diff options
Diffstat (limited to 'moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration')
3 files changed, 255 insertions, 2 deletions
diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java index fd5b278..d0e53d3 100644 --- a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java @@ -7,12 +7,18 @@ import static org.junit.Assert.assertNull; import static org.junit.Assert.assertThrows; import static org.junit.Assert.assertTrue; +import java.io.FileInputStream; import java.io.IOException; +import java.security.cert.Certificate; +import java.security.cert.CertificateException; +import java.util.Date; import org.apache.commons.io.IOUtils; +import org.apache.commons.lang3.ArrayUtils; import org.apache.commons.lang3.RandomStringUtils; import org.junit.Before; import org.junit.BeforeClass; +import org.junit.Ignore; import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.BlockJUnit4ClassRunner; @@ -23,8 +29,20 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults; import at.gv.egovernment.moa.spss.server.config.ConfigurationException; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import at.gv.egovernment.moa.spss.server.iaik.cmsverify.PDFSignatureVerificationProfileImpl; +import at.gv.egovernment.moa.spss.server.iaik.pki.PKIProfileImpl; import at.gv.egovernment.moa.spss.server.init.SystemInitializer; import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; +import at.gv.egovernment.moa.spss.server.logging.TransactionId; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; +import iaik.pki.PKIFactory; +import iaik.pki.PKIModule; +import iaik.pki.PKIResult; +import iaik.server.cmspdfverify.CMSVerifyUtils; +import iaik.x509.X509Certificate; +import at.gv.egovernment.moa.spss.test.integration.utils.CertificateReader; @RunWith(BlockJUnit4ClassRunner.class) public class PadesIntegrationTest extends AbstractIntegrationTest { @@ -39,6 +57,9 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { final String current = new java.io.File(".").getCanonicalPath(); System.setProperty("moa.spss.server.configuration", current + "/src/test/resources/moaspss_config/MOASPSSConfiguration.xml"); + System.setProperty("iaik.esi.sva.configuration.location", + current + "/src/test/resources/moaspss_config/svaconfig.example"); + moaSpssCore = SystemInitializer.init(); } @@ -50,6 +71,7 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { } + @Ignore @Test public void missingTrustProfile() throws IOException { final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( @@ -66,6 +88,7 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { } + @Ignore @Test public void basicValidationCadesSignature() throws MOAException, IOException { final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( @@ -101,6 +124,7 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { } + @Ignore @Test public void extendedValidationCadesSignature() throws MOAException, IOException { final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( @@ -138,12 +162,68 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { } assertNotNull("extended val. result", cmsResult.getExtendedCertificateCheck()); - assertEquals("ext. val major", 2, cmsResult.getExtendedCertificateCheck().getMajorCode()); + assertEquals("ext. val major", 1, cmsResult.getExtendedCertificateCheck().getMajorCode()); assertEquals("ext. val major", 24, cmsResult.getExtendedCertificateCheck().getMinorCode()); assertNotNull("byteRange", cmsResult.getByteRangeOfSignature()); assertEquals("used sig alg", "SHA1withRSA", cmsResult.getSignatureAlgorithm()); } + + @Ignore + @Test + public void padesLteTest() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + IOUtils.toByteArray(new FileInputStream("/home/tlenz/Projekte/signaturprueftool/test_docs/20220623_rtr/Amtsiegel.pdf")), + "MOAIDBuergerkarteAuthentisierungsDaten", + true, + false); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + + } + + @Test + public void padesOwnTest() throws Exception { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + IOUtils.toByteArray(new FileInputStream("/home/tlenz/Projekte/pdfas4/testdocs/enc_own_signed_neuer.pdf")), + "MOAIDBuergerkarteAuthentisierungsDaten", + true, + false); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + + + + + } + + @Ignore + @Test + public void pkixTest() throws Exception { + final String current = new java.io.File(".").getCanonicalPath(); + X509Certificate[] chain = CertificateReader.readCertificatesIntoArray(current + "/src/test/resources/testdata/pkix/chain/"); + + PKIModule pkiModule = PKIFactory.getInstance().getPKIModule( + new PKIProfileImpl(ConfigurationProvider.getInstance(), "MOAIDBuergerkarteAuthentisierungsDaten")); + PKIResult pkiResult = pkiModule.validateCertificate( + new Date(), + (X509Certificate) chain[0], + (X509Certificate[]) ArrayUtils.subarray(chain, 1, chain.length), + (boolean[])null, + new TransactionId("aabbccdd")); + + System.out.print("Finished"); + + } + } diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/OfficialEuTslTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/OfficialEuTslTest.java index 20b130a..50ad14e 100644 --- a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/OfficialEuTslTest.java +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/OfficialEuTslTest.java @@ -6,6 +6,7 @@ import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; +import java.io.FileInputStream; import java.io.IOException; import java.util.Arrays; import java.util.Collections; @@ -40,7 +41,6 @@ import at.gv.egovernment.moa.spss.server.monitoring.ServiceStatusContainer; import at.gv.egovernment.moa.spss.test.integration.AbstractIntegrationTest; @RunWith(BlockJUnit4ClassRunner.class) -@Ignore public class OfficialEuTslTest extends AbstractIntegrationTest { CMSSignatureVerificationInvoker cadesInvoker; @@ -162,4 +162,20 @@ public class OfficialEuTslTest extends AbstractIntegrationTest { } + @Test + public void padesLteTest() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + IOUtils.toByteArray(new FileInputStream("/home/tlenz/Projekte/signaturprueftool/test_docs/20220623_rtr/Amtsiegel.pdf")), + "OnlyTSL", + true, + true); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + + } + } diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/utils/CertificateReader.