public async Task ReturnsErrorMessageWhenDecryptionCertificateCannotBeFound()
{
var userMessage = new UserMessage(
Guid.NewGuid().ToString(),
new CollaborationInfo(
agreement: new AgreementReference(
value: "http://agreements.europa.org/agreement",
pmodeId: "receiveagent-non_existing_decrypt_cert-pmode"),
service: new Service(
value: "errorhandling",
type: "as4.net:receive_agent:componenttest"),
action: "as4.net:receive_agent:decryption_failed",
conversationId: "as4.net:receive_agent:conversation"));
var as4Message = CreateAS4MessageWithAttachment(userMessage);
var encryptedMessage = AS4MessageUtils.EncryptWithCertificate(as4Message, new StubCertificateRepository().GetStubCertificate());
// Act
HttpResponseMessage response = await StubSender.SendAS4Message(_receiveAgentUrl, encryptedMessage);
// Assert
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
var contentType = response.Content.Headers.ContentType.MediaType;
var result = await SerializerProvider.Default.Get(contentType)
.DeserializeAsync(await response.Content.ReadAsStreamAsync(), contentType);
Assert.True(result.IsSignalMessage);
var errorMessage = result.FirstSignalMessage as Error;
Assert.NotNull(errorMessage);
Assert.Equal(ErrorCode.Ebms0102, errorMessage.ErrorLines.First().ErrorCode);
}
public Property Redeserialize_Result_In_Same_MessageUnits_Order(
NonEmptyArray <MessageUnit> messageUnits)
{
// Arrange
AS4Message start = AS4Message.Create(messageUnits.Get);
string ToName(MessageUnit u)
{
return(u is SignalMessage
? "SignalMessage"
: u is UserMessage
? "UserMessage"
: "Unknown");
}
IEnumerable <string> expected = messageUnits.Get.Select(ToName);
// Act
AS4Message end =
AS4MessageUtils.SerializeDeserializeAsync(start)
.GetAwaiter()
.GetResult();
// Assert
IEnumerable <string> actual = end.MessageUnits.Select(ToName);
return(expected
.SequenceEqual(actual)
.Label($"{String.Join(", ", expected)} != {String.Join(", ", actual)}"));
}
private static MessagingContext ContextWithSignedPullRequest(string expectedMpc, X509Certificate2 signingCertificate)
{
AS4Message message = AS4Message.Create(new PullRequest($"pr-{Guid.NewGuid()}", expectedMpc));
message = AS4MessageUtils.SignWithCertificate(message, signingCertificate);
return(new MessagingContext(message, MessagingContextMode.Send));
}
private static async Task <AS4Message> SignedUserMessage(string messageId)
{
AS4Message userMessage = AS4Message.Create(new UserMessage(messageId));
userMessage.AddAttachment(new FilledAttachment());
userMessage = await SerializeDeserializeMime(userMessage);
return(AS4MessageUtils.SignWithCertificate(userMessage, new StubCertificateRepository().GetStubCertificate()));
}
private static MessagingContext CreateSignedUserMessageWrappedInContext()
{
MessagingContext messagingContext = CreateUserMessageWrappedInContext();
AS4Message as4Message = messagingContext.AS4Message;
AS4MessageUtils.SignWithCertificate(as4Message, new StubCertificateRepository().GetStubCertificate());
return(messagingContext);
}
private static AS4Message SignedUserMessage(string messageId, SendingProcessingMode nrrPMode, X509Certificate2 cert)
{
AS4Message userMessage = AS4Message.Create(new UserMessage(messageId), nrrPMode);
userMessage.AddAttachment(
new Attachment(
id: "payload",
content: new MemoryStream(Encoding.UTF8.GetBytes("some content!")),
contentType: "text/plain"));
return(AS4MessageUtils.SignWithCertificate(userMessage, cert));
}
public async Task ReserializedMessageHasUntouchedSoapEnvelope()
{
AS4Message deserializedAS4Message = await DeserializeToAS4Message(
rssbus_message,
@"multipart/related;boundary=""NSMIMEBoundary__e5cfd617-6cec-4276-b190-23f0b25d9d4d"";type=""application/soap+xml"";start=""<_7a711d7c-4d1c-4ce7-ab38-794a01b445e1>""");
AS4Message reserializedAS4Message = await AS4MessageUtils.SerializeDeserializeAsync(deserializedAS4Message);
Assert.Equal(
deserializedAS4Message.EnvelopeDocument.OuterXml,
reserializedAS4Message.EnvelopeDocument.OuterXml);
}
private static async Task <AS4Message> CreateEncryptedAS4Message()
{
AS4Message message = AS4Message.Create(new UserMessage("somemessage"));
message.AddAttachment(
new Attachment(
"some-attachment",
Stream.Null,
