package at.gv.egovernment.moa.spss.test.integration.tsl; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; import java.io.IOException; import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; import javax.xml.parsers.ParserConfigurationException; import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.RandomStringUtils; import org.junit.Before; import org.junit.BeforeClass; import org.junit.Ignore; import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.BlockJUnit4ClassRunner; import at.gv.egovernment.moa.sig.tsl.engine.data.TSLProcessingResultElement; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.spss.server.config.ConfigurationException; import at.gv.egovernment.moa.spss.server.init.SystemInitializer; import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker; import at.gv.egovernment.moa.spss.server.monitoring.ServiceStatusContainer; import at.gv.egovernment.moa.spss.test.integration.AbstractIntegrationTest; /** * https://esignature.ec.europa.eu/efda/validation-tests/#/screen/home * * @author tlenz * */ @RunWith(BlockJUnit4ClassRunner.class) public class XadesTslEuTestset02Test extends AbstractIntegrationTest { XMLSignatureVerificationInvoker cadesInvoker; public static final Map TSL_LOAD_STATUS; static { final Map intMap = new HashMap<>(); intMap.put("EU", true); intMap.put("LU", false); intMap.put("FR", false); intMap.put("BE", true); intMap.put("DE", false); TSL_LOAD_STATUS = Collections.unmodifiableMap(intMap); } @BeforeClass public static void classInitializer() throws IOException, ConfigurationException, NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException { jvmStateReset(); final String current = new java.io.File(".").getCanonicalPath(); System.setProperty("moa.spss.server.configuration", current + "/src/test/resources/moaspss_config/MOASPSSConfiguration_tsl_eu_test_1.xml"); System.setProperty("iaik.esi.sva.configuration.location", current + "/src/test/resources/moaspss_config/svaconfig.example"); moaSpssCore = SystemInitializer.init(); } @Before public void initializer() throws ConfigurationException { cadesInvoker = XMLSignatureVerificationInvoker.getInstance(); setUpContexts(RandomStringUtils.randomAlphabetic(10)); } @Test @Ignore public void checkTslState() { assertTrue("TSL not active", ServiceStatusContainer.getStatus()); final List loadedTsl = ServiceStatusContainer.getTslDetailStatus(); assertFalse("no TSL loaded", loadedTsl.isEmpty()); assertEquals("wrong TSL size", 5, loadedTsl.size()); assertEquals("loaded TSL CC", "EU", loadedTsl.get(0).getCountryCode()); assertEquals("loaded TSL URL", "https://esignature.ec.europa.eu/efda/validation-tests/testcase/tl/LOTL-2.xml", loadedTsl.get(0).getTslURL()); assertTrue("loaded TSL processed", loadedTsl.get(0).isProcessed()); assertTrue("loaded TSL verified", loadedTsl.get(0).isVerified()); for (final TSLProcessingResultElement el : loadedTsl) { assertTrue("TSL entry unknown", TSL_LOAD_STATUS.containsKey(el.getCountryCode())); assertEquals("wrong statusCode", TSL_LOAD_STATUS.get(el.getCountryCode()), el.isProcessed()); assertEquals("wrong statusCode", TSL_LOAD_STATUS.get(el.getCountryCode()), el.isVerified()); } } @Test @Ignore public void euTestFile2_1_2() throws MOAException, IOException, ParserConfigurationException { final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( "/testdata/xades/2.1.2-TEST FILE.xml"), "OnlyTSL", true, null, DEFAULT_XPATH_SIGNATURE_LOCATION, null, Collections.emptyMap()); // perform test final VerifyXMLSignatureResponse result = cadesInvoker.verifyXMLSignature(request); // verify result assertNotNull("verification result", result); assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); assertEquals("certCode", 1, result.getCertificateCheck().getCode()); assertNotNull("signerInfo", result.getSignerInfo()); assertEquals("issuerCC", "FR", result.getSignerInfo().getIssuerCountryCode()); assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); assertTrue("SSCD", result.getSignerInfo().isSSCD()); assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); assertNull("TSL infos", result.getSignerInfo().getTslInfos()); assertNotNull("form val. result", result.getAdESFormResults()); assertNotNull("extended val. result", result.getExtendedCertificateCheck()); assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); } @Test @Ignore public void euTestFile2_1_3() throws MOAException, IOException, ParserConfigurationException { final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( "/testdata/xades/2.1.3-TEST FILE.xml"), "OnlyTSL", true, null, DEFAULT_XPATH_SIGNATURE_LOCATION, null, Collections.emptyMap()); // perform test final VerifyXMLSignatureResponse result = cadesInvoker.verifyXMLSignature(request); // verify result assertNotNull("verification result", result); assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); assertEquals("certCode", 1, result.getCertificateCheck().getCode()); assertNotNull("signerInfo", result.getSignerInfo()); assertEquals("issuerCC", "BE", result.getSignerInfo().getIssuerCountryCode()); assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); //because this signature is not on TSL any more --> EC changes the test setup!!! assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); assertTrue("SSCD", result.getSignerInfo().isSSCD()); assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); assertNull("TSL infos", result.getSignerInfo().getTslInfos()); //assertEquals("TSL CC", "BE", result.getSignerInfo().getTslInfos().getTslIssuerCountry()); //assertEquals("TSL ServiceType", "http://uri.etsi.org/TrstSvc/Svctype/CA/QC", // result.getSignerInfo().getTslInfos().getServiceTypeIdentifier()); //assertEquals("TSL ServiceStatus", "http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted", // result.getSignerInfo().getTslInfos().getServiceTypeStatus()); //assertFalse("TSL addit. status", result.getSignerInfo().getTslInfos().getAdditionalServiceInformation() // .isEmpty()); //assertEquals("TSL addit. status value", // "http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/ForeSignatures", // result.getSignerInfo().getTslInfos().getAdditionalServiceInformation().get(0)); assertNotNull("form val. result", result.getAdESFormResults()); assertNotNull("extended val. result", result.getExtendedCertificateCheck()); assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); } @Test @Ignore public void euTestFile2_1_1() throws MOAException, IOException, ParserConfigurationException { final VerifyXMLSignatureRequest request = buildVerifyXmlRequest(IOUtils.resourceToByteArray( "/testdata/xades/2.1.1-TEST FILE.xml"), "OnlyTSL", true, null, DEFAULT_XPATH_SIGNATURE_LOCATION, null, Collections.emptyMap()); // perform test final VerifyXMLSignatureResponse result = cadesInvoker.verifyXMLSignature(request); // verify result assertNotNull("verification result", result); assertEquals("sigCode", 0, result.getSignatureCheck().getCode()); assertEquals("certCode", 1, result.getCertificateCheck().getCode()); assertNotNull("signerInfo", result.getSignerInfo()); assertEquals("issuerCC", "LU", result.getSignerInfo().getIssuerCountryCode()); assertFalse("publicAuthority", result.getSignerInfo().isPublicAuthority()); assertFalse("QC", result.getSignerInfo().isQualifiedCertificate()); assertTrue("SSCD", result.getSignerInfo().isSSCD()); assertEquals("qcSource", "Certificate", result.getSignerInfo().getQCSource()); assertEquals("qcSource", "Certificate", result.getSignerInfo().getSSCDSource()); assertNull("TSL infos", result.getSignerInfo().getTslInfos()); assertNotNull("form val. result", result.getAdESFormResults()); assertNotNull("extended val. result", result.getExtendedCertificateCheck()); assertEquals("used sig alg", "SHA256withRSA", result.getSignatureAlgorithm()); } }