sepafm 0.1.0 → 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/sepa/application_request.rb +13 -11
- data/lib/sepa/application_response.rb +23 -23
- data/lib/sepa/attribute_checks.rb +0 -21
- data/lib/sepa/banks/danske/danske_response.rb +40 -14
- data/lib/sepa/banks/danske/soap_danske.rb +127 -125
- data/lib/sepa/banks/nordea/nordea_response.rb +11 -11
- data/lib/sepa/banks/nordea/soap_nordea.rb +2 -2
- data/lib/sepa/client.rb +40 -3
- data/lib/sepa/response.rb +68 -79
- data/lib/sepa/soap_builder.rb +20 -19
- data/lib/sepa/utilities.rb +30 -15
- data/lib/sepa/version.rb +1 -1
- data/lib/sepafm.rb +14 -0
- data/{README.md → readme.md} +1 -1
- data/test/sepa/banks/danske/danske_cert_response_test.rb +28 -14
- data/test/sepa/banks/danske/danske_cert_soap_builder_test.rb +3 -3
- data/test/sepa/banks/danske/danske_generic_soap_builder_test.rb +4 -4
- data/test/sepa/banks/danske/responses/create_cert.xml +14 -37
- data/test/sepa/banks/nordea/nordea_application_request_test.rb +9 -9
- data/test/sepa/banks/nordea/nordea_application_response_test.rb +69 -57
- data/test/sepa/banks/nordea/nordea_cert_application_request_test.rb +2 -2
- data/test/sepa/banks/nordea/nordea_cert_request_soap_builder_test.rb +1 -1
- data/test/sepa/banks/nordea/nordea_generic_soap_builder_test.rb +4 -4
- data/test/sepa/banks/nordea/nordea_response_test.rb +56 -34
- data/test/sepa/client_test.rb +43 -34
- data/test/sepa/fixtures.rb +1 -1
- data/test/sepa/sepa_test.rb +1 -1
- data/test/test_helper.rb +15 -0
- metadata +3 -3
data/lib/sepa/version.rb
CHANGED
data/lib/sepafm.rb
CHANGED
|
@@ -25,3 +25,17 @@ SCHEMA_PATH = "#{ROOT_PATH}/lib/sepa/xml_schemas"
|
|
|
25
25
|
SCHEMA_FILE = "#{ROOT_PATH}/lib/sepa/xml_schemas/wsdl.xml"
|
|
26
26
|
AR_TEMPLATE_PATH = "#{ROOT_PATH}/lib/sepa/xml_templates/application_request"
|
|
27
27
|
SOAP_TEMPLATE_PATH = "#{ROOT_PATH}/lib/sepa/xml_templates/soap"
|
|
28
|
+
|
|
29
|
+
# Common XML namespaces
|
|
30
|
+
DSIG = 'http://www.w3.org/2000/09/xmldsig#'
|
|
31
|
+
OASIS_UTILITY = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'
|
|
32
|
+
OASIS_SECEXT = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'
|
|
33
|
+
XML_DATA = 'http://bxd.fi/xmldata/'
|
|
34
|
+
BXD = 'http://model.bxd.fi'
|
|
35
|
+
|
|
36
|
+
# Nordea XML namespaces
|
|
37
|
+
NORDEA_PKI = 'http://bxd.fi/CertificateService'
|
|
38
|
+
NORDEA_XML_DATA = 'http://filetransfer.nordea.com/xmldata/'
|
|
39
|
+
|
|
40
|
+
# Danske XML namespaces
|
|
41
|
+
DANSKE_PKI = 'http://danskebank.dk/PKI/PKIFactoryService/elements'
|
data/{README.md → readme.md}
RENAMED
|
@@ -2,51 +2,65 @@ require 'test_helper'
|
|
|
2
2
|
|
|
3
3
|
class DanskeCertResponseTest < ActiveSupport::TestCase
|
|
4
4
|
|
|
5
|
-
|
|
6
|
-
|
|
5
|
+
setup do
|
|
6
|
+
options = {
|
|
7
|
+
response: (File.open "#{DANSKE_TEST_RESPONSE_PATH}get_bank_cert.xml"),
|
|
8
|
+
command: :get_bank_certificate
|
|
9
|
+
}
|
|
10
|
+
@get_bank_cert_response = Sepa::DanskeResponse.new options
|
|
7
11
|
|
|
8
|
-
|
|
9
|
-
|
|
12
|
+
options = {
|
|
13
|
+
response: (File.open "#{DANSKE_TEST_RESPONSE_PATH}create_cert.xml"),
|
|
14
|
+
command: :create_certificate
|
|
15
|
+
}
|
|
16
|
+
@create_certificate_response = Sepa::DanskeResponse.new options
|
|
17
|
+
end
|
|
10
18
|
|
|
11
|
-
##
|
|
12
19
|
# Tests for get bank certificate
|
|
13
|
-
|
|
14
20
|
test 'should have correct bank signing cert with get_bank_certificate command' do
|
|
15
|
-
bank_signing_cert = get_bank_cert_response.bank_signing_cert
|
|
21
|
+
bank_signing_cert = @get_bank_cert_response.bank_signing_cert
|
|
16
22
|
refute_nil bank_signing_cert
|
|
17
23
|
assert_equal bank_signing_cert.to_s, DANSKE_BANK_SIGNING_CERT
|
|
18
24
|
end
|
|
19
25
|
|
|
20
26
|
test 'should have corrent bank encryption cert with get bank certificate command' do
|
|
21
|
-
bank_encryption_cert = get_bank_cert_response.bank_encryption_cert
|
|
27
|
+
bank_encryption_cert = @get_bank_cert_response.bank_encryption_cert
|
|
22
28
|
refute_nil bank_encryption_cert
|
|
23
29
|
assert_equal bank_encryption_cert.to_s, DANSKE_BANK_ENCRYPTION_CERT
|
|
24
30
|
end
|
|
25
31
|
|
|
26
32
|
test 'should have correct bank root cert with get bank certificate command' do
|
|
27
|
-
bank_root_cert = get_bank_cert_response.bank_root_cert
|
|
33
|
+
bank_root_cert = @get_bank_cert_response.bank_root_cert
|
|
28
34
|
refute_nil bank_root_cert
|
|
29
35
|
assert_equal bank_root_cert.to_s, DANSKE_BANK_ROOT_CERT
|
|
30
36
|
end
|
|
31
37
|
|
|
32
|
-
##
|
|
33
38
|
# Tests for create certificate
|
|
34
|
-
|
|
35
39
|
test 'should have own encryption certificate with create certificate command' do
|
|
36
|
-
own_encryption_cert = create_certificate_response.own_encryption_cert
|
|
40
|
+
own_encryption_cert = @create_certificate_response.own_encryption_cert
|
|
37
41
|
refute_nil own_encryption_cert
|
|
38
42
|
assert own_encryption_cert.respond_to? :sign
|
|
39
43
|
end
|
|
40
44
|
|
|
41
45
|
test 'should have on signing certificate with create certificate command' do
|
|
42
|
-
own_signing_cert = create_certificate_response.own_signing_cert
|
|
46
|
+
own_signing_cert = @create_certificate_response.own_signing_cert
|
|
43
47
|
refute_nil own_signing_cert
|
|
44
48
|
assert own_signing_cert.respond_to? :sign
|
|
45
49
|
end
|
|
46
50
|
|
|
47
51
|
test 'should have correct CA certificate with create certificate command' do
|
|
48
|
-
ca_certificate = create_certificate_response.ca_certificate
|
|
52
|
+
ca_certificate = @create_certificate_response.ca_certificate
|
|
49
53
|
refute_nil ca_certificate
|
|
50
54
|
assert ca_certificate.respond_to? :sign
|
|
51
55
|
end
|
|
56
|
+
|
|
57
|
+
test 'hashes should match' do
|
|
58
|
+
assert @create_certificate_response.hashes_match?
