sepafm 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/sepa/application_request.rb +13 -11
- data/lib/sepa/application_response.rb +23 -23
- data/lib/sepa/attribute_checks.rb +0 -21
- data/lib/sepa/banks/danske/danske_response.rb +40 -14
- data/lib/sepa/banks/danske/soap_danske.rb +127 -125
- data/lib/sepa/banks/nordea/nordea_response.rb +11 -11
- data/lib/sepa/banks/nordea/soap_nordea.rb +2 -2
- data/lib/sepa/client.rb +40 -3
- data/lib/sepa/response.rb +68 -79
- data/lib/sepa/soap_builder.rb +20 -19
- data/lib/sepa/utilities.rb +30 -15
- data/lib/sepa/version.rb +1 -1
- data/lib/sepafm.rb +14 -0
- data/{README.md → readme.md} +1 -1
- data/test/sepa/banks/danske/danske_cert_response_test.rb +28 -14
- data/test/sepa/banks/danske/danske_cert_soap_builder_test.rb +3 -3
- data/test/sepa/banks/danske/danske_generic_soap_builder_test.rb +4 -4
- data/test/sepa/banks/danske/responses/create_cert.xml +14 -37
- data/test/sepa/banks/nordea/nordea_application_request_test.rb +9 -9
- data/test/sepa/banks/nordea/nordea_application_response_test.rb +69 -57
- data/test/sepa/banks/nordea/nordea_cert_application_request_test.rb +2 -2
- data/test/sepa/banks/nordea/nordea_cert_request_soap_builder_test.rb +1 -1
- data/test/sepa/banks/nordea/nordea_generic_soap_builder_test.rb +4 -4
- data/test/sepa/banks/nordea/nordea_response_test.rb +56 -34
- data/test/sepa/client_test.rb +43 -34
- data/test/sepa/fixtures.rb +1 -1
- data/test/sepa/sepa_test.rb +1 -1
- data/test/test_helper.rb +15 -0
- metadata +3 -3
data/lib/sepa/version.rb
CHANGED
data/lib/sepafm.rb
CHANGED
|
@@ -25,3 +25,17 @@ SCHEMA_PATH = "#{ROOT_PATH}/lib/sepa/xml_schemas"
|
|
|
25
25
|
SCHEMA_FILE = "#{ROOT_PATH}/lib/sepa/xml_schemas/wsdl.xml"
|
|
26
26
|
AR_TEMPLATE_PATH = "#{ROOT_PATH}/lib/sepa/xml_templates/application_request"
|
|
27
27
|
SOAP_TEMPLATE_PATH = "#{ROOT_PATH}/lib/sepa/xml_templates/soap"
|
|
28
|
+
|
|
29
|
+
# Common XML namespaces
|
|
30
|
+
DSIG = 'http://www.w3.org/2000/09/xmldsig#'
|
|
31
|
+
OASIS_UTILITY = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'
|
|
32
|
+
OASIS_SECEXT = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'
|
|
33
|
+
XML_DATA = 'http://bxd.fi/xmldata/'
|
|
34
|
+
BXD = 'http://model.bxd.fi'
|
|
35
|
+
|
|
36
|
+
# Nordea XML namespaces
|
|
37
|
+
NORDEA_PKI = 'http://bxd.fi/CertificateService'
|
|
38
|
+
NORDEA_XML_DATA = 'http://filetransfer.nordea.com/xmldata/'
|
|
39
|
+
|
|
40
|
+
# Danske XML namespaces
|
|
41
|
+
DANSKE_PKI = 'http://danskebank.dk/PKI/PKIFactoryService/elements'
|
data/{README.md → readme.md}
RENAMED
|
@@ -2,51 +2,65 @@ require 'test_helper'
|
|
|
2
2
|
|
|
3
3
|
class DanskeCertResponseTest < ActiveSupport::TestCase
|
|
4
4
|
|
|
5
|
-
|
|
6
|
-
|
|
5
|
+
setup do
|
|
6
|
+
options = {
|
|
7
|
+
response: (File.open "#{DANSKE_TEST_RESPONSE_PATH}get_bank_cert.xml"),
|
|
8
|
+
command: :get_bank_certificate
|
|
9
|
+
}
|
|
10
|
+
@get_bank_cert_response = Sepa::DanskeResponse.new options
|
|
7
11
|
|
|
8
|
-
|
|
9
|
-
|
|
12
|
+
options = {
|
|
13
|
+
response: (File.open "#{DANSKE_TEST_RESPONSE_PATH}create_cert.xml"),
|
|
14
|
+
command: :create_certificate
|
|
15
|
+
}
|
|
16
|
+
@create_certificate_response = Sepa::DanskeResponse.new options
|
|
17
|
+
end
|
|
10
18
|
|
|
11
|
-
##
|
|
12
19
|
# Tests for get bank certificate
|
|
13
|
-
|
|
14
20
|
test 'should have correct bank signing cert with get_bank_certificate command' do
|
|
15
|
-
bank_signing_cert = get_bank_cert_response.bank_signing_cert
|
|
21
|
+
bank_signing_cert = @get_bank_cert_response.bank_signing_cert
|
|
16
22
|
refute_nil bank_signing_cert
|
|
17
23
|
assert_equal bank_signing_cert.to_s, DANSKE_BANK_SIGNING_CERT
|
|
18
24
|
end
|
|
19
25
|
|
|
20
26
|
test 'should have corrent bank encryption cert with get bank certificate command' do
|
|
21
|
-
bank_encryption_cert = get_bank_cert_response.bank_encryption_cert
|
|
27
|
+
bank_encryption_cert = @get_bank_cert_response.bank_encryption_cert
|
|
22
28
|
refute_nil bank_encryption_cert
|
|
23
29
|
assert_equal bank_encryption_cert.to_s, DANSKE_BANK_ENCRYPTION_CERT
|
|
24
30
|
end
|
|
25
31
|
|
|
26
32
|
test 'should have correct bank root cert with get bank certificate command' do
|
|
27
|
-
bank_root_cert = get_bank_cert_response.bank_root_cert
|
|
33
|
+
bank_root_cert = @get_bank_cert_response.bank_root_cert
|
|
28
34
|
refute_nil bank_root_cert
|
|
29
35
|
assert_equal bank_root_cert.to_s, DANSKE_BANK_ROOT_CERT
|
|
30
36
|
end
|
|
31
37
|
|
|
32
|
-
##
|
|
33
38
|
# Tests for create certificate
|
|
34
|
-
|
|
35
39
|
test 'should have own encryption certificate with create certificate command' do
|
|
36
|
-
own_encryption_cert = create_certificate_response.own_encryption_cert
|
|
40
|
+
own_encryption_cert = @create_certificate_response.own_encryption_cert
|
|
37
41
|
refute_nil own_encryption_cert
|
|
38
42
|
assert own_encryption_cert.respond_to? :sign
|
|
39
43
|
end
|
|
40
44
|
|
|
41
45
|
test 'should have on signing certificate with create certificate command' do
|
|
42
|
-
own_signing_cert = create_certificate_response.own_signing_cert
|
|
46
|
+
own_signing_cert = @create_certificate_response.own_signing_cert
|
|
43
47
|
refute_nil own_signing_cert
|
|
44
48
|
assert own_signing_cert.respond_to? :sign
|
|
45
49
|
end
|
|
46
50
|
|
|
47
51
|
test 'should have correct CA certificate with create certificate command' do
|
|
48
|
-
ca_certificate = create_certificate_response.ca_certificate
|
|
52
|
+
ca_certificate = @create_certificate_response.ca_certificate
|
|
49
53
|
refute_nil ca_certificate
|
|
50
54
|
assert ca_certificate.respond_to? :sign
|
|
51
55
|
end
|
|
56
|
+
|
|
57
|
+
test 'hashes should match' do
|
|
58
|
+
assert @create_certificate_response.hashes_match?
