Commit bf92b05b authored by Tobias Assmann's avatar Tobias Assmann
Browse files

add certificate generator

parent c750c39f
<ns1:Envelope
xmlns:ns2="urn:liberty:paos:2003-08"
xmlns:ns1="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ns3="urn:liberty:paos:2006-08"
xmlns:ns5="http://www.w3.org/2005/03/addressing">
<ns1:Header>
<ns5:MessageID>urn:uuid:{ecard.new.messageid}</ns5:MessageID>
<ns5:ReplyTo>
<ns5:Address>http://www.projectliberty.org/2006/02/role/paos</ns5:Address>
</ns5:ReplyTo>
<ns5:Action>http://www.bsi.bund.de/ecard/api/1.0/PAOS/GetNextCommand</ns5:Action>
</ns1:Header>
<ns1:Body>
<iso:DIDAuthenticate xmlns:tsl2="http://uri.etsi.org/02231/v2.1.1#"
xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:olsc="http://www.openlimit.com/ecard/api/ext/acbc"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:iso="urn:iso:std:iso-iec:24727:tech:schema"
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:vr="urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:schema#"
xmlns:dss="urn:oasis:names:tc:dss:1.0:core:schema" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:dsse="urn:oasis:names:tc:dss-x:1.0:profiles:encryption:schema#"
xmlns:ec="http://www.bsi.bund.de/ecard/api/1.1" xmlns:tsl="http://uri.etsi.org/02231/v3.1.2#"
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:XAdES="http://uri.etsi.org/01903/v1.3.2#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:dssades="urn:oasis:names:tc:dss:1.0:profiles:AdES:schema#"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:dssx="urn:oasis:names:tc:dss-x:1.0:profiles:SignaturePolicy:schema#"
xmlns:ers="http://www.setcce.org/schemas/ers" xmlns:tslg="http://uri.etsi.org/02231/v2.x#"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
{ecard.startpaos.connectionhandle}
<iso:DIDName>PIN</iso:DIDName>
<iso:AuthenticationProtocolData
Protocol="urn:oid:1.0.24727.3.0.0.7.2" xsi:type="iso:EAC1InputType">
<iso:Certificate>{eidservice.cv.terminal}</iso:Certificate>
<iso:Certificate>{eidservice.cv.terminal.0}</iso:Certificate>
<iso:Certificate>{eidservice.cv.terminal.1}</iso:Certificate>
<iso:Certificate>{eidservice.cv.terminal.2}</iso:Certificate>
<iso:Certificate>{eidservice.cv.terminal.3}</iso:Certificate>
<iso:Certificate>{eidservice.cv.terminal.4}</iso:Certificate>
<iso:Certificate>{eidservice.cv.terminal.5}</iso:Certificate>
<iso:Certificate>{eidservice.cv.dvca}</iso:Certificate>
<iso:CertificateDescription>{eidservice.cert.description}</iso:CertificateDescription>
