diff options
author | Thomas <> | 2022-09-15 09:16:13 +0200 |
---|---|---|
committer | Thomas <> | 2022-09-15 09:16:13 +0200 |
commit | b329b436b99d78dde21ab7a338331faaa2da6f6e (patch) | |
tree | aed1eabc56457f132306d98bf438dd79887ffe15 | |
parent | a8f469996d3e0862900588295d991abb61831d47 (diff) | |
download | moa-sig-b329b436b99d78dde21ab7a338331faaa2da6f6e.tar.gz moa-sig-b329b436b99d78dde21ab7a338331faaa2da6f6e.tar.bz2 moa-sig-b329b436b99d78dde21ab7a338331faaa2da6f6e.zip |
test(pkix): add certStore tests
21 files changed, 694 insertions, 6 deletions
diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java index 533931d..5daf1a6 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java @@ -1562,10 +1562,12 @@ public class ConfigurationPartsBuilder { public boolean getAutoEEAddCertificates() { final String autoAdd = getElementValue(getConfigElem(), AUTO_ADD_EE_CERTIFICATES_XPATH_, null); - if (autoAdd != null) { + if (autoAdd != null) { return Boolean.valueOf(autoAdd).booleanValue(); + } else { return false; + } } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java index 0032dc6..a53bce8 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java @@ -211,12 +211,15 @@ public class PKIProfileImpl implements PKIProfile { if (config.getAutoAddCertificates()) { if (config.getAutoAddEECertificates()) { return PKIProfile.AUTO_ADD_ENABLE; + } else { return PKIProfile.AUTO_ADD_EE_DISABLE; + } } else { return PKIProfile.AUTO_ADD_DISABLE; + } } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateReader.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateReader.java new file mode 100644 index 0000000..79a0401 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateReader.java @@ -0,0 +1,157 @@ +package at.gv.egovernment.moa.spss.util; +import java.io.BufferedInputStream; +import java.io.File; +import java.io.FileFilter; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.security.Security; +import java.security.cert.CertificateException; +import java.util.Arrays; +import java.util.Iterator; +import java.util.List; + +import iaik.pkcs.PKCS7CertList; +import iaik.pkcs.PKCSParsingException; +import iaik.security.provider.IAIK; +import iaik.utils.Util; +import iaik.x509.X509Certificate; +import iaik.xml.crypto.EccProviderAdapter; + +// Copyright (C) 2011 IAIK +// http://jce.iaik.at +// +// Copyright (C) 2011 Stiftung Secure Information and +// Communication Technologies SIC +// http://www.sic.st +// +// All rights reserved. +// +// This source is provided for inspection purposes and recompilation only, +// unless specified differently in a contract with IAIK. This source has to +// be kept in strict confidence and must not be disclosed to any third party +// under any circumstances. Redistribution in source and binary forms, with +// or without modification, are <not> permitted in any case! +// +// THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +// ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +// OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +// LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +// OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +// SUCH DAMAGE. +// +// + +public class CertificateReader { + + /** + * Filter for reading certificate files from a directory. + * The filter accepts a file if its name ends with + * ".cer", ".der", ".crt" + * or ".pem". + * + * @author Harald Bratko + * @author Konrad Lanz + */ + static class CertificateFileFilter implements FileFilter { + + /** + * Accepts a file if it is not a directory and its name ends with + * ".cer", ".der", ".crt" or ".pem". + * + * @see java.io.FileFilter#accept(java.io.File) + */ + public boolean accept(File file) { + String name = file.getName(); + if (name.endsWith(".der") || + name.endsWith(".cer") || + name.endsWith(".crt") || + name.endsWith(".pem")) + { + return true; + } else { + return false; + } + } + } + + + + /** + * Reads the certificates from the given directory and + * returns the certificates as sorted list (end user certificate first). + * @param directory + * @return + * @throws IOException + * @throws FileNotFoundException + * @throws CertificateException + * @throws Exception + */ + public static X509Certificate[] readCertificatesIntoArray(String directory) throws CertificateException, FileNotFoundException, IOException{ + + File file = new File(directory); + File[] certificateFiles = file.listFiles(new CertificateFileFilter()); + int l = certificateFiles.length; + X509Certificate[] certs = new X509Certificate[l]; + for (int