aboutsummaryrefslogtreecommitdiff
path: root/src/test/resources/at/gv/egiz/moazs
diff options
context:
space:
mode:
authorChristof Rabensteiner <christof.rabensteiner@iaik.tugraz.at>2019-06-19 10:46:15 +0200
committerChristof Rabensteiner <christof.rabensteiner@iaik.tugraz.at>2019-06-19 10:46:15 +0200
commit5d183fd9535d80e5066647e0501da881bcac4d58 (patch)
tree5de251fdde379644e36bace245cf831805faac5d /src/test/resources/at/gv/egiz/moazs
parent2a765b9c3a0d20bf2794c569f584bde05fb21d16 (diff)
downloadmoa-zs-5d183fd9535d80e5066647e0501da881bcac4d58.tar.gz
moa-zs-5d183fd9535d80e5066647e0501da881bcac4d58.tar.bz2
moa-zs-5d183fd9535d80e5066647e0501da881bcac4d58.zip
Finalize moa-sig-lib's Integration and Add Testcase
- Interpret `ISignatureVerificationService` response properly (by following security layer spec [1] and moaspss handbook [2]). - Add config flag `moa.spss.is-manifest-check-active` - Change SignatureVerifier Interface: Remove @return boolean, just throw an exception when a validation error occurs. Reason: In case the signature cannot be validated, the application always needs the reason for the validation error, which requires the verifier to throw an exception. In turn, the only valid return value for `verify()` becomes `true`, which can be omitted at that point. - Add testcase for verifying a valid enveloped xml signature - Remove Certificates that are not needed. [1] https://www.buergerkarte.at/konzept/securitylayer/spezifikation/20140114/core/core.html [2] https://apps.egiz.gv.at/handbooks/moa-spss/handbook/handbook/usage/usage.html
Diffstat (limited to 'src/test/resources/at/gv/egiz/moazs')
-rw-r--r--src/test/resources/at/gv/egiz/moazs/MoaSPSSSignatureVerifierTest/valid-signed-delivery-response.xml30
1 files changed, 30 insertions, 0 deletions
diff --git a/src/test/resources/at/gv/egiz/moazs/MoaSPSSSignatureVerifierTest/valid-signed-delivery-response.xml b/src/test/resources/at/gv/egiz/moazs/MoaSPSSSignatureVerifierTest/valid-signed-delivery-response.xml
new file mode 100644
index 0000000..59a90cf
--- /dev/null
+++ b/src/test/resources/at/gv/egiz/moazs/MoaSPSSSignatureVerifierTest/valid-signed-delivery-response.xml
@@ -0,0 +1,30 @@
+<DeliveryResponse