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
test 'hashes shouldnt match when data is corrupted' do
|
|
62
|
+
@create_certificate_response.doc.at('xmlns|ReturnText', xmlns: DANSKE_PKI).content = 'kana'
|
|
63
|
+
refute @create_certificate_response.hashes_match?
|
|
64
|
+
end
|
|
65
|
+
|
|
52
66
|
end
|
|
@@ -66,17 +66,17 @@ class DanskeCertSoapBuilderTest < ActiveSupport::TestCase
|
|
|
66
66
|
|
|
67
67
|
def test_encrypted_key_is_added_properly_and_can_be_decrypted
|
|
68
68
|
enc_key = @doc.css("CipherValue", 'xmlns' => @xenc)[0].content
|
|
69
|
-
enc_key =
|
|
69
|
+
enc_key = decode enc_key
|
|
70
70
|
assert @enc_private_key.private_decrypt(enc_key)
|
|
71
71
|
end
|
|
72
72
|
|
|
73
73
|
def test_encypted_data_is_added_properly_and_can_be_decrypted
|
|
74
74
|
enc_key = @doc.css("CipherValue", 'xmlns' => @xenc)[0].content
|
|
75
|
-
enc_key =
|
|
75
|
+
enc_key = decode enc_key
|
|
76
76
|
key = @enc_private_key.private_decrypt(enc_key)
|
|
77
77
|
|
|
78
78
|
encypted_data = @doc.css("CipherValue", 'xmlns' => @xenc)[1].content
|
|
79
|
-
encypted_data =
|
|
79
|
+
encypted_data = decode encypted_data
|
|
80
80
|
iv = encypted_data[0, 8]
|
|
81
81
|
encypted_data = encypted_data[8, encypted_data.length]
|
|
82
82
|
|
|
@@ -26,7 +26,7 @@ class DanskeGenericSoapBuilderTest < ActiveSupport::TestCase
|
|
|
26
26
|
status: 'ALL',
|
|
27
27
|
target_id: 'Danske FI',
|
|
28
28
|
file_type: 'pain.001.001.02',
|
|
29
|
-
content:
|
|
29
|
+
content: encode('kissa'),
|
|
30
30
|
file_reference: "11111111A12006030329501800000014",
|
|
31
31
|
}
|
|
32
32
|
|
|
@@ -159,7 +159,7 @@ class DanskeGenericSoapBuilderTest < ActiveSupport::TestCase
|
|
|
159
159
|
inclusive_namespaces = nil, with_comments = false
|
|
160
160
|
)
|
|
161
161
|
|
|
162
|
-
actual_digest =
|
|
162
|
+
actual_digest = encode(sha1.digest(body_node)).strip
|
|
163
163
|
|
|
164
164
|
assert_equal actual_digest, added_digest
|
|
165
165
|
end
|
|
@@ -208,7 +208,7 @@ class DanskeGenericSoapBuilderTest < ActiveSupport::TestCase
|
|
|
208
208
|
with_comments = false
|
|
209
209
|
)
|
|
210
210
|
|
|
211
|
-
actual_digest =
|
|
211
|
+
actual_digest = encode(sha1.digest(timestamp_node)).strip
|
|
212
212
|
|
|
213
213
|
assert_equal actual_digest, added_digest
|
|
214
214
|
end
|
|
@@ -230,7 +230,7 @@ class DanskeGenericSoapBuilderTest < ActiveSupport::TestCase
|
|
|
230
230
|
with_comments = false
|
|
231
231
|
)
|
|
232
232
|
|
|
233
|
-
actual_signature =
|
|
233
|
+
actual_signature = encode(
|
|
234
234
|
private_key.sign(sha1, signed_info_node)
|
|
235
235
|
).gsub(/\s+/, "")
|
|
236
236
|
|
|
@@ -1,38 +1,15 @@
|
|
|
1
1
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
-
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:pkif="http://danskebank.dk/PKI/PKIFactoryService" xmlns:elem="http://danskebank.dk/PKI/PKIFactoryService/elements" xmlns:xd="http://www.w3.org/2000/09/xmldsig#">
|
|
3
|
-
<
|
|
4
|
-
|
|
5
|
-
<
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
<
|
|
9
|
-
<
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
<tns:ReturnText>OK</tns:ReturnText>
|
|
17
|
-
<tns:EncryptionCert>MIIDnzCCAoegAwIBAgIHHoy+tGx4NjANBgkqhkiG9w0BAQsFADCBwjEQMA4GA1UEAxMHREJHQ0FEQjELMAkGA1UEBhMCREsxEzARBgNVBAcTCkNvcGVuaGFnZW4xEDAOBgNVBAgTB0Rlbm1hcmsxGjAYBgNVBAoTEURhbnNrZSBCYW5rIEdyb3VwMRgwFgYDVQQLEw9EYW5za2UgQmFuayBBL1MxGDAWBgNVBAUTDzYxMTI2MjI4MjIzMDEwMTEJMAcGA1UEBBMAMQkwBwYDVQQqEwAxCTAHBgNVBAwTADEJMAcGA1UEERMAMB4XDTEwMDUyODExMTgzOVoXDTEyMDUyNzExMTgzOVowgaYxIDAeBgNVBAMTF0JFTkdUU1NPTiBPRyBGUi4gSkVOU0VOMQswCQYDVQQGEwJESzEcMBoGA1UEChMTREJUUyBERU1PIDEuICgzNEFLKTEeMBwGA1UECxMVQ09SUE9SQVRFIERFVkVMT1BNRU5UMTcwNQYDVQQFEy5TRS1LRVJIVi9EQUJBOjAwOTIxMDA4NDEtQUdSOjA2MTA0OC1VU1I6MDYxMTMzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvWdhjVCuWXWu4H8WqUJGuvme+6l0g37fAXur3Xm28RChzvhue7pvwhtsZEyHN3Oa9DhLMV9UQC4wy5Md7Js+rm2HtgOtM2LMorE4GeoTYpi5f1fbYDUqHj2ygkkWDqQ9v0xSCJkGIyW+1vsrcId+DDlZqBacuXwtv5xy8plmX7wIDAQABozgwNjAJBgNVHQ4EAgQAMBkGA1UdIwQSMBCADsLGxMP29vnBwsTCxsTDMA4GA1UdDwEB/wQEAwIEMDANBgkqhkiG9w0BAQsFAAOCAQEAkITeNDN6Mxkb8AXF9SjZ1xfWD+yZcyb5wqQmpvwlM1gfovvV5mW/r2Wgn8uyhwwZd8dDJClNRslQeQrV8FbmCF8uh0dr1z2pt/t3u6lZ5YH1MWmLKGpJ8gGnWkRwEtkeZCuaD+Nji6YCGqCPytmKae+CFvz46XrvQ+VxfoqD8IlSoT2Himw6kfbE7H5oyJtuBSjozz+zz9GE09HQzCn3j1AX1jF0U0qFOXOR185NnDHtQPBytUOOBHBNog1+bVfby7E1nmXum38pMVnv5ReSvnhKhmusmxkHaKCGwgYCoKMvsXntHStAvmH/t4tGdNyLvmC/88GYfoBXtNrsuZV3Ew==</tns:EncryptionCert>
