forked from gematik/app-PkiTestsuite
-
Notifications
You must be signed in to change notification settings - Fork 0
/
allTests.txt
87 lines (80 loc) · 9.2 KB
/
allTests.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
+ de.gematik.pki.pkits.testsuite.approval.CertificateApprovalTests
verifyUseCaseCertsInvalid Test use case with invalid certificates (multiple data variants)
verifyUseCaseCertsNotInTsl Test use case with valid certificates with issuer not in trust store (multiple data variants)
verifyUseCaseCertsValid Test use case with valid certificates (multiple data variants)
- verifyUseCaseRsaCertValid Test use case with valid RSA certificate (multiple data variants)
+ de.gematik.pki.pkits.testsuite.approval.OcspApprovalTests
verifyForCaCertificateWithoutServiceSupplyPoint CA certificate in TSL without ServiceSupplyPoint
verifyHashAlgorithmsInOcspSha1 Test OCSP response with SHA1 used for the certId.
verifyHashAlgorithmsInOcspShaVersion Test that the test object understands OCSP responses with the same hash algorithm it uses for its requests in the certId.
verifyInvalidCerIdInOcspResponse Test invalid cert id in OCSP response (multiple data variants)
verifyInvalidCertHashInOcspResponse Test invalid CertHash in OCSP response
verifyInvalidSignatureInOcspResponse Test invalid signature in OCSP response
verifyMissingCertHashInOcspResponse Test missing CertHash in OCSP response
verifyMissingOcspSignerInTslForUseCaseCertificate Test missing OCSP signer in TSL (multiple data variants)
verifyOcspCertificateStatusRevokedAndUnknown Test OCSP response with certificate status revoked and unknown (multiple data variants)
verifyOcspGracePeriod Test OCSP grace period
verifyOcspRequestStructure Test OCSP request structure
verifyOcspResponseMissingNextUpdate Test OCSP response with missing nextUpdate
verifyOcspResponseResponderIdByName Test OCSP response with responder id byName
verifyOcspResponseTimeoutAndDelay Test OCSP response with timeout and delay
verifyOcspResponseVariousStatusAndResponseBytes Test various status of OCSP responses with and without response bytes (multiple data variants)
verifyOcspResponseWithNullParameterInCertId Test OCSP response with null parameter in CertId (multiple data variants)
+ de.gematik.pki.pkits.testsuite.approval.OcspToleranceApprovalTests
verifyOcspResponseNextUpdatePastOutOfTolerance Test OCSP response with nextUpdate in past out of tolerance
verifyOcspResponseNextUpdatePastWithinTolerance Test OCSP response with nextUpdate in past within tolerance
verifyOcspResponseProducedAtFutureOutOfTolerance Test OCSP response with producedAt in future out of tolerance
verifyOcspResponseProducedAtFutureWithinTolerance Test OCSP response with producedAt in future within tolerance
verifyOcspResponseProducedAtPastOutOfTolerance Test OCSP response with producedAt in past out of tolerance
verifyOcspResponseProducedAtPastWithinTolerance Test OCSP response with producedAt in past within tolerance
verifyOcspResponseThisUpdateFutureOutOfTolerance Test OCSP response with thisUpdate in future out of tolerance
verifyOcspResponseThisUpdateFutureWithinTolerance Test OCSP response with thisUpdate in future within tolerance
+ de.gematik.pki.pkits.testsuite.approval.TslApprovalExtraTests
verifyExpiredTslInSystem Expired TSL in system (NextUpdate is outside the TSL Grace Period). WARNING: After the test a TSL must then be manually inserted into the system.
+ de.gematik.pki.pkits.testsuite.approval.TslApprovalTests
verifyForBadCertificateOfTSPService Test bad CA certificate is not extractable from TSL
verifyForTslInvalidXmlSchemaOrNonCompliantElement TSL with invalid XML schema or schema non-compliant element.
verifyForTslNotWellFormedXmlStructure TSL with not well-formed XML structure.
verifyForTslWithInvalidOidDownloadAddresses TSL with invalid OID of download addresses.
verifyForUnspecifiedServiceTypeIdentifierOfTSPService Test CA certificate with ServiceTypeIdentifier "unspecified" in TSL
verifyForWrongServiceInfoExtCertificateOfTSPService Test CA certificate with missing service information extension in TSL
verifyIrregularDifferencesBetweenCurrentAndNewTsls Test TSL service does not provide updated TSL
verifyRetryFailingTslDownload Test TSL download not possible
verifyRevokedCaCertificateInTslInPast Test CA certificate in TSL is revoked and EE certificate is issued earlier.
