[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libeufin] branch master updated: XML signatures
|
From: |
gnunet |
|
Subject: |
[libeufin] branch master updated: XML signatures |
|
Date: |
Mon, 04 Nov 2019 09:13:48 +0100 |
This is an automated email from the git hooks/post-receive script.
dold pushed a commit to branch master
in repository libeufin.
The following commit(s) were added to refs/heads/master by this push:
new 9118044 XML signatures
9118044 is described below
commit 9118044da78bddbf715a2448edc68beda009ca7e
Author: Florian Dold <address@hidden>
AuthorDate: Mon Nov 4 09:13:45 2019 +0100
XML signatures
---
nexus/src/{ => main}/resources/logback.xml | 0
sandbox/src/main/kotlin/DB.kt | 5 ++
sandbox/src/main/kotlin/Main.kt | 59 +++++++++++++---
sandbox/src/main/kotlin/XMLUtil.kt | 78 +++++++++++++++++-----
.../libeufin/schema/ebics_h004/EbicsMessages.kt | 42 ++++++++++++
sandbox/src/{ => main}/resources/logback.xml | 0
.../src/main/resources/{ => xsd}/ebics_H004.xsd | 0
sandbox/src/main/resources/{ => xsd}/ebics_hev.xsd | 0
.../{ => xsd}/ebics_keymgmt_request_H004.xsd | 0
.../{ => xsd}/ebics_keymgmt_response_H004.xsd | 0
.../main/resources/{ => xsd}/ebics_orders_H004.xsd | 0
.../resources/{ => xsd}/ebics_request_H004.xsd | 0
.../resources/{ => xsd}/ebics_response_H004.xsd | 0
.../resources/{ => xsd}/ebics_signature_S002.xsd | 0
.../main/resources/{ => xsd}/ebics_signatures.xsd | 0
.../main/resources/{ => xsd}/ebics_types_H004.xsd | 0
.../resources/{ => xsd}/xmldsig-core-schema.xsd | 0
sandbox/src/test/kotlin/EbicsMessagesTest.kt | 24 ++++---
sandbox/src/test/kotlin/XmlUtilTest.kt | 26 +++++---
sandbox/src/test/resources/signature1/doc.xml | 8 +++
.../src/test/resources/signature1/public_key.txt | 1 +
21 files changed, 199 insertions(+), 44 deletions(-)
diff --git a/nexus/src/resources/logback.xml
b/nexus/src/main/resources/logback.xml
similarity index 100%
rename from nexus/src/resources/logback.xml
rename to nexus/src/main/resources/logback.xml
diff --git a/sandbox/src/main/kotlin/DB.kt b/sandbox/src/main/kotlin/DB.kt
index ca95151..e869a58 100644
--- a/sandbox/src/main/kotlin/DB.kt
+++ b/sandbox/src/main/kotlin/DB.kt
@@ -22,6 +22,7 @@ package tech.libeufin.sandbox.db
import org.jetbrains.exposed.dao.*
import org.jetbrains.exposed.sql.*
import org.jetbrains.exposed.sql.transactions.transaction
+import java.sql.Blob
const val CUSTOMER_NAME_MAX_LENGTH = 20
const val EBICS_HOST_ID_MAX_LENGTH = 10
@@ -81,6 +82,10 @@ enum class KeyState {
RELEASED
}
+fun Blob.toByteArray(): ByteArray {
+ return this.binaryStream.readAllBytes()
+}
+
/**
* This table information *not* related to EBICS, for all
* its customers.
