diff options
Diffstat (limited to 'moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java')
-rw-r--r-- | moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java | 321 |
1 files changed, 321 insertions, 0 deletions
diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java new file mode 100644 index 0000000..8a3012a --- /dev/null +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java @@ -0,0 +1,321 @@ +package at.gv.egovernment.moa.spss.test.integration; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertThrows; +import static org.junit.Assert.assertTrue; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.util.Base64; +import java.util.Collections; +import java.util.Date; +import java.util.List; +import java.util.Map; + +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; + +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang3.RandomStringUtils; +import org.apache.commons.lang3.time.DateFormatUtils; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.Node; + +import at.gv.egovernment.moa.spss.MOAApplicationException; +import at.gv.egovernment.moa.spss.MOAException; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; +import at.gv.egovernment.moa.spss.api.common.InputData; +import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser; +import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.spss.server.config.ConfigurationException; +import at.gv.egovernment.moa.spss.server.init.StartupConfigurationHolder; +import at.gv.egovernment.moa.spss.server.init.SystemInitializer; +import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; +import at.gv.egovernment.moaspss.logging.LoggingContext; +import at.gv.egovernment.moaspss.logging.LoggingContextManager; +import at.gv.egovernment.moaspss.util.Base64Utils; +import at.gv.egovernment.moaspss.util.Constants; + +@RunWith(BlockJUnit4ClassRunner.class) +public class XadesIntegrationTest { + + private static final String XMLNS_NS_URI = Constants.XMLNS_NS_URI; + private static final String MOA_NS_URI = Constants.MOA_NS_URI; + private static final String DSIG = Constants.DSIG_PREFIX + ":"; + private static final String DEFAULT_XPATH_SIGNATURE_LOCATION = "//" + DSIG + "Signature"; + + public static final String PATTERN_ISSUE_INSTANT = "yyyy-MM-dd'T'HH:mm:ssXXX"; + + private static StartupConfigurationHolder moaSpssCore; + XMLSignatureVerificationInvoker cadesInvoker; + + @BeforeClass + public static void classInitializer() throws IOException { + final String current = new java.io.File(".").getCanonicalPath(); + System.setProperty("moa.spss.server.configuration", + current + "/src/test/resources/moaspss_config/MOASPSSConfiguration.xml"); + moaSpssCore = SystemInitializer.init(); + + } + + @Before + public void initializer() throws ConfigurationException { + cadesInvoker = XMLSignatureVerificationInvoker.getInstance(); + setUpContexts(RandomStringUtils.randomAlphabetic(10)); + + } + + @Test + public void missingTrustProfile() throws IOException, MOAApplicationException, ParserConfigurationException { + VerifyXMLSignatureRequest request = buildVerifyXmlRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/xades/xmldsig_enveloped.b64")), + RandomStringUtils.randomAlphabetic(5), false, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + MOAException error = assertThrows(MOAException.class,() -> cadesInvoker.verifyXMLSignature(request)); + assertEquals("wrong errorCode", "2203", error.getMessageId()); + + } + + @Test + public void basicValidationXadesSignature() throws MOAException, IOException, ParserConfigurationException { + VerifyXMLSignatureRequest request = buildVerifyXmlRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/xades/xmldsig_enveloped.b64")), + "MOAIDBuergerkarteAuthentisierungsDaten", false, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + VerifyXMLSignatureResponse result = cadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertNull("issuerCC", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", result.getSignerInfo().isSSCD()); + assertNull("TSL infos", result.getSignerInfo().getTslInfos()); + + assertNull("form val. result", result.getAdESFormResults()); + assertNull("extended val. result", result.getExtendedCertificateCheck()); + assertNull("used sig alg", result.getSignatureAlgorithm()); + + } + + @Test + public void extendedValidationXadesSignature() throws MOAException, IOException, ParserConfigurationException { + VerifyXMLSignatureRequest request = buildVerifyXmlRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/xades/xmldsig_enveloped.b64")), + "MOAIDBuergerkarteAuthentisierungsDaten", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + VerifyXMLSignatureResponse result = cadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + assertEquals("manifestCode", 0, result.getSignatureManifestCheck().getCode()); + assertTrue("manifest refs", result.getXMLDsigManifestChecks().isEmpty()); + + assertEquals("hash inputdata", 1, result.getHashInputDatas().size()); + assertEquals("hash input data alg", "SHA-256", + ((InputData)result.getHashInputDatas().get(0)).getHashAlgorithm()); + assertEquals("hash input data part", "SignedInfo", + ((InputData)result.getHashInputDatas().get(0)).getPartOf()); + assertEquals("hash input data ref. number", -1, + ((InputData)result.getHashInputDatas().get(0)).getReferringReferenceNumber()); + + + assertNotNull("signerInfo", result.getSignerInfo()); + assertNull("issuerCC", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", result.getSignerInfo().isSSCD()); + assertNull("TSL infos", result.getSignerInfo().getTslInfos()); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertEquals("form val. result size", 1, result.getAdESFormResults().size()); + for (Object el : result.getAdESFormResults()) { + AdESFormResults test = ((AdESFormResults)el); + assertEquals("Find wrong form val status", 3, test.getCode().longValue()); + + } + + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("ext. val major", 4, result.getExtendedCertificateCheck().getMajorCode()); + assertEquals("ext. val major", 