", new Object[] {e.getMessage()}, e);
+//
+// }
+//
+// }
public IdentityLinkType getIdentityLinkInRawMode(PersonInfoType personInfo, List<KeyValueType> keyValue, Boolean insertERnP) throws SZRCommunicationException {
try {
@@ -139,7 +146,9 @@ public class SZRClient {
// ok, we have success
Document doc = DOMUtils.parseDocument(
new ByteArrayInputStream(szrResponse),
- true, XMLNamespaceConstants.ALL_SCHEMA_LOCATIONS, null, null
+ true,
+ XMLNamespaceConstants.ALL_SCHEMA_LOCATIONS + " " + Constants.SZR_SCHEMA_LOCATIONS,
+ null, null
);
String xpathExpression = "//saml:Assertion";
Element nsNode = doc.createElementNS("urn:oasis:names:tc:SAML:1.0:assertion", "saml:NSNode");
@@ -288,7 +297,8 @@ public class SZRClient {
LoggingHandler loggingHandler = new LoggingHandler();
handlerList.add(loggingHandler);
- }
+ }
+ bindingProvider.getBinding().setHandlerChain(handlerList);
}
private SSLContext createSSLContext(String clientType) {
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java
index 8ad529e8..9882bab2 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/authmodule_eIDASv2/tasks/CreateIdentityLinkTask.java
@@ -3,13 +3,7 @@
package at.asitplus.eidas.specific.modules.authmodule_eIDASv2.tasks;
import java.io.InputStream;
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.NoSuchAlgorithmException;
-import java.security.PublicKey;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.MessageDigest;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.HashMap;
@@ -38,6 +32,7 @@ import at.asitplus.eidas.specific.connector.MSConnectorEventCodes;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SZRCommunicationException;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAttributeException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
@@ -172,13 +167,13 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
//parse some eID attributes
String dateOfBirth = new SimpleDateFormat("yyyy-MM-dd").format(((DateTime)dateOfBirthObj).toDate());
-
- // eID attribute has format <SOURCE-COUNTRY>/<DESTINATION-COUNTRY>/IDENTIFIER
- Trible<String, String, String> eIdentifier =
+ Trible<String, String, String> eIdentifier =
eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIdentifierObj);
- // TODO: Shall we really use entire eID value (including countries information) or only identifier value?
- String uniqueId = (String)eIdentifierObj;
String citizenCountry = eIdentifier.getFirst();
+
+ //hash unique identifier as work-around for uniqueId length restriction
+ String uniqueId = createHashFromUniqueId(eIdentifier.getThird());
+
//person information
personName.setFamilyName((String)familyNameObj);
@@ -194,20 +189,14 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
//TODO: that should be removed
eDocument.setIssueDate(basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE,
- Constants.SZR_CONSTANTS_DEFAULT_ISSUING_DATE));
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE));
eDocument.setIssuingAuthority(basicConfig.getBasicConfiguration(
- Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY,
- Constants.SZR_CONSTANTS_DEFAULT_ISSUING_AUTHORITY));
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY));
//TODO: keys are not available in eIDAS
List<KeyValueType> keyValue = dummyCodeForKeys();
- /*TODO:
- * Validate if IDL signature is valid after using this method
- * MAYBE we had to switch to 'getIdentityLinkInRawMode' method!
