diff options
Diffstat (limited to 'moaSig/moa-sig/src/test/java/at/gv/egovernment/moa')
7 files changed, 2848 insertions, 458 deletions
diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/AbstractIntegrationTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/AbstractIntegrationTest.java new file mode 100644 index 0000000..1c6e29a --- /dev/null +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/AbstractIntegrationTest.java @@ -0,0 +1,261 @@ +package at.gv.egovernment.moa.spss.test.integration; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.lang.reflect.Field; +import java.util.Date; +import java.util.List; +import java.util.Map; + +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; + +import org.apache.commons.lang3.time.DateFormatUtils; +import org.junit.AfterClass; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.Node; + +import at.gv.egovernment.moa.sig.tsl.database.DatabaseServiceFactory; +import at.gv.egovernment.moa.sig.tsl.database.SQLiteDBService; +import at.gv.egovernment.moa.spss.MOAApplicationException; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; +import at.gv.egovernment.moa.spss.api.impl.VerifyCMSSignatureRequestImpl; +import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; +import at.gv.egovernment.moa.spss.server.config.ConfigurationException; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import at.gv.egovernment.moa.spss.server.init.StartupConfigurationHolder; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; +import at.gv.egovernment.moa.spss.tsl.TSLServiceFactory; +import at.gv.egovernment.moaspss.logging.LoggingContext; +import at.gv.egovernment.moaspss.logging.LoggingContextManager; +import at.gv.egovernment.moaspss.util.Base64Utils; +import at.gv.egovernment.moaspss.util.Constants; +import iaik.esi.sva.ConfigurationAdapter; +import iaik.pki.Configurator; +import iaik.pki.PKIFactory; +import iaik.pki.store.certstore.CertStoreFactory; +import iaik.pki.store.truststore.TrustStoreFactory; + +public abstract class AbstractIntegrationTest { + + private static final String XMLNS_NS_URI = Constants.XMLNS_NS_URI; + private static final String MOA_NS_URI = Constants.MOA_NS_URI; + private static final String DSIG = Constants.DSIG_PREFIX + ":"; + protected static final String DEFAULT_XPATH_SIGNATURE_LOCATION = "//" + DSIG + "Signature"; + + public static final String PATTERN_ISSUE_INSTANT = "yyyy-MM-dd'T'HH:mm:ssXXX"; + + protected static StartupConfigurationHolder moaSpssCore; + + @AfterClass + public static void jvmStateReset() throws NoSuchFieldException, + SecurityException, IllegalArgumentException, IllegalAccessException { + + System.setProperty("moa.spss.server.configuration", ""); + System.setProperty("iaik.esi.sva.configuration.location", ""); + + TrustStoreFactory.reset(); + + // reset TSL client + final Field field1 = TSLServiceFactory.class.getDeclaredField("tslClient"); + field1.setAccessible(true); + field1.set(null, null); + + final Field field5 = SQLiteDBService.class.getDeclaredField("conn"); + field5.setAccessible(true); + field5.set(null, null); + + final Field field6 = DatabaseServiceFactory.class.getDeclaredField("dbServices"); + field6.setAccessible(true); + field6.set(null, null); + + // reset MOA-SPSS configuration object + final Field field2 = ConfigurationProvider.class.getDeclaredField("instance"); + field2.setAccessible(true); + field2.set(null, null); + + final Field field8 = TransactionContextManager.class.getDeclaredField("instance"); + field8.setAccessible(true); + field8.set(null, null); + + // reset PKI module configuration + final Field field3 = PKIFactory.class.getDeclaredField("instance_"); + field3.setAccessible(true); + field3.set(null, null); + + // reset IAIK MOA configuration + final Field field4 = Configurator.class.getDeclaredField("C"); + field4.setAccessible(true); + field4.set(null, false); + + //reset ESI-SVA configuration + final Field field7 = ConfigurationAdapter.class.getDeclaredField("a"); + field7.setAccessible(true); + field7.set(null, null); + + } + + protected VerifyXMLSignatureRequest buildVerifyXmlRequest(final byte[] signature, + final String trustProfileID, boolean extValFlag, + final List<String> verifyTransformsInfoProfileID, final String xpathSignatureLocation, + Date sigValDate, final Map<String, byte[]> supplementContent) throws IOException, + ParserConfigurationException, MOAApplicationException { + // build empty document + final Document requestDoc_ = getNewDocumentBuilder(); + + final Element requestElem_ = + requestDoc_.createElementNS(MOA_NS_URI, "VerifyXMLSignatureRequest"); + requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns", MOA_NS_URI); + requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns:" + Constants.DSIG_PREFIX, + Constants.DSIG_NS_URI); + requestDoc_.appendChild(requestElem_); + + // build the request + + // build set signing time + if (sigValDate != null) { + final Element dateTimeElem = requestDoc_.createElementNS(MOA_NS_URI, "DateTime"); + requestElem_.appendChild(dateTimeElem); + final Node dateTime = requestDoc_.createTextNode( + DateFormatUtils.format(sigValDate, PATTERN_ISSUE_INSTANT)); + dateTimeElem.appendChild(dateTime); + + } + + // extended validation flag + final Element extVal = requestDoc_.createElementNS(MOA_NS_URI, "ExtendedValidation"); + requestElem_.appendChild(extVal); + final Node extValElement = requestDoc_.createTextNode(String.valueOf(extValFlag)); + extVal.appendChild(extValElement); + + // set other parameters + final Element verifiySignatureInfoElem = + requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo"); + requestElem_.appendChild(verifiySignatureInfoElem); + final Element verifySignatureEnvironmentElem = + requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureEnvironment"); + verifiySignatureInfoElem.appendChild(verifySignatureEnvironmentElem); + final Element base64ContentElem = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content"); + verifySignatureEnvironmentElem.appendChild(base64ContentElem); + + // insert the base64 encoded signature + String base64EncodedAssertion = Base64Utils.encode(signature); + // replace all '\r' characters by no char. + final StringBuffer replaced = new StringBuffer(); + for (int i = 0; i < base64EncodedAssertion.length(); i++) { + final char c = base64EncodedAssertion.charAt(i); + if (c != '\r') { + replaced.append(c); + } + } + base64EncodedAssertion = replaced.toString(); + final Node base64Content = requestDoc_.createTextNode(base64EncodedAssertion); + base64ContentElem.appendChild(base64Content); + + // specify the signature location + final Element verifySignatureLocationElem = + requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation"); + verifiySignatureInfoElem.appendChild(verifySignatureLocationElem); + final Node signatureLocation = requestDoc_.createTextNode(xpathSignatureLocation); + verifySignatureLocationElem.appendChild(signatureLocation); + + // signature manifest params + if (verifyTransformsInfoProfileID != null && !verifyTransformsInfoProfileID.isEmpty()) { + final Element signatureManifestCheckParamsElem = + requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams"); + requestElem_.appendChild(signatureManifestCheckParamsElem); + signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false"); + + // verify transformations + final Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo"); + signatureManifestCheckParamsElem.appendChild(referenceInfoElem); + for (final String element : verifyTransformsInfoProfileID) { + final Element verifyTransformsInfoProfileIdElem = + requestDoc_.createElementNS(MOA_NS_URI, "VerifyTransformsInfoProfileID"); + referenceInfoElem.appendChild(verifyTransformsInfoProfileIdElem); + verifyTransformsInfoProfileIdElem.appendChild(requestDoc_.createTextNode(element)); + + } + } + + // hashinput data + final Element returnHashInputDataElem = + requestDoc_.createElementNS(MOA_NS_URI, "ReturnHashInputData"); + requestElem_.appendChild(returnHashInputDataElem); + + // add trustProfileID + final Element trustProfileIdElem = requestDoc_.createElementNS(MOA_NS_URI, "TrustProfileID"); + trustProfileIdElem.appendChild(requestDoc_.createTextNode(trustProfileID)); + requestElem_.appendChild(trustProfileIdElem); + + // add supplement profile + if (!supplementContent.isEmpty()) { + + final Element supplementProfile = requestDoc_.createElementNS(MOA_NS_URI, "SupplementProfile"); + + for (final Map.Entry<String, byte[]> entry : supplementContent.entrySet()) { + final String reference = entry.getKey(); + final byte[] contentBytes = entry.getValue(); + final Element content = requestDoc_.createElementNS(MOA_NS_URI, "Content"); + content.setAttribute("Reference", reference); + final Element b64content = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content"); + b64content.setTextContent(Base64Utils.encode(contentBytes)); + content.appendChild(b64content); + supplementProfile.appendChild(content); + } + + requestElem_.appendChild(supplementProfile); + } + + return new VerifyXMLSignatureRequestParser().parse(requestElem_); + + } + + protected VerifyCMSSignatureRequest buildVerfifyCmsRequest(final byte[] signature, + final String trustProfileID, final boolean isPdfSignature, + final boolean performExtendedValidation) { + final VerifyCMSSignatureRequestImpl verifyCmsSignatureRequest = + new VerifyCMSSignatureRequestImpl(); + verifyCmsSignatureRequest.setDateTime(null); + verifyCmsSignatureRequest.setCMSSignature(new ByteArrayInputStream(signature)); + verifyCmsSignatureRequest.setDataObject(null); + verifyCmsSignatureRequest.setTrustProfileId(trustProfileID); + verifyCmsSignatureRequest.setSignatories(VerifyCMSSignatureRequest.ALL_SIGNATORIES); + verifyCmsSignatureRequest.setPDF(isPdfSignature); + verifyCmsSignatureRequest.setExtended(performExtendedValidation); + return verifyCmsSignatureRequest; + + } + + protected synchronized Document getNewDocumentBuilder() throws ParserConfigurationException { + final DocumentBuilder docBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder(); + return docBuilder.newDocument(); + + } + + protected final void setUpContexts(final String transactionID) throws ConfigurationException { + final TransactionContextManager txMgr = TransactionContextManager.getInstance(); + final LoggingContextManager logMgr = LoggingContextManager.getInstance(); + + if (txMgr.getTransactionContext() == null) { + final TransactionContext ctx = + new TransactionContext(transactionID, null, moaSpssCore.getMoaSpssConfig()); + txMgr.setTransactionContext(ctx); + + } + + // set Logging context into MOA-Sig + if (logMgr.getLoggingContext() == null) { + final LoggingContext ctx = new LoggingContext(transactionID); + logMgr.setLoggingContext(ctx); + + } + + // new IaikConfigurator().configure(moaSigConfig.getMoaSigConfig()); + + } +} diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/CadesIntegrationTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/CadesIntegrationTest.java index 227866e..abdab26 100644 --- a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/CadesIntegrationTest.java +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/CadesIntegrationTest.java @@ -7,11 +7,12 @@ import static org.junit.Assert.assertNull; import static org.junit.Assert.assertThrows; import static org.junit.Assert.assertTrue; -import java.io.ByteArrayInputStream; import java.io.IOException; +import java.lang.reflect.Field; import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.RandomStringUtils; +import org.junit.AfterClass; import org.junit.Before; import org.junit.BeforeClass; import org.junit.Test; @@ -22,246 +23,241 @@ import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; -import at.gv.egovernment.moa.spss.api.impl.VerifyCMSSignatureRequestImpl; import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults; import at.gv.egovernment.moa.spss.server.config.ConfigurationException; -import at.gv.egovernment.moa.spss.server.init.StartupConfigurationHolder; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import at.gv.egovernment.moa.spss.server.init.SystemInitializer; import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; -import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; -import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; -import at.gv.egovernment.moaspss.logging.LoggingContext; -import at.gv.egovernment.moaspss.logging.LoggingContextManager; +import at.gv.egovernment.moa.spss.tsl.TSLServiceFactory; +import iaik.pki.Configurator; +import iaik.pki.PKIFactory; @RunWith(BlockJUnit4ClassRunner.class) -public class CadesIntegrationTest { +public class CadesIntegrationTest extends AbstractIntegrationTest { - private static StartupConfigurationHolder moaSpssCore; CMSSignatureVerificationInvoker cadesInvoker; - + @BeforeClass - public static void classInitializer() throws IOException { + public static void classInitializer() throws IOException, ConfigurationException, + NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException { + jvmStateReset(); + final String current = new java.io.File(".").getCanonicalPath(); System.setProperty("moa.spss.server.configuration", - current + "/src/test/resources/moaspss_config/MOASPSSConfiguration.xml"); + current + "/src/test/resources/moaspss_config/MOASPSSConfiguration.xml"); moaSpssCore = SystemInitializer.init(); - + + } + + @AfterClass + public static void classReset() throws NoSuchFieldException, + SecurityException, IllegalArgumentException, IllegalAccessException { + + // reset TSL client + final Field field1 = TSLServiceFactory.class.getDeclaredField("tslClient"); + field1.setAccessible(true); + field1.set(null, null); + + final Field field2 = ConfigurationProvider.class.getDeclaredField("instance"); + field2.setAccessible(true); + field2.set(null, null); + + final Field field3 = PKIFactory.class.getDeclaredField("instance_"); + field3.setAccessible(true); + field3.set(null, null); + + final Field field4 = Configurator.class.getDeclaredField("C"); + field4.setAccessible(true); + field4.set(null, false); + } - + @Before public void initializer() throws ConfigurationException { cadesInvoker = CMSSignatureVerificationInvoker.getInstance(); setUpContexts(RandomStringUtils.randomAlphabetic(10)); - + } - + @Test public void missingTrustProfile() throws IOException { - VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( - org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/cades/simpleCadesSig.b64")), - RandomStringUtils.randomAlphabetic(5), - false, + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/cades/simpleCadesSig.b64")), + RandomStringUtils.randomAlphabetic(5), + false, false); - + // perform test - MOAException error = assertThrows(MOAException.class,() -> cadesInvoker.verifyCMSSignature(request)); + final MOAException error = assertThrows(MOAException.class, () -> cadesInvoker.verifyCMSSignature( + request)); assertEquals("wrong errorCode", "2203", error.getMessageId()); - + } - + @Test - public void basicValidationAtrustEidCadesSignature() throws MOAException, IOException { - VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( - org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/cades/ATrust_SigTest1.b64")), - "MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten", - false, + public void basicValidationAtrustEidCadesSignature() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/cades/ATrust_SigTest1.b64")), + "MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten", + false, false); - + // perform test - VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); - + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + // verify result assertNotNull("verification result", result); assertEquals("wrong result size", 1, result.getResponseElements().size()); - - VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result.getResponseElements().get(0); + + final VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result + .getResponseElements().get(0); assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); assertEquals("certCode", 0, cmsResult.getCertificateCheck().getCode()); - + assertNotNull("signerInfo", cmsResult.getSignerInfo()); assertEquals("issuerCC", "AT", cmsResult.getSignerInfo().getIssuerCountryCode()); assertFalse("publicAuthority", cmsResult.getSignerInfo().isPublicAuthority()); assertTrue("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); - assertTrue("SSCD", cmsResult.getSignerInfo().isSSCD()); + assertTrue("SSCD", cmsResult.getSignerInfo().isSSCD()); assertNull("TSL infos", cmsResult.getSignerInfo().getTslInfos()); - + assertNull("form val. result", cmsResult.getAdESFormResults()); assertNull("extended val. result", cmsResult.getExtendedCertificateCheck()); assertNull("byteRange", cmsResult.getByteRangeOfSignature()); assertNull("used sig alg", cmsResult.getSignatureAlgorithm()); - + } - + @Test - public void extendedValidationAtrustEidCadesSignature() throws MOAException, IOException { - VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( - org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/cades/ATrust_SigTest1.b64")), - "MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten", - false, + public void extendedValidationAtrustEidCadesSignature() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/cades/ATrust_SigTest1.b64")), + "MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten", + false, true); - + // perform test - VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); - + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + // verify result assertNotNull("verification result", result); assertEquals("wrong result size", 1, result.getResponseElements().size()); - - VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result.getResponseElements().get(0); + + final VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result + .getResponseElements().get(0); assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); assertEquals("certCode", 0, cmsResult.getCertificateCheck().getCode()); - + assertNotNull("signerInfo", cmsResult.getSignerInfo()); assertEquals("issuerCC", "AT", cmsResult.getSignerInfo().getIssuerCountryCode()); assertFalse("publicAuthority", cmsResult.getSignerInfo().isPublicAuthority()); assertTrue("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); - assertTrue("SSCD", cmsResult.getSignerInfo().isSSCD()); + assertTrue("SSCD", cmsResult.getSignerInfo().isSSCD()); assertNull("TSL infos", cmsResult.getSignerInfo().getTslInfos()); - + assertNotNull("form val. result", cmsResult.getAdESFormResults()); assertEquals("form val. result size", 4, cmsResult.getAdESFormResults().size()); - for (Object el : cmsResult.getAdESFormResults()) { - AdESFormResults test = ((AdESFormResults)el); + for (final Object el : cmsResult.getAdESFormResults()) { + final AdESFormResults test = (AdESFormResults) el; if (test.getCode().longValue() == 0) { assertEquals("wrong from name", "B-B", test.getName()); - + } else { assertEquals("Find wrong form val status", 2, test.getCode().longValue()); - - } + + } } - + assertNotNull("extended