diff --git a/sandbox/src/main/kotlin/Main.kt b/sandbox/src/main/kotlin/Main.kt
index 6b94078..91f9649 100644
--- a/sandbox/src/main/kotlin/Main.kt
+++ b/sandbox/src/main/kotlin/Main.kt
@@ -46,6 +46,7 @@ import org.slf4j.LoggerFactory
import org.w3c.dom.Document
import tech.libeufin.sandbox.db.*
import tech.libeufin.schema.ebics_h004.EbicsKeyManagementResponse
+import tech.libeufin.schema.ebics_h004.EbicsNoPubKeyDigestsRequest
import tech.libeufin.schema.ebics_h004.EbicsUnsecuredRequest
import tech.libeufin.schema.ebics_h004.HIARequestOrderDataType
import tech.libeufin.schema.ebics_hev.HEVResponse
@@ -68,8 +69,8 @@ private suspend fun ApplicationCall.respondEbicsKeyManagement(
errorText: String,
errorCode: String,
statusCode: HttpStatusCode,
- orderId: String? = null,
- bankReturnCode: String? = null
+ bankReturnCode: String,
+ orderId: String? = null
) {
val responseXml = EbicsKeyManagementResponse().apply {
version = "H004"
@@ -85,11 +86,9 @@ private suspend fun
ApplicationCall.respondEbicsKeyManagement(
_static = EbicsKeyManagementResponse.Header.EmptyStaticHeader()
}
body = EbicsKeyManagementResponse.Body().apply {
- if (bankReturnCode != null) {
- this.returnCode =
EbicsKeyManagementResponse.Body.ReturnCode().apply {
- this.authenticate = true
- this.value = bankReturnCode
- }
+ this.returnCode =
EbicsKeyManagementResponse.Body.ReturnCode().apply {
+ this.authenticate = true
+ this.value = bankReturnCode
}
}
}
@@ -100,7 +99,7 @@ private suspend fun
ApplicationCall.respondEbicsKeyManagement(
private suspend fun ApplicationCall.respondEbicsInvalidXml() {
- respondEbicsKeyManagement("[EBICS_INVALID_XML]", "091010",
HttpStatusCode.BadRequest)
+ respondEbicsKeyManagement("[EBICS_INVALID_XML]", "091010",
HttpStatusCode.BadRequest, "000000")
}
@@ -118,6 +117,12 @@ fun findEbicsSubscriber(partnerID: String, userID: String,
systemID: String?): E
}.firstOrNull()
}
+data class SubscriberKeys(
+ val authenticationPublicKey: RSAPublicKey,
+ val encryptionPublicKey: RSAPublicKey,
+ val signaturePublicKey: RSAPublicKey
+)
+
private suspend fun ApplicationCall.ebicsweb() {
val body: String = receiveText()
logger.debug("Data received: $body")
@@ -148,7 +153,7 @@ private suspend fun ApplicationCall.ebicsweb() {
if (ebicsHost == null) {
logger.warn("client requested unknown HostID")
- respondEbicsKeyManagement("[EBICS_INVALID_HOST_ID]", "091011",
HttpStatusCode.NotFound)
+ respondEbicsKeyManagement("[EBICS_INVALID_HOST_ID]", "091011",
HttpStatusCode.NotFound, "000000")
return
}
@@ -294,7 +299,8 @@ private suspend fun ApplicationCall.ebicsweb() {
ebicsSubscriber.state = SubscriberState.INITIALIZED
}
}
- respondEbicsKeyManagement("[EBICS_OK]", "000000",
HttpStatusCode.OK)
+ respondEbicsKeyManagement("[EBICS_OK]", "000000",
HttpStatusCode.OK, "000000")
+ return
}
}
@@ -314,6 +320,39 @@ private suspend fun ApplicationCall.ebicsweb() {
respondText(strResp, ContentType.Application.Xml,
HttpStatusCode.OK)
return
}
+ "ebicsNoPubKeyDigestsRequest" -> {
+ val requestJaxb =