i=0; i<certificateFiles.length; i++) { + X509Certificate certificate = new X509Certificate(new FileInputStream(certificateFiles[i])); + certs[i] = certificate; + } + //return certs; + return Util.arrangeCertificateChain(certs, false); + } + + /** + * Reads the certificates from the given directory and + * returns the certificates as sorted list (end user certificate first). + * @param directory + * @return + * @throws IOException + * @throws FileNotFoundException + * @throws CertificateException + * @throws Exception + */ + public static List<X509Certificate> readCertificates(String directory) throws CertificateException, FileNotFoundException, IOException{ + + return Arrays.asList(readCertificatesIntoArray(directory)); + } + + public static void main(String[] args) { + try { + + IAIK.addAsJDK14Provider(); + //IAIK.addAsProvider(); + //Security.addProvider(new IAIK()); + + // install ECC provider + Security.addProvider(EccProviderAdapter.getEccProvider()); + + String dir = "target/classes/spec/examples/EU/AT/certs/on-tsl/chain/"; + List l = readCertificates(dir); + Iterator<X509Certificate> it = l.iterator(); + while (it.hasNext()) { + System.out.println(((X509Certificate)it.next()).getSubjectDN().getName()); + } + } catch (Exception e) { + e.printStackTrace(); + System.exit(1); + } + + } + + public static X509Certificate[] p7read(File path) throws PKCSParsingException, FileNotFoundException, IOException { + PKCS7CertList p7certList = new PKCS7CertList( + new BufferedInputStream( + new FileInputStream( + path + ) + ) + ); + return p7certList.getCertificateList(); + } + }
\ No newline at end of file diff --git a/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/SPSSTestCase.java b/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/SPSSTestCase.java index dd7890c..315f56e 100644 --- a/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/SPSSTestCase.java +++ b/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/SPSSTestCase.java @@ -24,8 +24,6 @@ package test.at.gv.egovernment.moa.spss; -import java.security.Security; - import test.at.gv.egovernment.moa.MOATestCase; import at.gv.egovernment.moaspss.logging.Logger; import at.gv.egovernment.moaspss.logging.LoggingContext; diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java index fd5b278..d0e53d3 100644 --- a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java @@ -7,12 +7,18 @@ import static org.junit.Assert.assertNull; import static org.junit.Assert.assertThrows; import static org.junit.Assert.assertTrue; +import java.io.FileInputStream; import java.io.IOException; +import java.security.cert.Certificate; +import java.security.cert.CertificateException; +import java.util.Date; import org.apache.commons.io.IOUtils; +import org.apache.commons.lang3.ArrayUtils; import org.apache.commons.lang3.RandomStringUtils; import org.junit.Before; import org.junit.BeforeClass; +import org.junit.Ignore; import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.BlockJUnit4ClassRunner; @@ -23,8 +29,20 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults; import at.gv.egovernment.moa.spss.server.config.ConfigurationException; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import at.gv.egovernment.moa.spss.server.iaik.cmsverify.PDFSignatureVerificationProfileImpl; +import at.gv.egovernment.moa.spss.server.iaik.pki.PKIProfileImpl; import at.gv.egovernment.moa.spss.server.init.SystemInitializer; import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; +import at.gv.egovernment.moa.spss.server.logging.TransactionId; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; +import iaik.pki.PKIFactory; +import iaik.pki.PKIModule; +import iaik.pki.PKIResult; +import iaik.server.cmspdfverify.CMSVerifyUtils; +import iaik.x509.X509Certificate; +import at.gv.egovernment.moa.spss.test.integration.utils.CertificateReader; @RunWith(BlockJUnit4ClassRunner.class) public class PadesIntegrationTest extends AbstractIntegrationTest { @@ -39,6 +57,9 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { final String current = new java.io.File(".").getCanonicalPath(); System.setProperty("moa.spss.server.configuration", current + "/src/test/resources/moaspss_config/MOASPSSConfiguration.xml"); + System.setProperty("iaik.esi.sva.configuration.location", + current + "/src/test/resources/moaspss_config/svaconfig.example"); + moaSpssCore = SystemInitializer.init(); } @@ -50,6 +71,7 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { } + @Ignore @Test public void missingTrustProfile() throws IOException { final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( @@ -66,6 +88,7 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { } + @Ignore @Test public void basicValidationCadesSignature() throws MOAException, IOException { final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( @@ -101,6 +124,7 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { } + @Ignore @Test public void extendedValidationCadesSignature() throws MOAException, IOException { final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( @@ -138,12 +162,68 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { } assertNotNull("extended val. result", cmsResult.getExtendedCertificateCheck()); - assertEquals("ext. val major", 2, cmsResult.getExtendedCertificateCheck().getMajorCode()); + assertEquals("ext. val major", 1, cmsResult.getExtendedCertificateCheck().getMajorCode()); assertEquals("ext. val major", 24, cmsResult.getExtendedCertificateCheck().getMinorCode()); assertNotNull("byteRange", cmsResult.getByteRangeOfSignature()); assertEquals("used sig alg", "SHA1withRSA", cmsResult.getSignatureAlgorithm()); } + + @Ignore + @Test + public void padesLteTest() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + IOUtils.toByteArray(new FileInputStream("/home/tlenz/Projekte/signaturprueftool/test_docs/20220623_rtr/Amtsiegel.pdf")), + "MOAIDBuergerkarteAuthentisierungsDaten", + true, + false); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + + } + + @Test + public void padesOwnTest() throws Exception { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + IOUtils.toByteArray(new FileInputStream("/home/tlenz/Projekte/pdfas4/testdocs/enc_own_signed_neuer.pdf")), + "MOAIDBuergerkarteAuthentisierungsDaten", + true, + false); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + + + + + } + + @Ignore + @Test + public void pkixTest() throws Exception { + final String current = new java.io.File(".").getCanonicalPath(); + X509Certificate[] chain = CertificateReader.readCertificatesIntoArray(current + "/src/test/resources/testdata/pkix/chain/"); + + PKIModule pkiModule = PKIFactory.getInstance().getPKIModule( + new PKIProfileImpl(ConfigurationProvider.getInstance(), "MOAIDBuergerkarteAuthentisierungsDaten")); + PKIResult pkiResult = pkiModule.validateCertificate( + new Date(), + (X509Certificate) chain[0], + (X509Certificate[]) ArrayUtils.subarray(chain, 1, chain.length), + (boolean[])null, + new TransactionId("aabbccdd")); + + System.out.print("Finished"); + + } + } diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/OfficialEuTslTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/OfficialEuTslTest.java index 20b130a..50ad14e 100644 --- a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/OfficialEuTslTest.java +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/OfficialEuTslTest.java @@ -6,6 +6,7 @@ import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; +import java.io.FileInputStream; import java.io.IOException; import java.util.Arrays; import java.util.Collections; @@ -40,7 +41,6 @@ import at.gv.egovernment.moa.spss.server.monitoring.ServiceStatusContainer; import at.gv.egovernment.moa.spss.test.integration.AbstractIntegrationTest; @RunWith(BlockJUnit4ClassRunner.class) -@Ignore public class OfficialEuTslTest extends AbstractIntegrationTest { CMSSignatureVerificationInvoker cadesInvoker; @@ -162,4 +162,20 @@ public class OfficialEuTslTest extends AbstractIntegrationTest { } + @Test + public void padesLteTest() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + IOUtils.toByteArray(new FileInputStream("/home/tlenz/Projekte/signaturprueftool/test_docs/20220623_rtr/Amtsiegel.pdf")), + "OnlyTSL", + true, + true); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + + } + } diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/utils/CertificateReader.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/utils/CertificateReader.java new file mode 100644 index 0000000..db5d55f --- /dev/null +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/utils/CertificateReader.java @@ -0,0 +1,157 @@ +package at.gv.egovernment.moa.spss.test.integration.utils; +import java.io.BufferedInputStream; +import java.io.File; +import java.io.FileFilter; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.security.Security; +import java.security.cert.CertificateException; +import java.util.Arrays; +import java.util.Iterator; +import java.util.List; + +import iaik.pkcs.PKCS7CertList; +import iaik.pkcs.PKCSParsingException; +import iaik.security.provider.IAIK; +import iaik.utils.Util; +import