/* * Copyright 2003 Federal Chancellery Austria * MOA-SPSS has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. */ package test.at.gv.egovernment.moa.spss.server.iaik.config; import java.io.FileInputStream; import java.security.KeyStore; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.util.Collection; import java.util.Date; import java.util.Iterator; import java.util.List; import java.util.Set; import org.junit.Assert; import test.at.gv.egovernment.moa.spss.SPSSTestCase; import iaik.asn1.structures.DistributionPoint; import iaik.pki.PKIConfiguration; import iaik.pki.pathvalidation.ChainingModes; import iaik.pki.pathvalidation.ValidationConfiguration; import iaik.pki.revocation.CRLDistributionPoint; import iaik.pki.revocation.RevocationConfiguration; import iaik.pki.store.certstore.CertStoreConfiguration; import iaik.pki.store.certstore.CertStoreTypes; import iaik.pki.store.revocation.archive.ArchiveConfiguration; //import iaik.pki.store.revocation.archive.db.DataBaseArchiveParameter; import iaik.server.ConfigurationData; import iaik.server.modules.keys.HardwareKeyModuleConfiguration; import iaik.server.modules.keys.SoftwareKeyModuleConfiguration; import at.gv.egovernment.moa.spss.server.iaik.config.ConfigurationDataImpl; import at.gv.egovernment.moa.spss.server.transaction.TransactionContext; import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager; /** * Tests the ConfigurationDataImpl. * * @author Patrick Peck * @version $Id$ */ public class ConfigurationDataImplTest extends SPSSTestCase { private ConfigurationData config; private X509Certificate iaikCert; public ConfigurationDataImplTest(String name) { super(name); } protected void setUp() throws Exception { TransactionContext context; setUpTransactionContext(); context = TransactionContextManager.getInstance().getTransactionContext(); config = new ConfigurationDataImpl(context.getConfiguration()); KeyStore ks = KeyStore.getInstance("JKS", "SUN"); ks.load( new FileInputStream(TESTDATA_ROOT + "security/server.keystore"), "changeit".toCharArray()); CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); Collection certs = certFactory.generateCertificates( new FileInputStream( TESTDATA_ROOT + "conf/moa-spss/trustprofiles/TrustProfile1/IAIKRoot.cer")); iaikCert = (X509Certificate) certs.toArray()[0]; } public void testGetPKIConfiguration() { PKIConfiguration pkiConfig = config.getPKIConfiguration(); ArchiveConfiguration archiveConfig = pkiConfig.getArchiveConfiguration(); CertStoreConfiguration certStoreConfig = pkiConfig.getCertStoreConfiguration(); RevocationConfiguration revocationConfig = pkiConfig.getRevocationConfiguration(); ValidationConfiguration validationConfig = pkiConfig.getValidationConfiguration(); //DataBaseArchiveParameter archiveParam; Set distributionPoints; Iterator iter; boolean found; // test archive parameters /* archiveParam = (DataBaseArchiveParameter) archiveConfig.getArchiveParameters(); assertEquals( archiveParam.getJDBCUrl(), "jdbc:postgresql://10.16.46.108/moa?user=moa&password=moatest"); */ // test cert store configuration Assert.assertEquals(1, certStoreConfig.getParameters().length); Assert.assertEquals( CertStoreTypes.DIRECTORY, certStoreConfig.getParameters()[0].getType()); // test revocation configuration distributionPoints = revocationConfig.getAlternativeDistributionPoints(iaikCert, null, new Date()); Assert.assertEquals(3, distributionPoints.size()); found = false; for (iter = distributionPoints.iterator(); iter.hasNext();) { CRLDistributionPoint dp = (CRLDistributionPoint) iter.next(); if (dp.getUri().equals("http://www.iaik.at/testCA/iaik_test_sig.crl")) { found = dp.getReasonCodes() == (DistributionPoint.keyCompromise | DistributionPoint.affiliationChanged); } } Assert.assertTrue(found); // test validation configuration Assert.assertEquals( ChainingModes.PKIX_MODE, validationConfig.getChainingMode(iaikCert)); } /* public void testGetCryptoModuleConfigurations() { List cryptoConfigs = config.getCryptoModuleConfigurations(); HardwareCryptoModuleConfiguration moduleConfig; assertEquals(2, cryptoConfigs.size()); moduleConfig = (HardwareCryptoModuleConfiguration) cryptoConfigs.get(0); assertEquals("Module1", moduleConfig.getModuleName()); assertEquals("Slot1", moduleConfig.getSlotID()); assertEquals("PIN1", new String(moduleConfig.getUserPIN())); } */ public void testGetKeyModuleConfigurations() { List keyConfigs = config.getKeyModuleConfigurations(); HardwareKeyModuleConfiguration hwKey; SoftwareKeyModuleConfiguration swKey; Assert.assertEquals(7, keyConfigs.size()); hwKey = (HardwareKeyModuleConfiguration) keyConfigs.get(0); Assert.assertEquals("cryptoki.dll", hwKey.getModuleName()); Assert.assertEquals("0", hwKey.getSlotID()); Assert.assertEquals("0000", new String(hwKey.getUserPIN())); swKey = (SoftwareKeyModuleConfiguration) keyConfigs.get(1); Assert.assertEquals( "buergerkarte", new String(swKey.getKeyStoreAuthenticationData())); } }