|
|
18
|
-
<tns:SigningCert>MIIDnzCCAoegAwIBAgIHHoy+tGx4NTANBgkqhkiG9w0BAQsFADCBwjEQMA4GA1UEAxMHREJHQ0FEQjELMAkGA1UEBhMCREsxEzARBgNVBAcTCkNvcGVuaGFnZW4xEDAOBgNVBAgTB0Rlbm1hcmsxGjAYBgNVBAoTEURhbnNrZSBCYW5rIEdyb3VwMRgwFgYDVQQLEw9EYW5za2UgQmFuayBBL1MxGDAWBgNVBAUTDzYxMTI2MjI4MjIzMDEwMTEJMAcGA1UEBBMAMQkwBwYDVQQqEwAxCTAHBgNVBAwTADEJMAcGA1UEERMAMB4XDTEwMDUyODExMTgzOVoXDTEyMDUyNzExMTgzOVowgaYxIDAeBgNVBAMTF0JFTkdUU1NPTiBPRyBGUi4gSkVOU0VOMQswCQYDVQQGEwJESzEcMBoGA1UEChMTREJUUyBERU1PIDEuICgzNEFLKTEeMBwGA1UECxMVQ09SUE9SQVRFIERFVkVMT1BNRU5UMTcwNQYDVQQFEy5TRS1LRVJIVi9EQUJBOjAwOTIxMDA4NDEtQUdSOjA2MTA0OC1VU1I6MDYxMTMzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfh+ajEvsFS1kByPsjReO+EmyFglGDiCBh7voya2aSbvGMQm/aAYugTliAhoklq4adwUwqjf86gon3ZdUMDBmDpJiPlxeexBHesOjr32hxzO8u67tS5o1xfDex3ga192g+94pAJsqmn3Fc8LJ0Wn2zJPtYCTYvbrx6551QLiD3fwIDAQABozgwNjAJBgNVHQ4EAgQAMBkGA1UdIwQSMBCADsLGxMP29vnBwsTCxsTDMA4GA1UdDwEB/wQEAwIGwDANBgkqhkiG9w0BAQsFAAOCAQEASgxJaAoWP08MKVnuvNxG7EkmogFUfKCX7fWrHYxDzEs5uhnRQ6IR4GitTHEM/BE5KNGu6MuHuKMhp4HuMBg5YzaFtk5yFk+K6BjLEEFwz/NBFLyrtPmrezxjmxMYx4PRTqeyEthOIkZ1KFQvzxB1Vg2Kt5fqdvxKVODAFstJB2nE3uICnrOQmHlo/R/1rp0J/VQnOsWdgKmIFhFlFdFpWhI7m1ry7cuilHPdCHq+M83jGfTYVXulwbxDYv0LPHZGzCxoAnxZQM4r2HqwXTCZiRT/eP+fEv7A571aHb9GhJhQQQ0lStd1vhOJu1LlO3fe68SSKSye5CozKwvvlEwbag==</tns:SigningCert>
|
|
19
|
-
<tns:CACert>MIIEFzCCAv+gAwIBAgIFAc+WvjUwDQYJKoZIhvcNAQELBQAwgZgxEDAOBgNVBAMTB0RCR1JPT1QxCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MTEzMDAwMzAeFw0xMDEwMTEwMDAwMDBaFw0yMDEwMTEwMDAwMDBaMIGaMRAwDgYDVQQDEwdEQkdTV0RLMQswCQYDVQQGEwJESzETMBEGA1UEBxMKQ29wZW5oYWdlbjEQMA4GA1UECBMHRGVubWFyazEaMBgGA1UEChMRRGFuc2tlIEJhbmsgR3JvdXAxHDAaBgNVBAsTE0RhbnNrZSBCYW5rIERlbm1hcmsxGDAWBgNVBAUTDzYxMTI2MjI4NzczMDEwMTCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAOC0DrY9Q4HzHQ/BWr/RWB1GOq+90BiGN85uhWAeGGMI2od/ahn/R7zl8+MNcMLAuVHB8LvzRrC3lxZqjNvRKv8fYsMgwdmdYtBwiqHINpXTLjQxtLEWqEu5fiMZAi1oFE08YAkCDLUGopbkY+d2KULqxFK2blwHi3m0jOwuZGiw4ELeChGcELsOpCT/oJU5mR3dFHbRs3HBgWmuFwJKvwHNZeNAmrCwEUWqw1x4MjQRHRGl10TfTNqPrd7zyTfyR0+GPy1INxHwWZroBUc9j54ONX9pV6x835WedHdo80UxImjCiIruClzsMAXYtvsC3d9xgk9oLNFIVPRe2fTs07ECAQOjZjBkMB8GA1UdIwQYMBaAFLU6ie9kUC8x5CDLauuTRJBL35qYMB0GA1UdDgQWBBQO5nD7QkqlQCrxigdJncTYo20tIzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkqhkiG9w0BAQsFAAOCAQEAQPCp0H3g88CZZurq0kS76ozBVRiLZ3V8S0+IYi0dmMCfTpW/qnEzMGn+NlHOvgkm5C2VaHCdbEzZPsvv4cx2YrqpsFf8x+Ts6W2r3VVjOdve5u0Oj1CK/ONwaqUl5p4SxRCfnv6sSh6TwxhJF/zESiHXLdyWdJf+NkXsATE6QB4ZjgaGw1NcvhnDUvbbfUZ1zOTIf7+wUpfCNCJi0T1sFvJ88nYkVoQmVWQFS7Kwj+kwQ1ILfnp/1xbycrt1XNxZ8SkRDAWOJARY0fS/C0o7/1t/SB2ePrY/g0U8ZWi0B6odT5isGNpLOKzhD5YGjbKGesC9GEnhmhLoawXU7b4Wcw==</tns:CACert>
|
|
20
|
-
<tns:RequestId/>
|
|
21
|
-
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
|
|
22
|
-
<SignedInfo>
|
|
23
|
-
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
|
|
24
|
-
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
|
|
25
|
-
<Reference URI="#response">
|
|
26
|
-
<Transforms>
|
|
27
|
-
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
|
28
|
-
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
|
|
29
|
-
</Transforms>
|
|
30
|
-
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
|
|
31
|
-
<DigestValue>2vCYl3h7ksRgk7IyV2axgpXxTWM=</DigestValue>
|
|
32
|
-
</Reference>
|
|
33
|
-
</SignedInfo>
|
|
34
|
-
<SignatureValue>CqPQW88gjJayDovXbk++IXJ5yjAJNf5+BL6wodkwIErqLdK3DYeAn9T6MQRNciB7POZkKqtnFj4CG1mbpGRCP5yduaBYP96uUoRSZiGuFHqb5HvMIgMvDCsnRJX11tUaMhrZkktYb0Xx2ulPrbLm/n9kW9L0oZftEijm7ixYSIsNEdJMHxWqCDGQCzLwD5zz512nNHEm3Ddimvh3mOqZ6deGtfODl4KuK247NNuak6Pjz9sE5hJnwDi4E1jtme735HEcxkrtYlqTIOjPXS/xRKkHEW6R59R3DR3FpYAo3H+SR/2WptoQhaBvVtlzle9Z8BG2JFRnbudAo3CkA245Vg==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIEADCCAuigAwIBAgIFAMa3bfMwDQYJKoZIhvcNAQELBQAwgZgxEDAOBgNVBAMTB0RCR1JPT1QxCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MTExMDAwMjAeFw0xMjA4MDEwMDAwMDBaFw0xNDEwMzEwMDAwMDBaMIGXMQ8wDQYDVQQDEwZEUFNJR04xCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MzkxMDAwMzCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAL1zYMqPk/6klEpL5wo+vWAo3MmxPz4wq9wuLAHpPUhJ4ZpHmncNsdmqSSXT6U4mxTY8tzKvz4ZdTDljp+5J6OxOl1B7av3V7hlHtfGb7wozsBAya