From 5bdc4f0b287a221dd906ebaf45f0a1f7ccdbc0a8 Mon Sep 17 00:00:00 2001 From: Pierrick Vandenbroucke Date: Fri, 9 Jul 2021 09:47:20 +0200 Subject: [PATCH] DSS-2466 : sonar code smells review --- .../signature/AbstractSignatureService.java | 16 +--- .../europa/esig/dss/jades/DSSJsonUtils.java | 38 ++++++++- .../dss/service/tsp/OnlineTSPSourceTest.java | 27 ++++++- .../eu/europa/esig/dss/spi/DSSASN1Utils.java | 80 ------------------- .../java/eu/europa/esig/dss/spi/DSSUtils.java | 55 +------------ .../europa/esig/dss/spi/QcStatementUtils.java | 5 +- .../x509/CandidatesForSigningCertificate.java | 19 +---- .../eu/europa/esig/dss/spi/DSSUtilsTest.java | 2 + .../esig/dss/spi/QcStatementsUtilsTest.java | 18 +++-- .../x509/KeyStoreCertificateSourceTest.java | 47 ++++++++--- .../dss/ws/validation/dto/WSReportsDTO.java | 4 +- 11 files changed, 123 insertions(+), 188 deletions(-) diff --git a/dss-document/src/main/java/eu/europa/esig/dss/signature/AbstractSignatureService.java b/dss-document/src/main/java/eu/europa/esig/dss/signature/AbstractSignatureService.java index f97a6f0315..3939f045e3 100644 --- a/dss-document/src/main/java/eu/europa/esig/dss/signature/AbstractSignatureService.java +++ b/dss-document/src/main/java/eu/europa/esig/dss/signature/AbstractSignatureService.java @@ -41,7 +41,6 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import java.io.IOException; import java.security.GeneralSecurityException; import java.security.Security; import java.security.Signature; @@ -169,17 +168,10 @@ protected SignatureValue ensureSignatureValue(SignatureAlgorithm targetSignature } if (EncryptionAlgorithm.ECDSA.isEquivalent(targetSignatureAlgorithm.getEncryptionAlgorithm())) { - try { - SignatureValue newSignatureValue = DSSUtils.convertECSignatureValue(targetSignatureAlgorithm, signatureValue); - LOG.info("The algorithm '{}' has been obtained from the SignatureValue. The SignatureValue converted to " + - "the expected algorithm '{}'.", signatureValue.getAlgorithm(), targetSignatureAlgorithm); - return newSignatureValue; - - } catch (IOException e) { - throw new DSSException(String.format( - "An error occurred during the SignatureValue conversion. Reason : %s", e.getMessage()), e); - } - + SignatureValue newSignatureValue = DSSUtils.convertECSignatureValue(targetSignatureAlgorithm, signatureValue); + LOG.info("The algorithm '{}' has been obtained from the SignatureValue. The SignatureValue converted to " + + "the expected algorithm '{}'.", signatureValue.getAlgorithm(), targetSignatureAlgorithm); + return newSignatureValue; } throw new DSSException(String.format("The SignatureAlgorithm within the SignatureValue '%s' " + "does not match the expected value : '%s'. Conversion is not supported!", diff --git a/dss-jades/src/main/java/eu/europa/esig/dss/jades/DSSJsonUtils.java b/dss-jades/src/main/java/eu/europa/esig/dss/jades/DSSJsonUtils.java index 39fca019e4..9679b0d659 100644 --- a/dss-jades/src/main/java/eu/europa/esig/dss/jades/DSSJsonUtils.java +++ b/dss-jades/src/main/java/eu/europa/esig/dss/jades/DSSJsonUtils.java @@ -124,6 +124,9 @@ public class DSSJsonUtils { /** Format date-time as specified in RFC 3339 5.6 */ private static final String DATE_TIME_FORMAT_RFC3339 = "yyyy-MM-dd'T'HH:mm:ss'Z'"; + + /** The URN OID prefix (RFC 3061) */ + public static final String OID_NAMESPACE_PREFIX = "urn:oid:"; /** * Copied from org.jose4j.base64url.internal.apache.commons.codec.binary.Base64 @@ -367,10 +370,43 @@ public static Digest getDigest(Map digestValueAndAlgo) { * @return 'oid' {@link JsonObject} */ public static JsonObject getOidObject(ObjectIdentifier objectIdentifier) { - return getOidObject(DSSUtils.getUriOrUrnOid(objectIdentifier), objectIdentifier.getDescription(), + return getOidObject(getUriOrUrnOid(objectIdentifier), objectIdentifier.getDescription(), objectIdentifier.getDocumentationReferences()); } + /** + * Returns URI if present, otherwise URN encoded OID (see RFC 3061) + * Returns NULL if non of them is present + * + * @param objectIdentifier {@link ObjectIdentifier} used to build an object of 'oid' type + * @return {@link String} URI + */ + public static String getUriOrUrnOid(ObjectIdentifier objectIdentifier) { + /* + * TS 119 182-1 : 5.4.1 The oId data type + * If both an OID and a URI exist identifying one object, the URI value should be used in the id member. + */ + String uri = objectIdentifier.getUri(); + if (uri == null && objectIdentifier.getOid() != null) { + uri = toUrnOid(objectIdentifier.getOid()); + } + return