XMLUtil.convertDomToJaxb(EbicsNoPubKeyDigestsRequest::class.java, bodyDocument)
+ val staticHeader = requestJaxb.value.header.static
+ val orderType = staticHeader.orderDetails.orderType
+ when (orderType) {
+ "HPB" -> {
+ val subscriberKeys = transaction {
+ val ebicsSubscriber =
+ findEbicsSubscriber(staticHeader.partnerID,
staticHeader.userID, staticHeader.systemID)
+ if (ebicsSubscriber == null) {
+ throw
EbicsRequestError(HttpStatusCode.Unauthorized)
+ }
+ if (ebicsSubscriber.state !=
SubscriberState.INITIALIZED) {
+ throw EbicsRequestError(HttpStatusCode.Forbidden)
+ }
+ val authPubBlob =
ebicsSubscriber.authenticationKey!!.rsaPublicKey
+ val encPubBlob =
ebicsSubscriber.encryptionKey!!.rsaPublicKey
+ val sigPubBlob =
ebicsSubscriber.signatureKey!!.rsaPublicKey
+ SubscriberKeys(
+
CryptoUtil.loadRsaPublicKey(authPubBlob.toByteArray()),
+
CryptoUtil.loadRsaPublicKey(encPubBlob.toByteArray()),
+
CryptoUtil.loadRsaPublicKey(sigPubBlob.toByteArray())
+ )
+ }
+ val validationResult =
XMLUtil.verifyEbicsDocument(bodyDocument,
subscriberKeys.authenticationPublicKey)
+ logger.info("validationResult: $validationResult")
+ }
+ else -> {
+ logger.warn("order type '${orderType}' not supported for
ebicsNoPubKeyDigestsRequest")
+ respondEbicsInvalidXml()
+ }
+ }
+ }
else -> {
/* Log to console and return "unknown type" */
logger.info("Unknown message, just logging it!")
diff --git a/sandbox/src/main/kotlin/XMLUtil.kt
b/sandbox/src/main/kotlin/XMLUtil.kt
index 299df9b..1274b7c 100644
--- a/sandbox/src/main/kotlin/XMLUtil.kt
+++ b/sandbox/src/main/kotlin/XMLUtil.kt
@@ -20,6 +20,7 @@
package tech.libeufin.sandbox
import com.sun.org.apache.xerces.internal.dom.DOMInputImpl
+import org.apache.xml.security.c14n.Canonicalizer
import org.w3c.dom.Document
import org.w3c.dom.Node
import org.w3c.dom.NodeList
@@ -30,6 +31,8 @@ import org.xml.sax.InputSource
import org.xml.sax.SAXException
import org.xml.sax.SAXParseException
import java.io.*
+import java.lang.UnsupportedOperationException
+import java.security.MessageDigest
import java.security.PrivateKey
import java.security.PublicKey
import java.util.*
@@ -44,6 +47,7 @@ import javax.xml.crypto.dsig.dom.DOMSignContext
import javax.xml.crypto.dsig.dom.DOMValidateContext
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec
import javax.xml.crypto.dsig.spec.TransformParameterSpec
+import javax.xml.namespace.NamespaceContext
import javax.xml.parsers.DocumentBuilderFactory
import javax.xml.transform.OutputKeys
import javax.xml.transform.Source
@@ -78,11 +82,18 @@ class XMLUtil {
if (nodeSet.length <= 0) {
throw Exception("no nodes to sign")
}
- val nodeList = LinkedList<Node>()
+ val bytes = ByteArrayOutputStream()
for (i in 0 until nodeSet.length) {
- nodeList.add(nodeSet.item(i))
+ val node = nodeSet.item(i)
+ org.apache.xml.security.Init.init()
+ // Despite the transform later, this canonicalization step is
absolutely necessary,
+ // as the canonicalizeSubtree method preserves namespaces that
are not in the subtree
+ // being canonicalized, but in the parent hierarchy of the
document.