2JOoPrLxc+ajapslbduiEvdhW9ZLKvn/n7rQ9sZzHA6GyGKQk8lfvKK+OjMylA86XyxApasFD/0eIDnzUJHth3UpPoQTJAlB7h7d4CKc/QG9tFv900AAi4R/Tmy9TRai7fVCkXz7y4qRXN+M7NIhDGAsCmtM6oSuDqjv3lh10nD7XELTxTvcbpq5xHLt9yknwjiM2ivc4XudDMgC7ESoH6vaJSUcbC17+wa6IUCAQOjUjBQMB8GA1UdIwQYMBaAFIT65b/ekUlm38WKUsOzt7MgHMdtMB0GA1UdDgQWBBQHbPgey2TInIKC7xbag8AZG25qnTAOBgNVHQ8BAf8EBAMCBsAwDQYJKoZIhvcNAQELBQADggEBAFl3WfGkVElIeUXjQsr8uQFXhkSbrI14F6mRIkUpCTa9Px/UUfw1HQNVn4Tyep30JmfsFN91Yj387jiZDzoeMYeiVI32wyZkao7rC3Z4YhAfUdPdVFZqO1k2gOgoZ49nyLKVS+GlyuzeLQVBnFE7f3sbpgDTRzd8o58W5VncHuzmSj/IVe8ZwRQ4bm3cHlKTQpRnyz5x7UJjp08fH6KOUal8DVsOaQKoo+jWIsPPir58b/QZsxIRL4uq3qqQt5udrbZqyltRsyxUpgomIN5irCn7Wgr+iYwNLhzXYwxKvwKsNRS7isEAZuyfH9fNarBRP4p72g+225NB0itQ73Xo7pg=</X509Certificate><X509IssuerSerial><X509IssuerName>serialNumber=611262281110002, OU=Danske Bank Group, O=Danske Bank Group, ST=Denmark, L=Copenhagen, C=DK, CN=DBGROOT</X509IssuerName><X509SerialNumber>3333910003</X509SerialNumber></X509IssuerSerial></X509Data></KeyInfo></Signature>
|
|
35
|
-
</tns:CreateCertificateResponse>
|
|
36
|
-
</CreateCertificateOut>
|
|
37
|
-
</soapenv:Body>
|
|
38
|
-
</soapenv:Envelope>
|
|
2
|
+
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:pkif="http://danskebank.dk/PKI/PKIFactoryService" xmlns:elem="http://danskebank.dk/PKI/PKIFactoryService/elements" xmlns:xd="http://www.w3.org/2000/09/xmldsig#"><soapenv:Header/><soapenv:Body><CreateCertificateOut xmlns="http://danskebank.dk/PKI/PKIFactoryService"><pkif:ResponseHeader xmlns=""><pkif:SenderId>360817</pkif:SenderId><pkif:CustomerId>360817</pkif:CustomerId><pkif:RequestId>b0410899f4</pkif:RequestId><pkif:Timestamp>2014-06-25T11:45:47Z</pkif:Timestamp><pkif:InterfaceVersion>1</pkif:InterfaceVersion><pkif:Environment>customertest</pkif:Environment></pkif:ResponseHeader><tns:CreateCertificateResponse xml:id="response" xmlns:tns="http://danskebank.dk/PKI/PKIFactoryService/elements" xmlns=""><tns:ReturnCode>00</tns:ReturnCode><tns:ReturnText>OK</tns:ReturnText><tns:EncryptionCert>MIIDnzCCAoegAwIBAgIHHoy+tGx4NjANBgkqhkiG9w0BAQsFADCBwjEQMA4GA1UEAxMHREJHQ0FEQjELMAkGA1UEBhMCREsxEzARBgNVBAcTCkNvcGVuaGFnZW4xEDAOBgNVBAgTB0Rlbm1hcmsxGjAYBgNVBAoTEURhbnNrZSBCYW5rIEdyb3VwMRgwFgYDVQQLEw9EYW5za2UgQmFuayBBL1MxGDAWBgNVBAUTDzYxMTI2MjI4MjIzMDEwMTEJMAcGA1UEBBMAMQkwBwYDVQQqEwAxCTAHBgNVBAwTADEJMAcGA1UEERMAMB4XDTEwMDUyODExMTgzOVoXDTEyMDUyNzExMTgzOVowgaYxIDAeBgNVBAMTF0JFTkdUU1NPTiBPRyBGUi4gSkVOU0VOMQswCQYDVQQGEwJESzEcMBoGA1UEChMTREJUUyBERU1PIDEuICgzNEFLKTEeMBwGA1UECxMVQ09SUE9SQVRFIERFVkVMT1BNRU5UMTcwNQYDVQQFEy5TRS1LRVJIVi9EQUJBOjAwOTIxMDA4NDEtQUdSOjA2MTA0OC1VU1I6MDYxMTMzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvWdhjVCuWXWu4H8WqUJGuvme+6l0g37fAXur3Xm28RChzvhue7pvwhtsZEyHN3Oa9DhLMV9UQC4wy5Md7Js+rm2HtgOtM2LMorE4GeoTYpi5f1fbYDUqHj2ygkkWDqQ9v0xSCJkGIyW+1vsrcId+DDlZqBacuXwtv5xy8plmX7wIDAQABozgwNjAJBgNVHQ4EAgQAMBkGA1UdIwQSMBCADsLGxMP29vnBwsTCxsTDMA4GA1UdDwEB/wQEAwIEMDANBgkqhkiG9w0BAQsFAAOCAQEAkITeNDN6Mxkb8AXF9SjZ1xfWD+yZcyb5wqQmpvwlM1gfovvV5mW/r2Wgn8uyhwwZd8dDJClNRslQeQrV8FbmCF8uh0dr1z2pt/t3u6lZ5YH1MWmLKGpJ8gGnWkRwEtkeZCuaD+Nji6YCGqCPytmKae+CFvz46XrvQ+VxfoqD8IlSoT2Himw6kfbE7H5oyJtuBSjozz+zz9GE09HQzCn3j1AX1jF0U0qFOXOR185NnDHtQPBytUOOBHBNog1+bVfby7E1nmXum38pMVnv5ReSvnhKhmusmxkHaKCGwgYCoKMvsXntHStAvmH/t4tGdNyLvmC/88GYfoBXtNrsuZV3Ew==</tns:EncryptionCert><tns:SigningCert>MIIDnzCCAoegAwIBAgIHHoy+tGx4NTANBgkqhkiG9w0BAQsFADCBwjEQMA4GA1UEAxMHREJHQ0FEQjELMAkGA1UEBhMCREsxEzARBgNVBAcTCkNvcGVuaGFnZW4xEDAOBgNVBAgTB0Rlbm1hcmsxGjAYBgNVBAoTEURhbnNrZSBCYW5rIEdyb3VwMRgwFgYDVQQLEw9EYW5za2UgQmFuayBBL1MxGDAWBgNVBAUTDzYxMTI2MjI4MjIzMDEwMTEJMAcGA1UEBBMAMQkwBwYDVQQqEwAxCTAHBgNVBAwTADEJMAcGA1UEERMAMB4XDTEwMDUyODExMTgzOVoXDTEyMDUyNzExMTgzOVowgaYxIDAeBgNVBAMTF0JFTkdUU1NPTiBPRyBGUi4gSkVOU0VOMQswCQYDVQQGEwJESzEcMBoGA1UEChMTREJUUyBERU1PIDEuICgzNEFLKTEeMBwGA1UECxMVQ09SUE9SQVRFIERFVkVMT1BNRU5UMTcwNQYDVQQFEy5TRS1LRVJIVi9EQUJBOjAwOTIxMDA4NDEtQUdSOjA2MTA0OC1VU1I6MDYxMTMzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfh+ajEvsFS1kByPsjReO+EmyFglGDiCBh7voya2aSbvGMQm/aAYugTliAhoklq4adwUwqjf86gon3ZdUMDBmDpJiPlxeexBHesOjr32hxzO8u67tS5o1xfDex3ga192g+94pAJsqmn3Fc8LJ0Wn2zJPtYCTYvbrx6551QLiD3fwIDAQABozgwNjAJBgNVHQ4EAgQAMBkGA1UdIwQSMBCADsLGxMP29vnBwsTCxsTDMA4GA1UdDwEB/wQEAwIGwDANBgkqhkiG9w0BAQsFAAOCAQEASgxJaAoWP08MKVnuvNxG7EkmogFUfKCX7fWrHYxDzEs5uhnRQ6IR4GitTHEM/BE5KNGu6MuHuKMhp4HuMBg5YzaFtk5yFk+K6BjLEEFwz/NBFLyrtPmrezxjmxMYx4PRTqeyEthOIkZ1KFQvzxB1Vg2Kt5fqdvxKVODAFstJB2nE3uICnrOQmHlo/R/1rp0J/VQnOsWdgKmIFhFlFdFpWhI7m1ry7cuilHPdCHq+M83jGfTYVXulwbxDYv0LPHZGzCxoAnxZQM4r2HqwXTCZiRT/eP+fEv7A571aHb9GhJhQQQ0lStd1vhOJu1LlO3fe68SSKSye5CozKwvvlEwbag==</tns:SigningCert><tns:CACert>MIIEFzCCAv+gAwIBAgIFAc+WvjUwDQYJKoZIhvcNAQELBQAwgZgxEDAOBgNVBAMTB0RCR1JPT1QxCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MTEzMDAwMzAeFw0xMDEwMTEwMDAwMDBaFw0yMDEwMTEwMDAwMDBaMIGaMRAwDgYDVQQDEwdEQkdTV0RLMQswCQYDVQQGEwJESzETMBEGA1UEBxMKQ29wZW5oYWdlbjEQMA4GA1UECBMHRGVubWFyazEaMBgGA1UEChMRRGFuc2tlIEJhbmsgR3JvdXAxHDAaBgNVBAsTE0RhbnNrZSBCYW5rIERlbm1hcmsxGDAWBgNVBAUTDzYxMTI2MjI4NzczMDEwMTCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAOC0DrY9Q4HzHQ/BWr/RWB1GOq+90BiGN85uhWAeGGMI2od/ahn/R7zl8+MNcMLAuVHB8LvzRrC3lxZqjNvRKv8fYsMgwdmdYtBwiqHINpXTLjQxtLEWqEu5fiMZAi1oFE08YAkCDLUGopbkY+d2KULqxFK2blwHi3m0jOwuZGiw4ELeChGcELsOpCT/oJU5mR3dFHbRs3HBgWmuFwJKvwHNZeNAmrCwEUWqw1x4MjQRHRGl10TfTNqPrd7zyTfyR0+GPy1INxHwWZroBUc9j54ONX9pV6x835WedHdo80UxImjCiIruClzsMAXYtvsC3d9xgk9oLNFIVPRe2fTs07ECAQOjZjBkMB8GA1UdIwQYMBaAFLU6ie9kUC8x5CDLauuTRJBL35qYMB0GA1UdDgQWBBQO5nD7QkqlQCrxigdJncTYo20tIzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkqhkiG9w0BAQsFAAOCAQEAQPCp0H3g88CZZurq0kS76ozBVRiLZ3V8S0+IYi0dmMCfTpW/qnEzMGn+NlHOvgkm5C2VaHCdbEzZPsvv4cx2YrqpsFf8x+Ts6W2r3VVjOdve5u0Oj1CK/ONwaqUl5p4SxRCfnv6sSh6TwxhJF/zESiHXLdyWdJf+NkXsATE6QB4ZjgaGw1NcvhnDUvbbfUZ1zOTIf7+wUpfCNCJi0T1sFvJ88nYkVoQmVWQFS7Kwj+kwQ1ILfnp/1xbycrt1XNxZ8SkRDAWOJARY0fS/C0o7/1t/SB2ePrY/g0U8ZWi0B6odT5isGNpLOKzhD5YGjbKGesC9GEnhmhLoawXU7b4Wcw==</tns:CACert><tns:RequestId/><Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
|
|
3
|
+
<SignedInfo>
|
|
4
|
+
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
|
|
5
|
+
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
|
|
6
|
+
<Reference URI="#response">
|
|
7
|
+
<Transforms>
|
|
8
|
+
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
|
9
|
+
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
|
|
10
|
+
</Transforms>
|
|
11
|
+
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
|
|
12
|
+
<DigestValue>2vCYl3h7ksRgk7IyV2axgpXxTWM=</DigestValue>
|
|
13
|
+
</Reference>
|
|
14
|
+
</SignedInfo>
|
|
15
|
+
<SignatureValue>CqPQW88gjJayDovXbk++IXJ5yjAJNf5+BL6wodkwIErqLdK3DYeAn9T6MQRNciB7POZkKqtnFj4CG1mbpGRCP5yduaBYP96uUoRSZiGuFHqb5HvMIgMvDCsnRJX11tUaMhrZkktYb0Xx2ulPrbLm/n9kW9L0oZftEijm7ixYSIsNEdJMHxWqCDGQCzLwD5zz512nNHEm3Ddimvh3mOqZ6deGtfODl4KuK247NNuak6Pjz9sE5hJnwDi4E1jtme735HEcxkrtYlqTIOjPXS/xRKkHEW6R59R3DR3FpYAo3H+SR/2WptoQhaBvVtlzle9Z8BG2JFRnbudAo3CkA245Vg==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIEADCCAuigAwIBAgIFAMa3bfMwDQYJKoZIhvcNAQELBQAwgZgxEDAOBgNVBAMTB0RCR1JPT1QxCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MTExMDAwMjAeFw0xMjA4MDEwMDAwMDBaFw0xNDEwMzEwMDAwMDBaMIGXMQ8wDQYDVQQDEwZEUFNJR04xCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MzkxMDAwMzCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAL1zYMqPk/6klEpL5wo+vWAo3MmxPz4wq9wuLAHpPUhJ4ZpHmncNsdmqSSXT6U4mxTY8tzKvz4ZdTDljp+5J6OxOl1B7av3V7hlHtfGb7wozsBAya2JOoPrLxc+ajapslbduiEvdhW9ZLKvn/n7rQ9sZzHA6GyGKQk8lfvKK+OjMylA86XyxApasFD/0eIDnzUJHth3UpPoQTJAlB7h7d4CKc/QG9tFv900AAi4R/Tmy9TRai7fVCkXz7y4qRXN+M7NIhDGAsCmtM6oSuDqjv3lh10nD7XELTxTvcbpq5xHLt9yknwjiM2ivc4XudDMgC7ESoH6vaJSUcbC17+wa6IUCAQOjUjBQMB8GA1UdIwQYMBaAFIT65b/ekUlm38WKUsOzt7MgHMdtMB0GA1UdDgQWBBQHbPgey2TInIKC7xbag8AZG25qnTAOBgNVHQ8BAf8EBAMCBsAwDQYJKoZIhvcNAQELBQADggEBAFl3WfGkVElIeUXjQsr8uQFXhkSbrI14F6mRIkUpCTa9Px/UUfw1HQNVn4Tyep30JmfsFN91Yj387jiZDzoeMYeiVI32wyZkao7rC3Z4YhAfUdPdVFZqO1k2gOgoZ49nyLKVS+GlyuzeLQVBnFE7f3sbpgDTRzd8o58W5VncHuzmSj/IVe8ZwRQ4bm3cHlKTQpRnyz5x7UJjp08fH6KOUal8DVsOaQKoo+jWIsPPir58b/QZsxIRL4uq3qqQt5udrbZqyltRsyxUpgomIN5irCn7Wgr+iYwNLhzXYwxKvwKsNRS7isEAZuyfH9fNarBRP4p72g+225NB0itQ73Xo7pg=</X509Certificate><X509IssuerSerial><X509IssuerName>serialNumber=611262281110002, OU=Danske Bank Group, O=Danske Bank Group, ST=Denmark, L=Copenhagen, C=DK, CN=DBGROOT</X509IssuerName><X509SerialNumber>3333910003</X509SerialNumber></X509IssuerSerial></X509Data></KeyInfo></Signature></tns:CreateCertificateResponse></CreateCertificateOut></soapenv:Body></soapenv:Envelope>
|
|
@@ -9,16 +9,16 @@ class NordeaApplicationRequestTest < ActiveSupport::TestCase
|
|
|
9
9
|