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/utils/CertificateReader.java new file mode 100644 index 0000000..db5d55f --- /dev/null +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/utils/CertificateReader.java @@ -0,0 +1,157 @@ +package at.gv.egovernment.moa.spss.test.integration.utils; +import java.io.BufferedInputStream; +import java.io.File; +import java.io.FileFilter; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.security.Security; +import java.security.cert.CertificateException; +import java.util.Arrays; +import java.util.Iterator; +import java.util.List; + +import iaik.pkcs.PKCS7CertList; +import iaik.pkcs.PKCSParsingException; +import iaik.security.provider.IAIK; +import iaik.utils.Util; +import iaik.x509.X509Certificate; +import iaik.xml.crypto.EccProviderAdapter; + +// Copyright (C) 2011 IAIK +// http://jce.iaik.at +// +// Copyright (C) 2011 Stiftung Secure Information and +// Communication Technologies SIC +// http://www.sic.st +// +// All rights reserved. +// +// This source is provided for inspection purposes and recompilation only, +// unless specified differently in a contract with IAIK. This source has to +// be kept in strict confidence and must not be disclosed to any third party +// under any circumstances. Redistribution in source and binary forms, with +// or without modification, are <not> permitted in any case! +// +// THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +// ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +// OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +// LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +// OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +// SUCH DAMAGE. +// +// + +public class CertificateReader { + + /** + * Filter for reading certificate files from a directory. + * The filter accepts a file if its name ends with + * ".cer", ".der", ".crt" + * or ".pem". + * + * @author Harald Bratko + * @author Konrad Lanz + */ + static class CertificateFileFilter implements FileFilter { + + /** + * Accepts a file if it is not a directory and its name ends with + * ".cer", ".der", ".crt" or ".pem". + * + * @see java.io.FileFilter#accept(java.io.File) + */ + public boolean accept(File file) { + String name = file.getName(); + if (name.endsWith(".der") || + name.endsWith(".cer") || + name.endsWith(".crt") || + name.endsWith(".pem")) + { + return true; + } else { + return false; + } + } + } + + + + /** + * Reads the certificates from the given directory and + * returns the certificates as sorted list (end user certificate first). + * @param directory + * @return + * @throws IOException + * @throws FileNotFoundException + * @throws CertificateException + * @throws Exception + */ + public static X509Certificate[] readCertificatesIntoArray(String directory) throws CertificateException, FileNotFoundException, IOException{ + + File file = new File(directory); + File[] certificateFiles = file.listFiles(new CertificateFileFilter()); + int l = certificateFiles.length; + X509Certificate[] certs = new X509Certificate[l]; + for (int i=0; i<certificateFiles.length; i++) { + X509Certificate certificate = new X509Certificate(new FileInputStream(certificateFiles[i])); + certs[i] = certificate; + } + //return certs; + return Util.arrangeCertificateChain(certs, false); + } + + /** + * Reads the certificates from the given directory and + * returns the certificates as sorted list (end user certificate first). + * @param directory + * @return + * @throws IOException + * @throws FileNotFoundException + * @throws CertificateException + * @throws Exception + */ + public static List<X509Certificate> readCertificates(String directory) throws CertificateException, FileNotFoundException, IOException{ + + return Arrays.asList(readCertificatesIntoArray(directory)); + } + + public static void main(String[] args) { + try { + + IAIK.addAsJDK14Provider(); + //IAIK.addAsProvider(); + //Security.addProvider(new IAIK()); + + // install ECC provider + Security.addProvider(EccProviderAdapter.getEccProvider()); + + String dir = "target/classes/spec/examples/EU/AT/certs/on-tsl/chain/"; + List l = readCertificates(dir); + Iterator<X509Certificate> it = l.iterator(); + while (it.hasNext()) { + System.out.println(((X509Certificate)it.next()).getSubjectDN().getName()); + } + } catch (Exception e) { + e.printStackTrace(); + System.exit(1); + } + + } + + public static X509Certificate[] p7read(File path) throws PKCSParsingException, FileNotFoundException, IOException { + PKCS7CertList p7certList = new PKCS7CertList( + new BufferedInputStream( + new FileInputStream( + path + ) + ) + ); + return p7certList.getCertificateList(); + } + }
\ No newline at end of file |