From b329b436b99d78dde21ab7a338331faaa2da6f6e Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Thu, 15 Sep 2022 09:16:13 +0200 Subject: test(pkix): add certStore tests --- .../server/config/ConfigurationPartsBuilder.java | 4 +- .../moa/spss/server/iaik/pki/PKIProfileImpl.java | 3 + .../moa/spss/util/CertificateReader.java | 157 +++++++++++++++++++++ .../at/gv/egovernment/moa/spss/SPSSTestCase.java | 2 - .../test/integration/PadesIntegrationTest.java | 82 ++++++++++- .../test/integration/tsl/OfficialEuTslTest.java | 18 ++- .../test/integration/utils/CertificateReader.java | 157 +++++++++++++++++++++ .../moaspss_config/MOASPSSConfiguration.xml | 1 + .../MOASPSSConfiguration_without_TSL.xml | 114 +++++++++++++++ .../resources/moaspss_config/svaconfig.example | 2 +- .../a-sign-Premium-Mobile-05.cer | Bin 0 -> 1586 bytes .../a-sign-Premium-Mobile-07.cer | 36 +++++ .../a-sign-Premium-Sig-02_1.cer | 27 ++++ .../a-sign-Premium-Sig-02_2.cer | 27 ++++ .../a-sign-Premium-Sig-05.cer | 35 +++++ .../a-sign-Premium-Sig-07.cer | 35 +++++ .../a-sign-premium-mobile-Sig-03a_1.cer | Bin 0 -> 1165 bytes .../a-sign-premium-mobile-Sig-03a_2.cer | Bin 0 -> 1165 bytes .../a-sign-premium-mobile-Sig-03a_3.cer | Bin 0 -> 1166 bytes .../672C4FE428C7E1F7DB9416279E271B8671C80E23.cer | Bin 0 -> 1438 bytes .../F86591A6D86718886A0234B8E54E21AAEA63E24B.cer | Bin 0 -> 1586 bytes 21 files changed, 694 insertions(+), 6 deletions(-) create mode 100644 moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateReader.java create mode 100644 moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/utils/CertificateReader.java create mode 100644 moaSig/moa-sig/src/test/resources/moaspss_config/MOASPSSConfiguration_without_TSL.xml create mode 100644 moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Mobile-05.cer create mode 100644 moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Mobile-07.cer create mode 100644 moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-02_1.cer create mode 100644 moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-02_2.cer create mode 100644 moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-05.cer create mode 100644 moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-07.cer create mode 100644 moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_1.cer create mode 100644 moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_2.cer create mode 100644 moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_3.cer create mode 100644 moaSig/moa-sig/src/test/resources/testdata/pkix/chain/672C4FE428C7E1F7DB9416279E271B8671C80E23.cer create mode 100644 moaSig/moa-sig/src/test/resources/testdata/pkix/chain/F86591A6D86718886A0234B8E54E21AAEA63E24B.cer diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java index 533931d..5daf1a6 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java @@ -1562,10 +1562,12 @@ public class ConfigurationPartsBuilder { public boolean getAutoEEAddCertificates() { final String autoAdd = getElementValue(getConfigElem(), AUTO_ADD_EE_CERTIFICATES_XPATH_, null); - if (autoAdd != null) { + if (autoAdd != null) { return Boolean.valueOf(autoAdd).booleanValue(); + } else { return false; + } } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java index 0032dc6..a53bce8 100644 --- a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/server/iaik/pki/PKIProfileImpl.java @@ -211,12 +211,15 @@ public class PKIProfileImpl implements PKIProfile { if (config.getAutoAddCertificates()) { if (config.getAutoAddEECertificates()) { return PKIProfile.AUTO_ADD_ENABLE; + } else { return PKIProfile.AUTO_ADD_EE_DISABLE; + } } else { return PKIProfile.AUTO_ADD_DISABLE; + } } diff --git a/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateReader.java b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateReader.java new file mode 100644 index 0000000..79a0401 --- /dev/null +++ b/moaSig/moa-sig-lib/src/main/java/at/gv/egovernment/moa/spss/util/CertificateReader.java @@ -0,0 +1,157 @@ +package at.gv.egovernment.moa.spss.util; +import java.io.BufferedInputStream; +import java.io.File; +import java.io.FileFilter; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.security.Security; +import java.security.cert.CertificateException; +import java.util.Arrays; +import java.util.Iterator; +import java.util.List; + +import iaik.pkcs.PKCS7CertList; +import iaik.pkcs.PKCSParsingException; +import