diff options
Diffstat (limited to 'eidas_modules/authmodule-eIDAS-v2')
5 files changed, 70 insertions, 14 deletions
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java index 6de5dae9..0b8de8a7 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java @@ -246,15 +246,15 @@ public class SzrClient { /** - * Signs content. + * Sign an eidasBind data-structure that combines vsz with user's pubKey and E-ID status. * - * @param vsz ? TODO + * @param vsz encryped baseId * @param bindingPubKey binding PublikKey as PKCS1# (ASN.1) container * @param eidStatus Status of the E-ID * @return bPK for this person * @throws SzrCommunicationException In case of a SZR error */ - public String getBcBind(final String vsz, final String bindingPubKey, final String eidStatus) + public String getEidsaBind(final String vsz, final String bindingPubKey, final String eidStatus) throws SzrCommunicationException { final Map<String, Object> bcBindMap = new HashMap<>(); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java index 7444454d..4ace8cf0 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java @@ -157,7 +157,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask { // get eIDAS bind - String signedEidasBind = szrClient.getBcBind(vsz, + String signedEidasBind = szrClient.getEidsaBind(vsz, authBlockSigner.getBase64EncodedPublicKey(), EID_STATUS); revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_EIDASBIND_RECEIVED); diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java index b54b8800..3bb7ee06 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java @@ -39,6 +39,7 @@ import javax.xml.bind.Unmarshaller; import javax.xml.parsers.ParserConfigurationException; import javax.xml.ws.soap.SOAPFaultException; +import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.RandomStringUtils; import org.apache.commons.lang3.StringUtils; import org.apache.cxf.binding.soap.SoapFault; @@ -146,7 +147,7 @@ public class SzrClientTest { } @Test - public void getBcBindValid() throws SZRException_Exception, SzrCommunicationException { + public void getEidasBindRealSzrResponse() throws SZRException_Exception, SzrCommunicationException, IOException { final SignContentResponse szrResponse = new SignContentResponse(); final SignContentEntry result1 = new SignContentEntry(); final SignContentResponseType content = new SignContentResponseType(); @@ -154,48 +155,88 @@ public class SzrClientTest { szrResponse.setSignContentResponse(content); result1.setKey("bcBindReq"); - result1.setValue(RandomStringUtils.randomAlphanumeric(100)); + result1.setValue(IOUtils.toString(SzrClient.class.getResourceAsStream("/data/szr/signed_eidasBind.jws"))); when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content); final String bcBind = szrClient - .getBcBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), + .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10)); Assert.assertNotNull("bcBind is null", bcBind); Assert.assertEquals("bcBind not match", result1.getValue(), bcBind); + + } + @Test + public void eidasBindNull() throws SZRException_Exception { when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(null); + try { szrClient - .getBcBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), + .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10)); } catch (SzrCommunicationException e) { Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01")); - } - + + } + } + + @Test + public void eidasBindInvalidResponse() throws SZRException_Exception { final SignContentEntry result2 = new SignContentEntry(); final SignContentResponseType content1 = new SignContentResponseType(); content1.getOut().add(result2); when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content1); + try { szrClient - .getBcBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), + .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10)); } catch (SzrCommunicationException e) { Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01")); + } - + } + + public void eidasBindEmptyResponse() throws SZRException_Exception { + final SignContentEntry result2 = new SignContentEntry(); + final SignContentResponseType content1 = new SignContentResponseType(); + content1.getOut().add(result2); result2.setKey("bcBindReq"); result2.setValue(""); when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content1); + try { szrClient - .getBcBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), + .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10)); } catch (SzrCommunicationException e) { Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01")); - } + + } + } + + @Test + public void eidasBindValid() throws SZRException_Exception, SzrCommunicationException { + final SignContentResponse szrResponse = new SignContentResponse(); + final SignContentEntry result1 = new SignContentEntry(); + final SignContentResponseType content = new SignContentResponseType(); + content.getOut().add(result1); + szrResponse.setSignContentResponse(content); + + result1.setKey("bcBindReq"); + result1.setValue(RandomStringUtils.randomAlphanumeric(100)); + + when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content); + + final String bcBind = szrClient + .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10), + RandomStringUtils.randomAlphabetic(10)); + + Assert.assertNotNull("bcBind is null", bcBind); + Assert.assertEquals("bcBind not match", result1.getValue(), bcBind); + } @Test diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java index 0feb5106..ca48d766 100644 --- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java @@ -29,7 +29,9 @@ import java.security.MessageDigest; import java.security.NoSuchProviderException; import java.util.List; +import org.apache.commons.lang3.RandomStringUtils; import org.apache.commons.lang3.StringUtils; +import org.bouncycastle.util.encoders.Base64; import org.junit.Assert; import org.junit.Ignore; import org.junit.Test; @@ -99,6 +101,18 @@ public class SzrClientTestProduction { Assert.assertNotNull("vsz", vsz); } + + @Test + public void getEidasBind() throws SzrCommunicationException, EidasSAuthenticationException { + String vsz = RandomStringUtils.randomAlphanumeric(10); + String bindingPubKey = Base64.toBase64String(RandomStringUtils.random(20).getBytes()); + String eidStatus = "urn:eidgvat:eid.status.eidas"; + + String eidasBind = szrClient.getEidsaBind(vsz, bindingPubKey, eidStatus); + + Assert.assertNotNull("eidasBind", eidasBind); + + } @Test diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/signed_eidasBind.jws b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/signed_eidasBind.jws new file mode 100644 index 00000000..f7c9a1c7 --- /dev/null +++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/data/szr/signed_eidasBind.jws @@ -0,0 +1 @@ +eyJ1cm46YXQuZ3YuZWlkOmJpbmR0eXBlIjoidXJuOmF0Lmd2LmVpZDplaWRhc0JpbmQiLCJhbGciOiJSUzUxMiIsIng1dCNTMjU2IjoiY3FtcXBHdWlnS0NRelVWX1doWURHU1EyNEx6Zkxtd0ZtUlNYQlNYR3o3byJ9.eyJ1cm46ZWlkZ3ZhdDphdHRyaWJ1dGVzLnZzei52YWx1ZSI6IjhEYWNBTUxVSFEiLCJ1cm46ZWlkZ3ZhdDphdHRyaWJ1dGVzLnVzZXIucHVia2V5cyI6WyI1NDZ5OEtXZ3R1V3F1dXVNdC9DUWhKem1pWXZ3bzR1QzhLZWxxdUtMc2VLbG1mQ2dtcnpscGFQd3A1K3Q2NjI4Il0sInVybjplaWRndmF0OmF0dHJpYnV0ZXMuZWlkLnN0YXR1cyI6InVybjplaWRndmF0OmVpZC5zdGF0dXMuZWlkYXMifQ.WiECS-E5RB-zQV3JW6-3B7op093QErqq3yS2S4YVFQq9XmYzTD8UKo63yaHa-2U2WFUbiwNI3OOkwNZIAedMZHHblZ0jzjGTb58zL4Yvm6sPSlq3TP5u0emiQdjIJNQmILE5ZYVOgSA-4MWLXAgRQEl2A1w8lHxptE6ya83GdhA0gP51-rY_536qvVuaZHrQ2Lpahl-lTIY1Zi6Knqj1yFdH-auqkLxB44l-XvMv9QryBZMAkkmiu8J598rzIJ2ifGyw4UqHDJZ53GKUpBbU_X23ZjsZ8B5ZapRTO9JGoEEW3rMDEO5_9cjWYOCn87-CA3bMNVbo1KN146UZGuZbyXuevLPznRkbCtXS--IE0SuuLBaowcktX2ggeeSzaq6UZW7hSmQnErVgxxfP16ijBu8yylo-PFbqgYFNT-Ca2rS8i1Cs0KdPTahYIRm4xLARahYLQbqA15medm7JSoz4tA468c_hcNzyG9aGoXYuw1F5kUrJkHl0IWdHkvSR8RWw
\ No newline at end of file |