iaik.x509.X509Certificate; +import iaik.xml.crypto.EccProviderAdapter; + +// Copyright (C) 2011 IAIK +// http://jce.iaik.at +// +// Copyright (C) 2011 Stiftung Secure Information and +// Communication Technologies SIC +// http://www.sic.st +// +// All rights reserved. +// +// This source is provided for inspection purposes and recompilation only, +// unless specified differently in a contract with IAIK. This source has to +// be kept in strict confidence and must not be disclosed to any third party +// under any circumstances. Redistribution in source and binary forms, with +// or without modification, are <not> permitted in any case! +// +// THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +// ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +// OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +// LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +// OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +// SUCH DAMAGE. +// +// + +public class CertificateReader { + + /** + * Filter for reading certificate files from a directory. + * The filter accepts a file if its name ends with + * ".cer", ".der", ".crt" + * or ".pem". + * + * @author Harald Bratko + * @author Konrad Lanz + */ + static class CertificateFileFilter implements FileFilter { + + /** + * Accepts a file if it is not a directory and its name ends with + * ".cer", ".der", ".crt" or ".pem". + * + * @see java.io.FileFilter#accept(java.io.File) + */ + public boolean accept(File file) { + String name = file.getName(); + if (name.endsWith(".der") || + name.endsWith(".cer") || + name.endsWith(".crt") || + name.endsWith(".pem")) + { + return true; + } else { + return false; + } + } + } + + + + /** + * Reads the certificates from the given directory and + * returns the certificates as sorted list (end user certificate first). + * @param directory + * @return + * @throws IOException + * @throws FileNotFoundException + * @throws CertificateException + * @throws Exception + */ + public static X509Certificate[] readCertificatesIntoArray(String directory) throws CertificateException, FileNotFoundException, IOException{ + + File file = new File(directory); + File[] certificateFiles = file.listFiles(new CertificateFileFilter()); + int l = certificateFiles.length; + X509Certificate[] certs = new X509Certificate[l]; + for (int i=0; i<certificateFiles.length; i++) { + X509Certificate certificate = new X509Certificate(new FileInputStream(certificateFiles[i])); + certs[i] = certificate; + } + //return certs; + return Util.arrangeCertificateChain(certs, false); + } + + /** + * Reads the certificates from the given directory and + * returns the certificates as sorted list (end user certificate first). + * @param directory + * @return + * @throws IOException + * @throws FileNotFoundException + * @throws CertificateException + * @throws Exception + */ + public static List<X509Certificate> readCertificates(String directory) throws CertificateException, FileNotFoundException, IOException{ + + return Arrays.asList(readCertificatesIntoArray(directory)); + } + + public static void main(String[] args) { + try { + + IAIK.addAsJDK14Provider(); + //IAIK.addAsProvider(); + //Security.addProvider(new IAIK()); + + // install ECC provider + Security.addProvider(EccProviderAdapter.getEccProvider()); + + String dir = "target/classes/spec/examples/EU/AT/certs/on-tsl/chain/"; + List l = readCertificates(dir); + Iterator<X509Certificate> it = l.iterator(); + while (it.hasNext()) { + System.out.println(((X509Certificate)it.next()).getSubjectDN().getName()); + } + } catch (Exception e) { + e.printStackTrace(); + System.exit(1); + } + + } + + public static X509Certificate[] p7read(File path) throws PKCSParsingException, FileNotFoundException, IOException { + PKCS7CertList p7certList = new PKCS7CertList( + new BufferedInputStream( + new FileInputStream( + path + ) + ) + ); + return p7certList.getCertificateList(); + } + }