- */
- IdentityLinkType result = szrClient.getIdentityLink(
+ IdentityLinkType result = szrClient.getIdentityLinkInRawMode(
personInfo,
keyValue,
basicConfig.getBasicMOAIDConfigurationBoolean(
@@ -220,12 +209,24 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
//get bPK from SZR
- bPK = szrClient.getBPK(
+ if (basicConfig.getBasicMOAIDConfigurationBoolean(
+ Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USESRZFORBPKGENERATION, true)) {
+ bPK = szrClient.getBPK(
personInfo,
pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier(),
basicConfig.getBasicConfiguration(
Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ,
"no VKZ defined"));
+
+ } else {
+ log.debug("Calculating bPK from baseId ... ");
+ Pair<String, String> bPKCalc = new BPKBuilder().generateAreaSpecificPersonIdentifier(
+ identityLink.getIdentificationValue(),
+ identityLink.getIdentificationType(),
+ pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier());
+ bPK = bPKCalc.getFirst();
+
+ }
}
@@ -281,36 +282,36 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
}
}
+ private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException {
+ try {
+ MessageDigest md = MessageDigest.getInstance("SHA-256");
+ byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
+ String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
+ return hashBase64;
+
+ } catch (Exception ex) {
+ throw new eIDASAuthenticationException("internal.03", new Object[]{}, ex);
+
+ }
+ }
+
private List<KeyValueType> dummyCodeForKeys() {
if (basicConfig.getBasicMOAIDConfigurationBoolean(
Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY,
false)) {
List<KeyValueType> keyvalueList = new ArrayList<KeyValueType>();
- try {
- PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(Constants.SZR_CONSTANTS_DEFAULT_PUBL_KEY);
- KeyFactory kf = KeyFactory.getInstance("RSA");
- PublicKey pb = kf.generatePublic(spec);
-
- RSAPublicKey rsapb = (RSAPublicKey)pb;
- BigInteger modulus = rsapb.getModulus();
- BigInteger exponent = rsapb.getPublicExponent();
-
- // set key values
- RSAKeyValueType rsa = new RSAKeyValueType();
- rsa.setExponent(new String(Base64Utils.encode(exponent.toByteArray())));
- rsa.setModulus(new String(Base64Utils.encode(modulus.toByteArray())));
+ // set key values
+ RSAKeyValueType rsa = new RSAKeyValueType();
+ rsa.setExponent(Constants.SZR_CONSTANTS_DEFAULT_PUBKEY_EXPONENT);
+ rsa.setModulus(Constants.SZR_CONSTANTS_DEFAULT_PUBKEY_MODULUS);
+
+ KeyValueType key = new KeyValueType();
+ key.setRSAKeyValue(rsa);
- KeyValueType key = new KeyValueType();
- key.setRSAKeyValue(rsa);
-
- keyvalueList.add(key);
-
- return keyvalueList;
- } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
- log.error("TestCode has an internal ERROR", e);
-
- }
+ keyvalueList.add(key);
+
+ return keyvalueList;
}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr.xsd b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr.xsd
new file mode 100644
index 00000000..85acfb65
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr.xsd
@@ -0,0 +1,388 @@
+<xs:schema elementFormDefault="qualified" targetNamespace="urn:SZRServices" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pd="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:szr="urn:SZRServices" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+ <xs:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" />
+ <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" />
+ <xs:element name="SZRException" type="szr:SZRException" />
+ <xs:complexType name="SZRException" />
+ <xs:complexType name="PersonInfoType">
+ <xs:sequence>
+ <xs:element name="Person" type="pd:PhysicalPersonType" />
+ <xs:element minOccurs="0" name="RegularDomicile" type="pd:PostalAddressType" />
+ <xs:element minOccurs="0" name="AddressCodes" type="szr:AddressCodesType" />
+ <xs:element minOccurs="0" name="TravelDocument" type="szr:TravelDocumentType" />
+ <xs:element minOccurs="0" name="DateOfBirthWildcard" type="xs:boolean" />
+ <xs:element minOccurs="0" name="AuskunftssperreGesetzt" type="xs:boolean" />
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="TravelDocumentType">
+ <xs:sequence>
+ <xs:element minOccurs="0" name="DocumentNumber" type="xs:string" />
+ <xs:element minOccurs="0" name="DocumentType" type="xs:string" />
+ <xs:element minOccurs="0" name="IssueDate" type="xs:string" />
+ <xs:element minOccurs="0" name="IssuingAuthority" type="xs:string" />