verifyRevokedCaCertificateInTslLater Test CA certificate in TSL is revoked and EE certificate is issued later.
verifyTslDownloadCompression Test compression of TSL download
verifyTslSignatureInvalid Test TSL signature invalid - "to be signed block" with integrity violation
verifyUpdateTrustStoreInTestObject Test update of TSL with different XML format (pretty print)
verifyUseBackupTslDownload Test TSL download on primary endpoint not possible
+ de.gematik.pki.pkits.testsuite.approval.TslSignerApprovalTests
verifyForInvalidSignatureOfTslSigner Invalid signature of the TSL signer certificate.
verifyMissingOcspSignerInTslForTslSignerCert Test missing OCSP signer in TSL for TSL signer certificate (multiple data variants)
verifyOcspResponseTslSignerCertInvalidCertHash Test OCSP response of TSL signer certificate with invalid CertHash
verifyOcspResponseTslSignerCertInvalidCertId Test invalid cert id in OCSP response for TSL signer cert (multiple data variants)
verifyOcspResponseTslSignerCertMissingCertHash Test OCSP response of TSL signer certificate with missing CertHash
verifyOcspResponseTslSignerCertMissingNextUpdate Test OCSP response of TSL signer certificate with missing nextUpdate
verifyOcspResponseTslSignerCertResponderIdByName Test OCSP response of TSL signer certificate with responder id byName
verifyOcspResponseTslSignerCertStatusRevokedAndUnknown Test OCSP response of TSL signer certificate with status revoked and unknown (multiple data variants)
verifyOcspResponseTslSignerCertTimeoutAndDelay Test OCSP response TSL signer certificate with timeout and delay
verifyOcspResponseTslSignerCertVariousStatusAndResponseBytes Test various status of OCSP responses of TSL signer certificate with and without response bytes (multiple data variants)
verifyOcspResponseTslSignerCertWithNullParameterInCertId Test OCSP response of TSL signer certificate with null parameter in CertId (multiple data variants)
verifyOcspResponseWithInvalidSignatureForTslSignerCert Test invalid OCSP response signature for TSL signer certificate
verifyTslSignerCertBroken Test TSL signer certificate is broken
verifyTslSignerCertExpired Test TSL signer certificate that is expired
verifyTslSignerCertInvalidKeyUsageAndExtendedKeyUsage Test TSL signer certificates with invalid key usage and extended key usage
verifyTslSignerCertNotYetValid Test TSL signer certificate that is not yet valid - notBefore is in the future
+ de.gematik.pki.pkits.testsuite.approval.TslSignerToleranceApprovalTests
verifyOcspResponseTslSignerCertNextUpdatePastOutOfTolerance Test OCSP response of TSL signer certificate with nextUpdate in past out of tolerance
verifyOcspResponseTslSignerCertNextUpdatePastWithinTolerance Test OCSP response of TSL signer certificate with nextUpdate in past within tolerance
verifyOcspResponseTslSignerCertProducedAtFutureOutOfTolerance Test OCSP response of TSL signer certificate with producedAt in future out of tolerance
verifyOcspResponseTslSignerCertProducedAtFutureWithinTolerance Test OCSP response of TSL signer certificate with producedAt in future within tolerance
verifyOcspResponseTslSignerCertProducedAtPastOutOfTolerance Test OCSP response of TSL signer certificate with producedAt in past out of tolerance
verifyOcspResponseTslSignerCertProducedAtPastWithinTolerance Test OCSP response of TSL signer certificate with producedAt in past within tolerance
verifyOcspResponseTslSignerCertThisUpdateFutureOutOfTolerance Test OCSP response of TSL signer certificate with thisUpdate in future out of tolerance
verifyOcspResponseTslSignerCertThisUpdateFutureWithinTolerance Test OCSP response of TSL signer certificate with thisUpdate in future within tolerance
+ de.gematik.pki.pkits.testsuite.approval.TslTaApprovalTests
verifyHandlingOfStatusStartingTimeAndOverwriteAnnouncedInactiveTrustAnchors Test overwrite behaviour and proper handling of StatusStartingTime of announced trust anchors (multiple data variants)
verifyMultipleAnnouncedTrustAnchorsInTsl Test multiple announced trust anchors in single TSL
verifyNewTrustAnchorInvalidTime Test updating trust anchor with certificates that have invalid times
verifyNewTrustAnchorsIsBroken Test for an announced broken trust anchor and cannot be extracted
verifyUpdateTrustAnchor Test updating trust anchor