\ No newline at end of file diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/MOASPSSConfiguration.xml b/moaSig/moa-sig/src/test/resources/moaspss_config/MOASPSSConfiguration.xml index 44a04fa..f6abbb7 100644 --- a/moaSig/moa-sig/src/test/resources/moaspss_config/MOASPSSConfiguration.xml +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/MOASPSSConfiguration.xml @@ -40,6 +40,7 @@ <cfg:CertificateValidation> <cfg:PathConstruction> <cfg:AutoAddCertificates>true</cfg:AutoAddCertificates> + <cfg:AutoAddEECertificates>false</cfg:AutoAddEECertificates> <cfg:UseAuthorityInformationAccess>true</cfg:UseAuthorityInformationAccess> <cfg:CertificateStore> <cfg:DirectoryStore> diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/MOASPSSConfiguration_without_TSL.xml b/moaSig/moa-sig/src/test/resources/moaspss_config/MOASPSSConfiguration_without_TSL.xml new file mode 100644 index 0000000..772a327 --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/MOASPSSConfiguration_without_TSL.xml @@ -0,0 +1,114 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!--MOA SPSS 1.3 Configuration File created by MOA SPSS Configuration Mapper--> +<cfg:MOAConfiguration xmlns:cfg="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> +<cfg:Common> + <cfg:PermitExternalUris> + <cfg:BlackListUri> + <cfg:IP>192.168</cfg:IP> + </cfg:BlackListUri> + </cfg:PermitExternalUris> + </cfg:Common> + + <cfg:SignatureCreation> + <cfg:KeyModules> + <cfg:SoftwareKeyModule> + <cfg:Id>SKM_junit</cfg:Id> + <cfg:FileName>keys/junit_signing.p12</cfg:FileName> + <cfg:Password>nichts</cfg:Password> + </cfg:SoftwareKeyModule> + </cfg:KeyModules> + <cfg:KeyGroup> + <cfg:Id>KG_junit</cfg:Id> + <cfg:Key> + <cfg:KeyModuleId>SKM_junit</cfg:KeyModuleId> + <cfg:KeyCertIssuerSerial> + <dsig:X509IssuerName>CN=MOA-SPSS signing,OU=jUnit Tests,O=EGIZ,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>1619541256</dsig:X509SerialNumber> + </cfg:KeyCertIssuerSerial> + </cfg:Key> + </cfg:KeyGroup> + <cfg:KeyGroupMapping> + <cfg:KeyGroupId>KG_junit</cfg:KeyGroupId> + </cfg:KeyGroupMapping> + <cfg:XMLDSig> + <cfg:CanonicalizationAlgorithm>http://www.w3.org/2001/10/xml-exc-c14n#</cfg:CanonicalizationAlgorithm> + <cfg:DigestMethodAlgorithm>http://www.w3.org/2000/09/xmldsig#sha256</cfg:DigestMethodAlgorithm> + </cfg:XMLDSig> + </cfg:SignatureCreation> + + <cfg:SignatureVerification> + <cfg:CertificateValidation> + <cfg:PathConstruction> + <cfg:AutoAddCertificates>false</cfg:AutoAddCertificates> + <cfg:AutoAddEECertificates>false</cfg:AutoAddEECertificates> + <cfg:UseAuthorityInformationAccess>true</cfg:UseAuthorityInformationAccess> + <cfg:CertificateStore> + <cfg:DirectoryStore> + <cfg:Location>certstore</cfg:Location> + </cfg:DirectoryStore> + </cfg:CertificateStore> + </cfg:PathConstruction> + <cfg:PathValidation> + <cfg:ChainingMode> + <cfg:DefaultMode>pkix</cfg:DefaultMode> + <cfg:TrustAnchor> + <cfg:Identification> + <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>536</dsig:X509SerialNumber> + </cfg:Identification> + <cfg:Mode>chaining</cfg:Mode> + </cfg:TrustAnchor> + <cfg:TrustAnchor> + <cfg:Identification> + <dsig:X509IssuerName>C=AT,O=Hauptverband österr. Sozialvers.,CN=Root-CA 1</dsig:X509IssuerName> + <dsig:X509SerialNumber>376503867878755617282523408360935024869</dsig:X509SerialNumber> + </cfg:Identification> + <cfg:Mode>chaining</cfg:Mode> + </cfg:TrustAnchor> + </cfg:ChainingMode> + <cfg:TrustProfile> + <cfg:Id>MOAIDBuergerkarteAuthentisierungsDaten</cfg:Id> + <cfg:TrustAnchorsLocation>trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten</cfg:TrustAnchorsLocation> + </cfg:TrustProfile> + <cfg:TrustProfile> + <cfg:Id>MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten</cfg:Id> + <cfg:TrustAnchorsLocation>trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten</cfg:TrustAnchorsLocation> + </cfg:TrustProfile> + <cfg:TrustProfile> + <cfg:Id>jUnitSigning</cfg:Id> + <cfg:TrustAnchorsLocation>trustProfiles/jUnitSigning</cfg:TrustAnchorsLocation> + </cfg:TrustProfile> + </cfg:PathValidation> + <cfg:RevocationChecking> + <cfg:EnableChecking>true</cfg:EnableChecking> + <cfg:MaxRevocationAge>0</cfg:MaxRevocationAge> + <cfg:ServiceOrder> + <cfg:Service>OCSP</cfg:Service> + <cfg:Service>CRL</cfg:Service> + </cfg:ServiceOrder> + <cfg:Archiving> + <cfg:EnableArchiving>false</cfg:EnableArchiving> + <cfg:ArchiveDuration>365</cfg:ArchiveDuration> + <cfg:Archive> + <cfg:DatabaseArchive> + <cfg:JDBCURL>jdbc:url</cfg:JDBCURL> + <cfg:JDBCDriverClassName>fully.qualified.classname</cfg:JDBCDriverClassName> + </cfg:DatabaseArchive> + </cfg:Archive> + </cfg:Archiving> + </cfg:RevocationChecking> + </cfg:CertificateValidation> + <cfg:VerifyTransformsInfoProfile> + <cfg:Id>SL20Authblock_v1.0</cfg:Id> + <cfg:Location>profiles/SL20_authblock_v1.0.xml</cfg:Location> + </cfg:VerifyTransformsInfoProfile> + <cfg:VerifyTransformsInfoProfile> + <cfg:Id>SL20Authblock_v1.0_SIC</cfg:Id> + <cfg:Location>profiles/SL20_authblock_v1.0_SIC.xml</cfg:Location> + </cfg:VerifyTransformsInfoProfile> + <cfg:VerifyTransformsInfoProfile> + <cfg:Id>SL20Authblock_v1.0_OWN</cfg:Id> + <cfg:Location>profiles/SL20_authblock_v1.0_own.xml</cfg:Location> + </cfg:VerifyTransformsInfoProfile> + </cfg:SignatureVerification> +</cfg:MOAConfiguration> diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/svaconfig.example