Search in sources :

Example 31 with PModeLegSecurity

use of com.helger.phase4.model.pmode.leg.PModeLegSecurity in project phase4 by phax.

the class ENTSOGCompatibilityValidatorTest method testValidatePModeSecurityPModeAuthorizeTrue.

@Test
public void testValidatePModeSecurityPModeAuthorizeTrue() {
    final PModeLegSecurity aSecurityLeg = m_aPMode.getLeg1().getSecurity();
    aSecurityLeg.setPModeAuthorize(true);
    m_aPMode.setLeg1(new PModeLeg(PModeLegProtocol.createForDefaultSoapVersion("http://test.example.org"), null, null, null, aSecurityLeg));
    VALIDATOR.validatePMode(m_aPMode, m_aErrorList);
    assertTrue(m_aErrorList.containsAny(x -> x.getErrorText(LOCALE).contains("false")));
}
Also used : Ebms3SignalMessage(com.helger.phase4.ebms3header.Ebms3SignalMessage) PModeLegSecurity(com.helger.phase4.model.pmode.leg.PModeLegSecurity) MessageHelperMethods(com.helger.phase4.messaging.domain.MessageHelperMethods) EMEP(com.helger.phase4.model.EMEP) ErrorList(com.helger.commons.error.list.ErrorList) ETriState(com.helger.commons.state.ETriState) ESoapVersion(com.helger.phase4.soap.ESoapVersion) Assert.assertNotSame(org.junit.Assert.assertNotSame) EPModeSendReceiptReplyPattern(com.helger.phase4.model.pmode.leg.EPModeSendReceiptReplyPattern) ECryptoAlgorithmSign(com.helger.phase4.crypto.ECryptoAlgorithmSign) Locale(java.util.Locale) Ebms3MessageInfo(com.helger.phase4.ebms3header.Ebms3MessageInfo) PMode(com.helger.phase4.model.pmode.PMode) PModeLeg(com.helger.phase4.model.pmode.leg.PModeLeg) ClassRule(org.junit.ClassRule) PModeLegErrorHandling(com.helger.phase4.model.pmode.leg.PModeLegErrorHandling) PhotonAppWebTestRule(com.helger.photon.app.mock.PhotonAppWebTestRule) Before(org.junit.Before) Ebms3PartyId(com.helger.phase4.ebms3header.Ebms3PartyId) PModeLegProtocol(com.helger.phase4.model.pmode.leg.PModeLegProtocol) Ebms3UserMessage(com.helger.phase4.ebms3header.Ebms3UserMessage) ECryptoAlgorithmSignDigest(com.helger.phase4.crypto.ECryptoAlgorithmSignDigest) EWSSVersion(com.helger.phase4.wss.EWSSVersion) Assert.assertTrue(org.junit.Assert.assertTrue) EMEPBinding(com.helger.phase4.model.EMEPBinding) Test(org.junit.Test) Ebms3To(com.helger.phase4.ebms3header.Ebms3To) ECryptoAlgorithmCrypt(com.helger.phase4.crypto.ECryptoAlgorithmCrypt) Ebms3From(com.helger.phase4.ebms3header.Ebms3From) Ignore(org.junit.Ignore) Ebms3PartyInfo(com.helger.phase4.ebms3header.Ebms3PartyInfo) IPModeIDProvider(com.helger.phase4.model.pmode.IPModeIDProvider) PModeLeg(com.helger.phase4.model.pmode.leg.PModeLeg) PModeLegSecurity(com.helger.phase4.model.pmode.leg.PModeLegSecurity) Test(org.junit.Test)

Example 32 with PModeLegSecurity

use of com.helger.phase4.model.pmode.leg.PModeLegSecurity in project phase4 by phax.

the class PeppolCompatibilityValidator method _checkIfLegIsValid.