"text/plain"));
AS4Message encryptedMessage =
AS4MessageUtils.EncryptWithCertificate(
message, new StubCertificateRepository().GetStubCertificate());
return(await AS4MessageUtils.SerializeDeserializeAsync(encryptedMessage));
}
private static AS4Message SignedNRReceipt(X509Certificate2 cert, AS4Message signedUserMessage, Func <int, int> selection)
{
IEnumerable <Reference> hashes =
signedUserMessage
.SecurityHeader
.GetReferences()
.Select(r =>
{
r.DigestValue = r.DigestValue.Select(v => (byte)selection(v)).ToArray();
return(Reference.CreateFromReferenceElement(r));
});
AS4Message receipt = AS4Message.Create(
new Receipt(
messageId: $"receipt-{Guid.NewGuid()}",
refToMessageId: signedUserMessage.GetPrimaryMessageId(),
nonRepudiation: new NonRepudiationInformation(hashes)));
return(AS4MessageUtils.SignWithCertificate(receipt, cert));
}
protected static async Task <AS4Message> NRRReceiptHashes(
string messageId,
AS4Message signedUserMessage,
Func <byte[], byte[]> adaptHashes)
{
IEnumerable <Reference> references = signedUserMessage.SecurityHeader.GetReferences()
.Select(r => new Reference(
uri: r.Uri,
transforms: new ReferenceTransform[0],
digestMethod: new ReferenceDigestMethod(Constants.SignAlgorithms.Sha256),
digestValue: adaptHashes(r.DigestValue)));
var receipt = new Receipt(
messageId: $"receipt-{Guid.NewGuid()}",
refToMessageId: messageId,
nonRepudiation: new NonRepudiationInformation(references));
return(await SerializeDeserializeSoap(
AS4MessageUtils.SignWithCertificate(
AS4Message.Create(receipt),
new StubCertificateRepository().GetStubCertificate())));
}
public async Task CanDeserializeEncryptAndSerializeSignedMessageWithUntouchedMessagingHeader()
{
// Arrange: retrieve an existing signed AS4 Message and encrypt it.
// Serialize it again to inspect the Soap envelope of the modified message.
AS4Message deserializedAS4Message =
await DeserializeToAS4Message(
signed_holodeck_message,
@"multipart/related;boundary=""MIMEBoundary_bcb27a6f984295aa9962b01ef2fb3e8d982de76d061ab23f""");
XmlNode originalSecurityHeader = deserializedAS4Message.SecurityHeader.GetXml().CloneNode(deep: true);
var encryptionCertificate = new X509Certificate2(certificate_as4, certificate_password);
// Act: Encrypt the message
deserializedAS4Message.Encrypt(
new KeyEncryptionConfiguration(encryptionCertificate),
DataEncryptionConfiguration.Default);
// Assert: the soap envelope of the encrypted message should not be equal to the
// envelope of the original message since there should be modifications in
// the security header.
Assert.NotEqual(
originalSecurityHeader.OuterXml,
deserializedAS4Message.EnvelopeDocument.OuterXml);
// Serialize it again; the Soap envelope should remain intact, besides
// some changes that have been made to the security header.
AS4Message reserializedAS4Message = await AS4MessageUtils.SerializeDeserializeAsync(deserializedAS4Message);
// Assert: The soap envelopes of both messages should be equal if the
// SecurityHeader is not taken into consideration.
RemoveSecurityHeaderFromMessageEnvelope(reserializedAS4Message);
RemoveSecurityHeaderFromMessageEnvelope(deserializedAS4Message);
Assert.Equal(
reserializedAS4Message.EnvelopeDocument.OuterXml,
deserializedAS4Message.EnvelopeDocument.OuterXml);
}
public async Task Succeeds_Verify_Bundled_Signed_AS4Message()
{
// Arrange
var user = new UserMessage($"user-{Guid.NewGuid()}");
var receipt = new Receipt($"receipt-{Guid.NewGuid()}", $"user-{Guid.NewGuid()}");
var as4Message = AS4Message.Create(user);
as4Message.AddMessageUnit(receipt);
var cert = new X509Certificate2(holodeck_partya_certificate, certificate_password, X509KeyStorageFlags.Exportable);
AS4Message signed = AS4MessageUtils.SignWithCertificate(as4Message, cert);
signed = await SerializeDeserializeSoap(signed);
var ctx = new MessagingContext(signed, MessagingContextMode.Receive)
{
ReceivingPMode = ReceivingPModeWithAllowedSigningVerification()
};
// Act
StepResult result = await ExerciseVerify(ctx);
Assert.True(result.Succeeded);
}
private static AS4Message SignAS4MessageWithCertificate(AS4Message message, X509Certificate2 certificate)
{
return(AS4MessageUtils.SignWithCertificate(message, certificate));
}