b/moaSig/moa-sig/src/test/resources/moaspss_config/svaconfig.example index 7be4541..317f1b8 100644 --- a/moaSig/moa-sig/src/test/resources/moaspss_config/svaconfig.example +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/svaconfig.example @@ -69,7 +69,7 @@ tstkeylenconstraint={rsa, 1024, 2000-08-08} indicationmapping={FORMAT_FAILURE,INDETERMINATE};{NO_VALID_TIMESTAMPS_FOUND, INDETERMINATE} # Allows any key usage if set to true, otherwise only dig. signature -allowanykeyusage=false +allowanykeyusage=true # Defines the chaining model for path validation. # possible values are: diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Mobile-05.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Mobile-05.cer Binary files differnew file mode 100644 index 0000000..2bf4ad7 --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Mobile-05.cer diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Mobile-07.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Mobile-07.cer new file mode 100644 index 0000000..2353127 --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Mobile-07.cer @@ -0,0 +1,36 @@ +-----BEGIN CERTIFICATE----- +MIIGMTCCBBmgAwIBAgIEDoVJaDANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMC +QVQxSDBGBgNVBAoMP0EtVHJ1c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUg +aW0gZWxla3RyLiBEYXRlbnZlcmtlaHIgR21iSDEYMBYGA1UECwwPQS1UcnVzdC1S +b290LTA3MRgwFgYDVQQDDA9BLVRydXN0LVJvb3QtMDcwHhcNMjAwMzExMTUyMTE0 +WhcNMzYxMTEzMTQyMTE0WjCBnTELMAkGA1UEBhMCQVQxSDBGBgNVBAoMP0EtVHJ1 +c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUgaW0gZWxla3RyLiBEYXRlbnZl +cmtlaHIgR21iSDEhMB8GA1UECwwYYS1zaWduLXByZW1pdW0tbW9iaWxlLTA3MSEw +HwYDVQQDDBhhLXNpZ24tcHJlbWl1bS1tb2JpbGUtMDcwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQC6M5Q0eSLBBakFL7I5G2NvbLvzcXR6Uf/rEhg79CQt +hCQYfL4suddGQz6TySTp2KoJMQqacZKHzLrG/aor75MojcAfdj5nN4mKSzeyhgrq +AEm60c6nwpkbJsdf+HECi5b8nRJwlmXTy8BcTLLY14gitrprsmQRtRMLDc1Sy47i +yWG29G5p36RNoC9ErZAHx4dVOrqvW+N0ILI6zPHxMyW/d0RrGmldoIJ3AOYLfkg2 +xeeHisPZBocvdgm7B0F/sXnfCpQWIQygPkOjyLqiCCvuOSnSm4qa357foP4h86Yz +4iEFbEWawKwCIz4mtex4U4fiqppjekCaTavX093jBUUEyGrSA+5CCM2iBDTxBEmd +uTbEDKAK40qsIdYMLRx9D1VUNk9DtTT5VkOou1mGMjxZ36QM+3HXmaqZSuVyX1Vm +3bCc2O+L6VC/5Wp8y5nnzemTCu5f4+JxGNtH7ti4AVtSyp4hzDwwJHklOB2YmnsP +FJfrWVB8V+QdJ2TdHBmzRcYWSM85345/vfRRpLXKMH2ToNQB2HN3fArlqgblRI1c +/VrhpONCmpaUIqoDHDeJSZfjEY/ITTIVBZkvaNIPiZkkgF8iKkLFgQU/BPGRm/i5 +HQ+ACC7SVDdN4gLyixiOoIOKBgcC5pFSWNDUPmhs1EwW5dkhYRqvo6vUOKaEGSSS +DQIDAQABo4GIMIGFMBMGA1UdIwQMMAqACETAEa1TJ4f0MBEGA1UdDgQKBAhH1+x/ +R9ISYjAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zA6BgNVHR8EMzAx +MC+gLaArhilodHRwOi8vY3JsLmEtdHJ1c3QuYXQvY3JsL0EtVHJ1c3QtUm9vdC0w +NzANBgkqhkiG9w0BAQsFAAOCAgEAJH8ljqDtpFFU46zoIkqZmnv9uY1udYnjy3HV ++xE0Q7EeuithsP92A39p6bwtUS9FDokmMS4+XZSj72VBdt5t8tUKkFk2eBO9SMs9 +sM870G77by1hsjVQjEhQjnZVbxsV8jR0n6CiurUix21AQ1qn8LIgbPYL94Rng5i1 +YqXQdY8EcduO4+QJ230s9pUlBldpipXdVvs0mkY5XYj/QBgBT+ubbKTHj4sZiNvj +fe2MjAP2BSP9aAwf/IcbxXFy3lU+q9YQTO9VlbpuE1EU/8DPZ4tNGpEwPNT6xZ4G +CALOC83waE9U/NtdNCE4BYDQYRS9E1yxPs6NV/XTa+ywG8vUDli3qtmFu1MOGByy +i/YDSpTSFAg8bls2ZWeMUzS2/qOtgc2zxlko+Hy/VjCtxE7sIfGPg+UVnK2GtL6w +4kOCfO9XJ5WwsffVL6+ZUg+Dd9Rxth3JYD72J+EjpQyguAil9+Onq9p9JQCmPEcJ +L63MFT7UEluQQq4TgwupBtNDnyQ0JwJ/cW6gL35HBD11VmlxwpjnGTmlb801BDpK +mmbvoBV5mFqQD9S6Vtug30t+9p4py0Y96BIGPqcMvNTV1+vxRxtGRt5KU3BHoNBI +CJoTMDl7+L4EabQLcMCEOfmYEgyPAxm671xiWHNGUieqyW6whrzT2WDGPfoOIdUa +IR4ebFU= +-----END CERTIFICATE----- diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-02_1.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-02_1.cer new file mode 100644 index 0000000..32d8889 --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-02_1.cer @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE-----
+MIIEgzCCA2ugAwIBAgIDAOSjMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0wNDEyMTQyMzAwMDBa
+Fw0xNDEyMTMyMzAwMDBaMIGXMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMR4wHAYDVQQLDBVhLXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNV
+BAMMFWEtc2lnbi1QcmVtaXVtLVNpZy0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBANZZNjVoS1r6DchywTTX58dkZ4KJRSwt78fipFxGlf0KrniYB+v5
+Vr5wodgwQ6E6AZFtvIzjYUolN3PjlEAnVaeCeZCeadnH32+Tvl+7MGKkfH9D0Xmw
+xkVcSYf4Rld/8H7JNFMyeyzefyCm1HMehpdgbhJ1+bO5P3Mbh2W8ca9qWfisdbj5
+VXu+niGWG0mXTbMtgPeiSsb9YAQ2UlvJjofZvnSaNv39Q3TRmIROXuhIHyD5wjcK
+A6qR2RD6eYpIG+yqZbGqxw65AIYHeD5li4jL0EsWxm6+eNBABA7GTcko4nxgKFv8