private static void _checkIfLegIsValid(@Nonnull final ErrorList aErrorList, @Nonnull final PModeLeg aPModeLeg, @Nonnull @Nonempty final String sFieldPrefix) {
    final PModeLegProtocol aLegProtocol = aPModeLeg.getProtocol();
    if (aLegProtocol == null) {
        aErrorList.add(_createError(sFieldPrefix + "Protocol is missing"));
    } else {
        // PROTOCOL Address only https allowed
        final String sAddressProtocol = aLegProtocol.getAddressProtocol();
        if (StringHelper.hasText(sAddressProtocol)) {
            if (sAddressProtocol.equalsIgnoreCase("https")) {
            // Always okay
            } else if (sAddressProtocol.equalsIgnoreCase("http") && GlobalDebug.isDebugMode()) {
            // Okay in debug mode only
            } else {
                // Other protocol
                aErrorList.add(_createError(sFieldPrefix + "AddressProtocol '" + sAddressProtocol + "' is unsupported"));
            }
        } else {
            // Empty address protocol
            if (false)
                aErrorList.add(_createError(sFieldPrefix + "AddressProtocol is missing"));
        }
        final ESoapVersion eSOAPVersion = aLegProtocol.getSoapVersion();
        if (!eSOAPVersion.isAS4Default()) {
            aErrorList.add(_createError(sFieldPrefix + "SoapVersion '" + eSOAPVersion.getVersion() + "' is unsupported"));
        }
    }
    // Only check the security features if a Security Leg is currently present
    final PModeLegSecurity aPModeLegSecurity = aPModeLeg.getSecurity();
    if (aPModeLegSecurity != null) {
        // certificate is in Partner/SMP - therefore not here :)
        if (false)
            if (aPModeLegSecurity.getX509SignatureCertificate() == null) {
                aErrorList.add(_createError(sFieldPrefix + "Security.X509SignatureCertificate is missing"));
            }
        // Check Signature Algorithm
        if (aPModeLegSecurity.getX509SignatureAlgorithm() == null) {
            aErrorList.add(_createError(sFieldPrefix + "Security.X509SignatureAlgorithm is missing"));
        } else if (!aPModeLegSecurity.getX509SignatureAlgorithm().equals(ECryptoAlgorithmSign.RSA_SHA_256)) {
            aErrorList.add(_createError(sFieldPrefix + "Security.X509SignatureAlgorithm must use the value '" + ECryptoAlgorithmSign.RSA_SHA_256.getID() + "'"));
        }
        // Check Hash Function
        if (aPModeLegSecurity.getX509SignatureHashFunction() == null) {
            aErrorList.add(_createError(sFieldPrefix + "Security.X509SignatureHashFunction is missing"));
        } else if (!aPModeLegSecurity.getX509SignatureHashFunction().equals(ECryptoAlgorithmSignDigest.DIGEST_SHA_256)) {
            aErrorList.add(_createError(sFieldPrefix + "Securoty.X509SignatureHashFunction must use the value '" + ECryptoAlgorithmSignDigest.DIGEST_SHA_256.getID() + "'"));
        }
        // Check Encrypt algorithm
        if (aPModeLegSecurity.getX509EncryptionAlgorithm() == null) {
            aErrorList.add(_createError(sFieldPrefix + "Security.X509EncryptionAlgorithm is missing"));
        } else if (!aPModeLegSecurity.getX509EncryptionAlgorithm().equals(ECryptoAlgorithmCrypt.AES_128_GCM)) {
            aErrorList.add(_createError(sFieldPrefix + "Securoty.X509EncryptionAlgorithm must use the value '" + ECryptoAlgorithmCrypt.AES_128_GCM.getID() + "' instead of '" + aPModeLegSecurity.getX509EncryptionAlgorithm().getID() + "'"));