@nordea_generic_params[:private_key] = OpenSSL::PKey::RSA.new @nordea_generic_params[:private_key]
|
|
10
10
|
@nordea_generic_params[:cert] = OpenSSL::X509::Certificate.new @nordea_generic_params[:cert]
|
|
11
11
|
|
|
12
|
-
ar_file = Sepa::SoapBuilder.new(@nordea_generic_params).
|
|
12
|
+
ar_file = Sepa::SoapBuilder.new(@nordea_generic_params).application_request
|
|
13
13
|
|
|
14
14
|
@nordea_generic_params[:command] = :get_user_info
|
|
15
|
-
ar_get = Sepa::SoapBuilder.new(@nordea_generic_params).
|
|
15
|
+
ar_get = Sepa::SoapBuilder.new(@nordea_generic_params).application_request
|
|
16
16
|
|
|
17
17
|
@nordea_generic_params[:command] = :download_file_list
|
|
18
|
-
ar_list = Sepa::SoapBuilder.new(@nordea_generic_params).
|
|
18
|
+
ar_list = Sepa::SoapBuilder.new(@nordea_generic_params).application_request
|
|
19
19
|
|
|
20
20
|
@nordea_generic_params[:command] = :upload_file
|
|
21
|
-
ar_up = Sepa::SoapBuilder.new(@nordea_generic_params).
|
|
21
|
+
ar_up = Sepa::SoapBuilder.new(@nordea_generic_params).application_request
|
|
22
22
|
|
|
23
23
|
@doc_file = Nokogiri::XML(ar_file.to_xml)
|
|
24
24
|
@doc_get = Nokogiri::XML(ar_get.to_xml)
|
|
@@ -36,8 +36,8 @@ class NordeaApplicationRequestTest < ActiveSupport::TestCase
|
|
|
36
36
|
sha1.reset
|
|
37
37
|
|
|
38
38
|
xmldsig_schema_digest = sha1.digest(xmldsig_schema)
|
|
39
|
-
assert_equal
|
|
40
|
-
assert_equal
|
|
39
|
+
assert_equal encode(ar_schema_digest).strip, "1O24A7+/6S7CFYVlhH1jEZh1ARs="
|
|
40
|
+
assert_equal encode(xmldsig_schema_digest).strip, "bmG0+2KykgkLeWsXsl6CFbyo4Yc="
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
def test_ar_should_initialize_with_proper_params
|
|
@@ -165,7 +165,7 @@ class NordeaApplicationRequestTest < ActiveSupport::TestCase
|
|
|
165
165
|
end
|
|
166
166
|
|
|
167
167
|
def test_should_have_content_when_upload_file
|
|
168
|
-
assert_equal @doc_up.at_css("Content").content,
|
|
168
|
+
assert_equal @doc_up.at_css("Content").content, encode(@nordea_generic_params[:content])
|
|
169
169
|
end
|
|
170
170
|
|
|
171
171
|
def test_should_not_have_content_when_download_file_list
|
|
@@ -200,7 +200,7 @@ class NordeaApplicationRequestTest < ActiveSupport::TestCase
|
|
|
200
200
|
|
|
201
201
|
# Calculate digest
|
|
202
202
|
sha1 = OpenSSL::Digest::SHA1.new
|
|
203
|
-
actual_digest =
|
|
203
|
+
actual_digest = encode(sha1.digest(@doc_file.canonicalize))
|
|
204
204
|
|
|
205
205
|
# And then make sure the two are equal
|
|
206
206
|
assert_equal calculated_digest.strip, actual_digest.strip
|
|
@@ -222,7 +222,7 @@ class NordeaApplicationRequestTest < ActiveSupport::TestCase
|
|
|
222
222
|
private_key = OpenSSL::PKey::RSA.new(File.read("#{keys_path}/nordea.key"))
|
|
223
223
|
|
|
224
224
|
sha1 = OpenSSL::Digest::SHA1.new
|
|
225
|
-
actual_signature =
|
|
225
|
+
actual_signature = encode(private_key.sign(
|
|
226
226
|
sha1, signed_info_node.canonicalize))
|
|
227
227
|
|
|
228
228
|
# And then of course assert the two are equal
|
|
@@ -1,23 +1,38 @@
|
|
|
1
1
|
require 'test_helper'
|
|
2
2
|
|
|
3
3
|
class NordeaApplicationResponseTest < ActiveSupport::TestCase
|
|
4
|
+
include Sepa::Utilities
|
|
4
5
|
|
|
5
|
-
|
|
6
|
-
keys_path = File.expand_path('../keys', __FILE__)
|
|
7
|
-
@root_cert = OpenSSL::X509::Certificate.new File.read("#{keys_path}/root_cert.cer")
|
|
8
|
-
@not_root_cert = OpenSSL::X509::Certificate.new File.read("#{keys_path}/nordea.crt")
|
|
9
|
-
|
|
10
|
-
@dfl = Nokogiri::XML(File.read("#{NORDEA_TEST_RESPONSE_PATH}/dfl.xml"))
|
|
11
|
-
@dfl = Sepa::Response.new(@dfl, command: :download_file_list).application_response
|
|
12
|
-
|
|
13
|
-
@uf = Nokogiri::XML(File.read("#{NORDEA_TEST_RESPONSE_PATH}/uf.xml"))
|
|
14
|
-
@uf = Sepa::Response.new(@uf, command: :upload_file).application_response
|
|
6
|
+
KEYS_PATH = File.expand_path('../keys', __FILE__)
|
|
15
7
|
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
8
|
+
def setup
|
|
9
|
+
options = {
|
|
10
|
+
response: File.read("#{NORDEA_TEST_RESPONSE_PATH}/dfl.xml"),
|
|
11
|
+
command: :download_file_list
|
|
12
|
+
}
|
|
13
|
+
@dfl = Sepa::NordeaResponse.new(options).application_response
|
|
14
|
+
@dfl_doc = xml_doc @dfl
|
|
15
|
+
|
|
16
|
+
options = {
|
|
17
|
+
response: File.read("#{NORDEA_TEST_RESPONSE_PATH}/uf.xml"),