24, result.getExtendedCertificateCheck().getMinorCode()); + + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + private VerifyXMLSignatureRequest buildVerifyXmlRequest(final byte[] signature, final String trustProfileID, boolean extValFlag, + final List<String> verifyTransformsInfoProfileID, final String xpathSignatureLocation, + Date sigValDate, final Map<String, byte[]> supplementContent) throws IOException, ParserConfigurationException, MOAApplicationException { + // build empty document + final Document requestDoc_ = getNewDocumentBuilder(); + + final Element requestElem_ = + requestDoc_.createElementNS(MOA_NS_URI, "VerifyXMLSignatureRequest"); + requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns", MOA_NS_URI); + requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns:" + Constants.DSIG_PREFIX, + Constants.DSIG_NS_URI); + requestDoc_.appendChild(requestElem_); + + // build the request + + // build set signing time + if (sigValDate != null) { + final Element dateTimeElem = requestDoc_.createElementNS(MOA_NS_URI, "DateTime"); + requestElem_.appendChild(dateTimeElem); + final Node dateTime = requestDoc_.createTextNode( + DateFormatUtils.format(sigValDate, PATTERN_ISSUE_INSTANT)); + dateTimeElem.appendChild(dateTime); + + } + + //extended validation flag + final Element extVal = requestDoc_.createElementNS(MOA_NS_URI, "ExtendedValidation"); + requestElem_.appendChild(extVal); + final Node extValElement = requestDoc_.createTextNode(String.valueOf(extValFlag)); + extVal.appendChild(extValElement); + + //set other parameters + final Element verifiySignatureInfoElem = + requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo"); + requestElem_.appendChild(verifiySignatureInfoElem); + final Element verifySignatureEnvironmentElem = + requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureEnvironment"); + verifiySignatureInfoElem.appendChild(verifySignatureEnvironmentElem); + final Element base64ContentElem = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content"); + verifySignatureEnvironmentElem.appendChild(base64ContentElem); + + // insert the base64 encoded signature + String base64EncodedAssertion = Base64Utils.encode(signature); + // replace all '\r' characters by no char. + final StringBuffer replaced = new StringBuffer(); + for (int i = 0; i < base64EncodedAssertion.length(); i++) { + final char c = base64EncodedAssertion.charAt(i); + if (c != '\r') { + replaced.append(c); + } + } + base64EncodedAssertion = replaced.toString(); + final Node base64Content = requestDoc_.createTextNode(base64EncodedAssertion); + base64ContentElem.appendChild(base64Content); + + // specify the signature location + final Element verifySignatureLocationElem = + requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation"); + verifiySignatureInfoElem.appendChild(verifySignatureLocationElem); + final Node signatureLocation = requestDoc_.createTextNode(xpathSignatureLocation); + verifySignatureLocationElem.appendChild(signatureLocation); + + // signature manifest params + if (verifyTransformsInfoProfileID != null && !verifyTransformsInfoProfileID.isEmpty()) { + final Element signatureManifestCheckParamsElem = + requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams"); + requestElem_.appendChild(signatureManifestCheckParamsElem); + signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false"); + + // verify transformations + final Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo"); + signatureManifestCheckParamsElem.appendChild(referenceInfoElem); + for (final String element : verifyTransformsInfoProfileID) { + final Element verifyTransformsInfoProfileIdElem = + requestDoc_.createElementNS(MOA_NS_URI, "VerifyTransformsInfoProfileID"); + referenceInfoElem.appendChild(verifyTransformsInfoProfileIdElem); + verifyTransformsInfoProfileIdElem.appendChild(requestDoc_.createTextNode(element)); + + } + } + + // hashinput data + final Element returnHashInputDataElem = + requestDoc_.createElementNS(MOA_NS_URI, "ReturnHashInputData"); + requestElem_.appendChild(returnHashInputDataElem); + + // add trustProfileID + final Element trustProfileIdElem = requestDoc_.createElementNS(MOA_NS_URI, "TrustProfileID"); + trustProfileIdElem.appendChild(requestDoc_.createTextNode(trustProfileID)); + requestElem_.appendChild(trustProfileIdElem); + + // add supplement profile + if (!supplementContent.isEmpty()) { + + final Element supplementProfile = requestDoc_.createElementNS(MOA_NS_URI, "SupplementProfile"); + + for (Map.Entry<String, byte[]> entry: supplementContent.entrySet()) { + String reference = entry.getKey(); + byte[] contentBytes = entry.getValue(); + final Element content = requestDoc_.createElementNS(MOA_NS_URI, "Content"); + content.setAttribute("Reference", reference); + final Element b64content = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content"); + b64content.setTextContent(Base64Utils.encode(contentBytes)); + content.appendChild(b64content); + supplementProfile.appendChild(content); + } + + requestElem_.appendChild(supplementProfile); + } + + return new VerifyXMLSignatureRequestParser().parse(requestElem_); + + } + + protected synchronized Document getNewDocumentBuilder() throws ParserConfigurationException { + final DocumentBuilder docBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder(); + return docBuilder.newDocument(); + + } + + protected final void setUpContexts(final String transactionID) throws ConfigurationException { + final TransactionContextManager txMgr = TransactionContextManager.getInstance(); + final LoggingContextManager logMgr = LoggingContextManager.getInstance(); + + if (txMgr.getTransactionContext() == null) { + final TransactionContext ctx = + new TransactionContext(transactionID, null, moaSpssCore.getMoaSpssConfig()); + txMgr.setTransactionContext(ctx); + + } + + //set Logging context into MOA-Sig + if (logMgr.getLoggingContext() == null) { + final LoggingContext ctx = new LoggingContext(transactionID); + logMgr.setLoggingContext(ctx); + + } + + //new IaikConfigurator().configure(moaSigConfig.getMoaSigConfig()); + + } + +} |