diff --git a/src/test/java/com/lacunasoftware/pkiexpress/AuthenticationTest.java b/src/test/java/com/lacunasoftware/pkiexpress/AuthenticationTest.java deleted file mode 100644 index d3bb22e..0000000 --- a/src/test/java/com/lacunasoftware/pkiexpress/AuthenticationTest.java +++ /dev/null @@ -1,86 +0,0 @@ -package com.lacunasoftware.pkiexpress; - -import static org.junit.Assert.assertNotNull; - -import java.io.IOException; - -import org.junit.Before; -import org.junit.Test; - -/** - * Integration tests for Authentication. - * Tests all methods that contain invoke() calls. - * Each method with an invoke() call gets its own test case. - */ -public class AuthenticationTest { - - private Authentication authentication; - - @Before - public void setUp() throws IOException { - authentication = new Authentication(); - } - - @Test - public void testStart_WithInvokeCall() throws IOException { - // This test exercises start() which calls invoke(CommandEnum.CommandStartAuth, - // args) - // The test verifies that the invoke() call is made successfully - try { - AuthStartResult authStartResult = authentication.start(); - assertNotNull("Result should not be null", authStartResult); - assertNotNull("Nonce should not be null", authStartResult.getNonce()); - } catch (Exception e) { - // If PKI Express is not available, the test will fail - // but we've still tested the invoke() call path - throw new AssertionError("Failed to execute start() with invoke() call: " + e.getMessage(), e); - } finally { - authentication.dispose(); - } - } - - @Test - public void testComplete_WithInvokeCall() throws IOException { - // This test exercises complete() which calls - // invoke(CommandEnum.CommandCompleteAuth, args) - // Note: This requires a valid nonce, certificate, and signature to work - // properly - - try { - // First, get a nonce from start() - AuthStartResult authStartResult = authentication.start(); - // Let's use pkie's sign-data command to create a signature from the nonce - DataSigner dataSigner = new DataSigner(); - dataSigner.setToSignData(authStartResult.getNonce()); - dataSigner.setPkcs12(TestUtils.LoadSamplePkcs12AsPath()); - dataSigner.setCertPassword(TestUtils.getSampleCertificatePassword()); - // Sign the nonce - byte[] signature = dataSigner.sign(); - // Set the signature - authentication.setSignature(signature); - // Set the nonce - authentication.setNonce(authStartResult.getNonce()); - // Set the certificate content. - authentication.setCertificate(getClass().getResourceAsStream("resources/AlanTuring.cer")); - // Set the signature. - authentication.setSignature(signature); - - // Complete the authentication. Receive as response a AuthCompleteResult - // instance containing - // the following fields: - // - The certificate information; - // - The validation results; - AuthCompleteResult result = authentication.complete(); - assertNotNull("Result should not be null", result); - TestUtils.validateCertificateFieldsFromSampleCertificate(result.getCertificate()); // validate the certificate fields - } catch (Exception e) { - // If PKI Express is not available or certificate/signature is invalid, - // the test will fail but we've still tested the invoke() call path - throw new AssertionError("Failed to execute complete() with invoke() call: " + e.getMessage(), e); - } finally { - // Cleanup - // Files.deleteIfExists(tempCertFile); - authentication.dispose(); - } - } -} diff --git a/src/test/java/com/lacunasoftware/pkiexpress/integration/AuthenticationTest.java b/src/test/java/com/lacunasoftware/pkiexpress/integration/AuthenticationTest.java new file mode 100644 index 0000000..e7de457 --- /dev/null +++ b/src/test/java/com/lacunasoftware/pkiexpress/integration/AuthenticationTest.java @@ -0,0 +1,112 @@ +package com.lacunasoftware.pkiexpress; + +import static org.junit.Assert.assertNotNull; + +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.Path; + +import org.junit.Before; +import org.junit.Test; + +/** + * Integration tests for Authentication. + * Tests all methods that contain invoke() calls. + * Each method with an invoke() call gets its own test case. + */ +class PadesSignerIT { + + private PadesSigner signer; + private Path outputFile; + + @BeforeEach + void setUp() throws IOException { + signer = new PadesSigner(); + outputFile = Files.createTempFile("pades-signer-test-", ".pdf"); + signer.setOutputFile(outputFile); + } + + @AfterEach + void tearDown() throws IOException { + if (signer != null) { + signer.dispose(); + } + Files.deleteIfExists(outputFile); + } + + @Test + public void testStart_WithInvokeCall() throws IOException { + // This test exercises start() which calls invoke(CommandEnum.CommandStartAuth, + // args) + // The test verifies that the invoke() call is made successfully + try { + AuthStartResult authStartResult = authentication.start(); + assertNotNull("Result should not be null", authStartResult); + assertNotNull("Nonce should not be null", authStartResult.getNonce()); + } catch (Exception e) { + // If PKI Express is not available, the test will fail + // but we've still tested the invoke() call path + throw new AssertionError("Failed to execute start() with invoke() call: " + e.getMessage(), e); + } finally { + authentication.dispose(); + } + } + + @Test + @DisplayName("sign(true) should sign a PDF and return a valid signer certificate") + void signWithInvokeCall_shouldProduceSignedPdfAndCertificate() throws Exception { + // This test exercises sign(boolean getCert), + // which internally calls invoke(CommandEnum.CommandSignPades, args). + // + // NOTE: + // This requires: + // - A valid PDF + // - A valid PKCS#12 certificate + // - PKI Express available in the environment + + // If PKI Express is not available, skip instead of failing + assumeTrue(PkiExpress.isAvailable(), "PKI Express is not available"); + + // Load PDF from test resources + InputStream pdfInputStream = + getClass().getResourceAsStream("/resources/SamplePdf.pdf"); + + assertNotNull(pdfInputStream, "SamplePdf.pdf should be present in test resources"); + + // Configure signer + signer.setPdfToSign(pdfInputStream); + signer.setPkcs12(TestUtils.LoadSamplePkcs12AsPath()); + signer.setCertPassword(TestUtils.getSampleCertificatePassword()); + signer.setTrustLacunaTestRoot(true); // allow test certificates + + // Execute + PKCertificate certificate = signer.sign(true); + + // ---- Certificate assertions ---- + assertNotNull(certificate, "Returned certificate should not be null"); + + assertAll("Certificate fields should be populated", + () -> assertNotNull(certificate.getThumbprint(), "Thumbprint"), + () -> assertNotNull(certificate.getSubjectName(), "Subject name"), + () -> assertNotNull(certificate.getIssuerName(), "Issuer name"), + () -> assertNotNull(certificate.getSerialNumber(), "Serial number"), + () -> assertNotNull(certificate.getValidityStart(), "Validity start"), + () -> assertNotNull(certificate.getValidityEnd(), "Validity end"), + () -> assertNotNull(certificate.getKeyUsage(), "Key usage"), + () -> assertNotNull(certificate.getCertificatePolicies(), "Certificate policies"), + () -> assertFalse( + certificate.getCertificatePolicies().isEmpty(), + "Certificate policies should not be empty" + ) + ); + + // Validate certificate fields against known sample certificate + TestUtils.validateCertificateFieldsFromSampleCertificate(certificate); + + // ---- Output file assertions ---- + assertAll("Signed PDF output", + () -> assertTrue(Files.exists(outputFile), "Output file should exist"), + () -> assertTrue(Files.size(outputFile) > 0, "Output file should not be empty") + ); + } +}