Tests für neue Konfigurationsstruktur erstellt.

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@427 d688527b-c9ab-4aba-bd8d-4036d912da1d

1 files changed, 279 insertions, 122 deletions

diff --git a/spss.server/src/test/at/gv/egovernment/moa/spss/server/config/ConfigurationProviderTest.java b/spss.server/src/test/at/gv/egovernment/moa/spss/server/config/ConfigurationProviderTest.java
index d41b8e4b2..68191477e 100644
--- a/spss.server/src/test/at/gv/egovernment/moa/spss/server/config/ConfigurationProviderTest.java
+++ b/spss.server/src/test/at/gv/egovernment/moa/spss/server/config/ConfigurationProviderTest.java
@@ -1,175 +1,332 @@
 package test.at.gv.egovernment.moa.spss.server.config;
 
-import java.io.FileInputStream;
+import iaik.asn1.structures.Name;
+import iaik.utils.RFC2253NameParser;
+import iaik.utils.RFC2253NameParserException;
+import iaik.x509.X509Certificate;
+
 import java.math.BigInteger;
-import java.security.KeyStore;
-import java.security.Principal;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.util.Collection;
+import java.util.List;
+import java.util.Map;
 import java.util.Set;
 
-import org.w3c.dom.Element;
-
-import test.at.gv.egovernment.moa.spss.SPSSTestCase;
+import junit.framework.TestCase;
 
-import iaik.utils.RFC2253NameParser;
+import org.w3c.dom.Element;
 
-import at.gv.egovernment.moa.spss.server.config.IssuerAndSerial;
-import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.server.config.CRLDistributionPoint;
+import at.gv.egovernment.moa.spss.server.config.HardwareCryptoModule;
+import at.gv.egovernment.moa.spss.server.config.HardwareKeyModule;
+import at.gv.egovernment.moa.spss.server.config.KeyGroup;
+import at.gv.egovernment.moa.spss.server.config.KeyGroupEntry;
+import at.gv.egovernment.moa.spss.server.config.OCSPDistributionPoint;
+import at.gv.egovernment.moa.spss.server.config.SoftwareKeyModule;
 import at.gv.egovernment.moa.spss.server.config.TrustProfile;
 
 /**
- * Tests the <code>ConfigurationProvider</code>.
- * 
- * @author Patrick Peck
- * @author Sven Aigner
+ * @author Gregor Karlinger
  * @version $Id$
  */
-public class ConfigurationProviderTest extends SPSSTestCase {
-  private ConfigurationProvider provider;
-  private Principal issuer1;
-  private Principal issuer2;
-  private BigInteger serial1;
-  private BigInteger serial2;
-  private IssuerAndSerial is1;
-  private IssuerAndSerial is2;
-  private X509Certificate cert1;
-  private X509Certificate cert2;
-  private X509Certificate atrustCert;
-  private X509Certificate iaikCert;
-
+public class ConfigurationProviderTest extends TestCase
+{
+  private static final String CONFIG_BASE_ =
+    "e:/cio/projekte/basismodule/wartung/projekt/spss.server/res/test/resources/config/";
+  
+  at.gv.egovernment.moa.spss.server.config.ConfigurationProvider provider_;
+  
   /**
-   * Constructor for MOAConfigTest.
-   * @param name
+   * Constructor for ConfigurationProvider.
+   * @param arg0
    */
-  public ConfigurationProviderTest(String name) {
-    super(name);
+  public ConfigurationProviderTest() throws MOAException
+  {
+    super("ConfigurationProvider");
+    System.setProperty(
+      at.gv.egovernment.moa.spss.server.config.ConfigurationProvider.CONFIG_PROPERTY_NAME, 
+      CONFIG_BASE_ + "moa.spss.complete-config.xml");
+    provider_ = at.gv.egovernment.moa.spss.server.config.ConfigurationProvider.getInstance();
   }
 
-  protected void setUp() throws Exception {
-    RFC2253NameParser nameParser;
+  public void testGetWarnings()
+  {
+    assertEquals(0, provider_.getWarnings().size());
+  }
 
-    provider =
-      new ConfigurationProvider(
-        TESTDATA_ROOT + "conf/moa-spss/MOA-SPSSConfiguration.xml");
+  public void testGetDigestMethodAlgorithmName()
+  {
+    assertEquals(
+      "http://a.digest.method",
+      provider_.getDigestMethodAlgorithmName());
+  }
 
-    nameParser = new RFC2253NameParser("CN=TestUser,OU=MOA,O=BRZ,C=AT");
-    issuer1 = nameParser.parse();
-    serial1 = new BigInteger("12345678");
-    is1 = new IssuerAndSerial(issuer1, serial1);
+  public void testGetCanonicalizationAlgorithmName()
+  {
+    assertEquals(
+      "http://an.c14n.alg",
+      provider_.getDigestMethodAlgorithmName());
+  }
 
-    nameParser = new RFC2253NameParser("CN=TestUser,OU=IKT-Board,O=CIO,C=AT");
-    issuer2 = nameParser.parse();
-    serial2 = new BigInteger("987654321");
-    is2 = new IssuerAndSerial(issuer2, serial2);
+  public void testGetHardwareCryptoModules()
+  {
+    List hwcms = provider_.getHardwareCryptoModules();
+    assertEquals(2, hwcms.size());
+    
+    HardwareCryptoModule hwc1 = (HardwareCryptoModule) hwcms.get(0);
+    assertEquals("HWC1_Name", hwc1.getName());
+    assertEquals("HWC1_SlotId", hwc1.getSlotID());
+    assertEquals("HWC1_UserPIN", hwc1.getUserPIN());
+    
+    HardwareCryptoModule hwc2 = (HardwareCryptoModule) hwcms.get(1);
+    assertEquals("HWC2_Name", hwc2.getName());
+    assertNull(hwc1.getSlotID());
+    assertEquals("HWC2_UserPIN", hwc2.getUserPIN());
+  }
 
-    KeyStore ks = KeyStore.getInstance("JKS", "SUN");
-    ks.load(
-      new FileInputStream(TESTDATA_ROOT + "security/server.keystore"),
-      "changeit".toCharArray());
-    cert1 = (X509Certificate) ks.getCertificate("tomcat-server");
-    cert2 = (X509Certificate) ks.getCertificate("tomcat-client");
+  public void testGetHardwareKeyModules()
+  {
+    List hwkms = provider_.getHardwareKeyModules();
+    assertEquals(2, hwkms.size());
+    
+    HardwareKeyModule hwk1 = (HardwareKeyModule) hwkms.get(0);
+    assertEquals("HWK1_Id", hwk1.getId());
+    assertEquals("HWK1_Name", hwk1.getName());
+    assertEquals("HWK1_SlotId", hwk1.getSlotID());
+    assertEquals("HWK1_UserPIN", hwk1.getUserPIN());
+    
+    HardwareKeyModule hwk2 = (HardwareKeyModule) hwkms.get(1);
+    assertEquals("HWK2_Id", hwk2.getId());
+    assertEquals("HWK2_Name", hwk2.getName());
+    assertNull(hwk2.getSlotID());
+    assertEquals("HWK2_UserPIN", hwk2.getUserPIN());
+  }
 
-    CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
-    Collection certs =
-      certFactory.generateCertificates(
-        new FileInputStream(TESTDATA_ROOT + "security/A-Trust-nQual-01.p7b"));
-    atrustCert = (X509Certificate) certs.toArray()[0];
+  public void testGetSoftwareKeyModules()
+  {
+    List swkms = provider_.getSoftwareKeyModules();
+    assertEquals(2, swkms.size());
+    
+    SoftwareKeyModule swk1 = (SoftwareKeyModule) swkms.get(0);
+    assertEquals("SWK1_Id", swk1.getId());
+    assertEquals("SWK1_FileName", swk1.getFileName());
+    assertEquals("SWK1_Password", swk1.getPassWord());
+
+    SoftwareKeyModule swk2 = (SoftwareKeyModule) swkms.get(1);
+    assertEquals("HWK2_Id", swk2.getId());
+    assertEquals("SWK1_FileName", swk2.getFileName());
+    assertNull(swk2.getPassWord());
+  }
 
-    certs =
-      certFactory.generateCertificates(
-        new FileInputStream(
-          TESTDATA_ROOT
-            + "conf/moa-spss/trustprofiles/TrustProfile1/IAIKRoot.cer"));
-    iaikCert = (X509Certificate) certs.toArray()[0];
+  public void testGetKeyGroups()
+  {
+    Map keyGroups = provider_.getKeyGroups();
+    assertEquals(2, keyGroups.size());
+    
+    KeyGroup kg1 = (KeyGroup) keyGroups.get("KG1_Id");
+    assertNotNull(kg1);
+    assertEquals("KG1_Id", kg1.getId());
+    
+    Set kg1Entries = kg1.getKeyGroupEntries();
+    assertEquals(2, kg1Entries.size());
+
+    KeyGroupEntry kg1Entry1 = (KeyGroupEntry) kg1Entries.toArray()[0];
+    assertEquals("HWK1_Id", kg1Entry1.getModuleID());
+    assertEquals("HWK1_Issuer", kg1Entry1.getIssuerDN());
+    assertEquals(0, kg1Entry1.getSerialNumber().intValue());
+    
+    KeyGroupEntry kg1Entry2 = (KeyGroupEntry) kg1Entries.toArray()[1];
+    assertEquals("HWK2_Id", kg1Entry1.getModuleID());
+    assertEquals("HWK2_Issuer", kg1Entry1.getIssuerDN());
+    assertEquals(1, kg1Entry2.getSerialNumber().intValue());
+    
+    KeyGroup kg2 = (KeyGroup) keyGroups.get("KG2_Id");
+    assertNotNull(kg2);
+    assertEquals("KG2_Id", kg2.getId());
+    
+    Set kg2Entries = kg2.getKeyGroupEntries();
+    assertEquals(2, kg2Entries.size());
+    
+    KeyGroupEntry kg2Entry1 = (KeyGroupEntry) kg2Entries.toArray()[0];
+    assertEquals("SWK1_Id", kg2Entry1.getModuleID());
+    assertEquals("SWK1_Issuer", kg2Entry1.getIssuerDN());
+    assertEquals(2, kg2Entry1.getSerialNumber().intValue());
+
+    KeyGroupEntry kg2Entry2 = (KeyGroupEntry) kg2Entries.toArray()[1];
+    assertEquals("SWK2_Id", kg2Entry2.getModuleID());
+    assertEquals("SWK2_Issuer", kg2Entry2.getIssuerDN());
+    assertEquals(3, kg2Entry2.getSerialNumber().intValue());
   }
 
-  public void testGetKeySet() {
-    Set keySet;
+  public void testGetKeyGroupEntries() throws RFC2253NameParserException
+  {
+    RFC2253NameParser parser = new RFC2253NameParser("CN=Customer1_Issuer");
+    Name name = parser.parse();
+    Set kgEntries = provider_.getKeyGroupEntries(name, BigInteger.valueOf(4), "KG1_Id");
+    assertEquals(2, kgEntries.size());
+
+    KeyGroupEntry kgEntry1 = (KeyGroupEntry) kgEntries.toArray()[0];
+    assertEquals("HWK1_Id", kgEntry1.getModuleID());
 
-    keySet = provider.getKeyGroupEntries(null, null, "PKCS12RSAKey1");
-    assertEquals(1, keySet.size());
-    keySet = provider.getKeyGroupEntries(null, null, "PKCS12RSAKeyExpired");
-    assertEquals(1, keySet.size());
-    keySet = provider.getKeyGroupEntries(issuer1, serial1, "allKeys");
-    assertEquals(6, keySet.size());
-    keySet = provider.getKeyGroupEntries(null, null, "allKeys");
-    assertNull(keySet);
+    KeyGroupEntry kgEntry2 = (KeyGroupEntry) kgEntries.toArray()[1];
+    assertEquals("HWK2_Id", kgEntry2.getModuleID());
   }
 
-  public void testGetChainingMode() {
-    String mode;
+  public void testGetChainingMode() throws RFC2253NameParserException
+  {
+    X509Certificate cert = new X509Certificate();
+    RFC2253NameParser parser = new RFC2253NameParser("CN=Unknown");
+    Name name = parser.parse();
+    cert.setIssuerDN(name);
+    cert.setSerialNumber(BigInteger.valueOf(0));
+    assertEquals("pkix", provider_.getChainingMode(cert)); // Default chaining mode
+    
+    parser = new RFC2253NameParser("CN=TA1_Issuer");
+    name = parser.parse();
+    cert.setIssuerDN(name);
+    cert.setSerialNumber(BigInteger.valueOf(5));
+    assertEquals("chaining", provider_.getChainingMode(cert));
+  }
+
+  public void testGetDistributionPoints() throws RFC2253NameParserException
+  {
+    X509Certificate cert = new X509Certificate();
+    RFC2253NameParser parser = new RFC2253NameParser("CN=DP1_Issuer");
+    Name name = parser.parse();
+    cert.setIssuerDN(name);
+
+    Set dps = provider_.getDistributionPoints(cert);
+    assertEquals(2, dps.size());
+    
+    CRLDistributionPoint dp1 = (CRLDistributionPoint) dps.toArray()[0];
+    assertEquals("http://crl.myca.org", dp1.getUri());
+    int reasonCodes =       
+      iaik.asn1.structures.DistributionPoint.unused |
+      iaik.asn1.structures.DistributionPoint.keyCompromise |
+      iaik.asn1.structures.DistributionPoint.cACompromise |
+      iaik.asn1.structures.DistributionPoint.affiliationChanged |
+      iaik.asn1.structures.DistributionPoint.superseded |
+      iaik.asn1.structures.DistributionPoint.cessationOfOperation |
+      iaik.asn1.structures.DistributionPoint.certificateHold |
+      iaik.asn1.structures.DistributionPoint.privilegeWithdrawn |
+      iaik.asn1.structures.DistributionPoint.aACompromise;
+    assertEquals(reasonCodes, dp1.getReasonCodes());
+
+    CRLDistributionPoint dp2 = (CRLDistributionPoint) dps.toArray()[1];
+    assertEquals("hhttp://crl.myotherca.org", dp2.getUri());
+    reasonCodes =
+      iaik.asn1.structures.DistributionPoint.aACompromise |
+      iaik.asn1.structures.DistributionPoint.affiliationChanged;
+    assertEquals(reasonCodes, dp2.getReasonCodes());
+    
+    parser = new RFC2253NameParser("CN=DP2_Issuer");
+    name = parser.parse();
+    cert.setIssuerDN(name);
+
+    dps = provider_.getDistributionPoints(cert);
+    assertEquals(1, dps.size());
+    
+    OCSPDistributionPoint dpo = (OCSPDistributionPoint) dps.toArray()[0];
+    assertEquals("http://crl.yetanotherca.org", dpo.getUri());
+  }
 
-    mode = provider.getChainingMode(atrustCert);
-    assertEquals("chain", mode);
-    mode = provider.getChainingMode(cert2);
-    assertEquals("pkix", mode);
+  public void testGetCRLArchiveDuration()
+  {
+    assertEquals(730, provider_.getCRLArchiveDuration());
   }
 
-  public void testGetCRLDP() {
-    Set dps;
+  public void testGetEnableRevocationArchiving()
+  {
+    assertFalse(provider_.getEnableRevocationArchiving());
+  }
 
-    dps = provider.getDistributionPoints(atrustCert);
-    assertEquals(0, dps.size());
-    dps = provider.getDistributionPoints(iaikCert);
-    assertEquals(3, dps.size());
+  public void testGetCertStoreLocation()
+  {
+    assertEquals(
+      CONFIG_BASE_ + "certstore", 
+      provider_.getCertStoreLocation());
   }
 
-  public void testGetCRLArchiveDuration() {
-    assertEquals(365, provider.getCRLArchiveDuration());
+  public void testGetCreateTransformsInfoProfile()
+  {
+    Element ctip1 = provider_.getCreateTransformsInfoProfile("CTIP_1");
+    assertEquals("CTIP1", ctip1.getLocalName());
+
+    Element ctip2 = provider_.getCreateTransformsInfoProfile("CTIP_2");
+    assertEquals("CTIP2", ctip2.getLocalName());
   }
 
+  public void testGetCreateSignatureEnvironmentProfile()
+  {
+    Element csep = provider_.getCreateTransformsInfoProfile("CSEP_1");
+    assertEquals("CSEP1", csep.getLocalName());
+  }
 
