diff options
Diffstat (limited to 'moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/CadesIntegrationWithMoaSpssSvaConfigTest.java')
-rw-r--r-- | moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/CadesIntegrationWithMoaSpssSvaConfigTest.java | 265 |
1 files changed, 265 insertions, 0 deletions
diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/CadesIntegrationWithMoaSpssSvaConfigTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/CadesIntegrationWithMoaSpssSvaConfigTest.java new file mode 100644 index 0000000..f9f396d --- /dev/null +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/CadesIntegrationWithMoaSpssSvaConfigTest.java @@ -0,0 +1,265 @@ +package at.gv.egovernment.moa.spss.test.integration; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertThrows; +import static org.junit.Assert.assertTrue; + +import java.io.IOException; +import java.lang.reflect.Field; + +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.AfterClass; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +import at.gv.egovernment.moa.spss.MOAException; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; +import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults; +import at.gv.egovernment.moa.spss.server.config.ConfigurationException; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import at.gv.egovernment.moa.spss.server.init.SystemInitializer; +import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; +import at.gv.egovernment.moa.spss.tsl.TSLServiceFactory; +import iaik.pki.Configurator; +import iaik.pki.PKIFactory; + +@RunWith(BlockJUnit4ClassRunner.class) +public class CadesIntegrationWithMoaSpssSvaConfigTest extends AbstractIntegrationTest { + + CMSSignatureVerificationInvoker cadesInvoker; + + @BeforeClass + public static void classInitializer() throws IOException, ConfigurationException, + NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException { + jvmStateReset(); + + final String current = new java.io.File(".").getCanonicalPath(); + System.setProperty("moa.spss.server.configuration", + current + "/src/test/resources/moaspss_config/MOASPSSConfiguration.xml"); + System.setProperty("iaik.esi.sva.configuration.location", + current + "/src/test/resources/moaspss_config/svaconfig.example"); + moaSpssCore = SystemInitializer.init(); + + } + + @AfterClass + public static void classReset() throws NoSuchFieldException, + SecurityException, IllegalArgumentException, IllegalAccessException { + + // reset TSL client + final Field field1 = TSLServiceFactory.class.getDeclaredField("tslClient"); + field1.setAccessible(true); + field1.set(null, null); + + final Field field2 = ConfigurationProvider.class.getDeclaredField("instance"); + field2.setAccessible(true); + field2.set(null, null); + + final Field field3 = PKIFactory.class.getDeclaredField("instance_"); + field3.setAccessible(true); + field3.set(null, null); + + final Field field4 = Configurator.class.getDeclaredField("C"); + field4.setAccessible(true); + field4.set(null, false); + + } + + @Before + public void initializer() throws ConfigurationException { + cadesInvoker = CMSSignatureVerificationInvoker.getInstance(); + setUpContexts(RandomStringUtils.randomAlphabetic(10)); + + } + + @Test + public void missingTrustProfile() throws IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/cades/simpleCadesSig.b64")), + RandomStringUtils.randomAlphabetic(5), + false, + false); + + // perform test + final MOAException error = assertThrows(MOAException.class, () -> cadesInvoker.verifyCMSSignature( + request)); + assertEquals("wrong errorCode", "2203", error.getMessageId()); + + } + + @Test + public void basicValidationAtrustEidCadesSignature() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/cades/ATrust_SigTest1.b64")), + "MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten", + false, + false); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + assertEquals("wrong result size", 1, result.getResponseElements().size()); + + final VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result + .getResponseElements().get(0); + assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); + assertEquals("certCode", 0, cmsResult.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", cmsResult.getSignerInfo()); + assertEquals("issuerCC", "AT", cmsResult.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", cmsResult.getSignerInfo().isPublicAuthority()); + assertTrue("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", cmsResult.getSignerInfo().isSSCD()); + assertNull("TSL infos", cmsResult.getSignerInfo().getTslInfos()); + + assertNull("form val. result", cmsResult.getAdESFormResults()); + assertNull("extended val. result", cmsResult.getExtendedCertificateCheck()); + assertNull("byteRange", cmsResult.getByteRangeOfSignature()); + assertNull("used sig alg", cmsResult.getSignatureAlgorithm()); + + } + + @Test + public void extendedValidationAtrustEidCadesSignature() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/cades/ATrust_SigTest1.b64")), + "MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten", + false, + true); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + assertEquals("wrong result size", 1, result.getResponseElements().size()); + + final VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result + .getResponseElements().get(0); + assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); + assertEquals("certCode", 0, cmsResult.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", cmsResult.getSignerInfo()); + assertEquals("issuerCC", "AT", cmsResult.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", cmsResult.getSignerInfo().isPublicAuthority()); + assertTrue("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", cmsResult.getSignerInfo().isSSCD()); + assertNull("TSL infos", cmsResult.getSignerInfo().getTslInfos()); + + assertNotNull("form val. result", cmsResult.getAdESFormResults()); + assertEquals("form val. result size", 4, cmsResult.getAdESFormResults().size()); + for (final Object el : cmsResult.getAdESFormResults()) { + final AdESFormResults test = (AdESFormResults) el; + if (test.getCode().longValue() == 0) { + assertEquals("wrong from name", "B-B", test.getName()); + + } else { + assertEquals("Find wrong form val status", 2, test.getCode().longValue()); + + } + } + + assertNotNull("extended val. result", cmsResult.getExtendedCertificateCheck()); + assertEquals("ext. val major", 0, cmsResult.getExtendedCertificateCheck().getMajorCode()); + assertEquals("ext. val major", 23, cmsResult.getExtendedCertificateCheck().getMinorCode()); + + assertNull("byteRange", cmsResult.getByteRangeOfSignature()); + assertEquals("used sig alg", "SHA256withECDSA", cmsResult.getSignatureAlgorithm()); + + } + + @Test + public void basicValidationCadesSignature() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/cades/simpleCadesSig.b64")), + "MOAIDBuergerkarteAuthentisierungsDaten", + false, + false); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + assertEquals("wrong result size", 1, result.getResponseElements().size()); + + final VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result + .getResponseElements().get(0); + assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); + assertEquals("certCode", 1, cmsResult.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", cmsResult.getSignerInfo()); + assertEquals("issuerCC", "AT", cmsResult.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", cmsResult.getSignerInfo().isPublicAuthority()); + assertFalse("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", cmsResult.getSignerInfo().isSSCD()); + assertNull("TSL infos", cmsResult.getSignerInfo().getTslInfos()); + + assertNull("form val. result", cmsResult.getAdESFormResults()); + assertNull("extended val. result", cmsResult.getExtendedCertificateCheck()); + assertNull("byteRange", cmsResult.getByteRangeOfSignature()); + assertNull("used sig alg", cmsResult.getSignatureAlgorithm()); + + } + + @Test + public void extendedValidationCadesSignature() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/cades/simpleCadesSig.b64")), + "MOAIDBuergerkarteAuthentisierungsDaten", + false, + true); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + assertEquals("wrong result size", 1, result.getResponseElements().size()); + + final VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result + .getResponseElements().get(0); + assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); + assertEquals("certCode", 1, cmsResult.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", cmsResult.getSignerInfo()); + assertEquals("issuerCC", "AT", cmsResult.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", cmsResult.getSignerInfo().isPublicAuthority()); + assertFalse("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", cmsResult.getSignerInfo().isSSCD()); + assertNull("TSL infos", cmsResult.getSignerInfo().getTslInfos()); + + assertNotNull("form val. result", cmsResult.getAdESFormResults()); + assertEquals("form val. result size", 4, cmsResult.getAdESFormResults().size()); + for (final Object el : cmsResult.getAdESFormResults()) { + final AdESFormResults test = (AdESFormResults) el; + assertEquals("Find wrong form val status", 1, test.getCode().longValue()); + + } + + assertNotNull("extended val. result", cmsResult.getExtendedCertificateCheck()); + assertEquals("ext. val major", 2, cmsResult.getExtendedCertificateCheck().getMajorCode()); + assertEquals("ext. val major", 14, cmsResult.getExtendedCertificateCheck().getMinorCode()); + + assertNull("byteRange", cmsResult.getByteRangeOfSignature()); + assertEquals("used sig alg", "SHA256withRSA", cmsResult.getSignatureAlgorithm()); + + } + +} |