aboutsummaryrefslogtreecommitdiff
path: root/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java
diff options
context:
space:
mode:
Diffstat (limited to 'moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java')
-rw-r--r--moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java321
1 files changed, 321 insertions, 0 deletions
diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java
new file mode 100644
index 0000000..8a3012a
--- /dev/null
+++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java
@@ -0,0 +1,321 @@
+package at.gv.egovernment.moa.spss.test.integration;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.util.Base64;
+import java.util.Collections;
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.time.DateFormatUtils;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
+import at.gv.egovernment.moa.spss.api.common.InputData;
+import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser;
+import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
+import at.gv.egovernment.moa.spss.server.init.StartupConfigurationHolder;
+import at.gv.egovernment.moa.spss.server.init.SystemInitializer;
+import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moaspss.logging.LoggingContext;
+import at.gv.egovernment.moaspss.logging.LoggingContextManager;
+import at.gv.egovernment.moaspss.util.Base64Utils;
+import at.gv.egovernment.moaspss.util.Constants;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class XadesIntegrationTest {
+
+ private static final String XMLNS_NS_URI = Constants.XMLNS_NS_URI;
+ private static final String MOA_NS_URI = Constants.MOA_NS_URI;
+ private static final String DSIG = Constants.DSIG_PREFIX + ":";
+ private static final String DEFAULT_XPATH_SIGNATURE_LOCATION = "//" + DSIG + "Signature";
+
+ public static final String PATTERN_ISSUE_INSTANT = "yyyy-MM-dd'T'HH:mm:ssXXX";
+
+ private static StartupConfigurationHolder moaSpssCore;
+ XMLSignatureVerificationInvoker cadesInvoker;
+
+ @BeforeClass
+ public static void classInitializer() throws IOException {
+ final String current = new java.io.File(".").getCanonicalPath();
+ System.setProperty("moa.spss.server.configuration",
+ current + "/src/test/resources/moaspss_config/MOASPSSConfiguration.xml");
+ moaSpssCore = SystemInitializer.init();
+
+ }
+
+ @Before
+ public void initializer() throws ConfigurationException {
+ cadesInvoker = XMLSignatureVerificationInvoker.getInstance();
+ setUpContexts(RandomStringUtils.randomAlphabetic(10));
+
+ }
+
+ @Test
+ public void missingTrustProfile() throws IOException, MOAApplicationException, ParserConfigurationException {
+ VerifyXMLSignatureRequest request = buildVerifyXmlRequest(
+ org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/xades/xmldsig_enveloped.b64")),
+ RandomStringUtils.randomAlphabetic(5), false,
+ null,
+ DEFAULT_XPATH_SIGNATURE_LOCATION,
+ null, Collections.emptyMap());
+
+ // perform test
+ MOAException error = assertThrows(MOAException.class,() -> cadesInvoker.verifyXMLSignature(request));
+ assertEquals("wrong errorCode", "2203", error.getMessageId());
+
+ }
+
+ @Test
+ public void basicValidationXadesSignature() throws MOAException, IOException, ParserConfigurationException {
+ VerifyXMLSignatureRequest request = buildVerifyXmlRequest(
+ org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/xades/xmldsig_enveloped.b64")),
+ "MOAIDBuergerkarteAuthentisierungsDaten", false,
+ null,
+ DEFAULT_XPATH_SIGNATURE_LOCATION,
+ null, Collections.emptyMap());
+
+ // perform test
+ VerifyXMLSignatureResponse result = cadesInvoker.verifyXMLSignature(request);
+
+ // verify result
+ assertNotNull("verification result", result);
+
+ assertEquals("sigCode", 0, result.getSignatureCheck().getCode());
+ assertEquals("certCode", 1, result.getCertificateCheck().getCode());
+
+ assertNotNull("signerInfo", result.getSignerInfo());
+ assertNull("issuerCC", result.getSignerInfo().getIssuerCountryCode());
+ assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority());
+ assertFalse("QC", result.getSignerInfo().isQualifiedCertificate());
+ assertFalse("SSCD", result.getSignerInfo().isSSCD());
+ assertNull("TSL infos", result.getSignerInfo().getTslInfos());
+
+ assertNull("form val. result", result.getAdESFormResults());
+ assertNull("extended val. result", result.getExtendedCertificateCheck());
+ assertNull("used sig alg", result.getSignatureAlgorithm());
+
+ }
+
+ @Test