-  public void testGetCreateTransformsInfoProfile() {
-    Element profile;
+  public void testGetVerifyTransformsInfoProfile()
+  {
+    Element vtip = provider_.getCreateTransformsInfoProfile("VTIP_1");
+    assertEquals("VTIP1", vtip.getLocalName());
+  }
 
-    profile = provider.getCreateTransformsInfoProfile("NotExisting");
-    assertNull(profile);
-    profile =
-      provider.getCreateTransformsInfoProfile("CreateTransformsInfoProfile1");
-    assertNotNull(profile);
+  public void testGetSupplementProfile()
+  {
+    Element sp = provider_.getCreateTransformsInfoProfile("SP_1");
+    assertEquals("SP1", sp.getLocalName());
   }
 
-  public void testGetCreateSignatureEnvironmentProfile() {
-    Element profile =
-      provider.getCreateSignatureEnvironmentProfile(
-        "CreateSignatureEnvironmentProfile1");
-    assertNotNull(profile);
+  public void testGetTrustProfile()
+  {
+    TrustProfile tp1 = provider_.getTrustProfile("TP1_Id");
+    assertEquals(
+      "file:" + CONFIG_BASE_ + "trustprofiles/tp1/anchors",
+      tp1.getUri());
+    assertEquals(
+      "file:" + CONFIG_BASE_ + "trustprofiles/tp1/signercerts",
+      tp1.getSignerCertsUri());
+    
+    TrustProfile tp2 = provider_.getTrustProfile("TP2_Id");
+    assertEquals(
+      "file:" + CONFIG_BASE_ + "trustprofiles/tp2/anchors",
+      tp2.getUri());
+    assertEquals(
+      "file:" + CONFIG_BASE_ + "trustprofiles/tp2/signercerts",
+      tp2.getSignerCertsUri());
   }
 
-  public void testGetVerifyTransformsInfoProfile() {
-    Element profile;
+  public void testGetRevocationArchiveJDBCURL()
+  {
+    assertEquals("jdbc://dummy", provider_.getRevocationArchiveJDBCURL());
+  }
 
-    profile = provider.getVerifyTransformsInfoProfile("TransformsInfoProfile1");
-    assertNotNull(profile);
-    profile = provider.getVerifyTransformsInfoProfile("TransformsInfoProfile2");
-    assertNotNull(profile);
-    profile = provider.getVerifyTransformsInfoProfile("NotExisting");
-    assertNull(profile);
+  public void testGetRevocationArchiveJDBCDriverClass()
+  {
+    assertEquals("fully.qualified.classname", provider_.getRevocationArchiveJDBCDriverClass());
   }
 
-  public void testGetSupplementProfile() {
-    Element profile = provider.getSupplementProfile("SupplementProfile1");
-    assertNotNull(profile);
+  public void testGetEnableRevocationChecking()
+  {
+    assertFalse(provider_.getEnableRevocationChecking());
   }
 
-  public void testGetTrustProfile() {
-    TrustProfile tp = provider.getTrustProfile("TrustProfile1");
-    assertEquals("d:/patrick/tmp/TrustProfile1", tp.getUri());
-    assertNull(provider.getTrustProfile("TrustProfile2"));
+  public void testGetMaxRevocationAge()
+  {
+    assertEquals(10000, provider_.getMaxRevocationAge());
   }
 
-  public void testGetDigestMethodAlgorithmName() {
-    assertEquals(
-      "http://www.w3.org/2000/09/xmldsig#sha1",
-      provider.getDigestMethodAlgorithmName());
+  public void testGetServiceOrder()
+  {
+    String[] serviceOrder = provider_.getServiceOrder();
+    assertEquals(2, serviceOrder.length);
+    assertEquals("CRL", serviceOrder[0]);
+    assertEquals("OCSP", serviceOrder[1]);
   }
 
-  public void testGetCanonicalizationAlgorithmName() {
-    assertEquals(
-      "http://www.w3.org/TR/2001/REC-xml-c14n-20010315",
-      provider.getCanonicalizationAlgorithmName());
+  public void testGetAutoAddCertificates()
+  {
+    assertFalse(provider_.getAutoAddCertificates());
   }
 
+  public void testGetUseAuthorityInfoAccess()
+  {
+    assertFalse(provider_.getUseAuthorityInfoAccess());
+  }
 }