|
|
18
|
+
command: :upload_file
|
|
19
|
+
}
|
|
20
|
+
@uf = Sepa::NordeaResponse.new(options).application_response
|
|
21
|
+
@uf_doc = xml_doc @dfl
|
|
22
|
+
|
|
23
|
+
options = {
|
|
24
|
+
response: File.read("#{NORDEA_TEST_RESPONSE_PATH}/df_tito.xml"),
|
|
25
|
+
command: :download_file
|
|
26
|
+
}
|
|
27
|
+
@df_tito = Sepa::NordeaResponse.new(options).application_response
|
|
28
|
+
@df_tito_doc = xml_doc @df_tito
|
|
29
|
+
|
|
30
|
+
options = {
|
|
31
|
+
response: File.read("#{NORDEA_TEST_RESPONSE_PATH}/gui.xml"),
|
|
32
|
+
command: :get_user_info
|
|
33
|
+
}
|
|
34
|
+
@gui = Sepa::NordeaResponse.new(options).application_response
|
|
35
|
+
@gui_doc = xml_doc @gui
|
|
21
36
|
|
|
22
37
|
@dfl_ar = Sepa::ApplicationResponse.new(@dfl)
|
|
23
38
|
@uf_ar = Sepa::ApplicationResponse.new(@uf)
|
|
@@ -32,7 +47,7 @@ class NordeaApplicationResponseTest < ActiveSupport::TestCase
|
|
|
32
47
|
assert @gui_ar.valid?
|
|
33
48
|
end
|
|
34
49
|
|
|
35
|
-
def
|
|
50
|
+
def test_should_fail_if_initialized_with_invalid_xml
|
|
36
51
|
as = Sepa::ApplicationResponse.new("Jees")
|
|
37
52
|
refute as.valid?
|
|
38
53
|
end
|
|
@@ -59,39 +74,39 @@ class NordeaApplicationResponseTest < ActiveSupport::TestCase
|
|
|
59
74
|
end
|
|
60
75
|
|
|
61
76
|
def test_invalid_dfl_hash_check_should_not_verify
|
|
62
|
-
customer_id_node = @
|
|
77
|
+
customer_id_node = @dfl_doc.at_css('c2b|CustomerId')
|
|
63
78
|
customer_id_node.content = customer_id_node.content[0..-2]
|
|
64
79
|
|
|
65
|
-
refute Sepa::ApplicationResponse.new(@
|
|
80
|
+
refute Sepa::ApplicationResponse.new(@dfl_doc.to_s).hashes_match?
|
|
66
81
|
end
|
|
67
82
|
|
|
68
83
|
def test_invalid_uf_hash_check_should_not_verify
|
|
69
|
-
timestamp_node = @
|
|
84
|
+
timestamp_node = @uf_doc.at_css('c2b|Timestamp')
|
|
70
85
|
timestamp_node.content = Time.now.iso8601
|
|
71
86
|
|
|
72
|
-
refute Sepa::ApplicationResponse.new(@
|
|
87
|
+
refute Sepa::ApplicationResponse.new(@uf_doc.to_s).hashes_match?
|
|
73
88
|
end
|
|
74
89
|
|
|
75
90
|
def test_invalid_df_hash_check_should_not_verify
|
|
76
|
-
digest_value_node = @
|
|
91
|
+
digest_value_node = @df_tito_doc.at_css(
|
|
77
92
|
'xmlns|DigestValue',
|
|
78
93
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
79
94
|
)
|
|
80
95
|
|
|
81
96
|
digest_value_node.content = digest_value_node.content[4..-1]
|
|
82
97
|
|
|
83
|
-
refute Sepa::ApplicationResponse.new(@
|
|
98
|
+
refute Sepa::ApplicationResponse.new(@df_tito_doc.to_s).hashes_match?
|
|
84
99
|
end
|
|
85
100
|
|
|
86
101
|
def test_invalid_gui_hash_check_should_not_verify
|
|
87
|
-
digest_value_node = @
|
|
102
|
+
digest_value_node = @gui_doc.at_css(
|
|
88
103
|
'xmlns|DigestValue',
|
|
89
104
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
90
105
|
)
|
|
91
106
|
|
|
92
107
|
digest_value_node.content = '1234' + digest_value_node.content
|
|
93
108
|
|
|
94
|
-
refute Sepa::ApplicationResponse.new(@
|
|
109
|
+
refute Sepa::ApplicationResponse.new(@gui_doc.to_s).hashes_match?
|
|
95
110
|
end
|
|
96
111
|
|
|
97
112
|
def test_proper_dfl_signature_should_verify
|
|
@@ -111,51 +126,51 @@ class NordeaApplicationResponseTest < ActiveSupport::TestCase
|
|
|
111
126
|
end
|
|
112
127
|
|
|
113
128
|
def test_corrupted_signature_in_dfl_should_fail_signature_verification
|
|
114
|
-
signature_node = @
|
|
129
|
+
signature_node = @dfl_doc.at_css(
|
|
115
130
|
'xmlns|SignatureValue',
|
|
116
131
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
117
132
|
)
|
|
118
133
|
|
|
119
134
|
signature_node.content = signature_node.content[4..-1]
|
|
120
135
|
|
|
121
|
-
refute Sepa::ApplicationResponse.new(@
|
|
136
|
+
refute Sepa::ApplicationResponse.new(@dfl_doc.to_s).signature_is_valid?
|
|
122
137
|
end
|
|
123
138
|
|
|
124
139
|
def test_corrupted_signature_in_uf_should_fail_signature_verification
|
|
125
|
-
signature_node = @
|
|
140
|
+
signature_node = @uf_doc.at_css(
|
|
126
141
|
'xmlns|SignatureValue',
|
|
127
142
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
128
143
|
)
|
|
129
144
|
|
|
130
145
|
signature_node.content = signature_node.content[0..-5]
|
|
131
146
|
|
|
132
|
-
refute Sepa::ApplicationResponse.new(@
|
|
147
|
+
refute Sepa::ApplicationResponse.new(@uf_doc.to_s).signature_is_valid?