+wcqjiFBGKclznmHP0sSbxDxsrPK3gBj7Q8kCAwEAAaOB4TCB3jAPBgNVHRMBAf8E
+BTADAQH/MBEGA1UdDgQKBAhN3+H/S9nJ3zATBgNVHSMEDDAKgAhCPSskpsFFzjAO
+BgNVHQ8BAf8EBAMCAQYwgZIGA1UdHwSBijCBhzCBhKCBgaB/hn1sZGFwOi8vbGRh
+cC5hLXRydXN0LmF0L291PUEtVHJ1c3QtUXVhbC0wMixvPUEtVHJ1c3QsYz1BVD9j
+ZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2Vy
+dGlmaWNhdGlvbkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEASBVGa0aeSFz3
+77OrRFmMAs7rh8kG+rRue8Ze0JuHR6P9DltPwH4B5oFtninmhImejKLR2CmdNbtk
+ujNlXAY0KONJZIi7bXwotx4E23JUmIx5U2KtOmUzmI6JGcqJw5cu4i73Au6fKgSD
+BM1+XyMH5/EKd51NWhhe2ByfC2BQ3qlgt11j0sNTapdz0OhvAxa6Dd9D5VCumwUy
+8hEn/w9T4ZN1zabqJiD9ERiTLvJsP2zIg+Z0XssnqeRw0tk/Vn7htwCFn0/vFZkU
+qMdbtxducOBa5LfbRkpzwAS5kAOZGcAHUD/3FVlCr59Z86e1WWwq3aSUN+XKOLd+
+ypPntzbNSA==
+-----END CERTIFICATE-----
diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-02_2.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-02_2.cer new file mode 100644 index 0000000..29b2127 --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-02_2.cer @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE-----
+MIIEgzCCA2ugAwIBAgIDFE4QMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1
+YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTM3NTVa
+Fw0yNDA3MDEwOTM3NTVaMIGXMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMR4wHAYDVQQLDBVhLXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNV
+BAMMFWEtc2lnbi1QcmVtaXVtLVNpZy0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBANZZNjVoS1r6DchywTTX58dkZ4KJRSwt78fipFxGlf0KrniYB+v5
+Vr5wodgwQ6E6AZFtvIzjYUolN3PjlEAnVaeCeZCeadnH32+Tvl+7MGKkfH9D0Xmw
+xkVcSYf4Rld/8H7JNFMyeyzefyCm1HMehpdgbhJ1+bO5P3Mbh2W8ca9qWfisdbj5
+VXu+niGWG0mXTbMtgPeiSsb9YAQ2UlvJjofZvnSaNv39Q3TRmIROXuhIHyD5wjcK
+A6qR2RD6eYpIG+yqZbGqxw65AIYHeD5li4jL0EsWxm6+eNBABA7GTcko4nxgKFv8
+wcqjiFBGKclznmHP0sSbxDxsrPK3gBj7Q8kCAwEAAaOB4TCB3jAPBgNVHRMBAf8E
+BTADAQH/MBEGA1UdDgQKBAhN3+H/S9nJ3zATBgNVHSMEDDAKgAhCPSskpsFFzjAO
+BgNVHQ8BAf8EBAMCAQYwgZIGA1UdHwSBijCBhzCBhKCBgaB/hn1sZGFwOi8vbGRh
+cC5hLXRydXN0LmF0L291PUEtVHJ1c3QtUXVhbC0wMixvPUEtVHJ1c3QsYz1BVD9j
+ZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2Vy
+dGlmaWNhdGlvbkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAY6wF/ErpGbsM
+CwOkFH3MOvxYuxEAs2hpQOkz2KawDuocMRhZpESubzFSE3RxHxc7zgL60P6mOoT8
+G9IFlk/EOOFerBulJCyD3TR84MalgC3bj5hgC0H3/FJsVNRbbxlecbrroA+4S8DP
+U1F6mu9ImWGfuTWcV2Wa5pleJym5ICjTKL3v6tPLUdDlbcswkmxNf1uBZVsmta81
+BI1W9+33du1cVyymRZ2EfnL5kbAj6hdQ6qGfLjkZbZGXHWNNrfh/oGTzVALpmBwZ
+q6rqYapWYU2T8z1WDz7fTNcpawM8Plxe8dNC6pCVeGQQApqYM4zm/4lC46V3ihjt
+csETorSnVQ==
+-----END CERTIFICATE-----
diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-05.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-05.cer new file mode 100644 index 0000000..7ad406e --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-05.cer @@ -0,0 +1,35 @@ +-----BEGIN CERTIFICATE-----
+MIIGKDCCBBCgAwIBAgIDD824MA0GCSqGSIb3DQEBCwUAMIGLMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVJv
+b3QtMDUxGDAWBgNVBAMMD0EtVHJ1c3QtUm9vdC0wNTAeFw0xMzA5MjMxMzI4NTha
+Fw0yMzA5MjAxMTI4NThaMIGXMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz
+dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy
+a2VociBHbWJIMR4wHAYDVQQLDBVhLXNpZ24tUHJlbWl1bS1TaWctMDUxHjAcBgNV
+BAMMFWEtc2lnbi1QcmVtaXVtLVNpZy0wNTCCAiAwDQYJKoZIhvcNAQEBBQADggIN
+ADCCAggCggIBAKWkdHxXUo847W9MqYSOH8H0mulJ11qOPAwHISvZFVJ5jpklQE4Z
+7Eb+NKP/3tyGCE2IJPul0aKSBPjiMOwXlmD6FpDe2yoPxslu8/8nh28mo6Oyxnu/
+9WhnEv7u+P/VDUwI7avTRqj61m6mw39EfRMDrusJwa3MIZ1mmin+W6blUtOuuDUt
+6Oh1cGPTeZyNybZBPYgTibWaiYx8Od+zhQ40t6bC03U+DxxuNfCgOsieGeOc6JzJ
+Rtd7Tye8TAyVn9WDQyllvmO/Lst6oHpb50vKX5Hd5Xo5Ju2K3xWSx5sMrL8BUhAi
+lpm4LM8YLTMKeaz5kaCdO8w0XKUJdFH9i/MEeAgSimZ0hIpvMpLSg25ySvMRS6Z7
+RsllA4xtnEG4Bu9P7FNeoyRm4Nd5UsIbug648wqXrf9PGsqPDjX7/3tSc67iJJ/w
+YgsOUIcrHsykhOIjVbpOeAKYwb1UAiXS2UjgDyVDX6atppHmAut1ig4ouJ27CUB7
+jhSVqoOxmxKpTzu+gHJo+cLb0ihVzvKu5EFI7b50KE8xPQCFHbe9YBdq3oGoq1M7
+OvBTVZ369d1yzwwK3U9lMUeysipVeSJeFCD057oJHJYxYmvv0LHQ1zX4DmW3HNHH
+U+A7+7aJnE1s9XNsCYbmUcY+14+WbTlUiCqMOAdCSzP8LHjRsf8a5DV/AgEDo4GI
+MIGFMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuYS10cnVzdC5hdC9jcmwv
+QS1UcnVzdC1Sb290LTA1MBMGA1UdIwQMMAqACED5uWe+A9IIMA8GA1UdEwEB/wQF
+MAMBAf8wEQYDVR0OBAoECEH4CDkbAegkMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG
+9w0BAQsFAAOCAgEAMqZmZqzadftaf6xB9WNWKnJixLBIVDjNUg3ypbmcwufqjmeA
+ij2Qyer09oxr0n1xpsOwc7dSVp7brDTvSVJg33Ef9TGbCrKo9urJUypQn7HiCp1+
+y6Csvzi3jkx/V1Zvd9U5VF7hIHQrOQv1Id8egB845oestS+zUlqM+SxXO28EYIsp
+iejWKWVi04nl+Ch85o1rZ9HBN6QxaoUU1Oo2+BaCyZqC+lWMv+wbCtM8YYLCME+t