+ <xs:element minOccurs="0" name="IssuingCountry" type="xs:string" />
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="AddressCodesType">
+ <xs:sequence>
+ <xs:element minOccurs="0" name="GKZ" type="xs:string" />
+ <xs:element minOccurs="0" name="OKZ" type="xs:string" />
+ <xs:element minOccurs="0" name="SKZ" type="xs:string" />
+ <xs:element minOccurs="0" name="ADRCD" type="xs:string" />
+ <xs:element minOccurs="0" name="SUBCD" type="xs:string" />
+ <xs:element minOccurs="0" name="OBJNR" type="xs:string" />
+ <xs:element minOccurs="0" name="NTZLNR" type="xs:string" />
+ </xs:sequence>
+ </xs:complexType>
+ <xs:element name="TransformBPK">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="PersonInfo" type="szr:PersonInfoType" />
+ <xs:element name="InputBPK" type="xs:string" />
+ <xs:element name="InputBereichsKennung" type="xs:string" />
+ <xs:element name="Begruendung" type="xs:string" />
+ <xs:element maxOccurs="unbounded" name="Target" type="szr:FremdBPKRequestType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="TransformBPKResponse">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element maxOccurs="unbounded" name="TransformBPKReturn" type="szr:FremdBPKType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetVKZPermission">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="VKZ" type="xs:string" />
+ <xs:element name="BereichsKennung" type="xs:string" />
+ <xs:element minOccurs="0" name="ParticipantId" type="xs:string" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetVKZPermissionResponse">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="GetVKZPermissionReturn" type="szr:GetVKZPermissionResponseType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:complexType name="IdentityLinkType">
+ <xs:sequence>
+ <xs:element name="PersonInfo" type="szr:PersonInfoType" />
+ <xs:element name="Assertion" type="xs:anyType" />
+ <xs:element minOccurs="0" name="AdditionalInfo" type="xs:string" />
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="ResultRecord">
+ <xs:sequence>
+ <xs:element name="PersonInfo" type="szr:PersonInfoType" />
+ <xs:element name="Register" type="xs:string" />
+ <xs:element name="bPK" type="xs:string" />
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" />
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="GetBPKKombiRequestType">
+ <xs:sequence>
+ <xs:element name="PersonInfo" type="szr:PersonInfoType" />
+ <xs:element minOccurs="0" name="InsertERnP">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="NoInsert" />
+ <xs:enumeration value="InsertOnNoMatch" />
+ <xs:enumeration value="ForceInsert" />
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ <xs:element minOccurs="0" name="Suchwizard" type="xs:boolean" />
+ <xs:element name="VKZ" type="xs:string" nillable="true" />
+ <xs:element minOccurs="0" name="BehoerdenKennzeichen" type="xs:string" />
+ <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+ <xs:element minOccurs="0" name="Sessionid" type="xs:string" />
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="GetBPKKombiResponseType">
+ <xs:complexContent>
+ <xs:extension base="szr:GetBPKZPVResponseType">
+ <xs:sequence>
+ <xs:element name="FoundWithSuchwizard" type="xs:boolean" />
+ <xs:element name="Sessionid" type="xs:string" />
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ <xs:complexType name="GetBPKZPVRequestType">
+ <xs:sequence>
+ <xs:element name="PersonInfo" type="szr:PersonInfoType" />
+ <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" default="false" />
+ <xs:element minOccurs="1" name="VKZ" type="xs:string" />
+ <xs:element minOccurs="0" name="BehoerdenKennzeichen" type="xs:string" />
+ <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="GetBPKZPVResponseType">
+ <xs:sequence>
+ <xs:element maxOccurs="unbounded" name="ResultRecord" type="szr:ResultRecord" />
+ <xs:element name="InsertERnPResult" type="xs:boolean" />
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="GetBPKFromStammzahlEncryptedRequestType">
+ <xs:sequence>
+ <xs:element minOccurs="1" name="StammzahlEncrypted" type="xs:string" />
+ <xs:element minOccurs="0" name="PersonInfo" type="szr:PersonInfoType" />
+ <xs:element minOccurs="1" name="VKZ" type="xs:string" />
+ <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="GetBPKFromStammzahlEncryptedResponseType">
+ <xs:sequence>
+ <xs:element minOccurs="0" name="bPK" type="xs:string" />
