moa-zs/src/test/resources/at, branch 2.0.0-RC1

moa-zs/src/test/resources/at, branch 2.0.0-RC1 Middleware that allows a sender application to send delivery requests to delivery services https://git.egiz.gv.at/moa-zs/atom?h=2.0.0-RC1 2019-09-03T11:06:48+00:00 Rename MzsClient to AppClient 2019-09-03T11:06:48+00:00 Christof Rabensteiner christof.rabensteiner@iaik.tugraz.at 2019-09-03T11:06:48+00:00 urn:sha1:3b114adee71e1e2477898d55c91cd573f0e48857 ...since it's a client that communicates with the app. Fix Tnvz Typo 2019-08-30T11:36:20+00:00 Christof Rabensteiner christof.rabensteiner@iaik.tugraz.at 2019-08-30T11:36:20+00:00 urn:sha1:c048d2ee787197b963dc1e8fa9297cf1cd3a4307 - sed 's/tvnz/tnvz/' Remove SSL Depending Testcases from Integration Test Suite 2019-08-23T12:57:28+00:00 Christof Rabensteiner christof.rabensteiner@iaik.tugraz.at 2019-08-21T13:17:49+00:00 urn:sha1:af9478800e5e9884e690c5a48dce2b68d7d348a2 - Reason: Now we can run integration tests without the need to set up SSL reverse proxy with client certificates. Add Two "VerifySignature" Testcases 2019-08-19T14:29:06+00:00 Christof Rabensteiner christof.rabensteiner@iaik.tugraz.at 2019-08-19T13:47:42+00:00 urn:sha1:631af9a4ab6b75e11ab369c3a7d9ab22e60341e8 Add Testcase For "Verify Signed Notification" 2019-07-31T14:29:19+00:00 Christof Rabensteiner christof.rabensteiner@iaik.tugraz.at 2019-07-31T14:29:19+00:00 urn:sha1:63baa41b1ea5ce6f2f9a1513522f7ad54ed0ceab Test Flow of DeliveryRequest from "End-To-End" & Fix Bugs 2019-07-22T11:02:19+00:00 Christof Rabensteiner christof.rabensteiner@iaik.tugraz.at 2019-07-22T11:02:19+00:00 urn:sha1:cb9a76eaafd37f921006822bcfe043655288bc63 Schema Changes: - Remove mzs:DeliveryRequest/TnvzMetaData because all metadata fields can be collected from DeliveryRequest and redundancy is not needed. Fixes and Refactoring in preprocess: - MzsDeliveryRequestValidator: Instead of returning false, throw an exception when a condition is not met, and explain which condition is not met / why it is not met in the exception's message. - Integrate interface change in ConfigProfileGenerator and DeliveryRequestAugmenter. - Rewrite and simplify DeliveryRequestAugmenter's augmentation. - ConfigUtil Fixes: Ensure that we do not override the wrong parameters while merging. This error appeared in tnvz / msg client, connection / receive timeout, key / trust store, and lax hostname verification / trust all. Fix Bugs in Interceptor / SoapUtils: - Problem: DOM access and information extraction was implemented somewhat sloppy. - SolutioN: Change DOM access interface to access DOM more efficiently. Add boundary checks and handle edge cases while extracting information from SOAP Messages. - Test those changes properly. Testing: - Implement Delivery Request Flow in ITEndToEndTest. - Start application on random port instead of fixed port when running integration tests. - Add assertions to tests in ITMzsServiceTest suite. Others Bug Fixes: - ServicesConfig: Ensure that mzs service and msg service run on different endpoint addresses (/msg and /mzs). - DeliveryRequestBackend: Throw exception when binary message is missing. Don't wrap the exception. - SaveResponseToFileSink: Wrap Response in JAXB Element (otherwise, marshaller does not recognize it) Renamed and Simplified SignatureVerifier 2019-07-12T06:40:38+00:00 Christof Rabensteiner christof.rabensteiner@iaik.tugraz.at 2019-07-12T06:31:42+00:00 urn:sha1:9dc0e72571a895e34a55c11d015c5d359b485aff Separate Test Suite into Unit- And Integration Tests 2019-06-28T08:29:50+00:00 Christof Rabensteiner christof.rabensteiner@iaik.tugraz.at 2019-06-28T08:29:50+00:00 urn:sha1:c43f9764b2132ce54a491c1daeeafe6aa4851ef5 Per default, integration tests are excluded from build. They can be included with the `-P integration-test` argument. - Pom: Add maven profile for integration tests. - Rename integration tests (add `IT` prefix). - Move Resources into IT* folders. - Add MsgClientTest to test suite and add assertions to each test case. Add Testcase: Reject Invalid Delivery Response Signature 2019-06-19T09:07:11+00:00 Christof Rabensteiner christof.rabensteiner@iaik.tugraz.at 2019-06-19T09:07:11+00:00 urn:sha1:a867ca9950c6bf670407b366ee2980eb747358f2 Finalize moa-sig-lib's Integration and Add Testcase 2019-06-19T08:46:15+00:00 Christof Rabensteiner christof.rabensteiner@iaik.tugraz.at 2019-06-19T08:46:15+00:00 urn:sha1:5d183fd9535d80e5066647e0501da881bcac4d58 - Interpret `ISignatureVerificationService` response properly (by following security layer spec [1] and moaspss handbook [2]). - Add config flag `moa.spss.is-manifest-check-active` - Change SignatureVerifier Interface: Remove @return boolean, just throw an exception when a validation error occurs. Reason: In case the signature cannot be validated, the application always needs the reason for the validation error, which requires the verifier to throw an exception. In turn, the only valid return value for `verify()` becomes `true`, which can be omitted at that point. - Add testcase for verifying a valid enveloped xml signature - Remove Certificates that are not needed. [1] https://www.buergerkarte.at/konzept/securitylayer/spezifikation/20140114/core/core.html [2] https://apps.egiz.gv.at/handbooks/moa-spss/handbook/handbook/usage/usage.html