</iso:AuthenticationProtocolData>
</iso:DIDAuthenticate>
</ns1:Body>
</ns1:Envelope>
\ No newline at end of file
# contains the configuration for ExampleApp
#############################################
############### XML Validator ###############
#############################################
ecard.testcase.failOnXMLEvaluationError=false
# des zu 'browser' ändern
# dann bekommt man url --> bei handy app eintragen
ecard.testcase.type=browsersimulator
client.url=http://127.0.0.1:24727
card.esign.dst=B603840101
###### eID-Server ################################
# Here the parameters concerning the eID-Server of the Testbed are initialized.
# The eID-Server uses the following address an the port number.
eidservice.hostname=service.dev.skidentity.de
eidservice.port=8443
# The TLS uses the following default certificate. If another certificate is to be used in a
# particular test case, it should be overridden in the respective folder of the test case.
eidservice.certificate=CERT_TLS_EIDSERVER_1_NEW.der
eidservice.privatekey=CERT_TLS_EIDSERVER_1_NEW_KEY.der
# SSL/TLS version. Supported versions are sslv3, tls10, tls11 and tls12. Note: sslv2 NOT supported by Java anymore.
# eidservice.tls.version=tls11, tls12
# Conformity check of TLS version that the eID server expects to receive in CLientHello.
# Currently, an eID client must offer TLS 1.2 according to TR-03116-4
# Supported versions are sslv3, tls10, tls11 and tls12. Note: sslv2 NOT supported by Java anymore.
# eidservice.tls.expectedClientVersion=tls12
# Comma-separated list of cipher suites (for allowed ones see BSI (TR-03116-4 or TR-02102))
# default cipherSuite (TLS_RSA_PSK_WITH_AES_256_CBC_SHA) is set
# by eidservice.usepsk=true, override with specific cipherSuite if required
# eidservice.tls.ciphersuites=TLS_RSA_PSK_WITH_AES_256_CBC_SHA
# eidservice.usepsk=true
# Should the eID-Server work as Attached eID-Server
# eidservice.isAttached=false
# Should the Attached eID-Server support TLS session ID mechanism
# eidservice.attached.tls.supportSessionId=false
# Should the Attached eID-Server support TLS session ticket mechanism
# eidservice.attached.tls.supportSessionTicket=false
# Should the Attached eID-Server resume a TLS session if a client asks for it
# eidservice.attached.tls.allowSessionResumption=false
# This a a workaround option for clients that do not send a correct "\r\n\r\n" between HTTP header and body.
# If set to true, the servers will additionally accept "\n\n"
# eidservice.accept.non.conform.http11.messages=false
# The following lines initialize the CV certificates to be used by the eID-Server.
# In default flow there is no need in a link certificate to be sent to the eID-Client, therefore deactivated here.
# eidservice.cv.cvca=CERT_CV_LINK_2_A.cvcert
eidservice.cv.terminal=CERT_CV_TERM_1_A_NEW.cvcert
eidservice.cv.terminal.key=CERT_CV_TERM_1_A_NEW_Key.pkcs8
eidservice.cert.description=CERT_CV_TERM_1_A_NEW_Desc.bin
eidservice.cv.terminal.0=terminal_cert_0.cvcert
eidservice.cv.terminal.1=terminal_cert_1.cvcert
eidservice.cv.terminal.2=terminal_cert_2.cvcert
eidservice.cv.terminal.3=terminal_cert_3.cvcert
eidservice.cv.terminal.4=terminal_cert_4.cvcert
eidservice.cv.terminal.5=terminal_cert_5.cvcert
# The HTTP code that will be send to the eID-Client for PAOS requests. Input other than 200 and 202 are ignored, the fallback is 202.
# eidservice.paos.response=202
# Checks whether the eID-Client uses exactly the address from the TC Token to connect to the eID-Server (case-insensitive).
# If not, the test case stops with an error. Disable this verification to pass through.
# eidservice.check.uri=true
####### eService ##################################
# Here the parameters concerning the eService of the Testbed are initialized.
# The eService uses the following address an the port number.
eservice.port=443
eservice.hostname=service.dev.skidentity.de
# The TLS uses the following default certificate. If another certificate is to be used in a
# particular test case, it should be overridden in the respective folder of the test case.
eservice.certificate=CERT_TLS_ESERVICE_1_NEW.der
eservice.privatekey=CERT_TLS_ESERVICE_1_NEW_KEY.der
commerroraddressserver.port=444
commerroraddressserver.hostname=service.dev.skidentity.de
Place EF.CardAccess file and EF.CardSecurity file here:
EF.CardAccess.bin
EF.CardSecurity.bin
Also card.esign.dst has to be configured in this config.properties to perform eSign testcases which generate key pairs.
7f2181e77f4e81a05f290100420e44455445535465494430303030367f494f060a04007f000702020202038641044ddca95368558a64b46a9dc44d1fbdfa9b3c421639581f24988c593ba0354b37159b08f3a4cf806dd6c854544713c6f448867e960bbb3d2b452ed13b9dcdb3695f20104445445674494447564e4b30303033317f4c12060904007f0007030102025305400513ff975f25060109000901015f24060109010201005f37406f89f651519a8a6997075951279788b1695064f9ad53d3c22fb8d9eb31936fcea68d3e54bcca2e00fccb084fa66ccc1a0854fbdf7c2620d5d1750582770cf4fb