iaik.security.provider.IAIK; +import iaik.utils.Util; +import iaik.x509.X509Certificate; +import iaik.xml.crypto.EccProviderAdapter; + +// Copyright (C) 2011 IAIK +// http://jce.iaik.at +// +// Copyright (C) 2011 Stiftung Secure Information and +// Communication Technologies SIC +// http://www.sic.st +// +// All rights reserved. +// +// This source is provided for inspection purposes and recompilation only, +// unless specified differently in a contract with IAIK. This source has to +// be kept in strict confidence and must not be disclosed to any third party +// under any circumstances. Redistribution in source and binary forms, with +// or without modification, are permitted in any case! +// +// THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +// ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +// OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +// LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +// OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +// SUCH DAMAGE. +// +// + +public class CertificateReader { + + /** + * Filter for reading certificate files from a directory. + * The filter accepts a file if its name ends with + * ".cer", ".der", ".crt" + * or ".pem". + * + * @author Harald Bratko + * @author Konrad Lanz + */ + static class CertificateFileFilter implements FileFilter { + + /** + * Accepts a file if it is not a directory and its name ends with + * ".cer", ".der", ".crt" or ".pem". + * + * @see java.io.FileFilter#accept(java.io.File) + */ + public boolean accept(File file) { + String name = file.getName(); + if (name.endsWith(".der") || + name.endsWith(".cer") || + name.endsWith(".crt") || + name.endsWith(".pem")) + { + return true; + } else { + return false; + } + } + } + + + + /** + * Reads the certificates from the given directory and + * returns the certificates as sorted list (end user certificate first). + * @param directory + * @return + * @throws IOException + * @throws FileNotFoundException + * @throws CertificateException + * @throws Exception + */ + public static X509Certificate[] readCertificatesIntoArray(String directory) throws CertificateException, FileNotFoundException, IOException{ + + File file = new File(directory); + File[] certificateFiles = file.listFiles(new CertificateFileFilter()); + int l = certificateFiles.length; + X509Certificate[] certs = new X509Certificate[l]; + for (int i=0; i readCertificates(String directory) throws CertificateException, FileNotFoundException, IOException{ + + return Arrays.asList(readCertificatesIntoArray(directory)); + } + + public static void main(String[] args) { + try { + + IAIK.addAsJDK14Provider(); + //IAIK.addAsProvider(); + //Security.addProvider(new IAIK()); + + // install ECC provider + Security.addProvider(EccProviderAdapter.getEccProvider()); + + String dir = "target/classes/spec/examples/EU/AT/certs/on-tsl/chain/"; + List l = readCertificates(dir); + Iterator it = l.iterator(); + while (it.hasNext()) { + System.out.println(((X509Certificate)it.next()).getSubjectDN().getName()); + } + } catch (Exception e) { + e.printStackTrace(); + System.exit(1); + } + + } + + public static X509Certificate[] p7read(File path) throws PKCSParsingException, FileNotFoundException, IOException { + PKCS7CertList p7certList = new PKCS7CertList( + new BufferedInputStream( + new FileInputStream( + path + ) + ) + ); + return p7certList.getCertificateList(); + } + } \ No newline at end of file diff --git a/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/SPSSTestCase.java b/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/SPSSTestCase.java index dd7890c..315f56e 100644 --- a/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/SPSSTestCase.java +++ b/moaSig/moa-sig-lib/src/test/java/test/at/gv/egovernment/moa/spss/SPSSTestCase.java @@ -24,8 +24,6 @@ package test.at.gv.egovernment.moa.spss; -import java.security.Security; - import test.at.gv.egovernment.moa.MOATestCase; import at.gv.egovernment.moaspss.logging.Logger; import at.gv.egovernment.moaspss.logging.LoggingContext; diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java index fd5b278..d0e53d3 100644 --- a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/PadesIntegrationTest.java @@ -7,12 +7,18 @@ import static org.junit.Assert.assertNull; import static org.junit.Assert.assertThrows; import static