uri; + } + + /** + * Returns a URN URI generated from the given OID: + * + * Ex.: OID = 1.2.4.5.6.8 becomes URI = urn:oid:1.2.4.5.6.8 + * + * Note: see RFC 3061 "A URN Namespace of Object Identifiers" + * + * @param oid {@link String} to be converted to URN URI + * @return URI based on the algorithm's OID + */ + public static String toUrnOid(String oid) { + return OID_NAMESPACE_PREFIX + oid; + } + /** * Creates an 'oid' JsonObject according to EN 119-182 ch. 5.4.1 The oId data type * diff --git a/dss-service/src/test/java/eu/europa/esig/dss/service/tsp/OnlineTSPSourceTest.java b/dss-service/src/test/java/eu/europa/esig/dss/service/tsp/OnlineTSPSourceTest.java index 490b61ae47..27e3933ec4 100644 --- a/dss-service/src/test/java/eu/europa/esig/dss/service/tsp/OnlineTSPSourceTest.java +++ b/dss-service/src/test/java/eu/europa/esig/dss/service/tsp/OnlineTSPSourceTest.java @@ -28,10 +28,16 @@ import eu.europa.esig.dss.service.http.commons.TimestampDataLoader; import eu.europa.esig.dss.spi.DSSUtils; import eu.europa.esig.dss.spi.client.http.NativeHTTPDataLoader; +import eu.europa.esig.dss.spi.exception.DSSExternalResourceException; +import eu.europa.esig.dss.spi.x509.tsp.CompositeTSPSource; +import eu.europa.esig.dss.spi.x509.tsp.TSPSource; import eu.europa.esig.dss.utils.Utils; import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; +import java.util.HashMap; +import java.util.Map; + import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertThrows; @@ -41,6 +47,7 @@ public class OnlineTSPSourceTest { private static final String TSA_URL = "http://dss.nowina.lu/pki-factory/tsa/good-tsa"; private static final String ED25519_TSA_URL = "http://dss.nowina.lu/pki-factory/tsa/Ed25519-good-tsa"; + private static final String ERROR_500_TSA_URL = "http://dss.nowina.lu/pki-factory/tsa/error-500/good-tsa"; @Test public void testWithoutNonce() { @@ -52,6 +59,22 @@ public void testWithoutNonce() { assertTrue(Utils.isArrayNotEmpty(timeStampResponse.getBytes())); } + @Test + public void error500() { + OnlineTSPSource tspSource = new OnlineTSPSource(ERROR_500_TSA_URL); + + byte[] digest = DSSUtils.digest(DigestAlgorithm.SHA1, "Hello world".getBytes()); + assertThrows(DSSExternalResourceException.class, () -> tspSource.getTimeStampResponse(DigestAlgorithm.SHA1, digest)); + + Map tspSources = new HashMap<>(); + tspSources.put("A", tspSource); + tspSources.put("B", tspSource); + + CompositeTSPSource compositeTSPSource = new CompositeTSPSource(); + compositeTSPSource.setTspSources(tspSources); + assertThrows(DSSExternalResourceException.class, () -> compositeTSPSource.getTimeStampResponse(DigestAlgorithm.SHA1, digest)); + } + @Test public void testEd25519WithoutNonce() { OnlineTSPSource tspSource = new OnlineTSPSource(ED25519_TSA_URL, new TimestampDataLoader()); @@ -77,7 +100,9 @@ public void testWithCommonDataLoader() { public void testWithTimestampDataLoader() { OnlineTSPSource tspSource = new OnlineTSPSource("http://demo.sk.ee/tsa/"); tspSource.setPolicyOid("0.4.0.2023.1.1"); - tspSource.setDataLoader(new TimestampDataLoader()); // content-type is different + TimestampDataLoader dataLoader = new TimestampDataLoader(); + assertThrows(UnsupportedOperationException.class, () -> dataLoader.setContentType("application/ocsp-request")); + tspSource.setDataLoader(dataLoader); // content-type is different byte[] digest = DSSUtils.digest(DigestAlgorithm.SHA512, "Hello world".getBytes()); TimestampBinary timeStampResponse = tspSource.getTimeStampResponse(DigestAlgorithm.SHA512, digest); diff --git a/dss-spi/src/main/java/eu/europa/esig/dss/spi/DSSASN1Utils.java b/dss-spi/src/main/java/eu/europa/esig/dss/spi/DSSASN1Utils.java index 49aeda5d1d..1abefc7742 100644 --- a/dss-spi/src/main/java/eu/europa/esig/dss/spi/DSSASN1Utils.java +++ b/dss-spi/src/main/java/eu/europa/esig/dss/spi/DSSASN1Utils.java @@ -100,7 +100,6 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import javax.naming.ldap.Rdn; import javax.security.auth.x500.X500Principal; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -971,85 +970,6 @@ public static Map get(final X500Principal x500Principal) { return treeMap; } - /** - * This method normalizes the X500Principal object - * - * @param x500Principal - * to be normalized - * @return {@code X500Principal} normalized - */ - public static X500Principal getNormalizedX500Principal(final X500Principal x500Principal) { - final String utf8Name = DSSASN1Utils.getUtf8String(x500Principal); - return new X500Principal(utf8Name); - } - - /** - * Gets the UTF-8 distinguished