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" />
+ </xs:sequence>
+ </xs:complexType>
+ <xs:element name="GetIdentityLink">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="PersonInfo" type="szr:PersonInfoType" />
+ <xs:element maxOccurs="unbounded" name="KeyValue" type="dsig:KeyValueType" />
+ <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetIdentityLinkResponse">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="GetIdentityLinkReturn" type="szr:IdentityLinkType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetBPK">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="PersonInfo" type="szr:PersonInfoType" />
+ <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+ <xs:element minOccurs="0" name="VKZ" type="xs:string" />
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+ <xs:element minOccurs="0" name="ListMultiplePersons" type="xs:boolean" />
+ <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetBPKResponse">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element minOccurs="0" name="GetBPKReturn" type="xs:string" />
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" />
+ <xs:element maxOccurs="5" minOccurs="0" name="PersonInfo" type="szr:PersonInfoType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetBPKs">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element maxOccurs="unbounded" name="PersonInfo" type="szr:PersonInfoType" />
+ <xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+ <xs:element name="VKZ" type="xs:string" />
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetBPKsResponse">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element maxOccurs="unbounded" name="ResultRecord" type="szr:GetBPKsResponseType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:complexType name="GetBPKsResponseType">
+ <xs:sequence>
+ <xs:element minOccurs="0" name="BPK" type="xs:string" />
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" />
+ <xs:element minOccurs="0" name="Fault">
+ <xs:complexType>
+ <xs:attribute name="Code" type="xs:string" />
+ <xs:attribute name="String" type="xs:string" />
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:element name="GetBPKKombi">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="GetBPKKombiRequest" type="szr:GetBPKKombiRequestType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetBPKKombiResponse">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="GetBPKKombiResponse" type="szr:GetBPKKombiResponseType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetBPKZPV">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="GetBPKZPVRequest" type="szr:GetBPKZPVRequestType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetBPKZPVResponse">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="GetBPKZPVResponse" type="szr:GetBPKZPVResponseType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetBPKFromStammzahlEncrypted">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="GetBPKFromStammzahlEncryptedRequest" type="szr:GetBPKFromStammzahlEncryptedRequestType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetBPKFromStammzahlEncryptedResponse">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="GetBPKFromStammzahlEncryptedResponse" type="szr:GetBPKFromStammzahlEncryptedResponseType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="ValidateIdentityLink">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="IdentityLink" type="szr:IdentityLinkType" />
+ <xs:element name="BereichsKennung" type="xs:string" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="ValidateIdentityLinkResponse">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="ValidateIdentityLinkReturn" type="xs:string" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="BPKzuBasiszahl">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Bereich" type="xs:string" />
+ <xs:element name="BPK" type="xs:string" />
+ <xs:element maxOccurs="unbounded" name="BasisZahl" type="xs:string" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="BPKzuBasiszahlResponse">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="BPKzuBasiszahlReturn" type="xs:string" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:complexType name="FremdBPKRequestType">
+ <xs:sequence>
+ <xs:element name="BereichsKennung" type="xs:string" />
+ <xs:element name="VKZ" type="xs:string" />
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="FremdBPKType">
+ <xs:sequence>