org.junit.Assert.assertTrue; +import java.io.FileInputStream; import java.io.IOException; +import java.security.cert.Certificate; +import java.security.cert.CertificateException; +import java.util.Date; import org.apache.commons.io.IOUtils; +import org.apache.commons.lang3.ArrayUtils; import org.apache.commons.lang3.RandomStringUtils; import org.junit.Before; import org.junit.BeforeClass; +import org.junit.Ignore; import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.BlockJUnit4ClassRunner; @@ -23,8 +29,20 @@ import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse; import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement; import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults; import at.gv.egovernment.moa.spss.server.config.ConfigurationException; +import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; +import at.gv.egovernment.moa.spss.server.iaik.cmsverify.PDFSignatureVerificationProfileImpl; +import at.gv.egovernment.moa.spss.server.iaik.pki.PKIProfileImpl; import at.gv.egovernment.moa.spss.server.init.SystemInitializer; import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker; +import at.gv.egovernment.moa.spss.server.logging.TransactionId; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; +import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; +import iaik.pki.PKIFactory; +import iaik.pki.PKIModule; +import iaik.pki.PKIResult; +import iaik.server.cmspdfverify.CMSVerifyUtils; +import iaik.x509.X509Certificate; +import at.gv.egovernment.moa.spss.test.integration.utils.CertificateReader; @RunWith(BlockJUnit4ClassRunner.class) public class PadesIntegrationTest extends AbstractIntegrationTest { @@ -39,6 +57,9 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { final String current = new java.io.File(".").getCanonicalPath(); System.setProperty("moa.spss.server.configuration", current + "/src/test/resources/moaspss_config/MOASPSSConfiguration.xml"); + System.setProperty("iaik.esi.sva.configuration.location", + current + "/src/test/resources/moaspss_config/svaconfig.example"); + moaSpssCore = SystemInitializer.init(); } @@ -50,6 +71,7 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { } + @Ignore @Test public void missingTrustProfile() throws IOException { final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( @@ -66,6 +88,7 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { } + @Ignore @Test public void basicValidationCadesSignature() throws MOAException, IOException { final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( @@ -101,6 +124,7 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { } + @Ignore @Test public void extendedValidationCadesSignature() throws MOAException, IOException { final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( @@ -138,12 +162,68 @@ public class PadesIntegrationTest extends AbstractIntegrationTest { } assertNotNull("extended val. result", cmsResult.getExtendedCertificateCheck()); - assertEquals("ext. val major", 2, cmsResult.getExtendedCertificateCheck().getMajorCode()); + assertEquals("ext. val major", 1, cmsResult.getExtendedCertificateCheck().getMajorCode()); assertEquals("ext. val major", 24, cmsResult.getExtendedCertificateCheck().getMinorCode()); assertNotNull("byteRange", cmsResult.getByteRangeOfSignature()); assertEquals("used sig alg", "SHA1withRSA", cmsResult.getSignatureAlgorithm()); } + + @Ignore + @Test + public void padesLteTest() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + IOUtils.toByteArray(new FileInputStream("/home/tlenz/Projekte/signaturprueftool/test_docs/20220623_rtr/Amtsiegel.pdf")), + "MOAIDBuergerkarteAuthentisierungsDaten", + true, + false); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + + } + + @Test + public void padesOwnTest() throws Exception { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + IOUtils.toByteArray(new FileInputStream("/home/tlenz/Projekte/pdfas4/testdocs/enc_own_signed_neuer.pdf")), + "MOAIDBuergerkarteAuthentisierungsDaten", + true, + false); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + + + + + } + + @Ignore + @Test + public void pkixTest() throws Exception { + final String current = new java.io.File(".").getCanonicalPath(); + X509Certificate[] chain = CertificateReader.readCertificatesIntoArray(current + "/src/test/resources/testdata/pkix/chain/"); + + PKIModule pkiModule = PKIFactory.getInstance().getPKIModule( + new PKIProfileImpl(ConfigurationProvider.getInstance(), "MOAIDBuergerkarteAuthentisierungsDaten")); + PKIResult pkiResult = pkiModule.validateCertificate( + new Date(), + (X509Certificate) chain[0], + (X509Certificate[]) ArrayUtils.subarray(chain, 1, chain.length), + (boolean[])null, + new TransactionId("aabbccdd")); + + System.out.print("Finished"); + + } + } diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/OfficialEuTslTest.