package test.at.gv.egovernment.moa.spss.server.iaik.config;

import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Set;

import test.at.gv.egovernment.moa.spss.SPSSTestCase;

import iaik.asn1.structures.DistributionPoint;
import iaik.pki.PKIConfiguration;
import iaik.pki.pathvalidation.ChainingModes;
import iaik.pki.pathvalidation.ValidationConfiguration;
import iaik.pki.revocation.CRLDistributionPoint;
import iaik.pki.revocation.RevocationConfiguration;
import iaik.pki.store.certstore.CertStoreConfiguration;
import iaik.pki.store.certstore.CertStoreTypes;
import iaik.pki.store.revocation.archive.ArchiveConfiguration;
import iaik.pki.store.revocation.archive.db.DataBaseArchiveParameter;
import iaik.server.ConfigurationData;
import iaik.server.modules.keys.HardwareKeyModuleConfiguration;
import iaik.server.modules.keys.SoftwareKeyModuleConfiguration;

import at.gv.egovernment.moa.spss.server.iaik.config.ConfigurationDataImpl;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;

/**
 * Tests the <code>ConfigurationDataImpl</code>.
 * 
 * @author Patrick Peck
 * @version $Id$
 */
public class ConfigurationDataImplTest extends SPSSTestCase {

  private ConfigurationData config;
  private X509Certificate iaikCert;

  public ConfigurationDataImplTest(String name) {
    super(name);
  }

  protected void setUp() throws Exception {
    TransactionContext context;

    setUpTransactionContext();
    context = TransactionContextManager.getInstance().getTransactionContext();

    config = new ConfigurationDataImpl(context.getConfiguration());

    KeyStore ks = KeyStore.getInstance("JKS", "SUN");
    ks.load(
      new FileInputStream(TESTDATA_ROOT + "security/server.keystore"),
      "changeit".toCharArray());

    CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
    Collection certs =
      certFactory.generateCertificates(
        new FileInputStream(
          TESTDATA_ROOT
            + "conf/moa-spss/trustprofiles/TrustProfile1/IAIKRoot.cer"));
    iaikCert = (X509Certificate) certs.toArray()[0];

  }

  public void testGetPKIConfiguration() {
    PKIConfiguration pkiConfig = config.getPKIConfiguration();
    ArchiveConfiguration archiveConfig = pkiConfig.getArchiveConfiguration();
    CertStoreConfiguration certStoreConfig =
      pkiConfig.getCertStoreConfiguration();
    RevocationConfiguration revocationConfig =
      pkiConfig.getRevocationConfiguration();
    ValidationConfiguration validationConfig =
      pkiConfig.getValidationConfiguration();
    DataBaseArchiveParameter archiveParam;
    Set distributionPoints;
    Iterator iter;
    boolean found;

    // test archive parameters
    archiveParam =
      (DataBaseArchiveParameter) archiveConfig.getArchiveParameters();
    assertEquals(
      archiveParam.getJDBCUrl(),
      "jdbc:postgresql://10.16.46.108/moa?user=moa&password=moatest");

    // test cert store configuration
    assertEquals(1, certStoreConfig.getParameters().length);
    assertEquals(
      CertStoreTypes.DIRECTORY,
      certStoreConfig.getParameters()[0].getType());

    // test revocation configuration
    distributionPoints =
      revocationConfig.getAlternativeDistributionPoints(iaikCert, new Date());
    assertEquals(3, distributionPoints.size());
    found = false;
    for (iter = distributionPoints.iterator(); iter.hasNext();) {
      CRLDistributionPoint dp = (CRLDistributionPoint) iter.next();
      if (dp.getUri().equals("http://www.iaik.at/testCA/iaik_test_sig.crl")) {
        found =
          dp.getReasonCodes()
            == (DistributionPoint.keyCompromise
              | DistributionPoint.affiliationChanged);
      }
    }
    assertTrue(found);

    // test validation configuration
    assertEquals(
      ChainingModes.PKIX_MODE,
      validationConfig.getChainingMode(iaikCert));
  }

  /*
  public void testGetCryptoModuleConfigurations() {
    List cryptoConfigs = config.getCryptoModuleConfigurations();
    HardwareCryptoModuleConfiguration moduleConfig;

    assertEquals(2, cryptoConfigs.size());
    moduleConfig = (HardwareCryptoModuleConfiguration) cryptoConfigs.get(0);
    assertEquals("Module1", moduleConfig.getModuleName());
    assertEquals("Slot1", moduleConfig.getSlotID());
    assertEquals("PIN1", new String(moduleConfig.getUserPIN()));
  }
  */

  public void testGetKeyModuleConfigurations() {
    List keyConfigs = config.getKeyModuleConfigurations();
    HardwareKeyModuleConfiguration hwKey;
    SoftwareKeyModuleConfiguration swKey;

    assertEquals(7, keyConfigs.size());
    hwKey = (HardwareKeyModuleConfiguration) keyConfigs.get(0);
    assertEquals("cryptoki.dll", hwKey.getModuleName());
    assertEquals("0", hwKey.getSlotID());
    assertEquals("0000", new String(hwKey.getUserPIN()));
    swKey = (SoftwareKeyModuleConfiguration) keyConfigs.get(1);
    assertEquals(
      "buergerkarte",
      new String(swKey.getKeyStoreAuthenticationData()));
  }

}