|
|
133
148
|
end
|
|
134
149
|
|
|
135
150
|
def test_corrupted_signature_in_df_should_fail_signature_verification
|
|
136
|
-
signature_node = @
|
|
151
|
+
signature_node = @df_tito_doc.at_css(
|
|
137
152
|
'xmlns|SignatureValue',
|
|
138
153
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
139
154
|
)
|
|
140
155
|
|
|
141
156
|
signature_node.content = 'a' + signature_node.content[1..-1]
|
|
142
157
|
|
|
143
|
-
refute Sepa::ApplicationResponse.new(@
|
|
158
|
+
refute Sepa::ApplicationResponse.new(@df_tito_doc.to_s).signature_is_valid?
|
|
144
159
|
end
|
|
145
160
|
|
|
146
161
|
def test_corrupted_signature_in_gui_should_fail_signature_verification
|
|
147
|
-
signature_node = @
|
|
162
|
+
signature_node = @gui_doc.at_css(
|
|
148
163
|
'xmlns|SignatureValue',
|
|
149
164
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
150
165
|
)
|
|
151
166
|
|
|
152
167
|
signature_node.content = 'zombi' + signature_node.content[1..-1]
|
|
153
168
|
|
|
154
|
-
refute Sepa::ApplicationResponse.new(@
|
|
169
|
+
refute Sepa::ApplicationResponse.new(@gui_doc.to_s).signature_is_valid?
|
|
155
170
|
end
|
|
156
171
|
|
|
157
172
|
def test_should_raise_error_if_certificate_corrupted_in_dfl
|
|
158
|
-
cert_node = @
|
|
173
|
+
cert_node = @dfl_doc.at_css(
|
|
159
174
|
'xmlns|X509Certificate',
|
|
160
175
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
161
176
|
)
|
|
@@ -163,12 +178,12 @@ class NordeaApplicationResponseTest < ActiveSupport::TestCase
|
|
|
163
178
|
cert_node.content = cert_node.content[0..-5]
|
|
164
179
|
|
|
165
180
|
assert_raises(OpenSSL::X509::CertificateError) do
|
|
166
|
-
Sepa::ApplicationResponse.new(@
|
|
181
|
+
Sepa::ApplicationResponse.new(@dfl_doc.to_s).certificate
|
|
167
182
|
end
|
|
168
183
|
end
|
|
169
184
|
|
|
170
185
|
def test_should_raise_error_if_certificate_corrupted_in_uf
|
|
171
|
-
cert_node = @
|
|
186
|
+
cert_node = @uf_doc.at_css(
|
|
172
187
|
'xmlns|X509Certificate',
|
|
173
188
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
174
189
|
)
|
|
@@ -176,12 +191,12 @@ class NordeaApplicationResponseTest < ActiveSupport::TestCase
|
|
|
176
191
|
cert_node.content = cert_node.content[4..-1]
|
|
177
192
|
|
|
178
193
|
assert_raises(OpenSSL::X509::CertificateError) do
|
|
179
|
-
Sepa::ApplicationResponse.new(@
|
|
194
|
+
Sepa::ApplicationResponse.new(@uf_doc.to_s).certificate
|
|
180
195
|
end
|
|
181
196
|
end
|
|
182
197
|
|
|
183
198
|
def test_should_raise_error_if_certificate_corrupted_in_df
|
|
184
|
-
cert_node = @
|
|
199
|
+
cert_node = @df_tito_doc.at_css(
|
|
185
200
|
'xmlns|X509Certificate',
|
|
186
201
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
187
202
|
)
|
|
@@ -189,44 +204,41 @@ class NordeaApplicationResponseTest < ActiveSupport::TestCase
|
|
|
189
204
|
cert_node.content = "n5iw#{cert_node.content}"
|
|
190
205
|
|
|
191
206
|
assert_raises(OpenSSL::X509::CertificateError) do
|
|
192
|
-
Sepa::ApplicationResponse.new(@
|
|
207
|
+
Sepa::ApplicationResponse.new(@df_tito_doc.to_s).certificate
|
|
193
208
|
end
|
|
194
209
|
end
|
|
195
210
|
|
|
196
211
|
def test_should_raise_error_if_certificate_corrupted_in_gui
|
|
197
|
-
cert_node = @
|
|
212
|
+
cert_node = @gui_doc.at_css(
|
|
198
213
|
'xmlns|X509Certificate',
|
|
199
214
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
200
215
|
)
|
|
201
216
|
|
|
202
|
-
cert_node.content =
|
|
217
|
+
cert_node.content = encode 'voivoi'
|
|
203
218
|
|
|
204
219
|
assert_raises(OpenSSL::X509::CertificateError) do
|
|
205
|
-
Sepa::ApplicationResponse.new(@
|
|
220
|
+
Sepa::ApplicationResponse.new(@gui_doc.to_s).certificate
|
|
206
221
|
end
|
|
207
222
|
end
|
|
208
223
|
|
|
209
224
|
def test_cert_should_be_trusted_with_correct_root_cert
|
|
210
|
-
|
|
211
|
-
assert @
|
|
212
|
-
assert @
|
|
213
|
-
assert @
|
|
214
|
-
|
|
215
|
-
|
|
216
|
-
def test_dfl_should_fail_if_wrong_root_cert
|
|
217
|
-
assert_raises(SecurityError) { @dfl_ar.cert_is_trusted(@not_root_cert) }
|
|
218
|
-
end
|
|
219
|
-
|
|
220
|
-
def test_uf_should_fail_if_wrong_root_cert
|
|
221
|
-
assert_raises(SecurityError) { @uf_ar.cert_is_trusted(@not_root_cert) }
|
|
225
|
+
root_cert = OpenSSL::X509::Certificate.new File.read("#{KEYS_PATH}/root_cert.cer")
|
|
226
|
+
assert @dfl_ar.cert_is_trusted(root_cert)
|
|
227
|
+
assert @uf_ar.cert_is_trusted(root_cert)
|
|
228
|
+
assert @df_ar.cert_is_trusted(root_cert)
|
|
229
|
+
assert @gui_ar.cert_is_trusted(root_cert)
|
|
222
230
|
end
|
|
223
231
|
|
|
224
|
-
def
|
|
225
|
-
|
|
232
|
+
def test_should_fail_if_wrong_root_cert
|
|
233
|
+
not_root_cert = OpenSSL::X509::Certificate.new File.read("#{KEYS_PATH}/nordea.crt")
|
|
234
|
+
assert_raises(SecurityError) { @dfl_ar.cert_is_trusted(not_root_cert) }
|
|
235
|
+
assert_raises(SecurityError) { @uf_ar.cert_is_trusted(not_root_cert) }
|
|
236
|
+
assert_raises(SecurityError) { @df_ar.cert_is_trusted(not_root_cert) }
|
|
237
|
+
assert_raises(SecurityError) { @gui_ar.cert_is_trusted(not_root_cert) }
|
|
226
238
|
end
|
|
227
239
|
|
|
228
|
-
|
|
229
|
-
|
|
240
|
+
test 'to_s works' do
|
|
241
|
+
assert_equal @uf, @uf_ar.to_s
|
|
230
242
|
end
|
|
231
243
|
|
|
232
244
|
end
|