+ val canon: Canonicalizer =
Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N11_OMIT_COMMENTS)
+ val cxml = canon.canonicalizeSubtree(node)
+ bytes.writeBytes(cxml)
}
- return NodeSetData { nodeList.iterator() }
+ return OctetStreamData(ByteArrayInputStream(bytes.toByteArray()))
}
}
@@ -119,11 +130,11 @@ class XMLUtil {
if (type != "http://www.w3.org/2001/XMLSchema";) {
return null
}
- val res = classLoader.getResourceAsStream(systemId) ?: return
null
+ val res = classLoader.getResourceAsStream("xsd/$systemId") ?:
return null
return DOMInputImpl(publicId, systemId, baseUri, res, "UTF-8")
}
}
- val schemaInputs: Array<Source> = listOf("ebics_H004.xsd",
"ebics_hev.xsd").map {
+ val schemaInputs: Array<Source> = listOf("xsd/ebics_H004.xsd",
"xsd/ebics_hev.xsd").map {
val resUrl = classLoader.getResource(it) ?: throw
FileNotFoundException("Schema file $it not found.")
StreamSource(File(resUrl.toURI()))
}.toTypedArray()
@@ -207,12 +218,12 @@ class XMLUtil {
* @param document the DOM to extract the string from.
* @return the final String, or null if errors occur.
*/
- fun convertDomToString(document: Document): String? {
+ fun convertDomToString(document: Document): String {
/* Make Transformer. */
val tf = TransformerFactory.newInstance()
val t = tf.newTransformer()
- t.setOutputProperty(OutputKeys.INDENT, "yes")
+ //t.setOutputProperty(OutputKeys.INDENT, "yes")
/* Make string writer. */
val sw = StringWriter()
@@ -222,12 +233,16 @@ class XMLUtil {
return sw.toString()
}
- fun convertNodeToString(node: Node): String? {
+ /**
+ * Convert a node to a string without the XML declaration or
+ * indentation.
+ */
+ fun convertNodeToString(node: Node): String {
/* Make Transformer. */
val tf = TransformerFactory.newInstance()
val t = tf.newTransformer()
- t.setOutputProperty(OutputKeys.INDENT, "yes")
+ t.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
/* Make string writer. */
val sw = StringWriter()
@@ -273,7 +288,23 @@ class XMLUtil {
*/
fun signEbicsDocument(doc: Document, signingPriv: PrivateKey): Unit {
val xpath = XPathFactory.newInstance().newXPath()
- val authSigNode =
xpath.compile("/*[1]/AuthSignature").evaluate(doc, XPathConstants.NODE)
+ xpath.namespaceContext = object : NamespaceContext {
+ override fun getNamespaceURI(p0: String?): String {
+ return when (p0) {
+ "ebics" -> "urn:org:ebics:H004"
+ else -> throw IllegalArgumentException()
+ }
+ }
+
+ override fun getPrefix(p0: String?): String {
+ throw UnsupportedOperationException()
+ }
+
+ override fun getPrefixes(p0: String?): MutableIterator<String>
{
+ throw UnsupportedOperationException()
+ }
+ }
+ val authSigNode =
xpath.compile("/*[1]/ebics:AuthSignature").evaluate(doc, XPathConstants.NODE)
if (authSigNode !is Node)
throw java.lang.Exception("no AuthSignature")
val fac = XMLSignatureFactory.getInstance("DOM")
@@ -306,8 +337,24 @@ class XMLUtil {
fun verifyEbicsDocument(doc: Document, signingPub: PublicKey): Boolean
{
val xpath = XPathFactory.newInstance().newXPath()
+ xpath.namespaceContext = object : NamespaceContext {
+ override fun getNamespaceURI(p0: String?): String {
+ return when (p0) {
+ "ebics" -> "urn:org:ebics:H004"
+ else -> throw IllegalArgumentException()
+ }
+ }
+
+ override fun getPrefix(p0: String?): String {
+ throw UnsupportedOperationException()
+ }
+
+ override fun getPrefixes(p0: String?): MutableIterator<String>
{
+ throw UnsupportedOperationException()
+ }
+ }
val doc2: Document = doc.cloneNode(true) as Document
- val authSigNode =
xpath.compile("/*[1]/AuthSignature").evaluate(doc2, XPathConstants.NODE)
+ val authSigNode =
xpath.compile("/*[1]/ebics:AuthSignature").evaluate(doc2, XPathConstants.NODE)
if (authSigNode !is Node)
throw java.lang.Exception("no AuthSignature")
val sigEl =
doc2.createElementNS("http://www.w3.org/2000/09/xmldsig#";, "ds:Signature")
@@ -317,12 +364,13 @@ class XMLUtil {
}
authSigNode.parentNode.removeChild(authSigNode)
val fac = XMLSignatureFactory.getInstance("DOM")
- println(convertDomToString(doc2))
val dvc = DOMValidateContext(signingPub, sigEl)
dvc.uriDereferencer = EbicsSigUriDereferencer()
val sig = fac.unmarshalXMLSignature(dvc)
- // FIXME: check that parameters are okay!
- return sig.validate(dvc)
+ // FIXME: check that parameters are okay!s
+ val valResult = sig.validate(dvc)
+ sig.signedInfo.references[0].validate(dvc)
+ return valResult
}
}
-}
\ No newline at end of file
+}
diff --git
a/sandbox/src/main/kotlin/tech/libeufin/schema/ebics_h004/EbicsMessages.kt
b/sandbox/src/main/kotlin/tech/libeufin/schema/ebics_h004/EbicsMessages.kt
index e964f21..f98d65f 100644
--- a/sandbox/src/main/kotlin/tech/libeufin/schema/ebics_h004/EbicsMessages.kt
+++ b/sandbox/src/main/kotlin/tech/libeufin/schema/ebics_h004/EbicsMessages.kt
@@ -540,3 +540,45 @@ class EbicsKeyManagementResponse {
}
}
}
+
+
+@XmlAccessorType(XmlAccessType.NONE)
+@XmlType(name = "", propOrder = ["header", "authSignature", "body"])
+@XmlRootElement(name = "ebicsNoPubKeyDigestsRequest")
+class EbicsNoPubKeyDigestsRequest {
+ @get:XmlAttribute(name = "Version", required = true)
+ @get:XmlJavaTypeAdapter(CollapsedStringAdapter::class)
+ lateinit var version: String
+
+ @get:XmlAttribute(name = "Revision")
+ var revision: Int? = null
+
+ @get:XmlElement(name = "header", required = true)
+ lateinit var header: Header
+
+ @get:XmlElement(name = "AuthSignature", required = true)
+ lateinit var authSignature: SignatureType
+
+ @get:XmlElement(required = true)
+ lateinit var body: EmptyBody
+
+ @XmlAccessorType(XmlAccessType.NONE)
+ @XmlType(name = "", propOrder = ["static", "mutable"])
+ class Header {
+ @get:XmlAttribute(name = "authenticate", required = true)
+ var authenticate: Boolean = false
+
+ @get:XmlElement(name = "static", required = true)
+ lateinit var static: StaticHeader
+
+ @get:XmlElement(required = true)
+ lateinit var mutable: EmptyMutableHeader
+
+ @XmlAccessorType(XmlAccessType.NONE)
+ @XmlType(name = "")
+ class EmptyMutableHeader
+ }
+
+ @XmlAccessorType(XmlAccessType.NONE)
+ class EmptyBody
+}
\ No newline at end of file
diff --git a/sandbox/src/resources/logback.xml
b/sandbox/src/main/resources/logback.xml
similarity index 100%
rename from sandbox/src/resources/logback.xml
rename to sandbox/src/main/resources/logback.xml
diff --git a/sandbox/src/main/resources/ebics_H004.xsd
b/sandbox/src/main/resources/xsd/ebics_H004.xsd
similarity index 100%
rename from sandbox/src/main/resources/ebics_H004.xsd
rename to sandbox/src/main/resources/xsd/ebics_H004.xsd
diff --git a/sandbox/src/main/resources/ebics_hev.xsd
b/sandbox/src/main/resources/xsd/ebics_hev.xsd
similarity index 100%
rename from sandbox/src/main/resources/ebics_hev.xsd
rename to sandbox/src/main/resources/xsd/ebics_hev.xsd
diff --git a/sandbox/src/main/resources/ebics_keymgmt_request_H004.xsd
b/sandbox/src/main/resources/xsd/ebics_keymgmt_request_H004.xsd
