diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 00000000..00a51aff --- /dev/null +++ b/.gitattributes @@ -0,0 +1,6 @@ +# +# https://help.github.com/articles/dealing-with-line-endings/ +# +# These are explicitly windows files and should use crlf +*.bat text eol=crlf + diff --git a/.gitignore b/.gitignore index 06e50e2d..9373a277 100644 --- a/.gitignore +++ b/.gitignore @@ -98,6 +98,8 @@ target **/*.class **/*.db **/*.csv +**/.DS_Store +**/build /cardlib/**/*.class /cardlib/out @@ -107,3 +109,6 @@ target /tools/**/*.class /tools/**/*.csv /tools/**/*.jar + +# Ignore Gradle build output directory +build diff --git a/cardlib/.gitignore b/cardlib/.gitignore new file mode 100644 index 00000000..acb6fb1f --- /dev/null +++ b/cardlib/.gitignore @@ -0,0 +1,2 @@ +/piv-artifacts/ +/x509-artifacts/ diff --git a/cardlib/.idea/codeStyles/codeStyleConfig.xml b/cardlib/.idea/codeStyles/codeStyleConfig.xml deleted file mode 100644 index a55e7a17..00000000 --- a/cardlib/.idea/codeStyles/codeStyleConfig.xml +++ /dev/null @@ -1,5 +0,0 @@ - - - - \ No newline at end of file diff --git a/cardlib/.idea/compiler.xml b/cardlib/.idea/compiler.xml deleted file mode 100644 index af069212..00000000 --- a/cardlib/.idea/compiler.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - - \ No newline at end of file diff --git a/cardlib/.idea/misc.xml b/cardlib/.idea/misc.xml deleted file mode 100644 index 10ad07e8..00000000 --- a/cardlib/.idea/misc.xml +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - \ No newline at end of file diff --git a/cardlib/.idea/modules.xml b/cardlib/.idea/modules.xml deleted file mode 100644 index 51d8ce51..00000000 --- a/cardlib/.idea/modules.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - - \ No newline at end of file diff --git a/cardlib/.idea/modules/piv-conformance_main.iml b/cardlib/.idea/modules/piv-conformance_main.iml deleted file mode 100644 index 22092539..00000000 --- a/cardlib/.idea/modules/piv-conformance_main.iml +++ /dev/null @@ -1,26 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/cardlib/.idea/modules/piv-conformance_test.iml b/cardlib/.idea/modules/piv-conformance_test.iml deleted file mode 100644 index 398dbfc5..00000000 --- a/cardlib/.idea/modules/piv-conformance_test.iml +++ /dev/null @@ -1,35 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/cardlib/.idea/vcs.xml b/cardlib/.idea/vcs.xml deleted file mode 100644 index 94a25f7f..00000000 --- a/cardlib/.idea/vcs.xml +++ /dev/null @@ -1,6 +0,0 @@ - - - - - - \ No newline at end of file diff --git a/cardlib/.project b/cardlib/.project index 3cba8acd..13d2546b 100644 --- a/cardlib/.project +++ b/cardlib/.project @@ -1,40 +1,23 @@ - - - cardlib - - - bc-java - core - mail - pkix - prov - tls - - - - org.eclipse.jdt.core.javabuilder - - - - - org.eclipse.buildship.core.gradleprojectbuilder - - - - - - org.eclipse.jdt.core.javanature - org.eclipse.buildship.core.gradleprojectnature - - - - 1 - - 22 - - org.eclipse.ui.ide.multiFilter - 1.0-name-matches-false-false-module-info.java - - - - + + + gov.gsa.pivconformance.cardlib + + + + + + org.eclipse.jdt.core.javabuilder + + + + + org.eclipse.buildship.core.gradleprojectbuilder + + + + + + org.eclipse.jdt.core.javanature + org.eclipse.buildship.core.gradleprojectnature + + diff --git a/cardlib/.settings/.gitignore b/cardlib/.settings/.gitignore deleted file mode 100644 index 3b1537c2..00000000 --- a/cardlib/.settings/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/org.eclipse.jdt.core.prefs diff --git a/cardlib/build.gradle b/cardlib/build.gradle index afb296e1..7ecb2681 100644 --- a/cardlib/build.gradle +++ b/cardlib/build.gradle @@ -1,222 +1,298 @@ -// set up junit 5 support for gradle -buildscript { - repositories { - mavenCentral() - } - dependencies { - classpath 'org.junit.platform:junit-platform-gradle-plugin:1.1.0' - } -} - -plugins { - id 'org.ajoberstar.grgit' version '2.1.0' - //id 'com.zyxist.chainsaw' version '0.1.3' - id 'com.github.johnrengelman.shadow' version '2.0.2' -} - -apply plugin: 'java' -apply plugin: 'application' -apply plugin: 'eclipse' -apply plugin: 'com.github.johnrengelman.shadow' -apply plugin: 'org.junit.platform.gradle.plugin' - -targetCompatibility = targetJavaVersion - -logger.warn("target java version: " + targetCompatibility) -logger.warn("source java version: " + sourceCompatibility) - -sourceSets { - main { - java { - if(targetCompatibility != JavaVersion.VERSION_11) - exclude '**/module-info.java' - } - } -} - -task sourceJar(type: Jar, dependsOn: classes) { - classifier 'sources' - from sourceSets.main.allSource -} - -import org.gradle.plugins.ide.eclipse.model.AccessRule - -eclipse { - classpath { - file { - whenMerged { - def jre = entries.find { it.path.contains 'org.eclipse.jdt.launching.JRE_CONTAINER' } - jre.accessRules.add(new AccessRule('0', 'javax/smartcardio/**')) - } - } - } -} - - -//if(targetCompatibility != JavaVersion.VERSION_1_8) -// javaModule.name = 'gov.gsa.pivconformance' - -repositories { - jcenter() - maven { url 'https://repository.apache.org/snapshots' } -} - -// custom task from -// https://stackoverflow.com/questions/39444908/how-to-create-an-html-report-for-junit-5-tests -// to get readable output for passing tests -configurations { - junitXmlToHtml -} - -dependencies { - compile 'org.bouncycastle:bcprov-jdk15on:1.64+' - compile 'org.bouncycastle:bcpkix-jdk15on:1.64+' - compile 'org.bouncycastle:bcprov-ext-jdk15on:1.64+' - - compile 'commons-cli:commons-cli:1.4' - compile 'commons-codec:commons-codec:1.11' - - compile 'com.payneteasy:ber-tlv:1.0-8' - compile 'org.slf4j:slf4j-api:1.8+' - compile 'ch.qos.logback:logback-classic:1.3+' - - compile group: 'org.xerial', name: 'sqlite-jdbc', version: '3.21.0.1' - - testCompile 'org.bouncycastle:bcprov-jdk15on:1.64+' - testCompile 'org.bouncycastle:bcprov-ext-jdk15on:1.64+' - testCompile 'org.bouncycastle:bcpkix-jdk15on:1.64+' - - testCompile 'commons-cli:commons-cli:1.4' - testCompile 'commons-codec:commons-codec:1.11' - testCompile 'com.payneteasy:ber-tlv:1.0-8' - testCompile 'org.slf4j:slf4j-api:1.8+' - testCompile 'ch.qos.logback:logback-classic:1.3+' - - testCompile 'org.junit.jupiter:junit-jupiter-api:5.1.0' - testCompile 'org.junit.jupiter:junit-jupiter-params:5.1.0' - testRuntime 'org.junit.jupiter:junit-jupiter-engine:5.1.0' - testRuntime 'org.junit.jupiter:junit-jupiter-params:5.1.0' - - shadow 'org.bouncycastle:bcprov-jdk15on:1.64' - shadow 'org.bouncycastle:bcprov-ext-jdk15on:1.64' - shadow 'org.bouncycastle:bcpkix-jdk15on:1.64+' - - junitXmlToHtml 'org.apache.ant:ant-junit:1.9.7' - -} - -// Define the main class for the application jar that will be produced -/*mainClassName = 'gov.gsa.pivconformance.tools.ConformanceTestRunner'*/ - -jar { - /* - manifest { - attributes 'Main-Class': mainClassName - }*/ - println("Runtime dependencies:") - doLast { - configurations.runtime.each { println it } - } -} - -run { - if (project.hasProperty("appArgs")) { - args Eval.me(appArgs) - } -} - -// because the tests are also modular and we don't muck with the package exported by the library. -// An alternate approach may be preferable here, but this makes both gradle and the IDEs happy. -compileTestJava { - //javaModule.name = 'gov.gsa.pivconformancetest' -} - -// use junit platform for tests -test { - useJUnitPlatform() - testLogging { - events "passed", "skipped", "failed" - } -} - -// a place to configure junit platform plugin... not currently necessary, but it is very likely desirable -// to filter tests by tag -junitPlatform { -} - - -// get readable test reports since gradle eats the summary unless there's a failure -task generateHtmlTestReports { - doLast { - def reportsDir = new File(buildDir, 'test-reports') - reportsDir.mkdirs() - - ant.taskdef( - name: 'junitReport', - classname: 'org.apache.tools.ant.taskdefs.optional.junit.XMLResultAggregator', - classpath: configurations.junitXmlToHtml.asPath - ) - - ant.junitReport(todir: "$buildDir/test-results/junit-platform", tofile: "aggregated-test-results.xml") { - fileset(dir: "$buildDir/test-results/junit-platform") - report(format: 'frames', todir: reportsDir) - } - } -} - -// make gradle check generate the reports -afterEvaluate { - def junitPlatformTestTask = tasks.getByName('junitPlatformTest') - generateHtmlTestReports.dependsOn(junitPlatformTestTask) - check.dependsOn(generateHtmlTestReports) -} - -// when producing a jar that is suitable for distribution using the shadow plugin, -// this will enbed a version properties file. -compileJava.doFirst { - //options.compilerArgs = ['--add-modules', 'java.smartcardio'] - def git = org.ajoberstar.grgit.Grgit.open(dir: "${project.rootDir}/..") - def commit = git.head() - - def commitId = commit.abbreviatedId - def commitDate = commit.getDate() - def buildDate = new Date() - - File resourcesDir = new File(project.getProjectDir(), 'src/main/resources/gov/gsa/pivconformance/utils') - File propertiesFile = new File(resourcesDir, 'version.properties') - - // The project may not have any resources, so create the directories and file - if(!propertiesFile.exists()) { - resourcesDir.mkdirs() - propertiesFile.createNewFile() - } - Properties versionProperties = new Properties() - versionProperties.setProperty('git.commit.time', commitDate.format('dd.MM.yy HH.mm.ss')) - versionProperties.setProperty('build.time', buildDate.format('dd.MM.yy HH.mm.ss')) - versionProperties.setProperty('git.commit.id', commitId) - versionProperties.setProperty('build.version', version) - versionProperties.store(propertiesFile.newWriter(), null) -} - -compileJava { - options.debugOptions.debugLevel = "source,lines,vars" -} - -task getDeps(type: Copy) { - from sourceSets.main.runtimeClasspath - into 'runtime/' -} - -task installSource(type: Copy) { - dependsOn sourceJar - from sourceJar - into "$projectDir/../tools/85b-swing-gui/lib" -} - -task install(type: Copy) { - dependsOn jar - dependsOn installSource - from jar - into "$projectDir/../tools/85b-swing-gui/lib" -} - +// cardlib/build.gradle +buildscript { + repositories { + jcenter() + mavenCentral() + } + dependencies { + classpath 'org.junit.platform:junit-platform-gradle-plugin:1.1.0' + } +} +plugins { + id 'java-library' + id 'org.ajoberstar.grgit' version '2.1.0' + id 'com.github.johnrengelman.shadow' version '4.0.4' + id 'de.jjohannes.extra-java-module-info' version '0.1' +} + +java { + modularity.inferModulePath.set(true) +} + +apply plugin: 'java-library' +apply plugin: 'eclipse' +apply plugin: 'com.github.johnrengelman.shadow' +apply plugin: 'org.junit.platform.gradle.plugin' +apply plugin: 'de.jjohannes.extra-java-module-info' + +targetCompatibility = targetJavaVersion + +logger.warn("target java version: " + targetCompatibility) +logger.warn("source java version: " + sourceCompatibility) + +import org.gradle.plugins.ide.eclipse.model.AccessRule +import org.ajoberstar.grgit.Grgit + +eclipse { + classpath { + file { + whenMerged { + def jre = entries.find { it.path.contains 'org.eclipse.jdt.launching.JRE_CONTAINER' } + jre.accessRules.add(new AccessRule('0', 'javax/smartcardio/**')) + //def lib = entries.find { it.path.contains 'gov.gsa.pivconformance.cardlib' + '-' + getVersion() + '.jar' } + //lib.sourcePath = fileReference(file('../tools/85b-swing-gui/lib/gov.gsa.pivconformance.cardlib-sources' + '-' + getVersion() + '.jar')) + } + } + } +} + +repositories { + jcenter() + maven { url 'https://repository.apache.org/snapshots' } + flatDir { + dirs '../libs' + } +} + +def getVersion = { -> + File resourcesDir = new File(project.getProjectDir(), 'src/main/resources/') + File versionFile = new File(resourcesDir, 'build.version') + if(!versionFile.exists()) { + resourcesDir.mkdirs() + versionFile.createNewFile() + println 'Initializing build.version file' + versionFile.text = '0.0-changeme' + } + String version = versionFile.text.replaceAll("[\\n\\r\\t ]", "") +} + +// custom task from +// https://stackoverflow.com/questions/39444908/how-to-create-an-html-report-for-junit-5-tests +// to get readable output for passing tests +configurations { + junitXmlToHtml +} + +dependencies { + implementation 'org.bouncycastle:bcpkix-jdk15on:1.66' + implementation 'org.bouncycastle:bcprov-jdk15on:1.66' + implementation 'commons-cli:commons-cli:1.4' + implementation 'org.apache.commons:commons-csv:1.8' + implementation 'commons-codec:commons-codec:1.15' + implementation 'com.payneteasy:ber-tlv:1.0-11' + implementation 'org.slf4j:slf4j-api:2.0.0-alpha1' + implementation 'ch.qos.logback:logback-classic:1.3.0-alpha5' + implementation 'ch.qos.logback:logback-core:1.3.0-alpha5' + implementation 'org.xerial:sqlite-jdbc:3.32.3.2' + + testImplementation 'org.junit.jupiter:junit-jupiter-api:5.7.0' + testImplementation 'org.junit.jupiter:junit-jupiter-engine:5.7.0' + testImplementation 'org.junit.jupiter:junit-jupiter-params:5.7.0' + + shadow 'org.bouncycastle:bcpkix-jdk15on:1.66' + shadow 'org.bouncycastle:bcprov-jdk15on:1.66' + shadow 'commons-cli:commons-cli:1.4' + shadow 'org.apache.commons:commons-csv:1.8' + shadow 'commons-codec:commons-codec:1.15' + shadow 'org.slf4j:slf4j-api:2.0.0-alpha1' + shadow 'ch.qos.logback:logback-classic:1.3.0-alpha5' + shadow 'com.payneteasy:ber-tlv:1.0-11' + shadow 'org.xerial:sqlite-jdbc:3.32.3.2' + + junitXmlToHtml 'org.apache.ant:ant-junit:1.10.8' +} + +task icamCardBuilder { + File cardsDir = new File(project.getRootDir(), 'src/test/resources/gsa-icam-card-builder/') + delete cardsDir + def grgit = org.ajoberstar.grgit.Grgit.clone(dir: cardsDir, uri: 'https://github.com/GSA/gsa-icam-card-builder', checkout: true, refToCheckout: 'master') + grgit.describe() +} + +// use junit platform for tests +test { + dependsOn(icamCardBuilder) + doFirst { + println 'test:' + getVersion() + delete 'x509-artifacts', 'piv-artifacts', 'log', 'logs' + } + useJUnitPlatform() + testLogging { + events "passed", "skipped", "failed" + } +} + +// a place to configure junit platform plugin... not currently necessary, but it is very likely desirable +// to filter tests by tag + +junitPlatform { +} + +jar { + doFirst { + version = getVersion() + } + doLast { + println 'archiveName: ' + archiveName + configurations.runtime.each { println it } + } +} + +compileJava { + String moduleName = ""; + if(targetCompatibility >= (String) JavaVersion.VERSION_11) { + moduleName = 'gov.gsa.pivconformance.cardlib' + inputs.property("moduleName", moduleName) + } + doFirst { + println 'compileJava:' + getVersion() + options.compilerArgs = [ + '--module-path', classpath.asPath, + ] + classpath = files() + } +} + +compileTestJava { + doFirst { + println 'compileTestJava:' + getVersion() + } + String moduleName = ""; + if(targetCompatibility >= (String) JavaVersion.VERSION_11) { + moduleName = 'gov.gsa.pivconformance.cardlib.test' + inputs.property("moduleName", moduleName) + } + doFirst { + options.compilerArgs = [ + '--module-path', classpath.asPath, + '--add-modules', 'org.junit.jupiter.api', + '--add-reads', "$moduleName=org.junit.jupiter.api", + '--patch-module', "$moduleName=" + files(sourceSets.test.java.srcDirs).asPath, + ] + version = getVersion() + classpath = files() + } +} + +// get readable test reports since gradle eats the summary unless there's a failure +task generateHtmlTestReports { + doLast { + def reportsDir = new File(buildDir, 'test-reports') + reportsDir.mkdirs() + + ant.taskdef( + name: 'junitReport', + classname: 'org.apache.tools.ant.taskdefs.optional.junit.XMLResultAggregator', + classpath: configurations.junitXmlToHtml.asPath + ) + + ant.junitReport(todir: "$buildDir/test-results/junit-platform", tofile: "aggregated-test-results.xml") { + fileset(dir: "$buildDir/test-results/junit-platform") + report(format: 'frames', todir: reportsDir) + } + } +} + +// make gradle check generate the reports +afterEvaluate { + def junitPlatformTestTask = tasks.getByName('junitPlatformTest') + generateHtmlTestReports.dependsOn(junitPlatformTestTask) + check.dependsOn(generateHtmlTestReports) +} + +// when producing a jar that is suitable for distribution using the shadow plugin, +// this will embed a version properties file. +compileJava.doFirst { + options.compilerArgs = ['--add-modules', 'java.smartcardio'] + def dir = "${project.rootDir}/../" + println '**** DIR: ' + dir + def git = org.ajoberstar.grgit.Grgit.open(dir: dir) + def commit = git.head() + + def commitId = commit.abbreviatedId + def commitDate = commit.getDate() + def buildDate = new Date() + File resourcesDir = new File(project.getProjectDir(), 'src/main/resources/') + File propertiesFile = new File(resourcesDir, 'version.properties') + + // The project may not have any resources, so create the directories and file + if(!propertiesFile.exists()) { + resourcesDir.mkdirs() + propertiesFile.createNewFile() + println 'Creating properties files' + } + Properties versionProperties = new Properties() + versionProperties.setProperty('git.commit.time', commitDate.format('dd.MM.yy HH.mm.ss')) + versionProperties.setProperty('build.time', buildDate.format('dd.MM.yy HH.mm.ss')) + versionProperties.setProperty('git.commit.id', commitId) + versionProperties.setProperty('build.version', getVersion()) + versionProperties.store(propertiesFile.newWriter(), null) + +} + +extraJavaModuleInfo { + module("ber-tlv-1.0-11.jar", "com.payneteasy", "1.0-11") { + exports("ber.tlv") + } + module("hamcrest-core-1.3.jar", "org.hamcrest", "1.3") { + exports("hamcrest.core") + } + module("slf4j-api-2.0.0-alpha1.jar", "org.slf4j", "1.4") { + exports("slf4j.api") + } + module("sqlite-jdbc-3.32.3.2.jar", "org.xerial", "3.32.3.2") { + exports("sqlite.jdbc") + } + module("commons-cli-1.4.jar", "org.apache.commons.cli", "1.4") { + exports("org.apache.commons.cli") + } + module("commons-codec-1.15.jar", "org.apache.commons.codec", "1.15") { + exports("org.apache.commons.codec.binary") + exports("org.apache.commons.codec") + } + module("commons-csv-1.8.jar", "org.apache.commons.csv", "1.8") { + exports("org.apache.commons.csv") + } + automaticModule("bcpkix-jdk15on-1.66.jar","org.bouncycastle.pkix") + automaticModule("bcprov-jdk15on-1.66.jar","org.bouncycastle.provider") + automaticModule("sqlite-jdbc-3.32.3.2.jar","org.xerial") + automaticModule("activation-1.1.jar","javax.activation") + automaticModule("checker-framework-1.7.0.jar","edu.washington.cs.types.checker") + automaticModule("ibatis-core-3.0.jar", "org.apache.ibatis") +} + +compileJava { + options.debugOptions.debugLevel = "source,lines,vars" +} + +task sourceJar(type: Jar, dependsOn: classes) { + classifier 'sources' + from sourceSets.main.allSource +} + +task copyShadowLibs(type: Copy) { + from configurations.shadow + into '../libs' +} + +/*shadowJar.dependsOn copyShadowLibs + +shadowJar.doFirst { + version = getVersion() + println 'shadowJar.doFirst.archveName: ' + archiveName +}*/ + +task installSource(type: Copy) { + dependsOn copyShadowLibs + dependsOn sourceJar + from sourceJar + into '../libs' +} + +task install(type: Copy) { + version = getVersion() + dependsOn jar + //dependsOn shadowJar + from jar + into '../libs' +} diff --git a/cardlib/doit.sh b/cardlib/doit.sh deleted file mode 100644 index fe637ba1..00000000 --- a/cardlib/doit.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/bash -pushd cardlib >/dev/null 2>&1 - set -x - ./gradlew clean - ./gradlew install - set +x -popd >/dev/null 2>&1 - -pushd conformancelib >/dev/null 2>&1 - set -x - ./gradlew clean - ./gradlew shadowJar - set +x -popd >/dev/null 2>&1 - -#pushd tools/85b-swing-gui 2>&1 -# set -x -# ./gradlew clean -# ./gradlew jar -# set +x -#popd >/dev/null 2>&1 - diff --git a/cardlib/gradle.properties b/cardlib/gradle.properties index 39f6bab7..40d6895f 100644 --- a/cardlib/gradle.properties +++ b/cardlib/gradle.properties @@ -1 +1 @@ -targetJavaVersion=8 +targetJavaVersion=11 diff --git a/cardlib/gradle/wrapper/gradle-wrapper.properties b/cardlib/gradle/wrapper/gradle-wrapper.properties index 290541c7..12d38de6 100644 --- a/cardlib/gradle/wrapper/gradle-wrapper.properties +++ b/cardlib/gradle/wrapper/gradle-wrapper.properties @@ -1,5 +1,5 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-4.10.3-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-6.6.1-bin.zip zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists diff --git a/cardlib/gradlew.bat b/cardlib/gradlew.bat index e95643d6..f9553162 100644 --- a/cardlib/gradlew.bat +++ b/cardlib/gradlew.bat @@ -1,84 +1,84 @@ -@if "%DEBUG%" == "" @echo off -@rem ########################################################################## -@rem -@rem Gradle startup script for Windows -@rem -@rem ########################################################################## - -@rem Set local scope for the variables with windows NT shell -if "%OS%"=="Windows_NT" setlocal - -set DIRNAME=%~dp0 -if "%DIRNAME%" == "" set DIRNAME=. -set APP_BASE_NAME=%~n0 -set APP_HOME=%DIRNAME% - -@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -set DEFAULT_JVM_OPTS= - -@rem Find java.exe -if defined JAVA_HOME goto findJavaFromJavaHome - -set JAVA_EXE=java.exe -%JAVA_EXE% -version >NUL 2>&1 -if "%ERRORLEVEL%" == "0" goto init - -echo. -echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. -echo. -echo Please set the JAVA_HOME variable in your environment to match the -echo location of your Java installation. - -goto fail - -:findJavaFromJavaHome -set JAVA_HOME=%JAVA_HOME:"=% -set JAVA_EXE=%JAVA_HOME%/bin/java.exe - -if exist "%JAVA_EXE%" goto init - -echo. -echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% -echo. -echo Please set the JAVA_HOME variable in your environment to match the -echo location of your Java installation. - -goto fail - -:init -@rem Get command-line arguments, handling Windows variants - -if not "%OS%" == "Windows_NT" goto win9xME_args - -:win9xME_args -@rem Slurp the command line arguments. -set CMD_LINE_ARGS= -set _SKIP=2 - -:win9xME_args_slurp -if "x%~1" == "x" goto execute - -set CMD_LINE_ARGS=%* - -:execute -@rem Setup the command line - -set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar - -@rem Execute Gradle -"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% - -:end -@rem End local scope for the variables with windows NT shell -if "%ERRORLEVEL%"=="0" goto mainEnd - -:fail -rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of -rem the _cmd.exe /c_ return code! -if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 -exit /b 1 - -:mainEnd -if "%OS%"=="Windows_NT" endlocal - -:omega +@if "%DEBUG%" == "" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%" == "" set DIRNAME=. +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS= + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if "%ERRORLEVEL%" == "0" goto init + +echo. +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto init + +echo. +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:init +@rem Get command-line arguments, handling Windows variants + +if not "%OS%" == "Windows_NT" goto win9xME_args + +:win9xME_args +@rem Slurp the command line arguments. +set CMD_LINE_ARGS= +set _SKIP=2 + +:win9xME_args_slurp +if "x%~1" == "x" goto execute + +set CMD_LINE_ARGS=%* + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% + +:end +@rem End local scope for the variables with windows NT shell +if "%ERRORLEVEL%"=="0" goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 +exit /b 1 + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/cardlib/out/production/resources/log4j.properties b/cardlib/out/production/resources/log4j.properties deleted file mode 100644 index bff8a95f..00000000 --- a/cardlib/out/production/resources/log4j.properties +++ /dev/null @@ -1,5 +0,0 @@ -log4j.rootLogger=INFO, STDOUT -log4j.appender.STDOUT=org.apache.log4j.ConsoleAppender -log4j.appender.STDOUT.layout=org.apache.log4j.PatternLayout -log4j.appender.STDOUT.layout.ConversionPattern=%5p [%t] (%F:%L) - %m%n - diff --git a/cardlib/settings.gradle b/cardlib/settings.gradle new file mode 100644 index 00000000..799b3285 --- /dev/null +++ b/cardlib/settings.gradle @@ -0,0 +1,10 @@ +/* + * This file was generated by the Gradle 'init' task. + * + * The settings file is used to specify which projects to include in your build. + * + * Detailed information about configuring a multi-project build in Gradle can be found + * in the user manual at https://docs.gradle.org/6.6.1/userguide/multi_project_builds.html + */ + +rootProject.name = 'gov.gsa.pivconformance.cardlib' diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/APDUUtils.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/APDUUtils.java deleted file mode 100644 index ae32261b..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/APDUUtils.java +++ /dev/null @@ -1,351 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import gov.gsa.pivconformance.tlv.TagConstants; -import org.bouncycastle.asn1.ASN1ObjectIdentifier; -import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.security.Provider; -import java.security.Security; -import java.util.Arrays; - -/** - * - * Helper class that facilitates creation of APDU values - * - */ -public class APDUUtils { - private static byte[] s_pivSelect = null; - private static final Logger s_logger = LoggerFactory.getLogger(APDUUtils.class); - - /** - * - * Return APDU value for SELECT card operation - * - * @return Byte array with SELECT APDU - */ - public static byte[] PIVSelectAPDU() { - if (s_pivSelect == null) { - try { - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - baos.write(APDUConstants.COMMAND); - baos.write(APDUConstants.SELECT); - byte[] p1p2 = { 0x04, 0x00 }; - baos.write(p1p2); - baos.write((byte) APDUConstants.PIV_APPID.length); - baos.write(APDUConstants.PIV_APPID); - s_pivSelect = baos.toByteArray(); - } catch (IOException ioe) { - // if we ever hit this, OOM is coming soon - s_logger.error("Unable to populate static PIV select APDU field.", ioe); - s_pivSelect = new byte[0]; - } - } - return s_pivSelect; - } - - /** - * - * Return APDU value for SELECT card operation based on a specific APP ID value - * - * @param appid Byte array with APP ID - * @return Byte array with SELECT APDU - */ - public static byte[] PIVSelectAPDU(byte[] appid) { - byte[] rv_pivSelect = null; - if (rv_pivSelect == null) { - try { - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - baos.write(APDUConstants.COMMAND); - baos.write(APDUConstants.SELECT); - byte[] p1p2 = { 0x04, 0x00 }; - baos.write(p1p2); - baos.write(appid.length); - baos.write(appid); - byte[] Le = { 0x00 }; - baos.write(Le); - rv_pivSelect = baos.toByteArray(); - } catch (IOException ioe) { - // if we ever hit this, OOM is coming soon - s_logger.error("Unable to populate static PIV select APDU field.", ioe); - rv_pivSelect = new byte[0]; - } - } - return rv_pivSelect; - } - - /** - * - * Return APDU value for GENERAL AUTHENTICATE - * - * @param keyReference Byte value identifying key reference of the - * generated key pair - * @param algorithmIdentifier Byte value identifying algorithm to be performed - * on card - * @param parameter Byte array containing the parameter value - * @return Byte array with GENERATE APDU - */ - public static byte[] PIVGeneralAuthenticateAPDU(byte keyReference, byte algorithmIdentifier, byte[] parameter) { - byte[] rv_pivGeneralAuthenticate = null; - if (rv_pivGeneralAuthenticate == null) { - try { - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - baos.write(APDUConstants.COMMAND); - baos.write(APDUConstants.GENERAL_AUTHENTICATE); - byte[] p1 = { algorithmIdentifier }; - baos.write(p1); - baos.write(keyReference); - - // If parameter is present data length will be 1 (Tag 'AC') + length + 1 - // (cryptographic mechanism tag) + 1 (length) + 1 (cryptographic mechanism) + 1 - // (parameter tag) + parameter length length+ parameter length . - // If parameter is absent data length will be 1 (Tag 'AC') + length + 1 - // (cryptographic mechanism tag) + 1 (cryptographic mechanism length) + 1 - // (cryptographic mechanism) - if (parameter != null) { - baos.write(parameter.length); - } else { - baos.write(0); - } - - if (parameter != null) { - baos.write(parameter); - } - byte[] Le = { 0x00 }; - baos.write(Le); - rv_pivGeneralAuthenticate = baos.toByteArray(); - } catch (IOException ioe) { - // if we ever hit this, OOM is coming soon - s_logger.error("Unable to populate static PIV Generate APDU field.", ioe); - rv_pivGeneralAuthenticate = new byte[0]; - } - } - return rv_pivGeneralAuthenticate; - } - - /** - * - * Return APDU value for GENERATE card operation based on a specific APP ID - * value - * - * @param keyReference Byte value identifying key reference of the generated - * key pair - * @param cryptoMechanism Byte value identifying the type of key pair to be - * generated - * @param parameter Byte array containing the parameter value - * @return Byte array with GENERATE APDU - */ - public static byte[] PIVGenerateKeyPairAPDU(byte keyReference, byte cryptoMechanism, byte[] parameter) { - byte[] rv_pivGenerate = null; - if (rv_pivGenerate == null) { - try { - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - baos.write(APDUConstants.COMMAND); - baos.write(APDUConstants.GENERATE); - byte[] p1 = { 0x00 }; - baos.write(p1); - baos.write(keyReference); - - // If parameter is present data length will be 1 (Tag 'AC') + length + 1 - // (cryptographic mechanism tag) + 1 (length) + 1 (cryptographic mechanism) + 1 - // (parameter tag) + parameter length length+ parameter length . - // If parameter is absent data length will be 1 (Tag 'AC') + length + 1 - // (cryptographic mechanism tag) + 1 (cryptographic mechanism length) + 1 - // (cryptographic mechanism) - if (parameter != null) { - baos.write(1 + 1 + 1 + 1 + 1 + 1 + 1 + parameter.length); - } else { - baos.write(1 + 1 + 1 + 1 + 1); - } - - // Write Control reference template tag - baos.write(APDUConstants.CONTROL_REFERENCE_TEMPLATE_TAG); - - // Write length value for Control reference template - - if (parameter != null) { - - // Add length of Crypto Mechanism TLV - baos.write(3 + 2 + parameter.length); - - } else { - - // Add length of Crypto Mechanism TLV - baos.write(3); - } - - baos.write(TagConstants.CRYPTO_MECHANISM_TAG); - // Add length of crypto mechanism which will be 1 - baos.write(1); - baos.write(cryptoMechanism); - if (parameter != null) { - byte[] parameterTag = { TagConstants.PARAMETER_TAG }; - baos.write(parameterTag); - baos.write(parameter.length); - baos.write(parameter); - } - byte[] Le = { 0x00 }; - baos.write(Le); - rv_pivGenerate = baos.toByteArray(); - } catch (IOException ioe) { - // if we ever hit this, OOM is coming soon - s_logger.error("Unable to populate static PIV Generate APDU field.", ioe); - rv_pivGenerate = new byte[0]; - } - } - return rv_pivGenerate; - } - - /** - * - * @param data - * @return - */ - public static byte[] PIVGetDataAPDU(byte[] data) { - - byte[] rv_pivGetData = null; - - try { - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - baos.write(APDUConstants.COMMAND); - baos.write(APDUConstants.GET); - byte[] p1p2 = { 0x3f, (byte) 0xff }; - baos.write(p1p2); - byte[] Lc = { (byte) (data.length & 0xff) }; - baos.write(Lc); - baos.write(data); - byte[] Le = { 0x00 }; - baos.write(Le); - rv_pivGetData = baos.toByteArray(); - } catch (IOException ioe) { - // if we ever hit this, OOM is coming soon - s_logger.error("Unable to populate PIV get data APDU field.", ioe); - rv_pivGetData = new byte[0]; - } - - return rv_pivGetData; - } - - /** - * - * @param data - * @return - */ - public static byte[] PIVGetDataAPDU_Broken(byte[] data) { - - byte[] rv_pivGetData = null; - - try { - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - baos.write(APDUConstants.COMMAND); - baos.write(APDUConstants.GET); - byte[] p1p2 = { 0x3f, (byte) 0xff }; - baos.write(p1p2); - byte[] Lc = { (byte) (data.length & 0xff) }; - baos.write(Lc); - baos.write(data); - byte[] Le = { 0x08 }; - baos.write(Le); - rv_pivGetData = baos.toByteArray(); - } catch (IOException ioe) { - // if we ever hit this, OOM is coming soon - s_logger.error("Unable to populate PIV get data APDU field.", ioe); - rv_pivGetData = new byte[0]; - } - - return rv_pivGetData; - } - - /** - * - * Helper fuction that converts byte[] into unsigned int - * - * @param b Byte array to be converter to unsigned int - * @return Unsigned int value - */ - public static final int bytesToInt(byte[] b) { - - if (b.length != 2) { - throw new IllegalArgumentException("Invalid buffer length passed in."); - } - - int l = 0; - l |= b[0] & 0xFF; - l <<= 8; - l |= b[1] & 0xFF; - return l; - } - - /** - * - * Helper function that constructs a TLV buffer based on passed in tag and value - * buffer - * - * @param tag Byte array with tag info - * @param value Byte array with value - * @return Byte array with resulting TLV value - */ - public static final byte[] getTLV(byte[] tag, byte[] value) { - - if (tag == null || value == null) - throw new IllegalArgumentException("Null buffer passed into getTLV()."); - byte[] rv = null; - ByteArrayOutputStream os = new ByteArrayOutputStream(); - int numberLenBytes = (value == null) ? 0 : (value.length > 127) ? 2 : 1; - try { - // Tag - os.write(tag); - // Length & value - if (numberLenBytes == 2) { - os.write((byte) ((0x80 + numberLenBytes) & 0xff)); - os.write((byte) (((value.length & 0xff00) >> 8) & 0xff)); - os.write((byte) (value.length & 0x00ff)); - os.write(value); - } else if (numberLenBytes == 1) { - os.write((byte) (value.length & 0xff)); - os.write(value); - } else if (numberLenBytes == 0) { - os.write(0x00); - } - } catch (IOException e) { - s_logger.error("Failed to create TLV value: {}", e.getMessage()); - return rv; - } - - rv = os.toByteArray(); - return rv; - } - - /** - * - * Helper function that creates ASN1ObjectIdentifier object based on OID value - * and a service name - * - * @param serviceName String value identifying the service - * @param name String value identifying OID by name - * @return - */ - public static ASN1ObjectIdentifier getAlgorithmIdentifier(String serviceName, String name) { - ASN1ObjectIdentifier oid = null; - Provider provider = Security.getProvider(BouncyCastleProvider.PROVIDER_NAME); - Provider.Service service = provider.getService(serviceName, name); - if (service != null) { - String string = service.toString(); - String array[] = string.split("\n"); - if (array.length > 1) { - string = array[array.length - 1]; - array = string.split("[\\[\\]]"); - if (array.length > 2) { - string = array[array.length - 2]; - array = string.split(", "); - Arrays.sort(array); - oid = new ASN1ObjectIdentifier(array[0]); - } - } - } - return oid; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/AbstractPIVApplication.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/AbstractPIVApplication.java deleted file mode 100644 index 1e0ef5c9..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/AbstractPIVApplication.java +++ /dev/null @@ -1,723 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import gov.gsa.pivconformance.tlv.BerTag; -import gov.gsa.pivconformance.tlv.BerTlv; -import gov.gsa.pivconformance.tlv.BerTlvParser; -import gov.gsa.pivconformance.tlv.BerTlvs; -import gov.gsa.pivconformance.tlv.CCTTlvLogger; -import gov.gsa.pivconformance.tlv.TagConstants; -import gov.gsa.pivconformance.utils.PCSCWrapper; - -import org.apache.commons.codec.binary.Hex; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.smartcardio.*; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.util.List; -import java.util.ArrayList; - -/** - * A base class for items that will implement the IPIVApplication interface, to - * allow those methods that can be common across implementations to be shared - */ -abstract public class AbstractPIVApplication implements IPIVApplication { - - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(AbstractPIVApplication.class); - private CommandAPDU m_lastCommandAPDU = null; - private ResponseAPDU m_lastResponseAPDU; - - /** - * - * Set the PIV Card Application as the currently selected card application and - * establish the PIV Card Applicationâs security state. - * - * @param cardHandle CardHandle object that encapsulates connection - * to a card - * @param applicationAID ApplicationAID object containing the AID of the - * PIV Card Application - * @param applicationProperties ApplicationProperties object containing - * application properties of the selected PIV Card - * Application - * @return MiddlewareStatus value indicating the result of the function call - */ - @Override - public MiddlewareStatus pivSelectCardApplication(CardHandle cardHandle, ApplicationAID applicationAID, - ApplicationProperties applicationProperties) { - s_logger.debug("pivSelectCardApplication()"); - try { - // Establishing channel - Card card = cardHandle.getCard(); - if (card == null) - return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; - - // Establishing channel - CardChannel channel = card.getBasicChannel(); - cardHandle.setCurrentChannel(channel); - - PCSCWrapper pcsc = PCSCWrapper.getInstance(); - - // Construct APDU command using APDUUtils and applicationAID that was passed in. - CommandAPDU cmd = new CommandAPDU(APDUUtils.PIVSelectAPDU(applicationAID.getBytes())); - m_lastCommandAPDU = cmd; - m_lastResponseAPDU = null; - // Transmit command and get response - ResponseAPDU response = pcsc.transmit(channel, cmd); - m_lastResponseAPDU = response; - s_logger.debug("Response to SELECT command: {} {}", String.format("0x%02X", response.getSW1()), - String.format("0x%02X", response.getSW2())); - - // Check for Successful execution status word - if (response.getSW() != APDUConstants.SUCCESSFUL_EXEC) { - - // XXX *** TODO: handle 61XX - if (response.getSW1() == 0x61) { - s_logger.info("SW1 == 61"); - return MiddlewareStatus.PIV_OK; - } - - if (response.getSW() == APDUConstants.APP_NOT_FOUND) { - s_logger.info("Card application not found"); - return MiddlewareStatus.PIV_CARD_APPLICATION_NOT_FOUND; - } - - s_logger.error("Error selecting card application, failed with error: {}", - Integer.toHexString(response.getSW())); - return MiddlewareStatus.PIV_CONNECTION_FAILURE; - } - - // Populated the response in ApplicationProperties - byte[] properties = response.getData(); - if (properties != null) - applicationProperties.setBytes(properties); - - } catch (Exception ex) { - - s_logger.error("Error selecting card application: {}", ex.getMessage()); - return MiddlewareStatus.PIV_CONNECTION_FAILURE; - } - s_logger.debug("pivSelectCardApplication returning {}", MiddlewareStatus.PIV_OK); - return MiddlewareStatus.PIV_OK; - } - - /** - * - * Sets security state within the PIV Card Application. - * - * @param cardHandle CardHandle object that encapsulates connection to a - * card - * @param authenticators Byte array cotaining authenticators to be used to - * authenticate and set security state/status in the PIV - * Card Application context - * @return MiddlewareStatus value indicating the result of the function call - */ - @Override - public MiddlewareStatus pivLogIntoCardApplication(CardHandle cardHandle, byte[] authenticators) { - PIVAuthenticators pas = new PIVAuthenticators(); - pas.decode(authenticators); - for (PIVAuthenticator authenticator : pas.getAuthenticators()) { - if (authenticator.getType() != TagConstants.KEY_REFERENCE_APPLICATION_PIN_TAG - && authenticator.getType() != TagConstants.KEY_REFERENCE_GLOBAL_PIN_TAG) { - s_logger.warn("Skipping authenticator of type {}. Currently unsupported.", authenticator.getType()); - continue; - } - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - try { - baos.write(APDUConstants.COMMAND); - baos.write(APDUConstants.VERIFY); - baos.write((byte) 0x00); // logging in - baos.write(authenticator.getType()); - baos.write(authenticator.getData().length == 0 ? 0x00 : (byte) 0x08); // PIN - baos.write(authenticator.getData()); - } catch (IOException ioe) { - s_logger.error("Failed to populate VERIFY APDU buffer"); - } - byte[] rawAPDU = baos.toByteArray(); - // s_logger.error("VERIFY APDU: {}", Hex.encodeHexString(rawAPDU)); - CardChannel channel = cardHandle.getCurrentChannel(); - CommandAPDU verifyApdu = new CommandAPDU(rawAPDU); - ResponseAPDU resp = null; - try { - PCSCWrapper pcsc = PCSCWrapper.getInstance(); - m_lastCommandAPDU = verifyApdu; - m_lastResponseAPDU = null; - resp = pcsc.transmit(channel, verifyApdu); - m_lastResponseAPDU = resp; - } catch (CardException e) { - s_logger.error("Failed to transmit VERIFY APDU to card", e); - return MiddlewareStatus.PIV_CARD_READER_ERROR; - } - if (resp.getSW() == 0x9000) { - cardHandle.setCurrentChannel(channel); - s_logger.debug("Successfully logged into card application"); - } else { - s_logger.error("Login failed: {}", Hex.encodeHexString(resp.getBytes())); - s_logger.error("Card: {}", cardHandle.getCard()); - // s_logger.error("Last command APDU: {}", - // Hex.encodeHexString(m_lastCommandAPDU.getBytes())); - s_logger.error("Last response APDU: {}", Hex.encodeHexString(m_lastResponseAPDU.getBytes())); - return MiddlewareStatus.PIV_AUTHENTICATION_FAILURE; - } - - } - return MiddlewareStatus.PIV_OK; - } - - /** - * - * Retrieves all the data containers of the PIV Card Application - * - * @param cardHandle CardHandle object that encapsulates connection to a card - * @param dataList List of PIVDataObject objects containing all the data - * containers of PIV Card Application - * @return MiddlewareStatus value indicating the result of the function call - */ - public MiddlewareStatus pivGetAllDataContainers(CardHandle cardHandle, List dataList) { - - MiddlewareStatus result = MiddlewareStatus.PIV_OK; - - if (cardHandle == null) - return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; - - try { - if (dataList == null) - dataList = new ArrayList(); - - for (String containerOID : APDUConstants.AllContainers()) { - - // Create object from the OID - PIVDataObject dataObject = PIVDataObjectFactory.createDataObjectForOid(containerOID); - s_logger.info("Attempting to read data object for OID {} ({})", containerOID, - APDUConstants.oidNameMap.get(containerOID)); - - result = this.pivGetData(cardHandle, containerOID, dataObject); - - // Add the data object to the list if successful return code - if (result == MiddlewareStatus.PIV_OK) - dataList.add(dataObject); - } - - } catch (SecurityException ex) { - - s_logger.info("Error retrieving data from the card application: {}", ex.getMessage()); - return MiddlewareStatus.PIV_SECURITY_CONDITIONS_NOT_SATISFIED; - } catch (Exception ex) { - - s_logger.info("Error retrieving data from the card application: {}", ex.getMessage()); - return MiddlewareStatus.PIV_CONNECTION_FAILURE; - } - - return MiddlewareStatus.PIV_OK; - } - - /** - * - * @param cardHandle CardHandle object that encapsulates connection to a card - * @param OID String containing OID value identifying data object whose - * data content is to be retrieved - * @param data PIVDataObject object that will store retrieved data content - * @return MiddlewareStatus value indicating the result of the function call - */ - @Override - public MiddlewareStatus pivGetData(CardHandle cardHandle, String OID, PIVDataObject data) { - byte[] oidBytes = APDUConstants.oidMAP.get(OID); - if (oidBytes == null) { - s_logger.error("OID {} is not recognized by oidMAP.", OID); - return MiddlewareStatus.PIV_DATA_OBJECT_NOT_FOUND; - } - - try { - // Establishing channel - Card card = cardHandle.getCard(); - if (card == null) - return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; - - CardChannel channel = cardHandle.getCurrentChannel(); - if (channel == null) { - throw new IllegalStateException("Must select PIV application before calling pivGetData"); - } - - // Construct data field based on the data field oid and the tag for the specific - // oid - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - baos.write(TagConstants.DATA_FIELD_TAG); - baos.write(oidBytes.length); - baos.write(oidBytes); - - // Construct APDU command using APDUUtils and applicationAID that was passed in. - CommandAPDU cmd = new CommandAPDU(APDUUtils.PIVGetDataAPDU(baos.toByteArray())); - - PCSCWrapper pcsc = PCSCWrapper.getInstance(); - // Transmit command and get response - m_lastCommandAPDU = cmd; - m_lastResponseAPDU = null; - ResponseAPDU response = pcsc.transmit(channel, cmd); - m_lastResponseAPDU = response; - - // Check for Successful execution status word - if (response.getSW() != APDUConstants.SUCCESSFUL_EXEC) { - - if (response.getSW() == APDUConstants.APP_NOT_FOUND) { - s_logger.info("Data object not found"); - return MiddlewareStatus.PIV_DATA_OBJECT_NOT_FOUND; - } else if (response.getSW() == APDUConstants.SECURITY_STATUS_NOT_SATISFIED) { - s_logger.info("Security status not satisfied"); - return MiddlewareStatus.PIV_SECURITY_CONDITIONS_NOT_SATISFIED; - } - - s_logger.error("Error getting object {}, failed with error: {}", OID, - Integer.toHexString(response.getSW())); - return MiddlewareStatus.PIV_CONNECTION_FAILURE; - } - byte[] responseData = response.getData(); - BerTlvParser lengthCheckTlvParser = new BerTlvParser(new CCTTlvLogger(this.getClass())); - BerTlvs outer = lengthCheckTlvParser.parse(response.getData()); - if (outer != null) { - if (outer.getList() == null) { - s_logger.warn("GET DATA returned status of 90 00 but tag list is null"); - return MiddlewareStatus.PIV_DATA_OBJECT_NOT_FOUND; - } - BerTlv tlv = outer.getList().get(0); - if (tlv == null) { - s_logger.warn("GET DATA returned status of 90 00 but TLV at 0 is null"); - return MiddlewareStatus.PIV_DATA_OBJECT_NOT_FOUND; - } - BerTag tag = tlv.getTag(); - if (tag == null) { - s_logger.warn("GET DATA returned status of 90 00 but tag {} is null", tlv.getHexValue()); - return MiddlewareStatus.PIV_DATA_OBJECT_NOT_FOUND; - } - if (tag.bytes.length == 1 && tag.bytes[0] == 0x53 && responseData.length == 2 - && responseData[1] == 0x00) { - s_logger.debug("GET DATA returned status of 90 00 but a tag of 0x53 with a length of 0." - + " Per SP800-73-4, PIV middleware should return PIV_DATA_OBJECT_NOT_FOUND."); - return MiddlewareStatus.PIV_DATA_OBJECT_NOT_FOUND; - } - } - - // Populate the response in PIVDataObject - data.setOID(OID); - data.setBytes(response.getData()); - - } catch (SecurityException ex) { - - s_logger.error("Error retrieving data from the card application: {}", ex.getMessage(), ex); - return MiddlewareStatus.PIV_SECURITY_CONDITIONS_NOT_SATISFIED; - } catch (Exception ex) { - - s_logger.error("Error retrieving data from the card application: {}", ex.getMessage(), ex); - return MiddlewareStatus.PIV_CONNECTION_FAILURE; - } - - return MiddlewareStatus.PIV_OK; - } - - /** - * - * @param cardHandle CardHandle object that encapsulates connection to a card - * @param OID String containing OID value identifying data object whose - * data content is to be retrieved - * @param data PIVDataObject object that will store retrieved data content - * @return MiddlewareStatus value indicating the result of the function call - */ - public MiddlewareStatus pivGetAllData(CardHandle cardHandle, String OID, PIVDataObject data) { - - try { - // Establishing channel - Card card = cardHandle.getCard(); - if (card == null) - return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; - - CardChannel channel = cardHandle.getCurrentChannel(); - if (channel == null) { - throw new IllegalStateException("Must select PIV application before calling pivGetData"); - } - - // Construct data field based on the data field oid and the tag for the specific - // oid - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - baos.write(TagConstants.DATA_FIELD_TAG); - baos.write(0x00); - baos.write(APDUConstants.oidMAP.get(OID)); - - // Construct APDU command using APDUUtils and applicationAID that was passed in. - CommandAPDU cmd = new CommandAPDU(APDUUtils.PIVGetDataAPDU(baos.toByteArray())); - - PCSCWrapper pcsc = PCSCWrapper.getInstance(); - // Transmit command and get response - m_lastCommandAPDU = cmd; - m_lastResponseAPDU = null; - ResponseAPDU response = pcsc.transmit(channel, cmd); - m_lastResponseAPDU = response; - - // Check for Successful execution status word - if (response.getSW() != APDUConstants.SUCCESSFUL_EXEC) { - - if (response.getSW() == APDUConstants.APP_NOT_FOUND) { - s_logger.info("Data object not found"); - return MiddlewareStatus.PIV_DATA_OBJECT_NOT_FOUND; - } else if (response.getSW() == APDUConstants.SECURITY_STATUS_NOT_SATISFIED) { - s_logger.info("Security status not satisfied"); - return MiddlewareStatus.PIV_SECURITY_CONDITIONS_NOT_SATISFIED; - } - - s_logger.error("Error getting object {}, failed with error: {}", OID, - Integer.toHexString(response.getSW())); - return MiddlewareStatus.PIV_CONNECTION_FAILURE; - } - - // Populate the response in PIVDataObject - data.setOID(OID); - data.setBytes(response.getData()); - - } catch (SecurityException ex) { - - s_logger.info("Error retrieving data from the card application: {}", ex.getMessage()); - return MiddlewareStatus.PIV_SECURITY_CONDITIONS_NOT_SATISFIED; - } catch (Exception ex) { - - s_logger.info("Error retrieving data from the card application: {}", ex.getMessage()); - return MiddlewareStatus.PIV_CONNECTION_FAILURE; - } - - return MiddlewareStatus.PIV_OK; - } - - /** - * - * Reses the application security state/status of the PIV Card Application. - * - * @param cardHandle CardHandle object that encapsulates connection to a card - * @return MiddlewareStatus value indicating the result of the function call - */ - @Override - public MiddlewareStatus pivLogoutOfCardApplication(CardHandle cardHandle) { - return null; - } - - /** - * - * @param cardHandle CardHandle object that encapsulates connection to - * a card - * @param algorithmIdentifier Byte value identifying the cryptographic algorithm - * to be used for the cryptographic operation - * @param keyReference Byte value identifying the on-card key to be used - * for the cryptographic operation. - * @param algorithmInput PIVDataObject object containing sequence of bytes - * used as the input to the cryptographic operation - * @param algorithmOutput PIVDataObject object containing sequence of bytes - * used as the output to the cryptographic * - * operation - * @return MiddlewareStatus value indicating the result of the function call - */ - @Override - public MiddlewareStatus pivCrypt(CardHandle cardHandle, byte algorithmIdentifier, byte keyReference, - PIVDataObject algorithmInput, PIVDataObject algorithmOutput) { - try { - Card card = cardHandle.getCard(); - if (card == null) - return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; - - CardChannel channel = card.getBasicChannel(); - if (channel == null) - return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; - - byte[] rawAPDU = APDUUtils.PIVGeneralAuthenticateAPDU(keyReference, algorithmIdentifier, - algorithmInput.getBytes()); - s_logger.info("GENERAL AUTHENTICATE APDU: {}", Hex.encodeHexString(rawAPDU)); - - CommandAPDU cmd = new CommandAPDU(rawAPDU); - // Transmit command and get response - m_lastCommandAPDU = cmd; - m_lastResponseAPDU = null; - ResponseAPDU response = channel.transmit(cmd); - m_lastResponseAPDU = response; - - s_logger.debug("Response to GENERAL AUTHENTICATE command: {} {}", - String.format("0x%02X", response.getSW1()), String.format("0x%02X", response.getSW2())); - - // Check for Successful execution status word - if (response.getSW() != APDUConstants.SUCCESSFUL_EXEC) { - - if (response.getSW() == APDUConstants.SECURITY_STATUS_NOT_SATISFIED) { - s_logger.error("Security condition not satisfied"); - return MiddlewareStatus.PIV_SECURITY_CONDITIONS_NOT_SATISFIED; - } else if (response.getSW() == APDUConstants.INCORREECT_PARAMETER) { - s_logger.error("Incorrect parameter in command data field"); - return MiddlewareStatus.PIV_UNSUPPORTED_CRYPTOGRAPHIC_MECHANISM; - } else if (response.getSW() == APDUConstants.FUNCTION_NOT_SUPPORTED) { - s_logger.error("Function not supported"); - return MiddlewareStatus.PIV_FUNCTION_NOT_SUPPORTED; - } else if (response.getSW() == APDUConstants.INCORREECT_PARAMETER_P2) { - s_logger.error("Invalid key or key algorithm combination"); - return MiddlewareStatus.PIV_INVALID_KEY_OR_KEYALG_COMBINATION; - } else { - s_logger.error("Error in GENERAL AUTHENTICATE command, failed with error: {}", - Integer.toHexString(response.getSW())); - return MiddlewareStatus.PIV_CONNECTION_FAILURE; - } - } - algorithmOutput.setBytes(response.getData()); - cardHandle.setCurrentChannel(channel); - } catch (Exception e) { - s_logger.error("Failed to complete pivCrypt operation for algorithm {} (key {}", - Hex.encodeHexString(new byte[] { algorithmIdentifier }), - Hex.encodeHexString(new byte[] { keyReference }), e); - } - return null; - } - - /** - * - * Generates an asymmetric key pair in the currently selected card application. - * - * @param cardHandle CardHandle object that encapsulates connection - * to a card - * @param keyReference Byte value identifying key reference of the - * generated key pair - * @param cryptographicMechanism Byte value identifying the type of key pair to - * be generated - * @param publicKey PIVDataObject object defining the public key of - * the generated key pair - * @return MiddlewareStatus value indicating the result of the function call - */ - @Override - public MiddlewareStatus pivGenerateKeyPair(CardHandle cardHandle, byte keyReference, byte cryptographicMechanism, - PIVDataObject publicKey) { - try { - // Establishing channel - Card card = cardHandle.getCard(); - if (card == null) - return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; - - // Establishing channel - CardChannel channel = card.getBasicChannel(); - - // Construct APDU command using APDUUtils and keyReference, - // cryptographicMechanism that was passed in. - byte[] rawAPDU = APDUUtils.PIVGenerateKeyPairAPDU(keyReference, cryptographicMechanism, null); - s_logger.info("GENERATE APDU: {}", Hex.encodeHexString(rawAPDU)); - - CommandAPDU cmd = new CommandAPDU(rawAPDU); - - PCSCWrapper pcsc = PCSCWrapper.getInstance(); - // Transmit command and get response - m_lastCommandAPDU = cmd; - m_lastResponseAPDU = null; - ResponseAPDU response = pcsc.transmit(channel, cmd); - m_lastResponseAPDU = response; - - s_logger.debug("Response to GENERATE command: {} {}", String.format("0x%02X", response.getSW1()), - String.format("0x%02X", response.getSW2())); - - // Check for Successful execution status word - if (response.getSW() != APDUConstants.SUCCESSFUL_EXEC) { - - if (response.getSW() == APDUConstants.SECURITY_STATUS_NOT_SATISFIED) { - s_logger.error("Security condition not satisfied"); - return MiddlewareStatus.PIV_SECURITY_CONDITIONS_NOT_SATISFIED; - } else if (response.getSW() == APDUConstants.INCORREECT_PARAMETER) { - s_logger.error("Incorrect parameter in command data field"); - return MiddlewareStatus.PIV_UNSUPPORTED_CRYPTOGRAPHIC_MECHANISM; - } else if (response.getSW() == APDUConstants.FUNCTION_NOT_SUPPORTED) { - s_logger.error("Function not supported"); - return MiddlewareStatus.PIV_FUNCTION_NOT_SUPPORTED; - } else if (response.getSW() == APDUConstants.INCORREECT_PARAMETER_P2) { - s_logger.error("Invalid key or key algorithm combination"); - return MiddlewareStatus.PIV_INVALID_KEY_OR_KEYALG_COMBINATION; - } else { - s_logger.error("Error generating key pair, failed with error: {}", - Integer.toHexString(response.getSW())); - return MiddlewareStatus.PIV_CONNECTION_FAILURE; - } - } - - // Populated the response in ApplicationProperties - publicKey.setBytes(response.getData()); - cardHandle.setCurrentChannel(channel); - - } catch (Exception ex) { - - s_logger.error("Error generating key pair: {}", ex.getMessage()); - return MiddlewareStatus.PIV_CONNECTION_FAILURE; - } - s_logger.debug("pivGenerateKeyPair returning {}", MiddlewareStatus.PIV_OK); - return MiddlewareStatus.PIV_OK; - } - - /** - * Establishes secure messaging with the PIV Card Application. - * - * @param cardHandle CardHandle object that encapsulates connection to a card - * @return MiddlewareStatus value indicating the result of the function call - */ - @Override - public MiddlewareStatus pivEstablishSecureMessaging(CardHandle cardHandle) { - s_logger.debug("pivEstablishSecureMessaging()"); - try { - // Establishing channel - Card card = cardHandle.getCard(); - if (card == null) - return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; - - byte[] dataField = { (byte) 0x7C, 0x05, (byte) 0x81, 0x01, 0x00, (byte) 0x82, 0x00 }; - - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - try { - baos.write(APDUConstants.COMMAND); - baos.write(APDUConstants.SM); - baos.write(APDUConstants.CIPHER_SUITE_1); // Algorithm Reference for algs that support SM. - baos.write(APDUConstants.PIV_SECURE_MESSAGING_KEY); - baos.write(dataField.length); - baos.write(dataField); - baos.write(0x00); // Le - } catch (IOException ioe) { - s_logger.error("Failed to populate SM APDU buffer"); - } - byte[] rawAPDU = baos.toByteArray(); - s_logger.info("SM APDU: {}", Hex.encodeHexString(rawAPDU)); - CardChannel channel = cardHandle.getCurrentChannel(); - CommandAPDU smApdu = new CommandAPDU(rawAPDU); - ResponseAPDU resp = null; - try { - PCSCWrapper pcsc = PCSCWrapper.getInstance(); - m_lastCommandAPDU = smApdu; - m_lastResponseAPDU = null; - resp = pcsc.transmit(channel, smApdu); - m_lastResponseAPDU = resp; - } catch (CardException e) { - s_logger.error("Failed to transmit SM APDU to card", e); - return MiddlewareStatus.PIV_CARD_READER_ERROR; - } - if (resp.getSW() == 0x9000) { - cardHandle.setCurrentChannel(channel); - s_logger.info("Successfully established secure messaging"); - } else { - s_logger.error("Error establishing secure messaging: {}", Hex.encodeHexString(resp.getBytes())); - return MiddlewareStatus.PIV_SM_FAILED; - } - - } catch (Exception ex) { - - s_logger.error("Error establishing secure messaging: {}", ex.getMessage()); - return MiddlewareStatus.PIV_CARD_READER_ERROR; - } - s_logger.debug("pivSelectCardApplication returning {}", MiddlewareStatus.PIV_OK); - return MiddlewareStatus.PIV_OK; - } - - /** - * Replaces the entire data content of the data object specified by the OID - * parameter with the provided data. - * - * @param cardHandle CardHandle object that encapsulates connection to a card - * @param OID String containing OID value identifying data object - * @param data PIVDataObject object containing data that will be written - * to the card - * @return MiddlewareStatus value indicating the result of the function call - */ - @Override - public MiddlewareStatus pivPutData(CardHandle cardHandle, String OID, PIVDataObject data) { - - s_logger.debug("pivPutData()"); - try { - // Establishing channel - Card card = cardHandle.getCard(); - if (card == null) - return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; - - if (OID == null) - return MiddlewareStatus.PIV_INVALID_OID; - - ByteArrayOutputStream baosDataField = new ByteArrayOutputStream(); - if (data.getOID().equals(APDUConstants.DISCOVERY_OBJECT_OID) - || data.getOID().equals(APDUConstants.BIOMETRIC_INFORMATION_TEMPLATES_GROUP_TEMPLATE_OID)) { - - baosDataField.write(data.getBytes()); - } else { - baosDataField.write(TagConstants.TAG_LIST); - baosDataField.write(APDUConstants.oidMAP.get(OID).length); - baosDataField.write(APDUConstants.oidMAP.get(OID)); - baosDataField.write(data.getBytes()); - } - - s_logger.debug("dataField: {}", Hex.encodeHexString(baosDataField.toByteArray())); - - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - try { - baos.write(APDUConstants.COMMAND); - baos.write(APDUConstants.INS_DB); - baos.write(APDUConstants.P1_3F); - baos.write(APDUConstants.P2_FF); - baos.write(baosDataField.toByteArray().length); - baos.write(baosDataField.toByteArray()); - } catch (IOException ioe) { - s_logger.error("Failed to populate PUT DATA APDU buffer"); - } - byte[] rawAPDU = baos.toByteArray(); - s_logger.info("PUT DATA APDU: {}", Hex.encodeHexString(rawAPDU)); - CardChannel channel = cardHandle.getCurrentChannel(); - CommandAPDU smApdu = new CommandAPDU(rawAPDU); - ResponseAPDU resp = null; - try { - PCSCWrapper pcsc = PCSCWrapper.getInstance(); - m_lastCommandAPDU = smApdu; - m_lastResponseAPDU = null; - resp = pcsc.transmit(channel, smApdu); - m_lastResponseAPDU = resp; - } catch (CardException e) { - s_logger.error("Failed to transmit PUT DATA APDU to card", e); - return MiddlewareStatus.PIV_CARD_READER_ERROR; - } - if (resp.getSW() == 0x9000) { - cardHandle.setCurrentChannel(channel); - s_logger.info("Successfully wrote data object to the card."); - } else if (resp.getSW() == 0x6A82) { - s_logger.error("Failed to write object to the card, security condition not satisfied: {}", - Hex.encodeHexString(resp.getBytes())); - return MiddlewareStatus.PIV_SECURITY_CONDITIONS_NOT_SATISFIED; - } else if (resp.getSW() == 0x6A81) { - s_logger.error("Failed to write object to the card, function is not supported: {}", - Hex.encodeHexString(resp.getBytes())); - return MiddlewareStatus.PIV_FUNCTION_NOT_SUPPORTED; - } else if (resp.getSW() == 0x6A84) { - s_logger.error("Failed to write object to the card, not enough memory: {}", - Hex.encodeHexString(resp.getBytes())); - return MiddlewareStatus.PIV_INSUFFICIENT_CARD_RESOURCE; - } else { - s_logger.error("Failed to write object to the card: {}", Hex.encodeHexString(resp.getBytes())); - return MiddlewareStatus.PIV_CARD_READER_ERROR; - } - - } catch (Exception ex) { - - s_logger.error("Error writing data object to the card: {}", ex.getMessage()); - return MiddlewareStatus.PIV_CARD_READER_ERROR; - } - s_logger.debug("pivPutData returning {}", MiddlewareStatus.PIV_OK); - return MiddlewareStatus.PIV_OK; - } - - public byte[] getLastCommandAPDUBytes() { - byte[] apduBytes = null; - if (m_lastCommandAPDU == null) { - s_logger.error("getLastCommandAPDUBytes() called without any command APDU having been sent."); - return apduBytes; - } - apduBytes = m_lastCommandAPDU.getBytes(); - return apduBytes; - } - - public byte[] getLastResponseAPDUBytes() { - byte[] apduBytes = null; - if (m_lastResponseAPDU == null) { - s_logger.error("getLastResponseAPDUBytes() called without any command APDU having been sent."); - return apduBytes; - } - apduBytes = m_lastResponseAPDU.getBytes(); - return apduBytes; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ApplicationAID.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ApplicationAID.java deleted file mode 100644 index c8b9d7b0..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ApplicationAID.java +++ /dev/null @@ -1,51 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * Encapsulates a PIV application identifier - */ -public class ApplicationAID { - private static final Logger s_logger = LoggerFactory.getLogger(ApplicationAID.class); - - /** - * ApplicationAID class constructor, initializes all the class fields. - */ - public ApplicationAID() { - m_appIDBytes = null; - } - - /** - * - * ApplicationAID class constructor, sets the app ID value bassed on the passed - * in buffer - * - * @param appIDBytes - */ - public ApplicationAID(byte[] appIDBytes) { - m_appIDBytes = appIDBytes; - } - - private byte[] m_appIDBytes; - - /** - * - * Sets the app id value - * - * @param appIDBytes Byte array with app id value - */ - public void setBytes(byte[] appIDBytes) { - m_appIDBytes = appIDBytes; - } - - /** - * - * Returns app id value - * - * @return Byte array with app id value - */ - public byte[] getBytes() { - return m_appIDBytes; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ApplicationProperties.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ApplicationProperties.java deleted file mode 100644 index 48ec382d..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ApplicationProperties.java +++ /dev/null @@ -1,162 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import gov.gsa.pivconformance.tlv.*; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.util.ArrayList; -import java.util.List; - -/** - * Encapsulates the application properties record for a PIV application, as - * described in SP800-73-4 part 2, table 3 - */ -public class ApplicationProperties { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(ApplicationProperties.class); - - private byte[] m_appPropertiesBytes; - private String m_url; - private String m_appLabel; - private List m_cryptoAlgs; - private byte[] m_coexistentTagAllocationAuthority; - private byte[] m_appID; - - /** - * ApplicationAID class constructor, initializes all the class fields. - */ - public ApplicationProperties() { - - m_appPropertiesBytes = null; - m_url = ""; - m_appLabel = ""; - m_cryptoAlgs = null; - m_cryptoAlgs = null; - m_coexistentTagAllocationAuthority = null; - m_appID = null; - } - - /** - * - * Sets the application properties value based on passed in parameter - * - * @param appPropertiesBytes Byte array with application properties value - */ - public void setBytes(byte[] appPropertiesBytes) { - - m_appPropertiesBytes = appPropertiesBytes; - - try { - BerTlvParser parser = new BerTlvParser(); - BerTlvs tlvs = parser.parse(appPropertiesBytes, 0, appPropertiesBytes.length); - - BerTag berAIDTag = new BerTag(TagConstants.AID_TAG); - BerTag berAppLabelTag = new BerTag(TagConstants.APPLICATION_LABEL); - BerTag berURLTag = new BerTag(TagConstants.UNIFORM_RESOURCE_LOCATOR); - BerTag berCryptAlgsTag = new BerTag(TagConstants.CRYPTOGRAPHIC_ALGORITHMS); - BerTag berCoexistentTagAllocationAuthorityTag = new BerTag( - TagConstants.COEXISTENT_TAG_ALLOCATION_AUTHORITY); - - BerTlv aidTlv = tlvs.find(berAIDTag); - BerTlv appLabelTlv = tlvs.find(berAppLabelTag); - BerTlv urlTlv = tlvs.find(berURLTag); - BerTlv CryptAlgsTlv = tlvs.find(berCryptAlgsTag); - BerTlv CoexistentTagAllocationAuthorityTlv = tlvs.find(berCoexistentTagAllocationAuthorityTag); - - if (aidTlv != null) { - m_appID = aidTlv.getBytesValue(); - } - - if (appLabelTlv != null) { - m_appLabel = new String(appLabelTlv.getBytesValue()); - } - - if (urlTlv != null) { - m_url = new String(urlTlv.getBytesValue()); - } - - if (CryptAlgsTlv != null) { - - m_cryptoAlgs = new ArrayList<>(); - List berTlvsList = CryptAlgsTlv.getValues(); - for (BerTlv tlv : berTlvsList) { - BerTag tag = tlv.getTag(); - m_cryptoAlgs.add(tag.bytes); - } - } - - if (CoexistentTagAllocationAuthorityTlv != null) { - List berTlvsList = CoexistentTagAllocationAuthorityTlv.getValues(); - for (BerTlv tlv : berTlvsList) { - if (tlv.isPrimitive() && tlv.isTag(berAIDTag)) { - m_coexistentTagAllocationAuthority = tlv.getBytesValue(); - } - } - } - - } catch (Exception ex) { - - s_logger.error("Unable to parse application properties data structure: {}", ex.getMessage(), ex); - } - } - - /** - * - * Returns a byte array with application properties value - * - * @return Byte array with application properties value - */ - public byte[] getBytes() { - return m_appPropertiesBytes; - } - - /** - * - * Returns application URL value - * - * @return String with application URL - */ - public String getURL() { - return m_url; - } - - /** - * - * Returns application label value - * - * @return String with application label - */ - public String getAppLabel() { - return m_appLabel; - } - - /** - * - * Returns list of cryptographic algorithms - * - * @return List of cryptographic algorithms - */ - public List getCryptoAlgs() { - return m_cryptoAlgs; - } - - /** - * - * Returns coexistent tag allocation authority - * - * @return Byte array with coexistent tag allocation authority - */ - public byte[] getCoexistentTagAllocationAuthority() { - return m_coexistentTagAllocationAuthority; - } - - /** - * - * Returns Application ID - * - * @return Byte array with Application ID - */ - public byte[] getAppID() { - return m_appID; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ArtifactWriter.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ArtifactWriter.java deleted file mode 100644 index 987589f4..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ArtifactWriter.java +++ /dev/null @@ -1,79 +0,0 @@ -/** - * - */ -package gov.gsa.pivconformance.card.client; - -import java.io.File; -import java.io.FileOutputStream; -import java.io.IOException; -import java.nio.file.Files; -import java.nio.file.Paths; -import java.util.ArrayList; -import java.util.HashMap; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * Manages the local artifact cache to minimize disk I/O - * - */ - -public class ArtifactWriter { - private static final Logger s_logger = LoggerFactory.getLogger(ArtifactWriter.class); - private String m_artifactDir = null; - private ArrayList m_artifactCache = null; - - public ArtifactWriter(String subDir) { - if (m_artifactDir == null) - init(subDir); - } - - void init(String subDir) { - String sep = File.separator; - String cwd = Paths.get(".").toAbsolutePath().normalize().toString(); - String artifactDir = null; - - artifactDir = cwd + sep + subDir; - - if (!Files.exists(Paths.get(artifactDir))) { - File file = new File(artifactDir); - boolean exists = file.mkdir(); - if (exists){ - s_logger.debug("Directory " + artifactDir + " created successfully"); - } else{ - System.out.println("Couldn’t create directory " + artifactDir); - } - } - - m_artifactCache = new ArrayList(); - m_artifactDir = artifactDir; - } - - /** - * Exports a container - * - * @param containerName - * @param bytes - * @return - */ - - public boolean saveObject(String containerName, byte[] bytes) { - boolean result = false; - if (!m_artifactCache.contains(bytes)) { - String filePath = m_artifactDir + File.separator + containerName; - try { - FileOutputStream fos = new FileOutputStream(filePath); - fos.write(bytes); - fos.close(); - s_logger.debug("Wrote " + filePath); - m_artifactCache.add(bytes); - result = true; - } catch (IOException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - return result; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/BiometricInformationTemplatesGroupTemplate.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/BiometricInformationTemplatesGroupTemplate.java deleted file mode 100644 index cf5511c7..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/BiometricInformationTemplatesGroupTemplate.java +++ /dev/null @@ -1,150 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import gov.gsa.pivconformance.tlv.*; -import org.apache.commons.codec.binary.Hex; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.util.Arrays; - -/** - * - * Encapsulates a Biometric Information Templates Group Template data object as - * defined by SP800-73-4 Part 2 Appendix A Table 41 - * - */ -public class BiometricInformationTemplatesGroupTemplate extends PIVDataObject { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(BiometricInformationTemplatesGroupTemplate.class); - - private byte[] m_numberOfFingers; - private byte[] m_bITForFirstFinger; - private byte[] m_bITForSecondFinger; - - /** - * BiometricInformationTemplatesGroupTemplate class constructor, initializes all - * the class fields. - */ - public BiometricInformationTemplatesGroupTemplate() { - m_numberOfFingers = null; - m_bITForFirstFinger = null; - m_bITForSecondFinger = null; - } - - /** - * - * Returns byte array containing number of fingers information - * - * @return Byte array containing number of fingers information - */ - public byte[] getNumberOfFingers() { - return m_numberOfFingers; - } - - /** - * - * Sets the number of fingers information - * - * @param numberOfFingers Byte array containing number of fingers information - */ - public void setNumberOfFingers(byte[] numberOfFingers) { - m_numberOfFingers = numberOfFingers; - } - - /** - * - * Returns the BIT information for the first finger - * - * @return Byte array containing BIT information for the first finger - */ - public byte[] getbITForFirstFinger() { - return m_bITForFirstFinger; - } - - /** - * - * Sets the BIT information for the first finger - * - * @param bITForFirstFinger Byte array containing BIT information for the first - * finger - */ - public void setbITForFirstFinger(byte[] bITForFirstFinger) { - m_bITForFirstFinger = bITForFirstFinger; - } - - /** - * - * Returns the BIT information for the second finger - * - * @return Byte array containing BIT information for the second finger - */ - public byte[] getbITForSecondFinger() { - return m_bITForSecondFinger; - } - - /** - * - * Sets the BIT information for the second finger - * - * @param bITForSecondFinger Byte array containing BIT information for the - * second finger - */ - public void setbITForSecondFinger(byte[] bITForSecondFinger) { - m_bITForSecondFinger = bITForSecondFinger; - } - - /** - * - * Decode function that decodes Biometric Information Templates Group Template - * object retrieved from the card and populates various class fields. - * - * @return True if decode was successful, false otherwise - */ - @Override - public boolean decode() { - - try { - byte[] rawBytes = this.getBytes(); - - if (rawBytes == null) { - s_logger.error("No buffer to decode for {}.", APDUConstants.oidNameMap.get(super.getOID())); - return false; - } - - BerTlvParser tlvp = new BerTlvParser(new CCTTlvLogger(this.getClass())); - BerTlv outer = tlvp.parseConstructed(rawBytes); - - if (outer == null) { - s_logger.error("Error parsing {}, unable to parse TLV value.", - APDUConstants.oidNameMap.get(super.getOID())); - return false; - } - - for (BerTlv tlv : outer.getValues()) { - byte[] tag = tlv.getTag().bytes; - if (Arrays.equals(tag, TagConstants.NUMBER_OF_FINGERS_TAG)) { - m_numberOfFingers = tlv.getBytesValue(); - } else if (Arrays.equals(tag, TagConstants.BIT_FOR_FIRST_FINGER_TAG)) { - - if (m_bITForFirstFinger == null) - m_bITForFirstFinger = tlv.getBytesValue(); - else - m_bITForSecondFinger = tlv.getBytesValue(); - - } else { - s_logger.warn("Unexpected tag: {} with value: {}", Hex.encodeHexString(tlv.getTag().bytes), - Hex.encodeHexString(tlv.getBytesValue())); - } - } - } catch (Exception ex) { - - s_logger.error("Error parsing {}: {}", APDUConstants.oidNameMap.get(super.getOID()), ex.getMessage()); - } - - if (m_numberOfFingers == null || m_bITForFirstFinger == null) - return false; - - dump(this.getClass()); - return true; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CachingDefaultPIVApplication.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CachingDefaultPIVApplication.java deleted file mode 100644 index a0472bf3..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CachingDefaultPIVApplication.java +++ /dev/null @@ -1,36 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import java.util.HashMap; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class CachingDefaultPIVApplication extends DefaultPIVApplication { - private static final Logger s_logger = LoggerFactory.getLogger(CachingDefaultPIVApplication.class); - - static HashMap m_containerMap = new HashMap(); - - // Cache the buffers coming back from pivGetData to minimize churn - @Override - public MiddlewareStatus pivGetData(CardHandle cardHandle, String OID, PIVDataObject data) { - MiddlewareStatus result = MiddlewareStatus.PIV_OK; - byte[] dataBytes = m_containerMap.get(OID); - if (dataBytes == null) { - result = super.pivGetData(cardHandle, OID, data); - if (result == MiddlewareStatus.PIV_OK) { - m_containerMap.put(OID, data.getBytes()); - } - } else { - data.setOID(OID); - data.setBytes(dataBytes); - } - return result; - } - - /** - * Clear cache - */ - public void clearCache() { - m_containerMap.clear(); - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CardCapabilityContainer.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CardCapabilityContainer.java deleted file mode 100644 index a4860bbb..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CardCapabilityContainer.java +++ /dev/null @@ -1,417 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import gov.gsa.pivconformance.tlv.*; -import org.apache.commons.codec.binary.Hex; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.io.ByteArrayOutputStream; -import java.util.ArrayList; -import java.util.List; -import java.util.Arrays; -import java.util.HashMap; - -/** - * - * Encapsulates a Card Capability Container data object as defined by SP800-73-4 - * Part 2 Appendix A Table 8 - * - */ -public class CardCapabilityContainer extends PIVDataObject { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(CardCapabilityContainer.class); - - private byte[] m_cardIdentifier; - private byte[] m_capabilityContainerVersionNumber; - private byte[] m_capabilityGrammarVersionNumber; - private List m_appCardURL; - private byte[] m_pkcs15; - private byte[] m_registeredDataModelNumber; - private byte[] m_accessControlRuleTable; - private boolean m_cardAPDUs; - private boolean m_redirectionTag; - private boolean m_capabilityTuples; - private boolean m_statusTuples; - private boolean m_nextCCC; - private List m_extendedApplicationCardURL; - private byte[] m_securityObjectBuffer; - private byte[] m_signedContent; - // private HashMap m_content; - - /** - * CardCapabilityContainer class constructor, initializes all the class fields. - */ - public CardCapabilityContainer() { - - m_cardIdentifier = null; - m_capabilityContainerVersionNumber = null; - m_capabilityGrammarVersionNumber = null; - m_appCardURL = null; - m_pkcs15 = null; - m_registeredDataModelNumber = null; - m_accessControlRuleTable = null; - m_cardAPDUs = false; - m_redirectionTag = false; - m_capabilityTuples = false; - m_statusTuples = false; - m_nextCCC = false; - m_extendedApplicationCardURL = null; - m_securityObjectBuffer = null; - setErrorDetectionCode(false); - setErrorDetectionCodeHasData(false); - m_content = new HashMap(); - } - - /** - * - * Returns byte array with signed content buffer - * - * @return Byte array with signed content buffer - */ - public byte[] getSignedContent() { - return m_signedContent; - } - - /** - * - * Sets the signed content buffer - * - * @param signedContent Byte array with signed content buffer - */ - public void setSignedContent(byte[] signedContent) { - m_signedContent = signedContent; - } - - /** - * - * Returns card identifier - * - * @return Byte array containing card identifier - */ - public byte[] getCardIdentifier() { - - return m_cardIdentifier; - } - - /** - * - * Returns capability container version number - * - * @return Byte array containing capability container version number - */ - public byte[] getCapabilityContainerVersionNumber() { - - return m_capabilityContainerVersionNumber; - } - - /** - * - * Returns capability grammar version number - * - * @return Byte array containing capability grammar version number - */ - public byte[] getCapabilityGrammarVersionNumber() { - - return m_capabilityGrammarVersionNumber; - } - - /** - * - * Returns a list of application card urls - * - * @return List of application card urls - */ - public List getAppCardURL() { - - return m_appCardURL; - } - - /** - * - * Returns PKCS15 value - * - * @return Byte array containing PKCS15 value - */ - public byte[] getPkcs15() { - - return m_pkcs15; - } - - /** - * - * Returns Registered Data Model number value - * - * @return Byte array containing Registered Data Model number - */ - public byte[] getRegisteredDataModelNumber() { - - return m_registeredDataModelNumber; - } - - /** - * - * Returns Access Control Rule Table value - * - * @return Byte array containing Access Control Rule Table value - */ - public byte[] getAccessControlRuleTable() { - - return m_accessControlRuleTable; - } - - /** - * - * Returns Card APDUs value - * - * @return Byte array containing Card APDUs value - */ - public boolean getCardAPDUs() { - - return m_cardAPDUs; - } - - /** - * - * Returns Redirection Tag value - * - * @return Byte array containing Redirection Tag value - */ - public boolean getRedirectionTag() { - - return m_redirectionTag; - } - - /** - * - * Returns Capability Tuples value - * - * @return Byte array containing Capability Tuples value - */ - public boolean getCapabilityTuples() { - - return m_capabilityTuples; - } - - /** - * - * Returns Status Tuples value - * - * @return Byte array containing Status Tuples value - */ - public boolean getStatusTuples() { - - return m_statusTuples; - } - - /** - * - * Returns Next CCC value - * - * @return Byte array containing Next CCC value - */ - public boolean getNextCCC() { - - return m_nextCCC; - } - - /** - * - * Returns a list of if Extended Application CardURL - * - * @return List of if Extended Application CardURL - */ - public List getExtendedApplicationCardURL() { - - return m_extendedApplicationCardURL; - } - - /** - * - * Returns Security Object Buffer value - * - * @return Byte array containing Security Object Buffer - */ - public byte[] getSecurityObjectBuffer() { - - return m_securityObjectBuffer; - } - - /** - * - * Decode function that decodes Card Capability Container object retrieved from - * the card and populates various class fields. - * - * @return True if decode was successful, false otherwise - */ - @Override - public boolean decode() { - - try { - byte[] raw = super.getBytes(); - - if (raw == null) { - s_logger.error("No buffer to decode for {}.", APDUConstants.oidNameMap.get(super.getOID())); - return false; - } - - BerTlvParser tp = new BerTlvParser(new CCTTlvLogger(CardCapabilityContainer.class)); - BerTlvs outer = tp.parse(raw); - - if (outer == null) { - s_logger.error("Error parsing CCC container, unable to parse TLV value 1."); - return false; - } - - List values = outer.getList(); - for (BerTlv tlv : values) { - if (tlv.isPrimitive()) { - s_logger.trace("Tag {}: {}", Hex.encodeHexString(tlv.getTag().bytes), - Hex.encodeHexString(tlv.getBytesValue())); - - BerTlvs outer2 = tp.parse(tlv.getBytesValue()); - - if (outer2 == null) { - s_logger.error("Error parsing CCC, unable to parse TLV value 2."); - return false; - } - - ByteArrayOutputStream scos = new ByteArrayOutputStream(); - List values2 = outer2.getList(); - for (BerTlv tlv2 : values2) { - if (tlv2.isPrimitive()) { - s_logger.trace("Tag {}: {}", Hex.encodeHexString(tlv2.getTag().bytes), - Hex.encodeHexString(tlv2.getBytesValue())); - } else { - super.m_tagList.add(tlv2.getTag()); - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.CARD_IDENTIFIER_TAG)) { - if (tlv2.hasRawValue()) { - m_cardIdentifier = tlv2.getBytesValue(); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.CARD_IDENTIFIER_TAG, m_cardIdentifier)); - } - } - if (Arrays.equals(tlv2.getTag().bytes, - TagConstants.CAPABILITY_CONTAINER_VERSION_NUMBER_TAG)) { - if (tlv2.hasRawValue()) { - m_capabilityContainerVersionNumber = tlv2.getBytesValue(); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.CAPABILITY_CONTAINER_VERSION_NUMBER_TAG, - m_capabilityContainerVersionNumber)); - } - } - if (Arrays.equals(tlv2.getTag().bytes, - TagConstants.CAPABILITY_GRAMMAR_VERSION_NUMBER_TAG)) { - if (tlv2.hasRawValue()) { - m_capabilityGrammarVersionNumber = tlv2.getBytesValue(); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.CAPABILITY_GRAMMAR_VERSION_NUMBER_TAG, - m_capabilityContainerVersionNumber)); - } - } - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.APPLICATIONS_CARDURL_TAG)) { - if (tlv2.hasRawValue()) { - - if (m_appCardURL == null) - m_appCardURL = new ArrayList<>(); - m_appCardURL.add(tlv2.getBytesValue()); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.APPLICATIONS_CARDURL_TAG, - tlv2.getBytesValue())); - } - } - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.PKCS15_TAG)) { - if (tlv2.hasRawValue()) { - m_pkcs15 = tlv2.getBytesValue(); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.PKCS15_TAG, m_pkcs15)); - } - } - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.REGISTERED_DATA_MODEL_NUMBER_TAG)) { - if (tlv2.hasRawValue()) { - m_registeredDataModelNumber = tlv2.getBytesValue(); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.REGISTERED_DATA_MODEL_NUMBER_TAG, - m_registeredDataModelNumber)); - } - } - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.ACCESS_CONTROL_RULE_TABLE_TAG)) { - if (tlv2.hasRawValue()) { - m_accessControlRuleTable = tlv2.getBytesValue(); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.ACCESS_CONTROL_RULE_TABLE_TAG, - m_accessControlRuleTable)); - } - } - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.CARD_APDUS_TAG)) { - m_cardAPDUs = true; - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.CARD_APDUS_TAG, tlv2.getBytesValue())); - } - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.REDIRECTION_TAG_TAG)) { - m_redirectionTag = true; - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.REDIRECTION_TAG_TAG, tlv2.getBytesValue())); - - } - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.CAPABILITY_TUPLES_TAG)) { - m_capabilityTuples = true; - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.CAPABILITY_TUPLES_TAG, tlv2.getBytesValue())); - } - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.STATUS_TUPLES_TAG)) { - m_statusTuples = true; - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.STATUS_TUPLES_TAG, tlv2.getBytesValue())); - } - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.NEXT_CCC_TAG)) { - m_nextCCC = true; - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.NEXT_CCC_TAG, tlv2.getBytesValue())); - } - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.EXTENDED_APPLICATION_CARDURL_TAG)) { - if (m_extendedApplicationCardURL == null) - m_extendedApplicationCardURL = new ArrayList<>(); - m_extendedApplicationCardURL.add(tlv2.getBytesValue()); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.EXTENDED_APPLICATION_CARDURL_TAG, - tlv2.getBytesValue())); - } - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.SECURITY_OBJECT_BUFFER_TAG)) { - m_securityObjectBuffer = tlv2.getBytesValue(); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.SECURITY_OBJECT_BUFFER_TAG, - tlv2.getBytesValue())); - } - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.ERROR_DETECTION_CODE_TAG)) { - setErrorDetectionCode(true); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(TagConstants.ERROR_DETECTION_CODE_TAG); - scos.write((byte) 0x00); - } - } - } - - m_signedContent = scos.toByteArray(); - - } else { - s_logger.info("Object: {}", Hex.encodeHexString(tlv.getTag().bytes)); - } - } - } catch (Exception ex) { - - s_logger.error("Error parsing CCC: {}", ex.getMessage()); - return false; - } - - if (m_cardIdentifier == null || m_capabilityContainerVersionNumber == null - || m_capabilityGrammarVersionNumber == null || m_appCardURL == null || m_pkcs15 == null - || m_registeredDataModelNumber == null || m_accessControlRuleTable == null || m_cardAPDUs == false - || m_redirectionTag == false || m_capabilityTuples == false || m_statusTuples == false - || m_nextCCC == false) { - return false; - } - - dump(this.getClass()); - return true; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CardClientException.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CardClientException.java deleted file mode 100644 index 5549f1b0..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CardClientException.java +++ /dev/null @@ -1,54 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -/** - * A class for card-related exceptions - */ -public class CardClientException extends Exception { - - /** - * - */ - private static final long serialVersionUID = 1L; - - /** - * - * Default constructor for CardClientException class - * - */ - public CardClientException() { - super(); - } - - /** - * - * Constructor for CardClientException class that takes a string with exception - * message - * - * @param message String with the exception message - */ - public CardClientException(String message) { - super(message); - } - - /** - * - * Constructor for CardClientException class that takes a string with exception - * message and a Throwable cause - * - * @param message String with the exception message - * @param cause Throwable cause - */ - public CardClientException(String message, Throwable cause) { - super(message, cause); - } - - /** - * - * Constructor for CardClientException class that takes a Throwable cause - * - * @param cause Throwable cause - */ - public CardClientException(Throwable cause) { - super(cause); - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CardHandle.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CardHandle.java deleted file mode 100644 index 9565de7a..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CardHandle.java +++ /dev/null @@ -1,115 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import javax.smartcardio.Card; -import javax.smartcardio.CardChannel; - -/** - * A class that serves the function of the handle objects passed around that - * encapsulate a connection to a card in SP800-73 - */ -public class CardHandle { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(CardHandle.class); - - /** - * - * Get the connection description object associated with this card handle - * - * @return ConnectionDescription that includes as CardTerminal object used to - * access the reader - */ - public ConnectionDescription getConnectionDescription() { - return m_connectionDescription; - } - - /** - * - * Set the connection description object that will be used by the card handle - * - * @param connectionDescription Connection description object - */ - public void setConnectionDescription(ConnectionDescription connectionDescription) { - m_connectionDescription = connectionDescription; - } - - /** - * - * Set the Card object that will be used by the card handle - * - * @param card Card object - */ - public void setCard(Card card) { - m_card = card; - } - - /** - * - * Get the Card object associated with this card handle - * - * @return Card object - */ - public Card getCard() { - return m_card; - } - - /** - * Initialize an invalid card handle object - */ - public CardHandle() { - m_connectionDescription = null; - m_card = null; - m_currentChannel = null; - m_valid = false; - } - - /** - * - * Get the current card channel - * - * @return CardChannel object - */ - public CardChannel getCurrentChannel() { - return m_currentChannel; - } - - /** - * - * Sets the current card channel - * - * @param currentChannel CardChannel object - */ - public void setCurrentChannel(CardChannel currentChannel) { - m_currentChannel = currentChannel; - } - - /** - * - * Returns trues if card handle is valid for accessing a PIV card - * - * @return true if the handle is valid for accessing a PIV card - */ - public boolean isValid() { - return m_valid; - } - - /** - * - * Sets the value that indicates the status of the card handle object - * - * sets the boolen value that indicates the status of card handle object - * - * @param valid - */ - public void setValid(boolean valid) { - m_valid = valid; - } - - private ConnectionDescription m_connectionDescription; - private boolean m_valid = false; - private Card m_card; - - private CardChannel m_currentChannel; - -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CardHolderBiometricData.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CardHolderBiometricData.java deleted file mode 100644 index 82f68483..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CardHolderBiometricData.java +++ /dev/null @@ -1,446 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import gov.gsa.pivconformance.tlv.*; -import org.apache.commons.codec.binary.Hex; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.util.Arrays; -import java.util.Collection; -import java.util.HashMap; -import java.util.List; -import java.util.Iterator; -import java.nio.ByteBuffer; -import java.security.cert.X509Certificate; - -import org.bouncycastle.util.Store; - -import org.bouncycastle.cms.SignerInformationStore; -import org.bouncycastle.cms.SignerInformation; -import org.bouncycastle.asn1.ASN1InputStream; -import org.bouncycastle.asn1.cms.ContentInfo; -import org.bouncycastle.cms.CMSSignedData; -import org.bouncycastle.cert.X509CertificateHolder; -import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; - -/** - * - * Container class that parses and stores information about Biometric Data - * elements. Biometric Data elements include Cardholder Fingerprints, Cardholder - * Facial Image and Cardholder Iris Image as defined by SP800-73-4 Part 2 - * Appendix A Table 11, Table 13 and Table 40 - * - */ -public class CardHolderBiometricData extends SignedPIVDataObject { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(CardHolderBiometricData.class); - - private byte[] m_biometricData; - private String m_biometricCreationDate; - private boolean m_errorDetectionCode; - private String m_validityPeriodFrom; - private String m_validityPeriodTo; - private byte[] m_biometricDataBlock; - private byte[] m_signatureBlock; - private byte[] m_cbeffContainer; - - /** - * CardholderBiometricData class constructor, initializes all the class fields. - */ - public CardHolderBiometricData() { - super(); - m_biometricData = null; - m_errorDetectionCode = false; - m_biometricCreationDate = null; - m_validityPeriodFrom = null; - m_validityPeriodTo = null; - m_biometricDataBlock = null; - m_signatureBlock = null; - m_cbeffContainer = null; - m_content = new HashMap(); - } - - /** - * - * Returns the CBEFF container value - * - * @return Byte array with CBEFF container value - */ - public byte[] getCbeffContainer() { - return m_cbeffContainer; - } - - /** - * - * Sets the CBEFF container value - * - * @param cbeffContainer Byte array with CBEFF container value - */ - public void setCbeffContainer(byte[] cbeffContainer) { - m_cbeffContainer = cbeffContainer; - } - - /** - * - * Returns a byte array with biometric data - * - * @return Byte array with biometric data - */ - public byte[] getBiometricData() { - return m_biometricData; - } - - /** - * - * Returns a byte array with the CMS - * - * @return Byte array with CMS - */ - public byte[] getSignatureBlock() { - return m_signatureBlock; - } - - /** - * - * Sets the biometric data - * - * @param biometricData Byte array with biometric data - */ - public void setBiometricData(byte[] biometricData) { - m_biometricData = biometricData; - } - - /** - * - * Returns true if error detection code is present, false otherwise - * - * @return Returns true if error detection code is present, false otherwise - */ - @Override - public boolean getErrorDetectionCode() { - return m_errorDetectionCode; - } - - /** - * - * Sets if error detection code is present - * - * @param errorDetectionCode Boolean indicating if error detection code is - * present - */ - @Override - public void setErrorDetectionCode(boolean errorDetectionCode) { - m_errorDetectionCode = errorDetectionCode; - } - - /** - * - * Returns biometric creation date value - * - * @return String indicating biometric creation date - */ - public String getBiometricCreationDate() { - return m_biometricCreationDate; - } - - /** - * - * Sets the biometric creation date - * - * @param biometricCreationDate String indicating biometric creation date - */ - public void setBiometricCreationDate(String biometricCreationDate) { - m_biometricCreationDate = biometricCreationDate; - } - - /** - * - * Returns the biometric data block - * - * @return Byte array containing biometric data block - */ - public byte[] getBiometricDataBlock() { - return m_biometricDataBlock; - } - - /** - * - * Sets the biometric data block - * - * @param biometricDataBlock Byte array containing biometric data block - */ - public void setBiometricDataBlock(byte[] biometricDataBlock) { - m_biometricDataBlock = biometricDataBlock; - } - - /** - * - * Returns the validity preriod from value - * - * @return String indicating validity from value - */ - public String getValidityPeriodFrom() { - return m_validityPeriodFrom; - } - - /** - * - * Sets the validity from value - * - * @param validityPeriodFrom String indicating validity from value - */ - public void setValidityPeriodFrom(String validityPeriodFrom) { - m_validityPeriodFrom = validityPeriodFrom; - } - - /** - * - * Returns the validity preriod to value - * - * @return String indicating validity to value - */ - public String getValidityPeriodTo() { - return m_validityPeriodTo; - } - - /** - * - * Sets the validity from value - * - * @param validityPeriodTo String indicating validity from value - */ - public void setValidityPeriodTo(String validityPeriodTo) { - m_validityPeriodTo = validityPeriodTo; - } - - /** - * - * Decode function that decodes biometric data object retrieved from the card - * and populates various class fields. - * - * @return True if decode was successful, false otherwise - */ - @Override - public boolean decode() { - - boolean certFound = false; - ByteArrayOutputStream signedContentOutputStream = new ByteArrayOutputStream(); - SignerInformationStore signers = null; - SignerInformation signer = null; - try { - byte[] rawBytes = this.getBytes(); - - s_logger.trace("rawBytes: {}", Hex.encodeHexString(rawBytes)); - - if (rawBytes == null) { - s_logger.error("No buffer to decode for {}.", APDUConstants.oidNameMap.get(super.getOID())); - return false; - } - - BerTlvParser tlvp = new BerTlvParser(new CCTTlvLogger(this.getClass())); - BerTlvs outer = tlvp.parse(rawBytes); - - if (outer == null) { - s_logger.error("Error parsing {}, unable to parse TLV value.", - APDUConstants.oidNameMap.get(super.getOID())); - return false; - } - - List values = outer.getList(); - for (BerTlv tlv : values) { - if (tlv.isPrimitive()) { - s_logger.trace("Tag {}: {}", Hex.encodeHexString(tlv.getTag().bytes), - Hex.encodeHexString(tlv.getBytesValue())); - - BerTlvs outer2 = tlvp.parse(tlv.getBytesValue()); - - if (outer2 == null) { - s_logger.error("Error parsing {}, unable to parse TLV value.", - APDUConstants.oidNameMap.get(super.getOID())); - return false; - } - - List values2 = outer2.getList(); - for (BerTlv tlv2 : values2) { - if (tlv2.isPrimitive()) { - s_logger.trace("Tag {}: {}", Hex.encodeHexString(tlv2.getTag().bytes), - Hex.encodeHexString(tlv2.getBytesValue())); - } else { - BerTag tag = tlv2.getTag(); - byte[] value = tlv2.getBytesValue(); - - super.m_tagList.add(tag); - if (Arrays.equals(tag.bytes, TagConstants.FINGERPRINT_I_AND_II_TAG) - && getOID().compareTo(APDUConstants.CARDHOLDER_FINGERPRINTS_OID) == 0) { - - setContainerName("Fingerprints"); - m_biometricData = value; - m_content.put(tag, value); - if (m_biometricData != null) - signedContentOutputStream.write( - APDUUtils.getTLV(TagConstants.FINGERPRINT_I_AND_II_TAG, m_biometricData)); - - } else if (Arrays.equals(tag.bytes, TagConstants.IMAGE_FOR_VISUAL_VERIFICATION_TAG) - && getOID().compareTo(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID) == 0) { - - setContainerName("ImageForVisualVerification"); - m_biometricData = value; - m_content.put(tag, value); - if (m_biometricData != null) - signedContentOutputStream.write(APDUUtils - .getTLV(TagConstants.IMAGE_FOR_VISUAL_VERIFICATION_TAG, m_biometricData)); - - } else if (Arrays.equals(tag.bytes, TagConstants.IMAGES_FOR_IRIS_TAG) - && getOID().compareTo(APDUConstants.CARDHOLDER_IRIS_IMAGES_OID) == 0) { - - setContainerName("ImagesForIris"); - m_biometricData = value; - m_content.put(tag, value); - if (m_biometricData != null) - signedContentOutputStream - .write(APDUUtils.getTLV(TagConstants.IMAGES_FOR_IRIS_TAG, m_biometricData)); - - } else if (Arrays.equals(tag.bytes, TagConstants.ERROR_DETECTION_CODE_TAG)) { - - m_errorDetectionCode = true; - m_content.put(tag, value); - if (m_biometricData != null) - signedContentOutputStream - .write(APDUUtils.getTLV(TagConstants.ERROR_DETECTION_CODE_TAG, value)); - - } else { - s_logger.warn("Unexpected tag: {} with value: {}", Hex.encodeHexString(tag.bytes), - Hex.encodeHexString(tlv2.getBytesValue())); - } - m_cbeffContainer = signedContentOutputStream.toByteArray(); - } - } - - // Break BC tag into Patron CBEFF header + BDB + SB - if (m_biometricData != null) { - s_logger.info("m_biometricData: {}", Hex.encodeHexString(m_biometricData)); - // Get Biometric data block (BDB) Length - byte[] biometricDataBlockLengthBytes = Arrays.copyOfRange(m_biometricData, 2, 6); - // Get Signature block (SB) Length - byte[] signatureDataBlockLengthBytes = Arrays.copyOfRange(m_biometricData, 6, 8); - - // Get Biometric Creation Date - m_biometricCreationDate = BytesToDateString(Arrays.copyOfRange(m_biometricData, 12, 20)); - // Get Validity Period From value - m_validityPeriodFrom = BytesToDateString(Arrays.copyOfRange(m_biometricData, 20, 28)); - // Get Validity Period To value - m_validityPeriodTo = BytesToDateString(Arrays.copyOfRange(m_biometricData, 28, 36)); - - // Convert Biometric data block (BDB) Length byte[] value to int - ByteBuffer wrapped = ByteBuffer.wrap(biometricDataBlockLengthBytes); - int biometricDataBlockLength = wrapped.getInt(); - - // Convert Signature block (SB) Length byte[] value to int - wrapped = ByteBuffer.wrap(signatureDataBlockLengthBytes); - int signatureDataBlockLength = wrapped.getShort(); - - m_biometricDataBlock = Arrays.copyOfRange(m_biometricData, 88, 88 + biometricDataBlockLength); - - m_signatureBlock = Arrays.copyOfRange(m_biometricData, 88 + biometricDataBlockLength, - 88 + biometricDataBlockLength + signatureDataBlockLength); - - // Decode the ContentInfo and get SignedData objects. - ByteArrayInputStream bIn = new ByteArrayInputStream(m_signatureBlock); - ASN1InputStream aIn = new ASN1InputStream(bIn); - // Set the ContentInfo structure in super class - setContentInfo(ContentInfo.getInstance(aIn.readObject())); - aIn.close(); - // Set the CMSSignedData object - setAsymmetricSignature(new CMSSignedData(getContentInfo())); - // Finally, see if there's a separate signer cert - CMSSignedData cmsSignedData = getAsymmetricSignature(); - - if (cmsSignedData != null) { - signers = cmsSignedData.getSignerInfos(); - - for (Iterator i = signers.getSigners().iterator(); i.hasNext();) { - signer = i.next(); - } - - // The biometric data block is the detached signed content - setSignedContent(Arrays.copyOfRange(m_biometricData, 0, 88 + biometricDataBlockLength)); - // Grab signed digest - setSignedAttrsDigest(signers); - // Precompute digest but don't compare -- let consumers do that - setComputedDigest(signer, getSignedContent()); - // Indicate this object needs a signature verification - setSigned(true); - - // Decode the ContentInfo and get SignedData object. - Store certs = cmsSignedData.getCertificates(); - signers = cmsSignedData.getSignerInfos(); - for (Iterator i = signers.getSigners().iterator(); i.hasNext();) { - signer = i.next(); - setDigestAlgorithmName(Algorithm.digAlgOidToNameMap.get(signer.getDigestAlgOID())); - setEncryptionAlgorithmName( - Algorithm.encAlgOidToNameMap.get(signer.getEncryptionAlgOID())); - @SuppressWarnings("unchecked") - Collection certCollection = certs.getMatches(signer.getSID()); - Iterator certIt = certCollection.iterator(); - if (certIt.hasNext()) { - X509CertificateHolder certHolder = certIt.next(); - // Note that setSignerCert internally increments a counter. If there are more - // than one - // cert in PKCS7 cert bags then the consumer class should throw an exception. - X509Certificate signerCert = new JcaX509CertificateConverter().setProvider("BC") - .getCertificate(certHolder); - if (signerCert != null) { - setSignerCert(signerCert); - setHasOwnSignerCert(true); - certFound = true; - // Extract signer's signature algorithm name and hang on to it. - setSignatureAlgorithmName(signerCert.getSigAlgName()); - } else { - s_logger.error("Can't extract signer certificate"); - } - } - } - } else { - s_logger.error("Null CMSSignedData"); - } - } - } - } - } catch (Exception ex) { - s_logger.error("Error parsing {}", APDUConstants.oidNameMap.get(super.getOID()), ex); - return false; - } - - String message = APDUConstants.oidNameMap.get(super.getOID()) + (certFound ? " had" : " did not have") - + " an embedded certificate"; - s_logger.trace(message); - - if (m_biometricData == null) - return false; - - dump(this.getClass()); - return true; - } - - /** - * - * Helper function that converts byte array to a date string - * - * @param buf Byte array to be converted - * @return String containing date value - */ - private String BytesToDateString(byte[] buf) { - if ((char) buf[buf.length - 1] != 'Z') { - throw new IllegalArgumentException("bcd byte array doesn't end with Z"); - } - StringBuilder outsb = new StringBuilder(); - for (int i = 0; i < buf.length - 1; ++i) { - int digits = buf[i] & 0xFF; - outsb.append(String.format("%02d", digits)); - } - outsb.append('Z'); - return outsb.toString(); - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ConnectionDescription.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ConnectionDescription.java deleted file mode 100644 index 908c39e5..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ConnectionDescription.java +++ /dev/null @@ -1,184 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import gov.gsa.pivconformance.tlv.BerTag; -import gov.gsa.pivconformance.tlv.BerTlv; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.smartcardio.CardException; -import javax.smartcardio.CardTerminal; -import javax.smartcardio.TerminalFactory; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.nio.ByteBuffer; -import java.util.Arrays; - -import gov.gsa.pivconformance.tlv.BerTlvParser; -import gov.gsa.pivconformance.tlv.BerTlvs; - -/** - * Encapsulates a connection description data object (tag 0x7F21) as defined by - * SP800-73-4 table 2 - */ -public class ConnectionDescription { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(ConnectionDescription.class); - - private CardTerminal m_reader; - - // Tag for Connection Description template - private static byte[] m_tag = new byte[] { (byte) 0x7F, (byte) 0x21 }; - // Tag for PC/SC device reader name - private static byte[] m_tagCRN = new byte[] { (byte) 0x81 }; - // Tag for Local Network node - private static byte[] m_tagLocal = new byte[] { (byte) 0x90, (byte) 0x00 }; - - /** - * Default c'tor is private - initialize using static factory methods. - */ - private ConnectionDescription() { - } - - /** - * - * Populate connection description data object based on information from - * CardTerminal - * - * @return Byte array containing Connection Description value - */ - public byte[] getBytes() { - - // Get reader name and bytes from the name - String readerName = m_reader.getName(); - byte[] readerNameBytes = readerName.getBytes(); - int readerNameBytesLen = readerNameBytes.length; - - // Get byte value of reader name length value - ByteBuffer bbuf = ByteBuffer.allocate(4); - bbuf.putInt(readerNameBytesLen); - byte[] readerNameBytesLenBuffer = bbuf.array(); - - // Get offset to ignore 0x00 value - int readerNameBytesLenBufferOffset = 0; - while (readerNameBytesLenBuffer[readerNameBytesLenBufferOffset] == 0x00) - readerNameBytesLenBufferOffset++; - - // Calcuate length value for the entire Connection Description Template - int readerNameBytesPlusTagLen = readerNameBytesLen + 1 + readerNameBytesLenBuffer.length - - readerNameBytesLenBufferOffset + m_tagLocal.length; - - // Get byte value of the total field length - ByteBuffer bbuf2 = ByteBuffer.allocate(4); - bbuf2.putInt(readerNameBytesPlusTagLen); - byte[] readerNameBytesPlusTagLenBuffer = bbuf2.array(); - - // Get offset to ignore 0x00 value - int readerNameBytesPlusTagLenBufferOffset = 0; - while (readerNameBytesPlusTagLenBuffer[readerNameBytesPlusTagLenBufferOffset] == 0x00) - readerNameBytesPlusTagLenBufferOffset++; - - ByteArrayOutputStream bufOut = new ByteArrayOutputStream(); - try { - bufOut.write(m_tag); - bufOut.write(readerNameBytesPlusTagLenBuffer, readerNameBytesLenBufferOffset, - readerNameBytesPlusTagLenBuffer.length - readerNameBytesPlusTagLenBufferOffset); - bufOut.write(m_tagCRN); - bufOut.write(readerNameBytesLenBuffer, readerNameBytesLenBufferOffset, - readerNameBytesLenBuffer.length - readerNameBytesLenBufferOffset); - bufOut.write(readerNameBytes); - bufOut.write(m_tagLocal); - } catch (IOException e) { - s_logger.error("Failed to write to buffer", e); - return null; - } - return bufOut.toByteArray(); - } - - /** - * - * Create a ConnectionDescription object from a javax.smartcardio.CardTerminal - * - * @return ConnectionDescription used to interact with a PIV card in the - * specified terminal - */ - public static ConnectionDescription createFromTerminal(CardTerminal reader) { - ConnectionDescription rv = new ConnectionDescription(); - rv.m_reader = reader; - return rv; - } - - /** - * - * Given the data object described in SP800-73-4 table 2, create a new - * connection description object - * - * @param data Byte array containing Connection Description info from which - * ConnectionDescription object will be constructed - * @return ConnectionDescription Object - */ - public static ConnectionDescription createFromBuffer(byte[] data) { - ConnectionDescription rv = new ConnectionDescription(); - - byte readerNameBytes[] = null; - - BerTag berTagCRN = new BerTag(m_tagCRN); - BerTag berTag = new BerTag(m_tag); - - BerTlvParser parser = new BerTlvParser(); - BerTlvs tlvs = parser.parse(data, 0, data.length); - BerTlv crnTlv = tlvs.find(berTag); - BerTlv crnTlvCRN = tlvs.find(berTagCRN); - - if (crnTlv == null) { - s_logger.error("Unable to find tag for ConnectionDescription"); - return null; - } - - if (crnTlvCRN != null) - readerNameBytes = crnTlvCRN.getBytesValue(); - else { - s_logger.error("Unable to find card reader name in the ConnectionDescription value"); - return null; - } - - if (readerNameBytes == null) { - s_logger.error("Unable to find card reader name in the ConnectionDescription value"); - return null; - } - - try { - - TerminalFactory tf2 = TerminalFactory.getDefault(); - s_logger.info("Attempting to list card terminals"); - try { - for (CardTerminal ct : tf2.terminals().list()) { - - if (Arrays.equals(readerNameBytes, ct.getName().getBytes())) { - - rv.m_reader = ct; - } - } - } catch (CardException e) { - s_logger.error("Unable to enumerate card terminals", e); - return null; - } - - } catch (Exception ex) { - - s_logger.info("Exception : {}", ex.getMessage()); - } - - return rv; - } - - /** - * - * Get the reader that will be used to actually send/receive APDUs from the card - * - * @return CardTerminal object - */ - public CardTerminal getTerminal() { - return m_reader; - } - -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/DefaultPIVApplication.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/DefaultPIVApplication.java deleted file mode 100644 index 473fcdb7..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/DefaultPIVApplication.java +++ /dev/null @@ -1,44 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import org.apache.commons.codec.binary.Hex; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * A default implementation of the PIV application interface that will be used - * by the test harness in most cases. - */ -public class DefaultPIVApplication extends AbstractPIVApplication { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(DefaultPIVApplication.class); - - /** - * - * Set the PIV Card Application as the currently selected card application and - * establish the PIV Card Applicationâs security state. - * - * @param cardHandle CardHandle object that encapsulates connection - * to a card - * @param applicationAID ApplicationAID object containing the AID of the - * PIV Card Application - * @param applicationProperties ApplicationProperties object containing - * application properties of the selected PIV Card - * Application - * @return - */ - @Override - public MiddlewareStatus pivSelectCardApplication(CardHandle cardHandle, ApplicationAID applicationAID, - ApplicationProperties applicationProperties) { - s_logger.debug("pivSelectCardApplication()"); - // For now, if the caller did not specify an AID, use the default. - byte[] aid = applicationAID.getBytes(); - if (aid == null) { - s_logger.info("Using default AID ({}) to select PIV application", - Hex.encodeHexString(APDUConstants.PIV_APPID)); - applicationAID.setBytes(APDUConstants.PIV_APPID); - } - MiddlewareStatus rv = super.pivSelectCardApplication(cardHandle, applicationAID, applicationProperties); - s_logger.debug("pivSelectCardApplication() returning {}", rv); - return rv; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/DiscoveryObject.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/DiscoveryObject.java deleted file mode 100644 index 0cfc9743..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/DiscoveryObject.java +++ /dev/null @@ -1,276 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import gov.gsa.pivconformance.tlv.*; -import org.apache.commons.codec.binary.Hex; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.io.ByteArrayOutputStream; -import java.util.Arrays; -import java.util.HashMap; - -/** - * - * Encapsulates a Discovery Object data object as defined by SP800-73-4 Part 2 - * Appendix A Table 18 - * - */ -public class DiscoveryObject extends PIVDataObject { - - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(DiscoveryObject.class); - - private byte[] m_aid; - private byte[] m_pinPolicy; - private boolean m_globalPINSatisfiesACR; - private boolean m_appPINSatisfiesACR; - private boolean m_globalPINisPrimary; - private boolean m_occSatisfiesACR; - private byte[] m_signedContent; - - /** - * DiscoveryObject class constructor, initializes all the class fields. - */ - public DiscoveryObject() { - m_aid = null; - m_pinPolicy = null; - m_signedContent = null; - m_content = new HashMap(); - } - - /** - * - * Returns byte array with signed content - * - * @return Byte array with signed content buffer - */ - public byte[] getSignedContent() { - return m_signedContent; - } - - /** - * - * Sets the signed content value - * - * @param signedContent Byte array with signed content buffer - */ - public void setSignedContent(byte[] signedContent) { - m_signedContent = signedContent; - } - - /** - * - * Returns PIV Card Application AID value - * - * @return Byte array containing PIV Card Application AID value - */ - public byte[] getAid() { - return m_aid; - } - - /** - * - * Sets the PIV Card Application AID value - * - * @param aid Byte array containing PIV Card Application AID value - */ - public void setAid(byte[] aid) { - m_aid = aid; - } - - /** - * - * Returns PIN Usage Policy value - * - * @return Byte array containing PIN Usage Policy value - */ - public byte[] getPinPolicy() { - return m_pinPolicy; - } - - /** - * - * Sets the PIN Usage Policy value - * - * @param pinPolicy Byte array containing PIN Usage Policy value - */ - public void setPinPolicy(byte[] pinPolicy) { - m_pinPolicy = pinPolicy; - } - - /** - * - * Returns true if Global PIN satisfies the PIV ACRs, false otherwise - * - * @return True if Global PIN satisfies the PIV ACRs, false otherwise - */ - public boolean globalPINSatisfiesACR() { - return m_globalPINSatisfiesACR; - } - - /** - * - * Sets if Global PIN satisfies the PIV ACRs, false otherwise - * - * @param globalPINSatisfiesACR True if Global PIN satisfies the PIV ACRs, false - * otherwise - */ - public void setGlobalPINSatisfiesACR(boolean globalPINSatisfiesACR) { - m_globalPINSatisfiesACR = globalPINSatisfiesACR; - } - - /** - * - * Returns true if Global PIN is primary, false otherwise - * - * @return True if Global PIN is primary, false otherwise - */ - public boolean globalPINisPrimary() { - return m_globalPINisPrimary; - } - - /** - * - * Sets if Global PIN is primary - * - * @param globalPINisPrimary True if Global PIN is primary, false otherwise - */ - public void setGlobalPINisPrimary(boolean globalPINisPrimary) { - m_globalPINisPrimary = globalPINisPrimary; - } - - // XXX *** MOVE this - - /** - * - * Helper function to determine if byte if set at a given position - * - * @param field Byte value - * @param position Integer specifying the position to check - * @return True if set, false otherwise - */ - private boolean is_set(byte field, int position) { - return ((field >> position) & 1) == 1; - } - - /** - * - * Returns true if App PIN satisfies the PIV ACRs, false otherwise - * - * @return True if App PIN satisfies the PIV ACRs, false otherwise - */ - public boolean appPINSatisfiesACR() { - return m_appPINSatisfiesACR; - } - - /** - * - * Sets if App PIN satisfies the PIV ACRs - * - * @param appPINSatisfiesACR True if App PIN satisfies the PIV ACRs, false - * otherwise - */ - public void setAppPINSatisfiesACR(boolean appPINSatisfiesACR) { - m_appPINSatisfiesACR = appPINSatisfiesACR; - } - - /** - * - * Returns true if OCC satisfies the PIV ACRs, false otherwise - * - * @return True if OCC satisfies the PIV ACRs, false otherwise - */ - public boolean occSatisfiesACR() { - return m_occSatisfiesACR; - } - - /** - * - * Sets if OCC satisfies the PIV ACRs - * - * @param occSatisfiesACR True if OCC satisfies the PIV ACRs, false otherwise - */ - public void setOccSatisfiesACR(boolean occSatisfiesACR) { - m_occSatisfiesACR = occSatisfiesACR; - } - - /** - * - * Decode function that decodes Discovery Object object retrieved from the card - * and populates various class fields. - * - * @return True if decode was successful, false otherwise - */ - @Override - public boolean decode() { - byte[] rawBytes = this.getBytes(); - s_logger.trace("rawBytes: {}", Hex.encodeHexString(rawBytes)); - if (rawBytes.length == 0) { - s_logger.info("DiscoveryObject.decode() called for empty discovery object."); - return false; - } - - try { - BerTlvParser tlvp = new BerTlvParser(new CCTTlvLogger(this.getClass())); - BerTlv outer = tlvp.parseConstructed(rawBytes); - - ByteArrayOutputStream scos = new ByteArrayOutputStream(); - for (BerTlv tlv : outer.getValues()) { - byte[] tag = tlv.getTag().bytes; - super.m_tagList.add(tlv.getTag()); - if (Arrays.equals(tag, TagConstants.PIV_CARD_APPLICATION_AID_TAG)) { - - m_aid = tlv.getBytesValue(); - m_content.put(tlv.getTag(), tlv.getBytesValue()); - - scos.write(APDUUtils.getTLV(TagConstants.PIV_CARD_APPLICATION_AID_TAG, m_aid)); - } else if (Arrays.equals(tag, TagConstants.PIN_USAGE_POLICY_TAG)) { - - m_pinPolicy = tlv.getBytesValue(); - m_content.put(tlv.getTag(), tlv.getBytesValue()); - - scos.write(APDUUtils.getTLV(TagConstants.PIN_USAGE_POLICY_TAG, m_pinPolicy)); - - m_globalPINisPrimary = false; - m_globalPINSatisfiesACR = false; - m_appPINSatisfiesACR = false; - m_occSatisfiesACR = false; - - if (is_set(m_pinPolicy[0], 8)) { - s_logger.error("PIN Policy bit 8 was set"); - } - if (is_set(m_pinPolicy[0], 7)) { - m_appPINSatisfiesACR = true; - } - if (is_set(m_pinPolicy[0], 6)) { - m_globalPINSatisfiesACR = true; - if (m_pinPolicy[1] == 0x20) { - m_globalPINisPrimary = true; - } - } - if (is_set(m_pinPolicy[0], 5)) { - m_occSatisfiesACR = true; - } - - } else { - s_logger.warn("Unexpected tag: {} with value: {}", Hex.encodeHexString(tlv.getTag().bytes), - Hex.encodeHexString(tlv.getBytesValue())); - } - } - - m_signedContent = scos.toByteArray(); - - } catch (Exception ex) { - - s_logger.error("Error parsing {}: {}", APDUConstants.oidNameMap.get(super.getOID()), ex.getMessage()); - return false; - } - - if (m_aid == null || m_pinPolicy == null) - return false; - - dump(this.getClass()); - return true; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/IPIVApplication.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/IPIVApplication.java deleted file mode 100644 index 575f0291..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/IPIVApplication.java +++ /dev/null @@ -1,117 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -/** - * This interface encapsulates the entry points for data access from SP800-73. - * - * Defined as an interface to allow per-card implementations to differ. - * - */ -public interface IPIVApplication { - - /** - * pivSelectCardApplication from SP800-73-4 part 3 section 3.2.1 - * - * @param cardHandle Opaque identifier of the card to be acted upon - * as returned by pivConnect. - * @param applicationAID The AID of the PIV Card Application that is to - * become the currently selected card application. - * @param applicationProperties The application properties of the selected PIV - * Card Application. See Part 2, Table 3. - * @return MiddlewareStatus value indicating the result of the function call - */ - MiddlewareStatus pivSelectCardApplication(CardHandle cardHandle, ApplicationAID applicationAID, - ApplicationProperties applicationProperties); - - /** - * pivEstablishSecureMessaging from SP800-73-4 part 3 section 3.2.2 - * - * @param cardHandle Opaque identifier of the card to be acted upon as * - * returned by pivConnect. - * @return MiddlewareStatus value indicating the result of the function call - */ - MiddlewareStatus pivEstablishSecureMessaging(CardHandle cardHandle); - - /** - * pivLogIntoCardApplication from SP800-73-4 part 3 section 3.2.3 - * - * @param cardHandle Opaque identifier of the card to be acted upon as - * returned by pivConnect. - * @param authenticators A sequence of zero or more BER-TLV encoded - * authenticators to be used to authenticate and set - * security state/status in the PIV Card Application - * contex - * @return MiddlewareStatus value indicating the result of the function call - */ - MiddlewareStatus pivLogIntoCardApplication(CardHandle cardHandle, byte[] authenticators); - - /** - * pivGetData from SP800-73-4 part 3 section 3.2.4 - * - * @param cardHandle Opaque identifier of the card to be acted upon as returned - * by pivConnect. - * @param OID Object identifier of the object whose data content is to be - * retrieved coded as a string - * @param data Retrieved data content stored in PIVDataObject object - * @return MiddlewareStatus value indicating the result of the function call - */ - MiddlewareStatus pivGetData(CardHandle cardHandle, String OID, PIVDataObject data); - - /** - * pivLogoutOfCardApplication from SP800-73-4 part 3 section 3.2.5 - reset - * application security status of PIV card application - * - * @param cardHandle Opaque identifier of the card to be acted upon as returned - * by pivConnect. - * @return MiddlewareStatus value indicating the result of the function call - */ - MiddlewareStatus pivLogoutOfCardApplication(CardHandle cardHandle); - - /** - * pivCrypt from SP800-73-4 part 3 section 3.3.1 - * - * @param cardHandle Opaque identifier of the card to be acted upon as - * returned by pivConnect. - * @param algorithmIdentifier Identifier of the cryptographic algorithm to be - * used for the cryptographic operation. - * @param keyReference Identifier of the on-card key to be used for the - * cryptographic operation. - * @param algorithmInput Sequence of bytes used as the input to the - * cryptographic operation stored in PIVDataObject - * object. - * @param algorithmOutput Sequence of bytes output by the cryptographic - * operation stored in PIVDataObject object. - * @return MiddlewareStatus value indicating the result of the function call - */ - MiddlewareStatus pivCrypt(CardHandle cardHandle, byte algorithmIdentifier, byte keyReference, - PIVDataObject algorithmInput, PIVDataObject algorithmOutput); - - /** - * - * pivPutData from SP800-73-4 part 3 section 3.4.1 - * - * @param cardHandle Opaque identifier of the card to be acted upon as returned - * by pivConnect. - * @param OID Object identifier of the object whose data content is to be - * replaced coded as a String. - * @param data Data to be used to replace in its entirety the data content - * of the named data object stored in PIVDataObject object - * @return MiddlewareStatus value indicating the result of the function call - */ - MiddlewareStatus pivPutData(CardHandle cardHandle, String OID, PIVDataObject data); - - /** - * - * pivGenerateKeyPair from SP800-73-4 part 3 section 3.4.2 - * - * @param cardHandle Opaque identifier of the card to be acted upon - * as returned by pivConnect. - * @param keyReference The key reference of the generated key pair. - * @param cryptographicMechanism The type of key pair to be generated. - * @param publicKey BER-TLV data objects defining the public key of - * the generated key pair stored in PIVDataObject - * object. - * @return MiddlewareStatus value indicating the result of the function call - */ - MiddlewareStatus pivGenerateKeyPair(CardHandle cardHandle, byte keyReference, byte cryptographicMechanism, - PIVDataObject publicKey); -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/KeyHistoryObject.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/KeyHistoryObject.java deleted file mode 100644 index 900ec067..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/KeyHistoryObject.java +++ /dev/null @@ -1,141 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import gov.gsa.pivconformance.tlv.*; -import org.apache.commons.codec.binary.Hex; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.util.Arrays; -import java.util.HashMap; -import java.util.List; - -/** - * - * Encapsulates a Key History data object as defined by SP800-73-4 Part 2 - * Appendix A Table 19 - * - */ -public class KeyHistoryObject extends PIVDataObject { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(KeyHistoryObject.class); - // initialize to -1 so we can differentiate between no key history and failure - // to decode - private int m_keysWithOnCardCerts = -1; - private int m_keysWithOffCardCerts = -1; - private byte[] m_offCardCertUrl; - - public KeyHistoryObject() { - m_content = new HashMap(); - } - - // XXX *** This should probably land in the base class, but at least for this - // test, it won't - private byte[] m_tlvBuf = null; - - public byte[] getTlvBuf() { - return m_tlvBuf; - } - - /** - * - * Returns Integer containing keysWithOnCardCerts value - * - * @return Integer containing keysWithOnCardCerts value - */ - public int getKeysWithOnCardCerts() { - return m_keysWithOnCardCerts; - } - - /** - * - * Sets the keysWithOnCardCerts value - * - * @param keysWithOnCardCerts Integer containing keysWithOnCardCerts value - */ - public void setKeysWithOnCardCerts(int keysWithOnCardCerts) { - m_keysWithOnCardCerts = keysWithOnCardCerts; - } - - /** - * - * Returns Integer containing keysWithOffCardCerts value - * - * @return Integer containing keysWithOffCardCerts value - */ - public int getKeysWithOffCardCerts() { - return m_keysWithOffCardCerts; - } - - /** - * - * Sets the keysWithOffCardCerts value - * - * @param keysWithOffCardCerts Integer containing keysWithOffCardCerts value - */ - public void setKeysWithOffCardCerts(int keysWithOffCardCerts) { - m_keysWithOffCardCerts = keysWithOffCardCerts; - } - - /** - * - * Returns byte array containing offCardCertUrl value - * - * @return Byte array containing offCardCertUrl value - */ - public byte[] getOffCardCertUrl() { - return m_offCardCertUrl; - } - - /** - * - * Sets the offCardCertUrl value - * - * @param offCardCertUrl Byte array containing offCardCertUrl value - */ - public void setOffCardCertUrl(byte[] offCardCertUrl) { - m_offCardCertUrl = offCardCertUrl; - } - - /** - * - * Decode function that decodes Key History Object retrieved from the card and - * populates various class fields. - * - * @return True if decode was successful, false otherwise - */ - @Override - public boolean decode() { - byte[] rawBytes = this.getBytes(); - BerTlvParser tlvp = new BerTlvParser(new CCTTlvLogger(this.getClass())); - BerTlvs outer = tlvp.parse(rawBytes); - List outerTlvs = outer.getList(); - if (outerTlvs.size() == 1 && outerTlvs.get(0).isTag(new BerTag(0x53))) { - m_tlvBuf = outerTlvs.get(0).getBytesValue(); - outer = tlvp.parse(m_tlvBuf); - } - for (BerTlv tlv : outer.getList()) { - byte[] tag = tlv.getTag().bytes; - if (Arrays.equals(tag, TagConstants.KEYS_WITH_ON_CARD_CERTS_TAG)) { - m_keysWithOnCardCerts = tlv.getIntValue(); - m_content.put(tlv.getTag(), tlv.getBytesValue()); - } else if (Arrays.equals(tag, TagConstants.KEYS_WITH_OFF_CARD_CERTS_TAG)) { - m_keysWithOffCardCerts = tlv.getIntValue(); - m_content.put(tlv.getTag(), tlv.getBytesValue()); - } else if (Arrays.equals(tag, TagConstants.OFF_CARD_CERT_URL_TAG)) { - m_offCardCertUrl = tlv.getBytesValue(); - m_content.put(tlv.getTag(), tlv.getBytesValue()); - } else if (!Arrays.equals(tag, TagConstants.ERROR_DETECTION_CODE_TAG) && tlv.getBytesValue().length != 0) { - m_content.put(tlv.getTag(), tlv.getBytesValue()); - s_logger.warn("Unexpected tag: {} with value: {}", Hex.encodeHexString(tlv.getTag().bytes), - Hex.encodeHexString(tlv.getBytesValue())); - } - s_logger.info("found tag: {}", Hex.encodeHexString(tag)); - } - - if (m_keysWithOnCardCerts == -1 || m_keysWithOffCardCerts == -1) - return false; - - dump(this.getClass()); - return true; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/MiddlewareStatus.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/MiddlewareStatus.java deleted file mode 100644 index fe2e6677..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/MiddlewareStatus.java +++ /dev/null @@ -1,15 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -/** - * - * Enumeration containing PIV Client Application Programming Interface return - * codes - * - */ -public enum MiddlewareStatus { - PIV_OK, PIV_CONNECTION_DESCRIPTION_MALFORMED, PIV_CONNECTION_FAILURE, PIV_CONNECTION_LOCKED, - PIV_INVALID_CARD_HANDLE, PIV_CARD_READER_ERROR, PIV_INVALID_OID, PIV_DATA_OBJECT_NOT_FOUND, - PIV_SECURITY_CONDITIONS_NOT_SATISFIED, PIV_SM_FAILED, PIV_INSUFFICIENT_BUFFER, PIV_CARD_APPLICATION_NOT_FOUND, - PIV_AUTHENTICATION_FAILURE, PIV_AUTHENTICATOR_MALFORMED, PIV_UNSUPPORTED_CRYPTOGRAPHIC_MECHANISM, - PIV_INVALID_KEY_OR_KEYALG_COMBINATION, PIV_FUNCTION_NOT_SUPPORTED, PIV_INSUFFICIENT_CARD_RESOURCE -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/OtherName.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/OtherName.java deleted file mode 100644 index 69ba2e0a..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/OtherName.java +++ /dev/null @@ -1,91 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -// Used from the bouncy castle git repo under the same license as bouncycastle itself. - -import org.bouncycastle.asn1.ASN1Encodable; -import org.bouncycastle.asn1.ASN1EncodableVector; -import org.bouncycastle.asn1.ASN1Object; -import org.bouncycastle.asn1.ASN1ObjectIdentifier; -import org.bouncycastle.asn1.ASN1Primitive; -import org.bouncycastle.asn1.ASN1Sequence; -import org.bouncycastle.asn1.ASN1TaggedObject; -import org.bouncycastle.asn1.DERSequence; -import org.bouncycastle.asn1.DERTaggedObject; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The OtherName object. - * - * 
- * OtherName ::= SEQUENCE {
- *      type-id    OBJECT IDENTIFIER,
- *      value      [0] EXPLICIT ANY DEFINED BY type-id }
- *
- */ -public class OtherName extends ASN1Object { - private static final Logger s_logger = LoggerFactory.getLogger(OtherName.class); - - private final ASN1ObjectIdentifier typeID; - private final ASN1Encodable value; - - /** - * OtherName factory method. - * - * @param obj the object used to construct an instance of - * OtherName. It must be an instance of OtherName - * or ASN1Sequence. - * @return the instance of OtherName built from the supplied - * object. - * @throws java.lang.IllegalArgumentException if the object passed to the - * factory is not an instance of - * OtherName or - * something that can be converted - * into an appropriate - * ASN1Sequence. - */ - public static OtherName getInstance(Object obj) { - - if (obj instanceof OtherName) { - return (OtherName) obj; - } else if (obj != null) { - return new OtherName(ASN1Sequence.getInstance(obj)); - } - - return null; - } - - /** - * Base constructor. - * - * @param typeID the type of the other name. - * @param value the ANY object that represents the value. - */ - public OtherName(ASN1ObjectIdentifier typeID, ASN1Encodable value) { - this.typeID = typeID; - this.value = value; - } - - private OtherName(ASN1Sequence seq) { - this.typeID = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0)); - this.value = ASN1TaggedObject.getInstance(seq.getObjectAt(1)).getObject(); // explicitly tagged - } - - public ASN1ObjectIdentifier getTypeID() { - return typeID; - } - - public ASN1Encodable getValue() { - return value; - } - - @Override - public ASN1Primitive toASN1Primitive() { - ASN1EncodableVector v = new ASN1EncodableVector(); - - v.add(typeID); - v.add(new DERTaggedObject(true, 0, value)); - - return new DERSequence(v); - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVApplicationException.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVApplicationException.java deleted file mode 100644 index 9578cf63..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVApplicationException.java +++ /dev/null @@ -1,58 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * A base class for exceptions thrown by PIV application methods - */ -public class PIVApplicationException extends Exception { - private static final Logger s_logger = LoggerFactory.getLogger(PIVApplicationException.class); - - /** - * - */ - private static final long serialVersionUID = 1L; - - /** - * - * Default constructor for PIVApplicationException class - * - */ - public PIVApplicationException() { - super(); - } - - /** - * - * Constructor for PIVApplicationException class that takes a string with - * exception message - * - * @param message String with the exception message - */ - public PIVApplicationException(String message) { - super(message); - } - - /** - * - * Constructor for PIVApplicationException class that takes a string with - * exception message and a Throwable cause - * - * @param message String with the exception message - * @param cause Throwable cause - */ - public PIVApplicationException(String message, Throwable cause) { - super(message, cause); - } - - /** - * - * Constructor for PIVApplicationException class that takes a Throwable cause - * - * @param cause Throwable cause - */ - public PIVApplicationException(Throwable cause) { - super(cause); - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVAuthenticator.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVAuthenticator.java deleted file mode 100644 index e4323444..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVAuthenticator.java +++ /dev/null @@ -1,96 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import gov.gsa.pivconformance.tlv.TagConstants; - -import java.util.Arrays; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * A class that serves the function of the handle objects passed around that - * encapsulate authenticator information - */ -public class PIVAuthenticator { - private static final Logger s_logger = LoggerFactory.getLogger(PIVAuthenticator.class); - - byte m_type; - byte[] m_data; - - /** - * - * Constructor that initializes PIVAuthenticator object based on passed in - * parameter - * - * @param type Authenticator type either an Application Pin or a Global PIN - * @param data String object containing the pin information - */ - public PIVAuthenticator(byte type, String data) { - this(type, data.getBytes()); - } - - /** - * - * Constructor that initializes PIVAuthenticator object based on passed in - * parameter - * - * @param type Authenticator type either an Application Pin or a Global PIN - * @param data Byte array object containing the pin information - */ - public PIVAuthenticator(byte type, byte[] data) { - m_type = type; - if (m_type == TagConstants.KEY_REFERENCE_APPLICATION_PIN_TAG - || m_type == TagConstants.KEY_REFERENCE_GLOBAL_PIN_TAG) { - if (data.length == 0) { - m_data = new byte[0]; - } else { - if (data.length > 8 || data.length < 6) { - throw new IllegalArgumentException("PIN must be between 6 and 8 digits"); - } - m_data = Arrays.copyOf(data, 8); - Arrays.fill(m_data, data.length, m_data.length, (byte) 0xff); - } - } - } - - /** - * - * Get the authenticator type - * - * @return Byte identifying authenticator type - */ - public byte getType() { - return m_type; - } - - /** - * - * Set the authenticator type - * - * @param type byte containing authenticator type - */ - public void setType(byte type) { - m_type = type; - } - - /** - * - * Get the pin information - * - * @return Byte array containing pin information - */ - public byte[] getData() { - return m_data; - } - - /** - * - * Set the pin - * - * @param data byte array containing pin information - */ - public void setData(byte[] data) { - m_data = data; - } - -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVAuthenticators.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVAuthenticators.java deleted file mode 100644 index 86824c5d..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVAuthenticators.java +++ /dev/null @@ -1,111 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import gov.gsa.pivconformance.tlv.*; -import java.util.ArrayList; -import java.util.List; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * A class that serves the function of the handle to a list of authenticator - * objects in SP800-73 - */ -public class PIVAuthenticators { - private static final Logger s_logger = LoggerFactory.getLogger(PIVAuthenticators.class); - - private ArrayList m_authenticators = new ArrayList(); - - /** - * - * Get the list of authenticators - * - * @return List of PIVAuthenticator objects - */ - public List getAuthenticators() { - return m_authenticators; - } - - /** - * - * Add a global pin authenticator object - * - * @param pin String containing pin value - */ - public void addGlobalPin(String pin) { - PIVAuthenticator a = new PIVAuthenticator(TagConstants.KEY_REFERENCE_GLOBAL_PIN_TAG, pin); - m_authenticators.add(a); - } - - /** - * - * Add an application pin authenticator object - * - * @param pin String containing pin value - */ - public void addApplicationPin(String pin) { - PIVAuthenticator a = new PIVAuthenticator(TagConstants.KEY_REFERENCE_APPLICATION_PIN_TAG, pin); - m_authenticators.add(a); - } - - /** - * - * Returns a byte array representation of a list of authenticator objects - * - * @return Byte array containing authenticator list - */ - public byte[] getBytes() { - byte[] rv = {}; - if (m_authenticators.size() == 0) - return rv; - BerTlvBuilder b = new BerTlvBuilder(); - for (PIVAuthenticator authenticator : m_authenticators) { - b.addBytes(new BerTag(TagConstants.REFERENCE_DATA_TAG), authenticator.getData()); - b.addByte(new BerTag(TagConstants.KEY_REFERENCE_TAG), authenticator.getType()); - } - rv = b.buildArray(); - // s_logger.debug("Encoded authenticators: {}", Hex.encodeHexString(rv)); - return rv; - } - - /** - * - * Helper function that decodes byte array containing authenticator list and - * populates various class fields. - * - * @param authenticators Byte array containing authenticator list - */ - public boolean decode(byte[] authenticators) { - m_authenticators.clear(); - if (authenticators.length == 0) - return true; - BerTlvParser p = new BerTlvParser(new CCTTlvLogger(this.getClass())); - BerTlvs tlvs = p.parse(authenticators); - byte[] refData = null; - byte refId = 0x00; - for (BerTlv t : tlvs.getList()) { - switch (t.getTag().bytes[0]) { - case (byte) 0x81: { - refData = t.getBytesValue(); - break; - } - case (byte) 0x83: { - if (refData == null) { - throw new IllegalStateException( - "Unexpected 0x83 tag without having seen 0x81 tag while parsing authenticator"); - } - refId = t.getBytesValue()[0]; - PIVAuthenticator parsed = new PIVAuthenticator(refId, refData); - m_authenticators.add(parsed); - refData = null; - refId = 0x00; - break; - } - default: - throw new IllegalStateException("Unexpected tag in authenticator"); - } - } - return true; - } - -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVDataObjectFactory.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVDataObjectFactory.java deleted file mode 100644 index f966299a..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVDataObjectFactory.java +++ /dev/null @@ -1,61 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class PIVDataObjectFactory { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(PIVDataObjectFactory.class); - - /** - * Instantiate an appropriate PIVDataObject class given an OID, or a generic one - * in the absence of an OID - * - * @param OID - * @return - */ - public static PIVDataObject createDataObjectForOid(String OID) { - PIVDataObject rv = null; - - if (OID.equals(APDUConstants.CARD_CAPABILITY_CONTAINER_OID)) - rv = new CardCapabilityContainer(); - else if (OID.equals(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID)) - rv = new CardHolderUniqueIdentifier(); - else if (OID.equals(APDUConstants.SECURITY_OBJECT_OID)) - rv = new SecurityObject(); - else if (OID.equals(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID)) - rv = new CardHolderBiometricData(); - else if (OID.equals(APDUConstants.CARDHOLDER_FINGERPRINTS_OID)) - rv = new CardHolderBiometricData(); - else if (OID.equals(APDUConstants.X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID)) - rv = new X509CertificateDataObject(); - else if (OID.equals(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID)) - rv = new X509CertificateDataObject(); - else if (OID.equals(APDUConstants.DISCOVERY_OBJECT_OID)) - rv = new DiscoveryObject(); - else if (OID.equals(APDUConstants.KEY_HISTORY_OBJECT_OID)) - rv = new KeyHistoryObject(); - else if (OID.equals(APDUConstants.BIOMETRIC_INFORMATION_TEMPLATES_GROUP_TEMPLATE_OID)) - rv = new BiometricInformationTemplatesGroupTemplate(); - else if (OID.equals(APDUConstants.CARDHOLDER_IRIS_IMAGES_OID)) - rv = new CardHolderBiometricData(); - else if (OID.equals(APDUConstants.PAIRING_CODE_REFERENCE_DATA_CONTAINER_OID)) - rv = new PairingCodeReferenceDataContainer(); - else if (OID.equals(APDUConstants.SECURE_MESSAGING_CERTIFICATE_SIGNER_OID)) - rv = new SecureMessagingCertificateSigner(); - else if (OID.equals(APDUConstants.X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID)) - rv = new X509CertificateDataObject(); - else if (OID.equals(APDUConstants.X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID)) - rv = new X509CertificateDataObject(); - else if (OID.equals(APDUConstants.PRINTED_INFORMATION_OID)) - rv = new PrintedInformation(); - - if (rv == null) { - s_logger.warn("Unrecognized data object type: {}. Using generic.", OID); - rv = new PIVDataObject(); - return rv; - } - rv.setOID(OID); - return rv; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVMiddleware.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVMiddleware.java deleted file mode 100644 index e99aaf09..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVMiddleware.java +++ /dev/null @@ -1,104 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import gov.gsa.pivconformance.utils.PCSCWrapper; - -import javax.smartcardio.CardTerminal; -import javax.smartcardio.Card; - -public class PIVMiddleware { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(PIVMiddleware.class); - public static final String PIV_MIDDLEWARE_VERSION = "800-73-4 Client API"; - - /** - * pivMiddlewareVersion from section 3.1.1 of SP 800-73-4 - * - * @param version - * @return PIV_OK if version was successfully retrieved - */ - public static MiddlewareStatus pivMiddlewareVersion(PIVMiddlewareVersion version) { - version.setVersion(PIV_MIDDLEWARE_VERSION); - return MiddlewareStatus.PIV_OK; - } - - /** - * pivConnect from section 3.1.2 of SP 800-73-4 - * - * @param sharedConnection - * @param connectionDescription - * @param cardHandle - * @return PIV_OK if connection was successful, - * PIV_CONNECTION_DESCRIPTION_MALFORMED if an invalid - * ConnectionDescription object was passed in, PIV_CONNECTION_FAILURE if - * no connection could be established, or PIV_CONNECTION_LOCKED if an - * exclusive connection was requested but another exclusive connection - * to the card in the specified reader is already in progress. - */ - public static MiddlewareStatus pivConnect(boolean sharedConnection, ConnectionDescription connectionDescription, - CardHandle cardHandle) { - - // Need to figure out what to do with sharedConnection in context of JAVA - CardTerminal t = connectionDescription.getTerminal(); - if (cardHandle == null) - cardHandle = new CardHandle(); - - if (connectionDescription.getTerminal() == null) - return MiddlewareStatus.PIV_CONNECTION_DESCRIPTION_MALFORMED; - - try { - - PCSCWrapper pcsc = PCSCWrapper.getInstance(); - - Card card = pcsc.connect(t); - - if (card != null) { - cardHandle.setConnectionDescription(connectionDescription); - cardHandle.setCard(card); - cardHandle.setValid(true); - cardHandle.setCurrentChannel(card.getBasicChannel()); - } - - } catch (Exception ex) { - s_logger.error("Unable to establish connection to the card : ", ex.getMessage(), ex); - return MiddlewareStatus.PIV_CONNECTION_FAILURE; - } - - return MiddlewareStatus.PIV_OK; - } - - /** - * pivDisconnect from section 3.1.2 of SP 800-73-4 - * - * @param cardHandle - * @return PIV_OK if the connection was disconnected and the CardHandle - * invalidated, PIV_INVALID_CARD_HANDLE if cardHandle was invalid, - * PIV_CARD_READER_ERROR if the connection could not be destroyed due to - * a reader failure. - */ - public static MiddlewareStatus pivDisconnect(CardHandle cardHandle) { - - try { - - Card card = cardHandle.getCard(); - - if (card == null || !cardHandle.isValid()) { - return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; - } - - // XXX Need to figure out if connections needs to be reset or not - card.disconnect(false); - // Invalidate cardHandle object - cardHandle = new CardHandle(); - - } catch (Exception ex) { - - s_logger.error("Unable to disconnect from the card : ", ex.getMessage()); - return MiddlewareStatus.PIV_CARD_READER_ERROR; - } - - return MiddlewareStatus.PIV_OK; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVMiddlewareVersion.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVMiddlewareVersion.java deleted file mode 100644 index 5c6c7f7c..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVMiddlewareVersion.java +++ /dev/null @@ -1,54 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * Class for atoring PIV middleware version information. - */ -public class PIVMiddlewareVersion { - private static final Logger s_logger = LoggerFactory.getLogger(PIVMiddlewareVersion.class); - - /** - * - * Default constructor that creates an invalid PIVMiddlewareVersion object - * - */ - public PIVMiddlewareVersion() { - version = "NOT SET"; - } - - /** - * - * Returns a String with PIV middleware version info - * - * @return - */ - public String getVersion() { - return version; - } - - /** - * - * Sets the PIV middleware version info - * - * @param version String with PIV middleware version info - */ - public void setVersion(String version) { - this.version = version; - } - - /** - * - * Returns a String with PIV middleware version info - * - * @return - */ - @Override - public String toString() { - return version; - } - - private String version; - -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PairingCodeReferenceDataContainer.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PairingCodeReferenceDataContainer.java deleted file mode 100644 index 73befcc3..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PairingCodeReferenceDataContainer.java +++ /dev/null @@ -1,159 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import gov.gsa.pivconformance.tlv.*; -import org.apache.commons.codec.binary.Hex; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.util.Arrays; -import java.util.HashMap; -import java.util.List; - -/** - * - * Encapsulates a Pairing Code Reference Data Container data object as defined - * by SP800-73-4 Part 2 Appendix A Table 43 - * - */ -public class PairingCodeReferenceDataContainer extends PIVDataObject { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(PairingCodeReferenceDataContainer.class); - - private String m_pairingCode; - private boolean m_errorDetectionCode; - - /** - * PairingCodeReferenceDataContainer class constructor, initializes all the - * class fields. - */ - public PairingCodeReferenceDataContainer() { - m_pairingCode = ""; - m_errorDetectionCode = false; - m_content = new HashMap(); - } - - /** - * - * Returns a String with pairing code name - * - * @return String containing pairing code name - */ - public String getName() { - return m_pairingCode; - } - - /** - * - * Sets the pairing code name - * - * @param pairingCode String containing pairing code name - */ - public void setName(String pairingCode) { - m_pairingCode = pairingCode; - } - - /** - * - * Returns True if error Error Detection Code is present, false otherwise - * - * @return True if error Error Detection Code is present, false otherwise - */ - @Override - public boolean getErrorDetectionCode() { - return m_errorDetectionCode; - } - - /** - * - * Sets if error Error Detection Code is present - * - * @param errorDetectionCode True if error Error Detection Code is present, - * false otherwise - */ - @Override - public void setErrorDetectionCode(boolean errorDetectionCode) { - m_errorDetectionCode = errorDetectionCode; - } - - /** - * - * Decode function that decodes Pairing Code Reference Data Container object - * retrieved from the card and populates various class fields. - * - * @return True if decode was successful, false otherwise - */ - @Override - public boolean decode() { - - try { - byte[] rawBytes = this.getBytes(); - - if (rawBytes == null) { - s_logger.error("No buffer to decode for {}.", APDUConstants.oidNameMap.get(super.getOID())); - return false; - } - - BerTlvParser tlvp = new BerTlvParser(new CCTTlvLogger(this.getClass())); - BerTlvs outer = tlvp.parse(rawBytes); - - if (outer == null) { - s_logger.error("Error parsing {}, unable to parse TLV value.", - APDUConstants.oidNameMap.get(super.getOID())); - return false; - } - - List values = outer.getList(); - for (BerTlv tlv : values) { - if (tlv.isPrimitive()) { - s_logger.trace("Tag {}: {}", Hex.encodeHexString(tlv.getTag().bytes), - Hex.encodeHexString(tlv.getBytesValue())); - - BerTlvs outer2 = tlvp.parse(tlv.getBytesValue()); - - if (outer2 == null) { - s_logger.error("Error parsing {}, unable to parse TLV value.", - APDUConstants.oidNameMap.get(super.getOID())); - return false; - } - - List values2 = outer2.getList(); - for (BerTlv tlv2 : values2) { - if (tlv2.isPrimitive()) { - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.PAIRING_CODE_TAG)) { - - m_pairingCode = new String(tlv2.getBytesValue()); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - - } else { - s_logger.warn("Unexpected tag: {} with value: {}", - Hex.encodeHexString(tlv2.getTag().bytes), - Hex.encodeHexString(tlv2.getBytesValue())); - } - } else { - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.ERROR_DETECTION_CODE_TAG)) { - - m_errorDetectionCode = true; - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - - } else { - s_logger.warn("Unexpected tag: {} with value: {}", - Hex.encodeHexString(tlv2.getTag().bytes), - Hex.encodeHexString(tlv2.getBytesValue())); - } - } - } - } - } - } catch (Exception ex) { - - s_logger.error("Error parsing {}: {}", APDUConstants.oidNameMap.get(super.getOID()), ex.getMessage()); - return false; - } - - if (m_pairingCode == "") - return false; - - dump(this.getClass()); - return true; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PrintedInformation.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PrintedInformation.java deleted file mode 100644 index a8f46cd7..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PrintedInformation.java +++ /dev/null @@ -1,373 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import gov.gsa.pivconformance.tlv.*; -import org.apache.commons.codec.binary.Hex; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.io.ByteArrayOutputStream; -import java.util.Arrays; -import java.util.HashMap; -import java.util.List; - -/** - * - * Encapsulates a Printed Information data object as defined by SP800-73-4 Part - * 2 Appendix A Table 9 - * - */ -public class PrintedInformation extends PIVDataObject { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(PrintedInformation.class); - - private String m_name; - private String m_employeeAffiliation; - private String m_expirationDate; - private String m_agencyCardSerialNumber; - private String m_issuerIdentification; - private String m_organizationAffiliation1; - private String m_organizationAffiliation2; - private boolean m_errorDetectionCode; - private byte[] m_signedContent; - - /** - * PrintedInformation class constructor, initializes all the class fields. - */ - public PrintedInformation() { - m_name = ""; - m_employeeAffiliation = ""; - m_expirationDate = ""; - m_agencyCardSerialNumber = ""; - m_issuerIdentification = ""; - m_organizationAffiliation1 = ""; - m_organizationAffiliation2 = ""; - m_errorDetectionCode = false; - m_signedContent = null; - m_content = new HashMap(); - } - - /** - * - * Returns byte array with signed content - * - * @return Byte array with signed content buffer - */ - public byte[] getSignedContent() { - return m_signedContent; - } - - /** - * - * Sets the signed content value - * - * @param signedContent Byte array with signed content buffer - */ - public void setSignedContent(byte[] signedContent) { - m_signedContent = signedContent; - } - - /** - * - * Returns the Name value as String - * - * @return String with the Name value - */ - public String getName() { - return m_name; - } - - /** - * - * Sets the name value - * - * @param name String with the Name value - */ - public void setName(String name) { - m_name = name; - } - - /** - * - * Returns the Employee Affiliation value as String - * - * @return String with the Employee Affiliation value - */ - public String getEmployeeAffiliation() { - return m_employeeAffiliation; - } - - /** - * - * Sets the Employee Affiliation value - * - * @param employeeAffiliation String with the Employee Affiliation value - */ - public void setEmployeeAffiliation(String employeeAffiliation) { - m_employeeAffiliation = employeeAffiliation; - } - - /** - * - * Returns the Expiration Date value as String - * - * @return String with the Expiration Date value - */ - public String getExpirationDate() { - return m_expirationDate; - } - - /** - * - * Sets the Expiration Date value - * - * @param expirationDate String with the Expiration Date value - */ - public void setExpirationDate(String expirationDate) { - m_expirationDate = expirationDate; - } - - /** - * - * Returns the Agency Card Serial Number value as String - * - * @return String with the Agency Card Serial Number value - */ - public String getAgencyCardSerialNumber() { - return m_agencyCardSerialNumber; - } - - /** - * - * Sets the Agency Card Serial Number value - * - * @param agencyCardSerialNumber String with the Agency Card Serial Number value - */ - public void setAgencyCardSerialNumber(String agencyCardSerialNumber) { - m_agencyCardSerialNumber = agencyCardSerialNumber; - } - - /** - * - * Returns the Issuer Identification value as String - * - * @return String with the Issuer Identification value - */ - public String getIssuerIdentification() { - return m_issuerIdentification; - } - - /** - * - * Sets the Issuer Identification value - * - * @param issuerIdentification String with the Issuer Identification value - */ - public void setIssuerIdentification(String issuerIdentification) { - m_issuerIdentification = issuerIdentification; - } - - /** - * - * Returns the Organization Affiliation1 value as String - * - * @return String with the Organization Affiliation1 value - */ - public String getOrganizationAffiliation1() { - return m_organizationAffiliation1; - } - - /** - * - * Sets the Organization Affiliation1 value - * - * @param organizationAffiliation1 String with the Organization Affiliation1 - * value - */ - public void setOrganizationAffiliation1(String organizationAffiliation1) { - m_organizationAffiliation1 = organizationAffiliation1; - } - - /** - * - * Returns the Organization Affiliation2 value as String - * - * @return String with the Organization Affiliation2 value - */ - public String getOrganizationAffiliation2() { - return m_organizationAffiliation2; - } - - /** - * - * Sets the Organization Affiliation2 value - * - * @param organizationAffiliation2 String with the Organization Affiliation2 - * value - */ - public void setOrganizationAffiliation2(String organizationAffiliation2) { - m_organizationAffiliation2 = organizationAffiliation2; - } - - /** - * - * Returns True if error Error Detection Code is present, false otherwise - * - * @return True if error Error Detection Code is present, false otherwise - */ - @Override - public boolean getErrorDetectionCode() { - return m_errorDetectionCode; - } - - /** - * - * Sets if error Error Detection Code is present - * - * @param errorDetectionCode True if error Error Detection Code is present, - * false otherwise - */ - @Override - public void setErrorDetectionCode(boolean errorDetectionCode) { - m_errorDetectionCode = errorDetectionCode; - } - - /** - * - * Decode function that decodes Printed Information object retrieved from the - * card and populates various class fields. - * - * @return True if decode was successful, false otherwise - */ - @Override - public boolean decode() { - - try { - byte[] rawBytes = this.getBytes(); - - if (rawBytes == null) { - s_logger.error("No buffer to decode for {}.", APDUConstants.oidNameMap.get(super.getOID())); - return false; - } - - BerTlvParser tlvp = new BerTlvParser(new CCTTlvLogger(this.getClass())); - BerTlvs outer = tlvp.parse(rawBytes); - - if (outer == null) { - s_logger.error("Error parsing {}, unable to parse TLV value.", - APDUConstants.oidNameMap.get(super.getOID())); - return false; - } - - List values = outer.getList(); - for (BerTlv tlv : values) { - if (tlv.isPrimitive()) { - s_logger.trace("Tag {}: {}", Hex.encodeHexString(tlv.getTag().bytes), - Hex.encodeHexString(tlv.getBytesValue())); - - BerTlvs outer2 = tlvp.parse(tlv.getBytesValue()); - - if (outer2 == null) { - s_logger.error("Error parsing {}, unable to parse TLV value.", - APDUConstants.oidNameMap.get(super.getOID())); - return false; - } - - ByteArrayOutputStream scos = new ByteArrayOutputStream(); - - List values2 = outer2.getList(); - for (BerTlv tlv2 : values2) { - if (tlv2.isPrimitive()) { - - super.m_tagList.add(tlv2.getTag()); - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.NAME_TAG)) { - - m_name = new String(tlv2.getBytesValue()); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.NAME_TAG, tlv2.getBytesValue())); - - } else if (Arrays.equals(tlv2.getTag().bytes, TagConstants.EMPLOYEE_AFFILIATION_TAG)) { - - m_employeeAffiliation = new String(tlv2.getBytesValue()); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write( - APDUUtils.getTLV(TagConstants.EMPLOYEE_AFFILIATION_TAG, tlv2.getBytesValue())); - - } else if (Arrays.equals(tlv2.getTag().bytes, - TagConstants.PRINTED_INFORMATION_EXPIRATION_DATE_TAG)) { - - m_expirationDate = new String(tlv2.getBytesValue()); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.PRINTED_INFORMATION_EXPIRATION_DATE_TAG, - tlv2.getBytesValue())); - - } else if (Arrays.equals(tlv2.getTag().bytes, TagConstants.AGENCY_CARD_SERIAL_NUMBER_TAG)) { - - m_agencyCardSerialNumber = new String(tlv2.getBytesValue()); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.AGENCY_CARD_SERIAL_NUMBER_TAG, - tlv2.getBytesValue())); - - } else if (Arrays.equals(tlv2.getTag().bytes, TagConstants.ISSUER_IDENTIFICATION_TAG)) { - - m_issuerIdentification = new String(tlv2.getBytesValue()); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write( - APDUUtils.getTLV(TagConstants.ISSUER_IDENTIFICATION_TAG, tlv2.getBytesValue())); - - } else if (Arrays.equals(tlv2.getTag().bytes, - TagConstants.ORGANIZATIONAL_AFFILIATION_L1_TAG)) { - - m_organizationAffiliation1 = new String(tlv2.getBytesValue()); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.ORGANIZATIONAL_AFFILIATION_L1_TAG, - tlv2.getBytesValue())); - - } else if (Arrays.equals(tlv2.getTag().bytes, - TagConstants.ORGANIZATIONAL_AFFILIATION_L2_TAG)) { - - m_organizationAffiliation2 = new String(tlv2.getBytesValue()); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - scos.write(APDUUtils.getTLV(TagConstants.ORGANIZATIONAL_AFFILIATION_L2_TAG, - tlv2.getBytesValue())); - - } else { - s_logger.warn("Unexpected tag: {} with value: {}", - Hex.encodeHexString(tlv2.getTag().bytes), - Hex.encodeHexString(tlv2.getBytesValue())); - } - } else { - super.m_tagList.add(tlv2.getTag()); - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.ERROR_DETECTION_CODE_TAG)) { - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - m_errorDetectionCode = true; - - scos.write(TagConstants.ERROR_DETECTION_CODE_TAG); - scos.write((byte) 0x00); - - } else { - s_logger.warn("Unexpected tag: {} with value: {}", - Hex.encodeHexString(tlv2.getTag().bytes), - Hex.encodeHexString(tlv2.getBytesValue())); - } - } - } - - m_signedContent = scos.toByteArray(); - } - } - } catch (Exception ex) { - - s_logger.error("Error parsing {}: {}", APDUConstants.oidNameMap.get(super.getOID()), ex.getMessage()); - return false; - } - - if (m_name == "" || m_employeeAffiliation == "" || m_expirationDate == "" || m_agencyCardSerialNumber == "" - || m_issuerIdentification == "") - return false; - - super.setRequiresPin(true); - - dump(this.getClass()); - return true; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/SecureMessagingCertificateSigner.java b/cardlib/src/main/java/gov/gsa/pivconformance/card/client/SecureMessagingCertificateSigner.java deleted file mode 100644 index b075756a..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/SecureMessagingCertificateSigner.java +++ /dev/null @@ -1,185 +0,0 @@ -package gov.gsa.pivconformance.card.client; - -import gov.gsa.pivconformance.tlv.*; -import org.apache.commons.codec.binary.Hex; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.io.ByteArrayInputStream; -import java.io.InputStream; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.util.Arrays; -import java.util.HashMap; -import java.util.List; -import java.util.zip.GZIPInputStream; - -/** - * - * Encapsulates a Card Holder Unique Identifier data object as defined by - * SP800-73-4 Part 2 Appendix A Table 42 - * - */ -public class SecureMessagingCertificateSigner extends PIVDataObject { // slf4j will thunk this through to an - // appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(SecureMessagingCertificateSigner.class); - - private X509Certificate m_pivAuthCert; - private byte[] m_intermediateCVC; - private boolean m_error_Detection_Code; - - /** - * SecureMessagingCertificateSigner class constructor, initializes all the class - * fields. - */ - public SecureMessagingCertificateSigner() { - - m_pivAuthCert = null; - m_intermediateCVC = null; - m_error_Detection_Code = false; - m_content = new HashMap(); - } - - /** - * - * Returns True if error Error Detection Code is present, false otherwise - * - * @return True if error Error Detection Code is present, false otherwise - */ - @Override - public boolean getErrorDetectionCode() { - - return m_error_Detection_Code; - } - - /** - * - * Returns X509Certificate object containing X.509 Certificate for Content - * Signing - * - * @return X509Certificate object containing X.509 Certificate for Content - * Signing - */ - public X509Certificate getCertificate() { - return m_pivAuthCert; - } - - /** - * - * Returns byte array with Intermediate CVC value - * - * @return Byte array containing Intermediate CVC value - */ - public byte[] getIntermediateCVC() { - return m_intermediateCVC; - } - - /** - * - * Sets the Intermediate CVC value - * - * @param intermediateCVC Byte array containing Intermediate CVC value - */ - public void setIntermediateCVC(byte[] intermediateCVC) { - m_intermediateCVC = intermediateCVC; - } - - /** - * - * Decode function that decodes Secure Messaging Certificate Signer object - * retrieved from the card and populates various class fields. - * - * @return True if decode was successful, false otherwise - */ - @Override - public boolean decode() { - - if (m_pivAuthCert == null) { - - try { - byte[] raw = super.getBytes(); - - BerTlvParser tp = new BerTlvParser(new CCTTlvLogger(this.getClass())); - BerTlvs outer = tp.parse(raw); - - if (outer == null) { - s_logger.error("Error parsing {}, unable to parse TLV value.", - APDUConstants.oidNameMap.get(super.getOID())); - return false; - } - - List values = outer.getList(); - for (BerTlv tlv : values) { - if (tlv.isPrimitive()) { - s_logger.trace("Tag {}: {}", Hex.encodeHexString(tlv.getTag().bytes), - Hex.encodeHexString(tlv.getBytesValue())); - - BerTlvs outer2 = tp.parse(tlv.getBytesValue()); - - if (outer2 == null) { - s_logger.error("Error parsing {}, unable to parse TLV value.", - APDUConstants.oidNameMap.get(super.getOID())); - return false; - } - - List values2 = outer2.getList(); - byte[] rawCertBuf = null; - byte[] certInfoBuf = null; - for (BerTlv tlv2 : values2) { - if (tlv2.isPrimitive()) { - s_logger.trace("Tag {}: {}", Hex.encodeHexString(tlv2.getTag().bytes), - Hex.encodeHexString(tlv2.getBytesValue())); - } else { - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.CERTIFICATE_TAG)) { - if (tlv2.hasRawValue()) { - rawCertBuf = tlv2.getBytesValue(); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - } - } - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.ERROR_DETECTION_CODE_TAG)) { - if (tlv2.hasRawValue()) { - m_error_Detection_Code = true; - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - } - } - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.CERTINFO_TAG)) { - certInfoBuf = tlv2.getBytesValue(); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - } - - if (Arrays.equals(tlv2.getTag().bytes, TagConstants.INTERMEDIATE_CVC_TAG)) { - m_intermediateCVC = tlv2.getBytesValue(); - m_content.put(tlv2.getTag(), tlv2.getBytesValue()); - } - } - } - - InputStream certIS = null; - // Check if the certificate buffer is compressed - if (certInfoBuf != null && Arrays.equals(certInfoBuf, TagConstants.COMPRESSED_TAG)) { - certIS = new GZIPInputStream(new ByteArrayInputStream(rawCertBuf)); - } else { - certIS = new ByteArrayInputStream(rawCertBuf); - } - - CertificateFactory cf = CertificateFactory.getInstance("X509"); - m_pivAuthCert = (X509Certificate) cf.generateCertificate(certIS); - s_logger.info(m_pivAuthCert.getSubjectDN().toString()); - } else { - s_logger.info("Object: {}", Hex.encodeHexString(tlv.getTag().bytes)); - } - } - } catch (Exception ex) { - - s_logger.error("Error parsing {}: {}", APDUConstants.oidNameMap.get(super.getOID()), ex.getMessage()); - return false; - } - - if (m_pivAuthCert == null) - return false; - } - - dump(this.getClass()); - return true; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/APDUConstants.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/APDUConstants.java similarity index 98% rename from cardlib/src/main/java/gov/gsa/pivconformance/card/client/APDUConstants.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/APDUConstants.java index ee4c5d87..3f9e4b10 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/APDUConstants.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/APDUConstants.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformance.card.client; +package gov.gsa.pivconformance.cardlib.card.client; import java.nio.ByteBuffer; import java.util.ArrayList; @@ -13,7 +13,7 @@ import java.lang.reflect.Field; /** - * Helper class that containes helper variables and functions for APDU + * Helper class that contains helper variables and functions for APDU * generation * */ @@ -308,7 +308,6 @@ public class APDUConstants { put("2.16.840.1.101.3.7.2.16.22", "BIOMETRIC_INFORMATION_TEMPLATES_GROUP_TEMPLATE_OID"); put("2.16.840.1.101.3.7.2.16.23", "SECURE_MESSAGING_CERTIFICATE_SIGNER_OID"); put("2.16.840.1.101.3.7.2.16.24", "PAIRING_CODE_REFERENCE_DATA_CONTAINER_OID"); - put("2.16.840.1.101.3.7.2.16.23", "SECURE_MESSAGING_CERTIFICATE_SIGNER_OID"); } }; @@ -361,9 +360,15 @@ public class APDUConstants { * @return Array of String values containing OIDs for all mandatory containers */ public static final String[] MandatoryContainers() { - final String[] rv = { CARD_CAPABILITY_CONTAINER_OID, CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, CARDHOLDER_FINGERPRINTS_OID, SECURITY_OBJECT_OID, - CARDHOLDER_FACIAL_IMAGE_OID, X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID }; + final String[] rv = { + CARD_CAPABILITY_CONTAINER_OID, + CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, + CARDHOLDER_FINGERPRINTS_OID, + SECURITY_OBJECT_OID, + CARDHOLDER_FACIAL_IMAGE_OID, + X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID + }; return rv; } @@ -380,8 +385,12 @@ public static boolean isContainerMandatory(String oid) { * by a PIN */ public static final String[] ProtectedContainers() { - final String[] rv = { CARDHOLDER_FINGERPRINTS_OID, PRINTED_INFORMATION_OID, CARDHOLDER_FACIAL_IMAGE_OID, - CARDHOLDER_IRIS_IMAGES_OID }; + final String[] rv = { + CARDHOLDER_FINGERPRINTS_OID, + PRINTED_INFORMATION_OID, + CARDHOLDER_FACIAL_IMAGE_OID, + CARDHOLDER_IRIS_IMAGES_OID + }; return rv; } @@ -767,11 +776,6 @@ public static final String getKeyManagmentCertOID(int number) { return oid; } - - public static final String getFileNameForOid(String oid) { - String rv = oidNameMap.get(oid).replaceAll(" ", "_"); - return rv; - } public static final String getStringForFieldNamed(String fieldName) { String rv = null; @@ -836,5 +840,15 @@ public static final byte[] getKeyManagmentCertID(int number) { return arr; } - + + /** + * Helper function to generate a file name from an OID + * @param oid the container OID + * @return a file name consisting of the container name appended with ".dat" + */ + + public static final String getFileNameForOid(String oid) { + String rv = oidNameMap.get(oid).replaceAll(" ", "_"); + return rv; + } } diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/APDUUtils.