package test.at.gv.egovernment.moa.spss.server.config;

import java.io.FileInputStream;
import java.math.BigInteger;
import java.security.KeyStore;
import java.security.Principal;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Set;

import org.w3c.dom.Element;

import test.at.gv.egovernment.moa.spss.SPSSTestCase;

import iaik.utils.RFC2253NameParser;

import at.gv.egovernment.moa.spss.server.config.IssuerAndSerial;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import at.gv.egovernment.moa.spss.server.config.TrustProfile;

/**
 * Tests the <code>ConfigurationProvider</code>.
 * 
 * @author Patrick Peck
 * @author Sven Aigner
 * @version $Id$
 */
public class ConfigurationProviderTest extends SPSSTestCase {
  private ConfigurationProvider provider;
  private Principal issuer1;
  private Principal issuer2;
  private BigInteger serial1;
  private BigInteger serial2;
  private IssuerAndSerial is1;
  private IssuerAndSerial is2;
  private X509Certificate cert1;
  private X509Certificate cert2;
  private X509Certificate atrustCert;
  private X509Certificate iaikCert;

  /**
   * Constructor for MOAConfigTest.
   * @param name
   */
  public ConfigurationProviderTest(String name) {
    super(name);
  }

  protected void setUp() throws Exception {
    RFC2253NameParser nameParser;

    provider =
      new ConfigurationProvider(
        TESTDATA_ROOT + "conf/moa-spss/MOA-SPSSConfiguration.xml");

    nameParser = new RFC2253NameParser("CN=TestUser,OU=MOA,O=BRZ,C=AT");
    issuer1 = nameParser.parse();
    serial1 = new BigInteger("12345678");
    is1 = new IssuerAndSerial(issuer1, serial1);

    nameParser = new RFC2253NameParser("CN=TestUser,OU=IKT-Board,O=CIO,C=AT");
    issuer2 = nameParser.parse();
    serial2 = new BigInteger("987654321");
    is2 = new IssuerAndSerial(issuer2, serial2);

    KeyStore ks = KeyStore.getInstance("JKS", "SUN");
    ks.load(
      new FileInputStream(TESTDATA_ROOT + "security/server.keystore"),
      "changeit".toCharArray());
    cert1 = (X509Certificate) ks.getCertificate("tomcat-server");
    cert2 = (X509Certificate) ks.getCertificate("tomcat-client");

    CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
    Collection certs =
      certFactory.generateCertificates(
        new FileInputStream(TESTDATA_ROOT + "security/A-Trust-nQual-01.p7b"));
    atrustCert = (X509Certificate) certs.toArray()[0];

    certs =
      certFactory.generateCertificates(
        new FileInputStream(
          TESTDATA_ROOT
            + "conf/moa-spss/trustprofiles/TrustProfile1/IAIKRoot.cer"));
    iaikCert = (X509Certificate) certs.toArray()[0];
  }

  public void testGetKeySet() {
    Set keySet;

    keySet = provider.getKeyGroupEntries(null, null, "PKCS12RSAKey1");
    assertEquals(1, keySet.size());
    keySet = provider.getKeyGroupEntries(null, null, "PKCS12RSAKeyExpired");
    assertEquals(1, keySet.size());
    keySet = provider.getKeyGroupEntries(issuer1, serial1, "allKeys");
    assertEquals(6, keySet.size());
    keySet = provider.getKeyGroupEntries(null, null, "allKeys");
    assertNull(keySet);
  }

  public void testGetChainingMode() {
    String mode;

    mode = provider.getChainingMode(atrustCert);
    assertEquals("chain", mode);
    mode = provider.getChainingMode(cert2);
    assertEquals("pkix", mode);
  }

  public void testGetCRLDP() {
    Set dps;

    dps = provider.getCRLDP(atrustCert);
    assertEquals(0, dps.size());
    dps = provider.getCRLDP(iaikCert);
    assertEquals(3, dps.size());
  }

  public void testGetCRLArchiveDuration() {
    assertEquals(365, provider.getCRLArchiveDuration());
  }

  public void testGetGenericConfiguration() {
    assertEquals(
      "tmp/aValidPathName",
      provider.getGenericConfiguration("DirectoryCertStoreParameters.RootDir"));
    assertNull(provider.getGenericConfiguration("notExisting"));
    assertEquals(
      "default",
      provider.getGenericConfiguration("notExisting", "default"));
  }

  public void testGetCreateTransformsInfoProfile() {
    Element profile;

    profile = provider.getCreateTransformsInfoProfile("NotExisting");
    assertNull(profile);
    profile =
      provider.getCreateTransformsInfoProfile("CreateTransformsInfoProfile1");
    assertNotNull(profile);
  }

  public void testGetCreateSignatureEnvironmentProfile() {
    Element profile =
      provider.getCreateSignatureEnvironmentProfile(
        "CreateSignatureEnvironmentProfile1");
    assertNotNull(profile);
  }

  public void testGetVerifyTransformsInfoProfile() {
    Element profile;

    profile = provider.getVerifyTransformsInfoProfile("TransformsInfoProfile1");
    assertNotNull(profile);
    profile = provider.getVerifyTransformsInfoProfile("TransformsInfoProfile2");
    assertNotNull(profile);
    profile = provider.getVerifyTransformsInfoProfile("NotExisting");
    assertNull(profile);
  }

  public void testGetSupplementProfile() {
    Element profile = provider.getSupplementProfile("SupplementProfile1");
    assertNotNull(profile);
  }

  public void testGetTrustProfile() {
    TrustProfile tp = provider.getTrustProfile("TrustProfile1");
    assertEquals("d:/patrick/tmp/TrustProfile1", tp.getUri());
    assertNull(provider.getTrustProfile("TrustProfile2"));
  }

  public void testGetDigestMethodAlgorithmName() {
    assertEquals(
      "http://www.w3.org/2000/09/xmldsig#sha1",
      provider.getDigestMethodAlgorithmName());
  }

  public void testGetCanonicalizationAlgorithmName() {
    assertEquals(
      "http://www.w3.org/TR/2001/REC-xml-c14n-20010315",
      provider.getCanonicalizationAlgorithmName());
  }

}