similarity index 100%
rename from sandbox/src/main/resources/ebics_keymgmt_request_H004.xsd
rename to sandbox/src/main/resources/xsd/ebics_keymgmt_request_H004.xsd
diff --git a/sandbox/src/main/resources/ebics_keymgmt_response_H004.xsd
b/sandbox/src/main/resources/xsd/ebics_keymgmt_response_H004.xsd
similarity index 100%
rename from sandbox/src/main/resources/ebics_keymgmt_response_H004.xsd
rename to sandbox/src/main/resources/xsd/ebics_keymgmt_response_H004.xsd
diff --git a/sandbox/src/main/resources/ebics_orders_H004.xsd
b/sandbox/src/main/resources/xsd/ebics_orders_H004.xsd
similarity index 100%
rename from sandbox/src/main/resources/ebics_orders_H004.xsd
rename to sandbox/src/main/resources/xsd/ebics_orders_H004.xsd
diff --git a/sandbox/src/main/resources/ebics_request_H004.xsd
b/sandbox/src/main/resources/xsd/ebics_request_H004.xsd
similarity index 100%
rename from sandbox/src/main/resources/ebics_request_H004.xsd
rename to sandbox/src/main/resources/xsd/ebics_request_H004.xsd
diff --git a/sandbox/src/main/resources/ebics_response_H004.xsd
b/sandbox/src/main/resources/xsd/ebics_response_H004.xsd
similarity index 100%
rename from sandbox/src/main/resources/ebics_response_H004.xsd
rename to sandbox/src/main/resources/xsd/ebics_response_H004.xsd
diff --git a/sandbox/src/main/resources/ebics_signature_S002.xsd
b/sandbox/src/main/resources/xsd/ebics_signature_S002.xsd
similarity index 100%
rename from sandbox/src/main/resources/ebics_signature_S002.xsd
rename to sandbox/src/main/resources/xsd/ebics_signature_S002.xsd
diff --git a/sandbox/src/main/resources/ebics_signatures.xsd
b/sandbox/src/main/resources/xsd/ebics_signatures.xsd
similarity index 100%
rename from sandbox/src/main/resources/ebics_signatures.xsd
rename to sandbox/src/main/resources/xsd/ebics_signatures.xsd
diff --git a/sandbox/src/main/resources/ebics_types_H004.xsd
b/sandbox/src/main/resources/xsd/ebics_types_H004.xsd
similarity index 100%
rename from sandbox/src/main/resources/ebics_types_H004.xsd
rename to sandbox/src/main/resources/xsd/ebics_types_H004.xsd
diff --git a/sandbox/src/main/resources/xmldsig-core-schema.xsd
b/sandbox/src/main/resources/xsd/xmldsig-core-schema.xsd
similarity index 100%
rename from sandbox/src/main/resources/xmldsig-core-schema.xsd
rename to sandbox/src/main/resources/xsd/xmldsig-core-schema.xsd
diff --git a/sandbox/src/test/kotlin/EbicsMessagesTest.kt
b/sandbox/src/test/kotlin/EbicsMessagesTest.kt
index afc8f0e..20f7b20 100644
--- a/sandbox/src/test/kotlin/EbicsMessagesTest.kt
+++ b/sandbox/src/test/kotlin/EbicsMessagesTest.kt
@@ -18,7 +18,7 @@ class EbicsMessagesTest {
* messages.