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
test 'hashes shouldnt match when data is corrupted' do
|
|
62
|
+
@create_certificate_response.doc.at('xmlns|ReturnText', xmlns: DANSKE_PKI).content = 'kana'
|
|
63
|
+
refute @create_certificate_response.hashes_match?
|
|
64
|
+
end
|
|
65
|
+
|
|
52
66
|
end
|
|
@@ -66,17 +66,17 @@ class DanskeCertSoapBuilderTest < ActiveSupport::TestCase
|
|
|
66
66
|
|
|
67
67
|
def test_encrypted_key_is_added_properly_and_can_be_decrypted
|
|
68
68
|
enc_key = @doc.css("CipherValue", 'xmlns' => @xenc)[0].content
|
|
69
|
-
enc_key =
|
|
69
|
+
enc_key = decode enc_key
|
|
70
70
|
assert @enc_private_key.private_decrypt(enc_key)
|
|
71
71
|
end
|
|
72
72
|
|
|
73
73
|
def test_encypted_data_is_added_properly_and_can_be_decrypted
|
|
74
74
|
enc_key = @doc.css("CipherValue", 'xmlns' => @xenc)[0].content
|
|
75
|
-
enc_key =
|
|
75
|
+
enc_key = decode enc_key
|
|
76
76
|
key = @enc_private_key.private_decrypt(enc_key)
|
|
77
77
|
|
|
78
78
|
encypted_data = @doc.css("CipherValue", 'xmlns' => @xenc)[1].content
|
|
79
|
-
encypted_data =
|
|
79
|
+
encypted_data = decode encypted_data
|
|
80
80
|
iv = encypted_data[0, 8]
|
|
81
81
|
encypted_data = encypted_data[8, encypted_data.length]
|
|
82
82
|
|
|
@@ -26,7 +26,7 @@ class DanskeGenericSoapBuilderTest < ActiveSupport::TestCase
|
|
|
26
26
|
status: 'ALL',
|
|
27
27
|
target_id: 'Danske FI',
|
|
28
28
|
file_type: 'pain.001.001.02',
|
|
29
|
-
content:
|
|
29
|
+
content: encode('kissa'),
|
|
30
30
|
file_reference: "11111111A12006030329501800000014",
|
|
31
31
|
}
|
|
32
32
|
|
|
@@ -159,7 +159,7 @@ class DanskeGenericSoapBuilderTest < ActiveSupport::TestCase
|
|
|
159
159
|
inclusive_namespaces = nil, with_comments = false
|
|
160
160
|
)
|
|
161
161
|
|
|
162
|
-
actual_digest =
|
|
162
|
+
actual_digest = encode(sha1.digest(body_node)).strip
|
|
163
163
|
|
|
164
164
|
assert_equal actual_digest, added_digest
|
|
165
165
|
end
|
|
@@ -208,7 +208,7 @@ class DanskeGenericSoapBuilderTest < ActiveSupport::TestCase
|
|
|
208
208
|
with_comments = false
|
|
209
209
|
)
|
|
210
210
|
|
|
211
|
-
actual_digest =
|
|
211
|
+
actual_digest = encode(sha1.digest(timestamp_node)).strip
|
|
212
212
|
|
|
213
213
|
assert_equal actual_digest, added_digest
|
|
214
214
|
end
|
|
@@ -230,7 +230,7 @@ class DanskeGenericSoapBuilderTest < ActiveSupport::TestCase
|
|
|
230
230
|
with_comments = false
|
|
231
231
|
)
|
|
232
232
|
|
|
233
|
-
actual_signature =
|
|
233
|
+
actual_signature = encode(
|
|
234
234
|
private_key.sign(sha1, signed_info_node)
|
|
235
235
|
).gsub(/\s+/, "")
|
|
236
236
|
|
|
@@ -1,38 +1,15 @@
|
|
|
1
1
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
-
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:pkif="http://danskebank.dk/PKI/PKIFactoryService" xmlns:elem="http://danskebank.dk/PKI/PKIFactoryService/elements" xmlns:xd="http://www.w3.org/2000/09/xmldsig#">
|
|
3
|
-
<
|
|
4
|
-
|
|
5
|
-
<
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
<
|
|
9
|
-
<
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
<tns:ReturnText>OK</tns:ReturnText>
|
|
17
|
-
<tns:EncryptionCert>MIIDnzCCAoegAwIBAgIHHoy+tGx4NjANBgkqhkiG9w0BAQsFADCBwjEQMA4GA1UEAxMHREJHQ0FEQjELMAkGA1UEBhMCREsxEzARBgNVBAcTCkNvcGVuaGFnZW4xEDAOBgNVBAgTB0Rlbm1hcmsxGjAYBgNVBAoTEURhbnNrZSBCYW5rIEdyb3VwMRgwFgYDVQQLEw9EYW5za2UgQmFuayBBL1MxGDAWBgNVBAUTDzYxMTI2MjI4MjIzMDEwMTEJMAcGA1UEBBMAMQkwBwYDVQQqEwAxCTAHBgNVBAwTADEJMAcGA1UEERMAMB4XDTEwMDUyODExMTgzOVoXDTEyMDUyNzExMTgzOVowgaYxIDAeBgNVBAMTF0JFTkdUU1NPTiBPRyBGUi4gSkVOU0VOMQswCQYDVQQGEwJESzEcMBoGA1UEChMTREJUUyBERU1PIDEuICgzNEFLKTEeMBwGA1UECxMVQ09SUE9SQVRFIERFVkVMT1BNRU5UMTcwNQYDVQQFEy5TRS1LRVJIVi9EQUJBOjAwOTIxMDA4NDEtQUdSOjA2MTA0OC1VU1I6MDYxMTMzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvWdhjVCuWXWu4H8WqUJGuvme+6l0g37fAXur3Xm28RChzvhue7pvwhtsZEyHN3Oa9DhLMV9UQC4wy5Md7Js+rm2HtgOtM2LMorE4GeoTYpi5f1fbYDUqHj2ygkkWDqQ9v0xSCJkGIyW+1vsrcId+DDlZqBacuXwtv5xy8plmX7wIDAQABozgwNjAJBgNVHQ4EAgQAMBkGA1UdIwQSMBCADsLGxMP29vnBwsTCxsTDMA4GA1UdDwEB/wQEAwIEMDANBgkqhkiG9w0BAQsFAAOCAQEAkITeNDN6Mxkb8AXF9SjZ1xfWD+yZcyb5wqQmpvwlM1gfovvV5mW/r2Wgn8uyhwwZd8dDJClNRslQeQrV8FbmCF8uh0dr1z2pt/t3u6lZ5YH1MWmLKGpJ8gGnWkRwEtkeZCuaD+Nji6YCGqCPytmKae+CFvz46XrvQ+VxfoqD8IlSoT2Himw6kfbE7H5oyJtuBSjozz+zz9GE09HQzCn3j1AX1jF0U0qFOXOR185NnDHtQPBytUOOBHBNog1+bVfby7E1nmXum38pMVnv5ReSvnhKhmusmxkHaKCGwgYCoKMvsXntHStAvmH/t4tGdNyLvmC/88GYfoBXtNrsuZV3Ew==</tns:EncryptionCert>