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/APDUUtils.java new file mode 100644 index 00000000..835fc45f --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/APDUUtils.java @@ -0,0 +1,338 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import gov.gsa.pivconformance.cardlib.tlv.TagConstants; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.security.Provider; +import java.security.Security; +import java.util.Arrays; + +/** + * + * Helper class that facilitates creation of APDU values + * + */ +public class APDUUtils { + private static byte[] s_pivSelect = null; + private static final Logger s_logger = LoggerFactory.getLogger(APDUUtils.class); + + /** + * + * Return APDU value for SELECT card operation + * + * @return Byte array with SELECT APDU + */ + public static byte[] PIVSelectAPDU() { + if(s_pivSelect == null) { + try { + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + baos.write(APDUConstants.COMMAND); + baos.write(APDUConstants.SELECT); + byte[] p1p2 = {0x04, 0x00}; + baos.write(p1p2); + baos.write((byte) APDUConstants.PIV_APPID.length); + baos.write(APDUConstants.PIV_APPID); + s_pivSelect = baos.toByteArray(); + } catch(IOException ioe) { + // if we ever hit this, OOM is coming soon + s_logger.error("Unable to populate static PIV select APDU field.", ioe); + s_pivSelect = new byte[0]; + } + } + return s_pivSelect; + } + + /** + * + * Return APDU value for SELECT card operation based on a specific APP ID value + * + * @param appid Byte array with APP ID + * @return Byte array with SELECT APDU + */ + public static byte[] PIVSelectAPDU(byte[] appid) { + byte[] rv_pivSelect = null; + if(rv_pivSelect == null) { + try { + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + baos.write(APDUConstants.COMMAND); + baos.write(APDUConstants.SELECT); + byte[] p1p2 = {0x04, 0x00}; + baos.write(p1p2); + baos.write(appid.length); + baos.write(appid); + byte[] Le = {0x00}; + baos.write(Le); + rv_pivSelect = baos.toByteArray(); + } catch(IOException ioe) { + // if we ever hit this, OOM is coming soon + s_logger.error("Unable to populate static PIV select APDU field.", ioe); + rv_pivSelect = new byte[0]; + } + } + return rv_pivSelect; + } + + /** + * + * Return APDU value for GENERAL AUTHENTICATE + * + * @param keyReference Byte value identifying key reference of the generated key pair + * @param algorithmIdentifier Byte value identifying algorithm to be performed on card + * @param parameter Byte array containing the parameter value + * @return Byte array with GENERATE APDU + */ + public static byte[] PIVGeneralAuthenticateAPDU(byte keyReference, byte algorithmIdentifier, byte[] parameter) { + byte[] rv_pivGeneralAuthenticate = null; + if(rv_pivGeneralAuthenticate == null) { + try { + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + baos.write(APDUConstants.COMMAND); + baos.write(APDUConstants.GENERAL_AUTHENTICATE); + byte[] p1 = {algorithmIdentifier}; + baos.write(p1); + baos.write(keyReference); + + //If parameter is present data length will be 1 (Tag 'AC') + length + 1 (cryptographic mechanism tag) + 1 (length) + 1 (cryptographic mechanism) + 1 (parameter tag) + parameter length length+ parameter length . + //If parameter is absent data length will be 1 (Tag 'AC') + length + 1 (cryptographic mechanism tag) + 1 (cryptographic mechanism length) + 1 (cryptographic mechanism) + if(parameter != null) { + baos.write(parameter.length); + } + else { + baos.write(0); + } + + if(parameter != null) { + baos.write(parameter); + } + byte[] Le = {0x00}; + baos.write(Le); + rv_pivGeneralAuthenticate = baos.toByteArray(); + } catch(IOException ioe) { + // if we ever hit this, OOM is coming soon + s_logger.error("Unable to populate static PIV Generate APDU field.", ioe); + rv_pivGeneralAuthenticate = new byte[0]; + } + } + return rv_pivGeneralAuthenticate; + } + + /** + * + * Return APDU value for GENERATE card operation based on a specific APP ID value + * + * @param keyReference Byte value identifying key reference of the generated key pair + * @param cryptoMechanism Byte value identifying the type of key pair to be generated + * @param parameter Byte array containing the parameter value + * @return Byte array with GENERATE APDU + */ + public static byte[] PIVGenerateKeyPairAPDU(byte keyReference, byte cryptoMechanism, byte[] parameter) { + byte[] rv_pivGenerate = null; + if(rv_pivGenerate == null) { + try { + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + baos.write(APDUConstants.COMMAND); + baos.write(APDUConstants.GENERATE); + byte[] p1 = {0x00}; + baos.write(p1); + baos.write(keyReference); + + //If parameter is present data length will be 1 (Tag 'AC') + length + 1 (cryptographic mechanism tag) + 1 (length) + 1 (cryptographic mechanism) + 1 (parameter tag) + parameter length length+ parameter length . + //If parameter is absent data length will be 1 (Tag 'AC') + length + 1 (cryptographic mechanism tag) + 1 (cryptographic mechanism length) + 1 (cryptographic mechanism) + if(parameter != null) { + baos.write(1 + 1 + 1 + 1 + 1 + 1 + 1 + parameter.length); + } + else { + baos.write(1 + 1 + 1 + 1 + 1); + } + + //Write Control reference template tag + baos.write(APDUConstants.CONTROL_REFERENCE_TEMPLATE_TAG); + + //Write length value for Control reference template + + if(parameter != null) { + + //Add length of Crypto Mechanism TLV + baos.write(3 + 2 + parameter.length); + + } + else { + + //Add length of Crypto Mechanism TLV + baos.write(3); + } + + baos.write(TagConstants.CRYPTO_MECHANISM_TAG); + //Add length of crypto mechanism which will be 1 + baos.write(1); + baos.write(cryptoMechanism); + if(parameter != null) { + byte[] parameterTag = {TagConstants.PARAMETER_TAG}; + baos.write(parameterTag); + baos.write(parameter.length); + baos.write(parameter); + } + byte[] Le = {0x00}; + baos.write(Le); + rv_pivGenerate = baos.toByteArray(); + } catch(IOException ioe) { + // if we ever hit this, OOM is coming soon + s_logger.error("Unable to populate static PIV Generate APDU field.", ioe); + rv_pivGenerate = new byte[0]; + } + } + return rv_pivGenerate; + } + + /** + * + * @param data + * @return + */ + public static byte[] PIVGetDataAPDU(byte[] data) { + + byte[] rv_pivGetData = null; + + try { + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + baos.write(APDUConstants.COMMAND); + baos.write(APDUConstants.GET); + byte[] p1p2 = {0x3f, (byte) 0xff}; + baos.write(p1p2); + byte[] Lc = {(byte)(data.length & 0xff)}; + baos.write(Lc); + baos.write(data); + byte[] Le = {0x00}; + baos.write(Le); + rv_pivGetData = baos.toByteArray(); + } catch(IOException ioe) { + // if we ever hit this, OOM is coming soon + s_logger.error("Unable to populate PIV get data APDU field.", ioe); + rv_pivGetData = new byte[0]; + } + + return rv_pivGetData; + } + /** + * + * @param data + * @return + */ + public static byte[] PIVGetDataAPDU_Broken(byte[] data) { + + byte[] rv_pivGetData = null; + + try { + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + baos.write(APDUConstants.COMMAND); + baos.write(APDUConstants.GET); + byte[] p1p2 = {0x3f, (byte) 0xff}; + baos.write(p1p2); + byte[] Lc = {(byte)(data.length & 0xff)}; + baos.write(Lc); + baos.write(data); + byte[] Le = {0x08}; + baos.write(Le); + rv_pivGetData = baos.toByteArray(); + } catch(IOException ioe) { + // if we ever hit this, OOM is coming soon + s_logger.error("Unable to populate PIV get data APDU field.", ioe); + rv_pivGetData = new byte[0]; + } + + return rv_pivGetData; + } + + /** + * + * Helper fuction that converts byte[] into unsigned int + * + * @param b Byte array to be converter to unsigned int + * @return Unsigned int value + */ + public static final int bytesToInt(byte[] b) { + + if(b.length != 2){ + throw new IllegalArgumentException("Invalid buffer length passed in."); + } + + int l = 0; + l |= b[0] & 0xFF; + l <<= 8; + l |= b[1] & 0xFF; + return l; + } + + /** + * + * Helper function that constructs a TLV buffer based on passed in tag and value buffer + * + * @param tag Byte array with tag info + * @param value Byte array with value + * @return Byte array with resulting TLV value + */ + public static final byte[] getTLV(byte[] tag, byte[] value) { + + if(tag == null || value == null) + throw new IllegalArgumentException("Null buffer passed into getTLV()."); + byte[] rv = null; + ByteArrayOutputStream os = new ByteArrayOutputStream(); + int numberLenBytes = (value == null) ? 0 : (value.length > 127) ? 2 : 1; + try { + // Tag + os.write(tag); + // Length & value + if (numberLenBytes == 2) { + os.write((byte) ((0x80 + numberLenBytes) & 0xff)); + os.write((byte) (((value.length & 0xff00) >> 8) & 0xff)); + os.write((byte) (value.length & 0x00ff)); + os.write(value); + } else if (numberLenBytes == 1) { + os.write((byte) (value.length & 0xff)); + os.write(value); + } else if (numberLenBytes == 0) { + os.write(0x00); + } + } catch (IOException e) { + s_logger.error("Failed to create TLV value: {}" , e.getMessage()); + return rv; + } + + rv = os.toByteArray(); + return rv; + } + + /** + * + * Helper function that creates ASN1ObjectIdentifier object based on OID value and a service name + * + * @param serviceName String value identifying the service + * @param name String value identifying OID by name + * @return + */ + public static ASN1ObjectIdentifier getAlgorithmIdentifier(String serviceName, String name) { + ASN1ObjectIdentifier oid = null; + Provider provider = Security.getProvider(BouncyCastleProvider.PROVIDER_NAME); + Provider.Service service = provider.getService(serviceName, name); + if (service != null) { + String string = service.toString(); + String array[] = string.split("\n"); + if (array.length > 1) { + string = array[array.length - 1]; + array = string.split("[\\[\\]]"); + if (array.length > 2) { + string = array[array.length - 2]; + array = string.split(", "); + Arrays.sort(array); + oid = new ASN1ObjectIdentifier(array[0]); + } + } + } + return oid; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/AbstractPIVApplication.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/AbstractPIVApplication.java new file mode 100644 index 00000000..17ae9cc6 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/AbstractPIVApplication.java @@ -0,0 +1,703 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import gov.gsa.pivconformance.cardlib.tlv.BerTag; +import gov.gsa.pivconformance.cardlib.tlv.BerTlv; +import gov.gsa.pivconformance.cardlib.tlv.BerTlvParser; +import gov.gsa.pivconformance.cardlib.tlv.BerTlvs; +import gov.gsa.pivconformance.cardlib.tlv.CCTTlvLogger; +import gov.gsa.pivconformance.cardlib.tlv.TagConstants; +import gov.gsa.pivconformance.cardlib.utils.PCSCWrapper; + +import org.apache.commons.codec.binary.Hex; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import javax.smartcardio.*; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.util.List; +import java.util.ArrayList; + +/** + * A base class for items that will implement the IPIVApplication interface, to allow those methods that can be + * common across implementations to be shared + */ +abstract public class AbstractPIVApplication implements IPIVApplication { + + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(AbstractPIVApplication.class); + private CommandAPDU m_lastCommandAPDU = null; + private ResponseAPDU m_lastResponseAPDU; + + /** + * + * Set the PIV Card Application as the currently selected card application and establish + * the PIV Card Applicationâs security state. + * + * @param cardHandle CardHandle object that encapsulates connection to a card + * @param applicationAID ApplicationAID object containing the AID of the PIV Card Application + * @param applicationProperties ApplicationProperties object containing application properties of the selected PIV + * Card Application + * @return MiddlewareStatus value indicating the result of the function call + */ + @Override + public MiddlewareStatus pivSelectCardApplication(CardHandle cardHandle, ApplicationAID applicationAID, ApplicationProperties applicationProperties) { + s_logger.debug("pivSelectCardApplication()"); + try { + // Establishing channel + Card card = cardHandle.getCard(); + if (card == null) + return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; + + // Establishing channel + CardChannel channel = card.getBasicChannel(); + cardHandle.setCurrentChannel(channel); + + PCSCWrapper pcsc = PCSCWrapper.getInstance(); + + //Construct APDU command using APDUUtils and applicationAID that was passed in. + CommandAPDU cmd = new CommandAPDU(APDUUtils.PIVSelectAPDU(applicationAID.getBytes())); + m_lastCommandAPDU = cmd; m_lastResponseAPDU = null; + // Transmit command and get response + ResponseAPDU response = pcsc.transmit(channel, cmd); + m_lastResponseAPDU = response; + s_logger.debug("Response to SELECT command: {} {}", String.format("0x%02X", response.getSW1()), String.format("0x%02X", response.getSW2())); + + //Check for Successful execution status word + if(response.getSW() != APDUConstants.SUCCESSFUL_EXEC) { + + // XXX *** TODO: handle 61XX + if(response.getSW1() == 0x61) { + s_logger.info("SW1 == 61"); + return MiddlewareStatus.PIV_OK; + } + + if(response.getSW() == APDUConstants.APP_NOT_FOUND){ + s_logger.info("Card application not found"); + return MiddlewareStatus.PIV_CARD_APPLICATION_NOT_FOUND; + } + + s_logger.error("Error selecting card application, failed with error: {}", Integer.toHexString(response.getSW())); + return MiddlewareStatus.PIV_CONNECTION_FAILURE; + } + + // Populated the response in ApplicationProperties + byte[] properties = response.getData(); + if(properties != null) applicationProperties.setBytes(properties); + + } + catch (Exception ex) { + + s_logger.error("Error selecting card application: {}", ex.getMessage()); + return MiddlewareStatus.PIV_CONNECTION_FAILURE; + } + s_logger.debug("pivSelectCardApplication returning {}", MiddlewareStatus.PIV_OK); + return MiddlewareStatus.PIV_OK; + } + + /** + * + * Sets security state within the PIV Card Application. + * + * @param cardHandle CardHandle object that encapsulates connection to a card + * @param authenticators Byte array cotaining authenticators to be used to authenticate and set security + * state/status in the PIV Card Application context + * @return MiddlewareStatus value indicating the result of the function call + */ + @Override + public MiddlewareStatus pivLogIntoCardApplication(CardHandle cardHandle, byte[] authenticators) { + PIVAuthenticators pas = new PIVAuthenticators(); + pas.decode(authenticators); + for(PIVAuthenticator authenticator : pas.getAuthenticators()) { + if(authenticator.getType() != TagConstants.KEY_REFERENCE_APPLICATION_PIN_TAG && + authenticator.getType() != TagConstants.KEY_REFERENCE_GLOBAL_PIN_TAG ) { + s_logger.warn("Skipping authenticator of type {}. Currently unsupported.", authenticator.getType()); + continue; + } + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + try { + baos.write(APDUConstants.COMMAND); + baos.write(APDUConstants.VERIFY); + baos.write((byte) 0x00); // logging in + baos.write(authenticator.getType()); + baos.write(authenticator.getData().length == 0 ? 0x00 : (byte) 0x08); // PIN + baos.write(authenticator.getData()); + } catch(IOException ioe) { + s_logger.error("Failed to populate VERIFY APDU buffer"); + } + byte[] rawAPDU = baos.toByteArray(); + //s_logger.error("VERIFY APDU: {}", Hex.encodeHexString(rawAPDU)); + CardChannel channel = cardHandle.getCurrentChannel(); + CommandAPDU verifyApdu = new CommandAPDU(rawAPDU); + ResponseAPDU resp = null; + try { + PCSCWrapper pcsc = PCSCWrapper.getInstance(); + m_lastCommandAPDU = verifyApdu; m_lastResponseAPDU = null; + resp = pcsc.transmit(channel, verifyApdu); + m_lastResponseAPDU = resp; + } catch (CardException e) { + s_logger.error("Failed to transmit VERIFY APDU to card", e); + return MiddlewareStatus.PIV_CARD_READER_ERROR; + } + if(resp.getSW() == 0x9000) { + cardHandle.setCurrentChannel(channel); + s_logger.debug("Successfully logged into card application"); + } else { + s_logger.error("Login failed: {}", Hex.encodeHexString(resp.getBytes())); + s_logger.error("Card: {}", cardHandle.getCard()); + //s_logger.error("Last command APDU: {}", Hex.encodeHexString(m_lastCommandAPDU.getBytes())); + s_logger.error("Last response APDU: {}", Hex.encodeHexString(m_lastResponseAPDU.getBytes())); + return MiddlewareStatus.PIV_AUTHENTICATION_FAILURE; + } + + } + return MiddlewareStatus.PIV_OK; + } + + /** + * + * Retrieves all the data containers of the PIV Card Application + * + * @param cardHandle CardHandle object that encapsulates connection to a card + * @param dataList List of PIVDataObject objects containing all the data containers of PIV Card Application + * @return MiddlewareStatus value indicating the result of the function call + */ + public MiddlewareStatus pivGetAllDataContainers(CardHandle cardHandle, List dataList) { + + MiddlewareStatus result = MiddlewareStatus.PIV_OK; + + if (cardHandle == null) + return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; + + try { + if(dataList == null) + dataList = new ArrayList(); + + for(String containerOID : APDUConstants.AllContainers()){ + + //Create object from the OID + PIVDataObject dataObject = PIVDataObjectFactory.createDataObjectForOid(containerOID); + s_logger.info("Attempting to read data object for OID {} ({})", containerOID, APDUConstants.oidNameMap.get(containerOID)); + + result = this.pivGetData(cardHandle, containerOID, dataObject); + + //Add the data object to the list if successful return code + if(result == MiddlewareStatus.PIV_OK) + dataList.add(dataObject); + } + + + }catch (SecurityException ex) { + + s_logger.info("Error retrieving data from the card application: {}", ex.getMessage()); + return MiddlewareStatus.PIV_SECURITY_CONDITIONS_NOT_SATISFIED; + } + catch (Exception ex) { + + s_logger.info("Error retrieving data from the card application: {}", ex.getMessage()); + return MiddlewareStatus.PIV_CONNECTION_FAILURE; + } + + return MiddlewareStatus.PIV_OK; + } + + /** + * + * @param cardHandle CardHandle object that encapsulates connection to a card + * @param OID String containing OID value identifying data object whose data content is to be + * retrieved + * @param data PIVDataObject object that will store retrieved data content + * @return MiddlewareStatus value indicating the result of the function call + */ + @Override + public MiddlewareStatus pivGetData(CardHandle cardHandle, String OID, PIVDataObject data) { + byte [] oidBytes = APDUConstants.oidMAP.get(OID); + if(oidBytes == null) { + s_logger.error("OID {} is not recognized by oidMAP.", OID); + return MiddlewareStatus.PIV_DATA_OBJECT_NOT_FOUND; + } + + try { + // Establishing channel + Card card = cardHandle.getCard(); + if (card == null) + return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; + + CardChannel channel = cardHandle.getCurrentChannel(); + if(channel == null) { + throw new IllegalStateException("Must select PIV application before calling pivGetData"); + } + + //Construct data field based on the data field oid and the tag for the specific oid + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + baos.write(TagConstants.DATA_FIELD_TAG); + baos.write(oidBytes.length); + baos.write(oidBytes); + + //Construct APDU command using APDUUtils and applicationAID that was passed in. + CommandAPDU cmd = new CommandAPDU(APDUUtils.PIVGetDataAPDU(baos.toByteArray())); + + PCSCWrapper pcsc = PCSCWrapper.getInstance(); + // Transmit command and get response + m_lastCommandAPDU = cmd; m_lastResponseAPDU = null; + ResponseAPDU response = pcsc.transmit(channel, cmd); + m_lastResponseAPDU = response; + + //Check for Successful execution status word + if(response.getSW() != APDUConstants.SUCCESSFUL_EXEC) { + + if(response.getSW() == APDUConstants.APP_NOT_FOUND){ + s_logger.info("Data object not found"); + return MiddlewareStatus.PIV_DATA_OBJECT_NOT_FOUND; + } + else if(response.getSW() == APDUConstants.SECURITY_STATUS_NOT_SATISFIED){ + s_logger.info("Security status not satisfied"); + return MiddlewareStatus.PIV_SECURITY_CONDITIONS_NOT_SATISFIED; + } + + s_logger.error("Error getting object {}, failed with error: {}", OID, Integer.toHexString(response.getSW())); + return MiddlewareStatus.PIV_CONNECTION_FAILURE; + } + byte[] responseData = response.getData(); + BerTlvParser lengthCheckTlvParser = new BerTlvParser(new CCTTlvLogger(this.getClass())); + BerTlvs outer = lengthCheckTlvParser.parse(response.getData()); + if(outer != null) { + if (outer.getList() == null) { + s_logger.warn("GET DATA returned status of 90 00 but tag list is null"); + return MiddlewareStatus.PIV_DATA_OBJECT_NOT_FOUND; + } + BerTlv tlv = outer.getList().get(0); + if (tlv == null) { + s_logger.warn("GET DATA returned status of 90 00 but TLV at 0 is null"); + return MiddlewareStatus.PIV_DATA_OBJECT_NOT_FOUND; + } + BerTag tag = tlv.getTag(); + if (tag == null) { + s_logger.warn("GET DATA returned status of 90 00 but tag {} is null", tlv.getHexValue()); + return MiddlewareStatus.PIV_DATA_OBJECT_NOT_FOUND; + } + if(tag.bytes.length == 1 && tag.bytes[0] == 0x53 && responseData.length == 2 && responseData[1] == 0x00) { + s_logger.debug("GET DATA returned status of 90 00 but a tag of 0x53 with a length of 0." + + " Per SP800-73-4, PIV middleware should return PIV_DATA_OBJECT_NOT_FOUND." ); + return MiddlewareStatus.PIV_DATA_OBJECT_NOT_FOUND; + } + } + + // Populate the response in PIVDataObject + data.setOID(OID); + data.setBytes(response.getData()); + + }catch (SecurityException ex) { + + s_logger.error("Error retrieving data from the card application: {}", ex.getMessage(), ex); + return MiddlewareStatus.PIV_SECURITY_CONDITIONS_NOT_SATISFIED; + } + catch (Exception ex) { + + s_logger.error("Error retrieving data from the card application: {}", ex.getMessage(), ex); + return MiddlewareStatus.PIV_CONNECTION_FAILURE; + } + + return MiddlewareStatus.PIV_OK; + } + + /** + * + * @param cardHandle CardHandle object that encapsulates connection to a card + * @param OID String containing OID value identifying data object whose data content is to be + * retrieved + * @param data PIVDataObject object that will store retrieved data content + * @return MiddlewareStatus value indicating the result of the function call + */ + public MiddlewareStatus pivGetAllData(CardHandle cardHandle, String OID, PIVDataObject data) { + + try { + // Establishing channel + Card card = cardHandle.getCard(); + if (card == null) + return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; + + CardChannel channel = cardHandle.getCurrentChannel(); + if(channel == null) { + throw new IllegalStateException("Must select PIV application before calling pivGetData"); + } + + //Construct data field based on the data field oid and the tag for the specific oid + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + baos.write(TagConstants.DATA_FIELD_TAG); + baos.write(0x00); + baos.write(APDUConstants.oidMAP.get(OID)); + + //Construct APDU command using APDUUtils and applicationAID that was passed in. + CommandAPDU cmd = new CommandAPDU(APDUUtils.PIVGetDataAPDU(baos.toByteArray())); + + PCSCWrapper pcsc = PCSCWrapper.getInstance(); + // Transmit command and get response + m_lastCommandAPDU = cmd; m_lastResponseAPDU = null; + ResponseAPDU response = pcsc.transmit(channel, cmd); + m_lastResponseAPDU = response; + + //Check for Successful execution status word + if(response.getSW() != APDUConstants.SUCCESSFUL_EXEC) { + + if(response.getSW() == APDUConstants.APP_NOT_FOUND){ + s_logger.info("Data object not found"); + return MiddlewareStatus.PIV_DATA_OBJECT_NOT_FOUND; + } + else if(response.getSW() == APDUConstants.SECURITY_STATUS_NOT_SATISFIED){ + s_logger.info("Security status not satisfied"); + return MiddlewareStatus.PIV_SECURITY_CONDITIONS_NOT_SATISFIED; + } + + s_logger.error("Error getting object {}, failed with error: {}", OID, Integer.toHexString(response.getSW())); + return MiddlewareStatus.PIV_CONNECTION_FAILURE; + } + + // Populate the response in PIVDataObject + data.setOID(OID); + data.setBytes(response.getData()); + + }catch (SecurityException ex) { + + s_logger.info("Error retrieving data from the card application: {}", ex.getMessage()); + return MiddlewareStatus.PIV_SECURITY_CONDITIONS_NOT_SATISFIED; + } + catch (Exception ex) { + + s_logger.info("Error retrieving data from the card application: {}", ex.getMessage()); + return MiddlewareStatus.PIV_CONNECTION_FAILURE; + } + + return MiddlewareStatus.PIV_OK; + } + + /** + * + * Reses the application security state/status of the PIV Card Application. + * + * @param cardHandle CardHandle object that encapsulates connection to a card + * @return MiddlewareStatus value indicating the result of the function call + */ + @Override + public MiddlewareStatus pivLogoutOfCardApplication(CardHandle cardHandle) { + return null; + } + + /** + * + * @param cardHandle CardHandle object that encapsulates connection to a card + * @param algorithmIdentifier Byte value identifying the cryptographic algorithm to be used for + * the cryptographic operation + * @param keyReference Byte value identifying the on-card key to be used for the + * cryptographic operation. + * @param algorithmInput PIVDataObject object containing sequence of bytes used as the input to the cryptographic + * operation + * @param algorithmOutput PIVDataObject object containing sequence of bytes used as the output to the cryptographic + * * operation + * @return MiddlewareStatus value indicating the result of the function call + */ + @Override + public MiddlewareStatus pivCrypt(CardHandle cardHandle, byte algorithmIdentifier, byte keyReference, + PIVDataObject algorithmInput, PIVDataObject algorithmOutput) { + try { + Card card = cardHandle.getCard(); + if (card == null) + return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; + + CardChannel channel = card.getBasicChannel(); + if(channel == null) + return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; + + byte[] rawAPDU = APDUUtils.PIVGeneralAuthenticateAPDU(keyReference, algorithmIdentifier, algorithmInput.getBytes()); + s_logger.info("GENERAL AUTHENTICATE APDU: {}", Hex.encodeHexString(rawAPDU)); + + + CommandAPDU cmd = new CommandAPDU(rawAPDU); + // Transmit command and get response + m_lastCommandAPDU = cmd; m_lastResponseAPDU = null; + ResponseAPDU response = channel.transmit(cmd); + m_lastResponseAPDU = response; + + s_logger.debug("Response to GENERAL AUTHENTICATE command: {} {}", String.format("0x%02X", response.getSW1()), String.format("0x%02X", response.getSW2())); + + //Check for Successful execution status word + if(response.getSW() != APDUConstants.SUCCESSFUL_EXEC) { + + if(response.getSW() == APDUConstants.SECURITY_STATUS_NOT_SATISFIED){ + s_logger.error("Security condition not satisfied"); + return MiddlewareStatus.PIV_SECURITY_CONDITIONS_NOT_SATISFIED; + } + else if(response.getSW() == APDUConstants.INCORREECT_PARAMETER){ + s_logger.error("Incorrect parameter in command data field"); + return MiddlewareStatus.PIV_UNSUPPORTED_CRYPTOGRAPHIC_MECHANISM; + } + else if(response.getSW() == APDUConstants.FUNCTION_NOT_SUPPORTED){ + s_logger.error("Function not supported"); + return MiddlewareStatus.PIV_FUNCTION_NOT_SUPPORTED; + } + else if(response.getSW() == APDUConstants.INCORREECT_PARAMETER_P2){ + s_logger.error("Invalid key or key algorithm combination"); + return MiddlewareStatus.PIV_INVALID_KEY_OR_KEYALG_COMBINATION; + } + else { + s_logger.error("Error in GENERAL AUTHENTICATE command, failed with error: {}", Integer.toHexString(response.getSW())); + return MiddlewareStatus.PIV_CONNECTION_FAILURE; + } + } + algorithmOutput.setBytes(response.getData()); + cardHandle.setCurrentChannel(channel); + } catch(Exception e) { + s_logger.error("Failed to complete pivCrypt operation for algorithm {} (key {}", + Hex.encodeHexString(new byte[] {algorithmIdentifier}), Hex.encodeHexString(new byte[] {keyReference}), e); + } + return null; + } + + /** + * + * Generates an asymmetric key pair in the currently selected card application. + * + * @param cardHandle CardHandle object that encapsulates connection to a card + * @param keyReference Byte value identifying key reference of the generated key pair + * @param cryptographicMechanism Byte value identifying the type of key pair to be generated + * @param publicKey PIVDataObject object defining the public key of the generated key pair + * @return MiddlewareStatus value indicating the result of the function call + */ + @Override + public MiddlewareStatus pivGenerateKeyPair(CardHandle cardHandle, byte keyReference, byte cryptographicMechanism, PIVDataObject publicKey){ + try { + // Establishing channel + Card card = cardHandle.getCard(); + if (card == null) + return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; + + // Establishing channel + CardChannel channel = card.getBasicChannel(); + + //Construct APDU command using APDUUtils and keyReference, cryptographicMechanism that was passed in. + byte[] rawAPDU = APDUUtils.PIVGenerateKeyPairAPDU(keyReference, cryptographicMechanism, null); + s_logger.info("GENERATE APDU: {}", Hex.encodeHexString(rawAPDU)); + + CommandAPDU cmd = new CommandAPDU(rawAPDU); + + PCSCWrapper pcsc = PCSCWrapper.getInstance(); + // Transmit command and get response + m_lastCommandAPDU = cmd; m_lastResponseAPDU = null; + ResponseAPDU response = pcsc.transmit(channel, cmd); + m_lastResponseAPDU = response; + + s_logger.debug("Response to GENERATE command: {} {}", String.format("0x%02X", response.getSW1()), String.format("0x%02X", response.getSW2())); + + //Check for Successful execution status word + if(response.getSW() != APDUConstants.SUCCESSFUL_EXEC) { + + if(response.getSW() == APDUConstants.SECURITY_STATUS_NOT_SATISFIED){ + s_logger.error("Security condition not satisfied"); + return MiddlewareStatus.PIV_SECURITY_CONDITIONS_NOT_SATISFIED; + } + else if(response.getSW() == APDUConstants.INCORREECT_PARAMETER){ + s_logger.error("Incorrect parameter in command data field"); + return MiddlewareStatus.PIV_UNSUPPORTED_CRYPTOGRAPHIC_MECHANISM; + } + else if(response.getSW() == APDUConstants.FUNCTION_NOT_SUPPORTED){ + s_logger.error("Function not supported"); + return MiddlewareStatus.PIV_FUNCTION_NOT_SUPPORTED; + } + else if(response.getSW() == APDUConstants.INCORREECT_PARAMETER_P2){ + s_logger.error("Invalid key or key algorithm combination"); + return MiddlewareStatus.PIV_INVALID_KEY_OR_KEYALG_COMBINATION; + } + else { + s_logger.error("Error generating key pair, failed with error: {}", Integer.toHexString(response.getSW())); + return MiddlewareStatus.PIV_CONNECTION_FAILURE; + } + } + + // Populated the response in ApplicationProperties + publicKey.setBytes(response.getData()); + cardHandle.setCurrentChannel(channel); + + } + catch (Exception ex) { + + s_logger.error("Error generating key pair: {}", ex.getMessage()); + return MiddlewareStatus.PIV_CONNECTION_FAILURE; + } + s_logger.debug("pivGenerateKeyPair returning {}", MiddlewareStatus.PIV_OK); + return MiddlewareStatus.PIV_OK; + } + + /** + * Establishes secure messaging with the PIV Card Application. + * + * @param cardHandle CardHandle object that encapsulates connection to a card + * @return MiddlewareStatus value indicating the result of the function call + */ + @Override + public MiddlewareStatus pivEstablishSecureMessaging(CardHandle cardHandle) { + s_logger.debug("pivEstablishSecureMessaging()"); + try { + // Establishing channel + Card card = cardHandle.getCard(); + if (card == null) + return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; + + + byte[] dataField = { (byte) 0x7C, 0x05, (byte) 0x81, 0x01, 0x00, (byte) 0x82, 0x00 }; + + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + try { + baos.write(APDUConstants.COMMAND); + baos.write(APDUConstants.SM); + baos.write(APDUConstants.CIPHER_SUITE_1); // Algorithm Reference for algs that support SM. + baos.write(APDUConstants.PIV_SECURE_MESSAGING_KEY); + baos.write(dataField.length); + baos.write(dataField); + baos.write(0x00); //Le + } catch(IOException ioe) { + s_logger.error("Failed to populate SM APDU buffer"); + } + byte[] rawAPDU = baos.toByteArray(); + s_logger.info("SM APDU: {}", Hex.encodeHexString(rawAPDU)); + CardChannel channel = cardHandle.getCurrentChannel(); + CommandAPDU smApdu = new CommandAPDU(rawAPDU); + ResponseAPDU resp = null; + try { + PCSCWrapper pcsc = PCSCWrapper.getInstance(); + m_lastCommandAPDU = smApdu; m_lastResponseAPDU = null; + resp = pcsc.transmit(channel, smApdu); + m_lastResponseAPDU = resp; + } catch (CardException e) { + s_logger.error("Failed to transmit SM APDU to card", e); + return MiddlewareStatus.PIV_CARD_READER_ERROR; + } + if(resp.getSW() == 0x9000) { + cardHandle.setCurrentChannel(channel); + s_logger.info("Successfully established secure messaging"); + } else { + s_logger.error("Error establishing secure messaging: {}", Hex.encodeHexString(resp.getBytes())); + return MiddlewareStatus.PIV_SM_FAILED; + } + + } + catch (Exception ex) { + + s_logger.error("Error establishing secure messaging: {}", ex.getMessage()); + return MiddlewareStatus.PIV_CARD_READER_ERROR; + } + s_logger.debug("pivSelectCardApplication returning {}", MiddlewareStatus.PIV_OK); + return MiddlewareStatus.PIV_OK; + } + + /** + * Replaces the entire data content of the data object specified by the OID parameter with the provided data. + * + * @param cardHandle CardHandle object that encapsulates connection to a card + * @param OID String containing OID value identifying data object + * @param data PIVDataObject object containing data that will be written to the card + * @return MiddlewareStatus value indicating the result of the function call + */ + @Override + public MiddlewareStatus pivPutData(CardHandle cardHandle, String OID, PIVDataObject data) { + + s_logger.debug("pivPutData()"); + try { + // Establishing channel + Card card = cardHandle.getCard(); + if (card == null) + return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; + + if (OID == null) + return MiddlewareStatus.PIV_INVALID_OID; + + + + ByteArrayOutputStream baosDataField = new ByteArrayOutputStream(); + if(data.getOID().equals(APDUConstants.DISCOVERY_OBJECT_OID) || data.getOID().equals(APDUConstants.BIOMETRIC_INFORMATION_TEMPLATES_GROUP_TEMPLATE_OID)){ + + baosDataField.write(data.getBytes()); + } + else { + baosDataField.write(TagConstants.TAG_LIST); + baosDataField.write(APDUConstants.oidMAP.get(OID).length); + baosDataField.write(APDUConstants.oidMAP.get(OID)); + baosDataField.write(data.getBytes()); + } + + s_logger.debug("dataField: {}", Hex.encodeHexString(baosDataField.toByteArray())); + + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + try { + baos.write(APDUConstants.COMMAND); + baos.write(APDUConstants.INS_DB); + baos.write(APDUConstants.P1_3F); + baos.write(APDUConstants.P2_FF); + baos.write(baosDataField.toByteArray().length); + baos.write(baosDataField.toByteArray()); + } catch(IOException ioe) { + s_logger.error("Failed to populate PUT DATA APDU buffer"); + } + byte[] rawAPDU = baos.toByteArray(); + s_logger.info("PUT DATA APDU: {}", Hex.encodeHexString(rawAPDU)); + CardChannel channel = cardHandle.getCurrentChannel(); + CommandAPDU smApdu = new CommandAPDU(rawAPDU); + ResponseAPDU resp = null; + try { + PCSCWrapper pcsc = PCSCWrapper.getInstance(); + m_lastCommandAPDU = smApdu; m_lastResponseAPDU = null; + resp = pcsc.transmit(channel, smApdu); + m_lastResponseAPDU = resp; + } catch (CardException e) { + s_logger.error("Failed to transmit PUT DATA APDU to card", e); + return MiddlewareStatus.PIV_CARD_READER_ERROR; + } + if(resp.getSW() == 0x9000) { + cardHandle.setCurrentChannel(channel); + s_logger.info("Successfully wrote data object to the card."); + } else if(resp.getSW() == 0x6A82){ + s_logger.error("Failed to write object to the card, security condition not satisfied: {}", Hex.encodeHexString(resp.getBytes())); + return MiddlewareStatus.PIV_SECURITY_CONDITIONS_NOT_SATISFIED; + } else if(resp.getSW() == 0x6A81){ + s_logger.error("Failed to write object to the card, function is not supported: {}", Hex.encodeHexString(resp.getBytes())); + return MiddlewareStatus.PIV_FUNCTION_NOT_SUPPORTED; + } else if(resp.getSW() == 0x6A84){ + s_logger.error("Failed to write object to the card, not enough memory: {}", Hex.encodeHexString(resp.getBytes())); + return MiddlewareStatus.PIV_INSUFFICIENT_CARD_RESOURCE; + } else { + s_logger.error("Failed to write object to the card: {}", Hex.encodeHexString(resp.getBytes())); + return MiddlewareStatus.PIV_CARD_READER_ERROR; + } + + } + catch (Exception ex) { + + s_logger.error("Error writing data object to the card: {}", ex.getMessage()); + return MiddlewareStatus.PIV_CARD_READER_ERROR; + } + s_logger.debug("pivPutData returning {}", MiddlewareStatus.PIV_OK); + return MiddlewareStatus.PIV_OK; + } + + public byte[] getLastCommandAPDUBytes() + { + byte[] apduBytes = null; + if(m_lastCommandAPDU == null) { + s_logger.error("getLastCommandAPDUBytes() called without any command APDU having been sent."); + return apduBytes; + } + apduBytes = m_lastCommandAPDU.getBytes(); + return apduBytes; + } + + public byte[] getLastResponseAPDUBytes() + { + byte[] apduBytes = null; + if(m_lastResponseAPDU == null) { + s_logger.error("getLastResponseAPDUBytes() called without any command APDU having been sent."); + return apduBytes; + } + apduBytes = m_lastResponseAPDU.getBytes(); + return apduBytes; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/Algorithm.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/Algorithm.java similarity index 90% rename from cardlib/src/main/java/gov/gsa/pivconformance/card/client/Algorithm.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/Algorithm.java index 488b94fd..3d0d3e3d 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/Algorithm.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/Algorithm.java @@ -1,74 +1,73 @@ -/** - * - */ -package gov.gsa.pivconformance.card.client; - -import java.util.HashMap; -import java.util.Iterator; - -import org.bouncycastle.asn1.x509.AlgorithmIdentifier; -import org.bouncycastle.cms.CMSSignedData; - -/** - * - * Helpers for converting algorithm OIDs to standard names used in PIV - * - */ -public class Algorithm { - - public static final HashMap sigAlgOidToNameMap = new HashMap() { - /** - * Signature - */ - private static final long serialVersionUID = 1L; - - { - put("1.2.840.113549.1.1.1O", "SHA526withRSA"); // RSA-PKCS1.5 with SHA-256 and PSS padding - put("1.2.840.113549.1.1.11", "RSASSA-PSS"); // RSA-PSS with SHA256 - put("1.2.840.10045.4.3.2", "SHA256withECDSA"); // SHA-256 with ECDSA - put("1.2.840.10045.4.3.3", "SHA384withECDSA"); // SHA-384 with ECDSA - } - }; - - public static final HashMap digAlgOidToNameMap = new HashMap() { - /** - * Digest - */ - private static final long serialVersionUID = 1L; - - { - put("2.16.840.1.101.3.4.2.1", "SHA256"); - put("2.16.840.1.101.3.4.2.2", "SHA384"); - } - }; - public static final HashMap encAlgOidToNameMap = new HashMap() { - /** - * Encryption - */ - private static final long serialVersionUID = 1L; - - { - put("1.2.840.113549.1.1.1", "RSA"); - put("1.2.840.10045.2.1", "ECDSA"); - } - }; - - /** - * Indicates whether this signature block contains only digest algorithms in - * Table 3-2 of SP 800-78-4 - * - * @param asymmetricSignature the signature to be checked - * @return true if the digest is in Table 3-2 and false if not - */ - - public static boolean isDigestAlgInTable32(CMSSignedData asymmetricSignature) { - Iterator ih = asymmetricSignature.getDigestAlgorithmIDs().iterator(); - while (ih.hasNext()) { - AlgorithmIdentifier ai = ih.next(); - String digAlgOid = ai.getAlgorithm().getId(); - if (!Algorithm.digAlgOidToNameMap.containsKey(digAlgOid)) - return false; - } - return true; - } -} +/** + * + */ +package gov.gsa.pivconformance.cardlib.card.client; + +import java.util.HashMap; +import java.util.Iterator; + +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.cms.CMSSignedData; + +/** + * + * Helpers for converting algorithm OIDs to standard names used in PIV + * + */ +public class Algorithm { + + public static final HashMap sigAlgOidToNameMap = new HashMap() { + /** + * Signature + */ + private static final long serialVersionUID = 1L; + + { + put("1.2.840.113549.1.1.1O", "SHA526withRSA"); // RSA-PKCS1.5 with SHA-256 and PSS padding + put("1.2.840.113549.1.1.11", "RSASSA-PSS"); // RSA-PSS with SHA256 + put("1.2.840.10045.4.3.2", "SHA256withECDSA"); // SHA-256 with ECDSA + put("1.2.840.10045.4.3.3", "SHA384withECDSA"); // SHA-384 with ECDSA + } + }; + + public static final HashMap digAlgOidToNameMap = new HashMap() { + /** + * Digest + */ + private static final long serialVersionUID = 1L; + + { + put("2.16.840.1.101.3.4.2.1", "SHA256"); + put("2.16.840.1.101.3.4.2.2", "SHA384"); + } + }; + public static final HashMap encAlgOidToNameMap = new HashMap() { + /** + * Encryption + */ + private static final long serialVersionUID = 1L; + + { + put("1.2.840.113549.1.1.1", "RSA"); + put("1.2.840.10045.2.1", "ECDSA"); + } + }; + + /** + * Indicates whether this signature block contains only digest algorithms in Table 3-2 of + * SP 800-78-4 + * @param asymmetricSignature the signature to be checked + * @return true if the digest is in Table 3-2 and false if not + */ + + public static boolean isDigestAlgInTable32(CMSSignedData asymmetricSignature) { + Iterator ih = asymmetricSignature.getDigestAlgorithmIDs().iterator(); + while (ih.hasNext()) { + AlgorithmIdentifier ai = ih.next(); + String digAlgOid = ai.getAlgorithm().getId(); + if (!Algorithm.digAlgOidToNameMap.containsKey(digAlgOid)) + return false; + } + return true; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ApplicationAID.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ApplicationAID.java new file mode 100644 index 00000000..2651d7e3 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ApplicationAID.java @@ -0,0 +1,49 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Encapsulates a PIV application identifier + */ +public class ApplicationAID { + private static final Logger s_logger = LoggerFactory.getLogger(ApplicationAID.class); + + /** + * ApplicationAID class constructor, initializes all the class fields. + */ + public ApplicationAID() { + m_appIDBytes = null; + } + + /** + * + * ApplicationAID class constructor, sets the app ID value bassed on the passed in buffer + * + * @param appIDBytes + */ + public ApplicationAID(byte[] appIDBytes) { + m_appIDBytes = appIDBytes; + } + + + private byte[] m_appIDBytes; + + /** + * + * Sets the app id value + * + * @param appIDBytes Byte array with app id value + */ + public void setBytes(byte[] appIDBytes) { + m_appIDBytes = appIDBytes; + } + + /** + * + * Returns app id value + * + * @return Byte array with app id value + */ + public byte[] getBytes() { return m_appIDBytes; } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ApplicationProperties.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ApplicationProperties.java new file mode 100644 index 00000000..1ddf56d6 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ApplicationProperties.java @@ -0,0 +1,163 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import gov.gsa.pivconformance.cardlib.tlv.*; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.util.ArrayList; +import java.util.List; + +/** + * Encapsulates the application properties record for a PIV application, as described in SP800-73-4 part 2, table 3 + */ +public class ApplicationProperties { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(ApplicationProperties.class); + + private byte[] m_appPropertiesBytes; + private String m_url; + private String m_appLabel; + private List m_cryptoAlgs; + private byte[] m_coexistentTagAllocationAuthority; + private byte[] m_appID; + + /** + * ApplicationAID class constructor, initializes all the class fields. + */ + public ApplicationProperties() { + + m_appPropertiesBytes = null; + m_url = ""; + m_appLabel = ""; + m_cryptoAlgs = null; + m_cryptoAlgs = null; + m_coexistentTagAllocationAuthority = null; + m_appID = null; + } + + /** + * + * Sets the application properties value based on passed in parameter + * + * @param appPropertiesBytes Byte array with application properties value + */ + public void setBytes(byte[] appPropertiesBytes) { + + m_appPropertiesBytes = appPropertiesBytes; + + try + { + BerTlvParser parser = new BerTlvParser(); + BerTlvs tlvs = parser.parse(appPropertiesBytes, 0, appPropertiesBytes.length); + + + BerTag berAIDTag = new BerTag(TagConstants.AID_TAG); + BerTag berAppLabelTag = new BerTag(TagConstants.APPLICATION_LABEL); + BerTag berURLTag = new BerTag(TagConstants.UNIFORM_RESOURCE_LOCATOR); + BerTag berCryptAlgsTag = new BerTag(TagConstants.CRYPTOGRAPHIC_ALGORITHMS); + BerTag berCoexistentTagAllocationAuthorityTag = new BerTag(TagConstants.COEXISTENT_TAG_ALLOCATION_AUTHORITY); + + BerTlv aidTlv = tlvs.find(berAIDTag); + BerTlv appLabelTlv = tlvs.find(berAppLabelTag); + BerTlv urlTlv = tlvs.find(berURLTag); + BerTlv CryptAlgsTlv = tlvs.find(berCryptAlgsTag); + BerTlv CoexistentTagAllocationAuthorityTlv = tlvs.find(berCoexistentTagAllocationAuthorityTag); + + if(aidTlv != null){ + m_appID = aidTlv.getBytesValue(); + } + + if(appLabelTlv != null){ + m_appLabel = new String(appLabelTlv.getBytesValue()); + } + + if(urlTlv != null){ + m_url = new String(urlTlv.getBytesValue()); + } + + if(CryptAlgsTlv != null){ + + m_cryptoAlgs = new ArrayList<>(); + List berTlvsList = CryptAlgsTlv.getValues(); + for(BerTlv tlv : berTlvsList) { + BerTag tag = tlv.getTag(); + m_cryptoAlgs.add(tag.bytes); + } + } + + if(CoexistentTagAllocationAuthorityTlv != null){ + List berTlvsList = CoexistentTagAllocationAuthorityTlv.getValues(); + for(BerTlv tlv : berTlvsList) { + if(tlv.isPrimitive() && tlv.isTag(berAIDTag)) { + m_coexistentTagAllocationAuthority = tlv.getBytesValue(); + } + } + } + + }catch (Exception ex) { + + s_logger.error("Unable to parse application properties data structure: {}", ex.getMessage(), ex); + } + } + + /** + * + * Returns a byte array with application properties value + * + * @return Byte array with application properties value + */ + public byte[] getBytes() { + return m_appPropertiesBytes; + } + + /** + * + * Returns application URL value + * + * @return String with application URL + */ + public String getURL() { + return m_url; + } + + /** + * + * Returns application label value + * + * @return String with application label + */ + public String getAppLabel() { + return m_appLabel; + } + + /** + * + * Returns list of cryptographic algorithms + * + * @return List of cryptographic algorithms + */ + public List getCryptoAlgs() { + return m_cryptoAlgs; + } + + /** + * + * Returns coexistent tag allocation authority + * + * @return Byte array with coexistent tag allocation authority + */ + public byte[] getCoexistentTagAllocationAuthority() { + return m_coexistentTagAllocationAuthority; + } + + /** + * + * Returns Application ID + * + * @return Byte array with Application ID + */ + public byte[] getAppID() { + return m_appID; + } + +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ArtifactWriter.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ArtifactWriter.java new file mode 100644 index 00000000..d3bb8b98 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ArtifactWriter.java @@ -0,0 +1,123 @@ +/** + * + */ +package gov.gsa.pivconformance.cardlib.card.client; + +import java.io.File; +import java.io.FileOutputStream; +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.Paths; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; +import java.util.Set; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Manages the local artifact cache to minimize disk I/O + * + */ + +public class ArtifactWriter { + private static final Logger s_logger = LoggerFactory.getLogger(ArtifactWriter.class); + private static final String m_artifactDir = Paths.get(".").toAbsolutePath().normalize().toString(); + static HashMap> m_artifactCache = new HashMap>(); + + public ArtifactWriter(String subDir) { + init(subDir); + } + + void init(String artifactSubDir) { + String sep = File.separator; + String cwd = m_artifactDir; + String artifactPath = null; + + artifactPath = cwd + sep + artifactSubDir; + + if (!Files.exists(Paths.get(artifactPath))) { + File file = new File(artifactPath); + boolean exists = file.mkdir(); + if (exists){ + s_logger.debug("Artifact subdirectory " + artifactSubDir + " created successfully"); + } else{ + System.out.println("Couldn’t create directory " + artifactSubDir); + } + } + + if (m_artifactCache.get(artifactSubDir) == null) + m_artifactCache.put(artifactSubDir, new ArrayList()); + } + + /** + * Exports a container + * + * @param containerName + * @param bytes + * @return + */ + + public boolean saveObject(String artifactSubDir, String containerName, byte[] bytes) { + boolean result = false; + String filePath = m_artifactDir + File.separator + artifactSubDir + File.separator + containerName; + if (!m_artifactCache.containsKey(artifactSubDir)) + init(artifactSubDir); + + if (!m_artifactCache.get(artifactSubDir).contains(filePath)) { + try { + FileOutputStream fos = new FileOutputStream(filePath); + fos.write(bytes); + fos.flush(); + fos.close(); + s_logger.debug("Wrote " + filePath); + m_artifactCache.get(artifactSubDir).add(filePath); + result = true; + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } else { + result = true; + } + return result; + } + + /** + * Prepends artifact file names with a time stamp + * @param timeStamp time stamp to prepend + */ + + public static boolean prependNames(String timeStamp) { + boolean result = false; + Iterator it = m_artifactCache.entrySet().iterator(); + while (it.hasNext()) { + @SuppressWarnings("rawtypes") + Map.Entry mapElement = (Map.Entry)it.next(); + @SuppressWarnings("unchecked") + ArrayList pathList = (ArrayList) mapElement.getValue(); + for (String p : pathList) { + int index = p.lastIndexOf(File.separator) + 1; + String baseName = p.substring(index); + String newBaseName = timeStamp + "-" + baseName; + File f = new File(p); + File g = new File(m_artifactDir + File.separator + (String) mapElement.getKey() + File.separator + newBaseName); + try { + result = f.renameTo(g); + } catch (Exception e) { + e.printStackTrace(); + } + } + } + + return result; + } + + public static void clean() { + m_artifactCache = new HashMap>(); + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/BiometricInformationTemplatesGroupTemplate.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/BiometricInformationTemplatesGroupTemplate.java new file mode 100644 index 00000000..80a9dea3 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/BiometricInformationTemplatesGroupTemplate.java @@ -0,0 +1,145 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import gov.gsa.pivconformance.cardlib.tlv.*; +import org.apache.commons.codec.binary.Hex; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.util.Arrays; + +/** + * + * Encapsulates a Biometric Information Templates Group Template data object as defined by SP800-73-4 Part 2 Appendix A Table 41 + * + */ +public class BiometricInformationTemplatesGroupTemplate extends PIVDataObject { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(BiometricInformationTemplatesGroupTemplate.class); + + private byte[] m_numberOfFingers; + private byte[] m_bITForFirstFinger; + private byte[] m_bITForSecondFinger; + + + /** + * BiometricInformationTemplatesGroupTemplate class constructor, initializes all the class fields. + */ + public BiometricInformationTemplatesGroupTemplate() { + m_numberOfFingers = null; + m_bITForFirstFinger = null; + m_bITForSecondFinger = null; + } + + /** + * + * Returns byte array containing number of fingers information + * + * @return Byte array containing number of fingers information + */ + public byte[] getNumberOfFingers() { + return m_numberOfFingers; + } + + /** + * + * Sets the number of fingers information + * + * @param numberOfFingers Byte array containing number of fingers information + */ + public void setNumberOfFingers(byte[] numberOfFingers) { + m_numberOfFingers = numberOfFingers; + } + + /** + * + * Returns the BIT information for the first finger + * + * @return Byte array containing BIT information for the first finger + */ + public byte[] getbITForFirstFinger() { + return m_bITForFirstFinger; + } + + /** + * + * Sets the BIT information for the first finger + * + * @param bITForFirstFinger Byte array containing BIT information for the first finger + */ + public void setbITForFirstFinger(byte[] bITForFirstFinger) { + m_bITForFirstFinger = bITForFirstFinger; + } + + /** + * + * Returns the BIT information for the second finger + * + * @return Byte array containing BIT information for the second finger + */ + public byte[] getbITForSecondFinger() { + return m_bITForSecondFinger; + } + + /** + * + * Sets the BIT information for the second finger + * + * @param bITForSecondFinger Byte array containing BIT information for the second finger + */ + public void setbITForSecondFinger(byte[] bITForSecondFinger) { + m_bITForSecondFinger = bITForSecondFinger; + } + + /** + * + * Decode function that decodes Biometric Information Templates Group Template object retrieved from the card and populates various class fields. + * + * @return True if decode was successful, false otherwise + */ + @Override + public boolean decode() { + + try{ + byte[] rawBytes = this.getBytes(); + + if(rawBytes == null){ + s_logger.error("No buffer to decode for {}.", APDUConstants.oidNameMap.get(super.getOID())); + return false; + } + + BerTlvParser tlvp = new BerTlvParser(new CCTTlvLogger(this.getClass())); + BerTlv outer = tlvp.parseConstructed(rawBytes); + + if(outer == null){ + s_logger.error("Error parsing {}, unable to parse TLV value.", APDUConstants.oidNameMap.get(super.getOID())); + return false; + } + + for(BerTlv tlv : outer.getValues()) { + byte[] tag = tlv.getTag().bytes; + if(Arrays.equals(tag, TagConstants.NUMBER_OF_FINGERS_TAG)) { + m_numberOfFingers = tlv.getBytesValue(); + } else if(Arrays.equals(tag, TagConstants.BIT_FOR_FIRST_FINGER_TAG)) { + + if(m_bITForFirstFinger == null) + m_bITForFirstFinger = tlv.getBytesValue(); + else + m_bITForSecondFinger = tlv.getBytesValue(); + + } else { + s_logger.warn("Unexpected tag: {} with value: {}", Hex.encodeHexString(tlv.getTag().bytes), Hex.encodeHexString(tlv.getBytesValue())); + } + } + }catch (Exception ex) { + + s_logger.error("Error parsing {}: {}", APDUConstants.oidNameMap.get(super.getOID()), ex.getMessage()); + } + + if(m_numberOfFingers == null || m_bITForFirstFinger == null) + return false; + + dump(this.getClass()) +; + return true; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CachingDefaultPIVApplication.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CachingDefaultPIVApplication.java new file mode 100644 index 00000000..3507a95a --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CachingDefaultPIVApplication.java @@ -0,0 +1,36 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import java.util.HashMap; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class CachingDefaultPIVApplication extends DefaultPIVApplication { + private static final Logger s_logger = LoggerFactory.getLogger(CachingDefaultPIVApplication.class); + + static HashMap m_containerMap = new HashMap(); + + // Cache the buffers coming back from pivGetData to minimize churn + @Override + public MiddlewareStatus pivGetData(CardHandle cardHandle, String OID, PIVDataObject data) { + MiddlewareStatus result = MiddlewareStatus.PIV_OK; + byte[] dataBytes = m_containerMap.get(OID); + if(dataBytes == null) { + result = super.pivGetData(cardHandle, OID, data); + if(result == MiddlewareStatus.PIV_OK) { + m_containerMap.put(OID, data.getBytes()); + } + } else { + data.setOID(OID); + data.setBytes(dataBytes); + } + return result; + } + + /** + * Clear cache + */ + public void clearCache() { + m_containerMap.clear(); + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CardCapabilityContainer.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CardCapabilityContainer.java new file mode 100644 index 00000000..0eb22519 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CardCapabilityContainer.java @@ -0,0 +1,407 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import gov.gsa.pivconformance.cardlib.tlv.*; +import org.apache.commons.codec.binary.Hex; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.ByteArrayOutputStream; +import java.util.ArrayList; +import java.util.List; +import java.util.Arrays; +import java.util.HashMap; + +/** + * + * Encapsulates a Card Capability Container data object as defined by SP800-73-4 Part 2 Appendix A Table 8 + * + */ +public class CardCapabilityContainer extends PIVDataObject { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(CardCapabilityContainer.class); + + private byte[] m_cardIdentifier; + private byte[] m_capabilityContainerVersionNumber; + private byte[] m_capabilityGrammarVersionNumber; + private List m_appCardURL; + private byte[] m_pkcs15; + private byte[] m_registeredDataModelNumber; + private byte[] m_accessControlRuleTable; + private boolean m_cardAPDUs; + private boolean m_redirectionTag; + private boolean m_capabilityTuples; + private boolean m_statusTuples; + private boolean m_nextCCC; + private List m_extendedApplicationCardURL; + private byte[] m_securityObjectBuffer; + private byte[] m_signedContent; + //private HashMap m_content; + + + /** + * CardCapabilityContainer class constructor, initializes all the class fields. + */ + public CardCapabilityContainer() { + + m_cardIdentifier = null; + m_capabilityContainerVersionNumber = null; + m_capabilityGrammarVersionNumber = null; + m_appCardURL = null; + m_pkcs15 = null; + m_registeredDataModelNumber = null; + m_accessControlRuleTable = null; + m_cardAPDUs = false; + m_redirectionTag = false; + m_capabilityTuples = false; + m_statusTuples = false; + m_nextCCC = false; + m_extendedApplicationCardURL = null; + m_securityObjectBuffer = null; + setErrorDetectionCode(false); + setErrorDetectionCodeHasData(false); + m_content = new HashMap(); + } + + /** + * + * Returns byte array with signed content buffer + * + * @return Byte array with signed content buffer + */ + public byte[] getSignedContent() { + return m_signedContent; + } + + /** + * + * Sets the signed content buffer + * + * @param signedContent Byte array with signed content buffer + */ + public void setSignedContent(byte[] signedContent) { + m_signedContent = signedContent; + } + + /** + * + * Returns card identifier + * + * @return Byte array containing card identifier + */ + public byte[] getCardIdentifier() { + + return m_cardIdentifier; + } + + /** + * + * Returns capability container version number + * + * @return Byte array containing capability container version number + */ + public byte[] getCapabilityContainerVersionNumber() { + + return m_capabilityContainerVersionNumber; + } + + /** + * + * Returns capability grammar version number + * + * @return Byte array containing capability grammar version number + */ + public byte[] getCapabilityGrammarVersionNumber() { + + return m_capabilityGrammarVersionNumber; + } + + /** + * + * Returns a list of application card urls + * + * @return List of application card urls + */ + public List getAppCardURL() { + + return m_appCardURL; + } + + /** + * + * Returns PKCS15 value + * + * @return Byte array containing PKCS15 value + */ + public byte[] getPkcs15() { + + return m_pkcs15; + } + + /** + * + * Returns Registered Data Model number value + * + * @return Byte array containing Registered Data Model number + */ + public byte[] getRegisteredDataModelNumber() { + + return m_registeredDataModelNumber; + } + + /** + * + * Returns Access Control Rule Table value + * + * @return Byte array containing Access Control Rule Table value + */ + public byte[] getAccessControlRuleTable() { + + return m_accessControlRuleTable; + } + + /** + * + * Returns Card APDUs value + * + * @return Byte array containing Card APDUs value + */ + public boolean getCardAPDUs() { + + return m_cardAPDUs; + } + + /** + * + * Returns Redirection Tag value + * + * @return Byte array containing Redirection Tag value + */ + public boolean getRedirectionTag() { + + return m_redirectionTag; + } + + /** + * + * Returns Capability Tuples value + * + * @return Byte array containing Capability Tuples value + */ + public boolean getCapabilityTuples() { + + return m_capabilityTuples; + } + + /** + * + * Returns Status Tuples value + * + * @return Byte array containing Status Tuples value + */ + public boolean getStatusTuples() { + + return m_statusTuples; + } + + /** + * + * Returns Next CCC value + * + * @return Byte array containing Next CCC value + */ + public boolean getNextCCC() { + + return m_nextCCC; + } + + /** + * + * Returns a list of if Extended Application CardURL + * + * @return List of if Extended Application CardURL + */ + public List getExtendedApplicationCardURL() { + + return m_extendedApplicationCardURL; + } + + /** + * + * Returns Security Object Buffer value + * + * @return Byte array containing Security Object Buffer + */ + public byte[] getSecurityObjectBuffer() { + + return m_securityObjectBuffer; + } + + + /** + * + * Decode function that decodes Card Capability Container object retrieved from the card and populates various class fields. + * + * @return True if decode was successful, false otherwise + */ + @Override + public boolean decode() { + + try{ + byte [] raw = super.getBytes(); + + if(raw == null){ + s_logger.error("No buffer to decode for {}.", APDUConstants.oidNameMap.get(super.getOID())); + return false; + } + + BerTlvParser tp = new BerTlvParser(new CCTTlvLogger(CardCapabilityContainer.class)); + BerTlvs outer = tp.parse(raw); + + if(outer == null){ + s_logger.error("Error parsing CCC container, unable to parse TLV value 1."); + return false; + } + + List values = outer.getList(); + for(BerTlv tlv : values) { + if(tlv.isPrimitive()) { + s_logger.trace("Tag {}: {}", Hex.encodeHexString(tlv.getTag().bytes), Hex.encodeHexString(tlv.getBytesValue())); + + BerTlvs outer2 = tp.parse(tlv.getBytesValue()); + + if(outer2 == null){ + s_logger.error("Error parsing CCC, unable to parse TLV value 2."); + return false; + } + + ByteArrayOutputStream scos = new ByteArrayOutputStream(); + List values2 = outer2.getList(); + for(BerTlv tlv2 : values2) { + if(tlv2.isPrimitive()) { + s_logger.trace("Tag {}: {}", Hex.encodeHexString(tlv2.getTag().bytes), Hex.encodeHexString(tlv2.getBytesValue())); + } else { + super.m_tagList.add(tlv2.getTag()); + if(Arrays.equals(tlv2.getTag().bytes,TagConstants.CARD_IDENTIFIER_TAG)) { + if (tlv2.hasRawValue()) { + m_cardIdentifier = tlv2.getBytesValue(); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.CARD_IDENTIFIER_TAG, m_cardIdentifier)); + } + } + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.CAPABILITY_CONTAINER_VERSION_NUMBER_TAG)) { + if (tlv2.hasRawValue()) { + m_capabilityContainerVersionNumber = tlv2.getBytesValue(); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.CAPABILITY_CONTAINER_VERSION_NUMBER_TAG, m_capabilityContainerVersionNumber)); + } + } + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.CAPABILITY_GRAMMAR_VERSION_NUMBER_TAG)) { + if (tlv2.hasRawValue()) { + m_capabilityGrammarVersionNumber = tlv2.getBytesValue(); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.CAPABILITY_GRAMMAR_VERSION_NUMBER_TAG, m_capabilityContainerVersionNumber)); + } + } + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.APPLICATIONS_CARDURL_TAG)) { + if (tlv2.hasRawValue()) { + + if(m_appCardURL == null) + m_appCardURL = new ArrayList<>(); + m_appCardURL.add(tlv2.getBytesValue()); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.APPLICATIONS_CARDURL_TAG, tlv2.getBytesValue())); + } + } + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.PKCS15_TAG)) { + if (tlv2.hasRawValue()) { + m_pkcs15 = tlv2.getBytesValue(); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.PKCS15_TAG, m_pkcs15)); + } + } + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.REGISTERED_DATA_MODEL_NUMBER_TAG)) { + if (tlv2.hasRawValue()) { + m_registeredDataModelNumber = tlv2.getBytesValue(); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.REGISTERED_DATA_MODEL_NUMBER_TAG, m_registeredDataModelNumber)); + } + } + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.ACCESS_CONTROL_RULE_TABLE_TAG)) { + if (tlv2.hasRawValue()) { + m_accessControlRuleTable = tlv2.getBytesValue(); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.ACCESS_CONTROL_RULE_TABLE_TAG, m_accessControlRuleTable)); + } + } + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.CARD_APDUS_TAG)) { + m_cardAPDUs = true; + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.CARD_APDUS_TAG, tlv2.getBytesValue())); + } + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.REDIRECTION_TAG_TAG)) { + m_redirectionTag = true; + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.REDIRECTION_TAG_TAG, tlv2.getBytesValue())); + + } + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.CAPABILITY_TUPLES_TAG)) { + m_capabilityTuples = true; + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.CAPABILITY_TUPLES_TAG, tlv2.getBytesValue())); + } + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.STATUS_TUPLES_TAG)) { + m_statusTuples = true; + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.STATUS_TUPLES_TAG, tlv2.getBytesValue())); + } + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.NEXT_CCC_TAG)) { + m_nextCCC = true; + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.NEXT_CCC_TAG, tlv2.getBytesValue())); + } + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.EXTENDED_APPLICATION_CARDURL_TAG)) { + if(m_extendedApplicationCardURL == null) + m_extendedApplicationCardURL = new ArrayList<>(); + m_extendedApplicationCardURL.add(tlv2.getBytesValue()); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.EXTENDED_APPLICATION_CARDURL_TAG, tlv2.getBytesValue())); + } + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.SECURITY_OBJECT_BUFFER_TAG)) { + m_securityObjectBuffer = tlv2.getBytesValue(); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.SECURITY_OBJECT_BUFFER_TAG, tlv2.getBytesValue())); + } + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.ERROR_DETECTION_CODE_TAG)) { + setErrorDetectionCode(true); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(TagConstants.ERROR_DETECTION_CODE_TAG); + scos.write((byte) 0x00); + } + } + } + + + m_signedContent = scos.toByteArray(); + + } else { + s_logger.info("Object: {}", Hex.encodeHexString(tlv.getTag().bytes)); + } + } + } catch (Exception ex) { + + s_logger.error("Error parsing CCC: {}", ex.getMessage()); + return false; + } + + if (m_cardIdentifier == null || m_capabilityContainerVersionNumber == null || + m_capabilityGrammarVersionNumber == null || m_appCardURL == null || m_pkcs15 == null || + m_registeredDataModelNumber == null || m_accessControlRuleTable == null || m_cardAPDUs == false || + m_redirectionTag == false || m_capabilityTuples == false || m_statusTuples == false || + m_nextCCC == false) { + return false; + } + + dump(this.getClass()); + return true; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CardClientException.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CardClientException.java new file mode 100644 index 00000000..0e5e3a47 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CardClientException.java @@ -0,0 +1,52 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +/** + * A class for card-related exceptions + */ +public class CardClientException extends Exception { + + /** + * + */ + private static final long serialVersionUID = 1L; + + /** + * + * Default constructor for CardClientException class + * + */ + public CardClientException() { + super(); + } + + /** + * + * Constructor for CardClientException class that takes a string with exception message + * + * @param message String with the exception message + */ + public CardClientException(String message) { + super(message); + } + + /** + * + * Constructor for CardClientException class that takes a string with exception message and a Throwable cause + * + * @param message String with the exception message + * @param cause Throwable cause + */ + public CardClientException(String message, Throwable cause) { + super(message, cause); + } + + /** + * + * Constructor for CardClientException class that takes a Throwable cause + * + * @param cause Throwable cause + */ + public CardClientException(Throwable cause) { + super(cause); + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CardHandle.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CardHandle.java new file mode 100644 index 00000000..a9032e05 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CardHandle.java @@ -0,0 +1,114 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import javax.smartcardio.Card; +import javax.smartcardio.CardChannel; + +/** + * A class that serves the function of the handle objects passed around that encapsulate a connection to a card + * in SP800-73 + */ +public class CardHandle { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(CardHandle.class); + + /** + * + * Get the connection description object associated with this card handle + * + * @return ConnectionDescription that includes as CardTerminal object used to access the reader + */ + public ConnectionDescription getConnectionDescription() { + return m_connectionDescription; + } + + /** + * + * Set the connection description object that will be used by the card handle + * + * @param connectionDescription Connection description object + */ + public void setConnectionDescription(ConnectionDescription connectionDescription) { + m_connectionDescription = connectionDescription; + } + + /** + * + * Set the Card object that will be used by the card handle + * + * @param card Card object + */ + public void setCard(Card card) { + m_card = card; + } + + /** + * + * Get the Card object associated with this card handle + * + * @return Card object + */ + public Card getCard() { + return m_card; + } + + /** + * Initialize an invalid card handle object + */ + public CardHandle() { + m_connectionDescription = null; + m_card = null; + m_currentChannel = null; + m_valid = false; + } + + /** + * + * Get the current card channel + * + * @return CardChannel object + */ + public CardChannel getCurrentChannel() { + return m_currentChannel; + } + + /** + * + * Sets the current card channel + * + * @param currentChannel CardChannel object + */ + public void setCurrentChannel(CardChannel currentChannel) { + m_currentChannel = currentChannel; + } + + /** + * + * Returns trues if card handle is valid for accessing a PIV card + * + * @return true if the handle is valid for accessing a PIV card + */ + public boolean isValid() { + return m_valid; + } + + /** + * + * Sets the value that indicates the status of the card handle object + * + * sets the boolen value that indicates the status of card handle object + * @param valid + */ + public void setValid(boolean valid) { + m_valid = valid; + } + + private ConnectionDescription m_connectionDescription; + private boolean m_valid = false; + private Card m_card; + + + private CardChannel m_currentChannel; + +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CardHolderBiometricData.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CardHolderBiometricData.java new file mode 100644 index 00000000..a1ef01ca --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CardHolderBiometricData.java @@ -0,0 +1,426 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import gov.gsa.pivconformance.cardlib.tlv.*; +import org.apache.commons.codec.binary.Hex; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.util.Arrays; +import java.util.Collection; +import java.util.HashMap; +import java.util.List; +import java.util.Iterator; +import java.nio.ByteBuffer; +import java.security.cert.X509Certificate; + +import org.bouncycastle.util.Store; + +import org.bouncycastle.cms.SignerInformationStore; +import org.bouncycastle.cms.SignerInformation; +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.cms.ContentInfo; +import org.bouncycastle.cms.CMSSignedData; +import org.bouncycastle.cert.X509CertificateHolder; +import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; + +/** + * + * Container class that parses and stores information about Biometric Data elements. Biometric Data elements include Cardholder Fingerprints, + * Cardholder Facial Image and Cardholder Iris Image as defined by SP800-73-4 Part 2 Appendix A Table 11, Table 13 and Table 40 + * + */ +public class CardHolderBiometricData extends SignedPIVDataObject { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(CardHolderBiometricData.class); + + private byte[] m_biometricData; + private String m_biometricCreationDate; + private boolean m_errorDetectionCode; + private String m_validityPeriodFrom; + private String m_validityPeriodTo; + private byte[] m_biometricDataBlock; + private byte[] m_signatureBlock; + private byte[] m_cbeffContainer; + + /** + * CardholderBiometricData class constructor, initializes all the class fields. + */ + public CardHolderBiometricData() { + super(); + m_biometricData = null; + m_errorDetectionCode = false; + m_biometricCreationDate = null; + m_validityPeriodFrom = null; + m_validityPeriodTo = null; + m_biometricDataBlock = null; + m_signatureBlock = null; + m_cbeffContainer = null; + m_content = new HashMap(); + } + + /** + * + * Returns the CBEFF container value + * + * @return Byte array with CBEFF container value + */ + public byte[] getCbeffContainer() { + return m_cbeffContainer; + } + + /** + * + * Sets the CBEFF container value + * + * @param cbeffContainer Byte array with CBEFF container value + */ + public void setCbeffContainer(byte[] cbeffContainer) { + m_cbeffContainer = cbeffContainer; + } + + /** + * + * Returns a byte array with biometric data + * + * @return Byte array with biometric data + */ + public byte[] getBiometricData() { + return m_biometricData; + } + + /** + * + * Returns a byte array with the CMS + * + * @return Byte array with CMS + */ + public byte[] getSignatureBlock() { + return m_signatureBlock; + } + /** + * + * Sets the biometric data + * + * @param biometricData Byte array with biometric data + */ + public void setBiometricData(byte[] biometricData) { + m_biometricData = biometricData; + } + + /** + * + * Returns true if error detection code is present, false otherwise + * + * @return Returns true if error detection code is present, false otherwise + */ + @Override + public boolean getErrorDetectionCode() { + return m_errorDetectionCode; + } + + /** + * + * Sets if error detection code is present + * + * @param errorDetectionCode Boolean indicating if error detection code is present + */ + @Override + public void setErrorDetectionCode(boolean errorDetectionCode) { + m_errorDetectionCode = errorDetectionCode; + } + + + /** + * + * Returns biometric creation date value + * + * @return String indicating biometric creation date + */ + public String getBiometricCreationDate() { + return m_biometricCreationDate; + } + + /** + * + * Sets the biometric creation date + * + * @param biometricCreationDate String indicating biometric creation date + */ + public void setBiometricCreationDate(String biometricCreationDate) { + m_biometricCreationDate = biometricCreationDate; + } + + /** + * + * Returns the biometric data block + * + * @return Byte array containing biometric data block + */ + public byte[] getBiometricDataBlock() { + return m_biometricDataBlock; + } + + /** + * + * Sets the biometric data block + * + * @param biometricDataBlock Byte array containing biometric data block + */ + public void setBiometricDataBlock(byte[] biometricDataBlock) { + m_biometricDataBlock = biometricDataBlock; + } + + /** + * + * Returns the validity preriod from value + * + * @return String indicating validity from value + */ + public String getValidityPeriodFrom() { + return m_validityPeriodFrom; + } + + /** + * + * Sets the validity from value + * + * @param validityPeriodFrom String indicating validity from value + */ + public void setValidityPeriodFrom(String validityPeriodFrom) { + m_validityPeriodFrom = validityPeriodFrom; + } + + /** + * + * Returns the validity preriod to value + * + * @return String indicating validity to value + */ + public String getValidityPeriodTo() { + return m_validityPeriodTo; + } + + /** + * + * Sets the validity from value + * + * @param validityPeriodTo String indicating validity from value + */ + public void setValidityPeriodTo(String validityPeriodTo) { + m_validityPeriodTo = validityPeriodTo; + } + + /** + * + * Decode function that decodes biometric data object retrieved from the card and populates various class fields. + * + * @return True if decode was successful, false otherwise + */ + @Override + public boolean decode() { + + boolean certFound = false; + ByteArrayOutputStream signedContentOutputStream = new ByteArrayOutputStream(); + SignerInformationStore signers = null; + SignerInformation signer = null; + try { + byte[] rawBytes = this.getBytes(); + + s_logger.trace("rawBytes: {}", Hex.encodeHexString(rawBytes)); + + if(rawBytes == null){ + s_logger.error("No buffer to decode for {}.", APDUConstants.oidNameMap.get(super.getOID())); + return false; + } + + BerTlvParser tlvp = new BerTlvParser(new CCTTlvLogger(this.getClass())); + BerTlvs outer = tlvp.parse(rawBytes); + + if(outer == null){ + s_logger.error("Error parsing {}, unable to parse TLV value.", APDUConstants.oidNameMap.get(super.getOID())); + return false; + } + + List values = outer.getList(); + for(BerTlv tlv : values) { + if(tlv.isPrimitive()) { + s_logger.trace("Tag {}: {}", Hex.encodeHexString(tlv.getTag().bytes), Hex.encodeHexString(tlv.getBytesValue())); + + BerTlvs outer2 = tlvp.parse(tlv.getBytesValue()); + + if (outer2 == null) { + s_logger.error("Error parsing {}, unable to parse TLV value.", APDUConstants.oidNameMap.get(super.getOID())); + return false; + } + + List values2 = outer2.getList(); + for (BerTlv tlv2 : values2) { + if (tlv2.isPrimitive()) { + s_logger.trace("Tag {}: {}", Hex.encodeHexString(tlv2.getTag().bytes), Hex.encodeHexString(tlv2.getBytesValue())); + } else { + BerTag tag = tlv2.getTag(); + byte[] value = tlv2.getBytesValue(); + + super.m_tagList.add(tag); + if (Arrays.equals(tag.bytes, TagConstants.FINGERPRINT_I_AND_II_TAG) && getOID().compareTo(APDUConstants.CARDHOLDER_FINGERPRINTS_OID) == 0) { + + setContainerName("Fingerprints"); + m_biometricData = value; + m_content.put(tag, value); + if (m_biometricData != null) + signedContentOutputStream.write(APDUUtils.getTLV(TagConstants.FINGERPRINT_I_AND_II_TAG, m_biometricData)); + + } else if (Arrays.equals(tag.bytes, TagConstants.IMAGE_FOR_VISUAL_VERIFICATION_TAG) && getOID().compareTo(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID) == 0) { + + setContainerName("ImageForVisualVerification"); + m_biometricData = value; + m_content.put(tag, value); + if (m_biometricData != null) + signedContentOutputStream.write(APDUUtils.getTLV(TagConstants.IMAGE_FOR_VISUAL_VERIFICATION_TAG, m_biometricData)); + + } else if (Arrays.equals(tag.bytes, TagConstants.IMAGES_FOR_IRIS_TAG) && getOID().compareTo(APDUConstants.CARDHOLDER_IRIS_IMAGES_OID) == 0) { + + setContainerName("ImagesForIris"); + m_biometricData = value; + m_content.put(tag, value); + if (m_biometricData != null) + signedContentOutputStream.write(APDUUtils.getTLV(TagConstants.IMAGES_FOR_IRIS_TAG, m_biometricData)); + + } else if (Arrays.equals(tag.bytes, TagConstants.ERROR_DETECTION_CODE_TAG)) { + + m_errorDetectionCode = true; + m_content.put(tag, value); + if (m_biometricData != null) + signedContentOutputStream.write(APDUUtils.getTLV(TagConstants.ERROR_DETECTION_CODE_TAG, value)); + + } else { + s_logger.warn("Unexpected tag: {} with value: {}", Hex.encodeHexString(tag.bytes), Hex.encodeHexString(tlv2.getBytesValue())); + } + m_cbeffContainer = signedContentOutputStream.toByteArray(); + } + } + + // Break BC tag into Patron CBEFF header + BDB + SB + if (m_biometricData != null) { + s_logger.info("m_biometricData: {}", Hex.encodeHexString(m_biometricData)); + //Get Biometric data block (BDB) Length + byte[] biometricDataBlockLengthBytes = Arrays.copyOfRange(m_biometricData, 2, 6); + //Get Signature block (SB) Length + byte[] signatureDataBlockLengthBytes = Arrays.copyOfRange(m_biometricData, 6, 8); + + //Get Biometric Creation Date + m_biometricCreationDate = BytesToDateString(Arrays.copyOfRange(m_biometricData, 12, 20)); + //Get Validity Period From value + m_validityPeriodFrom = BytesToDateString(Arrays.copyOfRange(m_biometricData, 20, 28)); + //Get Validity Period To value + m_validityPeriodTo = BytesToDateString(Arrays.copyOfRange(m_biometricData, 28, 36)); + + //Convert Biometric data block (BDB) Length byte[] value to int + ByteBuffer wrapped = ByteBuffer.wrap(biometricDataBlockLengthBytes); + int biometricDataBlockLength = wrapped.getInt(); + + //Convert Signature block (SB) Length byte[] value to int + wrapped = ByteBuffer.wrap(signatureDataBlockLengthBytes); + int signatureDataBlockLength = wrapped.getShort(); + + + m_biometricDataBlock = Arrays.copyOfRange(m_biometricData, 88, 88 + biometricDataBlockLength); + + m_signatureBlock = Arrays.copyOfRange(m_biometricData, 88 + biometricDataBlockLength, 88 + biometricDataBlockLength + signatureDataBlockLength); + + // Decode the ContentInfo and get SignedData objects. + ByteArrayInputStream bIn = new ByteArrayInputStream(m_signatureBlock); + ASN1InputStream aIn = new ASN1InputStream(bIn); + // Set the ContentInfo structure in super class + setContentInfo(ContentInfo.getInstance(aIn.readObject())); aIn.close(); + // Set the CMSSignedData object + setAsymmetricSignature(new CMSSignedData(getContentInfo())); + // Finally, see if there's a separate signer cert + CMSSignedData cmsSignedData = getAsymmetricSignature(); + + if(cmsSignedData != null) { + signers = cmsSignedData.getSignerInfos(); + + for (Iterator i = signers.getSigners().iterator(); i.hasNext();) { + signer = i.next(); + } + + // The biometric data block is the detached signed content + setSignedContent(Arrays.copyOfRange(m_biometricData, 0, 88 + biometricDataBlockLength)); + // Grab signed digest + setSignedAttrsDigest(signers); + // Precompute digest but don't compare -- let consumers do that + setComputedDigest(signer, getSignedContent()); + // Indicate this object needs a signature verification + setSigned(true); + + //Decode the ContentInfo and get SignedData object. + Store certs = cmsSignedData.getCertificates(); + signers = cmsSignedData.getSignerInfos(); + for (Iterator i = signers.getSigners().iterator(); i.hasNext(); ) { + signer = i.next(); + setDigestAlgorithmName(Algorithm.digAlgOidToNameMap.get(signer.getDigestAlgOID())); + setEncryptionAlgorithmName(Algorithm.encAlgOidToNameMap.get(signer.getEncryptionAlgOID())); + @SuppressWarnings("unchecked") + Collection certCollection = certs.getMatches(signer.getSID()); + Iterator certIt = certCollection.iterator(); + if (certIt.hasNext()) { + X509CertificateHolder certHolder = certIt.next(); + // Note that setSignerCert internally increments a counter. If there are more than one + // cert in PKCS7 cert bags then the consumer class should throw an exception. + X509Certificate signerCert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certHolder); + if (signerCert != null) { + setSignerCert(signerCert); + setHasOwnSignerCert(true); + certFound = true; + // Extract signer's signature algorithm name and hang on to it. + setSignatureAlgorithmName(signerCert.getSigAlgName()); + } else { + s_logger.error("Can't extract signer certificate"); + } + } + } + } else { + s_logger.error("Null CMSSignedData"); + } + } + } + } + } catch (Exception ex) { + s_logger.error("Error parsing {}", APDUConstants.oidNameMap.get(super.getOID()), ex); + return false; + } + + String message = APDUConstants.oidNameMap.get(super.getOID()) + (certFound ? " had" : " did not have") + " an embedded certificate"; + s_logger.trace(message); + + if(m_biometricData == null) + return false; + + dump(this.getClass()); + return true; + } + + + /** + * + * Helper function that converts byte array to a date string + * + * @param buf Byte array to be converted + * @return String containing date value + */ + private String BytesToDateString(byte[] buf) { + if((char)buf[buf.length-1] != 'Z') { + throw new IllegalArgumentException("bcd byte array doesn't end with Z"); + } + StringBuilder outsb = new StringBuilder(); + for( int i = 0; i < buf.length-1; ++i ) { + int digits = buf[i] & 0xFF; + outsb.append(String.format("%02d", digits)); + } + outsb.append('Z'); + return outsb.toString(); + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CardHolderUniqueIdentifier.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CardHolderUniqueIdentifier.java similarity index 93% rename from cardlib/src/main/java/gov/gsa/pivconformance/card/client/CardHolderUniqueIdentifier.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CardHolderUniqueIdentifier.java index 3543d81b..fa98b890 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/CardHolderUniqueIdentifier.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/CardHolderUniqueIdentifier.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformance.card.client; +package gov.gsa.pivconformance.cardlib.card.client; import org.bouncycastle.asn1.ASN1InputStream; import org.bouncycastle.asn1.cms.ContentInfo; @@ -9,14 +9,14 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.pivconformance.card.client.Algorithm; -import gov.gsa.pivconformance.card.client.SignedPIVDataObject; -import gov.gsa.pivconformance.tlv.BerTag; -import gov.gsa.pivconformance.tlv.BerTlv; -import gov.gsa.pivconformance.tlv.BerTlvParser; -import gov.gsa.pivconformance.tlv.BerTlvs; -import gov.gsa.pivconformance.tlv.CCTTlvLogger; -import gov.gsa.pivconformance.tlv.TagConstants; +import gov.gsa.pivconformance.cardlib.card.client.Algorithm; +import gov.gsa.pivconformance.cardlib.card.client.SignedPIVDataObject; +import gov.gsa.pivconformance.cardlib.tlv.BerTag; +import gov.gsa.pivconformance.cardlib.tlv.BerTlv; +import gov.gsa.pivconformance.cardlib.tlv.BerTlvParser; +import gov.gsa.pivconformance.cardlib.tlv.BerTlvs; +import gov.gsa.pivconformance.cardlib.tlv.CCTTlvLogger; +import gov.gsa.pivconformance.cardlib.tlv.TagConstants; import org.apache.commons.codec.binary.Hex; @@ -321,17 +321,7 @@ public boolean decode() { // input) s_logger.warn("Deprecated tag: {} with value: {}", Hex.encodeHexString(tag.bytes), Hex.encodeHexString(value)); - } else if (Arrays.equals(tag.bytes, TagConstants.DEPRECATED_AUTHENTICATION_KEY_MAP)) { // 3D - // - - // Don't - // use - // in - // hash - // (don't - // add - // to - // digest - // input) + } else if (Arrays.equals(tag.bytes, TagConstants.DEPRECATED_AUTHENTICATION_KEY_MAP)) { // 3D - Dont' use in hash (don't add to digest input) s_logger.warn("Deprecated tag: {} with value: {}", Hex.encodeHexString(tag.bytes), Hex.encodeHexString(value)); m_tagList.add(tag); // TODO: Re-visit this strategy @@ -439,7 +429,7 @@ public boolean decode() { // Hang the CHUID signer cert here so that any test runner // consumer can access it. setChuidSignerCert(signerCert); - m_x509ArtifactCache.saveObject(APDUConstants.getFileNameForOid(getOID())+ ".cer", signerCert.getEncoded()); + m_x509ArtifactCache.saveObject("x509-artifacts", APDUConstants.getFileNameForOid(getOID())+ ".cer", signerCert.getEncoded()); } else { s_logger.error("Can't extract signer certificate"); } diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ChainingAPDUTransmitter.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ChainingAPDUTransmitter.java similarity index 70% rename from cardlib/src/main/java/gov/gsa/pivconformance/card/client/ChainingAPDUTransmitter.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ChainingAPDUTransmitter.java index 36290321..c1e64182 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ChainingAPDUTransmitter.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ChainingAPDUTransmitter.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformance.card.client; +package gov.gsa.pivconformance.cardlib.card.client; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -12,24 +12,24 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.utils.ITransmitCounter; -import gov.gsa.pivconformance.utils.PCSCWrapper; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.utils.ITransmitCounter; +import gov.gsa.pivconformance.cardlib.utils.PCSCWrapper; // based on logic from the intarsys PCSC wrapper library, adapted to run directly on top of // javax.smartcardio.pcsc public class ChainingAPDUTransmitter { - + private CardChannel m_channel = null; - private static final Logger s_logger = LoggerFactory.getLogger(ChainingAPDUTransmitter.class); - private static final Logger s_apduLogger = LoggerFactory.getLogger("gov.gsa.pivconformance.apdu"); + private static final Logger s_logger = LoggerFactory.getLogger(ChainingAPDUTransmitter.class); + private static final Logger s_apduLogger = LoggerFactory.getLogger("gov.gsa.pivconformance.cardlib.apdu"); private ITransmitCounter m_counter; - + public ChainingAPDUTransmitter(CardChannel c) { m_channel = c; m_counter = PCSCWrapper.getInstance(); } - + protected RequestAPDUWrapper fixLengthExpected(RequestAPDUWrapper request, int correctLE) { int cla = request.getCla(); int ins = request.getIns(); @@ -42,28 +42,27 @@ protected RequestAPDUWrapper fixLengthExpected(RequestAPDUWrapper request, int c return new RequestAPDUWrapper(cla, ins, p1, p2, data, correctLE); } } - + ResponseAPDUWrapper nativeTransmit(RequestAPDUWrapper request) throws CardException, CardClientException { CommandAPDU cmd = new CommandAPDU(request.getBytes()); - ResponseAPDU rsp = null; - try { - + ResponseAPDU rsp = null; + try { + String apduTrace; // Mask PIN - if (cmd.getINS() == APDUConstants.VERIFY) { - byte[] maskedPin = cmd.getBytes(); - for (int i = 5, end = i + cmd.getNc(); i < end; i++) { - maskedPin[i] = (byte) 0xAA; - } - apduTrace = String.format("Sending Command APDU %s", - Hex.encodeHexString(maskedPin).replaceAll("..(?=.)", "$0 ")); - } else { - apduTrace = String.format("Sending Command APDU %s", - Hex.encodeHexString((cmd.getBytes())).replaceAll("..(?=.)", "$0 ")); - } - s_apduLogger.debug(apduTrace); - - m_counter.incrementTransmitCount(); + if (cmd.getINS() == APDUConstants.VERIFY) { + byte[] maskedPin = cmd.getBytes(); + for (int i = 5, end = i + cmd.getNc(); i < end; i++) { + maskedPin[i] = (byte) 0xAA; + } + apduTrace = String.format("Sending Command APDU %s", Hex.encodeHexString(maskedPin).replaceAll("..(?=.)", "$0 ")); + } + else { + apduTrace = String.format("Sending Command APDU %s", Hex.encodeHexString((cmd.getBytes())).replaceAll("..(?=.)", "$0 ")); + } + s_apduLogger.debug(apduTrace); + + m_counter.incrementTransmitCount(); rsp = m_channel.transmit(cmd); } catch (CardException e) { @@ -72,18 +71,22 @@ ResponseAPDUWrapper nativeTransmit(RequestAPDUWrapper request) throws CardExcept } return new ResponseAPDUWrapper(rsp.getBytes()); } - - protected ResponseAPDUWrapper basicTransmit(RequestAPDUWrapper request) throws CardClientException, CardException { + + protected ResponseAPDUWrapper basicTransmit(RequestAPDUWrapper request) + throws CardClientException, CardException { RequestAPDUWrapper encodedRequest = encodeRequest(request); - ResponseAPDUWrapper encodedResponse = nativeTransmit(encodedRequest); + ResponseAPDUWrapper encodedResponse = nativeTransmit( + encodedRequest); return decodeResponse(encodedResponse); } - protected ResponseAPDUWrapper decodeResponse(ResponseAPDUWrapper response) throws CardException { + protected ResponseAPDUWrapper decodeResponse(ResponseAPDUWrapper response) + throws CardException { return response; } - protected RequestAPDUWrapper encodeRequest(RequestAPDUWrapper request) throws CardException { + protected RequestAPDUWrapper encodeRequest(RequestAPDUWrapper request) + throws CardException { return request; } @@ -107,7 +110,8 @@ public ResponseAPDUWrapper transmit(RequestAPDUWrapper request) throws CardClien } do { // "GET RESPONSE" command - RequestAPDUWrapper fixedRequest = new RequestAPDUWrapper(0, 0xC0, 0, 0, response.getSw2()); + RequestAPDUWrapper fixedRequest = new RequestAPDUWrapper(0, 0xC0, 0, 0, + response.getSw2()); response = this.basicTransmit(fixedRequest); try { dataBaos.write(response.getData()); @@ -115,7 +119,7 @@ public ResponseAPDUWrapper transmit(RequestAPDUWrapper request) throws CardClien s_logger.error("Caught exception appending to byte array", e); throw new CardClientException("Unable to append to byte array", e); } - } while (response.getSw1() == 0x61); + } while(response.getSw1() == 0x61); try { dataBaos.flush(); @@ -125,10 +129,8 @@ public ResponseAPDUWrapper transmit(RequestAPDUWrapper request) throws CardClien } byte[] dataBytes = dataBaos.toByteArray(); s_logger.debug("GET RESPONSE: final size: {}", dataBytes.length); - ResponseAPDUWrapper fixedResponse = new ResponseAPDUWrapper(dataBytes, response.getSw1(), - response.getSw2()); - s_logger.debug("Returning status {} following GET RESPONSE", - String.format("%1$02X %2$02X", response.getSw1(), response.getSw2())); + ResponseAPDUWrapper fixedResponse = new ResponseAPDUWrapper(dataBytes, response.getSw1(), response.getSw2()); + s_logger.debug("Returning status {} following GET RESPONSE", String.format("%1$02X %2$02X", response.getSw1(), response.getSw2())); response = fixedResponse; } if (request.isChainedRequest() && request.getNextRequest() != null) { diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ConnectionDescription.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ConnectionDescription.java new file mode 100644 index 00000000..211dae0d --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ConnectionDescription.java @@ -0,0 +1,182 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import gov.gsa.pivconformance.cardlib.tlv.BerTag; +import gov.gsa.pivconformance.cardlib.tlv.BerTlv; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import javax.smartcardio.CardException; +import javax.smartcardio.CardTerminal; +import javax.smartcardio.TerminalFactory; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.nio.ByteBuffer; +import java.util.Arrays; + + +import gov.gsa.pivconformance.cardlib.tlv.BerTlvParser; +import gov.gsa.pivconformance.cardlib.tlv.BerTlvs; + + +/** + * Encapsulates a connection description data object (tag 0x7F21) as + * defined by SP800-73-4 table 2 + */ +public class ConnectionDescription { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(ConnectionDescription.class); + + private CardTerminal m_reader; + + //Tag for Connection Description template + private static byte[] m_tag = new byte[]{(byte) 0x7F, (byte) 0x21}; + //Tag for PC/SC device reader name + private static byte[] m_tagCRN = new byte[]{(byte) 0x81}; + //Tag for Local Network node + private static byte[] m_tagLocal = new byte[]{(byte) 0x90, (byte) 0x00}; + + /** + * Default c'tor is private - initialize using static factory methods. + */ + private ConnectionDescription() { + } + + /** + * + * Populate connection description data object based on information from CardTerminal + * + * @return Byte array containing Connection Description value + */ + public byte[] getBytes() { + + //Get reader name and bytes from the name + String readerName = m_reader.getName(); + byte[] readerNameBytes = readerName.getBytes(); + int readerNameBytesLen = readerNameBytes.length; + + //Get byte value of reader name length value + ByteBuffer bbuf = ByteBuffer.allocate(4); + bbuf.putInt(readerNameBytesLen); + byte[] readerNameBytesLenBuffer = bbuf.array(); + + //Get offset to ignore 0x00 value + int readerNameBytesLenBufferOffset = 0; + while (readerNameBytesLenBuffer[readerNameBytesLenBufferOffset] == 0x00) + readerNameBytesLenBufferOffset++; + + //Calcuate length value for the entire Connection Description Template + int readerNameBytesPlusTagLen = readerNameBytesLen + 1 + readerNameBytesLenBuffer.length - readerNameBytesLenBufferOffset + m_tagLocal.length; + + //Get byte value of the total field length + ByteBuffer bbuf2 = ByteBuffer.allocate(4); + bbuf2.putInt(readerNameBytesPlusTagLen); + byte[] readerNameBytesPlusTagLenBuffer = bbuf2.array(); + + //Get offset to ignore 0x00 value + int readerNameBytesPlusTagLenBufferOffset = 0; + while (readerNameBytesPlusTagLenBuffer[readerNameBytesPlusTagLenBufferOffset] == 0x00) + readerNameBytesPlusTagLenBufferOffset++; + + + ByteArrayOutputStream bufOut = new ByteArrayOutputStream(); + try { + bufOut.write(m_tag); + bufOut.write(readerNameBytesPlusTagLenBuffer, readerNameBytesLenBufferOffset, readerNameBytesPlusTagLenBuffer.length - readerNameBytesPlusTagLenBufferOffset); + bufOut.write(m_tagCRN); + bufOut.write(readerNameBytesLenBuffer, readerNameBytesLenBufferOffset, readerNameBytesLenBuffer.length - readerNameBytesLenBufferOffset); + bufOut.write(readerNameBytes); + bufOut.write(m_tagLocal); + } catch(IOException e) { + s_logger.error("Failed to write to buffer", e); + return null; + } + return bufOut.toByteArray(); + } + + /** + * + * Create a ConnectionDescription object from a javax.smartcardio.CardTerminal + * + * @return ConnectionDescription used to interact with a PIV card in the specified terminal + */ + public static ConnectionDescription createFromTerminal(CardTerminal reader) { + ConnectionDescription rv = new ConnectionDescription(); + rv.m_reader = reader; + return rv; + } + + /** + * + * Given the data object described in SP800-73-4 table 2, create a new connection description object + * + * @param data Byte array containing Connection Description info from which ConnectionDescription object will be constructed + * @return ConnectionDescription Object + */ + public static ConnectionDescription createFromBuffer(byte[] data) { + ConnectionDescription rv = new ConnectionDescription(); + + byte readerNameBytes[] = null; + + BerTag berTagCRN = new BerTag(m_tagCRN); + BerTag berTag = new BerTag(m_tag); + + BerTlvParser parser = new BerTlvParser(); + BerTlvs tlvs = parser.parse(data, 0, data.length); + BerTlv crnTlv = tlvs.find(berTag); + BerTlv crnTlvCRN = tlvs.find(berTagCRN); + + if(crnTlv == null){ + s_logger.error("Unable to find tag for ConnectionDescription"); + return null; + } + + if(crnTlvCRN != null) + readerNameBytes = crnTlvCRN.getBytesValue(); + else { + s_logger.error("Unable to find card reader name in the ConnectionDescription value"); + return null; + } + + if(readerNameBytes == null){ + s_logger.error("Unable to find card reader name in the ConnectionDescription value"); + return null; + } + + try { + + TerminalFactory tf2 = TerminalFactory.getDefault(); + s_logger.info("Attempting to list card terminals"); + try { + for (CardTerminal ct : tf2.terminals().list()) { + + if(Arrays.equals(readerNameBytes, ct.getName().getBytes())) { + + rv.m_reader = ct; + } + } + } catch (CardException e) { + s_logger.error("Unable to enumerate card terminals", e); + return null; + } + + + + }catch (Exception ex) { + + s_logger.info("Exception : {}", ex.getMessage()); + } + + return rv; + } + + /** + * + * Get the reader that will be used to actually send/receive APDUs from the card + * + * @return CardTerminal object + */ + public CardTerminal getTerminal() { + return m_reader; + } + +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ContainerPurpose.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ContainerPurpose.java similarity index 54% rename from cardlib/src/main/java/gov/gsa/pivconformance/card/client/ContainerPurpose.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ContainerPurpose.java index fb1fbded..feb24331 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ContainerPurpose.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ContainerPurpose.java @@ -1,8 +1,7 @@ -package gov.gsa.pivconformance.card.client; +package gov.gsa.pivconformance.cardlib.card.client; public enum ContainerPurpose { SIGNATURE, - // we may want to differentiate between key agreement and key exchange here, but - // this is currently more expedient + // we may want to differentiate between key agreement and key exchange here, but this is currently more expedient ENCRYPTION } diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/DataModelSingleton.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/DataModelSingleton.java similarity index 50% rename from cardlib/src/main/java/gov/gsa/pivconformance/card/client/DataModelSingleton.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/DataModelSingleton.java index 79e6bcce..4138a036 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/DataModelSingleton.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/DataModelSingleton.java @@ -1,108 +1,107 @@ -/** - * - */ -package gov.gsa.pivconformance.card.client; - -import java.security.cert.X509Certificate; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import gov.gsa.pivconformance.tlv.*; - -/** - * This class is used indirectly by the test atoms. It instantiates some known - * SP 800-73 rules. Initially being used to manage the container lengths in - * Tables 8-43. - * - */ - -public class DataModelSingleton { - private static final Logger s_logger = LoggerFactory.getLogger(DataModelSingleton.class); - - TagBoundaryManager m_tagLengthRules; - X509Certificate m_chuidSignerCert; - - private DataModelSingleton() { - reset(); - } - - /* - * The INSTANCE - */ - - private static final DataModelSingleton INSTANCE = new DataModelSingleton(); - - /** - * Public accessor of this so it can be instantiated by the framework - * - * @return - */ - - public static DataModelSingleton getInstance() { - return INSTANCE; - } - - /** - * Reset - */ - - public void reset() { - m_tagLengthRules = null; - m_tagLengthRules = new TagBoundaryManager(); - m_chuidSignerCert = null; - } - - /** - * Initialize - */ - - public void loadLengthRules() { - if (m_tagLengthRules == null) - m_tagLengthRules = new TagBoundaryManager(); - } - - /** - * Day-to-day public accessor - * - * @return the SP 800-73-* tag length rules - */ - - public TagBoundaryManager getLengthRules() { - if (m_tagLengthRules == null) - loadLengthRules(); - - return m_tagLengthRules; - } - - /** - * Setter - * - * @param clf - */ - - public void setLengthRules(TagBoundaryManager clf) { - m_tagLengthRules = clf; - } - - /** - * Gets the cached CHUID signer cert - * - * @return the cached CHUID signer cert - */ - - public X509Certificate getChuidSignerCert() { - return m_chuidSignerCert; - } - - /** - * Sets the cached CHUID signer cert - * - * @param cert - */ - - public void setChuidSignerCert(X509Certificate cert) { - if (m_chuidSignerCert == null && cert != null) // Set once and protect - m_chuidSignerCert = cert; - } +/** + * + */ +package gov.gsa.pivconformance.cardlib.card.client; + +import java.security.cert.X509Certificate; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import gov.gsa.pivconformance.cardlib.tlv.*; + +/** + * This class is used indirectly by the test atoms. It instantiates some + * known SP 800-73 rules. Initially being used to manage the container lengths + * in Tables 8-43. + * + */ + +public class DataModelSingleton { + private static final Logger s_logger = LoggerFactory.getLogger(DataModelSingleton.class); + + TagBoundaryManager m_tagLengthRules; + X509Certificate m_chuidSignerCert; + + private DataModelSingleton() { + reset(); + } + + /* + * The INSTANCE + */ + + private static final DataModelSingleton INSTANCE = new DataModelSingleton(); + + /** + * Public accessor of this so it can be instantiated by the framework + * + * @return + */ + + public static DataModelSingleton getInstance() { + return INSTANCE; + } + + /** + * Reset + */ + + public void reset() { + m_tagLengthRules = null; + m_tagLengthRules = new TagBoundaryManager(); + m_chuidSignerCert = null; + } + + /** + * Initialize + */ + + public void loadLengthRules() { + if (m_tagLengthRules == null) + m_tagLengthRules = new TagBoundaryManager(); + } + + /** + * Day-to-day public accessor + * + * @return the SP 800-73-* tag length rules + */ + + public TagBoundaryManager getLengthRules() { + if (m_tagLengthRules == null) + loadLengthRules(); + + return m_tagLengthRules; + } + + /** + * Setter + * + * @param clf + */ + + public void setLengthRules(TagBoundaryManager clf) { + m_tagLengthRules = clf; + } + + /** + * Gets the cached CHUID signer cert + * + * @return the cached CHUID signer cert + */ + + public X509Certificate getChuidSignerCert() { + return m_chuidSignerCert; + } + + /** + * Sets the cached CHUID signer cert + * @param cert + */ + + public void setChuidSignerCert(X509Certificate cert) { + if (m_chuidSignerCert == null && cert != null) // Set once and protect + m_chuidSignerCert = cert; + } } \ No newline at end of file diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/DefaultPIVApplication.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/DefaultPIVApplication.java new file mode 100644 index 00000000..baef028e --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/DefaultPIVApplication.java @@ -0,0 +1,53 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import org.apache.commons.codec.binary.Hex; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * A default implementation of the PIV application interface that will be used by the test harness in most cases. + */ +public class DefaultPIVApplication extends AbstractPIVApplication { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(DefaultPIVApplication.class); + +// @Override +// public MiddlewareStatus pivEstablishSecureMessaging(CardHandle cardHandle) { +// return null; +// } + +// @Override +// public MiddlewareStatus pivPutData(CardHandle cardHandle, String OID, PIVDataObject data) { +// return null; +// } + + /** + * + * Set the PIV Card Application as the currently selected card application and establish + * the PIV Card Applicationâs security state. + * + * @param cardHandle CardHandle object that encapsulates connection to a card + * @param applicationAID ApplicationAID object containing the AID of the PIV Card Application + * @param applicationProperties ApplicationProperties object containing application properties of the selected PIV + * Card Application + * @return + */ + @Override + public MiddlewareStatus pivSelectCardApplication(CardHandle cardHandle, ApplicationAID applicationAID, ApplicationProperties applicationProperties) { + s_logger.debug("pivSelectCardApplication()"); + // For now, if the caller did not specify an AID, use the default. + byte[] aid = applicationAID.getBytes(); + if(aid == null) { + s_logger.info("Using default AID ({}) to select PIV application", Hex.encodeHexString(APDUConstants.PIV_APPID)); + applicationAID.setBytes(APDUConstants.PIV_APPID); + } + MiddlewareStatus rv = super.pivSelectCardApplication(cardHandle, applicationAID, applicationProperties); + s_logger.debug("pivSelectCardApplication() returning {}", rv); + return rv; + } + +// @Override +// public MiddlewareStatus pivGenerateKeyPair(CardHandle cardHandle, byte keyReference, byte cryptographicMechanism, PIVDataObject publicKey) { +// return null; +// } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/DiscoveryObject.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/DiscoveryObject.java new file mode 100644 index 00000000..a29bc589 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/DiscoveryObject.java @@ -0,0 +1,273 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import gov.gsa.pivconformance.cardlib.tlv.*; +import org.apache.commons.codec.binary.Hex; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.ByteArrayOutputStream; +import java.util.Arrays; +import java.util.HashMap; + +/** + * + * Encapsulates a Discovery Object data object as defined by SP800-73-4 Part 2 Appendix A Table 18 + * + */ +public class DiscoveryObject extends PIVDataObject { + + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(DiscoveryObject.class); + + private byte[] m_aid; + private byte[] m_pinPolicy; + private boolean m_globalPINSatisfiesACR; + private boolean m_appPINSatisfiesACR; + private boolean m_globalPINisPrimary; + private boolean m_occSatisfiesACR; + private byte[] m_signedContent; + + /** + * DiscoveryObject class constructor, initializes all the class fields. + */ + public DiscoveryObject() { + m_aid = null; + m_pinPolicy = null; + m_signedContent = null; + m_content = new HashMap(); + } + + /** + * + * Returns byte array with signed content + * + * @return Byte array with signed content buffer + */ + public byte[] getSignedContent() { + return m_signedContent; + } + + /** + * + * Sets the signed content value + * + * @param signedContent Byte array with signed content buffer + */ + public void setSignedContent(byte[] signedContent) { + m_signedContent = signedContent; + } + + /** + * + * Returns PIV Card Application AID value + * + * @return Byte array containing PIV Card Application AID value + */ + public byte[] getAid() { + return m_aid; + } + + /** + * + * Sets the PIV Card Application AID value + * + * @param aid Byte array containing PIV Card Application AID value + */ + public void setAid(byte[] aid) { + m_aid = aid; + } + + /** + * + * Returns PIN Usage Policy value + * + * @return Byte array containing PIN Usage Policy value + */ + public byte[] getPinPolicy() { + return m_pinPolicy; + } + + /** + * + * Sets the PIN Usage Policy value + * + * @param pinPolicy Byte array containing PIN Usage Policy value + */ + public void setPinPolicy(byte[] pinPolicy) { + m_pinPolicy = pinPolicy; + } + + + /** + * + * Returns true if Global PIN satisfies the PIV ACRs, false otherwise + * + * @return True if Global PIN satisfies the PIV ACRs, false otherwise + */ + public boolean globalPINSatisfiesACR() { + return m_globalPINSatisfiesACR; + } + + /** + * + * Sets if Global PIN satisfies the PIV ACRs, false otherwise + * + * @param globalPINSatisfiesACR True if Global PIN satisfies the PIV ACRs, false otherwise + */ + public void setGlobalPINSatisfiesACR(boolean globalPINSatisfiesACR) { + m_globalPINSatisfiesACR = globalPINSatisfiesACR; + } + + /** + * + * Returns true if Global PIN is primary, false otherwise + * + * @return True if Global PIN is primary, false otherwise + */ + public boolean globalPINisPrimary() { + return m_globalPINisPrimary; + } + + /** + * + * Sets if Global PIN is primary + * + * @param globalPINisPrimary True if Global PIN is primary, false otherwise + */ + public void setGlobalPINisPrimary(boolean globalPINisPrimary) { + m_globalPINisPrimary = globalPINisPrimary; + } + + // XXX *** MOVE this + + /** + * + * Helper function to determine if byte if set at a given position + * + * @param field Byte value + * @param position Integer specifying the position to check + * @return True if set, false otherwise + */ + private boolean is_set(byte field, int position) { + return ((field >> position) & 1) == 1; + } + + /** + * + * Returns true if App PIN satisfies the PIV ACRs, false otherwise + * + * @return True if App PIN satisfies the PIV ACRs, false otherwise + */ + public boolean appPINSatisfiesACR() { + return m_appPINSatisfiesACR; + } + + /** + * + * Sets if App PIN satisfies the PIV ACRs + * + * @param appPINSatisfiesACR True if App PIN satisfies the PIV ACRs, false otherwise + */ + public void setAppPINSatisfiesACR(boolean appPINSatisfiesACR) { + m_appPINSatisfiesACR = appPINSatisfiesACR; + } + + /** + * + * Returns true if OCC satisfies the PIV ACRs, false otherwise + * + * @return True if OCC satisfies the PIV ACRs, false otherwise + */ + public boolean occSatisfiesACR() { + return m_occSatisfiesACR; + } + + /** + * + * Sets if OCC satisfies the PIV ACRs + * + * @param occSatisfiesACR True if OCC satisfies the PIV ACRs, false otherwise + */ + public void setOccSatisfiesACR(boolean occSatisfiesACR) { + m_occSatisfiesACR = occSatisfiesACR; + } + + /** + * + * Decode function that decodes Discovery Object object retrieved from the card and populates various class fields. + * + * @return True if decode was successful, false otherwise + */ + @Override + public boolean decode() { + byte[] rawBytes = this.getBytes(); + s_logger.trace("rawBytes: {}", Hex.encodeHexString(rawBytes)); + if(rawBytes.length == 0) { + s_logger.info("DiscoveryObject.decode() called for empty discovery object."); + return false; + } + + try { + BerTlvParser tlvp = new BerTlvParser(new CCTTlvLogger(this.getClass())); + BerTlv outer = tlvp.parseConstructed(rawBytes); + + ByteArrayOutputStream scos = new ByteArrayOutputStream(); + for (BerTlv tlv : outer.getValues()) { + byte[] tag = tlv.getTag().bytes; + super.m_tagList.add(tlv.getTag()); + if (Arrays.equals(tag, TagConstants.PIV_CARD_APPLICATION_AID_TAG)) { + + m_aid = tlv.getBytesValue(); + m_content.put(tlv.getTag(), tlv.getBytesValue()); + + scos.write(APDUUtils.getTLV(TagConstants.PIV_CARD_APPLICATION_AID_TAG, m_aid)); + } else if (Arrays.equals(tag, TagConstants.PIN_USAGE_POLICY_TAG)) { + + m_pinPolicy = tlv.getBytesValue(); + m_content.put(tlv.getTag(), tlv.getBytesValue()); + + scos.write(APDUUtils.getTLV(TagConstants.PIN_USAGE_POLICY_TAG, m_pinPolicy)); + + m_globalPINisPrimary = false; + m_globalPINSatisfiesACR = false; + m_appPINSatisfiesACR = false; + m_occSatisfiesACR = false; + + if (is_set(m_pinPolicy[0], 8)) { + s_logger.error("PIN Policy bit 8 was set"); + } + if (is_set(m_pinPolicy[0], 7)) { + m_appPINSatisfiesACR = true; + } + if (is_set(m_pinPolicy[0], 6)) { + m_globalPINSatisfiesACR = true; + if (m_pinPolicy[1] == 0x20) { + m_globalPINisPrimary = true; + } + } + if (is_set(m_pinPolicy[0], 5)) { + m_occSatisfiesACR = true; + } + + } else { + s_logger.warn("Unexpected tag: {} with value: {}", Hex.encodeHexString(tlv.getTag().bytes), Hex.encodeHexString(tlv.getBytesValue())); + } + } + + m_signedContent = scos.toByteArray(); + + } catch (Exception ex) { + + s_logger.error("Error parsing {}: {}", APDUConstants.oidNameMap.get(super.getOID()), ex.getMessage()); + return false; + } + + if(m_aid == null || m_pinPolicy == null) + return false; + + dump(this.getClass()) +; + return true; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/GeneralAuthenticateHelper.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/GeneralAuthenticateHelper.java similarity index 55% rename from cardlib/src/main/java/gov/gsa/pivconformance/card/client/GeneralAuthenticateHelper.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/GeneralAuthenticateHelper.java index 3588ab90..d2fb0329 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/GeneralAuthenticateHelper.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/GeneralAuthenticateHelper.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformance.card.client; +package gov.gsa.pivconformance.cardlib.card.client; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -26,14 +26,14 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.pivconformance.tlv.BerTag; -import gov.gsa.pivconformance.tlv.BerTlv; -import gov.gsa.pivconformance.tlv.BerTlvBuilder; -import gov.gsa.pivconformance.tlv.BerTlvParser; -import gov.gsa.pivconformance.tlv.BerTlvs; -import gov.gsa.pivconformance.tlv.CCTTlvLogger; -import gov.gsa.pivconformance.utils.NullParameters; -import gov.gsa.pivconformance.utils.PCSCWrapper; +import gov.gsa.pivconformance.cardlib.tlv.BerTag; +import gov.gsa.pivconformance.cardlib.tlv.BerTlv; +import gov.gsa.pivconformance.cardlib.tlv.BerTlvBuilder; +import gov.gsa.pivconformance.cardlib.tlv.BerTlvParser; +import gov.gsa.pivconformance.cardlib.tlv.BerTlvs; +import gov.gsa.pivconformance.cardlib.tlv.CCTTlvLogger; +import gov.gsa.pivconformance.cardlib.utils.NullParameters; +import gov.gsa.pivconformance.cardlib.utils.PCSCWrapper; // Moving the general authenticate stuff that needs command // chaining off to here, so it's not sitting in the wrapper @@ -45,12 +45,12 @@ public class GeneralAuthenticateHelper { static Logger s_logger = LoggerFactory.getLogger(GeneralAuthenticateHelper.class); - + public static final byte[] DYNAMIC_AUTHENTICATION_TEMPLATE = { (byte) 0x7C }; - public static final byte[] GA_CHALLENGE = { (byte) 0x81 }; - public static final byte[] GA_RESPONSE = { (byte) 0x82 }; - public static final int APDU_MAX = 255; - public static final int APDU_MAX_DATA = APDU_MAX - 5; + public static final byte[] GA_CHALLENGE = { (byte) 0x81 }; + public static final byte[] GA_RESPONSE = { (byte) 0x82 }; + public static final int APDU_MAX = 255; + public static final int APDU_MAX_DATA = APDU_MAX - 5; public static byte[] generateRequest(String jceKeyType, String containerOid, byte[] paddedChallenge) { BerTlvBuilder b = new BerTlvBuilder(); @@ -63,9 +63,8 @@ public static byte[] generateRequest(String jceKeyType, String containerOid, byt s_logger.debug("Generated challenge for {}: {}", containerOid, Hex.encodeHexString(template)); return template; } - - public static ResponseAPDU sendRequest(CardHandle ch, int pivAlgId, int pivKeyId, byte[] request) - throws CardClientException { + + public static ResponseAPDU sendRequest(CardHandle ch, int pivAlgId, int pivKeyId, byte[] request) throws CardClientException { CardChannel channel = ch.getCurrentChannel(); s_logger.debug("sendRequest called for container {} alg {} request length {}", request.length); // here's where the chaining lands until it's worn better @@ -75,13 +74,12 @@ public static ResponseAPDU sendRequest(CardHandle ch, int pivAlgId, int pivKeyId ccBaos.write(APDUConstants.GENERAL_AUTHENTICATE); ccBaos.write(pivAlgId); ccBaos.write(pivKeyId); - ccBaos.write(request.length <= APDU_MAX_DATA ? request.length : APDU_MAX_DATA); + ccBaos.write(request.length <= APDU_MAX_DATA ? request.length : APDU_MAX_DATA ); ccBaos.write(request, 0, request.length <= APDU_MAX_DATA ? request.length : APDU_MAX_DATA); - if (request.length > APDU_MAX_DATA) - currPos += APDU_MAX_DATA; + if(request.length > APDU_MAX_DATA) currPos += APDU_MAX_DATA; CommandAPDU generalAuthApdu = new CommandAPDU(ccBaos.toByteArray()); ResponseAPDU resp = null; - + try { PCSCWrapper pcsc = PCSCWrapper.getInstance(); resp = pcsc.transmit(channel, generalAuthApdu); @@ -89,24 +87,23 @@ public static ResponseAPDU sendRequest(CardHandle ch, int pivAlgId, int pivKeyId s_logger.error("Failed to transmit GENERAL AUTHENTICATE APDU to card", e); return null; } - if (currPos < request.length - 1) { - while (resp.getSW1() == 0x90 && resp.getSW2() == 0x00 && currPos < request.length - 1) { + if(currPos < request.length - 1) { + while(resp.getSW1() == 0x90 && resp.getSW2() == 0x00 && currPos < request.length - 1) { ccBaos.reset(); - ccBaos.write( - request.length - currPos <= APDU_MAX_DATA ? APDUConstants.COMMAND : APDUConstants.COMMAND_CC); + ccBaos.write(request.length - currPos <= APDU_MAX_DATA ? APDUConstants.COMMAND : APDUConstants.COMMAND_CC); ccBaos.write(APDUConstants.GENERAL_AUTHENTICATE); ccBaos.write(pivAlgId); ccBaos.write(pivKeyId); - ccBaos.write(request.length - currPos <= APDU_MAX_DATA ? request.length - currPos : APDU_MAX_DATA); - ccBaos.write(request, currPos, - request.length - currPos <= APDU_MAX_DATA ? request.length - currPos : APDU_MAX_DATA); - if (request.length > APDU_MAX_DATA) { + ccBaos.write(request.length - currPos <= APDU_MAX_DATA ? request.length - currPos : APDU_MAX_DATA ); + ccBaos.write(request, currPos, request.length - currPos <= APDU_MAX_DATA + ? request.length - currPos : APDU_MAX_DATA); + if(request.length > APDU_MAX_DATA) { currPos += APDU_MAX_DATA; } else { currPos = request.length; } - if (currPos >= request.length - 1) - ccBaos.write((byte) 0x00); // Add Le + if(currPos >= request.length - 1) + ccBaos.write((byte)0x00); //Add Le try { CommandAPDU chainedGeneralAuthApdu = new CommandAPDU(ccBaos.toByteArray()); PCSCWrapper pcsc = PCSCWrapper.getInstance(); @@ -117,73 +114,70 @@ public static ResponseAPDU sendRequest(CardHandle ch, int pivAlgId, int pivKeyId } } } - if (resp.getSW1() != 0x90 && resp.getSW2() != 0x00) { - s_logger.error("Got status code of {}{} for GENERAL AUTHENTICATE", Integer.toHexString(resp.getSW1()), - Integer.toHexString(resp.getSW2())); + if(resp.getSW1() != 0x90 && resp.getSW2() != 0x00) { + s_logger.error("Got status code of {}{} for GENERAL AUTHENTICATE", + Integer.toHexString(resp.getSW1()), Integer.toHexString(resp.getSW2())); } return resp; } - + // this should live in one of the data model classes public static byte[] getChallengeResponseFromData(byte[] apduData) { - if (apduData == null || apduData.length == 0) { + if(apduData == null || apduData.length == 0) { s_logger.error("null or empty APDU data was passed in."); return null; } - BerTlvParser tlvp = new BerTlvParser(new CCTTlvLogger(GeneralAuthenticateHelper.class)); - BerTlvs outer = tlvp.parse(apduData); - List outerValues = outer.getList(); - BerTlvs inner = tlvp.parse(outerValues.get(0).getBytesValue()); - List values = inner.getList(); - byte[] rv = null; - BerTag responseTag = new BerTag(GA_RESPONSE); - for (BerTlv tlv : values) { - if (tlv.getTag().equals(responseTag)) { - rv = tlv.getBytesValue(); - break; - } - } - return rv; + BerTlvParser tlvp = new BerTlvParser(new CCTTlvLogger(GeneralAuthenticateHelper.class)); + BerTlvs outer = tlvp.parse(apduData); + List outerValues = outer.getList(); + BerTlvs inner = tlvp.parse(outerValues.get(0).getBytesValue()); + List values = inner.getList(); + byte[] rv = null; + BerTag responseTag = new BerTag(GA_RESPONSE); + for(BerTlv tlv: values) { + if(tlv.getTag().equals(responseTag)) { + rv = tlv.getBytesValue(); + break; + } + } + return rv; } - + // these should be factored out into alg-specific helpers - // digest a challenge using the specified digest OID and format it into a PKCS#1 - // v1.5 padded message + // digest a challenge using the specified digest OID and format it into a PKCS#1 v1.5 padded message public static byte[] preparePKCS1Challenge(byte[] challenge, String digestOid, int modulusLen) { - String jceDigestName = MessageDigestUtils.getDigestName(new ASN1ObjectIdentifier(digestOid)); - byte[] challengeDigest = null; - try { - challengeDigest = MessageDigest.getInstance(jceDigestName, "BC").digest(challenge); - } catch (NoSuchAlgorithmException | NoSuchProviderException e) { - s_logger.error("Unable to digest challenge", e); - return null; - } - s_logger.debug("Challenge: {}", Hex.encodeHexString(challenge)); - s_logger.debug("{} ({}) digest of challenge: {}", digestOid, jceDigestName, - Hex.encodeHexString(challengeDigest)); - - AlgorithmIdentifier digestAlgId = new AlgorithmIdentifier(new ASN1ObjectIdentifier(digestOid), - new NullParameters()); - DigestInfo formattedDigest = new DigestInfo(digestAlgId, challengeDigest); - byte[] diBuf = null; - try { - diBuf = formattedDigest.getEncoded(); - } catch (IOException e) { - s_logger.error("Unable to encode DigestInfo structure for PKCS#1 signature block", e); - return null; - } - return padDigestInfo(diBuf, modulusLen); + String jceDigestName = MessageDigestUtils.getDigestName(new ASN1ObjectIdentifier(digestOid)); + byte[] challengeDigest = null; + try { + challengeDigest = MessageDigest.getInstance(jceDigestName, "BC").digest(challenge); + } catch (NoSuchAlgorithmException | NoSuchProviderException e) { + s_logger.error("Unable to digest challenge", e); + return null; + } + s_logger.debug("Challenge: {}", Hex.encodeHexString(challenge)); + s_logger.debug("{} ({}) digest of challenge: {}", digestOid, jceDigestName, Hex.encodeHexString(challengeDigest)); + + AlgorithmIdentifier digestAlgId = new AlgorithmIdentifier(new ASN1ObjectIdentifier(digestOid), new NullParameters()); + DigestInfo formattedDigest = new DigestInfo(digestAlgId, challengeDigest); + byte[] diBuf = null; + try { + diBuf = formattedDigest.getEncoded(); + } catch(IOException e) { + s_logger.error("Unable to encode DigestInfo structure for PKCS#1 signature block", e); + return null; + } + return padDigestInfo(diBuf, modulusLen); } // pad an encoded DigestInfo structure - // based on steps in section 9.2 of RFC 3447 - public static byte[] padDigestInfo(byte[] digest, int modulusLen) { - byte[] PS = new byte[modulusLen - digest.length - 3]; - Arrays.fill(PS, (byte) 0xff); - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - baos.write(0x00); - baos.write(0x01); - try { + // based on steps in section 9.2 of RFC 3447 + public static byte[] padDigestInfo(byte[] digest, int modulusLen) { + byte[] PS = new byte[modulusLen - digest.length - 3]; + Arrays.fill(PS, (byte)0xff); + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + baos.write(0x00); + baos.write(0x01); + try { baos.write(PS); baos.write(0x00); baos.write(digest); @@ -191,25 +185,24 @@ public static byte[] padDigestInfo(byte[] digest, int modulusLen) { s_logger.error("Unexpected error generating padded buffer", e); return null; } - return baos.toByteArray(); - } + return baos.toByteArray(); + } - public static byte[] generateChallenge(int size) { - SecureRandom rng; + public static byte[] generateChallenge(int size) { + SecureRandom rng; try { rng = SecureRandom.getInstanceStrong(); } catch (NoSuchAlgorithmException e) { s_logger.error("Unable to instantiate RNG", e); return null; } - byte[] challenge = new byte[size]; - rng.nextBytes(challenge); - s_logger.debug("Challenge bytes: {}", Hex.encodeHexString(challenge)); - return challenge; - } - - public static boolean verifyResponseSignature(String jceSignatureAlgName, PublicKey containerCertKey, - byte[] signature, byte[] challenge) { + byte[] challenge = new byte[size]; + rng.nextBytes(challenge); + s_logger.debug("Challenge bytes: {}", Hex.encodeHexString(challenge)); + return challenge; + } + + public static boolean verifyResponseSignature(String jceSignatureAlgName, PublicKey containerCertKey, byte[] signature, byte[] challenge) { boolean verified = false; try { Signature verifier = Signature.getInstance(jceSignatureAlgName); diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/IPIVApplication.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/IPIVApplication.java new file mode 100644 index 00000000..be4d534b --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/IPIVApplication.java @@ -0,0 +1,101 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +/** + * This interface encapsulates the entry points for data access from SP800-73. + * + * Defined as an interface to allow per-card implementations to differ. + * + */ +public interface IPIVApplication { + + /** + * pivSelectCardApplication from SP800-73-4 part 3 section 3.2.1 + * + * @param cardHandle Opaque identifier of the card to be acted upon as + * returned by pivConnect. + * @param applicationAID The AID of the PIV Card Application that is to + * become the currently selected card application. + * @param applicationProperties The application properties of the selected PIV + * Card Application. See Part 2, Table 3. + * @return MiddlewareStatus value indicating the result of the function call + */ + MiddlewareStatus pivSelectCardApplication(CardHandle cardHandle, ApplicationAID applicationAID, ApplicationProperties applicationProperties); + + /** + * pivEstablishSecureMessaging from SP800-73-4 part 3 section 3.2.2 + * @param cardHandle Opaque identifier of the card to be acted upon as + * * returned by pivConnect. + * @return MiddlewareStatus value indicating the result of the function call + */ + MiddlewareStatus pivEstablishSecureMessaging(CardHandle cardHandle); + + /** + * pivLogIntoCardApplication from SP800-73-4 part 3 section 3.2.3 + * + * @param cardHandle Opaque identifier of the card to be acted upon as returned by pivConnect. + * @param authenticators A sequence of zero or more BER-TLV encoded authenticators to be used to authenticate and set security + * state/status in the PIV Card Application contex + * @return MiddlewareStatus value indicating the result of the function call + */ + MiddlewareStatus pivLogIntoCardApplication(CardHandle cardHandle, byte[] authenticators); + + /** + * pivGetData from SP800-73-4 part 3 section 3.2.4 + * @param cardHandle Opaque identifier of the card to be acted upon as returned by pivConnect. + * @param OID Object identifier of the object whose data content is to be + * retrieved coded as a string + * @param data Retrieved data content stored in PIVDataObject object + * @return MiddlewareStatus value indicating the result of the function call + */ + MiddlewareStatus pivGetData(CardHandle cardHandle, String OID, PIVDataObject data); + + /** + * pivLogoutOfCardApplication from SP800-73-4 part 3 section 3.2.5 - reset application security status of PIV card application + * + * @param cardHandle Opaque identifier of the card to be acted upon as returned by pivConnect. + * @return MiddlewareStatus value indicating the result of the function call + */ + MiddlewareStatus pivLogoutOfCardApplication(CardHandle cardHandle); + + /** + * pivCrypt from SP800-73-4 part 3 section 3.3.1 + * + * @param cardHandle Opaque identifier of the card to be acted upon as returned by pivConnect. + * @param algorithmIdentifier Identifier of the cryptographic algorithm to be used for + * the cryptographic operation. + * @param keyReference Identifier of the on-card key to be used for the + * cryptographic operation. + * @param algorithmInput Sequence of bytes used as the input to the cryptographic + * operation stored in PIVDataObject object. + * @param algorithmOutput Sequence of bytes output by the cryptographic operation stored in PIVDataObject object. + * @return MiddlewareStatus value indicating the result of the function call + */ + MiddlewareStatus pivCrypt(CardHandle cardHandle, byte algorithmIdentifier, byte keyReference, PIVDataObject algorithmInput, PIVDataObject algorithmOutput); + + /** + * + * pivPutData from SP800-73-4 part 3 section 3.4.1 + * + * @param cardHandle Opaque identifier of the card to be acted upon as returned by pivConnect. + * @param OID Object identifier of the object whose data content is to be + * replaced coded as a String. + * @param data Data to be used to replace in its entirety the data content + * of the named data object stored in PIVDataObject object + * @return MiddlewareStatus value indicating the result of the function call + */ + MiddlewareStatus pivPutData(CardHandle cardHandle, String OID, PIVDataObject data); + + + /** + * + * pivGenerateKeyPair from SP800-73-4 part 3 section 3.4.2 + * + * @param cardHandle Opaque identifier of the card to be acted upon as returned by pivConnect. + * @param keyReference The key reference of the generated key pair. + * @param cryptographicMechanism The type of key pair to be generated. + * @param publicKey BER-TLV data objects defining the public key + * of the generated key pair stored in PIVDataObject object. + * @return MiddlewareStatus value indicating the result of the function call + */ + MiddlewareStatus pivGenerateKeyPair(CardHandle cardHandle, byte keyReference, byte cryptographicMechanism, PIVDataObject publicKey); +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/KeyHistoryObject.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/KeyHistoryObject.java new file mode 100644 index 00000000..823b1af8 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/KeyHistoryObject.java @@ -0,0 +1,138 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import gov.gsa.pivconformance.cardlib.tlv.*; +import org.apache.commons.codec.binary.Hex; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; + +/** + * + * Encapsulates a Key History data object as defined by SP800-73-4 Part 2 Appendix A Table 19 + * + */ +public class KeyHistoryObject extends PIVDataObject { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(KeyHistoryObject.class); + // initialize to -1 so we can differentiate between no key history and failure to decode + private int m_keysWithOnCardCerts = -1; + private int m_keysWithOffCardCerts = -1; + private byte[] m_offCardCertUrl; + + public KeyHistoryObject() { + m_content = new HashMap(); + } + + // XXX *** This should probably land in the base class, but at least for this test, it won't + private byte[] m_tlvBuf = null; + public byte[] getTlvBuf() { + return m_tlvBuf; + } + + + /** + * + * Returns Integer containing keysWithOnCardCerts value + * + * @return Integer containing keysWithOnCardCerts value + */ + public int getKeysWithOnCardCerts() { + return m_keysWithOnCardCerts; + } + + /** + * + * Sets the keysWithOnCardCerts value + * + * @param keysWithOnCardCerts Integer containing keysWithOnCardCerts value + */ + public void setKeysWithOnCardCerts(int keysWithOnCardCerts) { + m_keysWithOnCardCerts = keysWithOnCardCerts; + } + + /** + * + * Returns Integer containing keysWithOffCardCerts value + * + * @return Integer containing keysWithOffCardCerts value + */ + public int getKeysWithOffCardCerts() { + return m_keysWithOffCardCerts; + } + + /** + * + * Sets the keysWithOffCardCerts value + * + * @param keysWithOffCardCerts Integer containing keysWithOffCardCerts value + */ + public void setKeysWithOffCardCerts(int keysWithOffCardCerts) { + m_keysWithOffCardCerts = keysWithOffCardCerts; + } + + /** + * + * Returns byte array containing offCardCertUrl value + * + * @return Byte array containing offCardCertUrl value + */ + public byte[] getOffCardCertUrl() { + return m_offCardCertUrl; + } + + + /** + * + * Sets the offCardCertUrl value + * + * @param offCardCertUrl Byte array containing offCardCertUrl value + */ + public void setOffCardCertUrl(byte[] offCardCertUrl) { + m_offCardCertUrl = offCardCertUrl; + } + + /** + * + * Decode function that decodes Key History Object retrieved from the card and populates various class fields. + * + * @return True if decode was successful, false otherwise + */ + @Override + public boolean decode() { + byte[] rawBytes = this.getBytes(); + BerTlvParser tlvp = new BerTlvParser(new CCTTlvLogger(this.getClass())); + BerTlvs outer = tlvp.parse(rawBytes); + List outerTlvs = outer.getList(); + if(outerTlvs.size() == 1 && outerTlvs.get(0).isTag(new BerTag(0x53))) { + m_tlvBuf = outerTlvs.get(0).getBytesValue(); + outer = tlvp.parse(m_tlvBuf); + } + for(BerTlv tlv : outer.getList()) { + byte[] tag = tlv.getTag().bytes; + if(Arrays.equals(tag, TagConstants.KEYS_WITH_ON_CARD_CERTS_TAG)) { + m_keysWithOnCardCerts = tlv.getIntValue(); + m_content.put(tlv.getTag(), tlv.getBytesValue()); + } else if(Arrays.equals(tag, TagConstants.KEYS_WITH_OFF_CARD_CERTS_TAG)) { + m_keysWithOffCardCerts = tlv.getIntValue(); + m_content.put(tlv.getTag(), tlv.getBytesValue()); + } else if(Arrays.equals(tag, TagConstants.OFF_CARD_CERT_URL_TAG)) { + m_offCardCertUrl = tlv.getBytesValue(); + m_content.put(tlv.getTag(), tlv.getBytesValue()); + } else if(!Arrays.equals(tag, TagConstants.ERROR_DETECTION_CODE_TAG) && tlv.getBytesValue().length != 0) { + m_content.put(tlv.getTag(), tlv.getBytesValue()); + s_logger.warn("Unexpected tag: {} with value: {}", Hex.encodeHexString(tlv.getTag().bytes), Hex.encodeHexString(tlv.getBytesValue())); + } + s_logger.info("found tag: {}", Hex.encodeHexString(tag)); + } + + if (m_keysWithOnCardCerts == -1 || m_keysWithOffCardCerts == -1) + return false; + + dump(this.getClass()) +; + return true; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/MiddlewareStatus.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/MiddlewareStatus.java new file mode 100644 index 00000000..2bf2849f --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/MiddlewareStatus.java @@ -0,0 +1,27 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +/** + * + * Enumeration containing PIV Client Application Programming Interface return codes + * + */ +public enum MiddlewareStatus { + PIV_OK, + PIV_CONNECTION_DESCRIPTION_MALFORMED, + PIV_CONNECTION_FAILURE, + PIV_CONNECTION_LOCKED, + PIV_INVALID_CARD_HANDLE, + PIV_CARD_READER_ERROR, + PIV_INVALID_OID, + PIV_DATA_OBJECT_NOT_FOUND, + PIV_SECURITY_CONDITIONS_NOT_SATISFIED, + PIV_SM_FAILED, + PIV_INSUFFICIENT_BUFFER, + PIV_CARD_APPLICATION_NOT_FOUND, + PIV_AUTHENTICATION_FAILURE, + PIV_AUTHENTICATOR_MALFORMED, + PIV_UNSUPPORTED_CRYPTOGRAPHIC_MECHANISM, + PIV_INVALID_KEY_OR_KEYALG_COMBINATION, + PIV_FUNCTION_NOT_SUPPORTED, + PIV_INSUFFICIENT_CARD_RESOURCE +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/OtherName.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/OtherName.java new file mode 100644 index 00000000..39a75869 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/OtherName.java @@ -0,0 +1,99 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +// Used from the bouncy castle git repo under the same license as bouncycastle itself. + +import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1Object; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.ASN1TaggedObject; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.asn1.DERTaggedObject; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The OtherName object. + * 
+ * OtherName ::= SEQUENCE {
+ *      type-id    OBJECT IDENTIFIER,
+ *      value      [0] EXPLICIT ANY DEFINED BY type-id }
+ *
+ */ +public class OtherName + extends ASN1Object +{ + private static final Logger s_logger = LoggerFactory.getLogger(OtherName.class); + + private final ASN1ObjectIdentifier typeID; + private final ASN1Encodable value; + + /** + * OtherName factory method. + * @param obj the object used to construct an instance of + * OtherName. It must be an instance of OtherName + * or ASN1Sequence. + * @return the instance of OtherName built from the + * supplied object. + * @throws java.lang.IllegalArgumentException if the object passed + * to the factory is not an instance of OtherName or something that + * can be converted into an appropriate ASN1Sequence. + */ + public static OtherName getInstance( + Object obj) + { + + if (obj instanceof OtherName) + { + return (OtherName)obj; + } + else if (obj != null) + { + return new OtherName(ASN1Sequence.getInstance(obj)); + } + + return null; + } + + /** + * Base constructor. + * @param typeID the type of the other name. + * @param value the ANY object that represents the value. + */ + public OtherName( + ASN1ObjectIdentifier typeID, + ASN1Encodable value) + { + this.typeID = typeID; + this.value = value; + } + + private OtherName(ASN1Sequence seq) + { + this.typeID = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0)); + this.value = ASN1TaggedObject.getInstance(seq.getObjectAt(1)).getObject(); // explicitly tagged + } + + public ASN1ObjectIdentifier getTypeID() + { + return typeID; + } + + public ASN1Encodable getValue() + { + return value; + } + + @Override + public ASN1Primitive toASN1Primitive() + { + ASN1EncodableVector v = new ASN1EncodableVector(); + + v.add(typeID); + v.add(new DERTaggedObject(true, 0, value)); + + return new DERSequence(v); + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVApplicationException.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVApplicationException.java new file mode 100644 index 00000000..ddd6478d --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVApplicationException.java @@ -0,0 +1,56 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * A base class for exceptions thrown by PIV application methods + */ +public class PIVApplicationException extends Exception { + private static final Logger s_logger = LoggerFactory.getLogger(PIVApplicationException.class); + + /** + * + */ + private static final long serialVersionUID = 1L; + + /** + * + * Default constructor for PIVApplicationException class + * + */ + public PIVApplicationException() { + super(); + } + + /** + * + * Constructor for PIVApplicationException class that takes a string with exception message + * + * @param message String with the exception message + */ + public PIVApplicationException(String message) { + super(message); + } + + /** + * + * Constructor for PIVApplicationException class that takes a string with exception message and a Throwable cause + * + * @param message String with the exception message + * @param cause Throwable cause + */ + public PIVApplicationException(String message, Throwable cause) { + super(message, cause); + } + + /** + * + * Constructor for PIVApplicationException class that takes a Throwable cause + * + * @param cause Throwable cause + */ + public PIVApplicationException(Throwable cause) { + super(cause); + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVAuthenticator.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVAuthenticator.java new file mode 100644 index 00000000..4bfbe9ad --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVAuthenticator.java @@ -0,0 +1,93 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import gov.gsa.pivconformance.cardlib.tlv.TagConstants; + +import java.util.Arrays; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * A class that serves the function of the handle objects passed around that encapsulate authenticator information + */ +public class PIVAuthenticator { + private static final Logger s_logger = LoggerFactory.getLogger(PIVAuthenticator.class); + + byte m_type; + byte[] m_data; + + /** + * + * Constructor that initializes PIVAuthenticator object based on passed in parameter + * + * @param type Authenticator type either an Application Pin or a Global PIN + * @param data String object containing the pin information + */ + public PIVAuthenticator(byte type, String data) { + this(type, data.getBytes()); + } + + /** + * + * Constructor that initializes PIVAuthenticator object based on passed in parameter + * + * @param type Authenticator type either an Application Pin or a Global PIN + * @param data Byte array object containing the pin information + */ + public PIVAuthenticator(byte type, byte[] data) { + m_type = type; + if(m_type == TagConstants.KEY_REFERENCE_APPLICATION_PIN_TAG || + m_type == TagConstants.KEY_REFERENCE_GLOBAL_PIN_TAG) { + if(data.length == 0) { + m_data = new byte[0]; + } else { + if(data.length > 8 || data.length < 6) { + throw new IllegalArgumentException("PIN must be between 6 and 8 digits"); + } + m_data = Arrays.copyOf(data, 8); + Arrays.fill(m_data, data.length, m_data.length, (byte)0xff); + } + } + } + + /** + * + * Get the authenticator type + * + * @return Byte identifying authenticator type + */ + public byte getType() { + return m_type; + } + + /** + * + * Set the authenticator type + * + * @param type byte containing authenticator type + */ + public void setType(byte type) { + m_type = type; + } + + /** + * + * Get the pin information + * + * @return Byte array containing pin information + */ + public byte[] getData() { + return m_data; + } + + /** + * + * Set the pin + * + * @param data byte array containing pin information + */ + public void setData(byte[] data) { + m_data = data; + } + +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVAuthenticators.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVAuthenticators.java new file mode 100644 index 00000000..1adc58b0 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVAuthenticators.java @@ -0,0 +1,112 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import gov.gsa.pivconformance.cardlib.tlv.*; +import java.util.ArrayList; +import java.util.List; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +/** + * A class that serves the function of the handle to a list of authenticator objects + * in SP800-73 + */ +public class PIVAuthenticators { + private static final Logger s_logger = LoggerFactory.getLogger(PIVAuthenticators.class); + + private ArrayList m_authenticators = new ArrayList(); + + /** + * + * Get the list of authenticators + * + * @return List of PIVAuthenticator objects + */ + public List getAuthenticators() { + return m_authenticators; + } + + + /** + * + * Add a global pin authenticator object + * + * @param pin String containing pin value + */ + public void addGlobalPin(String pin) { + PIVAuthenticator a = new PIVAuthenticator(TagConstants.KEY_REFERENCE_GLOBAL_PIN_TAG, pin); + m_authenticators.add(a); + } + + /** + * + * Add an application pin authenticator object + * + * @param pin String containing pin value + */ + public void addApplicationPin(String pin) { + PIVAuthenticator a = new PIVAuthenticator(TagConstants.KEY_REFERENCE_APPLICATION_PIN_TAG, pin); + m_authenticators.add(a); + } + + + /** + * + * Returns a byte array representation of a list of authenticator objects + * + * @return Byte array containing authenticator list + */ + public byte[] getBytes() { + byte[] rv = {}; + if(m_authenticators.size() == 0) return rv; + BerTlvBuilder b = new BerTlvBuilder(); + for(PIVAuthenticator authenticator: m_authenticators) { + b.addBytes(new BerTag(TagConstants.REFERENCE_DATA_TAG), authenticator.getData()); + b.addByte(new BerTag(TagConstants.KEY_REFERENCE_TAG), authenticator.getType()); + } + rv = b.buildArray(); + //s_logger.debug("Encoded authenticators: {}", Hex.encodeHexString(rv)); + return rv; + } + + /** + * + * Helper function that decodes byte array containing authenticator list and populates various class fields. + * + * @param authenticators Byte array containing authenticator list + */ + public boolean decode(byte[] authenticators) { + m_authenticators.clear(); + if(authenticators.length == 0) return true; + BerTlvParser p = new BerTlvParser(new CCTTlvLogger(this.getClass())); + BerTlvs tlvs = p.parse(authenticators); + byte[] refData = null; + byte refId = 0x00; + for(BerTlv t : tlvs.getList()) { + switch(t.getTag().bytes[0] ) { + case (byte)0x81: + { + refData = t.getBytesValue(); + break; + } + case (byte)0x83: + { + if(refData == null) { + throw new IllegalStateException("Unexpected 0x83 tag without having seen 0x81 tag while parsing authenticator"); + } + refId = t.getBytesValue()[0]; + PIVAuthenticator parsed = new PIVAuthenticator(refId, refData); + m_authenticators.add(parsed); + refData = null; + refId = 0x00; + break; + } + default: + throw new IllegalStateException("Unexpected tag in authenticator"); + } + } + return true; + } + + + +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVDataObject.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVDataObject.java similarity index 96% rename from cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVDataObject.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVDataObject.java index e96f8984..1abb2f61 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/PIVDataObject.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVDataObject.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformance.card.client; +package gov.gsa.pivconformance.cardlib.card.client; import java.util.ArrayList; import java.util.Arrays; @@ -12,10 +12,10 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.pivconformance.tlv.BerTag; -import gov.gsa.pivconformance.tlv.HexUtil; -import gov.gsa.pivconformance.tlv.TagBoundaryManager; -import gov.gsa.pivconformance.tlv.TagConstants; +import gov.gsa.pivconformance.cardlib.tlv.BerTag; +import gov.gsa.pivconformance.cardlib.tlv.HexUtil; +import gov.gsa.pivconformance.cardlib.tlv.TagBoundaryManager; +import gov.gsa.pivconformance.cardlib.tlv.TagConstants; /** * Represents a PIV data object as read to or written from the card. Subclasses @@ -236,14 +236,15 @@ public void dump(Class classz) { // Get the container name String canonicalName = classz.getCanonicalName(); String containerName = getContainerName(); - if (containerName == null) containerName = APDUConstants.oidNameMap.get(m_OID).replaceAll("_", ""); + if (containerName == null) containerName = APDUConstants.oidNameMap.get(m_OID).replaceAll(" ", ""); String className = containerName == null ? canonicalName : classz.getPackage().toString().replace("package ", "") + "." + containerName; // Find the path where containers are written Logger s_containerLogger = LoggerFactory.getLogger(className); s_containerLogger.debug("Container: {}", APDUConstants.oidNameMap.get(m_OID).replace(" ", "_")); s_containerLogger.debug("Raw bytes: {}", Hex.encodeHexString(m_dataBytes)); - m_artifactCache.saveObject(APDUConstants.getFileNameForOid(m_OID)+ ".dat", m_dataBytes); + + m_artifactCache.saveObject("piv-artifacts", APDUConstants.getFileNameForOid(m_OID)+ ".dat", m_dataBytes); for (int i = 0; i < m_tagList.size(); i++) { BerTag tag = m_tagList.get(i); if (tag != null) { @@ -411,5 +412,4 @@ public String getContainerName() { public void setContainerName(String containerName) { m_containerName = containerName; } - -} +} \ No newline at end of file diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVDataObjectFactory.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVDataObjectFactory.java new file mode 100644 index 00000000..6c5280be --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVDataObjectFactory.java @@ -0,0 +1,60 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class PIVDataObjectFactory { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(PIVDataObjectFactory.class); + + /** + * Instantiate an appropriate PIVDataObject class given an OID, or a generic one in the absence of an OID + * + * @param OID + * @return + */ + public static PIVDataObject createDataObjectForOid(String OID) { + PIVDataObject rv = null; + + if(OID.equals(APDUConstants.CARD_CAPABILITY_CONTAINER_OID)) + rv = new CardCapabilityContainer(); + else if(OID.equals(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID)) + rv = new CardHolderUniqueIdentifier(); + else if(OID.equals(APDUConstants.SECURITY_OBJECT_OID)) + rv = new SecurityObject(); + else if(OID.equals(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID)) + rv = new CardHolderBiometricData(); + else if(OID.equals(APDUConstants.CARDHOLDER_FINGERPRINTS_OID)) + rv = new CardHolderBiometricData(); + else if(OID.equals(APDUConstants.X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID)) + rv = new X509CertificateDataObject(); + else if(OID.equals(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID)) + rv = new X509CertificateDataObject(); + else if(OID.equals(APDUConstants.DISCOVERY_OBJECT_OID)) + rv = new DiscoveryObject(); + else if(OID.equals(APDUConstants.KEY_HISTORY_OBJECT_OID)) + rv = new KeyHistoryObject(); + else if(OID.equals(APDUConstants.BIOMETRIC_INFORMATION_TEMPLATES_GROUP_TEMPLATE_OID)) + rv = new BiometricInformationTemplatesGroupTemplate(); + else if(OID.equals(APDUConstants.CARDHOLDER_IRIS_IMAGES_OID)) + rv = new CardHolderBiometricData(); + else if(OID.equals(APDUConstants.PAIRING_CODE_REFERENCE_DATA_CONTAINER_OID)) + rv = new PairingCodeReferenceDataContainer(); + else if(OID.equals(APDUConstants.SECURE_MESSAGING_CERTIFICATE_SIGNER_OID)) + rv = new SecureMessagingCertificateSigner(); + else if(OID.equals(APDUConstants.X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID)) + rv = new X509CertificateDataObject(); + else if(OID.equals(APDUConstants.X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID)) + rv = new X509CertificateDataObject(); + else if(OID.equals(APDUConstants.PRINTED_INFORMATION_OID)) + rv = new PrintedInformation(); + + if(rv == null) { + s_logger.warn("Unrecognized data object type: {}. Using generic.", OID); + rv = new PIVDataObject(); + return rv; + } + rv.setOID(OID); + return rv; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVMiddleware.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVMiddleware.java new file mode 100644 index 00000000..1aa164cb --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVMiddleware.java @@ -0,0 +1,99 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import gov.gsa.pivconformance.cardlib.utils.PCSCWrapper; + +import javax.smartcardio.CardTerminal; +import javax.smartcardio.Card; + + +public class PIVMiddleware { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(PIVMiddleware.class); + public static final String PIV_MIDDLEWARE_VERSION = "800-73-4 Client API"; + + /** + * pivMiddlewareVersion from section 3.1.1 of SP 800-73-4 + * + * @param version + * @return PIV_OK if version was successfully retrieved + */ + public static MiddlewareStatus pivMiddlewareVersion(PIVMiddlewareVersion version) { + version.setVersion(PIV_MIDDLEWARE_VERSION); + return MiddlewareStatus.PIV_OK; + } + + /** + * pivConnect from section 3.1.2 of SP 800-73-4 + * + * @param sharedConnection + * @param connectionDescription + * @param cardHandle + * @return PIV_OK if connection was successful, PIV_CONNECTION_DESCRIPTION_MALFORMED if an invalid ConnectionDescription object was passed in, + * PIV_CONNECTION_FAILURE if no connection could be established, or PIV_CONNECTION_LOCKED if an exclusive connection was requested but another exclusive + * connection to the card in the specified reader is already in progress. + */ + public static MiddlewareStatus pivConnect(boolean sharedConnection, ConnectionDescription connectionDescription, CardHandle cardHandle) { + + // Need to figure out what to do with sharedConnection in context of JAVA + CardTerminal t = connectionDescription.getTerminal(); + if(cardHandle == null) + cardHandle = new CardHandle(); + + if(connectionDescription.getTerminal() == null ) + return MiddlewareStatus.PIV_CONNECTION_DESCRIPTION_MALFORMED; + + try { + + PCSCWrapper pcsc = PCSCWrapper.getInstance(); + + Card card = pcsc.connect(t); + + if(card != null) { + cardHandle.setConnectionDescription(connectionDescription); + cardHandle.setCard(card); + cardHandle.setValid(true); + cardHandle.setCurrentChannel(card.getBasicChannel()); + } + + }catch (Exception ex) { + s_logger.error("Unable to establish connection to the card : ", ex.getMessage(), ex); + return MiddlewareStatus.PIV_CONNECTION_FAILURE; + } + + return MiddlewareStatus.PIV_OK; + } + + /** + * pivDisconnect from section 3.1.2 of SP 800-73-4 + * + * @param cardHandle + * @return PIV_OK if the connection was disconnected and the CardHandle invalidated, PIV_INVALID_CARD_HANDLE if cardHandle was invalid, + * PIV_CARD_READER_ERROR if the connection could not be destroyed due to a reader failure. + */ + public static MiddlewareStatus pivDisconnect(CardHandle cardHandle) { + + try { + + Card card = cardHandle.getCard(); + + if(card == null || !cardHandle.isValid()) { + return MiddlewareStatus.PIV_INVALID_CARD_HANDLE; + } + + //XXX Need to figure out if connections needs to be reset or not + card.disconnect(false); + //Invalidate cardHandle object + cardHandle = new CardHandle(); + + }catch (Exception ex) { + + s_logger.error("Unable to disconnect from the card : ", ex.getMessage()); + return MiddlewareStatus.PIV_CARD_READER_ERROR; + } + + return MiddlewareStatus.PIV_OK; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVMiddlewareVersion.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVMiddlewareVersion.java new file mode 100644 index 00000000..76295cc4 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PIVMiddlewareVersion.java @@ -0,0 +1,54 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Class for atoring PIV middleware version information. + */ +public class PIVMiddlewareVersion { + private static final Logger s_logger = LoggerFactory.getLogger(PIVMiddlewareVersion.class); + + /** + * + * Default constructor that creates an invalid PIVMiddlewareVersion object + * + */ + public PIVMiddlewareVersion() { + version = "NOT SET"; + } + + /** + * + * Returns a String with PIV middleware version info + * + * @return + */ + public String getVersion() { + return version; + } + + /** + * + * Sets the PIV middleware version info + * + * @param version String with PIV middleware version info + */ + public void setVersion(String version) { + this.version = version; + } + + /** + * + * Returns a String with PIV middleware version info + * + * @return + */ + @Override + public String toString() { + return version; + } + + private String version; + +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PairingCodeReferenceDataContainer.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PairingCodeReferenceDataContainer.java new file mode 100644 index 00000000..b5b9191f --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PairingCodeReferenceDataContainer.java @@ -0,0 +1,149 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import gov.gsa.pivconformance.cardlib.tlv.*; +import org.apache.commons.codec.binary.Hex; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; + +/** + * + * Encapsulates a Pairing Code Reference Data Container data object as defined by SP800-73-4 Part 2 Appendix A Table 43 + * + */ +public class PairingCodeReferenceDataContainer extends PIVDataObject { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(PairingCodeReferenceDataContainer.class); + + private String m_pairingCode; + private boolean m_errorDetectionCode; + + /** + * PairingCodeReferenceDataContainer class constructor, initializes all the class fields. + */ + public PairingCodeReferenceDataContainer() { + m_pairingCode = ""; + m_errorDetectionCode = false; + m_content = new HashMap(); + } + + /** + * + * Returns a String with pairing code name + * + * @return String containing pairing code name + */ + public String getName() { + return m_pairingCode; + } + + /** + * + * Sets the pairing code name + * + * @param pairingCode String containing pairing code name + */ + public void setName(String pairingCode) { + m_pairingCode = pairingCode; + } + + /** + * + * Returns True if error Error Detection Code is present, false otherwise + * + * @return True if error Error Detection Code is present, false otherwise + */ + @Override + public boolean getErrorDetectionCode() { + return m_errorDetectionCode; + } + + /** + * + * Sets if error Error Detection Code is present + * + * @param errorDetectionCode True if error Error Detection Code is present, false otherwise + */ + @Override + public void setErrorDetectionCode(boolean errorDetectionCode) { + m_errorDetectionCode = errorDetectionCode; + } + + /** + * + * Decode function that decodes Pairing Code Reference Data Container object retrieved from the card and populates various class fields. + * + * @return True if decode was successful, false otherwise + */ + @Override + public boolean decode() { + + try{ + byte[] rawBytes = this.getBytes(); + + if(rawBytes == null){ + s_logger.error("No buffer to decode for {}.", APDUConstants.oidNameMap.get(super.getOID())); + return false; + } + + BerTlvParser tlvp = new BerTlvParser(new CCTTlvLogger(this.getClass())); + BerTlvs outer = tlvp.parse(rawBytes); + + if(outer == null){ + s_logger.error("Error parsing {}, unable to parse TLV value.", APDUConstants.oidNameMap.get(super.getOID())); + return false; + } + + List values = outer.getList(); + for(BerTlv tlv : values) { + if(tlv.isPrimitive()) { + s_logger.trace("Tag {}: {}", Hex.encodeHexString(tlv.getTag().bytes), Hex.encodeHexString(tlv.getBytesValue())); + + BerTlvs outer2 = tlvp.parse(tlv.getBytesValue()); + + if (outer2 == null) { + s_logger.error("Error parsing {}, unable to parse TLV value.", APDUConstants.oidNameMap.get(super.getOID())); + return false; + } + + List values2 = outer2.getList(); + for (BerTlv tlv2 : values2) { + if (tlv2.isPrimitive()) { + if (Arrays.equals(tlv2.getTag().bytes, TagConstants.PAIRING_CODE_TAG)) { + + m_pairingCode = new String(tlv2.getBytesValue()); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + + } else{ + s_logger.warn("Unexpected tag: {} with value: {}", Hex.encodeHexString(tlv2.getTag().bytes), Hex.encodeHexString(tlv2.getBytesValue())); + } + } else { + if (Arrays.equals(tlv2.getTag().bytes, TagConstants.ERROR_DETECTION_CODE_TAG)) { + + m_errorDetectionCode = true; + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + + } else { + s_logger.warn("Unexpected tag: {} with value: {}", Hex.encodeHexString(tlv2.getTag().bytes), Hex.encodeHexString(tlv2.getBytesValue())); + } + } + } + } + } + }catch (Exception ex) { + + s_logger.error("Error parsing {}: {}", APDUConstants.oidNameMap.get(super.getOID()), ex.getMessage()); + return false; + } + + if (m_pairingCode == "") + return false; + + dump(this.getClass()) +; + return true; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PrintedInformation.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PrintedInformation.java new file mode 100644 index 00000000..962284fc --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/PrintedInformation.java @@ -0,0 +1,356 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import gov.gsa.pivconformance.cardlib.tlv.*; +import org.apache.commons.codec.binary.Hex; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.ByteArrayOutputStream; +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; + +/** + * + * Encapsulates a Printed Information data object as defined by SP800-73-4 Part 2 Appendix A Table 9 + * + */ +public class PrintedInformation extends PIVDataObject { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(PrintedInformation.class); + + private String m_name; + private String m_employeeAffiliation; + private String m_expirationDate; + private String m_agencyCardSerialNumber; + private String m_issuerIdentification; + private String m_organizationAffiliation1; + private String m_organizationAffiliation2; + private boolean m_errorDetectionCode; + private byte[] m_signedContent; + + + /** + * PrintedInformation class constructor, initializes all the class fields. + */ + public PrintedInformation() { + m_name = ""; + m_employeeAffiliation = ""; + m_expirationDate = ""; + m_agencyCardSerialNumber = ""; + m_issuerIdentification = ""; + m_organizationAffiliation1 = ""; + m_organizationAffiliation2 = ""; + m_errorDetectionCode = false; + m_signedContent = null; + m_content = new HashMap(); + } + + /** + * + * Returns byte array with signed content + * + * @return Byte array with signed content buffer + */ + public byte[] getSignedContent() { + return m_signedContent; + } + + /** + * + * Sets the signed content value + * + * @param signedContent Byte array with signed content buffer + */ + public void setSignedContent(byte[] signedContent) { + m_signedContent = signedContent; + } + + + /** + * + * Returns the Name value as String + * + * @return String with the Name value + */ + public String getName() { + return m_name; + } + + + /** + * + * Sets the name value + * + * @param name String with the Name value + */ + public void setName(String name) { + m_name = name; + } + + /** + * + * Returns the Employee Affiliation value as String + * + * @return String with the Employee Affiliation value + */ + public String getEmployeeAffiliation() { + return m_employeeAffiliation; + } + + /** + * + * Sets the Employee Affiliation value + * + * @param employeeAffiliation String with the Employee Affiliation value + */ + public void setEmployeeAffiliation(String employeeAffiliation) { + m_employeeAffiliation = employeeAffiliation; + } + + /** + * + * Returns the Expiration Date value as String + * + * @return String with the Expiration Date value + */ + public String getExpirationDate() { + return m_expirationDate; + } + + /** + * + * Sets the Expiration Date value + * + * @param expirationDate String with the Expiration Date value + */ + public void setExpirationDate(String expirationDate) { + m_expirationDate = expirationDate; + } + + /** + * + * Returns the Agency Card Serial Number value as String + * + * @return String with the Agency Card Serial Number value + */ + public String getAgencyCardSerialNumber() { + return m_agencyCardSerialNumber; + } + + /** + * + * Sets the Agency Card Serial Number value + * + * @param agencyCardSerialNumber String with the Agency Card Serial Number value + */ + public void setAgencyCardSerialNumber(String agencyCardSerialNumber) { + m_agencyCardSerialNumber = agencyCardSerialNumber; + } + + /** + * + * Returns the Issuer Identification value as String + * + * @return String with the Issuer Identification value + */ + public String getIssuerIdentification() { + return m_issuerIdentification; + } + + /** + * + * Sets the Issuer Identification value + * + * @param issuerIdentification String with the Issuer Identification value + */ + public void setIssuerIdentification(String issuerIdentification) { + m_issuerIdentification = issuerIdentification; + } + + /** + * + * Returns the Organization Affiliation1 value as String + * + * @return String with the Organization Affiliation1 value + */ + public String getOrganizationAffiliation1() { + return m_organizationAffiliation1; + } + + /** + * + * Sets the Organization Affiliation1 value + * + * @param organizationAffiliation1 String with the Organization Affiliation1 value + */ + public void setOrganizationAffiliation1(String organizationAffiliation1) { + m_organizationAffiliation1 = organizationAffiliation1; + } + + /** + * + * Returns the Organization Affiliation2 value as String + * + * @return String with the Organization Affiliation2 value + */ + public String getOrganizationAffiliation2() { + return m_organizationAffiliation2; + } + + /** + * + * Sets the Organization Affiliation2 value + * + * @param organizationAffiliation2 String with the Organization Affiliation2 value + */ + public void setOrganizationAffiliation2(String organizationAffiliation2) { + m_organizationAffiliation2 = organizationAffiliation2; + } + + /** + * + * Returns True if error Error Detection Code is present, false otherwise + * + * @return True if error Error Detection Code is present, false otherwise + */ + @Override + public boolean getErrorDetectionCode() { + return m_errorDetectionCode; + } + + /** + * + * Sets if error Error Detection Code is present + * + * @param errorDetectionCode True if error Error Detection Code is present, false otherwise + */ + @Override + public void setErrorDetectionCode(boolean errorDetectionCode) { + m_errorDetectionCode = errorDetectionCode; + } + + /** + * + * Decode function that decodes Printed Information object retrieved from the card and populates various class fields. + * + * @return True if decode was successful, false otherwise + */ + @Override + public boolean decode() { + + try{ + byte[] rawBytes = this.getBytes(); + + if(rawBytes == null){ + s_logger.error("No buffer to decode for {}.", APDUConstants.oidNameMap.get(super.getOID())); + return false; + } + + BerTlvParser tlvp = new BerTlvParser(new CCTTlvLogger(this.getClass())); + BerTlvs outer = tlvp.parse(rawBytes); + + if(outer == null){ + s_logger.error("Error parsing {}, unable to parse TLV value.", APDUConstants.oidNameMap.get(super.getOID())); + return false; + } + + List values = outer.getList(); + for(BerTlv tlv : values) { + if(tlv.isPrimitive()) { + s_logger.trace("Tag {}: {}", Hex.encodeHexString(tlv.getTag().bytes), Hex.encodeHexString(tlv.getBytesValue())); + + BerTlvs outer2 = tlvp.parse(tlv.getBytesValue()); + + if (outer2 == null) { + s_logger.error("Error parsing {}, unable to parse TLV value.", APDUConstants.oidNameMap.get(super.getOID())); + return false; + } + + ByteArrayOutputStream scos = new ByteArrayOutputStream(); + + List values2 = outer2.getList(); + for (BerTlv tlv2 : values2) { + if (tlv2.isPrimitive()) { + + super.m_tagList.add(tlv2.getTag()); + if (Arrays.equals(tlv2.getTag().bytes, TagConstants.NAME_TAG)) { + + m_name = new String(tlv2.getBytesValue()); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.NAME_TAG, tlv2.getBytesValue())); + + } else if (Arrays.equals(tlv2.getTag().bytes, TagConstants.EMPLOYEE_AFFILIATION_TAG)) { + + m_employeeAffiliation = new String(tlv2.getBytesValue()); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.EMPLOYEE_AFFILIATION_TAG, tlv2.getBytesValue())); + + } else if (Arrays.equals(tlv2.getTag().bytes, TagConstants.PRINTED_INFORMATION_EXPIRATION_DATE_TAG)) { + + m_expirationDate = new String(tlv2.getBytesValue()); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.PRINTED_INFORMATION_EXPIRATION_DATE_TAG, tlv2.getBytesValue())); + + } else if (Arrays.equals(tlv2.getTag().bytes, TagConstants.AGENCY_CARD_SERIAL_NUMBER_TAG)) { + + m_agencyCardSerialNumber = new String(tlv2.getBytesValue()); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.AGENCY_CARD_SERIAL_NUMBER_TAG, tlv2.getBytesValue())); + + } else if (Arrays.equals(tlv2.getTag().bytes, TagConstants.ISSUER_IDENTIFICATION_TAG)) { + + m_issuerIdentification = new String(tlv2.getBytesValue()); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.ISSUER_IDENTIFICATION_TAG, tlv2.getBytesValue())); + + } else if (Arrays.equals(tlv2.getTag().bytes, TagConstants.ORGANIZATIONAL_AFFILIATION_L1_TAG)) { + + m_organizationAffiliation1 = new String(tlv2.getBytesValue()); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.ORGANIZATIONAL_AFFILIATION_L1_TAG, tlv2.getBytesValue())); + + } else if (Arrays.equals(tlv2.getTag().bytes, TagConstants.ORGANIZATIONAL_AFFILIATION_L2_TAG)) { + + m_organizationAffiliation2 = new String(tlv2.getBytesValue()); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + scos.write(APDUUtils.getTLV(TagConstants.ORGANIZATIONAL_AFFILIATION_L2_TAG, tlv2.getBytesValue())); + + }else{ + s_logger.warn("Unexpected tag: {} with value: {}", Hex.encodeHexString(tlv2.getTag().bytes), Hex.encodeHexString(tlv2.getBytesValue())); + } + } else { + super.m_tagList.add(tlv2.getTag()); + if (Arrays.equals(tlv2.getTag().bytes, TagConstants.ERROR_DETECTION_CODE_TAG)) { + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + m_errorDetectionCode = true; + + scos.write(TagConstants.ERROR_DETECTION_CODE_TAG); + scos.write((byte) 0x00); + + } else { + s_logger.warn("Unexpected tag: {} with value: {}", Hex.encodeHexString(tlv2.getTag().bytes), Hex.encodeHexString(tlv2.getBytesValue())); + } + } + } + + m_signedContent = scos.toByteArray(); + } + } + } catch (Exception ex) { + + s_logger.error("Error parsing {}: {}", APDUConstants.oidNameMap.get(super.getOID()), ex.getMessage()); + return false; + } + + if (m_name == "" || m_employeeAffiliation == "" || m_expirationDate == "" || + m_agencyCardSerialNumber == "" || m_issuerIdentification == "") + return false; + + super.setRequiresPin(true); + + dump(this.getClass()) +; + return true; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/RequestAPDUWrapper.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/RequestAPDUWrapper.java similarity index 94% rename from cardlib/src/main/java/gov/gsa/pivconformance/card/client/RequestAPDUWrapper.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/RequestAPDUWrapper.java index ccf3e34a..744b6666 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/RequestAPDUWrapper.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/RequestAPDUWrapper.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformance.card.client; +package gov.gsa.pivconformance.cardlib.card.client; import org.apache.commons.codec.binary.Hex; import org.slf4j.Logger; @@ -6,7 +6,7 @@ // derived from the intarsys ReqeuestAPDU class public class RequestAPDUWrapper { - private static final Logger s_logger = LoggerFactory.getLogger(RequestAPDUWrapper.class); + private static final Logger s_logger = LoggerFactory.getLogger(RequestAPDUWrapper.class); /* command is not the last command of a chain */ public static final byte CLA_CHAINING_FLAG = 0x10; @@ -52,7 +52,8 @@ public RequestAPDUWrapper(int pCla, int pIns, int pP1, int pP2, byte[] pData) { this(pCla, pIns, pP1, pP2, pData, LE_NONE); } - public RequestAPDUWrapper(int pCla, int pIns, int pP1, int pP2, byte[] pData, int pLe) { + public RequestAPDUWrapper(int pCla, int pIns, int pP1, int pP2, byte[] pData, + int pLe) { cla = pCla; ins = pIns; p1 = pP1; @@ -248,7 +249,8 @@ public boolean isChainedRequest() { } public boolean isExtendedApdu() { - return extendedApdu || (data != null && data.length > 255) || (le > 255); + return extendedApdu || (data != null && data.length > 255) + || (le > 255); } public boolean isSensitiveContent() { @@ -274,7 +276,8 @@ public void setSensitiveContent(boolean sensitiveContent) { @Override public String toString() { return Hex.encodeHexString(getBytes()).replaceAll("..