\ No newline at end of file
7f218201b67f4e82016e5f290100420e44455445535465494430303030357f4982011d060a04007f000702020202038120a9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e537782207d5a0975fc2c3057eef67530417affe7fb8055c126dc5c6ce94a4b44f330b5d9832026dc5c6ce94a4b44f330b5d9bbd77cbf958416295cf7e1ce6bccdc18ff8c07b68441048bd2aeb9cb7e57cb2c4b482ffc81b7afb9de27e1e3bd23c23a4453bd9ace3262547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f0469978520a9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a786410425ab80f9c7bca0ab1759d8e469f911cc006d02131552aa5f248b2a38d7c72cfb3317ea6881fd24d8b31a2e75fbeda87964b60787095f75c753cd8bc5264d3c9a8701015f200e44455445535465494430303030367f4c12060904007f0007030102025305fc0f13ffff5f25060108000200055f24060201000200055f37402e55923ed687cb104d609dd183402e8292db03c3effe5ef3fac597d2a8db27370269eaad7341d72447c9184cd817ae0e2bd4df6fcf89dc52f455d490f077e5e9
\ No newline at end of file
7f218201b67f4e82016e5f290100420e44455445535465494430303030347f4982011d060a04007f000702020202038120a9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e537782207d5a0975fc2c3057eef67530417affe7fb8055c126dc5c6ce94a4b44f330b5d9832026dc5c6ce94a4b44f330b5d9bbd77cbf958416295cf7e1ce6bccdc18ff8c07b68441048bd2aeb9cb7e57cb2c4b482ffc81b7afb9de27e1e3bd23c23a4453bd9ace3262547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f0469978520a9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a78641049bfeba8dc7faab6e3bdeb3ff794dbb800848fe4f6940a4cc7eecb5159c87da5395505892026d420a22596cd014ed1fd872dada597db0f8d64441041198f62d448701015f200e44455445535465494430303030357f4c12060904007f0007030102025305fc0f13ffff5f25060105000500045f24060108000500045f37402d2468416d66bcbe259b9b907a73395bc1ef94ed75f9c17615210246e9efb06e6753e9055ce76623b7699b9efb1a7d3a9dd83f6e6e09e55a33ea0a5f62a1c719
\ No newline at end of file
7f218201b67f4e82016e5f290100420e44455445535465494430303030327f4982011d060a04007f000702020202038120a9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e537782207d5a0975fc2c3057eef67530417affe7fb8055c126dc5c6ce94a4b44f330b5d9832026dc5c6ce94a4b44f330b5d9bbd77cbf958416295cf7e1ce6bccdc18ff8c07b68441048bd2aeb9cb7e57cb2c4b482ffc81b7afb9de27e1e3bd23c23a4453bd9ace3262547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f0469978520a9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a786410474ff63ab838c73c303ac003dfee95cf8bf55f91e8febcb7395d942036e47cf1845ec786ec95bb453aac288ad023b6067913cf9b63f908f49304e5cfc8b3050dd8701015f200e44455445535465494430303030347f4c12060904007f0007030102025305fc0f13ffff5f25060102000501015f24060105000501015f37405c035a0611b6c58f0b5261fdd009decab7dc7a79482d5248cca119059b7d82b2157cf0c4a499bcf441efdd35e294a58c0af19a34a0762159533285acf170a505
\ No newline at end of file
7f218201b67f4e82016e5f290100420e44455445535465494430303030317f4982011d060a04007f000702020202038120a9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e537782207d5a0975fc2c3057eef67530417affe7fb8055c126dc5c6ce94a4b44f330b5d9832026dc5c6ce94a4b44f330b5d9bbd77cbf958416295cf7e1ce6bccdc18ff8c07b68441048bd2aeb9cb7e57cb2c4b482ffc81b7afb9de27e1e3bd23c23a4453bd9ace3262547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f0469978520a9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7864104096eb58bfd86252238ec2652185c43c3a56c320681a21e37a8e69ddc387c0c5f5513856efe2fdc656e604893212e29449b365e304605ac5413e75be31e641f128701015f200e44455445535465494430303030327f4c12060904007f0007030102025305fe0f01ffff5f25060100000902015f24060103000902015f3740141120a0fdfc011a52f3f72b387a3dc7aca88b4868d5ae9741780b6ff8a0b49e5f55169a2d298ef5cf95935dca0c3df3e9d42dc45f74f2066317154961e6c746
\ No newline at end of file
7f218201b67f4e82016e5f290100420e44455445535465494430303030317f4982011d060a04007f000702020202038120a9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e537782207d5a0975fc2c3057eef67530417affe7fb8055c126dc5c6ce94a4b44f330b5d9832026dc5c6ce94a4b44f330b5d9bbd77cbf958416295cf7e1ce6bccdc18ff8c07b68441048bd2aeb9cb7e57cb2c4b482ffc81b7afb9de27e1e3bd23c23a4453bd9ace3262547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f0469978520a9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7864104184bb519fc2a8f52dc0dc73112facfe914f2a49b678dd5799a2b1dfe95e1a66359014e22fa8d66438413ceba6cf0e215576b673376bf617af4dfe9761d2290148701015f200e44455445535465494430303030317f4c12060904007f0007030102025305fe0f01ffff5f25060100000801035f24060103000801035f37409f25ebfaf4b91e4c60a1683754c5dc076a3179753ef97d9f8cb01fe1dcd3b8c83e7a26602ab1f344be5706006d79a9ff6a9716404dc83b9f30e1213b393128a2
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment