BeIDIntegrityTest.java

/*
 * Commons eID Project.
 * Copyright (C) 2008-2013 FedICT.
 *
 * This is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License version
 * 3.0 as published by the Free Software Foundation.
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this software; if not, see 
 * http://www.gnu.org/licenses/.
 */

package test.unit.be.fedict.commons.eid.consumer;

import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.fail;

import java.security.cert.X509Certificate;

import org.apache.commons.io.IOUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.junit.Test;

import be.fedict.commons.eid.consumer.Address;
import be.fedict.commons.eid.consumer.BeIDIntegrity;
import be.fedict.commons.eid.consumer.Identity;

public class BeIDIntegrityTest {

	private static final Log LOG = LogFactory.getLog(BeIDIntegrityTest.class);

	@Test
	public void testIdentityIntegrity() throws Exception {
		// setup
		byte[] identityFile = IOUtils.toByteArray(BeIDIntegrityTest.class
				.getResourceAsStream("/test-identity.tlv"));
		byte[] identitySignatureFile = IOUtils
				.toByteArray(BeIDIntegrityTest.class
						.getResourceAsStream("/test-identity-sign.der"));
		byte[] rrnCertFile = IOUtils.toByteArray(BeIDIntegrityTest.class
				.getResourceAsStream("/test-rrn-cert.der"));
		BeIDIntegrity beIDIntegrity = new BeIDIntegrity();

		// operate
		X509Certificate rrnCert = beIDIntegrity.loadCertificate(rrnCertFile);
		Identity identity = beIDIntegrity.getVerifiedIdentity(identityFile,
				identitySignatureFile, rrnCert);

		// verify
		assertNotNull(identity);
		LOG.debug("name: " + identity.getFirstName());
		assertEquals("Alice Geldigekaart", identity.getFirstName());
	}

	@Test
	public void testIdentityIntegrityCorruption() throws Exception {
		// setup
		byte[] identityFile = IOUtils.toByteArray(BeIDIntegrityTest.class
				.getResourceAsStream("/test-identity.tlv"));
		byte[] identitySignatureFile = IOUtils
				.toByteArray(BeIDIntegrityTest.class
						.getResourceAsStream("/test-identity-sign.der"));
		byte[] rrnCertFile = IOUtils.toByteArray(BeIDIntegrityTest.class
				.getResourceAsStream("/test-rrn-cert.der"));
		BeIDIntegrity beIDIntegrity = new BeIDIntegrity();

		// setup: corrupt identity file
		identityFile[0] = 4;

		// operate
		X509Certificate rrnCert = beIDIntegrity.loadCertificate(rrnCertFile);

		// operate & verify
		try {
			beIDIntegrity.getVerifiedIdentity(identityFile,
					identitySignatureFile, rrnCert);
			fail();
		} catch (SecurityException e) {
			// expected
		}
	}

	@Test
	public void testPhotoIntegrity() throws Exception {
		// setup
		byte[] identityFile = IOUtils.toByteArray(BeIDIntegrityTest.class
				.getResourceAsStream("/test-identity.tlv"));
		byte[] identitySignatureFile = IOUtils
				.toByteArray(BeIDIntegrityTest.class
						.getResourceAsStream("/test-identity-sign.der"));
		byte[] rrnCertFile = IOUtils.toByteArray(BeIDIntegrityTest.class
				.getResourceAsStream("/test-rrn-cert.der"));
		byte[] photoData = IOUtils.toByteArray(BeIDIntegrityTest.class
				.getResourceAsStream("/test-photo.jpg"));
		BeIDIntegrity beIDIntegrity = new BeIDIntegrity();

		// operate
		X509Certificate rrnCert = beIDIntegrity.loadCertificate(rrnCertFile);
		Identity identity = beIDIntegrity.getVerifiedIdentity(identityFile,
				identitySignatureFile, photoData, rrnCert);

		// verify
		assertNotNull(identity);
		LOG.debug("name: " + identity.getFirstName());
		assertEquals("Alice Geldigekaart", identity.getFirstName());
	}

	@Test
	public void testPhotoIntegrityCorruption() throws Exception {
		// setup
		byte[] identityFile = IOUtils.toByteArray(BeIDIntegrityTest.class
				.getResourceAsStream("/test-identity.tlv"));
		byte[] identitySignatureFile = IOUtils
				.toByteArray(BeIDIntegrityTest.class
						.getResourceAsStream("/test-identity-sign.der"));
		byte[] rrnCertFile = IOUtils.toByteArray(BeIDIntegrityTest.class
				.getResourceAsStream("/test-rrn-cert.der"));
		byte[] photoData = IOUtils.toByteArray(BeIDIntegrityTest.class
				.getResourceAsStream("/test-photo.jpg"));
		BeIDIntegrity beIDIntegrity = new BeIDIntegrity();

		// setup: corrupt photo
		photoData[0] = 0;

		// operate
		X509Certificate rrnCert = beIDIntegrity.loadCertificate(rrnCertFile);

		// operate & verify
		try {
			beIDIntegrity.getVerifiedIdentity(identityFile,
					identitySignatureFile, photoData, rrnCert);
			fail();
		} catch (SecurityException e) {
			// expected
		}
	}

	@Test
	public void testAddressIntegrity() throws Exception {
		// setup
		byte[] identitySignatureFile = IOUtils
				.toByteArray(BeIDIntegrityTest.class
						.getResourceAsStream("/test-identity-sign.der"));
		byte[] rrnCertFile = IOUtils.toByteArray(BeIDIntegrityTest.class
				.getResourceAsStream("/test-rrn-cert.der"));
		byte[] addressFile = IOUtils.toByteArray(BeIDIntegrityTest.class
				.getResourceAsStream("/test-address.tlv"));
		byte[] addressSignatureFile = IOUtils
				.toByteArray(BeIDIntegrityTest.class
						.getResourceAsStream("/test-address-sign.der"));

		BeIDIntegrity beIDIntegrity = new BeIDIntegrity();

		// operate
		X509Certificate rrnCert = beIDIntegrity.loadCertificate(rrnCertFile);
		Address address = beIDIntegrity.getVerifiedAddress(addressFile,
				identitySignatureFile, addressSignatureFile, rrnCert);

		// verify
		assertNotNull(address);
		LOG.debug("ZIP: " + address.getZip());
		assertEquals("2000", address.getZip());
	}

	@Test
	public void testAddressIntegrityCorruption() throws Exception {
		// setup
		byte[] identitySignatureFile = IOUtils
				.toByteArray(BeIDIntegrityTest.class
						.getResourceAsStream("/test-identity-sign.der"));
		byte[] rrnCertFile = IOUtils.toByteArray(BeIDIntegrityTest.class
				.getResourceAsStream("/test-rrn-cert.der"));
		byte[] addressFile = IOUtils.toByteArray(BeIDIntegrityTest.class
				.getResourceAsStream("/test-address.tlv"));
		byte[] addressSignatureFile = IOUtils
				.toByteArray(BeIDIntegrityTest.class
						.getResourceAsStream("/test-address-sign.der"));

		// setup: corrupt address
		addressFile[0] = 123;

		BeIDIntegrity beIDIntegrity = new BeIDIntegrity();

		// operate
		X509Certificate rrnCert = beIDIntegrity.loadCertificate(rrnCertFile);

		// operate & verify
		try {
			beIDIntegrity.getVerifiedAddress(addressFile,
					identitySignatureFile, addressSignatureFile, rrnCert);
			fail();
		} catch (SecurityException e) {
			// expected
		}
	}
}