(?=.)", "$0 "); - // return HexTools.bytesToHexString(getBytes()); + //return HexTools.bytesToHexString(getBytes()); } } + diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ResponseAPDUWrapper.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ResponseAPDUWrapper.java similarity index 82% rename from cardlib/src/main/java/gov/gsa/pivconformance/card/client/ResponseAPDUWrapper.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ResponseAPDUWrapper.java index 75a90173..5f03d24d 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/ResponseAPDUWrapper.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/ResponseAPDUWrapper.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformance.card.client; +package gov.gsa.pivconformance.cardlib.card.client; import java.io.ByteArrayInputStream; import java.io.InputStream; @@ -7,16 +7,18 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; + // derived from the intarsys ResponseAPDU class public class ResponseAPDUWrapper { - private static final Logger s_logger = LoggerFactory.getLogger(ResponseAPDUWrapper.class); + private static final Logger s_logger = LoggerFactory.getLogger(ResponseAPDUWrapper.class); private final byte[] bytes; public ResponseAPDUWrapper(byte[] response) throws CardClientException { assert (response != null); if (response.length < 2) { - throw new CardClientException("Invalid response received from card reader"); + throw new CardClientException( + "Invalid response received from card reader"); } this.bytes = response; } @@ -65,7 +67,8 @@ public InputStream getInputStream() { } public int getSw() { - return ((bytes[bytes.length - 2] & 0xFF) << 8) + (bytes[bytes.length - 1] & 0xFF); + return ((bytes[bytes.length - 2] & 0xFF) << 8) + + (bytes[bytes.length - 1] & 0xFF); } public int getSw1() { @@ -77,7 +80,8 @@ public int getSw2() { } public String getSwString() { - return "0x" + Integer.toHexString(getSw1()) + "" + Integer.toHexString(getSw2()); + return "0x" + Integer.toHexString(getSw1()) + "" + + Integer.toHexString(getSw2()); } public boolean hasData() { @@ -94,3 +98,4 @@ public String toString() { } } + diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/SecureMessagingCertificateSigner.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/SecureMessagingCertificateSigner.java new file mode 100644 index 00000000..a471cfaa --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/SecureMessagingCertificateSigner.java @@ -0,0 +1,176 @@ +package gov.gsa.pivconformance.cardlib.card.client; + +import gov.gsa.pivconformance.cardlib.tlv.*; +import org.apache.commons.codec.binary.Hex; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.ByteArrayInputStream; +import java.io.InputStream; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.zip.GZIPInputStream; + +/** + * + * Encapsulates a Card Holder Unique Identifier data object as defined by SP800-73-4 Part 2 Appendix A Table 42 + * + */ +public class SecureMessagingCertificateSigner extends PIVDataObject { // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(SecureMessagingCertificateSigner.class); + + private X509Certificate m_pivAuthCert; + private byte[] m_intermediateCVC; + private boolean m_error_Detection_Code; + + /** + * SecureMessagingCertificateSigner class constructor, initializes all the class fields. + */ + public SecureMessagingCertificateSigner() { + + m_pivAuthCert = null; + m_intermediateCVC = null; + m_error_Detection_Code = false; + m_content = new HashMap(); + } + + /** + * + * Returns True if error Error Detection Code is present, false otherwise + * + * @return True if error Error Detection Code is present, false otherwise + */ + @Override + public boolean getErrorDetectionCode() { + + return m_error_Detection_Code; + } + + /** + * + * Returns X509Certificate object containing X.509 Certificate for Content Signing + * + * @return X509Certificate object containing X.509 Certificate for Content Signing + */ + public X509Certificate getCertificate() { + return m_pivAuthCert; + } + + /** + * + * Returns byte array with Intermediate CVC value + * + * @return Byte array containing Intermediate CVC value + */ + public byte[] getIntermediateCVC() { + return m_intermediateCVC; + } + + /** + * + * Sets the Intermediate CVC value + * + * @param intermediateCVC Byte array containing Intermediate CVC value + */ + public void setIntermediateCVC(byte[] intermediateCVC) { + m_intermediateCVC = intermediateCVC; + } + + /** + * + * Decode function that decodes Secure Messaging Certificate Signer object retrieved from the card and populates various class fields. + * + * @return True if decode was successful, false otherwise + */ + @Override + public boolean decode() { + + if(m_pivAuthCert == null){ + + try{ + byte [] raw = super.getBytes(); + + BerTlvParser tp = new BerTlvParser(new CCTTlvLogger(this.getClass())); + BerTlvs outer = tp.parse(raw); + + if(outer == null){ + s_logger.error("Error parsing {}, unable to parse TLV value.", APDUConstants.oidNameMap.get(super.getOID())); + return false; + } + + List values = outer.getList(); + for(BerTlv tlv : values) { + if(tlv.isPrimitive()) { + s_logger.trace("Tag {}: {}", Hex.encodeHexString(tlv.getTag().bytes), Hex.encodeHexString(tlv.getBytesValue())); + + BerTlvs outer2 = tp.parse(tlv.getBytesValue()); + + if(outer2 == null){ + s_logger.error("Error parsing {}, unable to parse TLV value.", APDUConstants.oidNameMap.get(super.getOID())); + return false; + } + + List values2 = outer2.getList(); + byte[] rawCertBuf = null; + byte[] certInfoBuf = null; + for(BerTlv tlv2 : values2) { + if(tlv2.isPrimitive()) { + s_logger.trace("Tag {}: {}", Hex.encodeHexString(tlv2.getTag().bytes), Hex.encodeHexString(tlv2.getBytesValue())); + } else { + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.CERTIFICATE_TAG)) { + if (tlv2.hasRawValue()) { + rawCertBuf = tlv2.getBytesValue(); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + } + } + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.ERROR_DETECTION_CODE_TAG)) { + if (tlv2.hasRawValue()) { + m_error_Detection_Code = true; + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + } + } + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.CERTINFO_TAG)) { + certInfoBuf = tlv2.getBytesValue(); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + } + + if(Arrays.equals(tlv2.getTag().bytes, TagConstants.INTERMEDIATE_CVC_TAG)) { + m_intermediateCVC = tlv2.getBytesValue(); + m_content.put(tlv2.getTag(), tlv2.getBytesValue()); + } + } + } + + InputStream certIS = null; + //Check if the certificate buffer is compressed + if(certInfoBuf != null && Arrays.equals(certInfoBuf, TagConstants.COMPRESSED_TAG)) { + certIS = new GZIPInputStream(new ByteArrayInputStream(rawCertBuf)); + } else { + certIS = new ByteArrayInputStream(rawCertBuf); + } + + CertificateFactory cf = CertificateFactory.getInstance("X509"); + m_pivAuthCert = (X509Certificate)cf.generateCertificate(certIS); + s_logger.info(m_pivAuthCert.getSubjectDN().toString()); + } else { + s_logger.info("Object: {}", Hex.encodeHexString(tlv.getTag().bytes)); + } + } + }catch (Exception ex) { + + s_logger.error("Error parsing {}: {}", APDUConstants.oidNameMap.get(super.getOID()), ex.getMessage()); + return false; + } + + if (m_pivAuthCert == null) + return false; + } + + dump(this.getClass()) +; + return true; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/SecurityObject.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/SecurityObject.java similarity index 95% rename from cardlib/src/main/java/gov/gsa/pivconformance/card/client/SecurityObject.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/SecurityObject.java index 6290b500..e7a83de6 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/SecurityObject.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/SecurityObject.java @@ -1,6 +1,6 @@ -package gov.gsa.pivconformance.card.client; +package gov.gsa.pivconformance.cardlib.card.client; -import gov.gsa.pivconformance.tlv.*; +import gov.gsa.pivconformance.cardlib.tlv.*; import org.apache.commons.codec.binary.Hex; import org.bouncycastle.asn1.*; import org.bouncycastle.asn1.icao.DataGroupHash; @@ -12,6 +12,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; + import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.cert.X509Certificate; @@ -170,12 +171,11 @@ public boolean decode() { BerTlvParser tlvp = new BerTlvParser(new CCTTlvLogger(this.getClass())); BerTlvs outer = tlvp.parse(rawBytes); - if (outer == null) { - s_logger.error("Error parsing {}, unable to parse TLV value.", - APDUConstants.oidNameMap.get(super.getOID())); - return false; - } - + if(outer == null){ + s_logger.error("Error parsing {}, unable to parse TLV value.", APDUConstants.oidNameMap.get(super.getOID())); + return false; + } + List outerTlvs = outer.getList(); if (outerTlvs.size() == 1 && outerTlvs.get(0).isTag(new BerTag(0x53))) { byte[] tlvBuf = outerTlvs.get(0).getBytesValue(); @@ -222,9 +222,9 @@ public boolean decode() { APDUConstants.oidNameMap.get(super.getOID())); return false; } - + m_content.put(tlv.getTag(), m_so); - + // Decode the ContentInfo and get SignedData object. ByteArrayInputStream bIn = new ByteArrayInputStream(m_so); ASN1InputStream aIn = new ASN1InputStream(bIn); @@ -275,10 +275,10 @@ public boolean decode() { // throw their own // exception setComputedDigest(signer, m_so); - } else if (Arrays.equals(tag, TagConstants.ERROR_DETECTION_CODE_TAG)) { - BerTag tag2 = tlv.getTag(); - m_content.put(tag2, tlv.getBytesValue()); - m_errorDetectionCode = true; + } else if (Arrays.equals(tag, TagConstants.ERROR_DETECTION_CODE_TAG)) { + BerTag tag2 = tlv.getTag(); + m_content.put(tag2, tlv.getBytesValue()); + m_errorDetectionCode = true; } else if (tlv.getBytesValue().length != 0) { s_logger.warn("Unexpected tag: {} with value: {}", Hex.encodeHexString(tlv.getTag().bytes), Hex.encodeHexString(tlv.getBytesValue())); @@ -338,8 +338,7 @@ public boolean verifyHashes() { for (Map.Entry entry : m_dghList.entrySet()) { String oid = m_containerIDList.get(entry.getKey()); - s_logger.debug("Checking digest for {} (0x{})", APDUConstants.containerOidToNameMap.get(oid), - Integer.toHexString(entry.getKey())); + s_logger.debug("Checking digest for {} (0x{})", APDUConstants.containerOidToNameMap.get(oid), Integer.toHexString(entry.getKey())); if (oid != null) { byte[] content = m_mapOfDataElements.get(oid); diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/SignedPIVDataObject.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/SignedPIVDataObject.java similarity index 79% rename from cardlib/src/main/java/gov/gsa/pivconformance/card/client/SignedPIVDataObject.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/SignedPIVDataObject.java index bd729fdc..c879019a 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/SignedPIVDataObject.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/SignedPIVDataObject.java @@ -1,555 +1,551 @@ -/** - * - */ -package gov.gsa.pivconformance.card.client; - -import java.io.IOException; -import java.security.MessageDigest; -import java.security.Security; - -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Collection; -import java.util.Iterator; -import java.util.Set; - -import org.apache.commons.codec.binary.Hex; -import org.bouncycastle.asn1.ASN1Encoding; -import org.bouncycastle.asn1.ASN1ObjectIdentifier; -import org.bouncycastle.asn1.DEROctetString; -import org.bouncycastle.asn1.cms.Attribute; -import org.bouncycastle.asn1.cms.AttributeTable; -import org.bouncycastle.asn1.cms.CMSAttributes; -import org.bouncycastle.asn1.cms.ContentInfo; -import org.bouncycastle.asn1.x509.AlgorithmIdentifier; -import org.bouncycastle.cert.X509CertificateHolder; -import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; -import org.bouncycastle.cms.CMSException; -import org.bouncycastle.cms.CMSProcessable; -import org.bouncycastle.cms.CMSProcessableByteArray; -import org.bouncycastle.cms.CMSSignedData; -import org.bouncycastle.cms.SignerInformation; -import org.bouncycastle.cms.SignerInformationStore; -import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder; -import org.bouncycastle.jcajce.util.MessageDigestUtils; -import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.bouncycastle.operator.OperatorCreationException; -import org.bouncycastle.util.Store; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * Subclass to handle signed data objects - */ -public class SignedPIVDataObject extends PIVDataObject { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(SignedPIVDataObject.class); - private ContentInfo m_contentInfo; - private CMSSignedData m_asymmetricSignature; - private Set m_dalgList; - // The raw data over which the message digest shall be computed - private byte[] m_signedContent; - // The effective signing cert. - private X509Certificate m_signerCert; - // This will be zero or one, and reflects the number of certs in this object - private int m_signerCertCount; - // This will be true *only* when this object has its own cert - private boolean m_hasOwnSignerCert; - // Prefetch - private byte[] m_signedAttrsDigest; - private byte[] m_computedDigest; - private String m_signatureAlgorithmName; - private String m_digestAlgorithmName; - private String m_encryptionAlgorithmName; - - static { - Security.addProvider(new BouncyCastleProvider()); - } - - public SignedPIVDataObject() { - super(); - m_dalgList = null; - m_signerCert = null; - m_signerCertCount = 0; - m_hasOwnSignerCert = false; - m_signedAttrsDigest = null; - m_computedDigest = null; - m_digestAlgorithmName = null; - } - - /** - * - * Returns byte array with signed content - * - * @return Byte array with signed content buffer - */ - public byte[] getSignedContent() { - return m_signedContent; - } - - /** - * - * Sets the signed content value - * - * @param signedContent Byte array with signed content buffer - */ - public void setSignedContent(byte[] signedContent) { - m_signedContent = signedContent; - } - - /** - * - * Returns list of supported digest algorithms - * - * @return List of supported algorithm identifiers - */ - public Set getDigestAlgorithms() { - return m_dalgList; - } - - /** - * - * Sets the signed content value - * - * @param signedContent Byte array with signed content buffer - */ - public void setDigestAlgorithms(Set set) { - m_dalgList = set; - } - - /** - * - * Returns the signing certificate in X509Certificate object - * - * @return X509Certificate object containing the signing certificate - */ - public X509Certificate getSignerCert() { - return (m_signerCert != null) ? m_signerCert : getChuidSignerCert(); - } - - /** - * - * Sets the signing certificate - * - * @param signingCertificate X509Certificate object containing the signing - * certificate - */ - public void setSignerCert(X509Certificate signerCert) { - m_signerCert = signerCert; - } - - /** - * - * Returns the CHUID signer certificate of the card for this signed object - * - * @return X509Certificate object containing the CHUID signer cert for this card - */ - public X509Certificate getChuidSignerCert() { - // Cache if not already cached - if (DataModelSingleton.getInstance().getChuidSignerCert() == null) { - CardHolderUniqueIdentifier o = (CardHolderUniqueIdentifier) new PIVDataObject( - APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID); - o.decode(); // Caches it - } - return DataModelSingleton.getInstance().getChuidSignerCert(); - } - - /** - * - * Sets the CHUID signing certificate for this object in the event it doesn't - * have its own signing cert (which is probably almost always). - * - * @param cert X509Certificate object containing the CHUID signing certificate - */ - public void setChuidSignerCert(X509Certificate cert) { - DataModelSingleton.getInstance().setChuidSignerCert(cert); - } - - /** - * - * Returns ContentInfo object - * - * @return ContentInfo object - */ - public ContentInfo getContentInfo() { - return m_contentInfo; - } - - /** - * - * Sets the ContentInfo object - * - * @param contentInfo ContentInfo object - */ - public void setContentInfo(ContentInfo contentInfo) { - m_contentInfo = contentInfo; - } - - /** - * - * Returns the number of certs found in this object - * - * @return number of certs found in this object - */ - public int getCertCount() { - return m_signerCertCount; - } - - /** - * Gets the signed attributes message digest extracted from SignerInfo - * - * @return bytes in the digest - */ - - public byte[] getSignedAttrsDigest() { - return m_signedAttrsDigest; - } - - /** - * Sets the extracted message digest in the signed attributes - * - * @param the bytes of the digest - * - */ - public void setSignedAttrsDigest(byte[] digest) { - m_signedAttrsDigest = digest; - } - - /** - * Gets the computed message digest of the signed objects's content - * - * @return the computed message digest of the object's content - */ - - public byte[] getComputedDigest() { - return m_computedDigest; - } - - /** - * Sets the computed digest of the object - * - * @param the bytes of the digest - * - * @returns the bytes of the digest - */ - - private void setComputedDigest(byte[] digest) { - m_computedDigest = digest; - } - - /** - * @return the signer signature algorithm name - */ - public String getSignatureAlgorithmName() { - return m_signatureAlgorithmName; - } - - /** - * @param m_signatureAlgorithmName the m_signatureAlgorithmName to set - */ - public void setSignatureAlgorithmName(String m_signatureAlgorithmName) { - this.m_signatureAlgorithmName = m_signatureAlgorithmName; - } - - /** - * - * Gets the message digest algorithm name extracted from the signer information - * - * @return the message digest algorithm name extracted from the signer - * information - */ - public String getDigestAlgorithmName() { - return m_digestAlgorithmName; - } - - /** - * - * Sets the message digest algorithm name extracted from the signer information - * of the associated CMS. - * - * @param errorDetectionCode True if error Error Detection Code is present, - * false otherwise - */ - public void setDigestAlgorithmName(String name) { - m_digestAlgorithmName = name; - } - - /** - * - * Sets the message Encryption algorithm name extracted from the signer - * information of the associated CMS. - * - * @param errorDetectionCode True if error Error Detection Code is present, - * false otherwise - */ - public void setEncryptionAlgorithmName(String name) { - m_encryptionAlgorithmName = name; - } - - /** - * - * Gets the message Encryption algorithm name extracted from the signer - * information - * - * @return the message Encryption algorithm name extracted from the signer - * information - */ - public String getEncryptionAlgorithmName() { - return m_encryptionAlgorithmName; - } - - /** - * - * Returns CMSSignedData object containing Asymmetric Signature value - * - * @return CMSSignedData object containing Asymmetric Signature value - */ - public CMSSignedData getAsymmetricSignature() { - return m_asymmetricSignature; - } - - /** - * - * Sets the CMSSignedData object containing Asymmetric Signature value - * - * @param asymmetricSignature CMSSignedData object containing Asymmetric - * Signature value - */ - public void setAsymmetricSignature(CMSSignedData asymmetricSignature) { - m_asymmetricSignature = asymmetricSignature; - } - - /** - * Extracts and sets the message digest in the signed attributes - * - * @param the SignerInformationStore in the CMS - * - */ - public void setSignedAttrsDigest(SignerInformationStore signers) { - - if (signers != null) { - AttributeTable at; - // Temporarily nest these until unit test passes - for (Iterator i = signers.getSigners().iterator(); i.hasNext();) { - SignerInformation signer = i.next(); - at = signer.getSignedAttributes(); - if (at != null) { - Attribute a = at.get(CMSAttributes.messageDigest); // messageDigest - if (a != null) { - DEROctetString dos = (DEROctetString) a.getAttrValues().getObjectAt(0); - if (dos != null) { - byte[] digest = dos.getOctets(); - if (digest != null) { - m_signedAttrsDigest = digest; - s_logger.info("Reference digest: " + Hex.encodeHexString(digest)); - } else { - s_logger.error("Failed to extract digest"); - } - } else { - s_logger.error("Failed to decode octets"); - } - } else { - s_logger.error("Null messageDigest attribute"); - } - } else { - s_logger.error("Null signed attribute set"); - } - } // End for - } else { - s_logger.error("Null SignerInfos"); - } - } - - /** - * Computes a digest of the received content in this object and stores it - * - * @param the SignerInfo of the content signer - * @param the content to compute the digest over t - */ - - public void setComputedDigest(SignerInformation signer, byte[] content) { - if (content != null) { - try { - AttributeTable at = signer.getSignedAttributes(); - if (at != null) { - Attribute a = at.get(CMSAttributes.messageDigest); - if (a != null) { - byte[] signedContentBytes = this.getSignedContent(); - - if (signedContentBytes != null) { - s_logger.info("Signed content bytes: " + Hex.encodeHexString(signedContentBytes)); - String aName = MessageDigestUtils - .getDigestName(new ASN1ObjectIdentifier(signer.getDigestAlgOID())); - MessageDigest md = MessageDigest.getInstance(aName, "BC"); - md.update(signedContentBytes); - byte[] digest = md.digest(); - if (digest != null) { - setComputedDigest(digest); - s_logger.info("Computed digest: {} ", Hex.encodeHexString(digest)); - } else { - s_logger.error("Failed to digest content"); - } - } else { - String msg = "Null contentBytes"; - s_logger.error(msg); - throw new CardClientException(msg); - } - } else { - String msg = "Null messageDigest attribute"; - s_logger.error(msg); - throw new CardClientException(msg); - } - } else { - String msg = "Null signed attribute set"; - s_logger.error(msg); - throw new CardClientException(msg); - } - } catch (Exception e) { - String msg = e.getMessage(); - s_logger.error(msg); - e.printStackTrace(); - } - } - } - - /** - * Sets a flag indicating that this object has an embedded content signer cert. - * - * @param hasOwnSignerCert boolean value indicating if this object has its own - * embedded signer cert - */ - - public void setHasOwnSignerCert(boolean hasOwnSignerCert) { - m_hasOwnSignerCert = hasOwnSignerCert; - } - - /** - * Returns boolean value indicating if this object has its own embedded signer - * cert - * - * @return Boolean value indicating if this object has its own embedded signer - * cert - */ - public boolean getHasOwnSignerCert() { - return m_hasOwnSignerCert; - } - - /** - * Indicates whether this object has an embedded content signer cert - * - */ - - public boolean hasOwnSignerCert() { - return m_signerCertCount > 0; - } - - /** - * - * Verifies the signature on the object. - * - * @return True if signature successfully verified, false otherwise - */ - public boolean verifySignature() { - boolean rv_result = false; - - CMSSignedData s; - try { - s = new CMSSignedData(m_contentInfo); - - if (m_asymmetricSignature.isDetachedSignature()) { - CMSProcessable procesableContentBytes = new CMSProcessableByteArray(m_signedContent); - s = new CMSSignedData(procesableContentBytes, m_contentInfo); - } - - SignerInformationStore signers = s.getSignerInfos(); - if (signers.size() != 1) { - s_logger.error("There were {} signers", signers.size()); - return rv_result; - } - Store certs = s.getCertificates(); - Set digAlgSet = s.getDigestAlgorithmIDs(); - Iterator dai = digAlgSet.iterator(); - - ArrayList allowedDigestAlgOids = new ArrayList(); - allowedDigestAlgOids.add("2.16.840.1.101.3.4.2.1"); - allowedDigestAlgOids.add("2.16.840.1.101.3.4.2.2"); - String daOid = null; - - while (dai.hasNext()) { - // Check against allowed signing algorithms - AlgorithmIdentifier ai = dai.next(); - daOid = ai.getAlgorithm().getId(); - if (!allowedDigestAlgOids.contains(daOid)) { - s_logger.error("Unsupported digest algorithm for PIV/PIV-I: {}", daOid); - return rv_result; - } - break; // TODO: Should we handle multiple? - } - - for (Iterator i = signers.getSigners().iterator(); i.hasNext();) { - SignerInformation signer = i.next(); - signer = new _SignerInformation(signer); - - AttributeTable at = signer.getSignedAttributes(); - - s_logger.info("There are {} signed attributes", at.size()); - // Message digest - if (at.get(new ASN1ObjectIdentifier("1.2.840.113549.1.9.4")) == null) { - s_logger.error("Required messageDigest attribute is missing"); - return rv_result; - } - - // Content type - if (at.get(new ASN1ObjectIdentifier("1.2.840.113549.1.9.3")) == null) { - s_logger.error("Required contentType attribute is missing"); - return rv_result; - } - - // Ensure there is a content signer certificate - X509Certificate signerCert = getChuidSignerCert(); - - if (signerCert == null) { - s_logger.error("Unable to find CHUID signer certificate for {}", - APDUConstants.oidNameMap.get(super.getOID())); - return rv_result; - } - - @SuppressWarnings("unchecked") - Collection certCollection = certs.getMatches(signer.getSID()); - Iterator certIt = certCollection.iterator(); - if (certIt.hasNext()) { - X509CertificateHolder certHolder = certIt.next(); - signerCert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certHolder); - // Housekeeping - if (signerCert != null) - setSignerCert(signerCert); - } - - rv_result = signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(signerCert)); - } - } catch (CertificateException e) { - s_logger.error("Error verifying signature on {}: {}", APDUConstants.oidNameMap.get(super.getOID()), - e.getMessage()); - } catch (CMSException e) { - s_logger.error("CMS exception while verifying signature on {}: {}", - APDUConstants.oidNameMap.get(super.getOID()), e.getMessage()); - } catch (OperatorCreationException e) { - s_logger.error("Operator exception while verifying signature on {}: {}", - APDUConstants.oidNameMap.get(super.getOID()), e.getMessage()); - } - - return rv_result; - } - - private class _SignerInformation extends SignerInformation { - protected _SignerInformation(SignerInformation baseSignerInfo) { - super(baseSignerInfo); - } - - @Override - public byte[] getEncodedSignedAttributes() throws IOException { - return signedAttributeSet.getEncoded(ASN1Encoding.DL); - } - } -} +/** + * + */ +package gov.gsa.pivconformance.cardlib.card.client; + +import java.io.IOException; +import java.security.MessageDigest; +import java.security.Security; + +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Iterator; +import java.util.Set; + +import org.apache.commons.codec.binary.Hex; +import org.bouncycastle.asn1.ASN1Encoding; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.cms.Attribute; +import org.bouncycastle.asn1.cms.AttributeTable; +import org.bouncycastle.asn1.cms.CMSAttributes; +import org.bouncycastle.asn1.cms.ContentInfo; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.cert.X509CertificateHolder; +import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; +import org.bouncycastle.cms.CMSException; +import org.bouncycastle.cms.CMSProcessable; +import org.bouncycastle.cms.CMSProcessableByteArray; +import org.bouncycastle.cms.CMSSignedData; +import org.bouncycastle.cms.SignerInformation; +import org.bouncycastle.cms.SignerInformationStore; +import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder; +import org.bouncycastle.jcajce.util.MessageDigestUtils; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.operator.OperatorCreationException; +import org.bouncycastle.util.Store; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Subclass to handle signed data objects + */ +public class SignedPIVDataObject extends PIVDataObject { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(SignedPIVDataObject.class); + private ContentInfo m_contentInfo; + private CMSSignedData m_asymmetricSignature; + private Set m_dalgList; + // The raw data over which the message digest shall be computed + private byte[] m_signedContent; + // The effective signing cert. + private X509Certificate m_signerCert; + // This will be zero or one, and reflects the number of certs in this object + private int m_signerCertCount; + // This will be true *only* when this object has its own cert + private boolean m_hasOwnSignerCert; + // Prefetch + private byte[] m_signedAttrsDigest; + private byte[] m_computedDigest; + private String m_signatureAlgorithmName; + private String m_digestAlgorithmName; + private String m_encryptionAlgorithmName; + + static { + Security.addProvider(new BouncyCastleProvider()); + } + + public SignedPIVDataObject() { + super(); + m_dalgList = null; + m_signerCert = null; + m_signerCertCount = 0; + m_hasOwnSignerCert = false; + m_signedAttrsDigest = null; + m_computedDigest = null; + m_digestAlgorithmName = null; + } + + /** + * + * Returns byte array with signed content + * + * @return Byte array with signed content buffer + */ + public byte[] getSignedContent() { + return m_signedContent; + } + + /** + * + * Sets the signed content value + * + * @param signedContent Byte array with signed content buffer + */ + public void setSignedContent(byte[] signedContent) { + m_signedContent = signedContent; + } + + /** + * + * Returns list of supported digest algorithms + * + * @return List of supported algorithm identifiers + */ + public Set getDigestAlgorithms() { + return m_dalgList; + } + + /** + * + * Sets the signed content value + * + * @param signedContent Byte array with signed content buffer + */ + public void setDigestAlgorithms(Set set) { + m_dalgList = set; + } + + /** + * + * Returns the signing certificate in X509Certificate object + * + * @return X509Certificate object containing the signing certificate + */ + public X509Certificate getSignerCert() { + return (m_signerCert != null) ? m_signerCert : getChuidSignerCert(); + } + + /** + * + * Sets the signing certificate + * + * @param signingCertificate X509Certificate object containing the signing + * certificate + */ + public void setSignerCert(X509Certificate signerCert) { + m_signerCert = signerCert; + } + + /** + * + * Returns the CHUID signer certificate of the card for this signed object + * + * @return X509Certificate object containing the CHUID signer cert for this card + */ + public X509Certificate getChuidSignerCert() { + // Cache if not already cached + if (DataModelSingleton.getInstance().getChuidSignerCert() == null) { + CardHolderUniqueIdentifier o = (CardHolderUniqueIdentifier) new PIVDataObject( + APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID); + o.decode(); // Caches it + } + return DataModelSingleton.getInstance().getChuidSignerCert(); + } + + /** + * + * Sets the CHUID signing certificate for this object in the event it doesn't + * have its own signing cert (which is probably almost always). + * + * @param cert X509Certificate object containing the CHUID signing certificate + */ + public void setChuidSignerCert(X509Certificate cert) { + DataModelSingleton.getInstance().setChuidSignerCert(cert); + } + + /** + * + * Returns ContentInfo object + * + * @return ContentInfo object + */ + public ContentInfo getContentInfo() { + return m_contentInfo; + } + + /** + * + * Sets the ContentInfo object + * + * @param contentInfo ContentInfo object + */ + public void setContentInfo(ContentInfo contentInfo) { + m_contentInfo = contentInfo; + } + + /** + * + * Returns the number of certs found in this object + * + * @return number of certs found in this object + */ + public int getCertCount() { + return m_signerCertCount; + } + + /** + * Gets the signed attributes message digest extracted from SignerInfo + * + * @return bytes in the digest + */ + + public byte[] getSignedAttrsDigest() { + return m_signedAttrsDigest; + } + + /** + * Sets the extracted message digest in the signed attributes + * + * @param the bytes of the digest + * + */ + public void setSignedAttrsDigest(byte[] digest) { + m_signedAttrsDigest = digest; + } + + /** + * Gets the computed message digest of the signed objects's content + * + * @return the computed message digest of the object's content + */ + + public byte[] getComputedDigest() { + return m_computedDigest; + } + + /** + * Sets the computed digest of the object + * + * @param the bytes of the digest + * + * @returns the bytes of the digest + */ + + private void setComputedDigest(byte[] digest) { + m_computedDigest = digest; + } + + /** + * @return the signer signature algorithm name + */ + public String getSignatureAlgorithmName() { + return m_signatureAlgorithmName; + } + + /** + * @param m_signatureAlgorithmName the m_signatureAlgorithmName to set + */ + public void setSignatureAlgorithmName(String m_signatureAlgorithmName) { + this.m_signatureAlgorithmName = m_signatureAlgorithmName; + } + + /** + * + * Gets the message digest algorithm name extracted from the signer information + * + * @return the message digest algorithm name extracted from the signer + * information + */ + public String getDigestAlgorithmName() { + return m_digestAlgorithmName; + } + + /** + * + * Sets the message digest algorithm name extracted from the signer information + * of the associated CMS. + * + * @param errorDetectionCode True if error Error Detection Code is present, + * false otherwise + */ + public void setDigestAlgorithmName(String name) { + m_digestAlgorithmName = name; + } + + /** + * + * Sets the message Encryption algorithm name extracted from the signer + * information of the associated CMS. + * + * @param errorDetectionCode True if error Error Detection Code is present, + * false otherwise + */ + public void setEncryptionAlgorithmName(String name) { + m_encryptionAlgorithmName = name; + } + + /** + * + * Gets the message Encryption algorithm name extracted from the signer + * information + * + * @return the message Encryption algorithm name extracted from the signer + * information + */ + public String getEncryptionAlgorithmName() { + return m_encryptionAlgorithmName; + } + + /** + * + * Returns CMSSignedData object containing Asymmetric Signature value + * + * @return CMSSignedData object containing Asymmetric Signature value + */ + public CMSSignedData getAsymmetricSignature() { + return m_asymmetricSignature; + } + + /** + * + * Sets the CMSSignedData object containing Asymmetric Signature value + * + * @param asymmetricSignature CMSSignedData object containing Asymmetric + * Signature value + */ + public void setAsymmetricSignature(CMSSignedData asymmetricSignature) { + m_asymmetricSignature = asymmetricSignature; + } + + /** + * Extracts and sets the message digest in the signed attributes + * + * @param the SignerInformationStore in the CMS + * + */ + public void setSignedAttrsDigest(SignerInformationStore signers) { + + if (signers != null) { + AttributeTable at; + // Temporarily nest these until unit test passes + for (Iterator i = signers.getSigners().iterator(); i.hasNext();) { + SignerInformation signer = i.next(); + at = signer.getSignedAttributes(); + if (at != null) { + Attribute a = at.get(CMSAttributes.messageDigest); // messageDigest + if (a != null) { + DEROctetString dos = (DEROctetString) a.getAttrValues().getObjectAt(0); + if (dos != null) { + byte[] digest = dos.getOctets(); + if (digest != null) { + m_signedAttrsDigest = digest; + s_logger.info("Reference digest: " + Hex.encodeHexString(digest)); + } else { + s_logger.error("Failed to extract digest"); + } + } else { + s_logger.error("Failed to decode octets"); + } + } else { + s_logger.error("Null messageDigest attribute"); + } + } else { + s_logger.error("Null signed attribute set"); + } + } // End for + } else { + s_logger.error("Null SignerInfos"); + } + } + + /** + * Computes a digest of the received content in this object and stores it + * + * @param the SignerInfo of the content signer + * @param the content to compute the digest over t + */ + + public void setComputedDigest(SignerInformation signer, byte[] content) { + if (content != null) { + try { + AttributeTable at = signer.getSignedAttributes(); + if (at != null) { + Attribute a = at.get(CMSAttributes.messageDigest); + if (a != null) { + byte[] signedContentBytes = this.getSignedContent(); + + if (signedContentBytes != null) { + s_logger.info("Signed content bytes: " + Hex.encodeHexString(signedContentBytes)); + String aName = MessageDigestUtils + .getDigestName(new ASN1ObjectIdentifier(signer.getDigestAlgOID())); + MessageDigest md = MessageDigest.getInstance(aName, "BC"); + md.update(signedContentBytes); + byte[] digest = md.digest(); + if (digest != null) { + setComputedDigest(digest); + s_logger.info("Computed digest: {} ", Hex.encodeHexString(digest)); + } else { + s_logger.error("Failed to digest content"); + } + } else { + String msg = "Null contentBytes"; + s_logger.error(msg); + throw new CardClientException(msg); + } + } else { + String msg = "Null messageDigest attribute"; + s_logger.error(msg); + throw new CardClientException(msg); + } + } else { + String msg = "Null signed attribute set"; + s_logger.error(msg); + throw new CardClientException(msg); + } + } catch (Exception e) { + String msg = e.getMessage(); + s_logger.error(msg); + e.printStackTrace(); + } + } + } + + /** + * Sets a flag indicating that this object has an embedded content signer cert. + * + * @param hasOwnSignerCert boolean value indicating if this object has its own + * embedded signer cert + */ + + public void setHasOwnSignerCert(boolean hasOwnSignerCert) { + m_hasOwnSignerCert = hasOwnSignerCert; + } + + /** + * Returns boolean value indicating if this object has its own embedded signer + * cert + * + * @return Boolean value indicating if this object has its own embedded signer + * cert + */ + public boolean getHasOwnSignerCert() { + return m_hasOwnSignerCert; + } + + /** + * Indicates whether this object has an embedded content signer cert + * + */ + + public boolean hasOwnSignerCert() { + return m_signerCertCount > 0; + } + + /** + * + * Verifies the signature on the object. + * + * @return True if signature successfully verified, false otherwise + */ + public boolean verifySignature() { + boolean rv_result = false; + + CMSSignedData s; + try { + s = new CMSSignedData(m_contentInfo); + + if (m_asymmetricSignature.isDetachedSignature()) { + CMSProcessable procesableContentBytes = new CMSProcessableByteArray(m_signedContent); + s = new CMSSignedData(procesableContentBytes, m_contentInfo); + } + + SignerInformationStore signers = s.getSignerInfos(); + if (signers.size() != 1) { + s_logger.error("There were {} signers", signers.size()); + return rv_result; + } + Store certs = s.getCertificates(); + Set digAlgSet = s.getDigestAlgorithmIDs(); + Iterator dai = digAlgSet.iterator(); + + ArrayList allowedDigestAlgOids = new ArrayList(); + allowedDigestAlgOids.add("2.16.840.1.101.3.4.2.1"); + allowedDigestAlgOids.add("2.16.840.1.101.3.4.2.2"); + String daOid = null; + + while (dai.hasNext()) { + // Check against allowed signing algorithms + AlgorithmIdentifier ai = dai.next(); + daOid = ai.getAlgorithm().getId(); + if (!allowedDigestAlgOids.contains(daOid)) { + s_logger.error("Unsupported digest algorithm for PIV/PIV-I: {}", daOid); + return rv_result; + } + break; // TODO: Should we handle multiple? + } + + for (Iterator i = signers.getSigners().iterator(); i.hasNext();) { + SignerInformation signer = i.next(); + signer = new _SignerInformation(signer); + + AttributeTable at = signer.getSignedAttributes(); + + s_logger.info("There are {} signed attributes", at.size()); + // Message digest + if (at.get(new ASN1ObjectIdentifier("1.2.840.113549.1.9.4")) == null) { + s_logger.error("Required messageDigest attribute is missing"); + return rv_result; + } + + // Content type + if (at.get(new ASN1ObjectIdentifier("1.2.840.113549.1.9.3")) == null) { + s_logger.error("Required contentType attribute is missing"); + return rv_result; + } + + // Ensure there is a content signer certificate + X509Certificate signerCert = getChuidSignerCert(); + + if (signerCert == null) { + s_logger.error("Unable to find CHUID signer certificate for {}", APDUConstants.oidNameMap.get(super.getOID())); + return rv_result; + } + + @SuppressWarnings("unchecked") + Collection certCollection = certs.getMatches(signer.getSID()); + Iterator certIt = certCollection.iterator(); + if (certIt.hasNext()) { + X509CertificateHolder certHolder = certIt.next(); + signerCert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certHolder); + // Housekeeping + if (signerCert != null) + setSignerCert(signerCert); + } + + rv_result = signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(signerCert)); + } + } catch (CertificateException e) { + s_logger.error("Error verifying signature on {}: {}", APDUConstants.oidNameMap.get(super.getOID()), e.getMessage()); + } catch (CMSException e) { + s_logger.error("CMS exception while verifying signature on {}: {}", APDUConstants.oidNameMap.get(super.getOID()), e.getMessage()); + } catch (OperatorCreationException e) { + s_logger.error("Operator exception while verifying signature on {}: {}", APDUConstants.oidNameMap.get(super.getOID()), e.getMessage()); + } + + return rv_result; + } + + private class _SignerInformation extends SignerInformation { + protected _SignerInformation(SignerInformation baseSignerInfo) { + super(baseSignerInfo); + } + + @Override + public byte[] getEncodedSignedAttributes() throws IOException { + return signedAttributeSet.getEncoded(ASN1Encoding.DL); + } + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/SoftTagBoundaryException.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/SoftTagBoundaryException.java similarity index 84% rename from cardlib/src/main/java/gov/gsa/pivconformance/card/client/SoftTagBoundaryException.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/SoftTagBoundaryException.java index 0d4c2f69..4884cc30 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/SoftTagBoundaryException.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/SoftTagBoundaryException.java @@ -1,58 +1,58 @@ -package gov.gsa.pivconformance.card.client; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * A class for card-related exceptions - */ -public class SoftTagBoundaryException extends Exception { - private static final Logger s_logger = LoggerFactory.getLogger(SoftTagBoundaryException.class); - - /** - * - */ - private static final long serialVersionUID = 1L; - - /** - * - * Default constructor for CardClientException class - * - */ - public SoftTagBoundaryException() { - super(); - } - - /** - * - * Constructor for CardClientException class that takes a string with exception - * message - * - * @param message String with the exception message - */ - public SoftTagBoundaryException(String message) { - super(message); - } - - /** - * - * Constructor for CardClientException class that takes a string with exception - * message and a Throwable cause - * - * @param message String with the exception message - * @param cause Throwable cause - */ - public SoftTagBoundaryException(String message, Throwable cause) { - super(message, cause); - } - - /** - * - * Constructor for CardClientException class that takes a Throwable cause - * - * @param cause Throwable cause - */ - public SoftTagBoundaryException(Throwable cause) { - super(cause); - } -} +package gov.gsa.pivconformance.cardlib.card.client; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * A class for card-related exceptions + */ +public class SoftTagBoundaryException extends Exception { + private static final Logger s_logger = LoggerFactory.getLogger(SoftTagBoundaryException.class); + + /** + * + */ + private static final long serialVersionUID = 1L; + + /** + * + * Default constructor for CardClientException class + * + */ + public SoftTagBoundaryException() { + super(); + } + + /** + * + * Constructor for CardClientException class that takes a string with exception + * message + * + * @param message String with the exception message + */ + public SoftTagBoundaryException(String message) { + super(message); + } + + /** + * + * Constructor for CardClientException class that takes a string with exception + * message and a Throwable cause + * + * @param message String with the exception message + * @param cause Throwable cause + */ + public SoftTagBoundaryException(String message, Throwable cause) { + super(message, cause); + } + + /** + * + * Constructor for CardClientException class that takes a Throwable cause + * + * @param cause Throwable cause + */ + public SoftTagBoundaryException(Throwable cause) { + super(cause); + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/TagBoundaryException.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/TagBoundaryException.java similarity index 84% rename from cardlib/src/main/java/gov/gsa/pivconformance/card/client/TagBoundaryException.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/TagBoundaryException.java index c82646a1..a43608b3 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/TagBoundaryException.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/TagBoundaryException.java @@ -1,57 +1,57 @@ -package gov.gsa.pivconformance.card.client; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * A class for tag-related exceptions - */ -public class TagBoundaryException extends Exception { - private static final Logger s_logger = LoggerFactory.getLogger(TagBoundaryException.class); - /** - * - */ - private static final long serialVersionUID = 1L; - - /** - * - * Default constructor for TagBoundaryException class - * - */ - public TagBoundaryException() { - super(); - } - - /** - * - * Constructor for TagBoundaryException class that takes a string with exception - * message - * - * @param message String with the exception message - */ - public TagBoundaryException(String message) { - super(message); - } - - /** - * - * Constructor for TagBoundaryException class that takes a string with exception - * message and a Throwable cause - * - * @param message String with the exception message - * @param cause Throwable cause - */ - public TagBoundaryException(String message, Throwable cause) { - super(message, cause); - } - - /** - * - * Constructor for TagBoundaryException class that takes a Throwable cause - * - * @param cause Throwable cause - */ - public TagBoundaryException(Throwable cause) { - super(cause); - } -} +package gov.gsa.pivconformance.cardlib.card.client; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * A class for tag-related exceptions + */ +public class TagBoundaryException extends Exception { + private static final Logger s_logger = LoggerFactory.getLogger(TagBoundaryException.class); + /** + * + */ + private static final long serialVersionUID = 1L; + + /** + * + * Default constructor for TagBoundaryException class + * + */ + public TagBoundaryException() { + super(); + } + + /** + * + * Constructor for TagBoundaryException class that takes a string with exception + * message + * + * @param message String with the exception message + */ + public TagBoundaryException(String message) { + super(message); + } + + /** + * + * Constructor for TagBoundaryException class that takes a string with exception + * message and a Throwable cause + * + * @param message String with the exception message + * @param cause Throwable cause + */ + public TagBoundaryException(String message, Throwable cause) { + super(message, cause); + } + + /** + * + * Constructor for TagBoundaryException class that takes a Throwable cause + * + * @param cause Throwable cause + */ + public TagBoundaryException(Throwable cause) { + super(cause); + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/TestFieldResolution.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/TestFieldResolution.java similarity index 90% rename from cardlib/src/main/java/gov/gsa/pivconformance/card/client/TestFieldResolution.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/TestFieldResolution.java index cd14e6ea..fc7fec02 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/TestFieldResolution.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/TestFieldResolution.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformance.card.client; +package gov.gsa.pivconformance.cardlib.card.client; import java.lang.reflect.Field; diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/X509CertificateDataObject.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/X509CertificateDataObject.java similarity index 89% rename from cardlib/src/main/java/gov/gsa/pivconformance/card/client/X509CertificateDataObject.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/X509CertificateDataObject.java index 8bff0ce0..5ab0cf94 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/card/client/X509CertificateDataObject.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/card/client/X509CertificateDataObject.java @@ -1,24 +1,18 @@ -package gov.gsa.pivconformance.card.client; +package gov.gsa.pivconformance.cardlib.card.client; -import gov.gsa.pivconformance.tlv.*; import org.apache.commons.codec.binary.Hex; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import gov.gsa.pivconformance.cardlib.tlv.*; + import java.io.InputStream; -import java.nio.file.Paths; -import java.nio.file.Path; -import java.nio.file.Files; import java.security.cert.X509Certificate; import java.security.cert.CertificateFactory; import java.util.Arrays; import java.util.HashMap; import java.util.List; import java.io.ByteArrayInputStream; -import java.io.File; -import java.io.FileNotFoundException; -import java.io.FileOutputStream; -import java.io.IOException; import java.util.zip.GZIPInputStream; /** @@ -118,17 +112,17 @@ public boolean decode() { String oid = getOID(); if (oid.compareTo(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID) == 0) - setContainerName("X509 Certificate for PivAuthentication"); + setContainerName("X.509_Certificate_for_PIV_Authentication"); else if (oid .compareTo(APDUConstants.X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID) == 0) - setContainerName("X509 Certificate for Card Authentication"); + setContainerName("X.509_Certificate_for_Card_Authentication"); else if (oid .compareTo(APDUConstants.X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID) == 0) - setContainerName("X509 Certificate for Digital Signature"); + setContainerName("X.509_Certificate_for_Digital_Signature"); else if (oid.compareTo(APDUConstants.X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID) == 0) - setContainerName("X509 Certificate for Key Management"); + setContainerName("X.509 Certificate_for_Key_Management"); - m_x509ArtifactCache.saveObject(APDUConstants.getFileNameForOid(oid)+ ".cer", rawCertBuf); + m_x509ArtifactCache.saveObject("x509-artifacts", APDUConstants.getFileNameForOid(oid)+ ".cer", rawCertBuf); } if (Arrays.equals(tlv2.getTag().bytes, TagConstants.ERROR_DETECTION_CODE_TAG)) { setErrorDetectionCode(true); diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/BerTag.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/BerTag.java new file mode 100644 index 00000000..48eb389e --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/BerTag.java @@ -0,0 +1,61 @@ +package gov.gsa.pivconformance.cardlib.tlv; + +import java.util.Arrays; + +public class BerTag { + public final byte[] bytes; + + /** + * Creates a new tag from given byte array. Similar {@link BerTag#BerTag(byte[], int, int)} but using + * the full array. + * + * @param aBuf to create the tag + */ + public BerTag(byte[] aBuf) { + this(aBuf, 0, aBuf.length); + } + + public BerTag(byte[] aBuf, int aOffset, int aLength) { + byte[] temp = new byte[aLength]; + System.arraycopy(aBuf, aOffset, temp, 0, aLength); + bytes = temp; + } + + public BerTag(int aFirstByte, int aSecondByte) { + bytes = new byte[]{(byte) (aFirstByte), (byte) aSecondByte}; + } + + public BerTag(int aFirstByte, int aSecondByte, int aFirth) { + bytes = new byte[]{(byte) (aFirstByte), (byte) aSecondByte, (byte) aFirth}; + } + + public BerTag(int aFirstByte) { + bytes = new byte[]{(byte) aFirstByte}; + } + + public boolean isConstructed() { + return (bytes[0] & 0x20) != 0; + } + + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + BerTag berTag = (BerTag) o; + + return Arrays.equals(bytes, berTag.bytes); + + } + + @Override + public int hashCode() { + return Arrays.hashCode(bytes); + } + + @Override + public String toString() { + return (isConstructed() ? "+ " : "- ") + HexUtil.toHexString(bytes, 0, bytes.length); + } +} + diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/BerTlv.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/BerTlv.java new file mode 100644 index 00000000..fda31804 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/BerTlv.java @@ -0,0 +1,186 @@ +package gov.gsa.pivconformance.cardlib.tlv; + +import java.nio.charset.Charset; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + +/** + * + */ +public class BerTlv { + + private final static Charset ASCII = Charset.forName("US-ASCII"); + + private final BerTag theTag; + private final byte[] theValue; + protected final List theList; + + /** + * Creates constructed TLV + * + * @param aTag tag + * @param aList set of nested TLVs + */ + public BerTlv(BerTag aTag, List aList) { + theTag = aTag; + theList = aList; + theValue = null; + } + + public BerTlv(BerTag aTag, List aList, byte[] aValue) { + theTag = aTag; + theList = aList; + theValue = aValue; + } + + /** + * Creates primitive TLV + * + * @param aTag tag + * @param aValue value as byte[] + */ + public BerTlv(BerTag aTag, byte[] aValue) { + theTag = aTag; + theValue = aValue; + theList = null; + } + + // + // + // + + public BerTag getTag() { + return theTag; + } + + public boolean isPrimitive() { + return !theTag.isConstructed(); + } + + public boolean hasRawValue() { + return theValue != null; + } + + public boolean isConstructed() { + return theTag.isConstructed(); + } + + public boolean isTag(BerTag aTag) { + return theTag.equals(aTag); + } + + // + // find + // + + public BerTlv find(BerTag aTag) { + if(aTag.equals(getTag())) { + return this; + } + + if(isConstructed()) { + if(theList == null) return null; + for (BerTlv tlv : theList) { + BerTlv ret = tlv.find(aTag); + if(ret!=null) { + return ret; + } + } + return null; + } + return null; + } + + public List findAll(BerTag aTag) { + List list = new ArrayList(); + if(aTag.equals(getTag())) { + list.add(this); + return list; + } else if(isConstructed()) { + for (BerTlv tlv : theList) { + list.addAll(tlv.findAll(aTag)); + } + } + return list; + } + + // + // getters + // + + public String getHexValue() { + if(isConstructed() && theValue == null) throw new IllegalStateException("Tag is CONSTRUCTED "+ HexUtil.toHexString(theTag.bytes)); + return HexUtil.toHexString(theValue); + } + + /** + * Text value with US-ASCII charset + * @return text + */ + public String getTextValue() { + return getTextValue(ASCII); + } + + public String getTextValue(Charset aCharset) { + if(isConstructed()) { + throw new IllegalStateException("TLV is constructed"); + } + return new String(theValue, aCharset); + } + + public byte[] getBytesValue() { + if(isConstructed() && theValue == null) { + throw new IllegalStateException("TLV ["+theTag+"]is constructed"); + } + return theValue; + } + + public int getIntValue() { + int i=0; + int j=0; + int number = 0; + + for (i = 0; i < theValue.length; i++) { + j=theValue[i]; + number = number * 256 + ( j<0 ? j+=256 : j); + } + return number; + } + + public List getValues() { + if(isPrimitive()) throw new IllegalStateException("Tag is PRIMITIVE"); + return theList; + } + + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + BerTlv berTlv = (BerTlv) o; + + if (theTag != null ? !theTag.equals(berTlv.theTag) : berTlv.theTag != null) return false; + if (!Arrays.equals(theValue, berTlv.theValue)) return false; + return theList != null ? theList.equals(berTlv.theList) : berTlv.theList == null; + } + + @Override + public int hashCode() { + int result = theTag != null ? theTag.hashCode() : 0; + result = 31 * result + Arrays.hashCode(theValue); + result = 31 * result + (theList != null ? theList.hashCode() : 0); + return result; + } + + @Override + public String toString() { + + return "BerTlv{" + + "theTag=" + theTag + + ", theValue=" + Arrays.toString(theValue) + + ", theList=" + theList + + '}'; + } + +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/BerTlvBuilder.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/BerTlvBuilder.java new file mode 100644 index 00000000..c3087329 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/BerTlvBuilder.java @@ -0,0 +1,254 @@ +package gov.gsa.pivconformance.cardlib.tlv; + + +import java.math.BigDecimal; +import java.nio.charset.Charset; +import java.text.SimpleDateFormat; +import java.util.Date; + +/** + * + */ +public class BerTlvBuilder { + + private static final Charset ASCII = Charset.forName("US-ASCII"); + private static final BigDecimal HUNDRED = new BigDecimal(100); + private static final int DEFAULT_SIZE = 24 * 1024; + + public BerTlvBuilder() { + this((BerTag)null); + } + + public BerTlvBuilder(BerTag aTemplate) { + this(aTemplate, new byte[DEFAULT_SIZE], 0, DEFAULT_SIZE); + } + + + public BerTlvBuilder(BerTlvs tlvs) { + this((BerTag)null); + for (BerTlv tlv : tlvs.getList()) { + addBerTlv(tlv); + } + } + + public BerTlvBuilder(BerTag aTemplate, byte[] aBuffer, int aOffset, int aLength) { + theTemplate = aTemplate; + theBuffer = aBuffer; + thePos = aOffset; + theBufferOffset = aOffset; + } + + public static BerTlvBuilder from(BerTlv aTlv) { + if(aTlv.isConstructed()) { + BerTlvBuilder builder = template(aTlv.getTag()); + for (BerTlv tlv : aTlv.theList) { + builder.addBerTlv(tlv); + } + return builder; + } else { + return new BerTlvBuilder().addBerTlv(aTlv); + } + } + + public static BerTlvBuilder template(BerTag aTemplate) { + return new BerTlvBuilder(aTemplate); + } + + public BerTlvBuilder addEmpty(BerTag aObject) { + return addBytes(aObject, new byte[]{}, 0, 0); + } + + public BerTlvBuilder addByte(BerTag aObject, byte aByte) { + // type + int len = aObject.bytes.length; + System.arraycopy(aObject.bytes, 0, theBuffer, thePos, len); + thePos+=len; + + // len + theBuffer[thePos++] = 1; + + // value + theBuffer[thePos++] = aByte; + return this; + } + + public BerTlvBuilder addAmount(BerTag aObject, BigDecimal aAmount) { + BigDecimal numeric = aAmount.multiply(HUNDRED); + StringBuilder sb = new StringBuilder(12); + sb.append(numeric.longValue()); + while(sb.length() < 12) { + sb.insert(0, '0'); + } + return addHex(aObject, sb.toString()); + } + + public BerTlvBuilder addDate(BerTag aObject, Date aDate) { + SimpleDateFormat format = new SimpleDateFormat("yyMMdd"); + return addHex(aObject, format.format(aDate)); + } + + public BerTlvBuilder addTime(BerTag aObject, Date aDate) { + SimpleDateFormat format = new SimpleDateFormat("HHmmss"); + return addHex(aObject, format.format(aDate)); + } + + public int build() { + + if (theTemplate != null) { + + int tagLen = theTemplate.bytes.length; + int lengthBytesCount = calculateBytesCountForLength(thePos); + + // shifts array + System.arraycopy(theBuffer, theBufferOffset, theBuffer, tagLen + lengthBytesCount, thePos); + + // copies tag + System.arraycopy(theTemplate.bytes, 0, theBuffer, theBufferOffset, theTemplate.bytes.length); + + fillLength(theBuffer, tagLen, thePos); + + thePos += tagLen + lengthBytesCount; + } + return thePos; + } + + private void fillLength(byte[] aBuffer, int aOffset, int aLength) { + + if(aLength < 0x80) { + aBuffer[aOffset] = (byte) aLength; + + } else if (aLength <0x100) { + aBuffer[aOffset] = (byte) 0x81; + aBuffer[aOffset+1] = (byte) aLength; + + } else if( aLength < 0x10000) { + + aBuffer[aOffset] = (byte) 0x82; + aBuffer[aOffset+1] = (byte) (aLength / 0x100); + aBuffer[aOffset+2] = (byte) (aLength % 0x100); + + } else if( aLength < 0x1000000 ) { + aBuffer[aOffset] = (byte) 0x83; + aBuffer[aOffset+1] = (byte) (aLength / 0x10000); + aBuffer[aOffset+2] = (byte) (aLength / 0x100); + aBuffer[aOffset+3] = (byte) (aLength % 0x100); + } else { + throw new IllegalStateException("length ["+aLength+"] out of range (0x1000000)"); + } + } + + private int calculateBytesCountForLength(int aLength) { + int ret; + if(aLength < 0x80) { + ret = 1; + } else if (aLength <0x100) { + ret = 2; + } else if( aLength < 0x10000) { + ret = 3; + } else if( aLength < 0x1000000 ) { + ret = 4; + } else { + throw new IllegalStateException("length ["+aLength+"] out of range (0x1000000)"); + } + return ret; + } + + public BerTlvBuilder addHex(BerTag aObject, String aHex) { + byte[] buffer = HexUtil.parseHex(aHex); + return addBytes(aObject, buffer, 0, buffer.length); + } + + public BerTlvBuilder addBytes(BerTag aObject, byte[] aBytes) { + return addBytes(aObject, aBytes, 0, aBytes.length); + } + + public BerTlvBuilder addBytes(BerTag aTag, byte[] aBytes, int aFrom, int aLength) { + int tagLength = aTag.bytes.length; + int lengthBytesCount = calculateBytesCountForLength(aLength); + + // TAG + System.arraycopy(aTag.bytes, 0, theBuffer, thePos, tagLength); + thePos+=tagLength; + + // LENGTH + fillLength(theBuffer, thePos, aLength); + thePos += lengthBytesCount; + + // VALUE + System.arraycopy(aBytes, aFrom, theBuffer, thePos, aLength); + thePos+=aLength; + + return this; + } + + public BerTlvBuilder add(BerTlvBuilder aBuilder) { + byte[] array = aBuilder.buildArray(); + System.arraycopy(array, 0, theBuffer, thePos, array.length); + thePos+=array.length; + return this; + } + + + public BerTlvBuilder addBerTlv(BerTlv aTlv) { + if(aTlv.isConstructed()) { + return add(from(aTlv)); + } else { + return addBytes(aTlv.getTag(), aTlv.getBytesValue()); + } + } + + /** + * Add ASCII text + * + * @param aTag tag + * @param aText text + * @return builder + */ + public BerTlvBuilder addText(BerTag aTag, String aText) { + return addText(aTag, aText, ASCII); + } + + /** + * Add ASCII text + * + * @param aTag tag + * @param aText text + * @return builder + */ + public BerTlvBuilder addText(BerTag aTag, String aText, Charset aCharset) { + byte[] buffer = aText.getBytes(aCharset); + return addBytes(aTag, buffer, 0, buffer.length); + } + + public BerTlvBuilder addIntAsHex(BerTag aObject, int aCode, int aLength) { + StringBuilder sb = new StringBuilder(aLength*2); + sb.append(aCode); + while(sb.length() tlvs = new ArrayList(); + if(aLen==0) return new BerTlvs(tlvs); + + int offset = aOffset; + for(int i=0; i<100; i++) { + ParseResult result = parseWithResult(0, aBuf, offset, aLen-offset, false); + tlvs.add(result.tlv); + + if(result.offset>=aOffset+aLen) { + break; + } + + offset = result.offset; + + } + + return new BerTlvs(tlvs); + } + + private ParseResult parseWithResult(int aLevel, byte[] aBuf, int aOffset, int aLen) { + return parseWithResult(aLevel, aBuf, aOffset, aLen, true); + } + private ParseResult parseWithResult(int aLevel, byte[] aBuf, int aOffset, int aLen, boolean recurse) { + String levelPadding = createLevelPadding(aLevel); + if(aOffset+aLen > aBuf.length) { + throw new IllegalStateException("Length is out of the range [offset="+aOffset+", len="+aLen+", array.length="+aBuf.length+", level="+aLevel+"]"); + } + if(log.isDebugEnabled()) { + log.debug("{}parseWithResult(level={}, offset={}, len={}, buf={})", levelPadding, aLevel, aOffset, aLen, HexUtil.toFormattedHexString(aBuf, aOffset, aLen)); + } + + // tag + int tagBytesCount = getTagBytesCount(aBuf, aOffset); + BerTag tag = createTag(levelPadding, aBuf, aOffset, tagBytesCount); + if(log.isDebugEnabled()) { + log.debug("{}tag = {}, tagBytesCount={}, tagBuf={}", levelPadding, tag, tagBytesCount, HexUtil.toFormattedHexString(aBuf, aOffset, tagBytesCount)); + } + + // length + int lengthBytesCount = getLengthBytesCount(aBuf, aOffset + tagBytesCount); + int valueLength = getDataLength(aBuf, aOffset + tagBytesCount); + + if(log.isDebugEnabled()) { + log.debug("{}lenBytesCount = {}, len = {}, lenBuf = {}" + , levelPadding, lengthBytesCount, valueLength, HexUtil.toFormattedHexString(aBuf, aOffset + tagBytesCount, lengthBytesCount)); + } + + // value + if(tag.isConstructed() && recurse) { + + ArrayList list = new ArrayList(); + addChildren(aLevel, aBuf, aOffset, levelPadding, tagBytesCount, lengthBytesCount, valueLength, list); + + int resultOffset = aOffset + tagBytesCount + lengthBytesCount + valueLength; + if(log.isDebugEnabled()) { + log.debug("{}returning constructed offset = {}", levelPadding, resultOffset); + } + byte[] value = new byte[valueLength]; + System.arraycopy(aBuf, aOffset+tagBytesCount+lengthBytesCount, value, 0, valueLength); + return new ParseResult(new BerTlv(tag, list, value), resultOffset); + } else { + // value + byte[] value = new byte[valueLength]; + log.debug("src.length={}, srcPos={}, value.length={}, valueLength={}", + aBuf.length, aOffset+tagBytesCount+lengthBytesCount, value.length, valueLength); + System.arraycopy(aBuf, aOffset+tagBytesCount+lengthBytesCount, value, 0, valueLength); + int resultOffset = aOffset + tagBytesCount + lengthBytesCount + valueLength; + if(log.isDebugEnabled()) { + log.debug("{}value = {}", levelPadding, HexUtil.toFormattedHexString(value)); + log.debug("{}returning primitive offset = {}", levelPadding, resultOffset); + } + return new ParseResult(new BerTlv(tag, value), resultOffset); + } + + } + + /** + * + * @param aLevel level for debug + * @param aBuf buffer + * @param aOffset offset (first byte) + * @param levelPadding level padding (for debug) + * @param aTagBytesCount tag bytes count + * @param aDataBytesCount data bytes count + * @param valueLength length + * @param list list to add + */ + private void addChildren(int aLevel, byte[] aBuf, int aOffset, String levelPadding, int aTagBytesCount, int aDataBytesCount, int valueLength, ArrayList list) { + int startPosition = aOffset + aTagBytesCount + aDataBytesCount; + int len = valueLength; + while (startPosition <= aOffset + valueLength) { + ParseResult result = parseWithResult(aLevel+1, aBuf, startPosition, len); + list.add(result.tlv); + + startPosition = result.offset; + len = valueLength - startPosition; + + if(log.isDebugEnabled()) { + log.debug("{}level {}: adding {} with offset {}, startPosition={}, aDataBytesCount={}, valueLength={}" + , levelPadding, aLevel, result.tlv.getTag(), result.offset, startPosition, aDataBytesCount, valueLength); + } + } + } + + private String createLevelPadding(int aLevel) { + if(!log.isDebugEnabled()) { + return ""; + } + + StringBuilder sb = new StringBuilder(); + for(int i=0; i3) { + throw new IllegalStateException(String.format("At position %d the len is more then 3 [%d]", aOffset, numberOfBytes)); + } + + length = 0; + for(int i=aOffset+1; i aTlvs) { + tlvs = aTlvs; + } + + public BerTlv find(BerTag aTag) { + for (BerTlv tlv : tlvs) { + BerTlv found = tlv.find(aTag); + if(found!=null) { + return found; + } + } + return null; + } + + public List findAll(BerTag aTag) { + List list = new ArrayList(); + for (BerTlv tlv : tlvs) { + list.addAll(tlv.findAll(aTag)); + } + return list; + } + + + public List getList() { + return tlvs; + } + + private final List tlvs; + + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + BerTlvs berTlvs = (BerTlvs) o; + + return tlvs != null ? tlvs.equals(berTlvs.tlvs) : berTlvs.tlvs == null; + } + + @Override + public int hashCode() { + return tlvs != null ? tlvs.hashCode() : 0; + } + + @Override + public String toString() { + return "BerTlvs{" + + "tlvs=" + tlvs + + '}'; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/CCTTlvLogger.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/CCTTlvLogger.java new file mode 100644 index 00000000..81ddfce5 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/CCTTlvLogger.java @@ -0,0 +1,23 @@ +package gov.gsa.pivconformance.cardlib.tlv; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class CCTTlvLogger implements IBerTlvLogger { + + private Logger m_logger = null; + public CCTTlvLogger(Class clazz) { + m_logger = LoggerFactory.getLogger(clazz.toString() + ".TLVParser"); + } + + @Override + public boolean isDebugEnabled() { + return m_logger != null && m_logger.isDebugEnabled(); + } + + @Override + public void debug(String aFormat, Object... args) { + if (m_logger == null) return; + //m_logger.debug(aFormat, args); + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/ContainerRuleset.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/ContainerRuleset.java similarity index 79% rename from cardlib/src/main/java/gov/gsa/pivconformance/tlv/ContainerRuleset.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/ContainerRuleset.java index cf9e0569..f42a119a 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/ContainerRuleset.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/ContainerRuleset.java @@ -1,50 +1,45 @@ -package gov.gsa.pivconformance.tlv; - -import java.util.HashMap; - -import gov.gsa.pivconformance.tlv.TagLengthRule; - -/** - * Each ContainerRuleset consists of a container name and HashMap of - * TagLengthRules for each tag in the container - * - */ -public class ContainerRuleset { - private String m_containerName = null; - private HashMap m_tagRuleset = new HashMap(); - - public ContainerRuleset(String containerName) { - this.m_containerName = containerName; - this.m_tagRuleset = new HashMap(); - } - - /** - * Adds a container length rule to this container's ruleset - * - * @param tag container tag - * @param RULE length rule to apply - */ - public void add(BerTag tag, TagLengthRule RULE) { - m_tagRuleset.put(tag, RULE); - } - - /** - * Gets the list of tags and rules for this container - * - * @return - */ - - public String getContainerName() { - return m_containerName; - } - - /** - * Gets the list of tags and rules for this container - * - * @return - */ - - public HashMap getTagRuleset() { - return m_tagRuleset; - } -} +package gov.gsa.pivconformance.cardlib.tlv; + +import java.util.HashMap; + +import gov.gsa.pivconformance.cardlib.tlv.TagLengthRule; + +/** + * Each ContainerRuleset consists of a container name and HashMap of TagLengthRules for each tag in the container + + */ +public class ContainerRuleset { + private String m_containerName = null; + private HashMap m_tagRuleset = new HashMap(); + + public ContainerRuleset(String containerName) { + this.m_containerName = containerName; + this.m_tagRuleset = new HashMap(); + } + + /** + * Adds a container length rule to this container's ruleset + * @param tag container tag + * @param RULE length rule to apply + */ + public void add(BerTag tag, TagLengthRule RULE) { + m_tagRuleset.put(tag, RULE); + } + + /** + * Gets the list of tags and rules for this container + * @return + */ + + public String getContainerName() { + return m_containerName; + } + /** + * Gets the list of tags and rules for this container + * @return + */ + + public HashMap getTagRuleset() { + return m_tagRuleset; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/HexUtil.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/HexUtil.java new file mode 100644 index 00000000..42062dcd --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/HexUtil.java @@ -0,0 +1,74 @@ +package gov.gsa.pivconformance.cardlib.tlv; + +public class HexUtil { + + private static final char[] CHARS_TABLES = "0123456789ABCDEF".toCharArray(); + static final byte[] BYTES = new byte[128]; + + static { + for (int i = 0; i < 10; i++) { + BYTES['0' + i] = (byte) i; + BYTES['A' + i] = (byte) (10 + i); + BYTES['a' + i] = (byte) (10 + i); + } + } + + public static String toHexString(byte[] aBytes) { + return toHexString(aBytes, 0, aBytes.length); + } + + public static String toFormattedHexString(byte[] aBytes) { + return toFormattedHexString(aBytes, 0, aBytes.length); + } + + public static String toHexString(byte[] aBytes, int aLength) { + return toHexString(aBytes, 0, aLength); + } + + public static byte[] parseHex(String aHexString) { + char[] src = aHexString.replace("\n", "").replace(" ", "").toUpperCase().toCharArray(); + byte[] dst = new byte[src.length / 2]; + + for (int si = 0, di = 0; di < dst.length; di++) { + byte high = BYTES[src[si++] & 0x7f]; + byte low = BYTES[src[si++] & 0x7f]; + dst[di] = (byte) ((high << 4) + low); + } + + return dst; + } + + public static String toFormattedHexString(byte[] aBytes, int aOffset, int aLength) { + StringBuilder sb = new StringBuilder(); + sb.append("["); + sb.append(aLength); + sb.append("] :"); + for (int si = aOffset, di = 0; si < aOffset+aLength; si++, di++) { + byte b = aBytes[si]; + if (di % 4 == 0) { + sb.append(" "); + } else { + sb.append(' '); + } + sb.append( CHARS_TABLES[(b & 0xf0) >>> 4] ); + sb.append( CHARS_TABLES[(b & 0x0f)] ); + + } + + return sb.toString(); + + } + + public static String toHexString(byte[] aBytes, int aOffset, int aLength) { + char[] dst = new char[aLength * 2]; + + for (int si = aOffset, di = 0; si < aOffset+aLength; si++) { + byte b = aBytes[si]; + dst[di++] = CHARS_TABLES[(b & 0xf0) >>> 4]; + dst[di++] = CHARS_TABLES[(b & 0x0f)]; + } + + return new String(dst); + } + +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/IBerTlvLogger.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/IBerTlvLogger.java new file mode 100644 index 00000000..c4ddb1df --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/IBerTlvLogger.java @@ -0,0 +1,8 @@ +package gov.gsa.pivconformance.cardlib.tlv; + +public interface IBerTlvLogger { + + boolean isDebugEnabled(); + + void debug(String aFormat, Object ...args); +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/TagBoundaryManager.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/TagBoundaryManager.java similarity index 84% rename from cardlib/src/main/java/gov/gsa/pivconformance/tlv/TagBoundaryManager.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/TagBoundaryManager.java index 0deda974..df1eb659 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/TagBoundaryManager.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/TagBoundaryManager.java @@ -1,289 +1,273 @@ -package gov.gsa.pivconformance.tlv; - -import java.util.ArrayList; -import java.util.HashMap; - -import org.bouncycastle.util.encoders.Hex; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import gov.gsa.pivconformance.tlv.TagLengthRule; -import gov.gsa.pivconformance.tlv.TagLengthRule.CONSTRAINT; -import gov.gsa.pivconformance.tlv.TagConstants; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.CardClientException; -import gov.gsa.pivconformance.card.client.SoftTagBoundaryException; -import gov.gsa.pivconformance.tlv.ContainerRuleset; - -/** - * This class is intended to be used side-by-side SP 800-73 for quick - * comparison/updates to lengths. - * - * TODO: This class statically marks a tag as eligible per SP 800-73-4 table, - * but until the tag is obtained, we only know that it is allowed in-contecxt if - * the container also contains a separate signing cert. That gets determined - * when the container is loaded and we've determined that there is or is not a - * cert. Whether the tool looks for that needs to be flushed out. - * - */ -public class TagBoundaryManager { - private static final Logger s_logger = LoggerFactory.getLogger(TagBoundaryManager.class); - private static final HashMap m_maxLenMap = new HashMap(); - - private void initCache() { - /* - * This cache gets hung from the - * gov.gsa.pivconformance.card.client.DataModelSingleton object with a public - * accessor getLengthRules() method. - */ - // Handle cert containers from Table 10, 15, 16, 17, 20-39, 42 of SP 800-73-4 - ArrayList certNames = new ArrayList(); - certNames.add(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_NAME); - certNames.add(APDUConstants.X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_NAME); - certNames.add(APDUConstants.X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_NAME); - certNames.add(APDUConstants.X509_CERTIFICATE_FOR_KEY_MANAGEMENT_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_1_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_2_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_3_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_4_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_5_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_6_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_7_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_8_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_9_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_10_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_11_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_12_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_13_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_14_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_15_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_16_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_17_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_18_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_19_NAME); - certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_20_NAME); - certNames.add(APDUConstants.SECURE_MESSAGING_CERTIFICATE_SIGNER_NAME); - - // SP800-73-4 Part 1, Table 8. Card Capability Container tags - ContainerRuleset crs = new ContainerRuleset(APDUConstants.CARD_CAPABILITY_CONTAINER_NAME); - crs.add(new BerTag(TagConstants.CARD_IDENTIFIER_TAG), new TagLengthRule(CONSTRAINT.OR, 0, 21)); - crs.add(new BerTag(TagConstants.CAPABILITY_CONTAINER_VERSION_NUMBER_TAG), - new TagLengthRule(CONSTRAINT.OR, 0, 1)); - crs.add(new BerTag(TagConstants.CAPABILITY_GRAMMAR_VERSION_NUMBER_TAG), new TagLengthRule(CONSTRAINT.OR, 0, 1)); - crs.add(new BerTag(TagConstants.APPLICATIONS_CARDURL_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 128)); - crs.add(new BerTag(TagConstants.PKCS15_TAG), new TagLengthRule(CONSTRAINT.OR, 0, 1)); - crs.add(new BerTag(TagConstants.REGISTERED_DATA_MODEL_NUMBER_TAG), new TagLengthRule(CONSTRAINT.FIXED, 1, 1)); - crs.add(new BerTag(TagConstants.ACCESS_CONTROL_RULE_TABLE_TAG), new TagLengthRule(CONSTRAINT.OR, 0, 17)); - crs.add(new BerTag(TagConstants.CARD_APDUS_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); - crs.add(new BerTag(TagConstants.REDIRECTION_TAG_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); - crs.add(new BerTag(TagConstants.CAPABILITY_TUPLES_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); - crs.add(new BerTag(TagConstants.STATUS_TUPLES_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); - crs.add(new BerTag(TagConstants.NEXT_CCC_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); - crs.add(new BerTag(TagConstants.EXTENDED_APPLICATION_CARDURL_TAG), new TagLengthRule(CONSTRAINT.FIXED, 48, 48)); - crs.add(new BerTag(TagConstants.SECURITY_OBJECT_BUFFER_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 48)); - crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); - m_maxLenMap.put(crs.getContainerName(), crs); - - // SP800-73-4 Part 1, Table 9. Card Holder Unique Identifier tags - crs = new ContainerRuleset(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_NAME); - crs.add(new BerTag(TagConstants.BUFFER_LENGTH_TAG), new TagLengthRule(CONSTRAINT.FIXED, 2, 2)); - crs.add(new BerTag(TagConstants.FASC_N_TAG), new TagLengthRule(CONSTRAINT.FIXED, 25, 25)); - crs.add(new BerTag(TagConstants.ORGANIZATIONAL_IDENTIFIER_TAG), new TagLengthRule(CONSTRAINT.FIXED, 4, 4)); - crs.add(new BerTag(TagConstants.DUNS_TAG), new TagLengthRule(CONSTRAINT.FIXED, 9, 9)); - crs.add(new BerTag(TagConstants.GUID_TAG), new TagLengthRule(CONSTRAINT.FIXED, 16, 16)); - crs.add(new BerTag(TagConstants.CHUID_EXPIRATION_DATE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 8, 8)); - crs.add(new BerTag(TagConstants.CARDHOLDER_UUID_TAG), new TagLengthRule(CONSTRAINT.FIXED, 16, 16)); - crs.add(new BerTag(TagConstants.ISSUER_ASYMMETRIC_SIGNATURE_TAG), - new TagLengthRule(CONSTRAINT.VARIABLE, 0, 3200, true)); - crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); - m_maxLenMap.put(crs.getContainerName(), crs); - - // Handle cert containers from Table 10, 15, 16, 17, 20-39, 42 of SP 800-73-4 - - for (String cn : certNames) { - crs = new ContainerRuleset(cn); - crs.add(new BerTag(TagConstants.CERTIFICATE_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 1858, true)); - crs.add(new BerTag(TagConstants.CERTINFO_TAG), new TagLengthRule(CONSTRAINT.FIXED, 1, 1)); - crs.add(new BerTag(TagConstants.MSCUID_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 38)); - crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); - m_maxLenMap.put(crs.getContainerName(), crs); - } - - // SP 800-73-4 Part 1, Table 11. Cardholder Fingerprints - crs = new ContainerRuleset(APDUConstants.CARDHOLDER_FINGERPRINTS_NAME); - crs.add(new BerTag(TagConstants.FINGERPRINT_I_AND_II_TAG), - new TagLengthRule(CONSTRAINT.VARIABLE, 88, 4000, true)); - crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); - m_maxLenMap.put(crs.getContainerName(), crs); - - // SP 800-73-4 Part 1, Table 12. Security Object - crs = new ContainerRuleset(APDUConstants.SECURITY_OBJECT_NAME); - crs.add(new BerTag(TagConstants.MAPPING_OF_DG_TO_CONTAINER_ID_TAG), - new TagLengthRule(CONSTRAINT.VARIABLE, 0, 30)); - crs.add(new BerTag(TagConstants.SECURITY_OBJECT_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 1298)); - crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); - m_maxLenMap.put(crs.getContainerName(), crs); - - // SP 800-73-4 Part 1, Table 13. Cardholder Facial Image - crs = new ContainerRuleset(APDUConstants.CARDHOLDER_FACIAL_IMAGE_NAME); - crs.add(new BerTag(TagConstants.IMAGE_FOR_VISUAL_VERIFICATION_TAG), - new TagLengthRule(CONSTRAINT.VARIABLE, 0, 12704, true)); - crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); - m_maxLenMap.put(crs.getContainerName(), crs); - - // SP 800-73-4 Part 1, Table 14. Printed Information tags - crs = new ContainerRuleset(APDUConstants.PRINTED_INFORMATION_NAME); - crs.add(new BerTag(TagConstants.NAME_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 125)); - crs.add(new BerTag(TagConstants.EMPLOYEE_AFFILIATION_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 20)); - crs.add(new BerTag(TagConstants.PRINTED_INFORMATION_EXPIRATION_DATE_TAG), - new TagLengthRule(CONSTRAINT.FIXED, 9, 9)); - crs.add(new BerTag(TagConstants.AGENCY_CARD_SERIAL_NUMBER_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 20)); - crs.add(new BerTag(TagConstants.ISSUER_IDENTIFICATION_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 15)); - crs.add(new BerTag(TagConstants.ORGANIZATIONAL_AFFILIATION_L1_TAG), - new TagLengthRule(CONSTRAINT.VARIABLE, 0, 20)); - crs.add(new BerTag(TagConstants.ORGANIZATIONAL_AFFILIATION_L2_TAG), - new TagLengthRule(CONSTRAINT.VARIABLE, 0, 20)); - crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); - m_maxLenMap.put(crs.getContainerName(), crs); - - // SP 800-73-4 Part 1, Table 18. Discovery Object - crs = new ContainerRuleset(APDUConstants.DISCOVERY_OBJECT_NAME); - crs.add(new BerTag(TagConstants.PIN_USAGE_POLICY_TAG), new TagLengthRule(CONSTRAINT.FIXED, 2, 2)); - crs.add(new BerTag(TagConstants.PIV_CARD_APPLICATION_AID_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 10, 12)); - m_maxLenMap.put(crs.getContainerName(), crs); - - // SP 800-73-4 Part 1, Table 19. Key History - crs = new ContainerRuleset(APDUConstants.KEY_HISTORY_OBJECT_NAME); - crs.add(new BerTag(TagConstants.KEYS_WITH_ON_CARD_CERTS_TAG), new TagLengthRule(CONSTRAINT.FIXED, 1, 1)); - crs.add(new BerTag(TagConstants.KEYS_WITH_OFF_CARD_CERTS_TAG), new TagLengthRule(CONSTRAINT.FIXED, 1, 1)); - // TODO: Handle conditional hmmm... - crs.add(new BerTag(TagConstants.OFF_CARD_CERT_URL_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 118)); - crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); - m_maxLenMap.put(crs.getContainerName(), crs); - - // SP 800-73-4 Part 1, Table 40. Cardholder Iris Images - crs = new ContainerRuleset(APDUConstants.CARDHOLDER_IRIS_IMAGES_NAME); - crs.add(new BerTag(TagConstants.IMAGES_FOR_IRIS_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 7100, true)); - crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); - m_maxLenMap.put(crs.getContainerName(), crs); - - // SP 800-73-4 Part 1, Table 41. Biometric Information Templates Group Template - crs = new ContainerRuleset(APDUConstants.BIOMETRIC_INFORMATION_TEMPLATES_GROUP_TEMPLATE_NAME); - crs.add(new BerTag(TagConstants.NUMBER_OF_FINGERS_TAG), new TagLengthRule(CONSTRAINT.FIXED, 1, 1)); - crs.add(new BerTag(TagConstants.BIT_FOR_FIRST_FINGER_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 28)); - crs.add(new BerTag(TagConstants.BIT_FOR_SECOND_FINGER_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 28)); - crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); - m_maxLenMap.put(crs.getContainerName(), crs); - - // SP 800-73-4 Part 1, Table 43. Pairing Code Reference Data - crs = new ContainerRuleset(APDUConstants.PAIRING_CODE_REFERENCE_DATA_CONTAINER_NAME); - crs.add(new BerTag(TagConstants.PAIRING_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 1, 1)); - crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); - m_maxLenMap.put(crs.getContainerName(), crs); - } - - /* - * Public constructor - */ - - public TagBoundaryManager() { - initCache(); - } - - /** - * Gets the tag length rules - * - * @param name container name - * @return HashMap of TagLengthRule objects, one for each tag - */ - private HashMap getTagLengthRules(String name) { - ContainerRuleset cr = m_maxLenMap.get(name); - HashMap tlr = null; - tlr = cr.getTagRuleset(); - return tlr; - } - - /** - * Determines whether the length of the byte array corresponding to the tag - * falls within the length boundaries for that container - * - * @param tag the element's tag - * @param byteLength computed by adding value lengths from the value length - * under test - * @return the difference between the prescribed lengths and the value length, - * hopefully all bits clear - * @throws NullPointerException - * @throws CardClientException - */ - public int lengthDelta(String containerName, BerTag tag, int bytesLength) - throws NullPointerException, CardClientException, SoftTagBoundaryException { - int rv = -1; - HashMap tlRules = getTagLengthRules(containerName); - if (tlRules == null) { - String errStr = (String.format("Rules for container %s, tag 0x%02x is null", containerName, - Hex.toHexString(tag.bytes))); - s_logger.error(errStr); - NullPointerException e = new NullPointerException(errStr); - throw (e); - } - TagLengthRule tlr = tlRules.get(tag); - int hi = tlr.getHighVal(); - int lo = tlr.getLowVal(); - CONSTRAINT rule = tlr.getRule(); - if ((rule = tlr.getRule()) != null) { - switch (rule) { - case VARIABLE: - // When there's a range, negative indicates below floor, - // positive indicates above ceiling, zero indicates in range. - if (bytesLength >= lo && bytesLength <= hi) { - rv = 0; // Pass - } else if (bytesLength < lo) { - rv = lo - bytesLength; - } else { - rv = bytesLength - hi; - ; - } - break; - - case OR: - // Here, we want the return value to indicate what didn't match - if (bytesLength == lo || bytesLength == hi) { - rv = 0; // Pass - } else { - rv = ((bytesLength != lo) ? 1 : 0) << 1; - rv |= (bytesLength != hi) ? 1 : 0; - } - break; - case FIXED: - if (bytesLength == lo && bytesLength == hi) { // Check for typos in maxLenMap i suppose - rv = 0; // Pass - } - break; - default: // Let's fail the programmer - String errStr = String.format("Rule for %s, container %s has unknown rule", Hex.toHexString(tag.bytes)); - s_logger.error(errStr); - break; - } - } - if (rv != 0) { - if (tlr.hasSoftUpperBound()) { - String errStr = String.format("Container %s, Tag %s varies from SP 800-73-4 table by %d", containerName, - Hex.toHexString(tag.bytes), rv); - try { - rv = 0; // TODO: Here, we should *really* be checking a boolean m_signerCertEmbedded - // flag. - errStr += " (ignored due to tag container rule)"; - throw new SoftTagBoundaryException(errStr); - } catch (SoftTagBoundaryException e) { - s_logger.error(errStr); - } - } else { - String errStr = String.format("Container %s, Tag %s varies from SP 800-73-4 table by %d", containerName, - Hex.toHexString(tag.bytes), rv); - s_logger.error(errStr); - throw new CardClientException(errStr); - } - } - return rv; - } -} +package gov.gsa.pivconformance.cardlib.tlv; + +import java.util.ArrayList; +import java.util.HashMap; + +import org.bouncycastle.util.encoders.Hex; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import gov.gsa.pivconformance.cardlib.tlv.TagLengthRule; +import gov.gsa.pivconformance.cardlib.tlv.TagLengthRule.CONSTRAINT; +import gov.gsa.pivconformance.cardlib.tlv.TagConstants; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.CardClientException; +import gov.gsa.pivconformance.cardlib.card.client.SoftTagBoundaryException; +import gov.gsa.pivconformance.cardlib.tlv.ContainerRuleset; +/** + * This class is intended to be used side-by-side SP 800-73 for quick comparison/updates to + * lengths. + * + * TODO: This class statically marks a tag as eligible per SP 800-73-4 table, but until the tag is obtained, + * we only know that it is allowed in-contecxt if the container also contains a separate signing cert. That gets + * determined when the container is loaded and we've determined that there is or is not a cert. Whether the tool looks + * for that needs to be flushed out. + * + */ +public class TagBoundaryManager { + private static final Logger s_logger = LoggerFactory.getLogger(TagBoundaryManager.class); + private static final HashMap m_maxLenMap = new HashMap(); + + private void initCache() { + /* + * This cache gets hung from the gov.gsa.pivconformance.card.client.DataModelSingleton object + * with a public accessor getLengthRules() method. + */ + // Handle cert containers from Table 10, 15, 16, 17, 20-39, 42 of SP 800-73-4 + ArrayList certNames = new ArrayList(); + certNames.add(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_NAME); + certNames.add(APDUConstants.X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_NAME); + certNames.add(APDUConstants.X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_NAME); + certNames.add(APDUConstants.X509_CERTIFICATE_FOR_KEY_MANAGEMENT_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_1_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_2_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_3_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_4_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_5_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_6_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_7_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_8_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_9_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_10_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_11_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_12_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_13_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_14_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_15_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_16_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_17_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_18_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_19_NAME); + certNames.add(APDUConstants.RETIRED_X_509_CERTIFICATE_FOR_KEY_MANAGEMENT_20_NAME); + certNames.add(APDUConstants.SECURE_MESSAGING_CERTIFICATE_SIGNER_NAME); + + // SP800-73-4 Part 1, Table 8. Card Capability Container tags + ContainerRuleset crs = new ContainerRuleset(APDUConstants.CARD_CAPABILITY_CONTAINER_NAME); + crs.add(new BerTag(TagConstants.CARD_IDENTIFIER_TAG), new TagLengthRule(CONSTRAINT.OR, 0, 21)); + crs.add(new BerTag(TagConstants.CAPABILITY_CONTAINER_VERSION_NUMBER_TAG), new TagLengthRule(CONSTRAINT.OR, 0, 1)); + crs.add(new BerTag(TagConstants.CAPABILITY_GRAMMAR_VERSION_NUMBER_TAG), new TagLengthRule(CONSTRAINT.OR, 0, 1)); + crs.add(new BerTag(TagConstants.APPLICATIONS_CARDURL_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 128)); + crs.add(new BerTag(TagConstants.PKCS15_TAG), new TagLengthRule(CONSTRAINT.OR, 0, 1)); + crs.add(new BerTag(TagConstants.REGISTERED_DATA_MODEL_NUMBER_TAG), new TagLengthRule(CONSTRAINT.FIXED, 1, 1)); + crs.add(new BerTag(TagConstants.ACCESS_CONTROL_RULE_TABLE_TAG), new TagLengthRule(CONSTRAINT.OR, 0, 17)); + crs.add(new BerTag(TagConstants.CARD_APDUS_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); + crs.add(new BerTag(TagConstants.REDIRECTION_TAG_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); + crs.add(new BerTag(TagConstants.CAPABILITY_TUPLES_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); + crs.add(new BerTag(TagConstants.STATUS_TUPLES_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); + crs.add(new BerTag(TagConstants.NEXT_CCC_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); + crs.add(new BerTag(TagConstants.EXTENDED_APPLICATION_CARDURL_TAG), new TagLengthRule(CONSTRAINT.FIXED, 48, 48)); + crs.add(new BerTag(TagConstants.SECURITY_OBJECT_BUFFER_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 48)); + crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); + m_maxLenMap.put(crs.getContainerName(), crs); + + // SP800-73-4 Part 1, Table 9. Card Holder Unique Identifier tags + crs = new ContainerRuleset(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_NAME); + crs.add(new BerTag(TagConstants.BUFFER_LENGTH_TAG), new TagLengthRule(CONSTRAINT.FIXED, 2, 2)); + crs.add(new BerTag(TagConstants.FASC_N_TAG), new TagLengthRule(CONSTRAINT.FIXED, 25, 25)); + crs.add(new BerTag(TagConstants.ORGANIZATIONAL_IDENTIFIER_TAG), new TagLengthRule(CONSTRAINT.FIXED, 4, 4)); + crs.add(new BerTag(TagConstants.DUNS_TAG), new TagLengthRule(CONSTRAINT.FIXED, 9, 9)); + crs.add(new BerTag(TagConstants.GUID_TAG), new TagLengthRule(CONSTRAINT.FIXED, 16, 16)); + crs.add(new BerTag(TagConstants.CHUID_EXPIRATION_DATE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 8, 8)); + crs.add(new BerTag(TagConstants.CARDHOLDER_UUID_TAG), new TagLengthRule(CONSTRAINT.FIXED, 16, 16)); + crs.add(new BerTag(TagConstants.ISSUER_ASYMMETRIC_SIGNATURE_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 3200, true)); + crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); + m_maxLenMap.put(crs.getContainerName(), crs); + + // Handle cert containers from Table 10, 15, 16, 17, 20-39, 42 of SP 800-73-4 + + for (String cn : certNames) { + crs = new ContainerRuleset(cn); + crs.add(new BerTag(TagConstants.CERTIFICATE_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 1858, true)); + crs.add(new BerTag(TagConstants.CERTINFO_TAG), new TagLengthRule(CONSTRAINT.FIXED, 1, 1)); + crs.add(new BerTag(TagConstants.MSCUID_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 38)); + crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); + m_maxLenMap.put(crs.getContainerName(), crs); + } + + // SP 800-73-4 Part 1, Table 11. Cardholder Fingerprints + crs = new ContainerRuleset(APDUConstants.CARDHOLDER_FINGERPRINTS_NAME); + crs.add(new BerTag(TagConstants.FINGERPRINT_I_AND_II_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 88, 4000, true)); + crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); + m_maxLenMap.put(crs.getContainerName(), crs); + + // SP 800-73-4 Part 1, Table 12. Security Object + crs = new ContainerRuleset(APDUConstants.SECURITY_OBJECT_NAME); + crs.add(new BerTag(TagConstants.MAPPING_OF_DG_TO_CONTAINER_ID_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 30)); + crs.add(new BerTag(TagConstants.SECURITY_OBJECT_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 1298)); + crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); + m_maxLenMap.put(crs.getContainerName(), crs); + + // SP 800-73-4 Part 1, Table 13. Cardholder Facial Image + crs = new ContainerRuleset(APDUConstants.CARDHOLDER_FACIAL_IMAGE_NAME); + crs.add(new BerTag(TagConstants.IMAGE_FOR_VISUAL_VERIFICATION_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 12704, true)); + crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); + m_maxLenMap.put(crs.getContainerName(), crs); + + // SP 800-73-4 Part 1, Table 14. Printed Information tags + crs = new ContainerRuleset(APDUConstants.PRINTED_INFORMATION_NAME); + crs.add(new BerTag(TagConstants.NAME_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 125)); + crs.add(new BerTag(TagConstants.EMPLOYEE_AFFILIATION_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 20)); + crs.add(new BerTag(TagConstants.PRINTED_INFORMATION_EXPIRATION_DATE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 9, 9)); + crs.add(new BerTag(TagConstants.AGENCY_CARD_SERIAL_NUMBER_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 20)); + crs.add(new BerTag(TagConstants.ISSUER_IDENTIFICATION_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 15)); + crs.add(new BerTag(TagConstants.ORGANIZATIONAL_AFFILIATION_L1_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 20)); + crs.add(new BerTag(TagConstants.ORGANIZATIONAL_AFFILIATION_L2_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 20)); + crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); + m_maxLenMap.put(crs.getContainerName(), crs); + + // SP 800-73-4 Part 1, Table 18. Discovery Object + crs = new ContainerRuleset(APDUConstants.DISCOVERY_OBJECT_NAME); + crs.add(new BerTag(TagConstants.PIN_USAGE_POLICY_TAG), new TagLengthRule(CONSTRAINT.FIXED, 2, 2)); + crs.add(new BerTag(TagConstants.PIV_CARD_APPLICATION_AID_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 10, 12)); + m_maxLenMap.put(crs.getContainerName(), crs); + + // SP 800-73-4 Part 1, Table 19. Key History + crs = new ContainerRuleset(APDUConstants.KEY_HISTORY_OBJECT_NAME); + crs.add(new BerTag(TagConstants.KEYS_WITH_ON_CARD_CERTS_TAG), new TagLengthRule(CONSTRAINT.FIXED, 1, 1)); + crs.add(new BerTag(TagConstants.KEYS_WITH_OFF_CARD_CERTS_TAG), new TagLengthRule(CONSTRAINT.FIXED, 1, 1)); + // TODO: Handle conditional hmmm... + crs.add(new BerTag(TagConstants.OFF_CARD_CERT_URL_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 118)); + crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); + m_maxLenMap.put(crs.getContainerName(), crs); + + // SP 800-73-4 Part 1, Table 40. Cardholder Iris Images + crs = new ContainerRuleset(APDUConstants.CARDHOLDER_IRIS_IMAGES_NAME); + crs.add(new BerTag(TagConstants.IMAGES_FOR_IRIS_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 7100, true)); + crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); + m_maxLenMap.put(crs.getContainerName(), crs); + + // SP 800-73-4 Part 1, Table 41. Biometric Information Templates Group Template + crs = new ContainerRuleset(APDUConstants.BIOMETRIC_INFORMATION_TEMPLATES_GROUP_TEMPLATE_NAME); + crs.add(new BerTag(TagConstants.NUMBER_OF_FINGERS_TAG), new TagLengthRule(CONSTRAINT.FIXED, 1, 1)); + crs.add(new BerTag(TagConstants.BIT_FOR_FIRST_FINGER_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 28)); + crs.add(new BerTag(TagConstants.BIT_FOR_SECOND_FINGER_TAG), new TagLengthRule(CONSTRAINT.VARIABLE, 0, 28)); + crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); + m_maxLenMap.put(crs.getContainerName(), crs); + + // SP 800-73-4 Part 1, Table 43. Pairing Code Reference Data + crs = new ContainerRuleset(APDUConstants.PAIRING_CODE_REFERENCE_DATA_CONTAINER_NAME); + crs.add(new BerTag(TagConstants.PAIRING_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 1, 1)); + crs.add(new BerTag(TagConstants.ERROR_DETECTION_CODE_TAG), new TagLengthRule(CONSTRAINT.FIXED, 0, 0)); + m_maxLenMap.put(crs.getContainerName(), crs); + } + + /* + * Public constructor + */ + + public TagBoundaryManager() { + initCache(); + } + + /** + * Gets the tag length rules + * + * @param name container name + * @return HashMap of TagLengthRule objects, one for each tag + */ + private HashMap getTagLengthRules(String name) { + ContainerRuleset cr = m_maxLenMap.get(name); + HashMap tlr = null; + tlr = cr.getTagRuleset(); + return tlr; + } + + /** + * Determines whether the length of the byte array corresponding to the tag + * falls within the length boundaries for that container + * + * @param tag the element's tag + * @param byteLength computed by adding value lengths from the value length + * under test + * @return the difference between the prescribed lengths and the value length, + * hopefully all bits clear + * @throws NullPointerException + * @throws CardClientException + */ + public int lengthDelta(String containerName, BerTag tag, int bytesLength) throws NullPointerException, CardClientException, SoftTagBoundaryException { + int rv = -1; + HashMap tlRules = getTagLengthRules(containerName); + if (tlRules == null) { + String errStr = (String.format("Rules for container %s, tag 0x%02x is null", containerName, Hex.toHexString(tag.bytes))); + s_logger.error(errStr); + NullPointerException e = new NullPointerException(errStr); + throw (e); + } + TagLengthRule tlr = tlRules.get(tag); + int hi = tlr.getHighVal(); + int lo = tlr.getLowVal(); + CONSTRAINT rule = tlr.getRule(); + if((rule = tlr.getRule()) != null) { + switch (rule) { + case VARIABLE: + // When there's a range, negative indicates below floor, + // positive indicates above ceiling, zero indicates in range. + if (bytesLength >= lo && bytesLength <= hi) { + rv = 0; // Pass + } else if (bytesLength < lo) { + rv = lo - bytesLength; + } else { + rv = bytesLength - hi;; + } + break; + + case OR: + // Here, we want the return value to indicate what didn't match + if (bytesLength == lo || bytesLength == hi) { + rv = 0; // Pass + } else { + rv = ((bytesLength != lo) ? 1 : 0) << 1; + rv |= (bytesLength != hi) ? 1 : 0; + } + break; + case FIXED: + if (bytesLength == lo && bytesLength == hi) { // Check for typos in maxLenMap i suppose + rv = 0; // Pass + } + break; + default: // Let's fail the programmer + String errStr = String.format("Rule for %s, container %s has unknown rule", Hex.toHexString(tag.bytes)); + s_logger.error(errStr); + break; + } + } + if (rv != 0) { + if (tlr.hasSoftUpperBound()) { + String errStr = String.format("Container %s, Tag %s varies from SP 800-73-4 table by %d", + containerName, Hex.toHexString(tag.bytes), rv); + try { + rv = 0; // TODO: Here, we should *really* be checking a boolean m_signerCertEmbedded flag. + errStr += " (ignored due to tag container rule)"; + throw new SoftTagBoundaryException(errStr); + } catch (SoftTagBoundaryException e) { + s_logger.error(errStr); + } + } else { + String errStr = String.format("Container %s, Tag %s varies from SP 800-73-4 table by %d", + containerName, Hex.toHexString(tag.bytes), rv); s_logger.error(errStr); + throw new CardClientException(errStr); + } + } + return rv; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/TagConstants.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/TagConstants.java similarity index 98% rename from cardlib/src/main/java/gov/gsa/pivconformance/tlv/TagConstants.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/TagConstants.java index c1fc9cd3..a8202487 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/TagConstants.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/TagConstants.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformance.tlv; +package gov.gsa.pivconformance.cardlib.tlv; import java.util.ArrayList; import java.util.HashMap; @@ -93,9 +93,9 @@ public static final List AllCCCTags() { public static final byte[] ORGANIZATIONAL_IDENTIFIER_TAG = { 0x32 }; public static final byte[] DUNS_TAG = { 0x33 }; public static final byte[] GUID_TAG = { 0x34 }; - public static final byte[] CHUID_EXPIRATION_DATE_TAG = { 0x35 }; + public static final byte[] CHUID_EXPIRATION_DATE_TAG = { 0x35 }; public static final byte[] CARDHOLDER_UUID_TAG = { 0x36 }; - public static final byte[] DEPRECATED_AUTHENTICATION_KEY_MAP = { 0x3D }; + public static final byte[] DEPRECATED_AUTHENTICATION_KEY_MAP ={ 0x3D }; public static final byte[] ISSUER_ASYMMETRIC_SIGNATURE_TAG = { 0x3E }; /** @@ -127,7 +127,7 @@ public static final List AllCHUIDTags() { public static final byte[] SECURITY_OBJECT_TAG = { (byte) 0xBB }; // SP800-73-4 Part 1, Table 13. Card Holder Facial Image Tags - public static final byte[] IMAGE_FOR_VISUAL_VERIFICATION_TAG = { (byte) 0xBC }; + public static final byte[] IMAGE_FOR_VISUAL_VERIFICATION_TAG = { (byte) 0xBC }; // SP800-73-4 Part 1, Table 14. Printed Information Tags public static final byte[] NAME_TAG = { 0x01 }; @@ -245,3 +245,4 @@ public static final List AllPrintedInfoTags() { } }; } + diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/TagLengthRule.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/TagLengthRule.java similarity index 85% rename from cardlib/src/main/java/gov/gsa/pivconformance/tlv/TagLengthRule.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/TagLengthRule.java index b5ff849a..656e7514 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/TagLengthRule.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tlv/TagLengthRule.java @@ -1,79 +1,79 @@ -/** - * - */ -package gov.gsa.pivconformance.tlv; - -/** - * One of three classes to encapsulate the rather fuzzy max lengths per Tables - * 8-43 in SP 800-73-4 TODO: Add logic to account for embedded content signing - * certs in biometrics. - */ -public class TagLengthRule { - private CONSTRAINT m_rule; - private int m_lowVal; - private int m_highVal; - private boolean m_softUpperBound; - - // Private constructor - public TagLengthRule(CONSTRAINT rule, int lowVal, int highVal, boolean softUpperBound) { - m_rule = rule; - m_lowVal = lowVal; - m_highVal = highVal; - m_softUpperBound = softUpperBound; - } - - // Additional constructor - public TagLengthRule(CONSTRAINT rule, int lowVal, int highVal) { - m_rule = rule; - m_lowVal = lowVal; - m_highVal = highVal; - m_softUpperBound = false; - } - - /** - * Eunumeration used to compute lengths of TLV values - * - */ - public static enum CONSTRAINT { - FIXED, OR, VARIABLE - }; - - /* - * Provides the RULE (for lack of a better word at the time) of the rule - * - * @return the RULE - */ - - public CONSTRAINT getRule() { - return m_rule; - } - - /* - * Provides the low value in the rule - * - * @return the low value in the rule - */ - public int getLowVal() { - return m_lowVal; - } - - /* - * Provides the high value in the rule - * - * @return the high value in the rule - */ - - public int getHighVal() { - return m_highVal; - } - - /* - * Indicates if a soft boundary exists (due to an embedded CMS or signing cert) - * - * @return whether this value is eligible to have a soft upper bound - */ - - public boolean hasSoftUpperBound() { - return m_softUpperBound; - } -} +/** + * + */ +package gov.gsa.pivconformance.cardlib.tlv; + +/** + * One of three classes to encapsulate the rather fuzzy max lengths per Tables 8-43 in SP + * 800-73-4 TODO: Add logic to account for embedded content signing certs in + * biometrics. + */ +public class TagLengthRule { + private CONSTRAINT m_rule; + private int m_lowVal; + private int m_highVal; + private boolean m_softUpperBound; + + // Private constructor + public TagLengthRule(CONSTRAINT rule, int lowVal, int highVal, boolean softUpperBound) { + m_rule = rule; + m_lowVal = lowVal; + m_highVal = highVal; + m_softUpperBound = softUpperBound; + } + + // Additional constructor + public TagLengthRule(CONSTRAINT rule, int lowVal, int highVal) { + m_rule = rule; + m_lowVal = lowVal; + m_highVal = highVal; + m_softUpperBound = false; + } + /** + * Eunumeration used to compute lengths of TLV values + * + */ + public static enum CONSTRAINT { + FIXED, OR, VARIABLE + }; + + /* + * Provides the RULE (for lack of a better word at the time) of the rule + * + * @return the RULE + */ + + public CONSTRAINT getRule() { + return m_rule; + } + + /* + * Provides the low value in the rule + * + * @return the low value in the rule + */ + public int getLowVal() { + return m_lowVal; + } + + /* + * Provides the high value in the rule + * + * @return the high value in the rule + */ + + public int getHighVal() { + return m_highVal; + } + + /* + * Indicates if a soft boundary exists (due to an embedded CMS or signing cert) + * + * @return whether this value is eligible to have a soft upper bound + */ + + public boolean hasSoftUpperBound() { + return m_softUpperBound; + } +} + \ No newline at end of file diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/AuthTest.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tools/AuthTest.java similarity index 93% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/AuthTest.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tools/AuthTest.java index b07b2e4f..19891aca 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/AuthTest.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tools/AuthTest.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.cardlib.tools; import javax.smartcardio.Card; import javax.smartcardio.CardChannel; @@ -11,8 +11,8 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.pivconformance.utils.PCSCUtils; -import gov.gsa.pivconformance.utils.PCSCWrapper; +import gov.gsa.pivconformance.cardlib.utils.PCSCUtils; +import gov.gsa.pivconformance.cardlib.utils.PCSCWrapper; public class AuthTest { diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tools/ConformanceTestRunner.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tools/ConformanceTestRunner.java new file mode 100644 index 00000000..56f5ea50 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tools/ConformanceTestRunner.java @@ -0,0 +1,120 @@ +package gov.gsa.pivconformance.cardlib.tools; + +import gov.gsa.pivconformance.cardlib.utils.PCSCUtils; +import gov.gsa.pivconformance.cardlib.utils.VersionUtils; +import org.apache.commons.cli.*; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.lang.invoke.MethodHandles; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + +public class ConformanceTestRunner { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(ConformanceTestRunner.class); + private static final Options s_options = new Options(); + static { + s_options.addOption("h", "help", false, "Print this help and exit"); + s_options.addOption( null, "listReaders", false, "Print a list of connected readers and exit"); + // Specify a specific reader, as given by --listReaders. If none is specified the first reader will be used + s_options.addOption("r", "reader", true, "Use the specified reader for conformance tests"); + s_options.addOption("t", "testConfig", true, "Use the specified test configuration file"); + s_options.addOption(null, "runSelected", true, "Run only the specified test cases (comma separated)"); + s_options.addOption(null, "runTagged", true, "Run all test cases with the specified tags (comma separated)"); + s_options.addOption(null, "dryRun", true, "Collect and configure test cases, and log which ones would be run, but do not execute"); + s_options.addOption("l", "logConfig", true, "Use the specified log configuration file"); + s_options.addOption("o", "outDir", true, "Specify the output directory for reports"); + s_options.addOption("n", false, "Number of times to repeat the run"); + } + + private static void PrintHelpAndExit(int exitCode) { + new HelpFormatter().printHelp("ConformanceTestRunner ", s_options); + System.exit(exitCode); + } + + private static List CheckIncompatibleOptions(String option, String incompatibleOptions, CommandLine cmd) { + List incompatibleOptionList = Arrays.asList(incompatibleOptions.split("\\s*,\\s*")); + // if the split didn't find anything, just treat the whole string as an option to test + if(incompatibleOptionList.isEmpty()) { + incompatibleOptionList.add(incompatibleOptions); + } + ArrayList messages = new ArrayList<>(); + for(String opt: incompatibleOptionList) { + if(cmd.hasOption(opt)) { + messages.add(option + " cannot be combined with " + opt + "."); + } + } + return messages; + } + + private static List CheckRequiredOptions(String option, String requiredOptions, CommandLine cmd) { + List requiredOptionList = Arrays.asList(requiredOptions.split("\\s*,\\s*")); + // if the split didn't find anything, just treat the whole string as an option to test + if(requiredOptionList.isEmpty()) { + requiredOptionList.add(requiredOptions); + } + ArrayList messages = new ArrayList<>(); + for(String opt: requiredOptionList) { + if(!cmd.hasOption(opt)) { + messages.add(option + " requires that " + opt + " also be specified."); + } + } + return messages; + } + + private static void LogErrorsIfNonEmptyAndExit(String msg, List messages, int exitCode) { + if(!messages.isEmpty()) { + if(msg != null && !msg.isEmpty()) s_logger.error(msg); + for(String message: messages) { + s_logger.error(message); + } + System.exit(exitCode); + } + } + + public static void main(String[] args) { + s_logger.info("main class: {}", MethodHandles.lookup().lookupClass().getSimpleName()); + s_logger.info("package version: {}", VersionUtils.GetPackageVersionString()); + s_logger.info("build time: {}", VersionUtils.GetPackageBuildTime()); + + CommandLineParser p = new DefaultParser(); + CommandLine cmd = null; + try { + cmd = p.parse(s_options, args); + } catch (ParseException e) { + s_logger.error("Failed to parse command line arguments", e); + PrintHelpAndExit(1); + } + + if(cmd.hasOption("help")) { + PrintHelpAndExit(0); + } + + if(cmd.hasOption("listReaders")) { + List messages = CheckIncompatibleOptions("listReaders", "reader,testConfig,runSingle,runTagged,outDir,n", cmd); + LogErrorsIfNonEmptyAndExit("Incompatible command line options found", messages, 1); + List readers = PCSCUtils.GetConnectedReaders(); + if(!readers.isEmpty()) { + s_logger.info("Currently connected readers:"); + int currReader = 0; + for (String reader : readers) { + currReader++; + s_logger.info("{}: {}", currReader, reader); + } + } else { + s_logger.info("No readers are connected."); + } + System.exit(0); + } + + if(cmd.hasOption("testConfig")) { + List messages = CheckIncompatibleOptions("testConfig", "listReaders", cmd); + LogErrorsIfNonEmptyAndExit("Incompatible command line options found", messages, 1); + messages = CheckRequiredOptions("testConfig", "outDir", cmd); + LogErrorsIfNonEmptyAndExit("Required command line options missing", messages, 1); + } + + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tools/PIVRunner.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tools/PIVRunner.java new file mode 100644 index 00000000..4f47c68d --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tools/PIVRunner.java @@ -0,0 +1,610 @@ +package gov.gsa.pivconformance.cardlib.tools; + +import gov.gsa.pivconformance.cardlib.card.client.*; +import gov.gsa.pivconformance.cardlib.tlv.*; +import gov.gsa.pivconformance.cardlib.utils.PCSCUtils; +import gov.gsa.pivconformance.cardlib.utils.VersionUtils; +import org.apache.commons.cli.*; +import org.apache.commons.codec.binary.Hex; +import org.bouncycastle.cms.CMSSignedData; +import org.bouncycastle.cms.SignerId; +import org.bouncycastle.cms.SignerInformation; +import org.bouncycastle.cms.SignerInformationStore; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import java.text.SimpleDateFormat; + +import javax.smartcardio.*; +import java.lang.invoke.MethodHandles; +import java.security.cert.X509Certificate; +import java.util.*; + +public class PIVRunner { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(PIVRunner.class); + private static final Options s_options = new Options(); + + static { + s_options.addOption("a", "all", false, "Scan all readers"); + s_options.addOption("h", "help", false, "Print this help and exit"); + } + + private static void PrintHelpAndExit(int exitCode) { + new HelpFormatter().printHelp("PIVRunner ", s_options); + System.exit(exitCode); + } + + public static boolean TestCard(CardHandle c) { + if(c.isValid()) { + CardTerminal t = c.getConnectionDescription().getTerminal(); + try { + if(t.isCardPresent()) { + s_logger.info("Card found in reader {}", t.getName()); + } else { + s_logger.error("No card was present in reader {}", t.getName()); + return false; + } + } catch (CardException e) { + s_logger.error("Card communication error", e); + } + Card conn = c.getCard(); + s_logger.info("Card connected."); + s_logger.info("Card protocol: {}", conn.getProtocol()); + s_logger.info("Card ATR: {}", Hex.encodeHexString(conn.getATR().getBytes())); + ApplicationProperties cardAppProperties = new ApplicationProperties(); + DefaultPIVApplication piv = new DefaultPIVApplication(); + ApplicationAID aid = new ApplicationAID(); + s_logger.info("Attempting to select default PIV application"); + MiddlewareStatus result = piv.pivSelectCardApplication(c, aid, cardAppProperties); + s_logger.info("pivSelectCardApplication() returned {}", result); + if(result == MiddlewareStatus.PIV_OK) { + byte[] pcap = cardAppProperties.getBytes(); + + byte [] appID = cardAppProperties.getAppID(); + String appLabel = cardAppProperties.getAppLabel(); + String url = cardAppProperties.getURL(); + List cryptoAlgs = cardAppProperties.getCryptoAlgs(); + byte [] coexistentTagAllocationAuthority = cardAppProperties.getCoexistentTagAllocationAuthority(); + + if(appID != null) + s_logger.info("Application identifier of application: {}", Hex.encodeHexString(appID)); + + if(coexistentTagAllocationAuthority != null) + s_logger.info("Coexistent tag allocation authority: {}", Hex.encodeHexString(coexistentTagAllocationAuthority)); + + if(appLabel != "") + s_logger.info("Application label: {}", appLabel); + + if(url != "") + s_logger.info("Uniform resource locator: {}", url); + + if(cryptoAlgs != null) { + for(byte[] b : cryptoAlgs) { + + s_logger.info("Cryptographic algorithms supported:"); + s_logger.info("Algorithm ID: {} Algorithm Description: {}", Hex.encodeHexString(b), TagConstants.algMAP.get(b)); + } + } + + + s_logger.info("PCAP: {}", Hex.encodeHexString(pcap)); + BerTlvParser tp = new BerTlvParser(new CCTTlvLogger(PIVRunner.class)); + BerTlv outer = tp.parseConstructed(pcap); + List values = outer.getValues(); + for(BerTlv tlv : values) { + if(tlv.isPrimitive()) { + s_logger.info("PCAP Tag {}: {}", Hex.encodeHexString(tlv.getTag().bytes), Hex.encodeHexString(tlv.getBytesValue())); + } else { + s_logger.info("PCAP object: {}", Hex.encodeHexString(tlv.getTag().bytes)); + } + } + + result = MiddlewareStatus.PIV_AUTHENTICATION_FAILURE; + + if(result != MiddlewareStatus.PIV_OK) + s_logger.error("Error authenticating to the smartcard: {}", result.toString()); + + X509Certificate signingCertificate = null; + + HashMap soDataElements = new HashMap(); + PIVDataObject securityObject = null; + + for(String containerOID : APDUConstants.MandatoryContainers()) { + PIVDataObject dataObject = PIVDataObjectFactory.createDataObjectForOid(containerOID); + s_logger.info("Attempting to read data object for OID {} ({})", containerOID, APDUConstants.oidNameMap.get(containerOID)); + result = piv.pivGetData(c, containerOID, dataObject); + if(result != MiddlewareStatus.PIV_OK) continue; + boolean decoded = dataObject.decode(); + s_logger.info("{} {}", dataObject.getFriendlyName(), decoded ? "decoded successfully" : "failed to decode"); + s_logger.info("pivGetData returned {}", result); + s_logger.info(dataObject.toString()); + + if(containerOID.equals(APDUConstants.CARD_CAPABILITY_CONTAINER_OID)) { + + s_logger.info("Card Identifier: {}", Hex.encodeHexString(((CardCapabilityContainer) dataObject).getCardIdentifier())); + s_logger.info("Capability Container Version Number: {}", Hex.encodeHexString(((CardCapabilityContainer) dataObject).getCapabilityContainerVersionNumber())); + s_logger.info("Capability Grammar Version Number: {}", Hex.encodeHexString(((CardCapabilityContainer) dataObject).getCapabilityGrammarVersionNumber())); + + List appCardURLList = ((CardCapabilityContainer) dataObject).getAppCardURL(); + + if (appCardURLList.size() > 0) { + s_logger.info("Applications CardURL List"); + for (byte[] u : appCardURLList) { + s_logger.info("{}", Hex.encodeHexString(u)); + } + } + + s_logger.info("Registered Data Model number: {}", Hex.encodeHexString(((CardCapabilityContainer) dataObject).getRegisteredDataModelNumber())); + s_logger.info("Access Control Rule Table: {}", Hex.encodeHexString(((CardCapabilityContainer) dataObject).getAccessControlRuleTable())); + + + s_logger.info("Card APDUs Tag Present: {}", ((CardCapabilityContainer) dataObject).getCardAPDUs()); + s_logger.info("RedirectionTag Tag Present: {}", ((CardCapabilityContainer) dataObject).getRedirectionTag()); + s_logger.info("Capability Tuples Tag Present: {}", ((CardCapabilityContainer) dataObject).getCapabilityTuples()); + s_logger.info("Status Tuples Tag Present: {}", ((CardCapabilityContainer) dataObject).getStatusTuples()); + s_logger.info("Next CCC Tag Present: {}", ((CardCapabilityContainer) dataObject).getNextCCC()); + + if (((CardCapabilityContainer) dataObject).getExtendedApplicationCardURL() != null) { + + List extendedAppCardURLList = ((CardCapabilityContainer) dataObject).getExtendedApplicationCardURL(); + + if (extendedAppCardURLList.size() > 0) { + s_logger.info("Extended Application CardURL List:"); + for (byte[] u2 : extendedAppCardURLList) { + s_logger.info(" {}", Hex.encodeHexString(u2)); + } + } + } + + if (((CardCapabilityContainer) dataObject).getSecurityObjectBuffer() != null) + s_logger.info("Security Object Buffer: {}", Hex.encodeHexString(((CardCapabilityContainer) dataObject).getSecurityObjectBuffer())); + + + s_logger.info("Error Detection Code Tag Present: {}", ((CardCapabilityContainer) dataObject).getErrorDetectionCode()); + + soDataElements.put(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, ((CardCapabilityContainer) dataObject).getSignedContent()); + } + + if (containerOID.equals(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID)) { + if (((CardHolderUniqueIdentifier) dataObject).getBufferLength() != null) { + s_logger.info("Buffer Length: {}", Hex.encodeHexString(((CardHolderUniqueIdentifier) dataObject).getBufferLength())); + } + s_logger.info("FASC-N: {}", Hex.encodeHexString(((CardHolderUniqueIdentifier) dataObject).getfASCN())); + if (((CardHolderUniqueIdentifier) dataObject).getOrganizationalIdentifier() != null) { + s_logger.info("Organizational Identifier: {}", Hex.encodeHexString(((CardHolderUniqueIdentifier) dataObject).getOrganizationalIdentifier())); + } + if (((CardHolderUniqueIdentifier) dataObject).getdUNS() != null) { + s_logger.info("DUNS: {}", Hex.encodeHexString(((CardHolderUniqueIdentifier) dataObject).getdUNS())); + } + s_logger.info("GUID: {}", Hex.encodeHexString(((CardHolderUniqueIdentifier) dataObject).getgUID())); + + SimpleDateFormat sdfmt = new SimpleDateFormat("MM/dd/yyyy"); + s_logger.info("Expiration Date: {}", sdfmt.format(((CardHolderUniqueIdentifier) dataObject).getExpirationDate())); + + s_logger.info("Cardholder UUID: {}", Hex.encodeHexString(((CardHolderUniqueIdentifier) dataObject).getCardholderUUID())); + s_logger.info("Issuer Asymmetric Signature Info:"); + + CMSSignedData sd = ((CardHolderUniqueIdentifier) dataObject).getAsymmetricSignature(); + SignerInformationStore signers = sd.getSignerInfos(); + Collection collection = signers.getSigners(); + Iterator it = collection.iterator(); + + while (it.hasNext()) + { + SignerInformation signer = it.next(); + SignerId sid = signer.getSID(); + String issuer = sid.getIssuer().toString(); + String serial = Hex.encodeHexString(sid.getSerialNumber().toByteArray()); + String skid = ""; + if( sid.getSubjectKeyIdentifier() != null) + skid = Hex.encodeHexString(sid.getSubjectKeyIdentifier()); + + if(sid.getSubjectKeyIdentifier() != null) + s_logger.info("Signer skid: {} ", skid); + else + s_logger.info("Signer Issuer: {}, Serial Number: {} ", issuer, serial); + + } + s_logger.info("Signature valid: {}", ((CardHolderUniqueIdentifier) dataObject).verifySignature()); + signingCertificate = ((CardHolderUniqueIdentifier) dataObject).getSignerCert(); + + s_logger.info("Error Detection Code Tag Present: {}", ((CardHolderUniqueIdentifier) dataObject).getErrorDetectionCode()); + + soDataElements.put(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, ((CardHolderUniqueIdentifier) dataObject).getChuidContainer()); + } + + if (containerOID.equals(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID)) { + X509Certificate pibAuthCert = ((X509CertificateDataObject) dataObject).getCertificate(); + + s_logger.info("PIV Auth Cert SubjectName: {}", pibAuthCert.getSubjectDN().getName()); + s_logger.info("PIV Auth Cert SerialNumber: {}", Hex.encodeHexString(pibAuthCert.getSerialNumber().toByteArray())); + s_logger.info("PIV Auth Cert IssuerName: {}", pibAuthCert.getSubjectDN().getName()); + } + + if (containerOID.equals(APDUConstants.CARDHOLDER_FINGERPRINTS_OID)) { + + s_logger.info("Fingerprint I & II: {}", Hex.encodeHexString(((CardHolderBiometricData) dataObject).getBiometricData())); + + + s_logger.info("Biometric Creation Date: {}", ((CardHolderBiometricData) dataObject).getBiometricCreationDate()); + s_logger.info("Validity Period From: {}", ((CardHolderBiometricData) dataObject).getValidityPeriodFrom()); + s_logger.info("Validity Period To: {}",((CardHolderBiometricData) dataObject).getValidityPeriodTo()); + + CMSSignedData sd = ((SignedPIVDataObject) dataObject).getAsymmetricSignature(); + SignerInformationStore signers = sd.getSignerInfos(); + Collection collection = signers.getSigners(); + Iterator it = collection.iterator(); + + while (it.hasNext()) + { + SignerInformation signer = it.next(); + SignerId sid = signer.getSID(); + String issuer = sid.getIssuer().toString(); + String serial = Hex.encodeHexString(sid.getSerialNumber().toByteArray()); + String skid = ""; + if( sid.getSubjectKeyIdentifier() != null) + skid = Hex.encodeHexString(sid.getSubjectKeyIdentifier()); + + if(sid.getSubjectKeyIdentifier() != null) + s_logger.info("Signer skid: {} ", skid); + else + s_logger.info("Signer Issuer: {}, Serial Number: {} ", issuer, serial); + + } + if(signingCertificate != null) + s_logger.info("Is signatue valid: {}",((SignedPIVDataObject) dataObject).verifySignature()); + else + s_logger.info("Missing signing certificate to verify signature."); + + + s_logger.info("Error Detection Code Tag Present: {}", ((CardHolderBiometricData) dataObject).getErrorDetectionCode()); + + soDataElements.put(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, ((CardHolderBiometricData) dataObject).getCbeffContainer()); + } + + if (containerOID.equals(APDUConstants.SECURITY_OBJECT_OID)) { + + s_logger.info("RAW Mapping of DG to ContainerID value: {}", Hex.encodeHexString(((SecurityObject) dataObject).getMapping())); + + HashMap idMap = ((SecurityObject) dataObject).getContainerIDList(); + + s_logger.info("List of containers included in the Security Object:"); + for (HashMap.Entry entry : idMap.entrySet()) { + s_logger.info("Container ID: {}, Container Name: {}, Container OID: {}",entry.getKey(), entry.getValue(), APDUConstants.oidNameMap.get(entry.getValue())); + } + + CMSSignedData sd = ((SignedPIVDataObject) dataObject).getAsymmetricSignature(); + SignerInformationStore signers = sd.getSignerInfos(); + Collection collection = signers.getSigners(); + Iterator it = collection.iterator(); + + while (it.hasNext()) + { + SignerInformation signer = it.next(); + SignerId sid = signer.getSID(); + String issuer = sid.getIssuer().toString(); + String serial = Hex.encodeHexString(sid.getSerialNumber().toByteArray()); + String skid = ""; + if( sid.getSubjectKeyIdentifier() != null) + skid = Hex.encodeHexString(sid.getSubjectKeyIdentifier()); + + if(sid.getSubjectKeyIdentifier() != null) + s_logger.info("Signer skid: {} ", skid); + else + s_logger.info("Signer Issuer: {}, Serial Number: {} ", issuer, serial); + + } + //s_logger.info("Error Detection Code Tag Present: {}", ((SecurityObject) dataObject).getErrorDetectionCode()); + + s_logger.info("SecurityObject signatue valid: {}", ((SignedPIVDataObject) dataObject).verifySignature()); + + securityObject = dataObject; + } + + if (containerOID.equals(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID)) { + s_logger.info("Image for Visual Verification: {}", Hex.encodeHexString(((CardHolderBiometricData) dataObject).getBiometricData())); + + s_logger.info("Biometric Creation Date: {}", ((CardHolderBiometricData) dataObject).getBiometricCreationDate()); + s_logger.info("Validity Period From: {}", ((CardHolderBiometricData) dataObject).getValidityPeriodFrom()); + s_logger.info("Validity Period To: {}", ((CardHolderBiometricData) dataObject).getValidityPeriodTo()); + + + CMSSignedData sd = ((SignedPIVDataObject) dataObject).getAsymmetricSignature(); + SignerInformationStore signers = sd.getSignerInfos(); + Collection collection = signers.getSigners(); + Iterator it = collection.iterator(); + + while (it.hasNext()) + { + SignerInformation signer = it.next(); + SignerId sid = signer.getSID(); + String issuer = sid.getIssuer().toString(); + String serial = Hex.encodeHexString(sid.getSerialNumber().toByteArray()); + String skid = ""; + if( sid.getSubjectKeyIdentifier() != null) + skid = Hex.encodeHexString(sid.getSubjectKeyIdentifier()); + + if(sid.getSubjectKeyIdentifier() != null) + s_logger.info("Signer skid: {} ", skid); + else + s_logger.info("Signer Issuer: {}, Serial Number: {} ", issuer, serial); + } + + if(signingCertificate != null) + s_logger.info("Is signatue valid: {}",((SignedPIVDataObject) dataObject).verifySignature()); + else + s_logger.info("Missing signing certificate to verify signature."); + + s_logger.info("Error Detection Code Tag Present: {}", ((CardHolderBiometricData) dataObject).getErrorDetectionCode()); + + soDataElements.put(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, ((CardHolderBiometricData) dataObject).getCbeffContainer()); + } + + if(containerOID.equals(APDUConstants.X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID)){ + X509Certificate pibAuthCert = ((X509CertificateDataObject) dataObject).getCertificate(); + + s_logger.info("Key Managment Cert SubjectName: {}", pibAuthCert.getSubjectDN().getName()); + s_logger.info("Key Managment Cert SerialNumber: {}", Hex.encodeHexString(pibAuthCert.getSerialNumber().toByteArray())); + s_logger.info("Key Managment Cert IssuerName: {}", pibAuthCert.getSubjectDN().getName()); + } + + if(containerOID.equals(APDUConstants.X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID)){ + X509Certificate pibAuthCert = ((X509CertificateDataObject) dataObject).getCertificate(); + + s_logger.info("Digital Signature Cert SubjectName: {}", pibAuthCert.getSubjectDN().getName()); + s_logger.info("Digital Signature SerialNumber: {}", Hex.encodeHexString(pibAuthCert.getSerialNumber().toByteArray())); + s_logger.info("Digital Signature IssuerName: {}", pibAuthCert.getSubjectDN().getName()); + } + + if(containerOID.equals(APDUConstants.X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID)){ + X509Certificate pibAuthCert = ((X509CertificateDataObject) dataObject).getCertificate(); + + s_logger.info("Card Auth Cert SubjectName: {}", pibAuthCert.getSubjectDN().getName()); + s_logger.info("Card Auth Cert SerialNumber: {}", Hex.encodeHexString(pibAuthCert.getSerialNumber().toByteArray())); + s_logger.info("Card Auth Cert IssuerName: {}", pibAuthCert.getSubjectDN().getName()); + } + + } + + PIVDataObject printedInformation = PIVDataObjectFactory.createDataObjectForOid(APDUConstants.PRINTED_INFORMATION_OID); + result = piv.pivGetData(c, APDUConstants.PRINTED_INFORMATION_OID, printedInformation); + + if(result == MiddlewareStatus.PIV_OK) { + s_logger.info("Attempted to read {} object: {}", APDUConstants.oidNameMap.get(APDUConstants.PRINTED_INFORMATION_OID), result); + boolean decoded = printedInformation.decode(); + s_logger.info("{} {}", printedInformation.getFriendlyName(), decoded ? "decoded successfully" : "failed to decode"); + + if (decoded) { + s_logger.info("Name: {}", ((PrintedInformation) printedInformation).getName()); + s_logger.info("Employee Affiliation: {}", ((PrintedInformation) printedInformation).getEmployeeAffiliation()); + s_logger.info("Expiration date: {}", ((PrintedInformation) printedInformation).getExpirationDate()); + s_logger.info("Agency Card Serial Number: {}", ((PrintedInformation) printedInformation).getAgencyCardSerialNumber()); + s_logger.info("Issuer Identification: {}", ((PrintedInformation) printedInformation).getIssuerIdentification()); + if (((PrintedInformation) printedInformation).getOrganizationAffiliation1() != "") + s_logger.info("Name: {}", ((PrintedInformation) printedInformation).getOrganizationAffiliation1()); + if (((PrintedInformation) printedInformation).getOrganizationAffiliation2() != "") + s_logger.info("Name: {}", ((PrintedInformation) printedInformation).getOrganizationAffiliation2()); + s_logger.info("Error Detection Code Tag Present: {}", ((PrintedInformation) printedInformation).getErrorDetectionCode()); + + } + + + soDataElements.put(APDUConstants.PRINTED_INFORMATION_OID, ((PrintedInformation) printedInformation).getSignedContent()); + } + + boolean decoded = false; + PIVDataObject discoveryObject = PIVDataObjectFactory.createDataObjectForOid(APDUConstants.DISCOVERY_OBJECT_OID); + result = piv.pivGetData(c, APDUConstants.DISCOVERY_OBJECT_OID, discoveryObject); + + if(result == MiddlewareStatus.PIV_OK) { + s_logger.info("Attempted to read discovery object: {}", result); + decoded = discoveryObject.decode(); + s_logger.info("{} {}", discoveryObject.getFriendlyName(), decoded ? "decoded successfully" : "failed to decode"); + } + + soDataElements.put(APDUConstants.DISCOVERY_OBJECT_OID, ((DiscoveryObject) discoveryObject).getSignedContent()); + + PIVDataObject cardholderIrisImages = PIVDataObjectFactory.createDataObjectForOid(APDUConstants.CARDHOLDER_IRIS_IMAGES_OID); + result = piv.pivGetData(c, APDUConstants.CARDHOLDER_IRIS_IMAGES_OID, cardholderIrisImages); + + if(result == MiddlewareStatus.PIV_OK) { + s_logger.info("Attempted to read {} object: {}", APDUConstants.oidNameMap.get(APDUConstants.CARDHOLDER_IRIS_IMAGES_OID), result); + decoded = cardholderIrisImages.decode(); + s_logger.info("{} {}", cardholderIrisImages.getFriendlyName(), decoded ? "decoded successfully" : "failed to decode"); + + if (decoded) { + if (((CardHolderBiometricData) cardholderIrisImages).getBiometricData() != null) { + s_logger.info("Images for Iris: {}", Hex.encodeHexString(((CardHolderBiometricData) cardholderIrisImages).getBiometricData())); + + s_logger.info("Biometric Creation Date: {}", ((CardHolderBiometricData) cardholderIrisImages).getBiometricCreationDate()); + s_logger.info("Validity Period From: {}", ((CardHolderBiometricData) cardholderIrisImages).getValidityPeriodFrom()); + s_logger.info("Validity Period To: {}", ((CardHolderBiometricData) cardholderIrisImages).getValidityPeriodTo()); + + + CMSSignedData sd = ((SignedPIVDataObject) cardholderIrisImages).getAsymmetricSignature(); + SignerInformationStore signers = sd.getSignerInfos(); + Collection collection = signers.getSigners(); + Iterator it = collection.iterator(); + + while (it.hasNext()) + { + SignerInformation signer = it.next(); + SignerId sid = signer.getSID(); + String issuer = sid.getIssuer().toString(); + String serial = Hex.encodeHexString(sid.getSerialNumber().toByteArray()); + String skid = ""; + if( sid.getSubjectKeyIdentifier() != null) + skid = Hex.encodeHexString(sid.getSubjectKeyIdentifier()); + + if(sid.getSubjectKeyIdentifier() != null) + s_logger.info("Signer skid: {} ", skid); + else + s_logger.info("Signer Issuer: {}, Serial Number: {} ", issuer, serial); + + } + + if(signingCertificate != null) + s_logger.info("Is signatue valid: {}",((SignedPIVDataObject) cardholderIrisImages).verifySignature()); + else + s_logger.info("Missing signing certificate to verify signature."); + } + s_logger.info("Error Detection Code Tag Present: {}", ((CardHolderBiometricData) cardholderIrisImages).getErrorDetectionCode()); + + } + } + + PIVDataObject keyHistoryObject = PIVDataObjectFactory.createDataObjectForOid(APDUConstants.KEY_HISTORY_OBJECT_OID); + result = piv.pivGetData(c, APDUConstants.KEY_HISTORY_OBJECT_OID, keyHistoryObject); + + if(result == MiddlewareStatus.PIV_OK) { + s_logger.info("Attempted to read key history object: {}", result); + decoded = keyHistoryObject.decode(); + if (decoded) { + s_logger.info("Decoded successfully {}", keyHistoryObject.toString()); + } + } + + PIVDataObject biometricInformationTemplatesGroupTemplate = PIVDataObjectFactory.createDataObjectForOid(APDUConstants.BIOMETRIC_INFORMATION_TEMPLATES_GROUP_TEMPLATE_OID); + result = piv.pivGetData(c, APDUConstants.BIOMETRIC_INFORMATION_TEMPLATES_GROUP_TEMPLATE_OID, biometricInformationTemplatesGroupTemplate); + + if(result == MiddlewareStatus.PIV_OK) { + s_logger.info("Attempted to read {} object: {}", APDUConstants.oidNameMap.get(APDUConstants.BIOMETRIC_INFORMATION_TEMPLATES_GROUP_TEMPLATE_OID), result); + decoded = biometricInformationTemplatesGroupTemplate.decode(); + s_logger.info("{} {}", biometricInformationTemplatesGroupTemplate.getFriendlyName(), decoded ? "decoded successfully" : "failed to decode"); + + if (decoded) { + + s_logger.info("Number of fingers: {}", ((BiometricInformationTemplatesGroupTemplate) biometricInformationTemplatesGroupTemplate).getNumberOfFingers()); + if (((BiometricInformationTemplatesGroupTemplate) biometricInformationTemplatesGroupTemplate).getbITForFirstFinger() != null) + s_logger.info("BIT for first Finger: {}", Hex.encodeHexString(((BiometricInformationTemplatesGroupTemplate) biometricInformationTemplatesGroupTemplate).getbITForFirstFinger())); + if (((BiometricInformationTemplatesGroupTemplate) biometricInformationTemplatesGroupTemplate).getbITForSecondFinger() != null) + s_logger.info("BIT for second Finger: {}", Hex.encodeHexString(((BiometricInformationTemplatesGroupTemplate) biometricInformationTemplatesGroupTemplate).getbITForSecondFinger())); + + } + } + + PIVDataObject secureMessagingCertificateSigner = PIVDataObjectFactory.createDataObjectForOid(APDUConstants.SECURE_MESSAGING_CERTIFICATE_SIGNER_OID); + result = piv.pivGetData(c, APDUConstants.SECURE_MESSAGING_CERTIFICATE_SIGNER_OID, secureMessagingCertificateSigner); + + if(result == MiddlewareStatus.PIV_OK) { + s_logger.info("Attempted to read {} object: {}", APDUConstants.oidNameMap.get(APDUConstants.SECURE_MESSAGING_CERTIFICATE_SIGNER_OID), result); + decoded = secureMessagingCertificateSigner.decode(); + s_logger.info("{} {}", secureMessagingCertificateSigner.getFriendlyName(), decoded ? "decoded successfully" : "failed to decode"); + + if (decoded) { + + X509Certificate contentSigningCert = ((SecureMessagingCertificateSigner) secureMessagingCertificateSigner).getCertificate(); + + s_logger.info("Content Signing Cert SubjectName: {}", contentSigningCert.getSubjectDN().getName()); + s_logger.info("Content Signing Cert SerialNumber: {}", Hex.encodeHexString(contentSigningCert.getSerialNumber().toByteArray())); + s_logger.info("Content Signing Cert IssuerName: {}", contentSigningCert.getSubjectDN().getName()); + + if (((SecureMessagingCertificateSigner) secureMessagingCertificateSigner).getIntermediateCVC() != null) + s_logger.info("Intermediate CVC: {}", Hex.encodeHexString(((SecureMessagingCertificateSigner) secureMessagingCertificateSigner).getIntermediateCVC())); + + } + } + + PIVDataObject pairingCodeReferenceDataContainer = PIVDataObjectFactory.createDataObjectForOid(APDUConstants.PAIRING_CODE_REFERENCE_DATA_CONTAINER_OID); + result = piv.pivGetData(c, APDUConstants.PAIRING_CODE_REFERENCE_DATA_CONTAINER_OID, pairingCodeReferenceDataContainer); + + if(result == MiddlewareStatus.PIV_OK) { + s_logger.info("Attempted to read {} object: {}", APDUConstants.oidNameMap.get(APDUConstants.PAIRING_CODE_REFERENCE_DATA_CONTAINER_OID), result); + decoded = pairingCodeReferenceDataContainer.decode(); + s_logger.info("{} {}", pairingCodeReferenceDataContainer.getFriendlyName(), decoded ? "decoded successfully" : "failed to decode"); + + if (decoded) { + s_logger.info("Name: {}", ((PairingCodeReferenceDataContainer) pairingCodeReferenceDataContainer).getName()); + s_logger.info("Error Detection Code Tag Present: {}", ((PairingCodeReferenceDataContainer) pairingCodeReferenceDataContainer).getErrorDetectionCode()); + + } + } + ((SecurityObject) securityObject).setMapOfDataElements(soDataElements); + + boolean hashesVerified = ((SecurityObject) securityObject).verifyHashes(); + s_logger.info("Security Object hashes verified: {}", hashesVerified); + + boolean hashVerified = ((SecurityObject) securityObject).verifyHash(5); + s_logger.info("Printed Information hash verified: {}", hashVerified); + + } + //ResponseAPDU rsp = null; + return true; + } else { + s_logger.error("TestCard called with invalid card handle"); + } + return false; + } + + public static void main(String[] args) { + s_logger.info("main class: {}", MethodHandles.lookup().lookupClass().getSimpleName()); + s_logger.info("package version: {}", VersionUtils.GetPackageVersionString()); + s_logger.info("build time: {}", VersionUtils.GetPackageBuildTime()); + + CommandLineParser p = new DefaultParser(); + CommandLine cmd = null; + try { + cmd = p.parse(s_options, args); + } catch (ParseException e) { + s_logger.error("Failed to parse command line arguments", e); + PrintHelpAndExit(1); + } + + if(cmd.hasOption("help")) { + PrintHelpAndExit(0); + } + + PCSCUtils.ConfigureUserProperties(); + PIVMiddlewareVersion mwv = new PIVMiddlewareVersion(); + MiddlewareStatus middlewareStatus = PIVMiddleware.pivMiddlewareVersion(mwv); + s_logger.info("pivMiddlewareVersion returned status {} and version {}", middlewareStatus, mwv); + + TerminalFactory tf = TerminalFactory.getDefault(); + List terminals = null; + try { + terminals = tf.terminals().list(); + } catch (CardException e) { + s_logger.error("Failed to list card terminals", e); + System.exit(1); + } + if(terminals.size() == 0) { + s_logger.error("No readers were found."); + System.exit(1); + } + int terminalCount = 0; + for(CardTerminal t : terminals) { + terminalCount++; + ConnectionDescription cd = ConnectionDescription.createFromTerminal(t); + byte[] descriptor = cd.getBytes(); + if(descriptor != null) { + s_logger.info("Descriptor for terminal {}: {}", terminalCount, Hex.encodeHexString(descriptor, false)); + } + // if there is only one reader or if we've been asked to only test one reader, + // wait for a card + try { + if(!t.isCardPresent() && (!cmd.hasOption("all") || terminals.size() == 1)) { + s_logger.info("Insert a card into {}", t.getName()); + t.waitForCardPresent(0); + } + } catch (CardException e) { + s_logger.error("Error checking for card presence", e); + } + s_logger.info("Testing with terminal {}: {}", terminalCount, t.getName()); + CardHandle ch = new CardHandle(); + MiddlewareStatus result = PIVMiddleware.pivConnect(true, cd, ch); + s_logger.info("[{}] PIVMiddleware.pivConnect() returned {} for reader {}", terminalCount, result, t.getName()); + boolean testResult = TestCard(ch); + if(testResult) { + s_logger.info("Card test completed successfully."); + } else { + s_logger.error("Card test failed."); + } + if(!cmd.hasOption("all")) { + break; + } + } + + System.exit(0); + + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tools/PrintEnvironmentInfo.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tools/PrintEnvironmentInfo.java new file mode 100644 index 00000000..b48a1c02 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tools/PrintEnvironmentInfo.java @@ -0,0 +1,44 @@ +package gov.gsa.pivconformance.cardlib.tools; + +import gov.gsa.pivconformance.cardlib.utils.PCSCUtils; +import gov.gsa.pivconformance.cardlib.utils.VersionUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import javax.smartcardio.CardException; +import javax.smartcardio.CardTerminal; +import javax.smartcardio.TerminalFactory; +import java.lang.invoke.MethodHandles; +import java.security.Provider; +import java.security.Security; + +public class PrintEnvironmentInfo { + + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(PrintEnvironmentInfo.class); + + /** + * A simple test program that dumps info about the environment we're running in. + */ + public static void main(String[] args) { + s_logger.info("main class: {}", MethodHandles.lookup().lookupClass().getSimpleName()); + s_logger.info("package version: {}", VersionUtils.GetPackageVersionString()); + s_logger.info("build time: {}", VersionUtils.GetPackageBuildTime()); + PCSCUtils.ConfigureUserProperties(); + s_logger.info("System properties"); + System.getProperties().forEach((key, value) -> s_logger.info("property: '{}' = '{}'", key, value)); + for (Provider prov : Security.getProviders()) { + s_logger.info("Security Provider: {} version {}", prov.getName(), prov.getVersion()); + } + TerminalFactory tf = TerminalFactory.getDefault(); + s_logger.info("Attempting to list card terminals"); + try { + for (CardTerminal t : tf.terminals().list()) { + s_logger.info("Reader: {}: {}", t.getName(), t.isCardPresent() ? "Card present":"Card not present"); + } + } catch (CardException e) { + s_logger.error("Unable to enumerate card terminals", e); + } + } +} + diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tools/SQLiteDBGenerator.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tools/SQLiteDBGenerator.java new file mode 100644 index 00000000..5f885479 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/tools/SQLiteDBGenerator.java @@ -0,0 +1,82 @@ +package gov.gsa.pivconformance.cardlib.tools; + +import gov.gsa.pivconformance.cardlib.utils.VersionUtils; +import org.apache.commons.cli.*; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.File; +import java.io.IOException; +import java.lang.invoke.MethodHandles; +import java.sql.Connection; +import java.sql.DatabaseMetaData; +import java.sql.DriverManager; +import java.sql.SQLException; + + +public class SQLiteDBGenerator { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(SQLiteDBGenerator.class); + private static final Options s_options = new Options(); + static { + s_options.addOption("h", "help", false, "Print this help and exit"); + s_options.addOption("d", "database", true, "path to database file"); + } + + private static void PrintHelpAndExit(int exitCode) { + new HelpFormatter().printHelp("ConformanceTestRunner ", s_options); + System.exit(exitCode); + } + + public static void main(String[] args) { + s_logger.info("main class: {}", MethodHandles.lookup().lookupClass().getSimpleName()); + s_logger.info("package version: {}", VersionUtils.GetPackageVersionString()); + s_logger.info("build time: {}", VersionUtils.GetPackageBuildTime()); + + CommandLineParser p = new DefaultParser(); + CommandLine cmd = null; + try { + cmd = p.parse(s_options, args); + } catch (ParseException e) { + s_logger.error("Failed to parse command line arguments", e); + PrintHelpAndExit(1); + } + + if(cmd.hasOption("help")) { + PrintHelpAndExit(0); + } + + if(cmd.hasOption("database")) { + String dbParam = cmd.getOptionValue("database"); + File f = new File(dbParam); + if(f.exists()) { + s_logger.error("Cowardly refusing to overwrite existing file {}", dbParam); + System.exit(1); + } + String dbUrl = null; + try { + dbUrl = "jdbc:sqlite:" + f.getCanonicalPath(); + } catch (IOException e) { + s_logger.error("Unable to calculate canonical name for database file", e); + System.exit(1); + } + Connection conn = null; + try { + conn = DriverManager.getConnection(dbUrl); + } catch (SQLException e) { + s_logger.error("Unable to establish JDBC connection for SQLite database", e); + } + if(conn != null) { + s_logger.debug("Created sql connection for {}", dbParam); + DatabaseMetaData metaData = null; + try { + metaData = conn.getMetaData(); + s_logger.debug("Driver: {} version {}", metaData.getDriverName(), metaData.getDriverVersion()); + } catch (SQLException e) { + s_logger.error("Unable to read driver metadata", e); + } + } + } + + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/utils/ITransmitCounter.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/ITransmitCounter.java similarity index 62% rename from cardlib/src/main/java/gov/gsa/pivconformance/utils/ITransmitCounter.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/ITransmitCounter.java index 4d27a47d..f8426628 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/utils/ITransmitCounter.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/ITransmitCounter.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformance.utils; +package gov.gsa.pivconformance.cardlib.utils; public interface ITransmitCounter { public void incrementTransmitCount(); diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/utils/NullParameters.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/NullParameters.java similarity index 63% rename from cardlib/src/main/java/gov/gsa/pivconformance/utils/NullParameters.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/NullParameters.java index ac216e57..d56626c8 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/utils/NullParameters.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/NullParameters.java @@ -1,14 +1,15 @@ -package gov.gsa.pivconformance.utils; +package gov.gsa.pivconformance.cardlib.utils; import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1Null; import org.bouncycastle.asn1.ASN1Primitive; -public class NullParameters implements ASN1Encodable { + +public class NullParameters implements ASN1Encodable{ @Override public ASN1Primitive toASN1Primitive() { - byte[] NULL = { 0x05, 0x00 }; + byte[] NULL = {0x05, 0x00}; return ASN1Null.getInstance(NULL); } diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/utils/OSUtils.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/OSUtils.java similarity index 55% rename from cardlib/src/main/java/gov/gsa/pivconformance/utils/OSUtils.java rename to cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/OSUtils.java index dd84023c..db8ebd5b 100644 --- a/cardlib/src/main/java/gov/gsa/pivconformance/utils/OSUtils.java +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/OSUtils.java @@ -1,58 +1,58 @@ -package gov.gsa.pivconformance.utils; - -public class OSUtils { - - public enum OSTYPE { - WINDOWS(10), OSX(20), LINUX(30); - - private OSTYPE(int ostypeValue) { - } - } - - public OSUtils() { - - } - - /** - * Get one of the three supported operating system types - * - * @return manufactured OSTYPE from environment - * - */ - public static OSTYPE getOSType() { - OSTYPE rv = OSTYPE.LINUX; - String osName = System.getProperty("os.name"); - if (osName.toLowerCase().contains("windows")) { - rv = OSTYPE.WINDOWS; - } else if (osName.toLowerCase().startsWith("mac")) { - rv = OSTYPE.OSX; - } else if (osName.toLowerCase().contains("linux")) { - rv = OSTYPE.LINUX; - } - return rv; - } - - /** - * Get the location of the temp directory - * - * @return the location of the temp directory - */ - - public static String getTempDir() { - OSTYPE os = OSUtils.getOSType(); - String rv; - - switch (os) { - case WINDOWS: - rv = System.getenv("TEMP"); - break; - case OSX: - case LINUX: - rv = "/tmp"; - default: - rv = System.getenv("TEMP"); - } - - return rv; - } -} +package gov.gsa.pivconformance.cardlib.utils; + +public class OSUtils { + + public enum OSTYPE { + WINDOWS(10), + OSX(20), + LINUX(30); + + private OSTYPE (int ostypeValue) { + } + } + + public OSUtils () { + + } + + /** + * Get one of the three supported operating system types + * @return manufactured OSTYPE from environment + * + */ + public static OSTYPE getOSType() { + OSTYPE rv = OSTYPE.LINUX; + String osName = System.getProperty("os.name"); + if (osName.toLowerCase().contains("windows")) { + rv = OSTYPE.WINDOWS; + } else if (osName.toLowerCase().startsWith("mac")) { + rv = OSTYPE.OSX; + } else if (osName.toLowerCase().contains("linux")) { + rv = OSTYPE.LINUX; + } + return rv; + } + + /** + * Get the location of the temp directory + * @return the location of the temp directory + */ + + public static String getTempDir() { + OSTYPE os = OSUtils.getOSType(); + String rv; + + switch (os) { + case WINDOWS: + rv = System.getenv("TEMP"); + break; + case OSX: + case LINUX: + rv = "/tmp"; + default: + rv = System.getenv("TEMP"); + } + + return rv; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/PCSCUtils.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/PCSCUtils.java new file mode 100644 index 00000000..61ae6598 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/PCSCUtils.java @@ -0,0 +1,135 @@ +package gov.gsa.pivconformance.cardlib.utils; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import javax.smartcardio.CardException; +import javax.smartcardio.CardTerminal; +import javax.smartcardio.TerminalFactory; +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import java.util.Properties; + +public class PCSCUtils { + // slf4j will thunk this through to an appropriately configured logging library + private static final Logger s_logger = LoggerFactory.getLogger(PCSCUtils.class); + public static void ConfigureUserProperties() { + String homeDirectoryEnv = System.getenv("HOME"); + if(homeDirectoryEnv == null) { + return; + } + File homeDirectory = new File(homeDirectoryEnv); + if(!homeDirectory.exists()) return; + File configFile = new File(homeDirectory, ".pivconformance-pcsc.properties"); + if(configFile.exists()) { + ConfigureUserProperties(configFile); + } + } + public static void ConfigureUserProperties(File fileName) { + Properties props = new Properties(); + try { + props.load(new FileInputStream(fileName)); + props.forEach((key, value) -> { + s_logger.info("Adding property: '{}' = '{}'", key, value); + System.setProperty((String)key, (String) value); + }); + } catch (IOException e) { + s_logger.error("Unable to read " + fileName.getAbsolutePath(), e); + return; + } + } + public static List GetConnectedReaders() { + ArrayList readerList = new ArrayList<>(); + TerminalFactory tf = TerminalFactory.getDefault(); + List terminals = null; + try { + s_logger.debug("About to list connected readers"); + terminals = tf.terminals().list(); + s_logger.debug("Done listing connected readers"); + } catch (CardException e) { + s_logger.error("Failed to list card terminals", e); + return readerList; + } + if(terminals.size() == 0) { + s_logger.debug("No readers were connected."); + return readerList; + } + int terminalCount = 0; + for(CardTerminal t : terminals) { + terminalCount++; + readerList.add(t.getName()); + } + s_logger.debug("Found {} readers.", terminalCount); + return readerList; + } + + public static String GetFirstReaderWithCardPresent() { + new ArrayList<>(); + TerminalFactory tf = TerminalFactory.getDefault(); + List terminals = null; + try { + s_logger.debug("About to list connected readers"); + terminals = tf.terminals().list(); + s_logger.debug("Done listing connected readers"); + } catch (CardException e) { + s_logger.error("Failed to list card terminals", e); + return null; + } + if(terminals.size() == 0) { + s_logger.debug("No readers were connected."); + return null; + } + for(CardTerminal t : terminals) { + try { + if(t.isCardPresent()) { + return t.getName(); + } + } catch (CardException e) { + s_logger.debug("isCardPresent() threw an exception for reader {}", t.getName(), e); + } + } + s_logger.debug("No reader found with card inserted"); + return null; + } + + public static CardTerminal TerminalForReaderName(String name) { + TerminalFactory tf = TerminalFactory.getDefault(); + List terminals = null; + try { + terminals = tf.terminals().list(); + } catch (CardException e) { + s_logger.error("TerminalForReaderName(): Unable to enumerate terminals"); + return null; + } + if(terminals.size() == 0) { + s_logger.error("Unable to find any readers."); + return null; + } + for(CardTerminal t : terminals) { + if(t.getName().equals(name)) { + return t; + } + } + s_logger.error("No reader named " + name + " is attached to the system."); + return null; + + } + + public static int StatusWordsToRetries(byte[] sw) + { + if(sw == null || sw.length < 2) { + s_logger.error("a status word array must be at least 2 bytes."); + return -1; + } + byte sw1 = sw[sw.length -2]; + byte sw2 = sw[sw.length -1]; + if(sw1 != 0x63 || sw2 == 0x00) { + s_logger.error("bytes do not contain password retry count."); + return -1; + } + return 0x0F & sw2; + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/PCSCWrapper.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/PCSCWrapper.java new file mode 100644 index 00000000..4cf58ded --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/PCSCWrapper.java @@ -0,0 +1,99 @@ +package gov.gsa.pivconformance.cardlib.utils; + +import javax.smartcardio.Card; +import javax.smartcardio.CardChannel; +import javax.smartcardio.CardException; +import javax.smartcardio.CardTerminal; +import javax.smartcardio.CommandAPDU; +import javax.smartcardio.ResponseAPDU; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import gov.gsa.pivconformance.cardlib.card.client.CardClientException; +import gov.gsa.pivconformance.cardlib.card.client.ChainingAPDUTransmitter; +import gov.gsa.pivconformance.cardlib.card.client.RequestAPDUWrapper; +import gov.gsa.pivconformance.cardlib.card.client.ResponseAPDUWrapper; + +public class PCSCWrapper implements ITransmitCounter{ + private static final Logger s_logger = LoggerFactory.getLogger(PCSCWrapper.class); + private static PCSCWrapper INSTANCE = new PCSCWrapper(); + + private int m_connectCount = 0; + private int m_transmitCount = 0; + + public Card connect(CardTerminal t) throws CardException { + s_logger.debug("Connecting to card in {} using the default protocol", t.getName()); + return connect(t, "*"); + } + + public Card connect(CardTerminal t, String protocol) throws CardException { + s_logger.debug("Connecting to card in {} using protocol: \"{}\"", t.getName(), protocol); + m_connectCount++; + Card rv = null; + try { + rv = t.connect(protocol); + } catch(CardException e) { + s_logger.error("Caught CardException: {} while attempting to connect to card in {} using protocol \"{}\"", + e.getMessage(), t.getName(), protocol, e); + throw e; + } + s_logger.debug("Connected: {}", rv); + return rv; + + } + + public ResponseAPDU transmit(CardChannel channel, CommandAPDU cmd) throws CardException { + s_logger.debug("transmit() wrapper called"); + m_transmitCount++; + /* + ResponseAPDU rsp = null; + s_apduLogger.info("Sending Command APDU: {}", Hex.encodeHexString(cmd.getBytes()).replaceAll("..(?=.)", "$0 ")); + try { + rsp = channel.transmit(cmd); + s_apduLogger.debug("Received Response APDU: {}", Hex.encodeHexString(rsp.getBytes()).replaceAll("..(?=.)", "$0 ")); + } catch (CardException e) { + s_logger.error("Caught CardException {} transmitting APDU.", e.getMessage(), e); + throw e; + } + return rsp; + */ + ChainingAPDUTransmitter ct = new ChainingAPDUTransmitter(channel); + RequestAPDUWrapper req = new RequestAPDUWrapper(cmd.getBytes()); + ResponseAPDUWrapper rsp = null; + try { + rsp = ct.transmit(req); + } catch (CardClientException e) { + s_logger.error("Failed to receive response APDU", e); + return null; + } + return new ResponseAPDU(rsp.getBytes()); + } + + private PCSCWrapper() { + + } + + public static PCSCWrapper getInstance() { + return INSTANCE; + } + + public int getTransmitCount() { + return m_transmitCount; + } + + public int getConnectCount() { + return m_connectCount; + } + + public void resetCounters() { + m_connectCount = 0; + m_transmitCount = 0; + } + + @Override + public void incrementTransmitCount() { + m_transmitCount++; + } + +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/VersionUtils.java b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/VersionUtils.java new file mode 100644 index 00000000..f1897ed1 --- /dev/null +++ b/cardlib/src/main/java/gov/gsa/pivconformance/cardlib/utils/VersionUtils.java @@ -0,0 +1,52 @@ +package gov.gsa.pivconformance.cardlib.utils; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.InputStream; +import java.util.Properties; + +public class VersionUtils { + private static final Logger s_logger = LoggerFactory.getLogger(VersionUtils.class); + + static Properties s_properties; + + public static final String PACKAGE_VERSION = "build.version"; + + public static final String PACKAGE_REVISION = "git.commit.id"; + public static final String PACKAGE_REVISION_TIME = "git.commit.time"; + public static final String PACKAGE_BUILD_TIME = "build.time"; + + static { + s_properties = new Properties(); + InputStream pis = null; + try { + VersionUtils.class.getClassLoader(); + pis = VersionUtils.class.getResourceAsStream("version.properties"); + s_properties.load(pis); + } catch(Exception e) { + s_logger.debug("Unable to read version.properties file from classpath. This may only be available from jar packaged builds.", e); + s_properties.setProperty(PACKAGE_VERSION, "UNAVAILABLE"); + s_properties.setProperty(PACKAGE_REVISION, "UNAVAILABLE"); + s_properties.setProperty(PACKAGE_BUILD_TIME, "UNAVAILABLE"); + s_properties.setProperty(PACKAGE_REVISION_TIME, "UNAVAILABLE"); + + } + if(!s_properties.containsKey(PACKAGE_VERSION)) { + s_logger.error("Version.properties was read from classpath but did not contain versioning information"); + s_properties.setProperty(PACKAGE_VERSION, "ERROR"); + s_properties.setProperty(PACKAGE_REVISION, "ERROR"); + s_properties.setProperty(PACKAGE_BUILD_TIME, "ERROR"); + s_properties.setProperty(PACKAGE_REVISION_TIME, "ERROR"); + } + + } + + public static String GetPackageVersionString() { + return String.format("%s.%s", s_properties.getProperty(PACKAGE_VERSION), s_properties.getProperty(PACKAGE_REVISION)); + } + + public static String GetPackageBuildTime() { + return s_properties.getProperty(PACKAGE_BUILD_TIME); + } +} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTag.java b/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTag.java deleted file mode 100644 index 45b4eb28..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTag.java +++ /dev/null @@ -1,62 +0,0 @@ -package gov.gsa.pivconformance.tlv; - -import java.util.Arrays; - -public class BerTag { - public final byte[] bytes; - - /** - * Creates a new tag from given byte array. Similar - * {@link BerTag#BerTag(byte[], int, int)} but using the full array. - * - * @param aBuf to create the tag - */ - public BerTag(byte[] aBuf) { - this(aBuf, 0, aBuf.length); - } - - public BerTag(byte[] aBuf, int aOffset, int aLength) { - byte[] temp = new byte[aLength]; - System.arraycopy(aBuf, aOffset, temp, 0, aLength); - bytes = temp; - } - - public BerTag(int aFirstByte, int aSecondByte) { - bytes = new byte[] { (byte) (aFirstByte), (byte) aSecondByte }; - } - - public BerTag(int aFirstByte, int aSecondByte, int aFirth) { - bytes = new byte[] { (byte) (aFirstByte), (byte) aSecondByte, (byte) aFirth }; - } - - public BerTag(int aFirstByte) { - bytes = new byte[] { (byte) aFirstByte }; - } - - public boolean isConstructed() { - return (bytes[0] & 0x20) != 0; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - - BerTag berTag = (BerTag) o; - - return Arrays.equals(bytes, berTag.bytes); - - } - - @Override - public int hashCode() { - return Arrays.hashCode(bytes); - } - - @Override - public String toString() { - return (isConstructed() ? "+ " : "- ") + HexUtil.toHexString(bytes, 0, bytes.length); - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTlv.java b/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTlv.java deleted file mode 100644 index 98a7d548..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTlv.java +++ /dev/null @@ -1,191 +0,0 @@ -package gov.gsa.pivconformance.tlv; - -import java.nio.charset.Charset; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; - -/** - * - */ -public class BerTlv { - - private final static Charset ASCII = Charset.forName("US-ASCII"); - - private final BerTag theTag; - private final byte[] theValue; - protected final List theList; - - /** - * Creates constructed TLV - * - * @param aTag tag - * @param aList set of nested TLVs - */ - public BerTlv(BerTag aTag, List aList) { - theTag = aTag; - theList = aList; - theValue = null; - } - - public BerTlv(BerTag aTag, List aList, byte[] aValue) { - theTag = aTag; - theList = aList; - theValue = aValue; - } - - /** - * Creates primitive TLV - * - * @param aTag tag - * @param aValue value as byte[] - */ - public BerTlv(BerTag aTag, byte[] aValue) { - theTag = aTag; - theValue = aValue; - theList = null; - } - - // - // - // - - public BerTag getTag() { - return theTag; - } - - public boolean isPrimitive() { - return !theTag.isConstructed(); - } - - public boolean hasRawValue() { - return theValue != null; - } - - public boolean isConstructed() { - return theTag.isConstructed(); - } - - public boolean isTag(BerTag aTag) { - return theTag.equals(aTag); - } - - // - // find - // - - public BerTlv find(BerTag aTag) { - if (aTag.equals(getTag())) { - return this; - } - - if (isConstructed()) { - if (theList == null) - return null; - for (BerTlv tlv : theList) { - BerTlv ret = tlv.find(aTag); - if (ret != null) { - return ret; - } - } - return null; - } - return null; - } - - public List findAll(BerTag aTag) { - List list = new ArrayList(); - if (aTag.equals(getTag())) { - list.add(this); - return list; - } else if (isConstructed()) { - for (BerTlv tlv : theList) { - list.addAll(tlv.findAll(aTag)); - } - } - return list; - } - - // - // getters - // - - public String getHexValue() { - if (isConstructed() && theValue == null) - throw new IllegalStateException("Tag is CONSTRUCTED " + HexUtil.toHexString(theTag.bytes)); - return HexUtil.toHexString(theValue); - } - - /** - * Text value with US-ASCII charset - * - * @return text - */ - public String getTextValue() { - return getTextValue(ASCII); - } - - public String getTextValue(Charset aCharset) { - if (isConstructed()) { - throw new IllegalStateException("TLV is constructed"); - } - return new String(theValue, aCharset); - } - - public byte[] getBytesValue() { - if (isConstructed() && theValue == null) { - throw new IllegalStateException("TLV [" + theTag + "]is constructed"); - } - return theValue; - } - - public int getIntValue() { - int i = 0; - int j = 0; - int number = 0; - - for (i = 0; i < theValue.length; i++) { - j = theValue[i]; - number = number * 256 + (j < 0 ? j += 256 : j); - } - return number; - } - - public List getValues() { - if (isPrimitive()) - throw new IllegalStateException("Tag is PRIMITIVE"); - return theList; - } - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - - BerTlv berTlv = (BerTlv) o; - - if (theTag != null ? !theTag.equals(berTlv.theTag) : berTlv.theTag != null) - return false; - if (!Arrays.equals(theValue, berTlv.theValue)) - return false; - return theList != null ? theList.equals(berTlv.theList) : berTlv.theList == null; - } - - @Override - public int hashCode() { - int result = theTag != null ? theTag.hashCode() : 0; - result = 31 * result + Arrays.hashCode(theValue); - result = 31 * result + (theList != null ? theList.hashCode() : 0); - return result; - } - - @Override - public String toString() { - - return "BerTlv{" + "theTag=" + theTag + ", theValue=" + Arrays.toString(theValue) + ", theList=" + theList - + '}'; - } - -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTlvBuilder.java b/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTlvBuilder.java deleted file mode 100644 index 6897a2e0..