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/OfficialEuTslTest.java index 20b130a..50ad14e 100644 --- a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/OfficialEuTslTest.java +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/tsl/OfficialEuTslTest.java @@ -6,6 +6,7 @@ import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; +import java.io.FileInputStream; import java.io.IOException; import java.util.Arrays; import java.util.Collections; @@ -40,7 +41,6 @@ import at.gv.egovernment.moa.spss.server.monitoring.ServiceStatusContainer; import at.gv.egovernment.moa.spss.test.integration.AbstractIntegrationTest; @RunWith(BlockJUnit4ClassRunner.class) -@Ignore public class OfficialEuTslTest extends AbstractIntegrationTest { CMSSignatureVerificationInvoker cadesInvoker; @@ -162,4 +162,20 @@ public class OfficialEuTslTest extends AbstractIntegrationTest { } + @Test + public void padesLteTest() throws MOAException, IOException { + final VerifyCMSSignatureRequest request = buildVerfifyCmsRequest( + IOUtils.toByteArray(new FileInputStream("/home/tlenz/Projekte/signaturprueftool/test_docs/20220623_rtr/Amtsiegel.pdf")), + "OnlyTSL", + true, + true); + + // perform test + final VerifyCMSSignatureResponse result = cadesInvoker.verifyCMSSignature(request); + + // verify result + assertNotNull("verification result", result); + + } + } diff --git a/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/utils/CertificateReader.java b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/utils/CertificateReader.java new file mode 100644 index 0000000..db5d55f --- /dev/null +++ b/moaSig/moa-sig/src/test/java/at/gv/egovernment/moa/spss/test/integration/utils/CertificateReader.java @@ -0,0 +1,157 @@ +package at.gv.egovernment.moa.spss.test.integration.utils; +import java.io.BufferedInputStream; +import java.io.File; +import java.io.FileFilter; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.security.Security; +import java.security.cert.CertificateException; +import java.util.Arrays; +import java.util.Iterator; +import java.util.List; + +import iaik.pkcs.PKCS7CertList; +import iaik.pkcs.PKCSParsingException; +import iaik.security.provider.IAIK; +import iaik.utils.Util; +import iaik.x509.X509Certificate; +import iaik.xml.crypto.EccProviderAdapter; + +// Copyright (C) 2011 IAIK +// http://jce.iaik.at +// +// Copyright (C) 2011 Stiftung Secure Information and +// Communication Technologies SIC +// http://www.sic.st +// +// All rights reserved. +// +// This source is provided for inspection purposes and recompilation only, +// unless specified differently in a contract with IAIK. This source has to +// be kept in strict confidence and must not be disclosed to any third party +// under any circumstances. Redistribution in source and binary forms, with +// or without modification, are permitted in any case! +// +// THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +// ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +// OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +// LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +// OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +// SUCH DAMAGE. +// +// + +public class CertificateReader { + + /** + * Filter for reading certificate files from a directory. + * The filter accepts a file if its name ends with + * ".cer", ".der", ".crt" + * or ".pem". + * + * @author Harald Bratko + * @author Konrad Lanz + */ + static class CertificateFileFilter implements FileFilter { + + /** + * Accepts a file if it is not a directory and its name ends with + * ".cer", ".der", ".crt" or ".pem". + * + * @see java.io.FileFilter#accept(java.io.File) + */ + public boolean accept(File file) { + String name = file.getName(); + if (name.endsWith(".der") || + name.endsWith(".cer") || + name.endsWith(".crt") || + name.endsWith(".pem")) + { + return true; + } else { + return false; + } + } + } + + + + /** + * Reads the certificates