+FiMfZC9WtBitt0TBE5LR7Gf1Wcalsaazgfcwr7gxVvXbS3j5y9IX0LsmUNUfgesd
+TTBPzZhQsryoZ3dpVbpdFj9ktBJkk2gzwYcVhXIGCGvOA96mm3b6uQrSuiWQJ9+N
+awWpiQI6C4GfPxkIt8idUyGbBzu5Nj613ekI/z5ZFYdQ3KGOqNxJRqQLVnjqOjO5
+YD1DY5L6Pjl341wwPFF5ZsEESlTn5qbPIfygf2swqfyuEPbV+jOvaR1HmuPunuda
+D42D5YJkpofIcvG9S4YsDJ6ZO6VvZ9f4cVxUiFDdfWc6tWQE3HEx6LDqZY5bjdie
+BwGqsS/623bdQyHgQOeZqMcC/kyUiKozTFPJwd92yx7oQda1k24U5qDC9xMi/s4c
+yHV2urDTvyVqphxKTw+64sW5z013vSBcQ2kKPxzwFkw/1MQF52upVhQqJ1c=
+-----END CERTIFICATE-----
diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-07.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-07.cer new file mode 100644 index 0000000..54eb44f --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-07.cer @@ -0,0 +1,35 @@ +-----BEGIN CERTIFICATE----- +MIIGKzCCBBOgAwIBAgIEDIaM9zANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMC +QVQxSDBGBgNVBAoMP0EtVHJ1c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUg +aW0gZWxla3RyLiBEYXRlbnZlcmtlaHIgR21iSDEYMBYGA1UECwwPQS1UcnVzdC1S +b290LTA3MRgwFgYDVQQDDA9BLVRydXN0LVJvb3QtMDcwHhcNMjAwMzExMTUxODE1 +WhcNMzYxMTEzMTQxODE1WjCBlzELMAkGA1UEBhMCQVQxSDBGBgNVBAoMP0EtVHJ1 +c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUgaW0gZWxla3RyLiBEYXRlbnZl +cmtlaHIgR21iSDEeMBwGA1UECwwVYS1zaWduLVByZW1pdW0tU2lnLTA3MR4wHAYD +VQQDDBVhLXNpZ24tUHJlbWl1bS1TaWctMDcwggIiMA0GCSqGSIb3DQEBAQUAA4IC +DwAwggIKAoICAQCb+OkeCkr3aNcwvBfmPfLeJDcDovCaWCGSSDMXslj11tKAPWHQ +A+rb4RVhCe9dPAZ46aR4+6+S8Lc6fvtzF8zwGU32MGvqUtZ8xg44TgzGWVmu3od2 +vr5nbeJINyiqJ0uh0slVSEP5Sh8lNLRrBu7hDS/mgXNZ7BcNoIAg4vadQ03+GbfA +vyaW7tp1fiAsTBDozehdcfpLvafAV9Qoiw9kAy13nlPzH/cq9vxlBj8USxixjulR +SCzM2hLKaefxvzmxzaaeZ5pOqhW75K4YS9LdV/AplW64HeUX5MP2lcvj8pt+UdoN +mEsLBFgScyd0q/MXHnERg4U2od95YOB7GvMzq8tEpF147+krbE6/2WdCsmlcBKZT ++9fxgy/61w9shVvAlHbGEG8tUYNeM6RMcK/g0B/qY4B6LkR03x6b2zv8DYhWWpM4 +CMGlPmds8bA0cMPFBZ7PhsJvHlqrIRtPbLWtm5sXILk9nFurWRxob8+r23JMODn2 +Q2Ulm5Z4CVyJfbYpuRTadUjZs+BNSE0S/6eC153uaCyP5vHplhHED8xXgpjr/GTC +PyJE6jRzfg+gUWr1WtTQKqyFaQfrTlEMiOD4UerBXTAd3Jz6FNY/FtC5h/t71nZx +YSXnUu8xQ/8JVY9lkq9ibq+CEzT8Mqn+rHy1mhxpadIa94BLRXX3zOSyowIDAQAB +o4GIMIGFMBMGA1UdIwQMMAqACETAEa1TJ4f0MBEGA1UdDgQKBAhN9Olivd8arjAO +BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zA6BgNVHR8EMzAxMC+gLaAr +hilodHRwOi8vY3JsLmEtdHJ1c3QuYXQvY3JsL0EtVHJ1c3QtUm9vdC0wNzANBgkq +hkiG9w0BAQsFAAOCAgEAZZFh7pWF69RyrGgdc1idFVgQJY5XFR80qBLBZdkOO5wF +to33OAoQCAfszJ1sR7I0+N8xf6wB8EhZeacArqz2inhgFudGvdmk6jlOIhUUs7ta +0bhuLUmBbzQwXOthQdTnU8+ZjbE5vsfgydIN0GJfhEj5pggRA5ICrTtekcG74UX/ +LOTPt4ppQ9sgsSGm4pjWSopDKM9Z0SjcfDUjPefIMYPyT6rI7oYgT1SmQqw4Gjud +l5lC+JhbHxgBcWOWcBVjMk7/5wH9klLqZYDbLmJ6PPcsm1jt8fyOgJBWrQaCnwrT +U2+KmvHgztiHgo3C0BIAh/on4qq95qCthS00qPwCrYLkNGiwexn/R7dHQu6yp0gG +uoLbXynoIeueCk7GC59AE0KZBtX6QzgqD/i8IfXNil41Tn3af1KFnL5iwE4yxe30 +w+c7O5eDxvK/NfyxWIrjxWISngIA1F6Ghlv71QM7zdOcvT3FdWPYWf8vRxPyEHm7 +jolmWjvwDwJGvgFggF4fHkH9LIvK5HKuG2SwXZJYkHZ+LKY8s26OLPm+DJKTXFTP +fVS7bz2p6ym2hig09Avraz31hjd1Gn9hEQfWhGdVM0m3RXLHXKWopI4JiA5XZLXo +/oeWmzUehZLowF7TvaiwA8//PfONZZus22OIo1QZvxZPjQd9/BVPIsB+YZqFgeI= +-----END CERTIFICATE----- diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_1.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_1.cer Binary files differnew file mode 100644 index 0000000..8ddc7d7 --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_1.cer diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_2.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_2.cer Binary files differnew file mode 100644 index 0000000..8cd2ed4 --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_2.cer diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_3.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_3.cer Binary files differnew file mode 100644 index 0000000..7c06592 --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_3.cer diff --git a/moaSig/moa-sig/src/test/resources/testdata/pkix/chain/672C4FE428C7E1F7DB9416279E271B8671C80E23.cer b/moaSig/moa-sig/src/test/resources/testdata/pkix/chain/672C4FE428C7E1F7DB9416279E271B8671C80E23.cer Binary files differnew file mode 100644 index 0000000..eaa20b6 --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/testdata/pkix/chain/672C4FE428C7E1F7DB9416279E271B8671C80E23.cer diff --git a/moaSig/moa-sig/src/test/resources/testdata/pkix/chain/F86591A6D86718886A0234B8E54E21AAEA63E24B.cer b/moaSig/moa-sig/src/test/resources/testdata/pkix/chain/F86591A6D86718886A0234B8E54E21AAEA63E24B.cer Binary files differnew file mode 100644 index 0000000..2bf4ad7 --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/testdata/pkix/chain/F86591A6D86718886A0234B8E54E21AAEA63E24B.cer |