/* * Copyright 2003 Federal Chancellery Austria * MOA-SPSS has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. */ package test.at.gv.egovernment.moa.spss.server.config; import iaik.asn1.structures.Name; import iaik.pki.pathvalidation.ChainingModes; import iaik.utils.RFC2253NameParser; import iaik.utils.RFC2253NameParserException; import iaik.x509.X509Certificate; import java.math.BigInteger; import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Set; import junit.framework.TestCase; import org.w3c.dom.Element; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.server.config.CRLDistributionPoint; import at.gv.egovernment.moa.spss.server.config.ConfigurationException; import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import at.gv.egovernment.moa.spss.server.config.HardwareCryptoModule; import at.gv.egovernment.moa.spss.server.config.HardwareKeyModule; import at.gv.egovernment.moa.spss.server.config.KeyGroup; import at.gv.egovernment.moa.spss.server.config.KeyGroupEntry; import at.gv.egovernment.moa.spss.server.config.OCSPDistributionPoint; import at.gv.egovernment.moa.spss.server.config.SoftwareKeyModule; import at.gv.egovernment.moa.spss.server.config.TrustProfile; import at.gv.egovernment.moaspss.util.Constants; /** * @author Gregor Karlinger * @version $Id$ */ public class ConfigurationProviderTest1 extends TestCase { private static final String CONFIG_BASE_ = "e:/cio/projekte/basismodule/wartung/projekt/spss.server/res/test/resources/config/"; static at.gv.egovernment.moa.spss.server.config.ConfigurationProvider provider_; static { System.setProperty( "log4j.configuration", "file:/" + CONFIG_BASE_ + "log4j.properties"); System.setProperty( at.gv.egovernment.moa.spss.server.config.ConfigurationProvider.CONFIG_PROPERTY_NAME, CONFIG_BASE_ + "moa.spss.complete-config.xml"); try { ConfigurationProvider.reload(); provider_ = at.gv.egovernment.moa.spss.server.config.ConfigurationProvider.getInstance(); } catch (ConfigurationException e) { throw new RuntimeException("Fehler beim Setup des Tests: " + e.getMessage()); } } /** * Constructor for ConfigurationProvider. * @param arg0 */ public ConfigurationProviderTest1() throws MOAException { super("ConfigurationProvider"); } public void testGetWarnings() { assertEquals(0, provider_.getWarnings().size()); } public void testGetDigestMethodAlgorithmName() { assertEquals( Constants.SHA1_URI, provider_.getDigestMethodAlgorithmName()); } public void testGetCanonicalizationAlgorithmName() { assertEquals( Constants.C14N_WITH_COMMENTS_URI, provider_.getCanonicalizationAlgorithmName()); } public void testGetHardwareCryptoModules() { List hwcms = provider_.getHardwareCryptoModules(); assertEquals(2, hwcms.size()); HardwareCryptoModule hwc1 = (HardwareCryptoModule) hwcms.get(0); assertEquals("HWC1_Name", hwc1.getName()); assertEquals("HWC1_SlotId", hwc1.getSlotID()); assertEquals("HWC1_UserPIN", hwc1.getUserPIN()); HardwareCryptoModule hwc2 = (HardwareCryptoModule) hwcms.get(1); assertEquals("HWC2_Name", hwc2.getName()); assertNull(hwc2.getSlotID()); assertEquals("HWC2_UserPIN", hwc2.getUserPIN()); } public void testGetHardwareKeyModules() { List hwkms = provider_.getHardwareKeyModules(); assertEquals(2, hwkms.size()); HardwareKeyModule hwk1 = (HardwareKeyModule) hwkms.get(0); assertEquals("HWK1_Id", hwk1.getId()); assertEquals("HWK1_Name", hwk1.getName()); assertEquals("HWK1_SlotId", hwk1.getSlotID()); assertEquals("HWK1_UserPIN", hwk1.getUserPIN()); HardwareKeyModule hwk2 = (HardwareKeyModule) hwkms.get(1); assertEquals("HWK2_Id", hwk2.getId()); assertEquals("HWK2_Name", hwk2.getName()); assertNull(hwk2.getSlotID()); assertEquals("HWK2_UserPIN", hwk2.getUserPIN()); } public void testGetSoftwareKeyModules() { List swkms = provider_.getSoftwareKeyModules(); assertEquals(2, swkms.size()); SoftwareKeyModule swk1 = (SoftwareKeyModule) swkms.get(0); assertEquals("SWK1_Id", swk1.getId()); assertEquals(CONFIG_BASE_ + "swk/SWK1_FileName.txt", swk1.getFileName().replace('\\', '/')); assertEquals("SWK1_Password", swk1.getPassWord()); SoftwareKeyModule swk2 = (SoftwareKeyModule) swkms.get(1); assertEquals("SWK2_Id", swk2.getId()); assertEquals(CONFIG_BASE_ + "swk/SWK2_FileName.txt", swk2.getFileName().replace('\\', '/')); assertNull(swk2.getPassWord()); } public void testGetKeyGroups() { Map keyGroups = provider_.getKeyGroups(); assertEquals(2, keyGroups.size()); KeyGroup kg1 = (KeyGroup) keyGroups.get("KG1_Id"); assertNotNull(kg1); assertEquals("KG1_Id", kg1.getId()); Set kg1Entries = kg1.getKeyGroupEntries(); assertEquals(2, kg1Entries.size()); Iterator kg1EntriesIt = kg1Entries.iterator(); while(kg1EntriesIt.hasNext()) { KeyGroupEntry currentEntry = (KeyGroupEntry)kg1EntriesIt.next(); if ("HWK1_Id".equals(currentEntry.getModuleID())) { assertEquals("CN=HWK1_Issuer", currentEntry.getIssuerDN()); assertEquals(0, currentEntry.getSerialNumber().intValue()); } else if ("HWK2_Id".equals(currentEntry.getModuleID())) { assertEquals("CN=HWK2_Issuer", currentEntry.getIssuerDN()); assertEquals(1, currentEntry.getSerialNumber().intValue()); } else fail("Invalid module identifer found."); } KeyGroup kg2 = (KeyGroup) keyGroups.get("KG2_Id"); assertNotNull(kg2); assertEquals("KG2_Id", kg2.getId()); Set kg2Entries = kg2.getKeyGroupEntries(); assertEquals(2, kg2Entries.size()); Iterator kg2EntriesIt = kg1Entries.iterator(); while(kg1EntriesIt.hasNext()) { KeyGroupEntry currentEntry = (KeyGroupEntry)kg2EntriesIt.next(); if ("SWK1_Id".equals(currentEntry.getModuleID())) { assertEquals("CN=CN=SWK1_Issuer", currentEntry.getIssuerDN()); assertEquals(2, currentEntry.getSerialNumber().intValue()); } else if ("SWK2_Id".equals(currentEntry.getModuleID())) { assertEquals("CN=SWK2_Issuer", currentEntry.getIssuerDN()); assertEquals(3, currentEntry.getSerialNumber().intValue()); } else fail("Invalid module identifer found."); } } public void testGetKeyGroupEntries() throws RFC2253NameParserException { RFC2253NameParser parser = new RFC2253NameParser("CN=Customer1_Issuer"); Name name = parser.parse(); Set kgEntries = provider_.getKeyGroupEntries(name, BigInteger.valueOf(4), "KG1_Id"); assertEquals(2, kgEntries.size()); Iterator kgEntriesIt = kgEntries.iterator(); while (kgEntriesIt.hasNext()) { KeyGroupEntry currentEntry = (KeyGroupEntry) kgEntriesIt.next(); if (!"HWK1_Id".equals(currentEntry.getModuleID()) && !"HWK2_Id".equals(currentEntry.getModuleID())) { fail("Invalid module identifier found."); } } } public void testGetChainingMode() throws RFC2253NameParserException { X509Certificate cert = new X509Certificate(); RFC2253NameParser parser = new RFC2253NameParser("CN=Unknown"); Name name = parser.parse(); cert.setIssuerDN(name); cert.setSerialNumber(BigInteger.valueOf(0)); assertEquals(ChainingModes.PKIX_MODE, provider_.getChainingMode(cert)); // Default chaining mode parser = new RFC2253NameParser("CN=TA1_Issuer"); name = parser.parse(); cert.setIssuerDN(name); cert.setSerialNumber(BigInteger.valueOf(5)); assertEquals(ChainingModes.CHAIN_MODE, provider_.getChainingMode(cert)); } public void testGetDistributionPoints() throws RFC2253NameParserException { X509Certificate cert = new X509Certificate(); RFC2253NameParser parser = new RFC2253NameParser("CN=DP1_Issuer"); Name name = parser.parse(); cert.setIssuerDN(name); Set dps = provider_.getDistributionPoints(cert); assertEquals(2, dps.size()); Iterator dpIt = dps.iterator(); while (dpIt.hasNext()) { CRLDistributionPoint currentDP = (CRLDistributionPoint)dpIt.next(); if ("http://crl.myca.org".equals(currentDP.getUri())) { int reasonCodes = iaik.asn1.structures.DistributionPoint.unused | iaik.asn1.structures.DistributionPoint.keyCompromise | iaik.asn1.structures.DistributionPoint.cACompromise | iaik.asn1.structures.DistributionPoint.affiliationChanged | iaik.asn1.structures.DistributionPoint.superseded | iaik.asn1.structures.DistributionPoint.cessationOfOperation | iaik.asn1.structures.DistributionPoint.certificateHold | iaik.asn1.structures.DistributionPoint.privilegeWithdrawn | iaik.asn1.structures.DistributionPoint.aACompromise; assertEquals(reasonCodes, currentDP.getReasonCodes()); } else if ("http://crl.myotherca.org".equals(currentDP.getUri())) { int reasonCodes = iaik.asn1.structures.DistributionPoint.aACompromise | iaik.asn1.structures.DistributionPoint.affiliationChanged; assertEquals(reasonCodes, currentDP.getReasonCodes()); } else fail("Invalid CRL DP URI found: " + currentDP.getUri()); } parser = new RFC2253NameParser("CN=DP2_Issuer"); name = parser.parse(); cert.setIssuerDN(name); dps = provider_.getDistributionPoints(cert); assertEquals(1, dps.size()); OCSPDistributionPoint dpo = (OCSPDistributionPoint) dps.toArray()[0]; assertEquals("http://crl.yetanotherca.org", dpo.getUri()); } public void testGetCRLArchiveDuration() { assertEquals(730, provider_.getCRLArchiveDuration()); } public void testGetEnableRevocationArchiving() { assertFalse(provider_.getEnableRevocationArchiving()); } public void testGetCertStoreLocation() { assertEquals( CONFIG_BASE_ + "certstore_test", provider_.getCertStoreLocation().replace('\\', '/')); } public void testGetCreateTransformsInfoProfile() { Element ctip1 = provider_.getCreateTransformsInfoProfile("CTIP_1"); assertEquals("CreateTransformsInfoProfile", ctip1.getLocalName()); Element ctip2 = provider_.getCreateTransformsInfoProfile("CTIP_2"); assertEquals("CreateTransformsInfoProfile", ctip2.getLocalName()); } public void testGetCreateSignatureEnvironmentProfile() { Element csep = provider_.getCreateSignatureEnvironmentProfile("CSEP_1"); assertEquals("CreateSignatureEnvironmentProfile", csep.getLocalName()); } public void testGetVerifyTransformsInfoProfile() { Element vtip = provider_.getVerifyTransformsInfoProfile("VTIP_1"); assertEquals("VerifyTransformsInfoProfile", vtip.getLocalName()); } public void testGetSupplementProfile() { Element sp = provider_.getSupplementProfile("SP_1"); assertEquals("SupplementProfile", sp.getLocalName()); } public void testGetTrustProfile() { TrustProfile tp1 = provider_.getTrustProfile("TP1_Id"); assertEquals( "file:/" + CONFIG_BASE_ + "trustprofiles/tp1/anchors", tp1.getUri()); assertEquals( "file:/" + CONFIG_BASE_ + "trustprofiles/tp1/signercerts", tp1.getSignerCertsUri()); TrustProfile tp2 = provider_.getTrustProfile("TP2_Id"); assertEquals( "file:" + CONFIG_BASE_ + "trustprofiles/tp2/anchors", tp2.getUri()); assertEquals( "file:" + CONFIG_BASE_ + "trustprofiles/tp2/signercerts", tp2.getSignerCertsUri()); } public void testGetRevocationArchiveJDBCURL() { assertEquals("jdbc://dummy", provider_.getRevocationArchiveJDBCURL()); } public void testGetRevocationArchiveJDBCDriverClass() { assertEquals("fully.qualified.classname", provider_.getRevocationArchiveJDBCDriverClass()); } public void testGetEnableRevocationChecking() { assertFalse(provider_.getEnableRevocationChecking()); } public void testGetMaxRevocationAge() { assertEquals(10000, provider_.getMaxRevocationAge()); } public void testGetServiceOrder() { String[] serviceOrder = provider_.getServiceOrder(); assertEquals(2, serviceOrder.length); assertEquals("crl", serviceOrder[0]); assertEquals("ocsp", serviceOrder[1]); } public void testGetAutoAddCertificates() { assertFalse(provider_.getAutoAddCertificates()); } public void testGetUseAuthorityInfoAccess() { assertFalse(provider_.getUseAuthorityInfoAccess()); } }