        }
        // Check WSS Version = 1.1.1
        if (aPModeLegSecurity.getWSSVersion() != null) {
            // Check for WSS - Version if there is one present
            if (!aPModeLegSecurity.getWSSVersion().equals(EWSSVersion.WSS_111))
                aErrorList.add(_createError(sFieldPrefix + "Security.WSSVersion must use the value " + EWSSVersion.WSS_111 + " instead of " + aPModeLegSecurity.getWSSVersion()));
        }
        // PModeAuthorize
        if (aPModeLegSecurity.isPModeAuthorizeDefined()) {
            if (aPModeLegSecurity.isPModeAuthorize())
                aErrorList.add(_createError(sFieldPrefix + "Security.PModeAuthorize must be set to 'false'"));
        } else {
            aErrorList.add(_createError(sFieldPrefix + "Security.PModeAuthorize is missing"));
        }
        // SEND RECEIPT TRUE/FALSE when false don't send receipts anymore
        if (aPModeLegSecurity.isSendReceiptDefined()) {
            if (aPModeLegSecurity.isSendReceipt()) {
                // set response required
                if (aPModeLegSecurity.getSendReceiptReplyPattern() != EPModeSendReceiptReplyPattern.RESPONSE)
                    aErrorList.add(_createError(sFieldPrefix + "Security.SendReceiptReplyPattern must use the value " + EPModeSendReceiptReplyPattern.RESPONSE + " instead of " + aPModeLegSecurity.getSendReceiptReplyPattern()));
            }
        }
    } else {
        aErrorList.add(_createError(sFieldPrefix + "Security is missing"));
    }
    // Error Handling
    final PModeLegErrorHandling aErrorHandling = aPModeLeg.getErrorHandling();
    if (aErrorHandling != null) {
        if (aErrorHandling.isReportAsResponseDefined()) {
            if (!aErrorHandling.isReportAsResponse())
                aErrorList.add(_createError(sFieldPrefix + "ErrorHandling.Report.AsResponse must be 'true'"));
        } else {
            aErrorList.add(_createError(sFieldPrefix + "ErrorHandling.Report.AsResponse is missing"));
        }
        if (aErrorHandling.isReportProcessErrorNotifyConsumerDefined()) {
            if (!aErrorHandling.isReportProcessErrorNotifyConsumer())
                aErrorList.add(_createWarn(sFieldPrefix + "ErrorHandling.Report.ProcessErrorNotifyConsumer should be 'true'"));
        } else {
            aErrorList.add(_createError(sFieldPrefix + "ErrorHandling.Report.ProcessErrorNotifyConsumer is missing"));
        }
        if (aErrorHandling.isReportProcessErrorNotifyProducerDefined()) {
            if (!aErrorHandling.isReportProcessErrorNotifyProducer())
                aErrorList.add(_createWarn(sFieldPrefix + "ErrorHandling.Report.ProcessErrorNotifyProducer should be 'true'"));
        } else {
            aErrorList.add(_createError(sFieldPrefix + "ErrorHandling.Report.ProcessErrorNotifyProducer is missing"));
        }
    } else {
        aErrorList.add(_createError(sFieldPrefix + "ErrorHandling is missing"));
    }
}
Also used : ESoapVersion(com.helger.phase4.soap.ESoapVersion) PModeLegErrorHandling(com.helger.phase4.model.pmode.leg.PModeLegErrorHandling) PModeLegProtocol(com.helger.phase4.model.pmode.leg.PModeLegProtocol) PModeLegSecurity(com.helger.phase4.model.pmode.leg.PModeLegSecurity)