from the given directory and + * returns the certificates as sorted list (end user certificate first). + * @param directory + * @return + * @throws IOException + * @throws FileNotFoundException + * @throws CertificateException + * @throws Exception + */ + public static X509Certificate[] readCertificatesIntoArray(String directory) throws CertificateException, FileNotFoundException, IOException{ + + File file = new File(directory); + File[] certificateFiles = file.listFiles(new CertificateFileFilter()); + int l = certificateFiles.length; + X509Certificate[] certs = new X509Certificate[l]; + for (int i=0; i readCertificates(String directory) throws CertificateException, FileNotFoundException, IOException{ + + return Arrays.asList(readCertificatesIntoArray(directory)); + } + + public static void main(String[] args) { + try { + + IAIK.addAsJDK14Provider(); + //IAIK.addAsProvider(); + //Security.addProvider(new IAIK()); + + // install ECC provider + Security.addProvider(EccProviderAdapter.getEccProvider()); + + String dir = "target/classes/spec/examples/EU/AT/certs/on-tsl/chain/"; + List l = readCertificates(dir); + Iterator it = l.iterator(); + while (it.hasNext()) { + System.out.println(((X509Certificate)it.next()).getSubjectDN().getName()); + } + } catch (Exception e) { + e.printStackTrace(); + System.exit(1); + } + + } + + public static X509Certificate[] p7read(File path) throws PKCSParsingException, FileNotFoundException, IOException { + PKCS7CertList p7certList = new PKCS7CertList( + new BufferedInputStream( + new FileInputStream( + path + ) + ) + ); + return p7certList.getCertificateList(); + } + } \ No newline at end of file diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/MOASPSSConfiguration.xml b/moaSig/moa-sig/src/test/resources/moaspss_config/MOASPSSConfiguration.xml index 44a04fa..f6abbb7 100644 --- a/moaSig/moa-sig/src/test/resources/moaspss_config/MOASPSSConfiguration.xml +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/MOASPSSConfiguration.xml @@ -40,6 +40,7 @@ true + false true diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/MOASPSSConfiguration_without_TSL.xml b/moaSig/moa-sig/src/test/resources/moaspss_config/MOASPSSConfiguration_without_TSL.xml new file mode 100644 index 0000000..772a327 --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/MOASPSSConfiguration_without_TSL.xml @@ -0,0 +1,114 @@ + + + + + + + 192.168 + + + + + + + + SKM_junit + keys/junit_signing.p12 + nichts + + + + KG_junit + + SKM_junit + + CN=MOA-SPSS signing,OU=jUnit Tests,O=EGIZ,C=AT + 1619541256 + + + + + KG_junit + + + http://www.w3.org/2001/10/xml-exc-c14n# + http://www.w3.org/2000/09/xmldsig#sha256 + + + + + + + false + false + true + + + certstore + + + + + + pkix + + + CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT + 536 + + chaining + + + + C=AT,O=Hauptverband österr. Sozialvers.,CN=Root-CA 1 + 376503867878755617282523408360935024869 + + chaining + + + + MOAIDBuergerkarteAuthentisierungsDaten + trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten + + + MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten + trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten + + + jUnitSigning + trustProfiles/jUnitSigning + + + + true + 0 + + OCSP + CRL + + + false + 365 + + + jdbc:url + fully.qualified.classname + + + + + + + SL20Authblock_v1.0 + profiles/SL20_authblock_v1.0.xml + + + SL20Authblock_v1.0_SIC + profiles/SL20_authblock_v1.0_SIC.xml + + + SL20Authblock_v1.0_OWN + profiles/SL20_authblock_v1.0_own.xml + + + diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/svaconfig.example b/moaSig/moa-sig/src/test/resources/moaspss_config/svaconfig.example index 7be4541..317f1b8 100644 --- a/moaSig/moa-sig/src/test/resources/moaspss_config/svaconfig.example +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/svaconfig.example @@ -69,7 +69,7 @@ tstkeylenconstraint={rsa, 1024, 2000-08-08} indicationmapping={FORMAT_FAILURE,INDETERMINATE};{NO_VALID_TIMESTAMPS_FOUND, INDETERMINATE} # Allows any key usage if set to true, otherwise only dig. signature -allowanykeyusage=false +allowanykeyusage=true # Defines the chaining model for path validation. # possible values are: diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Mobile-05.