+ <xs:element name="BereichsKennung" type="xs:string" />
+ <xs:element name="FremdBPK" type="xs:string" />
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="GetVKZPermissionResponseType">
+ <xs:sequence>
+ <xs:element name="isAllowed" type="xs:boolean" />
+ <xs:element minOccurs="0" name="behSchluessel" type="xs:string" />
+ </xs:sequence>
+ </xs:complexType>
+ <xs:element name="BasiszahlZuBPK">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element minOccurs="0" name="VKZ" type="xs:string" />
+ <xs:element maxOccurs="unbounded" name="BasisZahl" type="xs:string" />
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="Bereich" type="xs:string" />
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKTargets" type="szr:FremdBPKRequestType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:complexType name="BasiszahlZuBPKReturnType">
+ <xs:sequence>
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="BPK" type="xs:string" />
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKs" type="szr:FremdBPKType" />
+ </xs:sequence>
+ </xs:complexType>
+ <xs:element name="BasiszahlZuBPKResponse">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element maxOccurs="unbounded" name="BasiszahlZuBPKReturn" type="szr:BasiszahlZuBPKReturnType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="ZMRAnwendungsIntegration">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Bereich" type="xs:string" />
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKTargets" type="szr:FremdBPKRequestType" />
+ <xs:element maxOccurs="unbounded" name="ZMRfremdbPK" type="xs:string" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:complexType name="ZMRAnwendungsIntegrationReturnType">
+ <xs:sequence>
+ <xs:element name="BPK" type="xs:string" />
+ <xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKs" type="szr:FremdBPKType" />
+ </xs:sequence>
+ </xs:complexType>
+ <xs:element name="ZMRAnwendungsIntegrationResponse">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element maxOccurs="unbounded" name="ZMRAnwendungsIntegrationReturn" type="szr:ZMRAnwendungsIntegrationReturnType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetStammzahl">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="PersonInfo" type="szr:PersonInfoType" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetStammzahlResponse">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Stammzahl" type="xs:string" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetStammzahlEncrypted">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="PersonInfo" type="szr:PersonInfoType" />
+ <xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetStammzahlEncryptedResponse">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Stammzahl" type="xs:string" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="GetVersion" />
+ <xs:element name="GetVersionResponse">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Version" type="xs:string" />
+ <xs:element name="Revision" type="xs:string" />
+ <xs:element name="Time" type="xs:string" />
+ <xs:element name="IdentityLinkNotAfter" type="xs:string" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+</xs:schema> \ No newline at end of file
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java
index e68dcb9b..7f9497fc 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java
@@ -1,185 +1,9 @@
-<<<<<<< HEAD:eidas_modules/authmodule-eIDAS-v2/src/test/java/at/gv/egiz/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java
-//package at.gv.egiz.test.eidas.specific.modules.authmodule_eIDASv2;
-//
-//import java.io.IOException;
-//import java.math.BigInteger;
-//import java.security.InvalidKeyException;
-//import java.security.NoSuchProviderException;
-//import java.security.PublicKey;
-//import java.security.interfaces.RSAPublicKey;
-//import java.util.ArrayList;
-//import java.util.List;
-//
-//import org.apache.commons.lang3.StringUtils;
-//import org.junit.Test;
-//import org.junit.runner.RunWith;
-//import org.slf4j.Logger;
-//import org.slf4j.LoggerFactory;
-//import org.springframework.beans.factory.annotation.Autowired;
-//import org.springframework.test.context.ContextConfiguration;
-//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-//import org.springframework.util.Base64Utils;
-//import org.w3._2000._09.xmldsig.KeyValueType;
-//import org.w3._2000._09.xmldsig.RSAKeyValueType;
-//import org.w3c.dom.Element;
-//