Example 33 with PModeLegSecurity

use of com.helger.phase4.model.pmode.leg.PModeLegSecurity in project phase4 by phax.

the class PeppolCompatibilityValidatorTest method testValidatePModeSecurityPModeAuthorizeTrue.

@Test
public void testValidatePModeSecurityPModeAuthorizeTrue() {
    final PModeLegSecurity aSecurityLeg = m_aPMode.getLeg1().getSecurity();
    aSecurityLeg.setPModeAuthorize(true);
    m_aPMode.setLeg1(new PModeLeg(PModeLegProtocol.createForDefaultSoapVersion("http://test.example.org"), null, null, null, aSecurityLeg));
    VALIDATOR.validatePMode(m_aPMode, m_aErrorList);
    assertTrue(m_aErrorList.containsAny(x -> x.getErrorText(LOCALE).contains("false")));
}
Also used : Ebms3SignalMessage(com.helger.phase4.ebms3header.Ebms3SignalMessage) PModeLegSecurity(com.helger.phase4.model.pmode.leg.PModeLegSecurity) MessageHelperMethods(com.helger.phase4.messaging.domain.MessageHelperMethods) EMEP(com.helger.phase4.model.EMEP) ErrorList(com.helger.commons.error.list.ErrorList) ETriState(com.helger.commons.state.ETriState) ESoapVersion(com.helger.phase4.soap.ESoapVersion) Assert.assertNotSame(org.junit.Assert.assertNotSame) EPModeSendReceiptReplyPattern(com.helger.phase4.model.pmode.leg.EPModeSendReceiptReplyPattern) ECryptoAlgorithmSign(com.helger.phase4.crypto.ECryptoAlgorithmSign) Locale(java.util.Locale) Ebms3MessageInfo(com.helger.phase4.ebms3header.Ebms3MessageInfo) PMode(com.helger.phase4.model.pmode.PMode) PModeLeg(com.helger.phase4.model.pmode.leg.PModeLeg) ClassRule(org.junit.ClassRule) PModeLegErrorHandling(com.helger.phase4.model.pmode.leg.PModeLegErrorHandling) PhotonAppWebTestRule(com.helger.photon.app.mock.PhotonAppWebTestRule) Before(org.junit.Before) Ebms3PartyId(com.helger.phase4.ebms3header.Ebms3PartyId) PModeLegProtocol(com.helger.phase4.model.pmode.leg.PModeLegProtocol) Ebms3UserMessage(com.helger.phase4.ebms3header.Ebms3UserMessage) ECryptoAlgorithmSignDigest(com.helger.phase4.crypto.ECryptoAlgorithmSignDigest) EWSSVersion(com.helger.phase4.wss.EWSSVersion) Assert.assertTrue(org.junit.Assert.assertTrue) EMEPBinding(com.helger.phase4.model.EMEPBinding) Test(org.junit.Test) Ebms3To(com.helger.phase4.ebms3header.Ebms3To) ECryptoAlgorithmCrypt(com.helger.phase4.crypto.ECryptoAlgorithmCrypt) Ebms3From(com.helger.phase4.ebms3header.Ebms3From) Ignore(org.junit.Ignore) Ebms3PartyInfo(com.helger.phase4.ebms3header.Ebms3PartyInfo) IPModeIDProvider(com.helger.phase4.model.pmode.IPModeIDProvider) PModeLeg(com.helger.phase4.model.pmode.leg.PModeLeg) PModeLegSecurity(com.helger.phase4.model.pmode.leg.PModeLegSecurity) Test(org.junit.Test)

Example 34 with PModeLegSecurity

use of com.helger.phase4.model.pmode.leg.PModeLegSecurity in project phase4 by phax.

the class PeppolCompatibilityValidatorTest method testValidatePModeSecurityWrongX509SignatureHashFunction.

@Test
public void testValidatePModeSecurityWrongX509SignatureHashFunction() {
    final PModeLegSecurity aSecurityLeg = m_aPMode.getLeg1().getSecurity();
    aSecurityLeg.setX509SignatureHashFunction(ECryptoAlgorithmSignDigest.DIGEST_SHA_512);
    m_aPMode.setLeg1(new PModeLeg(PModeLegProtocol.createForDefaultSoapVersion("http://test.example.org"), null, null, null, aSecurityLeg));
    VALIDATOR.validatePMode(m_aPMode, m_aErrorList);
    assertTrue(m_aErrorList.containsAny(x -> x.getErrorText(LOCALE).contains(ECryptoAlgorithmSignDigest.DIGEST_SHA_256.getID())));
}
Also used : Ebms3SignalMessage(com.helger.phase4.ebms3header.Ebms3SignalMessage) PModeLegSecurity(com.helger.phase4.model.pmode.leg.PModeLegSecurity) MessageHelperMethods(com.helger.phase4.messaging.domain.MessageHelperMethods) EMEP(com.helger.phase4.model.EMEP) ErrorList(com.helger.commons.error.list.ErrorList) ETriState(com.helger.commons.state.ETriState) ESoapVersion(com.helger.phase4.soap.ESoapVersion) Assert.assertNotSame(org.junit.Assert.assertNotSame) EPModeSendReceiptReplyPattern(com.helger.phase4.model.pmode.leg.EPModeSendReceiptReplyPattern) ECryptoAlgorithmSign(com.helger.phase4.crypto.ECryptoAlgorithmSign) Locale(java.util.Locale) Ebms3MessageInfo(com.helger.phase4.ebms3header.Ebms3MessageInfo) PMode(com.helger.phase4.model.pmode.PMode) PModeLeg(com.helger.phase4.model.pmode.leg.PModeLeg) ClassRule(org.junit.ClassRule) PModeLegErrorHandling(com.helger.phase4.model.pmode.leg.PModeLegErrorHandling) PhotonAppWebTestRule(com.helger.photon.app.mock.PhotonAppWebTestRule) Before(org.junit.Before) Ebms3PartyId(com.helger.phase4.ebms3header.Ebms3PartyId) PModeLegProtocol(com.helger.phase4.model.pmode.leg.PModeLegProtocol) Ebms3UserMessage(com.helger.phase4.ebms3header.Ebms3UserMessage) ECryptoAlgorithmSignDigest(com.helger.phase4.crypto.ECryptoAlgorithmSignDigest) EWSSVersion(com.helger.phase4.wss.EWSSVersion) Assert.assertTrue(org.junit.Assert.assertTrue) EMEPBinding(com.helger.phase4.model.EMEPBinding) Test(org.junit.Test) Ebms3To(com.helger.phase4.ebms3header.Ebms3To) ECryptoAlgorithmCrypt(com.helger.phase4.crypto.ECryptoAlgorithmCrypt) Ebms3From(com.helger.phase4.ebms3header.Ebms3From) Ignore(org.junit.Ignore) Ebms3PartyInfo(com.helger.phase4.ebms3header.Ebms3PartyInfo) IPModeIDProvider(com.helger.phase4.model.pmode.IPModeIDProvider) PModeLeg(com.helger.phase4.model.pmode.leg.PModeLeg) PModeLegSecurity(com.helger.phase4.model.pmode.leg.PModeLegSecurity) Test(org.junit.Test)

Example 35 with PModeLegSecurity

use of com.helger.phase4.model.pmode.leg.PModeLegSecurity in project phase4 by phax.

the class PeppolCompatibilityValidatorTest method testValidatePModeSecurityWrongX509SignatureAlgorithm.