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTlvBuilder.java +++ /dev/null @@ -1,250 +0,0 @@ -package gov.gsa.pivconformance.tlv; - -import java.math.BigDecimal; -import java.nio.charset.Charset; -import java.text.SimpleDateFormat; -import java.util.Date; - -/** - * - */ -public class BerTlvBuilder { - - private static final Charset ASCII = Charset.forName("US-ASCII"); - private static final BigDecimal HUNDRED = new BigDecimal(100); - private static final int DEFAULT_SIZE = 24 * 1024; - - public BerTlvBuilder() { - this((BerTag) null); - } - - public BerTlvBuilder(BerTag aTemplate) { - this(aTemplate, new byte[DEFAULT_SIZE], 0, DEFAULT_SIZE); - } - - public BerTlvBuilder(BerTlvs tlvs) { - this((BerTag) null); - for (BerTlv tlv : tlvs.getList()) { - addBerTlv(tlv); - } - } - - public BerTlvBuilder(BerTag aTemplate, byte[] aBuffer, int aOffset, int aLength) { - theTemplate = aTemplate; - theBuffer = aBuffer; - thePos = aOffset; - theBufferOffset = aOffset; - } - - public static BerTlvBuilder from(BerTlv aTlv) { - if (aTlv.isConstructed()) { - BerTlvBuilder builder = template(aTlv.getTag()); - for (BerTlv tlv : aTlv.theList) { - builder.addBerTlv(tlv); - } - return builder; - } else { - return new BerTlvBuilder().addBerTlv(aTlv); - } - } - - public static BerTlvBuilder template(BerTag aTemplate) { - return new BerTlvBuilder(aTemplate); - } - - public BerTlvBuilder addEmpty(BerTag aObject) { - return addBytes(aObject, new byte[] {}, 0, 0); - } - - public BerTlvBuilder addByte(BerTag aObject, byte aByte) { - // type - int len = aObject.bytes.length; - System.arraycopy(aObject.bytes, 0, theBuffer, thePos, len); - thePos += len; - - // len - theBuffer[thePos++] = 1; - - // value - theBuffer[thePos++] = aByte; - return this; - } - - public BerTlvBuilder addAmount(BerTag aObject, BigDecimal aAmount) { - BigDecimal numeric = aAmount.multiply(HUNDRED); - StringBuilder sb = new StringBuilder(12); - sb.append(numeric.longValue()); - while (sb.length() < 12) { - sb.insert(0, '0'); - } - return addHex(aObject, sb.toString()); - } - - public BerTlvBuilder addDate(BerTag aObject, Date aDate) { - SimpleDateFormat format = new SimpleDateFormat("yyMMdd"); - return addHex(aObject, format.format(aDate)); - } - - public BerTlvBuilder addTime(BerTag aObject, Date aDate) { - SimpleDateFormat format = new SimpleDateFormat("HHmmss"); - return addHex(aObject, format.format(aDate)); - } - - public int build() { - - if (theTemplate != null) { - - int tagLen = theTemplate.bytes.length; - int lengthBytesCount = calculateBytesCountForLength(thePos); - - // shifts array - System.arraycopy(theBuffer, theBufferOffset, theBuffer, tagLen + lengthBytesCount, thePos); - - // copies tag - System.arraycopy(theTemplate.bytes, 0, theBuffer, theBufferOffset, theTemplate.bytes.length); - - fillLength(theBuffer, tagLen, thePos); - - thePos += tagLen + lengthBytesCount; - } - return thePos; - } - - private void fillLength(byte[] aBuffer, int aOffset, int aLength) { - - if (aLength < 0x80) { - aBuffer[aOffset] = (byte) aLength; - - } else if (aLength < 0x100) { - aBuffer[aOffset] = (byte) 0x81; - aBuffer[aOffset + 1] = (byte) aLength; - - } else if (aLength < 0x10000) { - - aBuffer[aOffset] = (byte) 0x82; - aBuffer[aOffset + 1] = (byte) (aLength / 0x100); - aBuffer[aOffset + 2] = (byte) (aLength % 0x100); - - } else if (aLength < 0x1000000) { - aBuffer[aOffset] = (byte) 0x83; - aBuffer[aOffset + 1] = (byte) (aLength / 0x10000); - aBuffer[aOffset + 2] = (byte) (aLength / 0x100); - aBuffer[aOffset + 3] = (byte) (aLength % 0x100); - } else { - throw new IllegalStateException("length [" + aLength + "] out of range (0x1000000)"); - } - } - - private int calculateBytesCountForLength(int aLength) { - int ret; - if (aLength < 0x80) { - ret = 1; - } else if (aLength < 0x100) { - ret = 2; - } else if (aLength < 0x10000) { - ret = 3; - } else if (aLength < 0x1000000) { - ret = 4; - } else { - throw new IllegalStateException("length [" + aLength + "] out of range (0x1000000)"); - } - return ret; - } - - public BerTlvBuilder addHex(BerTag aObject, String aHex) { - byte[] buffer = HexUtil.parseHex(aHex); - return addBytes(aObject, buffer, 0, buffer.length); - } - - public BerTlvBuilder addBytes(BerTag aObject, byte[] aBytes) { - return addBytes(aObject, aBytes, 0, aBytes.length); - } - - public BerTlvBuilder addBytes(BerTag aTag, byte[] aBytes, int aFrom, int aLength) { - int tagLength = aTag.bytes.length; - int lengthBytesCount = calculateBytesCountForLength(aLength); - - // TAG - System.arraycopy(aTag.bytes, 0, theBuffer, thePos, tagLength); - thePos += tagLength; - - // LENGTH - fillLength(theBuffer, thePos, aLength); - thePos += lengthBytesCount; - - // VALUE - System.arraycopy(aBytes, aFrom, theBuffer, thePos, aLength); - thePos += aLength; - - return this; - } - - public BerTlvBuilder add(BerTlvBuilder aBuilder) { - byte[] array = aBuilder.buildArray(); - System.arraycopy(array, 0, theBuffer, thePos, array.length); - thePos += array.length; - return this; - } - - public BerTlvBuilder addBerTlv(BerTlv aTlv) { - if (aTlv.isConstructed()) { - return add(from(aTlv)); - } else { - return addBytes(aTlv.getTag(), aTlv.getBytesValue()); - } - } - - /** - * Add ASCII text - * - * @param aTag tag - * @param aText text - * @return builder - */ - public BerTlvBuilder addText(BerTag aTag, String aText) { - return addText(aTag, aText, ASCII); - } - - /** - * Add ASCII text - * - * @param aTag tag - * @param aText text - * @return builder - */ - public BerTlvBuilder addText(BerTag aTag, String aText, Charset aCharset) { - byte[] buffer = aText.getBytes(aCharset); - return addBytes(aTag, buffer, 0, buffer.length); - } - - public BerTlvBuilder addIntAsHex(BerTag aObject, int aCode, int aLength) { - StringBuilder sb = new StringBuilder(aLength * 2); - sb.append(aCode); - while (sb.length() < aLength * 2) { - sb.insert(0, '0'); - } - return addHex(aObject, sb.toString()); - } - - public byte[] buildArray() { - int count = build(); - byte[] buf = new byte[count]; - System.arraycopy(theBuffer, 0, buf, 0, count); - return buf; - } - - public BerTlv buildTlv() { - int count = build(); - return new BerTlvParser().parseConstructed(theBuffer, theBufferOffset, count); - } - - public BerTlvs buildTlvs() { - int count = build(); - return new BerTlvParser().parse(theBuffer, theBufferOffset, count); - } - - private final int theBufferOffset; - private int thePos; - private final byte[] theBuffer; - private final BerTag theTemplate; -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTlvLogger.java b/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTlvLogger.java deleted file mode 100644 index c82ed67f..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTlvLogger.java +++ /dev/null @@ -1,29 +0,0 @@ -package gov.gsa.pivconformance.tlv; - -public class BerTlvLogger { - - public static void log(String aPadding, BerTlvs aTlv, IBerTlvLogger aLogger) { - - for (BerTlv tlv : aTlv.getList()) { - log(aPadding, tlv, aLogger); - } - } - - public static void log(String aPadding, BerTlv aTlv, IBerTlvLogger aLogger) { - if (aTlv == null) { - aLogger.debug("{} is null", aPadding); - return; - } - - if (aTlv.isConstructed()) { - aLogger.debug("{} [{}]", aPadding, HexUtil.toHexString(aTlv.getTag().bytes)); - for (BerTlv child : aTlv.getValues()) { - log(aPadding + " ", child, aLogger); - } - } else { - aLogger.debug("{} [{}] {}", aPadding, HexUtil.toHexString(aTlv.getTag().bytes), aTlv.getHexValue()); - } - - } - -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTlvParser.java b/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTlvParser.java deleted file mode 100644 index d6e417a0..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTlvParser.java +++ /dev/null @@ -1,236 +0,0 @@ -package gov.gsa.pivconformance.tlv; - -import java.util.ArrayList; -import java.util.List; - -/** - * - */ -public class BerTlvParser { - - private final IBerTlvLogger log; - - public BerTlvParser() { - this(EMPTY_LOGGER); - } - - public BerTlvParser(IBerTlvLogger aLogger) { - log = aLogger; - } - - public BerTlv parseConstructed(byte[] aBuf) { - return parseConstructed(aBuf, 0, aBuf.length); - } - - public BerTlv parseConstructed(byte[] aBuf, int aOffset, int aLen) { - ParseResult result = parseWithResult(0, aBuf, aOffset, aLen, true); - return result.tlv; - } - - public BerTlvs parse(byte[] aBuf) { - return parse(aBuf, 0, aBuf.length); - } - - public BerTlvs parse(byte[] aBuf, final int aOffset, int aLen) { - List tlvs = new ArrayList(); - if (aLen == 0) - return new BerTlvs(tlvs); - - int offset = aOffset; - for (int i = 0; i < 100; i++) { - ParseResult result = parseWithResult(0, aBuf, offset, aLen - offset, false); - tlvs.add(result.tlv); - - if (result.offset >= aOffset + aLen) { - break; - } - - offset = result.offset; - - } - - return new BerTlvs(tlvs); - } - - private ParseResult parseWithResult(int aLevel, byte[] aBuf, int aOffset, int aLen) { - return parseWithResult(aLevel, aBuf, aOffset, aLen, true); - } - - private ParseResult parseWithResult(int aLevel, byte[] aBuf, int aOffset, int aLen, boolean recurse) { - String levelPadding = createLevelPadding(aLevel); - if (aOffset + aLen > aBuf.length) { - throw new IllegalStateException("Length is out of the range [offset=" + aOffset + ", len=" + aLen - + ", array.length=" + aBuf.length + ", level=" + aLevel + "]"); - } - if (log.isDebugEnabled()) { - log.debug("{}parseWithResult(level={}, offset={}, len={}, buf={})", levelPadding, aLevel, aOffset, aLen, - HexUtil.toFormattedHexString(aBuf, aOffset, aLen)); - } - - // tag - int tagBytesCount = getTagBytesCount(aBuf, aOffset); - BerTag tag = createTag(levelPadding, aBuf, aOffset, tagBytesCount); - if (log.isDebugEnabled()) { - log.debug("{}tag = {}, tagBytesCount={}, tagBuf={}", levelPadding, tag, tagBytesCount, - HexUtil.toFormattedHexString(aBuf, aOffset, tagBytesCount)); - } - - // length - int lengthBytesCount = getLengthBytesCount(aBuf, aOffset + tagBytesCount); - int valueLength = getDataLength(aBuf, aOffset + tagBytesCount); - - if (log.isDebugEnabled()) { - log.debug("{}lenBytesCount = {}, len = {}, lenBuf = {}", levelPadding, lengthBytesCount, valueLength, - HexUtil.toFormattedHexString(aBuf, aOffset + tagBytesCount, lengthBytesCount)); - } - - // value - if (tag.isConstructed() && recurse) { - - ArrayList list = new ArrayList(); - addChildren(aLevel, aBuf, aOffset, levelPadding, tagBytesCount, lengthBytesCount, valueLength, list); - - int resultOffset = aOffset + tagBytesCount + lengthBytesCount + valueLength; - if (log.isDebugEnabled()) { - log.debug("{}returning constructed offset = {}", levelPadding, resultOffset); - } - byte[] value = new byte[valueLength]; - System.arraycopy(aBuf, aOffset + tagBytesCount + lengthBytesCount, value, 0, valueLength); - return new ParseResult(new BerTlv(tag, list, value), resultOffset); - } else { - // value - byte[] value = new byte[valueLength]; - log.debug("src.length={}, srcPos={}, value.length={}, valueLength={}", aBuf.length, - aOffset + tagBytesCount + lengthBytesCount, value.length, valueLength); - System.arraycopy(aBuf, aOffset + tagBytesCount + lengthBytesCount, value, 0, valueLength); - int resultOffset = aOffset + tagBytesCount + lengthBytesCount + valueLength; - if (log.isDebugEnabled()) { - log.debug("{}value = {}", levelPadding, HexUtil.toFormattedHexString(value)); - log.debug("{}returning primitive offset = {}", levelPadding, resultOffset); - } - return new ParseResult(new BerTlv(tag, value), resultOffset); - } - - } - - /** - * - * @param aLevel level for debug - * @param aBuf buffer - * @param aOffset offset (first byte) - * @param levelPadding level padding (for debug) - * @param aTagBytesCount tag bytes count - * @param aDataBytesCount data bytes count - * @param valueLength length - * @param list list to add - */ - private void addChildren(int aLevel, byte[] aBuf, int aOffset, String levelPadding, int aTagBytesCount, - int aDataBytesCount, int valueLength, ArrayList list) { - int startPosition = aOffset + aTagBytesCount + aDataBytesCount; - int len = valueLength; - while (startPosition <= aOffset + valueLength) { - ParseResult result = parseWithResult(aLevel + 1, aBuf, startPosition, len); - list.add(result.tlv); - - startPosition = result.offset; - len = valueLength - startPosition; - - if (log.isDebugEnabled()) { - log.debug("{}level {}: adding {} with offset {}, startPosition={}, aDataBytesCount={}, valueLength={}", - levelPadding, aLevel, result.tlv.getTag(), result.offset, startPosition, aDataBytesCount, - valueLength); - } - } - } - - private String createLevelPadding(int aLevel) { - if (!log.isDebugEnabled()) { - return ""; - } - - StringBuilder sb = new StringBuilder(); - for (int i = 0; i < aLevel * 4; i++) { - sb.append(' '); - } - return sb.toString(); - } - - private static class ParseResult { - public ParseResult(BerTlv aTlv, int aOffset) { - tlv = aTlv; - offset = aOffset; - } - - @Override - public String toString() { - return "ParseResult{" + "tlv=" + tlv + ", offset=" + offset + '}'; - } - - private final BerTlv tlv; - private final int offset; - } - - public BerTag createTag(String aLevelPadding, byte[] aBuf, int aOffset, int aLength) { - if (log.isDebugEnabled()) { - log.debug("{}Creating tag {}...", aLevelPadding, HexUtil.toFormattedHexString(aBuf, aOffset, aLength)); - } - return new BerTag(aBuf, aOffset, aLength); - } - - public int getTagBytesCount(byte[] aBuf, int aOffset) { - if ((aBuf[aOffset] & 0x1F) == 0x1F) { // see subsequent bytes - int len = 2; - for (int i = aOffset + 1; i < aOffset + 10; i++) { - if ((aBuf[i] & 0x80) != 0x80) { - break; - } - len++; - } - return len; - } else { - return 1; - } - } - - public int getDataLength(byte[] aBuf, int aOffset) { - - int length = aBuf[aOffset] & 0xff; - - if ((length & 0x80) == 0x80) { - int numberOfBytes = length & 0x7f; - if (numberOfBytes > 3) { - throw new IllegalStateException( - String.format("At position %d the len is more then 3 [%d]", aOffset, numberOfBytes)); - } - - length = 0; - for (int i = aOffset + 1; i < aOffset + 1 + numberOfBytes; i++) { - length = length * 0x100 + (aBuf[i] & 0xff); - } - - } - return length; - } - - public static int getLengthBytesCount(byte aBuf[], int aOffset) { - - int len = aBuf[aOffset] & 0xff; - if ((len & 0x80) == 0x80) { - return 1 + (len & 0x7f); - } else { - return 1; - } - } - - private static final IBerTlvLogger EMPTY_LOGGER = new IBerTlvLogger() { - @Override - public boolean isDebugEnabled() { - return false; - } - - @Override - public void debug(String aFormat, Object... args) { - } - }; - -} \ No newline at end of file diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTlvs.java b/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTlvs.java deleted file mode 100644 index b10fcb0f..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/BerTlvs.java +++ /dev/null @@ -1,57 +0,0 @@ -package gov.gsa.pivconformance.tlv; - -import java.util.ArrayList; -import java.util.List; - -public class BerTlvs { - - protected BerTlvs(List aTlvs) { - tlvs = aTlvs; - } - - public BerTlv find(BerTag aTag) { - for (BerTlv tlv : tlvs) { - BerTlv found = tlv.find(aTag); - if (found != null) { - return found; - } - } - return null; - } - - public List findAll(BerTag aTag) { - List list = new ArrayList(); - for (BerTlv tlv : tlvs) { - list.addAll(tlv.findAll(aTag)); - } - return list; - } - - public List getList() { - return tlvs; - } - - private final List tlvs; - - @Override - public boolean equals(Object o) { - if (this == o) - return true; - if (o == null || getClass() != o.getClass()) - return false; - - BerTlvs berTlvs = (BerTlvs) o; - - return tlvs != null ? tlvs.equals(berTlvs.tlvs) : berTlvs.tlvs == null; - } - - @Override - public int hashCode() { - return tlvs != null ? tlvs.hashCode() : 0; - } - - @Override - public String toString() { - return "BerTlvs{" + "tlvs=" + tlvs + '}'; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/CCTTlvLogger.java b/cardlib/src/main/java/gov/gsa/pivconformance/tlv/CCTTlvLogger.java deleted file mode 100644 index 34612c8f..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/CCTTlvLogger.java +++ /dev/null @@ -1,25 +0,0 @@ -package gov.gsa.pivconformance.tlv; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class CCTTlvLogger implements IBerTlvLogger { - - private Logger m_logger = null; - - public CCTTlvLogger(Class clazz) { - m_logger = LoggerFactory.getLogger(clazz.toString() + ".TLVParser"); - } - - @Override - public boolean isDebugEnabled() { - return m_logger != null && m_logger.isDebugEnabled(); - } - - @Override - public void debug(String aFormat, Object... args) { - if (m_logger == null) - return; - // m_logger.debug(aFormat, args); - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/HexUtil.java b/cardlib/src/main/java/gov/gsa/pivconformance/tlv/HexUtil.java deleted file mode 100644 index 1a90697b..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/HexUtil.java +++ /dev/null @@ -1,74 +0,0 @@ -package gov.gsa.pivconformance.tlv; - -public class HexUtil { - - private static final char[] CHARS_TABLES = "0123456789ABCDEF".toCharArray(); - static final byte[] BYTES = new byte[128]; - - static { - for (int i = 0; i < 10; i++) { - BYTES['0' + i] = (byte) i; - BYTES['A' + i] = (byte) (10 + i); - BYTES['a' + i] = (byte) (10 + i); - } - } - - public static String toHexString(byte[] aBytes) { - return toHexString(aBytes, 0, aBytes.length); - } - - public static String toFormattedHexString(byte[] aBytes) { - return toFormattedHexString(aBytes, 0, aBytes.length); - } - - public static String toHexString(byte[] aBytes, int aLength) { - return toHexString(aBytes, 0, aLength); - } - - public static byte[] parseHex(String aHexString) { - char[] src = aHexString.replace("\n", "").replace(" ", "").toUpperCase().toCharArray(); - byte[] dst = new byte[src.length / 2]; - - for (int si = 0, di = 0; di < dst.length; di++) { - byte high = BYTES[src[si++] & 0x7f]; - byte low = BYTES[src[si++] & 0x7f]; - dst[di] = (byte) ((high << 4) + low); - } - - return dst; - } - - public static String toFormattedHexString(byte[] aBytes, int aOffset, int aLength) { - StringBuilder sb = new StringBuilder(); - sb.append("["); - sb.append(aLength); - sb.append("] :"); - for (int si = aOffset, di = 0; si < aOffset + aLength; si++, di++) { - byte b = aBytes[si]; - if (di % 4 == 0) { - sb.append(" "); - } else { - sb.append(' '); - } - sb.append(CHARS_TABLES[(b & 0xf0) >>> 4]); - sb.append(CHARS_TABLES[(b & 0x0f)]); - - } - - return sb.toString(); - - } - - public static String toHexString(byte[] aBytes, int aOffset, int aLength) { - char[] dst = new char[aLength * 2]; - - for (int si = aOffset, di = 0; si < aOffset + aLength; si++) { - byte b = aBytes[si]; - dst[di++] = CHARS_TABLES[(b & 0xf0) >>> 4]; - dst[di++] = CHARS_TABLES[(b & 0x0f)]; - } - - return new String(dst); - } - -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/IBerTlvLogger.java b/cardlib/src/main/java/gov/gsa/pivconformance/tlv/IBerTlvLogger.java deleted file mode 100644 index 18e54414..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/IBerTlvLogger.java +++ /dev/null @@ -1,8 +0,0 @@ -package gov.gsa.pivconformance.tlv; - -public interface IBerTlvLogger { - - boolean isDebugEnabled(); - - void debug(String aFormat, Object... args); -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/README.md b/cardlib/src/main/java/gov/gsa/pivconformance/tlv/README.md deleted file mode 100644 index ab821491..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tlv/README.md +++ /dev/null @@ -1,207 +0,0 @@ -== TLV parser == - -Classes here are adapted from [@evsinev/ber-tlv](https://github.com/evsinev/ber-tlv) and are used under the Apache 2.0 license, reproduced at the bottom of this file. - - - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tools/ConformanceTestRunner.java b/cardlib/src/main/java/gov/gsa/pivconformance/tools/ConformanceTestRunner.java deleted file mode 100644 index fd3ffa31..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tools/ConformanceTestRunner.java +++ /dev/null @@ -1,126 +0,0 @@ -package gov.gsa.pivconformance.tools; - -import gov.gsa.pivconformance.utils.PCSCUtils; -import gov.gsa.pivconformance.utils.VersionUtils; -import org.apache.commons.cli.*; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.lang.invoke.MethodHandles; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; - -public class ConformanceTestRunner { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(ConformanceTestRunner.class); - private static final Options s_options = new Options(); - static { - s_options.addOption("h", "help", false, "Print this help and exit"); - s_options.addOption(null, "listReaders", false, "Print a list of connected readers and exit"); - // Specify a specific reader, as given by --listReaders. If none is specified - // the first reader will be used - s_options.addOption("r", "reader", true, "Use the specified reader for conformance tests"); - s_options.addOption("t", "testConfig", true, "Use the specified test configuration file"); - s_options.addOption(null, "runSelected", true, "Run only the specified test cases (comma separated)"); - s_options.addOption(null, "runTagged", true, "Run all test cases with the specified tags (comma separated)"); - s_options.addOption(null, "dryRun", true, - "Collect and configure test cases, and log which ones would be run, but do not execute"); - s_options.addOption("l", "logConfig", true, "Use the specified log configuration file"); - s_options.addOption("o", "outDir", true, "Specify the output directory for reports"); - s_options.addOption("n", false, "Number of times to repeat the run"); - } - - private static void PrintHelpAndExit(int exitCode) { - new HelpFormatter().printHelp("ConformanceTestRunner ", s_options); - System.exit(exitCode); - } - - private static List CheckIncompatibleOptions(String option, String incompatibleOptions, CommandLine cmd) { - List incompatibleOptionList = Arrays.asList(incompatibleOptions.split("\\s*,\\s*")); - // if the split didn't find anything, just treat the whole string as an option - // to test - if (incompatibleOptionList.isEmpty()) { - incompatibleOptionList.add(incompatibleOptions); - } - ArrayList messages = new ArrayList<>(); - for (String opt : incompatibleOptionList) { - if (cmd.hasOption(opt)) { - messages.add(option + " cannot be combined with " + opt + "."); - } - } - return messages; - } - - private static List CheckRequiredOptions(String option, String requiredOptions, CommandLine cmd) { - List requiredOptionList = Arrays.asList(requiredOptions.split("\\s*,\\s*")); - // if the split didn't find anything, just treat the whole string as an option - // to test - if (requiredOptionList.isEmpty()) { - requiredOptionList.add(requiredOptions); - } - ArrayList messages = new ArrayList<>(); - for (String opt : requiredOptionList) { - if (!cmd.hasOption(opt)) { - messages.add(option + " requires that " + opt + " also be specified."); - } - } - return messages; - } - - private static void LogErrorsIfNonEmptyAndExit(String msg, List messages, int exitCode) { - if (!messages.isEmpty()) { - if (msg != null && !msg.isEmpty()) - s_logger.error(msg); - for (String message : messages) { - s_logger.error(message); - } - System.exit(exitCode); - } - } - - public static void main(String[] args) { - s_logger.info("main class: {}", MethodHandles.lookup().lookupClass().getSimpleName()); - s_logger.info("package version: {}", VersionUtils.GetPackageVersionString()); - s_logger.info("build time: {}", VersionUtils.GetPackageBuildTime()); - - CommandLineParser p = new DefaultParser(); - CommandLine cmd = null; - try { - cmd = p.parse(s_options, args); - } catch (ParseException e) { - s_logger.error("Failed to parse command line arguments", e); - PrintHelpAndExit(1); - } - - if (cmd.hasOption("help")) { - PrintHelpAndExit(0); - } - - if (cmd.hasOption("listReaders")) { - List messages = CheckIncompatibleOptions("listReaders", - "reader,testConfig,runSingle,runTagged,outDir,n", cmd); - LogErrorsIfNonEmptyAndExit("Incompatible command line options found", messages, 1); - List readers = PCSCUtils.GetConnectedReaders(); - if (!readers.isEmpty()) { - s_logger.info("Currently connected readers:"); - int currReader = 0; - for (String reader : readers) { - currReader++; - s_logger.info("{}: {}", currReader, reader); - } - } else { - s_logger.info("No readers are connected."); - } - System.exit(0); - } - - if (cmd.hasOption("testConfig")) { - List messages = CheckIncompatibleOptions("testConfig", "listReaders", cmd); - LogErrorsIfNonEmptyAndExit("Incompatible command line options found", messages, 1); - messages = CheckRequiredOptions("testConfig", "outDir", cmd); - LogErrorsIfNonEmptyAndExit("Required command line options missing", messages, 1); - } - - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tools/PIVRunner.java b/cardlib/src/main/java/gov/gsa/pivconformance/tools/PIVRunner.java deleted file mode 100644 index 646f9a41..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tools/PIVRunner.java +++ /dev/null @@ -1,706 +0,0 @@ -package gov.gsa.pivconformance.tools; - -import gov.gsa.pivconformance.card.client.*; -import gov.gsa.pivconformance.tlv.*; -import gov.gsa.pivconformance.utils.PCSCUtils; -import gov.gsa.pivconformance.utils.VersionUtils; -import org.apache.commons.cli.*; -import org.apache.commons.codec.binary.Hex; -import org.bouncycastle.cms.CMSSignedData; -import org.bouncycastle.cms.SignerId; -import org.bouncycastle.cms.SignerInformation; -import org.bouncycastle.cms.SignerInformationStore; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import java.text.SimpleDateFormat; - -import javax.smartcardio.*; -import java.lang.invoke.MethodHandles; -import java.security.cert.X509Certificate; -import java.util.*; - -public class PIVRunner { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(PIVRunner.class); - private static final Options s_options = new Options(); - - static { - s_options.addOption("a", "all", false, "Scan all readers"); - s_options.addOption("h", "help", false, "Print this help and exit"); - } - - private static void PrintHelpAndExit(int exitCode) { - new HelpFormatter().printHelp("PIVRunner ", s_options); - System.exit(exitCode); - } - - public static boolean TestCard(CardHandle c) { - if (c.isValid()) { - CardTerminal t = c.getConnectionDescription().getTerminal(); - try { - if (t.isCardPresent()) { - s_logger.info("Card found in reader {}", t.getName()); - } else { - s_logger.error("No card was present in reader {}", t.getName()); - return false; - } - } catch (CardException e) { - s_logger.error("Card communication error", e); - } - Card conn = c.getCard(); - s_logger.info("Card connected."); - s_logger.info("Card protocol: {}", conn.getProtocol()); - s_logger.info("Card ATR: {}", Hex.encodeHexString(conn.getATR().getBytes())); - ApplicationProperties cardAppProperties = new ApplicationProperties(); - DefaultPIVApplication piv = new DefaultPIVApplication(); - ApplicationAID aid = new ApplicationAID(); - s_logger.info("Attempting to select default PIV application"); - MiddlewareStatus result = piv.pivSelectCardApplication(c, aid, cardAppProperties); - s_logger.info("pivSelectCardApplication() returned {}", result); - if (result == MiddlewareStatus.PIV_OK) { - byte[] pcap = cardAppProperties.getBytes(); - - byte[] appID = cardAppProperties.getAppID(); - String appLabel = cardAppProperties.getAppLabel(); - String url = cardAppProperties.getURL(); - List cryptoAlgs = cardAppProperties.getCryptoAlgs(); - byte[] coexistentTagAllocationAuthority = cardAppProperties.getCoexistentTagAllocationAuthority(); - - if (appID != null) - s_logger.info("Application identifier of application: {}", Hex.encodeHexString(appID)); - - if (coexistentTagAllocationAuthority != null) - s_logger.info("Coexistent tag allocation authority: {}", - Hex.encodeHexString(coexistentTagAllocationAuthority)); - - if (appLabel != "") - s_logger.info("Application label: {}", appLabel); - - if (url != "") - s_logger.info("Uniform resource locator: {}", url); - - if (cryptoAlgs != null) { - for (byte[] b : cryptoAlgs) { - - s_logger.info("Cryptographic algorithms supported:"); - s_logger.info("Algorithm ID: {} Algorithm Description: {}", Hex.encodeHexString(b), - TagConstants.algMAP.get(b)); - } - } - - s_logger.info("PCAP: {}", Hex.encodeHexString(pcap)); - BerTlvParser tp = new BerTlvParser(new CCTTlvLogger(PIVRunner.class)); - BerTlv outer = tp.parseConstructed(pcap); - List values = outer.getValues(); - for (BerTlv tlv : values) { - if (tlv.isPrimitive()) { - s_logger.info("PCAP Tag {}: {}", Hex.encodeHexString(tlv.getTag().bytes), - Hex.encodeHexString(tlv.getBytesValue())); - } else { - s_logger.info("PCAP object: {}", Hex.encodeHexString(tlv.getTag().bytes)); - } - } - - result = MiddlewareStatus.PIV_AUTHENTICATION_FAILURE; - - if (result != MiddlewareStatus.PIV_OK) - s_logger.error("Error authenticating to the smartcard: {}", result.toString()); - - X509Certificate signingCertificate = null; - - HashMap soDataElements = new HashMap(); - PIVDataObject securityObject = null; - - for (String containerOID : APDUConstants.MandatoryContainers()) { - PIVDataObject dataObject = PIVDataObjectFactory.createDataObjectForOid(containerOID); - s_logger.info("Attempting to read data object for OID {} ({})", containerOID, - APDUConstants.oidNameMap.get(containerOID)); - result = piv.pivGetData(c, containerOID, dataObject); - if (result != MiddlewareStatus.PIV_OK) - continue; - boolean decoded = dataObject.decode(); - s_logger.info("{} {}", dataObject.getFriendlyName(), - decoded ? "decoded successfully" : "failed to decode"); - s_logger.info("pivGetData returned {}", result); - s_logger.info(dataObject.toString()); - - if (containerOID.equals(APDUConstants.CARD_CAPABILITY_CONTAINER_OID)) { - - s_logger.info("Card Identifier: {}", - Hex.encodeHexString(((CardCapabilityContainer) dataObject).getCardIdentifier())); - s_logger.info("Capability Container Version Number: {}", Hex.encodeHexString( - ((CardCapabilityContainer) dataObject).getCapabilityContainerVersionNumber())); - s_logger.info("Capability Grammar Version Number: {}", Hex.encodeHexString( - ((CardCapabilityContainer) dataObject).getCapabilityGrammarVersionNumber())); - - List appCardURLList = ((CardCapabilityContainer) dataObject).getAppCardURL(); - - if (appCardURLList.size() > 0) { - s_logger.info("Applications CardURL List"); - for (byte[] u : appCardURLList) { - s_logger.info("{}", Hex.encodeHexString(u)); - } - } - - s_logger.info("Registered Data Model number: {}", Hex.encodeHexString( - ((CardCapabilityContainer) dataObject).getRegisteredDataModelNumber())); - s_logger.info("Access Control Rule Table: {}", Hex - .encodeHexString(((CardCapabilityContainer) dataObject).getAccessControlRuleTable())); - - s_logger.info("Card APDUs Tag Present: {}", - ((CardCapabilityContainer) dataObject).getCardAPDUs()); - s_logger.info("RedirectionTag Tag Present: {}", - ((CardCapabilityContainer) dataObject).getRedirectionTag()); - s_logger.info("Capability Tuples Tag Present: {}", - ((CardCapabilityContainer) dataObject).getCapabilityTuples()); - s_logger.info("Status Tuples Tag Present: {}", - ((CardCapabilityContainer) dataObject).getStatusTuples()); - s_logger.info("Next CCC Tag Present: {}", ((CardCapabilityContainer) dataObject).getNextCCC()); - - if (((CardCapabilityContainer) dataObject).getExtendedApplicationCardURL() != null) { - - List extendedAppCardURLList = ((CardCapabilityContainer) dataObject) - .getExtendedApplicationCardURL(); - - if (extendedAppCardURLList.size() > 0) { - s_logger.info("Extended Application CardURL List:"); - for (byte[] u2 : extendedAppCardURLList) { - s_logger.info(" {}", Hex.encodeHexString(u2)); - } - } - } - - if (((CardCapabilityContainer) dataObject).getSecurityObjectBuffer() != null) - s_logger.info("Security Object Buffer: {}", Hex - .encodeHexString(((CardCapabilityContainer) dataObject).getSecurityObjectBuffer())); - - s_logger.info("Error Detection Code Tag Present: {}", - ((CardCapabilityContainer) dataObject).getErrorDetectionCode()); - - soDataElements.put(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - ((CardCapabilityContainer) dataObject).getSignedContent()); - } - - if (containerOID.equals(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID)) { - if (((CardHolderUniqueIdentifier) dataObject).getBufferLength() != null) { - s_logger.info("Buffer Length: {}", - Hex.encodeHexString(((CardHolderUniqueIdentifier) dataObject).getBufferLength())); - } - s_logger.info("FASC-N: {}", - Hex.encodeHexString(((CardHolderUniqueIdentifier) dataObject).getfASCN())); - if (((CardHolderUniqueIdentifier) dataObject).getOrganizationalIdentifier() != null) { - s_logger.info("Organizational Identifier: {}", Hex.encodeHexString( - ((CardHolderUniqueIdentifier) dataObject).getOrganizationalIdentifier())); - } - if (((CardHolderUniqueIdentifier) dataObject).getdUNS() != null) { - s_logger.info("DUNS: {}", - Hex.encodeHexString(((CardHolderUniqueIdentifier) dataObject).getdUNS())); - } - s_logger.info("GUID: {}", - Hex.encodeHexString(((CardHolderUniqueIdentifier) dataObject).getgUID())); - - SimpleDateFormat sdfmt = new SimpleDateFormat("MM/dd/yyyy"); - s_logger.info("Expiration Date: {}", - sdfmt.format(((CardHolderUniqueIdentifier) dataObject).getExpirationDate())); - - s_logger.info("Cardholder UUID: {}", - Hex.encodeHexString(((CardHolderUniqueIdentifier) dataObject).getCardholderUUID())); - s_logger.info("Issuer Asymmetric Signature Info:"); - - CMSSignedData sd = ((CardHolderUniqueIdentifier) dataObject).getAsymmetricSignature(); - SignerInformationStore signers = sd.getSignerInfos(); - Collection collection = signers.getSigners(); - Iterator it = collection.iterator(); - - while (it.hasNext()) { - SignerInformation signer = it.next(); - SignerId sid = signer.getSID(); - String issuer = sid.getIssuer().toString(); - String serial = Hex.encodeHexString(sid.getSerialNumber().toByteArray()); - String skid = ""; - if (sid.getSubjectKeyIdentifier() != null) - skid = Hex.encodeHexString(sid.getSubjectKeyIdentifier()); - - if (sid.getSubjectKeyIdentifier() != null) - s_logger.info("Signer skid: {} ", skid); - else - s_logger.info("Signer Issuer: {}, Serial Number: {} ", issuer, serial); - - } - s_logger.info("Signature valid: {}", - ((CardHolderUniqueIdentifier) dataObject).verifySignature()); - signingCertificate = ((CardHolderUniqueIdentifier) dataObject).getSignerCert(); - - s_logger.info("Error Detection Code Tag Present: {}", - ((CardHolderUniqueIdentifier) dataObject).getErrorDetectionCode()); - - soDataElements.put(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - ((CardHolderUniqueIdentifier) dataObject).getChuidContainer()); - } - - if (containerOID.equals(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID)) { - X509Certificate pibAuthCert = ((X509CertificateDataObject) dataObject).getCertificate(); - - s_logger.info("PIV Auth Cert SubjectName: {}", pibAuthCert.getSubjectDN().getName()); - s_logger.info("PIV Auth Cert SerialNumber: {}", - Hex.encodeHexString(pibAuthCert.getSerialNumber().toByteArray())); - s_logger.info("PIV Auth Cert IssuerName: {}", pibAuthCert.getSubjectDN().getName()); - } - - if (containerOID.equals(APDUConstants.CARDHOLDER_FINGERPRINTS_OID)) { - - s_logger.info("Fingerprint I & II: {}", - Hex.encodeHexString(((CardHolderBiometricData) dataObject).getBiometricData())); - - s_logger.info("Biometric Creation Date: {}", - ((CardHolderBiometricData) dataObject).getBiometricCreationDate()); - s_logger.info("Validity Period From: {}", - ((CardHolderBiometricData) dataObject).getValidityPeriodFrom()); - s_logger.info("Validity Period To: {}", - ((CardHolderBiometricData) dataObject).getValidityPeriodTo()); - - CMSSignedData sd = ((SignedPIVDataObject) dataObject).getAsymmetricSignature(); - SignerInformationStore signers = sd.getSignerInfos(); - Collection collection = signers.getSigners(); - Iterator it = collection.iterator(); - - while (it.hasNext()) { - SignerInformation signer = it.next(); - SignerId sid = signer.getSID(); - String issuer = sid.getIssuer().toString(); - String serial = Hex.encodeHexString(sid.getSerialNumber().toByteArray()); - String skid = ""; - if (sid.getSubjectKeyIdentifier() != null) - skid = Hex.encodeHexString(sid.getSubjectKeyIdentifier()); - - if (sid.getSubjectKeyIdentifier() != null) - s_logger.info("Signer skid: {} ", skid); - else - s_logger.info("Signer Issuer: {}, Serial Number: {} ", issuer, serial); - - } - if (signingCertificate != null) - s_logger.info("Is signatue valid: {}", - ((SignedPIVDataObject) dataObject).verifySignature()); - else - s_logger.info("Missing signing certificate to verify signature."); - - s_logger.info("Error Detection Code Tag Present: {}", - ((CardHolderBiometricData) dataObject).getErrorDetectionCode()); - - soDataElements.put(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - ((CardHolderBiometricData) dataObject).getCbeffContainer()); - } - - if (containerOID.equals(APDUConstants.SECURITY_OBJECT_OID)) { - - s_logger.info("RAW Mapping of DG to ContainerID value: {}", - Hex.encodeHexString(((SecurityObject) dataObject).getMapping())); - - HashMap idMap = ((SecurityObject) dataObject).getContainerIDList(); - - s_logger.info("List of containers included in the Security Object:"); - for (HashMap.Entry entry : idMap.entrySet()) { - s_logger.info("Container ID: {}, Container Name: {}, Container OID: {}", entry.getKey(), - entry.getValue(), APDUConstants.oidNameMap.get(entry.getValue())); - } - - CMSSignedData sd = ((SignedPIVDataObject) dataObject).getAsymmetricSignature(); - SignerInformationStore signers = sd.getSignerInfos(); - Collection collection = signers.getSigners(); - Iterator it = collection.iterator(); - - while (it.hasNext()) { - SignerInformation signer = it.next(); - SignerId sid = signer.getSID(); - String issuer = sid.getIssuer().toString(); - String serial = Hex.encodeHexString(sid.getSerialNumber().toByteArray()); - String skid = ""; - if (sid.getSubjectKeyIdentifier() != null) - skid = Hex.encodeHexString(sid.getSubjectKeyIdentifier()); - - if (sid.getSubjectKeyIdentifier() != null) - s_logger.info("Signer skid: {} ", skid); - else - s_logger.info("Signer Issuer: {}, Serial Number: {} ", issuer, serial); - - } - // s_logger.info("Error Detection Code Tag Present: {}", ((SecurityObject) - // dataObject).getErrorDetectionCode()); - - s_logger.info("SecurityObject signatue valid: {}", - ((SignedPIVDataObject) dataObject).verifySignature()); - - securityObject = dataObject; - } - - if (containerOID.equals(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID)) { - s_logger.info("Image for Visual Verification: {}", - Hex.encodeHexString(((CardHolderBiometricData) dataObject).getBiometricData())); - - s_logger.info("Biometric Creation Date: {}", - ((CardHolderBiometricData) dataObject).getBiometricCreationDate()); - s_logger.info("Validity Period From: {}", - ((CardHolderBiometricData) dataObject).getValidityPeriodFrom()); - s_logger.info("Validity Period To: {}", - ((CardHolderBiometricData) dataObject).getValidityPeriodTo()); - - CMSSignedData sd = ((SignedPIVDataObject) dataObject).getAsymmetricSignature(); - SignerInformationStore signers = sd.getSignerInfos(); - Collection collection = signers.getSigners(); - Iterator it = collection.iterator(); - - while (it.hasNext()) { - SignerInformation signer = it.next(); - SignerId sid = signer.getSID(); - String issuer = sid.getIssuer().toString(); - String serial = Hex.encodeHexString(sid.getSerialNumber().toByteArray()); - String skid = ""; - if (sid.getSubjectKeyIdentifier() != null) - skid = Hex.encodeHexString(sid.getSubjectKeyIdentifier()); - - if (sid.getSubjectKeyIdentifier() != null) - s_logger.info("Signer skid: {} ", skid); - else - s_logger.info("Signer Issuer: {}, Serial Number: {} ", issuer, serial); - } - - if (signingCertificate != null) - s_logger.info("Is signatue valid: {}", - ((SignedPIVDataObject) dataObject).verifySignature()); - else - s_logger.info("Missing signing certificate to verify signature."); - - s_logger.info("Error Detection Code Tag Present: {}", - ((CardHolderBiometricData) dataObject).getErrorDetectionCode()); - - soDataElements.put(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - ((CardHolderBiometricData) dataObject).getCbeffContainer()); - } - - if (containerOID.equals(APDUConstants.X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID)) { - X509Certificate pibAuthCert = ((X509CertificateDataObject) dataObject).getCertificate(); - - s_logger.info("Key Managment Cert SubjectName: {}", pibAuthCert.getSubjectDN().getName()); - s_logger.info("Key Managment Cert SerialNumber: {}", - Hex.encodeHexString(pibAuthCert.getSerialNumber().toByteArray())); - s_logger.info("Key Managment Cert IssuerName: {}", pibAuthCert.getSubjectDN().getName()); - } - - if (containerOID.equals(APDUConstants.X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID)) { - X509Certificate pibAuthCert = ((X509CertificateDataObject) dataObject).getCertificate(); - - s_logger.info("Digital Signature Cert SubjectName: {}", pibAuthCert.getSubjectDN().getName()); - s_logger.info("Digital Signature SerialNumber: {}", - Hex.encodeHexString(pibAuthCert.getSerialNumber().toByteArray())); - s_logger.info("Digital Signature IssuerName: {}", pibAuthCert.getSubjectDN().getName()); - } - - if (containerOID.equals(APDUConstants.X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID)) { - X509Certificate pibAuthCert = ((X509CertificateDataObject) dataObject).getCertificate(); - - s_logger.info("Card Auth Cert SubjectName: {}", pibAuthCert.getSubjectDN().getName()); - s_logger.info("Card Auth Cert SerialNumber: {}", - Hex.encodeHexString(pibAuthCert.getSerialNumber().toByteArray())); - s_logger.info("Card Auth Cert IssuerName: {}", pibAuthCert.getSubjectDN().getName()); - } - - } - - PIVDataObject printedInformation = PIVDataObjectFactory - .createDataObjectForOid(APDUConstants.PRINTED_INFORMATION_OID); - result = piv.pivGetData(c, APDUConstants.PRINTED_INFORMATION_OID, printedInformation); - - if (result == MiddlewareStatus.PIV_OK) { - s_logger.info("Attempted to read {} object: {}", - APDUConstants.oidNameMap.get(APDUConstants.PRINTED_INFORMATION_OID), result); - boolean decoded = printedInformation.decode(); - s_logger.info("{} {}", printedInformation.getFriendlyName(), - decoded ? "decoded successfully" : "failed to decode"); - - if (decoded) { - s_logger.info("Name: {}", ((PrintedInformation) printedInformation).getName()); - s_logger.info("Employee Affiliation: {}", - ((PrintedInformation) printedInformation).getEmployeeAffiliation()); - s_logger.info("Expiration date: {}", - ((PrintedInformation) printedInformation).getExpirationDate()); - s_logger.info("Agency Card Serial Number: {}", - ((PrintedInformation) printedInformation).getAgencyCardSerialNumber()); - s_logger.info("Issuer Identification: {}", - ((PrintedInformation) printedInformation).getIssuerIdentification()); - if (((PrintedInformation) printedInformation).getOrganizationAffiliation1() != "") - s_logger.info("Name: {}", - ((PrintedInformation) printedInformation).getOrganizationAffiliation1()); - if (((PrintedInformation) printedInformation).getOrganizationAffiliation2() != "") - s_logger.info("Name: {}", - ((PrintedInformation) printedInformation).getOrganizationAffiliation2()); - s_logger.info("Error Detection Code Tag Present: {}", - ((PrintedInformation) printedInformation).getErrorDetectionCode()); - - } - - soDataElements.put(APDUConstants.PRINTED_INFORMATION_OID, - ((PrintedInformation) printedInformation).getSignedContent()); - } - - boolean decoded = false; - PIVDataObject discoveryObject = PIVDataObjectFactory - .createDataObjectForOid(APDUConstants.DISCOVERY_OBJECT_OID); - result = piv.pivGetData(c, APDUConstants.DISCOVERY_OBJECT_OID, discoveryObject); - - if (result == MiddlewareStatus.PIV_OK) { - s_logger.info("Attempted to read discovery object: {}", result); - decoded = discoveryObject.decode(); - s_logger.info("{} {}", discoveryObject.getFriendlyName(), - decoded ? "decoded successfully" : "failed to decode"); - } - - soDataElements.put(APDUConstants.DISCOVERY_OBJECT_OID, - ((DiscoveryObject) discoveryObject).getSignedContent()); - - PIVDataObject cardholderIrisImages = PIVDataObjectFactory - .createDataObjectForOid(APDUConstants.CARDHOLDER_IRIS_IMAGES_OID); - result = piv.pivGetData(c, APDUConstants.CARDHOLDER_IRIS_IMAGES_OID, cardholderIrisImages); - - if (result == MiddlewareStatus.PIV_OK) { - s_logger.info("Attempted to read {} object: {}", - APDUConstants.oidNameMap.get(APDUConstants.CARDHOLDER_IRIS_IMAGES_OID), result); - decoded = cardholderIrisImages.decode(); - s_logger.info("{} {}", cardholderIrisImages.getFriendlyName(), - decoded ? "decoded successfully" : "failed to decode"); - - if (decoded) { - if (((CardHolderBiometricData) cardholderIrisImages).getBiometricData() != null) { - s_logger.info("Images for Iris: {}", Hex.encodeHexString( - ((CardHolderBiometricData) cardholderIrisImages).getBiometricData())); - - s_logger.info("Biometric Creation Date: {}", - ((CardHolderBiometricData) cardholderIrisImages).getBiometricCreationDate()); - s_logger.info("Validity Period From: {}", - ((CardHolderBiometricData) cardholderIrisImages).getValidityPeriodFrom()); - s_logger.info("Validity Period To: {}", - ((CardHolderBiometricData) cardholderIrisImages).getValidityPeriodTo()); - - CMSSignedData sd = ((SignedPIVDataObject) cardholderIrisImages).getAsymmetricSignature(); - SignerInformationStore signers = sd.getSignerInfos(); - Collection collection = signers.getSigners(); - Iterator it = collection.iterator(); - - while (it.hasNext()) { - SignerInformation signer = it.next(); - SignerId sid = signer.getSID(); - String issuer = sid.getIssuer().toString(); - String serial = Hex.encodeHexString(sid.getSerialNumber().toByteArray()); - String skid = ""; - if (sid.getSubjectKeyIdentifier() != null) - skid = Hex.encodeHexString(sid.getSubjectKeyIdentifier()); - - if (sid.getSubjectKeyIdentifier() != null) - s_logger.info("Signer skid: {} ", skid); - else - s_logger.info("Signer Issuer: {}, Serial Number: {} ", issuer, serial); - - } - - if (signingCertificate != null) - s_logger.info("Is signatue valid: {}", - ((SignedPIVDataObject) cardholderIrisImages).verifySignature()); - else - s_logger.info("Missing signing certificate to verify signature."); - } - s_logger.info("Error Detection Code Tag Present: {}", - ((CardHolderBiometricData) cardholderIrisImages).getErrorDetectionCode()); - - } - } - - PIVDataObject keyHistoryObject = PIVDataObjectFactory - .createDataObjectForOid(APDUConstants.KEY_HISTORY_OBJECT_OID); - result = piv.pivGetData(c, APDUConstants.KEY_HISTORY_OBJECT_OID, keyHistoryObject); - - if (result == MiddlewareStatus.PIV_OK) { - s_logger.info("Attempted to read key history object: {}", result); - decoded = keyHistoryObject.decode(); - if (decoded) { - s_logger.info("Decoded successfully {}", keyHistoryObject.toString()); - } - } - - PIVDataObject biometricInformationTemplatesGroupTemplate = PIVDataObjectFactory - .createDataObjectForOid(APDUConstants.BIOMETRIC_INFORMATION_TEMPLATES_GROUP_TEMPLATE_OID); - result = piv.pivGetData(c, APDUConstants.BIOMETRIC_INFORMATION_TEMPLATES_GROUP_TEMPLATE_OID, - biometricInformationTemplatesGroupTemplate); - - if (result == MiddlewareStatus.PIV_OK) { - s_logger.info("Attempted to read {} object: {}", APDUConstants.oidNameMap - .get(APDUConstants.BIOMETRIC_INFORMATION_TEMPLATES_GROUP_TEMPLATE_OID), result); - decoded = biometricInformationTemplatesGroupTemplate.decode(); - s_logger.info("{} {}", biometricInformationTemplatesGroupTemplate.getFriendlyName(), - decoded ? "decoded successfully" : "failed to decode"); - - if (decoded) { - - s_logger.info("Number of fingers: {}", - ((BiometricInformationTemplatesGroupTemplate) biometricInformationTemplatesGroupTemplate) - .getNumberOfFingers()); - if (((BiometricInformationTemplatesGroupTemplate) biometricInformationTemplatesGroupTemplate) - .getbITForFirstFinger() != null) - s_logger.info("BIT for first Finger: {}", Hex.encodeHexString( - ((BiometricInformationTemplatesGroupTemplate) biometricInformationTemplatesGroupTemplate) - .getbITForFirstFinger())); - if (((BiometricInformationTemplatesGroupTemplate) biometricInformationTemplatesGroupTemplate) - .getbITForSecondFinger() != null) - s_logger.info("BIT for second Finger: {}", Hex.encodeHexString( - ((BiometricInformationTemplatesGroupTemplate) biometricInformationTemplatesGroupTemplate) - .getbITForSecondFinger())); - - } - } - - PIVDataObject secureMessagingCertificateSigner = PIVDataObjectFactory - .createDataObjectForOid(APDUConstants.SECURE_MESSAGING_CERTIFICATE_SIGNER_OID); - result = piv.pivGetData(c, APDUConstants.SECURE_MESSAGING_CERTIFICATE_SIGNER_OID, - secureMessagingCertificateSigner); - - if (result == MiddlewareStatus.PIV_OK) { - s_logger.info("Attempted to read {} object: {}", - APDUConstants.oidNameMap.get(APDUConstants.SECURE_MESSAGING_CERTIFICATE_SIGNER_OID), - result); - decoded = secureMessagingCertificateSigner.decode(); - s_logger.info("{} {}", secureMessagingCertificateSigner.getFriendlyName(), - decoded ? "decoded successfully" : "failed to decode"); - - if (decoded) { - - X509Certificate contentSigningCert = ((SecureMessagingCertificateSigner) secureMessagingCertificateSigner) - .getCertificate(); - - s_logger.info("Content Signing Cert SubjectName: {}", - contentSigningCert.getSubjectDN().getName()); - s_logger.info("Content Signing Cert SerialNumber: {}", - Hex.encodeHexString(contentSigningCert.getSerialNumber().toByteArray())); - s_logger.info("Content Signing Cert IssuerName: {}", - contentSigningCert.getSubjectDN().getName()); - - if (((SecureMessagingCertificateSigner) secureMessagingCertificateSigner) - .getIntermediateCVC() != null) - s_logger.info("Intermediate CVC: {}", - Hex.encodeHexString( - ((SecureMessagingCertificateSigner) secureMessagingCertificateSigner) - .getIntermediateCVC())); - - } - } - - PIVDataObject pairingCodeReferenceDataContainer = PIVDataObjectFactory - .createDataObjectForOid(APDUConstants.PAIRING_CODE_REFERENCE_DATA_CONTAINER_OID); - result = piv.pivGetData(c, APDUConstants.PAIRING_CODE_REFERENCE_DATA_CONTAINER_OID, - pairingCodeReferenceDataContainer); - - if (result == MiddlewareStatus.PIV_OK) { - s_logger.info("Attempted to read {} object: {}", - APDUConstants.oidNameMap.get(APDUConstants.PAIRING_CODE_REFERENCE_DATA_CONTAINER_OID), - result); - decoded = pairingCodeReferenceDataContainer.decode(); - s_logger.info("{} {}", pairingCodeReferenceDataContainer.getFriendlyName(), - decoded ? "decoded successfully" : "failed to decode"); - - if (decoded) { - s_logger.info("Name: {}", - ((PairingCodeReferenceDataContainer) pairingCodeReferenceDataContainer).getName()); - s_logger.info("Error Detection Code Tag Present: {}", - ((PairingCodeReferenceDataContainer) pairingCodeReferenceDataContainer) - .getErrorDetectionCode()); - - } - } - ((SecurityObject) securityObject).setMapOfDataElements(soDataElements); - - boolean hashesVerified = ((SecurityObject) securityObject).verifyHashes(); - s_logger.info("Security Object hashes verified: {}", hashesVerified); - - boolean hashVerified = ((SecurityObject) securityObject).verifyHash(5); - s_logger.info("Printed Information hash verified: {}", hashVerified); - - } - // ResponseAPDU rsp = null; - return true; - } else { - s_logger.error("TestCard called with invalid card handle"); - } - return false; - } - - public static void main(String[] args) { - s_logger.info("main class: {}", MethodHandles.lookup().lookupClass().getSimpleName()); - s_logger.info("package version: {}", VersionUtils.GetPackageVersionString()); - s_logger.info("build time: {}", VersionUtils.GetPackageBuildTime()); - - CommandLineParser p = new DefaultParser(); - CommandLine cmd = null; - try { - cmd = p.parse(s_options, args); - } catch (ParseException e) { - s_logger.error("Failed to parse command line arguments", e); - PrintHelpAndExit(1); - } - - if (cmd.hasOption("help")) { - PrintHelpAndExit(0); - } - - PCSCUtils.ConfigureUserProperties(); - PIVMiddlewareVersion mwv = new PIVMiddlewareVersion(); - MiddlewareStatus middlewareStatus = PIVMiddleware.pivMiddlewareVersion(mwv); - s_logger.info("pivMiddlewareVersion returned status {} and version {}", middlewareStatus, mwv); - - TerminalFactory tf = TerminalFactory.getDefault(); - List terminals = null; - try { - terminals = tf.terminals().list(); - } catch (CardException e) { - s_logger.error("Failed to list card terminals", e); - System.exit(1); - } - if (terminals.size() == 0) { - s_logger.error("No readers were found."); - System.exit(1); - } - int terminalCount = 0; - for (CardTerminal t : terminals) { - terminalCount++; - ConnectionDescription cd = ConnectionDescription.createFromTerminal(t); - byte[] descriptor = cd.getBytes(); - if (descriptor != null) { - s_logger.info("Descriptor for terminal {}: {}", terminalCount, Hex.encodeHexString(descriptor, false)); - } - // if there is only one reader or if we've been asked to only test one reader, - // wait for a card - try { - if (!t.isCardPresent() && (!cmd.hasOption("all") || terminals.size() == 1)) { - s_logger.info("Insert a card into {}", t.getName()); - t.waitForCardPresent(0); - } - } catch (CardException e) { - s_logger.error("Error checking for card presence", e); - } - s_logger.info("Testing with terminal {}: {}", terminalCount, t.getName()); - CardHandle ch = new CardHandle(); - MiddlewareStatus result = PIVMiddleware.pivConnect(true, cd, ch); - s_logger.info("[{}] PIVMiddleware.pivConnect() returned {} for reader {}", terminalCount, result, - t.getName()); - boolean testResult = TestCard(ch); - if (testResult) { - s_logger.info("Card test completed successfully."); - } else { - s_logger.error("Card test failed."); - } - if (!cmd.hasOption("all")) { - break; - } - } - - System.exit(0); - - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tools/PrintEnvironmentInfo.java b/cardlib/src/main/java/gov/gsa/pivconformance/tools/PrintEnvironmentInfo.java deleted file mode 100644 index 466f2305..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tools/PrintEnvironmentInfo.java +++ /dev/null @@ -1,43 +0,0 @@ -package gov.gsa.pivconformance.tools; - -import gov.gsa.pivconformance.utils.PCSCUtils; -import gov.gsa.pivconformance.utils.VersionUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.smartcardio.CardException; -import javax.smartcardio.CardTerminal; -import javax.smartcardio.TerminalFactory; -import java.lang.invoke.MethodHandles; -import java.security.Provider; -import java.security.Security; - -public class PrintEnvironmentInfo { - - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(PrintEnvironmentInfo.class); - - /** - * A simple test program that dumps info about the environment we're running in. - */ - public static void main(String[] args) { - s_logger.info("main class: {}", MethodHandles.lookup().lookupClass().getSimpleName()); - s_logger.info("package version: {}", VersionUtils.GetPackageVersionString()); - s_logger.info("build time: {}", VersionUtils.GetPackageBuildTime()); - PCSCUtils.ConfigureUserProperties(); - s_logger.info("System properties"); - System.getProperties().forEach((key, value) -> s_logger.info("property: '{}' = '{}'", key, value)); - for (Provider prov : Security.getProviders()) { - s_logger.info("Security Provider: {} version {}", prov.getName(), prov.getVersion()); - } - TerminalFactory tf = TerminalFactory.getDefault(); - s_logger.info("Attempting to list card terminals"); - try { - for (CardTerminal t : tf.terminals().list()) { - s_logger.info("Reader: {}: {}", t.getName(), t.isCardPresent() ? "Card present" : "Card not present"); - } - } catch (CardException e) { - s_logger.error("Unable to enumerate card terminals", e); - } - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/tools/SQLiteDBGenerator.java b/cardlib/src/main/java/gov/gsa/pivconformance/tools/SQLiteDBGenerator.java deleted file mode 100644 index 7e65d909..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/tools/SQLiteDBGenerator.java +++ /dev/null @@ -1,81 +0,0 @@ -package gov.gsa.pivconformance.tools; - -import gov.gsa.pivconformance.utils.VersionUtils; -import org.apache.commons.cli.*; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.io.File; -import java.io.IOException; -import java.lang.invoke.MethodHandles; -import java.sql.Connection; -import java.sql.DatabaseMetaData; -import java.sql.DriverManager; -import java.sql.SQLException; - -public class SQLiteDBGenerator { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(SQLiteDBGenerator.class); - private static final Options s_options = new Options(); - static { - s_options.addOption("h", "help", false, "Print this help and exit"); - s_options.addOption("d", "database", true, "path to database file"); - } - - private static void PrintHelpAndExit(int exitCode) { - new HelpFormatter().printHelp("ConformanceTestRunner ", s_options); - System.exit(exitCode); - } - - public static void main(String[] args) { - s_logger.info("main class: {}", MethodHandles.lookup().lookupClass().getSimpleName()); - s_logger.info("package version: {}", VersionUtils.GetPackageVersionString()); - s_logger.info("build time: {}", VersionUtils.GetPackageBuildTime()); - - CommandLineParser p = new DefaultParser(); - CommandLine cmd = null; - try { - cmd = p.parse(s_options, args); - } catch (ParseException e) { - s_logger.error("Failed to parse command line arguments", e); - PrintHelpAndExit(1); - } - - if (cmd.hasOption("help")) { - PrintHelpAndExit(0); - } - - if (cmd.hasOption("database")) { - String dbParam = cmd.getOptionValue("database"); - File f = new File(dbParam); - if (f.exists()) { - s_logger.error("Cowardly refusing to overwrite existing file {}", dbParam); - System.exit(1); - } - String dbUrl = null; - try { - dbUrl = "jdbc:sqlite:" + f.getCanonicalPath(); - } catch (IOException e) { - s_logger.error("Unable to calculate canonical name for database file", e); - System.exit(1); - } - Connection conn = null; - try { - conn = DriverManager.getConnection(dbUrl); - } catch (SQLException e) { - s_logger.error("Unable to establish JDBC connection for SQLite database", e); - } - if (conn != null) { - s_logger.debug("Created sql connection for {}", dbParam); - DatabaseMetaData metaData = null; - try { - metaData = conn.getMetaData(); - s_logger.debug("Driver: {} version {}", metaData.getDriverName(), metaData.getDriverVersion()); - } catch (SQLException e) { - s_logger.error("Unable to read driver metadata", e); - } - } - } - - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/utils/PCSCUtils.java b/cardlib/src/main/java/gov/gsa/pivconformance/utils/PCSCUtils.java deleted file mode 100644 index 60c9f6bc..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/utils/PCSCUtils.java +++ /dev/null @@ -1,138 +0,0 @@ -package gov.gsa.pivconformance.utils; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.smartcardio.CardException; -import javax.smartcardio.CardTerminal; -import javax.smartcardio.TerminalFactory; -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.util.ArrayList; -import java.util.List; -import java.util.Properties; - -public class PCSCUtils { - // slf4j will thunk this through to an appropriately configured logging library - private static final Logger s_logger = LoggerFactory.getLogger(PCSCUtils.class); - - public static void ConfigureUserProperties() { - String homeDirectoryEnv = System.getenv("HOME"); - if (homeDirectoryEnv == null) { - return; - } - File homeDirectory = new File(homeDirectoryEnv); - if (!homeDirectory.exists()) - return; - File configFile = new File(homeDirectory, ".pivconformance-pcsc.properties"); - if (configFile.exists()) { - ConfigureUserProperties(configFile); - } - } - - public static void ConfigureUserProperties(File fileName) { - Properties props = new Properties(); - try { - props.load(new FileInputStream(fileName)); - props.forEach((key, value) -> { - s_logger.info("Adding property: '{}' = '{}'", key, value); - System.setProperty((String) key, (String) value); - }); - } catch (IOException e) { - s_logger.error("Unable to read " + fileName.getAbsolutePath(), e); - return; - } - } - - public static List GetConnectedReaders() { - ArrayList readerList = new ArrayList<>(); - TerminalFactory tf = TerminalFactory.getDefault(); - List terminals = null; - try { - s_logger.debug("About to list connected readers"); - terminals = tf.terminals().list(); - s_logger.debug("Done listing connected readers"); - } catch (CardException e) { - s_logger.error("Failed to list card terminals", e); - return readerList; - } - if (terminals.size() == 0) { - s_logger.debug("No readers were connected."); - return readerList; - } - int terminalCount = 0; - for (CardTerminal t : terminals) { - terminalCount++; - readerList.add(t.getName()); - } - s_logger.debug("Found {} readers.", terminalCount); - return readerList; - } - - public static String GetFirstReaderWithCardPresent() { - new ArrayList<>(); - TerminalFactory tf = TerminalFactory.getDefault(); - List terminals = null; - try { - s_logger.debug("About to list connected readers"); - terminals = tf.terminals().list(); - s_logger.debug("Done listing connected readers"); - } catch (CardException e) { - s_logger.error("Failed to list card terminals", e); - return null; - } - if (terminals.size() == 0) { - s_logger.debug("No readers were connected."); - return null; - } - for (CardTerminal t : terminals) { - try { - if (t.isCardPresent()) { - return t.getName(); - } - } catch (CardException e) { - s_logger.debug("isCardPresent() threw an exception for reader {}", t.getName(), e); - } - } - s_logger.debug("No reader found with card inserted"); - return null; - } - - public static CardTerminal TerminalForReaderName(String name) { - TerminalFactory tf = TerminalFactory.getDefault(); - List terminals = null; - try { - terminals = tf.terminals().list(); - } catch (CardException e) { - s_logger.error("TerminalForReaderName(): Unable to enumerate terminals"); - return null; - } - if (terminals.size() == 0) { - s_logger.error("Unable to find any readers."); - return null; - } - for (CardTerminal t : terminals) { - if (t.getName().equals(name)) { - return t; - } - } - s_logger.error("No reader named " + name + " is attached to the system."); - return null; - - } - - public static int StatusWordsToRetries(byte[] sw) { - if (sw == null || sw.length < 2) { - s_logger.error("a status word array must be at least 2 bytes."); - return -1; - } - byte sw1 = sw[sw.length - 2]; - byte sw2 = sw[sw.length - 1]; - if (sw1 != 0x63 || sw2 == 0x00) { - s_logger.error("bytes do not contain password retry count."); - return -1; - } - return 0x0F & sw2; - } -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/utils/PCSCWrapper.java b/cardlib/src/main/java/gov/gsa/pivconformance/utils/PCSCWrapper.java deleted file mode 100644 index a18bb3d2..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/utils/PCSCWrapper.java +++ /dev/null @@ -1,96 +0,0 @@ -package gov.gsa.pivconformance.utils; - -import javax.smartcardio.Card; -import javax.smartcardio.CardChannel; -import javax.smartcardio.CardException; -import javax.smartcardio.CardTerminal; -import javax.smartcardio.CommandAPDU; -import javax.smartcardio.ResponseAPDU; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import gov.gsa.pivconformance.card.client.CardClientException; -import gov.gsa.pivconformance.card.client.ChainingAPDUTransmitter; -import gov.gsa.pivconformance.card.client.RequestAPDUWrapper; -import gov.gsa.pivconformance.card.client.ResponseAPDUWrapper; - -public class PCSCWrapper implements ITransmitCounter { - private static final Logger s_logger = LoggerFactory.getLogger(PCSCWrapper.class); - private static PCSCWrapper INSTANCE = new PCSCWrapper(); - - private int m_connectCount = 0; - private int m_transmitCount = 0; - - public Card connect(CardTerminal t) throws CardException { - s_logger.debug("Connecting to card in {} using the default protocol", t.getName()); - return connect(t, "*"); - } - - public Card connect(CardTerminal t, String protocol) throws CardException { - s_logger.debug("Connecting to card in {} using protocol: \"{}\"", t.getName(), protocol); - m_connectCount++; - Card rv = null; - try { - rv = t.connect(protocol); - } catch (CardException e) { - s_logger.error("Caught CardException: {} while attempting to connect to card in {} using protocol \"{}\"", - e.getMessage(), t.getName(), protocol, e); - throw e; - } - s_logger.debug("Connected: {}", rv); - return rv; - - } - - public ResponseAPDU transmit(CardChannel channel, CommandAPDU cmd) throws CardException { - s_logger.debug("transmit() wrapper called"); - m_transmitCount++; - /* - * ResponseAPDU rsp = null; s_apduLogger.info("Sending Command APDU: {}", - * Hex.encodeHexString(cmd.getBytes()).replaceAll("..(?=.)", "$0 ")); try { rsp - * = channel.transmit(cmd); s_apduLogger.debug("Received Response APDU: {}", - * Hex.encodeHexString(rsp.getBytes()).replaceAll("..(?=.)", "$0 ")); } catch - * (CardException e) { - * s_logger.error("Caught CardException {} transmitting APDU.", e.getMessage(), - * e); throw e; } return rsp; - */ - ChainingAPDUTransmitter ct = new ChainingAPDUTransmitter(channel); - RequestAPDUWrapper req = new RequestAPDUWrapper(cmd.getBytes()); - ResponseAPDUWrapper rsp = null; - try { - rsp = ct.transmit(req); - } catch (CardClientException e) { - s_logger.error("Failed to receive response APDU", e); - return null; - } - return new ResponseAPDU(rsp.getBytes()); - } - - private PCSCWrapper() { - - } - - public static PCSCWrapper getInstance() { - return INSTANCE; - } - - public int getTransmitCount() { - return m_transmitCount; - } - - public int getConnectCount() { - return m_connectCount; - } - - public void resetCounters() { - m_connectCount = 0; - m_transmitCount = 0; - } - - @Override - public void incrementTransmitCount() { - m_transmitCount++; - } - -} diff --git a/cardlib/src/main/java/gov/gsa/pivconformance/utils/VersionUtils.java b/cardlib/src/main/java/gov/gsa/pivconformance/utils/VersionUtils.java deleted file mode 100644 index 444cc7a3..00000000 --- a/cardlib/src/main/java/gov/gsa/pivconformance/utils/VersionUtils.java +++ /dev/null @@ -1,55 +0,0 @@ -package gov.gsa.pivconformance.utils; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.io.InputStream; -import java.util.Properties; - -public class VersionUtils { - private static final Logger s_logger = LoggerFactory.getLogger(VersionUtils.class); - - static Properties s_properties; - - public static final String PACKAGE_VERSION = "build.version"; - - public static final String PACKAGE_REVISION = "git.commit.id"; - public static final String PACKAGE_REVISION_TIME = "git.commit.time"; - public static final String PACKAGE_BUILD_TIME = "build.time"; - - static { - s_properties = new Properties(); - InputStream pis = null; - try { - VersionUtils.class.getClassLoader(); - pis = VersionUtils.class.getResourceAsStream("version.properties"); - s_properties.load(pis); - } catch (Exception e) { - s_logger.debug( - "Unable to read version.properties file from classpath. This may only be available from jar packaged builds.", - e); - s_properties.setProperty(PACKAGE_VERSION, "UNAVAILABLE"); - s_properties.setProperty(PACKAGE_REVISION, "UNAVAILABLE"); - s_properties.setProperty(PACKAGE_BUILD_TIME, "UNAVAILABLE"); - s_properties.setProperty(PACKAGE_REVISION_TIME, "UNAVAILABLE"); - - } - if (!s_properties.containsKey(PACKAGE_VERSION)) { - s_logger.error("Version.properties was read from classpath but did not contain versioning information"); - s_properties.setProperty(PACKAGE_VERSION, "ERROR"); - s_properties.setProperty(PACKAGE_REVISION, "ERROR"); - s_properties.setProperty(PACKAGE_BUILD_TIME, "ERROR"); - s_properties.setProperty(PACKAGE_REVISION_TIME, "ERROR"); - } - - } - - public static String GetPackageVersionString() { - return String.format("%s.%s", s_properties.getProperty(PACKAGE_VERSION), - s_properties.getProperty(PACKAGE_REVISION)); - } - - public static String GetPackageBuildTime() { - return s_properties.getProperty(PACKAGE_BUILD_TIME); - } -} diff --git a/cardlib/src/main/java/module-info.java b/cardlib/src/main/java/module-info.java index a5928b1d..eeb3af1f 100644 --- a/cardlib/src/main/java/module-info.java +++ b/cardlib/src/main/java/module-info.java @@ -1,13 +1,15 @@ -open module gov.gsa.pivconformance { - requires java.smartcardio; - requires java.sql; - requires org.slf4j; - requires org.apache.commons.codec; - requires commons.cli; - requires bcpkix.jdk15on; - requires bcprov.jdk15on; - exports gov.gsa.pivconformance.tlv; - exports gov.gsa.pivconformance.card.client; - exports gov.gsa.pivconformance.tools; - exports gov.gsa.pivconformance.utils; +module gov.gsa.pivconformance.cardlib { + exports gov.gsa.pivconformance.cardlib.card.client; + exports gov.gsa.pivconformance.cardlib.tools; + exports gov.gsa.pivconformance.cardlib.utils; + exports gov.gsa.pivconformance.cardlib.tlv; + + requires java.smartcardio; + requires java.sql; + requires org.apache.commons.cli; + requires org.apache.commons.codec; + requires org.apache.commons.csv; + requires org.bouncycastle.pkix; + requires org.bouncycastle.provider; + requires org.slf4j; } diff --git a/cardlib/src/main/resources/build.version b/cardlib/src/main/resources/build.version new file mode 100644 index 00000000..b462b647 --- /dev/null +++ b/cardlib/src/main/resources/build.version @@ -0,0 +1 @@ +0.2.1-beta diff --git a/cardlib/src/main/resources/loopback.xml b/cardlib/src/main/resources/loopback.xml index 572ffd6b..9356f66d 100644 --- a/cardlib/src/main/resources/loopback.xml +++ b/cardlib/src/main/resources/loopback.xml @@ -20,7 +20,7 @@ - + diff --git a/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/BiometricDataObjectTests.java b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/BiometricDataObjectTests.java new file mode 100644 index 00000000..062113d4 --- /dev/null +++ b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/BiometricDataObjectTests.java @@ -0,0 +1,265 @@ +package gov.gsa.pivconformance.cardlib.test; + +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.APDUUtils; +import gov.gsa.pivconformance.cardlib.card.client.CardHolderBiometricData; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObjectFactory; +import gov.gsa.pivconformance.cardlib.card.client.SignedPIVDataObject; +import gov.gsa.pivconformance.cardlib.utils.OSUtils; + +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.TestReporter; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.Arguments; +import org.junit.jupiter.params.provider.MethodSource; + +import java.io.File; +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.util.stream.Stream; + +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.fail; +import static org.junit.jupiter.api.Assertions.assertNotSame; +import static org.junit.jupiter.api.Assertions.assertTrue; + +public class BiometricDataObjectTests { + private static String resDir = null; + static { + resDir = new BiometricDataObjectTests().getClass().getResource("").getPath(); + System.out.println("Looking in: " + resDir); + } + @DisplayName("Test Biometric Data Object parsing") + @ParameterizedTest(name = "{index} => oid = {0}, file = {1}") + @MethodSource("dataObjectTestProvider") + void dataObjectTest(String oid, String file, TestReporter reporter) { + assertNotNull(oid); + assertNotNull(file); + Path filePath = Paths.get(resDir + File.separator + file); + System.out.println("Looking for " + filePath.getParent() + File.separator + filePath.getFileName()); + byte[] fileData = null; + try { + fileData = Files.readAllBytes(filePath); + } catch (IOException e) { + fail(e); + } + PIVDataObject o = PIVDataObjectFactory.createDataObjectForOid(oid); + assertNotNull(o); + reporter.publishEntry(oid, o.getClass().getSimpleName()); + + + byte[] data = APDUUtils.getTLV(APDUConstants.DATA, fileData); + + o.setOID(oid); + o.setBytes(data); + boolean decoded = o.decode(); + assert(decoded); + + assertNotNull(((CardHolderBiometricData) o).getBiometricCreationDate()); + assertNotNull(((CardHolderBiometricData) o).getValidityPeriodFrom()); + assertNotNull(((CardHolderBiometricData) o).getValidityPeriodTo()); + + assertNotSame(((CardHolderBiometricData) o).getBiometricCreationDate(), ""); + assertNotSame(((CardHolderBiometricData) o).getValidityPeriodFrom(), ""); + assertNotSame(((CardHolderBiometricData) o).getValidityPeriodTo(), ""); + + assertNotNull(((SignedPIVDataObject) o).getAsymmetricSignature()); + + assertTrue(((CardHolderBiometricData) o).getErrorDetectionCode()); + + } + + private static Stream dataObjectTestProvider() { + return Stream.of( + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/01_Golden_PIV/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/02_Golden_PIV-I/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/03_SKID_Mismatch/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/04_Tampered_CHUID/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/05_Tampered_Certificates/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/06_Tampered_PHOTO/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/07_Tampered_Fingerprints/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/08_Tampered_Security_Object/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/09_Expired_CHUID_Signer/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/10_Expired_Cert_Signer/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/11_Certs_Expire_after_CHUID/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/12_Certs_not_yet_valid/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/13_Certs_are_expired/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/14_Expired_CHUID/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/15_CHUID_FASCN_mismatch/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/16_Card_Authentication_FASCN_mismatch/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/17_PHOTO_FASCN_mismatch/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/18_Fingerprints_FASCN_mismatch/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/19_CHUID_UUID_mismatch/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/20_Card_Authent_UUID_mismatch/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/21_PHOTO_UUID_mismatch/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/22_Fingerprints_UUID_mismatch/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/23_Public_Private_Key_mismatch/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/24_Revoked_Certificates/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/25_Disco_Object_Not_Present/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/26_Disco_Object_Present_App_PIN_Only/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/27_Disco_Object_Present_App_PIN_Primary/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/28_Disco_Object_Present_Global_PIN_Primary/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/37_Golden_FIPS_201-2_PIV_PPS_F=512_D=64/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/38_Bad_Hash_in_Sec_Object/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/39_Golden_FIPS_201-2_Fed_PIV-I/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/41_Re-keyed_Card/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/42_OCSP_Expired/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/43_OCSP_revoked_w_nocheck/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/44_OCSP_revoked_wo_nocheck/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/45_OCSP_Invalid_Signature/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/47_Golden_FIPS_201-2_PIV_SAN_Order/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/48_T=0_with_Non-Zero_PPS_LEN_Value/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/49_FIPS_201-2_Facial_Image_CBEFF_Expired/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/50_FIPS_201-2_Facial_Image_CBEFF_Expires_before_CHUID/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/51_FIPS_201-2_Fingerprint_CBEFF_Expired/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/52_FIPS_201-2_Fingerprint_CBEFF_Expires_before_CHUID/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/53_FIPS_201-2_Large_Card_Auth_Cert/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/54_Golden_FIPS_201-2_NFI_PIV-I/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/55_FIPS_201-2_Missing_Security_Object/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/56_FIPS_201-2_Signer_Expires/9 - Fingerprints"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/01_Golden_PIV/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/02_Golden_PIV-I/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/03_SKID_Mismatch/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/04_Tampered_CHUID/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/05_Tampered_Certificates/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/06_Tampered_PHOTO/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/07_Tampered_Fingerprints/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/08_Tampered_Security_Object/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/09_Expired_CHUID_Signer/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/10_Expired_Cert_Signer/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/12_Certs_not_yet_valid/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/13_Certs_are_expired/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/14_Expired_CHUID/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/15_CHUID_FASCN_mismatch/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/16_Card_Authentication_FASCN_mismatch/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/17_PHOTO_FASCN_mismatch/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/18_Fingerprints_FASCN_mismatch/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/19_CHUID_UUID_mismatch/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/20_Card_Authent_UUID_mismatch/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/21_PHOTO_UUID_mismatch/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/22_Fingerprints_UUID_mismatch/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/23_Public_Private_Key_mismatch/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/24_Revoked_Certificates/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/25_Disco_Object_Not_Present/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/26_Disco_Object_Present_App_PIN_Only/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/27_Disco_Object_Present_App_PIN_Primary/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/28_Disco_Object_Present_Global_PIN_Primary/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/37_Golden_FIPS_201-2_PIV_PPS_F=512_D=64/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/38_Bad_Hash_in_Sec_Object/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/39_Golden_FIPS_201-2_Fed_PIV-I/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/41_Re-keyed_Card/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/42_OCSP_Expired/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/43_OCSP_revoked_w_nocheck/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/44_OCSP_revoked_wo_nocheck/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/45_OCSP_Invalid_Signature/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/47_Golden_FIPS_201-2_PIV_SAN_Order/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/48_T=0_with_Non-Zero_PPS_LEN_Value/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/49_FIPS_201-2_Facial_Image_CBEFF_Expired/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/50_FIPS_201-2_Facial_Image_CBEFF_Expires_before_CHUID/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/51_FIPS_201-2_Fingerprint_CBEFF_Expired/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/52_FIPS_201-2_Fingerprint_CBEFF_Expires_before_CHUID/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/53_FIPS_201-2_Large_Card_Auth_Cert/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/54_Golden_FIPS_201-2_NFI_PIV-I/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/55_FIPS_201-2_Missing_Security_Object/10 - Face Object"), + Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/56_FIPS_201-2_Signer_Expires/10 - Face Object") + ); + } +} diff --git a/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/CCCDataObjectTests.java b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/CCCDataObjectTests.java new file mode 100644 index 00000000..c8a695e2 --- /dev/null +++ b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/CCCDataObjectTests.java @@ -0,0 +1,176 @@ +package gov.gsa.pivconformance.cardlib.test; + +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.APDUUtils; +import gov.gsa.pivconformance.cardlib.card.client.CardCapabilityContainer; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObjectFactory; +import gov.gsa.pivconformance.cardlib.utils.OSUtils; + +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.TestReporter; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.Arguments; +import org.junit.jupiter.params.provider.MethodSource; + +import java.io.File; +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.util.stream.Stream; + +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.fail; +import static org.junit.jupiter.api.Assertions.assertTrue; + +public class CCCDataObjectTests { + private static String resDir = null; + static { + resDir = new CCCDataObjectTests().getClass().getResource("").getPath(); + System.out.println("Looking in: " + resDir); + } + + @DisplayName("Test CCC object parsing") + @ParameterizedTest(name = "{index} => oid = {0}, file = {1}") + @MethodSource("dataObjectTestProvider") + void dataObjectTest(String oid, String file, TestReporter reporter) { + assertNotNull(oid); + assertNotNull(file); + Path filePath = Paths.get(resDir + File.separator + file); + + byte[] fileData = null; + try { + fileData = Files.readAllBytes(filePath); + } catch (IOException e) { + fail(e); + } + PIVDataObject o = PIVDataObjectFactory.createDataObjectForOid(oid); + assertNotNull(o); + reporter.publishEntry(oid, o.getClass().getSimpleName()); + + + byte[] data = APDUUtils.getTLV(APDUConstants.DATA, fileData); + + o.setOID(oid); + o.setBytes(data); + boolean decoded = o.decode(); + assert(decoded); + + assertNotNull(((CardCapabilityContainer) o).getCardIdentifier()); + assertNotNull(((CardCapabilityContainer) o).getCapabilityContainerVersionNumber()); + assertNotNull(((CardCapabilityContainer) o).getCapabilityGrammarVersionNumber()); + + assertNotNull(((CardCapabilityContainer) o).getRegisteredDataModelNumber()); + assertNotNull(((CardCapabilityContainer) o).getAccessControlRuleTable()); + + + assertTrue(((CardCapabilityContainer) o).getCardAPDUs()); + + assertTrue(((CardCapabilityContainer) o).getRedirectionTag()); + assertTrue(((CardCapabilityContainer) o).getCapabilityTuples()); + assertTrue(((CardCapabilityContainer) o).getStatusTuples()); + assertTrue(((CardCapabilityContainer) o).getNextCCC()); + + assertTrue(((CardCapabilityContainer) o).getErrorDetectionCode()); + } + + private static Stream dataObjectTestProvider() { + return Stream.of( + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/01_Golden_PIV/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/02_Golden_PIV-I/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/03_SKID_Mismatch/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/04_Tampered_CHUID/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/05_Tampered_Certificates/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/06_Tampered_PHOTO/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/07_Tampered_Fingerprints/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/08_Tampered_Security_Object/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/09_Expired_CHUID_Signer/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/10_Expired_Cert_Signer/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/11_Certs_Expire_after_CHUID/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/12_Certs_not_yet_valid/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/13_Certs_are_expired/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/14_Expired_CHUID/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/15_CHUID_FASCN_mismatch/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/16_Card_Authentication_FASCN_mismatch/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/17_PHOTO_FASCN_mismatch/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/18_Fingerprints_FASCN_mismatch/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/19_CHUID_UUID_mismatch/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/20_Card_Authent_UUID_mismatch/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/21_PHOTO_UUID_mismatch/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/22_Fingerprints_UUID_mismatch/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/23_Public_Private_Key_mismatch/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/24_Revoked_Certificates/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/25_Disco_Object_Not_Present/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/26_Disco_Object_Present_App_PIN_Only/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/27_Disco_Object_Present_App_PIN_Primary/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/28_Disco_Object_Present_Global_PIN_Primary/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/37_Golden_FIPS_201-2_PIV_PPS_F=512_D=64/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/38_Bad_Hash_in_Sec_Object/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/39_Golden_FIPS_201-2_Fed_PIV-I/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/41_Re-keyed_Card/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/42_OCSP_Expired/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/43_OCSP_revoked_w_nocheck/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/44_OCSP_revoked_wo_nocheck/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/45_OCSP_Invalid_Signature/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/47_Golden_FIPS_201-2_PIV_SAN_Order/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/48_T=0_with_Non-Zero_PPS_LEN_Value/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/49_FIPS_201-2_Facial_Image_CBEFF_Expired/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/50_FIPS_201-2_Facial_Image_CBEFF_Expires_before_CHUID/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/51_FIPS_201-2_Fingerprint_CBEFF_Expired/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/52_FIPS_201-2_Fingerprint_CBEFF_Expires_before_CHUID/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/53_FIPS_201-2_Large_Card_Auth_Cert/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/54_Golden_FIPS_201-2_NFI_PIV-I/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/55_FIPS_201-2_Missing_Security_Object/7 - CCC"), + Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/56_FIPS_201-2_Signer_Expires/7 - CCC") + ); + } +} diff --git a/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/CHUIDDataObjectTests.java b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/CHUIDDataObjectTests.java new file mode 100644 index 00000000..0cc0ae19 --- /dev/null +++ b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/CHUIDDataObjectTests.java @@ -0,0 +1,169 @@ +package gov.gsa.pivconformance.cardlib.test; + +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.APDUUtils; +import gov.gsa.pivconformance.cardlib.card.client.CardHolderUniqueIdentifier; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObjectFactory; +import gov.gsa.pivconformance.cardlib.card.client.SignedPIVDataObject; +import gov.gsa.pivconformance.cardlib.utils.OSUtils; + +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.TestReporter; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.Arguments; +import org.junit.jupiter.params.provider.MethodSource; + +import java.io.File; +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.util.stream.Stream; + +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertTrue; +import static org.junit.jupiter.api.Assertions.fail; + +public class CHUIDDataObjectTests { + private static String resDir = null; + static { + resDir = new CHUIDDataObjectTests().getClass().getResource("").getPath(); + System.out.println("Looking in: " + resDir); + } + + @DisplayName("Test CHUID Data Object parsing") + @ParameterizedTest(name = "{index} => oid = {0}, file = {1}") + @MethodSource("dataObjectTestProvider") + void dataObjectTest(String oid, String file, TestReporter reporter) { + assertNotNull(oid); + assertNotNull(file); + Path filePath = Paths.get(resDir + File.separator + file); + byte[] fileData = null; + try { + fileData = Files.readAllBytes(filePath); + } catch (IOException e) { + fail(e); + } + PIVDataObject o = PIVDataObjectFactory.createDataObjectForOid(oid); + assertNotNull(o); + reporter.publishEntry(oid, o.getClass().getSimpleName()); + + byte[] data = APDUUtils.getTLV(APDUConstants.DATA, fileData); + + o.setOID(oid); + o.setBytes(data); + boolean decoded = o.decode(); + assert(decoded); + + assertNotNull(((CardHolderUniqueIdentifier) o).getfASCN()); + assertNotNull(((CardHolderUniqueIdentifier) o).getgUID()); + assertNotNull(((CardHolderUniqueIdentifier) o).getExpirationDate()); + + assertNotNull(((SignedPIVDataObject) o).getAsymmetricSignature()); + + ((SignedPIVDataObject) o).verifySignature(); + assertNotNull(((SignedPIVDataObject) o).getSignerCert()); + + assertTrue(((CardHolderUniqueIdentifier) o).getErrorDetectionCode()); + } + + private static Stream dataObjectTestProvider() { + return Stream.of( + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/01_Golden_PIV/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/02_Golden_PIV-I/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/03_SKID_Mismatch/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/04_Tampered_CHUID/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/05_Tampered_Certificates/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/06_Tampered_PHOTO/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/07_Tampered_Fingerprints/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/08_Tampered_Security_Object/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/09_Expired_CHUID_Signer/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/10_Expired_Cert_Signer/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/11_Certs_Expire_after_CHUID/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/12_Certs_not_yet_valid/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/13_Certs_are_expired/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/14_Expired_CHUID/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/15_CHUID_FASCN_mismatch/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/16_Card_Authentication_FASCN_mismatch/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/17_PHOTO_FASCN_mismatch/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/18_Fingerprints_FASCN_mismatch/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/19_CHUID_UUID_mismatch/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/20_Card_Authent_UUID_mismatch/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/21_PHOTO_UUID_mismatch/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/22_Fingerprints_UUID_mismatch/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/23_Public_Private_Key_mismatch/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/24_Revoked_Certificates/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/25_Disco_Object_Not_Present/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/26_Disco_Object_Present_App_PIN_Only/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/27_Disco_Object_Present_App_PIN_Primary/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/28_Disco_Object_Present_Global_PIN_Primary/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/37_Golden_FIPS_201-2_PIV_PPS_F=512_D=64/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/38_Bad_Hash_in_Sec_Object/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/39_Golden_FIPS_201-2_Fed_PIV-I/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/41_Re-keyed_Card/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/42_OCSP_Expired/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/43_OCSP_revoked_w_nocheck/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/44_OCSP_revoked_wo_nocheck/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/45_OCSP_Invalid_Signature/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/47_Golden_FIPS_201-2_PIV_SAN_Order/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/48_T=0_with_Non-Zero_PPS_LEN_Value/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/49_FIPS_201-2_Facial_Image_CBEFF_Expired/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/50_FIPS_201-2_Facial_Image_CBEFF_Expires_before_CHUID/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/51_FIPS_201-2_Fingerprint_CBEFF_Expired/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/52_FIPS_201-2_Fingerprint_CBEFF_Expires_before_CHUID/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/53_FIPS_201-2_Large_Card_Auth_Cert/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/54_Golden_FIPS_201-2_NFI_PIV-I/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/55_FIPS_201-2_Missing_Security_Object/8 - CHUID Object"), + Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/56_FIPS_201-2_Signer_Expires/8 - CHUID Object") + ); + } +} diff --git a/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/DODataObjectTests.java b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/DODataObjectTests.java new file mode 100644 index 00000000..42bf497b --- /dev/null +++ b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/DODataObjectTests.java @@ -0,0 +1,154 @@ +package gov.gsa.pivconformance.cardlib.test; + +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.DiscoveryObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObjectFactory; +import gov.gsa.pivconformance.cardlib.utils.OSUtils; + +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.TestReporter; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.Arguments; +import org.junit.jupiter.params.provider.MethodSource; + +import java.io.File; +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.util.stream.Stream; + +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.fail; + +public class DODataObjectTests { + private static String resDir = null; + static { + resDir = new DODataObjectTests().getClass().getResource("").getPath(); + System.out.println("Looking in: " + resDir); + } + + @DisplayName("Test discovery object parsing") + @ParameterizedTest(name = "{index} => oid = {0}, file = {1}") + @MethodSource("dataObjectTestProvider") + void dataObjectTest(String oid, String file, TestReporter reporter) { + assertNotNull(oid); + assertNotNull(file); + Path filePath = Paths.get(resDir + File.separator + file); + byte[] fileData = null; + try { + fileData = Files.readAllBytes(filePath); + } catch (IOException e) { + fail(e); + } + PIVDataObject o = PIVDataObjectFactory.createDataObjectForOid(oid); + assertNotNull(o); + reporter.publishEntry(oid, o.getClass().getSimpleName()); + o.setOID(oid); + o.setBytes(fileData); + boolean decoded = o.decode(); + assert(decoded); + + assertNotNull(((DiscoveryObject) o).getSignedContent()); + } + + private static Stream dataObjectTestProvider() { + return Stream.of( + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/01_Golden_PIV/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/02_Golden_PIV-I/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/03_SKID_Mismatch/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/04_Tampered_CHUID/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/05_Tampered_Certificates/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/06_Tampered_PHOTO/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/07_Tampered_Fingerprints/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/08_Tampered_Security_Object/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/09_Expired_CHUID_Signer/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/10_Expired_Cert_Signer/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/11_Certs_Expire_after_CHUID/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/12_Certs_not_yet_valid/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/13_Certs_are_expired/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/14_Expired_CHUID/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/15_CHUID_FASCN_mismatch/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/16_Card_Authentication_FASCN_mismatch/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/17_PHOTO_FASCN_mismatch/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/18_Fingerprints_FASCN_mismatch/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/19_CHUID_UUID_mismatch/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/20_Card_Authent_UUID_mismatch/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/21_PHOTO_UUID_mismatch/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/22_Fingerprints_UUID_mismatch/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/23_Public_Private_Key_mismatch/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/24_Revoked_Certificates/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/25_Disco_Object_Not_Present/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/26_Disco_Object_Present_App_PIN_Only/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/27_Disco_Object_Present_App_PIN_Primary/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/28_Disco_Object_Present_Global_PIN_Primary/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/37_Golden_FIPS_201-2_PIV_PPS_F=512_D=64/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/38_Bad_Hash_in_Sec_Object/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/39_Golden_FIPS_201-2_Fed_PIV-I/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/41_Re-keyed_Card/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/42_OCSP_Expired/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/43_OCSP_revoked_w_nocheck/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/44_OCSP_revoked_wo_nocheck/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/45_OCSP_Invalid_Signature/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/47_Golden_FIPS_201-2_PIV_SAN_Order/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/48_T=0_with_Non-Zero_PPS_LEN_Value/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/49_FIPS_201-2_Facial_Image_CBEFF_Expired/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/50_FIPS_201-2_Facial_Image_CBEFF_Expires_before_CHUID/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/51_FIPS_201-2_Fingerprint_CBEFF_Expired/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/52_FIPS_201-2_Fingerprint_CBEFF_Expires_before_CHUID/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/53_FIPS_201-2_Large_Card_Auth_Cert/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/54_Golden_FIPS_201-2_NFI_PIV-I/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/55_FIPS_201-2_Missing_Security_Object/1 - Discovery Object"), + Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/56_FIPS_201-2_Signer_Expires/1 - Discovery Object") + ); + } +} diff --git a/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PIVConnectTests.java b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PIVConnectTests.java new file mode 100644 index 00000000..d792de2f --- /dev/null +++ b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PIVConnectTests.java @@ -0,0 +1,79 @@ +package gov.gsa.pivconformance.cardlib.test; + +import gov.gsa.pivconformance.cardlib.card.client.ApplicationAID; +import gov.gsa.pivconformance.cardlib.card.client.ApplicationProperties; +import gov.gsa.pivconformance.cardlib.card.client.CardHandle; +import gov.gsa.pivconformance.cardlib.card.client.ConnectionDescription; +import gov.gsa.pivconformance.cardlib.card.client.DefaultPIVApplication; +import gov.gsa.pivconformance.cardlib.card.client.MiddlewareStatus; +import gov.gsa.pivconformance.cardlib.card.client.PIVMiddleware; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.TestReporter; + +import javax.smartcardio.CardException; +import javax.smartcardio.CardTerminal; +import javax.smartcardio.TerminalFactory; +import java.util.List; + +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.fail; + +public class PIVConnectTests { + List terminals = null; + @BeforeEach + void init() { + TerminalFactory tf = TerminalFactory.getDefault(); + try { + terminals = tf.terminals().list(); + } catch (CardException e) { + fail("Unable to list readers"); + } + } + + @Test @DisplayName("Ensure readers") + void testReaderList() { + assert(terminals.size() > 0); + } + + @Test @DisplayName("Test reader descriptor") + void testConnectionDescription() { + ConnectionDescription cd = ConnectionDescription.createFromTerminal(terminals.get(0)); + assert(cd != null); + byte[] cdbytes = cd.getBytes(); + assert(cdbytes.length > 1); + } + + @Test @DisplayName("Test connection") + void testConnection() { + ConnectionDescription cd = ConnectionDescription.createFromTerminal(terminals.get(0)); + try { + assert (terminals.get(0).isCardPresent()); + }catch(CardException ce) { + fail(ce); + } + CardHandle ch = new CardHandle(); + MiddlewareStatus result = PIVMiddleware.pivConnect(true, cd, ch); + assert(result == MiddlewareStatus.PIV_OK); + } + + @Test @DisplayName("Test app selection") + void testSelect(TestReporter reporter) { + ConnectionDescription cd = ConnectionDescription.createFromTerminal(terminals.get(0)); + try { + assert (terminals.get(0).isCardPresent()); + }catch(CardException ce) { + fail(ce); + } + CardHandle ch = new CardHandle(); + MiddlewareStatus result = PIVMiddleware.pivConnect(true, cd, ch); + assertEquals(result, MiddlewareStatus.PIV_OK); + reporter.publishEntry("Reader", cd.getTerminal().getName()); + DefaultPIVApplication piv = new DefaultPIVApplication(); + ApplicationAID aid = new ApplicationAID(); + ApplicationProperties cardAppProperties = new ApplicationProperties(); + result = piv.pivSelectCardApplication(ch, aid, cardAppProperties); + assertEquals(MiddlewareStatus.PIV_OK, result); + } +} diff --git a/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PIVGeneralAuthenticateTests.java b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PIVGeneralAuthenticateTests.java new file mode 100644 index 00000000..c8262214 --- /dev/null +++ b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PIVGeneralAuthenticateTests.java @@ -0,0 +1,69 @@ +package gov.gsa.pivconformance.cardlib.test; + +import java.util.List; + +import javax.smartcardio.CardException; +import javax.smartcardio.CardTerminal; +import javax.smartcardio.TerminalFactory; + +import gov.gsa.pivconformance.cardlib.card.client.CardHandle; +import gov.gsa.pivconformance.cardlib.utils.PCSCUtils; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.TestReporter; + +import gov.gsa.pivconformance.cardlib.card.client.ApplicationAID; +import gov.gsa.pivconformance.cardlib.card.client.ApplicationProperties; +import gov.gsa.pivconformance.cardlib.card.client.ConnectionDescription; +import gov.gsa.pivconformance.cardlib.card.client.DefaultPIVApplication; +import gov.gsa.pivconformance.cardlib.card.client.MiddlewareStatus; +import gov.gsa.pivconformance.cardlib.card.client.PIVAuthenticators; +import gov.gsa.pivconformance.cardlib.card.client.PIVMiddleware; + +import static org.junit.jupiter.api.Assertions.*; + +public class PIVGeneralAuthenticateTests { + + List terminals = null; + DefaultPIVApplication piv = null; + CardHandle currentCardHandle = null; + ConnectionDescription currentConnection = null; + + //@BeforeEach + void init() { + PCSCUtils.ConfigureUserProperties(); + TerminalFactory tf = TerminalFactory.getDefault(); + try { + terminals = tf.terminals().list(); + for(CardTerminal t: terminals) { + if(t.isCardPresent()) { + currentConnection = ConnectionDescription.createFromTerminal(t); + break; + } + } + if(currentConnection == null || !currentConnection.getTerminal().isCardPresent()) { + fail("Unable to find a reader with a card present"); + } + currentCardHandle = new CardHandle(); + MiddlewareStatus result = PIVMiddleware.pivConnect(true, currentConnection, currentCardHandle); + assert(result == MiddlewareStatus.PIV_OK); + piv = new DefaultPIVApplication(); + ApplicationAID aid = new ApplicationAID(); + ApplicationProperties cardAppProperties = new ApplicationProperties(); + result = piv.pivSelectCardApplication(currentCardHandle, aid, cardAppProperties); + assertEquals(MiddlewareStatus.PIV_OK, result); + PIVAuthenticators authenticators = new PIVAuthenticators(); + authenticators.addApplicationPin("123456"); + result = piv.pivLogIntoCardApplication(currentCardHandle, authenticators.getBytes()); + assertEquals(MiddlewareStatus.PIV_OK, result); + } catch (CardException e) { + fail("Unable to establish PIV connection"); + } + } + + @Test @DisplayName("Test GENERAL AUTHENTICATE") + void testGeneralAuthenticate(TestReporter reporter) { + assertNull(null); + } +} diff --git a/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PIVGetDataTests.java b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PIVGetDataTests.java new file mode 100644 index 00000000..1423f644 --- /dev/null +++ b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PIVGetDataTests.java @@ -0,0 +1,129 @@ +package gov.gsa.pivconformance.cardlib.test; + +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.ApplicationAID; +import gov.gsa.pivconformance.cardlib.card.client.ApplicationProperties; +import gov.gsa.pivconformance.cardlib.card.client.CardHandle; +import gov.gsa.pivconformance.cardlib.card.client.ConnectionDescription; +import gov.gsa.pivconformance.cardlib.card.client.DefaultPIVApplication; +import gov.gsa.pivconformance.cardlib.card.client.MiddlewareStatus; +import gov.gsa.pivconformance.cardlib.card.client.PIVAuthenticators; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObjectFactory; +import gov.gsa.pivconformance.cardlib.card.client.PIVMiddleware; +import gov.gsa.pivconformance.cardlib.utils.PCSCUtils; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.TestReporter; + +import javax.smartcardio.CardException; +import javax.smartcardio.CardTerminal; +import javax.smartcardio.TerminalFactory; +import java.util.List; + +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.fail; + +public class PIVGetDataTests { + List terminals = null; + DefaultPIVApplication piv = null; + @BeforeEach + void init() { + PCSCUtils.ConfigureUserProperties(); + TerminalFactory tf = TerminalFactory.getDefault(); + try { + terminals = tf.terminals().list(); + } catch (CardException e) { + fail("Unable to list readers"); + } + } + + @Test @DisplayName("Ensure readers") + void testReaderList() { + assert(terminals.size() > 0); + } + + @Test @DisplayName("Test connection") + void testConnection() { + ConnectionDescription cd = ConnectionDescription.createFromTerminal(terminals.get(0)); + try { + assert (terminals.get(0).isCardPresent()); + }catch(CardException ce) { + fail(ce); + } + CardHandle ch = new CardHandle(); + MiddlewareStatus result = PIVMiddleware.pivConnect(true, cd, ch); + assert(result == MiddlewareStatus.PIV_OK); + } + + @Test @DisplayName("Test app selection") + void testSelect(TestReporter reporter) { + ConnectionDescription cd = ConnectionDescription.createFromTerminal(terminals.get(0)); + try { + assert (terminals.get(0).isCardPresent()); + }catch(CardException ce) { + fail(ce); + } + CardHandle ch = new CardHandle(); + MiddlewareStatus result = PIVMiddleware.pivConnect(true, cd, ch); + assertEquals(result, MiddlewareStatus.PIV_OK); + reporter.publishEntry("Reader", cd.getTerminal().getName()); + piv = new DefaultPIVApplication(); + ApplicationAID aid = new ApplicationAID(); + ApplicationProperties cardAppProperties = new ApplicationProperties(); + result = piv.pivSelectCardApplication(ch, aid, cardAppProperties); + assertEquals(MiddlewareStatus.PIV_OK, result); + } + + @Test @DisplayName("Test authentication") + void testAuth(TestReporter reporter) { + ConnectionDescription cd = ConnectionDescription.createFromTerminal(terminals.get(0)); + try { + assert (terminals.get(0).isCardPresent()); + }catch(CardException ce) { + fail(ce); + } + CardHandle ch = new CardHandle(); + MiddlewareStatus result = PIVMiddleware.pivConnect(true, cd, ch); + assertEquals(result, MiddlewareStatus.PIV_OK); + piv = new DefaultPIVApplication(); + ApplicationAID aid = new ApplicationAID(); + ApplicationProperties cardAppProperties = new ApplicationProperties(); + result = piv.pivSelectCardApplication(ch, aid, cardAppProperties); + assertEquals(MiddlewareStatus.PIV_OK, result); + PIVAuthenticators authenticators = new PIVAuthenticators(); + authenticators.addApplicationPin("123456"); + result = piv.pivLogIntoCardApplication(ch, authenticators.getBytes()); + assertEquals(MiddlewareStatus.PIV_OK, result); + } + + @Test @DisplayName("Test pivGetData") + void testPIVGetData(TestReporter reporter) { + ConnectionDescription cd = ConnectionDescription.createFromTerminal(terminals.get(0)); + try { + assert (terminals.get(0).isCardPresent()); + }catch(CardException ce) { + fail(ce); + } + CardHandle ch = new CardHandle(); + MiddlewareStatus result = PIVMiddleware.pivConnect(true, cd, ch); + assertEquals(result, MiddlewareStatus.PIV_OK); + piv = new DefaultPIVApplication(); + ApplicationAID aid = new ApplicationAID(); + ApplicationProperties cardAppProperties = new ApplicationProperties(); + result = piv.pivSelectCardApplication(ch, aid, cardAppProperties); + assertEquals(MiddlewareStatus.PIV_OK, result); + PIVAuthenticators authenticators = new PIVAuthenticators(); + authenticators.addApplicationPin("123456"); + result = piv.pivLogIntoCardApplication(ch, authenticators.getBytes()); + assertEquals(MiddlewareStatus.PIV_OK, result); + + for(String containerOID : APDUConstants.MandatoryContainers()) { + PIVDataObject dataObject = PIVDataObjectFactory.createDataObjectForOid(containerOID); + + result = piv.pivGetData(ch, containerOID, dataObject); + assertEquals(MiddlewareStatus.PIV_OK, result); + } + } +} diff --git a/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PIVMiddlewareTests.java b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PIVMiddlewareTests.java new file mode 100644 index 00000000..954b3472 --- /dev/null +++ b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PIVMiddlewareTests.java @@ -0,0 +1,32 @@ +package gov.gsa.pivconformance.cardlib.test; + +import gov.gsa.pivconformance.cardlib.card.client.MiddlewareStatus; +import gov.gsa.pivconformance.cardlib.card.client.PIVMiddleware; +import gov.gsa.pivconformance.cardlib.card.client.PIVMiddlewareVersion; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.TestReporter; + +import static org.junit.jupiter.api.Assertions.assertEquals; + +public class PIVMiddlewareTests { + @Test + @DisplayName("PIV Middleware version status") + void pivMiddlewareVersionStatusTest() { + PIVMiddlewareVersion v = new PIVMiddlewareVersion(); + MiddlewareStatus status = PIVMiddleware.pivMiddlewareVersion(v); + assertEquals(status, MiddlewareStatus.PIV_OK); + } + + @Test + @DisplayName("Check middleware version") + void pivMiddlewareVersionTest(TestReporter reporter) { + PIVMiddlewareVersion v = new PIVMiddlewareVersion(); + MiddlewareStatus status = PIVMiddleware.pivMiddlewareVersion(v); + assertEquals(status, MiddlewareStatus.PIV_OK); + assertEquals(v.getVersion(), "800-73-4 Client API"); + reporter.publishEntry("Version", v.getVersion()); + } + + +} diff --git a/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PIVSignatureVerificationTests.java b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PIVSignatureVerificationTests.java new file mode 100644 index 00000000..326b0406 --- /dev/null +++ b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PIVSignatureVerificationTests.java @@ -0,0 +1,121 @@ +package gov.gsa.pivconformance.cardlib.test; + +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.ApplicationAID; +import gov.gsa.pivconformance.cardlib.card.client.ApplicationProperties; +import gov.gsa.pivconformance.cardlib.card.client.CardHandle; +import gov.gsa.pivconformance.cardlib.card.client.CardHolderUniqueIdentifier; +import gov.gsa.pivconformance.cardlib.card.client.ConnectionDescription; +import gov.gsa.pivconformance.cardlib.card.client.DefaultPIVApplication; +import gov.gsa.pivconformance.cardlib.card.client.MiddlewareStatus; +import gov.gsa.pivconformance.cardlib.card.client.PIVAuthenticators; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObjectFactory; +import gov.gsa.pivconformance.cardlib.card.client.PIVMiddleware; +import gov.gsa.pivconformance.cardlib.card.client.SignedPIVDataObject; +import gov.gsa.pivconformance.cardlib.utils.PCSCUtils; +import org.bouncycastle.cms.CMSSignedData; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.TestReporter; + +import javax.smartcardio.CardException; +import javax.smartcardio.CardTerminal; +import javax.smartcardio.TerminalFactory; +import java.security.cert.X509Certificate; +import java.util.List; + +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.fail; + +public class PIVSignatureVerificationTests { + List terminals = null; + DefaultPIVApplication piv = null; + @BeforeEach + void init() { + PCSCUtils.ConfigureUserProperties(); + TerminalFactory tf = TerminalFactory.getDefault(); + try { + terminals = tf.terminals().list(); + } catch (CardException e) { + fail("Unable to list readers"); + } + } + + @Test @DisplayName("Ensure readers") + void testReaderList() { + assert(terminals.size() > 0); + } + + + @Test @DisplayName("Test signature verfication") + void testPIVGetData(TestReporter reporter) { + X509Certificate signingCertificate = null; + ConnectionDescription cd = ConnectionDescription.createFromTerminal(terminals.get(0)); + try { + assert (terminals.get(0).isCardPresent()); + }catch(CardException ce) { + fail(ce); + } + CardHandle ch = new CardHandle(); + MiddlewareStatus result = PIVMiddleware.pivConnect(true, cd, ch); + assertEquals(result, MiddlewareStatus.PIV_OK); + piv = new DefaultPIVApplication(); + ApplicationAID aid = new ApplicationAID(); + ApplicationProperties cardAppProperties = new ApplicationProperties(); + result = piv.pivSelectCardApplication(ch, aid, cardAppProperties); + assertEquals(MiddlewareStatus.PIV_OK, result); + PIVAuthenticators authenticators = new PIVAuthenticators(); + authenticators.addApplicationPin("123456"); + result = piv.pivLogIntoCardApplication(ch, authenticators.getBytes()); + assertEquals(MiddlewareStatus.PIV_OK, result); + + for(String containerOID : APDUConstants.MandatoryContainers()) { + PIVDataObject dataObject = PIVDataObjectFactory.createDataObjectForOid(containerOID); + + result = piv.pivGetData(ch, containerOID, dataObject); + assertEquals(MiddlewareStatus.PIV_OK, result); + + boolean decoded = dataObject.decode(); + assertEquals(true, decoded); + + if (containerOID.equals(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID)) { + signingCertificate = ((SignedPIVDataObject) dataObject).getChuidSignerCert(); + CMSSignedData sd = ((CardHolderUniqueIdentifier) dataObject).getAsymmetricSignature(); + assertNotNull(sd); + boolean rv = ((CardHolderUniqueIdentifier) dataObject).verifySignature(); + assertEquals(true, rv); + + signingCertificate = ((SignedPIVDataObject) dataObject).getChuidSignerCert(); + + assertNotNull(signingCertificate); + } + + if (containerOID.equals(APDUConstants.CARDHOLDER_FINGERPRINTS_OID)) { + signingCertificate = ((SignedPIVDataObject) dataObject).getSignerCert(); + if(signingCertificate != null) { + boolean rv = ((SignedPIVDataObject) dataObject).verifySignature(); + assertEquals(true, rv); + } + } + + if (containerOID.equals(APDUConstants.SECURITY_OBJECT_OID)) { + signingCertificate = ((SignedPIVDataObject) dataObject).getSignerCert(); + if(signingCertificate != null) { + boolean rv = ((SignedPIVDataObject) dataObject).verifySignature(); + assertEquals(true, rv); + } + } + + if (containerOID.equals(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID)) { + signingCertificate = ((SignedPIVDataObject) dataObject).getSignerCert(); + if(signingCertificate != null) { + boolean rv = ((SignedPIVDataObject) dataObject).verifySignature(); + assertEquals(true, rv); + } + } + } + } +} diff --git a/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PrintedInformationDataObjectTests.java b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PrintedInformationDataObjectTests.java new file mode 100644 index 00000000..e72dd426 --- /dev/null +++ b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/PrintedInformationDataObjectTests.java @@ -0,0 +1,123 @@ +package gov.gsa.pivconformance.cardlib.test; + +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.APDUUtils; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObjectFactory; +import gov.gsa.pivconformance.cardlib.card.client.PrintedInformation; +import gov.gsa.pivconformance.cardlib.utils.OSUtils; + +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.TestReporter; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.Arguments; +import org.junit.jupiter.params.provider.MethodSource; + +import java.io.File; +import java.io.IOException; +import java.net.URL; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.util.stream.Stream; + +import static org.junit.jupiter.api.Assertions.*; + +public class PrintedInformationDataObjectTests { + private static String resDir = null; + static { + resDir = new PrintedInformationDataObjectTests().getClass().getResource("").getPath(); + System.out.println("Looking in: " + resDir); + } + + @DisplayName("Test Printed Information Object Data Object parsing") + @ParameterizedTest(name = "{index} => oid = {0}, file = {1}") + @MethodSource("dataObjectTestProvider") + + void dataObjectTest(String oid, String file, TestReporter reporter) { + assertNotNull(oid); + assertNotNull(file); + Path filePath = Paths.get(resDir + File.separator + file); + System.out.println("Looking for " + filePath); + byte[] fileData = null; + try { + fileData = Files.readAllBytes(filePath); + } catch (IOException e) { + fail(e); + } + PIVDataObject o = PIVDataObjectFactory.createDataObjectForOid(oid); + assertNotNull(o); + reporter.publishEntry(oid, o.getClass().getSimpleName()); + + byte[] data = APDUUtils.getTLV(APDUConstants.DATA, fileData); + + o.setOID(oid); + o.setBytes(data); + boolean decoded = o.decode(); + assert(decoded); + + assertNotNull(((PrintedInformation) o).getName()); + assertNotNull(((PrintedInformation) o).getEmployeeAffiliation()); + assertNotNull(((PrintedInformation) o).getExpirationDate()); + assertNotNull(((PrintedInformation) o).getAgencyCardSerialNumber()); + assertNotNull(((PrintedInformation) o).getIssuerIdentification()); + + assertNotSame(((PrintedInformation) o).getName(), ""); + assertNotSame(((PrintedInformation) o).getEmployeeAffiliation(), ""); + assertNotSame(((PrintedInformation) o).getExpirationDate(), ""); + assertNotSame(((PrintedInformation) o).getAgencyCardSerialNumber(), ""); + assertNotSame(((PrintedInformation) o).getIssuerIdentification(), ""); + assertTrue(((PrintedInformation) o).getErrorDetectionCode()); + } + + private static Stream dataObjectTestProvider() { + return Stream.of( + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/25_Disco_Object_Not_Present/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/26_Disco_Object_Present_App_PIN_Only/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/27_Disco_Object_Present_App_PIN_Primary/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/28_Disco_Object_Present_Global_PIN_Primary/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/37_Golden_FIPS_201-2_PIV_PPS_F=512_D=64/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/38_Bad_Hash_in_Sec_Object/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/39_Golden_FIPS_201-2_Fed_PIV-I/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/41_Re-keyed_Card/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/42_OCSP_Expired/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/43_OCSP_revoked_w_nocheck/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/44_OCSP_revoked_wo_nocheck/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/45_OCSP_Invalid_Signature/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/47_Golden_FIPS_201-2_PIV_SAN_Order/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/48_T=0_with_Non-Zero_PPS_LEN_Value/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/49_FIPS_201-2_Facial_Image_CBEFF_Expired/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/50_FIPS_201-2_Facial_Image_CBEFF_Expires_before_CHUID/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/51_FIPS_201-2_Fingerprint_CBEFF_Expired/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/52_FIPS_201-2_Fingerprint_CBEFF_Expires_before_CHUID/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/53_FIPS_201-2_Large_Card_Auth_Cert/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/54_Golden_FIPS_201-2_NFI_PIV-I/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/55_FIPS_201-2_Missing_Security_Object/11 - Printed Information"), + Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/56_FIPS_201-2_Signer_Expires/11 - Printed Information") + ); + } +} diff --git a/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/SecurityObjectDataObjectTests.java b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/SecurityObjectDataObjectTests.java new file mode 100644 index 00000000..dbb4950e --- /dev/null +++ b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/SecurityObjectDataObjectTests.java @@ -0,0 +1,165 @@ +package gov.gsa.pivconformance.cardlib.test; + +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.APDUUtils; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.SecurityObject; +import gov.gsa.pivconformance.cardlib.card.client.SignedPIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObjectFactory; +import gov.gsa.pivconformance.cardlib.utils.OSUtils; + +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.TestReporter; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.Arguments; +import org.junit.jupiter.params.provider.MethodSource; + +import java.io.File; +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.util.stream.Stream; + +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertTrue; +import static org.junit.jupiter.api.Assertions.fail; + +public class SecurityObjectDataObjectTests { + private static String resDir = null; + static { + resDir = new SecurityObjectDataObjectTests().getClass().getResource("").getPath(); + System.out.println("Looking in: " + resDir); + } + + @DisplayName("Test Security Object Data Object parsing") + @ParameterizedTest(name = "{index} => oid = {0}, file = {1}") + @MethodSource("dataObjectTestProvider") + void dataObjectTest(String oid, String file, TestReporter reporter) { + assertNotNull(oid); + assertNotNull(file); + Path filePath = Paths.get(resDir + File.separator + file); + byte[] fileData = null; + try { + fileData = Files.readAllBytes(filePath); + } catch (IOException e) { + fail(e); + } + PIVDataObject o = PIVDataObjectFactory.createDataObjectForOid(oid); + assertNotNull(o); + reporter.publishEntry(oid, o.getClass().getSimpleName()); + + APDUUtils.getTLV(APDUConstants.DATA, fileData); + + o.setOID(oid); + o.setBytes(fileData); + boolean decoded = o.decode(); + assert(decoded); + + assertNotNull(((SecurityObject) o).getMapping()); + assertNotNull(((SecurityObject) o).getContainerIDList()); + + assertNotNull(((SignedPIVDataObject) o).getAsymmetricSignature()); + assertTrue(((SecurityObject) o).getErrorDetectionCode()); + } + + private static Stream dataObjectTestProvider() { + return Stream.of( + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/01_Golden_PIV/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/02_Golden_PIV-I/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/03_SKID_Mismatch/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/04_Tampered_CHUID/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/05_Tampered_Certificates/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/06_Tampered_PHOTO/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/07_Tampered_Fingerprints/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/08_Tampered_Security_Object/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/09_Expired_CHUID_Signer/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/10_Expired_Cert_Signer/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/11_Certs_Expire_after_CHUID/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/12_Certs_not_yet_valid/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/13_Certs_are_expired/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/14_Expired_CHUID/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/15_CHUID_FASCN_mismatch/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/16_Card_Authentication_FASCN_mismatch/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/17_PHOTO_FASCN_mismatch/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/18_Fingerprints_FASCN_mismatch/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/19_CHUID_UUID_mismatch/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/20_Card_Authent_UUID_mismatch/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/21_PHOTO_UUID_mismatch/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/22_Fingerprints_UUID_mismatch/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/23_Public_Private_Key_mismatch/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/24_Revoked_Certificates/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/25_Disco_Object_Not_Present/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/26_Disco_Object_Present_App_PIN_Only/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/27_Disco_Object_Present_App_PIN_Primary/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/28_Disco_Object_Present_Global_PIN_Primary/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/37_Golden_FIPS_201-2_PIV_PPS_F=512_D=64/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/38_Bad_Hash_in_Sec_Object/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/39_Golden_FIPS_201-2_Fed_PIV-I/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/41_Re-keyed_Card/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/42_OCSP_Expired/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/43_OCSP_revoked_w_nocheck/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/44_OCSP_revoked_wo_nocheck/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/45_OCSP_Invalid_Signature/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/47_Golden_FIPS_201-2_PIV_SAN_Order/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/48_T=0_with_Non-Zero_PPS_LEN_Value/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/49_FIPS_201-2_Facial_Image_CBEFF_Expired/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/50_FIPS_201-2_Facial_Image_CBEFF_Expires_before_CHUID/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/51_FIPS_201-2_Fingerprint_CBEFF_Expired/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/52_FIPS_201-2_Fingerprint_CBEFF_Expires_before_CHUID/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/53_FIPS_201-2_Large_Card_Auth_Cert/2 - Security Object"), + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/54_Golden_FIPS_201-2_NFI_PIV-I/2 - Security Object"), +// Arguments.of(APDUConstants.SECURITY_OBJECT_OID, +// "gsa-icam-card-builder/cards/ICAM_Card_Objects/55_FIPS_201-2_Missing_Security_Object/2 - Security Object"), //No security Object present. + Arguments.of(APDUConstants.SECURITY_OBJECT_OID, + "gsa-icam-card-builder/cards/ICAM_Card_Objects/56_FIPS_201-2_Signer_Expires/2 - Security Object") + + ); + } +} diff --git a/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/X509DataObjectTests.java b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/X509DataObjectTests.java new file mode 100644 index 00000000..f3bcb489 --- /dev/null +++ b/cardlib/src/test/java/gov/gsa/pivconformance/cardlib/test/X509DataObjectTests.java @@ -0,0 +1,143 @@ +package gov.gsa.pivconformance.cardlib.test; + +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObjectFactory; +import gov.gsa.pivconformance.cardlib.utils.OSUtils; + +import org.bouncycastle.cert.X509CertificateHolder; +import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; +import org.bouncycastle.openssl.PEMParser; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.TestReporter; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.Arguments; +import org.junit.jupiter.params.provider.MethodSource; + +import java.io.File; +import java.io.IOException; +import java.io.StringReader; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.security.Provider; +import java.security.Security; +import java.security.cert.CertificateEncodingException; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import java.util.List; +import java.util.stream.Stream; + +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.fail; + +public class X509DataObjectTests { + private static String resDir = null; + static { + resDir = new X509DataObjectTests().getClass().getResource("").getPath(); + System.out.println("Looking in: " + resDir); + } + @DisplayName("Test X.509 Data Object parsing") + @ParameterizedTest(name = "{index} => oid = {0}, file = {1}") + @MethodSource("dataObjectTestProvider") + + void dataObjectTest(String oid, String file, TestReporter reporter) { + assertNotNull(oid); + assertNotNull(file); + Path filePath = Paths.get(resDir + File.separator + file); + List lines = null; + try { + + lines = Files.readAllLines(filePath); + // Convert to DER + StringBuffer sb = new StringBuffer(""); + for (String l : lines) { + sb.append(l + "\r\n"); + } + + StringReader sr = new StringReader(sb.toString()); + PIVDataObject o = PIVDataObjectFactory.createDataObjectForOid(oid); + assertNotNull(o); + reporter.publishEntry(oid, o.getClass().getSimpleName()); + + //XXX Unit tests will need to be updated files here are just cert files not card data objects. + + o.setOID(oid); + o.setBytes(convertPemFileToBytes(sr).getEncoded()); + boolean decoded = o.decode(); + assert(decoded); + } catch (IOException | CertificateEncodingException e) { + fail(e); + } + } + + /** + * Converts a PEM formatted String to a {@link X509Certificate} instance. + * + * @param pem PEM formatted String + * @return a X509Certificate instance + * @throws CertificateException + * @throws IOException + */ + public X509Certificate convertPemFileToBytes(StringReader pem) { + X509CertificateHolder certHolder = null; + X509Certificate cert = null; + @SuppressWarnings("resource") + PEMParser pp = new PEMParser(pem); + try { + certHolder = (X509CertificateHolder) pp.readObject(); + } catch (IOException e1) { + // TODO Auto-generated catch block + e1.printStackTrace(); + } + Provider provider = new org.bouncycastle.jce.provider.BouncyCastleProvider(); + Security.addProvider(provider); + + try { + cert = new JcaX509CertificateConverter().setProvider(provider).getCertificate(certHolder); + } catch (CertificateException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + return cert; + } + +/* + * CertificateFactory cFactory = CertificateFactory.getInstance("X.509"); X509Certificate cert = (X509Certificate) cFactory.generateCertificate(getInputStream(of_the_original_unmodified_certificate_file)); + */ + private static Stream dataObjectTestProvider() { + return Stream.of( + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/25_Disco_Object_Not_Present/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Missing_DO.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/26_Disco_Object_Present_App_PIN_Only/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_App_PIN_Only.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/27_Disco_Object_Present_App_PIN_Primary/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_App_PIN_Prim.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/28_Disco_Object_Present_Global_PIN_Primary/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Global_PIN_Prim.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/37_Golden_FIPS_201-2_PIV_PPS_F=512_D=64/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_PPS.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/38_Bad_Hash_in_Sec_Object/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Bad_SO_Hash.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/41_Re-keyed_Card/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Re-key.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/42_OCSP_Expired/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_OCSP_Expired.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/43_OCSP_revoked_w_nocheck/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_OCSP_Revoked_NOCHECK.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/44_OCSP_revoked_wo_nocheck/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_OCSP_Revoked_WO_NOCHECK.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/45_OCSP_Invalid_Signature/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_OCSP_Invalid_Signature.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV_ICI_8/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV_ICI_8/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_ICI_8.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV_ICI_9/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV_ICI_9/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_ICI_9.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/47_Golden_FIPS_201-2_PIV_SAN_Order/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_SAN_Order.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/48_T=0_with_Non-Zero_PPS_LEN_Value/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Non-Zero_PPS_LEN.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/49_FIPS_201-2_Facial_Image_CBEFF_Expired/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_FI_Expired.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/50_FIPS_201-2_Facial_Image_CBEFF_Expires_before_CHUID/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_FI_will_Expire.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/51_FIPS_201-2_Fingerprint_CBEFF_Expired/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_FP_Expired.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/52_FIPS_201-2_Fingerprint_CBEFF_Expires_before_CHUID/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_FP_will_Expire.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/53_FIPS_201-2_Large_Card_Auth_Cert/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Large_Cert.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/55_FIPS_201-2_Missing_Security_Object/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Missing_SO.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/56_FIPS_201-2_Signer_Expires/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Signer_Expires.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/57_Revoked_CHUID_Cert/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/57_Revoked_CHUID_Cert/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Revoked_CHUID_Cert.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/58_Revoked_Card_Auth_Cert/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Revoked_Card_Auth_Cert.crt"), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "gsa-icam-card-builder/cards/ICAM_Card_Objects/59_Valid_CBEFF_for_Card_51/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_FP_Expired.crt") + + ); + + } +} diff --git a/cardlib/src/test/java/gov/gsa/pivconformancetest/BiometricDataObjectTests.java b/cardlib/src/test/java/gov/gsa/pivconformancetest/BiometricDataObjectTests.java deleted file mode 100644 index 723a0648..00000000 --- a/cardlib/src/test/java/gov/gsa/pivconformancetest/BiometricDataObjectTests.java +++ /dev/null @@ -1,251 +0,0 @@ -package gov.gsa.pivconformancetest; - -import gov.gsa.pivconformance.card.client.*; -import gov.gsa.pivconformance.utils.OSUtils; - -import org.junit.jupiter.api.DisplayName; -import org.junit.jupiter.api.TestReporter; -import org.junit.jupiter.params.ParameterizedTest; -import org.junit.jupiter.params.provider.Arguments; -import org.junit.jupiter.params.provider.MethodSource; - -import java.io.IOException; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.util.stream.Stream; - -import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.fail; -import static org.junit.jupiter.api.Assertions.assertNotSame; -import static org.junit.jupiter.api.Assertions.assertTrue; - -public class BiometricDataObjectTests { - @DisplayName("Test Biometric Data Object parsing") - @ParameterizedTest(name = "{index} => oid = {0}, file = {1}") - @MethodSource("dataObjectTestProvider") - void dataObjectTest(String oid, String file, TestReporter reporter) { - assertNotNull(oid); - assertNotNull(file); - Path filePath = Paths.get(OSUtils.getTempDir(), file); - byte[] fileData = null; - try { - fileData = Files.readAllBytes(filePath); - } catch (IOException e) { - fail(e); - } - PIVDataObject o = PIVDataObjectFactory.createDataObjectForOid(oid); - assertNotNull(o); - reporter.publishEntry(oid, o.getClass().getSimpleName()); - - byte[] data = APDUUtils.getTLV(APDUConstants.DATA, fileData); - - o.setOID(oid); - o.setBytes(data); - boolean decoded = o.decode(); - assert (decoded == true); - - assertNotNull(((CardHolderBiometricData) o).getBiometricCreationDate()); - assertNotNull(((CardHolderBiometricData) o).getValidityPeriodFrom()); - assertNotNull(((CardHolderBiometricData) o).getValidityPeriodTo()); - - assertNotSame(((CardHolderBiometricData) o).getBiometricCreationDate(), ""); - assertNotSame(((CardHolderBiometricData) o).getValidityPeriodFrom(), ""); - assertNotSame(((CardHolderBiometricData) o).getValidityPeriodTo(), ""); - - assertNotNull(((SignedPIVDataObject) o).getAsymmetricSignature()); - - assertTrue(((CardHolderBiometricData) o).getErrorDetectionCode()); - - } - - private static Stream dataObjectTestProvider() { - return Stream.of( - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/01_Golden_PIV/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/02_Golden_PIV-I/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/03_SKID_Mismatch/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/04_Tampered_CHUID/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/05_Tampered_Certificates/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/06_Tampered_PHOTO/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/07_Tampered_Fingerprints/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/08_Tampered_Security_Object/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/09_Expired_CHUID_Signer/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/10_Expired_Cert_Signer/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/11_Certs_Expire_after_CHUID/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/12_Certs_not_yet_valid/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/13_Certs_are_expired/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/14_Expired_CHUID/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/15_CHUID_FASCN_mismatch/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/16_Card_Auth_FASCN_mismatch/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/17_PHOTO_FASCN_mismatch/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/18_Fingerprints_FASCN_mismatch/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/19_CHUID_UUID_mismatch/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/20_Card_Auth_UUID_mismatch/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/21_PHOTO_UUID_mismatch/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/22_Fingerprints_UUID_mismatch/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/23_Public_Private_Key_mismatch/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/24_Revoked_Certificates/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/25_Disco_Object_Not_Present/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/26_Disco_Object_Present_App_PIN_Only/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/27_Disco_Object_Present_App_PIN_Primary/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/28_Disco_Object_Present_Global_PIN_Primary/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/37_Golden_FIPS_201-2_PIV_PPS_F=512_D=64/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/38_Bad_Hash_in_Sec_Object/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/39_Golden_FIPS_201-2_Fed_PIV-I/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/41_Re-keyed_Card/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/42_OCSP_Expired/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/43_OCSP_revoked_w_nocheck/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/44_OCSP_revoked_wo_nocheck/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/45_OCSP_Invalid_Signature/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/47_Golden_FIPS_201-2_PIV_SAN_Order/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/48_T=0_with_Non-Zero_PPS_LEN_Value/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/49_FIPS_201-2_Facial_Image_CBEFF_Expired/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/50_FIPS_201-2_Facial_Image_CBEFF_Expires_before_CHUID/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/51_FIPS_201-2_Fingerprint_CBEFF_Expired/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/52_FIPS_201-2_Fingerprint_CBEFF_Expires_before_CHUID/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/53_FIPS_201-2_Large_Card_Auth_Cert/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/54_Golden_FIPS_201-2_NFI_PIV-I/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/55_FIPS_201-2_Missing_Security_Object/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, - "cards/ICAM_Card_Objects/56_FIPS_201-2_Signer_Expires/9 - Fingerprints"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/01_Golden_PIV/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/02_Golden_PIV-I/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/03_SKID_Mismatch/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/04_Tampered_CHUID/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/05_Tampered_Certificates/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/06_Tampered_PHOTO/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/07_Tampered_Fingerprints/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/08_Tampered_Security_Object/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/09_Expired_CHUID_Signer/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/10_Expired_Cert_Signer/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/12_Certs_not_yet_valid/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/13_Certs_are_expired/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/14_Expired_CHUID/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/15_CHUID_FASCN_mismatch/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/16_Card_Auth_FASCN_mismatch/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/17_PHOTO_FASCN_mismatch/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/18_Fingerprints_FASCN_mismatch/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/19_CHUID_UUID_mismatch/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/20_Card_Auth_UUID_mismatch/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/21_PHOTO_UUID_mismatch/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/22_Fingerprints_UUID_mismatch/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/23_Public_Private_Key_mismatch/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/24_Revoked_Certificates/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/25_Disco_Object_Not_Present/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/26_Disco_Object_Present_App_PIN_Only/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/27_Disco_Object_Present_App_PIN_Primary/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/28_Disco_Object_Present_Global_PIN_Primary/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/37_Golden_FIPS_201-2_PIV_PPS_F=512_D=64/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/38_Bad_Hash_in_Sec_Object/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/39_Golden_FIPS_201-2_Fed_PIV-I/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/41_Re-keyed_Card/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/42_OCSP_Expired/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/43_OCSP_revoked_w_nocheck/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/44_OCSP_revoked_wo_nocheck/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/45_OCSP_Invalid_Signature/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/47_Golden_FIPS_201-2_PIV_SAN_Order/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/48_T=0_with_Non-Zero_PPS_LEN_Value/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/49_FIPS_201-2_Facial_Image_CBEFF_Expired/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/50_FIPS_201-2_Facial_Image_CBEFF_Expires_before_CHUID/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/51_FIPS_201-2_Fingerprint_CBEFF_Expired/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/52_FIPS_201-2_Fingerprint_CBEFF_Expires_before_CHUID/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/53_FIPS_201-2_Large_Card_Auth_Cert/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/54_Golden_FIPS_201-2_NFI_PIV-I/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/55_FIPS_201-2_Missing_Security_Object/10 - Face Object"), - Arguments.of(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, - "cards/ICAM_Card_Objects/56_FIPS_201-2_Signer_Expires/10 - Face Object")); - } -} diff --git a/cardlib/src/test/java/gov/gsa/pivconformancetest/CCCDataObjectTests.java b/cardlib/src/test/java/gov/gsa/pivconformancetest/CCCDataObjectTests.java deleted file mode 100644 index 43be99b9..00000000 --- a/cardlib/src/test/java/gov/gsa/pivconformancetest/CCCDataObjectTests.java +++ /dev/null @@ -1,161 +0,0 @@ -package gov.gsa.pivconformancetest; - -import gov.gsa.pivconformance.card.client.*; -import gov.gsa.pivconformance.utils.*; - -import org.junit.jupiter.api.DisplayName; -import org.junit.jupiter.api.TestReporter; -import org.junit.jupiter.params.ParameterizedTest; -import org.junit.jupiter.params.provider.Arguments; -import org.junit.jupiter.params.provider.MethodSource; - -import java.io.IOException; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.util.stream.Stream; - -import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.fail; -import static org.junit.jupiter.api.Assertions.assertTrue; - -public class CCCDataObjectTests { - @DisplayName("Test CCC object parsing") - @ParameterizedTest(name = "{index} => oid = {0}, file = {1}") - @MethodSource("dataObjectTestProvider") - void dataObjectTest(String oid, String file, TestReporter reporter) { - assertNotNull(oid); - assertNotNull(file); - - Path filePath = Paths.get(OSUtils.getTempDir(), file); - - byte[] fileData = null; - try { - fileData = Files.readAllBytes(filePath); - } catch (IOException e) { - fail(e); - } - PIVDataObject o = PIVDataObjectFactory.createDataObjectForOid(oid); - assertNotNull(o); - reporter.publishEntry(oid, o.getClass().getSimpleName()); - - byte[] data = APDUUtils.getTLV(APDUConstants.DATA, fileData); - - o.setOID(oid); - o.setBytes(data); - assert (o.decode()); - - assertNotNull(((CardCapabilityContainer) o).getCardIdentifier()); - assertNotNull(((CardCapabilityContainer) o).getCapabilityContainerVersionNumber()); - assertNotNull(((CardCapabilityContainer) o).getCapabilityGrammarVersionNumber()); - - assertNotNull(((CardCapabilityContainer) o).getRegisteredDataModelNumber()); - assertNotNull(((CardCapabilityContainer) o).getAccessControlRuleTable()); - - assertTrue(((CardCapabilityContainer) o).getCardAPDUs()); - assertTrue(((CardCapabilityContainer) o).getRedirectionTag()); - assertTrue(((CardCapabilityContainer) o).getCapabilityTuples()); - assertTrue(((CardCapabilityContainer) o).getStatusTuples()); - assertTrue(((CardCapabilityContainer) o).getNextCCC()); - - assertTrue(((CardCapabilityContainer) o).getErrorDetectionCode()); - } - - private static Stream dataObjectTestProvider() { - return Stream.of( - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/01_Golden_PIV/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/02_Golden_PIV-I/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/03_SKID_Mismatch/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/04_Tampered_CHUID/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/05_Tampered_Certificates/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/06_Tampered_PHOTO/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/07_Tampered_Fingerprints/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/08_Tampered_Security_Object/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/09_Expired_CHUID_Signer/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/10_Expired_Cert_Signer/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/11_Certs_Expire_after_CHUID/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/12_Certs_not_yet_valid/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/13_Certs_are_expired/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/14_Expired_CHUID/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/15_CHUID_FASCN_mismatch/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/16_Card_Auth_FASCN_mismatch/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/17_PHOTO_FASCN_mismatch/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/18_Fingerprints_FASCN_mismatch/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/19_CHUID_UUID_mismatch/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/20_Card_Auth_UUID_mismatch/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/21_PHOTO_UUID_mismatch/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/22_Fingerprints_UUID_mismatch/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/23_Public_Private_Key_mismatch/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/24_Revoked_Certificates/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/25_Disco_Object_Not_Present/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/26_Disco_Object_Present_App_PIN_Only/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/27_Disco_Object_Present_App_PIN_Primary/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/28_Disco_Object_Present_Global_PIN_Primary/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/37_Golden_FIPS_201-2_PIV_PPS_F=512_D=64/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/38_Bad_Hash_in_Sec_Object/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/39_Golden_FIPS_201-2_Fed_PIV-I/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/41_Re-keyed_Card/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/42_OCSP_Expired/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/43_OCSP_revoked_w_nocheck/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/44_OCSP_revoked_wo_nocheck/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/45_OCSP_Invalid_Signature/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/47_Golden_FIPS_201-2_PIV_SAN_Order/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/48_T=0_with_Non-Zero_PPS_LEN_Value/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/49_FIPS_201-2_Facial_Image_CBEFF_Expired/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/50_FIPS_201-2_Facial_Image_CBEFF_Expires_before_CHUID/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/51_FIPS_201-2_Fingerprint_CBEFF_Expired/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/52_FIPS_201-2_Fingerprint_CBEFF_Expires_before_CHUID/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/53_FIPS_201-2_Large_Card_Auth_Cert/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/54_Golden_FIPS_201-2_NFI_PIV-I/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/55_FIPS_201-2_Missing_Security_Object/7 - CCC"), - Arguments.of(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, - "cards/ICAM_Card_Objects/56_FIPS_201-2_Signer_Expires/7 - CCC")); - } -} diff --git a/cardlib/src/test/java/gov/gsa/pivconformancetest/CHUIDDataObjectTests.java b/cardlib/src/test/java/gov/gsa/pivconformancetest/CHUIDDataObjectTests.java deleted file mode 100644 index 42037755..00000000 --- a/cardlib/src/test/java/gov/gsa/pivconformancetest/CHUIDDataObjectTests.java +++ /dev/null @@ -1,155 +0,0 @@ -package gov.gsa.pivconformancetest; - -import gov.gsa.pivconformance.card.client.*; -import gov.gsa.pivconformance.utils.OSUtils; - -import org.junit.jupiter.api.DisplayName; -import org.junit.jupiter.api.TestReporter; -import org.junit.jupiter.params.ParameterizedTest; -import org.junit.jupiter.params.provider.Arguments; -import org.junit.jupiter.params.provider.MethodSource; - -import java.io.IOException; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.util.stream.Stream; - -import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.assertTrue; -import static org.junit.jupiter.api.Assertions.fail; - -public class CHUIDDataObjectTests { - @DisplayName("Test CHUID Data Object parsing") - @ParameterizedTest(name = "{index} => oid = {0}, file = {1}") - @MethodSource("dataObjectTestProvider") - void dataObjectTest(String oid, String file, TestReporter reporter) { - assertNotNull(oid); - assertNotNull(file); - Path filePath = Paths.get(OSUtils.getTempDir(), file); - byte[] fileData = null; - try { - fileData = Files.readAllBytes(filePath); - } catch (IOException e) { - fail(e); - } - PIVDataObject o = PIVDataObjectFactory.createDataObjectForOid(oid); - assertNotNull(o); - reporter.publishEntry(oid, o.getClass().getSimpleName()); - - byte[] data = APDUUtils.getTLV(APDUConstants.DATA, fileData); - - o.setOID(oid); - o.setBytes(data); - assert (o.decode()); - - assertNotNull(((CardHolderUniqueIdentifier) o).getfASCN()); - assertNotNull(((CardHolderUniqueIdentifier) o).getgUID()); - assertNotNull(((CardHolderUniqueIdentifier) o).getExpirationDate()); - - assertNotNull(((SignedPIVDataObject) o).getAsymmetricSignature()); - - ((SignedPIVDataObject) o).verifySignature(); - assertNotNull(((SignedPIVDataObject) o).getSignerCert()); - - assertTrue(((CardHolderUniqueIdentifier) o).getErrorDetectionCode()); - } - - private static Stream dataObjectTestProvider() { - return Stream.of( - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/01_Golden_PIV/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/02_Golden_PIV-I/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/03_SKID_Mismatch/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/04_Tampered_CHUID/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/05_Tampered_Certificates/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/06_Tampered_PHOTO/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/07_Tampered_Fingerprints/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/08_Tampered_Security_Object/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/09_Expired_CHUID_Signer/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/10_Expired_Cert_Signer/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/11_Certs_Expire_after_CHUID/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/12_Certs_not_yet_valid/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/13_Certs_are_expired/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/14_Expired_CHUID/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/15_CHUID_FASCN_mismatch/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/16_Card_Auth_FASCN_mismatch/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/17_PHOTO_FASCN_mismatch/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/18_Fingerprints_FASCN_mismatch/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/19_CHUID_UUID_mismatch/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/20_Card_Auth_UUID_mismatch/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/21_PHOTO_UUID_mismatch/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/22_Fingerprints_UUID_mismatch/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/23_Public_Private_Key_mismatch/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/24_Revoked_Certificates/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/25_Disco_Object_Not_Present/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/26_Disco_Object_Present_App_PIN_Only/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/27_Disco_Object_Present_App_PIN_Primary/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/28_Disco_Object_Present_Global_PIN_Primary/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/37_Golden_FIPS_201-2_PIV_PPS_F=512_D=64/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/38_Bad_Hash_in_Sec_Object/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/39_Golden_FIPS_201-2_Fed_PIV-I/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/41_Re-keyed_Card/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/42_OCSP_Expired/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/43_OCSP_revoked_w_nocheck/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/44_OCSP_revoked_wo_nocheck/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/45_OCSP_Invalid_Signature/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/47_Golden_FIPS_201-2_PIV_SAN_Order/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/48_T=0_with_Non-Zero_PPS_LEN_Value/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/49_FIPS_201-2_Facial_Image_CBEFF_Expired/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/50_FIPS_201-2_Facial_Image_CBEFF_Expires_before_CHUID/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/51_FIPS_201-2_Fingerprint_CBEFF_Expired/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/52_FIPS_201-2_Fingerprint_CBEFF_Expires_before_CHUID/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/53_FIPS_201-2_Large_Card_Auth_Cert/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/54_Golden_FIPS_201-2_NFI_PIV-I/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/55_FIPS_201-2_Missing_Security_Object/8 - CHUID Object"), - Arguments.of(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, - "cards/ICAM_Card_Objects/56_FIPS_201-2_Signer_Expires/8 - CHUID Object")); - } -} diff --git a/cardlib/src/test/java/gov/gsa/pivconformancetest/DODataObjectTests.java b/cardlib/src/test/java/gov/gsa/pivconformancetest/DODataObjectTests.java deleted file mode 100644 index 1cb45744..00000000 --- a/cardlib/src/test/java/gov/gsa/pivconformancetest/DODataObjectTests.java +++ /dev/null @@ -1,142 +0,0 @@ -package gov.gsa.pivconformancetest; - -import gov.gsa.pivconformance.card.client.*; -import gov.gsa.pivconformance.utils.OSUtils; - -import org.junit.jupiter.api.DisplayName; -import org.junit.jupiter.api.TestReporter; -import org.junit.jupiter.params.ParameterizedTest; -import org.junit.jupiter.params.provider.Arguments; -import org.junit.jupiter.params.provider.MethodSource; - -import java.io.IOException; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.util.stream.Stream; - -import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.fail; - -public class DODataObjectTests { - @DisplayName("Test discovery object parsing") - @ParameterizedTest(name = "{index} => oid = {0}, file = {1}") - @MethodSource("dataObjectTestProvider") - void dataObjectTest(String oid, String file, TestReporter reporter) { - assertNotNull(oid); - assertNotNull(file); - Path filePath = Paths.get(OSUtils.getTempDir(), file); - byte[] fileData = null; - try { - fileData = Files.readAllBytes(filePath); - } catch (IOException e) { - fail(e); - } - PIVDataObject o = PIVDataObjectFactory.createDataObjectForOid(oid); - assertNotNull(o); - reporter.publishEntry(oid, o.getClass().getSimpleName()); - o.setOID(oid); - o.setBytes(fileData); - assert (o.decode()); - - assertNotNull(((DiscoveryObject) o).getSignedContent()); - } - - private static Stream dataObjectTestProvider() { - return Stream.of( - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/01_Golden_PIV/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/02_Golden_PIV-I/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/03_SKID_Mismatch/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/04_Tampered_CHUID/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/05_Tampered_Certificates/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/06_Tampered_PHOTO/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/07_Tampered_Fingerprints/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/08_Tampered_Security_Object/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/09_Expired_CHUID_Signer/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/10_Expired_Cert_Signer/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/11_Certs_Expire_after_CHUID/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/12_Certs_not_yet_valid/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/13_Certs_are_expired/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/14_Expired_CHUID/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/15_CHUID_FASCN_mismatch/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/16_Card_Auth_FASCN_mismatch/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/17_PHOTO_FASCN_mismatch/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/18_Fingerprints_FASCN_mismatch/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/19_CHUID_UUID_mismatch/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/20_Card_Auth_UUID_mismatch/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/21_PHOTO_UUID_mismatch/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/22_Fingerprints_UUID_mismatch/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/23_Public_Private_Key_mismatch/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/24_Revoked_Certificates/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/25_Disco_Object_Not_Present/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/26_Disco_Object_Present_App_PIN_Only/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/27_Disco_Object_Present_App_PIN_Primary/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/28_Disco_Object_Present_Global_PIN_Primary/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/37_Golden_FIPS_201-2_PIV_PPS_F=512_D=64/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/38_Bad_Hash_in_Sec_Object/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/39_Golden_FIPS_201-2_Fed_PIV-I/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/41_Re-keyed_Card/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/42_OCSP_Expired/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/43_OCSP_revoked_w_nocheck/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/44_OCSP_revoked_wo_nocheck/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/45_OCSP_Invalid_Signature/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/47_Golden_FIPS_201-2_PIV_SAN_Order/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/48_T=0_with_Non-Zero_PPS_LEN_Value/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/49_FIPS_201-2_Facial_Image_CBEFF_Expired/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/50_FIPS_201-2_Facial_Image_CBEFF_Expires_before_CHUID/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/51_FIPS_201-2_Fingerprint_CBEFF_Expired/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/52_FIPS_201-2_Fingerprint_CBEFF_Expires_before_CHUID/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/53_FIPS_201-2_Large_Card_Auth_Cert/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/54_Golden_FIPS_201-2_NFI_PIV-I/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/55_FIPS_201-2_Missing_Security_Object/1 - Discovery Object"), - Arguments.of(APDUConstants.DISCOVERY_OBJECT_OID, - "cards/ICAM_Card_Objects/56_FIPS_201-2_Signer_Expires/1 - Discovery Object")); - } -} diff --git a/cardlib/src/test/java/gov/gsa/pivconformancetest/PIVConnectTests.java b/cardlib/src/test/java/gov/gsa/pivconformancetest/PIVConnectTests.java deleted file mode 100644 index 020e511c..00000000 --- a/cardlib/src/test/java/gov/gsa/pivconformancetest/PIVConnectTests.java +++ /dev/null @@ -1,78 +0,0 @@ -package gov.gsa.pivconformancetest; - -import gov.gsa.pivconformance.card.client.*; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.DisplayName; -import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.TestReporter; - -import javax.smartcardio.CardException; -import javax.smartcardio.CardTerminal; -import javax.smartcardio.TerminalFactory; -import java.util.List; - -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.fail; - -public class PIVConnectTests { - List terminals = null; - - @BeforeEach - void init() { - TerminalFactory tf = TerminalFactory.getDefault(); - try { - terminals = tf.terminals().list(); - } catch (CardException e) { - fail("Unable to list readers"); - } - } - - @Test - @DisplayName("Ensure readers") - void testReaderList() { - assert (terminals.size() > 0); - } - - @Test - @DisplayName("Test reader descriptor") - void testConnectionDescription() { - ConnectionDescription cd = ConnectionDescription.createFromTerminal(terminals.get(0)); - assert (cd != null); - byte[] cdbytes = cd.getBytes(); - assert (cdbytes.length > 1); - } - - @Test - @DisplayName("Test connection") - void testConnection() { - ConnectionDescription cd = ConnectionDescription.createFromTerminal(terminals.get(0)); - try { - assert (terminals.get(0).isCardPresent()); - } catch (CardException ce) { - fail(ce); - } - CardHandle ch = new CardHandle(); - MiddlewareStatus result = PIVMiddleware.pivConnect(true, cd, ch); - assert (result == MiddlewareStatus.PIV_OK); - } - - @Test - @DisplayName("Test app selection") - void testSelect(TestReporter reporter) { - ConnectionDescription cd = ConnectionDescription.createFromTerminal(terminals.get(0)); - try { - assert (terminals.get(0).isCardPresent()); - } catch (CardException ce) { - fail(ce); - } - CardHandle ch = new CardHandle(); - MiddlewareStatus result = PIVMiddleware.pivConnect(true, cd, ch); - assertEquals(result, MiddlewareStatus.PIV_OK); - reporter.publishEntry("Reader", cd.getTerminal().getName()); - DefaultPIVApplication piv = new DefaultPIVApplication(); - ApplicationAID aid = new ApplicationAID(); - ApplicationProperties cardAppProperties = new ApplicationProperties(); - result = piv.pivSelectCardApplication(ch, aid, cardAppProperties); - assertEquals(MiddlewareStatus.PIV_OK, result); - } -} diff --git a/cardlib/src/test/java/gov/gsa/pivconformancetest/PIVGeneralAuthenticateTests.java b/cardlib/src/test/java/gov/gsa/pivconformancetest/PIVGeneralAuthenticateTests.java deleted file mode 100644 index 1f490830..00000000 --- a/cardlib/src/test/java/gov/gsa/pivconformancetest/PIVGeneralAuthenticateTests.java +++ /dev/null @@ -1,72 +0,0 @@ -package gov.gsa.pivconformancetest; - -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.fail; - -import java.util.List; - -import javax.smartcardio.CardException; -import javax.smartcardio.CardTerminal; -import javax.smartcardio.TerminalFactory; - -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.DisplayName; -import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.TestReporter; - -import gov.gsa.pivconformance.card.client.ApplicationAID; -import gov.gsa.pivconformance.card.client.ApplicationProperties; -import gov.gsa.pivconformance.card.client.CardHandle; -import gov.gsa.pivconformance.card.client.ConnectionDescription; -import gov.gsa.pivconformance.card.client.DefaultPIVApplication; -import gov.gsa.pivconformance.card.client.MiddlewareStatus; -import gov.gsa.pivconformance.card.client.PIVAuthenticators; -import gov.gsa.pivconformance.card.client.PIVMiddleware; -import gov.gsa.pivconformance.utils.PCSCUtils; - -public class PIVGeneralAuthenticateTests { - - List terminals = null; - DefaultPIVApplication piv = null; - CardHandle currentCardHandle = null; - ConnectionDescription currentConnection = null; - - @BeforeEach - void init() { - PCSCUtils.ConfigureUserProperties(); - TerminalFactory tf = TerminalFactory.getDefault(); - try { - terminals = tf.terminals().list(); - for (CardTerminal t : terminals) { - if (t.isCardPresent()) { - currentConnection = ConnectionDescription.createFromTerminal(t); - break; - } - } - if (currentConnection == null || !currentConnection.getTerminal().isCardPresent()) { - fail("Unable to find a reader with a card present"); - } - currentCardHandle = new CardHandle(); - MiddlewareStatus result = PIVMiddleware.pivConnect(true, currentConnection, currentCardHandle); - assert (result == MiddlewareStatus.PIV_OK); - piv = new DefaultPIVApplication(); - ApplicationAID aid = new ApplicationAID(); - ApplicationProperties cardAppProperties = new ApplicationProperties(); - result = piv.pivSelectCardApplication(currentCardHandle, aid, cardAppProperties); - assertEquals(MiddlewareStatus.PIV_OK, result); - PIVAuthenticators authenticators = new PIVAuthenticators(); - authenticators.addApplicationPin("123456"); - result = piv.pivLogIntoCardApplication(currentCardHandle, authenticators.getBytes()); - assertEquals(MiddlewareStatus.PIV_OK, result); - } catch (CardException e) { - fail("Unable to establish PIV connection"); - } - } - - @Test - @DisplayName("Test GENERAL AUTHENTICATE") - void testGeneralAuthenticate(TestReporter reporter) { - assertNotNull(null); - } -} diff --git a/cardlib/src/test/java/gov/gsa/pivconformancetest/PIVGetDataTests.java b/cardlib/src/test/java/gov/gsa/pivconformancetest/PIVGetDataTests.java deleted file mode 100644 index 821b835f..00000000 --- a/cardlib/src/test/java/gov/gsa/pivconformancetest/PIVGetDataTests.java +++ /dev/null @@ -1,125 +0,0 @@ -package gov.gsa.pivconformancetest; - -import gov.gsa.pivconformance.card.client.*; -import gov.gsa.pivconformance.utils.PCSCUtils; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.DisplayName; -import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.TestReporter; - -import javax.smartcardio.CardException; -import javax.smartcardio.CardTerminal; -import javax.smartcardio.TerminalFactory; -import java.util.List; - -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.fail; - -public class PIVGetDataTests { - List terminals = null; - DefaultPIVApplication piv = null; - - @BeforeEach - void init() { - PCSCUtils.ConfigureUserProperties(); - TerminalFactory tf = TerminalFactory.getDefault(); - try { - terminals = tf.terminals().list(); - } catch (CardException e) { - fail("Unable to list readers"); - } - } - - @Test - @DisplayName("Ensure readers") - void testReaderList() { - assert (terminals.size() > 0); - } - - @Test - @DisplayName("Test connection") - void testConnection() { - ConnectionDescription cd = ConnectionDescription.createFromTerminal(terminals.get(0)); - try { - assert (terminals.get(0).isCardPresent()); - } catch (CardException ce) { - fail(ce); - } - CardHandle ch = new CardHandle(); - MiddlewareStatus result = PIVMiddleware.pivConnect(true, cd, ch); - assert (result == MiddlewareStatus.PIV_OK); - } - - @Test - @DisplayName("Test app selection") - void testSelect(TestReporter reporter) { - ConnectionDescription cd = ConnectionDescription.createFromTerminal(terminals.get(0)); - try { - assert (terminals.get(0).isCardPresent()); - } catch (CardException ce) { - fail(ce); - } - CardHandle ch = new CardHandle(); - MiddlewareStatus result = PIVMiddleware.pivConnect(true, cd, ch); - assertEquals(result, MiddlewareStatus.PIV_OK); - reporter.publishEntry("Reader", cd.getTerminal().getName()); - piv = new DefaultPIVApplication(); - ApplicationAID aid = new ApplicationAID(); - ApplicationProperties cardAppProperties = new ApplicationProperties(); - result = piv.pivSelectCardApplication(ch, aid, cardAppProperties); - assertEquals(MiddlewareStatus.PIV_OK, result); - } - - @Test - @DisplayName("Test authentication") - void testAuth(TestReporter reporter) { - ConnectionDescription cd = ConnectionDescription.createFromTerminal(terminals.get(0)); - try { - assert (terminals.get(0).isCardPresent()); - } catch (CardException ce) { - fail(ce); - } - CardHandle ch = new CardHandle(); - MiddlewareStatus result = PIVMiddleware.pivConnect(true, cd, ch); - assertEquals(result, MiddlewareStatus.PIV_OK); - piv = new DefaultPIVApplication(); - ApplicationAID aid = new ApplicationAID(); - ApplicationProperties cardAppProperties = new ApplicationProperties(); - result = piv.pivSelectCardApplication(ch, aid, cardAppProperties); - assertEquals(MiddlewareStatus.PIV_OK, result); - PIVAuthenticators authenticators = new PIVAuthenticators(); - authenticators.addApplicationPin("123456"); - result = piv.pivLogIntoCardApplication(ch, authenticators.getBytes()); - assertEquals(MiddlewareStatus.PIV_OK, result); - } - - @Test - @DisplayName("Test pivGetData") - void testPIVGetData(TestReporter reporter) { - ConnectionDescription cd = ConnectionDescription.createFromTerminal(terminals.get(0)); - try { - assert (terminals.get(0).isCardPresent()); - } catch (CardException ce) { - fail(ce); - } - CardHandle ch = new CardHandle(); - MiddlewareStatus result = PIVMiddleware.pivConnect(true, cd, ch); - assertEquals(result, MiddlewareStatus.PIV_OK); - piv = new DefaultPIVApplication(); - ApplicationAID aid = new ApplicationAID(); - ApplicationProperties cardAppProperties = new ApplicationProperties(); - result = piv.pivSelectCardApplication(ch, aid, cardAppProperties); - assertEquals(MiddlewareStatus.PIV_OK, result); - PIVAuthenticators authenticators = new PIVAuthenticators(); - authenticators.addApplicationPin("123456"); - result = piv.pivLogIntoCardApplication(ch, authenticators.getBytes()); - assertEquals(MiddlewareStatus.PIV_OK, result); - - for (String containerOID : APDUConstants.MandatoryContainers()) { - PIVDataObject dataObject = PIVDataObjectFactory.createDataObjectForOid(containerOID); - - result = piv.pivGetData(ch, containerOID, dataObject); - assertEquals(MiddlewareStatus.PIV_OK, result); - } - } -} diff --git a/cardlib/src/test/java/gov/gsa/pivconformancetest/PIVMiddlewareTests.java b/cardlib/src/test/java/gov/gsa/pivconformancetest/PIVMiddlewareTests.java deleted file mode 100644 index 537b6e99..00000000 --- a/cardlib/src/test/java/gov/gsa/pivconformancetest/PIVMiddlewareTests.java +++ /dev/null @@ -1,31 +0,0 @@ -package gov.gsa.pivconformancetest; - -import gov.gsa.pivconformance.card.client.MiddlewareStatus; -import gov.gsa.pivconformance.card.client.PIVMiddleware; -import gov.gsa.pivconformance.card.client.PIVMiddlewareVersion; -import org.junit.jupiter.api.DisplayName; -import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.TestReporter; - -import static org.junit.jupiter.api.Assertions.assertEquals; - -public class PIVMiddlewareTests { - @Test - @DisplayName("PIV Middleware version status") - void pivMiddlewareVersionStatusTest() { - PIVMiddlewareVersion v = new PIVMiddlewareVersion(); - MiddlewareStatus status = PIVMiddleware.pivMiddlewareVersion(v); - assertEquals(status, MiddlewareStatus.PIV_OK); - } - - @Test - @DisplayName("Check middleware version") - void pivMiddlewareVersionTest(TestReporter reporter) { - PIVMiddlewareVersion v = new PIVMiddlewareVersion(); - MiddlewareStatus status = PIVMiddleware.pivMiddlewareVersion(v); - assertEquals(status, MiddlewareStatus.PIV_OK); - assertEquals(v.getVersion(), "800-73-4 Client API"); - reporter.publishEntry("Version", v.getVersion()); - } - -} diff --git a/cardlib/src/test/java/gov/gsa/pivconformancetest/PIVSignatureVerificationTests.java b/cardlib/src/test/java/gov/gsa/pivconformancetest/PIVSignatureVerificationTests.java deleted file mode 100644 index 0023c71b..00000000 --- a/cardlib/src/test/java/gov/gsa/pivconformancetest/PIVSignatureVerificationTests.java +++ /dev/null @@ -1,111 +0,0 @@ -package gov.gsa.pivconformancetest; - -import gov.gsa.pivconformance.card.client.*; -import gov.gsa.pivconformance.utils.PCSCUtils; -import org.bouncycastle.cms.CMSSignedData; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.DisplayName; -import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.TestReporter; - -import javax.smartcardio.CardException; -import javax.smartcardio.CardTerminal; -import javax.smartcardio.TerminalFactory; -import java.security.cert.X509Certificate; -import java.util.List; - -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.fail; - -public class PIVSignatureVerificationTests { - List terminals = null; - DefaultPIVApplication piv = null; - - @BeforeEach - void init() { - PCSCUtils.ConfigureUserProperties(); - TerminalFactory tf = TerminalFactory.getDefault(); - try { - terminals = tf.terminals().list(); - } catch (CardException e) { - fail("Unable to list readers"); - } - } - - @Test - @DisplayName("Ensure readers") - void testReaderList() { - assert (terminals.size() > 0); - } - - @Test - @DisplayName("Test signature verfication") - void testPIVGetData(TestReporter reporter) { - X509Certificate signingCertificate = null; - ConnectionDescription cd = ConnectionDescription.createFromTerminal(terminals.get(0)); - try { - assert (terminals.get(0).isCardPresent()); - } catch (CardException ce) { - fail(ce); - } - CardHandle ch = new CardHandle(); - MiddlewareStatus result = PIVMiddleware.pivConnect(true, cd, ch); - assertEquals(result, MiddlewareStatus.PIV_OK); - piv = new DefaultPIVApplication(); - ApplicationAID aid = new ApplicationAID(); - ApplicationProperties cardAppProperties = new ApplicationProperties(); - result = piv.pivSelectCardApplication(ch, aid, cardAppProperties); - assertEquals(MiddlewareStatus.PIV_OK, result); - PIVAuthenticators authenticators = new PIVAuthenticators(); - authenticators.addApplicationPin("123456"); - result = piv.pivLogIntoCardApplication(ch, authenticators.getBytes()); - assertEquals(MiddlewareStatus.PIV_OK, result); - - for (String containerOID : APDUConstants.MandatoryContainers()) { - PIVDataObject dataObject = PIVDataObjectFactory.createDataObjectForOid(containerOID); - - result = piv.pivGetData(ch, containerOID, dataObject); - assertEquals(MiddlewareStatus.PIV_OK, result); - - boolean decoded = dataObject.decode(); - assertEquals(true, decoded); - - if (containerOID.equals(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID)) { - signingCertificate = ((SignedPIVDataObject) dataObject).getChuidSignerCert(); - CMSSignedData sd = ((CardHolderUniqueIdentifier) dataObject).getAsymmetricSignature(); - assertNotNull(sd); - boolean rv = ((CardHolderUniqueIdentifier) dataObject).verifySignature(); - assertEquals(true, rv); - - signingCertificate = ((SignedPIVDataObject) dataObject).getChuidSignerCert(); - - assertNotNull(signingCertificate); - } - - if (containerOID.equals(APDUConstants.CARDHOLDER_FINGERPRINTS_OID)) { - signingCertificate = ((SignedPIVDataObject) dataObject).getSignerCert(); - if (signingCertificate != null) { - boolean rv = ((SignedPIVDataObject) dataObject).verifySignature(); - assertEquals(true, rv); - } - } - - if (containerOID.equals(APDUConstants.SECURITY_OBJECT_OID)) { - signingCertificate = ((SignedPIVDataObject) dataObject).getSignerCert(); - if (signingCertificate != null) { - boolean rv = ((SignedPIVDataObject) dataObject).verifySignature(); - assertEquals(true, rv); - } - } - - if (containerOID.equals(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID)) { - signingCertificate = ((SignedPIVDataObject) dataObject).getSignerCert(); - if (signingCertificate != null) { - boolean rv = ((SignedPIVDataObject) dataObject).verifySignature(); - assertEquals(true, rv); - } - } - } - } -} diff --git a/cardlib/src/test/java/gov/gsa/pivconformancetest/PrintedInformationDataObjectTests.java b/cardlib/src/test/java/gov/gsa/pivconformancetest/PrintedInformationDataObjectTests.java deleted file mode 100644 index fac2b2eb..00000000 --- a/cardlib/src/test/java/gov/gsa/pivconformancetest/PrintedInformationDataObjectTests.java +++ /dev/null @@ -1,107 +0,0 @@ -package gov.gsa.pivconformancetest; - -import gov.gsa.pivconformance.card.client.*; -import gov.gsa.pivconformance.utils.OSUtils; - -import org.junit.jupiter.api.DisplayName; -import org.junit.jupiter.api.TestReporter; -import org.junit.jupiter.params.ParameterizedTest; -import org.junit.jupiter.params.provider.Arguments; -import org.junit.jupiter.params.provider.MethodSource; - -import java.io.IOException; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.util.stream.Stream; - -import static org.junit.jupiter.api.Assertions.*; - -public class PrintedInformationDataObjectTests { - @DisplayName("Test Printed Information Object Data Object parsing") - @ParameterizedTest(name = "{index} => oid = {0}, file = {1}") - @MethodSource("dataObjectTestProvider") - void dataObjectTest(String oid, String file, TestReporter reporter) { - assertNotNull(oid); - assertNotNull(file); - Path filePath = Paths.get(OSUtils.getTempDir(), file); - byte[] fileData = null; - try { - fileData = Files.readAllBytes(filePath); - } catch (IOException e) { - fail(e); - } - PIVDataObject o = PIVDataObjectFactory.createDataObjectForOid(oid); - assertNotNull(o); - reporter.publishEntry(oid, o.getClass().getSimpleName()); - - byte[] data = APDUUtils.getTLV(APDUConstants.DATA, fileData); - - o.setOID(oid); - o.setBytes(data); - assert (o.decode()); - - assertNotNull(((PrintedInformation) o).getName()); - assertNotNull(((PrintedInformation) o).getEmployeeAffiliation()); - assertNotNull(((PrintedInformation) o).getExpirationDate()); - assertNotNull(((PrintedInformation) o).getAgencyCardSerialNumber()); - assertNotNull(((PrintedInformation) o).getIssuerIdentification()); - - assertNotSame(((PrintedInformation) o).getName(), ""); - assertNotSame(((PrintedInformation) o).getEmployeeAffiliation(), ""); - assertNotSame(((PrintedInformation) o).getExpirationDate(), ""); - assertNotSame(((PrintedInformation) o).getAgencyCardSerialNumber(), ""); - assertNotSame(((PrintedInformation) o).getIssuerIdentification(), ""); - assertTrue(((PrintedInformation) o).getErrorDetectionCode()); - } - - private static Stream dataObjectTestProvider() { - return Stream.of( - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/25_Disco_Object_Not_Present/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/26_Disco_Object_Present_App_PIN_Only/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/27_Disco_Object_Present_App_PIN_Primary/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/28_Disco_Object_Present_Global_PIN_Primary/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/37_Golden_FIPS_201-2_PIV_PPS_F=512_D=64/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/38_Bad_Hash_in_Sec_Object/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/39_Golden_FIPS_201-2_Fed_PIV-I/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/41_Re-keyed_Card/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/42_OCSP_Expired/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/43_OCSP_revoked_w_nocheck/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/44_OCSP_revoked_wo_nocheck/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/45_OCSP_Invalid_Signature/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/47_Golden_FIPS_201-2_PIV_SAN_Order/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/48_T=0_with_Non-Zero_PPS_LEN_Value/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/49_FIPS_201-2_Facial_Image_CBEFF_Expired/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/50_FIPS_201-2_Facial_Image_CBEFF_Expires_before_CHUID/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/51_FIPS_201-2_Fingerprint_CBEFF_Expired/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/52_FIPS_201-2_Fingerprint_CBEFF_Expires_before_CHUID/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/53_FIPS_201-2_Large_Card_Auth_Cert/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/54_Golden_FIPS_201-2_NFI_PIV-I/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/55_FIPS_201-2_Missing_Security_Object/11 - Printed Information"), - Arguments.of(APDUConstants.PRINTED_INFORMATION_OID, - "cards/ICAM_Card_Objects/56_FIPS_201-2_Signer_Expires/11 - Printed Information")); - } -} diff --git a/cardlib/src/test/java/gov/gsa/pivconformancetest/SecurityObjectDataObjectTests.java b/cardlib/src/test/java/gov/gsa/pivconformancetest/SecurityObjectDataObjectTests.java deleted file mode 100644 index 6cf57f46..00000000 --- a/cardlib/src/test/java/gov/gsa/pivconformancetest/SecurityObjectDataObjectTests.java +++ /dev/null @@ -1,157 +0,0 @@ -package gov.gsa.pivconformancetest; - -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.APDUUtils; -import gov.gsa.pivconformance.card.client.PIVDataObject; -import gov.gsa.pivconformance.card.client.SecurityObject; -import gov.gsa.pivconformance.card.client.SignedPIVDataObject; -import gov.gsa.pivconformance.card.client.PIVDataObjectFactory; -import gov.gsa.pivconformance.utils.OSUtils; - -import org.junit.jupiter.api.DisplayName; -import org.junit.jupiter.api.TestReporter; -import org.junit.jupiter.params.ParameterizedTest; -import org.junit.jupiter.params.provider.Arguments; -import org.junit.jupiter.params.provider.MethodSource; - -import java.io.IOException; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.util.stream.Stream; - -import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.assertTrue; -import static org.junit.jupiter.api.Assertions.fail; - -public class SecurityObjectDataObjectTests { - @DisplayName("Test Security Object Data Object parsing") - @ParameterizedTest(name = "{index} => oid = {0}, file = {1}") - @MethodSource("dataObjectTestProvider") - void dataObjectTest(String oid, String file, TestReporter reporter) { - assertNotNull(oid); - assertNotNull(file); - Path filePath = Paths.get(OSUtils.getTempDir(), file); - byte[] fileData = null; - try { - fileData = Files.readAllBytes(filePath); - } catch (IOException e) { - fail(e); - } - PIVDataObject o = PIVDataObjectFactory.createDataObjectForOid(oid); - assertNotNull(o); - reporter.publishEntry(oid, o.getClass().getSimpleName()); - - APDUUtils.getTLV(APDUConstants.DATA, fileData); - - o.setOID(oid); - o.setBytes(fileData); - assert (o.decode()); - - assertNotNull(((SecurityObject) o).getMapping()); - assertNotNull(((SecurityObject) o).getContainerIDList()); - - assertNotNull(((SignedPIVDataObject) o).getAsymmetricSignature()); - assertTrue(((SecurityObject) o).getErrorDetectionCode()); - } - - private static Stream dataObjectTestProvider() { - return Stream.of( - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/01_Golden_PIV/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/02_Golden_PIV-I/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/03_SKID_Mismatch/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/04_Tampered_CHUID/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/05_Tampered_Certificates/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/06_Tampered_PHOTO/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/07_Tampered_Fingerprints/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/08_Tampered_Security_Object/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/09_Expired_CHUID_Signer/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/10_Expired_Cert_Signer/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/11_Certs_Expire_after_CHUID/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/12_Certs_not_yet_valid/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/13_Certs_are_expired/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/14_Expired_CHUID/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/15_CHUID_FASCN_mismatch/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/16_Card_Auth_FASCN_mismatch/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/17_PHOTO_FASCN_mismatch/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/18_Fingerprints_FASCN_mismatch/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/19_CHUID_UUID_mismatch/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/20_Card_Auth_UUID_mismatch/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/21_PHOTO_UUID_mismatch/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/22_Fingerprints_UUID_mismatch/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/23_Public_Private_Key_mismatch/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/24_Revoked_Certificates/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/25_Disco_Object_Not_Present/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/26_Disco_Object_Present_App_PIN_Only/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/27_Disco_Object_Present_App_PIN_Primary/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/28_Disco_Object_Present_Global_PIN_Primary/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/37_Golden_FIPS_201-2_PIV_PPS_F=512_D=64/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/38_Bad_Hash_in_Sec_Object/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/39_Golden_FIPS_201-2_Fed_PIV-I/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/41_Re-keyed_Card/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/42_OCSP_Expired/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/43_OCSP_revoked_w_nocheck/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/44_OCSP_revoked_wo_nocheck/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/45_OCSP_Invalid_Signature/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/47_Golden_FIPS_201-2_PIV_SAN_Order/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/48_T=0_with_Non-Zero_PPS_LEN_Value/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/49_FIPS_201-2_Facial_Image_CBEFF_Expired/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/50_FIPS_201-2_Facial_Image_CBEFF_Expires_before_CHUID/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/51_FIPS_201-2_Fingerprint_CBEFF_Expired/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/52_FIPS_201-2_Fingerprint_CBEFF_Expires_before_CHUID/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/53_FIPS_201-2_Large_Card_Auth_Cert/2 - Security Object"), - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/54_Golden_FIPS_201-2_NFI_PIV-I/2 - Security Object"), -// Arguments.of(APDUConstants.SECURITY_OBJECT_OID, -// "cards/ICAM_Card_Objects/55_FIPS_201-2_Missing_Security_Object/2 - Security Object"), //No security Object present. - Arguments.of(APDUConstants.SECURITY_OBJECT_OID, - "cards/ICAM_Card_Objects/56_FIPS_201-2_Signer_Expires/2 - Security Object") - - ); - } -} diff --git a/cardlib/src/test/java/gov/gsa/pivconformancetest/X509DataObjectTests.java b/cardlib/src/test/java/gov/gsa/pivconformancetest/X509DataObjectTests.java deleted file mode 100644 index 48a0769b..00000000 --- a/cardlib/src/test/java/gov/gsa/pivconformancetest/X509DataObjectTests.java +++ /dev/null @@ -1,164 +0,0 @@ -package gov.gsa.pivconformancetest; - -import gov.gsa.pivconformance.card.client.*; -import gov.gsa.pivconformance.utils.OSUtils; - -import org.bouncycastle.cert.X509CertificateHolder; -import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; -import org.bouncycastle.openssl.PEMParser; -import org.junit.jupiter.api.DisplayName; -import org.junit.jupiter.api.TestReporter; -import org.junit.jupiter.params.ParameterizedTest; -import org.junit.jupiter.params.provider.Arguments; -import org.junit.jupiter.params.provider.MethodSource; -import java.io.IOException; -import java.io.StringReader; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.security.Provider; -import java.security.Security; -import java.security.cert.CertificateEncodingException; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; -import java.util.List; -import java.util.stream.Stream; - -import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.fail; - -public class X509DataObjectTests { - @DisplayName("Test X.509 Data Object parsing") - @ParameterizedTest(name = "{index} => oid = {0}, file = {1}") - @MethodSource("dataObjectTestProvider") - void dataObjectTest(String oid, String file, TestReporter reporter) { - assertNotNull(oid); - assertNotNull(file); - Path filePath = Paths.get(OSUtils.getTempDir(), file); - List lines = null; - try { - - lines = Files.readAllLines(filePath); - // Convert to DER - StringBuffer sb = new StringBuffer(""); - for (String l : lines) { - sb.append(l + "\r\n"); - } - - StringReader sr = new StringReader(sb.toString()); - PIVDataObject o = PIVDataObjectFactory.createDataObjectForOid(oid); - assertNotNull(o); - reporter.publishEntry(oid, o.getClass().getSimpleName()); - - // XXX Unit tests will need to be updated files here are just cert files not - // card data objects. - - o.setOID(oid); - o.setBytes(convertPemFileToBytes(sr).getEncoded()); - assert (o.decode()); - } catch (IOException | CertificateEncodingException e) { - fail(e); - } - } - - /** - * Converts a PEM formatted String to a {@link X509Certificate} instance. - * - * @param pem PEM formatted String - * @return a X509Certificate instance - * @throws CertificateException - * @throws IOException - */ - public X509Certificate convertPemFileToBytes(StringReader pem) { - X509CertificateHolder certHolder = null; - X509Certificate cert = null; - @SuppressWarnings("resource") - PEMParser pp = new PEMParser(pem); - try { - certHolder = (X509CertificateHolder) pp.readObject(); - } catch (IOException e1) { - // TODO Auto-generated catch block - e1.printStackTrace(); - } - Provider provider = new org.bouncycastle.jce.provider.BouncyCastleProvider(); - Security.addProvider(provider); - - try { - cert = new JcaX509CertificateConverter().setProvider(provider).getCertificate(certHolder); - } catch (CertificateException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - return cert; - } - - /* - * CertificateFactory cFactory = CertificateFactory.getInstance("X.509"); - * X509Certificate cert = (X509Certificate) - * cFactory.generateCertificate(getInputStream( - * of_the_original_unmodified_certificate_file)); - */ - private static Stream dataObjectTestProvider() { - return Stream.of(Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/25_Disco_Object_Not_Present/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Missing_DO.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/26_Disco_Object_Present_App_PIN_Only/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_App_PIN_Only.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/27_Disco_Object_Present_App_PIN_Primary/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_App_PIN_Prim.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/28_Disco_Object_Present_Global_PIN_Primary/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Global_PIN_Prim.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/37_Golden_FIPS_201-2_PIV_PPS_F=512_D=64/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_PPS.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/38_Bad_Hash_in_Sec_Object/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Bad_SO_Hash.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/41_Re-keyed_Card/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Re-key.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/42_OCSP_Expired/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_OCSP_Expired.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/43_OCSP_revoked_w_nocheck/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_OCSP_Revoked_NOCHECK.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/44_OCSP_revoked_wo_nocheck/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_OCSP_Revoked_WO_NOCHECK.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/45_OCSP_Invalid_Signature/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_OCSP_Invalid_Signature.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV_ICI_8/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV_ICI_8/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_ICI_8.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV_ICI_9/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/46_Golden_FIPS_201-2_PIV_ICI_9/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_ICI_9.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/47_Golden_FIPS_201-2_PIV_SAN_Order/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_SAN_Order.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/48_T=0_with_Non-Zero_PPS_LEN_Value/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Non-Zero_PPS_LEN.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/49_FIPS_201-2_Facial_Image_CBEFF_Expired/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_FI_Expired.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/50_FIPS_201-2_Facial_Image_CBEFF_Expires_before_CHUID/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_FI_will_Expire.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/51_FIPS_201-2_Fingerprint_CBEFF_Expired/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_FP_Expired.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/52_FIPS_201-2_Fingerprint_CBEFF_Expires_before_CHUID/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_FP_will_Expire.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/53_FIPS_201-2_Large_Card_Auth_Cert/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Large_Cert.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/55_FIPS_201-2_Missing_Security_Object/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Missing_SO.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/56_FIPS_201-2_Signer_Expires/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Signer_Expires.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/57_Revoked_CHUID_Cert/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/57_Revoked_CHUID_Cert/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Revoked_CHUID_Cert.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/58_Revoked_Card_Auth_Cert/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_Revoked_Card_Auth_Cert.crt"), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, - "cards/ICAM_Card_Objects/59_Valid_CBEFF_for_Card_51/3 - ICAM_Test_Card_PIV_Auth_SP_800-73-4_FP_Expired.crt") - - ); - - } -} diff --git a/cardlib/src/test/java/module-info.java b/cardlib/src/test/java/module-info.java index 9a472c74..0e203dd4 100644 --- a/cardlib/src/test/java/module-info.java +++ b/cardlib/src/test/java/module-info.java @@ -1,12 +1,11 @@ -open module gov.gsa.pivconformancetest { +open module gov.gsa.pivconformance.cardlib.test { requires java.smartcardio; requires org.slf4j; requires org.apache.commons.codec; - requires commons.cli; - requires bcpkix.jdk15on; - requires bcprov.jdk15on; - requires gov.gsa.pivconformance; + requires org.apache.commons.cli; + requires org.bouncycastle.provider; + requires org.bouncycastle.pkix; + requires gov.gsa.pivconformance.cardlib; requires org.junit.jupiter.api; requires org.junit.jupiter.params; - requires junit; } diff --git a/conformancelib/.gitattributes b/conformancelib/.gitattributes new file mode 100644 index 00000000..00a51aff --- /dev/null +++ b/conformancelib/.gitattributes @@ -0,0 +1,6 @@ +# +# https://help.github.com/articles/dealing-with-line-endings/ +# +# These are explicitly windows files and should use crlf +*.bat text eol=crlf + diff --git a/conformancelib/.gitignore b/conformancelib/.gitignore index ed1ea462..c75f3c2c 100644 --- a/conformancelib/.gitignore +++ b/conformancelib/.gitignore @@ -1,2 +1,5 @@ -/cli-runner.launch -/.pydevproject +# Ignore Gradle project-specific cache directory +.gradle + +# Ignore Gradle build output directory +build diff --git a/conformancelib/.settings/.gitignore b/conformancelib/.settings/.gitignore deleted file mode 100644 index 3b1537c2..00000000 --- a/conformancelib/.settings/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/org.eclipse.jdt.core.prefs diff --git a/conformancelib/.settings/org.eclipse.jdt.ui.prefs b/conformancelib/.settings/org.eclipse.jdt.ui.prefs deleted file mode 100644 index 86a7add8..00000000 --- a/conformancelib/.settings/org.eclipse.jdt.ui.prefs +++ /dev/null @@ -1,5 +0,0 @@ -eclipse.preferences.version=1 -org.eclipse.jdt.ui.exception.name=e -org.eclipse.jdt.ui.gettersetter.use.is=true -org.eclipse.jdt.ui.keywordthis=false -org.eclipse.jdt.ui.overrideannotation=true diff --git a/conformancelib/build.gradle b/conformancelib/build.gradle index 0868954b..8394664f 100644 --- a/conformancelib/build.gradle +++ b/conformancelib/build.gradle @@ -1,130 +1,205 @@ -buildscript { - repositories { - mavenCentral() - } - dependencies { - classpath 'org.junit.platform:junit-platform-gradle-plugin:1.1.0' - } -} - -plugins { - id 'org.ajoberstar.grgit' version '2.1.0' - //id 'com.zyxist.chainsaw' version '0.1.3' - id 'com.github.johnrengelman.shadow' version '2.0.2' -} - -apply plugin: 'java' -apply plugin: 'eclipse' -//apply plugin: 'application' -apply plugin: 'com.github.johnrengelman.shadow' -apply plugin: 'org.junit.platform.gradle.plugin' - -//javaModule.name = 'gov.gsa.pivconformancetests' -targetCompatibility = targetJavaVersion - -repositories { - jcenter() - maven { url 'https://repository.apache.org/snapshots' } -} - -sourceSets { - main { - java { - if(targetCompatibility != JavaVersion.VERSION_11) - exclude '**/module-info.java' - // temporarily ignore a pile of things that i want to push to the server but still needs to be fixed to build - // with some of the changes that outpaced the cli runner - //exclude 'gov/gsa/conformancelib/pivconformancetools/**' - } - } -} - -task sourceJar(type: Jar, dependsOn: classes) { - classifier 'sources' - from sourceSets.main.allSource -} - -import org.gradle.plugins.ide.eclipse.model.AccessRule - -eclipse { - classpath { - file { - whenMerged { - def jre = entries.find { it.path.contains 'org.eclipse.jdt.launching.JRE_CONTAINER' } - jre.accessRules.add(new AccessRule('0', 'javax/smartcardio/**')) - def lib = entries.find { it.path.contains 'cardlib.jar' } - lib.sourcePath = fileReference(file('../tools/85b-swing-gui/lib/cardlib-sources.jar')) - } - } - } -} - -// custom task from -// https://stackoverflow.com/questions/39444908/how-to-create-an-html-report-for-junit-5-tests -// to get readable output for passing tests -configurations { - junitXmlToHtml -} - -dependencies { - compile 'org.bouncycastle:bcprov-jdk15on:1.64+' - compile 'org.bouncycastle:bcprov-ext-jdk15on:1.64+' - compile 'org.bouncycastle:bcpkix-jdk15on:1.64+' - compile 'commons-cli:commons-cli:1.4' - compile group: 'org.apache.commons', name: 'commons-csv', version: '1.6' - compile 'commons-codec:commons-codec:1.11' - compile 'com.payneteasy:ber-tlv:1.0-8' - compile 'org.slf4j:slf4j-api:1.8+' - compile 'ch.qos.logback:logback-classic:1.3+' - compile group: 'org.xerial', name: 'sqlite-jdbc', version: '3.21.0.1' - compile files('../tools/85b-swing-gui/lib/cardlib.jar') - compile group: 'org.apache.ibatis', name: 'ibatis-core', version: '3.0' - compile 'org.junit.jupiter:junit-jupiter-api:5.4.2' - compile 'org.junit.jupiter:junit-jupiter-engine:5.4.2' - compile 'org.junit.jupiter:junit-jupiter-params:5.4.2' - compile 'org.junit.jupiter:junit-jupiter-params:5.4.2' - compile 'org.junit.platform:junit-platform-launcher:1.4.2' - compile group: 'info.picocli', name: 'picocli', version: '3.6.0' - runtime 'org.junit.jupiter:junit-jupiter-api:5.4.2' - runtime 'org.junit.jupiter:junit-jupiter-engine:5.4.2' - runtime 'org.junit.jupiter:junit-jupiter-params:5.4.2' - testRuntime 'org.junit.jupiter:junit-jupiter-api:5.4.2' - testRuntime 'org.junit.jupiter:junit-jupiter-engine:5.4.2' - testRuntime 'org.junit.jupiter:junit-jupiter-params:5.4.2' - runtime 'org.junit.jupiter:junit-jupiter-api:5.4.2' - runtime 'org.junit.jupiter:junit-jupiter-params:5.4.2' - runtime 'org.junit.jupiter:junit-jupiter-engine:5.4.2' - runtime 'org.junit.platform:junit-platform-launcher:1.4.2' - - junitXmlToHtml 'org.apache.ant:ant-junit:1.9.7' -} - -compileJava { - options.debugOptions.debugLevel = "source,lines,vars" -} - -// use junit platform for tests -test { - useJUnitPlatform() - testLogging { - events "passed", "skipped", "failed" - } -} - -junitPlatform { -} - -// copy a jar with library sources to make this easier to step through in eclipse -task installSource(type: Copy) { - dependsOn sourceJar - from sourceJar - into "$projectDir/../tools/85b-swing-gui/lib" -} - -task install(type: Copy) { - dependsOn jar - dependsOn installSource - from jar - into "$projectDir/../tools/85b-swing-gui/lib" -} - +// conformancelib/build.gradle + +buildscript { + repositories { + mavenCentral() + } +} + +plugins { + id 'java-library' + id 'org.ajoberstar.grgit' version '2.1.0' + id 'com.github.johnrengelman.shadow' version '4.0.4' + id "de.jjohannes.extra-java-module-info" version "0.1" +} + +java { + modularity.inferModulePath.set(true) +} + +apply plugin: 'java-library' +apply plugin: 'eclipse' +apply plugin: 'com.github.johnrengelman.shadow' + +targetCompatibility = JavaVersion.VERSION_11 +sourceCompatibility = JavaVersion.VERSION_11 + +logger.warn("target java version: " + targetCompatibility) +logger.warn("source java version: " + sourceCompatibility) + +//import org.gradle.plugins.ide.eclipse.model.AccessRule + +eclipse { + classpath { + file { + whenMerged { + //def jre = entries.find { it.path.contains 'org.eclipse.jdt.launching.JRE_CONTAINER' } + //jre.accessRules.add(new AccessRule('0', 'javax/smartcardio/**')) + //def lib = entries.find { it.path.contains '.' } + //println '--> ' + lib + //lib.sourcePath = fileReference(file('../libs/gov.gsa.pivconformance.conformancelib-sources' + '-' + getVersion() + '.jar')) + } + } + } +} + +repositories { + jcenter() + mavenCentral() + maven { url 'https://repository.apache.org/snapshots' } + flatDir { + dirs '../libs', '../cardlib/build/libs' + } +} + +def getVersion = { -> + File resourcesDir = new File(project.getProjectDir(), 'src/main/resources/') + File versionFile = new File(resourcesDir, 'build.version') + if(!versionFile.exists()) { + resourcesDir.mkdirs() + versionFile.createNewFile() + println 'Initializing build.version file' + versionFile.text = '0.0-changeme' + } + String version = versionFile.text.replaceAll("[\\n\\r\\t ]", "") +} + +// custom task from +// https://stackoverflow.com/questions/39444908/how-to-create-an-html-report-for-junit-5-tests +// to get readable output for passing tests +configurations { + junitXmlToHtml +} +dependencies { + implementation 'org.bouncycastle:bcpkix-jdk15on:1.66' + implementation 'org.bouncycastle:bcprov-jdk15on:1.66' + implementation 'commons-cli:commons-cli:1.4' + implementation 'org.apache.commons:commons-csv:1.8' + implementation 'commons-codec:commons-codec:1.15' + implementation 'ch.qos.logback:logback-classic:1.3.0-alpha5' + implementation 'ch.qos.logback:logback-core:1.3.0-alpha5' + implementation 'org.xerial:sqlite-jdbc:3.32.3.2' + implementation 'org.apache.ibatis:ibatis-core:3.0' + implementation 'org.junit.jupiter:junit-jupiter-api:5.7.0' + implementation 'org.junit.jupiter:junit-jupiter-engine:5.7.0' + implementation 'org.junit.jupiter:junit-jupiter-params:5.7.0' + implementation 'org.junit.platform:junit-platform-launcher:1.7.0' + implementation 'junit:junit:4.13' + + implementation 'info.picocli:picocli:3.6.0' + implementation 'gov.gsa.pivconformance.cardlib:gov.gsa.pivconformance.cardlib:' + getVersion() + + // Required by IDE while running unit tests + testCompile 'org.junit.vintage:junit-vintage-engine:5.7.0' + + junitXmlToHtml 'org.apache.ant:ant-junit:1.10.8' +} + +jar { + doFirst { + version = getVersion() + } + doLast { + println 'archiveName: ' + archiveName + configurations.runtime.each { println it } + } +} + +extraJavaModuleInfo { + automaticModule("ber-tlv-1.0-11.jar","com.payneteasy") + automaticModule("slf4j-api-2.0.0-alpha1.jar", "org.slf4j") + automaticModule("hamcrest-core-1.3.jar","org.hamcrest") + automaticModule("commons-cli-1.4.jar","org.apache.commons.cli") + automaticModule("commons-codec-1.15.jar","org.apache.commons.codec") + automaticModule("commons-csv-1.8.jar","org.apache.commons.csv") + automaticModule("logback-classic-1.3.0-alpha5.jar", "ch.qos.logback") + automaticModule("logback-core-1.3.0-alpha5.jar", "ch.qos.logback") + automaticModule("junit-4.13.jar", "junit") + automaticModule("ibatis-core-3.0.jar","org.apache.ibatis") + automaticModule("sqlite-jdbc-3.32.3.2.jar","org.xerial") + automaticModule("activation-1.1.jar","javax.activation") + automaticModule("checker-framework-1.7.0.jar","edu.washington.cs.types.checker") +} + +compileJava { + options.debugOptions.debugLevel = "source,lines,vars" + String moduleName = ""; + if(targetCompatibility >= (String) JavaVersion.VERSION_11) { + moduleName = 'gov.gsa.pivconformance.conformancelib' + inputs.property("moduleName", moduleName) + println 'compileJava.moduleName and version: ' + moduleName + '-' + getVersion() + } + + doFirst { + options.compilerArgs = [ + '--module-path', classpath.asPath, + '--add-exports', 'org.junit.platform.commons/org.junit.platform.commons.util=gov.gsa.pivconformance.conformancelib' + ] + classpath = files() + } +} + +compileTestJava { + String moduleName = ""; + if(targetCompatibility >= (String) JavaVersion.VERSION_11) { + moduleName = 'gov.gsa.pivconformance.conformancelib.test' + version = getVersion() + inputs.property("moduleName", moduleName) + } + doFirst { + options.compilerArgs = [ + '--module-path', classpath.asPath, + '--add-modules', 'org.junit.jupiter.api', + '--add-reads', "$moduleName=org.junit.jupiter.api", + '--add-exports', 'org.junit.platform.commons/org.junit.platform.commons.util=gov.gsa.pivconformance.conformancelib', + '--patch-module', "$moduleName=" + files(sourceSets.test.java.srcDirs).asPath, + ] + classpath = files() + } +} + +test { + version = getVersion() + useJUnitPlatform() + testLogging { + events "passed", "skipped", "failed" + } +} + +//junitPlatform { } + +compileJava { + options.debugOptions.debugLevel = "source,lines,vars" +} + +task sourceJar(type: Jar, dependsOn: classes) { + classifier 'sources' + from sourceSets.main.allSource +} + +task copyShadowLibs(type: Copy) { + from configurations.shadow + into '../libs' +} + +shadowJar.dependsOn copyShadowLibs + +shadowJar.doFirst { + version = getVersion() + println 'shadowJar.doFirst.archveName: ' + archiveName +} + +task installSource(type: Copy) { + dependsOn copyShadowLibs + dependsOn sourceJar + from sourceJar + into '../libs' +} + +task install(type: Copy) { + version = getVersion() + dependsOn jar + dependsOn shadowJar + from jar + into '../libs' +} diff --git a/conformancelib/gradle.properties b/conformancelib/gradle.properties deleted file mode 100644 index 39f6bab7..00000000 --- a/conformancelib/gradle.properties +++ /dev/null @@ -1 +0,0 @@ -targetJavaVersion=8 diff --git a/conformancelib/gradle/wrapper/gradle-wrapper.jar b/conformancelib/gradle/wrapper/gradle-wrapper.jar index 94336fca..e708b1c0 100644 Binary files a/conformancelib/gradle/wrapper/gradle-wrapper.jar and b/conformancelib/gradle/wrapper/gradle-wrapper.jar differ diff --git a/conformancelib/gradle/wrapper/gradle-wrapper.properties b/conformancelib/gradle/wrapper/gradle-wrapper.properties index 290541c7..12d38de6 100644 --- a/conformancelib/gradle/wrapper/gradle-wrapper.properties +++ b/conformancelib/gradle/wrapper/gradle-wrapper.properties @@ -1,5 +1,5 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-4.10.3-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-6.6.1-bin.zip zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists diff --git a/conformancelib/gradlew b/conformancelib/gradlew index cccdd3d5..4f906e0c 100755 --- a/conformancelib/gradlew +++ b/conformancelib/gradlew @@ -1,5 +1,21 @@ #!/usr/bin/env sh +# +# Copyright 2015 the original author or authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + ############################################################################## ## ## Gradle start up script for UN*X @@ -28,7 +44,7 @@ APP_NAME="Gradle" APP_BASE_NAME=`basename "$0"` # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -DEFAULT_JVM_OPTS="" +DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' # Use the maximum available, or set MAX_FD != -1 to use that value. MAX_FD="maximum" @@ -66,6 +82,7 @@ esac CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar + # Determine the Java command to use to start the JVM. if [ -n "$JAVA_HOME" ] ; then if [ -x "$JAVA_HOME/jre/sh/java" ] ; then @@ -109,10 +126,11 @@ if $darwin; then GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" fi -# For Cygwin, switch paths to Windows format before running java -if $cygwin ; then +# For Cygwin or MSYS, switch paths to Windows format before running java +if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then APP_HOME=`cygpath --path --mixed "$APP_HOME"` CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` + JAVACMD=`cygpath --unix "$JAVACMD"` # We build the pattern for arguments to be converted via cygpath @@ -138,19 +156,19 @@ if $cygwin ; then else eval `echo args$i`="\"$arg\"" fi - i=$((i+1)) + i=`expr $i + 1` done case $i in - (0) set -- ;; - (1) set -- "$args0" ;; - (2) set -- "$args0" "$args1" ;; - (3) set -- "$args0" "$args1" "$args2" ;; - (4) set -- "$args0" "$args1" "$args2" "$args3" ;; - (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; - (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; - (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; - (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; - (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; + 0) set -- ;; + 1) set -- "$args0" ;; + 2) set -- "$args0" "$args1" ;; + 3) set -- "$args0" "$args1" "$args2" ;; + 4) set -- "$args0" "$args1" "$args2" "$args3" ;; + 5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; + 6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; + 7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; + 8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; + 9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; esac fi @@ -159,14 +177,9 @@ save () { for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done echo " " } -APP_ARGS=$(save "$@") +APP_ARGS=`save "$@"` # Collect all arguments for the java command, following the shell quoting and substitution rules eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" -# by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong -if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then - cd "$(dirname "$0")" -fi - exec "$JAVACMD" "$@" diff --git a/conformancelib/gradlew.bat b/conformancelib/gradlew.bat index e95643d6..107acd32 100644 --- a/conformancelib/gradlew.bat +++ b/conformancelib/gradlew.bat @@ -1,84 +1,89 @@ -@if "%DEBUG%" == "" @echo off -@rem ########################################################################## -@rem -@rem Gradle startup script for Windows -@rem -@rem ########################################################################## - -@rem Set local scope for the variables with windows NT shell -if "%OS%"=="Windows_NT" setlocal - -set DIRNAME=%~dp0 -if "%DIRNAME%" == "" set DIRNAME=. -set APP_BASE_NAME=%~n0 -set APP_HOME=%DIRNAME% - -@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -set DEFAULT_JVM_OPTS= - -@rem Find java.exe -if defined JAVA_HOME goto findJavaFromJavaHome - -set JAVA_EXE=java.exe -%JAVA_EXE% -version >NUL 2>&1 -if "%ERRORLEVEL%" == "0" goto init - -echo. -echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. -echo. -echo Please set the JAVA_HOME variable in your environment to match the -echo location of your Java installation. - -goto fail - -:findJavaFromJavaHome -set JAVA_HOME=%JAVA_HOME:"=% -set JAVA_EXE=%JAVA_HOME%/bin/java.exe - -if exist "%JAVA_EXE%" goto init - -echo. -echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% -echo. -echo Please set the JAVA_HOME variable in your environment to match the -echo location of your Java installation. - -goto fail - -:init -@rem Get command-line arguments, handling Windows variants - -if not "%OS%" == "Windows_NT" goto win9xME_args - -:win9xME_args -@rem Slurp the command line arguments. -set CMD_LINE_ARGS= -set _SKIP=2 - -:win9xME_args_slurp -if "x%~1" == "x" goto execute - -set CMD_LINE_ARGS=%* - -:execute -@rem Setup the command line - -set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar - -@rem Execute Gradle -"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% - -:end -@rem End local scope for the variables with windows NT shell -if "%ERRORLEVEL%"=="0" goto mainEnd - -:fail -rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of -rem the _cmd.exe /c_ return code! -if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 -exit /b 1 - -:mainEnd -if "%OS%"=="Windows_NT" endlocal - -:omega +@rem +@rem Copyright 2015 the original author or authors. +@rem +@rem Licensed under the Apache License, Version 2.0 (the "License"); +@rem you may not use this file except in compliance with the License. +@rem You may obtain a copy of the License at +@rem +@rem https://www.apache.org/licenses/LICENSE-2.0 +@rem +@rem Unless required by applicable law or agreed to in writing, software +@rem distributed under the License is distributed on an "AS IS" BASIS, +@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +@rem See the License for the specific language governing permissions and +@rem limitations under the License. +@rem + +@if "%DEBUG%" == "" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%" == "" set DIRNAME=. +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Resolve any "." and ".." in APP_HOME to make it shorter. +for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if "%ERRORLEVEL%" == "0" goto execute + +echo. +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto execute + +echo. +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %* + +:end +@rem End local scope for the variables with windows NT shell +if "%ERRORLEVEL%"=="0" goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 +exit /b 1 + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/conformancelib/logback.xml b/conformancelib/logback.xml deleted file mode 100644 index d4d58c22..00000000 --- a/conformancelib/logback.xml +++ /dev/null @@ -1,32 +0,0 @@ - - - - myApp.log - - %date %level [%thread] %logger{10} [%file:%line] %msg%n - - - - test_progress.log - - %date,%level,"%msg"%n - - - - - - %msg%n - - - - - - - - - - - - - - diff --git a/conformancelib/out/production/classes/.gitignore b/conformancelib/out/production/classes/.gitignore deleted file mode 100644 index 1f446ae4..00000000 --- a/conformancelib/out/production/classes/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/gov/ diff --git a/conformancelib/settings.gradle b/conformancelib/settings.gradle new file mode 100644 index 00000000..7eae41cc --- /dev/null +++ b/conformancelib/settings.gradle @@ -0,0 +1,10 @@ +/* + * This file was generated by the Gradle 'init' task. + * + * The settings file is used to specify which projects to include in your build. + * + * Detailed information about configuring a multi-project build in Gradle can be found + * in the user manual at https://docs.gradle.org/6.6.1/userguide/multi_project_builds.html + */ + +rootProject.name = 'gov.gsa.pivconformance.conformancelib' diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/CardInfoController.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/CardInfoController.java similarity index 90% rename from conformancelib/src/main/java/gov/gsa/conformancelib/configuration/CardInfoController.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/CardInfoController.java index 9d3bb6e3..a29b7fc1 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/CardInfoController.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/CardInfoController.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.configuration; +package gov.gsa.pivconformance.conformancelib.configuration; import javax.smartcardio.CardException; import javax.smartcardio.CardTerminal; @@ -6,16 +6,16 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.CardSettingsSingleton.LOGIN_STATUS; -import gov.gsa.pivconformance.card.client.ApplicationAID; -import gov.gsa.pivconformance.card.client.ApplicationProperties; -import gov.gsa.pivconformance.card.client.CardHandle; -import gov.gsa.pivconformance.card.client.ConnectionDescription; -import gov.gsa.pivconformance.card.client.DefaultPIVApplication; -import gov.gsa.pivconformance.card.client.MiddlewareStatus; -import gov.gsa.pivconformance.card.client.PIVAuthenticators; -import gov.gsa.pivconformance.card.client.PIVMiddleware; -import gov.gsa.pivconformance.utils.PCSCUtils; +import gov.gsa.pivconformance.cardlib.card.client.ApplicationAID; +import gov.gsa.pivconformance.cardlib.card.client.ApplicationProperties; +import gov.gsa.pivconformance.cardlib.card.client.CardHandle; +import gov.gsa.pivconformance.cardlib.card.client.ConnectionDescription; +import gov.gsa.pivconformance.cardlib.card.client.DefaultPIVApplication; +import gov.gsa.pivconformance.cardlib.card.client.MiddlewareStatus; +import gov.gsa.pivconformance.cardlib.card.client.PIVAuthenticators; +import gov.gsa.pivconformance.cardlib.card.client.PIVMiddleware; +import gov.gsa.pivconformance.conformancelib.configuration.CardSettingsSingleton.LOGIN_STATUS; +import gov.gsa.pivconformance.cardlib.utils.PCSCUtils; public class CardInfoController { private static final Logger s_logger = LoggerFactory.getLogger(CardInfoController.class); diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/CardSettingsSingleton.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/CardSettingsSingleton.java similarity index 87% rename from conformancelib/src/main/java/gov/gsa/conformancelib/configuration/CardSettingsSingleton.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/CardSettingsSingleton.java index d2aadf0a..c301fde1 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/CardSettingsSingleton.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/CardSettingsSingleton.java @@ -1,9 +1,9 @@ -package gov.gsa.conformancelib.configuration; +package gov.gsa.pivconformance.conformancelib.configuration; import javax.smartcardio.CardTerminal; -import gov.gsa.pivconformance.card.client.AbstractPIVApplication; -import gov.gsa.pivconformance.card.client.CardHandle; +import gov.gsa.pivconformance.cardlib.card.client.AbstractPIVApplication; +import gov.gsa.pivconformance.cardlib.card.client.CardHandle; public final class CardSettingsSingleton { @@ -33,14 +33,6 @@ public void setGlobalPin(String globalPin) { m_globalPin = globalPin; } - public String getAtr() { - return m_atr; - } - - public void setAtr(String atr) { - m_atr = atr; - } - public CardTerminal getTerminal() { return m_terminal; } @@ -81,7 +73,6 @@ public enum LOGIN_STATUS { private String m_applicationPin = null; private String m_globalPin = null; - private String m_atr = null; private CardTerminal m_terminal = null; private CardHandle m_cardHandle = null; @@ -103,10 +94,11 @@ public void reset() { m_readerIndex = -1; m_applicationPin = null; m_globalPin = null; - m_atr = null; m_terminal = null; m_pivHandle = null; m_cardHandle = null; m_lastLoginStatus = LOGIN_STATUS.LOGIN_NOT_TRIED; } + + } diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/ConfigurationException.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/ConfigurationException.java similarity index 85% rename from conformancelib/src/main/java/gov/gsa/conformancelib/configuration/ConfigurationException.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/ConfigurationException.java index 78aded8d..61b2b04c 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/ConfigurationException.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/ConfigurationException.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.configuration; +package gov.gsa.pivconformance.conformancelib.configuration; public class ConfigurationException extends Exception { diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/ConformanceTestDatabase.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/ConformanceTestDatabase.java similarity index 93% rename from conformancelib/src/main/java/gov/gsa/conformancelib/configuration/ConformanceTestDatabase.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/ConformanceTestDatabase.java index 6905fe43..eb7d2fd1 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/ConformanceTestDatabase.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/ConformanceTestDatabase.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.configuration; +package gov.gsa.pivconformance.conformancelib.configuration; import java.io.File; import java.io.IOException; @@ -35,7 +35,15 @@ public Connection getConnection() { public void setConnconnection(Connection conn) { m_conn = conn; } - + + public int getTestCaseCount() { + return this.testCaseCount; + } + + public void setTestCaseCount(int count) { + this.testCaseCount = count; + } + /** * Opens the Sqlite database in the file and makes the connection handle available * @param filename of the file to be opened @@ -89,17 +97,23 @@ public List getTestCases() throws ConfigurationException { throw new ConfigurationException("getTestCases() called without any database."); } ArrayList rv = new ArrayList(); + int count = 0; try (Statement testStatement = m_conn.createStatement()) { ResultSet rs = testStatement.executeQuery(TEST_SET); while(rs.next()) { TestCaseModel testCase = new TestCaseModel(this); testCase.retrieveForId(rs.getInt("Id")); + if (!testCase.getTestStatus().equals(TestStatus.TESTCATEGORY)) { + // If it's not a test category, then its a test we have to run + count++; + } rv.add(testCase); } //m_conn.close(); } catch(SQLException e) { s_logger.error("Failed to retrieve test cases from database: {}", e.getMessage()); } + setTestCaseCount(count); return rv; } @@ -173,4 +187,5 @@ public void addTestCase(String[] testCaseDescription ) throws ConfigurationExcep } private Connection m_conn; + private int testCaseCount; } diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/ParameterProviderSingleton.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/ParameterProviderSingleton.java similarity index 96% rename from conformancelib/src/main/java/gov/gsa/conformancelib/configuration/ParameterProviderSingleton.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/ParameterProviderSingleton.java index c1cee881..f89cf9e2 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/ParameterProviderSingleton.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/ParameterProviderSingleton.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.configuration; +package gov.gsa.pivconformance.conformancelib.configuration; import java.util.ArrayList; import java.util.HashMap; diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/ParameterUtils.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/ParameterUtils.java similarity index 96% rename from conformancelib/src/main/java/gov/gsa/conformancelib/configuration/ParameterUtils.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/ParameterUtils.java index d4d1ff8d..9a3de053 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/ParameterUtils.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/ParameterUtils.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.configuration; +package gov.gsa.pivconformance.conformancelib.configuration; import java.util.ArrayList; import java.util.HashMap; @@ -8,7 +8,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.pivconformance.card.client.CardClientException; +import gov.gsa.pivconformance.cardlib.card.client.CardClientException; public class ParameterUtils { diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/ParameterizedArgumentsProvider.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/ParameterizedArgumentsProvider.java similarity index 96% rename from conformancelib/src/main/java/gov/gsa/conformancelib/configuration/ParameterizedArgumentsProvider.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/ParameterizedArgumentsProvider.java index 9315c62a..d04c0339 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/ParameterizedArgumentsProvider.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/ParameterizedArgumentsProvider.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.configuration; +package gov.gsa.pivconformance.conformancelib.configuration; import java.lang.reflect.Method; import java.util.ArrayList; @@ -12,7 +12,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.pivconformance.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; public class ParameterizedArgumentsProvider implements ArgumentsProvider { private static Logger s_logger = LoggerFactory.getLogger(ParameterUtils.class); diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/TestCaseModel.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/TestCaseModel.java similarity index 92% rename from conformancelib/src/main/java/gov/gsa/conformancelib/configuration/TestCaseModel.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/TestCaseModel.java index 8786dcea..873a15a9 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/TestCaseModel.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/TestCaseModel.java @@ -1,16 +1,16 @@ -package gov.gsa.conformancelib.configuration; +package gov.gsa.pivconformance.conformancelib.configuration; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; +import java.sql.SQLException; import java.util.ArrayList; import java.util.List; import java.util.Optional; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.sqlite.SQLiteException; - public class TestCaseModel { private static Logger s_logger = LoggerFactory.getLogger(TestCaseModel.class); @@ -194,10 +194,14 @@ public void retrieveForId(int testId) { pstepsQuery.setInt(1, testId); ResultSet prs = pstepsQuery.executeQuery(); m_steps = new ArrayList(); - while(prs.next()) { - TestStepModel ts = new TestStepModel(this.getDb()); - ts.retrieveForId(prs.getInt("TestStepId"), testId); - m_steps.add(ts); + if (!prs.next()) { + this.setStatus(TestStatus.TESTCATEGORY.getValue()); + } else { + do { + TestStepModel ts = new TestStepModel(this.getDb()); + ts.retrieveForId(prs.getInt("TestStepId"), testId); + m_steps.add(ts); + } while(prs.next()); } try { PreparedStatement pContainerQuery = conn.prepareStatement(containerQuery); @@ -208,7 +212,7 @@ public void retrieveForId(int testId) { this.setContainer(null); } this.setContainer(crs.getString("TestCaseContainer")); - } catch(SQLiteException e) { + } catch(SQLException e) { this.setContainer(null); s_logger.warn("Test case database does not contain test case container column. This is an old format database and must be regenerated.", e); diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/TestStatus.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/TestStatus.java similarity index 84% rename from conformancelib/src/main/java/gov/gsa/conformancelib/configuration/TestStatus.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/TestStatus.java index 1b6ccbe0..5d9db915 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/TestStatus.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/TestStatus.java @@ -1,10 +1,11 @@ -package gov.gsa.conformancelib.configuration; +package gov.gsa.pivconformance.conformancelib.configuration; import java.util.Arrays; import java.util.Optional; public enum TestStatus { + TESTCATEGORY(-2), NONE(-1), FAIL(0), PASS(1), @@ -26,4 +27,4 @@ public int getValue() { return value; } -} +} \ No newline at end of file diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/TestStepModel.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/TestStepModel.java similarity index 98% rename from conformancelib/src/main/java/gov/gsa/conformancelib/configuration/TestStepModel.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/TestStepModel.java index 1252b690..49db49b4 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/configuration/TestStepModel.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/configuration/TestStepModel.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.configuration; +package gov.gsa.pivconformance.conformancelib.configuration; import java.sql.Connection; import java.sql.PreparedStatement; diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/AvailableOptions.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/AvailableOptions.java similarity index 99% rename from conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/AvailableOptions.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/AvailableOptions.java index 0a743719..0133b832 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/AvailableOptions.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/AvailableOptions.java @@ -8,7 +8,7 @@ * http://www.eclipse.org/legal/epl-v20.html */ -package gov.gsa.conformancelib.junitoptions; +package gov.gsa.pivconformance.conformancelib.junitoptions; import java.net.URI; import java.nio.file.Path; diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/CommandLineOptions.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/CommandLineOptions.java similarity index 99% rename from conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/CommandLineOptions.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/CommandLineOptions.java index b2b23d14..a4debc8c 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/CommandLineOptions.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/CommandLineOptions.java @@ -8,7 +8,7 @@ * http://www.eclipse.org/legal/epl-v20.html */ -package gov.gsa.conformancelib.junitoptions; +package gov.gsa.pivconformance.conformancelib.junitoptions; import static java.util.Collections.emptyList; import static java.util.Collections.emptyMap; diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/CommandLineOptionsParser.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/CommandLineOptionsParser.java similarity index 91% rename from conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/CommandLineOptionsParser.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/CommandLineOptionsParser.java index 9935e609..a4702e66 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/CommandLineOptionsParser.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/CommandLineOptionsParser.java @@ -8,7 +8,7 @@ * http://www.eclipse.org/legal/epl-v20.html */ -package gov.gsa.conformancelib.junitoptions; +package gov.gsa.pivconformance.conformancelib.junitoptions; import static org.apiguardian.api.API.Status.INTERNAL; diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/ConformanceTestExecutionListener.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/ConformanceTestExecutionListener.java similarity index 98% rename from conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/ConformanceTestExecutionListener.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/ConformanceTestExecutionListener.java index 18533d07..7e7b67a3 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/ConformanceTestExecutionListener.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/ConformanceTestExecutionListener.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.junitoptions; +package gov.gsa.pivconformance.conformancelib.junitoptions; import org.junit.platform.engine.TestExecutionResult; import org.junit.platform.engine.reporting.ReportEntry; diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/Details.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/Details.java similarity index 94% rename from conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/Details.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/Details.java index 35d943e0..aa37c903 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/Details.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/Details.java @@ -8,7 +8,7 @@ * http://www.eclipse.org/legal/epl-v20.html */ -package gov.gsa.conformancelib.junitoptions; +package gov.gsa.pivconformance.conformancelib.junitoptions; import static org.apiguardian.api.API.Status.INTERNAL; diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/Theme.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/Theme.java similarity index 98% rename from conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/Theme.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/Theme.java index d940a292..9d2e6c98 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/Theme.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/Theme.java @@ -8,7 +8,7 @@ * http://www.eclipse.org/legal/epl-v20.html */ -package gov.gsa.conformancelib.junitoptions; +package gov.gsa.pivconformance.conformancelib.junitoptions; import static org.apiguardian.api.API.Status.INTERNAL; diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/package-info.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/package-info.java similarity index 51% rename from conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/package-info.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/package-info.java index 81ae2969..157a3c0d 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/junitoptions/package-info.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/junitoptions/package-info.java @@ -2,4 +2,4 @@ * Configuration options for JUnit's console launcher. */ -package gov.gsa.conformancelib.junitoptions; +package gov.gsa.pivconformance.conformancelib.junitoptions; diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/BER_TLVTests.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/BER_TLVTests.java similarity index 93% rename from conformancelib/src/main/java/gov/gsa/conformancelib/tests/BER_TLVTests.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/BER_TLVTests.java index 19079b02..e330be92 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/BER_TLVTests.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/BER_TLVTests.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.tests; +package gov.gsa.pivconformance.conformancelib.tests; import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertTrue; @@ -13,12 +13,12 @@ import org.junit.jupiter.params.provider.Arguments; import org.junit.jupiter.params.provider.ArgumentsSource; -import gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider; -import gov.gsa.conformancelib.utilities.AtomHelper; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.PIVDataObject; -import gov.gsa.pivconformance.tlv.BerTlvParser; -import gov.gsa.pivconformance.tlv.CCTTlvLogger; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterizedArgumentsProvider; +import gov.gsa.pivconformance.conformancelib.utilities.AtomHelper; +import gov.gsa.pivconformance.cardlib.tlv.BerTlvParser; +import gov.gsa.pivconformance.cardlib.tlv.CCTTlvLogger; public class BER_TLVTests { diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/CMSTests.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/CMSTests.java similarity index 98% rename from conformancelib/src/main/java/gov/gsa/conformancelib/tests/CMSTests.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/CMSTests.java index 1a02e4d4..ff9586a5 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/CMSTests.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/CMSTests.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.tests; +package gov.gsa.pivconformance.conformancelib.tests; import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertTrue; @@ -50,13 +50,13 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.ParameterUtils; -import gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider; -import gov.gsa.conformancelib.utilities.AtomHelper; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.Algorithm; -import gov.gsa.pivconformance.card.client.CardHolderUniqueIdentifier; -import gov.gsa.pivconformance.card.client.SignedPIVDataObject; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterUtils; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterizedArgumentsProvider; +import gov.gsa.pivconformance.conformancelib.utilities.AtomHelper; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.Algorithm; +import gov.gsa.pivconformance.cardlib.card.client.CardHolderUniqueIdentifier; +import gov.gsa.pivconformance.cardlib.card.client.SignedPIVDataObject; public class CMSTests { static Logger s_logger = LoggerFactory.getLogger(CMSTests.class); @@ -990,7 +990,7 @@ void CMS_Test_29(String oid, String fascnOID, TestReporter reporter) { fail("CHUID object is null"); } - byte[] fascn = o2.getfASCN(); + byte[] fascn = ((CardHolderUniqueIdentifier) o2).getfASCN(); if (fascn == null) { fail("FASC-N in CHUID object is null"); } @@ -1015,7 +1015,7 @@ void CMS_Test_29(String oid, String fascnOID, TestReporter reporter) { assertTrue(attr != null, String.format("Attribute %s not found in signed attributes", fascnOID)); - ASN1Set fascnAttr = attr.getAttrValues(); + ASN1Set fascnAttr = ((Attribute) attr).getAttrValues(); assertTrue(fascnAttr != null, String.format("No value for %s attribute", fascnOID)); assertTrue(fascnAttr.size() == 1, "FASC-N attribute has multiple values"); @@ -1053,7 +1053,7 @@ void CMS_Test_30(String oid, String uuidOID, TestReporter reporter) { fail("CHUID object is null"); } - byte[] uuid = o2.getgUID(); + byte[] uuid = ((CardHolderUniqueIdentifier) o2).getgUID(); if (uuid == null) { fail("UUID in CHUID object is null"); } @@ -1078,7 +1078,7 @@ void CMS_Test_30(String oid, String uuidOID, TestReporter reporter) { assertTrue(attr != null, String.format("Attribute %s not found in signed attributes", uuidOID)); - ASN1Set uuidAttr = attr.getAttrValues(); + ASN1Set uuidAttr = ((Attribute) attr).getAttrValues(); assertTrue(uuidAttr != null, String.format("No value for %s attribute", uuidOID)); assertTrue(uuidAttr.size() == 1, "UUID attribute has multiple values"); diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/ConformanceTestException.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/ConformanceTestException.java similarity index 86% rename from conformancelib/src/main/java/gov/gsa/conformancelib/tests/ConformanceTestException.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/ConformanceTestException.java index 5e795190..10c90ff0 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/ConformanceTestException.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/ConformanceTestException.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.tests; +package gov.gsa.pivconformance.conformancelib.tests; public class ConformanceTestException extends Exception { public ConformanceTestException() { super(); } diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/PKIX_X509DataObjectTests.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/PKIX_X509DataObjectTests.java similarity index 95% rename from conformancelib/src/main/java/gov/gsa/conformancelib/tests/PKIX_X509DataObjectTests.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/PKIX_X509DataObjectTests.java index e8d1cc5b..c4f6fb05 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/PKIX_X509DataObjectTests.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/PKIX_X509DataObjectTests.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.tests; +package gov.gsa.pivconformance.conformancelib.tests; import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertTrue; @@ -7,10 +7,15 @@ import java.io.BufferedInputStream; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; import java.math.BigInteger; import java.net.URL; +import java.security.KeyStore; +import java.security.KeyStoreException; import java.security.PublicKey; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; @@ -67,21 +72,22 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.CardSettingsSingleton; -import gov.gsa.conformancelib.configuration.ParameterUtils; -import gov.gsa.conformancelib.configuration.CardSettingsSingleton.LOGIN_STATUS; -import gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider; -import gov.gsa.conformancelib.utilities.AtomHelper; -import gov.gsa.conformancelib.utilities.CardUtils; -import gov.gsa.conformancelib.utilities.KeyValidationHelper; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.AbstractPIVApplication; -import gov.gsa.pivconformance.card.client.CardHandle; -import gov.gsa.pivconformance.card.client.CardHolderUniqueIdentifier; -import gov.gsa.pivconformance.card.client.MiddlewareStatus; -import gov.gsa.pivconformance.card.client.PIVDataObject; -import gov.gsa.pivconformance.card.client.PIVDataObjectFactory; -import gov.gsa.pivconformance.card.client.X509CertificateDataObject;; +import gov.gsa.pivconformance.conformancelib.configuration.CardSettingsSingleton; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterUtils; +import gov.gsa.pivconformance.conformancelib.configuration.CardSettingsSingleton.LOGIN_STATUS; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterizedArgumentsProvider; +import gov.gsa.pivconformance.conformancelib.utilities.AtomHelper; +import gov.gsa.pivconformance.conformancelib.utilities.CardUtils; +import gov.gsa.pivconformance.conformancelib.utilities.KeyValidationHelper; +import gov.gsa.pivconformance.conformancelib.utilities.Validator; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.AbstractPIVApplication; +import gov.gsa.pivconformance.cardlib.card.client.CardHandle; +import gov.gsa.pivconformance.cardlib.card.client.CardHolderUniqueIdentifier; +import gov.gsa.pivconformance.cardlib.card.client.MiddlewareStatus; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObjectFactory; +import gov.gsa.pivconformance.cardlib.card.client.X509CertificateDataObject;; public class PKIX_X509DataObjectTests { @@ -249,38 +255,30 @@ void PKIX_Test_6(String oid, String containersAndPolicyOids, TestReporter report if (policyOidName.equals(oid)) { List paramList3 = Arrays.asList(allowedPolicies[1].split("\\|")); String containerOid = APDUConstants.getStringForFieldNamed(allowedPolicies[0]); - rv.put(containerOid, paramList3); s_logger.debug("For {}, one of policy OIDs ({}) should be asserted", containerOid, paramList3.toString()); + try { + X509Certificate trustAnchorCert = null; + try { + Validator validator = new Validator(); + validator.setKeyStore("x509-certs/cacerts.keystore", "changeit"); //TODO: Make this a property + KeyStore ks = validator.getKeyStore(); + String trustAnchorAlias = (cert.getSubjectX500Principal().getName().contains("ICAM")) ? "icam test card root ca" : "federal common policy ca"; + s_logger.debug("Looking for trust anchor " + trustAnchorAlias); + trustAnchorCert = (X509Certificate) ks.getCertificate(trustAnchorAlias); + boolean valid = Validator.isValid(cert, paramList3.toString(), trustAnchorCert); + assertTrue(valid, "Cert not valid"); + } catch (Exception e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } catch (Exception e1) { + // TODO Auto-generated catch block + e1.printStackTrace(); + } + + assertTrue(false, "Cert failed"); } } - - //Get certificate policies extension - byte[] cpex = cert.getExtensionValue("2.5.29.32"); - - //Confirm certificate policies extension is present - assertTrue(cpex != null, "Certificate policies extension is absent"); - - CertificatePolicies policies = null; - try { - policies = CertificatePolicies.getInstance(JcaX509ExtensionUtils.parseExtensionValue(cpex)); - } catch (IOException e) { - fail(e); - } - assertNotNull(policies); - boolean containsOOID = false; - - PolicyInformation[] policyInformation = policies.getPolicyInformation(); - for (PolicyInformation pInfo : policyInformation) { - ASN1ObjectIdentifier curroid = pInfo.getPolicyIdentifier(); - s_logger.debug("Testing whether {} in {} cert is allowed", curroid.getId(), APDUConstants.oidNameMap.get(oid)); - if(rv.get(oid).contains(curroid.getId())) { - containsOOID = true; - break; - } - } - - //Confirm that oid matches is asserted in certificate policies - assertTrue(containsOOID, "Certificate policies for container " + oid + " differ from expected values."); } /* ******************* Standard stuff for most all certs ************************ */ @@ -441,7 +439,7 @@ void PKIX_Test_11(String oid, TestReporter reporter) { @ParameterizedTest(/*name = "{index} => oid = {0}"*/) //@MethodSource("pKIX_x509TestProvider2") //@ArgumentsSource(ParameterizedArgumentsProvider.class) - @ArgumentsSource(gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider.class) + @ArgumentsSource(ParameterizedArgumentsProvider.class) void PKIX_Test_12(String oid, String requiredOid, TestReporter reporter) { if (AtomHelper.isOptionalAndAbsent(oid)) return; @@ -1039,7 +1037,7 @@ void PKIX_Test_26(String oid, TestReporter reporter) { @ParameterizedTest(/*name = "{index} => oid = {0}"*/) //@MethodSource("pKIX_x509TestProvider2") //@ArgumentsSource(ParameterizedArgumentsProvider.class) - @ArgumentsSource(gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider.class) + @ArgumentsSource(ParameterizedArgumentsProvider.class) void PKIX_Test_27(String oid, String requiredOid, TestReporter reporter) { //Check that the oid passed in is not null if (oid == null) { @@ -1077,7 +1075,7 @@ void PKIX_Test_27(String oid, String requiredOid, TestReporter reporter) { @ParameterizedTest(/*name = "{index} => oid = {0}"*/) //@MethodSource("pKIX_x509TestProvider2") //@ArgumentsSource(ParameterizedArgumentsProvider.class) - @ArgumentsSource(gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider.class) + @ArgumentsSource(ParameterizedArgumentsProvider.class) void PKIX_Test_28(String oid, TestReporter reporter) { //Check that the oid passed in is not null if (oid == null) { diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/PlaceholderTests.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/PlaceholderTests.java similarity index 96% rename from conformancelib/src/main/java/gov/gsa/conformancelib/tests/PlaceholderTests.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/PlaceholderTests.java index 658cce4b..70b639df 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/PlaceholderTests.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/PlaceholderTests.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.tests; +package gov.gsa.pivconformance.conformancelib.tests; import static org.junit.jupiter.api.Assertions.assertTrue; import java.util.stream.Stream; @@ -9,9 +9,10 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.utilities.AtomHelper; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.conformancelib.utilities.AtomHelper; + import org.junit.jupiter.params.provider.Arguments; public class PlaceholderTests { diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4CCCTests.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4CCCTests.java similarity index 94% rename from conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4CCCTests.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4CCCTests.java index 74108a75..9c0c3077 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4CCCTests.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4CCCTests.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.tests; +package gov.gsa.pivconformance.conformancelib.tests; import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertTrue; @@ -16,13 +16,13 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider; -import gov.gsa.conformancelib.utilities.AtomHelper; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.CardCapabilityContainer; -import gov.gsa.pivconformance.card.client.PIVDataObject; -import gov.gsa.pivconformance.tlv.BerTag; -import gov.gsa.pivconformance.tlv.TagConstants; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.CardCapabilityContainer; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterizedArgumentsProvider; +import gov.gsa.pivconformance.conformancelib.utilities.AtomHelper; +import gov.gsa.pivconformance.cardlib.tlv.BerTag; +import gov.gsa.pivconformance.cardlib.tlv.TagConstants; public class SP800_73_4CCCTests { private static final Logger s_logger = LoggerFactory.getLogger(SP800_73_4CCCTests.class); diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4CHUIDTests.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4CHUIDTests.java similarity index 97% rename from conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4CHUIDTests.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4CHUIDTests.java index dd7f8f94..c14f2ad9 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4CHUIDTests.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4CHUIDTests.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.tests; +package gov.gsa.pivconformance.conformancelib.tests; import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertTrue; @@ -10,6 +10,7 @@ import java.util.List; import java.util.stream.Stream; +import org.apache.commons.codec.binary.Hex; import org.junit.jupiter.api.DisplayName; import org.junit.jupiter.api.TestReporter; import org.junit.jupiter.params.ParameterizedTest; @@ -18,13 +19,13 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider; -import gov.gsa.conformancelib.utilities.AtomHelper; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.CardHolderUniqueIdentifier; -import gov.gsa.pivconformance.card.client.PIVDataObject; -import gov.gsa.pivconformance.tlv.BerTag; -import gov.gsa.pivconformance.tlv.TagConstants; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterizedArgumentsProvider; +import gov.gsa.pivconformance.conformancelib.utilities.AtomHelper; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.CardHolderUniqueIdentifier; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.tlv.BerTag; +import gov.gsa.pivconformance.cardlib.tlv.TagConstants; public class SP800_73_4CHUIDTests { private static final Logger s_logger = LoggerFactory.getLogger(SP800_73_4CHUIDTests.class); @@ -134,7 +135,7 @@ String cook(byte[] raw) { String bitstr = ""; // Convert each hex digit to 8 0's and 1's and concatenate to into a string for (byte b : raw) { - bitstr += String.format("%8s", Integer.toBinaryString(b & 0xff)).replace(' ', '0');; + bitstr += String.format("%8s", Integer.toBinaryString((int) b & 0xff)).replace(' ', '0');; } // Create a bit array to read 5 bits at a time. byte[] bits = bitstr.getBytes(); diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4CommmonObjectTests.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4CommmonObjectTests.java similarity index 88% rename from conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4CommmonObjectTests.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4CommmonObjectTests.java index 0ad45889..bd241317 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4CommmonObjectTests.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4CommmonObjectTests.java @@ -1,92 +1,92 @@ -package gov.gsa.conformancelib.tests; - -// Uncomment when needed -import static org.junit.Assert.assertTrue; -// import static org.junit.jupiter.api.Assertions.fail; -import static org.junit.jupiter.api.Assertions.fail; - -import java.util.stream.Stream; - -import org.junit.jupiter.api.DisplayName; -import org.junit.jupiter.api.TestReporter; -import org.junit.jupiter.params.ParameterizedTest; -import org.junit.jupiter.params.provider.Arguments; -import org.junit.jupiter.params.provider.ArgumentsSource; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider; -import gov.gsa.conformancelib.utilities.AtomHelper; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.PIVDataObject; - -/** - * This class is a collector that allows maintainers to collapse like atoms - * and reduce code maintenance. - * :1,$s/56/57/g - * - * 10-step data-driven design approach to code reduction: - * - * 1. Add 1 to this number right here: [ 56 ] - * 2. On the Steps Overview tab of the .xlsx sheet, locate the two rows with atoms that perform the same function and - * change the description to . Change the atom to: 73-4.56. Change them to - * 3. To the .csv file corresponding to the SP800-73-4 tab of the .xlsx sheet, import (append) a row with these values: - * "73-4.56","gov.gsa.conformancelib.tests.SP800_73_4CommmonObjectTests","sp800_73_4_Test_56","","" - * 4. Copy the template method at the top of this class, pasting it at the end. - * 5. Merge the two atoms. Fewer assertions is better so long as the main assertion does the intended assertion. - * 6. Copy and paste the inside of the merged atom into method sp800_73_4_Test_56(). If the method already - * uses AtomHelper, just overwrite the template method. - * 7. JUnit test and comment test fixture code within - * 8. To prove out that the collapse works: - * a. refactor collapsed methods, then rebuild and/or adjust database (parameterize, if necessary), and - * repeat Step 7 and 8 until the two old test cases fails and the new case passes per the requirement. The trick - * is make the test runner fail with a graceful popup at runtime or a Python KeyError: '73-4.xx' during mk_db.sh - * until correctly merged. - * 9. On the SP800-73-4 tab, locate the old atom rows, removed them, save, and rebuild the database. The next test - * should run with no unexpected failures and no popups. If either occurs, investigate, fix, and repeat 7-9. - * 10. The old atoms can be removed from the appropriate test class and the system can be rebuilt. - * - * - */ - -public class SP800_73_4CommmonObjectTests { - private static final Logger s_logger = LoggerFactory.getLogger(SP800_73_4CommmonObjectTests.class); - // - // - // Template methods - // - // - @DisplayName("SP800-73-4.56 test") - @ParameterizedTest(name = "{index} => oid = {0}") - // @MethodSource("sp800_73_4CommonObjectsTestProvider") - @ArgumentsSource(ParameterizedArgumentsProvider.class) - void sp800_73_4_Test_56(String oid, TestReporter reporter) { - // TODO: Since this could be caught, longer-term, consider Throwable - try { - PIVDataObject o = AtomHelper.getDataObject(oid); - if (!o.inBounds(oid)) { - String errStr = (String.format("Tag in " + o.getFriendlyName() + " failed length check")); - Exception e = new Exception(errStr); - throw(e); - } - } catch (Exception e) { - s_logger.info(e.getMessage()); - fail(e); - } - - assertTrue(true); // or switch to assertTrue(false) for a fall-through test if coded that way - } - @SuppressWarnings("unused") - private static Stream sp800_73_4CommonObjectsTestProvider() { - // Just an example - be stream of any APDUConstants. - return Stream.of( - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID), - Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID) - ); - - } - // -} +package gov.gsa.pivconformance.conformancelib.tests; + +// Uncomment when needed +import static org.junit.Assert.assertTrue; +// import static org.junit.jupiter.api.Assertions.fail; +import static org.junit.jupiter.api.Assertions.fail; + +import java.util.stream.Stream; + +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.TestReporter; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.Arguments; +import org.junit.jupiter.params.provider.ArgumentsSource; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterizedArgumentsProvider; +import gov.gsa.pivconformance.conformancelib.utilities.AtomHelper; + +/** + * This class is a collector that allows maintainers to collapse like atoms + * and reduce code maintenance. + * :1,$s/56/57/g + * + * 10-step data-driven design approach to code reduction: + * + * 1. Add 1 to this number right here: [ 56 ] + * 2. On the Steps Overview tab of the .xlsx sheet, locate the two rows with atoms that perform the same function and + * change the description to . Change the atom to: 73-4.56. Change them to + * 3. To the .csv file corresponding to the SP800-73-4 tab of the .xlsx sheet, import (append) a row with these values: + * "73-4.56","gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CommmonObjectTests","sp800_73_4_Test_56","","" + * 4. Copy the template method at the top of this class, pasting it at the end. + * 5. Merge the two atoms. Fewer assertions is better so long as the main assertion does the intended assertion. + * 6. Copy and paste the inside of the merged atom into method sp800_73_4_Test_56(). If the method already + * uses AtomHelper, just overwrite the template method. + * 7. JUnit test and comment test fixture code within + * 8. To prove out that the collapse works: + * a. refactor collapsed methods, then rebuild and/or adjust database (parameterize, if necessary), and + * repeat Step 7 and 8 until the two old test cases fails and the new case passes per the requirement. The trick + * is make the test runner fail with a graceful popup at runtime or a Python KeyError: '73-4.xx' during mk_db.sh + * until correctly merged. + * 9. On the SP800-73-4 tab, locate the old atom rows, removed them, save, and rebuild the database. The next test + * should run with no unexpected failures and no popups. If either occurs, investigate, fix, and repeat 7-9. + * 10. The old atoms can be removed from the appropriate test class and the system can be rebuilt. + * + * + */ + +public class SP800_73_4CommmonObjectTests { + private static final Logger s_logger = LoggerFactory.getLogger(SP800_73_4CommmonObjectTests.class); + // + // + // Template methods + // + // + @DisplayName("SP800-73-4.56 test") + @ParameterizedTest(name = "{index} => oid = {0}") + // @MethodSource("sp800_73_4CommonObjectsTestProvider") + @ArgumentsSource(ParameterizedArgumentsProvider.class) + void sp800_73_4_Test_56(String oid, TestReporter reporter) { + // TODO: Since this could be caught, longer-term, consider Throwable + try { + PIVDataObject o = AtomHelper.getDataObject(oid); + if (!o.inBounds(oid)) { + String errStr = (String.format("Tag in " + o.getFriendlyName() + " failed length check")); + Exception e = new Exception(errStr); + throw(e); + } + } catch (Exception e) { + s_logger.info(e.getMessage()); + fail(e); + } + + assertTrue(true); // or switch to assertTrue(false) for a fall-through test if coded that way + } + @SuppressWarnings("unused") + private static Stream sp800_73_4CommonObjectsTestProvider() { + // Just an example - be stream of any APDUConstants. + return Stream.of( + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID), + Arguments.of(APDUConstants.X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID) + ); + + } + // +} diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4DiscoveryObjectTests.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4DiscoveryObjectTests.java similarity index 89% rename from conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4DiscoveryObjectTests.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4DiscoveryObjectTests.java index e56aff81..be82b66e 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4DiscoveryObjectTests.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4DiscoveryObjectTests.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.tests; +package gov.gsa.pivconformance.conformancelib.tests; import static org.junit.jupiter.api.Assertions.assertTrue; import static org.junit.jupiter.api.Assertions.fail; @@ -15,14 +15,14 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider; -import gov.gsa.conformancelib.utilities.AtomHelper; -import gov.gsa.conformancelib.utilities.CardUtils; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.DiscoveryObject; -import gov.gsa.pivconformance.card.client.PIVDataObject; -import gov.gsa.pivconformance.tlv.BerTag; -import gov.gsa.pivconformance.tlv.TagConstants; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.DiscoveryObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterizedArgumentsProvider; +import gov.gsa.pivconformance.conformancelib.utilities.AtomHelper; +import gov.gsa.pivconformance.conformancelib.utilities.CardUtils; +import gov.gsa.pivconformance.cardlib.tlv.BerTag; +import gov.gsa.pivconformance.cardlib.tlv.TagConstants; public class SP800_73_4DiscoveryObjectTests { diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4FacialImageTests.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4FacialImageTests.java similarity index 81% rename from conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4FacialImageTests.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4FacialImageTests.java index da3934d3..138d50a3 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4FacialImageTests.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4FacialImageTests.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.tests; +package gov.gsa.pivconformance.conformancelib.tests; import static org.junit.jupiter.api.Assertions.fail; @@ -12,10 +12,10 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider; -import gov.gsa.conformancelib.utilities.AtomHelper; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterizedArgumentsProvider; +import gov.gsa.pivconformance.conformancelib.utilities.AtomHelper; public class SP800_73_4FacialImageTests { private static final Logger s_logger = LoggerFactory.getLogger(SP800_73_4FacialImageTests.class); diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4FingerprintsTests.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4FingerprintsTests.java similarity index 86% rename from conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4FingerprintsTests.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4FingerprintsTests.java index 2a32c870..9a45c8c9 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4FingerprintsTests.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4FingerprintsTests.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.tests; +package gov.gsa.pivconformance.conformancelib.tests; import static org.junit.jupiter.api.Assertions.assertTrue; import static org.junit.jupiter.api.Assertions.fail; @@ -15,13 +15,13 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider; -import gov.gsa.conformancelib.utilities.AtomHelper; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.CardHolderBiometricData; -import gov.gsa.pivconformance.card.client.PIVDataObject; -import gov.gsa.pivconformance.tlv.BerTag; -import gov.gsa.pivconformance.tlv.TagConstants; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.CardHolderBiometricData; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterizedArgumentsProvider; +import gov.gsa.pivconformance.conformancelib.utilities.AtomHelper; +import gov.gsa.pivconformance.cardlib.tlv.BerTag; +import gov.gsa.pivconformance.cardlib.tlv.TagConstants; public class SP800_73_4FingerprintsTests { private static final Logger s_logger = LoggerFactory.getLogger(SP800_73_4FingerprintsTests.class); diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4PrintedInfoTests.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4PrintedInfoTests.java similarity index 96% rename from conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4PrintedInfoTests.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4PrintedInfoTests.java index 399c6fd8..f1ac27aa 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4PrintedInfoTests.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4PrintedInfoTests.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.tests; +package gov.gsa.pivconformance.conformancelib.tests; import static org.junit.jupiter.api.Assertions.assertFalse; import static org.junit.jupiter.api.Assertions.assertTrue; @@ -16,13 +16,13 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider; -import gov.gsa.conformancelib.utilities.AtomHelper; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.PIVDataObject; -import gov.gsa.pivconformance.card.client.PrintedInformation; -import gov.gsa.pivconformance.tlv.BerTag; -import gov.gsa.pivconformance.tlv.TagConstants; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PrintedInformation; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterizedArgumentsProvider; +import gov.gsa.pivconformance.conformancelib.utilities.AtomHelper; +import gov.gsa.pivconformance.cardlib.tlv.BerTag; +import gov.gsa.pivconformance.cardlib.tlv.TagConstants; public class SP800_73_4PrintedInfoTests { private static final Logger s_logger = LoggerFactory.getLogger(SP800_73_4PrintedInfoTests.class); diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4SecurityObjectTests.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4SecurityObjectTests.java similarity index 94% rename from conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4SecurityObjectTests.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4SecurityObjectTests.java index 26585eca..f3d3ea8c 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_73_4SecurityObjectTests.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_73_4SecurityObjectTests.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.tests; +package gov.gsa.pivconformance.conformancelib.tests; import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertTrue; @@ -17,19 +17,19 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider; -import gov.gsa.conformancelib.utilities.AtomHelper; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.CardCapabilityContainer; -import gov.gsa.pivconformance.card.client.CardHolderUniqueIdentifier; -import gov.gsa.pivconformance.card.client.CardHolderBiometricData; -import gov.gsa.pivconformance.card.client.DiscoveryObject; -import gov.gsa.pivconformance.card.client.KeyHistoryObject; -import gov.gsa.pivconformance.card.client.PIVDataObject; -import gov.gsa.pivconformance.card.client.PrintedInformation; -import gov.gsa.pivconformance.card.client.SecurityObject; -import gov.gsa.pivconformance.tlv.BerTag; -import gov.gsa.pivconformance.tlv.TagConstants; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.CardCapabilityContainer; +import gov.gsa.pivconformance.cardlib.card.client.CardHolderUniqueIdentifier; +import gov.gsa.pivconformance.cardlib.card.client.CardHolderBiometricData; +import gov.gsa.pivconformance.cardlib.card.client.DiscoveryObject; +import gov.gsa.pivconformance.cardlib.card.client.KeyHistoryObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PrintedInformation; +import gov.gsa.pivconformance.cardlib.card.client.SecurityObject; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterizedArgumentsProvider; +import gov.gsa.pivconformance.conformancelib.utilities.AtomHelper; +import gov.gsa.pivconformance.cardlib.tlv.BerTag; +import gov.gsa.pivconformance.cardlib.tlv.TagConstants; public class SP800_73_4SecurityObjectTests { static Logger s_logger = LoggerFactory.getLogger(SP800_73_4SecurityObjectTests.class); diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_76_Tests.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_76_Tests.java similarity index 99% rename from conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_76_Tests.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_76_Tests.java index f380300f..f600fef2 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_76_Tests.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_76_Tests.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.tests; +package gov.gsa.pivconformance.conformancelib.tests; import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertTrue; @@ -25,13 +25,13 @@ import org.junit.jupiter.params.provider.MethodSource; import org.slf4j.Logger; -import gov.gsa.conformancelib.configuration.ParameterUtils; -import gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider; -import gov.gsa.conformancelib.utilities.AtomHelper; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.CardHolderUniqueIdentifier; -import gov.gsa.pivconformance.card.client.CardHolderBiometricData; -import gov.gsa.pivconformance.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.CardHolderUniqueIdentifier; +import gov.gsa.pivconformance.cardlib.card.client.CardHolderBiometricData; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterUtils; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterizedArgumentsProvider; +import gov.gsa.pivconformance.conformancelib.utilities.AtomHelper; public class SP800_76_Tests { static Logger s_logger = org.slf4j.LoggerFactory.getLogger(SP800_76_Tests.class); @@ -1637,7 +1637,7 @@ void sp800_76Test_40(String oid, TestReporter reporter) { //@ParameterizedTest(name = "{index}foo") //@MethodSource("sp800_76_BiometricParamTestProvider2") // for some tests, this seems to need to be fully qualified to avoid a conflict with the TestReporter arguments provider - @ArgumentsSource(gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider.class) + @ArgumentsSource(gov.gsa.pivconformance.conformancelib.configuration.ParameterizedArgumentsProvider.class) void sp800_76Test_41(String oid, String paramsString, TestReporter reporter) { Map> mp = ParameterUtils.MapFromString(paramsString); assertNotNull(mp); @@ -1700,7 +1700,7 @@ void sp800_76Test_41(String oid, String paramsString, TestReporter reporter) { @DisplayName("SP800-76.42 test") @ParameterizedTest(name = "{index} => oid = {0}") //@MethodSource("sp800_76_BiometricParamTestProvider3") - @ArgumentsSource(gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider.class) + @ArgumentsSource(gov.gsa.pivconformance.conformancelib.configuration.ParameterizedArgumentsProvider.class) //@ArgumentsSource(ParameterizedArgumentsProvider.class) void sp800_76Test_42(String oid, String paramsString, TestReporter reporter) { Map> mp = ParameterUtils.MapFromString(paramsString); diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_78_X509DataObjectTests.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_78_X509DataObjectTests.java similarity index 97% rename from conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_78_X509DataObjectTests.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_78_X509DataObjectTests.java index 2b9e1a48..40d3e81e 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/SP800_78_X509DataObjectTests.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/SP800_78_X509DataObjectTests.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.tests; +package gov.gsa.pivconformance.conformancelib.tests; import static org.junit.jupiter.api.Assertions.assertTrue; import static org.junit.jupiter.api.Assertions.fail; @@ -27,10 +27,10 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.utilities.AtomHelper; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.X509CertificateDataObject; -import gov.gsa.pivconformance.card.client.PIVDataObject; +import gov.gsa.pivconformance.conformancelib.utilities.AtomHelper; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.X509CertificateDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; public class SP800_78_X509DataObjectTests { @@ -134,7 +134,7 @@ void sp800_78_Test_1(String oid, TestReporter reporter) { } else if(certAlgorithm.compareTo("EC") == 0) { ECPublicKey pk1 = (ECPublicKey) pk; - ECParameterSpec ecParameterSpec = pk1.getParams(); + ECParameterSpec ecParameterSpec = (ECParameterSpec) pk1.getParams(); for (Enumeration names = ECNamedCurveTable.getNames(); names.hasMoreElements(); ) { diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/X509DataObjectTests.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/X509DataObjectTests.java similarity index 92% rename from conformancelib/src/main/java/gov/gsa/conformancelib/tests/X509DataObjectTests.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/X509DataObjectTests.java index 67f1ad2e..e0547d23 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/tests/X509DataObjectTests.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tests/X509DataObjectTests.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.tests; +package gov.gsa.pivconformance.conformancelib.tests; import static org.junit.jupiter.api.Assertions.assertTrue; import java.util.Arrays; @@ -13,13 +13,13 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.ParameterizedArgumentsProvider; -import gov.gsa.conformancelib.utilities.AtomHelper; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.PIVDataObject; -import gov.gsa.pivconformance.card.client.X509CertificateDataObject; -import gov.gsa.pivconformance.tlv.BerTag; -import gov.gsa.pivconformance.tlv.TagConstants; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.X509CertificateDataObject; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterizedArgumentsProvider; +import gov.gsa.pivconformance.conformancelib.utilities.AtomHelper; +import gov.gsa.pivconformance.cardlib.tlv.BerTag; +import gov.gsa.pivconformance.cardlib.tlv.TagConstants; public class X509DataObjectTests { private static final Logger s_logger = LoggerFactory.getLogger(X509DataObjectTests.class); diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/pivconformancetools/CardAuthTest.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tools/CardAuthTest.java similarity index 93% rename from conformancelib/src/main/java/gov/gsa/conformancelib/pivconformancetools/CardAuthTest.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tools/CardAuthTest.java index 8758d097..93c0b965 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/pivconformancetools/CardAuthTest.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tools/CardAuthTest.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.pivconformancetools; +package gov.gsa.pivconformance.conformancelib.tools; import java.io.ByteArrayOutputStream; import java.io.Console; @@ -33,19 +33,19 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.CardInfoController; -import gov.gsa.conformancelib.configuration.CardSettingsSingleton; -import gov.gsa.conformancelib.tests.ConformanceTestException; -import gov.gsa.conformancelib.utilities.CardUtils; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.AbstractPIVApplication; -import gov.gsa.pivconformance.card.client.CardClientException; -import gov.gsa.pivconformance.card.client.GeneralAuthenticateHelper; -import gov.gsa.pivconformance.card.client.MiddlewareStatus; -import gov.gsa.pivconformance.card.client.PIVDataObject; -import gov.gsa.pivconformance.card.client.PIVDataObjectFactory; -import gov.gsa.pivconformance.card.client.X509CertificateDataObject; -import gov.gsa.pivconformance.utils.PCSCUtils; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.AbstractPIVApplication; +import gov.gsa.pivconformance.cardlib.card.client.CardClientException; +import gov.gsa.pivconformance.cardlib.card.client.GeneralAuthenticateHelper; +import gov.gsa.pivconformance.cardlib.card.client.MiddlewareStatus; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObjectFactory; +import gov.gsa.pivconformance.cardlib.card.client.X509CertificateDataObject; +import gov.gsa.pivconformance.conformancelib.configuration.CardInfoController; +import gov.gsa.pivconformance.conformancelib.configuration.CardSettingsSingleton; +import gov.gsa.pivconformance.conformancelib.tests.ConformanceTestException; +import gov.gsa.pivconformance.conformancelib.utilities.CardUtils; +import gov.gsa.pivconformance.cardlib.utils.PCSCUtils; public class CardAuthTest { static Logger s_logger = LoggerFactory.getLogger(CardAuthTest.class); diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/pivconformancetools/CertDump.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tools/CertDump.java similarity index 93% rename from conformancelib/src/main/java/gov/gsa/conformancelib/pivconformancetools/CertDump.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tools/CertDump.java index 37486909..3f8d3cd9 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/pivconformancetools/CertDump.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tools/CertDump.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.pivconformancetools; +package gov.gsa.pivconformance.conformancelib.tools; import java.io.Console; import java.io.File; @@ -31,17 +31,17 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.CardInfoController; -import gov.gsa.conformancelib.configuration.CardSettingsSingleton; -import gov.gsa.conformancelib.tests.ConformanceTestException; -import gov.gsa.conformancelib.utilities.CardUtils; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.AbstractPIVApplication; -import gov.gsa.pivconformance.card.client.MiddlewareStatus; -import gov.gsa.pivconformance.card.client.PIVDataObject; -import gov.gsa.pivconformance.card.client.PIVDataObjectFactory; -import gov.gsa.pivconformance.card.client.X509CertificateDataObject; -import gov.gsa.pivconformance.utils.PCSCUtils; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.AbstractPIVApplication; +import gov.gsa.pivconformance.cardlib.card.client.MiddlewareStatus; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObjectFactory; +import gov.gsa.pivconformance.cardlib.card.client.X509CertificateDataObject; +import gov.gsa.pivconformance.conformancelib.configuration.CardInfoController; +import gov.gsa.pivconformance.conformancelib.configuration.CardSettingsSingleton; +import gov.gsa.pivconformance.conformancelib.tests.ConformanceTestException; +import gov.gsa.pivconformance.conformancelib.utilities.CardUtils; +import gov.gsa.pivconformance.cardlib.utils.PCSCUtils; public class CertDump { diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/pivconformancetools/ConformanceTestRunner.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tools/ConformanceTestRunner.java similarity index 92% rename from conformancelib/src/main/java/gov/gsa/conformancelib/pivconformancetools/ConformanceTestRunner.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tools/ConformanceTestRunner.java index 4a3c896e..6abbc81b 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/pivconformancetools/ConformanceTestRunner.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tools/ConformanceTestRunner.java @@ -1,18 +1,18 @@ -package gov.gsa.conformancelib.pivconformancetools; +package gov.gsa.pivconformance.conformancelib.tools; -import gov.gsa.conformancelib.configuration.CardInfoController; -import gov.gsa.conformancelib.configuration.CardSettingsSingleton; -import gov.gsa.conformancelib.configuration.ConformanceTestDatabase; -import gov.gsa.conformancelib.configuration.ParameterProviderSingleton; -import gov.gsa.conformancelib.configuration.ParameterUtils; -import gov.gsa.conformancelib.configuration.TestCaseModel; -import gov.gsa.conformancelib.configuration.TestStepModel; -import gov.gsa.conformancelib.junitoptions.ConformanceTestExecutionListener; -import gov.gsa.conformancelib.junitoptions.Theme; -import gov.gsa.pivconformance.utils.PCSCUtils; -import gov.gsa.pivconformance.utils.VersionUtils; -import gov.gsa.conformancelib.tests.ConformanceTestException; -import gov.gsa.conformancelib.utilities.CardUtils; +import gov.gsa.pivconformance.conformancelib.configuration.CardInfoController; +import gov.gsa.pivconformance.conformancelib.configuration.CardSettingsSingleton; +import gov.gsa.pivconformance.conformancelib.configuration.ConformanceTestDatabase; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterProviderSingleton; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterUtils; +import gov.gsa.pivconformance.conformancelib.configuration.TestCaseModel; +import gov.gsa.pivconformance.conformancelib.configuration.TestStepModel; +import gov.gsa.pivconformance.conformancelib.junitoptions.ConformanceTestExecutionListener; +import gov.gsa.pivconformance.conformancelib.junitoptions.Theme; +import gov.gsa.pivconformance.conformancelib.tests.ConformanceTestException; +import gov.gsa.pivconformance.conformancelib.utilities.CardUtils; +import gov.gsa.pivconformance.cardlib.utils.PCSCUtils; +import gov.gsa.pivconformance.cardlib.utils.VersionUtils; import org.apache.commons.cli.*; import org.junit.platform.engine.DiscoverySelector; @@ -301,6 +301,6 @@ private static void registerListeners(PrintWriter out, Launcher launcher, List frames; private final String[] verticals; private long executionStartedMillis; - public VerboseTreePrintingListener(PrintWriter out, boolean disableAnsiColors, int maxContainerNestingLevel, gov.gsa.conformancelib.junitoptions.Theme theme2) { + public VerboseTreePrintingListener(PrintWriter out, boolean disableAnsiColors, int maxContainerNestingLevel, gov.gsa.pivconformance.conformancelib.junitoptions.Theme theme2) { this.out = out; this.disableAnsiColors = disableAnsiColors; this.theme = theme2; diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/pivconformancetools/junitconsole/XmlReportData.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tools/junitconsole/XmlReportData.java similarity index 98% rename from conformancelib/src/main/java/gov/gsa/conformancelib/pivconformancetools/junitconsole/XmlReportData.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tools/junitconsole/XmlReportData.java index a3a16f3d..ad4d0684 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/pivconformancetools/junitconsole/XmlReportData.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tools/junitconsole/XmlReportData.java @@ -8,7 +8,7 @@ * http://www.eclipse.org/legal/epl-v20.html */ -package gov.gsa.conformancelib.pivconformancetools.junitconsole; +package gov.gsa.pivconformance.conformancelib.tools.junitconsole; import static java.util.Collections.emptyList; import static org.junit.platform.engine.TestExecutionResult.Status.ABORTED; diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/pivconformancetools/junitconsole/package-info.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tools/junitconsole/package-info.java similarity index 50% rename from conformancelib/src/main/java/gov/gsa/conformancelib/pivconformancetools/junitconsole/package-info.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tools/junitconsole/package-info.java index 3742ef8d..4ecb14d4 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/pivconformancetools/junitconsole/package-info.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/tools/junitconsole/package-info.java @@ -2,4 +2,4 @@ * Internal execution tasks for JUnit's console launcher. */ -package gov.gsa.conformancelib.pivconformancetools.junitconsole; +package gov.gsa.pivconformance.conformancelib.tools.junitconsole; diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/utilities/AtomHelper.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/AtomHelper.java similarity index 89% rename from conformancelib/src/main/java/gov/gsa/conformancelib/utilities/AtomHelper.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/AtomHelper.java index 68a66a47..6436fc38 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/utilities/AtomHelper.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/AtomHelper.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.utilities; +package gov.gsa.pivconformance.conformancelib.utilities; import static org.junit.jupiter.api.Assertions.fail; @@ -8,21 +8,20 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.CardSettingsSingleton; -import gov.gsa.conformancelib.configuration.CardSettingsSingleton.LOGIN_STATUS; -import gov.gsa.conformancelib.tests.ConformanceTestException; -import gov.gsa.conformancelib.utilities.CardUtils; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.AbstractPIVApplication; -import gov.gsa.pivconformance.card.client.CardHandle; -import gov.gsa.pivconformance.card.client.CardHolderUniqueIdentifier; -import gov.gsa.pivconformance.card.client.CardHolderBiometricData; -import gov.gsa.pivconformance.card.client.MiddlewareStatus; -import gov.gsa.pivconformance.card.client.PIVDataObject; -import gov.gsa.pivconformance.card.client.PIVDataObjectFactory; -import gov.gsa.pivconformance.card.client.SecurityObject; -import gov.gsa.pivconformance.card.client.SignedPIVDataObject; -import gov.gsa.pivconformance.card.client.X509CertificateDataObject; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.AbstractPIVApplication; +import gov.gsa.pivconformance.cardlib.card.client.CardHandle; +import gov.gsa.pivconformance.cardlib.card.client.CardHolderUniqueIdentifier; +import gov.gsa.pivconformance.cardlib.card.client.CardHolderBiometricData; +import gov.gsa.pivconformance.cardlib.card.client.MiddlewareStatus; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObjectFactory; +import gov.gsa.pivconformance.cardlib.card.client.SecurityObject; +import gov.gsa.pivconformance.cardlib.card.client.SignedPIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.X509CertificateDataObject; +import gov.gsa.pivconformance.conformancelib.configuration.CardSettingsSingleton; +import gov.gsa.pivconformance.conformancelib.configuration.CardSettingsSingleton.LOGIN_STATUS; +import gov.gsa.pivconformance.conformancelib.tests.ConformanceTestException; public class AtomHelper { private static final Logger s_logger = LoggerFactory.getLogger(AtomHelper.class); diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/utilities/CardUtils.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/CardUtils.java similarity index 86% rename from conformancelib/src/main/java/gov/gsa/conformancelib/utilities/CardUtils.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/CardUtils.java index b7d8a4f9..3e4906ff 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/utilities/CardUtils.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/CardUtils.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.utilities; +package gov.gsa.pivconformance.conformancelib.utilities; import java.util.List; import java.util.Scanner; @@ -9,20 +9,20 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.CardSettingsSingleton; -import gov.gsa.conformancelib.configuration.CardSettingsSingleton.LOGIN_STATUS; -import gov.gsa.conformancelib.tests.ConformanceTestException; -import gov.gsa.pivconformance.card.client.AbstractPIVApplication; -import gov.gsa.pivconformance.card.client.ApplicationAID; -import gov.gsa.pivconformance.card.client.ApplicationProperties; -import gov.gsa.pivconformance.card.client.CachingDefaultPIVApplication; -import gov.gsa.pivconformance.card.client.CardHandle; -import gov.gsa.pivconformance.card.client.ConnectionDescription; -import gov.gsa.pivconformance.card.client.DefaultPIVApplication; -import gov.gsa.pivconformance.card.client.MiddlewareStatus; -import gov.gsa.pivconformance.card.client.PIVAuthenticators; -import gov.gsa.pivconformance.card.client.PIVMiddleware; -import gov.gsa.pivconformance.utils.PCSCUtils; +import gov.gsa.pivconformance.cardlib.card.client.AbstractPIVApplication; +import gov.gsa.pivconformance.cardlib.card.client.ApplicationAID; +import gov.gsa.pivconformance.cardlib.card.client.ApplicationProperties; +import gov.gsa.pivconformance.cardlib.card.client.CachingDefaultPIVApplication; +import gov.gsa.pivconformance.cardlib.card.client.CardHandle; +import gov.gsa.pivconformance.cardlib.card.client.ConnectionDescription; +import gov.gsa.pivconformance.cardlib.card.client.DefaultPIVApplication; +import gov.gsa.pivconformance.cardlib.card.client.MiddlewareStatus; +import gov.gsa.pivconformance.cardlib.card.client.PIVAuthenticators; +import gov.gsa.pivconformance.cardlib.card.client.PIVMiddleware; +import gov.gsa.pivconformance.conformancelib.configuration.CardSettingsSingleton; +import gov.gsa.pivconformance.conformancelib.configuration.CardSettingsSingleton.LOGIN_STATUS; +import gov.gsa.pivconformance.conformancelib.tests.ConformanceTestException; +import gov.gsa.pivconformance.cardlib.utils.PCSCUtils; public class CardUtils { static Logger s_logger = LoggerFactory.getLogger(CardUtils.class); diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/utilities/Csv2Html.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/Csv2Html.java similarity index 98% rename from conformancelib/src/main/java/gov/gsa/conformancelib/utilities/Csv2Html.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/Csv2Html.java index 152ce06e..1d91ba7d 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/utilities/Csv2Html.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/Csv2Html.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.utilities; +package gov.gsa.pivconformance.conformancelib.utilities; import java.io.BufferedReader; import java.io.File; diff --git a/conformancelib/src/main/java/gov/gsa/conformancelib/utilities/KeyValidationHelper.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/KeyValidationHelper.java similarity index 91% rename from conformancelib/src/main/java/gov/gsa/conformancelib/utilities/KeyValidationHelper.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/KeyValidationHelper.java index a55d969f..7ec4aa9e 100644 --- a/conformancelib/src/main/java/gov/gsa/conformancelib/utilities/KeyValidationHelper.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/KeyValidationHelper.java @@ -1,4 +1,4 @@ -package gov.gsa.conformancelib.utilities; +package gov.gsa.pivconformance.conformancelib.utilities; import static org.junit.jupiter.api.Assertions.assertTrue; @@ -13,11 +13,11 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.CardSettingsSingleton; -import gov.gsa.conformancelib.tests.ConformanceTestException; -import gov.gsa.pivconformance.card.client.APDUConstants; -import gov.gsa.pivconformance.card.client.CardClientException; -import gov.gsa.pivconformance.card.client.GeneralAuthenticateHelper; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.CardClientException; +import gov.gsa.pivconformance.cardlib.card.client.GeneralAuthenticateHelper; +import gov.gsa.pivconformance.conformancelib.configuration.CardSettingsSingleton; +import gov.gsa.pivconformance.conformancelib.tests.ConformanceTestException; public class KeyValidationHelper { static Logger s_logger = LoggerFactory.getLogger(KeyValidationHelper.class); diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestRunLogController.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/TestRunLogController.java similarity index 73% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestRunLogController.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/TestRunLogController.java index e72b7a88..7c5a074c 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestRunLogController.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/TestRunLogController.java @@ -1,496 +1,572 @@ -/** - * - */ -package gov.gsa.pivconformancegui; - -import java.io.File; -import java.io.IOException; -import java.io.PrintStream; -import java.nio.file.Files; -import java.nio.file.Paths; -import java.nio.file.StandardCopyOption; -import java.security.ProtectionDomain; -import java.util.Arrays; -import java.util.Calendar; -import java.util.Date; -import java.util.GregorianCalendar; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; - -import org.slf4j.LoggerFactory; - -import ch.qos.logback.classic.Logger; -import ch.qos.logback.classic.LoggerContext; -import ch.qos.logback.classic.joran.JoranConfigurator; -import ch.qos.logback.classic.spi.ILoggingEvent; -import ch.qos.logback.core.Appender; -import ch.qos.logback.core.joran.spi.JoranException; -import ch.qos.logback.core.util.StatusPrinter; - - -/** - * Singleton class that consolidates the appenders into a single disposable group - * - */ -public class TestRunLogController { - - private static final org.slf4j.Logger s_logger = LoggerFactory.getLogger(TestRunLogController.class); - private static final TestRunLogController INSTANCE = new TestRunLogController(); - - /* - * Note that these names MUST match the user_log_config.xml appender names. - * start time, end time, log file path name. It instantiates and destroys - * appenders as a group, but is ephemeral, so we can re-create a group each run. - */ - static final HashMap m_loggers = new HashMap() { - static final long serialVersionUID = 1L; - { - put("DEBUG", "gov.gsa"); - put("CONFORMANCELOG", "gov.gsa.conformancelib.testResult"); - put("TESTLOG", "gov.gsa.conformancelib.testProgress"); - put("APDULOG", "gov.gsa.pivconformance.apdu"); - - /* Container logs */ - put("BIOMETRICINFORMATIONTEMPLATESGROUPTEMPLATE", "gov.gsa.pivconformance.card.client.BiometricInformationTemplatesGroupTemplate"); - put("CARDCAPABILITYCONTAINER", "gov.gsa.pivconformance.card.client.CardCapabilityContainer"); - put("CARDHOLDERUNIQUEIDENTIFIER", "gov.gsa.pivconformance.card.client.CardHolderUniqueIdentifier"); - put("FINGERPRINTS", "gov.gsa.pivconformance.card.client.Fingerprints"); - put("IMAGEFORVISUALVERIFICATION", "gov.gsa.pivconformance.card.client.ImageForVisualVerification"); - put("IMAGESFORIRIS", "gov.gsa.pivconformance.card.client.ImagesForIris"); - put("KEYHISTORYOBJECT", "gov.gsa.pivconformance.card.client.KeyHistoryObject"); - put("PAIRINGCODEREFERENCEDATACONTAINER", "gov.gsa.pivconformance.card.client.PairingCodeReferenceDataContainer"); - put("PRINTEDINFORMATION", "gov.gsa.pivconformance.card.client.PrintedInformation");; - put("SECUREMESSAGINGCERTIFICATESIGNER", "gov.gsa.pivconformance.card.client.SecureMessagingCertificateSigner"); - put("SECURITYOBJECT", "gov.gsa.pivconformance.card.client.SecurityObject"); - put("X509CERTIFICATEFORPIVAUTHENTICATION", "gov.gsa.pivconformance.card.client.X509CertificateForPivAuthentication"); - put("X509CERTIFICATEFORCARDAUTHENTICATION", "gov.gsa.pivconformance.card.client.X509CertificateForCardAuthentication"); - put("X509CERTIFICATEFORDIGITALSIGNATURE", "gov.gsa.pivconformance.card.client.X509CertificateForDigitalSignature"); - put("X509CERTIFICATEFORKEYMANAGEMENT", "gov.gsa.pivconformance.card.client.X509CertificateForKeyManagement"); - put("X509CERTIFICATEFORCHUIDSIGNATURE", "gov.gsa.pivconformance.card.client.X509CertificateForChuidSignature"); - put("SECUREMESSAGINGCERTIFICATESIGNER", "gov.gsa.pivconformance.card.client.SecureMessagingCertificateSigner"); - } - }; - - private HashMap> m_appenders = null; - private HashMap m_filenames = null; - private LoggerContext m_ctx = null; - private boolean m_initialized = false; - private String m_timeStampedLogPath = null; - - - public static TestRunLogController getInstance() { - return INSTANCE; - } - - /** - * Initializes a new TestRunLogController. One must be created per instance of CCT. ] - * - * @param ctx the logger context - one per application. - */ - @SuppressWarnings("unchecked") - private void initialize(LoggerContext ctx) { - - if (m_appenders == null) { - m_appenders = new HashMap>(); - m_filenames = new HashMap(); - Map.Entry me = null; - Iterator i = m_loggers.entrySet().iterator(); - - Date startTime = new Date(); - - while (i.hasNext()) { - me = (Map.Entry) i.next(); - String loggerName = me.getKey(); - String loggerClass = me.getValue(); - - Logger logger = (Logger) LoggerFactory.getLogger(loggerClass); - TimeStampedFileAppender appender = null; - - if ((appender = (TimeStampedFileAppender) logger.getAppender(loggerName)) != null) { - m_filenames.put(loggerName, appender.getFile()); - m_appenders.put(loggerName, appender); - appender.setImmediateFlush(true); - appender.setAppend(false); - appender.setStartTime(startTime); - appender.setStopTime(startTime); // Gets overwritten - - // For the CONFORMANCE CSV log, initialize the output file writing the header row - if (appender.getName().equals("CONFORMANCELOG")) { - File f = new File(appender.getFile()); - PrintStream p; - try { - p = new PrintStream(f); - p.println("Date,Test Id,Description,Expected Result,Actual Result"); - p.close(); - s_logger.debug("Wrote header to {}", appender.getFile()); - } catch (Exception e) { - s_logger.error("Can't initialize {}", appender.getFile()); - } - } - s_logger.debug("Initialized and configured {}", loggerName); - } else { - s_logger.warn("No appender was configured for {}", loggerName); - } - } - - m_initialized = true; - TestExecutionController.getInstance().setTestRunLogController(this); - s_logger.debug("Logging has been initialized"); - } - } - - /** - * Bootstraps the logging system with sane values - */ - public void bootStrapLogging() { - m_ctx = (LoggerContext) LoggerFactory.getILoggerFactory(); - try { - File logConfigFile = new File("user_log_config.xml"); - if(logConfigFile.exists() && logConfigFile.canRead()) { - JoranConfigurator configurator = new JoranConfigurator(); - configurator.setContext(m_ctx); - configurator.doConfigure(logConfigFile.getCanonicalPath()); - } - } catch(JoranException e) { - // handled by status printer - } catch (IOException e) { - System.err.println("Unable to resolve logging config to a readable file"); - e.printStackTrace(); - } - StatusPrinter.printIfErrorsOccured(m_ctx); -// TestExecutionController tc = TestExecutionController.getInstance(); -// GuiRunnerAppController c = GuiRunnerAppController.getInstance(); - TestRunLogController trlc = getInstance(); - trlc.initialize(m_ctx); - } - /** - * Gets the time-stamped log path created by the stop() method. - * - * @return string containing the full path to the requested time-stamped file - */ - - public String getTimeStampedLogPath() { - if (!m_initialized) { - s_logger.error("*** getTimeStampedLogPath(): Not initialized ***"); - } - return m_timeStampedLogPath; - } - - /** - * Gets the appender object associated with a friendly name - * @param appenderName - * @return appender object - */ - - public TimeStampedFileAppender getAppender(String appenderName) { - return m_appenders.get(appenderName); - } - - /** - * Sets an appender for the specified logger - * - * @param name the name of the logger - * @param appender a TimeStampedFileAppender - */ - public void setAppender(String name, TimeStampedFileAppender appender) { - m_appenders.put(name, appender); - } - - /** - * Creates an appender's log path consisting of a start and stop timestamp - * @param appender the appender - * @returns the log path for the appender - */ - - private String makeTimeStampedLogPath(TimeStampedFileAppender appender, Date stopTime) { - - String startTs = null; - String stopTs = null; - - appender.setStopTime(stopTime); - - GregorianCalendar startCal = (GregorianCalendar) Calendar.getInstance(); - startCal.setTime(appender.getStartTime()); - GregorianCalendar endCal = (GregorianCalendar) Calendar.getInstance(); - endCal.setTime(appender.getStopTime()); - - startTs = - String.format("%04d%02d%02d_%02d%02d%02d", startCal.get(Calendar.YEAR), - startCal.get(Calendar.MONTH) + 1, startCal.get(Calendar.DAY_OF_MONTH), - startCal.get(Calendar.HOUR_OF_DAY), startCal.get(Calendar.MINUTE), startCal.get(Calendar.SECOND)); - stopTs = - String.format("%04d%02d%02d_%02d%02d%02d", endCal.get(Calendar.YEAR), - endCal.get(Calendar.MONTH) + 1, endCal.get(Calendar.DAY_OF_MONTH), - endCal.get(Calendar.HOUR_OF_DAY), endCal.get(Calendar.MINUTE), endCal.get(Calendar.SECOND)); - - - // Get separators straight - s_logger.debug("{} file path: {}", appender.getName(), appender.getFile()); - File testFile = new File(appender.getFile()); // Normalize by instantiating a File (do we need to do this?) - s_logger.debug("System canonical path: " + testFile.getPath()); - - String currPath = testFile.getPath(); - // Check whether we're in a situation where separators are different than logger - // config (/) - if (testFile.getAbsolutePath().lastIndexOf("/") < 0) { - // Windows - currPath = currPath.replaceAll("\\\\", "/"); - } - - // Synchronize timestamp portion of path - String dirName = null; - if (currPath.lastIndexOf("/") > -1) - dirName = currPath.substring(0, currPath.lastIndexOf("/")); - else - dirName = currPath; - - String logFileName = null; - - if (currPath.lastIndexOf("/") > -1) - logFileName = currPath.substring(currPath.lastIndexOf("/") + 1); - else - logFileName = currPath; - - String baseName = (startTs + "-" + stopTs + "-" + logFileName); - String timeStampedLogPath = dirName + "/" + baseName; - - return timeStampedLogPath; - } - - @SuppressWarnings("unchecked") - public void setStartTimes() { - if (!m_initialized) { - s_logger.error("*** setTimeStamp(): Not initialized ***"); - } - - Date startTime = new Date(); - - // Loop on appenders - Entry> me = null; - Iterator i = m_appenders.entrySet().iterator(); - while (i.hasNext()) { - me = (Map.Entry>) i.next(); - TimeStampedFileAppender appender = me.getValue(); - appender.setStartTime(startTime); - } - } - - @SuppressWarnings("unchecked") - /** - * Synchronizes the time stamps of all of the logs - */ - public void setTimeStamps() { - - if (!m_initialized) { - s_logger.error("*** setTimeStamp(): Not initialized ***"); - } - - Date stopTime = new Date(); - - // Loop on appenders - Entry> me = null; - Iterator i = m_appenders.entrySet().iterator(); - while (i.hasNext()) { - me = (Map.Entry>) i.next(); - String logName = me.getKey(); - Logger logger = (Logger) LoggerFactory.getLogger(m_loggers.get(me.getKey())); - TimeStampedFileAppender appender = me.getValue(); - setTimeStamp(logger, appender, logName, stopTime); - } - } - - /** - * Creates the path names of the timestamped copy of each configured log - * @param logger the logger - * @param appender the appender - * @param logName the logger's friendly name - * - */ - public void setTimeStamp(Logger logger, TimeStampedFileAppender appender, String logName, Date stopTime) { - - String timeStampedLogPath = makeTimeStampedLogPath(appender, stopTime); - String currentLogPath = new File(appender.getFile()).getPath(); - - // Roll the log - appender.stop(); - s_logger.debug("Copying log {} to: {}", logName, timeStampedLogPath); - if (rollFile(currentLogPath, timeStampedLogPath)) { - s_logger.debug("Succesfully copied log to {}", timeStampedLogPath); - - // Reset the name to the "base" file name minus a timestamp - appender.setFile(m_filenames.get(appender.getName())); - - if (appender.getName().equals("CONFORMANCELOG")) { - File f = new File(".lastlog" + "-" + appender.getName().toLowerCase()); - try { - PrintStream p = new PrintStream(f); - p.println(timeStampedLogPath); - p.close(); - } catch (IOException e) { - s_logger.debug("Couldn't write last log name to .lastlog-{}: {}", appender.getName().toLowerCase(), e.getMessage()); - } - } - } else { - s_logger.error("Error copying {} to {}", currentLogPath, timeStampedLogPath); - } - appender.start(); - } - - - /** - * Copies the contents of oldPath to newPath and removes the existing - * - * @param oldPath the original file - * @param newPath the new copy - * @return true if successful, false otherwise - */ - - private boolean rollFile(String oldPath, String newPath) { - boolean rv = false; - s_logger.debug("Rolling {} to {}", oldPath, newPath); - try { - Files.copy(Paths.get(oldPath), Paths.get(newPath), StandardCopyOption.REPLACE_EXISTING, - StandardCopyOption.COPY_ATTRIBUTES); - try { - Files.delete(Paths.get(oldPath)); - if (Files.exists(Paths.get(oldPath))) { - s_logger.warn("Unable to remove {}", oldPath); - } - } catch (Exception e) { - s_logger.error("Unable to remove {}: {}", oldPath, e.getMessage()); - } - rv = true; - } catch (IOException e) { - s_logger.error("IOException '{}' while rolling files", e.getMessage()); - } - return rv; - } - - /** - * Removes the default log file names - * - */ - - @SuppressWarnings("unchecked") - public void cleanup() { - Map.Entry me = null; - Iterator i = m_loggers.entrySet().iterator(); - - while (i.hasNext()) { - me = (Map.Entry) i.next(); - String loggerName = me.getKey(); - String loggerClass = me.getValue(); - - Logger logger = (Logger) LoggerFactory.getLogger(loggerClass); - TimeStampedFileAppender appender = null; - - try { - appender = (TimeStampedFileAppender) logger.getAppender(loggerName); - if (appender != null) { - File f = new File(appender.getFile()); - f.delete(); - } - } catch (Exception e) { - s_logger.warn("Can't delete {}: {}", appender.getFile(), e.getMessage()); - } - } - } - - /** - * Indicates the the configured appenders are set up and named properly - * - * @return true if required appenders are configured, false otherwise - */ - - @SuppressWarnings("unchecked") - public boolean appendersConfigured() { - - LoggerContext loggerContext = (LoggerContext) LoggerFactory.getILoggerFactory(); - - Map> appendersMap = new HashMap<>(); - for (Logger logger : loggerContext.getLoggerList()) { - Iterator> appenderIterator = logger.iteratorForAppenders(); - while (appenderIterator.hasNext()) { - Appender appender = appenderIterator.next(); - if (!m_appenders.containsKey(appender.getName())) { - s_logger.warn("No appender found for {}", appender.getName()); - } else { - appendersMap.put(appender.getName(), (Appender) m_appenders.get(appender.getName())); - } - } - } - - // Iterate through the configured appender to be sure we have appenders - // for CSV and APDU. - - Entry> me = null; - Iterator i = m_appenders.entrySet().iterator(); - int x = 0; - int y = m_appenders.size(); - while (i.hasNext()) { - me = (Map.Entry>) i.next(); - String logName = me.getKey(); - if (logName.equalsIgnoreCase(logName)) - x++; - } - return (x == y); - } - - /** - * Gets the currently running directory - * @return the currently running directory - */ - - public static String getCwd(String caller) { - String rv = null; - ProtectionDomain p; - Class cls; - try { - cls = Class.forName(caller); - p = cls.getProtectionDomain(); - String tmp = pathFixup(p.getCodeSource().getLocation().getPath()); - String[] dirs = tmp.split("/"); - List dirList = Arrays.asList(dirs); - StringBuilder sb = new StringBuilder(""); - if (tmp.matches("/bin/main")) { - for (String d : dirList) { - if (d.compareTo("bin") != 0) { - if (d.length() > 0) { - sb.append(d); - sb.append("/"); - } - } else { - break; - } - } - } - rv = sb.toString(); - } catch (ClassNotFoundException e) { - s_logger.error("Class {} not found", caller); - } - return rv; - } - /** - * Corrects the path separators for a path. - * - * @param inPath - * the path as read from a configuration file, etc. - * @return a path with the correct path separators for the local OS - */ - - public static String pathFixup(String inPath) { - String outPath = inPath; - if (System.getProperty("os.name").toLowerCase().contains("windows")) { - if (inPath.contains("/")) { - outPath = inPath.replace("/", "\\"); - } - } else if (inPath.contains("\\")) { - outPath = inPath.replace("\\\\", "/"); - } - - return outPath; - } -} +/** + * + */ +package gov.gsa.pivconformance.conformancelib.utilities; + +import ch.qos.logback.classic.Logger; +import ch.qos.logback.classic.LoggerContext; +import ch.qos.logback.classic.joran.JoranConfigurator; +import ch.qos.logback.classic.spi.ILoggingEvent; +import ch.qos.logback.core.Appender; +import ch.qos.logback.core.joran.spi.JoranException; +import ch.qos.logback.core.util.StatusPrinter; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.ArtifactWriter; +import org.slf4j.LoggerFactory; + +import java.io.File; +import java.io.IOException; +import java.io.PrintStream; +import java.nio.file.Files; +import java.nio.file.NoSuchFileException; +import java.nio.file.Paths; +import java.nio.file.StandardCopyOption; +import java.security.ProtectionDomain; +import java.util.Arrays; +import java.util.Calendar; +import java.util.Date; +import java.util.GregorianCalendar; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; + +/** + * Singleton class that consolidates the appenders into a single disposable group + * + */ +public class TestRunLogController { + + private static final org.slf4j.Logger s_logger = LoggerFactory.getLogger(TestRunLogController.class); + private static final TestRunLogController INSTANCE = new TestRunLogController(); + + /* + * Note that these names MUST match the user_log_config.xml appender names. + * start time, end time, log file path name. It instantiates and destroys + * appenders as a group, but is ephemeral, so we can re-create a group each run. + */ + static final HashMap m_loggers = new HashMap() { + static final long serialVersionUID = 1L; + { + put("DEBUG", "gov.gsa"); + put("CONFORMANCELOG", "gov.gsa.pivconformance.conformancelib.testResult"); + put("TESTLOG", "gov.gsa.pivconformance.conformancelib.testProgress"); + put("APDULOG", "gov.gsa.pivconformance.cardlib"); + + /* Container logs */ + put("BIOMETRICINFORMATIONTEMPLATESGROUPTEMPLATE", "gov.gsa.pivconformance.cardlib.card.client.BiometricInformationTemplatesGroupTemplate"); + put("CARDCAPABILITYCONTAINER", "gov.gsa.pivconformance.cardlib.card.client.CardCapabilityContainer"); + put("CARDHOLDERUNIQUEIDENTIFIER", "gov.gsa.pivconformance.cardlib.card.client.CardHolderUniqueIdentifier"); + put("FINGERPRINTS", "gov.gsa.pivconformance.cardlib.card.client.Fingerprints"); + put("IMAGEFORVISUALVERIFICATION", "gov.gsa.pivconformance.cardlib.card.client.ImageForVisualVerification"); + put("IMAGESFORIRIS", "gov.gsa.pivconformance.cardlib.card.client.ImagesForIris"); + put("KEYHISTORYOBJECT", "gov.gsa.pivconformance.cardlib.card.client.KeyHistoryObject"); + put("PAIRINGCODEREFERENCEDATACONTAINER", "gov.gsa.pivconformance.cardlib.card.client.PairingCodeReferenceDataContainer"); + put("PRINTEDINFORMATION", "gov.gsa.pivconformance.cardlib.card.client.PrintedInformation");; + put("SECUREMESSAGINGCERTIFICATESIGNER", "gov.gsa.pivconformance.cardlib.card.client.SecureMessagingCertificateSigner"); + put("SECURITYOBJECT", "gov.gsa.pivconformance.cardlib.card.client.SecurityObject"); + put("X509CERTIFICATEFORPIVAUTHENTICATION", "gov.gsa.pivconformance.cardlib.card.client.X509CertificateForPivAuthentication"); + put("X509CERTIFICATEFORCARDAUTHENTICATION", "gov.gsa.pivconformance.cardlib.card.client.X509CertificateForCardAuthentication"); + put("X509CERTIFICATEFORDIGITALSIGNATURE", "gov.gsa.pivconformance.cardlib.card.client.X509CertificateForDigitalSignature"); + put("X509CERTIFICATEFORKEYMANAGEMENT", "gov.gsa.pivconformance.cardlib.card.client.X509CertificateForKeyManagement"); + put("X509CERTIFICATEFORCHUIDSIGNATURE", "gov.gsa.pivconformance.cardlib.card.client.X509CertificateForChuidSignature"); + put("SECUREMESSAGINGCERTIFICATESIGNER", "gov.gsa.pivconformance.cardlib.card.client.SecureMessagingCertificateSigner"); + } + }; + + static final HashMap m_oidLoggerMap = new HashMap() { + static final long serialVersionUID = 1L; + { + /* Container logs */ + put(APDUConstants.BIOMETRIC_INFORMATION_TEMPLATES_GROUP_TEMPLATE_OID, "BIOMETRICINFORMATIONTEMPLATESGROUPTEMPLATE"); + put(APDUConstants.CARD_CAPABILITY_CONTAINER_OID, "CARDCAPABILITYCONTAINER"); + put(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID, "CARDHOLDERUNIQUEIDENTIFIER"); + put(APDUConstants.CARDHOLDER_FINGERPRINTS_OID, "FINGERPRINTS"); + put(APDUConstants.CARDHOLDER_FACIAL_IMAGE_OID, "IMAGEFORVISUALVERIFICATION"); + put(APDUConstants.CARDHOLDER_IRIS_IMAGES_OID, "IMAGESFORIRIS"); + put(APDUConstants.KEY_HISTORY_OBJECT_OID, "KEYHISTORYOBJECT"); + put(APDUConstants.PAIRING_CODE_REFERENCE_DATA_CONTAINER_OID, "PAIRINGCODEREFERENCEDATACONTAINER"); + put(APDUConstants.PRINTED_INFORMATION_OID, "PRINTEDINFORMATION"); + put(APDUConstants.SECURE_MESSAGING_CERTIFICATE_SIGNER_OID, "SECUREMESSAGINGCERTIFICATESIGNER"); + put(APDUConstants.SECURITY_OBJECT_OID, "SECURITYOBJECT"); + put(APDUConstants.X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID, "X509CERTIFICATEFORPIVAUTHENTICATION"); + put(APDUConstants.X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID, "X509CERTIFICATEFORCARDAUTHENTICATION"); + put(APDUConstants.X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID, "X509CERTIFICATEFORDIGITALSIGNATURE"); + put(APDUConstants.X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID, "X509CERTIFICATEFORKEYMANAGEMENT"); + put(APDUConstants.getFileNameForOid(APDUConstants.CARD_HOLDER_UNIQUE_IDENTIFIER_OID), "X509CERTIFICATEFORCHUIDSIGNATURE"); + } + }; + + public String getLoggerNameByOid(String oid) { + return m_oidLoggerMap.get(oid); + } + + private HashMap> m_appenders = null; + private HashMap m_filenames = null; + private LoggerContext m_ctx = null; + private boolean m_initialized = false; + private String m_timeStampedLogPath = null; + private String m_timeStamp; + + + public static TestRunLogController getInstance() { + return INSTANCE; + } + + public void initialize() { + if (m_ctx != null) + initialize(m_ctx); + } + + /** + * Initializes a new TestRunLogController. One must be created per instance of CCT. ] + * + * @param ctx the logger context - one per application. + */ + @SuppressWarnings("unchecked") + public void initialize(LoggerContext ctx) { + if (m_appenders == null) { + m_appenders = new HashMap>(); + m_filenames = new HashMap(); + Map.Entry me = null; + Iterator i = m_loggers.entrySet().iterator(); + + Date startTime = new Date(); + + while (i.hasNext()) { + me = (Map.Entry) i.next(); + String loggerName = me.getKey(); + String loggerClass = me.getValue(); + + Logger logger = (Logger) LoggerFactory.getLogger(loggerClass); + TimeStampedFileAppender appender = null; + + if ((appender = (TimeStampedFileAppender) logger.getAppender(loggerName)) != null) { + m_filenames.put(loggerName, appender.getFile()); + m_appenders.put(loggerName, appender); + try { + appender.getOutputStream().flush(); + } catch (Exception e) { + e.printStackTrace(); // TODO: clean this up + } + + appender.setAppend(false); + appender.setStartTime(startTime); + appender.setStopTime(startTime); // Gets overwritten + + // For the CONFORMANCE CSV log, initialize the output file writing the header row + if (appender.getName().equals("CONFORMANCELOG")) { + File f = new File(appender.getFile()); + PrintStream p; + try { + p = new PrintStream(f); + p.println("Date,Test Id,Description,Expected Result,Actual Result"); + p.close(); + s_logger.debug("Wrote header to {}", appender.getFile()); + } catch (Exception e) { + s_logger.error("Can't initialize {}", appender.getFile()); + } + } + s_logger.debug("Initialized and configured {}", loggerName); + } else { + s_logger.warn("No appender was configured for {}", loggerName); + } + } + + m_initialized = true; + s_logger.debug("Logging has been initialized"); + } + } + + /** + * Bootstraps the logging system with sane values + */ + public void bootStrapLogging(File logConfigFile) { + m_ctx = (LoggerContext) LoggerFactory.getILoggerFactory(); + try { + if(logConfigFile.exists() && logConfigFile.canRead()) { + JoranConfigurator configurator = new JoranConfigurator(); + // overriding the log directory property programmatically + m_ctx.putProperty("LOG_DIR", "logs"); + configurator.setContext(m_ctx); + configurator.doConfigure(logConfigFile.getCanonicalPath()); + } + } catch(JoranException e) { + // handled by status printer + } catch (IOException e) { + System.err.println("Unable to resolve logging config to a readable file"); + e.printStackTrace(); + } catch (Exception e) { + System.err.println("Exception opening user log config file: " + e.getMessage()); + } + StatusPrinter.printIfErrorsOccured(m_ctx); + TestRunLogController trlc = getInstance(); + trlc.initialize(m_ctx); + } + + /** + * Gets LoggerContext of the logging subsystem + * + * @return LoggerContext of the logging subsystem + */ + + public LoggerContext getLoggerContext() { + if (!m_initialized) { + s_logger.error("*** getLoggerContext(): Not initialized ***"); + } + return m_ctx; + } + + /** + * Gets the time-stamp + * + * @return string containing the time stamp + */ + + public String getTimeStamp() { + if (!m_initialized) { + s_logger.error("*** getTimeStamp(): Not initialized ***"); + } + return m_timeStamp; + } + + /** + * Gets the appender object associated with a friendly name + * @param appenderName + * @return appender object + */ + /** + * Gets the time-stamped log path created by the stop() method. + * + * @return string containing the full path to the requested time-stamped file + */ + + public String getTimeStampedLogPath() { + if (!m_initialized) { + s_logger.error("*** getTimeStampedLogPath(): Not initialized ***"); + } + return m_timeStampedLogPath; + } + + + /** + * Gets the appender object associated with a friendly name + * @param appenderName + * @return appender object + */ + + public TimeStampedFileAppender getAppender(String appenderName) { + return m_appenders.get(appenderName); + } + + /** + * Sets an appender for the specified logger + * + * @param name the name of the logger + * @param appender a TimeStampedFileAppender + */ + public void setAppender(String name, TimeStampedFileAppender appender) { + m_appenders.put(name, appender); + } + + /** + * Creates an appender's log path consisting of a start and stop timestamp + * @param appender the appender + * @returns the log path for the appender + */ + + private String makeTimeStampedLogPath(TimeStampedFileAppender appender, Date stopTime) { + + String startTs = null; + String stopTs = null; + + appender.setStopTime(stopTime); + + GregorianCalendar startCal = (GregorianCalendar) Calendar.getInstance(); + startCal.setTime(appender.getStartTime()); + GregorianCalendar endCal = (GregorianCalendar) Calendar.getInstance(); + endCal.setTime(appender.getStopTime()); + + startTs = + String.format("%04d%02d%02d_%02d%02d%02d", startCal.get(Calendar.YEAR), + startCal.get(Calendar.MONTH) + 1, startCal.get(Calendar.DAY_OF_MONTH), + startCal.get(Calendar.HOUR_OF_DAY), startCal.get(Calendar.MINUTE), startCal.get(Calendar.SECOND)); + stopTs = + String.format("%04d%02d%02d_%02d%02d%02d", endCal.get(Calendar.YEAR), + endCal.get(Calendar.MONTH) + 1, endCal.get(Calendar.DAY_OF_MONTH), + endCal.get(Calendar.HOUR_OF_DAY), endCal.get(Calendar.MINUTE), endCal.get(Calendar.SECOND)); + + + // Get separators straight + s_logger.debug("{} file path: {}", appender.getName(), appender.getFile()); + File testFile = new File(appender.getFile()); // Normalize by instantiating a File (do we need to do this?) + s_logger.debug("System canonical path: " + testFile.getPath()); + + String currPath = testFile.getPath(); + // Check whether we're in a situation where separators are different than logger + // config (/) + if (testFile.getAbsolutePath().lastIndexOf("/") < 0) { + // Windows + currPath = currPath.replaceAll("\\\\", "/"); + } + + // Synchronize timestamp portion of path + String dirName = null; + if (currPath.lastIndexOf("/") > -1) + dirName = currPath.substring(0, currPath.lastIndexOf("/")); + else + dirName = currPath; + + String logFileName = null; + + if (currPath.lastIndexOf("/") > -1) + logFileName = currPath.substring(currPath.lastIndexOf("/") + 1); + else + logFileName = currPath; + + m_timeStamp = startTs + "-" + stopTs; + String baseName = (m_timeStamp + "-" + logFileName); + String timeStampedLogPath = dirName + "/" + baseName; + + return timeStampedLogPath; + } + + @SuppressWarnings("unchecked") + public void setStartTimes() { + if (!m_initialized) { + s_logger.error("*** setTimeStamp(): Not initialized ***"); + } + + Date startTime = new Date(); + + // Loop on appenders + Entry> me = null; + Iterator i = m_appenders.entrySet().iterator(); + while (i.hasNext()) { + me = (Map.Entry>) i.next(); + TimeStampedFileAppender appender = (TimeStampedFileAppender) me.getValue(); + appender.setStartTime(startTime); + } + } + + @SuppressWarnings("unchecked") + /** + * Synchronizes the time stamps of all of the logs + */ + public void setTimeStamps() { + + if (!m_initialized) { + s_logger.error("*** setTimeStamp(): Not initialized ***"); + } + + Date stopTime = new Date(); + + // Loop on appenders + Entry> me = null; + Iterator i = m_appenders.entrySet().iterator(); + while (i.hasNext()) { + me = (Map.Entry>) i.next(); + String logName = me.getKey(); + Logger logger = (Logger) LoggerFactory.getLogger(m_loggers.get(me.getKey())); + TimeStampedFileAppender appender = (TimeStampedFileAppender) me.getValue(); + setTimeStamp(logger, appender, logName, stopTime); + } + } + + /** + * Creates the path names of the timestamped copy of each configured log + * @param logger the logger + * @param appender the appender + * @param logName the logger's friendly name + * + */ + public void setTimeStamp(Logger logger, TimeStampedFileAppender appender, String logName, Date stopTime) { + + String timeStampedLogPath = makeTimeStampedLogPath(appender, stopTime); + String currentLogPath = new File(appender.getFile()).getPath(); + + // Roll the log + appender.stop(); + s_logger.debug("Copying log {} to: {}", logName, timeStampedLogPath); + if (rollFile(currentLogPath, timeStampedLogPath)) { + s_logger.debug("Succesfully copied log to {}", timeStampedLogPath); + + // Reset the name to the "base" file name minus a timestamp + appender.setFile(m_filenames.get(appender.getName())); + + if (appender.getName().equals("CONFORMANCELOG")) { + File f = new File(".lastlog" + "-" + appender.getName().toLowerCase()); + try { + PrintStream p = new PrintStream(f); + p.println(timeStampedLogPath); + p.close(); + } catch (IOException e) { + s_logger.debug("Couldn't write last log name to .lastlog-{}: {}", appender.getName().toLowerCase(), e.getMessage()); + } + } + } else { + s_logger.error("Error copying {} to {}", currentLogPath, timeStampedLogPath); + } + appender.start(); + } + + + /** + * Copies the contents of oldPath to newPath and removes the existing + * + * @param oldPath the original file + * @param newPath the new copy + * @return true if successful, false otherwise + */ + + private boolean rollFile(String oldPath, String newPath) { + boolean rv = false; + s_logger.debug("Rolling {} to {}", oldPath, newPath); + try { + Files.copy(Paths.get(oldPath), Paths.get(newPath), StandardCopyOption.REPLACE_EXISTING, + StandardCopyOption.COPY_ATTRIBUTES); + try { + Files.delete(Paths.get(oldPath)); + if (Files.exists(Paths.get(oldPath))) { + s_logger.warn("Unable to remove {}", oldPath); + } + } catch (Exception e) { + s_logger.error("Unable to remove {}: {}", oldPath, e.getMessage()); + } + rv = true; + } catch (NoSuchFileException e) { + s_logger.error("NoSuchFileException '{}' while rolling files", e.getMessage()); + + } catch (IOException e) { + s_logger.error("IOException '{}' while rolling files", e.getMessage()); + } + return rv; + } + + /** + * Removes the default log file names + * + */ + + @SuppressWarnings("unchecked") + public void cleanup() { + Map.Entry me = null; + Iterator i = m_loggers.entrySet().iterator(); + ArtifactWriter.prependNames(m_timeStamp); + ArtifactWriter.clean(); + while (i.hasNext()) { + me = (Map.Entry) i.next(); + String loggerName = me.getKey(); + String loggerClass = me.getValue(); + + Logger logger = (Logger) LoggerFactory.getLogger(loggerClass); + TimeStampedFileAppender appender = null; + + try { + appender = (TimeStampedFileAppender) logger.getAppender(loggerName); + if (appender != null) { + File f = new File(appender.getFile()); + f.delete(); + } + } catch (Exception e) { + s_logger.warn("Can't delete {}: {}", appender.getFile(), e.getMessage()); + } + } + } + + /** + * Indicates the the configured appenders are set up and named properly + * + * @return true if required appenders are configured, false otherwise + */ + + @SuppressWarnings("unchecked") + public boolean appendersConfigured() { + + LoggerContext loggerContext = (LoggerContext) LoggerFactory.getILoggerFactory(); + + Map> appendersMap = new HashMap<>(); + for (Logger logger : loggerContext.getLoggerList()) { + Iterator> appenderIterator = logger.iteratorForAppenders(); + while (appenderIterator.hasNext()) { + Appender appender = appenderIterator.next(); + if (!m_appenders.containsKey(appender.getName())) { + s_logger.warn("No appender found for {}", appender.getName()); + } else { + appendersMap.put(appender.getName(), (Appender) m_appenders.get(appender.getName())); + } + } + } + + // Iterate through the configured appender to be sure we have appenders + // for CSV and APDU. + + Entry> me = null; + Iterator i = m_appenders.entrySet().iterator(); + int x = 0; + int y = m_appenders.size(); + while (i.hasNext()) { + me = (Map.Entry>) i.next(); + String logName = me.getKey(); + if (logName.equalsIgnoreCase(logName)) + x++; + } + return (x == y); + } + + /** + * Gets the currently running directory based on input + * @return the currently running directory w.r.t input class + */ + + public static String getCwd(String caller) { + String rv = null; + ProtectionDomain p; + Class cls; + try { + cls = Class.forName(caller); + p = cls.getProtectionDomain(); + String tmp = pathFixup(p.getCodeSource().getLocation().getPath()); + String[] dirs = tmp.split("/"); + List dirList = Arrays.asList(dirs); + StringBuilder sb = new StringBuilder(""); + if (tmp.matches("/bin/main")) { + for (String d : dirList) { + if (d.compareTo("bin") != 0) { + if (d.length() > 0) { + sb.append(d); + sb.append("/"); + } + } else { + break; + } + } + } + rv = sb.toString(); + } catch (ClassNotFoundException e) { + s_logger.error("Class {} not found", caller); + } + return rv; + } + /** + * Corrects the path separators for a path. + * + * @param inPath + * the path as read from a configuration file, etc. + * @return a path with the correct path separators for the local OS + */ + + public static String pathFixup(String inPath) { + String outPath = inPath; + if (System.getProperty("os.name").toLowerCase().contains("windows")) { + if (inPath.contains("/")) { + outPath = inPath.replace("/", "\\"); + } + } else if (inPath.contains("\\")) { + outPath = inPath.replace("\\\\", "/"); + } + + return outPath; + } +} diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TimeStampedFileAppender.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/TimeStampedFileAppender.java similarity index 92% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TimeStampedFileAppender.java rename to conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/TimeStampedFileAppender.java index 6b8c14f9..3b7e20b5 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TimeStampedFileAppender.java +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/TimeStampedFileAppender.java @@ -1,72 +1,72 @@ -/** - * - */ -package gov.gsa.pivconformancegui; -import java.util.Date; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import ch.qos.logback.core.FileAppender; - -/** - * This appender allows the user to have fine-tuned control over the capture - * of events into log files whose names are start/stop timestamps. - */ -public class TimeStampedFileAppender extends FileAppender { - private static final Logger s_logger = LoggerFactory.getLogger(TimeStampedFileAppender.class); - private String m_timeStampedLogPath = "not initialized"; - private Date m_startTime; - private Date m_stopTime; - - @Override - public void start() { - super.start(); - m_startTime = new Date(); - } - - @Override - public void stop() { - super.stop(); - m_stopTime = new Date(); - } - - @Override - public void setFile(String file) { - super.setFile(file); - } - - @Override - public String getFile() { - return super.getFile(); - } - - @Override - public void subAppend(E event) { - super.subAppend(event); - } - - public Date getStartTime() { - return m_startTime; - } - - public void setStartTime(Date startTime) { - m_startTime = startTime; - } - - public Date getStopTime() { - return m_stopTime; - } - - public void setStopTime(Date stopTime) { - m_stopTime = stopTime; - } - - public String getTimeStampedLogPath() { - return m_timeStampedLogPath; - } - - public void setTimeStampedLogPath(String logPath) { - m_timeStampedLogPath = logPath; - } -} +/** + * + */ +package gov.gsa.pivconformance.conformancelib.utilities; +import java.util.Date; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import ch.qos.logback.core.FileAppender; + +/** + * This appender allows the user to have fine-tuned control over the capture + * of events into log files whose names are start/stop timestamps. + */ +public class TimeStampedFileAppender extends FileAppender { + private static final Logger s_logger = LoggerFactory.getLogger(TimeStampedFileAppender.class); + private String m_timeStampedLogPath = "not initialized"; + private Date m_startTime; + private Date m_stopTime; + + @Override + public void start() { + super.start(); + m_startTime = new Date(); + } + + @Override + public void stop() { + super.stop(); + m_stopTime = new Date(); + } + + @Override + public void setFile(String file) { + super.setFile(file); + } + + @Override + public String getFile() { + return super.getFile(); + } + + @Override + public void subAppend(E event) { + super.subAppend(event); + } + + public Date getStartTime() { + return m_startTime; + } + + public void setStartTime(Date startTime) { + m_startTime = startTime; + } + + public Date getStopTime() { + return m_stopTime; + } + + public void setStopTime(Date stopTime) { + m_stopTime = stopTime; + } + + public String getTimeStampedLogPath() { + return m_timeStampedLogPath; + } + + public void setTimeStampedLogPath(String logPath) { + m_timeStampedLogPath = logPath; + } +} diff --git a/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/Validator.java b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/Validator.java new file mode 100644 index 00000000..f347f875 --- /dev/null +++ b/conformancelib/src/main/java/gov/gsa/pivconformance/conformancelib/utilities/Validator.java @@ -0,0 +1,190 @@ +package gov.gsa.pivconformance.conformancelib.utilities; + +import org.bouncycastle.jce.provider.BouncyCastleProvider; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.io.InputStream; +import java.net.URL; +import java.nio.file.Path; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.Security; +import java.security.cert.CertPath; +import java.security.cert.CertPathBuilder; +import java.security.cert.CertPathBuilderResult; +import java.security.cert.CertStore; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.CollectionCertStoreParameters; +import java.security.cert.PKIXBuilderParameters; +import java.security.cert.TrustAnchor; +import java.security.cert.X509CertSelector; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashSet; +import java.util.List; +import java.util.Set; + +/** + * Provides the API to validating a given end entity certificate for + * a given certificate policy. + * + */ +public class Validator { + static Logger s_logger = LoggerFactory.getLogger(Validator.class); + private static KeyStore m_keystore = null; + + /* + * Constructor + */ + + public Validator() { + setKeyStore("x509-certs/cacerts.keystore", "changeit"); + } + + /** + * Sets the validator's KeyStore to keyStoreName + * @param keyStoreName the path to the KeyStore file + */ + + public void setKeyStore(String keyStoreName, String password) { + InputStream is = Validator.getFileFromResourceAsStream(Validator.class, keyStoreName); + KeyStore ks = null; + try { + ks = KeyStore.getInstance("JKS"); + ks.load(is, password.toCharArray()); + } catch (KeyStoreException e) { + e.printStackTrace(); + } catch (IOException e) { + e.printStackTrace(); + } catch (NoSuchAlgorithmException e) { + e.printStackTrace(); + } catch (CertificateException e) { + e.printStackTrace(); + } + m_keystore = ks; + } + + public KeyStore getKeyStore() { + return m_keystore; + } + + /** + * Gets a file from the specified resource for the specified class. + * @param clazz the class requesting its resource + * @param fileName the basename of the resource file + * @return InputStream to the open resource + */ + public static InputStream getFileFromResourceAsStream(Class clazz, String fileName) { + ClassLoader classLoader = clazz.getClassLoader(); + URL url = classLoader.getResource(fileName); + if (url != null) { + String path = url.getPath(); + } + InputStream inputStream = null; + try { + inputStream = classLoader.getResourceAsStream(fileName); + } catch (Exception e) { + s_logger.error("Can't open '" + fileName + "': ", e.getMessage()); + } + return inputStream; + } + + public static void main(String[] args) { + if (args.length == 0) { + System.out.println ("Usage: Validator "); + } + + File endEntityCertFile = new File("test.crt"); + File trustAnchorFile = new File("federal_common_policy_ca.cer"); + + String policyOids = "2.16.840.1.101.3.2.1.3.18"; + isValid(endEntityCertFile, policyOids, trustAnchorFile); + } + + public static boolean isValid(String endEndityCertFile, String policyOids, String trustAnchorFile) { + File eeFile = new File(endEndityCertFile); + File taFile = new File(trustAnchorFile); + return isValid(eeFile, policyOids, taFile); + } + + public static boolean isValid(File endEntityCertFile, String policyOids, File trustAnchorFile) { + CertificateFactory fac; + boolean rv = false; + try { + fac = CertificateFactory.getInstance("X509"); + X509Certificate eeCert = (X509Certificate) fac.generateCertificate(new FileInputStream(endEntityCertFile)); + X509Certificate trustAnchorCert = (X509Certificate) fac.generateCertificate(new FileInputStream(trustAnchorFile)); + return isValid(eeCert, policyOids, trustAnchorCert); + } catch (CertificateException | IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + return rv; + } + + public static boolean isValid(X509Certificate eeCert, String policyOids, X509Certificate trustAnchorCert) { + + try { + List certList = new ArrayList<>(); + certList.add(eeCert); + X509CertSelector eeCertSelector = new X509CertSelector(); + eeCertSelector.setCertificate(eeCert); + TrustAnchor trustAnchor = new TrustAnchor(trustAnchorCert, null); + + // Create CertPathBuilder that implements the "PKIX" algorithm + CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX"); + + // ---------------------------------------------------------------------------------- // + // Uncomment to use Bouncy Castle Provider - Requires FPKI Crawler's output file + // This output file contains a series of issuing CA's trusted by a given trust anchor + + // Open an input stream to the file + /* + FileInputStream fis = new FileInputStream("all_from_common.p7b"); + // Instantiate a CertificateFactory for X.509 + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + // Extract the certification path from the PKCS7 SignedData structure + CertPath cp = cf.generateCertPath(fis, "PKCS7"); + List certs = (List) cp.getCertificates(); + certList.addAll(certs); + Security.addProvider(new BouncyCastleProvider()); + cpb = CertPathBuilder.getInstance("PKIX", new BouncyCastleProvider()); + */ + // ---------------------------------------------------------------------------------- // + // build certification path using specified parameters ("params") + CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList)); + Set trustAnchors = new HashSet<>(); + trustAnchors.add(trustAnchor); + PKIXBuilderParameters params = new PKIXBuilderParameters(trustAnchors, eeCertSelector); + params.addCertStore(certStore); + params.setRevocationEnabled(false); + params.setMaxPathLength(10); + + // Defining required Policy OID + HashSet policies = new HashSet<>(); + String[] allowedPolicies = policyOids.split(":"); + policies = new HashSet<>(Arrays.asList(allowedPolicies)); + params.setInitialPolicies(policies); + params.setExplicitPolicyRequired(true); + params.setPolicyMappingInhibited(false); + + System.setProperty("com.sun.security.enableAIAcaIssuers", String.valueOf(true)); + CertPathBuilderResult cpbResult = cpb.build(params); + CertPath certPath = cpbResult.getCertPath(); + s_logger.info("Build passed, path contents: " + certPath); + return certPath != null; + } catch (Exception ex) { + s_logger.error("Path build failed: " + ex.getMessage()); + } + return false; + } +} \ No newline at end of file diff --git a/conformancelib/src/main/java/module-info.java b/conformancelib/src/main/java/module-info.java index e364eea7..7d81fbad 100644 --- a/conformancelib/src/main/java/module-info.java +++ b/conformancelib/src/main/java/module-info.java @@ -1,15 +1,28 @@ -open module gov.gsa.conformancelib { - requires java.smartcardio; - requires java.sql; - requires org.slf4j; - requires org.apache.commons.codec; - requires commons.cli; - requires bcpkix.jdk15on; - requires bcprov.jdk15on; - requires gov.gsa.pivconformance; - requires org.junit.jupiter.api; - requires junit; - exports gov.gsa.conformancelib.tests; - exports gov.gsa.conformancelib.configuration; -} +module gov.gsa.pivconformance.conformancelib { + exports gov.gsa.pivconformance.conformancelib.utilities; + exports gov.gsa.pivconformance.conformancelib.tools.junitconsole; + exports gov.gsa.pivconformance.conformancelib.tools; + exports gov.gsa.pivconformance.conformancelib.tests; + exports gov.gsa.pivconformance.conformancelib.configuration; + exports gov.gsa.pivconformance.conformancelib.junitoptions; + requires ch.qos.logback.classic; + requires ch.qos.logback.core; + requires gov.gsa.pivconformance.cardlib; + requires java.smartcardio; + requires java.sql; + requires junit; + requires org.apache.commons.cli; + requires org.apache.commons.codec; + requires org.apache.commons.csv; + requires org.apache.ibatis; + requires org.apiguardian.api; + requires org.bouncycastle.pkix; + requires org.bouncycastle.provider; + requires org.junit.jupiter.api; + requires org.junit.jupiter.params; + requires org.junit.platform.engine; + requires org.junit.platform.launcher; + requires org.slf4j; + requires org.junit.platform.commons; +} diff --git a/conformancelib/src/main/resources/build.version b/conformancelib/src/main/resources/build.version new file mode 100644 index 00000000..b462b647 --- /dev/null +++ b/conformancelib/src/main/resources/build.version @@ -0,0 +1 @@ +0.2.1-beta diff --git a/conformancelib/src/main/resources/log_test.csv b/conformancelib/src/main/resources/log_test.csv deleted file mode 100644 index cbfb1ecd..00000000 --- a/conformancelib/src/main/resources/log_test.csv +++ /dev/null @@ -1,7 +0,0 @@ -Timestamp,TestId,TestDescription,ExpectedResult,ActualResult -20190331000002.1357,C.1.1,DummyTestDescription,Pass,Pass -20190331000002.1360,C.1.2,DummyTestDescription2,Fail,Pass -20190331000003.0022,C.1.3,DummyTestDescription3,Pass,Fail -20190331000004.0167,C.1.4,DummyTestDescription4,Fail,Fail -20190331000006.1000,C.1.5,DummyTestDescription5,Pass,Pass - diff --git a/conformancelib/src/main/resources/x509-certs/cacerts.keystore b/conformancelib/src/main/resources/x509-certs/cacerts.keystore new file mode 100644 index 00000000..4e56ddd2 Binary files /dev/null and b/conformancelib/src/main/resources/x509-certs/cacerts.keystore differ diff --git a/conformancelib/src/main/resources/x509-certs/valid/.gitignore b/conformancelib/src/main/resources/x509-certs/valid/.gitignore new file mode 100644 index 00000000..aceff5e1 --- /dev/null +++ b/conformancelib/src/main/resources/x509-certs/valid/.gitignore @@ -0,0 +1 @@ +*.cer diff --git a/conformancelib/src/main/resources/x509-certs/valid/policy.xml b/conformancelib/src/main/resources/x509-certs/valid/policy.xml new file mode 100644 index 00000000..0749de87 --- /dev/null +++ b/conformancelib/src/main/resources/x509-certs/valid/policy.xml @@ -0,0 +1,41 @@ + + + + Policy OID for each certificate + + 2.16.840.1.101.3.2.1.3.18 + + + 2.16.840.1.101.3.2.1.3.7 + + + 2.16.840.1.101.3.2.1.3.7 + + + 2.16.840.1.101.3.2.1.3.2 + + + 2.16.840.1.101.3.2.1.3.18 + + + 2.16.840.1.101.3.2.1.3.6 + + + 2.16.840.1.101.3.2.1.3.18 + + + 2.16.840.1.101.3.2.1.48.13 + + + 2.16.840.1.101.3.2.1.48.9 + + + 2.16.840.1.101.3.2.1.48.11 + + + 2.16.840.1.101.3.2.1.48.4 + + + 2.16.840.1.101.3.2.1.48.9 + + \ No newline at end of file diff --git a/conformancelib/src/main/resources/x509-certs/valid/valid.zip b/conformancelib/src/main/resources/x509-certs/valid/valid.zip new file mode 100644 index 00000000..f685b424 Binary files /dev/null and b/conformancelib/src/main/resources/x509-certs/valid/valid.zip differ diff --git a/conformancelib/src/test/java/gov/gsa/pivconformance/conformancelib/test/PolicyOID.java b/conformancelib/src/test/java/gov/gsa/pivconformance/conformancelib/test/PolicyOID.java new file mode 100644 index 00000000..d27de74e --- /dev/null +++ b/conformancelib/src/test/java/gov/gsa/pivconformance/conformancelib/test/PolicyOID.java @@ -0,0 +1,22 @@ +package gov.gsa.pivconformance.conformancelib.test; + +public enum PolicyOID { + ID_FPKI_CERTPCY_PIVI_HARDWARE("2.16.840.1.101.3.2.1.3.18"), + ID_FPKI_COMMON_HARDWARE("2.16.840.1.101.3.2.1.3.7"), + ID_FPKI_COMMON_POLICY("2.16.840.1.101.3.2.1.3.6"), + ID_FPKI_CERTPCY_BASICASSURANCE("2.16.840.1.101.3.2.1.3.2"), + TEST_ID_FPKI_COMMON_CARDAUTH("2.16.840.1.101.3.2.1.48.13"), + TEST_ID_FPKI_COMMON_AUTHENTICATION("2.16.840.1.101.3.2.1.48.11"), + TEST_ID_FPKI_COMMON_HARDWARE("2.16.840.1.101.3.2.1.48.9"), + TEST_ID_FPKI_CERTPCY_MEDIUMHARDWARE("2.16.840.1.101.3.2.1.48.4"); + + private final String value; + + PolicyOID(String value) { + this.value = value; + } + + public String getValue() { + return value; + } +} diff --git a/conformancelib/src/test/java/gov/gsa/pivconformance/conformancelib/test/ValidatorTest.java b/conformancelib/src/test/java/gov/gsa/pivconformance/conformancelib/test/ValidatorTest.java new file mode 100644 index 00000000..a515aae8 --- /dev/null +++ b/conformancelib/src/test/java/gov/gsa/pivconformance/conformancelib/test/ValidatorTest.java @@ -0,0 +1,124 @@ +package gov.gsa.pivconformance.conformancelib.test; + +import org.junit.jupiter.api.Assertions; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.TestReporter; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.Arguments; +import org.junit.jupiter.params.provider.MethodSource; + +import gov.gsa.pivconformance.conformancelib.utilities.Validator; + +import java.io.