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Mobile-05.cer new file mode 100644 index 0000000..2bf4ad7 Binary files /dev/null and b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Mobile-05.cer differ diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Mobile-07.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Mobile-07.cer new file mode 100644 index 0000000..2353127 --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Mobile-07.cer @@ -0,0 +1,36 @@ +-----BEGIN CERTIFICATE----- +MIIGMTCCBBmgAwIBAgIEDoVJaDANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMC +QVQxSDBGBgNVBAoMP0EtVHJ1c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUg +aW0gZWxla3RyLiBEYXRlbnZlcmtlaHIgR21iSDEYMBYGA1UECwwPQS1UcnVzdC1S +b290LTA3MRgwFgYDVQQDDA9BLVRydXN0LVJvb3QtMDcwHhcNMjAwMzExMTUyMTE0 +WhcNMzYxMTEzMTQyMTE0WjCBnTELMAkGA1UEBhMCQVQxSDBGBgNVBAoMP0EtVHJ1 +c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUgaW0gZWxla3RyLiBEYXRlbnZl +cmtlaHIgR21iSDEhMB8GA1UECwwYYS1zaWduLXByZW1pdW0tbW9iaWxlLTA3MSEw +HwYDVQQDDBhhLXNpZ24tcHJlbWl1bS1tb2JpbGUtMDcwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQC6M5Q0eSLBBakFL7I5G2NvbLvzcXR6Uf/rEhg79CQt +hCQYfL4suddGQz6TySTp2KoJMQqacZKHzLrG/aor75MojcAfdj5nN4mKSzeyhgrq +AEm60c6nwpkbJsdf+HECi5b8nRJwlmXTy8BcTLLY14gitrprsmQRtRMLDc1Sy47i +yWG29G5p36RNoC9ErZAHx4dVOrqvW+N0ILI6zPHxMyW/d0RrGmldoIJ3AOYLfkg2 +xeeHisPZBocvdgm7B0F/sXnfCpQWIQygPkOjyLqiCCvuOSnSm4qa357foP4h86Yz +4iEFbEWawKwCIz4mtex4U4fiqppjekCaTavX093jBUUEyGrSA+5CCM2iBDTxBEmd +uTbEDKAK40qsIdYMLRx9D1VUNk9DtTT5VkOou1mGMjxZ36QM+3HXmaqZSuVyX1Vm +3bCc2O+L6VC/5Wp8y5nnzemTCu5f4+JxGNtH7ti4AVtSyp4hzDwwJHklOB2YmnsP +FJfrWVB8V+QdJ2TdHBmzRcYWSM85345/vfRRpLXKMH2ToNQB2HN3fArlqgblRI1c +/VrhpONCmpaUIqoDHDeJSZfjEY/ITTIVBZkvaNIPiZkkgF8iKkLFgQU/BPGRm/i5 +HQ+ACC7SVDdN4gLyixiOoIOKBgcC5pFSWNDUPmhs1EwW5dkhYRqvo6vUOKaEGSSS +DQIDAQABo4GIMIGFMBMGA1UdIwQMMAqACETAEa1TJ4f0MBEGA1UdDgQKBAhH1+x/ +R9ISYjAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zA6BgNVHR8EMzAx +MC+gLaArhilodHRwOi8vY3JsLmEtdHJ1c3QuYXQvY3JsL0EtVHJ1c3QtUm9vdC0w +NzANBgkqhkiG9w0BAQsFAAOCAgEAJH8ljqDtpFFU46zoIkqZmnv9uY1udYnjy3HV ++xE0Q7EeuithsP92A39p6bwtUS9FDokmMS4+XZSj72VBdt5t8tUKkFk2eBO9SMs9 +sM870G77by1hsjVQjEhQjnZVbxsV8jR0n6CiurUix21AQ1qn8LIgbPYL94Rng5i1 +YqXQdY8EcduO4+QJ230s9pUlBldpipXdVvs0mkY5XYj/QBgBT+ubbKTHj4sZiNvj +fe2MjAP2BSP9aAwf/IcbxXFy3lU+q9YQTO9VlbpuE1EU/8DPZ4tNGpEwPNT6xZ4G +CALOC83waE9U/NtdNCE4BYDQYRS9E1yxPs6NV/XTa+ywG8vUDli3qtmFu1MOGByy +i/YDSpTSFAg8bls2ZWeMUzS2/qOtgc2zxlko+Hy/VjCtxE7sIfGPg+UVnK2GtL6w +4kOCfO9XJ5WwsffVL6+ZUg+Dd9Rxth3JYD72J+EjpQyguAil9+Onq9p9JQCmPEcJ +L63MFT7UEluQQq4TgwupBtNDnyQ0JwJ/cW6gL35HBD11VmlxwpjnGTmlb801BDpK +mmbvoBV5mFqQD9S6Vtug30t+9p4py0Y96BIGPqcMvNTV1+vxRxtGRt5KU3BHoNBI +CJoTMDl7+L4EabQLcMCEOfmYEgyPAxm671xiWHNGUieqyW6whrzT2WDGPfoOIdUa +IR4ebFU= +-----END CERTIFICATE----- diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-02_1.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-02_1.cer new file mode 100644 index 0000000..32d8889 --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-02_1.cer @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEgzCCA2ugAwIBAgIDAOSjMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1 +YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0wNDEyMTQyMzAwMDBa +Fw0xNDEyMTMyMzAwMDBaMIGXMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz +dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy +a2VociBHbWJIMR4wHAYDVQQLDBVhLXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNV +BAMMFWEtc2lnbi1QcmVtaXVtLVNpZy0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBANZZNjVoS1r6DchywTTX58dkZ4KJRSwt78fipFxGlf0KrniYB+v5 +Vr5wodgwQ6E6AZFtvIzjYUolN3PjlEAnVaeCeZCeadnH32+Tvl+7MGKkfH9D0Xmw +xkVcSYf4Rld/8H7JNFMyeyzefyCm1HMehpdgbhJ1+bO5P3Mbh2W8ca9qWfisdbj5 +VXu+niGWG0mXTbMtgPeiSsb9YAQ2UlvJjofZvnSaNv39Q3TRmIROXuhIHyD5wjcK +A6qR2RD6eYpIG+yqZbGqxw65AIYHeD5li4jL0EsWxm6+eNBABA7GTcko4nxgKFv8 +wcqjiFBGKclznmHP0sSbxDxsrPK3gBj7Q8kCAwEAAaOB4TCB3jAPBgNVHRMBAf8E +BTADAQH/MBEGA1UdDgQKBAhN3+H/S9nJ3zATBgNVHSMEDDAKgAhCPSskpsFFzjAO +BgNVHQ8BAf8EBAMCAQYwgZIGA1UdHwSBijCBhzCBhKCBgaB/hn1sZGFwOi8vbGRh +cC5hLXRydXN0LmF0L291PUEtVHJ1c3QtUXVhbC0wMixvPUEtVHJ1c3QsYz1BVD9j +ZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2Vy +dGlmaWNhdGlvbkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEASBVGa0aeSFz3 +77OrRFmMAs7rh8kG+rRue8Ze0JuHR6P9DltPwH4B5oFtninmhImejKLR2CmdNbtk +ujNlXAY0KONJZIi7bXwotx4E23JUmIx5U2KtOmUzmI6JGcqJw5cu4i73Au6fKgSD +BM1+XyMH5/EKd51NWhhe2ByfC2BQ3qlgt11j0sNTapdz0OhvAxa6Dd9D5VCumwUy +8hEn/w9T4ZN1zabqJiD9ERiTLvJsP2zIg+Z0XssnqeRw0tk/Vn7htwCFn0/vFZkU +qMdbtxducOBa5LfbRkpzwAS5kAOZGcAHUD/3FVlCr59Z86e1WWwq3aSUN+XKOLd+ +ypPntzbNSA== +-----END CERTIFICATE----- diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-02_2.