|
|
18
|
-
<tns:SigningCert>MIIDnzCCAoegAwIBAgIHHoy+tGx4NTANBgkqhkiG9w0BAQsFADCBwjEQMA4GA1UEAxMHREJHQ0FEQjELMAkGA1UEBhMCREsxEzARBgNVBAcTCkNvcGVuaGFnZW4xEDAOBgNVBAgTB0Rlbm1hcmsxGjAYBgNVBAoTEURhbnNrZSBCYW5rIEdyb3VwMRgwFgYDVQQLEw9EYW5za2UgQmFuayBBL1MxGDAWBgNVBAUTDzYxMTI2MjI4MjIzMDEwMTEJMAcGA1UEBBMAMQkwBwYDVQQqEwAxCTAHBgNVBAwTADEJMAcGA1UEERMAMB4XDTEwMDUyODExMTgzOVoXDTEyMDUyNzExMTgzOVowgaYxIDAeBgNVBAMTF0JFTkdUU1NPTiBPRyBGUi4gSkVOU0VOMQswCQYDVQQGEwJESzEcMBoGA1UEChMTREJUUyBERU1PIDEuICgzNEFLKTEeMBwGA1UECxMVQ09SUE9SQVRFIERFVkVMT1BNRU5UMTcwNQYDVQQFEy5TRS1LRVJIVi9EQUJBOjAwOTIxMDA4NDEtQUdSOjA2MTA0OC1VU1I6MDYxMTMzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfh+ajEvsFS1kByPsjReO+EmyFglGDiCBh7voya2aSbvGMQm/aAYugTliAhoklq4adwUwqjf86gon3ZdUMDBmDpJiPlxeexBHesOjr32hxzO8u67tS5o1xfDex3ga192g+94pAJsqmn3Fc8LJ0Wn2zJPtYCTYvbrx6551QLiD3fwIDAQABozgwNjAJBgNVHQ4EAgQAMBkGA1UdIwQSMBCADsLGxMP29vnBwsTCxsTDMA4GA1UdDwEB/wQEAwIGwDANBgkqhkiG9w0BAQsFAAOCAQEASgxJaAoWP08MKVnuvNxG7EkmogFUfKCX7fWrHYxDzEs5uhnRQ6IR4GitTHEM/BE5KNGu6MuHuKMhp4HuMBg5YzaFtk5yFk+K6BjLEEFwz/NBFLyrtPmrezxjmxMYx4PRTqeyEthOIkZ1KFQvzxB1Vg2Kt5fqdvxKVODAFstJB2nE3uICnrOQmHlo/R/1rp0J/VQnOsWdgKmIFhFlFdFpWhI7m1ry7cuilHPdCHq+M83jGfTYVXulwbxDYv0LPHZGzCxoAnxZQM4r2HqwXTCZiRT/eP+fEv7A571aHb9GhJhQQQ0lStd1vhOJu1LlO3fe68SSKSye5CozKwvvlEwbag==</tns:SigningCert>
|
|
19
|
-
<tns:CACert>MIIEFzCCAv+gAwIBAgIFAc+WvjUwDQYJKoZIhvcNAQELBQAwgZgxEDAOBgNVBAMTB0RCR1JPT1QxCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MTEzMDAwMzAeFw0xMDEwMTEwMDAwMDBaFw0yMDEwMTEwMDAwMDBaMIGaMRAwDgYDVQQDEwdEQkdTV0RLMQswCQYDVQQGEwJESzETMBEGA1UEBxMKQ29wZW5oYWdlbjEQMA4GA1UECBMHRGVubWFyazEaMBgGA1UEChMRRGFuc2tlIEJhbmsgR3JvdXAxHDAaBgNVBAsTE0RhbnNrZSBCYW5rIERlbm1hcmsxGDAWBgNVBAUTDzYxMTI2MjI4NzczMDEwMTCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAOC0DrY9Q4HzHQ/BWr/RWB1GOq+90BiGN85uhWAeGGMI2od/ahn/R7zl8+MNcMLAuVHB8LvzRrC3lxZqjNvRKv8fYsMgwdmdYtBwiqHINpXTLjQxtLEWqEu5fiMZAi1oFE08YAkCDLUGopbkY+d2KULqxFK2blwHi3m0jOwuZGiw4ELeChGcELsOpCT/oJU5mR3dFHbRs3HBgWmuFwJKvwHNZeNAmrCwEUWqw1x4MjQRHRGl10TfTNqPrd7zyTfyR0+GPy1INxHwWZroBUc9j54ONX9pV6x835WedHdo80UxImjCiIruClzsMAXYtvsC3d9xgk9oLNFIVPRe2fTs07ECAQOjZjBkMB8GA1UdIwQYMBaAFLU6ie9kUC8x5CDLauuTRJBL35qYMB0GA1UdDgQWBBQO5nD7QkqlQCrxigdJncTYo20tIzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkqhkiG9w0BAQsFAAOCAQEAQPCp0H3g88CZZurq0kS76ozBVRiLZ3V8S0+IYi0dmMCfTpW/qnEzMGn+NlHOvgkm5C2VaHCdbEzZPsvv4cx2YrqpsFf8x+Ts6W2r3VVjOdve5u0Oj1CK/ONwaqUl5p4SxRCfnv6sSh6TwxhJF/zESiHXLdyWdJf+NkXsATE6QB4ZjgaGw1NcvhnDUvbbfUZ1zOTIf7+wUpfCNCJi0T1sFvJ88nYkVoQmVWQFS7Kwj+kwQ1ILfnp/1xbycrt1XNxZ8SkRDAWOJARY0fS/C0o7/1t/SB2ePrY/g0U8ZWi0B6odT5isGNpLOKzhD5YGjbKGesC9GEnhmhLoawXU7b4Wcw==</tns:CACert>
|
|
20
|
-
<tns:RequestId/>
|
|
21
|
-
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
|
|
22
|
-
<SignedInfo>
|
|
23
|
-
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
|
|
24
|
-
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
|
|
25
|
-
<Reference URI="#response">
|
|
26
|
-
<Transforms>
|
|
27
|
-
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
|
28
|
-
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
|
|
29
|
-
</Transforms>
|
|
30
|
-
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
|
|
31
|
-
<DigestValue>2vCYl3h7ksRgk7IyV2axgpXxTWM=</DigestValue>
|
|
32
|
-
</Reference>
|
|
33
|
-
</SignedInfo>
|
|
34
|
-
<SignatureValue>CqPQW88gjJayDovXbk++IXJ5yjAJNf5+BL6wodkwIErqLdK3DYeAn9T6MQRNciB7POZkKqtnFj4CG1mbpGRCP5yduaBYP96uUoRSZiGuFHqb5HvMIgMvDCsnRJX11tUaMhrZkktYb0Xx2ulPrbLm/n9kW9L0oZftEijm7ixYSIsNEdJMHxWqCDGQCzLwD5zz512nNHEm3Ddimvh3mOqZ6deGtfODl4KuK247NNuak6Pjz9sE5hJnwDi4E1jtme735HEcxkrtYlqTIOjPXS/xRKkHEW6R59R3DR3FpYAo3H+SR/2WptoQhaBvVtlzle9Z8BG2JFRnbudAo3CkA245Vg==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIEADCCAuigAwIBAgIFAMa3bfMwDQYJKoZIhvcNAQELBQAwgZgxEDAOBgNVBAMTB0RCR1JPT1QxCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MTExMDAwMjAeFw0xMjA4MDEwMDAwMDBaFw0xNDEwMzEwMDAwMDBaMIGXMQ8wDQYDVQQDEwZEUFNJR04xCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MzkxMDAwMzCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAL1zYMqPk/6klEpL5wo+vWAo3MmxPz4wq9wuLAHpPUhJ4ZpHmncNsdmqSSXT6U4mxTY8tzKvz4ZdTDljp+5J6OxOl1B7av3V7hlHtfGb7wozsBAya2JOoPrLxc+ajapslbduiEvdhW9ZLKvn/n7rQ9