*/
@Test
- fun importNonRoot() {
+ fun testImportNonRoot() {
val classLoader = ClassLoader.getSystemClassLoader()
val ini = classLoader.getResource("ebics_ini_inner_key.xml")
val jaxb =
XMLUtil.convertStringToJaxb<SignaturePubKeyOrderData>(ini.readText())
@@ -29,7 +29,7 @@ class EbicsMessagesTest {
* Test string -> JAXB
*/
@Test
- fun stringToJaxb() {
+ fun testStringToJaxb() {
val classLoader = ClassLoader.getSystemClassLoader()
val ini = classLoader.getResource("ebics_ini_request_sample.xml")
val jaxb =
XMLUtil.convertStringToJaxb<EbicsUnsecuredRequest>(ini.readText())
@@ -44,7 +44,7 @@ class EbicsMessagesTest {
* Test JAXB -> string
*/
@Test
- fun jaxbToString() {
+ fun testJaxbToString() {
val hevResponseJaxb = HEVResponse().apply {
this.systemReturnCode = SystemReturnCodeType().apply {
this.reportText = "[EBICS_OK]"
@@ -55,12 +55,11 @@ class EbicsMessagesTest {
XMLUtil.convertJaxbToString(hevResponseJaxb)
}
-
/**
* Test DOM -> JAXB
*/
@Test
- fun domToJaxb() {
+ fun testDomToJaxb() {
val classLoader = ClassLoader.getSystemClassLoader()
val ini = classLoader.getResource("ebics_ini_request_sample.xml")!!
val iniDom = XMLUtil.parseStringIntoDom(ini.readText())
@@ -100,7 +99,7 @@ class EbicsMessagesTest {
}
@Test
- fun hiaLoad() {
+ fun testHiaLoad() {
val classLoader = ClassLoader.getSystemClassLoader()
val hia = classLoader.getResource("hia_request.xml")!!
val hiaDom = XMLUtil.parseStringIntoDom(hia.readText())
@@ -122,7 +121,7 @@ class EbicsMessagesTest {
}
@Test
- fun loadInnerKey() {
+ fun testLoadInnerKey() {
val jaxbKey = run {
val classLoader = ClassLoader.getSystemClassLoader()
val file = classLoader.getResource(
@@ -138,14 +137,14 @@ class EbicsMessagesTest {
}
@Test
- fun loadIniMessage() {
+ fun testLoadIniMessage() {
val classLoader = ClassLoader.getSystemClassLoader()
val text =
classLoader.getResource("ebics_ini_request_sample.xml")!!.readText()
XMLUtil.convertStringToJaxb<EbicsUnsecuredRequest>(text)
}
@Test
- fun loadResponse() {
+ fun testLoadResponse() {
val response = EbicsResponse().apply {
version = "H004"
header = EbicsResponse.Header().apply {
@@ -166,4 +165,11 @@ class EbicsMessagesTest {
}
print(XMLUtil.convertJaxbToString(response))
}
+
+ @Test
+ fun testLoadHpb() {
+ val classLoader = ClassLoader.getSystemClassLoader()
+ val text = classLoader.getResource("hpb_request.xml")!!.readText()
+ XMLUtil.convertStringToJaxb<EbicsNoPubKeyDigestsRequest>(text)
+ }
}
\ No newline at end of file
diff --git a/sandbox/src/test/kotlin/XmlUtilTest.kt
b/sandbox/src/test/kotlin/XmlUtilTest.kt
index a7d5284..ec9b461 100644
--- a/sandbox/src/test/kotlin/XmlUtilTest.kt
+++ b/sandbox/src/test/kotlin/XmlUtilTest.kt
@@ -3,6 +3,7 @@ package tech.libeufin.sandbox
import org.junit.Test
import org.junit.Assert.*
import java.security.KeyPairGenerator
+import java.util.*
import javax.xml.transform.stream.StreamSource
class XmlUtilTest {
@@ -26,23 +27,28 @@ class XmlUtilTest {
@Test
fun basicSigningTest() {
val doc = XMLUtil.parseStringIntoDom("""
- <foo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
- <AuthSignature />
- <bar authenticate='true'>bla</bar>Hello World
- <spam>