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-02_2.cer new file mode 100644 index 0000000..29b2127 --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-02_2.cer @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEgzCCA2ugAwIBAgIDFE4QMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVF1 +YWwtMDIxGDAWBgNVBAMMD0EtVHJ1c3QtUXVhbC0wMjAeFw0xNDA3MDExMTM3NTVa +Fw0yNDA3MDEwOTM3NTVaMIGXMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz +dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy +a2VociBHbWJIMR4wHAYDVQQLDBVhLXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNV +BAMMFWEtc2lnbi1QcmVtaXVtLVNpZy0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBANZZNjVoS1r6DchywTTX58dkZ4KJRSwt78fipFxGlf0KrniYB+v5 +Vr5wodgwQ6E6AZFtvIzjYUolN3PjlEAnVaeCeZCeadnH32+Tvl+7MGKkfH9D0Xmw +xkVcSYf4Rld/8H7JNFMyeyzefyCm1HMehpdgbhJ1+bO5P3Mbh2W8ca9qWfisdbj5 +VXu+niGWG0mXTbMtgPeiSsb9YAQ2UlvJjofZvnSaNv39Q3TRmIROXuhIHyD5wjcK +A6qR2RD6eYpIG+yqZbGqxw65AIYHeD5li4jL0EsWxm6+eNBABA7GTcko4nxgKFv8 +wcqjiFBGKclznmHP0sSbxDxsrPK3gBj7Q8kCAwEAAaOB4TCB3jAPBgNVHRMBAf8E +BTADAQH/MBEGA1UdDgQKBAhN3+H/S9nJ3zATBgNVHSMEDDAKgAhCPSskpsFFzjAO +BgNVHQ8BAf8EBAMCAQYwgZIGA1UdHwSBijCBhzCBhKCBgaB/hn1sZGFwOi8vbGRh +cC5hLXRydXN0LmF0L291PUEtVHJ1c3QtUXVhbC0wMixvPUEtVHJ1c3QsYz1BVD9j +ZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2Vy +dGlmaWNhdGlvbkF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAQEAY6wF/ErpGbsM +CwOkFH3MOvxYuxEAs2hpQOkz2KawDuocMRhZpESubzFSE3RxHxc7zgL60P6mOoT8 +G9IFlk/EOOFerBulJCyD3TR84MalgC3bj5hgC0H3/FJsVNRbbxlecbrroA+4S8DP +U1F6mu9ImWGfuTWcV2Wa5pleJym5ICjTKL3v6tPLUdDlbcswkmxNf1uBZVsmta81 +BI1W9+33du1cVyymRZ2EfnL5kbAj6hdQ6qGfLjkZbZGXHWNNrfh/oGTzVALpmBwZ +q6rqYapWYU2T8z1WDz7fTNcpawM8Plxe8dNC6pCVeGQQApqYM4zm/4lC46V3ihjt +csETorSnVQ== +-----END CERTIFICATE----- diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-05.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-05.cer new file mode 100644 index 0000000..7ad406e --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-05.cer @@ -0,0 +1,35 @@ +-----BEGIN CERTIFICATE----- +MIIGKDCCBBCgAwIBAgIDD824MA0GCSqGSIb3DQEBCwUAMIGLMQswCQYDVQQGEwJB +VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp +bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMRgwFgYDVQQLDA9BLVRydXN0LVJv +b3QtMDUxGDAWBgNVBAMMD0EtVHJ1c3QtUm9vdC0wNTAeFw0xMzA5MjMxMzI4NTha +Fw0yMzA5MjAxMTI4NThaMIGXMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVz +dCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy +a2VociBHbWJIMR4wHAYDVQQLDBVhLXNpZ24tUHJlbWl1bS1TaWctMDUxHjAcBgNV +BAMMFWEtc2lnbi1QcmVtaXVtLVNpZy0wNTCCAiAwDQYJKoZIhvcNAQEBBQADggIN +ADCCAggCggIBAKWkdHxXUo847W9MqYSOH8H0mulJ11qOPAwHISvZFVJ5jpklQE4Z +7Eb+NKP/3tyGCE2IJPul0aKSBPjiMOwXlmD6FpDe2yoPxslu8/8nh28mo6Oyxnu/ +9WhnEv7u+P/VDUwI7avTRqj61m6mw39EfRMDrusJwa3MIZ1mmin+W6blUtOuuDUt +6Oh1cGPTeZyNybZBPYgTibWaiYx8Od+zhQ40t6bC03U+DxxuNfCgOsieGeOc6JzJ +Rtd7Tye8TAyVn9WDQyllvmO/Lst6oHpb50vKX5Hd5Xo5Ju2K3xWSx5sMrL8BUhAi +lpm4LM8YLTMKeaz5kaCdO8w0XKUJdFH9i/MEeAgSimZ0hIpvMpLSg25ySvMRS6Z7 +RsllA4xtnEG4Bu9P7FNeoyRm4Nd5UsIbug648wqXrf9PGsqPDjX7/3tSc67iJJ/w +YgsOUIcrHsykhOIjVbpOeAKYwb1UAiXS2UjgDyVDX6atppHmAut1ig4ouJ27CUB7 +jhSVqoOxmxKpTzu+gHJo+cLb0ihVzvKu5EFI7b50KE8xPQCFHbe9YBdq3oGoq1M7 +OvBTVZ369d1yzwwK3U9lMUeysipVeSJeFCD057oJHJYxYmvv0LHQ1zX4DmW3HNHH +U+A7+7aJnE1s9XNsCYbmUcY+14+WbTlUiCqMOAdCSzP8LHjRsf8a5DV/AgEDo4GI +MIGFMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuYS10cnVzdC5hdC9jcmwv +QS1UcnVzdC1Sb290LTA1MBMGA1UdIwQMMAqACED5uWe+A9IIMA8GA1UdEwEB/wQF +MAMBAf8wEQYDVR0OBAoECEH4CDkbAegkMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG +9w0BAQsFAAOCAgEAMqZmZqzadftaf6xB9WNWKnJixLBIVDjNUg3ypbmcwufqjmeA +ij2Qyer09oxr0n1xpsOwc7dSVp7brDTvSVJg33Ef9TGbCrKo9urJUypQn7HiCp1+ +y6Csvzi3jkx/V1Zvd9U5VF7hIHQrOQv1Id8egB845oestS+zUlqM+SxXO28EYIsp +iejWKWVi04nl+Ch85o1rZ9HBN6QxaoUU1Oo2+BaCyZqC+lWMv+wbCtM8YYLCME+t +FiMfZC9WtBitt0TBE5LR7Gf1Wcalsaazgfcwr7gxVvXbS3j5y9IX0LsmUNUfgesd +TTBPzZhQsryoZ3dpVbpdFj9ktBJkk2gzwYcVhXIGCGvOA96mm3b6uQrSuiWQJ9+N +awWpiQI6C4GfPxkIt8idUyGbBzu5Nj613ekI/z5ZFYdQ3KGOqNxJRqQLVnjqOjO5 +YD1DY5L6Pjl341wwPFF5ZsEESlTn5qbPIfygf2swqfyuEPbV+jOvaR1HmuPunuda +D42D5YJkpofIcvG9S4YsDJ6ZO6VvZ9f4cVxUiFDdfWc6tWQE3HEx6LDqZY5bjdie +BwGqsS/623bdQyHgQOeZqMcC/kyUiKozTFPJwd92yx7oQda1k24U5qDC9xMi/s4c +yHV2urDTvyVqphxKTw+64sW5z013vSBcQ2kKPxzwFkw/1MQF52upVhQqJ1c= +-----END CERTIFICATE----- diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-07.