val. result", cmsResult.getExtendedCertificateCheck()); assertEquals("ext. val major", 2, cmsResult.getExtendedCertificateCheck().getMajorCode()); assertEquals("ext. val major", 24, cmsResult.getExtendedCertificateCheck().getMinorCode()); - - assertNull("byteRange", cmsResult.getByteRangeOfSignature()); + + assertNull("byteRange", cmsResult.getByteRangeOfSignature()); assertEquals("used sig alg", "SHA256withECDSA", cmsResult.getSignatureAlgorithm()); - + } - + @Test - public void basicValidationCadesSignature() throws MOAException, IOException { - VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( - org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/cades/simpleCadesSig.b64")), - "MOAIDBuergerkarteAuthentisierungsDaten", - false, + public void basicValidationCadesSignature() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/cades/simpleCadesSig.b64")), + "MOAIDBuergerkarteAuthentisierungsDaten", + false, false); - + // perform test - VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); - + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + // verify result assertNotNull("verification result", result); assertEquals("wrong result size", 1, result.getResponseElements().size()); - - VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result.getResponseElements().get(0); + + final VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result + .getResponseElements().get(0); assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); assertEquals("certCode", 1, cmsResult.getCertificateCheck().getCode()); - + assertNotNull("signerInfo", cmsResult.getSignerInfo()); assertEquals("issuerCC", "AT", cmsResult.getSignerInfo().getIssuerCountryCode()); assertFalse("publicAuthority", cmsResult.getSignerInfo().isPublicAuthority()); assertFalse("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); - assertFalse("SSCD", cmsResult.getSignerInfo().isSSCD()); + assertFalse("SSCD", cmsResult.getSignerInfo().isSSCD()); assertNull("TSL infos", cmsResult.getSignerInfo().getTslInfos()); - + assertNull("form val. result", cmsResult.getAdESFormResults()); assertNull("extended val. result", cmsResult.getExtendedCertificateCheck()); assertNull("byteRange", cmsResult.getByteRangeOfSignature()); assertNull("used sig alg", cmsResult.getSignatureAlgorithm()); - + } - + @Test - public void extendedValidationCadesSignature() throws MOAException, IOException { - VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( - org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/cades/simpleCadesSig.b64")), - "MOAIDBuergerkarteAuthentisierungsDaten", - false, + public void extendedValidationCadesSignature() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/cades/simpleCadesSig.b64")), + "MOAIDBuergerkarteAuthentisierungsDaten", + false, true); - + // perform test - VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); - + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + // verify result assertNotNull("verification result", result); assertEquals("wrong result size", 1, result.getResponseElements().size()); - - VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result.getResponseElements().get(0); + + final VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result + .getResponseElements().get(0); assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); assertEquals("certCode", 1, cmsResult.getCertificateCheck().getCode()); - + assertNotNull("signerInfo", cmsResult.getSignerInfo()); assertEquals("issuerCC", "AT", cmsResult.getSignerInfo().getIssuerCountryCode()); assertFalse("publicAuthority", cmsResult.getSignerInfo().isPublicAuthority()); assertFalse("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); - assertFalse("SSCD", cmsResult.getSignerInfo().isSSCD()); + assertFalse("SSCD", cmsResult.getSignerInfo().isSSCD()); assertNull("TSL infos", cmsResult.getSignerInfo().getTslInfos()); - + assertNotNull("form val. result", cmsResult.getAdESFormResults()); assertEquals("form val. result size", 4, cmsResult.getAdESFormResults().size()); - for (Object el : cmsResult.getAdESFormResults()) { - AdESFormResults test = ((AdESFormResults)el); + for (final Object el : cmsResult.getAdESFormResults()) { + final AdESFormResults test = (AdESFormResults) el; assertEquals("Find wrong form val status", 1, test.getCode().longValue()); - + } - + assertNotNull("extended val. result", cmsResult.getExtendedCertificateCheck()); assertEquals("ext. val major", 2, cmsResult.getExtendedCertificateCheck().getMajorCode()); assertEquals("ext. val major", 24, cmsResult.getExtendedCertificateCheck().getMinorCode()); - - assertNull("byteRange", cmsResult.getByteRangeOfSignature()); + + assertNull("byteRange", cmsResult.getByteRangeOfSignature()); assertEquals("used sig alg", "SHA256withRSA", cmsResult.getSignatureAlgorithm()); - - } - - private VerifyCMSSignatureRequest buildVerfifyCmsRequest(final byte[] signature, - final String trustProfileID, final boolean isPdfSignature, - final boolean performExtendedValidation) { - final VerifyCMSSignatureRequestImpl verifyCmsSignatureRequest = - new VerifyCMSSignatureRequestImpl(); - verifyCmsSignatureRequest.setDateTime(null); - verifyCmsSignatureRequest.setCMSSignature(new ByteArrayInputStream(signature)); - verifyCmsSignatureRequest.setDataObject(null); - verifyCmsSignatureRequest.setTrustProfileId(trustProfileID); - verifyCmsSignatureRequest.setSignatories(VerifyCMSSignatureRequest.ALL_SIGNATORIES); - verifyCmsSignatureRequest.setPDF(isPdfSignature); - verifyCmsSignatureRequest.setExtended(performExtendedValidation); - return verifyCmsSignatureRequest; } - - protected final void setUpContexts(final String transactionID) throws ConfigurationException { - final TransactionContextManager txMgr = TransactionContextManager.getInstance(); - final LoggingContextManager logMgr = LoggingContextManager.getInstance(); - - if (txMgr.getTransactionContext() == null) { - final TransactionContext ctx = - new TransactionContext(transactionID, null, moaSpssCore.getMoaSpssConfig()); - txMgr.setTransactionContext(ctx); - - } - //set Logging context into MOA-Sig - if (logMgr.getLoggingContext() == null) { - final LoggingContext ctx = new LoggingContext(transactionID); - logMgr.setLoggingContext(ctx); - - } - - //new IaikConfigurator().configure(moaSigConfig.getMoaSigConfig()); - - } - } diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/CadesIntegrationWithMoaSpssSvaConfigTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/CadesIntegrationWithMoaSpssSvaConfigTest.java new file mode 100644 index 0000000..f9f396d --- /dev/null +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/CadesIntegrationWithMoaSpssSvaConfigTest.java @@ -0,0 +1,265 @@ +package at.gv.egovernment.moa.spss.test.integration; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertThrows; +import static org.junit.Assert.assertTrue; + +import java.io.IOException; +import java.lang.reflect.Field; + +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.AfterClass; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +import at.gv.egovernment.moa.spss.MOAException; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; +import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; +import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults; +import at.gv.egovernment.moa.spss.server.config.ConfigurationException; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import at.gv.egovernment.moa.spss.server.init.SystemInitializer; +import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; +import at.gv.egovernment.moa.spss.tsl.TSLServiceFactory; +import iaik.pki.Configurator; +import iaik.pki.PKIFactory; + +@RunWith(BlockJUnit4ClassRunner.class) +public class CadesIntegrationWithMoaSpssSvaConfigTest extends AbstractIntegrationTest { + + CMSSignatureVerificationInvoker cadesInvoker; + + @BeforeClass + public static void classInitializer() throws IOException, ConfigurationException, + NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException { + jvmStateReset(); + + final String current = new java.io.File(".").getCanonicalPath(); + System.setProperty("moa.spss.server.configuration", + current + "/src/test/resources/moaspss_config/MOASPSSConfiguration.xml"); + System.setProperty("iaik.esi.sva.configuration.location", + current + "/src/test/resources/moaspss_config/svaconfig.example"); + moaSpssCore = SystemInitializer.init(); + + } + + @AfterClass + public static void classReset() throws NoSuchFieldException, + SecurityException, IllegalArgumentException, IllegalAccessException { + + // reset TSL client + final Field field1 = TSLServiceFactory.class.getDeclaredField("tslClient"); + field1.setAccessible(true); + field1.set(null, null); + + final Field field2 = ConfigurationProvider.class.getDeclaredField("instance"); + field2.setAccessible(true); + field2.set(null, null); + + final Field field3 = PKIFactory.class.getDeclaredField("instance_"); + field3.setAccessible(true); + field3.set(null, null); + + final Field field4 = Configurator.class.getDeclaredField("C"); + field4.setAccessible(true); + field4.set(null, false); + + } + + @Before + public void initializer() throws ConfigurationException { + cadesInvoker = CMSSignatureVerificationInvoker.getInstance(); + setUpContexts(RandomStringUtils.randomAlphabetic(10)); + + } + + @Test + public void missingTrustProfile() throws IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/cades/simpleCadesSig.b64")), + RandomStringUtils.randomAlphabetic(5), + false, + false); + + // perform test + final MOAException error = assertThrows(MOAException.class, () -> cadesInvoker.verifyCMSSignature( + request)); + assertEquals("wrong errorCode", "2203", error.getMessageId()); + + } + + @Test + public void basicValidationAtrustEidCadesSignature() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/cades/ATrust_SigTest1.b64")), + "MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten", + false, + false); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + assertEquals("wrong result size", 1, result.getResponseElements().size()); + + final VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result + .getResponseElements().get(0); + assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); + assertEquals("certCode", 0, cmsResult.