- eggs
-
- ham
- </spam>
- </foo>
+ <myMessage xmlns:ebics="urn:org:ebics:H004">
+ <ebics:AuthSignature />
+ <foo authenticate="true">Hello World</foo>
+ </myMessage>
""".trimIndent())
val kpg = KeyPairGenerator.getInstance("RSA")
kpg.initialize(2048)
val pair = kpg.genKeyPair()
val otherPair = kpg.genKeyPair()
XMLUtil.signEbicsDocument(doc, pair.private)
- println(XMLUtil.convertDomToString(doc))
kotlin.test.assertTrue(XMLUtil.verifyEbicsDocument(doc, pair.public))
kotlin.test.assertFalse(XMLUtil.verifyEbicsDocument(doc,
otherPair.public))
}
+
+ @Test
+ fun testRefSignature() {
+ val classLoader = ClassLoader.getSystemClassLoader()
+ val docText =
classLoader.getResourceAsStream("signature1/doc.xml")!!.readAllBytes().toString(Charsets.UTF_8)
+ val doc = XMLUtil.parseStringIntoDom(docText)
+ val keyText =
classLoader.getResourceAsStream("signature1/public_key.txt")!!.readAllBytes()
+ val keyBytes = Base64.getDecoder().decode(keyText)
+ val key = CryptoUtil.loadRsaPublicKey(keyBytes)
+ assertTrue(XMLUtil.verifyEbicsDocument(doc, key))
+ }
}
\ No newline at end of file
diff --git a/sandbox/src/test/resources/signature1/doc.xml
b/sandbox/src/test/resources/signature1/doc.xml
new file mode 100644
index 0000000..8ba8bd0
--- /dev/null
+++ b/sandbox/src/test/resources/signature1/doc.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><myMessage
xmlns:ebics="urn:org:ebics:H004">
+ <ebics:AuthSignature><ds:SignedInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";><ds:CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><ds:SignatureMethod
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><ds:Reference
URI="#xpointer(//*[@authenticate='true'])"><ds:Transforms><ds:Transform
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/></ds:Transforms><ds:DigestMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><d [...]
+
VFaKRi4B7kv4ja/URiYCKKbChQU2+kMGDvsncx9VcpcFrqAbWPmE9JXD2W2YW9OSkJ1tAZxZlZwS
+
A8KcvluV1wGEBuakHL2t3GqFPQEfKW4l8GYTjHh/w9jBve5d8tvMOjGtoyNemZGrVlzBxO9+hwbw
+
8UFUCDA00dCjFDUHOnyAbBYsGzoaQyZprDn3iYDvlBz243zAN98PIKDclxlUEmkuF+JhrhCRjT9l
+
+JJxrELGHaDkFVadR4kaPdWPsbDaV0/2Fzc4Qg==</ds:SignatureValue></ebics:AuthSignature>
+ <foo authenticate="true">Hello World</foo>
+</myMessage>
\ No newline at end of file
diff --git a/sandbox/src/test/resources/signature1/public_key.txt
b/sandbox/src/test/resources/signature1/public_key.txt
new file mode 100644
index 0000000..6d52df5
--- /dev/null
+++ b/sandbox/src/test/resources/signature1/public_key.txt
@@ -0,0 +1 @@
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpUpetHZYdMjnaG544iSLZ5SnxlV4F/eQsIckG3mvMaXCQsY4rUTfJyle/fTZ0xGbjCUXCsbl1wkz8eB6chaX2LsHYDGiu/xNnU1nddAVB+5kkA5AIGncT9NVhdOgmpnZY/tae9qtZfCPAvbI0sGYQHea0pwyJ/hUnRJiMOjSRgIXALIvGVNqxe4U5ffLXFIUapTK2hOuhUH9BwDSK+mVR6gw0vDT05Z38sEpTeKUqJywL5cPSFIV+AN4ErSvsXNkTKUcbDxhGzOh/oTjTkz1kFFKe4ijPkSRkpK2sJMyAIretBKOK8SDICnsSrIh0YAcd6yTHQ3CeEjW4t0ZBULOQIDAQAB
\ No newline at end of file
--
To stop receiving notification emails like this one, please contact
address@hidden.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [libeufin] branch master updated: XML signatures,
gnunet <=