sZzHA6GyGKQk8lfvKK+OjMylA86XyxApasFD/0eIDnzUJHth3UpPoQTJAlB7h7d4CKc/QG9tFv900AAi4R/Tmy9TRai7fVCkXz7y4qRXN+M7NIhDGAsCmtM6oSuDqjv3lh10nD7XELTxTvcbpq5xHLt9yknwjiM2ivc4XudDMgC7ESoH6vaJSUcbC17+wa6IUCAQOjUjBQMB8GA1UdIwQYMBaAFIT65b/ekUlm38WKUsOzt7MgHMdtMB0GA1UdDgQWBBQHbPgey2TInIKC7xbag8AZG25qnTAOBgNVHQ8BAf8EBAMCBsAwDQYJKoZIhvcNAQELBQADggEBAFl3WfGkVElIeUXjQsr8uQFXhkSbrI14F6mRIkUpCTa9Px/UUfw1HQNVn4Tyep30JmfsFN91Yj387jiZDzoeMYeiVI32wyZkao7rC3Z4YhAfUdPdVFZqO1k2gOgoZ49nyLKVS+GlyuzeLQVBnFE7f3sbpgDTRzd8o58W5VncHuzmSj/IVe8ZwRQ4bm3cHlKTQpRnyz5x7UJjp08fH6KOUal8DVsOaQKoo+jWIsPPir58b/QZsxIRL4uq3qqQt5udrbZqyltRsyxUpgomIN5irCn7Wgr+iYwNLhzXYwxKvwKsNRS7isEAZuyfH9fNarBRP4p72g+225NB0itQ73Xo7pg=</X509Certificate><X509IssuerSerial><X509IssuerName>serialNumber=611262281110002, OU=Danske Bank Group, O=Danske Bank Group, ST=Denmark, L=Copenhagen, C=DK, CN=DBGROOT</X509IssuerName><X509SerialNumber>3333910003</X509SerialNumber></X509IssuerSerial></X509Data></KeyInfo></Signature>
|
|
35
|
-
</tns:CreateCertificateResponse>
|
|
36
|
-
</CreateCertificateOut>
|
|
37
|
-
</soapenv:Body>
|
|
38
|
-
</soapenv:Envelope>
|
|
2
|
+
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:pkif="http://danskebank.dk/PKI/PKIFactoryService" xmlns:elem="http://danskebank.dk/PKI/PKIFactoryService/elements" xmlns:xd="http://www.w3.org/2000/09/xmldsig#"><soapenv:Header/><soapenv:Body><CreateCertificateOut xmlns="http://danskebank.dk/PKI/PKIFactoryService"><pkif:ResponseHeader xmlns=""><pkif:SenderId>360817</pkif:SenderId><pkif:CustomerId>360817</pkif:CustomerId><pkif:RequestId>b0410899f4</pkif:RequestId><pkif:Timestamp>2014-06-25T11:45:47Z</pkif:Timestamp><pkif:InterfaceVersion>1</pkif:InterfaceVersion><pkif:Environment>customertest</pkif:Environment></pkif:ResponseHeader><tns:CreateCertificateResponse xml:id="response" xmlns:tns="http://danskebank.dk/PKI/PKIFactoryService/elements" xmlns=""><tns:ReturnCode>00</tns:ReturnCode><tns:ReturnText>OK</tns:ReturnText><tns:EncryptionCert>MIIDnzCCAoegAwIBAgIHHoy+tGx4NjANBgkqhkiG9w0BAQsFADCBwjEQMA4GA1UEAxMHREJHQ0FEQjELMAkGA1UEBhMCREsxEzARBgNVBAcTCkNvcGVuaGFnZW4xEDAOBgNVBAgTB0Rlbm1hcmsxGjAYBgNVBAoTEURhbnNrZSBCYW5rIEdyb3VwMRgwFgYDVQQLEw9EYW5za2UgQmFuayBBL1MxGDAWBgNVBAUTDzYxMTI2MjI4MjIzMDEwMTEJMAcGA1UEBBMAMQkwBwYDVQQqEwAxCTAHBgNVBAwTADEJMAcGA1UEERMAMB4XDTEwMDUyODExMTgzOVoXDTEyMDUyNzExMTgzOVowgaYxIDAeBgNVBAMTF0JFTkdUU1NPTiBPRyBGUi4gSkVOU0VOMQswCQYDVQQGEwJESzEcMBoGA1UEChMTREJUUyBERU1PIDEuICgzNEFLKTEeMBwGA1UECxMVQ09SUE9SQVRFIERFVkVMT1BNRU5UMTcwNQYDVQQFEy5TRS1LRVJIVi9EQUJBOjAwOTIxMDA4NDEtQUdSOjA2MTA0OC1VU1I6MDYxMTMzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvWdhjVCuWXWu4H8WqUJGuvme+6l0g37fAXur3Xm28RChzvhue7pvwhtsZEyHN3Oa9DhLMV9UQC4wy5Md7Js+rm2HtgOtM2LMorE4GeoTYpi5f1fbYDUqHj2ygkkWDqQ9v0xSCJkGIyW+1vsrcId+DDlZqBacuXwtv5xy8plmX7wIDAQABozgwNjAJBgNVHQ4EAgQAMBkGA1UdIwQSMBCADsLGxMP29vnBwsTCxsTDMA4GA1UdDwEB/wQEAwIEMDANBgkqhkiG9w0BAQsFAAOCAQEAkITeNDN6Mxkb8AXF9SjZ1xfWD+yZcyb5wqQmpvwlM1gfovvV5mW/r2Wgn8uyhwwZd8dDJClNRslQeQrV8FbmCF8uh0dr1z2pt/t3u6lZ5YH1MWmLKGpJ8gGnWkRwEtkeZCuaD+Nji6YCGqCPytmKae+CFvz46XrvQ+VxfoqD8IlSoT2Himw6kfbE7H5oyJtuBSjozz+zz9GE09HQzCn3j1AX1jF0U0qFOXOR185NnDHtQPBytUOOBHBNog1+bVfby7E1nmXum38pMVnv5ReSvnhKhmusmxkHaKCGwgYCoKMvsXntHStAvmH/t4tGdNyLvmC/88GYfoBXtNrsuZV3Ew==</tns:EncryptionCert><tns:SigningCert>MIIDnzCCAoegAwIBAgIHHoy+tGx4NTANBgkqhkiG9w0BAQsFADCBwjEQMA4GA1UEAxMHREJHQ0FEQjELMAkGA1UEBhMCREsxEzARBgNVBAcTCkNvcGVuaGFnZW4xEDAOBgNVBAgTB0Rlbm1hcmsxGjAYBgNVBAoTEURhbnNrZSBCYW5rIEdyb3VwMRgwFgYDVQQLEw9EYW5za2UgQmFuayBBL1MxGDAWBgNVBAUTDzYxMTI2MjI4MjIzMDEwMTEJMAcGA1UEBBMAMQkwBwYDVQQqEwAxCTAHBgNVBAwTADEJMAcGA1UEERMAMB4XDTEwMDUyODExMTgzOVoXDTEyMDUyNzExMTgzOVowgaYxIDAeBgNVBAMTF0JFTkdUU1NPTiBPRyBGUi4gSkVOU0VOMQswCQYDVQQGEwJESzEcMBoGA1UEChMTREJUUyBERU1PIDEuICgzNEFLKTEeMBwGA1UECxMVQ09SUE9SQVRFIERFVkVMT1BNRU5UMTcwNQYDVQQFEy5TRS1LRVJIVi9EQUJBOjAwOTIxMDA4NDEtQUdSOjA2MTA0OC1VU1I6MDYxMTMzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfh+ajEvsFS1kByPsjReO+EmyFglGDiCBh7voya2aSbvGMQm/aAYugTliAhoklq4adwUwqjf86gon3ZdUMDBmDpJiPlxeexBHesOjr32hxzO8u67tS5o1xfDex3ga192g+94pAJsqmn3Fc8LJ0Wn2zJPtYCTYvbrx6551QLiD3fwIDAQABozgwNjAJBgNVHQ4EAgQAMBkGA1UdIwQSMBCADsLGxMP29vnBwsTCxsTDMA4GA1UdDwEB/wQEAwIGwDANBgkqhkiG9w0BAQsFAAOCAQEASgxJaAoWP08MKVnuvNxG7EkmogFUfKCX7fWrHYxDzEs5uhnRQ6IR4GitTHEM/BE5KNGu6MuHuKMhp4HuMBg5YzaFtk5yFk+K6BjLEEFwz/NBFLyrtPmrezxjmxMYx4PRTqeyEthOIkZ1KFQvzxB1Vg2Kt5fqdvxKVODAFstJB2nE3uICnrOQmHlo/R/1rp0J/VQnOsWdgKmIFhFlFdFpWhI7m1ry7cuilHPdCHq+M83jGfTYVXulwbxDYv0LPHZGzCxoAnxZQM4r2HqwXTCZiRT/eP+fEv7A571aHb9GhJhQQQ0lStd1vhOJu1LlO3fe68SSKSye5CozKwvvlEwbag==</tns:SigningCert><tns:CACert>MIIEFzCCAv+gAwIBAgIFAc+WvjUwDQYJKoZIhvcNAQELBQAwgZgxEDAOBgNVBAMTB0RCR1JPT1QxCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MTEzMDAwMzAeFw0xMDEwMTEwMDAwMDBaFw0yMDEwMTEwMDAwMDBaMIGaMRAwDgYDVQQDEwdEQkdTV0RLMQswCQYDVQQGEwJESzETMBEGA1UEBxMKQ29wZW5oYWdlbjEQMA4GA1UECBMHRGVubWFyazEaMBgGA1UEChMRRGFuc2tlIEJhbmsgR3JvdXAxHDAaBgNVBAsTE0RhbnNrZSBCYW5rIERlbm1hcmsxGDAWBgNVBAUTDzYxMTI2MjI4NzczMDEwMTCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAOC0DrY9Q4HzHQ/BWr/RWB1GOq+90BiGN85uhWAeGGMI2od/ahn/R7zl8+MNcMLAuVHB8LvzRrC3lxZqjNvRKv8fYsMgwdmdYtBwiqHINpXTLjQxtLEWqEu5fiMZAi1oFE08YAkCDLUGopbkY+d2KULqxFK2blwHi3m0jOwuZGiw4ELeChGcELsOpCT/oJU5mR3dFHbRs3HBgWmuFwJKvwHNZeNAmrCwEUWqw1x4MjQRHRGl10TfTNqPrd7zyTfyR0+GPy1INxHwWZroBUc9j54ONX9pV6x835WedHdo80UxImjCiIruClzsMAXYtvsC3d9xgk9oLNFIVPRe2fTs07ECAQOjZjBkMB8GA1UdIwQYMBaAFLU6ie9kUC8x5CDLauuTRJBL35qYMB0GA1UdDgQWBBQO5nD7QkqlQCrxigdJncTYo20tIzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkqhkiG9w0BAQsFAAOCAQEAQPCp0H3g88CZZurq0kS76ozBVRiLZ3V8S0+IYi0dmMCfTpW/qnEzMGn+NlHOvgkm5C2VaHCdbEzZPsvv4cx2YrqpsFf8x+Ts6W2r3VVjOdve5u0Oj1CK/ONwaqUl5p4SxRCfnv6sSh6TwxhJF/zESiHXLdyWdJf+NkXsATE6QB4ZjgaGw1NcvhnDUvbbfUZ1zOTIf7+wUpfCNCJi0T1sFvJ88nYkVoQmVWQFS7Kwj+kwQ1ILfnp/1xbycrt1XNxZ8SkRDAWOJARY0fS/C0o7/1t/SB2ePrY/g0U8ZWi0B6odT5isGNpLOKzhD5YGjbKGesC9GEnhmhLoawXU7b4Wcw==</tns:CACert><tns:RequestId/><Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
|
|
3
|
+
<SignedInfo>
|
|
4
|
+
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
|
|
5
|
+
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
|
|
6
|
+
<Reference URI="#response">
|
|
7
|
+
<Transforms>
|
|
8
|
+
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
|
9
|
+
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
|
|
10
|
+
</Transforms>
|
|
11
|
+
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
|
|
12
|
+
<DigestValue>2vCYl3h7ksRgk7IyV2axgpXxTWM=</DigestValue>
|
|
13
|
+
</Reference>
|
|
14
|
+
</SignedInfo>
|
|
15
|
+
<SignatureValue>CqPQW88gjJayDovXbk++IXJ5yjAJNf5+BL6wodkwIErqLdK3DYeAn9T6MQRNciB7POZkKqtnFj4CG1mbpGRCP5yduaBYP96uUoRSZiGuFHqb5HvMIgMvDCsnRJX11tUaMhrZkktYb0Xx2ulPrbLm/n9kW9L0oZftEijm7ixYSIsNEdJMHxWqCDGQCzLwD5zz512nNHEm3Ddimvh3mOqZ6deGtfODl4KuK247NNuak6Pjz9sE5hJnwDi4E1jtme735HEcxkrtYlqTIOjPXS/xRKkHEW6R59R3DR3FpYAo3H+SR/2WptoQhaBvVtlzle9Z8BG2JFRnbudAo3CkA245Vg==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIEADCCAuigAwIBAgIFAMa3bfMwDQYJKoZIhvcNAQELBQAwgZgxEDAOBgNVBAMTB0RCR1JPT1QxCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MTExMDAwMjAeFw0xMjA4MDEwMDAwMDBaFw0xNDEwMzEwMDAwMDBaMIGXMQ8wDQYDVQQDEwZEUFNJR04xCzAJBgNVBAYTAkRLMRMwEQYDVQQHEwpDb3BlbmhhZ2VuMRAwDgYDVQQIEwdEZW5tYXJrMRowGAYDVQQKExFEYW5za2UgQmFuayBHcm91cDEaMBgGA1UECxMRRGFuc2tlIEJhbmsgR3JvdXAxGDAWBgNVBAUTDzYxMTI2MjI4MzkxMDAwMzCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAL1zYMqPk/6klEpL5wo+vWAo3MmxPz4wq9wuLAHpPUhJ4ZpHmncNsdmqSSXT6U4mxTY8tzKvz4ZdTDljp+5J6OxOl1B7av3V7hlHtfGb7wozsBAya2JOoPrLxc+ajapslbduiEvdhW9ZLKvn/n7rQ9sZzHA6GyGKQk8lfvKK+OjMylA86XyxApasFD/0eIDnzUJHth3UpPoQTJAlB7h7d4CKc/QG9tFv900AAi4R/Tmy9TRai7fVCkXz7y4qRXN+M7NIhDGAsCmtM6oSuDqjv3lh10nD7XELTxTvcbpq5xHLt9yknwjiM2ivc4XudDMgC7ESoH6vaJSUcbC17+wa6IUCAQOjUjBQMB8GA1UdIwQYMBaAFIT65b/ekUlm38WKUsOzt7MgHMdtMB0GA1UdDgQWBBQHbPgey2TInIKC7xbag8AZG25qnTAOBgNVHQ8BAf8EBAMCBsAwDQYJKoZIhvcNAQELBQADggEBAFl3WfGkVElIeUXjQsr8uQFXhkSbrI14F6mRIkUpCTa9Px/UUfw1HQNVn4Tyep30JmfsFN91Yj387jiZDzoeMYeiVI32wyZkao7rC3Z4YhAfUdPdVFZqO1k2gOgoZ49nyLKVS+GlyuzeLQVBnFE7f3sbpgDTRzd8o58W5VncHuzmSj/IVe8ZwRQ4bm3cHlKTQpRnyz5x7UJjp08fH6KOUal8DVsOaQKoo+jWIsPPir58b/QZsxIRL4uq3qqQt5udrbZqyltRsyxUpgomIN5irCn7Wgr+iYwNLhzXYwxKvwKsNRS7isEAZuyfH9fNarBRP4p72g+225NB0itQ73Xo7pg=</X509Certificate><X509IssuerSerial><X509IssuerName>serialNumber=611262281110002, OU=Danske Bank Group, O=Danske Bank Group, ST=Denmark, L=Copenhagen, C=DK, CN=DBGROOT</X509IssuerName><X509SerialNumber>3333910003</X509SerialNumber></X509IssuerSerial></X509Data></KeyInfo></Signature></tns:CreateCertificateResponse></CreateCertificateOut></soapenv:Body></soapenv:Envelope>
|
|
@@ -9,16 +9,16 @@ class NordeaApplicationRequestTest < ActiveSupport::TestCase