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", cmsResult.getSignerInfo()); + assertEquals("issuerCC", "AT", cmsResult.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", cmsResult.getSignerInfo().isPublicAuthority()); + assertTrue("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", cmsResult.getSignerInfo().isSSCD()); + assertNull("TSL infos", cmsResult.getSignerInfo().getTslInfos()); + + assertNull("form val. result", cmsResult.getAdESFormResults()); + assertNull("extended val. result", cmsResult.getExtendedCertificateCheck()); + assertNull("byteRange", cmsResult.getByteRangeOfSignature()); + assertNull("used sig alg", cmsResult.getSignatureAlgorithm()); + + } + + @Test + public void extendedValidationAtrustEidCadesSignature() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/cades/ATrust_SigTest1.b64")), + "MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten", + false, + true); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + assertEquals("wrong result size", 1, result.getResponseElements().size()); + + final VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result + .getResponseElements().get(0); + assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); + assertEquals("certCode", 0, cmsResult.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", cmsResult.getSignerInfo()); + assertEquals("issuerCC", "AT", cmsResult.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", cmsResult.getSignerInfo().isPublicAuthority()); + assertTrue("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", cmsResult.getSignerInfo().isSSCD()); + assertNull("TSL infos", cmsResult.getSignerInfo().getTslInfos()); + + assertNotNull("form val. result", cmsResult.getAdESFormResults()); + assertEquals("form val. result size", 4, cmsResult.getAdESFormResults().size()); + for (final Object el : cmsResult.getAdESFormResults()) { + final AdESFormResults test = (AdESFormResults) el; + if (test.getCode().longValue() == 0) { + assertEquals("wrong from name", "B-B", test.getName()); + + } else { + assertEquals("Find wrong form val status", 2, test.getCode().longValue()); + + } + } + + assertNotNull("extended val. result", cmsResult.getExtendedCertificateCheck()); + assertEquals("ext. val major", 0, cmsResult.getExtendedCertificateCheck().getMajorCode()); + assertEquals("ext. val major", 23, cmsResult.getExtendedCertificateCheck().getMinorCode()); + + assertNull("byteRange", cmsResult.getByteRangeOfSignature()); + assertEquals("used sig alg", "SHA256withECDSA", cmsResult.getSignatureAlgorithm()); + + } + + @Test + public void basicValidationCadesSignature() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/cades/simpleCadesSig.b64")), + "MOAIDBuergerkarteAuthentisierungsDaten", + false, + false); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + assertEquals("wrong result size", 1, result.getResponseElements().size()); + + final VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result + .getResponseElements().get(0); + assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); + assertEquals("certCode", 1, cmsResult.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", cmsResult.getSignerInfo()); + assertEquals("issuerCC", "AT", cmsResult.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", cmsResult.getSignerInfo().isPublicAuthority()); + assertFalse("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", cmsResult.getSignerInfo().isSSCD()); + assertNull("TSL infos", cmsResult.getSignerInfo().getTslInfos()); + + assertNull("form val. result", cmsResult.getAdESFormResults()); + assertNull("extended val. result", cmsResult.getExtendedCertificateCheck()); + assertNull("byteRange", cmsResult.getByteRangeOfSignature()); + assertNull("used sig alg", cmsResult.getSignatureAlgorithm()); + + } + + @Test + public void extendedValidationCadesSignature() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/cades/simpleCadesSig.b64")), + "MOAIDBuergerkarteAuthentisierungsDaten", + false, + true); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + assertEquals("wrong result size", 1, result.getResponseElements().size()); + + final VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result + .getResponseElements().get(0); + assertEquals("sigCode", 0, cmsResult.getSignatureCheck().getCode()); + assertEquals("certCode", 1, cmsResult.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", cmsResult.getSignerInfo()); + assertEquals("issuerCC", "AT", cmsResult.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", cmsResult.getSignerInfo().isPublicAuthority()); + assertFalse("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", cmsResult.getSignerInfo().isSSCD()); + assertNull("TSL infos", cmsResult.getSignerInfo().getTslInfos()); + + assertNotNull("form val. result", cmsResult.getAdESFormResults()); + assertEquals("form val. result size", 4, cmsResult.getAdESFormResults().size()); + for (final Object el : cmsResult.getAdESFormResults()) { + final AdESFormResults test = (AdESFormResults) el; + assertEquals("Find wrong form val status", 1, test.getCode().longValue()); + + } + + assertNotNull("extended val. result", cmsResult.getExtendedCertificateCheck()); + assertEquals("ext. val major", 2, cmsResult.getExtendedCertificateCheck().getMajorCode()); + assertEquals("ext. val major", 14, cmsResult.getExtendedCertificateCheck().getMinorCode()); + + assertNull("byteRange", cmsResult.getByteRangeOfSignature()); + assertEquals("used sig alg", "SHA256withRSA", cmsResult.getSignatureAlgorithm()); + + } + +} diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java index b17e2c7..fd5b278 100644 --- a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java @@ -7,14 +7,12 @@ import static org.junit.Assert.assertNull; import static org.junit.Assert.assertThrows; import static org.junit.Assert.assertTrue; -import java.io.ByteArrayInputStream; import java.io.IOException; import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.RandomStringUtils; import org.junit.Before; import org.junit.BeforeClass; -import org.junit.Ignore; import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.BlockJUnit4ClassRunner; @@ -23,165 +21,129 @@ import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; -import at.gv.egovernment.moa.spss.api.impl.VerifyCMSSignatureRequestImpl; import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults; import at.gv.egovernment.moa.spss.server.config.ConfigurationException; -import at.gv.egovernment.moa.spss.server.init.StartupConfigurationHolder; import at.gv.egovernment.moa.spss.server.init.SystemInitializer; import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; -import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; -import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; -import at.gv.egovernment.moaspss.logging.LoggingContext; -import at.gv.egovernment.moaspss.logging.LoggingContextManager; @RunWith(BlockJUnit4ClassRunner.class) -public class PadesIntegrationTest { +public class PadesIntegrationTest extends AbstractIntegrationTest { - private static StartupConfigurationHolder moaSpssCore; CMSSignatureVerificationInvoker cadesInvoker; - + @BeforeClass - public static void classInitializer() throws IOException { + public static void classInitializer() throws IOException, ConfigurationException, + NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException { + jvmStateReset(); + final String current = new java.io.File(".").getCanonicalPath(); System.setProperty("moa.spss.server.configuration", - current + "/src/test/resources/moaspss_config/MOASPSSConfiguration.xml"); + current + "/src/test/resources/moaspss_config/MOASPSSConfiguration.xml"); moaSpssCore = SystemInitializer.init(); - + } - + @Before public void initializer() throws ConfigurationException { cadesInvoker = CMSSignatureVerificationInvoker.getInstance(); setUpContexts(RandomStringUtils.randomAlphabetic(10)); - + } - + @Test public void missingTrustProfile() throws IOException { - VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( - org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/pades/testpdf.b64")), - RandomStringUtils.randomAlphabetic(5), - true, + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/pades/testpdf.b64")), + RandomStringUtils.randomAlphabetic(5), + true, false); - + // perform test - MOAException error = assertThrows(MOAException.class,() -> cadesInvoker.verifyCMSSignature(request)); + final MOAException error = assertThrows(MOAException.class, () -> cadesInvoker.verifyCMSSignature( + request)); assertEquals("wrong errorCode", "2203", error.getMessageId()); - + } - + @Test - public void basicValidationCadesSignature() throws MOAException, IOException { - VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( - org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/pades/testpdf.b64")), - "MOAIDBuergerkarteAuthentisierungsDaten", - true, + public void