-//import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
-//import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
-//import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
-//import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-//import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
-//import at.gv.egiz.eaaf.core.exceptions.EAAFParserException;
-//import at.gv.egiz.eaaf.core.impl.data.Trible;
-//import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
-//import at.gv.egiz.eidas.specific.modules.authmodule_eIDASv2.Constants;
-//import at.gv.egiz.eidas.specific.modules.authmodule_eIDASv2.exception.SZRCommunicationException;
-//import at.gv.egiz.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient;
-//import at.gv.egiz.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
-//import szrservices.IdentityLinkType;
-//import szrservices.PersonInfoType;
-//import szrservices.SZRException_Exception;
-//import szrservices.TravelDocumentType;
-//
-//@RunWith(SpringJUnit4ClassRunner.class)
-//@ContextConfiguration("/SpringTest-context_basic_test.xml")
-//public class SZRClientTest {
-// private static final Logger log = LoggerFactory.getLogger(SZRClientTest.class);
-//
-// @Autowired SZRClient szrClient;
-// @Autowired IConfiguration basicConfig;
-//
-// private static final String givenName = "Franz";
-// private static final String familyName = "Mustermann";
-// private static final String dateOfBirth = "1987-05-05";
-// private static final String eIDASeID = "IS/AT/123456789ABCDE";
-//
-// private static final String DUMMY_TARGET = EAAFConstants.URN_PREFIX_CDID + "ZP";
-//
-// @Test
-// public void dummyTest() {
-//
-// }
-//
-//
-// //@Test
-// public void getIdentityLink() throws SZRException_Exception, EAAFParserException, NoSuchProviderException, IOException, InvalidKeyException, SZRCommunicationException {
-// log.debug("Starting connecting SZR Gateway");
-// IdentityLinkType result = szrClient.getIdentityLink(
-// getPersonInfo(),
-// dummyCodeForKeys(),
-// basicConfig.getBasicMOAIDConfigurationBoolean(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_INSERTERNB,
-// true)
-// );
-//
-// Element idlFromSZR = (Element)result.getAssertion();
-// IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSZR).parseIdentityLink();
-// if (identityLink == null)
-// throw new SZRCommunicationException("ernb.00", new Object[] {"bPK is null or empty"});
-//
-// }
-//
-// //@Test
-// public void getbPKTest() throws SZRException_Exception, SZRCommunicationException {
-// String bPK = szrClient.getBPK(getPersonInfo(), DUMMY_TARGET,
-// basicConfig.getBasicConfiguration(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ,
-// "no VKZ defined"));
-//
-// if (StringUtils.isEmpty(bPK))
-// throw new SZRCommunicationException("ernb.01", new Object[] {"bPK is null or empty"});
-//
-//
-// }
-//
-// private PersonInfoType getPersonInfo() {
-// PersonInfoType personInfo = new PersonInfoType();
-// PersonNameType personName = new PersonNameType();
-// PhysicalPersonType naturalPerson = new PhysicalPersonType();
-// TravelDocumentType eDocument = new TravelDocumentType();
-//
-// naturalPerson.setName(personName );
-// personInfo.setPerson(naturalPerson );
-// personInfo.setTravelDocument(eDocument );
-//
-// //parse some eID attributes
-// Trible<String, String, String> eIdentifier =
-// eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIDASeID);
-// String uniqueId = (String)eIDASeID;
-// String citizenCountry = eIdentifier.getFirst();
-//
-// //person information
-// personName.setFamilyName((String)familyName);
-// personName.setGivenName((String)givenName);
-// naturalPerson.setDateOfBirth(dateOfBirth);
-// eDocument.setIssuingCountry(citizenCountry);
-// eDocument.setDocumentNumber(uniqueId);
-//
-// //eID document information
-// eDocument.setDocumentType(basicConfig.getBasicConfiguration(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE,
-// Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE));
-//
-// //TODO: that should be removed
-// eDocument.setIssueDate(basicConfig.getBasicConfiguration(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE,
-// Constants.SZR_CONSTANTS_DEFAULT_ISSUING_DATE));
-// eDocument.setIssuingAuthority(basicConfig.getBasicConfiguration(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY,
-// Constants.SZR_CONSTANTS_DEFAULT_ISSUING_AUTHORITY));
-//
-// return personInfo;