names of {@code X500Principal} - * - * @param x500Principal {@link X500Principal} - * @return {@link String} utf-8 - */ - public static String getUtf8String(final X500Principal x500Principal) { - - final byte[] encoded = x500Principal.getEncoded(); - final ASN1Sequence asn1Sequence = ASN1Sequence.getInstance(encoded); - final ASN1Encodable[] asn1Encodables = asn1Sequence.toArray(); - final StringBuilder stringBuilder = new StringBuilder(); - /** - * RFC 4514 LDAP: Distinguished Names - * 2.1. Converting the RDNSequence - * - * If the RDNSequence is an empty sequence, the result is the empty or - * zero-length string. - * - * Otherwise, the output consists of the string encodings of each - * RelativeDistinguishedName in the RDNSequence (according to Section - * 2.2), starting with the last element of the sequence and moving - * backwards toward the first. - * ... - */ - for (int ii = asn1Encodables.length - 1; ii >= 0; ii--) { - - final ASN1Encodable asn1Encodable = asn1Encodables[ii]; - - final DLSet dlSet = (DLSet) asn1Encodable; - for (int jj = 0; jj < dlSet.size(); jj++) { - - final DLSequence dlSequence = (DLSequence) dlSet.getObjectAt(jj); - if (dlSequence.size() != 2) { - - throw new DSSException("The DLSequence must contains exactly 2 elements."); - } - final ASN1Encodable attributeType = dlSequence.getObjectAt(0); - final ASN1Encodable attributeValue = dlSequence.getObjectAt(1); - String string = getString(attributeValue); - - /** - * RFC 4514 LDAP: Distinguished Names - * ... - * Other characters may be escaped. - * - * Each octet of the character to be escaped is replaced by a backslash - * and two hex digits, which form a single octet in the code of the - * character. Alternatively, if and only if the character to be escaped - * is one of - * - * ' ', '"', '#', '+', ',', ';', '<', '=', '>', or '\' - * (U+0020, U+0022, U+0023, U+002B, U+002C, U+003B, - * U+003C, U+003D, U+003E, U+005C, respectively) - * - * it can be prefixed by a backslash ('\' U+005C). - */ - string = Rdn.escapeValue(string); - if (stringBuilder.length() != 0) { - stringBuilder.append(','); - } - stringBuilder.append(attributeType).append('=').append(string); - } - } - return stringBuilder.toString(); - } - /** * Reads the value * diff --git a/dss-spi/src/main/java/eu/europa/esig/dss/spi/DSSUtils.java b/dss-spi/src/main/java/eu/europa/esig/dss/spi/DSSUtils.java index c999a78ec1..bc74c27d42 100644 --- a/dss-spi/src/main/java/eu/europa/esig/dss/spi/DSSUtils.java +++ b/dss-spi/src/main/java/eu/europa/esig/dss/spi/DSSUtils.java @@ -22,7 +22,6 @@ import eu.europa.esig.dss.enumerations.DigestAlgorithm; import eu.europa.esig.dss.enumerations.EncryptionAlgorithm; -import eu.europa.esig.dss.enumerations.ObjectIdentifier; import eu.europa.esig.dss.enumerations.SignatureAlgorithm; import eu.europa.esig.dss.enumerations.X520Attributes; import eu.europa.esig.dss.model.DSSDocument; @@ -30,7 +29,6 @@ import eu.europa.esig.dss.model.Digest; import eu.europa.esig.dss.model.InMemoryDocument; import eu.europa.esig.dss.model.SignatureValue; -import eu.europa.esig.dss.model.identifier.EntityIdentifier; import eu.europa.esig.dss.model.identifier.TokenIdentifier; import eu.europa.esig.dss.model.x509.CertificateToken; import eu.europa.esig.dss.utils.Utils; @@ -83,7 +81,6 @@ import java.util.Collection; import java.util.Collections; import java.util.Date; -import java.util.HashSet; import java.util.Iterator; import java.util.List; import java.util.Objects; @@ -105,9 +102,6 @@ public final class DSSUtils { /** Empty byte array */ public static final byte[] EMPTY_BYTE_ARRAY = new byte[0]; - /** The URN OID prefix (RFC 3061) */ - public static final String OID_NAMESPACE_PREFIX = "urn:oid:"; - /** The UTF-8 encoding name string */ public static final String UTF8_ENCODING = "UTF-8"; @@ -1086,19 +1080,6 @@ public static boolean isUrnOid(String id) { return id != null && id.matches("^(?i)urn:oid:.