*; +import java.nio.file.Path; +import java.net.URL; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509CertSelector; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.List; +import java.util.Properties; +import java.util.stream.Stream; + +import static org.junit.jupiter.api.Assertions.fail; + +class ValidatorTest { + private static final Path trustAnchor = Path.of("", "x509-certs"); + private static KeyStore m_keystore = getKeyStore(); + private static Validator m_validator = new Validator(); + + private static KeyStore getKeyStore() { + + InputStream is = Validator.getFileFromResourceAsStream(ValidatorTest.class, "x509-certs/cacerts.keystore"); + KeyStore ks = null; + try { + ks = KeyStore.getInstance("JKS"); + ks.load(is, "changeit".toCharArray()); + } catch (KeyStoreException e) { + e.printStackTrace(); + } catch (IOException e) { + e.printStackTrace(); + } catch (NoSuchAlgorithmException e) { + e.printStackTrace(); + } catch (CertificateException e) { + e.printStackTrace(); + } + return ks; + } + + @DisplayName("Certificate Path Validation") + @ParameterizedTest(name = "{index} => oid = {0}, file = {1}") + @MethodSource("positiveCaseCertProvider") + public void testIsValid(String oid, String endEntityCertFile, TestReporter reporter) { + final Path certsDir = Path.of("", "x509-certs/valid"); + try { + System.out.println("cacerts.keystore contains alias icam test card root ca: " + m_keystore.containsAlias("icam test card root ca")); + CertificateFactory fac = CertificateFactory.getInstance("X509"); + FileInputStream fis = (FileInputStream) Validator.getFileFromResourceAsStream(ValidatorTest.class, "x509-certs/valid" + File.separator + endEntityCertFile); + X509Certificate eeCert = (X509Certificate) fac.generateCertificate(new FileInputStream("x509-certs/valid" + File.separator +endEntityCertFile)); + X509Certificate trustAnchorCert = getTrustAnchorForGivenCertificate(certsDir, eeCert); + + System.out.print("Validating " + eeCert.getSubjectDN().getName()); + boolean result = m_validator.isValid(eeCert, oid, trustAnchorCert); //(eeCert, oid, trustAnchorCert; + + System.out.println("validator.isValid(): " + result); + reporter.publishEntry(oid, String.valueOf(result)); + Assertions.assertTrue(result, "Failed for eeCert " + eeCert); + } catch (Exception e) { + System.out.println(e.getMessage()); + e.printStackTrace(); + } + } + + private static Stream positiveCaseCertProvider() { + final String policyFileName = "x509-certs/valid/policy.xml"; + try { + ValidatorTest app = new ValidatorTest(); + InputStream inputStream = Validator.getFileFromResourceAsStream(app.getClass(), policyFileName); + Properties properties = new Properties(); + properties.loadFromXML(inputStream); + List argumentsList = new ArrayList<>(); + properties.forEach((Object filename, Object oid) -> { + String filenameStr = String.valueOf(filename).trim(); + String oidStr = String.valueOf(oid).trim(); + argumentsList.add(Arguments.of(oidStr, filenameStr)); + }); + return argumentsList.stream(); + } catch (Exception e) { + fail("Exception reading the policy.xml file."); + return null; + } + } + + public static X509Certificate getCertFromKeyStore(KeyStore ks, String alias) { + try { + if (ks.containsAlias(alias)) { + return (X509Certificate) ks.getCertificate(alias); + } + } catch (Exception e) { + e.printStackTrace(); + } + return null; + } + + private static X509Certificate getTrustAnchorForGivenCertificate(Path certsDir, X509Certificate eeCert) { + String trustCA = null; + X509Certificate trustAnchorCert = null; + try { + if (eeCert.getSubjectDN().getName().contains("ICAM")) { + trustCA = "icam test card root ca"; + } else { + trustCA = "federal common policy ca"; + } + } catch (Exception e) { + fail("Exception reading the certificate."); + } + trustAnchorCert = getCertFromKeyStore(m_keystore, trustCA); + System.out.println("Trust anchor: " + trustAnchorCert.getSubjectDN().getName()); + return trustAnchorCert; + } +} diff --git a/conformancelib/src/test/java/module-info.java b/conformancelib/src/test/java/module-info.java new file mode 100644 index 00000000..8c0e4822 --- /dev/null +++ b/conformancelib/src/test/java/module-info.java @@ -0,0 +1,5 @@ +open module gov.gsa.pivconformance.conformancelib.test { + requires gov.gsa.pivconformance.conformancelib; + requires org.junit.jupiter.api; + requires org.junit.jupiter.params; +} diff --git a/conformancelib/testdata/.gitignore b/conformancelib/testdata/.gitignore index 901114ad..697f3422 100644 --- a/conformancelib/testdata/.gitignore +++ b/conformancelib/testdata/.gitignore @@ -1,5 +1,3 @@ venv-xlrd python_den -/~$PIV_Production_Cards.xlsx -/~$PIV_ICAM_Test_Cards.xlsx /cleanCRs/ diff --git a/conformancelib/testdata/Format.bas b/conformancelib/testdata/Format.bas index 9fc85732..9a8c6a80 100644 --- a/conformancelib/testdata/Format.bas +++ b/conformancelib/testdata/Format.bas @@ -1,97 +1,97 @@ -Sub CctFormat() -' -' Formats selected cells to a standard grid with upper left alignment and line wrapping -' Copy/paste this code into an Excel macro, highlight the used cells in on a tab and run. -' - - Cells.Borders(xlDiagonalDown).LineStyle = xlNone - Cells.Borders(xlDiagonalUp).LineStyle = xlNone - With Cells.Borders(xlEdgeLeft) - .LineStyle = xlContinuous - .ColorIndex = xlAutomatic - .TintAndShade = 0 - .Weight = xlThin - End With - With Cells.Borders(xlEdgeTop) - .LineStyle = xlContinuous - .ColorIndex = xlAutomatic - .TintAndShade = 0 - .Weight = xlThin - End With - With Cells.Borders(xlEdgeBottom) - .LineStyle = xlContinuous - .ColorIndex = xlAutomatic - .TintAndShade = 0 - .Weight = xlThin - End With - With Cells.Borders(xlEdgeRight) - .LineStyle = xlContinuous - .ColorIndex = xlAutomatic - .TintAndShade = 0 - .Weight = xlThin - End With - - Cells.Borders(xlInsideVertical).LineStyle = xlNone - Cells.Borders(xlInsideHorizontal).LineStyle = xlNone - - Range("A1").Activate - - Selection.Borders(xlDiagonalDown).LineStyle = xlNone - Selection.Borders(xlDiagonalUp).LineStyle = xlNone - Selection.Borders(xlEdgeLeft).LineStyle = xlNone - Selection.Borders(xlEdgeTop).LineStyle = xlNone - Selection.Borders(xlEdgeBottom).LineStyle = xlNone - Selection.Borders(xlEdgeRight).LineStyle = xlNone - Selection.Borders(xlInsideVertical).LineStyle = xlNone - Selection.Borders(xlInsideHorizontal).LineStyle = xlNone - - With Selection.Borders(xlEdgeLeft) - .LineStyle = xlContinuous - .ColorIndex = xlAutomatic - .TintAndShade = 0 - .Weight = xlHairline - End With - With Selection.Borders(xlEdgeTop) - .LineStyle = xlContinuous - .ColorIndex = xlAutomatic - .TintAndShade = 0 - .Weight = xlHairline - End With - With Selection.Borders(xlEdgeBottom) - .LineStyle = xlContinuous - .ColorIndex = xlAutomatic - .TintAndShade = 0 - .Weight = xlHairline - End With - With Selection.Borders(xlEdgeRight) - .LineStyle = xlContinuous - .ColorIndex = xlAutomatic - .TintAndShade = 0 - .Weight = xlHairline - End With - With Selection.Borders(xlInsideVertical) - .LineStyle = xlContinuous - .ColorIndex = xlAutomatic - .TintAndShade = 0 - .Weight = xlHairline - End With - With Selection.Borders(xlInsideHorizontal) - .LineStyle = xlContinuous - .ColorIndex = xlAutomatic - .TintAndShade = 0 - .Weight = xlHairline - End With - Selection.NumberFormat = "@" - With Selection - .HorizontalAlignment = xlGeneral - .VerticalAlignment = xlTop - .WrapText = True - .Orientation = 0 - .AddIndent = False - .IndentLevel = 0 - .ShrinkToFit = False - .ReadingOrder = xlContext - .MergeCells = False - End With -End Sub - +Sub CctFormat() +' +' Formats selected cells to a standard grid with upper left alignment and line wrapping +' Copy/paste this code into an Excel macro, highlight the used cells in on a tab and run. +' + + Cells.Borders(xlDiagonalDown).LineStyle = xlNone + Cells.Borders(xlDiagonalUp).LineStyle = xlNone + With Cells.Borders(xlEdgeLeft) + .LineStyle = xlContinuous + .ColorIndex = xlAutomatic + .TintAndShade = 0 + .Weight = xlThin + End With + With Cells.Borders(xlEdgeTop) + .LineStyle = xlContinuous + .ColorIndex = xlAutomatic + .TintAndShade = 0 + .Weight = xlThin + End With + With Cells.Borders(xlEdgeBottom) + .LineStyle = xlContinuous + .ColorIndex = xlAutomatic + .TintAndShade = 0 + .Weight = xlThin + End With + With Cells.Borders(xlEdgeRight) + .LineStyle = xlContinuous + .ColorIndex = xlAutomatic + .TintAndShade = 0 + .Weight = xlThin + End With + + Cells.Borders(xlInsideVertical).LineStyle = xlNone + Cells.Borders(xlInsideHorizontal).LineStyle = xlNone + + Range("A1").Activate + + Selection.Borders(xlDiagonalDown).LineStyle = xlNone + Selection.Borders(xlDiagonalUp).LineStyle = xlNone + Selection.Borders(xlEdgeLeft).LineStyle = xlNone + Selection.Borders(xlEdgeTop).LineStyle = xlNone + Selection.Borders(xlEdgeBottom).LineStyle = xlNone + Selection.Borders(xlEdgeRight).LineStyle = xlNone + Selection.Borders(xlInsideVertical).LineStyle = xlNone + Selection.Borders(xlInsideHorizontal).LineStyle = xlNone + + With Selection.Borders(xlEdgeLeft) + .LineStyle = xlContinuous + .ColorIndex = xlAutomatic + .TintAndShade = 0 + .Weight = xlHairline + End With + With Selection.Borders(xlEdgeTop) + .LineStyle = xlContinuous + .ColorIndex = xlAutomatic + .TintAndShade = 0 + .Weight = xlHairline + End With + With Selection.Borders(xlEdgeBottom) + .LineStyle = xlContinuous + .ColorIndex = xlAutomatic + .TintAndShade = 0 + .Weight = xlHairline + End With + With Selection.Borders(xlEdgeRight) + .LineStyle = xlContinuous + .ColorIndex = xlAutomatic + .TintAndShade = 0 + .Weight = xlHairline + End With + With Selection.Borders(xlInsideVertical) + .LineStyle = xlContinuous + .ColorIndex = xlAutomatic + .TintAndShade = 0 + .Weight = xlHairline + End With + With Selection.Borders(xlInsideHorizontal) + .LineStyle = xlContinuous + .ColorIndex = xlAutomatic + .TintAndShade = 0 + .Weight = xlHairline + End With + Selection.NumberFormat = "@" + With Selection + .HorizontalAlignment = xlGeneral + .VerticalAlignment = xlTop + .WrapText = True + .Orientation = 0 + .AddIndent = False + .IndentLevel = 0 + .ShrinkToFit = False + .ReadingOrder = xlContext + .MergeCells = False + End With +End Sub + diff --git a/conformancelib/testdata/PIV-I-GSA_MSO_Cards.db b/conformancelib/testdata/PIV-I-GSA_MSO_Cards.db deleted file mode 100644 index ee4907a2..00000000 Binary files a/conformancelib/testdata/PIV-I-GSA_MSO_Cards.db and /dev/null differ diff --git a/conformancelib/testdata/PIV-I-GSA_MSO_Cards.sql b/conformancelib/testdata/PIV-I-GSA_MSO_Cards.sql deleted file mode 100644 index a31d951e..00000000 --- a/conformancelib/testdata/PIV-I-GSA_MSO_Cards.sql +++ /dev/null @@ -1,1112 +0,0 @@ --- TestSteps are what we've been referring to as atoms -CREATE TABLE IF NOT EXISTS "TestSteps" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `Description` TEXT, -- column 2 on each tab - `Class` TEXT, -- fully qualified class name - `Method` TEXT, -- method to invoke for the atom - `NumParameters` INTEGER -- parameter count. not really necessary but was briefly helpful, so it's still here -); - --- Map test cases to their atoms -CREATE TABLE IF NOT EXISTS "TestsToSteps" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestStepId` INTEGER, --Foreign key TestSteps.Id - `TestId` INTEGER, --Foreign key TestCases.Id - `ExecutionOrder` INTEGER, --Sequence of atoms for a test case - `Status` INTEGER -- runners can populate with status info to see which step failed -); - --- used to pass parameters to atoms -CREATE TABLE IF NOT EXISTS "TestStepParameters" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestStepId` INTEGER, --TestSteps.Id - `TestId` INTEGER, --TestCases.Id - `Value` TEXT, --Parameter Value - `ParamOrder` TEXT --Parameter order... idea here was one row for each pattern to be passed into a particular invocation of an atom. - --If we settle on a string of key=value for the Value field, this could be OBE -); - --- TestCases is the primary driver of the test runner -CREATE TABLE IF NOT EXISTS "TestCases" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestGroup` TEXT, -- can be filled in to allow selective execution by the runner. not in spreadsheet - `TestCaseIdentifier` TEXT, -- section column on step overview tab - `TestCaseDescription` TEXT, -- description column on step overview tab - `TestCaseContainer` TEXT, -- ID of the container the test case applies to, if necessary - `Status` INTEGER, -- to be populated by runner - `ExpectedStatus` INTEGER, -- everything on the spreadsheet should get 1 here - primarily present to give runners a way to mark tests that should fail - `Enabled` INTEGER -- allows the runner to enable/disable test cases. default to 1 -); - --- Allow runners to create test groups. not in spreadsheet -CREATE TABLE IF NOT EXISTS "TestGroups" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `GroupDescription` TEXT -); - --- Allow runners to create test groups. not in spreadsheet -CREATE TABLE IF NOT EXISTS "GroupsToTestCases" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestGroupId` INTEGER, --TestGroups.Id - `TestCaseId` INTEGER --TestCases.Id -); - --- this isn't really going to be used by the look of things. probably should --- be eliminated, but it's harmless and has been intermittently useful in dev. -CREATE TABLE IF NOT EXISTS "SystemSettings" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `ReaderName` TEXT, - `ApplicationPIN` TEXT, - `OutputDirectory` TEXT, - `SettingsGroup` TEXT, - `GPMasterKey` TEXT -); - -INSERT INTO "TestSteps" VALUES(1,'BERTLV.1','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(2,'BERTLV.2','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(3,'BERTLV.3','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(4,'BERTLV.4','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(5,'BERTLV.5','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(6,'73-4.1','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(7,'73-4.2','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(8,'73-4.3','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(9,'73-4.4','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(10,'73-4.5','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(11,'73-4.6','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(12,'73-4.7','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(13,'73-4.8','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(14,'73-4.9','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(15,'73-4.10','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(16,'73-4.11','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(17,'73-4.12','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(18,'73-4.13','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(19,'73-4.14','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(20,'73-4.15','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(21,'73-4.16','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(22,'73-4.17','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(23,'73-4.18','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(24,'73-4.19','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(25,'73-4.20','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(26,'73-4.21','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(27,'73-4.22','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(28,'73-4.23','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(29,'73-4.24','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(30,'73-4.25','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(31,'73-4.26','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(32,'73-4.27','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(33,'73-4.28','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(34,'73-4.29','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_29',NULL); -INSERT INTO "TestSteps" VALUES(35,'73-4.30','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_30',NULL); -INSERT INTO "TestSteps" VALUES(36,'73-4.31','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_31',NULL); -INSERT INTO "TestSteps" VALUES(37,'73-4.32','gov.gsa.conformancelib.tests.SP800_73_4FacialImageTests','sp800_73_4_Test_32',NULL); -INSERT INTO "TestSteps" VALUES(38,'73-4.33','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_33',NULL); -INSERT INTO "TestSteps" VALUES(39,'73-4.34','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_34',NULL); -INSERT INTO "TestSteps" VALUES(40,'73-4.35','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_35',NULL); -INSERT INTO "TestSteps" VALUES(41,'73-4.36','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_36',NULL); -INSERT INTO "TestSteps" VALUES(42,'73-4.37','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_37',NULL); -INSERT INTO "TestSteps" VALUES(43,'73-4.38','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_38',NULL); -INSERT INTO "TestSteps" VALUES(44,'73-4.40','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_40',NULL); -INSERT INTO "TestSteps" VALUES(45,'73-4.41','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_41',NULL); -INSERT INTO "TestSteps" VALUES(46,'73-4.42','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_42',NULL); -INSERT INTO "TestSteps" VALUES(47,'73-4.43','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_43',NULL); -INSERT INTO "TestSteps" VALUES(48,'73-4.44','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_44',NULL); -INSERT INTO "TestSteps" VALUES(49,'73-4.45','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_45',NULL); -INSERT INTO "TestSteps" VALUES(50,'73-4.46','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_46',NULL); -INSERT INTO "TestSteps" VALUES(51,'73-4.47','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_47',NULL); -INSERT INTO "TestSteps" VALUES(52,'73-4.48','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_48',NULL); -INSERT INTO "TestSteps" VALUES(53,'73-4.49','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_49',NULL); -INSERT INTO "TestSteps" VALUES(54,'73-4.50','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_50',NULL); -INSERT INTO "TestSteps" VALUES(55,'73-4.51','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_51',NULL); -INSERT INTO "TestSteps" VALUES(56,'73-4.52','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_52',NULL); -INSERT INTO "TestSteps" VALUES(57,'73-4.53','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_53',NULL); -INSERT INTO "TestSteps" VALUES(58,'73-4.54','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_54',NULL); -INSERT INTO "TestSteps" VALUES(59,'73-4.55','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_55',NULL); -INSERT INTO "TestSteps" VALUES(60,'73-4.56','gov.gsa.conformancelib.tests.SP800_73_4CommmonObjectTests','sp800_73_4_Test_56',NULL); -INSERT INTO "TestSteps" VALUES(61,'76.1','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_1',NULL); -INSERT INTO "TestSteps" VALUES(62,'76.2','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_2',NULL); -INSERT INTO "TestSteps" VALUES(63,'76.3','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_3',NULL); -INSERT INTO "TestSteps" VALUES(64,'76.4','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_4',NULL); -INSERT INTO "TestSteps" VALUES(65,'76.5','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_5',NULL); -INSERT INTO "TestSteps" VALUES(66,'76.6','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_6',NULL); -INSERT INTO "TestSteps" VALUES(67,'76.7','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_7',NULL); -INSERT INTO "TestSteps" VALUES(68,'76.8','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_8',NULL); -INSERT INTO "TestSteps" VALUES(69,'76.9','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_9',NULL); -INSERT INTO "TestSteps" VALUES(70,'76.10','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_10',NULL); -INSERT INTO "TestSteps" VALUES(71,'76.11','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_11',NULL); -INSERT INTO "TestSteps" VALUES(72,'76.12','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_12',NULL); -INSERT INTO "TestSteps" VALUES(73,'76.13','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_13',NULL); -INSERT INTO "TestSteps" VALUES(74,'76.14','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_14',NULL); -INSERT INTO "TestSteps" VALUES(75,'76.15a','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_15a',NULL); -INSERT INTO "TestSteps" VALUES(76,'76.15b','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_15b',NULL); -INSERT INTO "TestSteps" VALUES(77,'76.16','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_16',NULL); -INSERT INTO "TestSteps" VALUES(78,'76.17','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_17',NULL); -INSERT INTO "TestSteps" VALUES(79,'76.18','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_18',NULL); -INSERT INTO "TestSteps" VALUES(80,'76.19','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_19',NULL); -INSERT INTO "TestSteps" VALUES(81,'76.20','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_20',NULL); -INSERT INTO "TestSteps" VALUES(82,'76.21','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_21',NULL); -INSERT INTO "TestSteps" VALUES(83,'76.22','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_22',NULL); -INSERT INTO "TestSteps" VALUES(84,'76.23','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_23',NULL); -INSERT INTO "TestSteps" VALUES(85,'76.24','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_24',NULL); -INSERT INTO "TestSteps" VALUES(86,'76.25','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_25',NULL); -INSERT INTO "TestSteps" VALUES(87,'76.26','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_26',NULL); -INSERT INTO "TestSteps" VALUES(88,'76.27','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_27',NULL); -INSERT INTO "TestSteps" VALUES(89,'76.28','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_28',NULL); -INSERT INTO "TestSteps" VALUES(90,'76.29','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_29',NULL); -INSERT INTO "TestSteps" VALUES(91,'76.30','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_30',NULL); -INSERT INTO "TestSteps" VALUES(92,'76.31','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_31',NULL); -INSERT INTO "TestSteps" VALUES(93,'76.32','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_32',NULL); -INSERT INTO "TestSteps" VALUES(94,'76.33','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_33',NULL); -INSERT INTO "TestSteps" VALUES(95,'76.34','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_34',NULL); -INSERT INTO "TestSteps" VALUES(96,'76.35','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_35',NULL); -INSERT INTO "TestSteps" VALUES(97,'76.36','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_36',NULL); -INSERT INTO "TestSteps" VALUES(98,'76.37','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_37',NULL); -INSERT INTO "TestSteps" VALUES(99,'76.38','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_38',NULL); -INSERT INTO "TestSteps" VALUES(100,'76.39','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_39',NULL); -INSERT INTO "TestSteps" VALUES(101,'76.40','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_40',NULL); -INSERT INTO "TestSteps" VALUES(102,'76.41','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_41',NULL); -INSERT INTO "TestSteps" VALUES(103,'76.42','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_42',NULL); -INSERT INTO "TestSteps" VALUES(104,'76.43','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_43',NULL); -INSERT INTO "TestSteps" VALUES(105,'76.44','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_44',NULL); -INSERT INTO "TestSteps" VALUES(106,'76.45','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_45',NULL); -INSERT INTO "TestSteps" VALUES(107,'76.46','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_46',NULL); -INSERT INTO "TestSteps" VALUES(108,'76.47','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_47',NULL); -INSERT INTO "TestSteps" VALUES(109,'76.48','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_48',NULL); -INSERT INTO "TestSteps" VALUES(110,'CMS.1','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(111,'CMS.2','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(112,'CMS.3','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(113,'CMS.4','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(114,'CMS.5','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(115,'CMS.6','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(116,'CMS.7','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(117,'CMS.8','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(118,'CMS.9','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(119,'CMS.10','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(120,'CMS.11','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(121,'CMS.12','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(122,'CMS.13','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(123,'CMS.14','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(124,'CMS.15','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(125,'CMS.17','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(126,'CMS.18','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(127,'CMS.19','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(128,'CMS.20','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(129,'CMS.21','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(130,'CMS.22','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(131,'CMS.23','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(132,'CMS.24','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(133,'CMS.25','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(134,'CMS.26','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(135,'CMS.27','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(136,'CMS.28','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(137,'CMS.29','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_29',NULL); -INSERT INTO "TestSteps" VALUES(138,'CMS.30','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_30',NULL); -INSERT INTO "TestSteps" VALUES(139,'78.1','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(140,'78.2','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(141,'78.3','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(142,'PKIX.1','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(143,'PKIX.2','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(144,'PKIX.3','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(145,'PKIX.4','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(146,'PKIX.5','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(147,'PKIX.6','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(148,'PKIX.7','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(149,'PKIX.8','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(150,'PKIX.9','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(151,'PKIX.10','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(152,'PKIX.11','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(153,'PKIX.12','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(154,'PKIX.13','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(155,'PKIX.14','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(156,'PKIX.15','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(157,'PKIX.16','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(158,'PKIX.17','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(159,'PKIX.18','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(160,'PKIX.19','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(161,'PKIX.20','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(162,'PKIX.21','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(163,'PKIX.22','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(164,'PKIX.23','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(165,'PKIX.24','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(166,'PKIX.25','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(167,'PKIX.26','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(168,'PKIX.27','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(169,'PKIX.28','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(170,'PlaceholderTest.1','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_1',NULL); -INSERT INTO "TestSteps" VALUES(171,'PlaceholderTest.2','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_2',NULL); -INSERT INTO "TestSteps" VALUES(172,'PlaceholderTest.3','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_3',NULL); -INSERT INTO "TestStepParameters" VALUES(1, 21,NULL,'6',0); -INSERT INTO "TestStepParameters" VALUES(2, 99,NULL,'CARDHOLDER_FINGERPRINTS_OID:513',0); -INSERT INTO "TestStepParameters" VALUES(3, 99,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:1281',1); -INSERT INTO "TestStepParameters" VALUES(4, 99,NULL,'CARDHOLDER_IRIS_IMAGES_OID:9',2); -INSERT INTO "TestStepParameters" VALUES(5, 102,NULL,'CARDHOLDER_FINGERPRINTS_OID:8',0); -INSERT INTO "TestStepParameters" VALUES(6, 102,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:2',1); -INSERT INTO "TestStepParameters" VALUES(7, 102,NULL,'CARDHOLDER_IRIS_IMAGES_OID:16',2); -INSERT INTO "TestStepParameters" VALUES(8, 103,NULL,'CARDHOLDER_FINGERPRINTS_OID:128',0); -INSERT INTO "TestStepParameters" VALUES(9, 103,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:32:2',1); -INSERT INTO "TestStepParameters" VALUES(10, 103,NULL,'CARDHOLDER_IRIS_IMAGES_OID:64',2); -INSERT INTO "TestStepParameters" VALUES(11, 104,NULL,'-2',0); -INSERT INTO "TestStepParameters" VALUES(12, 104,NULL,'100',1); -INSERT INTO "TestStepParameters" VALUES(13, 114,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID:2.16.840.1.101.3.6.1',0); -INSERT INTO "TestStepParameters" VALUES(14, 114,NULL,'CARDHOLDER_FINGERPRINTS_OID:2.16.840.1.101.3.6.2',1); -INSERT INTO "TestStepParameters" VALUES(15, 114,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:2.16.840.1.101.3.6.2',2); -INSERT INTO "TestStepParameters" VALUES(16, 114,NULL,'CARDHOLDER_IRIS_IMAGES_OID:2.16.840',3); -INSERT INTO "TestStepParameters" VALUES(17, 124,NULL,'2.16.840.1.101.3.8.7',0); -INSERT INTO "TestStepParameters" VALUES(18, 125,NULL,'1.3.6.1.1.16.4',0); -INSERT INTO "TestStepParameters" VALUES(19, 147,NULL,'X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID: 2.16.840.1.114027.200.3.10.7.13',0); -INSERT INTO "TestStepParameters" VALUES(20, 147,NULL,'X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID: 2.16.840.1.114027.200.3.10.7.6',1); -INSERT INTO "TestStepParameters" VALUES(21, 147,NULL,'X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID: 2.16.840.1.114027.200.3.10.7.4|2.16.840.1.114027.200.3.10.7.6',2); -INSERT INTO "TestStepParameters" VALUES(22, 147,NULL,'X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID: 2.16.840.1.114027.200.3.10.7.6',3); -INSERT INTO "TestStepParameters" VALUES(23, 147,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID: 2.16.840.1.114027.200.3.10.7.9',4); -INSERT INTO "TestStepParameters" VALUES(24, 159,NULL,'2.16.840.1.101.3.2.1.3.19',0); -INSERT INTO "TestStepParameters" VALUES(25, 161,NULL,'X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID:2.16.840.1.101.3.6.8',0); -INSERT INTO "TestStepParameters" VALUES(26, 161,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID:2.16.840.1.101.3.8.7',1); -INSERT INTO "TestStepParameters" VALUES(27, 162,NULL,'1.3.6.1.4.1.45606.3.1.22',0); -INSERT INTO "TestStepParameters" VALUES(28, 165,NULL,'2.5.29.31',0); -INSERT INTO "TestStepParameters" VALUES(29, 168,NULL,'1.3.6.1.1.16.4',0); -INSERT INTO "TestStepParameters" VALUES(30, 171,NULL,'1',0); -INSERT INTO "TestStepParameters" VALUES(31, 171,NULL,'2',1); -INSERT INTO "TestStepParameters" VALUES(32, 171,NULL,'3',2); -INSERT INTO "TestStepParameters" VALUES(33, 172,NULL,'CAT:SLEEPY',0); -INSERT INTO "TestStepParameters" VALUES(34, 172,NULL,'DOG:HUNGRY',1); -INSERT INTO "TestStepParameters" VALUES(35, 172,NULL,'ELEPHANT:SAD',2); -INSERT INTO "TestCases" VALUES(1, NULL,'8 BER_TLV','BER-TLV Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(2, NULL,'8.1 CCC','Card Capabilities Container','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(3, NULL,'8.1.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(4, NULL,'8.1.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(5, NULL,'8.1.0.2','Tag encoded as 3 bytes','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(6, NULL,'8.1.0.3','Each data object returned with 2 byte status word (90 00)','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(7, NULL,'8.1.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(8, NULL,'8.1.1','CCC Registered data model element is present and has a value of 0x10.','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(9, NULL,'8.1.2','CCC BERTLV tag is 5FC107','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(10, NULL,'8.1.3','CCC Tags 0xF0, 0xF1, 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7, 0xFA, 0xFB, 0xFC, 0xFD present in that order','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(11, NULL,'8.1.8','CCC Optional Tags 0xE3 and 0xB4 may be present or absent; if present are after tags listed in and are in that order','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(12, NULL,'8.1.9','CCC Tag 0xFE present and after any tags from 73-4.3 and 73-4.4','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(13, NULL,'8.1.10','Confirm that tag 0xFE has length of 0','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(14, NULL,'8.1.11','CCC value lengths comply with Table 8 of SP 800-73-4','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(15, NULL,'8.2 CHUID','Card Holder Unique Identifier','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(16, NULL,'8.2.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(17, NULL,'8.2.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(18, NULL,'8.2.0.2','Tag encoded as 3 bytes','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(19, NULL,'8.2.0.3','Each data object returned with 2 byte status word (90 00)','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(20, NULL,'8.2.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(21, NULL,'8.2.1','CHUID value lengths comply with Table 9 of SP 800-73-4','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(22, NULL,'8.2.2.1','Tag 0x30 is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(23, NULL,'8.2.2.2','Tag 0x30 is the first tag or the first tag following 0xEE','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(24, NULL,'8.2.2.3','Tags 0x32 and 0x33 are optionally present and must follow 0x30 in that order','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(25, NULL,'8.2.2.4','Tag 0x34 is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(26, NULL,'8.2.2.5','Tag 0x34 follows Tag 0x30, 32, or 0x33','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(27, NULL,'8.2.2.6','Tag 0x35 is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(28, NULL,'8.2.2.7','Tag 0x35 follows Tag 0x34','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(29, NULL,'8.2.2.8','Tag 0x36 is optionally present and follows Tag 0x35','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(30, NULL,'8.2.2.9','Tags 0x3E and 0xFE are present and follow tags in that order','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(31, NULL,'8.2.2.10','Tag 0x3E is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(32, NULL,'8.2.2.11','Tag 0x3E follows Tag 0x35 or 0x36','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(33, NULL,'8.2.2.12','Tag 0xFE is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(34, NULL,'8.2.2.13','Tag 0xFE follows Tag 0x3E','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(35, NULL,'8.2.2.14','If CHUID tag 0xEE is present, it is the first tag in the blob','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(36, NULL,'8.2.2.15','No tags other than (0xEE, 0x30, 0x32, 0x33, 0x34, 0x35, 0x36, 0x3E, 0xFE) are present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(37, NULL,'8.2.3','Expiration Date is formatted YYYYMMDD','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(38, NULL,'8.2.4','Expiration Date is within the next 6 years','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(39, NULL,'8.2.5','If the CHUID contains the optional Cardholder UUID, then the data element shall be in accordance with 800 73-4 Part 1 Section 3.4.2.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(40, NULL,'8.2.6','The retired key map is not present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(41, NULL,'8.2.7','Tag 0xFE has length of 0','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(42, NULL,'8.3 Authentication Cert','X.509 Certificate for PIV-I Authentication','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(43, NULL,'8.3.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(44, NULL,'8.3.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(45, NULL,'8.3.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(46, NULL,'8.3.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(47, NULL,'8.3.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(48, NULL,'8.3.1','PIV Authentication Certificate container value lengths comply with Table 10 of SP 800-73-4','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(49, NULL,'8.3.2.1','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(50, NULL,'8.3.2.2','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(51, NULL,'8.3.2.3','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(52, NULL,'8.3.2.4','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(53, NULL,'8.3.2.5','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(54, NULL,'8.4 Fingerprints','Card Holder Fingerprints','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(55, NULL,'8.4.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(56, NULL,'8.4.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(57, NULL,'8.4.0.2','Tag encoded as 3 bytes','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(58, NULL,'8.4.0.3','Each data object returned with 2 byte status word (90 00)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(59, NULL,'8.4.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(60, NULL,'8.4.5','Card Holder Fingerprints value lengths comply with Table 11 of SP 800-73-4','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(61, NULL,'8.4.6','If CHUID tag 0xEE is present, it is the first tag in the blob','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(62, NULL,'8.4.7','Tag 0x30 is present and is the first tag or the first tag following 0xEE','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(63, NULL,'8.4.8','Tags 0x32 and 0x33 are optionally present and must follow 0x30 in that order','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(64, NULL,'8.4.9','Tag 0xFE has length of 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(65, NULL,'8.5 Printed Information','Printed Information','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(66, NULL,'8.5.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(67, NULL,'8.5.0.1','Length field encoded as shown in SP800-85B Table 8.1','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(68, NULL,'8.5.0.2','Tag encoded as 3 bytes','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(69, NULL,'8.5.0.3','Each data object returned with 2 byte status word (90 00)','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(70, NULL,'8.5.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(71, NULL,'8.5.1.1','Printed Information value lengths comply with Table 14 of SP 800-73-4','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(72, NULL,'8.5.1.2','Printed Information Tags 0x01, 0x02, 0x05, 0x06 are present in that order','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(73, NULL,'8.5.1.3','Printed Information Tags 0x01, 0x02, 0x05, 0x06 are in that order','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(74, NULL,'8.5.1.4','Printed Information Tag 0xFE follows Tag 0x06, or optional Tags 0x07 or 0x08','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(75, NULL,'8.5.1.5','Printed Information Tags 0x07 and 0x08 are optionally present in that order, following the tags from 73-4.28','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(76, NULL,'8.5.1.6','Printed Information Tag 0xFE is present','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(77, NULL,'8.5.1.7','No Printed Information tags other than (0x01, 0x02, 0x05, 0x06, 0x07, 0x08, 0xFE) are present','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(78, NULL,'8.5.1.8','Tag 0xFE has length of 0','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(79, NULL,'8.6 Facial Image','Card Holder Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(80, NULL,'8.6.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(81, NULL,'8.6.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(82, NULL,'8.6.0.2','Tag encoded as 3 bytes','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(83, NULL,'8.6.0.3','Each data object returned with 2 byte status word (90 00)','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(84, NULL,'8.6.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(85, NULL,'8.6.1.1','Printed Information value lengths comply with Table 13 of SP 800-73-4','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(86, NULL,'8.6.1.2','Position is one of the valid x,y coordinate types in the original image','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(87, NULL,'8.6.1.3','No tags other than (0xBC, 0xFE) are present','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(88, NULL,'8.6..4','Tag 0xFE has length of 0','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(89, NULL,'8.7 Digital Signature Cert','X.509 Certificate for Digital Signature','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(90, NULL,'8.7.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(91, NULL,'8.7.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(92, NULL,'8.7.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(93, NULL,'8.7.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(94, NULL,'8.7.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(95, NULL,'8.7.1.1','X.509 Certificate for Digital Signature container value lengths comply with Table 15 of SP 800-73-4','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(96, NULL,'8.7.1.2','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(97, NULL,'8.7.1.3','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(98, NULL,'8.7.1.4','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(99, NULL,'8.7.1.5','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(100, NULL,'8.7.1.6','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(101, NULL,'8.8 Key Management Cert','X.509 Certificate for Key Management','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(102, NULL,'8.8.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(103, NULL,'8.8.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(104, NULL,'8.8.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(105, NULL,'8.8.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(106, NULL,'8.8.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(107, NULL,'8.8.1.1','X.509 Certificate for Key Management container value lengths comply with Table 16 of SP 800-73-4','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(108, NULL,'8.8.1.2','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(109, NULL,'8.8.1.3','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(110, NULL,'8.8.1.4','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(111, NULL,'8.8.1.5','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(112, NULL,'8.8.1.6','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(113, NULL,'8.9 Card Auth Cert','X.509 Certificate for Card Authentication','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(114, NULL,'8.9.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(115, NULL,'8.9.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(116, NULL,'8.9.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(117, NULL,'8.9.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(118, NULL,'8.9.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(119, NULL,'8.9.1.1','X.509 Certificate for Card Authentication value lengths comply with Table 17 of SP 800-73-4','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(120, NULL,'8.9.1.2','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(121, NULL,'8.9.1.3','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(122, NULL,'8.9.1.4','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(123, NULL,'8.9.1.5','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(124, NULL,'8.9.1.6','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(125, NULL,'8.10 Security Objecvt','Security Object','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(126, NULL,'8.10.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(127, NULL,'8.10.0.1','Length field encoded as shown in SP800-85B Table 8.1','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(128, NULL,'8.10.0.2','Tag encoded as 3 bytes','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(129, NULL,'8.10.0.3','Each data object returned with 2 byte status word (90 00)','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(130, NULL,'8.10.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(131, NULL,'8.10.1.1','Security Object value lengths comply with Table 12 of SP 800-73-4','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(132, NULL,'8.10.1.2','Tags 0xBA, 0xBB, 0XFE are present','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(133, NULL,'8.10.1.3','Tags 0xBA, 0xBB, 0XFE are are in that order','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(134, NULL,'8.10.1.4','No tags other than (0xBA, 0xBB, 0xFE) are present','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(135, NULL,'8.10.2','Parse data at tag 0xBA and for each data container found ensure that performing a select returns status words 0x90, 0x00','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(136, NULL,'8.11 Discovery Object','Discovery Object','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(137, NULL,'8.11.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(138, NULL,'8.11.0.1','Length field encoded as shown in SP800-85B Table 8.1','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(139, NULL,'8.11.0.2','Tag encoded as 3 bytes','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(140, NULL,'8.11.0.3','Each data object returned with 2 byte status word (90 00)','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(141, NULL,'8.11.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(142, NULL,'8.11.1.1','Tag 0x4F (PIV Application AID) is present','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(143, NULL,'8.11.1.2','Tag 0x5F2F (PIN Usage Policy) Is present','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(144, NULL,'8.11.1.3','Discovery Object Tags 0x4F, 0x5F2F are in that order','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(145, NULL,'8.11.1.4','The values of the tags conform with the vendor provided data.','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(146, NULL,'8.11.1.5','The PIN usage policy matches the card capabilities provided by the vendor documentation. Associated optional data objects are present when the PIN usage policy asserts an optional capability (i.e., OCC, global PIN and pairing code)','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(147, NULL,'8.11.6','Discovery Object value lengths comply with Table 18 of SP 800-73-4','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(148, NULL,'8.12 Iris','Card Holder Iris Images','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(149, NULL,'8.13 Retired Key Management Cert','Key History Objects','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(150, NULL,'8.13.1','X.509 Key History 1','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(151, NULL,'8.13.2','X.509 Key History 2','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(152, NULL,'8.14 Key History','Key History (see Issue #52)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(153, NULL,'8.15 BITT','Biometric InformationTemplates Group Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(154, NULL,'8.16 SMCS','Secure Messaging Certificate Signer','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(155, NULL,'8.17 Paring Code Reference','Pairing Code Reference Data Container','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(156, NULL,'9 Biometric Data Objects','Biometric Data Object Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(157, NULL,'9.1 Fingerprint CBEFF','CBEFF Patron Format for Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(158, NULL,'9.1.1','CBEFF Structure for Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(159, NULL,'9.1.1.1','BDB length field is non-zero','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(160, NULL,'9.1.1.2','Recorded length matches actual BDB length','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(161, NULL,'9.1.1.3','SB length field is non-zero','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(162, NULL,'9.1.1.4','Recorded length matches actual SB length','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(163, NULL,'9.1.1.5','Card Holder Fingerprint object length equals sum of CBEFF header length + BDB length + SB length','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(164, NULL,'9.1.2','CBEFF Header for Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(165, NULL,'9.1.2.1','The Patron Header Version field has a value of 0x03.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(166, NULL,'9.1.2.2','Validate that the biometric data block is signed but not encrypted','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(167, NULL,'9.1.2.3','Validate that BDB Format Owner is set to a value of 0x001B denoting M1, the INCITS Technical Committee on Biometrics.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(168, NULL,'9.1.2.4','The BDB Format Type is set to a value of 0x0201','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(169, NULL,'9.1.2.5','Validate that that the creation date in the PIV Patron Format is encoded in 8 bytes using a binary representation of YYYYMMDDhhmmssZ','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(170, NULL,'9.1.2.6','Validate date encoding on Validity Period in PIV Patron Format','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(171, NULL,'9.1.2.7','Valdiate that that Biometric Type has the value 0x000008','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(172, NULL,'9.1.2.8','Validate that for the mandatory minutia PIV card templates, the CBEFF biometric data type encoding value shall be b100xxxxx, which corresponds to biometric data that has been processed.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(173, NULL,'9.1.2.9','The Biometric Data Quality field is -2 or 0 - 100.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(174, NULL,'9.1.2.10','Validate that that the Creator field in the PIV Patron Format contains 18 bytes of which the first K <= 17 bytes shall be ASCII characters, and the first of the remaining 18-K shall be a null terminator (zero)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(175, NULL,'9.1.2.12','Validate that the Reserved for Future Use field is equal to 0x00000000','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(176, NULL,'9.2 Facial Image CBEFF','CBEFF Patron Format for Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(177, NULL,'9.2.1','CBEFF Structure for Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(178, NULL,'9.2.1.1','BDB length field is non-zero','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(179, NULL,'9.2.1.2','Recorded length matches actual BDB length','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(180, NULL,'9.2.1.3','SB length field is non-zero','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(181, NULL,'9.2.1.4','Recorded length matches actual SB length','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(182, NULL,'9.2.2','CBEFF Header for Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(183, NULL,'9.2.2.1','Card Holder Fingerprint object length equals sum of CBEFF header length + BDB length + SB length','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(184, NULL,'9.2.2.2','Validate that the biometric data block is signed but not encrypted','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(185, NULL,'9.2.2.3','Validate that BDB Format Owner is set to a value of 0x001B denoting M1, the INCITS Technical Committee on Biometrics.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(186, NULL,'9.2.2.4','The BDB Format Type is set to a value of 0x0501','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(187, NULL,'9.2.2.5','Validate that that the creation date in the PIV Patron Format is encoded in 8 bytes using a binary representation of YYYYMMDDhhmmssZ','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(188, NULL,'9.2.2.6','Validate date encoding on Validity Period in PIV Patron Format','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(189, NULL,'9.2.2.7','Validate that Biometric Type has the value 0x000002','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(190, NULL,'9.2.2.8','Validate that the CBEFF biometric data type encoding value shall be b001xxxxx, which corresponds to the raw biometric data','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(191, NULL,'9.2.2.9','The Biometric Data Quality field is -2 or 0 - 100.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(192, NULL,'9.2.2.10','Validate that that the Creator field in the PIV Patron Format contains 18 bytes of which the first K <= 17 bytes shall be ASCII characters, and the first of the remaining 18-K shall be a null terminator (zero)','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(193, NULL,'9.2.2.12','Validate that the Reserved for Future Use field is equal to 0x00000000','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(194, NULL,'9.3 Iris CBEFF','CBEFF Patron Format for Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(195, NULL,'9.3.1','CBEFF Structure for Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(196, NULL,'9.3.1.1','BDB length field is non-zero','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(197, NULL,'9.3.1.2','Recorded length matches actual BDB length','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(198, NULL,'9.3.1.3','SB length field is non-zero','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(199, NULL,'9.3.1.4','Recorded length matches actual SB length','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(200, NULL,'9.3.2','CBEFF Header for Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(201, NULL,'9.3.2.1','Patron Header Version field has a value of 0x03.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(202, NULL,'9.3.2.2','Validate that the biometric data block is signed but not encrypted','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(203, NULL,'9.3.2.3','The BDB Format Owner field has a value of 0x0101.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(204, NULL,'9.3.2.4','The BDB Format Type field has a value of 0x0009.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(205, NULL,'9.3.2.5','Validate that that the creation date in the PIV Patron Format is encoded in 8 bytes using a binary representation of YYYYMMDDhhmmssZ','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(206, NULL,'9.3.2.6','Validate date encoding on Validity Period in PIV Patron Format','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(207, NULL,'9.3.2.7','The value of the Biometric Type field for the iris image is 0x000010.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(208, NULL,'9.3.2.8','Validate that the CBEFF biometric data type encoding value shall be b01000000, which corresponds to the raw biometric data','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(209, NULL,'9.3.2.9','The Biometric Data Quality field is -2 or 0 - 100.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(210, NULL,'9.3.2.10','Validate that that the Creator field in the PIV Patron Format contains 18 bytes of which the first K <= 17 bytes shall be ASCII characters, and the first of the remaining 18-K shall be a null terminator (zero)','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(211, NULL,'9.3.2.12','Validate that the Reserved for Future Use field is equal to 0x00000000','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(212, NULL,'9.4 Fingerprint BDB','Off-Card Comparison Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(213, NULL,'9.4.1','General Record Header Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(214, NULL,'9.4.1.1','Extract contents of format identifier, confirm value 0x464D5200','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(215, NULL,'9.4.1.2','Extract contents of version identifier, confirm value 0x20323030','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(216, NULL,'9.4.1.3','Biometric Data Block length (L) where 26 <= L <= 1574','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(217, NULL,'9.4.1.4','Confirm that product identifier owner and product identifier type are non-zero and that MSBs identify vendor, LSBs identify minutia detection algorithm version','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(218, NULL,'9.4.1.5','Confirm that product identifier owner and product identifier type are non-zero and that MSBs identify vendor, LSBs identify minutia detection algorithm version','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(219, NULL,'9.4.1.6','Confirm that capture equipment compliance has a value of 1000b','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(220, NULL,'9.4.1.7','Confirm that capture equipment id is non-NULL','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(221, NULL,'9.4.1.8','Width of the Size of Scanned Image in x direction is the larger of the widths of the two input images.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(222, NULL,'9.4.1.9','Height of the Size of Scanned Image in y direction is the larger of the heights of the two input images.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(223, NULL,'9.4.1.10','X and Y resolutions both have values of 197','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(224, NULL,'9.4.1.12','Number of Finger Views is 2','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(225, NULL,'9.4.1.13','Confirm that reserved byte is set to 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(226, NULL,'9.4.2','View Header Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(227, NULL,'9.4.2.0.1','Confirm that Finger View Header has value A','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(228, NULL,'9.4.2.0.2','Confirm that Finger View Position (0,14)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(229, NULL,'9.4.2.1','If only 1 minutiae present for a finger, view number must be 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(230, NULL,'9.4.2.2','Impression type must be 0 or 2','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(231, NULL,'9.4.2.3','Finger Quality value shall be 20, 40, 60, 80, 100, 254, or 255.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(232, NULL,'9.4.2.4','Number of minutia (0..128)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(233, NULL,'9.4.2.5','Minutiae Type value shall be 01b, 10b, or 00b.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(234, NULL,'9.4.2.6','Verify that position is one of the valid x,y coordinate types in the original image','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(235, NULL,'9.4.2.7','Verify that angle (0,179)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(236, NULL,'9.4.2.8','Verify that quality (0,100)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(237, NULL,'9.4.2.9','Verify that extended data block length is 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(238, NULL,'9.4.3','Fingerprint Minutiae Data Records','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(239, NULL,'9.4.3.1','Minutiae Type value shall be01b, 10b, or 00b.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(240, NULL,'9.4.3.2','Extended Data Block Length shall be 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(241, NULL,'9.5','On-Card Comparison','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(242, NULL,'9.5.1','BIT Group Template data conformance for on-card comparison','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(243, NULL,'9.6 Facial Image BDB','Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(244, NULL,'9.6.1','Facial Image Header Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(245, NULL,'9.6.1.1','Format Identifier has a value 0x46414300','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(246, NULL,'9.6.1.2','Version Number has a value of 0x30313000','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(247, NULL,'9.6.1.3','Number of Facial Images value is >= 1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(248, NULL,'9.6.1.4','Number of Feature Points is >= 0','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(249, NULL,'9.6.2','Facial Image Data Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(250, NULL,'9.6.2.1','Facial Image Type is 1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(251, NULL,'9.6.2.2','Image Data Type is 0 or 1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(252, NULL,'9.6.2.3','Image Color Space is 1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(253, NULL,'9.6.2.4','Source Type is 2 or 6','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(254, NULL,'9.7 Iris Image BDB','Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(255, NULL,'9.7.1','Iris Image Profile','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(256, NULL,'9.7.2','Iris Image Data Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(257, NULL,'10 Signed Data Elements','Signed Data Elements Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(258, NULL,'10.1 CHUID','Card Holder Unique Identifier','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(259, NULL,'10.1.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(260, NULL,'10.1.1.1','The CHUID buffer contains an asymmetric digital signature that is implemented as a SignedData type and is encoded as a CMS external signature according to RFC 5652.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(261, NULL,'10.1.1.2','The value of the version field of the SignedData is 3.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(262, NULL,'10.1.1.3','The digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP800-78-4.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(263, NULL,'10.1.1.4','The eContent field has been omitted and the eContentType asserts id-piv-CHUIDSecurityObject in encapContentInfo.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(264, NULL,'10.1.1.5','The crls field is omitted from the SignedData.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(265, NULL,'10.1.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(266, NULL,'10.1.1.7','The SignerIdentifier in the SignerInfo uses the issuerAndSerialNumber choice and it corresponds to the issuer and serialNumber fields found in the X.509 certificate of the signer.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(267, NULL,'10.1.1.8','The digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP80078','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(268, NULL,'10.1.1.8.1','The digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(269, NULL,'10.1.1.9','The value of the hash obtained from the message digest attribute of the signedAttrs of the SignerInfo is identical to that obtained after hashing the concatenated contents of the CHUID, excluding the asymmetric digital signature field and the Buffer Length field, if present.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(270, NULL,'10.1.1.10','The value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(271, NULL,'10.1.1.12','The signatureAlgorithm field specified in the SignerInfo field for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm shall be in accordance with Table 3-3 of SP800-78-4.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(272, NULL,'10.1.1.13','The certificate from the cert bag succesfully validates the CMS signature.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(273, NULL,'10.2 Fingerprint','Off-Card Comparison Biometric Fingerprint','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(274, NULL,'10.2.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(275, NULL,'10.2.1.1','CBEFF_SIGNATURE_BLOCK is present in the biometric CBEFF structure containing an asymmetric digital signature that is implemented as a SignedData type according to RFC 5652.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(276, NULL,'10.2.1.2','PKCS#7 version is set to 3','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(277, NULL,'10.2.1.3','digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP 800-78.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(278, NULL,'10.2.1.4','The eContent field has been omitted and the eContentType asserts id-piv-biometricObject in encapContentInfo.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(279, NULL,'10.2.1.5','The crls field is omitted from the SignedData.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(280, NULL,'10.2.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(281, NULL,'10.2.1.7.1','SignerId uses ths IssuerAndSerialNumber choice','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(282, NULL,'10.2.1.7.2','Issuer and Serial in the signer info corresponds to the issuer and serial values in the signer certificate','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(283, NULL,'10.2.1.8','Verify Digest Algorithm in SignerInfo','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(284, NULL,'10.2.1.8.1','The digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP 800-78','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(285, NULL,'10.2.1.8.2','digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(286, NULL,'10.2.1.9','Message digest from signed attributes bag matches the digest over Fingerprint biometric data (excluding contents of digital signature field)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(287, NULL,'10.2.1.10','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(288, NULL,'10.2.1.11','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(289, NULL,'10.2.1.12','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(290, NULL,'10.2.1.13','The content signing certificate contains id-piv-content-signing or directly-asserted id-fpki-pivi-content-signing (for PIV-I) EKU extension.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(291, NULL,'10.2.1.14','The signed attribute entryUUID matches GUID read from CHUID container.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(292, NULL,'10.3 Facial Image','Biometric Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(293, NULL,'10.3.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(294, NULL,'10.3.1.1','CBEFF_SIGNATURE_BLOCK is present in the biometric CBEFF structure containing an asymmetric digital signature that is implemented as a SignedData type according to RFC 5652.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(295, NULL,'10.3.1.2','PKCS#7 version is set to 3','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(296, NULL,'10.3.1.3','digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP80078.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(297, NULL,'10.3.1.4','The eContent field has been omitted and the eContentType asserts id-piv-biometricObject in encapContentInfo.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(298, NULL,'10.3.1.5','The crls field is omitted from the SignedData.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(299, NULL,'10.3.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(300, NULL,'10.3.1.7.1','SignerId uses ths IssuerAndSerialNumber choice','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(301, NULL,'10.3.1.7.2','Issuer and Serial in the signer info corresponds to the issuer and serial values in the signer certificate','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(302, NULL,'10.3.1.8.1','Th digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP 800-78','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(303, NULL,'10.3.1.8.2','digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(304, NULL,'10.3.1.9','Message digest from signed attributes bag matches the digest over Facial Imagbe biometric data (excluding contents of digital signature field)','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(305, NULL,'10.3.1.10','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(306, NULL,'10.3.1.11','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(307, NULL,'10.3.1.12','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(308, NULL,'10.3.1.13','The content signing certificate contains id-piv-content-signing or directly-asserted id-fpki-pivi-content-signing (for PIV-I) EKU extension.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(309, NULL,'10.3.1.14','The signed attribute entryUUID matches GUID read from CHUID container.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(310, NULL,'10.4 Security Object','Security Object','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(311, NULL,'10.4.1','Data Integrity','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(312, NULL,'10.4.1.1','The actual hash of the data elements on the PIV card are identical to their corresponding hash values present in the security object.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(313, NULL,'10.4.2','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(314, NULL,'10.4.2.1','Verify that the asymmetric digital field contains a CMS signed data object','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(315, NULL,'10.4.2.2','Confirm that version of signed data structure is 1','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(316, NULL,'10.4.2.3','Verify that eContent contains a security object','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(317, NULL,'10.4.2.4','The eContent field contains a correctly formatted ldsSecurityobject and the eContentType asserts id-icao-ldsSecurityObject in encapContentInfo.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(318, NULL,'10.4.2.5','The certificates field is omitted from the SignedData.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(319, NULL,'10.4.2.6','digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP 800-78','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(320, NULL,'10.4.2.7','The signatureAlgorithm field specified in the SignerInfo field for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm shall be in accordance with Table 3-3 of SP80078.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(321, NULL,'10.4.2.8','The signature in the SignerInfo corresponds to the signed security object and that it is it signed with the certificate that is used to sign the CHUID.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(322, NULL,'10.5 Iris','Biometric Iris','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(323, NULL,'10.5.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(324, NULL,'10.5.1.1','CBEFF_SIGNATURE_BLOCK is present in the biometric CBEFF structure containing an asymmetric digital signature that is implemented as a SignedData type according to RFC 5652.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(325, NULL,'10.5.1.2','PKCS#7 version is set to 3','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(326, NULL,'10.5.1.3','digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP80078.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(327, NULL,'10.5.1.4','The eContent field has been omitted and the eContentType asserts id-piv-biometricObject in encapContentInfo.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(328, NULL,'10.5.1.5','The crls field is omitted from the SignedData.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(329, NULL,'10.5.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(330, NULL,'10.5.1.7','SignerId uses ths IssuerAndSerialNumber choice','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(331, NULL,'10.5.1.8','Issuer and Serial in the signer info corresponds to the issuer and serial values in the signer certificate','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(332, NULL,'10.5.1.9','Th digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP 800-78','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(333, NULL,'10.5.1.10','digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(334, NULL,'10.5.1.11','Message digest from signed attributes bag matches the digest over Fingerprint biometric data (excluding contents of digital signature field)','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(335, NULL,'10.5.1.12','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(336, NULL,'10.5.1.13','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(337, NULL,'10.5.1.14','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(338, NULL,'10.5.1.15','The content signing certificate contains id-piv-content-signing or directly-asserted id-fpki-pivi-content-signing (for PIV-I) EKU extension.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(339, NULL,'10.5.1.16','The signed attribute entryUUID matches GUID read from CHUID container.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(340, NULL,'11 X.509 Certificate Profiles','PKI Certificate Profile Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(341, NULL,'11.1','PIV Authentication Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(342, NULL,'11.1.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(343, NULL,'11.1.1.1','The signatureAlgorithm value is in accordance with Table 3-3 of SP80078. If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(344, NULL,'11.1.1.2','The PIV authentication key is generated using an allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(345, NULL,'11.1.1.3','The key size and types used are in accordance with Table 3-1 of SP 800-78-4.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(346, NULL,'11.1.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(347, NULL,'11.1.2.1.1','digitalSignature bit has been set','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(348, NULL,'11.1.2.1.2','Confirm no other keyUsage bits are set.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(349, NULL,'11.1.2.2.1','A certificate policies extension is present.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(350, NULL,'11.1.2.2.2','A policyIdentifier field in the certificatePolicies extension asserts id-fpki-common-authentication.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(351, NULL,'11.1.2.3','OCSP','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(352, NULL,'11.1.2.3.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(353, NULL,'11.1.2.3.2','An accessMethod containing id-ad-ocsp is present.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(354, NULL,'11.1.2.3.3','AIA uniformResourceIdentifier protocol is http','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(355, NULL,'11.1.2.5','Private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(356, NULL,'11.1.2.6','Subject Alternate Name','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(357, NULL,'11.1.2.6.2','GeneralName field exists that contain a URI asserting a Card UUID as specified by [RFC4122, Section 3] that matches the GUID value in the CHUID.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(358, NULL,'11.1.2.7','Expiration date of the PIV authentication certificate is not beyond the expiration date of the CHUID i.e. the PIV card.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(359, NULL,'11.1.2.8','Exponent of the RSA asymmetric key for PIV authentication is equal to 65,537.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(360, NULL,'11.1.2.9','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(361, NULL,'11.1.2.9.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(362, NULL,'11.1.2.9.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(363, NULL,'11.1.2.10','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(364, NULL,'11.1.2.10.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(365, NULL,'11.1.2.10.2','An accessMethod containing id-ad-caIssuers is present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(366, NULL,'11.1.2.10.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(367, NULL,'11.1.2.10.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(368, NULL,'11.1.2.10.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(369, NULL,'11.2','Digital Signature Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(370, NULL,'11.2.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(371, NULL,'11.2.1.1','The signatureAlgorithm value is in accordance with Table 3-3 of SP80078. If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(372, NULL,'11.2.1.2','The digital signature key is generated using an allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(373, NULL,'11.2.1.3','The key size used is in accordance with Table 3-1 of SP80078.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(374, NULL,'11.2.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(375, NULL,'11.2.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(376, NULL,'11.2.2.1.1','Key Usage extension is present','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(377, NULL,'11.2.2.1.2','digitalSignature and nonRepudiation bits have been set.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(378, NULL,'11.2.2.2','Private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(379, NULL,'11.2.2.3','Expiration date of the digital signature certificate is not beyond the expiration date of the CHUID i.e. the PIV card.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(380, NULL,'11.2.2.4','Exponent of the RSA asymmetric key for digital signature is equal to 65,537.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(381, NULL,'11.2.2.5','policyIdentifier field in the certificatePolicies extension asserts one of the following: id-fpki-common-hardware or id-fpki-common-High.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(382, NULL,'11.2.2.6','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(383, NULL,'11.2.2.6.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(384, NULL,'11.2.2.6.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(385, NULL,'11.2.2.7','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(386, NULL,'11.2.2.7.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(387, NULL,'11.2.2.7.2','authorityInfoAccess field contains an id-ad-caIssuers','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(388, NULL,'11.2.2.7.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(389, NULL,'11.2.2.7.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(390, NULL,'11.2.2.7.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(391, NULL,'11.3','Key Management Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(392, NULL,'11.3.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(393, NULL,'11.3.1.1','If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(394, NULL,'11.3.1.2','The key management key is generated using an allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(395, NULL,'11.3.1.3','The key sizes used are in accordance with Table 3-1 of SP80078.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(396, NULL,'11.3.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(397, NULL,'11.3.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(398, NULL,'11.3.2.1.1','If the public key algorithm is RSA, then the keyUsage extension asserts the keyEncipherment bit.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(399, NULL,'11.3.2.1.2','If the algorithm is Elliptic Curve key, then the keyUsage extension asserts the keyAgreement bit.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(400, NULL,'11.3.2.1.3','No other Key Usage bits are set.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(401, NULL,'11.3.2.2','The private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(402, NULL,'11.3.2.3','Exponent of the RSA asymmetric key for key management is equal to 65,537.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(403, NULL,'11.3.2.4','policyIdentifier field in the certificatePolicies extension asserts one of the following: id-fpki-common-hardware or id-fpki-common-High.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(404, NULL,'11.3.2.5','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(405, NULL,'11.3.2.5.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(406, NULL,'11.3.2.5.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(407, NULL,'11.3.2.6','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(408, NULL,'11.3.2.6.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(409, NULL,'11.3.2.6.2','authorityInfoAccess field contains an id-ad-caIssuers','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(410, NULL,'11.3.2.6.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(411, NULL,'11.3.2.6.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(412, NULL,'11.3.2.6.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(413, NULL,'11.4','Card Authentication Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(414, NULL,'11.4.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(415, NULL,'11.4.1.1','If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(416, NULL,'11.4.1.2','The card authentication key is generated using the allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(417, NULL,'11.4.1.3','The key sizes used are in accordance with Table 3-1 of SP80078.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(418, NULL,'11.4.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(419, NULL,'11.4.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(420, NULL,'11.4.2.1.1','Key Usage extension is present','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(421, NULL,'11.4.2.1.2','The digitalSignature bit has been set.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(422, NULL,'11.4.2.1.3','No other bits have been set.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(423, NULL,'11.4.2.2','policyIdentifier field in the certificatePolicies extension asserts id-fpki-common-cardAuth.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(424, NULL,'11.4.2.3','Extended Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(425, NULL,'11.4.2.3.1','Extended key usage (extKeyUsage) extension is present and maked critical','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(426, NULL,'11.4.2.3.2','Extended key usage (extKeyUsage) extension asserts id-PIV-cardAuth','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(427, NULL,'11.4.2.3.3','Extended key usage extension does not assert any other OIDs.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(428, NULL,'11.4.2.4','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(429, NULL,'11.4.2.4.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(430, NULL,'11.4.2.4.2','authorityInfoAccess field contains an id-ad-ocsp','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(431, NULL,'11.4.2.4.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(432, NULL,'11.4.2.4.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(433, NULL,'11.4.2.6','The private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(434, NULL,'11.4.2.7','Subject Alternate Name','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(435, NULL,'11.4.2.7.2','GeneralName field exists that contain a URI asserting a Card UUID as specified by [RFC4122, Section 3] that matches the GUID value in the CHUID.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(436, NULL,'11.4.2.7.3','No other name forms appear in the subjectAltName extension.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(437, NULL,'11.4.2.8','Exponent of the RSA asymmetric key for key management is equal to 65,537.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(438, NULL,'11.4.2.9','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(439, NULL,'11.4.2.9.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(440, NULL,'11.4.2.9.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(441, NULL,'11.4.2.10','Authority Information Access (85B-4)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(442, NULL,'11.4.2.10.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(443, NULL,'11.5','Secure Messaging Card Verifiable Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(444, NULL,'11.5.1','Secure Messaging CVC Profile Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(445, NULL,'11.5.2','Algorithm Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(446, NULL,'11.5.3','Data Integrity Checks','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(447, NULL,'11.6','Intermediate Card Verifiable Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(448, NULL,'11.6.1','Intermediate CVC Profile Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(449, NULL,'11.6.2','Algorithm Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(450, NULL,'11.7','X.509 Certificate for Content Signing','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(451, NULL,'11.7.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(452, NULL,'11.7.1.1','If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(453, NULL,'11.7.1.2','The card authentication key is generated using the allowed asymmetric key algorithm.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(454, NULL,'11.7.1.3','The key sizes used are in accordance with Table 3-1 of SP80078.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(455, NULL,'11.7.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(456, NULL,'11.7.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(457, NULL,'11.7.2.1.1','digitalSignature and nonRepudiation bits have been set','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(458, NULL,'11.7.2.1.2','No other bits have been set.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(459, NULL,'11.7.2.2','X.509 Certificate for Content Signing is not expired.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(460, NULL,'11.7.2.3','Exponent of the RSA asymmetric key for the X.509 Certificate for Content Signing is equal to 65,537.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(461, NULL,'11.7.2.4','Certificate Policy and Extended Key Usage','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(462, NULL,'11.7.2.4.1','policyIdentifier field in the certificatePolicies extension asserts the id-fpki-common-piv-contentSigning policy of [COMMON] (OID = 2.16.840.1.101.3.2.1.3.39)','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(463, NULL,'11.7.2.4.2','extended key usage (extKeyUsage) asserts id-PIV-content-signing.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(464, NULL,'11.7.2.5','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(465, NULL,'11.7.2.5.1','URI is present with the http scheme.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(466, NULL,'11.7.2.5.2','URI points only to files with .crl extensions.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(467, NULL,'11.7.2.6','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(468, NULL,'11.7.2.6.1','authorityInformationAccess extension is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(469, NULL,'11.7.2.6.2','authorityInfoAccess field contains an id-ad-caIssuers','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(470, NULL,'11.7.2.6.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(471, NULL,'11.7.2.6.4','URI scheme is http (not https)','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(472, NULL,'11.7.2.6.5','File contains a CMS a certs-only CMS message (see RFC 3851).','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestsToSteps" VALUES(1, 1,4,0,NULL); -INSERT INTO "TestsToSteps" VALUES(2, 2,5,0,NULL); -INSERT INTO "TestsToSteps" VALUES(3, 3,6,0,NULL); -INSERT INTO "TestsToSteps" VALUES(4, 4,7,0,NULL); -INSERT INTO "TestsToSteps" VALUES(5, 6,8,0,NULL); -INSERT INTO "TestsToSteps" VALUES(6, 7,9,0,NULL); -INSERT INTO "TestsToSteps" VALUES(7, 8,10,0,NULL); -INSERT INTO "TestsToSteps" VALUES(8, 9,11,0,NULL); -INSERT INTO "TestsToSteps" VALUES(9, 10,12,0,NULL); -INSERT INTO "TestsToSteps" VALUES(10, 28,13,0,NULL); -INSERT INTO "TestsToSteps" VALUES(11, 11,14,0,NULL); -INSERT INTO "TestsToSteps" VALUES(12, 1,17,0,NULL); -INSERT INTO "TestsToSteps" VALUES(13, 2,18,0,NULL); -INSERT INTO "TestsToSteps" VALUES(14, 3,19,0,NULL); -INSERT INTO "TestsToSteps" VALUES(15, 4,20,0,NULL); -INSERT INTO "TestsToSteps" VALUES(16, 13,21,0,NULL); -INSERT INTO "TestsToSteps" VALUES(17, 15,22,0,NULL); -INSERT INTO "TestsToSteps" VALUES(18, 47,23,0,NULL); -INSERT INTO "TestsToSteps" VALUES(19, 16,24,0,NULL); -INSERT INTO "TestsToSteps" VALUES(20, 48,25,0,NULL); -INSERT INTO "TestsToSteps" VALUES(21, 49,26,0,NULL); -INSERT INTO "TestsToSteps" VALUES(22, 50,27,0,NULL); -INSERT INTO "TestsToSteps" VALUES(23, 51,28,0,NULL); -INSERT INTO "TestsToSteps" VALUES(24, 18,29,0,NULL); -INSERT INTO "TestsToSteps" VALUES(25, 19,30,0,NULL); -INSERT INTO "TestsToSteps" VALUES(26, 52,31,0,NULL); -INSERT INTO "TestsToSteps" VALUES(27, 53,32,0,NULL); -INSERT INTO "TestsToSteps" VALUES(28, 54,33,0,NULL); -INSERT INTO "TestsToSteps" VALUES(29, 55,34,0,NULL); -INSERT INTO "TestsToSteps" VALUES(30, 14,35,0,NULL); -INSERT INTO "TestsToSteps" VALUES(31, 22,36,0,NULL); -INSERT INTO "TestsToSteps" VALUES(32, 20,37,0,NULL); -INSERT INTO "TestsToSteps" VALUES(33, 21,38,0,NULL); -INSERT INTO "TestsToSteps" VALUES(34, 18,39,0,NULL); -INSERT INTO "TestsToSteps" VALUES(35, 29,40,0,NULL); -INSERT INTO "TestsToSteps" VALUES(36, 28,41,0,NULL); -INSERT INTO "TestsToSteps" VALUES(37, 1,44,0,NULL); -INSERT INTO "TestsToSteps" VALUES(38, 2,45,0,NULL); -INSERT INTO "TestsToSteps" VALUES(39, 3,46,0,NULL); -INSERT INTO "TestsToSteps" VALUES(40, 4,47,0,NULL); -INSERT INTO "TestsToSteps" VALUES(41, 60,48,0,NULL); -INSERT INTO "TestsToSteps" VALUES(42, 24,49,0,NULL); -INSERT INTO "TestsToSteps" VALUES(43, 25,50,0,NULL); -INSERT INTO "TestsToSteps" VALUES(44, 26,51,0,NULL); -INSERT INTO "TestsToSteps" VALUES(45, 27,52,0,NULL); -INSERT INTO "TestsToSteps" VALUES(46, 28,53,0,NULL); -INSERT INTO "TestsToSteps" VALUES(47, 1,56,0,NULL); -INSERT INTO "TestsToSteps" VALUES(48, 2,57,0,NULL); -INSERT INTO "TestsToSteps" VALUES(49, 3,58,0,NULL); -INSERT INTO "TestsToSteps" VALUES(50, 4,59,0,NULL); -INSERT INTO "TestsToSteps" VALUES(51, 29,60,0,NULL); -INSERT INTO "TestsToSteps" VALUES(52, 86,61,0,NULL); -INSERT INTO "TestsToSteps" VALUES(53, 87,62,0,NULL); -INSERT INTO "TestsToSteps" VALUES(54, 84,63,0,NULL); -INSERT INTO "TestsToSteps" VALUES(55, 28,64,0,NULL); -INSERT INTO "TestsToSteps" VALUES(56, 1,67,0,NULL); -INSERT INTO "TestsToSteps" VALUES(57, 2,68,0,NULL); -INSERT INTO "TestsToSteps" VALUES(58, 3,69,0,NULL); -INSERT INTO "TestsToSteps" VALUES(59, 4,70,0,NULL); -INSERT INTO "TestsToSteps" VALUES(60, 32,71,0,NULL); -INSERT INTO "TestsToSteps" VALUES(61, 33,72,0,NULL); -INSERT INTO "TestsToSteps" VALUES(62, 56,73,0,NULL); -INSERT INTO "TestsToSteps" VALUES(63, 57,74,0,NULL); -INSERT INTO "TestsToSteps" VALUES(64, 34,75,0,NULL); -INSERT INTO "TestsToSteps" VALUES(65, 35,76,0,NULL); -INSERT INTO "TestsToSteps" VALUES(66, 36,77,0,NULL); -INSERT INTO "TestsToSteps" VALUES(67, 28,78,0,NULL); -INSERT INTO "TestsToSteps" VALUES(68, 1,81,0,NULL); -INSERT INTO "TestsToSteps" VALUES(69, 2,82,0,NULL); -INSERT INTO "TestsToSteps" VALUES(70, 3,83,0,NULL); -INSERT INTO "TestsToSteps" VALUES(71, 4,84,0,NULL); -INSERT INTO "TestsToSteps" VALUES(72, 37,85,0,NULL); -INSERT INTO "TestsToSteps" VALUES(73, 30,86,0,NULL); -INSERT INTO "TestsToSteps" VALUES(74, 31,87,0,NULL); -INSERT INTO "TestsToSteps" VALUES(75, 28,88,0,NULL); -INSERT INTO "TestsToSteps" VALUES(76, 1,91,0,NULL); -INSERT INTO "TestsToSteps" VALUES(77, 2,92,0,NULL); -INSERT INTO "TestsToSteps" VALUES(78, 3,93,0,NULL); -INSERT INTO "TestsToSteps" VALUES(79, 4,94,0,NULL); -INSERT INTO "TestsToSteps" VALUES(80, 60,95,0,NULL); -INSERT INTO "TestsToSteps" VALUES(81, 24,96,0,NULL); -INSERT INTO "TestsToSteps" VALUES(82, 25,97,0,NULL); -INSERT INTO "TestsToSteps" VALUES(83, 27,98,0,NULL); -INSERT INTO "TestsToSteps" VALUES(84, 26,99,0,NULL); -INSERT INTO "TestsToSteps" VALUES(85, 28,100,0,NULL); -INSERT INTO "TestsToSteps" VALUES(86, 1,103,0,NULL); -INSERT INTO "TestsToSteps" VALUES(87, 2,104,0,NULL); -INSERT INTO "TestsToSteps" VALUES(88, 3,105,0,NULL); -INSERT INTO "TestsToSteps" VALUES(89, 4,106,0,NULL); -INSERT INTO "TestsToSteps" VALUES(90, 60,107,0,NULL); -INSERT INTO "TestsToSteps" VALUES(91, 24,108,0,NULL); -INSERT INTO "TestsToSteps" VALUES(92, 25,109,0,NULL); -INSERT INTO "TestsToSteps" VALUES(93, 26,110,0,NULL); -INSERT INTO "TestsToSteps" VALUES(94, 27,111,0,NULL); -INSERT INTO "TestsToSteps" VALUES(95, 28,112,0,NULL); -INSERT INTO "TestsToSteps" VALUES(96, 1,115,0,NULL); -INSERT INTO "TestsToSteps" VALUES(97, 2,116,0,NULL); -INSERT INTO "TestsToSteps" VALUES(98, 3,117,0,NULL); -INSERT INTO "TestsToSteps" VALUES(99, 4,118,0,NULL); -INSERT INTO "TestsToSteps" VALUES(100, 60,119,0,NULL); -INSERT INTO "TestsToSteps" VALUES(101, 24,120,0,NULL); -INSERT INTO "TestsToSteps" VALUES(102, 25,121,0,NULL); -INSERT INTO "TestsToSteps" VALUES(103, 26,122,0,NULL); -INSERT INTO "TestsToSteps" VALUES(104, 27,123,0,NULL); -INSERT INTO "TestsToSteps" VALUES(105, 28,124,0,NULL); -INSERT INTO "TestsToSteps" VALUES(106, 1,127,0,NULL); -INSERT INTO "TestsToSteps" VALUES(107, 2,128,0,NULL); -INSERT INTO "TestsToSteps" VALUES(108, 3,129,0,NULL); -INSERT INTO "TestsToSteps" VALUES(109, 4,130,0,NULL); -INSERT INTO "TestsToSteps" VALUES(110, 38,131,0,NULL); -INSERT INTO "TestsToSteps" VALUES(111, 39,132,0,NULL); -INSERT INTO "TestsToSteps" VALUES(112, 58,133,0,NULL); -INSERT INTO "TestsToSteps" VALUES(113, 40,134,0,NULL); -INSERT INTO "TestsToSteps" VALUES(114, 41,135,0,NULL); -INSERT INTO "TestsToSteps" VALUES(115, 1,138,0,NULL); -INSERT INTO "TestsToSteps" VALUES(116, 2,139,0,NULL); -INSERT INTO "TestsToSteps" VALUES(117, 3,140,0,NULL); -INSERT INTO "TestsToSteps" VALUES(118, 4,141,0,NULL); -INSERT INTO "TestsToSteps" VALUES(119, 44,142,0,NULL); -INSERT INTO "TestsToSteps" VALUES(120, 45,143,0,NULL); -INSERT INTO "TestsToSteps" VALUES(121, 59,144,0,NULL); -INSERT INTO "TestsToSteps" VALUES(122, 170,145,0,NULL); -INSERT INTO "TestsToSteps" VALUES(123, 46,146,0,NULL); -INSERT INTO "TestsToSteps" VALUES(124, 43,147,0,NULL); -INSERT INTO "TestsToSteps" VALUES(125, 170,150,0,NULL); -INSERT INTO "TestsToSteps" VALUES(126, 170,151,0,NULL); -INSERT INTO "TestsToSteps" VALUES(127, 170,152,0,NULL); -INSERT INTO "TestsToSteps" VALUES(128, 61,159,0,NULL); -INSERT INTO "TestsToSteps" VALUES(129, 62,160,0,NULL); -INSERT INTO "TestsToSteps" VALUES(130, 63,161,0,NULL); -INSERT INTO "TestsToSteps" VALUES(131, 109,162,0,NULL); -INSERT INTO "TestsToSteps" VALUES(132, 64,163,0,NULL); -INSERT INTO "TestsToSteps" VALUES(133, 65,165,0,NULL); -INSERT INTO "TestsToSteps" VALUES(134, 66,166,0,NULL); -INSERT INTO "TestsToSteps" VALUES(135, 67,167,0,NULL); -INSERT INTO "TestsToSteps" VALUES(136, 99,168,0,NULL); -INSERT INTO "TestsToSteps" VALUES(137, 100,169,0,NULL); -INSERT INTO "TestsToSteps" VALUES(138, 64,170,0,NULL); -INSERT INTO "TestsToSteps" VALUES(139, 102,171,0,NULL); -INSERT INTO "TestsToSteps" VALUES(140, 103,172,0,NULL); -INSERT INTO "TestsToSteps" VALUES(141, 104,173,0,NULL); -INSERT INTO "TestsToSteps" VALUES(142, 105,174,0,NULL); -INSERT INTO "TestsToSteps" VALUES(143, 107,175,0,NULL); -INSERT INTO "TestsToSteps" VALUES(144, 61,178,0,NULL); -INSERT INTO "TestsToSteps" VALUES(145, 62,179,0,NULL); -INSERT INTO "TestsToSteps" VALUES(146, 63,180,0,NULL); -INSERT INTO "TestsToSteps" VALUES(147, 109,181,0,NULL); -INSERT INTO "TestsToSteps" VALUES(148, 65,183,0,NULL); -INSERT INTO "TestsToSteps" VALUES(149, 66,184,0,NULL); -INSERT INTO "TestsToSteps" VALUES(150, 67,185,0,NULL); -INSERT INTO "TestsToSteps" VALUES(151, 99,186,0,NULL); -INSERT INTO "TestsToSteps" VALUES(152, 100,187,0,NULL); -INSERT INTO "TestsToSteps" VALUES(153, 64,188,0,NULL); -INSERT INTO "TestsToSteps" VALUES(154, 102,189,0,NULL); -INSERT INTO "TestsToSteps" VALUES(155, 103,190,0,NULL); -INSERT INTO "TestsToSteps" VALUES(156, 104,191,0,NULL); -INSERT INTO "TestsToSteps" VALUES(157, 105,192,0,NULL); -INSERT INTO "TestsToSteps" VALUES(158, 107,193,0,NULL); -INSERT INTO "TestsToSteps" VALUES(159, 61,196,0,NULL); -INSERT INTO "TestsToSteps" VALUES(160, 62,197,0,NULL); -INSERT INTO "TestsToSteps" VALUES(161, 63,198,0,NULL); -INSERT INTO "TestsToSteps" VALUES(162, 109,199,0,NULL); -INSERT INTO "TestsToSteps" VALUES(163, 65,201,0,NULL); -INSERT INTO "TestsToSteps" VALUES(164, 66,202,0,NULL); -INSERT INTO "TestsToSteps" VALUES(165, 67,203,0,NULL); -INSERT INTO "TestsToSteps" VALUES(166, 99,204,0,NULL); -INSERT INTO "TestsToSteps" VALUES(167, 100,205,0,NULL); -INSERT INTO "TestsToSteps" VALUES(168, 64,206,0,NULL); -INSERT INTO "TestsToSteps" VALUES(169, 102,207,0,NULL); -INSERT INTO "TestsToSteps" VALUES(170, 103,208,0,NULL); -INSERT INTO "TestsToSteps" VALUES(171, 104,209,0,NULL); -INSERT INTO "TestsToSteps" VALUES(172, 105,210,0,NULL); -INSERT INTO "TestsToSteps" VALUES(173, 107,211,0,NULL); -INSERT INTO "TestsToSteps" VALUES(174, 69,214,0,NULL); -INSERT INTO "TestsToSteps" VALUES(175, 61,215,0,NULL); -INSERT INTO "TestsToSteps" VALUES(176, 71,216,0,NULL); -INSERT INTO "TestsToSteps" VALUES(177, 72,217,0,NULL); -INSERT INTO "TestsToSteps" VALUES(178, 72,218,0,NULL); -INSERT INTO "TestsToSteps" VALUES(179, 73,219,0,NULL); -INSERT INTO "TestsToSteps" VALUES(180, 74,220,0,NULL); -INSERT INTO "TestsToSteps" VALUES(181, 170,221,0,NULL); -INSERT INTO "TestsToSteps" VALUES(182, 170,222,0,NULL); -INSERT INTO "TestsToSteps" VALUES(183, 77,223,0,NULL); -INSERT INTO "TestsToSteps" VALUES(184, 78,224,0,NULL); -INSERT INTO "TestsToSteps" VALUES(185, 79,225,0,NULL); -INSERT INTO "TestsToSteps" VALUES(186, 80,227,0,NULL); -INSERT INTO "TestsToSteps" VALUES(187, 62,228,0,NULL); -INSERT INTO "TestsToSteps" VALUES(188, 82,229,0,NULL); -INSERT INTO "TestsToSteps" VALUES(189, 83,230,0,NULL); -INSERT INTO "TestsToSteps" VALUES(190, 108,231,0,NULL); -INSERT INTO "TestsToSteps" VALUES(191, 84,232,0,NULL); -INSERT INTO "TestsToSteps" VALUES(192, 85,233,0,NULL); -INSERT INTO "TestsToSteps" VALUES(193, 86,234,0,NULL); -INSERT INTO "TestsToSteps" VALUES(194, 87,235,0,NULL); -INSERT INTO "TestsToSteps" VALUES(195, 88,236,0,NULL); -INSERT INTO "TestsToSteps" VALUES(196, 89,237,0,NULL); -INSERT INTO "TestsToSteps" VALUES(197, 85,239,0,NULL); -INSERT INTO "TestsToSteps" VALUES(198, 89,240,0,NULL); -INSERT INTO "TestsToSteps" VALUES(199, 170,242,0,NULL); -INSERT INTO "TestsToSteps" VALUES(200, 90,245,0,NULL); -INSERT INTO "TestsToSteps" VALUES(201, 63,246,0,NULL); -INSERT INTO "TestsToSteps" VALUES(202, 92,247,0,NULL); -INSERT INTO "TestsToSteps" VALUES(203, 93,248,0,NULL); -INSERT INTO "TestsToSteps" VALUES(204, 170,250,0,NULL); -INSERT INTO "TestsToSteps" VALUES(205, 170,251,0,NULL); -INSERT INTO "TestsToSteps" VALUES(206, 170,252,0,NULL); -INSERT INTO "TestsToSteps" VALUES(207, 170,253,0,NULL); -INSERT INTO "TestsToSteps" VALUES(208, 170,255,0,NULL); -INSERT INTO "TestsToSteps" VALUES(209, 170,256,0,NULL); -INSERT INTO "TestsToSteps" VALUES(210, 110,260,0,NULL); -INSERT INTO "TestsToSteps" VALUES(211, 111,261,0,NULL); -INSERT INTO "TestsToSteps" VALUES(212, 112,262,0,NULL); -INSERT INTO "TestsToSteps" VALUES(213, 114,263,0,NULL); -INSERT INTO "TestsToSteps" VALUES(214, 115,264,0,NULL); -INSERT INTO "TestsToSteps" VALUES(215, 116,265,0,NULL); -INSERT INTO "TestsToSteps" VALUES(216, 117,266,0,NULL); -INSERT INTO "TestsToSteps" VALUES(217, 113,267,0,NULL); -INSERT INTO "TestsToSteps" VALUES(218, 133,268,0,NULL); -INSERT INTO "TestsToSteps" VALUES(219, 120,269,0,NULL); -INSERT INTO "TestsToSteps" VALUES(220, 121,270,0,NULL); -INSERT INTO "TestsToSteps" VALUES(221, 122,271,0,NULL); -INSERT INTO "TestsToSteps" VALUES(222, 123,272,0,NULL); -INSERT INTO "TestsToSteps" VALUES(223, 110,275,0,NULL); -INSERT INTO "TestsToSteps" VALUES(224, 111,276,0,NULL); -INSERT INTO "TestsToSteps" VALUES(225, 112,277,0,NULL); -INSERT INTO "TestsToSteps" VALUES(226, 114,278,0,NULL); -INSERT INTO "TestsToSteps" VALUES(227, 115,279,0,NULL); -INSERT INTO "TestsToSteps" VALUES(228, 116,280,0,NULL); -INSERT INTO "TestsToSteps" VALUES(229, 117,281,0,NULL); -INSERT INTO "TestsToSteps" VALUES(230, 118,282,0,NULL); -INSERT INTO "TestsToSteps" VALUES(231, 131,284,0,NULL); -INSERT INTO "TestsToSteps" VALUES(232, 133,285,0,NULL); -INSERT INTO "TestsToSteps" VALUES(233, 120,286,0,NULL); -INSERT INTO "TestsToSteps" VALUES(234, 121,287,0,NULL); -INSERT INTO "TestsToSteps" VALUES(235, 122,288,0,NULL); -INSERT INTO "TestsToSteps" VALUES(236, 123,289,0,NULL); -INSERT INTO "TestsToSteps" VALUES(237, 124,290,0,NULL); -INSERT INTO "TestsToSteps" VALUES(238, 138,291,0,NULL); -INSERT INTO "TestsToSteps" VALUES(239, 110,294,0,NULL); -INSERT INTO "TestsToSteps" VALUES(240, 111,295,0,NULL); -INSERT INTO "TestsToSteps" VALUES(241, 112,296,0,NULL); -INSERT INTO "TestsToSteps" VALUES(242, 114,297,0,NULL); -INSERT INTO "TestsToSteps" VALUES(243, 115,298,0,NULL); -INSERT INTO "TestsToSteps" VALUES(244, 116,299,0,NULL); -INSERT INTO "TestsToSteps" VALUES(245, 117,300,0,NULL); -INSERT INTO "TestsToSteps" VALUES(246, 118,301,0,NULL); -INSERT INTO "TestsToSteps" VALUES(247, 131,302,0,NULL); -INSERT INTO "TestsToSteps" VALUES(248, 133,303,0,NULL); -INSERT INTO "TestsToSteps" VALUES(249, 120,304,0,NULL); -INSERT INTO "TestsToSteps" VALUES(250, 121,305,0,NULL); -INSERT INTO "TestsToSteps" VALUES(251, 122,306,0,NULL); -INSERT INTO "TestsToSteps" VALUES(252, 123,307,0,NULL); -INSERT INTO "TestsToSteps" VALUES(253, 124,308,0,NULL); -INSERT INTO "TestsToSteps" VALUES(254, 138,309,0,NULL); -INSERT INTO "TestsToSteps" VALUES(255, 42,312,0,NULL); -INSERT INTO "TestsToSteps" VALUES(256, 119,314,0,NULL); -INSERT INTO "TestsToSteps" VALUES(257, 126,315,0,NULL); -INSERT INTO "TestsToSteps" VALUES(258, 127,316,0,NULL); -INSERT INTO "TestsToSteps" VALUES(259, 128,317,0,NULL); -INSERT INTO "TestsToSteps" VALUES(260, 129,318,0,NULL); -INSERT INTO "TestsToSteps" VALUES(261, 131,319,0,NULL); -INSERT INTO "TestsToSteps" VALUES(262, 122,320,0,NULL); -INSERT INTO "TestsToSteps" VALUES(263, 123,321,0,NULL); -INSERT INTO "TestsToSteps" VALUES(264, 110,324,0,NULL); -INSERT INTO "TestsToSteps" VALUES(265, 111,325,0,NULL); -INSERT INTO "TestsToSteps" VALUES(266, 113,326,0,NULL); -INSERT INTO "TestsToSteps" VALUES(267, 114,327,0,NULL); -INSERT INTO "TestsToSteps" VALUES(268, 115,328,0,NULL); -INSERT INTO "TestsToSteps" VALUES(269, 116,329,0,NULL); -INSERT INTO "TestsToSteps" VALUES(270, 117,330,0,NULL); -INSERT INTO "TestsToSteps" VALUES(271, 118,331,0,NULL); -INSERT INTO "TestsToSteps" VALUES(272, 131,332,0,NULL); -INSERT INTO "TestsToSteps" VALUES(273, 133,333,0,NULL); -INSERT INTO "TestsToSteps" VALUES(274, 120,334,0,NULL); -INSERT INTO "TestsToSteps" VALUES(275, 121,335,0,NULL); -INSERT INTO "TestsToSteps" VALUES(276, 122,336,0,NULL); -INSERT INTO "TestsToSteps" VALUES(277, 123,337,0,NULL); -INSERT INTO "TestsToSteps" VALUES(278, 124,338,0,NULL); -INSERT INTO "TestsToSteps" VALUES(279, 138,339,0,NULL); -INSERT INTO "TestsToSteps" VALUES(280, 141,343,0,NULL); -INSERT INTO "TestsToSteps" VALUES(281, 139,344,0,NULL); -INSERT INTO "TestsToSteps" VALUES(282, 139,345,0,NULL); -INSERT INTO "TestsToSteps" VALUES(283, 144,347,0,NULL); -INSERT INTO "TestsToSteps" VALUES(284, 145,348,0,NULL); -INSERT INTO "TestsToSteps" VALUES(285, 146,349,0,NULL); -INSERT INTO "TestsToSteps" VALUES(286, 147,350,0,NULL); -INSERT INTO "TestsToSteps" VALUES(287, 148,352,0,NULL); -INSERT INTO "TestsToSteps" VALUES(288, 149,353,0,NULL); -INSERT INTO "TestsToSteps" VALUES(289, 164,354,0,NULL); -INSERT INTO "TestsToSteps" VALUES(290, 152,355,0,NULL); -INSERT INTO "TestsToSteps" VALUES(291, 168,357,0,NULL); -INSERT INTO "TestsToSteps" VALUES(292, 154,358,0,NULL); -INSERT INTO "TestsToSteps" VALUES(293, 155,359,0,NULL); -INSERT INTO "TestsToSteps" VALUES(294, 150,361,0,NULL); -INSERT INTO "TestsToSteps" VALUES(295, 165,362,0,NULL); -INSERT INTO "TestsToSteps" VALUES(296, 148,364,0,NULL); -INSERT INTO "TestsToSteps" VALUES(297, 163,365,0,NULL); -INSERT INTO "TestsToSteps" VALUES(298, 150,366,0,NULL); -INSERT INTO "TestsToSteps" VALUES(299, 164,367,0,NULL); -INSERT INTO "TestsToSteps" VALUES(300, 166,368,0,NULL); -INSERT INTO "TestsToSteps" VALUES(301, 141,371,0,NULL); -INSERT INTO "TestsToSteps" VALUES(302, 139,372,0,NULL); -INSERT INTO "TestsToSteps" VALUES(303, 139,373,0,NULL); -INSERT INTO "TestsToSteps" VALUES(304, 143,376,0,NULL); -INSERT INTO "TestsToSteps" VALUES(305, 156,377,0,NULL); -INSERT INTO "TestsToSteps" VALUES(306, 152,378,0,NULL); -INSERT INTO "TestsToSteps" VALUES(307, 154,379,0,NULL); -INSERT INTO "TestsToSteps" VALUES(308, 155,380,0,NULL); -INSERT INTO "TestsToSteps" VALUES(309, 147,381,0,NULL); -INSERT INTO "TestsToSteps" VALUES(310, 150,383,0,NULL); -INSERT INTO "TestsToSteps" VALUES(311, 165,384,0,NULL); -INSERT INTO "TestsToSteps" VALUES(312, 148,386,0,NULL); -INSERT INTO "TestsToSteps" VALUES(313, 163,387,0,NULL); -INSERT INTO "TestsToSteps" VALUES(314, 150,388,0,NULL); -INSERT INTO "TestsToSteps" VALUES(315, 164,389,0,NULL); -INSERT INTO "TestsToSteps" VALUES(316, 166,390,0,NULL); -INSERT INTO "TestsToSteps" VALUES(317, 141,393,0,NULL); -INSERT INTO "TestsToSteps" VALUES(318, 139,394,0,NULL); -INSERT INTO "TestsToSteps" VALUES(319, 139,395,0,NULL); -INSERT INTO "TestsToSteps" VALUES(320, 157,398,0,NULL); -INSERT INTO "TestsToSteps" VALUES(321, 158,399,0,NULL); -INSERT INTO "TestsToSteps" VALUES(322, 145,400,0,NULL); -INSERT INTO "TestsToSteps" VALUES(323, 152,401,0,NULL); -INSERT INTO "TestsToSteps" VALUES(324, 155,402,0,NULL); -INSERT INTO "TestsToSteps" VALUES(325, 147,403,0,NULL); -INSERT INTO "TestsToSteps" VALUES(326, 150,405,0,NULL); -INSERT INTO "TestsToSteps" VALUES(327, 165,406,0,NULL); -INSERT INTO "TestsToSteps" VALUES(328, 148,408,0,NULL); -INSERT INTO "TestsToSteps" VALUES(329, 163,409,0,NULL); -INSERT INTO "TestsToSteps" VALUES(330, 150,410,0,NULL); -INSERT INTO "TestsToSteps" VALUES(331, 164,411,0,NULL); -INSERT INTO "TestsToSteps" VALUES(332, 166,412,0,NULL); -INSERT INTO "TestsToSteps" VALUES(333, 141,415,0,NULL); -INSERT INTO "TestsToSteps" VALUES(334, 139,416,0,NULL); -INSERT INTO "TestsToSteps" VALUES(335, 139,417,0,NULL); -INSERT INTO "TestsToSteps" VALUES(336, 143,420,0,NULL); -INSERT INTO "TestsToSteps" VALUES(337, 144,421,0,NULL); -INSERT INTO "TestsToSteps" VALUES(338, 145,422,0,NULL); -INSERT INTO "TestsToSteps" VALUES(339, 147,423,0,NULL); -INSERT INTO "TestsToSteps" VALUES(340, 160,425,0,NULL); -INSERT INTO "TestsToSteps" VALUES(341, 161,426,0,NULL); -INSERT INTO "TestsToSteps" VALUES(342, 161,427,0,NULL); -INSERT INTO "TestsToSteps" VALUES(343, 148,429,0,NULL); -INSERT INTO "TestsToSteps" VALUES(344, 149,430,0,NULL); -INSERT INTO "TestsToSteps" VALUES(345, 150,431,0,NULL); -INSERT INTO "TestsToSteps" VALUES(346, 150,432,0,NULL); -INSERT INTO "TestsToSteps" VALUES(347, 152,433,0,NULL); -INSERT INTO "TestsToSteps" VALUES(348, 168,435,0,NULL); -INSERT INTO "TestsToSteps" VALUES(349, 169,436,0,NULL); -INSERT INTO "TestsToSteps" VALUES(350, 155,437,0,NULL); -INSERT INTO "TestsToSteps" VALUES(351, 150,439,0,NULL); -INSERT INTO "TestsToSteps" VALUES(352, 165,440,0,NULL); -INSERT INTO "TestsToSteps" VALUES(353, 166,442,0,NULL); -INSERT INTO "TestsToSteps" VALUES(354, 141,452,0,NULL); -INSERT INTO "TestsToSteps" VALUES(355, 139,453,0,NULL); -INSERT INTO "TestsToSteps" VALUES(356, 139,454,0,NULL); -INSERT INTO "TestsToSteps" VALUES(357, 144,457,0,NULL); -INSERT INTO "TestsToSteps" VALUES(358, 145,458,0,NULL); -INSERT INTO "TestsToSteps" VALUES(359, 167,459,0,NULL); -INSERT INTO "TestsToSteps" VALUES(360, 155,460,0,NULL); -INSERT INTO "TestsToSteps" VALUES(361, 147,462,0,NULL); -INSERT INTO "TestsToSteps" VALUES(362, 161,463,0,NULL); -INSERT INTO "TestsToSteps" VALUES(363, 150,465,0,NULL); -INSERT INTO "TestsToSteps" VALUES(364, 165,466,0,NULL); -INSERT INTO "TestsToSteps" VALUES(365, 148,468,0,NULL); -INSERT INTO "TestsToSteps" VALUES(366, 149,469,0,NULL); -INSERT INTO "TestsToSteps" VALUES(367, 150,470,0,NULL); -INSERT INTO "TestsToSteps" VALUES(368, 164,471,0,NULL); -INSERT INTO "TestsToSteps" VALUES(369, 166,472,0,NULL); diff --git a/conformancelib/testdata/PIV-I-GSA_MSO_Cards.xlsx b/conformancelib/testdata/PIV-I-GSA_MSO_Cards.xlsx deleted file mode 100644 index 5c2155bb..00000000 Binary files a/conformancelib/testdata/PIV-I-GSA_MSO_Cards.xlsx and /dev/null differ diff --git a/conformancelib/testdata/PIV-I_Carillon_Cards.db b/conformancelib/testdata/PIV-I_Carillon_Cards.db deleted file mode 100644 index 39506039..00000000 Binary files a/conformancelib/testdata/PIV-I_Carillon_Cards.db and /dev/null differ diff --git a/conformancelib/testdata/PIV-I_Carillon_Cards.sql b/conformancelib/testdata/PIV-I_Carillon_Cards.sql deleted file mode 100644 index 1e12fb7b..00000000 --- a/conformancelib/testdata/PIV-I_Carillon_Cards.sql +++ /dev/null @@ -1,1114 +0,0 @@ --- TestSteps are what we've been referring to as atoms -CREATE TABLE IF NOT EXISTS "TestSteps" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `Description` TEXT, -- column 2 on each tab - `Class` TEXT, -- fully qualified class name - `Method` TEXT, -- method to invoke for the atom - `NumParameters` INTEGER -- parameter count. not really necessary but was briefly helpful, so it's still here -); - --- Map test cases to their atoms -CREATE TABLE IF NOT EXISTS "TestsToSteps" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestStepId` INTEGER, --Foreign key TestSteps.Id - `TestId` INTEGER, --Foreign key TestCases.Id - `ExecutionOrder` INTEGER, --Sequence of atoms for a test case - `Status` INTEGER -- runners can populate with status info to see which step failed -); - --- used to pass parameters to atoms -CREATE TABLE IF NOT EXISTS "TestStepParameters" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestStepId` INTEGER, --TestSteps.Id - `TestId` INTEGER, --TestCases.Id - `Value` TEXT, --Parameter Value - `ParamOrder` TEXT --Parameter order... idea here was one row for each pattern to be passed into a particular invocation of an atom. - --If we settle on a string of key=value for the Value field, this could be OBE -); - --- TestCases is the primary driver of the test runner -CREATE TABLE IF NOT EXISTS "TestCases" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestGroup` TEXT, -- can be filled in to allow selective execution by the runner. not in spreadsheet - `TestCaseIdentifier` TEXT, -- section column on step overview tab - `TestCaseDescription` TEXT, -- description column on step overview tab - `TestCaseContainer` TEXT, -- ID of the container the test case applies to, if necessary - `Status` INTEGER, -- to be populated by runner - `ExpectedStatus` INTEGER, -- everything on the spreadsheet should get 1 here - primarily present to give runners a way to mark tests that should fail - `Enabled` INTEGER -- allows the runner to enable/disable test cases. default to 1 -); - --- Allow runners to create test groups. not in spreadsheet -CREATE TABLE IF NOT EXISTS "TestGroups" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `GroupDescription` TEXT -); - --- Allow runners to create test groups. not in spreadsheet -CREATE TABLE IF NOT EXISTS "GroupsToTestCases" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestGroupId` INTEGER, --TestGroups.Id - `TestCaseId` INTEGER --TestCases.Id -); - --- this isn't really going to be used by the look of things. probably should --- be eliminated, but it's harmless and has been intermittently useful in dev. -CREATE TABLE IF NOT EXISTS "SystemSettings" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `ReaderName` TEXT, - `ApplicationPIN` TEXT, - `OutputDirectory` TEXT, - `SettingsGroup` TEXT, - `GPMasterKey` TEXT -); - -INSERT INTO "TestSteps" VALUES(1,'BERTLV.1','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(2,'BERTLV.2','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(3,'BERTLV.3','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(4,'BERTLV.4','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(5,'BERTLV.5','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(6,'73-4.1','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(7,'73-4.2','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(8,'73-4.3','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(9,'73-4.4','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(10,'73-4.5','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(11,'73-4.6','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(12,'73-4.7','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(13,'73-4.8','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(14,'73-4.9','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(15,'73-4.10','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(16,'73-4.11','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(17,'73-4.12','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(18,'73-4.13','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(19,'73-4.14','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(20,'73-4.15','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(21,'73-4.16','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(22,'73-4.17','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(23,'73-4.18','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(24,'73-4.19','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(25,'73-4.20','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(26,'73-4.21','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(27,'73-4.22','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(28,'73-4.23','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(29,'73-4.24','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(30,'73-4.25','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(31,'73-4.26','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(32,'73-4.27','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(33,'73-4.28','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(34,'73-4.29','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_29',NULL); -INSERT INTO "TestSteps" VALUES(35,'73-4.30','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_30',NULL); -INSERT INTO "TestSteps" VALUES(36,'73-4.31','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_31',NULL); -INSERT INTO "TestSteps" VALUES(37,'73-4.32','gov.gsa.conformancelib.tests.SP800_73_4FacialImageTests','sp800_73_4_Test_32',NULL); -INSERT INTO "TestSteps" VALUES(38,'73-4.33','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_33',NULL); -INSERT INTO "TestSteps" VALUES(39,'73-4.34','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_34',NULL); -INSERT INTO "TestSteps" VALUES(40,'73-4.35','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_35',NULL); -INSERT INTO "TestSteps" VALUES(41,'73-4.36','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_36',NULL); -INSERT INTO "TestSteps" VALUES(42,'73-4.37','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_37',NULL); -INSERT INTO "TestSteps" VALUES(43,'73-4.38','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_38',NULL); -INSERT INTO "TestSteps" VALUES(44,'73-4.40','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_40',NULL); -INSERT INTO "TestSteps" VALUES(45,'73-4.41','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_41',NULL); -INSERT INTO "TestSteps" VALUES(46,'73-4.42','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_42',NULL); -INSERT INTO "TestSteps" VALUES(47,'73-4.43','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_43',NULL); -INSERT INTO "TestSteps" VALUES(48,'73-4.44','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_44',NULL); -INSERT INTO "TestSteps" VALUES(49,'73-4.45','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_45',NULL); -INSERT INTO "TestSteps" VALUES(50,'73-4.46','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_46',NULL); -INSERT INTO "TestSteps" VALUES(51,'73-4.47','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_47',NULL); -INSERT INTO "TestSteps" VALUES(52,'73-4.48','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_48',NULL); -INSERT INTO "TestSteps" VALUES(53,'73-4.49','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_49',NULL); -INSERT INTO "TestSteps" VALUES(54,'73-4.50','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_50',NULL); -INSERT INTO "TestSteps" VALUES(55,'73-4.51','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_51',NULL); -INSERT INTO "TestSteps" VALUES(56,'73-4.52','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_52',NULL); -INSERT INTO "TestSteps" VALUES(57,'73-4.53','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_53',NULL); -INSERT INTO "TestSteps" VALUES(58,'73-4.54','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_54',NULL); -INSERT INTO "TestSteps" VALUES(59,'73-4.55','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_55',NULL); -INSERT INTO "TestSteps" VALUES(60,'73-4.56','gov.gsa.conformancelib.tests.SP800_73_4CommmonObjectTests','sp800_73_4_Test_56',NULL); -INSERT INTO "TestSteps" VALUES(61,'76.1','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_1',NULL); -INSERT INTO "TestSteps" VALUES(62,'76.2','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_2',NULL); -INSERT INTO "TestSteps" VALUES(63,'76.3','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_3',NULL); -INSERT INTO "TestSteps" VALUES(64,'76.4','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_4',NULL); -INSERT INTO "TestSteps" VALUES(65,'76.5','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_5',NULL); -INSERT INTO "TestSteps" VALUES(66,'76.6','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_6',NULL); -INSERT INTO "TestSteps" VALUES(67,'76.7','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_7',NULL); -INSERT INTO "TestSteps" VALUES(68,'76.8','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_8',NULL); -INSERT INTO "TestSteps" VALUES(69,'76.9','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_9',NULL); -INSERT INTO "TestSteps" VALUES(70,'76.10','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_10',NULL); -INSERT INTO "TestSteps" VALUES(71,'76.11','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_11',NULL); -INSERT INTO "TestSteps" VALUES(72,'76.12','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_12',NULL); -INSERT INTO "TestSteps" VALUES(73,'76.13','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_13',NULL); -INSERT INTO "TestSteps" VALUES(74,'76.14','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_14',NULL); -INSERT INTO "TestSteps" VALUES(75,'76.15a','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_15a',NULL); -INSERT INTO "TestSteps" VALUES(76,'76.15b','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_15b',NULL); -INSERT INTO "TestSteps" VALUES(77,'76.16','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_16',NULL); -INSERT INTO "TestSteps" VALUES(78,'76.17','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_17',NULL); -INSERT INTO "TestSteps" VALUES(79,'76.18','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_18',NULL); -INSERT INTO "TestSteps" VALUES(80,'76.19','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_19',NULL); -INSERT INTO "TestSteps" VALUES(81,'76.20','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_20',NULL); -INSERT INTO "TestSteps" VALUES(82,'76.21','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_21',NULL); -INSERT INTO "TestSteps" VALUES(83,'76.22','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_22',NULL); -INSERT INTO "TestSteps" VALUES(84,'76.23','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_23',NULL); -INSERT INTO "TestSteps" VALUES(85,'76.24','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_24',NULL); -INSERT INTO "TestSteps" VALUES(86,'76.25','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_25',NULL); -INSERT INTO "TestSteps" VALUES(87,'76.26','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_26',NULL); -INSERT INTO "TestSteps" VALUES(88,'76.27','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_27',NULL); -INSERT INTO "TestSteps" VALUES(89,'76.28','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_28',NULL); -INSERT INTO "TestSteps" VALUES(90,'76.29','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_29',NULL); -INSERT INTO "TestSteps" VALUES(91,'76.30','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_30',NULL); -INSERT INTO "TestSteps" VALUES(92,'76.31','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_31',NULL); -INSERT INTO "TestSteps" VALUES(93,'76.32','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_32',NULL); -INSERT INTO "TestSteps" VALUES(94,'76.33','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_33',NULL); -INSERT INTO "TestSteps" VALUES(95,'76.34','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_34',NULL); -INSERT INTO "TestSteps" VALUES(96,'76.35','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_35',NULL); -INSERT INTO "TestSteps" VALUES(97,'76.36','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_36',NULL); -INSERT INTO "TestSteps" VALUES(98,'76.37','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_37',NULL); -INSERT INTO "TestSteps" VALUES(99,'76.38','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_38',NULL); -INSERT INTO "TestSteps" VALUES(100,'76.39','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_39',NULL); -INSERT INTO "TestSteps" VALUES(101,'76.40','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_40',NULL); -INSERT INTO "TestSteps" VALUES(102,'76.41','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_41',NULL); -INSERT INTO "TestSteps" VALUES(103,'76.42','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_42',NULL); -INSERT INTO "TestSteps" VALUES(104,'76.43','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_43',NULL); -INSERT INTO "TestSteps" VALUES(105,'76.44','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_44',NULL); -INSERT INTO "TestSteps" VALUES(106,'76.45','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_45',NULL); -INSERT INTO "TestSteps" VALUES(107,'76.46','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_46',NULL); -INSERT INTO "TestSteps" VALUES(108,'76.47','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_47',NULL); -INSERT INTO "TestSteps" VALUES(109,'76.48','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_48',NULL); -INSERT INTO "TestSteps" VALUES(110,'CMS.1','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(111,'CMS.2','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(112,'CMS.3','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(113,'CMS.4','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(114,'CMS.5','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(115,'CMS.6','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(116,'CMS.7','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(117,'CMS.8','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(118,'CMS.9','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(119,'CMS.10','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(120,'CMS.11','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(121,'CMS.12','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(122,'CMS.13','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(123,'CMS.14','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(124,'CMS.15','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(125,'CMS.17','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(126,'CMS.18','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(127,'CMS.19','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(128,'CMS.20','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(129,'CMS.21','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(130,'CMS.22','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(131,'CMS.23','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(132,'CMS.24','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(133,'CMS.25','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(134,'CMS.26','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(135,'CMS.27','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(136,'CMS.28','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(137,'CMS.29','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_29',NULL); -INSERT INTO "TestSteps" VALUES(138,'CMS.30','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_30',NULL); -INSERT INTO "TestSteps" VALUES(139,'78.1','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(140,'78.2','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(141,'78.3','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(142,'PKIX.1','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(143,'PKIX.2','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(144,'PKIX.3','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(145,'PKIX.4','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(146,'PKIX.5','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(147,'PKIX.6','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(148,'PKIX.7','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(149,'PKIX.8','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(150,'PKIX.9','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(151,'PKIX.10','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(152,'PKIX.11','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(153,'PKIX.12','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(154,'PKIX.13','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(155,'PKIX.14','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(156,'PKIX.15','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(157,'PKIX.16','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(158,'PKIX.17','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(159,'PKIX.18','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(160,'PKIX.19','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(161,'PKIX.20','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(162,'PKIX.21','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(163,'PKIX.22','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(164,'PKIX.23','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(165,'PKIX.24','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(166,'PKIX.25','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(167,'PKIX.26','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(168,'PKIX.27','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(169,'PKIX.28','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(170,'PlaceholderTest.1','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_1',NULL); -INSERT INTO "TestSteps" VALUES(171,'PlaceholderTest.2','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_2',NULL); -INSERT INTO "TestSteps" VALUES(172,'PlaceholderTest.3','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_3',NULL); -INSERT INTO "TestStepParameters" VALUES(1, 21,NULL,'6',0); -INSERT INTO "TestStepParameters" VALUES(2, 99,NULL,'CARDHOLDER_FINGERPRINTS_OID:513',0); -INSERT INTO "TestStepParameters" VALUES(3, 99,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:1281',1); -INSERT INTO "TestStepParameters" VALUES(4, 99,NULL,'CARDHOLDER_IRIS_IMAGES_OID:9',2); -INSERT INTO "TestStepParameters" VALUES(5, 102,NULL,'CARDHOLDER_FINGERPRINTS_OID:8',0); -INSERT INTO "TestStepParameters" VALUES(6, 102,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:2',1); -INSERT INTO "TestStepParameters" VALUES(7, 102,NULL,'CARDHOLDER_IRIS_IMAGES_OID:16',2); -INSERT INTO "TestStepParameters" VALUES(8, 103,NULL,'CARDHOLDER_FINGERPRINTS_OID:128',0); -INSERT INTO "TestStepParameters" VALUES(9, 103,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:32:2',1); -INSERT INTO "TestStepParameters" VALUES(10, 103,NULL,'CARDHOLDER_IRIS_IMAGES_OID:64',2); -INSERT INTO "TestStepParameters" VALUES(11, 104,NULL,'-2',0); -INSERT INTO "TestStepParameters" VALUES(12, 104,NULL,'100',1); -INSERT INTO "TestStepParameters" VALUES(13, 114,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID:2.16.840.1.101.3.6.1',0); -INSERT INTO "TestStepParameters" VALUES(14, 114,NULL,'CARDHOLDER_FINGERPRINTS_OID:2.16.840.1.101.3.6.2',1); -INSERT INTO "TestStepParameters" VALUES(15, 114,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:2.16.840.1.101.3.6.2',2); -INSERT INTO "TestStepParameters" VALUES(16, 114,NULL,'CARDHOLDER_IRIS_IMAGES_OID:2.16.840',3); -INSERT INTO "TestStepParameters" VALUES(17, 124,NULL,'2.16.840.1.101.3.8.7',0); -INSERT INTO "TestStepParameters" VALUES(18, 125,NULL,'1.3.6.1.1.16.4',0); -INSERT INTO "TestStepParameters" VALUES(19, 137,NULL,'2.16.840.1.101.3.6.6',0); -INSERT INTO "TestStepParameters" VALUES(20, 138,NULL,'1.3.6.1.1.16.4',0); -INSERT INTO "TestStepParameters" VALUES(21, 147,NULL,'X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID:1.3.6.1.4.1.45606.3.1.3',0); -INSERT INTO "TestStepParameters" VALUES(22, 147,NULL,'X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID:1.3.6.1.4.1.45606.3.1.3',1); -INSERT INTO "TestStepParameters" VALUES(23, 147,NULL,'X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID:1.3.6.1.4.1.45606.3.1.3',2); -INSERT INTO "TestStepParameters" VALUES(24, 147,NULL,'X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID:1.3.6.1.4.1.45606.3.1.21',3); -INSERT INTO "TestStepParameters" VALUES(25, 147,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID:1.3.6.1.4.1.45606.3.1.22',4); -INSERT INTO "TestStepParameters" VALUES(26, 159,NULL,'2.16.840.1.101.3.2.1.3.19',0); -INSERT INTO "TestStepParameters" VALUES(27, 161,NULL,'X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID:2.16.840.1.101.3.6.8',0); -INSERT INTO "TestStepParameters" VALUES(28, 161,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID:2.16.840.1.101.3.8.7',1); -INSERT INTO "TestStepParameters" VALUES(29, 162,NULL,'1.3.6.1.4.1.45606.3.1.22',0); -INSERT INTO "TestStepParameters" VALUES(30, 165,NULL,'2.5.29.31',0); -INSERT INTO "TestStepParameters" VALUES(31, 168,NULL,'1.3.6.1.1.16.4',0); -INSERT INTO "TestStepParameters" VALUES(32, 171,NULL,'1',0); -INSERT INTO "TestStepParameters" VALUES(33, 171,NULL,'2',1); -INSERT INTO "TestStepParameters" VALUES(34, 171,NULL,'3',2); -INSERT INTO "TestStepParameters" VALUES(35, 172,NULL,'CAT:SLEEPY',0); -INSERT INTO "TestStepParameters" VALUES(36, 172,NULL,'DOG:HUNGRY',1); -INSERT INTO "TestStepParameters" VALUES(37, 172,NULL,'ELEPHANT:SAD',2); -INSERT INTO "TestCases" VALUES(1, NULL,'8 BER_TLV','BER-TLV Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(2, NULL,'8.1 CCC','Card Capabilities Container','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(3, NULL,'8.1.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(4, NULL,'8.1.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(5, NULL,'8.1.0.2','Tag encoded as 3 bytes','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(6, NULL,'8.1.0.3','Each data object returned with 2 byte status word (90 00)','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(7, NULL,'8.1.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(8, NULL,'8.1.1','CCC Registered data model element is present and has a value of 0x10.','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(9, NULL,'8.1.2','CCC BERTLV tag is 5FC107','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(10, NULL,'8.1.3','CCC Tags 0xF0, 0xF1, 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7, 0xFA, 0xFB, 0xFC, 0xFD present in that order','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(11, NULL,'8.1.8','CCC Optional Tags 0xE3 and 0xB4 may be present or absent; if present are after tags listed in and are in that order','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(12, NULL,'8.1.9','CCC Tag 0xFE present and after any tags from 73-4.3 and 73-4.4','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(13, NULL,'8.1.10','Confirm that tag 0xFE has length of 0','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(14, NULL,'8.1.11','CCC value lengths comply with Table 8 of SP 800-73-4','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(15, NULL,'8.2 CHUID','Card Holder Unique Identifier','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(16, NULL,'8.2.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(17, NULL,'8.2.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(18, NULL,'8.2.0.2','Tag encoded as 3 bytes','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(19, NULL,'8.2.0.3','Each data object returned with 2 byte status word (90 00)','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(20, NULL,'8.2.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(21, NULL,'8.2.1','CHUID value lengths comply with Table 9 of SP 800-73-4','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(22, NULL,'8.2.2.1','Tag 0x30 is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(23, NULL,'8.2.2.2','Tag 0x30 is the first tag or the first tag following 0xEE','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(24, NULL,'8.2.2.3','Tags 0x32 and 0x33 are optionally present and must follow 0x30 in that order','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(25, NULL,'8.2.2.4','Tag 0x34 is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(26, NULL,'8.2.2.5','Tag 0x34 follows Tag 0x30, 32, or 0x33','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(27, NULL,'8.2.2.6','Tag 0x35 is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(28, NULL,'8.2.2.7','Tag 0x35 follows Tag 0x34','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(29, NULL,'8.2.2.8','Tag 0x36 is optionally present and follows Tag 0x35','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(30, NULL,'8.2.2.9','Tags 0x3E and 0xFE are present and follow tags in that order','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(31, NULL,'8.2.2.10','Tag 0x3E is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(32, NULL,'8.2.2.11','Tag 0x3E follows Tag 0x35 or 0x36','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(33, NULL,'8.2.2.12','Tag 0xFE is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(34, NULL,'8.2.2.13','Tag 0xFE follows Tag 0x3E','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(35, NULL,'8.2.2.14','If CHUID tag 0xEE is present, it is the first tag in the blob','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(36, NULL,'8.2.2.15','No tags other than (0xEE, 0x30, 0x32, 0x33, 0x34, 0x35, 0x36, 0x3E, 0xFE) are present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(37, NULL,'8.2.3','Expiration Date is formatted YYYYMMDD','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(38, NULL,'8.2.4','Expiration Date is within the next 6 years','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(39, NULL,'8.2.5','If the CHUID contains the optional Cardholder UUID, then the data element shall be in accordance with 800 73-4 Part 1 Section 3.4.2.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(40, NULL,'8.2.6','The retired key map is not present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(41, NULL,'8.2.7','Tag 0xFE has length of 0','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(42, NULL,'8.3 Authentication Cert','X.509 Certificate for PIV-I Authentication','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(43, NULL,'8.3.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(44, NULL,'8.3.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(45, NULL,'8.3.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(46, NULL,'8.3.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(47, NULL,'8.3.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(48, NULL,'8.3.1','PIV Authentication Certificate container value lengths comply with Table 10 of SP 800-73-4','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(49, NULL,'8.3.2.1','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(50, NULL,'8.3.2.2','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(51, NULL,'8.3.2.3','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(52, NULL,'8.3.2.4','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(53, NULL,'8.3.2.5','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(54, NULL,'8.4 Fingerprints','Card Holder Fingerprints','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(55, NULL,'8.4.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(56, NULL,'8.4.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(57, NULL,'8.4.0.2','Tag encoded as 3 bytes','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(58, NULL,'8.4.0.3','Each data object returned with 2 byte status word (90 00)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(59, NULL,'8.4.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(60, NULL,'8.4.5','Card Holder Fingerprints value lengths comply with Table 11 of SP 800-73-4','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(61, NULL,'8.4.6','If CHUID tag 0xEE is present, it is the first tag in the blob','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(62, NULL,'8.4.7','Tag 0x30 is present and is the first tag or the first tag following 0xEE','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(63, NULL,'8.4.8','Tags 0x32 and 0x33 are optionally present and must follow 0x30 in that order','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(64, NULL,'8.4.9','Tag 0xFE has length of 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(65, NULL,'8.5 Printed Information','Printed Information','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(66, NULL,'8.5.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(67, NULL,'8.5.0.1','Length field encoded as shown in SP800-85B Table 8.1','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(68, NULL,'8.5.0.2','Tag encoded as 3 bytes','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(69, NULL,'8.5.0.3','Each data object returned with 2 byte status word (90 00)','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(70, NULL,'8.5.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(71, NULL,'8.5.1.1','Printed Information value lengths comply with Table 14 of SP 800-73-4','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(72, NULL,'8.5.1.2','Printed Information Tags 0x01, 0x02, 0x05, 0x06 are present in that order','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(73, NULL,'8.5.1.3','Printed Information Tags 0x01, 0x02, 0x05, 0x06 are in that order','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(74, NULL,'8.5.1.4','Printed Information Tag 0xFE follows Tag 0x06, or optional Tags 0x07 or 0x08','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(75, NULL,'8.5.1.5','Printed Information Tags 0x07 and 0x08 are optionally present in that order, following the tags from 73-4.28','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(76, NULL,'8.5.1.6','Printed Information Tag 0xFE is present','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(77, NULL,'8.5.1.7','No Printed Information tags other than (0x01, 0x02, 0x05, 0x06, 0x07, 0x08, 0xFE) are present','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(78, NULL,'8.5.1.8','Tag 0xFE has length of 0','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(79, NULL,'8.6 Facial Image','Card Holder Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(80, NULL,'8.6.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(81, NULL,'8.6.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(82, NULL,'8.6.0.2','Tag encoded as 3 bytes','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(83, NULL,'8.6.0.3','Each data object returned with 2 byte status word (90 00)','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(84, NULL,'8.6.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(85, NULL,'8.6.1.1','Printed Information value lengths comply with Table 13 of SP 800-73-4','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(86, NULL,'8.6.1.2','Position is one of the valid x,y coordinate types in the original image','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(87, NULL,'8.6.1.3','No tags other than (0xBC, 0xFE) are present','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(88, NULL,'8.6..4','Tag 0xFE has length of 0','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(89, NULL,'8.7 Digital Signature Cert','X.509 Certificate for Digital Signature','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(90, NULL,'8.7.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(91, NULL,'8.7.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(92, NULL,'8.7.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(93, NULL,'8.7.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(94, NULL,'8.7.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(95, NULL,'8.7.1.1','X.509 Certificate for Digital Signature container value lengths comply with Table 15 of SP 800-73-4','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(96, NULL,'8.7.1.2','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(97, NULL,'8.7.1.3','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(98, NULL,'8.7.1.4','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(99, NULL,'8.7.1.5','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(100, NULL,'8.7.1.6','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(101, NULL,'8.8 Key Management Cert','X.509 Certificate for Key Management','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(102, NULL,'8.8.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(103, NULL,'8.8.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(104, NULL,'8.8.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(105, NULL,'8.8.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(106, NULL,'8.8.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(107, NULL,'8.8.1.1','X.509 Certificate for Key Management container value lengths comply with Table 16 of SP 800-73-4','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(108, NULL,'8.8.1.2','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(109, NULL,'8.8.1.3','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(110, NULL,'8.8.1.4','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(111, NULL,'8.8.1.5','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(112, NULL,'8.8.1.6','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(113, NULL,'8.9 Card Auth Cert','X.509 Certificate for Card Authentication','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(114, NULL,'8.9.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(115, NULL,'8.9.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(116, NULL,'8.9.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(117, NULL,'8.9.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(118, NULL,'8.9.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(119, NULL,'8.9.1.1','X.509 Certificate for Card Authentication value lengths comply with Table 17 of SP 800-73-4','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(120, NULL,'8.9.1.2','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(121, NULL,'8.9.1.3','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(122, NULL,'8.9.1.4','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(123, NULL,'8.9.1.5','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(124, NULL,'8.9.1.6','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(125, NULL,'8.10 Security Objecvt','Security Object','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(126, NULL,'8.10.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(127, NULL,'8.10.0.1','Length field encoded as shown in SP800-85B Table 8.1','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(128, NULL,'8.10.0.2','Tag encoded as 3 bytes','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(129, NULL,'8.10.0.3','Each data object returned with 2 byte status word (90 00)','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(130, NULL,'8.10.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(131, NULL,'8.10.1.1','Security Object value lengths comply with Table 12 of SP 800-73-4','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(132, NULL,'8.10.1.2','Tags 0xBA, 0xBB, 0XFE are present','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(133, NULL,'8.10.1.3','Tags 0xBA, 0xBB, 0XFE are are in that order','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(134, NULL,'8.10.1.4','No tags other than (0xBA, 0xBB, 0xFE) are present','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(135, NULL,'8.10.2','Parse data at tag 0xBA and for each data container found ensure that performing a select returns status words 0x90, 0x00','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(136, NULL,'8.11 Discovery Object','Discovery Object','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(137, NULL,'8.11.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(138, NULL,'8.11.0.1','Length field encoded as shown in SP800-85B Table 8.1','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(139, NULL,'8.11.0.2','Tag encoded as 3 bytes','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(140, NULL,'8.11.0.3','Each data object returned with 2 byte status word (90 00)','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(141, NULL,'8.11.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(142, NULL,'8.11.1.1','Tag 0x4F (PIV Application AID) is present','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(143, NULL,'8.11.1.2','Tag 0x5F2F (PIN Usage Policy) Is present','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(144, NULL,'8.11.1.3','Discovery Object Tags 0x4F, 0x5F2F are in that order','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(145, NULL,'8.11.1.4','The values of the tags conform with the vendor provided data.','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(146, NULL,'8.11.1.5','The PIN usage policy matches the card capabilities provided by the vendor documentation. Associated optional data objects are present when the PIN usage policy asserts an optional capability (i.e., OCC, global PIN and pairing code)','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(147, NULL,'8.11.6','Discovery Object value lengths comply with Table 18 of SP 800-73-4','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(148, NULL,'8.12 Iris','Card Holder Iris Images','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(149, NULL,'8.13 Retired Key Management Cert','Key History Objects','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(150, NULL,'8.13.1','X.509 Key History 1','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(151, NULL,'8.13.2','X.509 Key History 2','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(152, NULL,'8.14 Key History','Key History (see Issue #52)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(153, NULL,'8.15 BITT','Biometric InformationTemplates Group Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(154, NULL,'8.16 SMCS','Secure Messaging Certificate Signer','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(155, NULL,'8.17 Paring Code Reference','Pairing Code Reference Data Container','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(156, NULL,'9 Biometric Data Objects','Biometric Data Object Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(157, NULL,'9.1 Fingerprint CBEFF','CBEFF Patron Format for Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(158, NULL,'9.1.1','CBEFF Structure for Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(159, NULL,'9.1.1.1','BDB length field is non-zero','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(160, NULL,'9.1.1.2','Recorded length matches actual BDB length','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(161, NULL,'9.1.1.3','SB length field is non-zero','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(162, NULL,'9.1.1.4','Recorded length matches actual SB length','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(163, NULL,'9.1.1.5','Card Holder Fingerprint object length equals sum of CBEFF header length + BDB length + SB length','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(164, NULL,'9.1.2','CBEFF Header for Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(165, NULL,'9.1.2.1','The Patron Header Version field has a value of 0x03.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(166, NULL,'9.1.2.2','Validate that the biometric data block is signed but not encrypted','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(167, NULL,'9.1.2.3','Validate that BDB Format Owner is set to a value of 0x001B denoting M1, the INCITS Technical Committee on Biometrics.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(168, NULL,'9.1.2.4','The BDB Format Type is set to a value of 0x0201','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(169, NULL,'9.1.2.5','Validate that that the creation date in the PIV Patron Format is encoded in 8 bytes using a binary representation of YYYYMMDDhhmmssZ','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(170, NULL,'9.1.2.6','Validate date encoding on Validity Period in PIV Patron Format','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(171, NULL,'9.1.2.7','Valdiate that that Biometric Type has the value 0x000008','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(172, NULL,'9.1.2.8','Validate that for the mandatory minutia PIV card templates, the CBEFF biometric data type encoding value shall be b100xxxxx, which corresponds to biometric data that has been processed.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(173, NULL,'9.1.2.9','The Biometric Data Quality field is -2 or 0 - 100.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(174, NULL,'9.1.2.10','Validate that that the Creator field in the PIV Patron Format contains 18 bytes of which the first K <= 17 bytes shall be ASCII characters, and the first of the remaining 18-K shall be a null terminator (zero)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(175, NULL,'9.1.2.12','Validate that the Reserved for Future Use field is equal to 0x00000000','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(176, NULL,'9.2 Facial Image CBEFF','CBEFF Patron Format for Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(177, NULL,'9.2.1','CBEFF Structure for Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(178, NULL,'9.2.1.1','BDB length field is non-zero','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(179, NULL,'9.2.1.2','Recorded length matches actual BDB length','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(180, NULL,'9.2.1.3','SB length field is non-zero','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(181, NULL,'9.2.1.4','Recorded length matches actual SB length','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(182, NULL,'9.2.2','CBEFF Header for Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(183, NULL,'9.2.2.1','Card Holder Fingerprint object length equals sum of CBEFF header length + BDB length + SB length','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(184, NULL,'9.2.2.2','Validate that the biometric data block is signed but not encrypted','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(185, NULL,'9.2.2.3','Validate that BDB Format Owner is set to a value of 0x001B denoting M1, the INCITS Technical Committee on Biometrics.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(186, NULL,'9.2.2.4','The BDB Format Type is set to a value of 0x0501','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(187, NULL,'9.2.2.5','Validate that that the creation date in the PIV Patron Format is encoded in 8 bytes using a binary representation of YYYYMMDDhhmmssZ','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(188, NULL,'9.2.2.6','Validate date encoding on Validity Period in PIV Patron Format','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(189, NULL,'9.2.2.7','Validate that Biometric Type has the value 0x000002','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(190, NULL,'9.2.2.8','Validate that the CBEFF biometric data type encoding value shall be b001xxxxx, which corresponds to the raw biometric data','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(191, NULL,'9.2.2.9','The Biometric Data Quality field is -2 or 0 - 100.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(192, NULL,'9.2.2.10','Validate that that the Creator field in the PIV Patron Format contains 18 bytes of which the first K <= 17 bytes shall be ASCII characters, and the first of the remaining 18-K shall be a null terminator (zero)','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(193, NULL,'9.2.2.12','Validate that the Reserved for Future Use field is equal to 0x00000000','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(194, NULL,'9.3 Iris CBEFF','CBEFF Patron Format for Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(195, NULL,'9.3.1','CBEFF Structure for Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(196, NULL,'9.3.1.1','BDB length field is non-zero','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(197, NULL,'9.3.1.2','Recorded length matches actual BDB length','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(198, NULL,'9.3.1.3','SB length field is non-zero','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(199, NULL,'9.3.1.4','Recorded length matches actual SB length','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(200, NULL,'9.3.2','CBEFF Header for Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(201, NULL,'9.3.2.1','Patron Header Version field has a value of 0x03.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(202, NULL,'9.3.2.2','Validate that the biometric data block is signed but not encrypted','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(203, NULL,'9.3.2.3','The BDB Format Owner field has a value of 0x0101.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(204, NULL,'9.3.2.4','The BDB Format Type field has a value of 0x0009.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(205, NULL,'9.3.2.5','Validate that that the creation date in the PIV Patron Format is encoded in 8 bytes using a binary representation of YYYYMMDDhhmmssZ','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(206, NULL,'9.3.2.6','Validate date encoding on Validity Period in PIV Patron Format','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(207, NULL,'9.3.2.7','The value of the Biometric Type field for the iris image is 0x000010.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(208, NULL,'9.3.2.8','Validate that the CBEFF biometric data type encoding value shall be b01000000, which corresponds to the raw biometric data','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(209, NULL,'9.3.2.9','The Biometric Data Quality field is -2 or 0 - 100.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(210, NULL,'9.3.2.10','Validate that that the Creator field in the PIV Patron Format contains 18 bytes of which the first K <= 17 bytes shall be ASCII characters, and the first of the remaining 18-K shall be a null terminator (zero)','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(211, NULL,'9.3.2.12','Validate that the Reserved for Future Use field is equal to 0x00000000','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(212, NULL,'9.4 Fingerprint BDB','Off-Card Comparison Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(213, NULL,'9.4.1','General Record Header Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(214, NULL,'9.4.1.1','Extract contents of format identifier, confirm value 0x464D5200','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(215, NULL,'9.4.1.2','Extract contents of version identifier, confirm value 0x20323030','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(216, NULL,'9.4.1.3','Biometric Data Block length (L) where 26 <= L <= 1574','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(217, NULL,'9.4.1.4','Confirm that product identifier owner and product identifier type are non-zero and that MSBs identify vendor, LSBs identify minutia detection algorithm version','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(218, NULL,'9.4.1.5','Confirm that product identifier owner and product identifier type are non-zero and that MSBs identify vendor, LSBs identify minutia detection algorithm version','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(219, NULL,'9.4.1.6','Confirm that capture equipment compliance has a value of 1000b','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(220, NULL,'9.4.1.7','Confirm that capture equipment id is non-NULL','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(221, NULL,'9.4.1.8','Width of the Size of Scanned Image in x direction is the larger of the widths of the two input images.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(222, NULL,'9.4.1.9','Height of the Size of Scanned Image in y direction is the larger of the heights of the two input images.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(223, NULL,'9.4.1.10','X and Y resolutions both have values of 197','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(224, NULL,'9.4.1.12','Number of Finger Views is 2','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(225, NULL,'9.4.1.13','Confirm that reserved byte is set to 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(226, NULL,'9.4.2','View Header Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(227, NULL,'9.4.2.0.1','Confirm that Finger View Header has value A','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(228, NULL,'9.4.2.0.2','Confirm that Finger View Position (0,14)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(229, NULL,'9.4.2.1','If only 1 minutiae present for a finger, view number must be 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(230, NULL,'9.4.2.2','Impression type must be 0 or 2','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(231, NULL,'9.4.2.3','Finger Quality value shall be 20, 40, 60, 80, 100, 254, or 255.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(232, NULL,'9.4.2.4','Number of minutia (0..128)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(233, NULL,'9.4.2.5','Minutiae Type value shall be 01b, 10b, or 00b.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(234, NULL,'9.4.2.6','Verify that position is one of the valid x,y coordinate types in the original image','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(235, NULL,'9.4.2.7','Verify that angle (0,179)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(236, NULL,'9.4.2.8','Verify that quality (0,100)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(237, NULL,'9.4.2.9','Verify that extended data block length is 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(238, NULL,'9.4.3','Fingerprint Minutiae Data Records','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(239, NULL,'9.4.3.1','Minutiae Type value shall be01b, 10b, or 00b.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(240, NULL,'9.4.3.2','Extended Data Block Length shall be 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(241, NULL,'9.5','On-Card Comparison','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(242, NULL,'9.5.1','BIT Group Template data conformance for on-card comparison','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(243, NULL,'9.6 Facial Image BDB','Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(244, NULL,'9.6.1','Facial Image Header Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(245, NULL,'9.6.1.1','Format Identifier has a value 0x46414300','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(246, NULL,'9.6.1.2','Version Number has a value of 0x30313000','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(247, NULL,'9.6.1.3','Number of Facial Images value is >= 1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(248, NULL,'9.6.1.4','Number of Feature Points is >= 0','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(249, NULL,'9.6.2','Facial Image Data Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(250, NULL,'9.6.2.1','Facial Image Type is 1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(251, NULL,'9.6.2.2','Image Data Type is 0 or 1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(252, NULL,'9.6.2.3','Image Color Space is 1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(253, NULL,'9.6.2.4','Source Type is 2 or 6','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(254, NULL,'9.7 Iris Image BDB','Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(255, NULL,'9.7.1','Iris Image Profile','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(256, NULL,'9.7.2','Iris Image Data Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(257, NULL,'10 Signed Data Elements','Signed Data Elements Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(258, NULL,'10.1 CHUID','Card Holder Unique Identifier','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(259, NULL,'10.1.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(260, NULL,'10.1.1.1','The CHUID buffer contains an asymmetric digital signature that is implemented as a SignedData type and is encoded as a CMS external signature according to RFC 5652.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(261, NULL,'10.1.1.2','The value of the version field of the SignedData is 3.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(262, NULL,'10.1.1.3','The digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP800-78-4.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(263, NULL,'10.1.1.4','The eContent field has been omitted and the eContentType asserts id-piv-CHUIDSecurityObject in encapContentInfo.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(264, NULL,'10.1.1.5','The crls field is omitted from the SignedData.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(265, NULL,'10.1.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(266, NULL,'10.1.1.7','The SignerIdentifier in the SignerInfo uses the issuerAndSerialNumber choice and it corresponds to the issuer and serialNumber fields found in the X.509 certificate of the signer.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(267, NULL,'10.1.1.8','The digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP80078','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(268, NULL,'10.1.1.8.1','The digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(269, NULL,'10.1.1.9','The value of the hash obtained from the message digest attribute of the signedAttrs of the SignerInfo is identical to that obtained after hashing the concatenated contents of the CHUID, excluding the asymmetric digital signature field and the Buffer Length field, if present.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(270, NULL,'10.1.1.10','The value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(271, NULL,'10.1.1.12','The signatureAlgorithm field specified in the SignerInfo field for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm shall be in accordance with Table 3-3 of SP800-78-4.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(272, NULL,'10.1.1.13','The certificate from the cert bag succesfully validates the CMS signature.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(273, NULL,'10.2 Fingerprint','Off-Card Comparison Biometric Fingerprint','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(274, NULL,'10.2.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(275, NULL,'10.2.1.1','CBEFF_SIGNATURE_BLOCK is present in the biometric CBEFF structure containing an asymmetric digital signature that is implemented as a SignedData type according to RFC 5652.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(276, NULL,'10.2.1.2','PKCS#7 version is set to 3','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(277, NULL,'10.2.1.3','digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP 800-78.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(278, NULL,'10.2.1.4','The eContent field has been omitted and the eContentType asserts id-piv-biometricObject in encapContentInfo.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(279, NULL,'10.2.1.5','The crls field is omitted from the SignedData.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(280, NULL,'10.2.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(281, NULL,'10.2.1.7.1','SignerId uses ths IssuerAndSerialNumber choice','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(282, NULL,'10.2.1.7.2','Issuer and Serial in the signer info corresponds to the issuer and serial values in the signer certificate','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(283, NULL,'10.2.1.8','Verify Digest Algorithm in SignerInfo','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(284, NULL,'10.2.1.8.1','The digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP 800-78','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(285, NULL,'10.2.1.8.2','digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(286, NULL,'10.2.1.9','Message digest from signed attributes bag matches the digest over Fingerprint biometric data (excluding contents of digital signature field)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(287, NULL,'10.2.1.10','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(288, NULL,'10.2.1.11','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(289, NULL,'10.2.1.12','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(290, NULL,'10.2.1.13','The content signing certificate contains id-piv-content-signing or directly-asserted id-fpki-pivi-content-signing (for PIV-I) EKU extension.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(291, NULL,'10.2.1.14','The signed attribute entryUUID matches GUID read from CHUID container.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(292, NULL,'10.3 Facial Image','Biometric Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(293, NULL,'10.3.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(294, NULL,'10.3.1.1','CBEFF_SIGNATURE_BLOCK is present in the biometric CBEFF structure containing an asymmetric digital signature that is implemented as a SignedData type according to RFC 5652.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(295, NULL,'10.3.1.2','PKCS#7 version is set to 3','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(296, NULL,'10.3.1.3','digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP80078.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(297, NULL,'10.3.1.4','The eContent field has been omitted and the eContentType asserts id-piv-biometricObject in encapContentInfo.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(298, NULL,'10.3.1.5','The crls field is omitted from the SignedData.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(299, NULL,'10.3.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(300, NULL,'10.3.1.7.1','SignerId uses ths IssuerAndSerialNumber choice','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(301, NULL,'10.3.1.7.2','Issuer and Serial in the signer info corresponds to the issuer and serial values in the signer certificate','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(302, NULL,'10.3.1.8.1','Th digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP 800-78','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(303, NULL,'10.3.1.8.2','digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(304, NULL,'10.3.1.9','Message digest from signed attributes bag matches the digest over Facial Image biometric data (excluding contents of digital signature field)','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(305, NULL,'10.3.1.10','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(306, NULL,'10.3.1.11','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(307, NULL,'10.3.1.12','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(308, NULL,'10.3.1.13','The content signing certificate contains id-piv-content-signing or directly-asserted id-fpki-pivi-content-signing (for PIV-I) EKU extension.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(309, NULL,'10.3.1.14','The signed attribute entryUUID matches GUID read from CHUID container.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(310, NULL,'10.4 Security Object','Security Object','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(311, NULL,'10.4.1','Data Integrity','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(312, NULL,'10.4.1.1','The actual hash of the data elements on the PIV card are identical to their corresponding hash values present in the security object.