+ public void extendedValidationXadesSignature() throws MOAException, IOException, ParserConfigurationException {
+ VerifyXMLSignatureRequest request = buildVerifyXmlRequest(
+ org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/xades/xmldsig_enveloped.b64")),
+ "MOAIDBuergerkarteAuthentisierungsDaten", true,
+ null,
+ DEFAULT_XPATH_SIGNATURE_LOCATION,
+ null, Collections.emptyMap());
+
+ // perform test
+ VerifyXMLSignatureResponse result = cadesInvoker.verifyXMLSignature(request);
+
+ // verify result
+ assertNotNull("verification result", result);
+ assertEquals("sigCode", 0, result.getSignatureCheck().getCode());
+ assertEquals("certCode", 1, result.getCertificateCheck().getCode());
+ assertEquals("manifestCode", 0, result.getSignatureManifestCheck().getCode());
+ assertTrue("manifest refs", result.getXMLDsigManifestChecks().isEmpty());
+
+ assertEquals("hash inputdata", 1, result.getHashInputDatas().size());
+ assertEquals("hash input data alg", "SHA-256",
+ ((InputData)result.getHashInputDatas().get(0)).getHashAlgorithm());
+ assertEquals("hash input data part", "SignedInfo",
+ ((InputData)result.getHashInputDatas().get(0)).getPartOf());
+ assertEquals("hash input data ref. number", -1,
+ ((InputData)result.getHashInputDatas().get(0)).getReferringReferenceNumber());
+
+
+ assertNotNull("signerInfo", result.getSignerInfo());
+ assertNull("issuerCC", result.getSignerInfo().getIssuerCountryCode());
+ assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority());
+ assertFalse("QC", result.getSignerInfo().isQualifiedCertificate());
+ assertFalse("SSCD", result.getSignerInfo().isSSCD());
+ assertNull("TSL infos", result.getSignerInfo().getTslInfos());
+
+ assertNotNull("form val. result", result.getAdESFormResults());
+ assertEquals("form val. result size", 1, result.getAdESFormResults().size());
+ for (Object el : result.getAdESFormResults()) {
+ AdESFormResults test = ((AdESFormResults)el);
+ assertEquals("Find wrong form val status", 3, test.getCode().longValue());
+
+ }
+
+ assertNotNull("extended val. result", result.getExtendedCertificateCheck());
+ assertEquals("ext. val major", 4, result.getExtendedCertificateCheck().getMajorCode());
+ assertEquals("ext. val major", 24, result.getExtendedCertificateCheck().getMinorCode());
+
+ assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm());
+
+ }
+
+ private VerifyXMLSignatureRequest buildVerifyXmlRequest(final byte[] signature, final String trustProfileID, boolean extValFlag,
+ final List<String> verifyTransformsInfoProfileID, final String xpathSignatureLocation,
+ Date sigValDate, final Map<String, byte[]> supplementContent) throws IOException, ParserConfigurationException, MOAApplicationException {
+ // build empty document
+ final Document requestDoc_ = getNewDocumentBuilder();
+
+ final Element requestElem_ =
+ requestDoc_.createElementNS(MOA_NS_URI, "VerifyXMLSignatureRequest");
+ requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns", MOA_NS_URI);
+ requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns:" + Constants.DSIG_PREFIX,
+ Constants.DSIG_NS_URI);
+ requestDoc_.appendChild(requestElem_);
+
+ // build the request
+
+ // build set signing time
+ if (sigValDate != null) {
+ final Element dateTimeElem = requestDoc_.createElementNS(MOA_NS_URI, "DateTime");
+ requestElem_.appendChild(dateTimeElem);
+ final Node dateTime = requestDoc_.createTextNode(
+ DateFormatUtils.format(sigValDate, PATTERN_ISSUE_INSTANT));
+ dateTimeElem.appendChild(dateTime);
+
+ }
+
+ //extended validation flag
+ final Element extVal = requestDoc_.createElementNS(MOA_NS_URI, "ExtendedValidation");
+ requestElem_.appendChild(extVal);
+ final Node extValElement = requestDoc_.createTextNode(String.valueOf(extValFlag));
+ extVal.appendChild(extValElement);
+
+ //set other parameters
+ final Element verifiySignatureInfoElem =
+ requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo");
+ requestElem_.appendChild(verifiySignatureInfoElem);
+ final Element verifySignatureEnvironmentElem =
+ requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureEnvironment");
+ verifiySignatureInfoElem.appendChild(verifySignatureEnvironmentElem);
+ final Element base64ContentElem = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content");
+ verifySignatureEnvironmentElem.appendChild(base64ContentElem);
+
+ // insert the base64 encoded signature
+ String base64EncodedAssertion = Base64Utils.encode(signature);
+ // replace all '\r' characters by no char.