|
|
|
9
9
|
@nordea_generic_params[:private_key] = OpenSSL::PKey::RSA.new @nordea_generic_params[:private_key]
|
|
10
10
|
@nordea_generic_params[:cert] = OpenSSL::X509::Certificate.new @nordea_generic_params[:cert]
|
|
11
11
|
|
|
12
|
-
ar_file = Sepa::SoapBuilder.new(@nordea_generic_params).
|
|
12
|
+
ar_file = Sepa::SoapBuilder.new(@nordea_generic_params).application_request
|
|
13
13
|
|
|
14
14
|
@nordea_generic_params[:command] = :get_user_info
|
|
15
|
-
ar_get = Sepa::SoapBuilder.new(@nordea_generic_params).
|
|
15
|
+
ar_get = Sepa::SoapBuilder.new(@nordea_generic_params).application_request
|
|
16
16
|
|
|
17
17
|
@nordea_generic_params[:command] = :download_file_list
|
|
18
|
-
ar_list = Sepa::SoapBuilder.new(@nordea_generic_params).
|
|
18
|
+
ar_list = Sepa::SoapBuilder.new(@nordea_generic_params).application_request
|
|
19
19
|
|
|
20
20
|
@nordea_generic_params[:command] = :upload_file
|
|
21
|
-
ar_up = Sepa::SoapBuilder.new(@nordea_generic_params).
|
|
21
|
+
ar_up = Sepa::SoapBuilder.new(@nordea_generic_params).application_request
|
|
22
22
|
|
|
23
23
|
@doc_file = Nokogiri::XML(ar_file.to_xml)
|
|
24
24
|
@doc_get = Nokogiri::XML(ar_get.to_xml)
|
|
@@ -36,8 +36,8 @@ class NordeaApplicationRequestTest < ActiveSupport::TestCase
|
|
|
36
36
|
sha1.reset
|
|
37
37
|
|
|
38
38
|
xmldsig_schema_digest = sha1.digest(xmldsig_schema)
|
|
39
|
-
assert_equal
|
|
40
|
-
assert_equal
|
|
39
|
+
assert_equal encode(ar_schema_digest).strip, "1O24A7+/6S7CFYVlhH1jEZh1ARs="
|
|
40
|
+
assert_equal encode(xmldsig_schema_digest).strip, "bmG0+2KykgkLeWsXsl6CFbyo4Yc="
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
def test_ar_should_initialize_with_proper_params
|
|
@@ -165,7 +165,7 @@ class NordeaApplicationRequestTest < ActiveSupport::TestCase
|
|
|
165
165
|
end
|
|
166
166
|
|
|
167
167
|
def test_should_have_content_when_upload_file
|
|
168
|
-
assert_equal @doc_up.at_css("Content").content,
|
|
168
|
+
assert_equal @doc_up.at_css("Content").content, encode(@nordea_generic_params[:content])
|
|
169
169
|
end
|
|
170
170
|
|
|
171
171
|
def test_should_not_have_content_when_download_file_list
|
|
@@ -200,7 +200,7 @@ class NordeaApplicationRequestTest < ActiveSupport::TestCase
|
|
|
200
200
|
|
|
201
201
|
# Calculate digest
|
|
202
202
|
sha1 = OpenSSL::Digest::SHA1.new
|
|
203
|
-
actual_digest =
|
|
203
|
+
actual_digest = encode(sha1.digest(@doc_file.canonicalize))
|
|
204
204
|
|
|
205
205
|
# And then make sure the two are equal
|
|
206
206
|
assert_equal calculated_digest.strip, actual_digest.strip
|
|
@@ -222,7 +222,7 @@ class NordeaApplicationRequestTest < ActiveSupport::TestCase
|
|
|
222
222
|
private_key = OpenSSL::PKey::RSA.new(File.read("#{keys_path}/nordea.key"))
|
|
223
223
|
|
|
224
224
|
sha1 = OpenSSL::Digest::SHA1.new
|
|
225
|
-
actual_signature =
|
|
225
|
+
actual_signature = encode(private_key.sign(
|
|
226
226
|
sha1, signed_info_node.canonicalize))
|
|
227
227
|
|
|
228
228
|
# And then of course assert the two are equal
|
|
@@ -1,23 +1,38 @@
|
|
|
1
1
|
require 'test_helper'
|
|
2
2
|
|
|
3
3
|
class NordeaApplicationResponseTest < ActiveSupport::TestCase
|
|
4
|
+
include Sepa::Utilities
|
|
4
5
|
|
|
5
|
-
|
|
6
|
-
keys_path = File.expand_path('../keys', __FILE__)
|
|
7
|
-
@root_cert = OpenSSL::X509::Certificate.new File.read("#{keys_path}/root_cert.cer")
|
|
8
|
-
@not_root_cert = OpenSSL::X509::Certificate.new File.read("#{keys_path}/nordea.crt")
|
|
9
|
-
|
|
10
|
-
@dfl = Nokogiri::XML(File.read("#{NORDEA_TEST_RESPONSE_PATH}/dfl.xml"))
|
|
11
|
-
@dfl = Sepa::Response.new(@dfl, command: :download_file_list).application_response
|
|
12
|
-
|
|
13
|
-
@uf = Nokogiri::XML(File.read("#{NORDEA_TEST_RESPONSE_PATH}/uf.xml"))
|
|
14
|
-
@uf = Sepa::Response.new(@uf, command: :upload_file).application_response
|
|
6
|
+
KEYS_PATH = File.expand_path('../keys', __FILE__)
|
|
15
7
|
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
8
|
+
def setup
|
|
9
|
+
options = {
|
|
10
|
+
response: File.read("#{NORDEA_TEST_RESPONSE_PATH}/dfl.xml"),
|
|
11
|
+
command: :download_file_list
|
|
12
|
+
}
|
|
13
|
+
@dfl = Sepa::NordeaResponse.new(options).application_response
|
|
14
|
+
@dfl_doc = xml_doc @dfl
|
|
15
|
+
|
|
16
|
+
options = {
|
|
17
|
+
response: File.read("#{NORDEA_TEST_RESPONSE_PATH}/uf.xml"),