*$"); } - /** - * Returns a URN URI generated from the given OID: - * - * Ex.: OID = 1.2.4.5.6.8 becomes URI = urn:oid:1.2.4.5.6.8 - * - * Note: see RFC 3061 "A URN Namespace of Object Identifiers" - * - * @param oid {@link String} to be converted to URN URI - * @return URI based on the algorithm's OID - */ - public static String toUrnOid(String oid) { - return OID_NAMESPACE_PREFIX + oid; - } /** * Checks if the given {@code oid} is a valid OID @@ -1128,25 +1109,6 @@ public static String getOidCode(String urnOid) { return urnOid.substring(urnOid.lastIndexOf(':') + 1); } - /** - * Returns URI if present, otherwise URN encoded OID (see RFC 3061) - * Returns NULL if non of them is present - * - * @param objectIdentifier {@link ObjectIdentifier} used to build an object of 'oid' type - * @return {@link String} URI - */ - public static String getUriOrUrnOid(ObjectIdentifier objectIdentifier) { - /* - * TS 119 182-1 : 5.4.1 The oId data type - * If both an OID and a URI exist identifying one object, the URI value should be used in the id member. - */ - String uri = objectIdentifier.getUri(); - if (uri == null && objectIdentifier.getOid() != null) { - uri = DSSUtils.toUrnOid(objectIdentifier.getOid()); - } - return uri; - } - /** * Normalizes and retrieves a {@code String} identifier * Examples: @@ -1246,30 +1208,15 @@ public static void enrichCollection(Collection currentColl } } - /** - * Returns a collection of public key identifiers from the given collection of certificate tokens - * - * @param certificateTokens a collection of {@link CertificateToken}s to get public keys from - * @return a collection of {@link EntityIdentifier}s - */ - public static Collection getEntityIdentifierList(Collection certificateTokens) { - final Set entityIdentifiers = new HashSet<>(); - for (CertificateToken certificateToken : certificateTokens) { - entityIdentifiers.add(certificateToken.getEntityKey()); - } - return entityIdentifiers; - } - /** * This method ensures the {@code SignatureValue} has an expected format and converts it when required * * @param expectedAlgorithm {@link SignatureAlgorithm} the target SignatureAlgorithm * @param signatureValue {@link SignatureValue} the obtained SignatureValue * @return {@link SignatureValue} with the target {@link SignatureAlgorithm} - * @throws IOException if an exception occurs */ public static SignatureValue convertECSignatureValue(SignatureAlgorithm expectedAlgorithm, - SignatureValue signatureValue) throws IOException { + SignatureValue signatureValue) { SignatureValue newSignatureValue = new SignatureValue(); newSignatureValue.setAlgorithm(expectedAlgorithm); diff --git a/dss-spi/src/main/java/eu/europa/esig/dss/spi/QcStatementUtils.java b/dss-spi/src/main/java/eu/europa/esig/dss/spi/QcStatementUtils.java index 1391312fa2..12ccf220eb 100644 --- a/dss-spi/src/main/java/eu/europa/esig/dss/spi/QcStatementUtils.java +++ b/dss-spi/src/main/java/eu/europa/esig/dss/spi/QcStatementUtils.java @@ -109,10 +109,7 @@ private static List getQcEuPDS(ASN1Encodable statementInfo) { final ASN1Encodable e1 = sequence.getObjectAt(i); if (e1 instanceof ASN1Sequence) { ASN1Sequence seq = (ASN1Sequence) e1; - PdsLocation pds = getPdsLocation(seq); - if (pds != null) { - result.add(pds); - } + result.add(getPdsLocation(seq)); } else { LOG.warn("ASN1Sequence in QcEuPDS does not contain ASN1Sequence, but {}", e1.getClass().getName()); diff --git a/dss-spi/src/main/java/eu/europa/esig/dss/spi/x509/CandidatesForSigningCertificate.java b/dss-spi/src/main/java/eu/europa/esig/dss/spi/x509/CandidatesForSigningCertificate.java index 9e53a36017..4fbc25a6bb 100644 --- a/dss-spi/src/main/java/eu/europa/esig/dss/spi/x509/CandidatesForSigningCertificate.java +++ b/dss-spi/src/main/java/eu/europa/esig/dss/spi/x509/CandidatesForSigningCertificate.java @@ -20,14 +20,13 @@ */ package eu.europa.esig.dss.spi.x509; +import eu.europa.esig.dss.model.DSSException; + import java.io.Serializable; import java.util.ArrayList; import java.util.List; import java.util.Objects; -import eu.europa.esig.dss.model.DSSException; -import eu.europa.esig.dss.model.x509.CertificateToken; - /** * This class holds the list of the candidates for the signing certificate of the main signature. */ @@ -62,20 +61,6 @@ public boolean isEmpty() { return certificateValidityList.isEmpty(); } - /** - * @return the list of candidates for the signing certificate. - */ - public List getSigningCertificateTokenList() { - final List signCertificateTokenList = new ArrayList<>(); - for (final CertificateValidity certificateValidity : certificateValidityList) { - final CertificateToken certificateToken = certificateValidity.getCertificateToken(); - if (certificateToken != null) { - signCertificateTokenList.add(certificateToken); - } - } - return signCertificateTokenList; - } - /** * This method allows to add a candidate for the signing certificate. * diff --git a/dss-spi/src/test/java/eu/europa/esig/dss/spi/DSSUtilsTest.java b/dss-spi/src/test/java/eu/europa/esig/dss/spi/DSSUtilsTest.java index fd7dc7b670..e68135c43d 100644 --- a/dss-spi/src/test/java/eu/europa/esig/dss/spi/DSSUtilsTest.java +++ b/dss-spi/src/test/java/eu/europa/esig/dss/spi/DSSUtilsTest.java @@ -62,6 +62,7 @@ import static org.junit.jupiter.api.Assertions.assertFalse; import static org.junit.jupiter.api.Assertions.assertNotEquals; import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertNull; import static org.junit.jupiter.api.Assertions.assertThrows; import static org.junit.jupiter.api.Assertions.assertTrue; @@ -347,6 +348,7 @@ public void replaceAllNonAlphanumericCharactersTest() { assertEquals("?", DSSUtils.replaceAllNonAlphanumericCharacters("\n", "?")); assertEquals("?", DSSUtils.replaceAllNonAlphanumericCharacters("\r\n", "?")); assertEquals("?", DSSUtils.replaceAllNonAlphanumericCharacters("---____ ??? !!!!", "?")); + assertNull(DSSUtils.replaceAllNonAlphanumericCharacters(null, "-")); } @Test diff --git a/dss-spi/src/test/java/eu/europa/esig/dss/spi/QcStatementsUtilsTest.java b/dss-spi/src/test/java/eu/europa/esig/dss/spi/QcStatementsUtilsTest.java index 6d6e8e2572..95978dd623 100644 --- a/dss-spi/src/test/java/eu/europa/esig/dss/spi/QcStatementsUtilsTest.java +++ b/dss-spi/src/test/java/eu/europa/esig/dss/spi/QcStatementsUtilsTest.java @@ -7,6 +7,7 @@ import eu.europa.esig.dss.model.x509.QCLimitValue; import eu.europa.esig.dss.model.x509.QcStatements; import eu.europa.esig.dss.model.x509.RoleOfPSP; +import org.bouncycastle.asn1.ASN1Sequence; import org.junit.jupiter.api.Test; import java.io.File; @@ -21,7 +22,7 @@ public class QcStatementsUtilsTest { @Test - public void cert1() { + void cert1() { CertificateToken cert = DSSUtils.loadCertificateFromBase64EncodedString( "MIII2TCCBsGgAwIBAgIJAqog3++ziaB0MA0GCSqGSIb3DQEBCwUAMHoxCzAJBgNVBAYTAkNaMSMwIQYDVQQDDBpJLkNBIFNTTCBFViBDQS9SU0EgMTAvMjAxNzEtMCsGA1UECgwkUHJ2bsOtIGNlcnRpZmlrYcSNbsOtIGF1dG9yaXRhLCBhLnMuMRcwFQYDVQRhDA5OVFJDWi0yNjQzOTM5NTAeFw0xOTEyMTcxNDA0MDNaFw0yMDEyMTYxNDA0MDNaMIIBBTEUMBIGA1UEAwwLY3JlZGl0YXMuY3oxETAPBgNVBAUTCDYzNDkyNTU1MRkwFwYDVQQHDBBQcmFoYSA4LCBLYXJsw61uMR0wGwYDVQQIDBRIbGF2bsOtIG3Em3N0byBQcmFoYTELMAkGA1UEBhMCQ1oxHDAaBgNVBAoME0JhbmthIENSRURJVEFTIGEucy4xFDASBgNVBAkMC1Nva29sb3Zza8OhMQ4wDAYDVQQRDAUxODYwMDEbMBkGA1UEYQwSUFNEQ1otQ05CLTYzNDkyNTU1MR0wGwYDVQQPDBRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGCysGAQQBgjc8AgEDEwJDWjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOKZv4JkbWxjAaB/jkoQ/BS5WvItruLmQAF47D6AOZ1q6L958HmtjlXvmocttMh6f6iSOruwI9IFGOOtPvzFHOjZEcnE2L8pSyDRlV5eaLAi9JSVWYar48QrOkJWwbnX8W6LclBppU4ELPsrFS+wR2KabKOF0FffelUTtzUF9PPATElvMQlXaf0Mfa4uAYWdH4rWfNvIW6u6BO6v/I+6Bx59yyx64TUe57bSTNlRDjBR0bc2Ssb0s17j7tscGI/80zoSrHdUqjLWvNdS7FFUHA+VMum+L1rNjzNYAXvVyBWcoYNZ/kEd8pDMWHHWEuxl9XAQzYFwZxcclfJsYByt618CAwEAAaOCA9MwggPPMBYGA1UdEQQPMA2CC2NyZWRpdGFzLmN6MAkGA1UdEwQCMAAwggE5BgNVHSAEggEwMIIBLDCCAR0GDSsGAQQBgbhICgEoAQEwggEKMB0GCCsGAQUFBwIBFhFodHRwOi8vd3d3LmljYS5jejCB6AYIKwYBBQUHAgIwgdsagdhUZW50byBrdmFsaWZpa292YW55IGNlcnRpZmlrYXQgcHJvIGF1dGVudGl6YWNpIGludGVybmV0b3Z5Y2ggc3RyYW5layBieWwgdnlkYW4gdiBzb3VsYWR1IHMgbmFyaXplbmltIEVVIGMuIDkxMC8yMDE0LlRoaXMgaXMgYSBxdWFsaWZpZWQgY2VydGlmaWNhdGUgZm9yIHdlYnNpdGUgYXV0aGVudGljYXRpb24gYWNjb3JkaW5nIHRvIFJlZ3VsYXRpb24gKEVVKSBObyA5MTAvMjAxNC4wCQYHBACL7EABBDCBjAYDVR0fBIGEMIGBMCmgJ6AlhiNodHRwOi8vcWNybGRwMS5pY2EuY3ovcWN3MTdfcnNhLmNybDApoCegJYYjaHR0cDovL3FjcmxkcDIuaWNhLmN6L3FjdzE3X3JzYS5jcmwwKaAnoCWGI2h0dHA6Ly9xY3JsZHAzLmljYS5jei9xY3cxN19yc2EuY3JsMGMGCCsGAQUFBwEBBFcwVTApBggrBgEFBQcwAoYdaHR0cDovL3EuaWNhLmN6L3FjdzE3X3JzYS5jZXIwKAYIKwYBBQUHMAGGHGh0dHA6Ly9vY3NwLmljYS5jei9xY3cxN19yc2EwDgYDVR0PAQH/BAQDAgWgMIH/BggrBgEFBQcBAwSB8jCB7zAIBgYEAI5GAQEwEwYGBACORgEGMAkGBwQAjkYBBgMwVwYGBACORgEFME0wLRYnaHR0cHM6Ly93d3cuaWNhLmN6L1pwcmF2eS1wcm8tdXppdmF0ZWxlEwJjczAcFhZodHRwczovL3d3dy5pY2EuY3ovUERTEwJlbjB1BgYEAIGYJwIwazBMMBEGBwQAgZgnAQEMBlBTUF9BUzARBgcEAIGYJwECDAZQU1BfUEkwEQYHBACBmCcBAwwGUFNQX0FJMBEGBwQAgZgnAQQMBlBTUF9JQwwTQ3plY2ggTmF0aW9uYWwgQmFuawwGQ1otQ05CMB8GA1UdIwQYMBaAFD2vGQiXehCMvCjBRm2XSFpI/ALKMB0GA1UdDgQWBBTgz4IhX8EjbmNoyVpi4k8TRVEdRDAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBCwUAA4ICAQBqfekq6C3hscyWRnKIhSvGQRVaWH8h0qV0UnVAUt3z0FX/EiMSteL+yHmFMaSz68vkEO0nGIxEp193uF1ZFg4n/hYg5RWUNABDdIpX1nST5ZYCqtXqNDPc8EqeJjVrFqo06+NpscmCRep7q3T9dIMC7ObZN2aVJ1N6Rt3EcotWqPa0t0V7soa8cM+raSv4VQWs4FUw2kg1rd6lpLWDU2H19jw3+C3zRSpO7CiLeELrly0H9asOhfxZYSdLhqpP/onuvvxyu9V/auJ6+YW7FUBk95mc8KrJ96XBlqcAp3/mq14JPRHpjVunDaiQUsLVBayLZ0S5bJe4wrvzXQ9aTj14kRbT6/xKeYA46zanJ4LjDJ5n8pzJyh0l+zFqs+5ZygKCxjl0GBXS4L79JVsCjZgm5R4i9qmxgsojOoYwTk2LE7ED606ei8DnlND9F/uRLrlrBodXwh/eHtHpHPcQxvhHtbeYsZTH/NC4MCG7t9USdLycoQYk3JD5Qk+yo+pDatpJpgnK4M8F7ANNT9c7Xmt6Kwmidulb8LcTvMPU19BqgjX6jewBiUh+ZF9d2W+W/zIz4smpSTT/8tRAFi11RT0wcM8wYCvavSiAxrbuslMjHW6M5T++GAd4zgw1VM56vsDb5tYNmNt311tk62YoKn6P5FBCi7uIbg7zv0o+RdLXhg=="); assertNotNull(cert); @@ -44,7 +45,7 @@ public void cert1() { } @Test - public void cert2() { + void cert2() { CertificateToken caTokenA = DSSUtils.loadCertificateFromBase64EncodedString( "MIIHhDCCBWygAwIBAgIQOuMVfia5ESRcEnX54wA14DANBgkqhkiG9w0BAQsFADCBhjELMAkGA1UEBhMCRUUxIjAgBgNVBAoMGUFTIFNlcnRpZml0c2VlcmltaXNrZXNrdXMxITAfBgNVBAsMGFNlcnRpZml0c2VlcmltaXN0ZWVudXNlZDEXMBUGA1UEYQwOTlRSRUUtMTA3NDcwMTMxFzAVBgNVBAMMDktMQVNTMy1TSyAyMDE2MB4XDTE4MTIxMzE1MDY0MFoXDTE5MTIyMzE1MDY0MFowgbAxFjAUBgNVBGEMDU5UUkxVLUIxODY1ODIxEDAOBgNVBAUTB0IxODY1ODIxETAPBgNVBAgMCENhcGVsbGVuMQ8wDQYDVQQHDAZLZWhsZW4xCzAJBgNVBAYTAkxVMRkwFwYDVQQKDBBOb3dpbmEgU29sdXRpb25zMQ8wDQYDVQQLDAZlLVNlYWwxJzAlBgNVBAMMHkRvY3VtZW50IGZyb20gTm93aW5hIFNvbHV0aW9uczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKuVPnSGPHn2y64zKJgh/beTScah5W3vc+erX8gyfCByKxZnS3PYVRadFeHDAoH4aPAVetTb4XDCZmK7LmLqWRPXg+cmxQ2eEOUIL11TgLNSk/QCbmszQVnVJV51AyCh2P8W+JzXy/Ux3Mhu12WJY67nOHBGk80JxN5vUYYNTxxvjC+1DlC4s1ts4KwSPVa4o9gi8xp8RSLq3dgNngQ7ZWhihnKS8lwQiUFEichxgl9UWdO8+wLiztXLnJFtVr0VJkUrzHee0TswURsR4etx9HqeL/Vv92tKB6OCCK+V3NtLGdzjMuP4JqY6zAAx7QOw7FoOL79kUFfy5XcZNNUqRn0CAwEAAaOCAsAwggK8MAkGA1UdEwQCMAAwRgYDVR0gBD8wPTAwBgkrBgEEAc4fBwMwIzAhBggrBgEFBQcCARYVaHR0cHM6Ly93d3cuc2suZWUvY3BzMAkGBwQAi+xAAQMwHwYDVR0jBBgwFoAUrl5Y9fLy2cGO2e9OB9t1ylDihwAwDgYDVR0PAQH/BAQDAgZAMB0GA1UdDgQWBBQw36PvMnj+f6T0vp8LZD3jz3uMmDB7BggrBgEFBQcBAQRvMG0wKAYIKwYBBQUHMAGGHGh0dHA6Ly9haWEuc2suZWUva2xhc3MzLTIwMTYwQQYIKwYBBQUHMAKGNWh0dHBzOi8vYy5zay5lZS9LTEFTUzMtU0tfMjAxNl9FRUNDUkNBX1NIQTM4NC5kZXIuY3J0MIIBmAYIKwYBBQUHAQMEggGKMIIBhjAIBgYEAI5GAQEwCAYGBACORgEEMBMGBgQAjkYBBjAJBgcEAI5GAQYCMFIGBgQAjkYBBTBIMEYWQGh0dHBzOi8vc2suZWUvZW4vcmVwb3NpdG9yeS9jb25kaXRpdG9ucy1mb3ItdXNlLW9mLWNlcnRpZmljYXRlcy8TAkVOMIIBBQYIKwYBBQUHCwIwgfgGBwQAi+xJAQIwgeykczBxMQswCQYDVQQGEwJFRTEeMBwGA1UECgwVRGVwYXJ0bWVudCBvZiBKdXN0aWNlMUIwQAYDVQQDDDlFc3RvbmlhbiBOb24tUHJvZml0IEFzc29jaWF0aW9ucyBhbmQgRm91bmRhdGlvbnMgUmVnaXN0ZXKkdTBzMQswCQYDVQQGEwJFRTEcMBoGA1UECgwTTWluaXN0cnkgb2YgRmluYW5jZTFGMEQGA1UEAww9RXN0b25pYW4gUmVnaXN0ZXIgb2YgU3RhdGUgYW5kIExvY2FsIEdvdmVybm1lbnQgT3JnYW5pc2F0aW9uczANBgkqhkiG9w0BAQsFAAOCAgEAayfOwN8bAuqUqR460pPZllCCT33Ushjv47W3lnpSALZTN0lG13qW8wxEGgf32oZtLztHxfYT+hLV9EITnfNPoX8xC//T2r1WqcySBEl65OO2jTlLFieS6AM8dj/UIVpnMeLZN1Nc+zJAC9A/bDhnAeoBMQ7UgrkoOkOusid4+j5uYVSDvrJ3cRWPlh+d+6k1DuDnY519njrVdI6QYdMJWfUuprgdAp4qoGVSYdrD4key48tq9bp98fTXW8u78MSi9mojku1gkv1s8Nv3gfv5xbHPs4d7ww1yuYjKHaRcNvMSBXERKAqi+mJCcs3bH8IAYrH4lNT7pkPGMk2cg9GV2DWRe4Cr5kAuZ1///NRWqCUZzN8GdvuAAV8FLhElqPAtTtpR0vYS8rumX9vdR17rm+RBLHewoYsgQe7ausX2VZGnSUnVrzpq+SI+FYW3XEl3YbhxG20cT7XjWTSONgwFyRIACEubgLgtZxcigdXL7lGbnEFacd9oq+r+4kD3/gn6hm8IZmgRnZIy1PK2Lxng+z0OvuRBfO90QmHK7LWgq7R/Zwz8/hTpF3/EsewqlVJId5pkCR2EVGKP3UiGeBUl3nlvt6r+6hXU2mVlIhcAWsD1Nh7YM8Y4Y1bpd7z7O5vohkpN4fM9w0bl/J9FmbrELd/sGoNIzzQiT9sYCrcAEaw="); @@ -64,7 +65,7 @@ public void cert2() { } @Test - public void certWithLegislation() { + void certWithLegislation() { CertificateToken certificate = DSSUtils.loadCertificate(new File("src/test/resources/john_doe_tc.crt")); QcStatements qcStatements = QcStatementUtils.getQcStatements(certificate); @@ -76,7 +77,7 @@ public void certWithLegislation() { } @Test - public void certWithQCLimitValue() { + void certWithQCLimitValue() { CertificateToken certificateToken = DSSUtils.loadCertificateFromBase64EncodedString("MIIGhTCCBW2gAwIBAgIIRF8oqOiGHZMwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAklUMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1ODUyMDk2NzExMC8GA1UECwwoUXVhbGlmaWVkIENlcnRpZmljYXRpb24gU2VydmljZSBQcm92aWRlcjEtMCsGA1UEAwwkQWN0YWxpcyBRdWFsaWZpZWQgQ2VydGlmaWNhdGVzIENBIEcxMB4XDTEwMTIwMjA5MTE0M1oXDTExMDEwMjA5MTE0M1owgZgxCzAJBgNVBAYTAklUMRcwFQYDVQQKDA5BY3RhbGlzIFMucC5BLjENMAsGA1UEBAwERGVtbzEVMBMGA1UEKgwMVXNlciAxOTExNTIyMRAwDgYDVQQFEwcxOTExNTIyMRowGAYDVQQDDBFEZW1vIFVzZXIgMTkxMTUyMjEcMBoGA1UELhMTSVQ6Q09ESUNFRklTQ0FMRTEyMzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApZ35UTdTZH31aCinXHYbhaUj6xEdEzjto7D3i+oZQo1ewG6w+CWpSwsHI7zRLlBcQJBk8lGSoZxS3MSkoY8BVHOIAqM1E3Se6WaQ/9IGNPFVpbTfe5iiGkcfh3APc/NX7r5ElmwEjGde/AKO6W8Rr476WHKtOpV6VNcV6YpFclUCAwEAAaOCA1cwggNTMEcGCCsGAQUFBwEBBDswOTA3BggrBgEFBQcwAYYraHR0cDovL3BvcnRhbC5hY3RhbGlzLml0L1ZBL1F1YWxpZmllZC1DQS1HMTAdBgNVHQ4EFgQU78oquvTCJW1n6Bzu9vmZkL9GCu4wCQYDVR0TBAIwADAfBgNVHSMEGDAWgBRrzmQ9K/hPi0Pv8DK975FUDa2++DBSBggrBgEFBQcBAwRGMEQwCgYIKwYBBQUHCwIwCAYGBACORgEBMBUGBgQAjkYBAjALEwNFVVICAQACAQAwCwYGBACORgEDAgEUMAgGBgQAjkYBBDCCATsGA1UdIASCATIwggEuMIIBKgYGK4EfAQ8BMIIBHjCB1AYIKwYBBQUHAgIwgccMgcRJbCBwcmVzZW50ZSBjZXJ0aWZpY2F0byBlJyB2YWxpZG8gc29sbyBwZXIgZmlybWUgYXBwb3N0ZSB0cmFtaXRlIHByb2NlZHVyYSBkaSBmaXJtYSByZW1vdGEuIExhIHByZXNlbnRlIGRpY2hpYXJhemlvbmUgY29zdGl0dWlzY2UgZXZpZGVuemEgZGVsbGEgYWRvemlvbmUgZGkgdGFsZSBwcm9jZWR1cmEgcGVyIGkgZG9jdW1lbnRpIGZpcm1hdGkuMEUGCCsGAQUFBwIBFjlodHRwczovL3BvcnRhbC5hY3RhbGlzLml0L1JlcG9zaXRvcnkvUG9saWN5L1F1YWxpZmllZC9DUFMwggEYBgNVHR8EggEPMIIBCzCB0KCBzaCByoaBx2xkYXA6Ly9sZGFwLmFjdGFsaXMuaXQvY24lM2RBY3RhbGlzJTIwUXVhbGlmaWVkJTIwQ2VydGlmaWNhdGVzJTIwQ0ElMjBHMSxvdSUzZFF1YWxpZmllZCUyMENlcnRpZmljYXRpb24lMjBTZXJ2aWNlJTIwUHJvdmlkZXIsbyUzZEFjdGFsaXMlMjBTLnAuQS4lMmYwMzM1ODUyMDk2NyxjJTNkSVQ/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdDtiaW5hcnkwNqA0oDKGMGh0dHA6Ly9wb3J0YWwuYWN0YWxpcy5pdC9SZXBvc2l0b3J5L1FMRkcxL2dldENSTDAOBgNVHQ8BAf8EBAMCBkAwDQYJKoZIhvcNAQELBQADggEBAKAQWX/nLA4MSW9Ovgpi+H76y0TYFuZ5NsW9wZwM6yNZSL40iYqb9e2CJuN3ivnMBu6/XEBUVNOczFtQEoe4sy2NmSVk6PSLVGcRR+k3Jq8jf3cNLFPGJc+y1K1DGyz70rHsUHmJi0mGWmYYddDxvv1lWq7v3Z0ZIVH8fgEjOPJ0ejXwcYVpHQjZb8OAKuvrUbKV1z1KCgjtvukmEIRcyIekBKzC1b0e5gj9SDnoGdmAh+OlW39qCYhEHrBHI3wo4S0xaR2TN8yz2KCtlAdXaY3vk152UX2JmR6EHat07dqBxucD2/noxaf3lX/EzpRrWlm5kcnZlYMwHED6vHQ4qlc="); QcStatements qcStatements = QcStatementUtils.getQcStatements(certificateToken); assertNotNull(qcStatements); @@ -88,7 +89,7 @@ public void certWithQCLimitValue() { } @Test - public void certWithPSD2QcStatement() { + void certWithPSD2QcStatement() { CertificateToken cert = DSSUtils.loadCertificateFromBase64EncodedString( "MIII2TCCBsGgAwIBAgIJAqog3++ziaB0MA0GCSqGSIb3DQEBCwUAMHoxCzAJBgNVBAYTAkNaMSMwIQYDVQQDDBpJLkNBIFNTTCBFViBDQS9SU0EgMTAvMjAxNzEtMCsGA1UECgwkUHJ2bsOtIGNlcnRpZmlrYcSNbsOtIGF1dG9yaXRhLCBhLnMuMRcwFQYDVQRhDA5OVFJDWi0yNjQzOTM5NTAeFw0xOTEyMTcxNDA0MDNaFw0yMDEyMTYxNDA0MDNaMIIBBTEUMBIGA1UEAwwLY3JlZGl0YXMuY3oxETAPBgNVBAUTCDYzNDkyNTU1MRkwFwYDVQQHDBBQcmFoYSA4LCBLYXJsw61uMR0wGwYDVQQIDBRIbGF2bsOtIG3Em3N0byBQcmFoYTELMAkGA1UEBhMCQ1oxHDAaBgNVBAoME0JhbmthIENSRURJVEFTIGEucy4xFDASBgNVBAkMC1Nva29sb3Zza8OhMQ4wDAYDVQQRDAUxODYwMDEbMBkGA1UEYQwSUFNEQ1otQ05CLTYzNDkyNTU1MR0wGwYDVQQPDBRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGCysGAQQBgjc8AgEDEwJDWjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOKZv4JkbWxjAaB/jkoQ/BS5WvItruLmQAF47D6AOZ1q6L958HmtjlXvmocttMh6f6iSOruwI9IFGOOtPvzFHOjZEcnE2L8pSyDRlV5eaLAi9JSVWYar48QrOkJWwbnX8W6LclBppU4ELPsrFS+wR2KabKOF0FffelUTtzUF9PPATElvMQlXaf0Mfa4uAYWdH4rWfNvIW6u6BO6v/I+6Bx59yyx64TUe57bSTNlRDjBR0bc2Ssb0s17j7tscGI/80zoSrHdUqjLWvNdS7FFUHA+VMum+L1rNjzNYAXvVyBWcoYNZ/kEd8pDMWHHWEuxl9XAQzYFwZxcclfJsYByt618CAwEAAaOCA9MwggPPMBYGA1UdEQQPMA2CC2NyZWRpdGFzLmN6MAkGA1UdEwQCMAAwggE5BgNVHSAEggEwMIIBLDCCAR0GDSsGAQQBgbhICgEoAQEwggEKMB0GCCsGAQUFBwIBFhFodHRwOi8vd3d3LmljYS5jejCB6AYIKwYBBQUHAgIwgdsagdhUZW50byBrdmFsaWZpa292YW55IGNlcnRpZmlrYXQgcHJvIGF1dGVudGl6YWNpIGludGVybmV0b3Z5Y2ggc3RyYW5layBieWwgdnlkYW4gdiBzb3VsYWR1IHMgbmFyaXplbmltIEVVIGMuIDkxMC8yMDE0LlRoaXMgaXMgYSBxdWFsaWZpZWQgY2VydGlmaWNhdGUgZm9yIHdlYnNpdGUgYXV0aGVudGljYXRpb24gYWNjb3JkaW5nIHRvIFJlZ3VsYXRpb24gKEVVKSBObyA5MTAvMjAxNC4wCQYHBACL7EABBDCBjAYDVR0fBIGEMIGBMCmgJ6AlhiNodHRwOi8vcWNybGRwMS5pY2EuY3ovcWN3MTdfcnNhLmNybDApoCegJYYjaHR0cDovL3FjcmxkcDIuaWNhLmN6L3FjdzE3X3JzYS5jcmwwKaAnoCWGI2h0dHA6Ly9xY3JsZHAzLmljYS5jei9xY3cxN19yc2EuY3JsMGMGCCsGAQUFBwEBBFcwVTApBggrBgEFBQcwAoYdaHR0cDovL3EuaWNhLmN6L3FjdzE3X3JzYS5jZXIwKAYIKwYBBQUHMAGGHGh0dHA6Ly9vY3NwLmljYS5jei9xY3cxN19yc2EwDgYDVR0PAQH/BAQDAgWgMIH/BggrBgEFBQcBAwSB8jCB7zAIBgYEAI5GAQEwEwYGBACORgEGMAkGBwQAjkYBBgMwVwYGBACORgEFME0wLRYnaHR0cHM6Ly93d3cuaWNhLmN6L1pwcmF2eS1wcm8tdXppdmF0ZWxlEwJjczAcFhZodHRwczovL3d3dy5pY2EuY3ovUERTEwJlbjB1BgYEAIGYJwIwazBMMBEGBwQAgZgnAQEMBlBTUF9BUzARBgcEAIGYJwECDAZQU1BfUEkwEQYHBACBmCcBAwwGUFNQX0FJMBEGBwQAgZgnAQQMBlBTUF9JQwwTQ3plY2ggTmF0aW9uYWwgQmFuawwGQ1otQ05CMB8GA1UdIwQYMBaAFD2vGQiXehCMvCjBRm2XSFpI/ALKMB0GA1UdDgQWBBTgz4IhX8EjbmNoyVpi4k8TRVEdRDAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBCwUAA4ICAQBqfekq6C3hscyWRnKIhSvGQRVaWH8h0qV0UnVAUt3z0FX/EiMSteL+yHmFMaSz68vkEO0nGIxEp193uF1ZFg4n/hYg5RWUNABDdIpX1nST5ZYCqtXqNDPc8EqeJjVrFqo06+NpscmCRep7q3T9dIMC7ObZN2aVJ1N6Rt3EcotWqPa0t0V7soa8cM+raSv4VQWs4FUw2kg1rd6lpLWDU2H19jw3+C3zRSpO7CiLeELrly0H9asOhfxZYSdLhqpP/onuvvxyu9V/auJ6+YW7FUBk95mc8KrJ96XBlqcAp3/mq14JPRHpjVunDaiQUsLVBayLZ0S5bJe4wrvzXQ9aTj14kRbT6/xKeYA46zanJ4LjDJ5n8pzJyh0l+zFqs+5ZygKCxjl0GBXS4L79JVsCjZgm5R4i9qmxgsojOoYwTk2LE7ED606ei8DnlND9F/uRLrlrBodXwh/eHtHpHPcQxvhHtbeYsZTH/NC4MCG7t9USdLycoQYk3JD5Qk+yo+pDatpJpgnK4M8F7ANNT9c7Xmt6Kwmidulb8LcTvMPU19BqgjX6jewBiUh+ZF9d2W+W/zIz4smpSTT/8tRAFi11RT0wcM8wYCvavSiAxrbuslMjHW6M5T++GAd4zgw1VM56vsDb5tYNmNt311tk62YoKn6P5FBCi7uIbg7zv0o+RdLXhg=="); assertNotNull(cert); @@ -110,10 +111,15 @@ public void certWithPSD2QcStatement() { } @Test - public void certWithoutQCStatements() { + void certWithoutQCStatements() { CertificateToken certificate = DSSUtils.loadCertificate(new File("src/test/resources/TSP_Certificate_2014.crt")); QcStatements qcStatements = QcStatementUtils.getQcStatements(certificate); assertNull(qcStatements); } + @Test + void qcStatementNullSequence() { + assertNull(QcStatementUtils.getQcStatements((ASN1Sequence) null)); + } + } diff --git a/dss-spi/src/test/java/eu/europa/esig/dss/spi/x509/KeyStoreCertificateSourceTest.java b/dss-spi/src/test/java/eu/europa/esig/dss/spi/x509/KeyStoreCertificateSourceTest.java index 6f7cf6e61d..b6220144b0 100644 --- a/dss-spi/src/test/java/eu/europa/esig/dss/spi/x509/KeyStoreCertificateSourceTest.java +++ b/dss-spi/src/test/java/eu/europa/esig/dss/spi/x509/KeyStoreCertificateSourceTest.java @@ -20,21 +20,24 @@ */ package eu.europa.esig.dss.spi.x509; -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.assertThrows; -import static org.junit.jupiter.api.Assertions.assertTrue; +import eu.europa.esig.dss.model.DSSException; +import eu.europa.esig.dss.model.x509.CertificateToken; +import eu.europa.esig.dss.spi.DSSUtils; +import eu.europa.esig.dss.utils.Utils; +import org.junit.jupiter.api.Test; import java.io.File; +import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; +import java.util.Arrays; +import java.util.List; -import org.junit.jupiter.api.Test; - -import eu.europa.esig.dss.model.DSSException; -import eu.europa.esig.dss.model.x509.CertificateToken; -import eu.europa.esig.dss.spi.DSSUtils; -import eu.europa.esig.dss.utils.Utils; +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertNull; +import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.junit.jupiter.api.Assertions.assertTrue; public class KeyStoreCertificateSourceTest { @@ -51,6 +54,7 @@ public void testLoadAddAndDelete() throws IOException { assertTrue(startSize > 0); CertificateToken token = DSSUtils.loadCertificate(new File("src/test/resources/citizen_ca.cer")); + CertificateToken token2 = DSSUtils.loadCertificate(new File("src/test/resources/ecdsa.cer")); kscs.addCertificateToKeyStore(token); int sizeAfterAdd = Utils.collectionSize(kscs.getCertificates()); @@ -64,6 +68,13 @@ public void testLoadAddAndDelete() throws IOException { int sizeAfterDelete = Utils.collectionSize(kscs.getCertificates()); assertEquals(sizeAfterDelete,startSize); + + kscs.addAllCertificatesToKeyStore(Arrays.asList(token, token2)); + + sizeAfterAdd = Utils.collectionSize(kscs.getCertificates()); + assertEquals(sizeAfterAdd,startSize + 2); + + assertNull(kscs.getCertificate("AAAAAAAAAAAAAAAA")); } @Test @@ -100,4 +111,20 @@ public void wrongFile() throws IOException { () -> new KeyStoreCertificateSource(wrongFile, KEYSTORE_TYPE, KEYSTORE_PASSWORD)); } + @Test + void clearAllCertificates() throws IOException { + String tempJKS = "target/temp.jks"; + Utils.copy(new FileInputStream(KEYSTORE_FILEPATH), new FileOutputStream(tempJKS)); + + File ksFile = new File(tempJKS); + KeyStoreCertificateSource kscs = new KeyStoreCertificateSource(ksFile, KEYSTORE_TYPE, KEYSTORE_PASSWORD); + List certificates = kscs.getCertificates(); + assertTrue(Utils.isCollectionNotEmpty(certificates)); + + kscs.clearAllCertificates(); + + certificates = kscs.getCertificates(); + assertTrue(Utils.isCollectionEmpty(certificates)); + } + } diff --git a/dss-validation-dto/src/main/java/eu/europa/esig/dss/ws/validation/dto/WSReportsDTO.java b/dss-validation-dto/src/main/java/eu/europa/esig/dss/ws/validation/dto/WSReportsDTO.java index 9767d674d9..36fc446682 100644 --- a/dss-validation-dto/src/main/java/eu/europa/esig/dss/ws/validation/dto/WSReportsDTO.java +++ b/dss-validation-dto/src/main/java/eu/europa/esig/dss/ws/validation/dto/WSReportsDTO.java @@ -53,11 +53,9 @@ public class WSReportsDTO implements Serializable { @XmlElement(name = "DetailedReport", namespace = "http://dss.esig.europa.eu/validation/detailed-report") private XmlDetailedReport detailedReport; - // Use MTOM to avoid XML ID conflict (between diagnostic data and etsi - // validation report) /** Uses MTOM to avoid XML ID conflict (between diagnostic data and etsi validation report) */ @XmlMimeType("application/octet-stream") - private transient DataHandler validationReportDataHandler; + private DataHandler validationReportDataHandler; /** The ETSI validation report */ private transient ValidationReportType validationReport;