@Test
public void testValidatePModeSecurityWrongX509SignatureAlgorithm() {
    final PModeLegSecurity aSecurityLeg = m_aPMode.getLeg1().getSecurity();
    aSecurityLeg.setX509SignatureAlgorithm(ECryptoAlgorithmSign.RSA_SHA_384);
    assertNotSame(ECryptoAlgorithmSign.RSA_SHA_256, aSecurityLeg.getX509SignatureAlgorithm());
    m_aPMode.setLeg1(new PModeLeg(PModeLegProtocol.createForDefaultSoapVersion("http://test.example.org"), null, null, null, aSecurityLeg));
    VALIDATOR.validatePMode(m_aPMode, m_aErrorList);
    assertTrue(m_aErrorList.containsAny(x -> x.getErrorText(LOCALE).contains(ECryptoAlgorithmSign.RSA_SHA_256.getID())));
}
Also used : Ebms3SignalMessage(com.helger.phase4.ebms3header.Ebms3SignalMessage) PModeLegSecurity(com.helger.phase4.model.pmode.leg.PModeLegSecurity) MessageHelperMethods(com.helger.phase4.messaging.domain.MessageHelperMethods) EMEP(com.helger.phase4.model.EMEP) ErrorList(com.helger.commons.error.list.ErrorList) ETriState(com.helger.commons.state.ETriState) ESoapVersion(com.helger.phase4.soap.ESoapVersion) Assert.assertNotSame(org.junit.Assert.assertNotSame) EPModeSendReceiptReplyPattern(com.helger.phase4.model.pmode.leg.EPModeSendReceiptReplyPattern) ECryptoAlgorithmSign(com.helger.phase4.crypto.ECryptoAlgorithmSign) Locale(java.util.Locale) Ebms3MessageInfo(com.helger.phase4.ebms3header.Ebms3MessageInfo) PMode(com.helger.phase4.model.pmode.PMode) PModeLeg(com.helger.phase4.model.pmode.leg.PModeLeg) ClassRule(org.junit.ClassRule) PModeLegErrorHandling(com.helger.phase4.model.pmode.leg.PModeLegErrorHandling) PhotonAppWebTestRule(com.helger.photon.app.mock.PhotonAppWebTestRule) Before(org.junit.Before) Ebms3PartyId(com.helger.phase4.ebms3header.Ebms3PartyId) PModeLegProtocol(com.helger.phase4.model.pmode.leg.PModeLegProtocol) Ebms3UserMessage(com.helger.phase4.ebms3header.Ebms3UserMessage) ECryptoAlgorithmSignDigest(com.helger.phase4.crypto.ECryptoAlgorithmSignDigest) EWSSVersion(com.helger.phase4.wss.EWSSVersion) Assert.assertTrue(org.junit.Assert.assertTrue) EMEPBinding(com.helger.phase4.model.EMEPBinding) Test(org.junit.Test) Ebms3To(com.helger.phase4.ebms3header.Ebms3To) ECryptoAlgorithmCrypt(com.helger.phase4.crypto.ECryptoAlgorithmCrypt) Ebms3From(com.helger.phase4.ebms3header.Ebms3From) Ignore(org.junit.Ignore) Ebms3PartyInfo(com.helger.phase4.ebms3header.Ebms3PartyInfo) IPModeIDProvider(com.helger.phase4.model.pmode.IPModeIDProvider) PModeLeg(com.helger.phase4.model.pmode.leg.PModeLeg) PModeLegSecurity(com.helger.phase4.model.pmode.leg.PModeLegSecurity) Test(org.junit.Test)

Aggregations

PModeLegSecurity (com.helger.phase4.model.pmode.leg.PModeLegSecurity)48 PModeLegErrorHandling (com.helger.phase4.model.pmode.leg.PModeLegErrorHandling)43 PModeLeg (com.helger.phase4.model.pmode.leg.PModeLeg)42 PModeLegProtocol (com.helger.phase4.model.pmode.leg.PModeLegProtocol)42 ESoapVersion (com.helger.phase4.soap.ESoapVersion)42 ETriState (com.helger.commons.state.ETriState)41 ECryptoAlgorithmCrypt (com.helger.phase4.crypto.ECryptoAlgorithmCrypt)41 ECryptoAlgorithmSign (com.helger.phase4.crypto.ECryptoAlgorithmSign)41 ECryptoAlgorithmSignDigest (com.helger.phase4.crypto.ECryptoAlgorithmSignDigest)41 EWSSVersion (com.helger.phase4.wss.EWSSVersion)41 PMode (com.helger.phase4.model.pmode.PMode)40 ErrorList (com.helger.commons.error.list.ErrorList)39 Ebms3From (com.helger.phase4.ebms3header.Ebms3From)39 Ebms3MessageInfo (com.helger.phase4.ebms3header.Ebms3MessageInfo)39 Ebms3PartyId (com.helger.phase4.ebms3header.Ebms3PartyId)39 Ebms3PartyInfo (com.helger.phase4.ebms3header.Ebms3PartyInfo)39 Ebms3SignalMessage (com.helger.phase4.ebms3header.Ebms3SignalMessage)39 Ebms3To (com.helger.phase4.ebms3header.Ebms3To)39 Ebms3UserMessage (com.helger.phase4.ebms3header.Ebms3UserMessage)39 MessageHelperMethods (com.helger.phase4.messaging.domain.MessageHelperMethods)39