+ final StringBuffer replaced = new StringBuffer();
+ for (int i = 0; i < base64EncodedAssertion.length(); i++) {
+ final char c = base64EncodedAssertion.charAt(i);
+ if (c != '\r') {
+ replaced.append(c);
+ }
+ }
+ base64EncodedAssertion = replaced.toString();
+ final Node base64Content = requestDoc_.createTextNode(base64EncodedAssertion);
+ base64ContentElem.appendChild(base64Content);
+
+ // specify the signature location
+ final Element verifySignatureLocationElem =
+ requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation");
+ verifiySignatureInfoElem.appendChild(verifySignatureLocationElem);
+ final Node signatureLocation = requestDoc_.createTextNode(xpathSignatureLocation);
+ verifySignatureLocationElem.appendChild(signatureLocation);
+
+ // signature manifest params
+ if (verifyTransformsInfoProfileID != null && !verifyTransformsInfoProfileID.isEmpty()) {
+ final Element signatureManifestCheckParamsElem =
+ requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams");
+ requestElem_.appendChild(signatureManifestCheckParamsElem);
+ signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false");
+
+ // verify transformations
+ final Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo");
+ signatureManifestCheckParamsElem.appendChild(referenceInfoElem);
+ for (final String element : verifyTransformsInfoProfileID) {
+ final Element verifyTransformsInfoProfileIdElem =
+ requestDoc_.createElementNS(MOA_NS_URI, "VerifyTransformsInfoProfileID");
+ referenceInfoElem.appendChild(verifyTransformsInfoProfileIdElem);
+ verifyTransformsInfoProfileIdElem.appendChild(requestDoc_.createTextNode(element));
+
+ }
+ }
+
+ // hashinput data
+ final Element returnHashInputDataElem =
+ requestDoc_.createElementNS(MOA_NS_URI, "ReturnHashInputData");
+ requestElem_.appendChild(returnHashInputDataElem);
+
+ // add trustProfileID
+ final Element trustProfileIdElem = requestDoc_.createElementNS(MOA_NS_URI, "TrustProfileID");
+ trustProfileIdElem.appendChild(requestDoc_.createTextNode(trustProfileID));
+ requestElem_.appendChild(trustProfileIdElem);
+
+ // add supplement profile
+ if (!supplementContent.isEmpty()) {
+
+ final Element supplementProfile = requestDoc_.createElementNS(MOA_NS_URI, "SupplementProfile");
+
+ for (Map.Entry<String, byte[]> entry: supplementContent.entrySet()) {
+ String reference = entry.getKey();
+ byte[] contentBytes = entry.getValue();
+ final Element content = requestDoc_.createElementNS(MOA_NS_URI, "Content");
+ content.setAttribute("Reference", reference);
+ final Element b64content = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content");
+ b64content.setTextContent(Base64Utils.encode(contentBytes));
+ content.appendChild(b64content);
+ supplementProfile.appendChild(content);
+ }
+
+ requestElem_.appendChild(supplementProfile);
+ }
+
+ return new VerifyXMLSignatureRequestParser().parse(requestElem_);
+
+ }
+
+ protected synchronized Document getNewDocumentBuilder() throws ParserConfigurationException {
+ final DocumentBuilder docBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
+ return docBuilder.newDocument();
+
+ }
+
+ protected final void setUpContexts(final String transactionID) throws ConfigurationException {
+ final TransactionContextManager txMgr = TransactionContextManager.getInstance();
+ final LoggingContextManager logMgr = LoggingContextManager.getInstance();
+
+ if (txMgr.getTransactionContext() == null) {
+ final TransactionContext ctx =
+ new TransactionContext(transactionID, null, moaSpssCore.getMoaSpssConfig());
+ txMgr.setTransactionContext(ctx);
+
+ }
+
+ //set Logging context into MOA-Sig
+ if (logMgr.getLoggingContext() == null) {
+ final LoggingContext ctx = new LoggingContext(transactionID);
+ logMgr.setLoggingContext(ctx);
+
+ }
+
+ //new IaikConfigurator().configure(moaSigConfig.getMoaSigConfig());
+
+ }
+
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 16:36:07 +0000