|
|
18
|
+
command: :upload_file
|
|
19
|
+
}
|
|
20
|
+
@uf = Sepa::NordeaResponse.new(options).application_response
|
|
21
|
+
@uf_doc = xml_doc @dfl
|
|
22
|
+
|
|
23
|
+
options = {
|
|
24
|
+
response: File.read("#{NORDEA_TEST_RESPONSE_PATH}/df_tito.xml"),
|
|
25
|
+
command: :download_file
|
|
26
|
+
}
|
|
27
|
+
@df_tito = Sepa::NordeaResponse.new(options).application_response
|
|
28
|
+
@df_tito_doc = xml_doc @df_tito
|
|
29
|
+
|
|
30
|
+
options = {
|
|
31
|
+
response: File.read("#{NORDEA_TEST_RESPONSE_PATH}/gui.xml"),
|
|
32
|
+
command: :get_user_info
|
|
33
|
+
}
|
|
34
|
+
@gui = Sepa::NordeaResponse.new(options).application_response
|
|
35
|
+
@gui_doc = xml_doc @gui
|
|
21
36
|
|
|
22
37
|
@dfl_ar = Sepa::ApplicationResponse.new(@dfl)
|
|
23
38
|
@uf_ar = Sepa::ApplicationResponse.new(@uf)
|
|
@@ -32,7 +47,7 @@ class NordeaApplicationResponseTest < ActiveSupport::TestCase
|
|
|
32
47
|
assert @gui_ar.valid?
|
|
33
48
|
end
|
|
34
49
|
|
|
35
|
-
def
|
|
50
|
+
def test_should_fail_if_initialized_with_invalid_xml
|
|
36
51
|
as = Sepa::ApplicationResponse.new("Jees")
|
|
37
52
|
refute as.valid?
|
|
38
53
|
end
|
|
@@ -59,39 +74,39 @@ class NordeaApplicationResponseTest < ActiveSupport::TestCase
|
|
|
59
74
|
end
|
|
60
75
|
|
|
61
76
|
def test_invalid_dfl_hash_check_should_not_verify
|
|
62
|
-
customer_id_node = @
|
|
77
|
+
customer_id_node = @dfl_doc.at_css('c2b|CustomerId')
|
|
63
78
|
customer_id_node.content = customer_id_node.content[0..-2]
|
|
64
79
|
|
|
65
|
-
refute Sepa::ApplicationResponse.new(@
|
|
80
|
+
refute Sepa::ApplicationResponse.new(@dfl_doc.to_s).hashes_match?
|
|
66
81
|
end
|
|
67
82
|
|
|
68
83
|
def test_invalid_uf_hash_check_should_not_verify
|
|
69
|
-
timestamp_node = @
|
|
84
|
+
timestamp_node = @uf_doc.at_css('c2b|Timestamp')
|
|
70
85
|
timestamp_node.content = Time.now.iso8601
|
|
71
86
|
|
|
72
|
-
refute Sepa::ApplicationResponse.new(@
|
|
87
|
+
refute Sepa::ApplicationResponse.new(@uf_doc.to_s).hashes_match?
|
|
73
88
|
end
|
|
74
89
|
|
|
75
90
|
def test_invalid_df_hash_check_should_not_verify
|
|
76
|
-
digest_value_node = @
|
|
91
|
+
digest_value_node = @df_tito_doc.at_css(
|
|
77
92
|
'xmlns|DigestValue',
|
|
78
93
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
79
94
|
)
|
|
80
95
|
|
|
81
96
|
digest_value_node.content = digest_value_node.content[4..-1]
|
|
82
97
|
|
|
83
|
-
refute Sepa::ApplicationResponse.new(@
|
|
98
|
+
refute Sepa::ApplicationResponse.new(@df_tito_doc.to_s).hashes_match?
|
|
84
99
|
end
|
|
85
100
|
|
|
86
101
|
def test_invalid_gui_hash_check_should_not_verify
|
|
87
|
-
digest_value_node = @
|
|
102
|
+
digest_value_node = @gui_doc.at_css(
|
|
88
103
|
'xmlns|DigestValue',
|
|
89
104
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
90
105
|
)
|
|
91
106
|
|
|
92
107
|
digest_value_node.content = '1234' + digest_value_node.content
|
|
93
108
|
|
|
94
|
-
refute Sepa::ApplicationResponse.new(@
|
|
109
|
+
refute Sepa::ApplicationResponse.new(@gui_doc.to_s).hashes_match?
|
|
95
110
|
end
|
|
96
111
|
|
|
97
112
|
def test_proper_dfl_signature_should_verify
|
|
@@ -111,51 +126,51 @@ class NordeaApplicationResponseTest < ActiveSupport::TestCase
|
|
|
111
126
|
end
|
|
112
127
|
|
|
113
128
|
def test_corrupted_signature_in_dfl_should_fail_signature_verification
|
|
114
|
-
signature_node = @
|
|
129
|
+
signature_node = @dfl_doc.at_css(
|
|
115
130
|
'xmlns|SignatureValue',
|
|
116
131
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
117
132
|
)
|
|
118
133
|
|
|
119
134
|
signature_node.content = signature_node.content[4..-1]
|
|
120
135
|
|
|
121
|
-
refute Sepa::ApplicationResponse.new(@
|
|
136
|
+
refute Sepa::ApplicationResponse.new(@dfl_doc.to_s).signature_is_valid?
|
|
122
137
|
end
|
|
123
138
|
|
|
124
139
|
def test_corrupted_signature_in_uf_should_fail_signature_verification
|
|
125
|
-
signature_node = @
|
|
140
|
+
signature_node = @uf_doc.at_css(
|
|
126
141
|
'xmlns|SignatureValue',
|
|
127
142
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
128
143
|
)
|
|
129
144
|
|
|
130
145
|
signature_node.content = signature_node.content[0..-5]
|
|
131
146
|
|
|
132
|
-
refute Sepa::ApplicationResponse.new(@
|
|
147
|
+
refute Sepa::ApplicationResponse.new(@uf_doc.to_s).signature_is_valid?