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(313, NULL,'10.4.2','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(314, NULL,'10.4.2.1','Verify that the asymmetric digital field contains a CMS signed data object','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(315, NULL,'10.4.2.2','Confirm that version of signed data structure is 1','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(316, NULL,'10.4.2.3','Verify that eContent contains a security object','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(317, NULL,'10.4.2.4','The eContent field contains a correctly formatted ldsSecurityobject and the eContentType asserts id-icao-ldsSecurityObject in encapContentInfo.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(318, NULL,'10.4.2.5','The certificates field is omitted from the SignedData.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(319, NULL,'10.4.2.6','digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP 800-78','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(320, NULL,'10.4.2.7','The signatureAlgorithm field specified in the SignerInfo field for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm shall be in accordance with Table 3-3 of SP80078.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(321, NULL,'10.4.2.8','The signature in the SignerInfo corresponds to the signed security object and that it is it signed with the certificate that is used to sign the CHUID.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(322, NULL,'10.5 Iris','Biometric Iris','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(323, NULL,'10.5.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(324, NULL,'10.5.1.1','CBEFF_SIGNATURE_BLOCK is present in the biometric CBEFF structure containing an asymmetric digital signature that is implemented as a SignedData type according to RFC 5652.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(325, NULL,'10.5.1.2','PKCS#7 version is set to 3','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(326, NULL,'10.5.1.3','digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP80078.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(327, NULL,'10.5.1.4','The eContent field has been omitted and the eContentType asserts id-piv-biometricObject in encapContentInfo.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(328, NULL,'10.5.1.5','The crls field is omitted from the SignedData.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(329, NULL,'10.5.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(330, NULL,'10.5.1.7','SignerId uses ths IssuerAndSerialNumber choice','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(331, NULL,'10.5.1.8','Issuer and Serial in the signer info corresponds to the issuer and serial values in the signer certificate','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(332, NULL,'10.5.1.9','Th digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP 800-78','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(333, NULL,'10.5.1.10','digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(334, NULL,'10.5.1.11','Message digest from signed attributes bag matches the digest over Fingerprint biometric data (excluding contents of digital signature field)','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(335, NULL,'10.5.1.12','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(336, NULL,'10.5.1.13','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(337, NULL,'10.5.1.14','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(338, NULL,'10.5.1.15','The content signing certificate contains id-piv-content-signing or directly-asserted id-fpki-pivi-content-signing (for PIV-I) EKU extension.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(339, NULL,'10.5.1.16','The signed attribute entryUUID matches GUID read from CHUID container.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(340, NULL,'11 X.509 Certificate Profiles','PKI Certificate Profile Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(341, NULL,'11.1','PIV Authentication Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(342, NULL,'11.1.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(343, NULL,'11.1.1.1','The signatureAlgorithm value is in accordance with Table 3-3 of SP80078. If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(344, NULL,'11.1.1.2','The PIV authentication key is generated using an allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(345, NULL,'11.1.1.3','The key size and types used are in accordance with Table 3-1 of SP 800-78-4.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(346, NULL,'11.1.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(347, NULL,'11.1.2.1.1','digitalSignature bit has been set','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(348, NULL,'11.1.2.1.2','Confirm no other keyUsage bits are set.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(349, NULL,'11.1.2.2.1','A certificate policies extension is present.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(350, NULL,'11.1.2.2.2','A policyIdentifier field in the certificatePolicies extension asserts id-fpki-common-authentication.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(351, NULL,'11.1.2.3','OCSP','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(352, NULL,'11.1.2.3.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(353, NULL,'11.1.2.3.2','An accessMethod containing id-ad-ocsp is present.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(354, NULL,'11.1.2.3.3','AIA uniformResourceIdentifier protocol is http','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(355, NULL,'11.1.2.5','Private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(356, NULL,'11.1.2.6','Subject Alternate Name','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(357, NULL,'11.1.2.6.2','GeneralName field exists that contain a URI asserting a Card UUID as specified by [RFC4122, Section 3] that matches the GUID value in the CHUID.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(358, NULL,'11.1.2.7','Expiration date of the PIV authentication certificate is not beyond the expiration date of the CHUID i.e. the PIV card.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(359, NULL,'11.1.2.8','Exponent of the RSA asymmetric key for PIV authentication is equal to 65,537.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(360, NULL,'11.1.2.9','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(361, NULL,'11.1.2.9.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(362, NULL,'11.1.2.9.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(363, NULL,'11.1.2.10','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(364, NULL,'11.1.2.10.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(365, NULL,'11.1.2.10.2','An accessMethod containing id-ad-caIssuers is present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(366, NULL,'11.1.2.10.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(367, NULL,'11.1.2.10.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(368, NULL,'11.1.2.10.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(369, NULL,'11.2','Digital Signature Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(370, NULL,'11.2.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(371, NULL,'11.2.1.1','The signatureAlgorithm value is in accordance with Table 3-3 of SP80078. If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(372, NULL,'11.2.1.2','The digital signature key is generated using an allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(373, NULL,'11.2.1.3','The key size used is in accordance with Table 3-1 of SP80078.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(374, NULL,'11.2.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(375, NULL,'11.2.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(376, NULL,'11.2.2.1.1','Key Usage extension is present','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(377, NULL,'11.2.2.1.2','digitalSignature and nonRepudiation bits have been set.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(378, NULL,'11.2.2.2','Private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(379, NULL,'11.2.2.3','Expiration date of the digital signature certificate is not beyond the expiration date of the CHUID i.e. the PIV card.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(380, NULL,'11.2.2.4','Exponent of the RSA asymmetric key for digital signature is equal to 65,537.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(381, NULL,'11.2.2.5','policyIdentifier field in the certificatePolicies extension asserts one of the following: id-fpki-common-hardware or id-fpki-common-High.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(382, NULL,'11.2.2.6','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(383, NULL,'11.2.2.6.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(384, NULL,'11.2.2.6.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(385, NULL,'11.2.2.7','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(386, NULL,'11.2.2.7.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(387, NULL,'11.2.2.7.2','authorityInfoAccess field contains an id-ad-caIssuers','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(388, NULL,'11.2.2.7.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(389, NULL,'11.2.2.7.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(390, NULL,'11.2.2.7.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(391, NULL,'11.3','Key Management Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(392, NULL,'11.3.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(393, NULL,'11.3.1.1','If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(394, NULL,'11.3.1.2','The key management key is generated using an allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(395, NULL,'11.3.1.3','The key sizes used are in accordance with Table 3-1 of SP80078.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(396, NULL,'11.3.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(397, NULL,'11.3.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(398, NULL,'11.3.2.1.1','If the public key algorithm is RSA, then the keyUsage extension asserts the keyEncipherment bit.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(399, NULL,'11.3.2.1.2','If the algorithm is Elliptic Curve key, then the keyUsage extension asserts the keyAgreement bit.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(400, NULL,'11.3.2.1.3','No other Key Usage bits are set.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(401, NULL,'11.3.2.2','The private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(402, NULL,'11.3.2.3','Exponent of the RSA asymmetric key for key management is equal to 65,537.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(403, NULL,'11.3.2.4','policyIdentifier field in the certificatePolicies extension asserts one of the following: id-fpki-common-hardware or id-fpki-common-High.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(404, NULL,'11.3.2.5','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(405, NULL,'11.3.2.5.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(406, NULL,'11.3.2.5.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(407, NULL,'11.3.2.6','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(408, NULL,'11.3.2.6.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(409, NULL,'11.3.2.6.2','authorityInfoAccess field contains an id-ad-caIssuers','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(410, NULL,'11.3.2.6.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(411, NULL,'11.3.2.6.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(412, NULL,'11.3.2.6.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(413, NULL,'11.4','Card Authentication Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(414, NULL,'11.4.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(415, NULL,'11.4.1.1','If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(416, NULL,'11.4.1.2','The card authentication key is generated using the allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(417, NULL,'11.4.1.3','The key sizes used are in accordance with Table 3-1 of SP80078.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(418, NULL,'11.4.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(419, NULL,'11.4.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(420, NULL,'11.4.2.1.1','Key Usage extension is present','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(421, NULL,'11.4.2.1.2','The digitalSignature bit has been set.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(422, NULL,'11.4.2.1.3','No other bits have been set.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(423, NULL,'11.4.2.2','policyIdentifier field in the certificatePolicies extension asserts id-fpki-common-cardAuth.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(424, NULL,'11.4.2.3','Extended Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(425, NULL,'11.4.2.3.1','Extended key usage (extKeyUsage) extension is present and maked critical','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(426, NULL,'11.4.2.3.2','Extended key usage (extKeyUsage) extension asserts id-PIV-cardAuth','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(427, NULL,'11.4.2.3.3','Extended key usage extension does not assert any other OIDs.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(428, NULL,'11.4.2.4','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(429, NULL,'11.4.2.4.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(430, NULL,'11.4.2.4.2','authorityInfoAccess field contains an id-ad-ocsp','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(431, NULL,'11.4.2.4.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(432, NULL,'11.4.2.4.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(433, NULL,'11.4.2.6','The private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(434, NULL,'11.4.2.7','Subject Alternate Name','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(435, NULL,'11.4.2.7.2','GeneralName field exists that contain a URI asserting a Card UUID as specified by [RFC4122, Section 3] that matches the GUID value in the CHUID.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(436, NULL,'11.4.2.7.3','No other name forms appear in the subjectAltName extension.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(437, NULL,'11.4.2.8','Exponent of the RSA asymmetric key for key management is equal to 65,537.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(438, NULL,'11.4.2.9','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(439, NULL,'11.4.2.9.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(440, NULL,'11.4.2.9.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(441, NULL,'11.4.2.10','Authority Information Access (85B-4)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(442, NULL,'11.4.2.10.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(443, NULL,'11.5','Secure Messaging Card Verifiable Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(444, NULL,'11.5.1','Secure Messaging CVC Profile Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(445, NULL,'11.5.2','Algorithm Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(446, NULL,'11.5.3','Data Integrity Checks','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(447, NULL,'11.6','Intermediate Card Verifiable Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(448, NULL,'11.6.1','Intermediate CVC Profile Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(449, NULL,'11.6.2','Algorithm Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(450, NULL,'11.7','X.509 Certificate for Content Signing','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(451, NULL,'11.7.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(452, NULL,'11.7.1.1','If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(453, NULL,'11.7.1.2','The card authentication key is generated using the allowed asymmetric key algorithm.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(454, NULL,'11.7.1.3','The key sizes used are in accordance with Table 3-1 of SP80078.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(455, NULL,'11.7.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(456, NULL,'11.7.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(457, NULL,'11.7.2.1.1','digitalSignature and nonRepudiation bits have been set','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(458, NULL,'11.7.2.1.2','No other bits have been set.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(459, NULL,'11.7.2.2','X.509 Certificate for Content Signing is not expired.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(460, NULL,'11.7.2.3','Exponent of the RSA asymmetric key for the X.509 Certificate for Content Signing is equal to 65,537.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(461, NULL,'11.7.2.4','Certificate Policy and Extended Key Usage','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(462, NULL,'11.7.2.4.1','policyIdentifier field in the certificatePolicies extension asserts the id-fpki-common-piv-contentSigning policy of [COMMON] (OID = 2.16.840.1.101.3.2.1.3.39)','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(463, NULL,'11.7.2.4.2','extended key usage (extKeyUsage) asserts id-PIV-content-signing.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(464, NULL,'11.7.2.5','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(465, NULL,'11.7.2.5.1','URI is present with the http scheme.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(466, NULL,'11.7.2.5.2','URI points only to files with .crl extensions.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(467, NULL,'11.7.2.6','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(468, NULL,'11.7.2.6.1','authorityInformationAccess extension is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(469, NULL,'11.7.2.6.2','authorityInfoAccess field contains an id-ad-caIssuers','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(470, NULL,'11.7.2.6.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(471, NULL,'11.7.2.6.4','URI scheme is http (not https)','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(472, NULL,'11.7.2.6.5','File contains a CMS a certs-only CMS message (see RFC 3851).','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestsToSteps" VALUES(1, 1,4,0,NULL); -INSERT INTO "TestsToSteps" VALUES(2, 2,5,0,NULL); -INSERT INTO "TestsToSteps" VALUES(3, 3,6,0,NULL); -INSERT INTO "TestsToSteps" VALUES(4, 4,7,0,NULL); -INSERT INTO "TestsToSteps" VALUES(5, 6,8,0,NULL); -INSERT INTO "TestsToSteps" VALUES(6, 7,9,0,NULL); -INSERT INTO "TestsToSteps" VALUES(7, 8,10,0,NULL); -INSERT INTO "TestsToSteps" VALUES(8, 9,11,0,NULL); -INSERT INTO "TestsToSteps" VALUES(9, 10,12,0,NULL); -INSERT INTO "TestsToSteps" VALUES(10, 28,13,0,NULL); -INSERT INTO "TestsToSteps" VALUES(11, 11,14,0,NULL); -INSERT INTO "TestsToSteps" VALUES(12, 1,17,0,NULL); -INSERT INTO "TestsToSteps" VALUES(13, 2,18,0,NULL); -INSERT INTO "TestsToSteps" VALUES(14, 3,19,0,NULL); -INSERT INTO "TestsToSteps" VALUES(15, 4,20,0,NULL); -INSERT INTO "TestsToSteps" VALUES(16, 13,21,0,NULL); -INSERT INTO "TestsToSteps" VALUES(17, 15,22,0,NULL); -INSERT INTO "TestsToSteps" VALUES(18, 47,23,0,NULL); -INSERT INTO "TestsToSteps" VALUES(19, 16,24,0,NULL); -INSERT INTO "TestsToSteps" VALUES(20, 48,25,0,NULL); -INSERT INTO "TestsToSteps" VALUES(21, 49,26,0,NULL); -INSERT INTO "TestsToSteps" VALUES(22, 50,27,0,NULL); -INSERT INTO "TestsToSteps" VALUES(23, 51,28,0,NULL); -INSERT INTO "TestsToSteps" VALUES(24, 18,29,0,NULL); -INSERT INTO "TestsToSteps" VALUES(25, 19,30,0,NULL); -INSERT INTO "TestsToSteps" VALUES(26, 52,31,0,NULL); -INSERT INTO "TestsToSteps" VALUES(27, 53,32,0,NULL); -INSERT INTO "TestsToSteps" VALUES(28, 54,33,0,NULL); -INSERT INTO "TestsToSteps" VALUES(29, 55,34,0,NULL); -INSERT INTO "TestsToSteps" VALUES(30, 14,35,0,NULL); -INSERT INTO "TestsToSteps" VALUES(31, 22,36,0,NULL); -INSERT INTO "TestsToSteps" VALUES(32, 20,37,0,NULL); -INSERT INTO "TestsToSteps" VALUES(33, 21,38,0,NULL); -INSERT INTO "TestsToSteps" VALUES(34, 18,39,0,NULL); -INSERT INTO "TestsToSteps" VALUES(35, 29,40,0,NULL); -INSERT INTO "TestsToSteps" VALUES(36, 28,41,0,NULL); -INSERT INTO "TestsToSteps" VALUES(37, 1,44,0,NULL); -INSERT INTO "TestsToSteps" VALUES(38, 2,45,0,NULL); -INSERT INTO "TestsToSteps" VALUES(39, 3,46,0,NULL); -INSERT INTO "TestsToSteps" VALUES(40, 4,47,0,NULL); -INSERT INTO "TestsToSteps" VALUES(41, 60,48,0,NULL); -INSERT INTO "TestsToSteps" VALUES(42, 24,49,0,NULL); -INSERT INTO "TestsToSteps" VALUES(43, 25,50,0,NULL); -INSERT INTO "TestsToSteps" VALUES(44, 26,51,0,NULL); -INSERT INTO "TestsToSteps" VALUES(45, 27,52,0,NULL); -INSERT INTO "TestsToSteps" VALUES(46, 28,53,0,NULL); -INSERT INTO "TestsToSteps" VALUES(47, 1,56,0,NULL); -INSERT INTO "TestsToSteps" VALUES(48, 2,57,0,NULL); -INSERT INTO "TestsToSteps" VALUES(49, 3,58,0,NULL); -INSERT INTO "TestsToSteps" VALUES(50, 4,59,0,NULL); -INSERT INTO "TestsToSteps" VALUES(51, 29,60,0,NULL); -INSERT INTO "TestsToSteps" VALUES(52, 86,61,0,NULL); -INSERT INTO "TestsToSteps" VALUES(53, 87,62,0,NULL); -INSERT INTO "TestsToSteps" VALUES(54, 84,63,0,NULL); -INSERT INTO "TestsToSteps" VALUES(55, 28,64,0,NULL); -INSERT INTO "TestsToSteps" VALUES(56, 1,67,0,NULL); -INSERT INTO "TestsToSteps" VALUES(57, 2,68,0,NULL); -INSERT INTO "TestsToSteps" VALUES(58, 3,69,0,NULL); -INSERT INTO "TestsToSteps" VALUES(59, 4,70,0,NULL); -INSERT INTO "TestsToSteps" VALUES(60, 32,71,0,NULL); -INSERT INTO "TestsToSteps" VALUES(61, 33,72,0,NULL); -INSERT INTO "TestsToSteps" VALUES(62, 56,73,0,NULL); -INSERT INTO "TestsToSteps" VALUES(63, 57,74,0,NULL); -INSERT INTO "TestsToSteps" VALUES(64, 34,75,0,NULL); -INSERT INTO "TestsToSteps" VALUES(65, 35,76,0,NULL); -INSERT INTO "TestsToSteps" VALUES(66, 36,77,0,NULL); -INSERT INTO "TestsToSteps" VALUES(67, 28,78,0,NULL); -INSERT INTO "TestsToSteps" VALUES(68, 1,81,0,NULL); -INSERT INTO "TestsToSteps" VALUES(69, 2,82,0,NULL); -INSERT INTO "TestsToSteps" VALUES(70, 3,83,0,NULL); -INSERT INTO "TestsToSteps" VALUES(71, 4,84,0,NULL); -INSERT INTO "TestsToSteps" VALUES(72, 37,85,0,NULL); -INSERT INTO "TestsToSteps" VALUES(73, 30,86,0,NULL); -INSERT INTO "TestsToSteps" VALUES(74, 31,87,0,NULL); -INSERT INTO "TestsToSteps" VALUES(75, 28,88,0,NULL); -INSERT INTO "TestsToSteps" VALUES(76, 1,91,0,NULL); -INSERT INTO "TestsToSteps" VALUES(77, 2,92,0,NULL); -INSERT INTO "TestsToSteps" VALUES(78, 3,93,0,NULL); -INSERT INTO "TestsToSteps" VALUES(79, 4,94,0,NULL); -INSERT INTO "TestsToSteps" VALUES(80, 60,95,0,NULL); -INSERT INTO "TestsToSteps" VALUES(81, 24,96,0,NULL); -INSERT INTO "TestsToSteps" VALUES(82, 25,97,0,NULL); -INSERT INTO "TestsToSteps" VALUES(83, 27,98,0,NULL); -INSERT INTO "TestsToSteps" VALUES(84, 26,99,0,NULL); -INSERT INTO "TestsToSteps" VALUES(85, 28,100,0,NULL); -INSERT INTO "TestsToSteps" VALUES(86, 1,103,0,NULL); -INSERT INTO "TestsToSteps" VALUES(87, 2,104,0,NULL); -INSERT INTO "TestsToSteps" VALUES(88, 3,105,0,NULL); -INSERT INTO "TestsToSteps" VALUES(89, 4,106,0,NULL); -INSERT INTO "TestsToSteps" VALUES(90, 60,107,0,NULL); -INSERT INTO "TestsToSteps" VALUES(91, 24,108,0,NULL); -INSERT INTO "TestsToSteps" VALUES(92, 25,109,0,NULL); -INSERT INTO "TestsToSteps" VALUES(93, 26,110,0,NULL); -INSERT INTO "TestsToSteps" VALUES(94, 27,111,0,NULL); -INSERT INTO "TestsToSteps" VALUES(95, 28,112,0,NULL); -INSERT INTO "TestsToSteps" VALUES(96, 1,115,0,NULL); -INSERT INTO "TestsToSteps" VALUES(97, 2,116,0,NULL); -INSERT INTO "TestsToSteps" VALUES(98, 3,117,0,NULL); -INSERT INTO "TestsToSteps" VALUES(99, 4,118,0,NULL); -INSERT INTO "TestsToSteps" VALUES(100, 60,119,0,NULL); -INSERT INTO "TestsToSteps" VALUES(101, 24,120,0,NULL); -INSERT INTO "TestsToSteps" VALUES(102, 25,121,0,NULL); -INSERT INTO "TestsToSteps" VALUES(103, 26,122,0,NULL); -INSERT INTO "TestsToSteps" VALUES(104, 27,123,0,NULL); -INSERT INTO "TestsToSteps" VALUES(105, 28,124,0,NULL); -INSERT INTO "TestsToSteps" VALUES(106, 1,127,0,NULL); -INSERT INTO "TestsToSteps" VALUES(107, 2,128,0,NULL); -INSERT INTO "TestsToSteps" VALUES(108, 3,129,0,NULL); -INSERT INTO "TestsToSteps" VALUES(109, 4,130,0,NULL); -INSERT INTO "TestsToSteps" VALUES(110, 38,131,0,NULL); -INSERT INTO "TestsToSteps" VALUES(111, 39,132,0,NULL); -INSERT INTO "TestsToSteps" VALUES(112, 58,133,0,NULL); -INSERT INTO "TestsToSteps" VALUES(113, 40,134,0,NULL); -INSERT INTO "TestsToSteps" VALUES(114, 41,135,0,NULL); -INSERT INTO "TestsToSteps" VALUES(115, 1,138,0,NULL); -INSERT INTO "TestsToSteps" VALUES(116, 2,139,0,NULL); -INSERT INTO "TestsToSteps" VALUES(117, 3,140,0,NULL); -INSERT INTO "TestsToSteps" VALUES(118, 4,141,0,NULL); -INSERT INTO "TestsToSteps" VALUES(119, 44,142,0,NULL); -INSERT INTO "TestsToSteps" VALUES(120, 45,143,0,NULL); -INSERT INTO "TestsToSteps" VALUES(121, 59,144,0,NULL); -INSERT INTO "TestsToSteps" VALUES(122, 170,145,0,NULL); -INSERT INTO "TestsToSteps" VALUES(123, 46,146,0,NULL); -INSERT INTO "TestsToSteps" VALUES(124, 43,147,0,NULL); -INSERT INTO "TestsToSteps" VALUES(125, 170,150,0,NULL); -INSERT INTO "TestsToSteps" VALUES(126, 170,151,0,NULL); -INSERT INTO "TestsToSteps" VALUES(127, 170,152,0,NULL); -INSERT INTO "TestsToSteps" VALUES(128, 61,159,0,NULL); -INSERT INTO "TestsToSteps" VALUES(129, 62,160,0,NULL); -INSERT INTO "TestsToSteps" VALUES(130, 63,161,0,NULL); -INSERT INTO "TestsToSteps" VALUES(131, 109,162,0,NULL); -INSERT INTO "TestsToSteps" VALUES(132, 64,163,0,NULL); -INSERT INTO "TestsToSteps" VALUES(133, 65,165,0,NULL); -INSERT INTO "TestsToSteps" VALUES(134, 66,166,0,NULL); -INSERT INTO "TestsToSteps" VALUES(135, 67,167,0,NULL); -INSERT INTO "TestsToSteps" VALUES(136, 99,168,0,NULL); -INSERT INTO "TestsToSteps" VALUES(137, 100,169,0,NULL); -INSERT INTO "TestsToSteps" VALUES(138, 64,170,0,NULL); -INSERT INTO "TestsToSteps" VALUES(139, 102,171,0,NULL); -INSERT INTO "TestsToSteps" VALUES(140, 103,172,0,NULL); -INSERT INTO "TestsToSteps" VALUES(141, 104,173,0,NULL); -INSERT INTO "TestsToSteps" VALUES(142, 105,174,0,NULL); -INSERT INTO "TestsToSteps" VALUES(143, 107,175,0,NULL); -INSERT INTO "TestsToSteps" VALUES(144, 61,178,0,NULL); -INSERT INTO "TestsToSteps" VALUES(145, 62,179,0,NULL); -INSERT INTO "TestsToSteps" VALUES(146, 63,180,0,NULL); -INSERT INTO "TestsToSteps" VALUES(147, 109,181,0,NULL); -INSERT INTO "TestsToSteps" VALUES(148, 65,183,0,NULL); -INSERT INTO "TestsToSteps" VALUES(149, 66,184,0,NULL); -INSERT INTO "TestsToSteps" VALUES(150, 67,185,0,NULL); -INSERT INTO "TestsToSteps" VALUES(151, 99,186,0,NULL); -INSERT INTO "TestsToSteps" VALUES(152, 100,187,0,NULL); -INSERT INTO "TestsToSteps" VALUES(153, 64,188,0,NULL); -INSERT INTO "TestsToSteps" VALUES(154, 102,189,0,NULL); -INSERT INTO "TestsToSteps" VALUES(155, 103,190,0,NULL); -INSERT INTO "TestsToSteps" VALUES(156, 104,191,0,NULL); -INSERT INTO "TestsToSteps" VALUES(157, 105,192,0,NULL); -INSERT INTO "TestsToSteps" VALUES(158, 107,193,0,NULL); -INSERT INTO "TestsToSteps" VALUES(159, 61,196,0,NULL); -INSERT INTO "TestsToSteps" VALUES(160, 62,197,0,NULL); -INSERT INTO "TestsToSteps" VALUES(161, 63,198,0,NULL); -INSERT INTO "TestsToSteps" VALUES(162, 109,199,0,NULL); -INSERT INTO "TestsToSteps" VALUES(163, 65,201,0,NULL); -INSERT INTO "TestsToSteps" VALUES(164, 66,202,0,NULL); -INSERT INTO "TestsToSteps" VALUES(165, 67,203,0,NULL); -INSERT INTO "TestsToSteps" VALUES(166, 99,204,0,NULL); -INSERT INTO "TestsToSteps" VALUES(167, 100,205,0,NULL); -INSERT INTO "TestsToSteps" VALUES(168, 64,206,0,NULL); -INSERT INTO "TestsToSteps" VALUES(169, 102,207,0,NULL); -INSERT INTO "TestsToSteps" VALUES(170, 103,208,0,NULL); -INSERT INTO "TestsToSteps" VALUES(171, 104,209,0,NULL); -INSERT INTO "TestsToSteps" VALUES(172, 105,210,0,NULL); -INSERT INTO "TestsToSteps" VALUES(173, 107,211,0,NULL); -INSERT INTO "TestsToSteps" VALUES(174, 69,214,0,NULL); -INSERT INTO "TestsToSteps" VALUES(175, 61,215,0,NULL); -INSERT INTO "TestsToSteps" VALUES(176, 71,216,0,NULL); -INSERT INTO "TestsToSteps" VALUES(177, 72,217,0,NULL); -INSERT INTO "TestsToSteps" VALUES(178, 72,218,0,NULL); -INSERT INTO "TestsToSteps" VALUES(179, 73,219,0,NULL); -INSERT INTO "TestsToSteps" VALUES(180, 74,220,0,NULL); -INSERT INTO "TestsToSteps" VALUES(181, 170,221,0,NULL); -INSERT INTO "TestsToSteps" VALUES(182, 170,222,0,NULL); -INSERT INTO "TestsToSteps" VALUES(183, 77,223,0,NULL); -INSERT INTO "TestsToSteps" VALUES(184, 78,224,0,NULL); -INSERT INTO "TestsToSteps" VALUES(185, 79,225,0,NULL); -INSERT INTO "TestsToSteps" VALUES(186, 80,227,0,NULL); -INSERT INTO "TestsToSteps" VALUES(187, 81,228,0,NULL); -INSERT INTO "TestsToSteps" VALUES(188, 82,229,0,NULL); -INSERT INTO "TestsToSteps" VALUES(189, 83,230,0,NULL); -INSERT INTO "TestsToSteps" VALUES(190, 108,231,0,NULL); -INSERT INTO "TestsToSteps" VALUES(191, 84,232,0,NULL); -INSERT INTO "TestsToSteps" VALUES(192, 85,233,0,NULL); -INSERT INTO "TestsToSteps" VALUES(193, 86,234,0,NULL); -INSERT INTO "TestsToSteps" VALUES(194, 87,235,0,NULL); -INSERT INTO "TestsToSteps" VALUES(195, 88,236,0,NULL); -INSERT INTO "TestsToSteps" VALUES(196, 89,237,0,NULL); -INSERT INTO "TestsToSteps" VALUES(197, 85,239,0,NULL); -INSERT INTO "TestsToSteps" VALUES(198, 89,240,0,NULL); -INSERT INTO "TestsToSteps" VALUES(199, 170,242,0,NULL); -INSERT INTO "TestsToSteps" VALUES(200, 90,245,0,NULL); -INSERT INTO "TestsToSteps" VALUES(201, 91,246,0,NULL); -INSERT INTO "TestsToSteps" VALUES(202, 92,247,0,NULL); -INSERT INTO "TestsToSteps" VALUES(203, 93,248,0,NULL); -INSERT INTO "TestsToSteps" VALUES(204, 170,250,0,NULL); -INSERT INTO "TestsToSteps" VALUES(205, 170,251,0,NULL); -INSERT INTO "TestsToSteps" VALUES(206, 170,252,0,NULL); -INSERT INTO "TestsToSteps" VALUES(207, 170,253,0,NULL); -INSERT INTO "TestsToSteps" VALUES(208, 170,255,0,NULL); -INSERT INTO "TestsToSteps" VALUES(209, 170,256,0,NULL); -INSERT INTO "TestsToSteps" VALUES(210, 110,260,0,NULL); -INSERT INTO "TestsToSteps" VALUES(211, 111,261,0,NULL); -INSERT INTO "TestsToSteps" VALUES(212, 112,262,0,NULL); -INSERT INTO "TestsToSteps" VALUES(213, 114,263,0,NULL); -INSERT INTO "TestsToSteps" VALUES(214, 115,264,0,NULL); -INSERT INTO "TestsToSteps" VALUES(215, 116,265,0,NULL); -INSERT INTO "TestsToSteps" VALUES(216, 117,266,0,NULL); -INSERT INTO "TestsToSteps" VALUES(217, 113,267,0,NULL); -INSERT INTO "TestsToSteps" VALUES(218, 133,268,0,NULL); -INSERT INTO "TestsToSteps" VALUES(219, 120,269,0,NULL); -INSERT INTO "TestsToSteps" VALUES(220, 121,270,0,NULL); -INSERT INTO "TestsToSteps" VALUES(221, 122,271,0,NULL); -INSERT INTO "TestsToSteps" VALUES(222, 123,272,0,NULL); -INSERT INTO "TestsToSteps" VALUES(223, 110,275,0,NULL); -INSERT INTO "TestsToSteps" VALUES(224, 111,276,0,NULL); -INSERT INTO "TestsToSteps" VALUES(225, 112,277,0,NULL); -INSERT INTO "TestsToSteps" VALUES(226, 114,278,0,NULL); -INSERT INTO "TestsToSteps" VALUES(227, 115,279,0,NULL); -INSERT INTO "TestsToSteps" VALUES(228, 116,280,0,NULL); -INSERT INTO "TestsToSteps" VALUES(229, 117,281,0,NULL); -INSERT INTO "TestsToSteps" VALUES(230, 118,282,0,NULL); -INSERT INTO "TestsToSteps" VALUES(231, 131,284,0,NULL); -INSERT INTO "TestsToSteps" VALUES(232, 133,285,0,NULL); -INSERT INTO "TestsToSteps" VALUES(233, 120,286,0,NULL); -INSERT INTO "TestsToSteps" VALUES(234, 121,287,0,NULL); -INSERT INTO "TestsToSteps" VALUES(235, 122,288,0,NULL); -INSERT INTO "TestsToSteps" VALUES(236, 123,289,0,NULL); -INSERT INTO "TestsToSteps" VALUES(237, 124,290,0,NULL); -INSERT INTO "TestsToSteps" VALUES(238, 138,291,0,NULL); -INSERT INTO "TestsToSteps" VALUES(239, 110,294,0,NULL); -INSERT INTO "TestsToSteps" VALUES(240, 111,295,0,NULL); -INSERT INTO "TestsToSteps" VALUES(241, 112,296,0,NULL); -INSERT INTO "TestsToSteps" VALUES(242, 114,297,0,NULL); -INSERT INTO "TestsToSteps" VALUES(243, 115,298,0,NULL); -INSERT INTO "TestsToSteps" VALUES(244, 116,299,0,NULL); -INSERT INTO "TestsToSteps" VALUES(245, 117,300,0,NULL); -INSERT INTO "TestsToSteps" VALUES(246, 118,301,0,NULL); -INSERT INTO "TestsToSteps" VALUES(247, 131,302,0,NULL); -INSERT INTO "TestsToSteps" VALUES(248, 133,303,0,NULL); -INSERT INTO "TestsToSteps" VALUES(249, 120,304,0,NULL); -INSERT INTO "TestsToSteps" VALUES(250, 121,305,0,NULL); -INSERT INTO "TestsToSteps" VALUES(251, 122,306,0,NULL); -INSERT INTO "TestsToSteps" VALUES(252, 123,307,0,NULL); -INSERT INTO "TestsToSteps" VALUES(253, 124,308,0,NULL); -INSERT INTO "TestsToSteps" VALUES(254, 138,309,0,NULL); -INSERT INTO "TestsToSteps" VALUES(255, 42,312,0,NULL); -INSERT INTO "TestsToSteps" VALUES(256, 119,314,0,NULL); -INSERT INTO "TestsToSteps" VALUES(257, 126,315,0,NULL); -INSERT INTO "TestsToSteps" VALUES(258, 127,316,0,NULL); -INSERT INTO "TestsToSteps" VALUES(259, 128,317,0,NULL); -INSERT INTO "TestsToSteps" VALUES(260, 129,318,0,NULL); -INSERT INTO "TestsToSteps" VALUES(261, 131,319,0,NULL); -INSERT INTO "TestsToSteps" VALUES(262, 122,320,0,NULL); -INSERT INTO "TestsToSteps" VALUES(263, 123,321,0,NULL); -INSERT INTO "TestsToSteps" VALUES(264, 110,324,0,NULL); -INSERT INTO "TestsToSteps" VALUES(265, 111,325,0,NULL); -INSERT INTO "TestsToSteps" VALUES(266, 113,326,0,NULL); -INSERT INTO "TestsToSteps" VALUES(267, 114,327,0,NULL); -INSERT INTO "TestsToSteps" VALUES(268, 115,328,0,NULL); -INSERT INTO "TestsToSteps" VALUES(269, 116,329,0,NULL); -INSERT INTO "TestsToSteps" VALUES(270, 117,330,0,NULL); -INSERT INTO "TestsToSteps" VALUES(271, 118,331,0,NULL); -INSERT INTO "TestsToSteps" VALUES(272, 131,332,0,NULL); -INSERT INTO "TestsToSteps" VALUES(273, 133,333,0,NULL); -INSERT INTO "TestsToSteps" VALUES(274, 120,334,0,NULL); -INSERT INTO "TestsToSteps" VALUES(275, 121,335,0,NULL); -INSERT INTO "TestsToSteps" VALUES(276, 122,336,0,NULL); -INSERT INTO "TestsToSteps" VALUES(277, 123,337,0,NULL); -INSERT INTO "TestsToSteps" VALUES(278, 124,338,0,NULL); -INSERT INTO "TestsToSteps" VALUES(279, 138,339,0,NULL); -INSERT INTO "TestsToSteps" VALUES(280, 141,343,0,NULL); -INSERT INTO "TestsToSteps" VALUES(281, 139,344,0,NULL); -INSERT INTO "TestsToSteps" VALUES(282, 139,345,0,NULL); -INSERT INTO "TestsToSteps" VALUES(283, 144,347,0,NULL); -INSERT INTO "TestsToSteps" VALUES(284, 145,348,0,NULL); -INSERT INTO "TestsToSteps" VALUES(285, 146,349,0,NULL); -INSERT INTO "TestsToSteps" VALUES(286, 147,350,0,NULL); -INSERT INTO "TestsToSteps" VALUES(287, 148,352,0,NULL); -INSERT INTO "TestsToSteps" VALUES(288, 149,353,0,NULL); -INSERT INTO "TestsToSteps" VALUES(289, 164,354,0,NULL); -INSERT INTO "TestsToSteps" VALUES(290, 152,355,0,NULL); -INSERT INTO "TestsToSteps" VALUES(291, 168,357,0,NULL); -INSERT INTO "TestsToSteps" VALUES(292, 154,358,0,NULL); -INSERT INTO "TestsToSteps" VALUES(293, 155,359,0,NULL); -INSERT INTO "TestsToSteps" VALUES(294, 150,361,0,NULL); -INSERT INTO "TestsToSteps" VALUES(295, 165,362,0,NULL); -INSERT INTO "TestsToSteps" VALUES(296, 148,364,0,NULL); -INSERT INTO "TestsToSteps" VALUES(297, 163,365,0,NULL); -INSERT INTO "TestsToSteps" VALUES(298, 150,366,0,NULL); -INSERT INTO "TestsToSteps" VALUES(299, 164,367,0,NULL); -INSERT INTO "TestsToSteps" VALUES(300, 166,368,0,NULL); -INSERT INTO "TestsToSteps" VALUES(301, 141,371,0,NULL); -INSERT INTO "TestsToSteps" VALUES(302, 139,372,0,NULL); -INSERT INTO "TestsToSteps" VALUES(303, 139,373,0,NULL); -INSERT INTO "TestsToSteps" VALUES(304, 143,376,0,NULL); -INSERT INTO "TestsToSteps" VALUES(305, 156,377,0,NULL); -INSERT INTO "TestsToSteps" VALUES(306, 152,378,0,NULL); -INSERT INTO "TestsToSteps" VALUES(307, 154,379,0,NULL); -INSERT INTO "TestsToSteps" VALUES(308, 155,380,0,NULL); -INSERT INTO "TestsToSteps" VALUES(309, 147,381,0,NULL); -INSERT INTO "TestsToSteps" VALUES(310, 150,383,0,NULL); -INSERT INTO "TestsToSteps" VALUES(311, 165,384,0,NULL); -INSERT INTO "TestsToSteps" VALUES(312, 148,386,0,NULL); -INSERT INTO "TestsToSteps" VALUES(313, 163,387,0,NULL); -INSERT INTO "TestsToSteps" VALUES(314, 150,388,0,NULL); -INSERT INTO "TestsToSteps" VALUES(315, 164,389,0,NULL); -INSERT INTO "TestsToSteps" VALUES(316, 166,390,0,NULL); -INSERT INTO "TestsToSteps" VALUES(317, 141,393,0,NULL); -INSERT INTO "TestsToSteps" VALUES(318, 139,394,0,NULL); -INSERT INTO "TestsToSteps" VALUES(319, 139,395,0,NULL); -INSERT INTO "TestsToSteps" VALUES(320, 157,398,0,NULL); -INSERT INTO "TestsToSteps" VALUES(321, 158,399,0,NULL); -INSERT INTO "TestsToSteps" VALUES(322, 145,400,0,NULL); -INSERT INTO "TestsToSteps" VALUES(323, 152,401,0,NULL); -INSERT INTO "TestsToSteps" VALUES(324, 155,402,0,NULL); -INSERT INTO "TestsToSteps" VALUES(325, 147,403,0,NULL); -INSERT INTO "TestsToSteps" VALUES(326, 150,405,0,NULL); -INSERT INTO "TestsToSteps" VALUES(327, 165,406,0,NULL); -INSERT INTO "TestsToSteps" VALUES(328, 148,408,0,NULL); -INSERT INTO "TestsToSteps" VALUES(329, 163,409,0,NULL); -INSERT INTO "TestsToSteps" VALUES(330, 150,410,0,NULL); -INSERT INTO "TestsToSteps" VALUES(331, 164,411,0,NULL); -INSERT INTO "TestsToSteps" VALUES(332, 166,412,0,NULL); -INSERT INTO "TestsToSteps" VALUES(333, 141,415,0,NULL); -INSERT INTO "TestsToSteps" VALUES(334, 139,416,0,NULL); -INSERT INTO "TestsToSteps" VALUES(335, 139,417,0,NULL); -INSERT INTO "TestsToSteps" VALUES(336, 143,420,0,NULL); -INSERT INTO "TestsToSteps" VALUES(337, 144,421,0,NULL); -INSERT INTO "TestsToSteps" VALUES(338, 145,422,0,NULL); -INSERT INTO "TestsToSteps" VALUES(339, 147,423,0,NULL); -INSERT INTO "TestsToSteps" VALUES(340, 160,425,0,NULL); -INSERT INTO "TestsToSteps" VALUES(341, 161,426,0,NULL); -INSERT INTO "TestsToSteps" VALUES(342, 161,427,0,NULL); -INSERT INTO "TestsToSteps" VALUES(343, 148,429,0,NULL); -INSERT INTO "TestsToSteps" VALUES(344, 149,430,0,NULL); -INSERT INTO "TestsToSteps" VALUES(345, 150,431,0,NULL); -INSERT INTO "TestsToSteps" VALUES(346, 150,432,0,NULL); -INSERT INTO "TestsToSteps" VALUES(347, 152,433,0,NULL); -INSERT INTO "TestsToSteps" VALUES(348, 168,435,0,NULL); -INSERT INTO "TestsToSteps" VALUES(349, 169,436,0,NULL); -INSERT INTO "TestsToSteps" VALUES(350, 155,437,0,NULL); -INSERT INTO "TestsToSteps" VALUES(351, 150,439,0,NULL); -INSERT INTO "TestsToSteps" VALUES(352, 165,440,0,NULL); -INSERT INTO "TestsToSteps" VALUES(353, 166,442,0,NULL); -INSERT INTO "TestsToSteps" VALUES(354, 141,452,0,NULL); -INSERT INTO "TestsToSteps" VALUES(355, 139,453,0,NULL); -INSERT INTO "TestsToSteps" VALUES(356, 139,454,0,NULL); -INSERT INTO "TestsToSteps" VALUES(357, 144,457,0,NULL); -INSERT INTO "TestsToSteps" VALUES(358, 145,458,0,NULL); -INSERT INTO "TestsToSteps" VALUES(359, 167,459,0,NULL); -INSERT INTO "TestsToSteps" VALUES(360, 155,460,0,NULL); -INSERT INTO "TestsToSteps" VALUES(361, 147,462,0,NULL); -INSERT INTO "TestsToSteps" VALUES(362, 161,463,0,NULL); -INSERT INTO "TestsToSteps" VALUES(363, 150,465,0,NULL); -INSERT INTO "TestsToSteps" VALUES(364, 165,466,0,NULL); -INSERT INTO "TestsToSteps" VALUES(365, 148,468,0,NULL); -INSERT INTO "TestsToSteps" VALUES(366, 149,469,0,NULL); -INSERT INTO "TestsToSteps" VALUES(367, 150,470,0,NULL); -INSERT INTO "TestsToSteps" VALUES(368, 164,471,0,NULL); -INSERT INTO "TestsToSteps" VALUES(369, 166,472,0,NULL); diff --git a/conformancelib/testdata/PIV-I_Carillon_Cards.xlsx b/conformancelib/testdata/PIV-I_Carillon_Cards.xlsx deleted file mode 100644 index 626893d9..00000000 Binary files a/conformancelib/testdata/PIV-I_Carillon_Cards.xlsx and /dev/null differ diff --git a/conformancelib/testdata/PIV-I_ICAM_Test_Cards.db b/conformancelib/testdata/PIV-I_ICAM_Test_Cards.db index 3e9fbec9..8708e8a5 100644 Binary files a/conformancelib/testdata/PIV-I_ICAM_Test_Cards.db and b/conformancelib/testdata/PIV-I_ICAM_Test_Cards.db differ diff --git a/conformancelib/testdata/PIV-I_ICAM_Test_Cards.sql b/conformancelib/testdata/PIV-I_ICAM_Test_Cards.sql index 95bd4220..a193ba32 100644 --- a/conformancelib/testdata/PIV-I_ICAM_Test_Cards.sql +++ b/conformancelib/testdata/PIV-I_ICAM_Test_Cards.sql @@ -62,178 +62,178 @@ CREATE TABLE IF NOT EXISTS "SystemSettings" ( `GPMasterKey` TEXT ); -INSERT INTO "TestSteps" VALUES(1,'BERTLV.1','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(2,'BERTLV.2','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(3,'BERTLV.3','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(4,'BERTLV.4','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(5,'BERTLV.5','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(6,'73-4.1','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(7,'73-4.2','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(8,'73-4.3','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(9,'73-4.4','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(10,'73-4.5','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(11,'73-4.6','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(12,'73-4.7','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(13,'73-4.8','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(14,'73-4.9','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(15,'73-4.10','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(16,'73-4.11','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(17,'73-4.12','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(18,'73-4.13','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(19,'73-4.14','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(20,'73-4.15','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(21,'73-4.16','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(22,'73-4.17','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(23,'73-4.18','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(24,'73-4.19','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(25,'73-4.20','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(26,'73-4.21','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(27,'73-4.22','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(28,'73-4.23','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(29,'73-4.24','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(30,'73-4.25','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(31,'73-4.26','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(32,'73-4.27','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(33,'73-4.28','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(34,'73-4.29','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_29',NULL); -INSERT INTO "TestSteps" VALUES(35,'73-4.30','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_30',NULL); -INSERT INTO "TestSteps" VALUES(36,'73-4.31','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_31',NULL); -INSERT INTO "TestSteps" VALUES(37,'73-4.32','gov.gsa.conformancelib.tests.SP800_73_4FacialImageTests','sp800_73_4_Test_32',NULL); -INSERT INTO "TestSteps" VALUES(38,'73-4.33','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_33',NULL); -INSERT INTO "TestSteps" VALUES(39,'73-4.34','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_34',NULL); -INSERT INTO "TestSteps" VALUES(40,'73-4.35','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_35',NULL); -INSERT INTO "TestSteps" VALUES(41,'73-4.36','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_36',NULL); -INSERT INTO "TestSteps" VALUES(42,'73-4.37','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_37',NULL); -INSERT INTO "TestSteps" VALUES(43,'73-4.38','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_38',NULL); -INSERT INTO "TestSteps" VALUES(44,'73-4.40','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_40',NULL); -INSERT INTO "TestSteps" VALUES(45,'73-4.41','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_41',NULL); -INSERT INTO "TestSteps" VALUES(46,'73-4.42','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_42',NULL); -INSERT INTO "TestSteps" VALUES(47,'73-4.43','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_43',NULL); -INSERT INTO "TestSteps" VALUES(48,'73-4.44','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_44',NULL); -INSERT INTO "TestSteps" VALUES(49,'73-4.45','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_45',NULL); -INSERT INTO "TestSteps" VALUES(50,'73-4.46','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_46',NULL); -INSERT INTO "TestSteps" VALUES(51,'73-4.47','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_47',NULL); -INSERT INTO "TestSteps" VALUES(52,'73-4.48','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_48',NULL); -INSERT INTO "TestSteps" VALUES(53,'73-4.49','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_49',NULL); -INSERT INTO "TestSteps" VALUES(54,'73-4.50','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_50',NULL); -INSERT INTO "TestSteps" VALUES(55,'73-4.51','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_51',NULL); -INSERT INTO "TestSteps" VALUES(56,'73-4.52','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_52',NULL); -INSERT INTO "TestSteps" VALUES(57,'73-4.53','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_53',NULL); -INSERT INTO "TestSteps" VALUES(58,'73-4.54','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_54',NULL); -INSERT INTO "TestSteps" VALUES(59,'73-4.55','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_55',NULL); -INSERT INTO "TestSteps" VALUES(60,'73-4.56','gov.gsa.conformancelib.tests.SP800_73_4CommmonObjectTests','sp800_73_4_Test_56',NULL); -INSERT INTO "TestSteps" VALUES(61,'76.1','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_1',NULL); -INSERT INTO "TestSteps" VALUES(62,'76.2','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_2',NULL); -INSERT INTO "TestSteps" VALUES(63,'76.3','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_3',NULL); -INSERT INTO "TestSteps" VALUES(64,'76.4','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_4',NULL); -INSERT INTO "TestSteps" VALUES(65,'76.5','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_5',NULL); -INSERT INTO "TestSteps" VALUES(66,'76.6','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_6',NULL); -INSERT INTO "TestSteps" VALUES(67,'76.7','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_7',NULL); -INSERT INTO "TestSteps" VALUES(68,'76.8','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_8',NULL); -INSERT INTO "TestSteps" VALUES(69,'76.9','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_9',NULL); -INSERT INTO "TestSteps" VALUES(70,'76.10','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_10',NULL); -INSERT INTO "TestSteps" VALUES(71,'76.11','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_11',NULL); -INSERT INTO "TestSteps" VALUES(72,'76.12','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_12',NULL); -INSERT INTO "TestSteps" VALUES(73,'76.13','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_13',NULL); -INSERT INTO "TestSteps" VALUES(74,'76.14','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_14',NULL); -INSERT INTO "TestSteps" VALUES(75,'76.15a','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_15a',NULL); -INSERT INTO "TestSteps" VALUES(76,'76.15b','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_15b',NULL); -INSERT INTO "TestSteps" VALUES(77,'76.16','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_16',NULL); -INSERT INTO "TestSteps" VALUES(78,'76.17','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_17',NULL); -INSERT INTO "TestSteps" VALUES(79,'76.18','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_18',NULL); -INSERT INTO "TestSteps" VALUES(80,'76.19','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_19',NULL); -INSERT INTO "TestSteps" VALUES(81,'76.20','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_20',NULL); -INSERT INTO "TestSteps" VALUES(82,'76.21','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_21',NULL); -INSERT INTO "TestSteps" VALUES(83,'76.22','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_22',NULL); -INSERT INTO "TestSteps" VALUES(84,'76.23','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_23',NULL); -INSERT INTO "TestSteps" VALUES(85,'76.24','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_24',NULL); -INSERT INTO "TestSteps" VALUES(86,'76.25','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_25',NULL); -INSERT INTO "TestSteps" VALUES(87,'76.26','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_26',NULL); -INSERT INTO "TestSteps" VALUES(88,'76.27','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_27',NULL); -INSERT INTO "TestSteps" VALUES(89,'76.28','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_28',NULL); -INSERT INTO "TestSteps" VALUES(90,'76.29','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_29',NULL); -INSERT INTO "TestSteps" VALUES(91,'76.30','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_30',NULL); -INSERT INTO "TestSteps" VALUES(92,'76.31','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_31',NULL); -INSERT INTO "TestSteps" VALUES(93,'76.32','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_32',NULL); -INSERT INTO "TestSteps" VALUES(94,'76.33','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_33',NULL); -INSERT INTO "TestSteps" VALUES(95,'76.34','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_34',NULL); -INSERT INTO "TestSteps" VALUES(96,'76.35','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_35',NULL); -INSERT INTO "TestSteps" VALUES(97,'76.36','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_36',NULL); -INSERT INTO "TestSteps" VALUES(98,'76.37','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_37',NULL); -INSERT INTO "TestSteps" VALUES(99,'76.38','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_38',NULL); -INSERT INTO "TestSteps" VALUES(100,'76.39','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_39',NULL); -INSERT INTO "TestSteps" VALUES(101,'76.40','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_40',NULL); -INSERT INTO "TestSteps" VALUES(102,'76.41','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_41',NULL); -INSERT INTO "TestSteps" VALUES(103,'76.42','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_42',NULL); -INSERT INTO "TestSteps" VALUES(104,'76.43','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_43',NULL); -INSERT INTO "TestSteps" VALUES(105,'76.44','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_44',NULL); -INSERT INTO "TestSteps" VALUES(106,'76.45','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_45',NULL); -INSERT INTO "TestSteps" VALUES(107,'76.46','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_46',NULL); -INSERT INTO "TestSteps" VALUES(108,'76.47','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_47',NULL); -INSERT INTO "TestSteps" VALUES(109,'76.48','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_48',NULL); -INSERT INTO "TestSteps" VALUES(110,'CMS.1','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(111,'CMS.2','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(112,'CMS.3','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(113,'CMS.4','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(114,'CMS.5','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(115,'CMS.6','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(116,'CMS.7','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(117,'CMS.8','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(118,'CMS.9','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(119,'CMS.10','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(120,'CMS.11','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(121,'CMS.12','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(122,'CMS.13','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(123,'CMS.14','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(124,'CMS.15','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(125,'CMS.17','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(126,'CMS.18','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(127,'CMS.19','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(128,'CMS.20','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(129,'CMS.21','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(130,'CMS.22','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(131,'CMS.23','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(132,'CMS.24','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(133,'CMS.25','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(134,'CMS.26','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(135,'CMS.27','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(136,'CMS.28','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(137,'CMS.29','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_29',NULL); -INSERT INTO "TestSteps" VALUES(138,'CMS.30','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_30',NULL); -INSERT INTO "TestSteps" VALUES(139,'78.1','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(140,'78.2','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(141,'78.3','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(142,'PKIX.1','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(143,'PKIX.2','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(144,'PKIX.3','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(145,'PKIX.4','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(146,'PKIX.5','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(147,'PKIX.6','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(148,'PKIX.7','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(149,'PKIX.8','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(150,'PKIX.9','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(151,'PKIX.10','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(152,'PKIX.11','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(153,'PKIX.12','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(154,'PKIX.13','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(155,'PKIX.14','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(156,'PKIX.15','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(157,'PKIX.16','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(158,'PKIX.17','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(159,'PKIX.18','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(160,'PKIX.19','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(161,'PKIX.20','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(162,'PKIX.21','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(163,'PKIX.22','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(164,'PKIX.23','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(165,'PKIX.24','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(166,'PKIX.25','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(167,'PKIX.26','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(168,'PKIX.27','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(169,'PKIX.28','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(170,'PlaceholderTest.1','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_1',NULL); -INSERT INTO "TestSteps" VALUES(171,'PlaceholderTest.2','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_2',NULL); -INSERT INTO "TestSteps" VALUES(172,'PlaceholderTest.3','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_3',NULL); +INSERT INTO "TestSteps" VALUES(1,'BERTLV.1','gov.gsa.pivconformance.conformancelib.tests.BER_TLVTests','berTLV_Test_1',NULL); +INSERT INTO "TestSteps" VALUES(2,'BERTLV.2','gov.gsa.pivconformance.conformancelib.tests.BER_TLVTests','berTLV_Test_2',NULL); +INSERT INTO "TestSteps" VALUES(3,'BERTLV.3','gov.gsa.pivconformance.conformancelib.tests.BER_TLVTests','berTLV_Test_3',NULL); +INSERT INTO "TestSteps" VALUES(4,'BERTLV.4','gov.gsa.pivconformance.conformancelib.tests.BER_TLVTests','berTLV_Test_4',NULL); +INSERT INTO "TestSteps" VALUES(5,'BERTLV.5','gov.gsa.pivconformance.conformancelib.tests.BER_TLVTests','berTLV_Test_5',NULL); +INSERT INTO "TestSteps" VALUES(6,'73-4.1','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_1',NULL); +INSERT INTO "TestSteps" VALUES(7,'73-4.2','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_2',NULL); +INSERT INTO "TestSteps" VALUES(8,'73-4.3','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_3',NULL); +INSERT INTO "TestSteps" VALUES(9,'73-4.4','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_4',NULL); +INSERT INTO "TestSteps" VALUES(10,'73-4.5','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_5',NULL); +INSERT INTO "TestSteps" VALUES(11,'73-4.6','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_6',NULL); +INSERT INTO "TestSteps" VALUES(12,'73-4.7','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_7',NULL); +INSERT INTO "TestSteps" VALUES(13,'73-4.8','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_8',NULL); +INSERT INTO "TestSteps" VALUES(14,'73-4.9','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_9',NULL); +INSERT INTO "TestSteps" VALUES(15,'73-4.10','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_10',NULL); +INSERT INTO "TestSteps" VALUES(16,'73-4.11','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_11',NULL); +INSERT INTO "TestSteps" VALUES(17,'73-4.12','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_12',NULL); +INSERT INTO "TestSteps" VALUES(18,'73-4.13','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_13',NULL); +INSERT INTO "TestSteps" VALUES(19,'73-4.14','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_14',NULL); +INSERT INTO "TestSteps" VALUES(20,'73-4.15','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_15',NULL); +INSERT INTO "TestSteps" VALUES(21,'73-4.16','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_16',NULL); +INSERT INTO "TestSteps" VALUES(22,'73-4.17','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_17',NULL); +INSERT INTO "TestSteps" VALUES(23,'73-4.18','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_18',NULL); +INSERT INTO "TestSteps" VALUES(24,'73-4.19','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_19',NULL); +INSERT INTO "TestSteps" VALUES(25,'73-4.20','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_20',NULL); +INSERT INTO "TestSteps" VALUES(26,'73-4.21','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_21',NULL); +INSERT INTO "TestSteps" VALUES(27,'73-4.22','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_22',NULL); +INSERT INTO "TestSteps" VALUES(28,'73-4.23','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_23',NULL); +INSERT INTO "TestSteps" VALUES(29,'73-4.24','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_24',NULL); +INSERT INTO "TestSteps" VALUES(30,'73-4.25','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_25',NULL); +INSERT INTO "TestSteps" VALUES(31,'73-4.26','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_26',NULL); +INSERT INTO "TestSteps" VALUES(32,'73-4.27','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_27',NULL); +INSERT INTO "TestSteps" VALUES(33,'73-4.28','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_28',NULL); +INSERT INTO "TestSteps" VALUES(34,'73-4.29','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_29',NULL); +INSERT INTO "TestSteps" VALUES(35,'73-4.30','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_30',NULL); +INSERT INTO "TestSteps" VALUES(36,'73-4.31','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_31',NULL); +INSERT INTO "TestSteps" VALUES(37,'73-4.32','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4FacialImageTests','sp800_73_4_Test_32',NULL); +INSERT INTO "TestSteps" VALUES(38,'73-4.33','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_33',NULL); +INSERT INTO "TestSteps" VALUES(39,'73-4.34','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_34',NULL); +INSERT INTO "TestSteps" VALUES(40,'73-4.35','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_35',NULL); +INSERT INTO "TestSteps" VALUES(41,'73-4.36','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_36',NULL); +INSERT INTO "TestSteps" VALUES(42,'73-4.37','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_37',NULL); +INSERT INTO "TestSteps" VALUES(43,'73-4.38','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_38',NULL); +INSERT INTO "TestSteps" VALUES(44,'73-4.40','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_40',NULL); +INSERT INTO "TestSteps" VALUES(45,'73-4.41','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_41',NULL); +INSERT INTO "TestSteps" VALUES(46,'73-4.42','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_42',NULL); +INSERT INTO "TestSteps" VALUES(47,'73-4.43','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_43',NULL); +INSERT INTO "TestSteps" VALUES(48,'73-4.44','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_44',NULL); +INSERT INTO "TestSteps" VALUES(49,'73-4.45','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_45',NULL); +INSERT INTO "TestSteps" VALUES(50,'73-4.46','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_46',NULL); +INSERT INTO "TestSteps" VALUES(51,'73-4.47','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_47',NULL); +INSERT INTO "TestSteps" VALUES(52,'73-4.48','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_48',NULL); +INSERT INTO "TestSteps" VALUES(53,'73-4.49','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_49',NULL); +INSERT INTO "TestSteps" VALUES(54,'73-4.50','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_50',NULL); +INSERT INTO "TestSteps" VALUES(55,'73-4.51','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_51',NULL); +INSERT INTO "TestSteps" VALUES(56,'73-4.52','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_52',NULL); +INSERT INTO "TestSteps" VALUES(57,'73-4.53','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_53',NULL); +INSERT INTO "TestSteps" VALUES(58,'73-4.54','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_54',NULL); +INSERT INTO "TestSteps" VALUES(59,'73-4.55','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_55',NULL); +INSERT INTO "TestSteps" VALUES(60,'73-4.56','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CommmonObjectTests','sp800_73_4_Test_56',NULL); +INSERT INTO "TestSteps" VALUES(61,'76.1','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_1',NULL); +INSERT INTO "TestSteps" VALUES(62,'76.2','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_2',NULL); +INSERT INTO "TestSteps" VALUES(63,'76.3','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_3',NULL); +INSERT INTO "TestSteps" VALUES(64,'76.4','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_4',NULL); +INSERT INTO "TestSteps" VALUES(65,'76.5','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_5',NULL); +INSERT INTO "TestSteps" VALUES(66,'76.6','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_6',NULL); +INSERT INTO "TestSteps" VALUES(67,'76.7','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_7',NULL); +INSERT INTO "TestSteps" VALUES(68,'76.8','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_8',NULL); +INSERT INTO "TestSteps" VALUES(69,'76.9','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_9',NULL); +INSERT INTO "TestSteps" VALUES(70,'76.10','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_10',NULL); +INSERT INTO "TestSteps" VALUES(71,'76.11','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_11',NULL); +INSERT INTO "TestSteps" VALUES(72,'76.12','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_12',NULL); +INSERT INTO "TestSteps" VALUES(73,'76.13','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_13',NULL); +INSERT INTO "TestSteps" VALUES(74,'76.14','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_14',NULL); +INSERT INTO "TestSteps" VALUES(75,'76.15a','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_15a',NULL); +INSERT INTO "TestSteps" VALUES(76,'76.15b','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_15b',NULL); +INSERT INTO "TestSteps" VALUES(77,'76.16','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_16',NULL); +INSERT INTO "TestSteps" VALUES(78,'76.17','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_17',NULL); +INSERT INTO "TestSteps" VALUES(79,'76.18','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_18',NULL); +INSERT INTO "TestSteps" VALUES(80,'76.19','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_19',NULL); +INSERT INTO "TestSteps" VALUES(81,'76.20','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_20',NULL); +INSERT INTO "TestSteps" VALUES(82,'76.21','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_21',NULL); +INSERT INTO "TestSteps" VALUES(83,'76.22','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_22',NULL); +INSERT INTO "TestSteps" VALUES(84,'76.23','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_23',NULL); +INSERT INTO "TestSteps" VALUES(85,'76.24','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_24',NULL); +INSERT INTO "TestSteps" VALUES(86,'76.25','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_25',NULL); +INSERT INTO "TestSteps" VALUES(87,'76.26','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_26',NULL); +INSERT INTO "TestSteps" VALUES(88,'76.27','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_27',NULL); +INSERT INTO "TestSteps" VALUES(89,'76.28','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_28',NULL); +INSERT INTO "TestSteps" VALUES(90,'76.29','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_29',NULL); +INSERT INTO "TestSteps" VALUES(91,'76.30','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_30',NULL); +INSERT INTO "TestSteps" VALUES(92,'76.31','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_31',NULL); +INSERT INTO "TestSteps" VALUES(93,'76.32','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_32',NULL); +INSERT INTO "TestSteps" VALUES(94,'76.33','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_33',NULL); +INSERT INTO "TestSteps" VALUES(95,'76.34','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_34',NULL); +INSERT INTO "TestSteps" VALUES(96,'76.35','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_35',NULL); +INSERT INTO "TestSteps" VALUES(97,'76.36','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_36',NULL); +INSERT INTO "TestSteps" VALUES(98,'76.37','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_37',NULL); +INSERT INTO "TestSteps" VALUES(99,'76.38','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_38',NULL); +INSERT INTO "TestSteps" VALUES(100,'76.39','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_39',NULL); +INSERT INTO "TestSteps" VALUES(101,'76.40','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_40',NULL); +INSERT INTO "TestSteps" VALUES(102,'76.41','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_41',NULL); +INSERT INTO "TestSteps" VALUES(103,'76.42','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_42',NULL); +INSERT INTO "TestSteps" VALUES(104,'76.43','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_43',NULL); +INSERT INTO "TestSteps" VALUES(105,'76.44','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_44',NULL); +INSERT INTO "TestSteps" VALUES(106,'76.45','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_45',NULL); +INSERT INTO "TestSteps" VALUES(107,'76.46','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_46',NULL); +INSERT INTO "TestSteps" VALUES(108,'76.47','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_47',NULL); +INSERT INTO "TestSteps" VALUES(109,'76.48','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_48',NULL); +INSERT INTO "TestSteps" VALUES(110,'CMS.1','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_1',NULL); +INSERT INTO "TestSteps" VALUES(111,'CMS.2','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_2',NULL); +INSERT INTO "TestSteps" VALUES(112,'CMS.3','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_3',NULL); +INSERT INTO "TestSteps" VALUES(113,'CMS.4','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_4',NULL); +INSERT INTO "TestSteps" VALUES(114,'CMS.5','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_5',NULL); +INSERT INTO "TestSteps" VALUES(115,'CMS.6','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_6',NULL); +INSERT INTO "TestSteps" VALUES(116,'CMS.7','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_7',NULL); +INSERT INTO "TestSteps" VALUES(117,'CMS.8','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_8',NULL); +INSERT INTO "TestSteps" VALUES(118,'CMS.9','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_9',NULL); +INSERT INTO "TestSteps" VALUES(119,'CMS.10','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_10',NULL); +INSERT INTO "TestSteps" VALUES(120,'CMS.11','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_11',NULL); +INSERT INTO "TestSteps" VALUES(121,'CMS.12','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_12',NULL); +INSERT INTO "TestSteps" VALUES(122,'CMS.13','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_13',NULL); +INSERT INTO "TestSteps" VALUES(123,'CMS.14','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_14',NULL); +INSERT INTO "TestSteps" VALUES(124,'CMS.15','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_15',NULL); +INSERT INTO "TestSteps" VALUES(125,'CMS.17','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_17',NULL); +INSERT INTO "TestSteps" VALUES(126,'CMS.18','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_18',NULL); +INSERT INTO "TestSteps" VALUES(127,'CMS.19','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_19',NULL); +INSERT INTO "TestSteps" VALUES(128,'CMS.20','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_20',NULL); +INSERT INTO "TestSteps" VALUES(129,'CMS.21','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_21',NULL); +INSERT INTO "TestSteps" VALUES(130,'CMS.22','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_22',NULL); +INSERT INTO "TestSteps" VALUES(131,'CMS.23','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_23',NULL); +INSERT INTO "TestSteps" VALUES(132,'CMS.24','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_24',NULL); +INSERT INTO "TestSteps" VALUES(133,'CMS.25','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_25',NULL); +INSERT INTO "TestSteps" VALUES(134,'CMS.26','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_26',NULL); +INSERT INTO "TestSteps" VALUES(135,'CMS.27','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_27',NULL); +INSERT INTO "TestSteps" VALUES(136,'CMS.28','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_28',NULL); +INSERT INTO "TestSteps" VALUES(137,'CMS.29','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_29',NULL); +INSERT INTO "TestSteps" VALUES(138,'CMS.30','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_30',NULL); +INSERT INTO "TestSteps" VALUES(139,'78.1','gov.gsa.pivconformance.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_1',NULL); +INSERT INTO "TestSteps" VALUES(140,'78.2','gov.gsa.pivconformance.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_2',NULL); +INSERT INTO "TestSteps" VALUES(141,'78.3','gov.gsa.pivconformance.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_3',NULL); +INSERT INTO "TestSteps" VALUES(142,'PKIX.1','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_1',NULL); +INSERT INTO "TestSteps" VALUES(143,'PKIX.2','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_2',NULL); +INSERT INTO "TestSteps" VALUES(144,'PKIX.3','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_3',NULL); +INSERT INTO "TestSteps" VALUES(145,'PKIX.4','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_4',NULL); +INSERT INTO "TestSteps" VALUES(146,'PKIX.5','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_5',NULL); +INSERT INTO "TestSteps" VALUES(147,'PKIX.6','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_6',NULL); +INSERT INTO "TestSteps" VALUES(148,'PKIX.7','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_7',NULL); +INSERT INTO "TestSteps" VALUES(149,'PKIX.8','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_8',NULL); +INSERT INTO "TestSteps" VALUES(150,'PKIX.9','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_9',NULL); +INSERT INTO "TestSteps" VALUES(151,'PKIX.10','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_10',NULL); +INSERT INTO "TestSteps" VALUES(152,'PKIX.11','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_11',NULL); +INSERT INTO "TestSteps" VALUES(153,'PKIX.12','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_12',NULL); +INSERT INTO "TestSteps" VALUES(154,'PKIX.13','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_13',NULL); +INSERT INTO "TestSteps" VALUES(155,'PKIX.14','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_14',NULL); +INSERT INTO "TestSteps" VALUES(156,'PKIX.15','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_15',NULL); +INSERT INTO "TestSteps" VALUES(157,'PKIX.16','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_16',NULL); +INSERT INTO "TestSteps" VALUES(158,'PKIX.17','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_17',NULL); +INSERT INTO "TestSteps" VALUES(159,'PKIX.18','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_18',NULL); +INSERT INTO "TestSteps" VALUES(160,'PKIX.19','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_19',NULL); +INSERT INTO "TestSteps" VALUES(161,'PKIX.20','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_20',NULL); +INSERT INTO "TestSteps" VALUES(162,'PKIX.21','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_21',NULL); +INSERT INTO "TestSteps" VALUES(163,'PKIX.22','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_22',NULL); +INSERT INTO "TestSteps" VALUES(164,'PKIX.23','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_23',NULL); +INSERT INTO "TestSteps" VALUES(165,'PKIX.24','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_24',NULL); +INSERT INTO "TestSteps" VALUES(166,'PKIX.25','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_25',NULL); +INSERT INTO "TestSteps" VALUES(167,'PKIX.26','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_26',NULL); +INSERT INTO "TestSteps" VALUES(168,'PKIX.27','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_27',NULL); +INSERT INTO "TestSteps" VALUES(169,'PKIX.28','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_28',NULL); +INSERT INTO "TestSteps" VALUES(170,'PlaceholderTest.1','gov.gsa.pivconformance.conformancelib.tests.PlaceholderTests','PlaceholderTest_1',NULL); +INSERT INTO "TestSteps" VALUES(171,'PlaceholderTest.2','gov.gsa.pivconformance.conformancelib.tests.PlaceholderTests','PlaceholderTest_2',NULL); +INSERT INTO "TestSteps" VALUES(172,'PlaceholderTest.3','gov.gsa.pivconformance.conformancelib.tests.PlaceholderTests','PlaceholderTest_3',NULL); INSERT INTO "TestStepParameters" VALUES(1, 21,NULL,'15',0); INSERT INTO "TestStepParameters" VALUES(2, 99,NULL,'CARDHOLDER_FINGERPRINTS_OID:513',0); INSERT INTO "TestStepParameters" VALUES(3, 99,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:1281',1); diff --git a/conformancelib/testdata/PIV-I_ICAM_Test_Cards.xlsx b/conformancelib/testdata/PIV-I_ICAM_Test_Cards.xlsx index 4804f128..43d53365 100644 Binary files a/conformancelib/testdata/PIV-I_ICAM_Test_Cards.xlsx and b/conformancelib/testdata/PIV-I_ICAM_Test_Cards.xlsx differ diff --git a/conformancelib/testdata/PIV-I_IdenTrust_Cards.db b/conformancelib/testdata/PIV-I_IdenTrust_Cards.db deleted file mode 100644 index 01bc1d8c..00000000 Binary files a/conformancelib/testdata/PIV-I_IdenTrust_Cards.db and /dev/null differ diff --git a/conformancelib/testdata/PIV-I_IdenTrust_Cards.sql b/conformancelib/testdata/PIV-I_IdenTrust_Cards.sql deleted file mode 100644 index 6c305117..00000000 --- a/conformancelib/testdata/PIV-I_IdenTrust_Cards.sql +++ /dev/null @@ -1,1112 +0,0 @@ --- TestSteps are what we've been referring to as atoms -CREATE TABLE IF NOT EXISTS "TestSteps" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `Description` TEXT, -- column 2 on each tab - `Class` TEXT, -- fully qualified class name - `Method` TEXT, -- method to invoke for the atom - `NumParameters` INTEGER -- parameter count. not really necessary but was briefly helpful, so it's still here -); - --- Map test cases to their atoms -CREATE TABLE IF NOT EXISTS "TestsToSteps" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestStepId` INTEGER, --Foreign key TestSteps.Id - `TestId` INTEGER, --Foreign key TestCases.Id - `ExecutionOrder` INTEGER, --Sequence of atoms for a test case - `Status` INTEGER -- runners can populate with status info to see which step failed -); - --- used to pass parameters to atoms -CREATE TABLE IF NOT EXISTS "TestStepParameters" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestStepId` INTEGER, --TestSteps.Id - `TestId` INTEGER, --TestCases.Id - `Value` TEXT, --Parameter Value - `ParamOrder` TEXT --Parameter order... idea here was one row for each pattern to be passed into a particular invocation of an atom. - --If we settle on a string of key=value for the Value field, this could be OBE -); - --- TestCases is the primary driver of the test runner -CREATE TABLE IF NOT EXISTS "TestCases" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestGroup` TEXT, -- can be filled in to allow selective execution by the runner. not in spreadsheet - `TestCaseIdentifier` TEXT, -- section column on step overview tab - `TestCaseDescription` TEXT, -- description column on step overview tab - `TestCaseContainer` TEXT, -- ID of the container the test case applies to, if necessary - `Status` INTEGER, -- to be populated by runner - `ExpectedStatus` INTEGER, -- everything on the spreadsheet should get 1 here - primarily present to give runners a way to mark tests that should fail - `Enabled` INTEGER -- allows the runner to enable/disable test cases. default to 1 -); - --- Allow runners to create test groups. not in spreadsheet -CREATE TABLE IF NOT EXISTS "TestGroups" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `GroupDescription` TEXT -); - --- Allow runners to create test groups. not in spreadsheet -CREATE TABLE IF NOT EXISTS "GroupsToTestCases" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestGroupId` INTEGER, --TestGroups.Id - `TestCaseId` INTEGER --TestCases.Id -); - --- this isn't really going to be used by the look of things. probably should --- be eliminated, but it's harmless and has been intermittently useful in dev. -CREATE TABLE IF NOT EXISTS "SystemSettings" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `ReaderName` TEXT, - `ApplicationPIN` TEXT, - `OutputDirectory` TEXT, - `SettingsGroup` TEXT, - `GPMasterKey` TEXT -); - -INSERT INTO "TestSteps" VALUES(1,'BERTLV.1','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(2,'BERTLV.2','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(3,'BERTLV.3','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(4,'BERTLV.4','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(5,'BERTLV.5','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(6,'73-4.1','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(7,'73-4.2','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(8,'73-4.3','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(9,'73-4.4','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(10,'73-4.5','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(11,'73-4.6','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(12,'73-4.7','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(13,'73-4.8','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(14,'73-4.9','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(15,'73-4.10','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(16,'73-4.11','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(17,'73-4.12','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(18,'73-4.13','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(19,'73-4.14','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(20,'73-4.15','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(21,'73-4.16','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(22,'73-4.17','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(23,'73-4.18','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(24,'73-4.19','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(25,'73-4.20','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(26,'73-4.21','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(27,'73-4.22','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(28,'73-4.23','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(29,'73-4.24','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(30,'73-4.25','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(31,'73-4.26','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(32,'73-4.27','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(33,'73-4.28','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(34,'73-4.29','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_29',NULL); -INSERT INTO "TestSteps" VALUES(35,'73-4.30','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_30',NULL); -INSERT INTO "TestSteps" VALUES(36,'73-4.31','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_31',NULL); -INSERT INTO "TestSteps" VALUES(37,'73-4.32','gov.gsa.conformancelib.tests.SP800_73_4FacialImageTests','sp800_73_4_Test_32',NULL); -INSERT INTO "TestSteps" VALUES(38,'73-4.33','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_33',NULL); -INSERT INTO "TestSteps" VALUES(39,'73-4.34','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_34',NULL); -INSERT INTO "TestSteps" VALUES(40,'73-4.35','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_35',NULL); -INSERT INTO "TestSteps" VALUES(41,'73-4.36','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_36',NULL); -INSERT INTO "TestSteps" VALUES(42,'73-4.37','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_37',NULL); -INSERT INTO "TestSteps" VALUES(43,'73-4.38','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_38',NULL); -INSERT INTO "TestSteps" VALUES(44,'73-4.40','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_40',NULL); -INSERT INTO "TestSteps" VALUES(45,'73-4.41','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_41',NULL); -INSERT INTO "TestSteps" VALUES(46,'73-4.42','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_42',NULL); -INSERT INTO "TestSteps" VALUES(47,'73-4.43','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_43',NULL); -INSERT INTO "TestSteps" VALUES(48,'73-4.44','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_44',NULL); -INSERT INTO "TestSteps" VALUES(49,'73-4.45','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_45',NULL); -INSERT INTO "TestSteps" VALUES(50,'73-4.46','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_46',NULL); -INSERT INTO "TestSteps" VALUES(51,'73-4.47','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_47',NULL); -INSERT INTO "TestSteps" VALUES(52,'73-4.48','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_48',NULL); -INSERT INTO "TestSteps" VALUES(53,'73-4.49','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_49',NULL); -INSERT INTO "TestSteps" VALUES(54,'73-4.50','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_50',NULL); -INSERT INTO "TestSteps" VALUES(55,'73-4.51','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_51',NULL); -INSERT INTO "TestSteps" VALUES(56,'73-4.52','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_52',NULL); -INSERT INTO "TestSteps" VALUES(57,'73-4.53','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_53',NULL); -INSERT INTO "TestSteps" VALUES(58,'73-4.54','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_54',NULL); -INSERT INTO "TestSteps" VALUES(59,'73-4.55','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_55',NULL); -INSERT INTO "TestSteps" VALUES(60,'73-4.56','gov.gsa.conformancelib.tests.SP800_73_4CommmonObjectTests','sp800_73_4_Test_56',NULL); -INSERT INTO "TestSteps" VALUES(61,'76.1','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_1',NULL); -INSERT INTO "TestSteps" VALUES(62,'76.2','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_2',NULL); -INSERT INTO "TestSteps" VALUES(63,'76.3','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_3',NULL); -INSERT INTO "TestSteps" VALUES(64,'76.4','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_4',NULL); -INSERT INTO "TestSteps" VALUES(65,'76.5','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_5',NULL); -INSERT INTO "TestSteps" VALUES(66,'76.6','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_6',NULL); -INSERT INTO "TestSteps" VALUES(67,'76.7','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_7',NULL); -INSERT INTO "TestSteps" VALUES(68,'76.8','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_8',NULL); -INSERT INTO "TestSteps" VALUES(69,'76.9','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_9',NULL); -INSERT INTO "TestSteps" VALUES(70,'76.10','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_10',NULL); -INSERT INTO "TestSteps" VALUES(71,'76.11','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_11',NULL); -INSERT INTO "TestSteps" VALUES(72,'76.12','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_12',NULL); -INSERT INTO "TestSteps" VALUES(73,'76.13','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_13',NULL); -INSERT INTO "TestSteps" VALUES(74,'76.14','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_14',NULL); -INSERT INTO "TestSteps" VALUES(75,'76.15a','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_15a',NULL); -INSERT INTO "TestSteps" VALUES(76,'76.15b','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_15b',NULL); -INSERT INTO "TestSteps" VALUES(77,'76.16','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_16',NULL); -INSERT INTO "TestSteps" VALUES(78,'76.17','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_17',NULL); -INSERT INTO "TestSteps" VALUES(79,'76.18','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_18',NULL); -INSERT INTO "TestSteps" VALUES(80,'76.19','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_19',NULL); -INSERT INTO "TestSteps" VALUES(81,'76.20','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_20',NULL); -INSERT INTO "TestSteps" VALUES(82,'76.21','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_21',NULL); -INSERT INTO "TestSteps" VALUES(83,'76.22','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_22',NULL); -INSERT INTO "TestSteps" VALUES(84,'76.23','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_23',NULL); -INSERT INTO "TestSteps" VALUES(85,'76.24','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_24',NULL); -INSERT INTO "TestSteps" VALUES(86,'76.25','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_25',NULL); -INSERT INTO "TestSteps" VALUES(87,'76.26','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_26',NULL); -INSERT INTO "TestSteps" VALUES(88,'76.27','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_27',NULL); -INSERT INTO "TestSteps" VALUES(89,'76.28','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_28',NULL); -INSERT INTO "TestSteps" VALUES(90,'76.29','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_29',NULL); -INSERT INTO "TestSteps" VALUES(91,'76.30','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_30',NULL); -INSERT INTO "TestSteps" VALUES(92,'76.31','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_31',NULL); -INSERT INTO "TestSteps" VALUES(93,'76.32','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_32',NULL); -INSERT INTO "TestSteps" VALUES(94,'76.33','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_33',NULL); -INSERT INTO "TestSteps" VALUES(95,'76.34','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_34',NULL); -INSERT INTO "TestSteps" VALUES(96,'76.35','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_35',NULL); -INSERT INTO "TestSteps" VALUES(97,'76.36','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_36',NULL); -INSERT INTO "TestSteps" VALUES(98,'76.37','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_37',NULL); -INSERT INTO "TestSteps" VALUES(99,'76.38','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_38',NULL); -INSERT INTO "TestSteps" VALUES(100,'76.39','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_39',NULL); -INSERT INTO "TestSteps" VALUES(101,'76.40','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_40',NULL); -INSERT INTO "TestSteps" VALUES(102,'76.41','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_41',NULL); -INSERT INTO "TestSteps" VALUES(103,'76.42','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_42',NULL); -INSERT INTO "TestSteps" VALUES(104,'76.43','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_43',NULL); -INSERT INTO "TestSteps" VALUES(105,'76.44','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_44',NULL); -INSERT INTO "TestSteps" VALUES(106,'76.45','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_45',NULL); -INSERT INTO "TestSteps" VALUES(107,'76.46','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_46',NULL); -INSERT INTO "TestSteps" VALUES(108,'76.47','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_47',NULL); -INSERT INTO "TestSteps" VALUES(109,'76.48','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_48',NULL); -INSERT INTO "TestSteps" VALUES(110,'CMS.1','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(111,'CMS.2','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(112,'CMS.3','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(113,'CMS.4','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(114,'CMS.5','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(115,'CMS.6','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(116,'CMS.7','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(117,'CMS.8','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(118,'CMS.9','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(119,'CMS.10','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(120,'CMS.11','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(121,'CMS.12','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(122,'CMS.13','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(123,'CMS.14','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(124,'CMS.15','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(125,'CMS.17','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(126,'CMS.18','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(127,'CMS.19','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(128,'CMS.20','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(129,'CMS.21','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(130,'CMS.22','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(131,'CMS.23','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(132,'CMS.24','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(133,'CMS.25','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(134,'CMS.26','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(135,'CMS.27','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(136,'CMS.28','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(137,'CMS.29','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_29',NULL); -INSERT INTO "TestSteps" VALUES(138,'CMS.30','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_30',NULL); -INSERT INTO "TestSteps" VALUES(139,'78.1','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(140,'78.2','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(141,'78.3','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(142,'PKIX.1','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(143,'PKIX.2','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(144,'PKIX.3','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(145,'PKIX.4','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(146,'PKIX.5','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(147,'PKIX.6','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(148,'PKIX.7','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(149,'PKIX.8','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(150,'PKIX.9','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(151,'PKIX.10','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(152,'PKIX.11','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(153,'PKIX.12','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(154,'PKIX.13','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(155,'PKIX.14','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(156,'PKIX.15','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(157,'PKIX.16','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(158,'PKIX.17','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(159,'PKIX.18','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(160,'PKIX.19','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(161,'PKIX.20','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(162,'PKIX.21','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(163,'PKIX.22','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(164,'PKIX.23','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(165,'PKIX.24','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(166,'PKIX.25','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(167,'PKIX.26','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(168,'PKIX.27','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(169,'PKIX.28','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(170,'PlaceholderTest.1','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_1',NULL); -INSERT INTO "TestSteps" VALUES(171,'PlaceholderTest.2','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_2',NULL); -INSERT INTO "TestSteps" VALUES(172,'PlaceholderTest.3','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_3',NULL); -INSERT INTO "TestStepParameters" VALUES(1, 21,NULL,'6',0); -INSERT INTO "TestStepParameters" VALUES(2, 99,NULL,'CARDHOLDER_FINGERPRINTS_OID:513',0); -INSERT INTO "TestStepParameters" VALUES(3, 99,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:1281',1); -INSERT INTO "TestStepParameters" VALUES(4, 99,NULL,'CARDHOLDER_IRIS_IMAGES_OID:9',2); -INSERT INTO "TestStepParameters" VALUES(5, 102,NULL,'CARDHOLDER_FINGERPRINTS_OID:8',0); -INSERT INTO "TestStepParameters" VALUES(6, 102,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:2',1); -INSERT INTO "TestStepParameters" VALUES(7, 102,NULL,'CARDHOLDER_IRIS_IMAGES_OID:16',2); -INSERT INTO "TestStepParameters" VALUES(8, 103,NULL,'CARDHOLDER_FINGERPRINTS_OID:128',0); -INSERT INTO "TestStepParameters" VALUES(9, 103,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:32:2',1); -INSERT INTO "TestStepParameters" VALUES(10, 103,NULL,'CARDHOLDER_IRIS_IMAGES_OID:64',2); -INSERT INTO "TestStepParameters" VALUES(11, 104,NULL,'-2',0); -INSERT INTO "TestStepParameters" VALUES(12, 104,NULL,'100',1); -INSERT INTO "TestStepParameters" VALUES(13, 114,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID:2.16.840.1.101.3.6.1',0); -INSERT INTO "TestStepParameters" VALUES(14, 114,NULL,'CARDHOLDER_FINGERPRINTS_OID:2.16.840.1.101.3.6.2',1); -INSERT INTO "TestStepParameters" VALUES(15, 114,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:2.16.840.1.101.3.6.2',2); -INSERT INTO "TestStepParameters" VALUES(16, 114,NULL,'CARDHOLDER_IRIS_IMAGES_OID:2.16.840',3); -INSERT INTO "TestStepParameters" VALUES(17, 124,NULL,'2.16.840.1.101.3.8.7',0); -INSERT INTO "TestStepParameters" VALUES(18, 125,NULL,'1.3.6.1.1.16.4',0); -INSERT INTO "TestStepParameters" VALUES(19, 147,NULL,'X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID:2.16.840.1.113839.0.100.18.0',0); -INSERT INTO "TestStepParameters" VALUES(20, 147,NULL,'X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID:2.16.840.1.113839.0.100.18.1',1); -INSERT INTO "TestStepParameters" VALUES(21, 147,NULL,'X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID:2.16.840.1.113839.0.100.18.2',2); -INSERT INTO "TestStepParameters" VALUES(22, 147,NULL,'X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID:2.16.840.1.113839.0.100.19.1',3); -INSERT INTO "TestStepParameters" VALUES(23, 147,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID:2.16.840.1.113839.0.100.20.1',4); -INSERT INTO "TestStepParameters" VALUES(24, 159,NULL,'2.16.840.1.101.3.2.1.3.19',0); -INSERT INTO "TestStepParameters" VALUES(25, 161,NULL,'X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID:2.16.840.1.101.3.6.8',0); -INSERT INTO "TestStepParameters" VALUES(26, 161,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID:2.16.840.1.101.3.8.7',1); -INSERT INTO "TestStepParameters" VALUES(27, 162,NULL,'1.3.6.1.4.1.45606.3.1.22',0); -INSERT INTO "TestStepParameters" VALUES(28, 165,NULL,'2.5.29.31',0); -INSERT INTO "TestStepParameters" VALUES(29, 168,NULL,'1.3.6.1.1.16.4',0); -INSERT INTO "TestStepParameters" VALUES(30, 171,NULL,'1',0); -INSERT INTO "TestStepParameters" VALUES(31, 171,NULL,'2',1); -INSERT INTO "TestStepParameters" VALUES(32, 171,NULL,'3',2); -INSERT INTO "TestStepParameters" VALUES(33, 172,NULL,'CAT:SLEEPY',0); -INSERT INTO "TestStepParameters" VALUES(34, 172,NULL,'DOG:HUNGRY',1); -INSERT INTO "TestStepParameters" VALUES(35, 172,NULL,'ELEPHANT:SAD',2); -INSERT INTO "TestCases" VALUES(1, NULL,'8 BER_TLV','BER-TLV Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(2, NULL,'8.1 CCC','Card Capabilities Container','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(3, NULL,'8.1.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(4, NULL,'8.1.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(5, NULL,'8.1.0.2','Tag encoded as 3 bytes','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(6, NULL,'8.1.0.3','Each data object returned with 2 byte status word (90 00)','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(7, NULL,'8.1.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(8, NULL,'8.1.1','CCC Registered data model element is present and has a value of 0x10.','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(9, NULL,'8.1.2','CCC BERTLV tag is 5FC107','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(10, NULL,'8.1.3','CCC Tags 0xF0, 0xF1, 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7, 0xFA, 0xFB, 0xFC, 0xFD present in that order','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(11, NULL,'8.1.8','CCC Optional Tags 0xE3 and 0xB4 may be present or absent; if present are after tags listed in and are in that order','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(12, NULL,'8.1.9','CCC Tag 0xFE present and after any tags from 73-4.3 and 73-4.4','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(13, NULL,'8.1.10','Confirm that tag 0xFE has length of 0','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(14, NULL,'8.1.11','CCC value lengths comply with Table 8 of SP 800-73-4','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(15, NULL,'8.2 CHUID','Card Holder Unique Identifier','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(16, NULL,'8.2.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(17, NULL,'8.2.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(18, NULL,'8.2.0.2','Tag encoded as 3 bytes','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(19, NULL,'8.2.0.3','Each data object returned with 2 byte status word (90 00)','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(20, NULL,'8.2.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(21, NULL,'8.2.1','CHUID value lengths comply with Table 9 of SP 800-73-4','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(22, NULL,'8.2.2.1','Tag 0x30 is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(23, NULL,'8.2.2.2','Tag 0x30 is the first tag or the first tag following 0xEE','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(24, NULL,'8.2.2.3','Tags 0x32 and 0x33 are optionally present and must follow 0x30 in that order','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(25, NULL,'8.2.2.4','Tag 0x34 is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(26, NULL,'8.2.2.5','Tag 0x34 follows Tag 0x30, 32, or 0x33','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(27, NULL,'8.2.2.6','Tag 0x35 is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(28, NULL,'8.2.2.7','Tag 0x35 follows Tag 0x34','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(29, NULL,'8.2.2.8','Tag 0x36 is optionally present and follows Tag 0x35','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(30, NULL,'8.2.2.9','Tags 0x3E and 0xFE are present and follow tags in that order','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(31, NULL,'8.2.2.10','Tag 0x3E is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(32, NULL,'8.2.2.11','Tag 0x3E follows Tag 0x35 or 0x36','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(33, NULL,'8.2.2.12','Tag 0xFE is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(34, NULL,'8.2.2.13','Tag 0xFE follows Tag 0x3E','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(35, NULL,'8.2.2.14','If CHUID tag 0xEE is present, it is the first tag in the blob','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(36, NULL,'8.2.2.15','No tags other than (0xEE, 0x30, 0x32, 0x33, 0x34, 0x35, 0x36, 0x3E, 0xFE) are present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(37, NULL,'8.2.3','Expiration Date is formatted YYYYMMDD','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(38, NULL,'8.2.4','Expiration Date is within the next 6 years','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(39, NULL,'8.2.5','If the CHUID contains the optional Cardholder UUID, then the data element shall be in accordance with 800 73-4 Part 1 Section 3.4.2.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(40, NULL,'8.2.6','The retired key map is not present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(41, NULL,'8.2.7','Tag 0xFE has length of 0','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(42, NULL,'8.3 Authentication Cert','X.509 Certificate for PIV-I Authentication','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(43, NULL,'8.3.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(44, NULL,'8.3.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(45, NULL,'8.3.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(46, NULL,'8.3.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(47, NULL,'8.3.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(48, NULL,'8.3.1','PIV Authentication Certificate container value lengths comply with Table 10 of SP 800-73-4','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(49, NULL,'8.3.2.1','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(50, NULL,'8.3.2.2','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(51, NULL,'8.3.2.3','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(52, NULL,'8.3.2.4','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(53, NULL,'8.3.2.5','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(54, NULL,'8.4 Fingerprints','Card Holder Fingerprints','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(55, NULL,'8.4.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(56, NULL,'8.4.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(57, NULL,'8.4.0.2','Tag encoded as 3 bytes','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(58, NULL,'8.4.0.3','Each data object returned with 2 byte status word (90 00)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(59, NULL,'8.4.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(60, NULL,'8.4.5','Card Holder Fingerprints value lengths comply with Table 11 of SP 800-73-4','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(61, NULL,'8.4.6','If CHUID tag 0xEE is present, it is the first tag in the blob','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(62, NULL,'8.4.7','Tag 0x30 is present and is the first tag or the first tag following 0xEE','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(63, NULL,'8.4.8','Tags 0x32 and 0x33 are optionally present and must follow 0x30 in that order','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(64, NULL,'8.4.9','Tag 0xFE has length of 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(65, NULL,'8.5 Printed Information','Printed Information','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(66, NULL,'8.5.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(67, NULL,'8.5.0.1','Length field encoded as shown in SP800-85B Table 8.1','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(68, NULL,'8.5.0.2','Tag encoded as 3 bytes','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(69, NULL,'8.5.0.3','Each data object returned with 2 byte status word (90 00)','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(70, NULL,'8.5.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(71, NULL,'8.5.1.1','Printed Information value lengths comply with Table 14 of SP 800-73-4','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(72, NULL,'8.5.1.2','Printed Information Tags 0x01, 0x02, 0x05, 0x06 are present in that order','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(73, NULL,'8.5.1.3','Printed Information Tags 0x01, 0x02, 0x05, 0x06 are in that order','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(74, NULL,'8.5.1.4','Printed Information Tag 0xFE follows Tag 0x06, or optional Tags 0x07 or 0x08','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(75, NULL,'8.5.1.5','Printed Information Tags 0x07 and 0x08 are optionally present in that order, following the tags from 73-4.28','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(76, NULL,'8.5.1.6','Printed Information Tag 0xFE is present','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(77, NULL,'8.5.1.7','No Printed Information tags other than (0x01, 0x02, 0x05, 0x06, 0x07, 0x08, 0xFE) are present','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(78, NULL,'8.5.1.8','Tag 0xFE has length of 0','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(79, NULL,'8.6 Facial Image','Card Holder Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(80, NULL,'8.6.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(81, NULL,'8.6.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(82, NULL,'8.6.0.2','Tag encoded as 3 bytes','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(83, NULL,'8.6.0.3','Each data object returned with 2 byte status word (90 00)','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(84, NULL,'8.6.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(85, NULL,'8.6.1.1','Printed Information value lengths comply with Table 13 of SP 800-73-4','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(86, NULL,'8.6.1.2','Position is one of the valid x,y coordinate types in the original image','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(87, NULL,'8.6.1.3','No tags other than (0xBC, 0xFE) are present','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(88, NULL,'8.6..4','Tag 0xFE has length of 0','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(89, NULL,'8.7 Digital Signature Cert','X.509 Certificate for Digital Signature','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(90, NULL,'8.7.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(91, NULL,'8.7.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(92, NULL,'8.7.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(93, NULL,'8.7.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(94, NULL,'8.7.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(95, NULL,'8.7.1.1','X.509 Certificate for Digital Signature container value lengths comply with Table 15 of SP 800-73-4','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(96, NULL,'8.7.1.2','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(97, NULL,'8.7.1.3','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(98, NULL,'8.7.1.4','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(99, NULL,'8.7.1.5','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(100, NULL,'8.7.1.6','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(101, NULL,'8.8 Key Management Cert','X.509 Certificate for Key Management','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(102, NULL,'8.8.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(103, NULL,'8.8.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(104, NULL,'8.8.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(105, NULL,'8.8.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(106, NULL,'8.8.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(107, NULL,'8.8.1.1','X.509 Certificate for Key Management container value lengths comply with Table 16 of SP 800-73-4','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(108, NULL,'8.8.1.2','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(109, NULL,'8.8.1.3','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(110, NULL,'8.8.1.4','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(111, NULL,'8.8.1.5','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(112, NULL,'8.8.1.6','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(113, NULL,'8.9 Card Auth Cert','X.509 Certificate for Card Authentication','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(114, NULL,'8.9.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(115, NULL,'8.9.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(116, NULL,'8.9.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(117, NULL,'8.9.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(118, NULL,'8.9.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(119, NULL,'8.9.1.1','X.509 Certificate for Card Authentication value lengths comply with Table 17 of SP 800-73-4','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(120, NULL,'8.9.1.2','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(121, NULL,'8.9.1.3','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(122, NULL,'8.9.1.4','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(123, NULL,'8.9.1.5','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(124, NULL,'8.9.1.6','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(125, NULL,'8.10 Security Objecvt','Security Object','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(126, NULL,'8.10.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(127, NULL,'8.10.0.1','Length field encoded as shown in SP800-85B Table 8.1','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(128, NULL,'8.10.0.2','Tag encoded as 3 bytes','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(129, NULL,'8.10.0.3','Each data object returned with 2 byte status word (90 00)','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(130, NULL,'8.10.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(131, NULL,'8.10.1.1','Security Object value lengths comply with Table 12 of SP 800-73-4','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(132, NULL,'8.10.1.2','Tags 0xBA, 0xBB, 0XFE are present','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(133, NULL,'8.10.1.3','Tags 0xBA, 0xBB, 0XFE are are in that order','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(134, NULL,'8.10.1.4','No tags other than (0xBA, 0xBB, 0xFE) are present','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(135, NULL,'8.10.2','Parse data at tag 0xBA and for each data container found ensure that performing a select returns status words 0x90, 0x00','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(136, NULL,'8.11 Discovery Object','Discovery Object','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(137, NULL,'8.11.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(138, NULL,'8.11.0.1','Length field encoded as shown in SP800-85B Table 8.1','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(139, NULL,'8.11.0.2','Tag encoded as 3 bytes','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(140, NULL,'8.11.0.3','Each data object returned with 2 byte status word (90 00)','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(141, NULL,'8.11.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(142, NULL,'8.11.1.1','Tag 0x4F (PIV Application AID) is present','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(143, NULL,'8.11.1.2','Tag 0x5F2F (PIN Usage Policy) Is present','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(144, NULL,'8.11.1.3','Discovery Object Tags 0x4F, 0x5F2F are in that order','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(145, NULL,'8.11.1.4','The values of the tags conform with the vendor provided data.','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(146, NULL,'8.11.1.5','The PIN usage policy matches the card capabilities provided by the vendor documentation. Associated optional data objects are present when the PIN usage policy asserts an optional capability (i.e., OCC, global PIN and pairing code)','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(147, NULL,'8.11.6','Discovery Object value lengths comply with Table 18 of SP 800-73-4','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(148, NULL,'8.12 Iris','Card Holder Iris Images','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(149, NULL,'8.13 Retired Key Management Cert','Key History Objects','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(150, NULL,'8.13.1','X.509 Key History 1','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(151, NULL,'8.13.2','X.509 Key History 2','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(152, NULL,'8.14 Key History','Key History (see Issue #52)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(153, NULL,'8.15 BITT','Biometric InformationTemplates Group Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(154, NULL,'8.16 SMCS','Secure Messaging Certificate Signer','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(155, NULL,'8.17 Paring Code Reference','Pairing Code Reference Data Container','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(156, NULL,'9 Biometric Data Objects','Biometric Data Object Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(157, NULL,'9.1 Fingerprint CBEFF','CBEFF Patron Format for Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(158, NULL,'9.1.1','CBEFF Structure for Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(159, NULL,'9.1.1.1','BDB length field is non-zero','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(160, NULL,'9.1.1.2','Recorded length matches actual BDB length','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(161, NULL,'9.1.1.3','SB length field is non-zero','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(162, NULL,'9.1.1.4','Recorded length matches actual SB length','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(163, NULL,'9.1.1.5','Card Holder Fingerprint object length equals sum of CBEFF header length + BDB length + SB length','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(164, NULL,'9.1.2','CBEFF Header for Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(165, NULL,'9.1.2.1','The Patron Header Version field has a value of 0x03.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(166, NULL,'9.1.2.2','Validate that the biometric data block is signed but not encrypted','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(167, NULL,'9.1.2.3','Validate that BDB Format Owner is set to a value of 0x001B denoting M1, the INCITS Technical Committee on Biometrics.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(168, NULL,'9.1.2.4','The BDB Format Type is set to a value of 0x0201','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(169, NULL,'9.1.2.5','Validate that that the creation date in the PIV Patron Format is encoded in 8 bytes using a binary representation of YYYYMMDDhhmmssZ','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(170, NULL,'9.1.2.6','Validate date encoding on Validity Period in PIV Patron Format','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(171, NULL,'9.1.2.7','Valdiate that that Biometric Type has the value 0x000008','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(172, NULL,'9.1.2.8','Validate that for the mandatory minutia PIV card templates, the CBEFF biometric data type encoding value shall be b100xxxxx, which corresponds to biometric data that has been processed.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(173, NULL,'9.1.2.9','The Biometric Data Quality field is -2 or 0 - 100.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(174, NULL,'9.1.2.10','Validate that that the Creator field in the PIV Patron Format contains 18 bytes of which the first K <= 17 bytes shall be ASCII characters, and the first of the remaining 18-K shall be a null terminator (zero)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(175, NULL,'9.1.2.12','Validate that the Reserved for Future Use field is equal to 0x00000000','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(176, NULL,'9.2 Facial Image CBEFF','CBEFF Patron Format for Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(177, NULL,'9.2.1','CBEFF Structure for Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(178, NULL,'9.2.1.1','BDB length field is non-zero','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(179, NULL,'9.2.1.2','Recorded length matches actual BDB length','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(180, NULL,'9.2.1.3','SB length field is non-zero','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(181, NULL,'9.2.1.4','Recorded length matches actual SB length','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(182, NULL,'9.2.2','CBEFF Header for Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(183, NULL,'9.2.2.1','Card Holder Fingerprint object length equals sum of CBEFF header length + BDB length + SB length','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(184, NULL,'9.2.2.2','Validate that the biometric data block is signed but not encrypted','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(185, NULL,'9.2.2.3','Validate that BDB Format Owner is set to a value of 0x001B denoting M1, the INCITS Technical Committee on Biometrics.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(186, NULL,'9.2.2.4','The BDB Format Type is set to a value of 0x0501','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(187, NULL,'9.2.2.5','Validate that that the creation date in the PIV Patron Format is encoded in 8 bytes using a binary representation of YYYYMMDDhhmmssZ','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(188, NULL,'9.2.2.6','Validate date encoding on Validity Period in PIV Patron Format','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(189, NULL,'9.2.2.7','Validate that Biometric Type has the value 0x000002','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(190, NULL,'9.2.2.8','Validate that the CBEFF biometric data type encoding value shall be b001xxxxx, which corresponds to the raw biometric data','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(191, NULL,'9.2.2.9','The Biometric Data Quality field is -2 or 0 - 100.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(192, NULL,'9.2.2.10','Validate that that the Creator field in the PIV Patron Format contains 18 bytes of which the first K <= 17 bytes shall be ASCII characters, and the first of the remaining 18-K shall be a null terminator (zero)','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(193, NULL,'9.2.2.12','Validate that the Reserved for Future Use field is equal to 0x00000000','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(194, NULL,'9.3 Iris CBEFF','CBEFF Patron Format for Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(195, NULL,'9.3.1','CBEFF Structure for Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(196, NULL,'9.3.1.1','BDB length field is non-zero','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(197, NULL,'9.3.1.2','Recorded length matches actual BDB length','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(198, NULL,'9.3.1.3','SB length field is non-zero','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(199, NULL,'9.3.1.4','Recorded length matches actual SB length','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(200, NULL,'9.3.2','CBEFF Header for Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(201, NULL,'9.3.2.1','Patron Header Version field has a value of 0x03.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(202, NULL,'9.3.2.2','Validate that the biometric data block is signed but not encrypted','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(203, NULL,'9.3.2.3','The BDB Format Owner field has a value of 0x0101.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(204, NULL,'9.3.2.4','The BDB Format Type field has a value of 0x0009.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(205, NULL,'9.3.2.5','Validate that that the creation date in the PIV Patron Format is encoded in 8 bytes using a binary representation of YYYYMMDDhhmmssZ','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(206, NULL,'9.3.2.6','Validate date encoding on Validity Period in PIV Patron Format','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(207, NULL,'9.3.2.7','The value of the Biometric Type field for the iris image is 0x000010.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(208, NULL,'9.3.2.8','Validate that the CBEFF biometric data type encoding value shall be b01000000, which corresponds to the raw biometric data','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(209, NULL,'9.3.2.9','The Biometric Data Quality field is -2 or 0 - 100.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(210, NULL,'9.3.2.10','Validate that that the Creator field in the PIV Patron Format contains 18 bytes of which the first K <= 17 bytes shall be ASCII characters, and the first of the remaining 18-K shall be a null terminator (zero)','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(211, NULL,'9.3.2.12','Validate that the Reserved for Future Use field is equal to 0x00000000','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(212, NULL,'9.4 Fingerprint BDB','Off-Card Comparison Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(213, NULL,'9.4.1','General Record Header Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(214, NULL,'9.4.1.1','Extract contents of format identifier, confirm value 0x464D5200','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(215, NULL,'9.4.1.2','Extract contents of version identifier, confirm value 0x20323030','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(216, NULL,'9.4.1.3','Biometric Data Block length (L) where 26 <= L <= 1574','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(217, NULL,'9.4.1.4','Confirm that product identifier owner and product identifier type are non-zero and that MSBs identify vendor, LSBs identify minutia detection algorithm version','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(218, NULL,'9.4.1.5','Confirm that product identifier owner and product identifier type are non-zero and that MSBs identify vendor, LSBs identify minutia detection algorithm version','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(219, NULL,'9.4.1.6','Confirm that capture equipment compliance has a value of 1000b','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(220, NULL,'9.4.1.7','Confirm that capture equipment id is non-NULL','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(221, NULL,'9.4.1.8','Width of the Size of Scanned Image in x direction is the larger of the widths of the two input images.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(222, NULL,'9.4.1.9','Height of the Size of Scanned Image in y direction is the larger of the heights of the two input images.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(223, NULL,'9.4.1.10','X and Y resolutions both have values of 197','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(224, NULL,'9.4.1.12','Number of Finger Views is 2','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(225, NULL,'9.4.1.13','Confirm that reserved byte is set to 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(226, NULL,'9.4.2','View Header Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(227, NULL,'9.4.2.0.1','Confirm that Finger View Header has value A','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(228, NULL,'9.4.2.0.2','Confirm that Finger View Position (0,14)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(229, NULL,'9.4.2.1','If only 1 minutiae present for a finger, view number must be 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(230, NULL,'9.4.2.2','Impression type must be 0 or 2','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(231, NULL,'9.4.2.3','Finger Quality value shall be 20, 40, 60, 80, 100, 254, or 255.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(232, NULL,'9.4.2.4','Number of minutia (0..128)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(233, NULL,'9.4.2.5','Minutiae Type value shall be 01b, 10b, or 00b.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(234, NULL,'9.4.2.6','Verify that position is one of the valid x,y coordinate types in the original image','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(235, NULL,'9.4.2.7','Verify that angle (0,179)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(236, NULL,'9.4.2.8','Verify that quality (0,100)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(237, NULL,'9.4.2.9','Verify that extended data block length is 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(238, NULL,'9.4.3','Fingerprint Minutiae Data Records','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(239, NULL,'9.4.3.1','Minutiae Type value shall be01b, 10b, or 00b.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(240, NULL,'9.4.3.2','Extended Data Block Length shall be 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(241, NULL,'9.5','On-Card Comparison','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(242, NULL,'9.5.1','BIT Group Template data conformance for on-card comparison','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(243, NULL,'9.6 Facial Image BDB','Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(244, NULL,'9.6.1','Facial Image Header Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(245, NULL,'9.6.1.1','Format Identifier has a value 0x46414300','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(246, NULL,'9.6.1.2','Version Number has a value of 0x30313000','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(247, NULL,'9.6.1.3','Number of Facial Images value is >= 1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(248, NULL,'9.6.1.4','Number of Feature Points is >= 0','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(249, NULL,'9.6.2','Facial Image Data Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(250, NULL,'9.6.2.1','Facial Image Type is 1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(251, NULL,'9.6.2.2','Image Data Type is 0 or 1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(252, NULL,'9.6.2.3','Image Color Space is 1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(253, NULL,'9.6.2.4','Source Type is 2 or 6','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(254, NULL,'9.7 Iris Image BDB','Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(255, NULL,'9.7.1','Iris Image Profile','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(256, NULL,'9.7.2','Iris Image Data Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(257, NULL,'10 Signed Data Elements','Signed Data Elements Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(258, NULL,'10.1 CHUID','Card Holder Unique Identifier','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(259, NULL,'10.1.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(260, NULL,'10.1.1.1','The CHUID buffer contains an asymmetric digital signature that is implemented as a SignedData type and is encoded as a CMS external signature according to RFC 5652.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(261, NULL,'10.1.1.2','The value of the version field of the SignedData is 3.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(262, NULL,'10.1.1.3','The digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP800-78-4.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(263, NULL,'10.1.1.4','The eContent field has been omitted and the eContentType asserts id-piv-CHUIDSecurityObject in encapContentInfo.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(264, NULL,'10.1.1.5','The crls field is omitted from the SignedData.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(265, NULL,'10.1.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(266, NULL,'10.1.1.7','The SignerIdentifier in the SignerInfo uses the issuerAndSerialNumber choice and it corresponds to the issuer and serialNumber fields found in the X.509 certificate of the signer.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(267, NULL,'10.1.1.8','The digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP80078','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(268, NULL,'10.1.1.8.1','The digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(269, NULL,'10.1.1.9','The value of the hash obtained from the message digest attribute of the signedAttrs of the SignerInfo is identical to that obtained after hashing the concatenated contents of the CHUID, excluding the asymmetric digital signature field and the Buffer Length field, if present.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(270, NULL,'10.1.1.10','The value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(271, NULL,'10.1.1.12','The signatureAlgorithm field specified in the SignerInfo field for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm shall be in accordance with Table 3-3 of SP800-78-4.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(272, NULL,'10.1.1.13','The certificate from the cert bag succesfully validates the CMS signature.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(273, NULL,'10.2 Fingerprint','Off-Card Comparison Biometric Fingerprint','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(274, NULL,'10.2.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(275, NULL,'10.2.1.1','CBEFF_SIGNATURE_BLOCK is present in the biometric CBEFF structure containing an asymmetric digital signature that is implemented as a SignedData type according to RFC 5652.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(276, NULL,'10.2.1.2','PKCS#7 version is set to 3','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(277, NULL,'10.2.1.3','digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP 800-78.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(278, NULL,'10.2.1.4','The eContent field has been omitted and the eContentType asserts id-piv-biometricObject in encapContentInfo.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(279, NULL,'10.2.1.5','The crls field is omitted from the SignedData.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(280, NULL,'10.2.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(281, NULL,'10.2.1.7.1','SignerId uses ths IssuerAndSerialNumber choice','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(282, NULL,'10.2.1.7.2','Issuer and Serial in the signer info corresponds to the issuer and serial values in the signer certificate','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(283, NULL,'10.2.1.8','Verify Digest Algorithm in SignerInfo','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(284, NULL,'10.2.1.8.1','The digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP 800-78','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(285, NULL,'10.2.1.8.2','digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(286, NULL,'10.2.1.9','Message digest from signed attributes bag matches the digest over Fingerprint biometric data (excluding contents of digital signature field)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(287, NULL,'10.2.1.10','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(288, NULL,'10.2.1.11','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(289, NULL,'10.2.1.12','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(290, NULL,'10.2.1.13','The content signing certificate contains id-piv-content-signing or directly-asserted id-fpki-pivi-content-signing (for PIV-I) EKU extension.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(291, NULL,'10.2.1.14','The signed attribute entryUUID matches GUID read from CHUID container.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(292, NULL,'10.3 Facial Image','Biometric Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(293, NULL,'10.3.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(294, NULL,'10.3.1.1','CBEFF_SIGNATURE_BLOCK is present in the biometric CBEFF structure containing an asymmetric digital signature that is implemented as a SignedData type according to RFC 5652.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(295, NULL,'10.3.1.2','PKCS#7 version is set to 3','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(296, NULL,'10.3.1.3','digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP80078.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(297, NULL,'10.3.1.4','The eContent field has been omitted and the eContentType asserts id-piv-biometricObject in encapContentInfo.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(298, NULL,'10.3.1.5','The crls field is omitted from the SignedData.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(299, NULL,'10.3.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(300, NULL,'10.3.1.7.1','SignerId uses ths IssuerAndSerialNumber choice','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(301, NULL,'10.3.1.7.2','Issuer and Serial in the signer info corresponds to the issuer and serial values in the signer certificate','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(302, NULL,'10.3.1.8.1','Th digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP 800-78','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(303, NULL,'10.3.1.8.2','digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(304, NULL,'10.3.1.9','Message digest from signed attributes bag matches the digest over Facial Image biometric data (excluding contents of digital signature field)','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(305, NULL,'10.3.1.10','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(306, NULL,'10.3.1.11','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(307, NULL,'10.3.1.12','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(308, NULL,'10.3.1.13','The content signing certificate contains id-piv-content-signing or directly-asserted id-fpki-pivi-content-signing (for PIV-I) EKU extension.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(309, NULL,'10.3.1.14','The signed attribute entryUUID matches GUID read from CHUID container.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(310, NULL,'10.4 Security Object','Security Object','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(311, NULL,'10.4.1','Data Integrity','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(312, NULL,'10.4.1.1','The actual hash of the data elements on the PIV card are identical to their corresponding hash values present in the security object.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(313, NULL,'10.4.2','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(314, NULL,'10.4.2.1','Verify that the asymmetric digital field contains a CMS signed data object','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(315, NULL,'10.4.2.2','Confirm that version of signed data structure is 1','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(316, NULL,'10.4.2.3','Verify that eContent contains a security object','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(317, NULL,'10.4.2.4','The eContent field contains a correctly formatted ldsSecurityobject and the eContentType asserts id-icao-ldsSecurityObject in encapContentInfo.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(318, NULL,'10.4.2.5','The certificates field is omitted from the SignedData.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(319, NULL,'10.4.2.6','digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP 800-78','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(320, NULL,'10.4.2.7','The signatureAlgorithm field specified in the SignerInfo field for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm shall be in accordance with Table 3-3 of SP80078.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(321, NULL,'10.4.2.8','The signature in the SignerInfo corresponds to the signed security object and that it is it signed with the certificate that is used to sign the CHUID.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(322, NULL,'10.5 Iris','Biometric Iris','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(323, NULL,'10.5.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(324, NULL,'10.5.1.1','CBEFF_SIGNATURE_BLOCK is present in the biometric CBEFF structure containing an asymmetric digital signature that is implemented as a SignedData type according to RFC 5652.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(325, NULL,'10.5.1.2','PKCS#7 version is set to 3','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(326, NULL,'10.5.1.3','digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP80078.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(327, NULL,'10.5.1.4','The eContent field has been omitted and the eContentType asserts id-piv-biometricObject in encapContentInfo.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(328, NULL,'10.5.1.5','The crls field is omitted from the SignedData.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(329, NULL,'10.5.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(330, NULL,'10.5.1.7','SignerId uses ths IssuerAndSerialNumber choice','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(331, NULL,'10.5.1.8','Issuer and Serial in the signer info corresponds to the issuer and serial values in the signer certificate','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(332, NULL,'10.5.1.9','Th digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP 800-78','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(333, NULL,'10.5.1.10','digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(334, NULL,'10.5.1.11','Message digest from signed attributes bag matches the digest over Fingerprint biometric data (excluding contents of digital signature field)','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(335, NULL,'10.5.1.12','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(336, NULL,'10.5.1.13','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(337, NULL,'10.5.1.14','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(338, NULL,'10.5.1.15','The content signing certificate contains id-piv-content-signing or directly-asserted id-fpki-pivi-content-signing (for PIV-I) EKU extension.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(339, NULL,'10.5.1.16','The signed attribute entryUUID matches GUID read from CHUID container.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(340, NULL,'11 X.509 Certificate Profiles','PKI Certificate Profile Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(341, NULL,'11.1','PIV Authentication Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(342, NULL,'11.1.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(343, NULL,'11.1.1.1','The signatureAlgorithm value is in accordance with Table 3-3 of SP80078. If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(344, NULL,'11.1.1.2','The PIV authentication key is generated using an allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(345, NULL,'11.1.1.3','The key size and types used are in accordance with Table 3-1 of SP 800-78-4.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(346, NULL,'11.1.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(347, NULL,'11.1.2.1.1','digitalSignature bit has been set','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(348, NULL,'11.1.2.1.2','Confirm no other keyUsage bits are set.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(349, NULL,'11.1.2.2.1','A certificate policies extension is present.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(350, NULL,'11.1.2.2.2','A policyIdentifier field in the certificatePolicies extension asserts id-fpki-common-authentication.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(351, NULL,'11.1.2.3','OCSP','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(352, NULL,'11.1.2.3.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(353, NULL,'11.1.2.3.2','An accessMethod containing id-ad-ocsp is present.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(354, NULL,'11.1.2.3.3','AIA uniformResourceIdentifier protocol is http','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(355, NULL,'11.1.2.5','Private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(356, NULL,'11.1.2.6','Subject Alternate Name','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(357, NULL,'11.1.2.6.2','GeneralName field exists that contain a URI asserting a Card UUID as specified by [RFC4122, Section 3] that matches the GUID value in the CHUID.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(358, NULL,'11.1.2.7','Expiration date of the PIV authentication certificate is not beyond the expiration date of the CHUID i.e. the PIV card.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(359, NULL,'11.1.2.8','Exponent of the RSA asymmetric key for PIV authentication is equal to 65,537.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(360, NULL,'11.1.2.9','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(361, NULL,'11.1.2.9.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(362, NULL,'11.1.2.9.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(363, NULL,'11.1.2.10','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(364, NULL,'11.1.2.10.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(365, NULL,'11.1.2.10.2','An accessMethod containing id-ad-caIssuers is present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(366, NULL,'11.1.2.10.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(367, NULL,'11.1.2.10.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(368, NULL,'11.1.2.10.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(369, NULL,'11.2','Digital Signature Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(370, NULL,'11.2.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(371, NULL,'11.2.1.1','The signatureAlgorithm value is in accordance with Table 3-3 of SP80078. If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(372, NULL,'11.2.1.2','The digital signature key is generated using an allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(373, NULL,'11.2.1.3','The key size used is in accordance with Table 3-1 of SP80078.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(374, NULL,'11.2.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(375, NULL,'11.2.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(376, NULL,'11.2.2.1.1','Key Usage extension is present','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(377, NULL,'11.2.2.1.2','digitalSignature and nonRepudiation bits have been set.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(378, NULL,'11.2.2.2','Private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(379, NULL,'11.2.2.3','Expiration date of the digital signature certificate is not beyond the expiration date of the CHUID i.e. the PIV card.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(380, NULL,'11.2.2.4','Exponent of the RSA asymmetric key for digital signature is equal to 65,537.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(381, NULL,'11.2.2.5','policyIdentifier field in the certificatePolicies extension asserts one of the following: id-fpki-common-hardware or id-fpki-common-High.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(382, NULL,'11.2.2.6','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(383, NULL,'11.2.2.6.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(384, NULL,'11.2.2.6.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(385, NULL,'11.2.2.7','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(386, NULL,'11.2.2.7.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(387, NULL,'11.2.2.7.2','authorityInfoAccess field contains an id-ad-caIssuers','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(388, NULL,'11.2.2.7.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(389, NULL,'11.2.2.7.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(390, NULL,'11.2.2.7.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(391, NULL,'11.3','Key Management Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(392, NULL,'11.3.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(393, NULL,'11.3.1.1','If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(394, NULL,'11.3.1.2','The key management key is generated using an allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(395, NULL,'11.3.1.3','The key sizes used are in accordance with Table 3-1 of SP80078.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(396, NULL,'11.3.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(397, NULL,'11.3.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(398, NULL,'11.3.2.1.1','If the public key algorithm is RSA, then the keyUsage extension asserts the keyEncipherment bit.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(399, NULL,'11.3.2.1.2','If the algorithm is Elliptic Curve key, then the keyUsage extension asserts the keyAgreement bit.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(400, NULL,'11.3.2.1.3','No other Key Usage bits are set.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(401, NULL,'11.3.2.2','The private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(402, NULL,'11.3.2.3','Exponent of the RSA asymmetric key for key management is equal to 65,537.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(403, NULL,'11.3.2.4','policyIdentifier field in the certificatePolicies extension asserts one of the following: id-fpki-common-hardware or id-fpki-common-High.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(404, NULL,'11.3.2.5','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(405, NULL,'11.3.2.5.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(406, NULL,'11.3.2.5.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(407, NULL,'11.3.2.6','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(408, NULL,'11.3.2.6.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(409, NULL,'11.3.2.6.2','authorityInfoAccess field contains an id-ad-caIssuers','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(410, NULL,'11.3.2.6.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(411, NULL,'11.3.2.6.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(412, NULL,'11.3.2.6.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(413, NULL,'11.4','Card Authentication Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(414, NULL,'11.4.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(415, NULL,'11.4.1.1','If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(416, NULL,'11.4.1.2','The card authentication key is generated using the allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(417, NULL,'11.4.1.3','The key sizes used are in accordance with Table 3-1 of SP80078.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(418, NULL,'11.4.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(419, NULL,'11.4.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(420, NULL,'11.4.2.1.1','Key Usage extension is present','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(421, NULL,'11.4.2.1.2','The digitalSignature bit has been set.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(422, NULL,'11.4.2.1.3','No other bits have been set.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(423, NULL,'11.4.2.2','policyIdentifier field in the certificatePolicies extension asserts id-fpki-common-cardAuth.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(424, NULL,'11.4.2.3','Extended Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(425, NULL,'11.4.2.3.1','Extended key usage (extKeyUsage) extension is present and maked critical','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(426, NULL,'11.4.2.3.2','Extended key usage (extKeyUsage) extension asserts id-PIV-cardAuth','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(427, NULL,'11.4.2.3.3','Extended key usage extension does not assert any other OIDs.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(428, NULL,'11.4.2.4','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(429, NULL,'11.4.2.4.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(430, NULL,'11.4.2.4.2','authorityInfoAccess field contains an id-ad-ocsp','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(431, NULL,'11.4.2.4.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(432, NULL,'11.4.2.4.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(433, NULL,'11.4.2.6','The private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(434, NULL,'11.4.2.7','Subject Alternate Name','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(435, NULL,'11.4.2.7.2','GeneralName field exists that contain a URI asserting a Card UUID as specified by [RFC4122, Section 3] that matches the GUID value in the CHUID.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(436, NULL,'11.4.2.7.3','No other name forms appear in the subjectAltName extension.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(437, NULL,'11.4.2.8','Exponent of the RSA asymmetric key for key management is equal to 65,537.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(438, NULL,'11.4.2.9','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(439, NULL,'11.4.2.9.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(440, NULL,'11.4.2.9.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(441, NULL,'11.4.2.10','Authority Information Access (85B-4)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(442, NULL,'11.4.2.10.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(443, NULL,'11.5','Secure Messaging Card Verifiable Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(444, NULL,'11.5.1','Secure Messaging CVC Profile Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(445, NULL,'11.5.2','Algorithm Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(446, NULL,'11.5.3','Data Integrity Checks','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(447, NULL,'11.6','Intermediate Card Verifiable Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(448, NULL,'11.6.1','Intermediate CVC Profile Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(449, NULL,'11.6.2','Algorithm Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(450, NULL,'11.7','X.509 Certificate for Content Signing','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(451, NULL,'11.7.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(452, NULL,'11.7.1.1','If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(453, NULL,'11.7.1.2','The card authentication key is generated using the allowed asymmetric key algorithm.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(454, NULL,'11.7.1.3','The key sizes used are in accordance with Table 3-1 of SP80078.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(455, NULL,'11.7.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(456, NULL,'11.7.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(457, NULL,'11.7.2.1.1','digitalSignature and nonRepudiation bits have been set','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(458, NULL,'11.7.2.1.2','No other bits have been set.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(459, NULL,'11.7.2.2','X.509 Certificate for Content Signing is not expired.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(460, NULL,'11.7.2.3','Exponent of the RSA asymmetric key for the X.509 Certificate for Content Signing is equal to 65,537.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(461, NULL,'11.7.2.4','Certificate Policy and Extended Key Usage','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(462, NULL,'11.7.2.4.1','policyIdentifier field in the certificatePolicies extension asserts the id-fpki-common-piv-contentSigning policy of [COMMON] (OID = 2.16.840.1.101.3.2.1.3.39)','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(463, NULL,'11.7.2.4.2','extended key usage (extKeyUsage) asserts id-PIV-content-signing.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(464, NULL,'11.7.2.5','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(465, NULL,'11.7.2.5.1','URI is present with the http scheme.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(466, NULL,'11.7.2.5.2','URI points only to files with .crl extensions.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(467, NULL,'11.7.2.6','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(468, NULL,'11.7.2.6.1','authorityInformationAccess extension is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(469, NULL,'11.7.2.6.2','authorityInfoAccess field contains an id-ad-caIssuers','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(470, NULL,'11.7.2.6.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(471, NULL,'11.7.2.6.4','URI scheme is http (not https)','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(472, NULL,'11.7.2.6.5','File contains a CMS a certs-only CMS message (see RFC 3851).','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestsToSteps" VALUES(1, 1,4,0,NULL); -INSERT INTO "TestsToSteps" VALUES(2, 2,5,0,NULL); -INSERT INTO "TestsToSteps" VALUES(3, 3,6,0,NULL); -INSERT INTO "TestsToSteps" VALUES(4, 4,7,0,NULL); -INSERT INTO "TestsToSteps" VALUES(5, 6,8,0,NULL); -INSERT INTO "TestsToSteps" VALUES(6, 7,9,0,NULL); -INSERT INTO "TestsToSteps" VALUES(7, 8,10,0,NULL); -INSERT INTO "TestsToSteps" VALUES(8, 9,11,0,NULL); -INSERT INTO "TestsToSteps" VALUES(9, 10,12,0,NULL); -INSERT INTO "TestsToSteps" VALUES(10, 28,13,0,NULL); -INSERT INTO "TestsToSteps" VALUES(11, 11,14,0,NULL); -INSERT INTO "TestsToSteps" VALUES(12, 1,17,0,NULL); -INSERT INTO "TestsToSteps" VALUES(13, 2,18,0,NULL); -INSERT INTO "TestsToSteps" VALUES(14, 3,19,0,NULL); -INSERT INTO "TestsToSteps" VALUES(15, 4,20,0,NULL); -INSERT INTO "TestsToSteps" VALUES(16, 13,21,0,NULL); -INSERT INTO "TestsToSteps" VALUES(17, 15,22,0,NULL); -INSERT INTO "TestsToSteps" VALUES(18, 47,23,0,NULL); -INSERT INTO "TestsToSteps" VALUES(19, 16,24,0,NULL); -INSERT INTO "TestsToSteps" VALUES(20, 48,25,0,NULL); -INSERT INTO "TestsToSteps" VALUES(21, 49,26,0,NULL); -INSERT INTO "TestsToSteps" VALUES(22, 50,27,0,NULL); -INSERT INTO "TestsToSteps" VALUES(23, 51,28,0,NULL); -INSERT INTO "TestsToSteps" VALUES(24, 18,29,0,NULL); -INSERT INTO "TestsToSteps" VALUES(25, 19,30,0,NULL); -INSERT INTO "TestsToSteps" VALUES(26, 52,31,0,NULL); -INSERT INTO "TestsToSteps" VALUES(27, 53,32,0,NULL); -INSERT INTO "TestsToSteps" VALUES(28, 54,33,0,NULL); -INSERT INTO "TestsToSteps" VALUES(29, 55,34,0,NULL); -INSERT INTO "TestsToSteps" VALUES(30, 14,35,0,NULL); -INSERT INTO "TestsToSteps" VALUES(31, 22,36,0,NULL); -INSERT INTO "TestsToSteps" VALUES(32, 20,37,0,NULL); -INSERT INTO "TestsToSteps" VALUES(33, 21,38,0,NULL); -INSERT INTO "TestsToSteps" VALUES(34, 18,39,0,NULL); -INSERT INTO "TestsToSteps" VALUES(35, 29,40,0,NULL); -INSERT INTO "TestsToSteps" VALUES(36, 28,41,0,NULL); -INSERT INTO "TestsToSteps" VALUES(37, 1,44,0,NULL); -INSERT INTO "TestsToSteps" VALUES(38, 2,45,0,NULL); -INSERT INTO "TestsToSteps" VALUES(39, 3,46,0,NULL); -INSERT INTO "TestsToSteps" VALUES(40, 4,47,0,NULL); -INSERT INTO "TestsToSteps" VALUES(41, 60,48,0,NULL); -INSERT INTO "TestsToSteps" VALUES(42, 24,49,0,NULL); -INSERT INTO "TestsToSteps" VALUES(43, 25,50,0,NULL); -INSERT INTO "TestsToSteps" VALUES(44, 26,51,0,NULL); -INSERT INTO "TestsToSteps" VALUES(45, 27,52,0,NULL); -INSERT INTO "TestsToSteps" VALUES(46, 28,53,0,NULL); -INSERT INTO "TestsToSteps" VALUES(47, 1,56,0,NULL); -INSERT INTO "TestsToSteps" VALUES(48, 2,57,0,NULL); -INSERT INTO "TestsToSteps" VALUES(49, 3,58,0,NULL); -INSERT INTO "TestsToSteps" VALUES(50, 4,59,0,NULL); -INSERT INTO "TestsToSteps" VALUES(51, 29,60,0,NULL); -INSERT INTO "TestsToSteps" VALUES(52, 86,61,0,NULL); -INSERT INTO "TestsToSteps" VALUES(53, 87,62,0,NULL); -INSERT INTO "TestsToSteps" VALUES(54, 84,63,0,NULL); -INSERT INTO "TestsToSteps" VALUES(55, 28,64,0,NULL); -INSERT INTO "TestsToSteps" VALUES(56, 1,67,0,NULL); -INSERT INTO "TestsToSteps" VALUES(57, 2,68,0,NULL); -INSERT INTO "TestsToSteps" VALUES(58, 3,69,0,NULL); -INSERT INTO "TestsToSteps" VALUES(59, 4,70,0,NULL); -INSERT INTO "TestsToSteps" VALUES(60, 32,71,0,NULL); -INSERT INTO "TestsToSteps" VALUES(61, 33,72,0,NULL); -INSERT INTO "TestsToSteps" VALUES(62, 56,73,0,NULL); -INSERT INTO "TestsToSteps" VALUES(63, 57,74,0,NULL); -INSERT INTO "TestsToSteps" VALUES(64, 34,75,0,NULL); -INSERT INTO "TestsToSteps" VALUES(65, 35,76,0,NULL); -INSERT INTO "TestsToSteps" VALUES(66, 36,77,0,NULL); -INSERT INTO "TestsToSteps" VALUES(67, 28,78,0,NULL); -INSERT INTO "TestsToSteps" VALUES(68, 1,81,0,NULL); -INSERT INTO "TestsToSteps" VALUES(69, 2,82,0,NULL); -INSERT INTO "TestsToSteps" VALUES(70, 3,83,0,NULL); -INSERT INTO "TestsToSteps" VALUES(71, 4,84,0,NULL); -INSERT INTO "TestsToSteps" VALUES(72, 37,85,0,NULL); -INSERT INTO "TestsToSteps" VALUES(73, 30,86,0,NULL); -INSERT INTO "TestsToSteps" VALUES(74, 31,87,0,NULL); -INSERT INTO "TestsToSteps" VALUES(75, 28,88,0,NULL); -INSERT INTO "TestsToSteps" VALUES(76, 1,91,0,NULL); -INSERT INTO "TestsToSteps" VALUES(77, 2,92,0,NULL); -INSERT INTO "TestsToSteps" VALUES(78, 3,93,0,NULL); -INSERT INTO "TestsToSteps" VALUES(79, 4,94,0,NULL); -INSERT INTO "TestsToSteps" VALUES(80, 60,95,0,NULL); -INSERT INTO "TestsToSteps" VALUES(81, 24,96,0,NULL); -INSERT INTO "TestsToSteps" VALUES(82, 25,97,0,NULL); -INSERT INTO "TestsToSteps" VALUES(83, 27,98,0,NULL); -INSERT INTO "TestsToSteps" VALUES(84, 26,99,0,NULL); -INSERT INTO "TestsToSteps" VALUES(85, 28,100,0,NULL); -INSERT INTO "TestsToSteps" VALUES(86, 1,103,0,NULL); -INSERT INTO "TestsToSteps" VALUES(87, 2,104,0,NULL); -INSERT INTO "TestsToSteps" VALUES(88, 3,105,0,NULL); -INSERT INTO "TestsToSteps" VALUES(89, 4,106,0,NULL); -INSERT INTO "TestsToSteps" VALUES(90, 60,107,0,NULL); -INSERT INTO "TestsToSteps" VALUES(91, 24,108,0,NULL); -INSERT INTO "TestsToSteps" VALUES(92, 25,109,0,NULL); -INSERT INTO "TestsToSteps" VALUES(93, 26,110,0,NULL); -INSERT INTO "TestsToSteps" VALUES(94, 27,111,0,NULL); -INSERT INTO "TestsToSteps" VALUES(95, 28,112,0,NULL); -INSERT INTO "TestsToSteps" VALUES(96, 1,115,0,NULL); -INSERT INTO "TestsToSteps" VALUES(97, 2,116,0,NULL); -INSERT INTO "TestsToSteps" VALUES(98, 3,117,0,NULL); -INSERT INTO "TestsToSteps" VALUES(99, 4,118,0,NULL); -INSERT INTO "TestsToSteps" VALUES(100, 60,119,0,NULL); -INSERT INTO "TestsToSteps" VALUES(101, 24,120,0,NULL); -INSERT INTO "TestsToSteps" VALUES(102, 25,121,0,NULL); -INSERT INTO "TestsToSteps" VALUES(103, 26,122,0,NULL); -INSERT INTO "TestsToSteps" VALUES(104, 27,123,0,NULL); -INSERT INTO "TestsToSteps" VALUES(105, 28,124,0,NULL); -INSERT INTO "TestsToSteps" VALUES(106, 1,127,0,NULL); -INSERT INTO "TestsToSteps" VALUES(107, 2,128,0,NULL); -INSERT INTO "TestsToSteps" VALUES(108, 3,129,0,NULL); -INSERT INTO "TestsToSteps" VALUES(109, 4,130,0,NULL); -INSERT INTO "TestsToSteps" VALUES(110, 38,131,0,NULL); -INSERT INTO "TestsToSteps" VALUES(111, 39,132,0,NULL); -INSERT INTO "TestsToSteps" VALUES(112, 58,133,0,NULL); -INSERT INTO "TestsToSteps" VALUES(113, 40,134,0,NULL); -INSERT INTO "TestsToSteps" VALUES(114, 41,135,0,NULL); -INSERT INTO "TestsToSteps" VALUES(115, 1,138,0,NULL); -INSERT INTO "TestsToSteps" VALUES(116, 2,139,0,NULL); -INSERT INTO "TestsToSteps" VALUES(117, 3,140,0,NULL); -INSERT INTO "TestsToSteps" VALUES(118, 4,141,0,NULL); -INSERT INTO "TestsToSteps" VALUES(119, 44,142,0,NULL); -INSERT INTO "TestsToSteps" VALUES(120, 45,143,0,NULL); -INSERT INTO "TestsToSteps" VALUES(121, 59,144,0,NULL); -INSERT INTO "TestsToSteps" VALUES(122, 170,145,0,NULL); -INSERT INTO "TestsToSteps" VALUES(123, 46,146,0,NULL); -INSERT INTO "TestsToSteps" VALUES(124, 43,147,0,NULL); -INSERT INTO "TestsToSteps" VALUES(125, 170,150,0,NULL); -INSERT INTO "TestsToSteps" VALUES(126, 170,151,0,NULL); -INSERT INTO "TestsToSteps" VALUES(127, 170,152,0,NULL); -INSERT INTO "TestsToSteps" VALUES(128, 61,159,0,NULL); -INSERT INTO "TestsToSteps" VALUES(129, 62,160,0,NULL); -INSERT INTO "TestsToSteps" VALUES(130, 63,161,0,NULL); -INSERT INTO "TestsToSteps" VALUES(131, 109,162,0,NULL); -INSERT INTO "TestsToSteps" VALUES(132, 64,163,0,NULL); -INSERT INTO "TestsToSteps" VALUES(133, 65,165,0,NULL); -INSERT INTO "TestsToSteps" VALUES(134, 66,166,0,NULL); -INSERT INTO "TestsToSteps" VALUES(135, 67,167,0,NULL); -INSERT INTO "TestsToSteps" VALUES(136, 99,168,0,NULL); -INSERT INTO "TestsToSteps" VALUES(137, 100,169,0,NULL); -INSERT INTO "TestsToSteps" VALUES(138, 64,170,0,NULL); -INSERT INTO "TestsToSteps" VALUES(139, 102,171,0,NULL); -INSERT INTO "TestsToSteps" VALUES(140, 103,172,0,NULL); -INSERT INTO "TestsToSteps" VALUES(141, 104,173,0,NULL); -INSERT INTO "TestsToSteps" VALUES(142, 105,174,0,NULL); -INSERT INTO "TestsToSteps" VALUES(143, 107,175,0,NULL); -INSERT INTO "TestsToSteps" VALUES(144, 61,178,0,NULL); -INSERT INTO "TestsToSteps" VALUES(145, 62,179,0,NULL); -INSERT INTO "TestsToSteps" VALUES(146, 63,180,0,NULL); -INSERT INTO "TestsToSteps" VALUES(147, 109,181,0,NULL); -INSERT INTO "TestsToSteps" VALUES(148, 65,183,0,NULL); -INSERT INTO "TestsToSteps" VALUES(149, 66,184,0,NULL); -INSERT INTO "TestsToSteps" VALUES(150, 67,185,0,NULL); -INSERT INTO "TestsToSteps" VALUES(151, 99,186,0,NULL); -INSERT INTO "TestsToSteps" VALUES(152, 100,187,0,NULL); -INSERT INTO "TestsToSteps" VALUES(153, 64,188,0,NULL); -INSERT INTO "TestsToSteps" VALUES(154, 102,189,0,NULL); -INSERT INTO "TestsToSteps" VALUES(155, 103,190,0,NULL); -INSERT INTO "TestsToSteps" VALUES(156, 104,191,0,NULL); -INSERT INTO "TestsToSteps" VALUES(157, 105,192,0,NULL); -INSERT INTO "TestsToSteps" VALUES(158, 107,193,0,NULL); -INSERT INTO "TestsToSteps" VALUES(159, 61,196,0,NULL); -INSERT INTO "TestsToSteps" VALUES(160, 62,197,0,NULL); -INSERT INTO "TestsToSteps" VALUES(161, 63,198,0,NULL); -INSERT INTO "TestsToSteps" VALUES(162, 109,199,0,NULL); -INSERT INTO "TestsToSteps" VALUES(163, 65,201,0,NULL); -INSERT INTO "TestsToSteps" VALUES(164, 66,202,0,NULL); -INSERT INTO "TestsToSteps" VALUES(165, 67,203,0,NULL); -INSERT INTO "TestsToSteps" VALUES(166, 99,204,0,NULL); -INSERT INTO "TestsToSteps" VALUES(167, 100,205,0,NULL); -INSERT INTO "TestsToSteps" VALUES(168, 64,206,0,NULL); -INSERT INTO "TestsToSteps" VALUES(169, 102,207,0,NULL); -INSERT INTO "TestsToSteps" VALUES(170, 103,208,0,NULL); -INSERT INTO "TestsToSteps" VALUES(171, 104,209,0,NULL); -INSERT INTO "TestsToSteps" VALUES(172, 105,210,0,NULL); -INSERT INTO "TestsToSteps" VALUES(173, 107,211,0,NULL); -INSERT INTO "TestsToSteps" VALUES(174, 69,214,0,NULL); -INSERT INTO "TestsToSteps" VALUES(175, 61,215,0,NULL); -INSERT INTO "TestsToSteps" VALUES(176, 71,216,0,NULL); -INSERT INTO "TestsToSteps" VALUES(177, 72,217,0,NULL); -INSERT INTO "TestsToSteps" VALUES(178, 72,218,0,NULL); -INSERT INTO "TestsToSteps" VALUES(179, 73,219,0,NULL); -INSERT INTO "TestsToSteps" VALUES(180, 74,220,0,NULL); -INSERT INTO "TestsToSteps" VALUES(181, 170,221,0,NULL); -INSERT INTO "TestsToSteps" VALUES(182, 170,222,0,NULL); -INSERT INTO "TestsToSteps" VALUES(183, 77,223,0,NULL); -INSERT INTO "TestsToSteps" VALUES(184, 78,224,0,NULL); -INSERT INTO "TestsToSteps" VALUES(185, 79,225,0,NULL); -INSERT INTO "TestsToSteps" VALUES(186, 80,227,0,NULL); -INSERT INTO "TestsToSteps" VALUES(187, 81,228,0,NULL); -INSERT INTO "TestsToSteps" VALUES(188, 82,229,0,NULL); -INSERT INTO "TestsToSteps" VALUES(189, 83,230,0,NULL); -INSERT INTO "TestsToSteps" VALUES(190, 108,231,0,NULL); -INSERT INTO "TestsToSteps" VALUES(191, 84,232,0,NULL); -INSERT INTO "TestsToSteps" VALUES(192, 85,233,0,NULL); -INSERT INTO "TestsToSteps" VALUES(193, 86,234,0,NULL); -INSERT INTO "TestsToSteps" VALUES(194, 87,235,0,NULL); -INSERT INTO "TestsToSteps" VALUES(195, 88,236,0,NULL); -INSERT INTO "TestsToSteps" VALUES(196, 89,237,0,NULL); -INSERT INTO "TestsToSteps" VALUES(197, 85,239,0,NULL); -INSERT INTO "TestsToSteps" VALUES(198, 89,240,0,NULL); -INSERT INTO "TestsToSteps" VALUES(199, 170,242,0,NULL); -INSERT INTO "TestsToSteps" VALUES(200, 90,245,0,NULL); -INSERT INTO "TestsToSteps" VALUES(201, 91,246,0,NULL); -INSERT INTO "TestsToSteps" VALUES(202, 92,247,0,NULL); -INSERT INTO "TestsToSteps" VALUES(203, 93,248,0,NULL); -INSERT INTO "TestsToSteps" VALUES(204, 170,250,0,NULL); -INSERT INTO "TestsToSteps" VALUES(205, 170,251,0,NULL); -INSERT INTO "TestsToSteps" VALUES(206, 170,252,0,NULL); -INSERT INTO "TestsToSteps" VALUES(207, 170,253,0,NULL); -INSERT INTO "TestsToSteps" VALUES(208, 170,255,0,NULL); -INSERT INTO "TestsToSteps" VALUES(209, 170,256,0,NULL); -INSERT INTO "TestsToSteps" VALUES(210, 110,260,0,NULL); -INSERT INTO "TestsToSteps" VALUES(211, 111,261,0,NULL); -INSERT INTO "TestsToSteps" VALUES(212, 112,262,0,NULL); -INSERT INTO "TestsToSteps" VALUES(213, 114,263,0,NULL); -INSERT INTO "TestsToSteps" VALUES(214, 115,264,0,NULL); -INSERT INTO "TestsToSteps" VALUES(215, 116,265,0,NULL); -INSERT INTO "TestsToSteps" VALUES(216, 117,266,0,NULL); -INSERT INTO "TestsToSteps" VALUES(217, 113,267,0,NULL); -INSERT INTO "TestsToSteps" VALUES(218, 133,268,0,NULL); -INSERT INTO "TestsToSteps" VALUES(219, 120,269,0,NULL); -INSERT INTO "TestsToSteps" VALUES(220, 121,270,0,NULL); -INSERT INTO "TestsToSteps" VALUES(221, 122,271,0,NULL); -INSERT INTO "TestsToSteps" VALUES(222, 123,272,0,NULL); -INSERT INTO "TestsToSteps" VALUES(223, 110,275,0,NULL); -INSERT INTO "TestsToSteps" VALUES(224, 111,276,0,NULL); -INSERT INTO "TestsToSteps" VALUES(225, 112,277,0,NULL); -INSERT INTO "TestsToSteps" VALUES(226, 114,278,0,NULL); -INSERT INTO "TestsToSteps" VALUES(227, 115,279,0,NULL); -INSERT INTO "TestsToSteps" VALUES(228, 116,280,0,NULL); -INSERT INTO "TestsToSteps" VALUES(229, 117,281,0,NULL); -INSERT INTO "TestsToSteps" VALUES(230, 118,282,0,NULL); -INSERT INTO "TestsToSteps" VALUES(231, 131,284,0,NULL); -INSERT INTO "TestsToSteps" VALUES(232, 133,285,0,NULL); -INSERT INTO "TestsToSteps" VALUES(233, 120,286,0,NULL); -INSERT INTO "TestsToSteps" VALUES(234, 121,287,0,NULL); -INSERT INTO "TestsToSteps" VALUES(235, 122,288,0,NULL); -INSERT INTO "TestsToSteps" VALUES(236, 123,289,0,NULL); -INSERT INTO "TestsToSteps" VALUES(237, 124,290,0,NULL); -INSERT INTO "TestsToSteps" VALUES(238, 138,291,0,NULL); -INSERT INTO "TestsToSteps" VALUES(239, 110,294,0,NULL); -INSERT INTO "TestsToSteps" VALUES(240, 111,295,0,NULL); -INSERT INTO "TestsToSteps" VALUES(241, 112,296,0,NULL); -INSERT INTO "TestsToSteps" VALUES(242, 114,297,0,NULL); -INSERT INTO "TestsToSteps" VALUES(243, 115,298,0,NULL); -INSERT INTO "TestsToSteps" VALUES(244, 116,299,0,NULL); -INSERT INTO "TestsToSteps" VALUES(245, 117,300,0,NULL); -INSERT INTO "TestsToSteps" VALUES(246, 118,301,0,NULL); -INSERT INTO "TestsToSteps" VALUES(247, 131,302,0,NULL); -INSERT INTO "TestsToSteps" VALUES(248, 133,303,0,NULL); -INSERT INTO "TestsToSteps" VALUES(249, 120,304,0,NULL); -INSERT INTO "TestsToSteps" VALUES(250, 121,305,0,NULL); -INSERT INTO "TestsToSteps" VALUES(251, 122,306,0,NULL); -INSERT INTO "TestsToSteps" VALUES(252, 123,307,0,NULL); -INSERT INTO "TestsToSteps" VALUES(253, 124,308,0,NULL); -INSERT INTO "TestsToSteps" VALUES(254, 138,309,0,NULL); -INSERT INTO "TestsToSteps" VALUES(255, 42,312,0,NULL); -INSERT INTO "TestsToSteps" VALUES(256, 119,314,0,NULL); -INSERT INTO "TestsToSteps" VALUES(257, 126,315,0,NULL); -INSERT INTO "TestsToSteps" VALUES(258, 127,316,0,NULL); -INSERT INTO "TestsToSteps" VALUES(259, 128,317,0,NULL); -INSERT INTO "TestsToSteps" VALUES(260, 129,318,0,NULL); -INSERT INTO "TestsToSteps" VALUES(261, 131,319,0,NULL); -INSERT INTO "TestsToSteps" VALUES(262, 122,320,0,NULL); -INSERT INTO "TestsToSteps" VALUES(263, 123,321,0,NULL); -INSERT INTO "TestsToSteps" VALUES(264, 110,324,0,NULL); -INSERT INTO "TestsToSteps" VALUES(265, 111,325,0,NULL); -INSERT INTO "TestsToSteps" VALUES(266, 113,326,0,NULL); -INSERT INTO "TestsToSteps" VALUES(267, 114,327,0,NULL); -INSERT INTO "TestsToSteps" VALUES(268, 115,328,0,NULL); -INSERT INTO "TestsToSteps" VALUES(269, 116,329,0,NULL); -INSERT INTO "TestsToSteps" VALUES(270, 117,330,0,NULL); -INSERT INTO "TestsToSteps" VALUES(271, 118,331,0,NULL); -INSERT INTO "TestsToSteps" VALUES(272, 131,332,0,NULL); -INSERT INTO "TestsToSteps" VALUES(273, 133,333,0,NULL); -INSERT INTO "TestsToSteps" VALUES(274, 120,334,0,NULL); -INSERT INTO "TestsToSteps" VALUES(275, 121,335,0,NULL); -INSERT INTO "TestsToSteps" VALUES(276, 122,336,0,NULL); -INSERT INTO "TestsToSteps" VALUES(277, 123,337,0,NULL); -INSERT INTO "TestsToSteps" VALUES(278, 124,338,0,NULL); -INSERT INTO "TestsToSteps" VALUES(279, 138,339,0,NULL); -INSERT INTO "TestsToSteps" VALUES(280, 141,343,0,NULL); -INSERT INTO "TestsToSteps" VALUES(281, 139,344,0,NULL); -INSERT INTO "TestsToSteps" VALUES(282, 139,345,0,NULL); -INSERT INTO "TestsToSteps" VALUES(283, 144,347,0,NULL); -INSERT INTO "TestsToSteps" VALUES(284, 145,348,0,NULL); -INSERT INTO "TestsToSteps" VALUES(285, 146,349,0,NULL); -INSERT INTO "TestsToSteps" VALUES(286, 147,350,0,NULL); -INSERT INTO "TestsToSteps" VALUES(287, 148,352,0,NULL); -INSERT INTO "TestsToSteps" VALUES(288, 149,353,0,NULL); -INSERT INTO "TestsToSteps" VALUES(289, 164,354,0,NULL); -INSERT INTO "TestsToSteps" VALUES(290, 152,355,0,NULL); -INSERT INTO "TestsToSteps" VALUES(291, 168,357,0,NULL); -INSERT INTO "TestsToSteps" VALUES(292, 154,358,0,NULL); -INSERT INTO "TestsToSteps" VALUES(293, 155,359,0,NULL); -INSERT INTO "TestsToSteps" VALUES(294, 150,361,0,NULL); -INSERT INTO "TestsToSteps" VALUES(295, 165,362,0,NULL); -INSERT INTO "TestsToSteps" VALUES(296, 148,364,0,NULL); -INSERT INTO "TestsToSteps" VALUES(297, 163,365,0,NULL); -INSERT INTO "TestsToSteps" VALUES(298, 150,366,0,NULL); -INSERT INTO "TestsToSteps" VALUES(299, 164,367,0,NULL); -INSERT INTO "TestsToSteps" VALUES(300, 166,368,0,NULL); -INSERT INTO "TestsToSteps" VALUES(301, 141,371,0,NULL); -INSERT INTO "TestsToSteps" VALUES(302, 139,372,0,NULL); -INSERT INTO "TestsToSteps" VALUES(303, 139,373,0,NULL); -INSERT INTO "TestsToSteps" VALUES(304, 143,376,0,NULL); -INSERT INTO "TestsToSteps" VALUES(305, 156,377,0,NULL); -INSERT INTO "TestsToSteps" VALUES(306, 152,378,0,NULL); -INSERT INTO "TestsToSteps" VALUES(307, 154,379,0,NULL); -INSERT INTO "TestsToSteps" VALUES(308, 155,380,0,NULL); -INSERT INTO "TestsToSteps" VALUES(309, 147,381,0,NULL); -INSERT INTO "TestsToSteps" VALUES(310, 150,383,0,NULL); -INSERT INTO "TestsToSteps" VALUES(311, 165,384,0,NULL); -INSERT INTO "TestsToSteps" VALUES(312, 148,386,0,NULL); -INSERT INTO "TestsToSteps" VALUES(313, 163,387,0,NULL); -INSERT INTO "TestsToSteps" VALUES(314, 150,388,0,NULL); -INSERT INTO "TestsToSteps" VALUES(315, 164,389,0,NULL); -INSERT INTO "TestsToSteps" VALUES(316, 166,390,0,NULL); -INSERT INTO "TestsToSteps" VALUES(317, 141,393,0,NULL); -INSERT INTO "TestsToSteps" VALUES(318, 139,394,0,NULL); -INSERT INTO "TestsToSteps" VALUES(319, 139,395,0,NULL); -INSERT INTO "TestsToSteps" VALUES(320, 157,398,0,NULL); -INSERT INTO "TestsToSteps" VALUES(321, 158,399,0,NULL); -INSERT INTO "TestsToSteps" VALUES(322, 145,400,0,NULL); -INSERT INTO "TestsToSteps" VALUES(323, 152,401,0,NULL); -INSERT INTO "TestsToSteps" VALUES(324, 155,402,0,NULL); -INSERT INTO "TestsToSteps" VALUES(325, 147,403,0,NULL); -INSERT INTO "TestsToSteps" VALUES(326, 150,405,0,NULL); -INSERT INTO "TestsToSteps" VALUES(327, 165,406,0,NULL); -INSERT INTO "TestsToSteps" VALUES(328, 148,408,0,NULL); -INSERT INTO "TestsToSteps" VALUES(329, 163,409,0,NULL); -INSERT INTO "TestsToSteps" VALUES(330, 150,410,0,NULL); -INSERT INTO "TestsToSteps" VALUES(331, 164,411,0,NULL); -INSERT INTO "TestsToSteps" VALUES(332, 166,412,0,NULL); -INSERT INTO "TestsToSteps" VALUES(333, 141,415,0,NULL); -INSERT INTO "TestsToSteps" VALUES(334, 139,416,0,NULL); -INSERT INTO "TestsToSteps" VALUES(335, 139,417,0,NULL); -INSERT INTO "TestsToSteps" VALUES(336, 143,420,0,NULL); -INSERT INTO "TestsToSteps" VALUES(337, 144,421,0,NULL); -INSERT INTO "TestsToSteps" VALUES(338, 145,422,0,NULL); -INSERT INTO "TestsToSteps" VALUES(339, 147,423,0,NULL); -INSERT INTO "TestsToSteps" VALUES(340, 160,425,0,NULL); -INSERT INTO "TestsToSteps" VALUES(341, 161,426,0,NULL); -INSERT INTO "TestsToSteps" VALUES(342, 161,427,0,NULL); -INSERT INTO "TestsToSteps" VALUES(343, 148,429,0,NULL); -INSERT INTO "TestsToSteps" VALUES(344, 149,430,0,NULL); -INSERT INTO "TestsToSteps" VALUES(345, 150,431,0,NULL); -INSERT INTO "TestsToSteps" VALUES(346, 150,432,0,NULL); -INSERT INTO "TestsToSteps" VALUES(347, 152,433,0,NULL); -INSERT INTO "TestsToSteps" VALUES(348, 168,435,0,NULL); -INSERT INTO "TestsToSteps" VALUES(349, 169,436,0,NULL); -INSERT INTO "TestsToSteps" VALUES(350, 155,437,0,NULL); -INSERT INTO "TestsToSteps" VALUES(351, 150,439,0,NULL); -INSERT INTO "TestsToSteps" VALUES(352, 165,440,0,NULL); -INSERT INTO "TestsToSteps" VALUES(353, 166,442,0,NULL); -INSERT INTO "TestsToSteps" VALUES(354, 141,452,0,NULL); -INSERT INTO "TestsToSteps" VALUES(355, 139,453,0,NULL); -INSERT INTO "TestsToSteps" VALUES(356, 139,454,0,NULL); -INSERT INTO "TestsToSteps" VALUES(357, 144,457,0,NULL); -INSERT INTO "TestsToSteps" VALUES(358, 145,458,0,NULL); -INSERT INTO "TestsToSteps" VALUES(359, 167,459,0,NULL); -INSERT INTO "TestsToSteps" VALUES(360, 155,460,0,NULL); -INSERT INTO "TestsToSteps" VALUES(361, 147,462,0,NULL); -INSERT INTO "TestsToSteps" VALUES(362, 161,463,0,NULL); -INSERT INTO "TestsToSteps" VALUES(363, 150,465,0,NULL); -INSERT INTO "TestsToSteps" VALUES(364, 165,466,0,NULL); -INSERT INTO "TestsToSteps" VALUES(365, 148,468,0,NULL); -INSERT INTO "TestsToSteps" VALUES(366, 149,469,0,NULL); -INSERT INTO "TestsToSteps" VALUES(367, 150,470,0,NULL); -INSERT INTO "TestsToSteps" VALUES(368, 164,471,0,NULL); -INSERT INTO "TestsToSteps" VALUES(369, 166,472,0,NULL); diff --git a/conformancelib/testdata/PIV-I_IdenTrust_Cards.xlsx b/conformancelib/testdata/PIV-I_IdenTrust_Cards.xlsx deleted file mode 100644 index 8f4442a4..00000000 Binary files a/conformancelib/testdata/PIV-I_IdenTrust_Cards.xlsx and /dev/null differ diff --git a/conformancelib/testdata/PIV-I_Production_Cards.db b/conformancelib/testdata/PIV-I_Production_Cards.db index 3fc9e054..10de2c54 100644 Binary files a/conformancelib/testdata/PIV-I_Production_Cards.db and b/conformancelib/testdata/PIV-I_Production_Cards.db differ diff --git a/conformancelib/testdata/PIV-I_Production_Cards.sql b/conformancelib/testdata/PIV-I_Production_Cards.sql index bef45cde..b52026f1 100644 --- a/conformancelib/testdata/PIV-I_Production_Cards.sql +++ b/conformancelib/testdata/PIV-I_Production_Cards.sql @@ -249,20 +249,20 @@ INSERT INTO "TestStepParameters" VALUES(12, 104,NULL,'100',1); INSERT INTO "TestStepParameters" VALUES(13, 114,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID:2.16.840.1.101.3.6.1',0); INSERT INTO "TestStepParameters" VALUES(14, 114,NULL,'CARDHOLDER_FINGERPRINTS_OID:2.16.840.1.101.3.6.2',1); INSERT INTO "TestStepParameters" VALUES(15, 114,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:2.16.840.1.101.3.6.2',2); -INSERT INTO "TestStepParameters" VALUES(16, 114,NULL,'CARDHOLDER_IRIS_IMAGES_OID:2.16.840',3); +INSERT INTO "TestStepParameters" VALUES(16, 114,NULL,'CARDHOLDER_IRIS_IMAGES_OID:2.16.840.1.101.3.6.2',3); INSERT INTO "TestStepParameters" VALUES(17, 124,NULL,'2.16.840.1.101.3.8.7',0); INSERT INTO "TestStepParameters" VALUES(18, 125,NULL,'1.3.6.1.1.16.4',0); INSERT INTO "TestStepParameters" VALUES(19, 137,NULL,'2.16.840.1.101.3.6.6',0); INSERT INTO "TestStepParameters" VALUES(20, 138,NULL,'1.3.6.1.1.16.4',0); -INSERT INTO "TestStepParameters" VALUES(21, 147,NULL,'X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID;1.3.6.1.4.1.45606.3.1.3',0); -INSERT INTO "TestStepParameters" VALUES(22, 147,NULL,'X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID;1.3.6.1.4.1.45606.3.1.3',1); -INSERT INTO "TestStepParameters" VALUES(23, 147,NULL,'X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID;1.3.6.1.4.1.45606.3.1.3',2); -INSERT INTO "TestStepParameters" VALUES(24, 147,NULL,'X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID;1.3.6.1.4.1.45606.3.1.21',3); -INSERT INTO "TestStepParameters" VALUES(25, 147,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID;1.3.6.1.4.1.45606.3.1.22',4); +INSERT INTO "TestStepParameters" VALUES(21, 147,NULL,'X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID:2.16.840.1.101.3.2.1.3.18',0); +INSERT INTO "TestStepParameters" VALUES(22, 147,NULL,'X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID:2.16.840.1.101.3.2.1.3.18',1); +INSERT INTO "TestStepParameters" VALUES(23, 147,NULL,'X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID:2.16.840.1.101.3.2.1.3.18',2); +INSERT INTO "TestStepParameters" VALUES(24, 147,NULL,'X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID:2.16.840.1.101.3.2.1.3.19',3); +INSERT INTO "TestStepParameters" VALUES(25, 147,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID:2.16.840.1.101.3.2.1.3.20',4); INSERT INTO "TestStepParameters" VALUES(26, 159,NULL,'2.16.840.1.101.3.2.1.3.19',0); INSERT INTO "TestStepParameters" VALUES(27, 161,NULL,'X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID:2.16.840.1.101.3.6.8',0); INSERT INTO "TestStepParameters" VALUES(28, 161,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID:2.16.840.1.101.3.8.7',1); -INSERT INTO "TestStepParameters" VALUES(29, 162,NULL,'1.3.6.1.4.1.45606.3.1.22',0); +INSERT INTO "TestStepParameters" VALUES(29, 162,NULL,'2.16.840.1.101.3.2.1.3.20',0); INSERT INTO "TestStepParameters" VALUES(30, 165,NULL,'2.5.29.31',0); INSERT INTO "TestStepParameters" VALUES(31, 168,NULL,'1.3.6.1.1.16.4',0); INSERT INTO "TestStepParameters" VALUES(32, 171,NULL,'1',0); @@ -560,7 +560,7 @@ INSERT INTO "TestCases" VALUES(286, NULL,'10.2.1.9','Message digest from signed INSERT INTO "TestCases" VALUES(287, NULL,'10.2.1.10','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(288, NULL,'10.2.1.11','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(289, NULL,'10.2.1.12','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(290, NULL,'10.2.1.13','The content signing certificate contains id-piv-content-signing or directly-asserted id-fpki-pivi-content-signing (for PIV-I) EKU extension.