-// }
-//
-//
-// private List<KeyValueType> dummyCodeForKeys() throws IOException, NoSuchProviderException, InvalidKeyException {
-// if (basicConfig.getBasicMOAIDConfigurationBoolean(
-// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY,
-// false)) {
-// List<KeyValueType> keyvalueList = new ArrayList<KeyValueType>();
-// try {
-// //Security.addProvider(new BouncyCastleProvider());
-// //PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(Constants.SZR_CONSTANTS_DEFAULT_PUBL_KEY);
-// //KeyFactory kf = KeyFactory.getInstance("RSA", "BC");
-//
-// //PublicKey pb = kf.generatePublic(spec);
-// PublicKey pb = new iaik.security.rsa.RSAPublicKey(Constants.SZR_CONSTANTS_DEFAULT_PUBL_KEY);
-//
-// RSAPublicKey rsapb = (RSAPublicKey)pb;
-// BigInteger modulus = rsapb.getModulus();
-// BigInteger exponent = rsapb.getPublicExponent();
-//
-// // set key values
-// RSAKeyValueType rsa = new RSAKeyValueType();
-// rsa.setExponent(new String(Base64Utils.encode(exponent.toByteArray())));
-// rsa.setModulus(new String(Base64Utils.encode(modulus.toByteArray())));
-//
-// KeyValueType key = new KeyValueType();
-// key.setRSAKeyValue(rsa);
-//
-// keyvalueList.add(key);
-//
-// return keyvalueList;
-// } catch (Exception e) {
-// log.error("TestCode has an internal ERROR", e);
-// throw e;
-// }
-//
-// }
-//
-// return null;
-//
-// }
-//}
-=======
package at.asitplus.test.eidas.specific.modules.authmodule_eIDASv2;
import java.io.IOException;
-import java.math.BigInteger;
import java.security.InvalidKeyException;
+import java.security.MessageDigest;
import java.security.NoSuchProviderException;
-import java.security.PublicKey;
-import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.List;
@@ -198,6 +22,7 @@ import org.w3c.dom.Element;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.Constants;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.SZRCommunicationException;
+import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.exception.eIDASAuthenticationException;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.szr.SZRClient;
import at.asitplus.eidas.specific.modules.authmodule_eIDASv2.utils.eIDASResponseUtils;
import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
@@ -223,8 +48,12 @@ public class SZRClientTest {
private static final String givenName = "Franz";
private static final String familyName = "Mustermann";
- private static final String dateOfBirth = "1987-05-05";
- private static final String eIDASeID = "IS/AT/123456789ABCDE";
+ private static final String dateOfBirth = "1988-05-05";
+ private static final String eIDASeID = "IS/AT/123456789ABCDEF";
+
+ //Dummy public RSA Key
+ private static final String PUBKEY_EXPONENT = "AQAB";
+ private static final String PUBKEY_MODULUS = "AJZyj/+sdCMDRq9RkvbFcgSTVn/OfS8EUE81ddwP8MNuJ1kd1SWBUJPaQX2JLJHrL54mkOhrkhH2M/zcuOTu8nW9TOEgXGjrRB/0HpiYKpV+VDJViyyc/GacNLxN4Anw4pima6gHYaJIw9hQkL/nuO2hyh8PGJd7rxeFXJmbLy+X";
private static final String DUMMY_TARGET = EAAFConstants.URN_PREFIX_CDID + "ZP";
@@ -234,10 +63,31 @@ public class SZRClientTest {
}
+ /*
+ * getIdentityLink without RAW mode does not contain a valid signature
+ */
//@Test
- public void getIdentityLink() throws SZRException_Exception, EAAFParserException, NoSuchProviderException, IOException, InvalidKeyException, SZRCommunicationException {
+// public void getIdentityLink() throws SZRException_Exception, EAAFParserException, NoSuchProviderException, IOException, InvalidKeyException, eIDASAuthenticationException {
+// log.debug("Starting connecting SZR Gateway");
+// IdentityLinkType result = szrClient.getIdentityLink(
+// getPersonInfo(),
+// dummyCodeForKeys(),
+// basicConfig.getBasicMOAIDConfigurationBoolean(
+// Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_INSERTERNB,
+// true)
+// );
+//
+// Element idlFromSZR = (Element)result.getAssertion();
+// IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSZR).parseIdentityLink();
+// if (identityLink == null)
+// throw new SZRCommunicationException("ernb.00", new Object[] {"bPK is null or empty"});
+//
+// }
+
+// @Test
+ public void getIdentityLinkRawMode() throws SZRException_Exception, EAAFParserException, NoSuchProviderException, IOException, InvalidKeyException, eIDASAuthenticationException {
log.debug("Starting connecting SZR Gateway");
- IdentityLinkType result = szrClient.getIdentityLink(
+ IdentityLinkType result = szrClient.getIdentityLinkInRawMode(