basicValidationCadesSignature() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/pades/testpdf.b64")), + "MOAIDBuergerkarteAuthentisierungsDaten", + true, false); - + // perform test - VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); - + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + // verify result assertNotNull("verification result", result); assertEquals("wrong result size", 1, result.getResponseElements().size()); - - VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result.getResponseElements().get(0); + + final VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result + .getResponseElements().get(0); assertEquals("sigCode", 1, cmsResult.getSignatureCheck().getCode()); assertEquals("certCode", 1, cmsResult.getCertificateCheck().getCode()); - + assertNotNull("signerInfo", cmsResult.getSignerInfo()); assertEquals("issuerCC", "EE", cmsResult.getSignerInfo().getIssuerCountryCode()); assertFalse("publicAuthority", cmsResult.getSignerInfo().isPublicAuthority()); assertTrue("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); - assertTrue("SSCD", cmsResult.getSignerInfo().isSSCD()); + assertTrue("SSCD", cmsResult.getSignerInfo().isSSCD()); assertNull("TSL infos", cmsResult.getSignerInfo().getTslInfos()); - + assertNull("form val. result", cmsResult.getAdESFormResults()); assertNull("extended val. result", cmsResult.getExtendedCertificateCheck()); assertNull("byteRange", cmsResult.getByteRangeOfSignature()); assertNull("used sig alg", cmsResult.getSignatureAlgorithm()); - + } - + @Test - public void extendedValidationCadesSignature() throws MOAException, IOException { - VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( - org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/pades/testpdf.b64")), - "MOAIDBuergerkarteAuthentisierungsDaten", - true, + public void extendedValidationCadesSignature() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/pades/testpdf.b64")), + "MOAIDBuergerkarteAuthentisierungsDaten", + true, true); - + // perform test - VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); - + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + // verify result assertNotNull("verification result", result); assertEquals("wrong result size", 1, result.getResponseElements().size()); - - VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result.getResponseElements().get(0); + + final VerifyCMSSignatureResponseElement cmsResult = (VerifyCMSSignatureResponseElement) result + .getResponseElements().get(0); assertEquals("sigCode", 1, cmsResult.getSignatureCheck().getCode()); assertEquals("certCode", 1, cmsResult.getCertificateCheck().getCode()); - + assertNotNull("signerInfo", cmsResult.getSignerInfo()); assertEquals("issuerCC", "EE", cmsResult.getSignerInfo().getIssuerCountryCode()); assertFalse("publicAuthority", cmsResult.getSignerInfo().isPublicAuthority()); assertTrue("QC", cmsResult.getSignerInfo().isQualifiedCertificate()); - assertTrue("SSCD", cmsResult.getSignerInfo().isSSCD()); + assertTrue("SSCD", cmsResult.getSignerInfo().isSSCD()); assertNull("TSL infos", cmsResult.getSignerInfo().getTslInfos()); - + assertNotNull("form val. result", cmsResult.getAdESFormResults()); assertEquals("form val. result size", 4, cmsResult.getAdESFormResults().size()); - for (Object el : cmsResult.getAdESFormResults()) { - AdESFormResults test = ((AdESFormResults)el); + for (final Object el : cmsResult.getAdESFormResults()) { + final AdESFormResults test = (AdESFormResults) el; assertEquals("Find wrong form val status", 1, test.getCode().longValue()); - + } - + assertNotNull("extended val. result", cmsResult.getExtendedCertificateCheck()); assertEquals("ext. val major", 2, cmsResult.getExtendedCertificateCheck().getMajorCode()); assertEquals("ext. val major", 24, cmsResult.getExtendedCertificateCheck().getMinorCode()); - - assertNotNull("byteRange", cmsResult.getByteRangeOfSignature()); + + assertNotNull("byteRange", cmsResult.getByteRangeOfSignature()); assertEquals("used sig alg", "SHA1withRSA", cmsResult.getSignatureAlgorithm()); - - } - - private VerifyCMSSignatureRequest buildVerfifyCmsRequest(final byte[] signature, - final String trustProfileID, final boolean isPdfSignature, - final boolean performExtendedValidation) { - final VerifyCMSSignatureRequestImpl verifyCmsSignatureRequest = - new VerifyCMSSignatureRequestImpl(); - verifyCmsSignatureRequest.setDateTime(null); - verifyCmsSignatureRequest.setCMSSignature(new ByteArrayInputStream(signature)); - verifyCmsSignatureRequest.setDataObject(null); - verifyCmsSignatureRequest.setTrustProfileId(trustProfileID); - verifyCmsSignatureRequest.setSignatories(VerifyCMSSignatureRequest.ALL_SIGNATORIES); - verifyCmsSignatureRequest.setPDF(isPdfSignature); - verifyCmsSignatureRequest.setExtended(performExtendedValidation); - return verifyCmsSignatureRequest; } - - protected final void setUpContexts(final String transactionID) throws ConfigurationException { - final TransactionContextManager txMgr = TransactionContextManager.getInstance(); - final LoggingContextManager logMgr = LoggingContextManager.getInstance(); - - if (txMgr.getTransactionContext() == null) { - final TransactionContext ctx = - new TransactionContext(transactionID, null, moaSpssCore.getMoaSpssConfig()); - txMgr.setTransactionContext(ctx); - - } - //set Logging context into MOA-Sig - if (logMgr.getLoggingContext() == null) { - final LoggingContext ctx = new LoggingContext(transactionID); - logMgr.setLoggingContext(ctx); - - } - - //new IaikConfigurator().configure(moaSigConfig.getMoaSigConfig()); - - } - } diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java index 8a3012a..cdbe5ab 100644 --- a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/XadesIntegrationTest.java @@ -7,315 +7,153 @@ import static org.junit.Assert.assertNull; import static org.junit.Assert.assertThrows; import static org.junit.Assert.assertTrue; -import java.io.ByteArrayInputStream; import java.io.IOException; -import java.util.Base64; import java.util.Collections; -import java.util.Date; -import java.util.List; -import java.util.Map; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.RandomStringUtils; -import org.apache.commons.lang3.time.DateFormatUtils; import org.junit.Before; import org.junit.BeforeClass; import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.BlockJUnit4ClassRunner; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.MOAException; -import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; import at.gv.egovernment.moa.spss.api.common.InputData; -import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser; import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.spss.server.config.ConfigurationException; -import at.gv.egovernment.moa.spss.server.init.StartupConfigurationHolder; import at.gv.egovernment.moa.spss.server.init.SystemInitializer; import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; -import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; -import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; -import at.gv.egovernment.moaspss.logging.LoggingContext; -import at.gv.egovernment.moaspss.logging.LoggingContextManager; -import at.gv.egovernment.moaspss.util.Base64Utils; -import at.gv.egovernment.moaspss.util.Constants; @RunWith(BlockJUnit4ClassRunner.class) -public class XadesIntegrationTest { +public class XadesIntegrationTest extends AbstractIntegrationTest { - private static final String XMLNS_NS_URI = Constants.XMLNS_NS_URI; - private static final String MOA_NS_URI = Constants.MOA_NS_URI; - private static final String DSIG = Constants.DSIG_PREFIX + ":"; - private static final String DEFAULT_XPATH_SIGNATURE_LOCATION = "//" + DSIG + "Signature"; + XMLSignatureVerificationInvoker xadesInvoker; - public static final String PATTERN_ISSUE_INSTANT = "yyyy-MM-dd'T'HH:mm:ssXXX"; - - private static StartupConfigurationHolder moaSpssCore; - XMLSignatureVerificationInvoker cadesInvoker; - @BeforeClass - public static void classInitializer() throws IOException { + public static void classInitializer() throws IOException, ConfigurationException, + NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException { + jvmStateReset(); + final String current = new java.io.File(".").getCanonicalPath(); System.setProperty("moa.spss.server.configuration", - current + "/src/test/resources/moaspss_config/MOASPSSConfiguration.xml"); + current + "/src/test/resources/moaspss_config/MOASPSSConfiguration.xml"); moaSpssCore = SystemInitializer.init(); - + } - + @Before public void initializer() throws ConfigurationException { - cadesInvoker = XMLSignatureVerificationInvoker.getInstance(); + xadesInvoker = XMLSignatureVerificationInvoker.getInstance(); setUpContexts(RandomStringUtils.randomAlphabetic(10)); - + } - + @Test - public void missingTrustProfile() throws IOException, MOAApplicationException, ParserConfigurationException { - VerifyXMLSignatureRequest request = buildVerifyXmlRequest( - org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/xades/xmldsig_enveloped.b64")), + public void missingTrustProfile() throws IOException, MOAApplicationException, + ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/xades/xmldsig_enveloped.b64")), RandomStringUtils.randomAlphabetic(5), false, - null, - DEFAULT_XPATH_SIGNATURE_LOCATION, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, null, Collections.emptyMap()); - + // perform test - MOAException error = assertThrows(MOAException.class,() -> cadesInvoker.verifyXMLSignature(request)); + final MOAException error = assertThrows(MOAException.class, () -> xadesInvoker.verifyXMLSignature( + request)); assertEquals("wrong errorCode", "2203", error.getMessageId()); - + } - + @Test - public void basicValidationXadesSignature() throws MOAException, IOException, ParserConfigurationException { - VerifyXMLSignatureRequest request = buildVerifyXmlRequest( - org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/xades/xmldsig_enveloped.b64")), + public void basicValidationXadesSignature() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/xades/xmldsig_enveloped.b64")), "MOAIDBuergerkarteAuthentisierungsDaten", false, - null, - DEFAULT_XPATH_SIGNATURE_LOCATION, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, null, Collections.emptyMap()); - + // perform test - VerifyXMLSignatureResponse result = cadesInvoker.verifyXMLSignature(request); - + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + // verify result assertNotNull("verification result", result); - + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); assertEquals("certCode", 1, result.getCertificateCheck().getCode()); - + assertNotNull("signerInfo", result.getSignerInfo()); assertNull("issuerCC", result.getSignerInfo().getIssuerCountryCode()); assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); - assertFalse("SSCD", result.getSignerInfo().isSSCD()); + assertFalse("SSCD", result.getSignerInfo().isSSCD()); assertNull("TSL infos", result.getSignerInfo().getTslInfos()); - + assertNull("form val. result", result.getAdESFormResults()); assertNull("extended val. result", result.getExtendedCertificateCheck()); assertNull("used sig alg", result.getSignatureAlgorithm()); - + } - + @Test - public void extendedValidationXadesSignature() throws MOAException, IOException, ParserConfigurationException { - VerifyXMLSignatureRequest request = buildVerifyXmlRequest( - org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray("/testdata/xades/xmldsig_enveloped.b64")), - "MOAIDBuergerkarteAuthentisierungsDaten", true, - null, - DEFAULT_XPATH_SIGNATURE_LOCATION, + public void extendedValidationXadesSignature() throws MOAException, IOException, + ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest( + org.apache.commons.codec.binary.Base64.decodeBase64(IOUtils.resourceToByteArray( + "/testdata/xades/xmldsig_enveloped.b64")), + "MOAIDBuergerkarteAuthentisierungsDaten", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, null, Collections.emptyMap()); - + // perform test - VerifyXMLSignatureResponse result = cadesInvoker.verifyXMLSignature(request); - + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + // verify result assertNotNull("verification result", result); assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); assertEquals("certCode", 1, result.getCertificateCheck().getCode()); assertEquals("manifestCode", 0, result.getSignatureManifestCheck().getCode()); assertTrue("manifest refs", result.getXMLDsigManifestChecks().isEmpty()); - + assertEquals("hash inputdata", 1, result.getHashInputDatas().size()); - assertEquals("hash input data alg", "SHA-256", - ((InputData)result.getHashInputDatas().get(0)).getHashAlgorithm()); - assertEquals("hash input data part", "SignedInfo", - ((InputData)result.getHashInputDatas().get(0)).getPartOf()); - assertEquals("hash input data ref. number", -1, - ((InputData)result.getHashInputDatas().get(0)).getReferringReferenceNumber()); - - + assertEquals("hash input data alg", "SHA-256", + ((InputData) result.getHashInputDatas().get(0)).getHashAlgorithm()); + assertEquals("hash input data part", "SignedInfo", + ((InputData) result.getHashInputDatas().get(0)).getPartOf()); + assertEquals("hash input data ref. number", -1, + ((InputData) result.getHashInputDatas().get(0)).getReferringReferenceNumber()); + assertNotNull("signerInfo", result.getSignerInfo()); assertNull("issuerCC", result.getSignerInfo().getIssuerCountryCode()); assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); - assertFalse("SSCD", result.getSignerInfo().isSSCD()); + assertFalse("SSCD", result.getSignerInfo().isSSCD()); assertNull("TSL infos", result.getSignerInfo().getTslInfos()); - + assertNotNull("form val. result", result.getAdESFormResults()); assertEquals("form val. result size", 1, result.getAdESFormResults().size()); - for (Object el : result.getAdESFormResults()) { - AdESFormResults test = ((AdESFormResults)el); + for (final Object el : result.getAdESFormResults()) { + final AdESFormResults test = (AdESFormResults) el; assertEquals("Find wrong form val status", 3, test.getCode().longValue()); - + } - + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); assertEquals("ext. val major", 4, result.getExtendedCertificateCheck().getMajorCode()); assertEquals("ext. val major", 24, result.getExtendedCertificateCheck().getMinorCode()); - - assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); - - } - - private VerifyXMLSignatureRequest buildVerifyXmlRequest(final byte[] signature, final String trustProfileID, boolean extValFlag, - final List<String> verifyTransformsInfoProfileID, final String xpathSignatureLocation, - Date sigValDate, final Map<String, byte[]> supplementContent) throws IOException, ParserConfigurationException, MOAApplicationException { - // build empty document - final Document requestDoc_ = getNewDocumentBuilder(); - - final Element requestElem_ = - requestDoc_.createElementNS(MOA_NS_URI, "VerifyXMLSignatureRequest"); - requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns", MOA_NS_URI); - requestElem_.setAttributeNS(XMLNS_NS_URI, "xmlns:" + Constants.DSIG_PREFIX, - Constants.DSIG_NS_URI); - requestDoc_.appendChild(requestElem_); - - // build the request - - // build set signing time - if (sigValDate != null) { - final Element dateTimeElem = requestDoc_.createElementNS(MOA_NS_URI, "DateTime"); - requestElem_.appendChild(dateTimeElem); - final Node dateTime = requestDoc_.createTextNode( - DateFormatUtils.format(sigValDate, PATTERN_ISSUE_INSTANT)); - dateTimeElem.appendChild(dateTime); - - } - - //extended validation flag - final Element extVal = requestDoc_.createElementNS(MOA_NS_URI, "ExtendedValidation"); - requestElem_.appendChild(extVal); - final Node extValElement = requestDoc_.createTextNode(String.valueOf(extValFlag)); - extVal.appendChild(extValElement); - - //set other parameters - final Element verifiySignatureInfoElem = - requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureInfo"); - requestElem_.appendChild(verifiySignatureInfoElem); - final Element verifySignatureEnvironmentElem = - requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureEnvironment"); - verifiySignatureInfoElem.appendChild(verifySignatureEnvironmentElem); - final Element base64ContentElem = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content"); - verifySignatureEnvironmentElem.appendChild(base64ContentElem); - - // insert the base64 encoded signature - String base64EncodedAssertion = Base64Utils.encode(signature); - // replace all '\r' characters by no char. - final StringBuffer replaced = new StringBuffer(); - for (int i = 0; i < base64EncodedAssertion.length(); i++) { - final char c = base64EncodedAssertion.charAt(i); - if (c != '\r') { - replaced.append(c); - } - } - base64EncodedAssertion = replaced.toString(); - final Node base64Content = requestDoc_.createTextNode(base64EncodedAssertion); - base64ContentElem.appendChild(base64Content); - - // specify the signature location - final Element verifySignatureLocationElem = - requestDoc_.createElementNS(MOA_NS_URI, "VerifySignatureLocation"); - verifiySignatureInfoElem.appendChild(verifySignatureLocationElem); - final Node signatureLocation = requestDoc_.createTextNode(xpathSignatureLocation); - verifySignatureLocationElem.appendChild(signatureLocation); - - // signature manifest params - if (verifyTransformsInfoProfileID != null && !verifyTransformsInfoProfileID.isEmpty()) { - final Element signatureManifestCheckParamsElem = - requestDoc_.createElementNS(MOA_NS_URI, "SignatureManifestCheckParams"); - requestElem_.appendChild(signatureManifestCheckParamsElem); - signatureManifestCheckParamsElem.setAttribute("ReturnReferenceInputData", "false"); - - // verify transformations - final Element referenceInfoElem = requestDoc_.createElementNS(MOA_NS_URI, "ReferenceInfo"); - signatureManifestCheckParamsElem.appendChild(referenceInfoElem); - for (final String element : verifyTransformsInfoProfileID) { - final Element verifyTransformsInfoProfileIdElem = - requestDoc_.createElementNS(MOA_NS_URI, "VerifyTransformsInfoProfileID"); - referenceInfoElem.appendChild(verifyTransformsInfoProfileIdElem); - verifyTransformsInfoProfileIdElem.appendChild(requestDoc_.createTextNode(element)); - - } - } - - // hashinput data - final Element returnHashInputDataElem = - requestDoc_.createElementNS(MOA_NS_URI, "ReturnHashInputData"); - requestElem_.appendChild(returnHashInputDataElem); - - // add trustProfileID - final Element trustProfileIdElem = requestDoc_.createElementNS(MOA_NS_URI, "TrustProfileID"); - trustProfileIdElem.appendChild(requestDoc_.createTextNode(trustProfileID)); - requestElem_.appendChild(trustProfileIdElem); - - // add supplement profile - if (!supplementContent.isEmpty()) { - - final Element supplementProfile = requestDoc_.createElementNS(MOA_NS_URI, "SupplementProfile"); - - for (Map.Entry<String, byte[]> entry: supplementContent.entrySet()) { - String reference = entry.getKey(); - byte[] contentBytes = entry.getValue(); - final Element content = requestDoc_.createElementNS(MOA_NS_URI, "Content"); - content.setAttribute("Reference", reference); - final Element b64content = requestDoc_.createElementNS(MOA_NS_URI, "Base64Content"); - b64content.setTextContent(Base64Utils.encode(contentBytes)); - content.appendChild(b64content); - supplementProfile.appendChild(content); - } - - requestElem_.appendChild(supplementProfile); - } - - return new VerifyXMLSignatureRequestParser().parse(requestElem_); - } - - protected synchronized Document getNewDocumentBuilder() throws ParserConfigurationException { - final DocumentBuilder docBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder(); - return docBuilder.newDocument(); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); } - - protected final void setUpContexts(final String transactionID) throws ConfigurationException { - final TransactionContextManager txMgr = TransactionContextManager.getInstance(); - final LoggingContextManager logMgr = LoggingContextManager.getInstance(); - - if (txMgr.getTransactionContext() == null) { - final TransactionContext ctx = - new TransactionContext(transactionID, null, moaSpssCore.getMoaSpssConfig()); - txMgr.setTransactionContext(ctx); - - } - - //set Logging context into MOA-Sig - if (logMgr.getLoggingContext() == null) { - final LoggingContext ctx = new LoggingContext(transactionID); - logMgr.setLoggingContext(ctx); - - } - - //new IaikConfigurator().configure(moaSigConfig.getMoaSigConfig()); - } - } diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/XadesTslEuTestset02Test.