|
|
133
148
|
end
|
|
134
149
|
|
|
135
150
|
def test_corrupted_signature_in_df_should_fail_signature_verification
|
|
136
|
-
signature_node = @
|
|
151
|
+
signature_node = @df_tito_doc.at_css(
|
|
137
152
|
'xmlns|SignatureValue',
|
|
138
153
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
139
154
|
)
|
|
140
155
|
|
|
141
156
|
signature_node.content = 'a' + signature_node.content[1..-1]
|
|
142
157
|
|
|
143
|
-
refute Sepa::ApplicationResponse.new(@
|
|
158
|
+
refute Sepa::ApplicationResponse.new(@df_tito_doc.to_s).signature_is_valid?
|
|
144
159
|
end
|
|
145
160
|
|
|
146
161
|
def test_corrupted_signature_in_gui_should_fail_signature_verification
|
|
147
|
-
signature_node = @
|
|
162
|
+
signature_node = @gui_doc.at_css(
|
|
148
163
|
'xmlns|SignatureValue',
|
|
149
164
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
150
165
|
)
|
|
151
166
|
|
|
152
167
|
signature_node.content = 'zombi' + signature_node.content[1..-1]
|
|
153
168
|
|
|
154
|
-
refute Sepa::ApplicationResponse.new(@
|
|
169
|
+
refute Sepa::ApplicationResponse.new(@gui_doc.to_s).signature_is_valid?
|
|
155
170
|
end
|
|
156
171
|
|
|
157
172
|
def test_should_raise_error_if_certificate_corrupted_in_dfl
|
|
158
|
-
cert_node = @
|
|
173
|
+
cert_node = @dfl_doc.at_css(
|
|
159
174
|
'xmlns|X509Certificate',
|
|
160
175
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
161
176
|
)
|
|
@@ -163,12 +178,12 @@ class NordeaApplicationResponseTest < ActiveSupport::TestCase
|
|
|
163
178
|
cert_node.content = cert_node.content[0..-5]
|
|
164
179
|
|
|
165
180
|
assert_raises(OpenSSL::X509::CertificateError) do
|
|
166
|
-
Sepa::ApplicationResponse.new(@
|
|
181
|
+
Sepa::ApplicationResponse.new(@dfl_doc.to_s).certificate
|
|
167
182
|
end
|
|
168
183
|
end
|
|
169
184
|
|
|
170
185
|
def test_should_raise_error_if_certificate_corrupted_in_uf
|
|
171
|
-
cert_node = @
|
|
186
|
+
cert_node = @uf_doc.at_css(
|
|
172
187
|
'xmlns|X509Certificate',
|
|
173
188
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
174
189
|
)
|
|
@@ -176,12 +191,12 @@ class NordeaApplicationResponseTest < ActiveSupport::TestCase
|
|
|
176
191
|
cert_node.content = cert_node.content[4..-1]
|
|
177
192
|
|
|
178
193
|
assert_raises(OpenSSL::X509::CertificateError) do
|
|
179
|
-
Sepa::ApplicationResponse.new(@
|
|
194
|
+
Sepa::ApplicationResponse.new(@uf_doc.to_s).certificate
|
|
180
195
|
end
|
|
181
196
|
end
|
|
182
197
|
|
|
183
198
|
def test_should_raise_error_if_certificate_corrupted_in_df
|
|
184
|
-
cert_node = @
|
|
199
|
+
cert_node = @df_tito_doc.at_css(
|
|
185
200
|
'xmlns|X509Certificate',
|
|
186
201
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
187
202
|
)
|
|
@@ -189,44 +204,41 @@ class NordeaApplicationResponseTest < ActiveSupport::TestCase
|
|
|
189
204
|
cert_node.content = "n5iw#{cert_node.content}"
|
|
190
205
|
|
|
191
206
|
assert_raises(OpenSSL::X509::CertificateError) do
|
|
192
|
-
Sepa::ApplicationResponse.new(@
|
|
207
|
+
Sepa::ApplicationResponse.new(@df_tito_doc.to_s).certificate
|
|
193
208
|
end
|
|
194
209
|
end
|
|
195
210
|
|
|
196
211
|
def test_should_raise_error_if_certificate_corrupted_in_gui
|
|
197
|
-
cert_node = @
|
|
212
|
+
cert_node = @gui_doc.at_css(
|
|
198
213
|
'xmlns|X509Certificate',
|
|
199
214
|
'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
|
|
200
215
|
)
|
|
201
216
|
|
|
202
|
-
cert_node.content =
|
|
217
|
+
cert_node.content = encode 'voivoi'
|
|
203
218
|
|
|
204
219
|
assert_raises(OpenSSL::X509::CertificateError) do
|
|
205
|
-
Sepa::ApplicationResponse.new(@
|
|
220
|
+
Sepa::ApplicationResponse.new(@gui_doc.to_s).certificate
|
|
206
221
|
end
|
|
207
222
|
end
|
|
208
223
|
|
|
209
224
|
def test_cert_should_be_trusted_with_correct_root_cert
|
|
210
|
-
|
|
211
|
-
assert @
|
|
212
|
-
assert @
|
|
213
|
-
assert @
|
|
214
|
-
|
|
215
|
-
|
|
216
|
-
def test_dfl_should_fail_if_wrong_root_cert
|
|
217
|
-
assert_raises(SecurityError) { @dfl_ar.cert_is_trusted(@not_root_cert) }
|
|
218
|
-
end
|
|
219
|
-
|
|
220
|
-
def test_uf_should_fail_if_wrong_root_cert
|
|
221
|
-
assert_raises(SecurityError) { @uf_ar.cert_is_trusted(@not_root_cert) }
|
|
225
|
+
root_cert = OpenSSL::X509::Certificate.new File.read("#{KEYS_PATH}/root_cert.cer")
|
|
226
|
+
assert @dfl_ar.cert_is_trusted(root_cert)
|
|
227
|
+
assert @uf_ar.cert_is_trusted(root_cert)
|
|
228
|
+
assert @df_ar.cert_is_trusted(root_cert)
|
|
229
|
+
assert @gui_ar.cert_is_trusted(root_cert)
|
|
222
230
|
end
|
|
223
231
|
|
|
224
|
-
def
|
|
225
|
-
|
|
232
|
+
def test_should_fail_if_wrong_root_cert
|
|
233
|
+
not_root_cert = OpenSSL::X509::Certificate.new File.read("#{KEYS_PATH}/nordea.crt")
|
|
234
|
+
assert_raises(SecurityError) { @dfl_ar.cert_is_trusted(not_root_cert) }
|
|
235
|
+
assert_raises(SecurityError) { @uf_ar.cert_is_trusted(not_root_cert) }
|
|
236
|
+
assert_raises(SecurityError) { @df_ar.cert_is_trusted(not_root_cert) }
|
|
237
|
+
assert_raises(SecurityError) { @gui_ar.cert_is_trusted(not_root_cert) }
|
|
226
238
|
end
|
|
227
239
|
|
|
228
|
-
|
|
229
|
-
|
|
240
|
+
test 'to_s works' do
|
|
241
|
+
assert_equal @uf, @uf_ar.to_s
|
|
230
242
|
end
|
|
231
243
|
|
|
232
244
|
end
|