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-07.cer new file mode 100644 index 0000000..54eb44f --- /dev/null +++ b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-Premium-Sig-07.cer @@ -0,0 +1,35 @@ +-----BEGIN CERTIFICATE----- +MIIGKzCCBBOgAwIBAgIEDIaM9zANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMC +QVQxSDBGBgNVBAoMP0EtVHJ1c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUg +aW0gZWxla3RyLiBEYXRlbnZlcmtlaHIgR21iSDEYMBYGA1UECwwPQS1UcnVzdC1S +b290LTA3MRgwFgYDVQQDDA9BLVRydXN0LVJvb3QtMDcwHhcNMjAwMzExMTUxODE1 +WhcNMzYxMTEzMTQxODE1WjCBlzELMAkGA1UEBhMCQVQxSDBGBgNVBAoMP0EtVHJ1 +c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUgaW0gZWxla3RyLiBEYXRlbnZl +cmtlaHIgR21iSDEeMBwGA1UECwwVYS1zaWduLVByZW1pdW0tU2lnLTA3MR4wHAYD +VQQDDBVhLXNpZ24tUHJlbWl1bS1TaWctMDcwggIiMA0GCSqGSIb3DQEBAQUAA4IC +DwAwggIKAoICAQCb+OkeCkr3aNcwvBfmPfLeJDcDovCaWCGSSDMXslj11tKAPWHQ +A+rb4RVhCe9dPAZ46aR4+6+S8Lc6fvtzF8zwGU32MGvqUtZ8xg44TgzGWVmu3od2 +vr5nbeJINyiqJ0uh0slVSEP5Sh8lNLRrBu7hDS/mgXNZ7BcNoIAg4vadQ03+GbfA +vyaW7tp1fiAsTBDozehdcfpLvafAV9Qoiw9kAy13nlPzH/cq9vxlBj8USxixjulR +SCzM2hLKaefxvzmxzaaeZ5pOqhW75K4YS9LdV/AplW64HeUX5MP2lcvj8pt+UdoN +mEsLBFgScyd0q/MXHnERg4U2od95YOB7GvMzq8tEpF147+krbE6/2WdCsmlcBKZT ++9fxgy/61w9shVvAlHbGEG8tUYNeM6RMcK/g0B/qY4B6LkR03x6b2zv8DYhWWpM4 +CMGlPmds8bA0cMPFBZ7PhsJvHlqrIRtPbLWtm5sXILk9nFurWRxob8+r23JMODn2 +Q2Ulm5Z4CVyJfbYpuRTadUjZs+BNSE0S/6eC153uaCyP5vHplhHED8xXgpjr/GTC +PyJE6jRzfg+gUWr1WtTQKqyFaQfrTlEMiOD4UerBXTAd3Jz6FNY/FtC5h/t71nZx +YSXnUu8xQ/8JVY9lkq9ibq+CEzT8Mqn+rHy1mhxpadIa94BLRXX3zOSyowIDAQAB +o4GIMIGFMBMGA1UdIwQMMAqACETAEa1TJ4f0MBEGA1UdDgQKBAhN9Olivd8arjAO +BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zA6BgNVHR8EMzAxMC+gLaAr +hilodHRwOi8vY3JsLmEtdHJ1c3QuYXQvY3JsL0EtVHJ1c3QtUm9vdC0wNzANBgkq +hkiG9w0BAQsFAAOCAgEAZZFh7pWF69RyrGgdc1idFVgQJY5XFR80qBLBZdkOO5wF +to33OAoQCAfszJ1sR7I0+N8xf6wB8EhZeacArqz2inhgFudGvdmk6jlOIhUUs7ta +0bhuLUmBbzQwXOthQdTnU8+ZjbE5vsfgydIN0GJfhEj5pggRA5ICrTtekcG74UX/ +LOTPt4ppQ9sgsSGm4pjWSopDKM9Z0SjcfDUjPefIMYPyT6rI7oYgT1SmQqw4Gjud +l5lC+JhbHxgBcWOWcBVjMk7/5wH9klLqZYDbLmJ6PPcsm1jt8fyOgJBWrQaCnwrT +U2+KmvHgztiHgo3C0BIAh/on4qq95qCthS00qPwCrYLkNGiwexn/R7dHQu6yp0gG +uoLbXynoIeueCk7GC59AE0KZBtX6QzgqD/i8IfXNil41Tn3af1KFnL5iwE4yxe30 +w+c7O5eDxvK/NfyxWIrjxWISngIA1F6Ghlv71QM7zdOcvT3FdWPYWf8vRxPyEHm7 +jolmWjvwDwJGvgFggF4fHkH9LIvK5HKuG2SwXZJYkHZ+LKY8s26OLPm+DJKTXFTP +fVS7bz2p6ym2hig09Avraz31hjd1Gn9hEQfWhGdVM0m3RXLHXKWopI4JiA5XZLXo +/oeWmzUehZLowF7TvaiwA8//PfONZZus22OIo1QZvxZPjQd9/BVPIsB+YZqFgeI= +-----END CERTIFICATE----- diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_1.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_1.cer new file mode 100644 index 0000000..8ddc7d7 Binary files /dev/null and b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_1.cer differ diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_2.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_2.cer new file mode 100644 index 0000000..8cd2ed4 Binary files /dev/null and b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_2.cer differ diff --git a/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_3.cer b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_3.cer new file mode 100644 index 0000000..7c06592 Binary files /dev/null and b/moaSig/moa-sig/src/test/resources/moaspss_config/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/a-sign-premium-mobile-Sig-03a_3.cer differ diff --git a/moaSig/moa-sig/src/test/resources/testdata/pkix/chain/672C4FE428C7E1F7DB9416279E271B8671C80E23.cer b/moaSig/moa-sig/src/test/resources/testdata/pkix/chain/672C4FE428C7E1F7DB9416279E271B8671C80E23.cer new file mode 100644 index 0000000..eaa20b6 Binary files /dev/null and b/moaSig/moa-sig/src/test/resources/testdata/pkix/chain/672C4FE428C7E1F7DB9416279E271B8671C80E23.cer differ diff --git a/moaSig/moa-sig/src/test/resources/testdata/pkix/chain/F86591A6D86718886A0234B8E54E21AAEA63E24B.cer b/moaSig/moa-sig/src/test/resources/testdata/pkix/chain/F86591A6D86718886A0234B8E54E21AAEA63E24B.cer new file mode 100644 index 0000000..2bf4ad7 Binary files /dev/null and b/moaSig/moa-sig/src/test/resources/testdata/pkix/chain/F86591A6D86718886A0234B8E54E21AAEA63E24B.cer differ -- cgit v1.2.3