diff options
author | Thomas <> | 2023-06-23 09:50:18 +0200 |
---|---|---|
committer | Thomas <> | 2023-06-23 09:50:18 +0200 |
commit | 38bba13a16b041693850ddd1847adceba616d93b (patch) | |
tree | e9e8ff7fe114556224db135b2a42411f01bb5c28 /moaSig/moa-sig | |
parent | ad42c0d94412597de4b28e1dad292b49482e0f33 (diff) | |
download | moa-sig-38bba13a16b041693850ddd1847adceba616d93b.tar.gz moa-sig-38bba13a16b041693850ddd1847adceba616d93b.tar.bz2 moa-sig-38bba13a16b041693850ddd1847adceba616d93b.zip |
test(core): add some more PDF and PAdES validation checks
Diffstat (limited to 'moaSig/moa-sig')
3 files changed, 64 insertions, 6 deletions
diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java index e210ddf..9cee722 100644 --- a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java @@ -11,6 +11,7 @@ import java.io.FileInputStream; import java.io.IOException; import java.security.cert.Certificate; import java.security.cert.CertificateException; +import java.util.Base64; import java.util.Date; import org.apache.commons.io.IOUtils; @@ -88,7 +89,6 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { } - @Ignore @Test public void basicValidationCadesSignature() throws MOAException, IOException { final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( @@ -124,7 +124,6 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { } - @Ignore @Test public void extendedValidationCadesSignature() throws MOAException, IOException { final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( @@ -163,7 +162,9 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { assertNotNull("extended val. result", cmsResult.getExtendedCertificateCheck()); assertEquals("ext. val major", 1, cmsResult.getExtendedCertificateCheck().getMajorCode()); - assertEquals("ext. val major", 24, cmsResult.getExtendedCertificateCheck().getMinorCode()); + + // because was signed by using SHA1 after xxxx + assertEquals("ext. val major", 2, cmsResult.getExtendedCertificateCheck().getMinorCode()); assertNotNull("byteRange", cmsResult.getByteRangeOfSignature()); assertEquals("used sig alg", "SHA1withRSA", cmsResult.getSignatureAlgorithm()); @@ -202,11 +203,38 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { // perform test final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); - + // verify result assertNotNull("verification result", result); + final VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result + .getResponseElements().get(0); + assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); + assertEquals("certCode", 0, cmsResult.getCertificateCheck().getCode()); + + assertTrue("Amtssignatur", cmsResult.getSignerInfo().isPublicAuthority()); + assertEquals("Amtssignatur", "L4AL", cmsResult.getSignerInfo().getPublicAuhtorityID()); + + assertFalse("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", cmsResult.getSignerInfo().isSSCD()); + + assertEquals("CountryCode", "AT", cmsResult.getSignerInfo().getIssuerCountryCode()); + + assertNotNull("extended val. result", cmsResult.getExtendedCertificateCheck()); + assertEquals("ext. val major", 2, cmsResult.getExtendedCertificateCheck().getMajorCode()); + // it's no valid CAdES signature because it does not include SignatureCertificateInfo extension + assertEquals("ext. val major", 13, cmsResult.getExtendedCertificateCheck().getMinorCode()); + + assertNotNull("form val. result", cmsResult.getAdESFormResults()); + assertEquals("form val. result size", 4, cmsResult.getAdESFormResults().size()); + + //it's not valid because it's no CAdES signature, it's a "adbe.pkcs7.detached" + for (final Object el : cmsResult.getAdESFormResults()) { + assertEquals("Find wrong form val status", 2, ((AdESFormResults) el).getCode().longValue()); + + } + } @Ignore @@ -224,8 +252,11 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { // verify result assertNotNull("verification result", result); - - + final VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result + .getResponseElements().get(0); + assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); + assertEquals("certCode", 0, cmsResult.getCertificateCheck().getCode()); + assertEquals("Amtssignatur", "", cmsResult.getSignerInfo().getPublicAuhtorityID()); } diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-corporate-light-02.crt b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-corporate-light-02.crt new file mode 100644 index 0000000..717466c --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-corporate-light-02.crt @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEizCCA3OgAwIBAgIDFTtJMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1 +YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA5MDUxMzQwMTVa +Fw0yNDA5MDUxMTQwMTVaMIGfMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz +dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy +a2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMSIw +IAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAk6V4oEauvXgEICqgjTbGHaiDhBVo2nosX23osoKM +LTkkO/nOCgpdCYpLKgURxwrgHgVh9XT99yxhy6lDwt2rASajj0sQ1fY5BmWVyrXS +dQ78ISMPb73XaG4M8H7PJFcsVEo9n8veVQwnMY5mSWy0r1IO8n93Bjbmmi4Zt8oS +p9olWo5/8ByYW8S/AKZuQx+q+bFJv7geuApVjK2iVFe8yQqHhAgDsAsDlMvxDAQ/ +vhrGwHRv8N3sLsjirnbf5S2dGLDjASOMUFvwfLQd7gHH7PV37Xa+aQqa97eE6O4O +sIhcGRYhoLk/tWTBDapcgHJ0yTtrftuwORVteLUAy0gBNwIDAQABo4HhMIHeMA8G +A1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEkcWDpP6A0DMBMGA1UdIwQMMAqACEI9 +KySmwUXOMA4GA1UdDwEB/wQEAwIBBjCBkgYDVR0fBIGKMIGHMIGEoIGBoH+GfWxk +YXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9QS1UcnVzdC1RdWFsLTAyLG89QS1UcnVz +dCxjPUFUP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q/YmFzZT9vYmplY3RjbGFz +cz1laWRDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MA0GCSqGSIb3DQEBBQUAA4IBAQAT +LnGyoe38+pkybrpLl/b3htAvX6nePU6rFPFS9P2NK+hG5yV8gfMdHdeEaKICVbhI +Y8LFt5fF74GPFhEFT+6YiBJXFFZG229FbIPcVWReRl2XrFKJlRP/1eZyvqpxD1WE +SqN73MKGwgpUSPzRESHAtAODl/baRn/M4Xpb+MChVI6BoMdo/08FeSZPbT7N63dm +/Da3+Ywx84D40NKdoORu2yPUs8nMzeQVCnx7Lb9U7HRSR7wXgZrhwtULsrENRY0T +tq/+o4sOWzs/NgZyEg6mmOAK4K5Vup3mikIMyF7Z92RwmsaMM6We/vIcc6DlWbKw +WKniHZNw5/6aZAj4GX0R +-----END CERTIFICATE----- diff --git a/moaSig/moa-sig/src/test/resources/testdata/pades/TestAmtssignatur_Sign.pdf b/moaSig/moa-sig/src/test/resources/testdata/pades/TestAmtssignatur_Sign.pdf Binary files differnew file mode 100644 index 0000000..bdc6fe3 --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/testdata/pades/TestAmtssignatur_Sign.pdf |