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/XadesTslEuTestset02Test.java new file mode 100644 index 0000000..698eb2f --- /dev/null +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/XadesTslEuTestset02Test.java @@ -0,0 +1,208 @@ +package at.gv.egovernment.moa.spss.test.integration.tsl; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; + +import java.io.IOException; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.xml.parsers.ParserConfigurationException; + +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +import at.gv.egovernment.moa.sig.tsl.engine.data.TSLProcessingResultElement; +import at.gv.egovernment.moa.spss.MOAException; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.spss.server.config.ConfigurationException; +import at.gv.egovernment.moa.spss.server.init.SystemInitializer; +import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; +import at.gv.egovernment.moa.spss.server.monitoring.ServiceStatusContainer; +import at.gv.egovernment.moa.spss.test.integration.AbstractIntegrationTest; + +@RunWith(BlockJUnit4ClassRunner.class) +public class XadesTslEuTestset02Test extends AbstractIntegrationTest { + + XMLSignatureVerificationInvoker cadesInvoker; + + public static final Map<String, Boolean> TSL_LOAD_STATUS; + + static { + final Map<String, Boolean> intMap = new HashMap<>(); + intMap.put("EU", true); + intMap.put("LU", false); + intMap.put("FR", false); + intMap.put("BE", true); + intMap.put("DE", false); + TSL_LOAD_STATUS = Collections.unmodifiableMap(intMap); + + } + + @BeforeClass + public static void classInitializer() throws IOException, ConfigurationException, + NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException { + jvmStateReset(); + + final String current = new java.io.File(".").getCanonicalPath(); + System.setProperty("moa.spss.server.configuration", + current + "/src/test/resources/moaspss_config/MOASPSSConfiguration_tsl_eu_test_1.xml"); + System.setProperty("iaik.esi.sva.configuration.location", + current + "/src/test/resources/moaspss_config/svaconfig.example"); + moaSpssCore = SystemInitializer.init(); + + } + + @Before + public void initializer() throws ConfigurationException { + cadesInvoker = XMLSignatureVerificationInvoker.getInstance(); + setUpContexts(RandomStringUtils.randomAlphabetic(10)); + + } + + @Test + public void checkTslState() { + assertTrue("TSL not active", ServiceStatusContainer.getStatus()); + + final List<TSLProcessingResultElement> loadedTsl = ServiceStatusContainer.getTslDetailStatus(); + assertFalse("no TSL loaded", loadedTsl.isEmpty()); + assertEquals("wrong TSL size", 5, loadedTsl.size()); + + assertEquals("loaded TSL CC", "EU", loadedTsl.get(0).getCountryCode()); + assertEquals("loaded TSL URL", + "https://esignature.ec.europa.eu/efda/validation-tests/testcase/tl/LOTL-2.xml", + loadedTsl.get(0).getTslURL()); + assertTrue("loaded TSL processed", loadedTsl.get(0).isProcessed()); + assertTrue("loaded TSL verified", loadedTsl.get(0).isVerified()); + + for (final TSLProcessingResultElement el : loadedTsl) { + assertTrue("TSL entry unknown", TSL_LOAD_STATUS.containsKey(el.getCountryCode())); + assertEquals("wrong statusCode", TSL_LOAD_STATUS.get(el.getCountryCode()), el.isProcessed()); + assertEquals("wrong statusCode", TSL_LOAD_STATUS.get(el.getCountryCode()), el.isVerified()); + + } + } + + @Test + public void euTestFile2_1_2() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/2.1.2-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = cadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNull("TSL infos", result.getSignerInfo().getTslInfos()); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile2_1_3() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/2.1.3-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = cadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "BE", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "BE", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile2_1_1() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/2.1.1-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = cadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "LU", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + assertNull("TSL infos", result.getSignerInfo().getTslInfos()); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + +} diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/XadesTslEuTestset03Test.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/XadesTslEuTestset03Test.java new file mode 100644 index 0000000..d6a1550 --- /dev/null +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/XadesTslEuTestset03Test.java @@ -0,0 +1,1860 @@ +package at.gv.egovernment.moa.spss.test.integration.tsl; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; + +import java.io.IOException; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.xml.parsers.ParserConfigurationException; + +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang3.RandomStringUtils; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Ignore; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +import at.gv.egovernment.moa.sig.tsl.engine.data.TSLProcessingResultElement; +import at.gv.egovernment.moa.spss.MOAException; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; +import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; +import at.gv.egovernment.moa.spss.server.config.ConfigurationException; +import at.gv.egovernment.moa.spss.server.init.SystemInitializer; +import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; +import at.gv.egovernment.moa.spss.server.monitoring.ServiceStatusContainer; +import at.gv.egovernment.moa.spss.test.integration.AbstractIntegrationTest; + +@RunWith(BlockJUnit4ClassRunner.class) +public class XadesTslEuTestset03Test extends AbstractIntegrationTest { + + XMLSignatureVerificationInvoker xadesInvoker; + + public static final Map<String, Boolean> TSL_LOAD_STATUS; + + static { + final Map<String, Boolean> intMap = new HashMap<>(); + intMap.put("EU", true); + intMap.put("LU", true); + intMap.put("FR", true); + intMap.put("IT", true); + intMap.put("CZ", true); + intMap.put("BG", true); + intMap.put("UK", true); + TSL_LOAD_STATUS = Collections.unmodifiableMap(intMap); + + } + + @BeforeClass + public static void classInitializer() throws IOException, ConfigurationException, + NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException { + jvmStateReset(); + + final String current = new java.io.File(".").getCanonicalPath(); + System.setProperty("moa.spss.server.configuration", + current + "/src/test/resources/moaspss_config/MOASPSSConfiguration_tsl_eu_test_2.xml"); + System.setProperty("iaik.esi.sva.configuration.location", + current + "/src/test/resources/moaspss_config/svaconfig.example"); + moaSpssCore = SystemInitializer.init(); + + } + + @Before + public void initializer() throws ConfigurationException { + xadesInvoker = XMLSignatureVerificationInvoker.getInstance(); + setUpContexts(RandomStringUtils.randomAlphabetic(10)); + + } + + @Test + public void checkTslState() { + assertTrue("TSL not active", ServiceStatusContainer.getStatus()); + + final List<TSLProcessingResultElement> loadedTsl = ServiceStatusContainer.getTslDetailStatus(); + assertFalse("no TSL loaded", loadedTsl.isEmpty()); + assertEquals("wrong TSL size", 7, loadedTsl.size()); + + assertEquals("loaded TSL CC", "EU", loadedTsl.get(0).getCountryCode()); + assertEquals("loaded TSL URL", + "https://esignature.ec.europa.eu/efda/validation-tests/testcase/tl/LOTL-3.xml", + loadedTsl.get(0).getTslURL()); + assertTrue("loaded TSL processed", loadedTsl.get(0).isProcessed()); + assertTrue("loaded TSL verified", loadedTsl.get(0).isVerified()); + + for (final TSLProcessingResultElement el : loadedTsl) { + assertTrue("TSL entry unknown", TSL_LOAD_STATUS.containsKey(el.getCountryCode())); + assertEquals("wrong statusCode", TSL_LOAD_STATUS.get(el.getCountryCode()), el.isProcessed()); + assertEquals("wrong statusCode", TSL_LOAD_STATUS.get(el.getCountryCode()), el.isVerified()); + + } + } + + @Test + public void euTestFile3_1_1() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/3.1.1-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "LU", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNull("TSL