getPersonInfo(),
dummyCodeForKeys(),
basicConfig.getBasicMOAIDConfigurationBoolean(
@@ -247,13 +97,39 @@ public class SZRClientTest {
Element idlFromSZR = (Element)result.getAssertion();
IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSZR).parseIdentityLink();
+
if (identityLink == null)
- throw new SZRCommunicationException("ernb.00", new Object[] {"bPK is null or empty"});
-
+ throw new SZRCommunicationException("ernb.00", new Object[] {"NO IDL object"});
+
+ System.out.println(identityLink.getSerializedSamlAssertion());
+
+ if (StringUtils.isEmpty(identityLink.getFamilyName()))
+ throw new SZRCommunicationException("ernb.00", new Object[] {"NO FamilyName from IDL"});
+
+ if (StringUtils.isEmpty(identityLink.getGivenName()))
+ throw new SZRCommunicationException("ernb.00", new Object[] {"NO GivenName from IDL"});
+
+ if (StringUtils.isEmpty(identityLink.getDateOfBirth()))
+ throw new SZRCommunicationException("ernb.00", new Object[] {"NO DateOfBirthName from IDL"});
+
+ if (StringUtils.isEmpty(identityLink.getIdentificationType()))
+ throw new SZRCommunicationException("ernb.00", new Object[] {"NO baseIdType from IDL"});
+
+ if (StringUtils.isEmpty(identityLink.getIdentificationValue()))
+ throw new SZRCommunicationException("ernb.00", new Object[] {"NO baseId from IDL"});
+
+ if (StringUtils.isEmpty(identityLink.getSerializedSamlAssertion()))
+ throw new SZRCommunicationException("ernb.00", new Object[] {"NO serialized IDL"});
+
+ if (identityLink.getSamlAssertion() == null )
+ throw new SZRCommunicationException("ernb.00", new Object[] {"NO raw IDL"});
+
+
+
}
- //@Test
- public void getbPKTest() throws SZRException_Exception, SZRCommunicationException {
+// @Test
+ public void getbPKTest() throws SZRException_Exception, eIDASAuthenticationException {
String bPK = szrClient.getBPK(getPersonInfo(), DUMMY_TARGET,
basicConfig.getBasicConfiguration(
Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ,
@@ -265,7 +141,20 @@ public class SZRClientTest {
}
- private PersonInfoType getPersonInfo() {
+ private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException {
+ try {
+ MessageDigest md = MessageDigest.getInstance("SHA-256");
+ byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
+ String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
+ return hashBase64;
+
+ } catch (Exception ex) {
+ throw new eIDASAuthenticationException("internal.03", new Object[]{}, ex);
+
+ }
+ }
+
+ private PersonInfoType getPersonInfo() throws eIDASAuthenticationException {
PersonInfoType personInfo = new PersonInfoType();
PersonNameType personName = new PersonNameType();
PhysicalPersonType naturalPerson = new PhysicalPersonType();
@@ -278,7 +167,7 @@ public class SZRClientTest {
//parse some eID attributes
Trible<String, String, String> eIdentifier =
eIDASResponseUtils.parseEidasPersonalIdentifier((String)eIDASeID);
- String uniqueId = (String)eIDASeID;
+ String uniqueId = createHashFromUniqueId(eIdentifier.getThird());
String citizenCountry = eIdentifier.getFirst();
//person information
@@ -311,31 +200,20 @@ public class SZRClientTest {
false)) {
List<KeyValueType> keyvalueList = new ArrayList<KeyValueType>();
try {
- //Security.addProvider(new BouncyCastleProvider());
- //PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(Constants.SZR_CONSTANTS_DEFAULT_PUBL_KEY);
- //KeyFactory kf = KeyFactory.getInstance("RSA", "BC");
-
- //PublicKey pb = kf.generatePublic(spec);
- PublicKey pb = new iaik.security.rsa.RSAPublicKey(Constants.SZR_CONSTANTS_DEFAULT_PUBL_KEY);
-
- RSAPublicKey rsapb = (RSAPublicKey)pb;
- BigInteger modulus = rsapb.getModulus();
- BigInteger exponent = rsapb.getPublicExponent();
-
// set key values
RSAKeyValueType rsa = new RSAKeyValueType();
- rsa.setExponent(new String(Base64Utils.encode(exponent.toByteArray())));
- rsa.setModulus(new String(Base64Utils.encode(modulus.toByteArray())));
+ rsa.setExponent(PUBKEY_EXPONENT);
+ rsa.setModulus(PUBKEY_MODULUS);
KeyValueType key = new KeyValueType();
- key.setRSAKeyValue(rsa);
-
+ key.setRSAKeyValue(rsa);
keyvalueList.add(key);
return keyvalueList;
} catch (Exception e) {
log.error("TestCode has an internal ERROR", e);
throw e;
+
}
}
@@ -344,4 +222,3 @@ public class SZRClientTest {
}
}
->>>>>>> 6d09f43225ba2e0f6d7b0583f843c858a1015807:eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/test/eidas/specific/modules/authmodule_eIDASv2/SZRClientTest.java