xmlns="http://reference.e-government.gv.at/namespace/zustellung/msg/phase2/20181206#" xmlns:ns2="http://reference.e-government.gv.at/namespace/persondata/phase2/20181206#" xmlns:ns3="http://www.w3.org/2000/09/xmldsig#"><PartialSuccess><DeliverySystem>https://testzustellsystem.egiz.gv.at</DeliverySystem><ZSDeliveryID>zs-valid-delivery-request-id</ZSDeliveryID><AppDeliveryID>valid-delivery-request-id</AppDeliveryID><GZ>12345</GZ></PartialSuccess><dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="signature-1-1"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-1-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><dsig:DigestValue>ejvUI0yh/IIyauFe8x5ZonD/i5oznl8vFyS3oLNivzA=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>hmVZrLkMDbXaRLYQKOaV3OtK13TQgMu3csKyw9M4zWqNyva1yxnYkzoX3dKDOdc9
+O56yQJsjoA3Cuw7pXlGO7jSfVM77dTXbWSDaF95O9Vdsrmr7R6Uki0jA9SmgQLXg
+hZAUG8JpsHcBn8M0L2BXADKjSn0LuMDL2L7dmU3EM7eRy+OvFwDrXDw1fhjQO6L2
+KoflAWLgUerDhJSpzr0+YfmkrjzitLUA7oIg8ieOnfGyql31ECmDJEqgnL78hyPZ
+KaNZImDf3EWFs8je6mt+os1TwsyXYwz+GGbjoDR8lGTS9xVqnXdrgP8Jyv6p9FEu
+0IYgSY2FlbI3skPZC8ZVXg==</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIEqzCCBBSgAwIBAgIHANux81oNezANBgkqhkiG9w0BAQUFADBAMSIwIAYDVQQD
+ExlJQUlLIFRlc3QgSW50ZXJtZWRpYXRlIENBMQ0wCwYDVQQKEwRJQUlLMQswCQYD
+VQQGEwJBVDAeFw0xMzA5MjcwNTMzMzdaFw0yMzA5MjcwNTMzMzdaMIHkMQswCQYD
+VQQGEwJBVDENMAsGA1UEBxMER3JhejEmMCQGA1UEChMdR3JheiBVbml2ZXJzaXR5
+IG9mIFRlY2hub2xvZ3kxSDBGBgNVBAsTP0luc3RpdHV0ZSBmb3IgQXBwbGllZCBJ
+bmZvcm1hdGlvbiBQcm9jZXNzaW5nIGFuZCBDb21tdW5pY2F0aW9uczEUMBIGA1UE
+BBMLTU9BLVNTIFRlc3QxGDAWBgNVBCoTD0VHSVogVGVzdHBvcnRhbDEkMCIGA1UE
+AxMbRUdJWiBUZXN0cG9ydGFsIE1PQS1TUyBUZXN0MIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAuDjOyf+mY+oQL2FQzzuaiC8C23vVKbq/n2Zi7BqSibZH
+mtqMJfmj4pT+hWSNHvVvWsaxFcx4KeNqdCMzwnw1r4P3Sf+2o5uFku5KHEMLMokR
+yYQG9VqY/KkB94ye7Pv6zT8gvKqxGFg96UamECep4swPaSZrA8AOER5WAtyGDzKI
+Tz+a5zfFaTXDoba7f98PCWR96yKiFjVOhzp38WVz4VJgz+b8ZSY7Xsv5Kn7DXjOL
+STX4MevFLki3rFPup3+4vGToaMBW3PEj67HXBdqR855Le6+E6rVxORqsXqlVwhsI
+6nuS0CO2LWYmBNR1IB0mXteeYH/HfxvuZc+7yDjdPQIDAQABo4IBhDCCAYAwDgYD
+VR0PAQH/BAQDAgbAMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEmcH6VY4BG1EAGB
+TLoNR9vH/g6yMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jYS5pYWlrLnR1Z3Jh
+ei5hdC9jYXBzby9jcmxzL0lBSUtUZXN0X0ludGVybWVkaWF0ZUNBLmNybDCBqgYI
+KwYBBQUHAQEEgZ0wgZowSgYIKwYBBQUHMAGGPmh0dHA6Ly9jYS5pYWlrLnR1Z3Jh
+ei5hdC9jYXBzby9PQ1NQP2NhPUlBSUtUZXN0X0ludGVybWVkaWF0ZUNBMEwGCCsG
+AQUFBzAChkBodHRwOi8vY2EuaWFpay50dWdyYXouYXQvY2Fwc28vY2VydHMvSUFJ
+S1Rlc3RfSW50ZXJtZWRpYXRlQ0EuY2VyMCEGA1UdEQQaMBiBFnRob21hcy5sZW56
+QGVnaXouZ3YuYXQwHwYDVR0jBBgwFoAUaKJeEdreL4BrRES/jfplNoEkp28wDQYJ
+KoZIhvcNAQEFBQADgYEAlFGjUxXLs7SAT8NtXSrv2WrjlklaRnHTFHLQwyVo8JWb
+gvRkHHDUv2o8ofXUY2R2WJ38dxeDoccgbXrJb/Qhi8IY7YhCwv/TuIZDisyAqo8W
+ORKSip/6HWlGCSR/Vgoet1GtCmF0FoUxFUIGSAuQ2yyt4fIzt5GJrU1X5ujjI1w=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo></dsig:Signature></DeliveryResponse>