infos", result.getSignerInfo().getTslInfos()); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile3_1_2() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/3.1.2-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "LU", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "LU", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/PKC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + // TODO: check if it should be trusted + @Ignore + @Test + public void euTestFile3_1_3() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/3.1.3-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "LU", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + assertNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + // TODO: TSL contains multiple values --> should we throw an error in that case? + @Test + public void euTestFile3_3_1() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/3.3.1-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "LU", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "LU", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + // TODO: should be not QC??? + @Test + public void euTestFile4_1_1() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.1.1-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_1_2() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.1.2-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/undersupervision", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertTrue("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_1_3() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.1.3-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/accredited", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertTrue("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_1_4() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.1.4-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/undersupervision", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertTrue("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile3_2_2() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/3.2.2-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "LU", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "LU", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_2_1() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.2.1-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSeals", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_2_2() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.2.2-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSeals", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_2_3() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.2.3-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_4_1() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.1-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_4_2() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.2-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + // TODO: should be no-QC!!! + @Ignore + @Test + public void euTestFile4_4_3() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.3-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSeals", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_4_4() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.4-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + // TODO: should not be QC + @Test + public void euTestFile4_4_5() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.5-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_4_6() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.6-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_4_7() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.7-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_4_8() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.8-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + // TODO: should not be QC + @Test + public void euTestFile4_4_9() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.9-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_4_10() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.10-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_4_11() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.11-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNull("TSL infos", result.getSignerInfo().getTslInfos()); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_4_12() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.12-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNull("TSL infos", result.getSignerInfo().getTslInfos()); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_4_13() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.13-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_4_14() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.14-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_4_15() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.15-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("sscdSource", "TSL", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_4_16() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.16-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("sscdSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_4_17() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.17-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + +//TODO: should not be QC + @Test + public void euTestFile4_4_18() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.18-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_4_19() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.19-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + // TODO: should not be QC + @Test + public void euTestFile4_4_20() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.20-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertFalse("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + // TODO: should not be QC + @Test + public void euTestFile4_4_21() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.4.21-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_5_1() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.5.1-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_5_2() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.5.2-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile4_5_3() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.5.3-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + // TODO: maybe wrong result + @Test + public void euTestFile4_5_4() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/4.5.4-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "FR", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/undersupervision", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertTrue("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile5_2_1() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/5.2.1-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "IT", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "IT", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + // TODO: should be not QC + @Test + public void euTestFile5_2_2() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/5.2.2-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "IT", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "IT", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile5_2_3() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/5.2.3-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "IT", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "IT", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + + @Test + public void euTestFile5_2_4() throws MOAException, IOException, ParserConfigurationException { + final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( + "/testdata/xades/5.2.4-TEST FILE.xml"), + "OnlyTSL", true, + null, + DEFAULT_XPATH_SIGNATURE_LOCATION, + null, Collections.emptyMap()); + + // perform test + final VerifyXMLSignatureResponse result = xadesInvoker.verifyXMLSignature(request); + + // verify result + assertNotNull("verification result", result); + + assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); + assertEquals("certCode", 1, result.getCertificateCheck().getCode()); + + assertNotNull("signerInfo", result.getSignerInfo()); + assertEquals("issuerCC", "IT", result.getSignerInfo().getIssuerCountryCode()); + assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); + assertTrue("QC", result.getSignerInfo().isQualifiedCertificate()); + assertTrue("SSCD", result.getSignerInfo().isSSCD()); + assertEquals("qcSource", "TSL", result.getSignerInfo().getQCSource()); + assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); + + assertNotNull("TSL infos", result.getSignerInfo().getTslInfos()); + assertEquals("TSL CC", "IT", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); + assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", + result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); + assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", + result.getSignerInfo().getTslInfos().getServiceTypeStatus()); + assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() + .isEmpty()); + assertEquals("TSL addit. status value", + "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", + result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); + + assertNotNull("form val. result", result.getAdESFormResults()); + assertNotNull("extended val. result", result.getExtendedCertificateCheck()); + assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); + + } + +} |