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); +INSERT INTO "TestCases" VALUES(290, NULL,'10.2.1.13','The content signing certificate contains id-piv-content-signing or directly-asserted id-PIV-contentSigning (for PIV-I) EKU extension.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(291, NULL,'10.2.1.14','signedAttrs of the SignerInfo includes the entryUUID (OID = 1.3.6.1.1.16.4) attribute and that it is the same value as the Card UUID in the GUID data element of the PIV card CHUID data object.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(292, NULL,'10.3 Facial Image','Biometric Facial Image','',NULL, 1, 1); INSERT INTO "TestCases" VALUES(293, NULL,'10.3.1','Signature Block Contents','',NULL, 1, 1); @@ -578,7 +578,7 @@ INSERT INTO "TestCases" VALUES(304, NULL,'10.3.1.9','Message digest from signed INSERT INTO "TestCases" VALUES(305, NULL,'10.3.1.10','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(306, NULL,'10.3.1.11','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(307, NULL,'10.3.1.12','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(308, NULL,'10.3.1.13','The content signing certificate contains id-piv-content-signing or directly-asserted id-fpki-pivi-content-signing (for PIV-I) EKU extension.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); +INSERT INTO "TestCases" VALUES(308, NULL,'10.3.1.13','The content signing certificate contains id-piv-content-signing or directly-asserted id-PIV-contentSigning (for PIV-I) EKU extension.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(309, NULL,'10.3.1.14','signedAttrs of the SignerInfo includes the entryUUID (OID = 1.3.6.1.1.16.4) attribute and that it is the same value as the Card UUID in the GUID data element of the PIV card CHUID data object.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(310, NULL,'10.4 Security Object','Security Object','',NULL, 1, 1); INSERT INTO "TestCases" VALUES(311, NULL,'10.4.1','Data Integrity','',NULL, 1, 1); @@ -608,7 +608,7 @@ INSERT INTO "TestCases" VALUES(334, NULL,'10.5.1.11','Message digest from signed INSERT INTO "TestCases" VALUES(335, NULL,'10.5.1.12','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(336, NULL,'10.5.1.13','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(337, NULL,'10.5.1.14','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(338, NULL,'10.5.1.15','The content signing certificate contains id-piv-content-signing or directly-asserted id-fpki-pivi-content-signing (for PIV-I) EKU extension.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); +INSERT INTO "TestCases" VALUES(338, NULL,'10.5.1.15','The content signing certificate contains id-piv-content-signing or directly-asserted id-PIV-contentSigning (for PIV-I) EKU extension.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(339, NULL,'10.5.1.16','signedAttrs of the SignerInfo includes the entryUUID (OID = 1.3.6.1.1.16.4) attribute and that it is the same value as the Card UUID in the GUID data element of the PIV card CHUID data object.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(340, NULL,'11 X.509 Certificate Profiles','PKI Certificate Profile Test Assertions','',NULL, 1, 1); INSERT INTO "TestCases" VALUES(341, NULL,'11.1','PIV Authentication Certificate','',NULL, 1, 1); @@ -620,7 +620,7 @@ INSERT INTO "TestCases" VALUES(346, NULL,'11.1.2','Data Integrity Checks','',NUL INSERT INTO "TestCases" VALUES(347, NULL,'11.1.2.1.1','digitalSignature bit has been set','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(348, NULL,'11.1.2.1.2','Confirm no other keyUsage bits are set.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(349, NULL,'11.1.2.2.1','A certificate policies extension is present.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(350, NULL,'11.1.2.2.2','A policyIdentifier field in the certificatePolicies extension asserts id-fpki-common-authentication.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); +INSERT INTO "TestCases" VALUES(350, NULL,'11.1.2.2.2','policyIdentifier field in the certificatePolicies extension asserts id-fpki-certpcy-pivi-hardware.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(351, NULL,'11.1.2.3','OCSP','',NULL, 1, 1); INSERT INTO "TestCases" VALUES(352, NULL,'11.1.2.3.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(353, NULL,'11.1.2.3.2','An accessMethod containing id-ad-ocsp is present.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); @@ -651,7 +651,7 @@ INSERT INTO "TestCases" VALUES(377, NULL,'11.2.2.1.2','digitalSignature and nonR INSERT INTO "TestCases" VALUES(378, NULL,'11.2.2.2','Private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(379, NULL,'11.2.2.3','Expiration date of the digital signature certificate is not beyond the expiration date of the CHUID i.e. the PIV card.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(380, NULL,'11.2.2.4','Exponent of the RSA asymmetric key for digital signature is equal to 65,537.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(381, NULL,'11.2.2.5','policyIdentifier field in the certificatePolicies extension asserts one of the following: id-fpki-common-hardware or id-fpki-common-High.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); +INSERT INTO "TestCases" VALUES(381, NULL,'11.2.2.5','policyIdentifier field in the certificatePolicies extension asserts id-fpki-certpcy-pivi-hardware.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(382, NULL,'11.2.2.6','CRL Distribution Point','',NULL, 1, 1); INSERT INTO "TestCases" VALUES(383, NULL,'11.2.2.6.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(384, NULL,'11.2.2.6.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); @@ -673,7 +673,7 @@ INSERT INTO "TestCases" VALUES(399, NULL,'11.3.2.1.2','If the algorithm is Ellip INSERT INTO "TestCases" VALUES(400, NULL,'11.3.2.1.3','No other Key Usage bits are set.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(401, NULL,'11.3.2.2','The private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(402, NULL,'11.3.2.3','Exponent of the RSA asymmetric key for key management is equal to 65,537.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(403, NULL,'11.3.2.4','policyIdentifier field in the certificatePolicies extension asserts one of the following: id-fpki-common-hardware or id-fpki-common-High.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); +INSERT INTO "TestCases" VALUES(403, NULL,'11.3.2.4','policyIdentifier field in the certificatePolicies extension asserts id-fpki-certpcy-pivi-hardware.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(404, NULL,'11.3.2.5','CRL Distribution Point','',NULL, 1, 1); INSERT INTO "TestCases" VALUES(405, NULL,'11.3.2.5.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(406, NULL,'11.3.2.5.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); @@ -693,7 +693,7 @@ INSERT INTO "TestCases" VALUES(419, NULL,'11.4.2.1','Key Usage','',NULL, 1, 1); INSERT INTO "TestCases" VALUES(420, NULL,'11.4.2.1.1','Key Usage extension is present','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(421, NULL,'11.4.2.1.2','The digitalSignature bit has been set.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(422, NULL,'11.4.2.1.3','No other bits have been set.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(423, NULL,'11.4.2.2','policyIdentifier field in the certificatePolicies extension asserts id-fpki-common-cardAuth.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); +INSERT INTO "TestCases" VALUES(423, NULL,'11.4.2.2','policyIdentifier field in the certificatePolicies extension asserts id-fpki-certpcy-pivi-cardAuth.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(424, NULL,'11.4.2.3','Extended Key Usage','',NULL, 1, 1); INSERT INTO "TestCases" VALUES(425, NULL,'11.4.2.3.1','Extended key usage (extKeyUsage) extension is present and maked critical','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(426, NULL,'11.4.2.3.2','Extended key usage (extKeyUsage) extension asserts id-PIV-cardAuth','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); @@ -732,7 +732,7 @@ INSERT INTO "TestCases" VALUES(458, NULL,'11.7.2.1.2','No other bits have been s INSERT INTO "TestCases" VALUES(459, NULL,'11.7.2.2','X.509 Certificate for Content Signing is not expired.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(460, NULL,'11.7.2.3','Exponent of the RSA asymmetric key for the X.509 Certificate for Content Signing is equal to 65,537.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(461, NULL,'11.7.2.4','Certificate Policy and Extended Key Usage','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(462, NULL,'11.7.2.4.1','policyIdentifier field in the certificatePolicies extension asserts the id-fpki-common-piv-contentSigning policy of [COMMON] (OID = 2.16.840.1.101.3.2.1.3.39)','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); +INSERT INTO "TestCases" VALUES(462, NULL,'11.7.2.4.1','policyIdentifier field in the certificatePolicies extension asserts id-fpki-certpcy-pivi-contentSigning.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(463, NULL,'11.7.2.4.2','extended key usage (extKeyUsage) asserts id-PIV-content-signing.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); INSERT INTO "TestCases" VALUES(464, NULL,'11.7.2.5','CRL Distribution Point','',NULL, 1, 1); INSERT INTO "TestCases" VALUES(465, NULL,'11.7.2.5.1','URI is present with the http scheme.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); diff --git a/conformancelib/testdata/PIV-I_Production_Cards.xlsx b/conformancelib/testdata/PIV-I_Production_Cards.xlsx index 6b06b2af..8b1aa794 100644 Binary files a/conformancelib/testdata/PIV-I_Production_Cards.xlsx and b/conformancelib/testdata/PIV-I_Production_Cards.xlsx differ diff --git a/conformancelib/testdata/PIV-I_Production_IdenTrust_Cards.db b/conformancelib/testdata/PIV-I_Production_IdenTrust_Cards.db deleted file mode 100644 index fbf23d0b..00000000 Binary files a/conformancelib/testdata/PIV-I_Production_IdenTrust_Cards.db and /dev/null differ diff --git a/conformancelib/testdata/PIV-I_Production_IdenTrust_Cards.sql b/conformancelib/testdata/PIV-I_Production_IdenTrust_Cards.sql deleted file mode 100644 index 052a339e..00000000 --- a/conformancelib/testdata/PIV-I_Production_IdenTrust_Cards.sql +++ /dev/null @@ -1,1088 +0,0 @@ --- TestSteps are what we've been referring to as atoms -CREATE TABLE IF NOT EXISTS "TestSteps" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `Description` TEXT, -- column 2 on each tab - `Class` TEXT, -- fully qualified class name - `Method` TEXT, -- method to invoke for the atom - `NumParameters` INTEGER -- parameter count. not really necessary but was briefly helpful, so it's still here -); - --- Map test cases to their atoms -CREATE TABLE IF NOT EXISTS "TestsToSteps" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestStepId` INTEGER, --Foreign key TestSteps.Id - `TestId` INTEGER, --Foreign key TestCases.Id - `ExecutionOrder` INTEGER, --Sequence of atoms for a test case - `Status` INTEGER -- runners can populate with status info to see which step failed -); - --- used to pass parameters to atoms -CREATE TABLE IF NOT EXISTS "TestStepParameters" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestStepId` INTEGER, --TestSteps.Id - `TestId` INTEGER, --TestCases.Id - `Value` TEXT, --Parameter Value - `ParamOrder` TEXT --Parameter order... idea here was one row for each pattern to be passed into a particular invocation of an atom. - --If we settle on a string of key=value for the Value field, this could be OBE -); - --- TestCases is the primary driver of the test runner -CREATE TABLE IF NOT EXISTS "TestCases" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestGroup` TEXT, -- can be filled in to allow selective execution by the runner. not in spreadsheet - `TestCaseIdentifier` TEXT, -- section column on step overview tab - `TestCaseDescription` TEXT, -- description column on step overview tab - `TestCaseContainer` TEXT, -- ID of the container the test case applies to, if necessary - `Status` INTEGER, -- to be populated by runner - `ExpectedStatus` INTEGER, -- everything on the spreadsheet should get 1 here - primarily present to give runners a way to mark tests that should fail - `Enabled` INTEGER -- allows the runner to enable/disable test cases. default to 1 -); - --- Allow runners to create test groups. not in spreadsheet -CREATE TABLE IF NOT EXISTS "TestGroups" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `GroupDescription` TEXT -); - --- Allow runners to create test groups. not in spreadsheet -CREATE TABLE IF NOT EXISTS "GroupsToTestCases" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestGroupId` INTEGER, --TestGroups.Id - `TestCaseId` INTEGER --TestCases.Id -); - --- this isn't really going to be used by the look of things. probably should --- be eliminated, but it's harmless and has been intermittently useful in dev. -CREATE TABLE IF NOT EXISTS "SystemSettings" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `ReaderName` TEXT, - `ApplicationPIN` TEXT, - `OutputDirectory` TEXT, - `SettingsGroup` TEXT, - `GPMasterKey` TEXT -); - -INSERT INTO "TestSteps" VALUES(1,'BERTLV.1','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(2,'BERTLV.2','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(3,'BERTLV.3','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(4,'BERTLV.4','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(5,'BERTLV.5','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(6,'73-4.1','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(7,'73-4.2','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(8,'73-4.3','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(9,'73-4.4','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(10,'73-4.5','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(11,'73-4.6','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(12,'73-4.7','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(13,'73-4.8','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(14,'73-4.9','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(15,'73-4.10','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(16,'73-4.11','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(17,'73-4.12','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(18,'73-4.13','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(19,'73-4.14','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(20,'73-4.15','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(21,'73-4.16','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(22,'73-4.17','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(23,'73-4.18','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(24,'73-4.19','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(25,'73-4.20','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(26,'73-4.21','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(27,'73-4.22','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(28,'73-4.23','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(29,'73-4.24','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(30,'73-4.25','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(31,'73-4.26','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(32,'73-4.27','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(33,'73-4.28','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(34,'73-4.29','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_29',NULL); -INSERT INTO "TestSteps" VALUES(35,'73-4.30','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_30',NULL); -INSERT INTO "TestSteps" VALUES(36,'73-4.31','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_31',NULL); -INSERT INTO "TestSteps" VALUES(37,'73-4.32','gov.gsa.conformancelib.tests.SP800_73_4FacialImageTests','sp800_73_4_Test_32',NULL); -INSERT INTO "TestSteps" VALUES(38,'73-4.33','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_33',NULL); -INSERT INTO "TestSteps" VALUES(39,'73-4.34','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_34',NULL); -INSERT INTO "TestSteps" VALUES(40,'73-4.35','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_35',NULL); -INSERT INTO "TestSteps" VALUES(41,'73-4.36','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_36',NULL); -INSERT INTO "TestSteps" VALUES(42,'73-4.37','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_37',NULL); -INSERT INTO "TestSteps" VALUES(43,'73-4.38','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_38',NULL); -INSERT INTO "TestSteps" VALUES(44,'73-4.40','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_40',NULL); -INSERT INTO "TestSteps" VALUES(45,'73-4.41','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_41',NULL); -INSERT INTO "TestSteps" VALUES(46,'73-4.42','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_42',NULL); -INSERT INTO "TestSteps" VALUES(47,'73-4.43','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_43',NULL); -INSERT INTO "TestSteps" VALUES(48,'73-4.44','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_44',NULL); -INSERT INTO "TestSteps" VALUES(49,'73-4.45','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_45',NULL); -INSERT INTO "TestSteps" VALUES(50,'73-4.46','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_46',NULL); -INSERT INTO "TestSteps" VALUES(51,'73-4.47','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_47',NULL); -INSERT INTO "TestSteps" VALUES(52,'73-4.48','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_48',NULL); -INSERT INTO "TestSteps" VALUES(53,'73-4.49','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_49',NULL); -INSERT INTO "TestSteps" VALUES(54,'73-4.50','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_50',NULL); -INSERT INTO "TestSteps" VALUES(55,'73-4.51','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_51',NULL); -INSERT INTO "TestSteps" VALUES(56,'73-4.52','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_52',NULL); -INSERT INTO "TestSteps" VALUES(57,'73-4.53','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_53',NULL); -INSERT INTO "TestSteps" VALUES(58,'73-4.54','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_54',NULL); -INSERT INTO "TestSteps" VALUES(59,'73-4.55','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_55',NULL); -INSERT INTO "TestSteps" VALUES(60,'73-4.56','gov.gsa.conformancelib.tests.SP800_73_4CommmonObjectTests','sp800_73_4_Test_56',NULL); -INSERT INTO "TestSteps" VALUES(61,'76.1','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_1',NULL); -INSERT INTO "TestSteps" VALUES(62,'76.2','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_2',NULL); -INSERT INTO "TestSteps" VALUES(63,'76.3','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_3',NULL); -INSERT INTO "TestSteps" VALUES(64,'76.4','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_4',NULL); -INSERT INTO "TestSteps" VALUES(65,'76.5','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_5',NULL); -INSERT INTO "TestSteps" VALUES(66,'76.6','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_6',NULL); -INSERT INTO "TestSteps" VALUES(67,'76.7','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_7',NULL); -INSERT INTO "TestSteps" VALUES(68,'76.8','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_8',NULL); -INSERT INTO "TestSteps" VALUES(69,'76.9','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_9',NULL); -INSERT INTO "TestSteps" VALUES(70,'76.10','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_10',NULL); -INSERT INTO "TestSteps" VALUES(71,'76.11','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_11',NULL); -INSERT INTO "TestSteps" VALUES(72,'76.12','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_12',NULL); -INSERT INTO "TestSteps" VALUES(73,'76.13','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_13',NULL); -INSERT INTO "TestSteps" VALUES(74,'76.14','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_14',NULL); -INSERT INTO "TestSteps" VALUES(75,'76.15a','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_15a',NULL); -INSERT INTO "TestSteps" VALUES(76,'76.15b','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_15b',NULL); -INSERT INTO "TestSteps" VALUES(77,'76.16','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_16',NULL); -INSERT INTO "TestSteps" VALUES(78,'76.17','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_17',NULL); -INSERT INTO "TestSteps" VALUES(79,'76.18','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_18',NULL); -INSERT INTO "TestSteps" VALUES(80,'76.19','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_19',NULL); -INSERT INTO "TestSteps" VALUES(81,'76.20','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_20',NULL); -INSERT INTO "TestSteps" VALUES(82,'76.21','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_21',NULL); -INSERT INTO "TestSteps" VALUES(83,'76.22','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_22',NULL); -INSERT INTO "TestSteps" VALUES(84,'76.23','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_23',NULL); -INSERT INTO "TestSteps" VALUES(85,'76.24','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_24',NULL); -INSERT INTO "TestSteps" VALUES(86,'76.25','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_25',NULL); -INSERT INTO "TestSteps" VALUES(87,'76.26','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_26',NULL); -INSERT INTO "TestSteps" VALUES(88,'76.27','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_27',NULL); -INSERT INTO "TestSteps" VALUES(89,'76.28','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_28',NULL); -INSERT INTO "TestSteps" VALUES(90,'76.29','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_29',NULL); -INSERT INTO "TestSteps" VALUES(91,'76.30','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_30',NULL); -INSERT INTO "TestSteps" VALUES(92,'76.31','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_31',NULL); -INSERT INTO "TestSteps" VALUES(93,'76.32','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_32',NULL); -INSERT INTO "TestSteps" VALUES(94,'76.33','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_33',NULL); -INSERT INTO "TestSteps" VALUES(95,'76.34','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_34',NULL); -INSERT INTO "TestSteps" VALUES(96,'76.35','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_35',NULL); -INSERT INTO "TestSteps" VALUES(97,'76.36','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_36',NULL); -INSERT INTO "TestSteps" VALUES(98,'76.37','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_37',NULL); -INSERT INTO "TestSteps" VALUES(99,'76.38','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_38',NULL); -INSERT INTO "TestSteps" VALUES(100,'76.39','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_39',NULL); -INSERT INTO "TestSteps" VALUES(101,'76.40','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_40',NULL); -INSERT INTO "TestSteps" VALUES(102,'76.41','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_41',NULL); -INSERT INTO "TestSteps" VALUES(103,'76.42','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_42',NULL); -INSERT INTO "TestSteps" VALUES(104,'76.43','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_43',NULL); -INSERT INTO "TestSteps" VALUES(105,'76.44','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_44',NULL); -INSERT INTO "TestSteps" VALUES(106,'76.45','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_45',NULL); -INSERT INTO "TestSteps" VALUES(107,'76.46','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_46',NULL); -INSERT INTO "TestSteps" VALUES(108,'76.47','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_47',NULL); -INSERT INTO "TestSteps" VALUES(109,'76.48','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_48',NULL); -INSERT INTO "TestSteps" VALUES(110,'CMS.1','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(111,'CMS.2','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(112,'CMS.3','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(113,'CMS.4','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(114,'CMS.5','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(115,'CMS.6','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(116,'CMS.7','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(117,'CMS.8','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(118,'CMS.9','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(119,'CMS.11','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(120,'CMS.12','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(121,'CMS.13','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(122,'CMS.14','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(123,'CMS.15','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(124,'CMS.16','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(125,'CMS.17','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(126,'CMS.18','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(127,'CMS.19','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(128,'CMS.20','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(129,'CMS.21','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(130,'CMS.22','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(131,'CMS.23','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(132,'CMS.24','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(133,'CMS.25','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(134,'CMS.26','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(135,'CMS.27','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(136,'CMS.28','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(137,'CMS.29','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_29',NULL); -INSERT INTO "TestSteps" VALUES(138,'CMS.30','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_30',NULL); -INSERT INTO "TestSteps" VALUES(139,'78.1','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(140,'78.2','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(141,'78.3','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(142,'PKIX.1','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(143,'PKIX.2','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(144,'PKIX.3','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(145,'PKIX.4','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(146,'PKIX.5','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(147,'PKIX.6','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(148,'PKIX.7','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(149,'PKIX.8','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(150,'PKIX.9','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(151,'PKIX.10','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(152,'PKIX.11','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(153,'PKIX.12','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(154,'PKIX.13','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(155,'PKIX.14','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(156,'PKIX.15','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(157,'PKIX.16','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(158,'PKIX.17','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(159,'PKIX.18','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(160,'PKIX.19','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(161,'PKIX.20','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(162,'PKIX.21','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(163,'PKIX.22','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(164,'PKIX.23','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(165,'PKIX.24','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(166,'PKIX.25','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(167,'PKIX.26','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(168,'PKIX.27','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(169,'PKIX.28','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(170,'PlaceholderTest.1','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_1',NULL); -INSERT INTO "TestSteps" VALUES(171,'PlaceholderTest.2','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_2',NULL); -INSERT INTO "TestSteps" VALUES(172,'PlaceholderTest.3','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_3',NULL); -INSERT INTO "TestStepParameters" VALUES(1, 21,NULL,'CHUID_OID:5',0); -INSERT INTO "TestStepParameters" VALUES(2, 99,NULL,'CARDHOLDER_FINGERPRINTS_OID:513',0); -INSERT INTO "TestStepParameters" VALUES(3, 99,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:1281',1); -INSERT INTO "TestStepParameters" VALUES(4, 99,NULL,'CARDHOLDER_IRIS_IMAGES_OID:9',2); -INSERT INTO "TestStepParameters" VALUES(5, 102,NULL,'CARDHOLDER_FINGERPRINTS_OID:8',0); -INSERT INTO "TestStepParameters" VALUES(6, 102,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:2',1); -INSERT INTO "TestStepParameters" VALUES(7, 102,NULL,'CARDHOLDER_IRIS_IMAGES_OID:16',2); -INSERT INTO "TestStepParameters" VALUES(8, 103,NULL,'CARDHOLDER_FINGERPRINTS_OID:128',0); -INSERT INTO "TestStepParameters" VALUES(9, 103,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:32:2',1); -INSERT INTO "TestStepParameters" VALUES(10, 103,NULL,'CARDHOLDER_IRIS_IMAGES_OID:64',2); -INSERT INTO "TestStepParameters" VALUES(11, 104,NULL,'-2',0); -INSERT INTO "TestStepParameters" VALUES(12, 104,NULL,'100',1); -INSERT INTO "TestStepParameters" VALUES(13, 123,NULL,'2.16.840.1.101.3.8.7',0); -INSERT INTO "TestStepParameters" VALUES(14, 125,NULL,'1.3.6.1.1.16.4',0); -INSERT INTO "TestStepParameters" VALUES(15, 147,NULL,'X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID;2.16.840.1.113839.0.100.18.0',0); -INSERT INTO "TestStepParameters" VALUES(16, 147,NULL,'X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID;2.16.840.1.113839.0.100.18.1',1); -INSERT INTO "TestStepParameters" VALUES(17, 147,NULL,'X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID;2.16.840.1.113839.0.100.18.2',2); -INSERT INTO "TestStepParameters" VALUES(18, 147,NULL,'X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID;2.16.840.1.113839.0.100.19.1',3); -INSERT INTO "TestStepParameters" VALUES(19, 147,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID;2.16.840.1.113839.0.100.20.1',4); -INSERT INTO "TestStepParameters" VALUES(20, 153,NULL,'1.3.6.1.1.16.4',0); -INSERT INTO "TestStepParameters" VALUES(21, 159,NULL,'2.16.840.1.101.3.2.1.3.19',0); -INSERT INTO "TestStepParameters" VALUES(22, 161,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID:2.16.840.1.101.3.6.7',0); -INSERT INTO "TestStepParameters" VALUES(23, 161,NULL,'X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID:2.16.840.1.101.3.6.7',1); -INSERT INTO "TestStepParameters" VALUES(24, 162,NULL,'1.3.6.1.4.1.45606.3.1.22',0); -INSERT INTO "TestStepParameters" VALUES(25, 165,NULL,'2.5.29.31',0); -INSERT INTO "TestStepParameters" VALUES(26, 168,NULL,'1.3.6.1.1.16.4',0); -INSERT INTO "TestStepParameters" VALUES(27, 171,NULL,'1',0); -INSERT INTO "TestStepParameters" VALUES(28, 171,NULL,'2',1); -INSERT INTO "TestStepParameters" VALUES(29, 171,NULL,'3',2); -INSERT INTO "TestStepParameters" VALUES(30, 172,NULL,'CAT:SLEEPY',0); -INSERT INTO "TestStepParameters" VALUES(31, 172,NULL,'DOG:HUNGRY',1); -INSERT INTO "TestStepParameters" VALUES(32, 172,NULL,'ELEPHANT:SAD',2); -INSERT INTO "TestCases" VALUES(1, NULL,'8 BER_TLV','BER_TLV_Test_Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(2, NULL,'8.1 CCC','Card Capabilities Container','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(3, NULL,'8.1.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(4, NULL,'8.1.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(5, NULL,'8.1.0.2','Tag encoded as 3 bytes','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(6, NULL,'8.1.0.3','Each data object returned with 2 byte status word (90 00)','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(7, NULL,'8.1.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(8, NULL,'8.1.1','CCC Registered data model element is present and has a value of 0x10.','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(9, NULL,'8.1.2','CCC BERTLV tag is 5FC107','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(10, NULL,'8.1.3','CCC Tags 0xF0, 0xF1, 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7, 0xFA, 0xFB, 0xFC, 0xFD present in that order','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(11, NULL,'8.1.8','CCC Optional Tags 0xE3 and 0xE4 may be present or absent; if present are after tags listed in and are in that order','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(12, NULL,'8.1.9','CCC Tag 0xFE present and after any tags from 73-4.4 and 73.4-5','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(13, NULL,'8.1.10','Confirm that tag 0xFE has length of 0','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(14, NULL,'8.1.11','CCC value lengths comply with Table 8 of SP 800-73-4','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(15, NULL,'8.2 CHUID','Card Holder Unique Identifier','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(16, NULL,'8.2.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(17, NULL,'8.2.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(18, NULL,'8.2.0.2','Tag encoded as 3 bytes','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(19, NULL,'8.2.0.3','Each data object returned with 2 byte status word (90 00)','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(20, NULL,'8.2.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(21, NULL,'8.2.1','CHUID value lengths comply with Table 9 of SP 800-73-4','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(22, NULL,'8.2.2.1','Tag 0x30 is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(23, NULL,'8.2.2.2','Tag 0x30 is the first tag or the first tag following 0xEE','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(24, NULL,'8.2.2.3','Tags 0x32 and 0x33 are optionally present and must follow 0x30 in that order','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(25, NULL,'8.2.2.4','Tag 0x34 is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(26, NULL,'8.2.2.5','Tag 0x34 is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(27, NULL,'8.2.2.6','Tag 0x34 follows Tag 0x30, 32, or 0x33','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(28, NULL,'8.2.2.7','Tag 0x35 is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(29, NULL,'8.2.2.8','7Tag 0x35 follows Tag 0x34','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(30, NULL,'8.2.2.9','Tag 0x36 is optionally present and follows Tag 0x35','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(31, NULL,'8.2.2.10','Tags 0x3E and 0xFE are present and follow tags from 73-4.10, 73-4.11, 73-4.12, 73-4.13 in that order','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(32, NULL,'8.2.2.11','Tag 0x3E is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(33, NULL,'8.2.2.12','Tag 0x3E follows Tag 0x35 or 0x36','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(34, NULL,'8.2.2.13','Tag 0xFE is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(35, NULL,'8.2.2.14','Tag 0xFE follows Tag 0x3E','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(36, NULL,'8.2.2.15','If CHUID tag 0xEE is present, it is the first tag in the blob','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(37, NULL,'8.2.3','Expiration Date is formatted YYYYMMDD','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(38, NULL,'8.2.4','Expiration Date is within the next 5 years','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(39, NULL,'8.2.5','If the CHUID contains the optional Cardholder UUID, then the data element shall be in accordance with 800 73-4 Part 1 Section 3.4.2.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(40, NULL,'8.2.6','The retired key map is not present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(41, NULL,'8.2.7','Tag 0xFE has length of 0','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(42, NULL,'8.3 Authentication Cert','X.509 Certificate for PIV-I Authentication','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(43, NULL,'8.3.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(44, NULL,'8.3.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(45, NULL,'8.3.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(46, NULL,'8.3.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(47, NULL,'8.3.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(48, NULL,'8.3.1','PIV Authentication Certificate container value lengths comply with Table 10 of SP 800-73-4','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(49, NULL,'8.3.2.1','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(50, NULL,'8.3.2.2','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(51, NULL,'8.3.2.3','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(52, NULL,'8.3.2.4','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(53, NULL,'8.3.2.5','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(54, NULL,'8.4 Fingerprints','Card Holder Fingerprints','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(55, NULL,'8.4.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(56, NULL,'8.4.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(57, NULL,'8.4.0.2','Tag encoded as 3 bytes','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(58, NULL,'8.4.0.3','Each data object returned with 2 byte status word (90 00)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(59, NULL,'8.4.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(60, NULL,'8.4.5','Card Holder Fingerprints value lengths comply with Table 11 of SP 800-73-4','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(61, NULL,'8.4.6','If CHUID tag 0xEE is present, it is the first tag in the blob','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(62, NULL,'8.4.7','Tag 0x30 is present and is the first tag or the first tag following 0xEE','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(63, NULL,'8.4.8','Tags 0x32 and 0x33 are optionally present and must follow 0x30 in that order','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(64, NULL,'8.4.9','Tag 0xFE has length of 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(65, NULL,'8.5 Printed Information','Printed Information','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(66, NULL,'8.5.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(67, NULL,'8.5.0.1','Length field encoded as shown in SP800-85B Table 8.1','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(68, NULL,'8.5.0.2','Tag encoded as 3 bytes','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(69, NULL,'8.5.0.3','Each data object returned with 2 byte status word (90 00)','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(70, NULL,'8.5.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(71, NULL,'8.5.1.1','Printed Information value lengths comply with Table 14 of SP 800-73-4','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(72, NULL,'8.5.1.2','Tags 0x01, 0x02, 0x05, 0x06 are present in that order','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(73, NULL,'8.5.1.3','Tags 0x01, 0x02, 0x05, 0x06 are in that order','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(74, NULL,'8.5.1.4','Tag 0xFE follows Tag 0x06, 0x07, or 0x08','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(75, NULL,'8.5.1.5','Tags 0x07 and 0x08 are optionally present in that order, following the tags from 73-4.28','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(76, NULL,'8.5.1.6','Tag 0xFE is present and follows tags from 73-4.28, 73-4.29','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(77, NULL,'8.5.1.7','No tags other than (0x01, 0x02, 0x05, 0x06, 0x07, 0x08, 0xFE) are present','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(78, NULL,'8.5.1.8','Tag 0xFE has length of 0','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(79, NULL,'8.6 Facial Image','Card Holder Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(80, NULL,'8.6.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(81, NULL,'8.6.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(82, NULL,'8.6.0.2','Tag encoded as 3 bytes','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(83, NULL,'8.6.0.3','Each data object returned with 2 byte status word (90 00)','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(84, NULL,'8.6.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(85, NULL,'8.6.1.1','Printed Information value lengths comply with Table 13 of SP 800-73-4','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(86, NULL,'8.6.1.2','Position is one of the valid x,y coordinate types in the original image','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(87, NULL,'8.6.1.3','No tags other than (0xBC, 0xFE) are present','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(88, NULL,'8.6..4','Tag 0xFE has length of 0','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(89, NULL,'8.7 Digital Signature Cert','X.509 Certificate for Digital Signature','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(90, NULL,'8.7.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(91, NULL,'8.7.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(92, NULL,'8.7.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(93, NULL,'8.7.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(94, NULL,'8.7.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(95, NULL,'8.7.1.1','X.509 Certificate for Digital Signature container value lengths comply with Table 15 of SP 800-73-4','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(96, NULL,'8.7.1.2','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(97, NULL,'8.7.1.3','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(98, NULL,'8.7.1.4','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(99, NULL,'8.7.1.5','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(100, NULL,'8.7.1.6','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(101, NULL,'8.8 Key Management Cert','X.509 Certificate for Key Management','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(102, NULL,'8.8.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(103, NULL,'8.8.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(104, NULL,'8.8.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(105, NULL,'8.8.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(106, NULL,'8.8.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(107, NULL,'8.8.1.1','X.509 Certificate for Key Management container value lengths comply with Table 16 of SP 800-73-4','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(108, NULL,'8.8.1.2','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(109, NULL,'8.8.1.3','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(110, NULL,'8.8.1.4','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(111, NULL,'8.8.1.5','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(112, NULL,'8.8.1.6','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(113, NULL,'8.9 Card Auth Cert','X.509 Certificate for Card Authentication','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(114, NULL,'8.9.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(115, NULL,'8.9.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(116, NULL,'8.9.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(117, NULL,'8.9.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(118, NULL,'8.9.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(119, NULL,'8.9.1.1','X.509 Certificate for Card Authentication value lengths comply with Table 17 of SP 800-73-4','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(120, NULL,'8.9.1.2','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(121, NULL,'8.9.1.3','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(122, NULL,'8.9.1.4','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(123, NULL,'8.9.1.5','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(124, NULL,'8.9.1.6','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(125, NULL,'8.10 Security Objecvt','Security Object','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(126, NULL,'8.10.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(127, NULL,'8.10.0.1','Length field encoded as shown in SP800-85B Table 8.1','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(128, NULL,'8.10.0.2','Tag encoded as 3 bytes','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(129, NULL,'8.10.0.3','Each data object returned with 2 byte status word (90 00)','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(130, NULL,'8.10.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(131, NULL,'8.10.1.1','Security Object value lengths comply with Table 12 of SP 800-73-4','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(132, NULL,'8.10.1.2','Tags 0xBA, 0xBB, 0XFE are present','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(133, NULL,'8.10.1.3','Tags 0xBA, 0xBB, 0XFE are are in that order','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(134, NULL,'8.10.1.4','No tags other than (0xBA, 0xBB, 0xFE) are present','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(135, NULL,'8.10.2','Parse data at tag 0xBA and for each data container found ensure that performing a select returns status words 0x90, 0x00','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(136, NULL,'8.11 Discovery Object','Discovery Object','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(137, NULL,'8.11.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(138, NULL,'8.11.0.1','Length field encoded as shown in SP800-85B Table 8.1','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(139, NULL,'8.11.0.2','Tag encoded as 3 bytes','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(140, NULL,'8.11.0.3','Each data object returned with 2 byte status word (90 00)','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(141, NULL,'8.11.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(142, NULL,'8.11.1.1','Tag 0x4F (PIV Application AID) is present','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(143, NULL,'8.11.1.2','Tag 0x5F2F (PIN Usage Policy) Is present','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(144, NULL,'8.11.1.3','Discovery Object Tags 0x4F, 0x5F2F are in that order','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(145, NULL,'8.11.1.4','The values of the tags conform with the vendor provided data.','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(146, NULL,'8.11.1.5','The PIN usage policy matches the card capabilities provided by the vendor documentation. Associated optional data objects are present when the PIN usage policy asserts an optional capability (i.e., OCC, global PIN and pairing code)','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(147, NULL,'8.11.6','Discovery Object value lengths comply with Table 18 of SP 800-73-4','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(148, NULL,'8.12 Iris','Card Holder Iris Images','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(149, NULL,'8.13 Retired Key Management Cert','Key History Objects','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(150, NULL,'8.13.1','X.509 Key History 1','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(151, NULL,'8.13.2','X.509 Key History 2','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(152, NULL,'8.14 Key History','Key History (see Issue #52)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(153, NULL,'8.15 BITT','Biometric InformationTemplates Group Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(154, NULL,'8.16 SMCS','Secure Messaging Certificate Signer','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(155, NULL,'8.17 Pariring Code Reference','Pairing Code Reference Data Container','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(156, NULL,'9 Biometric Data Objects','Biometric Data Object Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(157, NULL,'9.1 Fingerprint','CBEFF Patron Format for Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(158, NULL,'9.1.1','CBEFF Structure for Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(159, NULL,'9.1.1.1','BDB length field is non-zero','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(160, NULL,'9.1.1.2','Recorded length matches actual BDB length','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(161, NULL,'9.1.1.3','SB length field is non-zero','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(162, NULL,'9.1.1.4','Recorded length matches actual SB length','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(163, NULL,'9.1.1.5','Card Holder Fingerprint object length equals sum of CBEFF header length + BDB length + SB length','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(164, NULL,'9.1.2','CBEFF Header for Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(165, NULL,'9.1.2.1','The Patron Header Version field has a value of 0x03.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(166, NULL,'9.1.2.2','Validate that the biometric data block is signed but not encrypted','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(167, NULL,'9.1.2.3','Validate that BDB Format Owner is set to a value of 0x001B denoting M1, the INCITS Technical Committee on Biometrics.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(168, NULL,'9.1.2.4','The BDB Format Type is set to a value of 0x0201','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(169, NULL,'9.1.2.5','Validate that that the creation date in the PIV Patron Format is encoded in 8 bytes using a binary representation of YYYYMMDDhhmmssZ','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(170, NULL,'9.1.2.6','Validate date encoding on Validity Period in PIV Patron Format','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(171, NULL,'9.1.2.7','Valdiate that that Biometric Type has the value 0x000008','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(172, NULL,'9.1.2.8','Validate that for the mandatory minutia PIV card templates, the CBEFF biometric data type encoding value shall be b100xxxxx, which corresponds to biometric data that has been processed.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(173, NULL,'9.1.2.9','The Biometric Data Quality field is -2 or 0 - 100.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(174, NULL,'9.1.2.10','Validate that that the Creator field in the PIV Patron Format contains 18 bytes of which the first K <= 17 bytes shall be ASCII characters, and the first of the remaining 18-K shall be a null terminator (zero)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(175, NULL,'9.1.2.12','Validate that the Reserved for Future Use field is equal to 0x00000000','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(176, NULL,'9.2 Facial Image','CBEFF Patron Format for Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(177, NULL,'9.2.1','CBEFF Structure for Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(178, NULL,'9.2.1.1','Validate that CBEFF structure conforms to SP800-76 Table 7','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(179, NULL,'9.2.1.2','BDB length field is non-zero','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(180, NULL,'9.2.1.3','Recorded length matches actual length','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(181, NULL,'9.2.1.4','SB length field is non-zero','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(182, NULL,'9.2.2','CBEFF Header for Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(183, NULL,'9.2.2.1','Card Holder Fingerprint object length equals sum of CBEFF header length + BDB length + SB length','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(184, NULL,'9.2.2.2','Validate that the biometric data block is signed but not encrypted','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(185, NULL,'9.2.2.3','Validate that BDB Format Owner is set to a value of 0x001B denoting M1, the INCITS Technical Committee on Biometrics.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(186, NULL,'9.2.2.4','The BDB Format Type is set to a value of 0x0501','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(187, NULL,'9.2.2.5','Validate that that the creation date in the PIV Patron Format is encoded in 8 bytes using a binary representation of YYYYMMDDhhmmssZ','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(188, NULL,'9.2.2.6','Validate date encoding on Validity Period in PIV Patron Format','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(189, NULL,'9.2.2.7','Validate that Biometric Type has the value 0x000002','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(190, NULL,'9.2.2.8','Validate that the CBEFF biometric data type encoding value shall be b001xxxxx, which corresponds to the raw biometric data','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(191, NULL,'9.2.2.9','The Biometric Data Quality field is -2 or 0 - 100.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(192, NULL,'9.2.2.10','Validate that that the Creator field in the PIV Patron Format contains 18 bytes of which the first K <= 17 bytes shall be ASCII characters, and the first of the remaining 18-K shall be a null terminator (zero)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(193, NULL,'9.2.2.12','Validate that the Reserved for Future Use field is equal to 0x00000000','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(194, NULL,'9.3 Iris','CBEFF Patron Format for Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(195, NULL,'9.3.1','CBEFF Structure for Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(196, NULL,'9.3.1.1','Validate that CBEFF structure conforms to SP800-76 Table 7','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(197, NULL,'9.3.1.2','BDB length field is non-zero','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(198, NULL,'9.3.1.3','Recorded length matches actual length','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(199, NULL,'9.3.1.4','SB length field is non-zero','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(200, NULL,'9.3.2','CBEFF Header for Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(201, NULL,'9.3.2.1','Patron Header Version field has a value of 0x03.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(202, NULL,'9.3.2.2','Validate that the biometric data block is signed but not encrypted','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(203, NULL,'9.3.2.3','The BDB Format Owner field has a value of 0x0101.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(204, NULL,'9.3.2.4','The BDB Format Type field has a value of 0x0009.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(205, NULL,'9.3.2.5','Validate that that the creation date in the PIV Patron Format is encoded in 8 bytes using a binary representation of YYYYMMDDhhmmssZ','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(206, NULL,'9.3.2.6','Validate date encoding on Validity Period in PIV Patron Format','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(207, NULL,'9.3.2.7','The value of the Biometric Type field for the iris image is 0x000010.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(208, NULL,'9.3.2.8','Validate that the CBEFF biometric data type encoding value shall be b01000000, which corresponds to the raw biometric data','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(209, NULL,'9.3.2.9','The Biometric Data Quality field is -2 or 0 - 100.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(210, NULL,'9.3.2.10','Validate that that the Creator field in the PIV Patron Format contains 18 bytes of which the first K <= 17 bytes shall be ASCII characters, and the first of the remaining 18-K shall be a null terminator (zero)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(211, NULL,'9.3.2.12','Validate that the Reserved for Future Use field is equal to 0x00000000','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(212, NULL,'9.4 Fingerprint','Off-Card Comparison Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(213, NULL,'9.4.1','General Record Header Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(214, NULL,'9.4.1.1','Extract contents of format identifier, confirm value 0x464D5200','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(215, NULL,'9.4.1.2','Extract contents of version identifier, confirm value 0x20323030','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(216, NULL,'9.4.1.3','Biometric Data Block length (L) where 26 <= L <= 1574','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(217, NULL,'9.4.1.4','Confirm that product identifier owner and product identifier type are non-zero and that MSBs identify vendor, LSBs identify minutia detection algorithm version','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(218, NULL,'9.4.1.5','Confirm that product identifier owner and product identifier type are non-zero and that MSBs identify vendor, LSBs identify minutia detection algorithm version','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(219, NULL,'9.4.1.6','Confirm that capture equipment compliance has a value of 1000b','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(220, NULL,'9.4.1.7','Confirm that capture equipment id is non-NULL','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(221, NULL,'9.4.1.8','Width of the Size of Scanned Image in x direction is the larger of the widths of the two input images.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(222, NULL,'9.4.1.9','Height of the Size of Scanned Image in y direction is the larger of the heights of the two input images.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(223, NULL,'9.4.1.10','X and Y resolutions both have values of 197','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(224, NULL,'9.4.1.12','Number of Finger Views is 2','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(225, NULL,'9.4.1.13','Confirm that reserved byte is set to 0','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(226, NULL,'9.4.2','View Header Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(227, NULL,'9.4.2.0.1','Confirm that Finger View Header has value A','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(228, NULL,'9.4.2.0.2','Confirm that Finger View Position (0,14)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(229, NULL,'9.4.2.1','If only 1 minutiae present for a finger, view number must be 0','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(230, NULL,'9.4.2.2','Impression type must be 0 or 2','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(231, NULL,'9.4.2.3','Finger Quality value shall be 20, 40, 60, 80, 100, 254, or 255.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(232, NULL,'9.4.2.4','Number of minutia (0..128)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(233, NULL,'9.4.2.5','Minutiae Type value shall be 01b, 10b, or 00b.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(234, NULL,'9.4.2.6','Verify that position is one of the valid x,y coordinate types in the original image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(235, NULL,'9.4.2.7','Verify that angle (0,179)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(236, NULL,'9.4.2.8','Verify that quality (0,100)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(237, NULL,'9.4.2.9','Verify that extended data block length is 0','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(238, NULL,'9.4.3','Fingerprint Minutiae Data Records','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(239, NULL,'9.4.3.1','Minutiae Type value shall be01b, 10b, or 00b.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(240, NULL,'9.4.3.2','Extended Data Block Length shall be 0','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(241, NULL,'9.5','On-Card Comparison','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(242, NULL,'9.5.1','BIT Group Template data conformance for on-card comparison','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(243, NULL,'9.6 Facial Image','Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(244, NULL,'9.6.1','Facial Image Header Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(245, NULL,'9.6.2','Facial Image Data Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(246, NULL,'9.7 Iris','Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(247, NULL,'9.7.1','Iris Image Profile','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(248, NULL,'9.7.2','Iris Image Data Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(249, NULL,'10 Signed Data Elements','Signed Data Elements Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(250, NULL,'10.1 CHUID','Card Holder Unique Identifier','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(251, NULL,'10.1.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(252, NULL,'10.1.1.1','The CHUID buffer contains an asymmetric digital signature that is implemented as a SignedData type and is encoded as a CMS external signature according to RFC 5652.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(253, NULL,'10.1.1.2','The value of the version field of the SignedData is 3.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(254, NULL,'10.1.1.3','The digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP800-78-4.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(255, NULL,'10.1.1.4','The eContent field has been omitted and the eContentType asserts id-piv-CHUIDSecurityObject in encapContentInfo.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(256, NULL,'10.1.1.5','The crls field is omitted from the SignedData.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(257, NULL,'10.1.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(258, NULL,'10.1.1.7','The SignerIdentifier in the SignerInfo uses the issuerAndSerialNumber choice and it corresponds to the issuer and serialNumber fields found in the X.509 certificate of the signer.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(259, NULL,'10.1.1.8','The digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP80078','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(260, NULL,'10.1.1.8.1','The digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(261, NULL,'10.1.1.9','The value of the hash obtained from the message digest attribute of the signedAttrs of the SignerInfo is identical to that obtained after hashing the concatenated contents of the CHUID, excluding the asymmetric digital signature field and the Buffer Length field, if present.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(262, NULL,'10.1.1.10','The value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(263, NULL,'10.1.1.12','The signatureAlgorithm field specified in the SignerInfo field for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm shall be in accordance with Table 3-3 of SP800-78-4.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(264, NULL,'10.1.1.13','The certificate from the cert bag succesfully validates the CMS signature.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(265, NULL,'10.2 OCC Biometric Fingerprint','Off-Card Comparison Biometric Fingerprint','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(266, NULL,'10.2.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(267, NULL,'10.2.1.1','CBEFF_SIGNATURE_BLOCK is present in the biometric CBEFF structure containing an asymmetric digital signature that is implemented as a SignedData type according to RFC 5652.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(268, NULL,'10.2.1.2','PKCS#7 version is set to 3','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(269, NULL,'10.2.1.3','digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP80078.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(270, NULL,'10.2.1.4','The eContent field has been omitted and the eContentType asserts id-piv-biometricObject in encapContentInfo.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(271, NULL,'10.2.1.5','The crls field is omitted from the SignedData.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(272, NULL,'10.2.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(273, NULL,'10.2.1.7.1','SignerId uses ths IssuerAndSerialNumber choice','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(274, NULL,'10.2.1.7.2','Issuer and Serial in the signer info corresponds to the issuer and serial values in the signer certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(275, NULL,'10.2.1.8','Verify Digest Algorithm in SignerInfo','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(276, NULL,'10.2.1.8.1','digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP80078','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(277, NULL,'10.2.1.8.2','digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(278, NULL,'10.2.1.9','Message digest from signed attributes bag matches the digest over Fingerprint biometric data (excluding contents of digital signature field)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(279, NULL,'10.2.1.10','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(280, NULL,'10.2.1.11','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(281, NULL,'10.2.1.12','The signatureAlgorithm field specified in the SignerInfo field for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm shall be in accordance with Table 3-3 of SP 80078.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(282, NULL,'10.2.1.13','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(283, NULL,'10.2.1.14','signedAttrs of the SignerInfo includes the entryUUID (OID = 1.3.6.1.1.16.4) attribute and that it is the same value as the Card UUID in the GUID data element of the PIV card CHUID data object.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(284, NULL,'10.3 Facial Image','Biometric Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(285, NULL,'10.3.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(286, NULL,'10.3.1.1','CBEFF_SIGNATURE_BLOCK is present in the biometric CBEFF structure containing an asymmetric digital signature that is implemented as a SignedData type according to RFC 5652.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(287, NULL,'10.3.1.2','PKCS#7 version is set to 3','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(288, NULL,'10.3.1.3','digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP80078.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(289, NULL,'10.3.1.4','The eContent field has been omitted and the eContentType asserts id-piv-biometricObject in encapContentInfo.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(290, NULL,'10.3.1.5','The crls field is omitted from the SignedData.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(291, NULL,'10.3.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(292, NULL,'10.3.1.7.1','SignerId uses ths IssuerAndSerialNumber choice','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(293, NULL,'10.3.1.7.2','Issuer and Serial in the signer info corresponds to the issuer and serial values in the signer certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(294, NULL,'10.3.1.8.1','digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP80078','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(295, NULL,'10.3.1.8.2','digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(296, NULL,'10.3.1.9','Message digest from signed attributes bag matches the digest over Fingerprint biometric data (excluding contents of digital signature field)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(297, NULL,'10.3.1.10','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(298, NULL,'10.3.1.11','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(299, NULL,'10.3.1.12','The signatureAlgorithm field specified in the SignerInfo field for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm shall be in accordance with Table 3-3 of SP 80078.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(300, NULL,'10.3.1.13','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(301, NULL,'10.3.1.14','signedAttrs of the SignerInfo includes the entryUUID (OID = 1.3.6.1.1.16.4) attribute and that it is the same value as the Card UUID in the GUID data element of the PIV card CHUID data object.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(302, NULL,'10.4 Security Object','Security Object','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(303, NULL,'10.4.1','Data Integrity','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(304, NULL,'10.4.1.1','The actual hash of the data elements on the PIV card are identical to their corresponding hash values present in the security object.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(305, NULL,'10.4.2','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(306, NULL,'10.4.2.1','Verify that the asymmetric digital field contains a CMS signed data object with no encapsulated content (see issue #52).','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(307, NULL,'10.4.2.2','Confirm that version of signed data structure is 1','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(308, NULL,'10.4.2.3','Verify that eContent contains a security object','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(309, NULL,'10.4.2.4','The eContent field contains a correctly formatted ldsSecurityobject and the eContentType asserts id-icao-ldsSecurityObject in encapContentInfo.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(310, NULL,'10.4.2.5','The certificates field is omitted from the SignedData.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(311, NULL,'10.4.2.6','Validate signing and digest algorithms','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(312, NULL,'10.4.2.7','The signatureAlgorithm field specified in the SignerInfo field for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm shall be in accordance with Table 3-3 of SP80078.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(313, NULL,'10.5 Iris','Biometric Iris','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(314, NULL,'10.5.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(315, NULL,'10.5.1.1','CBEFF_SIGNATURE_BLOCK is present in the biometric CBEFF structure containing an asymmetric digital signature that is implemented as a SignedData type according to RFC 5652.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(316, NULL,'10.5.1.2','PKCS#7 version is set to 3','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(317, NULL,'10.5.1.3','digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP80078.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(318, NULL,'10.5.1.4','The eContent field has been omitted and the eContentType asserts id-piv-biometricObject in encapContentInfo.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(319, NULL,'10.5.1.5','The crls field is omitted from the SignedData.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(320, NULL,'10.5.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(321, NULL,'10.5.1.7','SignerId uses ths IssuerAndSerialNumber choice','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(322, NULL,'10.5.1.8','Issuer and Serial in the signer info corresponds to the issuer and serial values in the signer certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(323, NULL,'10.5.1.9','digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP80078','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(324, NULL,'10.5.1.10','digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(325, NULL,'10.5.1.11','Message digest from signed attributes bag matches the digest over Fingerprint biometric data (excluding contents of digital signature field)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(326, NULL,'10.5.1.12','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(327, NULL,'10.5.1.13','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(328, NULL,'10.5.1.14','The signatureAlgorithm field specified in the SignerInfo field for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm shall be in accordance with Table 3-3 of SP 80078.','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(329, NULL,'10.5.1.15','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(330, NULL,'10.5.1.16','signedAttrs of the SignerInfo includes the entryUUID (OID = 1.3.6.1.1.16.4) attribute and that it is the same value as the Card UUID in the GUID data element of the PIV card CHUID data object.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(331, NULL,'11 X.509 Certificate Profiles','PKI Certificate Profile Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(332, NULL,'11.1','PIV Authentication Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(333, NULL,'11.1.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(334, NULL,'11.1.1.1','The signatureAlgorithm value is in accordance with Table 3-3 of SP80078. If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(335, NULL,'11.1.1.2','The PIV authentication key is generated using an allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(336, NULL,'11.1.1.3','The key size and types used are in accordance with Table 3-1 of SP 800-78-4.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(337, NULL,'11.1.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(338, NULL,'11.1.2.1.1','digitalSignature bit has been set','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(339, NULL,'11.1.2.1.2','Confirm no other keyUsage bits are set.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(340, NULL,'11.1.2.2.1','A certificate policies extension is present.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(341, NULL,'11.1.2.2.2','A policyIdentifier field in the certificatePolicies extension asserts id-fpki-common-authentication.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(342, NULL,'11.1.2.3','OCSP','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(343, NULL,'11.1.2.3.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(344, NULL,'11.1.2.3.2','An accessMethod containing id-ad-ocsp is present.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(345, NULL,'11.1.2.3.3','AIA uniformResourceIdentifier protocol is http','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(346, NULL,'11.1.2.5','Sign arbitrary data using the specified key container and confirm that the certificate can validate it','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(347, NULL,'11.1.2.6','Subject Alternate Name','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(348, NULL,'11.1.2.6.2','GeneralName field exists that contain a URI asserting a Card UUID as specified by [RFC4122, Section 3] that matches the GUID value in the CHUID.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(349, NULL,'11.1.2.7','Expiration date of the PIV authentication certificate is not beyond the expiration date of the CHUID i.e. the PIV card.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(350, NULL,'11.1.2.8','Exponent of the RSA asymmetric key for PIV authentication is equal to 65,537.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(351, NULL,'11.1.2.9','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(352, NULL,'11.1.2.9.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(353, NULL,'11.1.2.9.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(354, NULL,'11.1.2.10','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(355, NULL,'11.1.2.10.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(356, NULL,'11.1.2.10.2','An accessMethod containing id-ad-caIssuers is present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(357, NULL,'11.1.2.10.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(358, NULL,'11.1.2.10.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(359, NULL,'11.1.2.10.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(360, NULL,'11.2','Digital Signature Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(361, NULL,'11.2.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(362, NULL,'11.2.1.1','The signatureAlgorithm value is in accordance with Table 3-3 of SP80078. If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(363, NULL,'11.2.1.2','The digital signature key is generated using an allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(364, NULL,'11.2.1.3','The key size used is in accordance with Table 3-1 of SP80078.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(365, NULL,'11.2.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(366, NULL,'11.2.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(367, NULL,'11.2.2.1.1','Key Usage extension is present','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(368, NULL,'11.2.2.1.2','digitalSignature and nonRepudiation bits have been set.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(369, NULL,'11.2.2.2','Private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(370, NULL,'11.2.2.3','Expiration date of the digital signature certificate is not beyond the expiration date of the CHUID i.e. the PIV card.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(371, NULL,'11.2.2.4','Exponent of the RSA asymmetric key for digital signature is equal to 65,537.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(372, NULL,'11.2.2.5','policyIdentifier field in the certificatePolicies extension asserts one of the following: id-fpki-common-hardware or id-fpki-common-High.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(373, NULL,'11.2.2.6','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(374, NULL,'11.2.2.6.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(375, NULL,'11.2.2.6.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(376, NULL,'11.2.2.7','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(377, NULL,'11.2.2.7.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(378, NULL,'11.2.2.7.2','authorityInfoAccess field contains an id-ad-caIssuers','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(379, NULL,'11.2.2.7.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(380, NULL,'11.2.2.7.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(381, NULL,'11.2.2.7.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(382, NULL,'11.3','Key Management Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(383, NULL,'11.3.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(384, NULL,'11.3.1.1','If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(385, NULL,'11.3.1.2','The key management key is generated using an allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(386, NULL,'11.3.1.3','The key sizes used are in accordance with Table 3-1 of SP80078.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(387, NULL,'11.3.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(388, NULL,'11.3.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(389, NULL,'11.3.2.1.1','If the public key algorithm is RSA, then the keyUsage extension asserts the keyEncipherment bit.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(390, NULL,'11.3.2.1.2','If the algorithm is Elliptic Curve key, then the keyUsage extension asserts the keyAgreement bit.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(391, NULL,'11.3.2.1.3','No other Key Usage bits are set.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(392, NULL,'11.3.2.2','The private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(393, NULL,'11.3.2.3','Exponent of the RSA asymmetric key for key management is equal to 65,537.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(394, NULL,'11.3.2.4','policyIdentifier field in the certificatePolicies extension asserts one of the following: id-fpki-common-hardware or id-fpki-common-High.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(395, NULL,'11.3.2.5','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(396, NULL,'11.3.2.5.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(397, NULL,'11.3.2.5.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(398, NULL,'11.3.2.6','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(399, NULL,'11.3.2.6.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(400, NULL,'11.3.2.6.2','authorityInfoAccess field contains an id-ad-caIssuers','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(401, NULL,'11.3.2.6.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(402, NULL,'11.3.2.6.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(403, NULL,'11.3.2.6.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(404, NULL,'11.4','Card Authentication Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(405, NULL,'11.4.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(406, NULL,'11.4.1.1','If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(407, NULL,'11.4.1.2','The card authentication key is generated using the allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(408, NULL,'11.4.1.3','The key sizes used are in accordance with Table 3-1 of SP80078.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(409, NULL,'11.4.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(410, NULL,'11.4.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(411, NULL,'11.4.2.1.1','Key Usage extension is present','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(412, NULL,'11.4.2.1.2','The digitalSignature bit has been set.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(413, NULL,'11.4.2.1.3','No other bits have been set.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(414, NULL,'11.4.2.2','policyIdentifier field in the certificatePolicies extension asserts id-fpki-common-cardAuth.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(415, NULL,'11.4.2.3','Extended Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(416, NULL,'11.4.2.3.1','Extended key usage (extKeyUsage) extension is present and maked critical','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(417, NULL,'11.4.2.3.2','Extended key usage (extKeyUsage) extension asserts id-PIV-cardAuth','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(418, NULL,'11.4.2.3.3','Extended key usage extension does not assert any other OIDs.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(419, NULL,'11.4.2.4','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(420, NULL,'11.4.2.4.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(421, NULL,'11.4.2.4.2','authorityInfoAccess field contains an id-ad-ocsp','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(422, NULL,'11.4.2.4.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(423, NULL,'11.4.2.4.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(424, NULL,'11.4.2.6','The private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(425, NULL,'11.4.2.7','Subject Alternate Name','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(426, NULL,'11.4.2.7.2','GeneralName field exists that contain a URI asserting a Card UUID as specified by [RFC4122, Section 3] that matches the GUID value in the CHUID.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(427, NULL,'11.4.2.7.3','No other name forms appear in the subjectAltName extension.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(428, NULL,'11.4.2.8','Exponent of the RSA asymmetric key for key management is equal to 65,537.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(429, NULL,'11.4.2.9','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(430, NULL,'11.4.2.9.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(431, NULL,'11.4.2.9.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(432, NULL,'11.4.2.10','Authority Information Access (85B-4)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(433, NULL,'11.4.2.10.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(434, NULL,'11.5','Secure Messaging Card Verifiable Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(435, NULL,'11.5.1','Secure Messaging CVC Profile Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(436, NULL,'11.5.2','Algorithm Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(437, NULL,'11.5.3','Data Integrity Checks','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(438, NULL,'11.6','Intermediate Card Verifiable Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(439, NULL,'11.6.1','Intermediate CVC Profile Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(440, NULL,'11.6.2','Algorithm Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(441, NULL,'11.7','X.509 Certificate for Content Signing','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(442, NULL,'11.7.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(443, NULL,'11.7.1.1','If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(444, NULL,'11.7.1.2','The card authentication key is generated using the allowed asymmetric key algorithm.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(445, NULL,'11.7.1.3','The key sizes used are in accordance with Table 3-1 of SP80078.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(446, NULL,'11.7.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(447, NULL,'11.7.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(448, NULL,'11.7.2.1.1','digitalSignature and nonRepudiation bits have been set','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(449, NULL,'11.7.2.1.2','No other bits have been set.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(450, NULL,'11.7.2.2','X.509 Certificate for Content Signing is not expired.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(451, NULL,'11.7.2.3','Exponent of the RSA asymmetric key for the X.509 Certificate for Content Signing is equal to 65,537.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(452, NULL,'11.7.2.4','Certificate Policy and Extended Key Usage','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(453, NULL,'11.7.2.4.1','policyIdentifier field in the certificatePolicies extension asserts the id-fpki-common-piv-contentSigning policy of [COMMON] (OID = 2.16.840.1.101.3.2.1.3.39)','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(454, NULL,'11.7.2.4.2','extended key usage (extKeyUsage) asserts id-PIV-content-signing.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(455, NULL,'11.7.2.5','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(456, NULL,'11.7.2.5.1','URI is present with the http scheme.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(457, NULL,'11.7.2.5.2','URI points only to files with .crl extensions.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(458, NULL,'11.7.2.6','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(459, NULL,'11.7.2.6.1','authorityInformationAccess extension is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(460, NULL,'11.7.2.6.2','authorityInfoAccess field contains an id-ad-caIssuers','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(461, NULL,'11.7.2.6.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(462, NULL,'11.7.2.6.4','URI scheme is http (not https)','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(463, NULL,'11.7.2.6.5','File contains a CMS a certs-only CMS message (see RFC 3851).','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestsToSteps" VALUES(1, 1,4,0,NULL); -INSERT INTO "TestsToSteps" VALUES(2, 2,5,0,NULL); -INSERT INTO "TestsToSteps" VALUES(3, 3,6,0,NULL); -INSERT INTO "TestsToSteps" VALUES(4, 4,7,0,NULL); -INSERT INTO "TestsToSteps" VALUES(5, 6,8,0,NULL); -INSERT INTO "TestsToSteps" VALUES(6, 7,9,0,NULL); -INSERT INTO "TestsToSteps" VALUES(7, 8,10,0,NULL); -INSERT INTO "TestsToSteps" VALUES(8, 9,11,0,NULL); -INSERT INTO "TestsToSteps" VALUES(9, 10,12,0,NULL); -INSERT INTO "TestsToSteps" VALUES(10, 28,13,0,NULL); -INSERT INTO "TestsToSteps" VALUES(11, 11,14,0,NULL); -INSERT INTO "TestsToSteps" VALUES(12, 1,17,0,NULL); -INSERT INTO "TestsToSteps" VALUES(13, 2,18,0,NULL); -INSERT INTO "TestsToSteps" VALUES(14, 3,19,0,NULL); -INSERT INTO "TestsToSteps" VALUES(15, 4,20,0,NULL); -INSERT INTO "TestsToSteps" VALUES(16, 13,21,0,NULL); -INSERT INTO "TestsToSteps" VALUES(17, 15,22,0,NULL); -INSERT INTO "TestsToSteps" VALUES(18, 47,23,0,NULL); -INSERT INTO "TestsToSteps" VALUES(19, 16,24,0,NULL); -INSERT INTO "TestsToSteps" VALUES(20, 17,25,0,NULL); -INSERT INTO "TestsToSteps" VALUES(21, 48,26,0,NULL); -INSERT INTO "TestsToSteps" VALUES(22, 49,27,0,NULL); -INSERT INTO "TestsToSteps" VALUES(23, 50,28,0,NULL); -INSERT INTO "TestsToSteps" VALUES(24, 51,29,0,NULL); -INSERT INTO "TestsToSteps" VALUES(25, 18,30,0,NULL); -INSERT INTO "TestsToSteps" VALUES(26, 19,31,0,NULL); -INSERT INTO "TestsToSteps" VALUES(27, 52,32,0,NULL); -INSERT INTO "TestsToSteps" VALUES(28, 53,33,0,NULL); -INSERT INTO "TestsToSteps" VALUES(29, 54,34,0,NULL); -INSERT INTO "TestsToSteps" VALUES(30, 55,35,0,NULL); -INSERT INTO "TestsToSteps" VALUES(31, 14,36,0,NULL); -INSERT INTO "TestsToSteps" VALUES(32, 20,37,0,NULL); -INSERT INTO "TestsToSteps" VALUES(33, 21,38,0,NULL); -INSERT INTO "TestsToSteps" VALUES(34, 18,39,0,NULL); -INSERT INTO "TestsToSteps" VALUES(35, 29,40,0,NULL); -INSERT INTO "TestsToSteps" VALUES(36, 28,41,0,NULL); -INSERT INTO "TestsToSteps" VALUES(37, 1,44,0,NULL); -INSERT INTO "TestsToSteps" VALUES(38, 2,45,0,NULL); -INSERT INTO "TestsToSteps" VALUES(39, 3,46,0,NULL); -INSERT INTO "TestsToSteps" VALUES(40, 4,47,0,NULL); -INSERT INTO "TestsToSteps" VALUES(41, 60,48,0,NULL); -INSERT INTO "TestsToSteps" VALUES(42, 24,49,0,NULL); -INSERT INTO "TestsToSteps" VALUES(43, 25,50,0,NULL); -INSERT INTO "TestsToSteps" VALUES(44, 26,51,0,NULL); -INSERT INTO "TestsToSteps" VALUES(45, 27,52,0,NULL); -INSERT INTO "TestsToSteps" VALUES(46, 28,53,0,NULL); -INSERT INTO "TestsToSteps" VALUES(47, 1,56,0,NULL); -INSERT INTO "TestsToSteps" VALUES(48, 2,57,0,NULL); -INSERT INTO "TestsToSteps" VALUES(49, 3,58,0,NULL); -INSERT INTO "TestsToSteps" VALUES(50, 4,59,0,NULL); -INSERT INTO "TestsToSteps" VALUES(51, 29,60,0,NULL); -INSERT INTO "TestsToSteps" VALUES(52, 86,61,0,NULL); -INSERT INTO "TestsToSteps" VALUES(53, 87,62,0,NULL); -INSERT INTO "TestsToSteps" VALUES(54, 84,63,0,NULL); -INSERT INTO "TestsToSteps" VALUES(55, 28,64,0,NULL); -INSERT INTO "TestsToSteps" VALUES(56, 1,67,0,NULL); -INSERT INTO "TestsToSteps" VALUES(57, 2,68,0,NULL); -INSERT INTO "TestsToSteps" VALUES(58, 3,69,0,NULL); -INSERT INTO "TestsToSteps" VALUES(59, 4,70,0,NULL); -INSERT INTO "TestsToSteps" VALUES(60, 32,71,0,NULL); -INSERT INTO "TestsToSteps" VALUES(61, 33,72,0,NULL); -INSERT INTO "TestsToSteps" VALUES(62, 56,73,0,NULL); -INSERT INTO "TestsToSteps" VALUES(63, 57,74,0,NULL); -INSERT INTO "TestsToSteps" VALUES(64, 34,75,0,NULL); -INSERT INTO "TestsToSteps" VALUES(65, 35,76,0,NULL); -INSERT INTO "TestsToSteps" VALUES(66, 36,77,0,NULL); -INSERT INTO "TestsToSteps" VALUES(67, 28,78,0,NULL); -INSERT INTO "TestsToSteps" VALUES(68, 1,81,0,NULL); -INSERT INTO "TestsToSteps" VALUES(69, 2,82,0,NULL); -INSERT INTO "TestsToSteps" VALUES(70, 3,83,0,NULL); -INSERT INTO "TestsToSteps" VALUES(71, 4,84,0,NULL); -INSERT INTO "TestsToSteps" VALUES(72, 37,85,0,NULL); -INSERT INTO "TestsToSteps" VALUES(73, 30,86,0,NULL); -INSERT INTO "TestsToSteps" VALUES(74, 31,87,0,NULL); -INSERT INTO "TestsToSteps" VALUES(75, 28,88,0,NULL); -INSERT INTO "TestsToSteps" VALUES(76, 1,91,0,NULL); -INSERT INTO "TestsToSteps" VALUES(77, 2,92,0,NULL); -INSERT INTO "TestsToSteps" VALUES(78, 3,93,0,NULL); -INSERT INTO "TestsToSteps" VALUES(79, 4,94,0,NULL); -INSERT INTO "TestsToSteps" VALUES(80, 60,95,0,NULL); -INSERT INTO "TestsToSteps" VALUES(81, 24,96,0,NULL); -INSERT INTO "TestsToSteps" VALUES(82, 25,97,0,NULL); -INSERT INTO "TestsToSteps" VALUES(83, 27,98,0,NULL); -INSERT INTO "TestsToSteps" VALUES(84, 26,99,0,NULL); -INSERT INTO "TestsToSteps" VALUES(85, 28,100,0,NULL); -INSERT INTO "TestsToSteps" VALUES(86, 1,103,0,NULL); -INSERT INTO "TestsToSteps" VALUES(87, 2,104,0,NULL); -INSERT INTO "TestsToSteps" VALUES(88, 3,105,0,NULL); -INSERT INTO "TestsToSteps" VALUES(89, 4,106,0,NULL); -INSERT INTO "TestsToSteps" VALUES(90, 60,107,0,NULL); -INSERT INTO "TestsToSteps" VALUES(91, 24,108,0,NULL); -INSERT INTO "TestsToSteps" VALUES(92, 25,109,0,NULL); -INSERT INTO "TestsToSteps" VALUES(93, 26,110,0,NULL); -INSERT INTO "TestsToSteps" VALUES(94, 27,111,0,NULL); -INSERT INTO "TestsToSteps" VALUES(95, 28,112,0,NULL); -INSERT INTO "TestsToSteps" VALUES(96, 1,115,0,NULL); -INSERT INTO "TestsToSteps" VALUES(97, 2,116,0,NULL); -INSERT INTO "TestsToSteps" VALUES(98, 3,117,0,NULL); -INSERT INTO "TestsToSteps" VALUES(99, 4,118,0,NULL); -INSERT INTO "TestsToSteps" VALUES(100, 60,119,0,NULL); -INSERT INTO "TestsToSteps" VALUES(101, 24,120,0,NULL); -INSERT INTO "TestsToSteps" VALUES(102, 25,121,0,NULL); -INSERT INTO "TestsToSteps" VALUES(103, 26,122,0,NULL); -INSERT INTO "TestsToSteps" VALUES(104, 27,123,0,NULL); -INSERT INTO "TestsToSteps" VALUES(105, 28,124,0,NULL); -INSERT INTO "TestsToSteps" VALUES(106, 1,127,0,NULL); -INSERT INTO "TestsToSteps" VALUES(107, 2,128,0,NULL); -INSERT INTO "TestsToSteps" VALUES(108, 3,129,0,NULL); -INSERT INTO "TestsToSteps" VALUES(109, 4,130,0,NULL); -INSERT INTO "TestsToSteps" VALUES(110, 38,131,0,NULL); -INSERT INTO "TestsToSteps" VALUES(111, 39,132,0,NULL); -INSERT INTO "TestsToSteps" VALUES(112, 58,133,0,NULL); -INSERT INTO "TestsToSteps" VALUES(113, 40,134,0,NULL); -INSERT INTO "TestsToSteps" VALUES(114, 41,135,0,NULL); -INSERT INTO "TestsToSteps" VALUES(115, 1,138,0,NULL); -INSERT INTO "TestsToSteps" VALUES(116, 2,139,0,NULL); -INSERT INTO "TestsToSteps" VALUES(117, 3,140,0,NULL); -INSERT INTO "TestsToSteps" VALUES(118, 4,141,0,NULL); -INSERT INTO "TestsToSteps" VALUES(119, 44,142,0,NULL); -INSERT INTO "TestsToSteps" VALUES(120, 45,143,0,NULL); -INSERT INTO "TestsToSteps" VALUES(121, 59,144,0,NULL); -INSERT INTO "TestsToSteps" VALUES(122, 170,145,0,NULL); -INSERT INTO "TestsToSteps" VALUES(123, 46,146,0,NULL); -INSERT INTO "TestsToSteps" VALUES(124, 43,147,0,NULL); -INSERT INTO "TestsToSteps" VALUES(125, 170,150,0,NULL); -INSERT INTO "TestsToSteps" VALUES(126, 170,151,0,NULL); -INSERT INTO "TestsToSteps" VALUES(127, 170,152,0,NULL); -INSERT INTO "TestsToSteps" VALUES(128, 61,159,0,NULL); -INSERT INTO "TestsToSteps" VALUES(129, 62,160,0,NULL); -INSERT INTO "TestsToSteps" VALUES(130, 63,161,0,NULL); -INSERT INTO "TestsToSteps" VALUES(131, 109,162,0,NULL); -INSERT INTO "TestsToSteps" VALUES(132, 64,163,0,NULL); -INSERT INTO "TestsToSteps" VALUES(133, 65,165,0,NULL); -INSERT INTO "TestsToSteps" VALUES(134, 66,166,0,NULL); -INSERT INTO "TestsToSteps" VALUES(135, 67,167,0,NULL); -INSERT INTO "TestsToSteps" VALUES(136, 99,168,0,NULL); -INSERT INTO "TestsToSteps" VALUES(137, 100,169,0,NULL); -INSERT INTO "TestsToSteps" VALUES(138, 64,170,0,NULL); -INSERT INTO "TestsToSteps" VALUES(139, 102,171,0,NULL); -INSERT INTO "TestsToSteps" VALUES(140, 103,172,0,NULL); -INSERT INTO "TestsToSteps" VALUES(141, 104,173,0,NULL); -INSERT INTO "TestsToSteps" VALUES(142, 105,174,0,NULL); -INSERT INTO "TestsToSteps" VALUES(143, 107,175,0,NULL); -INSERT INTO "TestsToSteps" VALUES(144, 61,178,0,NULL); -INSERT INTO "TestsToSteps" VALUES(145, 62,179,0,NULL); -INSERT INTO "TestsToSteps" VALUES(146, 63,180,0,NULL); -INSERT INTO "TestsToSteps" VALUES(147, 64,181,0,NULL); -INSERT INTO "TestsToSteps" VALUES(148, 65,183,0,NULL); -INSERT INTO "TestsToSteps" VALUES(149, 66,184,0,NULL); -INSERT INTO "TestsToSteps" VALUES(150, 67,185,0,NULL); -INSERT INTO "TestsToSteps" VALUES(151, 99,186,0,NULL); -INSERT INTO "TestsToSteps" VALUES(152, 100,187,0,NULL); -INSERT INTO "TestsToSteps" VALUES(153, 64,188,0,NULL); -INSERT INTO "TestsToSteps" VALUES(154, 102,189,0,NULL); -INSERT INTO "TestsToSteps" VALUES(155, 103,190,0,NULL); -INSERT INTO "TestsToSteps" VALUES(156, 104,191,0,NULL); -INSERT INTO "TestsToSteps" VALUES(157, 105,192,0,NULL); -INSERT INTO "TestsToSteps" VALUES(158, 107,193,0,NULL); -INSERT INTO "TestsToSteps" VALUES(159, 61,196,0,NULL); -INSERT INTO "TestsToSteps" VALUES(160, 62,197,0,NULL); -INSERT INTO "TestsToSteps" VALUES(161, 63,198,0,NULL); -INSERT INTO "TestsToSteps" VALUES(162, 64,199,0,NULL); -INSERT INTO "TestsToSteps" VALUES(163, 65,201,0,NULL); -INSERT INTO "TestsToSteps" VALUES(164, 66,202,0,NULL); -INSERT INTO "TestsToSteps" VALUES(165, 67,203,0,NULL); -INSERT INTO "TestsToSteps" VALUES(166, 99,204,0,NULL); -INSERT INTO "TestsToSteps" VALUES(167, 100,205,0,NULL); -INSERT INTO "TestsToSteps" VALUES(168, 64,206,0,NULL); -INSERT INTO "TestsToSteps" VALUES(169, 102,207,0,NULL); -INSERT INTO "TestsToSteps" VALUES(170, 103,208,0,NULL); -INSERT INTO "TestsToSteps" VALUES(171, 104,209,0,NULL); -INSERT INTO "TestsToSteps" VALUES(172, 105,210,0,NULL); -INSERT INTO "TestsToSteps" VALUES(173, 107,211,0,NULL); -INSERT INTO "TestsToSteps" VALUES(174, 69,214,0,NULL); -INSERT INTO "TestsToSteps" VALUES(175, 61,215,0,NULL); -INSERT INTO "TestsToSteps" VALUES(176, 71,216,0,NULL); -INSERT INTO "TestsToSteps" VALUES(177, 72,217,0,NULL); -INSERT INTO "TestsToSteps" VALUES(178, 72,218,0,NULL); -INSERT INTO "TestsToSteps" VALUES(179, 73,219,0,NULL); -INSERT INTO "TestsToSteps" VALUES(180, 74,220,0,NULL); -INSERT INTO "TestsToSteps" VALUES(181, 170,221,0,NULL); -INSERT INTO "TestsToSteps" VALUES(182, 170,222,0,NULL); -INSERT INTO "TestsToSteps" VALUES(183, 77,223,0,NULL); -INSERT INTO "TestsToSteps" VALUES(184, 78,224,0,NULL); -INSERT INTO "TestsToSteps" VALUES(185, 79,225,0,NULL); -INSERT INTO "TestsToSteps" VALUES(186, 80,227,0,NULL); -INSERT INTO "TestsToSteps" VALUES(187, 81,228,0,NULL); -INSERT INTO "TestsToSteps" VALUES(188, 82,229,0,NULL); -INSERT INTO "TestsToSteps" VALUES(189, 83,230,0,NULL); -INSERT INTO "TestsToSteps" VALUES(190, 108,231,0,NULL); -INSERT INTO "TestsToSteps" VALUES(191, 84,232,0,NULL); -INSERT INTO "TestsToSteps" VALUES(192, 85,233,0,NULL); -INSERT INTO "TestsToSteps" VALUES(193, 86,234,0,NULL); -INSERT INTO "TestsToSteps" VALUES(194, 87,235,0,NULL); -INSERT INTO "TestsToSteps" VALUES(195, 88,236,0,NULL); -INSERT INTO "TestsToSteps" VALUES(196, 89,237,0,NULL); -INSERT INTO "TestsToSteps" VALUES(197, 85,239,0,NULL); -INSERT INTO "TestsToSteps" VALUES(198, 89,240,0,NULL); -INSERT INTO "TestsToSteps" VALUES(199, 110,252,0,NULL); -INSERT INTO "TestsToSteps" VALUES(200, 111,253,0,NULL); -INSERT INTO "TestsToSteps" VALUES(201, 112,254,0,NULL); -INSERT INTO "TestsToSteps" VALUES(202, 114,255,0,NULL); -INSERT INTO "TestsToSteps" VALUES(203, 115,256,0,NULL); -INSERT INTO "TestsToSteps" VALUES(204, 116,257,0,NULL); -INSERT INTO "TestsToSteps" VALUES(205, 117,258,0,NULL); -INSERT INTO "TestsToSteps" VALUES(206, 113,259,0,NULL); -INSERT INTO "TestsToSteps" VALUES(207, 133,260,0,NULL); -INSERT INTO "TestsToSteps" VALUES(208, 118,261,0,NULL); -INSERT INTO "TestsToSteps" VALUES(209, 120,262,0,NULL); -INSERT INTO "TestsToSteps" VALUES(210, 121,263,0,NULL); -INSERT INTO "TestsToSteps" VALUES(211, 122,264,0,NULL); -INSERT INTO "TestsToSteps" VALUES(212, 110,267,0,NULL); -INSERT INTO "TestsToSteps" VALUES(213, 111,268,0,NULL); -INSERT INTO "TestsToSteps" VALUES(214, 112,269,0,NULL); -INSERT INTO "TestsToSteps" VALUES(215, 114,270,0,NULL); -INSERT INTO "TestsToSteps" VALUES(216, 115,271,0,NULL); -INSERT INTO "TestsToSteps" VALUES(217, 116,272,0,NULL); -INSERT INTO "TestsToSteps" VALUES(218, 117,273,0,NULL); -INSERT INTO "TestsToSteps" VALUES(219, 118,274,0,NULL); -INSERT INTO "TestsToSteps" VALUES(220, 131,276,0,NULL); -INSERT INTO "TestsToSteps" VALUES(221, 133,277,0,NULL); -INSERT INTO "TestsToSteps" VALUES(222, 124,278,0,NULL); -INSERT INTO "TestsToSteps" VALUES(223, 120,279,0,NULL); -INSERT INTO "TestsToSteps" VALUES(224, 121,280,0,NULL); -INSERT INTO "TestsToSteps" VALUES(225, 122,281,0,NULL); -INSERT INTO "TestsToSteps" VALUES(226, 123,282,0,NULL); -INSERT INTO "TestsToSteps" VALUES(227, 125,283,0,NULL); -INSERT INTO "TestsToSteps" VALUES(228, 110,286,0,NULL); -INSERT INTO "TestsToSteps" VALUES(229, 111,287,0,NULL); -INSERT INTO "TestsToSteps" VALUES(230, 112,288,0,NULL); -INSERT INTO "TestsToSteps" VALUES(231, 114,289,0,NULL); -INSERT INTO "TestsToSteps" VALUES(232, 115,290,0,NULL); -INSERT INTO "TestsToSteps" VALUES(233, 116,291,0,NULL); -INSERT INTO "TestsToSteps" VALUES(234, 117,292,0,NULL); -INSERT INTO "TestsToSteps" VALUES(235, 118,293,0,NULL); -INSERT INTO "TestsToSteps" VALUES(236, 131,294,0,NULL); -INSERT INTO "TestsToSteps" VALUES(237, 133,295,0,NULL); -INSERT INTO "TestsToSteps" VALUES(238, 124,296,0,NULL); -INSERT INTO "TestsToSteps" VALUES(239, 120,297,0,NULL); -INSERT INTO "TestsToSteps" VALUES(240, 121,298,0,NULL); -INSERT INTO "TestsToSteps" VALUES(241, 122,299,0,NULL); -INSERT INTO "TestsToSteps" VALUES(242, 123,300,0,NULL); -INSERT INTO "TestsToSteps" VALUES(243, 125,301,0,NULL); -INSERT INTO "TestsToSteps" VALUES(244, 42,304,0,NULL); -INSERT INTO "TestsToSteps" VALUES(245, 110,306,0,NULL); -INSERT INTO "TestsToSteps" VALUES(246, 126,307,0,NULL); -INSERT INTO "TestsToSteps" VALUES(247, 127,308,0,NULL); -INSERT INTO "TestsToSteps" VALUES(248, 128,309,0,NULL); -INSERT INTO "TestsToSteps" VALUES(249, 129,310,0,NULL); -INSERT INTO "TestsToSteps" VALUES(250, 131,311,0,NULL); -INSERT INTO "TestsToSteps" VALUES(251, 130,312,0,NULL); -INSERT INTO "TestsToSteps" VALUES(252, 110,315,0,NULL); -INSERT INTO "TestsToSteps" VALUES(253, 111,316,0,NULL); -INSERT INTO "TestsToSteps" VALUES(254, 113,317,0,NULL); -INSERT INTO "TestsToSteps" VALUES(255, 114,318,0,NULL); -INSERT INTO "TestsToSteps" VALUES(256, 115,319,0,NULL); -INSERT INTO "TestsToSteps" VALUES(257, 116,320,0,NULL); -INSERT INTO "TestsToSteps" VALUES(258, 117,321,0,NULL); -INSERT INTO "TestsToSteps" VALUES(259, 118,322,0,NULL); -INSERT INTO "TestsToSteps" VALUES(260, 131,323,0,NULL); -INSERT INTO "TestsToSteps" VALUES(261, 133,324,0,NULL); -INSERT INTO "TestsToSteps" VALUES(262, 124,325,0,NULL); -INSERT INTO "TestsToSteps" VALUES(263, 120,326,0,NULL); -INSERT INTO "TestsToSteps" VALUES(264, 121,327,0,NULL); -INSERT INTO "TestsToSteps" VALUES(265, 122,328,0,NULL); -INSERT INTO "TestsToSteps" VALUES(266, 123,329,0,NULL); -INSERT INTO "TestsToSteps" VALUES(267, 125,330,0,NULL); -INSERT INTO "TestsToSteps" VALUES(268, 141,334,0,NULL); -INSERT INTO "TestsToSteps" VALUES(269, 139,335,0,NULL); -INSERT INTO "TestsToSteps" VALUES(270, 139,336,0,NULL); -INSERT INTO "TestsToSteps" VALUES(271, 144,338,0,NULL); -INSERT INTO "TestsToSteps" VALUES(272, 145,339,0,NULL); -INSERT INTO "TestsToSteps" VALUES(273, 146,340,0,NULL); -INSERT INTO "TestsToSteps" VALUES(274, 147,341,0,NULL); -INSERT INTO "TestsToSteps" VALUES(275, 148,343,0,NULL); -INSERT INTO "TestsToSteps" VALUES(276, 149,344,0,NULL); -INSERT INTO "TestsToSteps" VALUES(277, 164,345,0,NULL); -INSERT INTO "TestsToSteps" VALUES(278, 152,346,0,NULL); -INSERT INTO "TestsToSteps" VALUES(279, 168,348,0,NULL); -INSERT INTO "TestsToSteps" VALUES(280, 154,349,0,NULL); -INSERT INTO "TestsToSteps" VALUES(281, 155,350,0,NULL); -INSERT INTO "TestsToSteps" VALUES(282, 150,352,0,NULL); -INSERT INTO "TestsToSteps" VALUES(283, 165,353,0,NULL); -INSERT INTO "TestsToSteps" VALUES(284, 148,355,0,NULL); -INSERT INTO "TestsToSteps" VALUES(285, 163,356,0,NULL); -INSERT INTO "TestsToSteps" VALUES(286, 150,357,0,NULL); -INSERT INTO "TestsToSteps" VALUES(287, 164,358,0,NULL); -INSERT INTO "TestsToSteps" VALUES(288, 166,359,0,NULL); -INSERT INTO "TestsToSteps" VALUES(289, 141,362,0,NULL); -INSERT INTO "TestsToSteps" VALUES(290, 139,363,0,NULL); -INSERT INTO "TestsToSteps" VALUES(291, 139,364,0,NULL); -INSERT INTO "TestsToSteps" VALUES(292, 143,367,0,NULL); -INSERT INTO "TestsToSteps" VALUES(293, 156,368,0,NULL); -INSERT INTO "TestsToSteps" VALUES(294, 152,369,0,NULL); -INSERT INTO "TestsToSteps" VALUES(295, 154,370,0,NULL); -INSERT INTO "TestsToSteps" VALUES(296, 155,371,0,NULL); -INSERT INTO "TestsToSteps" VALUES(297, 147,372,0,NULL); -INSERT INTO "TestsToSteps" VALUES(298, 150,374,0,NULL); -INSERT INTO "TestsToSteps" VALUES(299, 165,375,0,NULL); -INSERT INTO "TestsToSteps" VALUES(300, 148,377,0,NULL); -INSERT INTO "TestsToSteps" VALUES(301, 163,378,0,NULL); -INSERT INTO "TestsToSteps" VALUES(302, 150,379,0,NULL); -INSERT INTO "TestsToSteps" VALUES(303, 164,380,0,NULL); -INSERT INTO "TestsToSteps" VALUES(304, 166,381,0,NULL); -INSERT INTO "TestsToSteps" VALUES(305, 141,384,0,NULL); -INSERT INTO "TestsToSteps" VALUES(306, 139,385,0,NULL); -INSERT INTO "TestsToSteps" VALUES(307, 139,386,0,NULL); -INSERT INTO "TestsToSteps" VALUES(308, 157,389,0,NULL); -INSERT INTO "TestsToSteps" VALUES(309, 158,390,0,NULL); -INSERT INTO "TestsToSteps" VALUES(310, 145,391,0,NULL); -INSERT INTO "TestsToSteps" VALUES(311, 152,392,0,NULL); -INSERT INTO "TestsToSteps" VALUES(312, 155,393,0,NULL); -INSERT INTO "TestsToSteps" VALUES(313, 147,394,0,NULL); -INSERT INTO "TestsToSteps" VALUES(314, 150,396,0,NULL); -INSERT INTO "TestsToSteps" VALUES(315, 165,397,0,NULL); -INSERT INTO "TestsToSteps" VALUES(316, 148,399,0,NULL); -INSERT INTO "TestsToSteps" VALUES(317, 163,400,0,NULL); -INSERT INTO "TestsToSteps" VALUES(318, 150,401,0,NULL); -INSERT INTO "TestsToSteps" VALUES(319, 164,402,0,NULL); -INSERT INTO "TestsToSteps" VALUES(320, 166,403,0,NULL); -INSERT INTO "TestsToSteps" VALUES(321, 141,406,0,NULL); -INSERT INTO "TestsToSteps" VALUES(322, 139,407,0,NULL); -INSERT INTO "TestsToSteps" VALUES(323, 139,408,0,NULL); -INSERT INTO "TestsToSteps" VALUES(324, 143,411,0,NULL); -INSERT INTO "TestsToSteps" VALUES(325, 144,412,0,NULL); -INSERT INTO "TestsToSteps" VALUES(326, 145,413,0,NULL); -INSERT INTO "TestsToSteps" VALUES(327, 147,414,0,NULL); -INSERT INTO "TestsToSteps" VALUES(328, 160,416,0,NULL); -INSERT INTO "TestsToSteps" VALUES(329, 161,417,0,NULL); -INSERT INTO "TestsToSteps" VALUES(330, 161,418,0,NULL); -INSERT INTO "TestsToSteps" VALUES(331, 148,420,0,NULL); -INSERT INTO "TestsToSteps" VALUES(332, 149,421,0,NULL); -INSERT INTO "TestsToSteps" VALUES(333, 150,422,0,NULL); -INSERT INTO "TestsToSteps" VALUES(334, 150,423,0,NULL); -INSERT INTO "TestsToSteps" VALUES(335, 152,424,0,NULL); -INSERT INTO "TestsToSteps" VALUES(336, 168,426,0,NULL); -INSERT INTO "TestsToSteps" VALUES(337, 169,427,0,NULL); -INSERT INTO "TestsToSteps" VALUES(338, 155,428,0,NULL); -INSERT INTO "TestsToSteps" VALUES(339, 150,430,0,NULL); -INSERT INTO "TestsToSteps" VALUES(340, 165,431,0,NULL); -INSERT INTO "TestsToSteps" VALUES(341, 166,433,0,NULL); -INSERT INTO "TestsToSteps" VALUES(342, 141,443,0,NULL); -INSERT INTO "TestsToSteps" VALUES(343, 139,444,0,NULL); -INSERT INTO "TestsToSteps" VALUES(344, 139,445,0,NULL); -INSERT INTO "TestsToSteps" VALUES(345, 144,448,0,NULL); -INSERT INTO "TestsToSteps" VALUES(346, 145,449,0,NULL); -INSERT INTO "TestsToSteps" VALUES(347, 167,450,0,NULL); -INSERT INTO "TestsToSteps" VALUES(348, 155,451,0,NULL); -INSERT INTO "TestsToSteps" VALUES(349, 147,453,0,NULL); -INSERT INTO "TestsToSteps" VALUES(350, 161,454,0,NULL); -INSERT INTO "TestsToSteps" VALUES(351, 150,456,0,NULL); -INSERT INTO "TestsToSteps" VALUES(352, 165,457,0,NULL); -INSERT INTO "TestsToSteps" VALUES(353, 148,459,0,NULL); -INSERT INTO "TestsToSteps" VALUES(354, 149,460,0,NULL); -INSERT INTO "TestsToSteps" VALUES(355, 150,461,0,NULL); -INSERT INTO "TestsToSteps" VALUES(356, 164,462,0,NULL); -INSERT INTO "TestsToSteps" VALUES(357, 166,463,0,NULL); diff --git a/conformancelib/testdata/PIV-I_XTec_First_Data_Cards.sql b/conformancelib/testdata/PIV-I_XTec_First_Data_Cards.sql deleted file mode 100644 index a4932695..00000000 --- a/conformancelib/testdata/PIV-I_XTec_First_Data_Cards.sql +++ /dev/null @@ -1,1113 +0,0 @@ --- TestSteps are what we've been referring to as atoms -CREATE TABLE IF NOT EXISTS "TestSteps" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `Description` TEXT, -- column 2 on each tab - `Class` TEXT, -- fully qualified class name - `Method` TEXT, -- method to invoke for the atom - `NumParameters` INTEGER -- parameter count. not really necessary but was briefly helpful, so it's still here -); - --- Map test cases to their atoms -CREATE TABLE IF NOT EXISTS "TestsToSteps" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestStepId` INTEGER, --Foreign key TestSteps.Id - `TestId` INTEGER, --Foreign key TestCases.Id - `ExecutionOrder` INTEGER, --Sequence of atoms for a test case - `Status` INTEGER -- runners can populate with status info to see which step failed -); - --- used to pass parameters to atoms -CREATE TABLE IF NOT EXISTS "TestStepParameters" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestStepId` INTEGER, --TestSteps.Id - `TestId` INTEGER, --TestCases.Id - `Value` TEXT, --Parameter Value - `ParamOrder` TEXT --Parameter order... idea here was one row for each pattern to be passed into a particular invocation of an atom. - --If we settle on a string of key=value for the Value field, this could be OBE -); - --- TestCases is the primary driver of the test runner -CREATE TABLE IF NOT EXISTS "TestCases" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestGroup` TEXT, -- can be filled in to allow selective execution by the runner. not in spreadsheet - `TestCaseIdentifier` TEXT, -- section column on step overview tab - `TestCaseDescription` TEXT, -- description column on step overview tab - `TestCaseContainer` TEXT, -- ID of the container the test case applies to, if necessary - `Status` INTEGER, -- to be populated by runner - `ExpectedStatus` INTEGER, -- everything on the spreadsheet should get 1 here - primarily present to give runners a way to mark tests that should fail - `Enabled` INTEGER -- allows the runner to enable/disable test cases. default to 1 -); - --- Allow runners to create test groups. not in spreadsheet -CREATE TABLE IF NOT EXISTS "TestGroups" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `GroupDescription` TEXT -); - --- Allow runners to create test groups. not in spreadsheet -CREATE TABLE IF NOT EXISTS "GroupsToTestCases" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `TestGroupId` INTEGER, --TestGroups.Id - `TestCaseId` INTEGER --TestCases.Id -); - --- this isn't really going to be used by the look of things. probably should --- be eliminated, but it's harmless and has been intermittently useful in dev. -CREATE TABLE IF NOT EXISTS "SystemSettings" ( - `Id` INTEGER PRIMARY KEY AUTOINCREMENT, - `ReaderName` TEXT, - `ApplicationPIN` TEXT, - `OutputDirectory` TEXT, - `SettingsGroup` TEXT, - `GPMasterKey` TEXT -); - -INSERT INTO "TestSteps" VALUES(1,'BERTLV.1','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(2,'BERTLV.2','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(3,'BERTLV.3','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(4,'BERTLV.4','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(5,'BERTLV.5','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(6,'73-4.1','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(7,'73-4.2','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(8,'73-4.3','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(9,'73-4.4','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(10,'73-4.5','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(11,'73-4.6','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(12,'73-4.7','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(13,'73-4.8','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(14,'73-4.9','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(15,'73-4.10','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(16,'73-4.11','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(17,'73-4.12','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(18,'73-4.13','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(19,'73-4.14','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(20,'73-4.15','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(21,'73-4.16','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(22,'73-4.17','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(23,'73-4.18','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(24,'73-4.19','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(25,'73-4.20','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(26,'73-4.21','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(27,'73-4.22','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(28,'73-4.23','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(29,'73-4.24','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(30,'73-4.25','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(31,'73-4.26','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(32,'73-4.27','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(33,'73-4.28','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(34,'73-4.29','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_29',NULL); -INSERT INTO "TestSteps" VALUES(35,'73-4.30','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_30',NULL); -INSERT INTO "TestSteps" VALUES(36,'73-4.31','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_31',NULL); -INSERT INTO "TestSteps" VALUES(37,'73-4.32','gov.gsa.conformancelib.tests.SP800_73_4FacialImageTests','sp800_73_4_Test_32',NULL); -INSERT INTO "TestSteps" VALUES(38,'73-4.33','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_33',NULL); -INSERT INTO "TestSteps" VALUES(39,'73-4.34','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_34',NULL); -INSERT INTO "TestSteps" VALUES(40,'73-4.35','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_35',NULL); -INSERT INTO "TestSteps" VALUES(41,'73-4.36','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_36',NULL); -INSERT INTO "TestSteps" VALUES(42,'73-4.37','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_37',NULL); -INSERT INTO "TestSteps" VALUES(43,'73-4.38','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_38',NULL); -INSERT INTO "TestSteps" VALUES(44,'73-4.40','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_40',NULL); -INSERT INTO "TestSteps" VALUES(45,'73-4.41','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_41',NULL); -INSERT INTO "TestSteps" VALUES(46,'73-4.42','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_42',NULL); -INSERT INTO "TestSteps" VALUES(47,'73-4.43','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_43',NULL); -INSERT INTO "TestSteps" VALUES(48,'73-4.44','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_44',NULL); -INSERT INTO "TestSteps" VALUES(49,'73-4.45','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_45',NULL); -INSERT INTO "TestSteps" VALUES(50,'73-4.46','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_46',NULL); -INSERT INTO "TestSteps" VALUES(51,'73-4.47','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_47',NULL); -INSERT INTO "TestSteps" VALUES(52,'73-4.48','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_48',NULL); -INSERT INTO "TestSteps" VALUES(53,'73-4.49','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_49',NULL); -INSERT INTO "TestSteps" VALUES(54,'73-4.50','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_50',NULL); -INSERT INTO "TestSteps" VALUES(55,'73-4.51','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_51',NULL); -INSERT INTO "TestSteps" VALUES(56,'73-4.52','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_52',NULL); -INSERT INTO "TestSteps" VALUES(57,'73-4.53','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_53',NULL); -INSERT INTO "TestSteps" VALUES(58,'73-4.54','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_54',NULL); -INSERT INTO "TestSteps" VALUES(59,'73-4.55','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_55',NULL); -INSERT INTO "TestSteps" VALUES(60,'73-4.56','gov.gsa.conformancelib.tests.SP800_73_4CommmonObjectTests','sp800_73_4_Test_56',NULL); -INSERT INTO "TestSteps" VALUES(61,'76.1','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_1',NULL); -INSERT INTO "TestSteps" VALUES(62,'76.2','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_2',NULL); -INSERT INTO "TestSteps" VALUES(63,'76.3','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_3',NULL); -INSERT INTO "TestSteps" VALUES(64,'76.4','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_4',NULL); -INSERT INTO "TestSteps" VALUES(65,'76.5','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_5',NULL); -INSERT INTO "TestSteps" VALUES(66,'76.6','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_6',NULL); -INSERT INTO "TestSteps" VALUES(67,'76.7','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_7',NULL); -INSERT INTO "TestSteps" VALUES(68,'76.8','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_8',NULL); -INSERT INTO "TestSteps" VALUES(69,'76.9','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_9',NULL); -INSERT INTO "TestSteps" VALUES(70,'76.10','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_10',NULL); -INSERT INTO "TestSteps" VALUES(71,'76.11','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_11',NULL); -INSERT INTO "TestSteps" VALUES(72,'76.12','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_12',NULL); -INSERT INTO "TestSteps" VALUES(73,'76.13','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_13',NULL); -INSERT INTO "TestSteps" VALUES(74,'76.14','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_14',NULL); -INSERT INTO "TestSteps" VALUES(75,'76.15a','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_15a',NULL); -INSERT INTO "TestSteps" VALUES(76,'76.15b','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_15b',NULL); -INSERT INTO "TestSteps" VALUES(77,'76.16','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_16',NULL); -INSERT INTO "TestSteps" VALUES(78,'76.17','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_17',NULL); -INSERT INTO "TestSteps" VALUES(79,'76.18','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_18',NULL); -INSERT INTO "TestSteps" VALUES(80,'76.19','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_19',NULL); -INSERT INTO "TestSteps" VALUES(81,'76.20','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_20',NULL); -INSERT INTO "TestSteps" VALUES(82,'76.21','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_21',NULL); -INSERT INTO "TestSteps" VALUES(83,'76.22','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_22',NULL); -INSERT INTO "TestSteps" VALUES(84,'76.23','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_23',NULL); -INSERT INTO "TestSteps" VALUES(85,'76.24','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_24',NULL); -INSERT INTO "TestSteps" VALUES(86,'76.25','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_25',NULL); -INSERT INTO "TestSteps" VALUES(87,'76.26','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_26',NULL); -INSERT INTO "TestSteps" VALUES(88,'76.27','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_27',NULL); -INSERT INTO "TestSteps" VALUES(89,'76.28','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_28',NULL); -INSERT INTO "TestSteps" VALUES(90,'76.29','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_29',NULL); -INSERT INTO "TestSteps" VALUES(91,'76.30','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_30',NULL); -INSERT INTO "TestSteps" VALUES(92,'76.31','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_31',NULL); -INSERT INTO "TestSteps" VALUES(93,'76.32','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_32',NULL); -INSERT INTO "TestSteps" VALUES(94,'76.33','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_33',NULL); -INSERT INTO "TestSteps" VALUES(95,'76.34','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_34',NULL); -INSERT INTO "TestSteps" VALUES(96,'76.35','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_35',NULL); -INSERT INTO "TestSteps" VALUES(97,'76.36','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_36',NULL); -INSERT INTO "TestSteps" VALUES(98,'76.37','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_37',NULL); -INSERT INTO "TestSteps" VALUES(99,'76.38','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_38',NULL); -INSERT INTO "TestSteps" VALUES(100,'76.39','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_39',NULL); -INSERT INTO "TestSteps" VALUES(101,'76.40','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_40',NULL); -INSERT INTO "TestSteps" VALUES(102,'76.41','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_41',NULL); -INSERT INTO "TestSteps" VALUES(103,'76.42','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_42',NULL); -INSERT INTO "TestSteps" VALUES(104,'76.43','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_43',NULL); -INSERT INTO "TestSteps" VALUES(105,'76.44','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_44',NULL); -INSERT INTO "TestSteps" VALUES(106,'76.45','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_45',NULL); -INSERT INTO "TestSteps" VALUES(107,'76.46','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_46',NULL); -INSERT INTO "TestSteps" VALUES(108,'76.47','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_47',NULL); -INSERT INTO "TestSteps" VALUES(109,'76.48','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_48',NULL); -INSERT INTO "TestSteps" VALUES(110,'CMS.1','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(111,'CMS.2','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(112,'CMS.3','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(113,'CMS.4','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(114,'CMS.5','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(115,'CMS.6','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(116,'CMS.7','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(117,'CMS.8','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(118,'CMS.9','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(119,'CMS.10','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(120,'CMS.11','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(121,'CMS.12','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(122,'CMS.13','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(123,'CMS.14','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(124,'CMS.15','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(125,'CMS.17','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(126,'CMS.18','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(127,'CMS.19','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(128,'CMS.20','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(129,'CMS.21','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(130,'CMS.22','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(131,'CMS.23','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(132,'CMS.24','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(133,'CMS.25','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(134,'CMS.26','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(135,'CMS.27','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(136,'CMS.28','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(137,'CMS.29','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_29',NULL); -INSERT INTO "TestSteps" VALUES(138,'CMS.30','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_30',NULL); -INSERT INTO "TestSteps" VALUES(139,'78.1','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(140,'78.2','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(141,'78.3','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(142,'PKIX.1','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(143,'PKIX.2','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(144,'PKIX.3','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(145,'PKIX.4','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(146,'PKIX.5','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(147,'PKIX.6','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(148,'PKIX.7','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(149,'PKIX.8','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(150,'PKIX.9','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(151,'PKIX.10','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(152,'PKIX.11','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(153,'PKIX.12','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(154,'PKIX.13','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(155,'PKIX.14','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(156,'PKIX.15','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(157,'PKIX.16','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(158,'PKIX.17','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(159,'PKIX.18','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(160,'PKIX.19','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(161,'PKIX.20','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(162,'PKIX.21','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(163,'PKIX.22','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(164,'PKIX.23','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(165,'PKIX.24','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(166,'PKIX.25','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(167,'PKIX.26','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(168,'PKIX.27','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(169,'PKIX.28','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(170,'PlaceholderTest.1','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_1',NULL); -INSERT INTO "TestSteps" VALUES(171,'PlaceholderTest.2','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_2',NULL); -INSERT INTO "TestSteps" VALUES(172,'PlaceholderTest.3','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_3',NULL); -INSERT INTO "TestStepParameters" VALUES(1, 21,NULL,'6',0); -INSERT INTO "TestStepParameters" VALUES(2, 99,NULL,'CARDHOLDER_FINGERPRINTS_OID:513',0); -INSERT INTO "TestStepParameters" VALUES(3, 99,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:1281',1); -INSERT INTO "TestStepParameters" VALUES(4, 99,NULL,'CARDHOLDER_IRIS_IMAGES_OID:9',2); -INSERT INTO "TestStepParameters" VALUES(5, 102,NULL,'CARDHOLDER_FINGERPRINTS_OID:8',0); -INSERT INTO "TestStepParameters" VALUES(6, 102,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:2',1); -INSERT INTO "TestStepParameters" VALUES(7, 102,NULL,'CARDHOLDER_IRIS_IMAGES_OID:16',2); -INSERT INTO "TestStepParameters" VALUES(8, 103,NULL,'CARDHOLDER_FINGERPRINTS_OID:128',0); -INSERT INTO "TestStepParameters" VALUES(9, 103,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:32:2',1); -INSERT INTO "TestStepParameters" VALUES(10, 103,NULL,'CARDHOLDER_IRIS_IMAGES_OID:64',2); -INSERT INTO "TestStepParameters" VALUES(11, 104,NULL,'-2',0); -INSERT INTO "TestStepParameters" VALUES(12, 104,NULL,'100',1); -INSERT INTO "TestStepParameters" VALUES(13, 114,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID:2.16.840.1.101.3.6.1',0); -INSERT INTO "TestStepParameters" VALUES(14, 114,NULL,'CARDHOLDER_FINGERPRINTS_OID:2.16.840.1.101.3.6.2',1); -INSERT INTO "TestStepParameters" VALUES(15, 114,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:2.16.840.1.101.3.6.2',2); -INSERT INTO "TestStepParameters" VALUES(16, 114,NULL,'CARDHOLDER_IRIS_IMAGES_OID:2.16.840',3); -INSERT INTO "TestStepParameters" VALUES(17, 124,NULL,'2.16.840.1.101.3.8.7',0); -INSERT INTO "TestStepParameters" VALUES(18, 125,NULL,'1.3.6.1.1.16.4',0); -INSERT INTO "TestStepParameters" VALUES(19, 147,NULL,'X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID:2.16.840.1.114027.200.3.10.7.13',0); -INSERT INTO "TestStepParameters" VALUES(20, 147,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID:2.16.840.1.114027.200.3.10.7.9',1); -INSERT INTO "TestStepParameters" VALUES(21, 147,NULL,'X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID:2.16.840.1.114027.200.3.10.7.2|2.16.840.1.114027.200.3.10.7.6',2); -INSERT INTO "TestStepParameters" VALUES(22, 147,NULL,'X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID:2.16.840.1.114027.200.3.10.7.2|2.16.840.1.114027.200.3.10.7.6',3); -INSERT INTO "TestStepParameters" VALUES(23, 147,NULL,'X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID:2.16.840.1.114027.200.3.10.7.4|2.16.840.1.114027.200.3.10.7.6|2.16.840.1.114027.200.3.10.7.2',4); -INSERT INTO "TestStepParameters" VALUES(24, 147,NULL,'X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID:1.3.6.1.4.1.45606.3.1.21',5); -INSERT INTO "TestStepParameters" VALUES(25, 159,NULL,'2.16.840.1.101.3.2.1.3.19',0); -INSERT INTO "TestStepParameters" VALUES(26, 161,NULL,'X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID:2.16.840.1.101.3.6.8',0); -INSERT INTO "TestStepParameters" VALUES(27, 161,NULL,'CARD_HOLDER_UNIQUE_IDENTIFIER_OID:2.16.840.1.101.3.8.7',1); -INSERT INTO "TestStepParameters" VALUES(28, 162,NULL,'1.3.6.1.4.1.45606.3.1.22',0); -INSERT INTO "TestStepParameters" VALUES(29, 165,NULL,'2.5.29.31',0); -INSERT INTO "TestStepParameters" VALUES(30, 168,NULL,'1.3.6.1.1.16.4',0); -INSERT INTO "TestStepParameters" VALUES(31, 171,NULL,'1',0); -INSERT INTO "TestStepParameters" VALUES(32, 171,NULL,'2',1); -INSERT INTO "TestStepParameters" VALUES(33, 171,NULL,'3',2); -INSERT INTO "TestStepParameters" VALUES(34, 172,NULL,'CAT:SLEEPY',0); -INSERT INTO "TestStepParameters" VALUES(35, 172,NULL,'DOG:HUNGRY',1); -INSERT INTO "TestStepParameters" VALUES(36, 172,NULL,'ELEPHANT:SAD',2); -INSERT INTO "TestCases" VALUES(1, NULL,'8 BER_TLV','BER-TLV Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(2, NULL,'8.1 CCC','Card Capabilities Container','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(3, NULL,'8.1.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(4, NULL,'8.1.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(5, NULL,'8.1.0.2','Tag encoded as 3 bytes','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(6, NULL,'8.1.0.3','Each data object returned with 2 byte status word (90 00)','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(7, NULL,'8.1.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(8, NULL,'8.1.1','CCC Registered data model element is present and has a value of 0x10.','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(9, NULL,'8.1.2','CCC BERTLV tag is 5FC107','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(10, NULL,'8.1.3','CCC Tags 0xF0, 0xF1, 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7, 0xFA, 0xFB, 0xFC, 0xFD present in that order','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(11, NULL,'8.1.8','CCC Optional Tags 0xE3 and 0xB4 may be present or absent; if present are after tags listed in and are in that order','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(12, NULL,'8.1.9','CCC Tag 0xFE present and after any tags from 73-4.3 and 73-4.4','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(13, NULL,'8.1.10','Confirm that tag 0xFE has length of 0','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(14, NULL,'8.1.11','CCC value lengths comply with Table 8 of SP 800-73-4','CARD_CAPABILITY_CONTAINER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(15, NULL,'8.2 CHUID','Card Holder Unique Identifier','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(16, NULL,'8.2.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(17, NULL,'8.2.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(18, NULL,'8.2.0.2','Tag encoded as 3 bytes','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(19, NULL,'8.2.0.3','Each data object returned with 2 byte status word (90 00)','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(20, NULL,'8.2.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(21, NULL,'8.2.1','CHUID value lengths comply with Table 9 of SP 800-73-4','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(22, NULL,'8.2.2.1','Tag 0x30 is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(23, NULL,'8.2.2.2','Tag 0x30 is the first tag or the first tag following 0xEE','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(24, NULL,'8.2.2.3','Tags 0x32 and 0x33 are optionally present and must follow 0x30 in that order','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(25, NULL,'8.2.2.4','Tag 0x34 is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(26, NULL,'8.2.2.5','Tag 0x34 follows Tag 0x30, 32, or 0x33','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(27, NULL,'8.2.2.6','Tag 0x35 is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(28, NULL,'8.2.2.7','Tag 0x35 follows Tag 0x34','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(29, NULL,'8.2.2.8','Tag 0x36 is optionally present and follows Tag 0x35','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(30, NULL,'8.2.2.9','Tags 0x3E and 0xFE are present and follow tags in that order','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(31, NULL,'8.2.2.10','Tag 0x3E is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(32, NULL,'8.2.2.11','Tag 0x3E follows Tag 0x35 or 0x36','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(33, NULL,'8.2.2.12','Tag 0xFE is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(34, NULL,'8.2.2.13','Tag 0xFE follows Tag 0x3E','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(35, NULL,'8.2.2.14','If CHUID tag 0xEE is present, it is the first tag in the blob','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(36, NULL,'8.2.2.15','No tags other than (0xEE, 0x30, 0x32, 0x33, 0x34, 0x35, 0x36, 0x3E, 0xFE) are present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(37, NULL,'8.2.3','Expiration Date is formatted YYYYMMDD','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(38, NULL,'8.2.4','Expiration Date is within the next 6 years','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(39, NULL,'8.2.5','If the CHUID contains the optional Cardholder UUID, then the data element shall be in accordance with 800 73-4 Part 1 Section 3.4.2.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(40, NULL,'8.2.6','The retired key map is not present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(41, NULL,'8.2.7','Tag 0xFE has length of 0','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(42, NULL,'8.3 Authentication Cert','X.509 Certificate for PIV-I Authentication','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(43, NULL,'8.3.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(44, NULL,'8.3.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(45, NULL,'8.3.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(46, NULL,'8.3.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(47, NULL,'8.3.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(48, NULL,'8.3.1','PIV Authentication Certificate container value lengths comply with Table 10 of SP 800-73-4','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(49, NULL,'8.3.2.1','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(50, NULL,'8.3.2.2','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(51, NULL,'8.3.2.3','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(52, NULL,'8.3.2.4','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(53, NULL,'8.3.2.5','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(54, NULL,'8.4 Fingerprints','Card Holder Fingerprints','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(55, NULL,'8.4.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(56, NULL,'8.4.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(57, NULL,'8.4.0.2','Tag encoded as 3 bytes','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(58, NULL,'8.4.0.3','Each data object returned with 2 byte status word (90 00)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(59, NULL,'8.4.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(60, NULL,'8.4.5','Card Holder Fingerprints value lengths comply with Table 11 of SP 800-73-4','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(61, NULL,'8.4.6','If CHUID tag 0xEE is present, it is the first tag in the blob','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(62, NULL,'8.4.7','Tag 0x30 is present and is the first tag or the first tag following 0xEE','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(63, NULL,'8.4.8','Tags 0x32 and 0x33 are optionally present and must follow 0x30 in that order','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(64, NULL,'8.4.9','Tag 0xFE has length of 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(65, NULL,'8.5 Printed Information','Printed Information','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(66, NULL,'8.5.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(67, NULL,'8.5.0.1','Length field encoded as shown in SP800-85B Table 8.1','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(68, NULL,'8.5.0.2','Tag encoded as 3 bytes','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(69, NULL,'8.5.0.3','Each data object returned with 2 byte status word (90 00)','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(70, NULL,'8.5.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(71, NULL,'8.5.1.1','Printed Information value lengths comply with Table 14 of SP 800-73-4','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(72, NULL,'8.5.1.2','Printed Information Tags 0x01, 0x02, 0x05, 0x06 are present in that order','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(73, NULL,'8.5.1.3','Printed Information Tags 0x01, 0x02, 0x05, 0x06 are in that order','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(74, NULL,'8.5.1.4','Printed Information Tag 0xFE follows Tag 0x06, or optional Tags 0x07 or 0x08','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(75, NULL,'8.5.1.5','Printed Information Tags 0x07 and 0x08 are optionally present in that order, following the tags from 73-4.28','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(76, NULL,'8.5.1.6','Printed Information Tag 0xFE is present','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(77, NULL,'8.5.1.7','No Printed Information tags other than (0x01, 0x02, 0x05, 0x06, 0x07, 0x08, 0xFE) are present','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(78, NULL,'8.5.1.8','Tag 0xFE has length of 0','PRINTED_INFORMATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(79, NULL,'8.6 Facial Image','Card Holder Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(80, NULL,'8.6.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(81, NULL,'8.6.0.1','Length field encoded as shown in SP800-85B Table 8.1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(82, NULL,'8.6.0.2','Tag encoded as 3 bytes','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(83, NULL,'8.6.0.3','Each data object returned with 2 byte status word (90 00)','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(84, NULL,'8.6.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(85, NULL,'8.6.1.1','Printed Information value lengths comply with Table 13 of SP 800-73-4','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(86, NULL,'8.6.1.2','Position is one of the valid x,y coordinate types in the original image','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(87, NULL,'8.6.1.3','No tags other than (0xBC, 0xFE) are present','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(88, NULL,'8.6..4','Tag 0xFE has length of 0','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(89, NULL,'8.7 Digital Signature Cert','X.509 Certificate for Digital Signature','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(90, NULL,'8.7.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(91, NULL,'8.7.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(92, NULL,'8.7.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(93, NULL,'8.7.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(94, NULL,'8.7.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(95, NULL,'8.7.1.1','X.509 Certificate for Digital Signature container value lengths comply with Table 15 of SP 800-73-4','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(96, NULL,'8.7.1.2','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(97, NULL,'8.7.1.3','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(98, NULL,'8.7.1.4','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(99, NULL,'8.7.1.5','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(100, NULL,'8.7.1.6','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(101, NULL,'8.8 Key Management Cert','X.509 Certificate for Key Management','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(102, NULL,'8.8.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(103, NULL,'8.8.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(104, NULL,'8.8.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(105, NULL,'8.8.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(106, NULL,'8.8.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(107, NULL,'8.8.1.1','X.509 Certificate for Key Management container value lengths comply with Table 16 of SP 800-73-4','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(108, NULL,'8.8.1.2','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(109, NULL,'8.8.1.3','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(110, NULL,'8.8.1.4','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(111, NULL,'8.8.1.5','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(112, NULL,'8.8.1.6','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(113, NULL,'8.9 Card Auth Cert','X.509 Certificate for Card Authentication','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(114, NULL,'8.9.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(115, NULL,'8.9.0.1','Length field encoded as shown in SP800-85B Table 8.1','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(116, NULL,'8.9.0.2','Tag encoded as 3 bytes','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(117, NULL,'8.9.0.3','Each data object returned with 2 byte status word (90 00)','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(118, NULL,'8.9.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(119, NULL,'8.9.1.1','X.509 Certificate for Card Authentication value lengths comply with Table 17 of SP 800-73-4','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(120, NULL,'8.9.1.2','Tags 0x70 and 0x71 are present in that order','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(121, NULL,'8.9.1.3','Tag 0x72 is optionally present and follows tags from 73-4.19','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(122, NULL,'8.9.1.4','Tag 0xFE is present and follows tags from 73-4.19, 73-4.20','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(123, NULL,'8.9.1.5','No tags other than (0x70, 0x71, 0x72, 0xFE) are present','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(124, NULL,'8.9.1.6','Tag 0xFE has length of 0','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(125, NULL,'8.10 Security Objecvt','Security Object','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(126, NULL,'8.10.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(127, NULL,'8.10.0.1','Length field encoded as shown in SP800-85B Table 8.1','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(128, NULL,'8.10.0.2','Tag encoded as 3 bytes','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(129, NULL,'8.10.0.3','Each data object returned with 2 byte status word (90 00)','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(130, NULL,'8.10.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(131, NULL,'8.10.1.1','Security Object value lengths comply with Table 12 of SP 800-73-4','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(132, NULL,'8.10.1.2','Tags 0xBA, 0xBB, 0XFE are present','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(133, NULL,'8.10.1.3','Tags 0xBA, 0xBB, 0XFE are are in that order','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(134, NULL,'8.10.1.4','No tags other than (0xBA, 0xBB, 0xFE) are present','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(135, NULL,'8.10.2','Parse data at tag 0xBA and for each data container found ensure that performing a select returns status words 0x90, 0x00','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(136, NULL,'8.11 Discovery Object','Discovery Object','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(137, NULL,'8.11.0','SP 800-73-4 Data Model','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(138, NULL,'8.11.0.1','Length field encoded as shown in SP800-85B Table 8.1','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(139, NULL,'8.11.0.2','Tag encoded as 3 bytes','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(140, NULL,'8.11.0.3','Each data object returned with 2 byte status word (90 00)','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(141, NULL,'8.11.0.4','If a variable length field has length of 0, tag length is followed immediately by next tag if applicable','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(142, NULL,'8.11.1.1','Tag 0x4F (PIV Application AID) is present','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(143, NULL,'8.11.1.2','Tag 0x5F2F (PIN Usage Policy) Is present','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(144, NULL,'8.11.1.3','Discovery Object Tags 0x4F, 0x5F2F are in that order','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(145, NULL,'8.11.1.4','The values of the tags conform with the vendor provided data.','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(146, NULL,'8.11.1.5','The PIN usage policy matches the card capabilities provided by the vendor documentation. Associated optional data objects are present when the PIN usage policy asserts an optional capability (i.e., OCC, global PIN and pairing code)','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(147, NULL,'8.11.6','Discovery Object value lengths comply with Table 18 of SP 800-73-4','DISCOVERY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(148, NULL,'8.12 Iris','Card Holder Iris Images','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(149, NULL,'8.13 Retired Key Management Cert','Key History Objects','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(150, NULL,'8.13.1','X.509 Key History 1','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(151, NULL,'8.13.2','X.509 Key History 2','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(152, NULL,'8.14 Key History','Key History (see Issue #52)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(153, NULL,'8.15 BITT','Biometric InformationTemplates Group Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(154, NULL,'8.16 SMCS','Secure Messaging Certificate Signer','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(155, NULL,'8.17 Paring Code Reference','Pairing Code Reference Data Container','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(156, NULL,'9 Biometric Data Objects','Biometric Data Object Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(157, NULL,'9.1 Fingerprint CBEFF','CBEFF Patron Format for Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(158, NULL,'9.1.1','CBEFF Structure for Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(159, NULL,'9.1.1.1','BDB length field is non-zero','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(160, NULL,'9.1.1.2','Recorded length matches actual BDB length','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(161, NULL,'9.1.1.3','SB length field is non-zero','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(162, NULL,'9.1.1.4','Recorded length matches actual SB length','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(163, NULL,'9.1.1.5','Card Holder Fingerprint object length equals sum of CBEFF header length + BDB length + SB length','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(164, NULL,'9.1.2','CBEFF Header for Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(165, NULL,'9.1.2.1','The Patron Header Version field has a value of 0x03.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(166, NULL,'9.1.2.2','Validate that the biometric data block is signed but not encrypted','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(167, NULL,'9.1.2.3','Validate that BDB Format Owner is set to a value of 0x001B denoting M1, the INCITS Technical Committee on Biometrics.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(168, NULL,'9.1.2.4','The BDB Format Type is set to a value of 0x0201','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(169, NULL,'9.1.2.5','Validate that that the creation date in the PIV Patron Format is encoded in 8 bytes using a binary representation of YYYYMMDDhhmmssZ','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(170, NULL,'9.1.2.6','Validate date encoding on Validity Period in PIV Patron Format','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(171, NULL,'9.1.2.7','Valdiate that that Biometric Type has the value 0x000008','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(172, NULL,'9.1.2.8','Validate that for the mandatory minutia PIV card templates, the CBEFF biometric data type encoding value shall be b100xxxxx, which corresponds to biometric data that has been processed.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(173, NULL,'9.1.2.9','The Biometric Data Quality field is -2 or 0 - 100.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(174, NULL,'9.1.2.10','Validate that that the Creator field in the PIV Patron Format contains 18 bytes of which the first K <= 17 bytes shall be ASCII characters, and the first of the remaining 18-K shall be a null terminator (zero)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(175, NULL,'9.1.2.12','Validate that the Reserved for Future Use field is equal to 0x00000000','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(176, NULL,'9.2 Facial Image CBEFF','CBEFF Patron Format for Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(177, NULL,'9.2.1','CBEFF Structure for Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(178, NULL,'9.2.1.1','BDB length field is non-zero','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(179, NULL,'9.2.1.2','Recorded length matches actual BDB length','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(180, NULL,'9.2.1.3','SB length field is non-zero','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(181, NULL,'9.2.1.4','Recorded length matches actual SB length','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(182, NULL,'9.2.2','CBEFF Header for Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(183, NULL,'9.2.2.1','Card Holder Fingerprint object length equals sum of CBEFF header length + BDB length + SB length','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(184, NULL,'9.2.2.2','Validate that the biometric data block is signed but not encrypted','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(185, NULL,'9.2.2.3','Validate that BDB Format Owner is set to a value of 0x001B denoting M1, the INCITS Technical Committee on Biometrics.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(186, NULL,'9.2.2.4','The BDB Format Type is set to a value of 0x0501','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(187, NULL,'9.2.2.5','Validate that that the creation date in the PIV Patron Format is encoded in 8 bytes using a binary representation of YYYYMMDDhhmmssZ','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(188, NULL,'9.2.2.6','Validate date encoding on Validity Period in PIV Patron Format','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(189, NULL,'9.2.2.7','Validate that Biometric Type has the value 0x000002','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(190, NULL,'9.2.2.8','Validate that the CBEFF biometric data type encoding value shall be b001xxxxx, which corresponds to the raw biometric data','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(191, NULL,'9.2.2.9','The Biometric Data Quality field is -2 or 0 - 100.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(192, NULL,'9.2.2.10','Validate that that the Creator field in the PIV Patron Format contains 18 bytes of which the first K <= 17 bytes shall be ASCII characters, and the first of the remaining 18-K shall be a null terminator (zero)','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(193, NULL,'9.2.2.12','Validate that the Reserved for Future Use field is equal to 0x00000000','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(194, NULL,'9.3 Iris CBEFF','CBEFF Patron Format for Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(195, NULL,'9.3.1','CBEFF Structure for Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(196, NULL,'9.3.1.1','BDB length field is non-zero','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(197, NULL,'9.3.1.2','Recorded length matches actual BDB length','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(198, NULL,'9.3.1.3','SB length field is non-zero','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(199, NULL,'9.3.1.4','Recorded length matches actual SB length','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(200, NULL,'9.3.2','CBEFF Header for Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(201, NULL,'9.3.2.1','Patron Header Version field has a value of 0x03.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(202, NULL,'9.3.2.2','Validate that the biometric data block is signed but not encrypted','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(203, NULL,'9.3.2.3','The BDB Format Owner field has a value of 0x0101.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(204, NULL,'9.3.2.4','The BDB Format Type field has a value of 0x0009.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(205, NULL,'9.3.2.5','Validate that that the creation date in the PIV Patron Format is encoded in 8 bytes using a binary representation of YYYYMMDDhhmmssZ','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(206, NULL,'9.3.2.6','Validate date encoding on Validity Period in PIV Patron Format','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(207, NULL,'9.3.2.7','The value of the Biometric Type field for the iris image is 0x000010.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(208, NULL,'9.3.2.8','Validate that the CBEFF biometric data type encoding value shall be b01000000, which corresponds to the raw biometric data','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(209, NULL,'9.3.2.9','The Biometric Data Quality field is -2 or 0 - 100.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(210, NULL,'9.3.2.10','Validate that that the Creator field in the PIV Patron Format contains 18 bytes of which the first K <= 17 bytes shall be ASCII characters, and the first of the remaining 18-K shall be a null terminator (zero)','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(211, NULL,'9.3.2.12','Validate that the Reserved for Future Use field is equal to 0x00000000','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(212, NULL,'9.4 Fingerprint BDB','Off-Card Comparison Fingerprint Template','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(213, NULL,'9.4.1','General Record Header Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(214, NULL,'9.4.1.1','Extract contents of format identifier, confirm value 0x464D5200','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(215, NULL,'9.4.1.2','Extract contents of version identifier, confirm value 0x20323030','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(216, NULL,'9.4.1.3','Biometric Data Block length (L) where 26 <= L <= 1574','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(217, NULL,'9.4.1.4','Confirm that product identifier owner and product identifier type are non-zero and that MSBs identify vendor, LSBs identify minutia detection algorithm version','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(218, NULL,'9.4.1.5','Confirm that product identifier owner and product identifier type are non-zero and that MSBs identify vendor, LSBs identify minutia detection algorithm version','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(219, NULL,'9.4.1.6','Confirm that capture equipment compliance has a value of 1000b','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(220, NULL,'9.4.1.7','Confirm that capture equipment id is non-NULL','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(221, NULL,'9.4.1.8','Width of the Size of Scanned Image in x direction is the larger of the widths of the two input images.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(222, NULL,'9.4.1.9','Height of the Size of Scanned Image in y direction is the larger of the heights of the two input images.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(223, NULL,'9.4.1.10','X and Y resolutions both have values of 197','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(224, NULL,'9.4.1.12','Number of Finger Views is 2','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(225, NULL,'9.4.1.13','Confirm that reserved byte is set to 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(226, NULL,'9.4.2','View Header Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(227, NULL,'9.4.2.0.1','Confirm that Finger View Header has value A','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(228, NULL,'9.4.2.0.2','Confirm that Finger View Position (0,14)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(229, NULL,'9.4.2.1','If only 1 minutiae present for a finger, view number must be 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(230, NULL,'9.4.2.2','Impression type must be 0 or 2','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(231, NULL,'9.4.2.3','Finger Quality value shall be 20, 40, 60, 80, 100, 254, or 255.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(232, NULL,'9.4.2.4','Number of minutia (0..128)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(233, NULL,'9.4.2.5','Minutiae Type value shall be 01b, 10b, or 00b.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(234, NULL,'9.4.2.6','Verify that position is one of the valid x,y coordinate types in the original image','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(235, NULL,'9.4.2.7','Verify that angle (0,179)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(236, NULL,'9.4.2.8','Verify that quality (0,100)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(237, NULL,'9.4.2.9','Verify that extended data block length is 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(238, NULL,'9.4.3','Fingerprint Minutiae Data Records','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(239, NULL,'9.4.3.1','Minutiae Type value shall be01b, 10b, or 00b.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(240, NULL,'9.4.3.2','Extended Data Block Length shall be 0','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(241, NULL,'9.5','On-Card Comparison','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(242, NULL,'9.5.1','BIT Group Template data conformance for on-card comparison','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(243, NULL,'9.6 Facial Image BDB','Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(244, NULL,'9.6.1','Facial Image Header Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(245, NULL,'9.6.1.1','Format Identifier has a value 0x46414300','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(246, NULL,'9.6.1.2','Version Number has a value of 0x30313000','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(247, NULL,'9.6.1.3','Number of Facial Images value is >= 1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(248, NULL,'9.6.1.4','Number of Feature Points is >= 0','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(249, NULL,'9.6.2','Facial Image Data Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(250, NULL,'9.6.2.1','Facial Image Type is 1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(251, NULL,'9.6.2.2','Image Data Type is 0 or 1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(252, NULL,'9.6.2.3','Image Color Space is 1','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(253, NULL,'9.6.2.4','Source Type is 2 or 6','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(254, NULL,'9.7 Iris Image BDB','Iris Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(255, NULL,'9.7.1','Iris Image Profile','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(256, NULL,'9.7.2','Iris Image Data Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(257, NULL,'10 Signed Data Elements','Signed Data Elements Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(258, NULL,'10.1 CHUID','Card Holder Unique Identifier','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(259, NULL,'10.1.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(260, NULL,'10.1.1.1','The CHUID buffer contains an asymmetric digital signature that is implemented as a SignedData type and is encoded as a CMS external signature according to RFC 5652.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(261, NULL,'10.1.1.2','The value of the version field of the SignedData is 3.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(262, NULL,'10.1.1.3','The digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP800-78-4.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(263, NULL,'10.1.1.4','The eContent field has been omitted and the eContentType asserts id-piv-CHUIDSecurityObject in encapContentInfo.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(264, NULL,'10.1.1.5','The crls field is omitted from the SignedData.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(265, NULL,'10.1.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(266, NULL,'10.1.1.7','The SignerIdentifier in the SignerInfo uses the issuerAndSerialNumber choice and it corresponds to the issuer and serialNumber fields found in the X.509 certificate of the signer.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(267, NULL,'10.1.1.8','The digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP80078','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(268, NULL,'10.1.1.8.1','The digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(269, NULL,'10.1.1.9','The value of the hash obtained from the message digest attribute of the signedAttrs of the SignerInfo is identical to that obtained after hashing the concatenated contents of the CHUID, excluding the asymmetric digital signature field and the Buffer Length field, if present.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(270, NULL,'10.1.1.10','The value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(271, NULL,'10.1.1.12','The signatureAlgorithm field specified in the SignerInfo field for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm shall be in accordance with Table 3-3 of SP800-78-4.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(272, NULL,'10.1.1.13','The certificate from the cert bag succesfully validates the CMS signature.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(273, NULL,'10.2 Fingerprint','Off-Card Comparison Biometric Fingerprint','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(274, NULL,'10.2.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(275, NULL,'10.2.1.1','CBEFF_SIGNATURE_BLOCK is present in the biometric CBEFF structure containing an asymmetric digital signature that is implemented as a SignedData type according to RFC 5652.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(276, NULL,'10.2.1.2','PKCS#7 version is set to 3','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(277, NULL,'10.2.1.3','digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP 800-78.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(278, NULL,'10.2.1.4','The eContent field has been omitted and the eContentType asserts id-piv-biometricObject in encapContentInfo.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(279, NULL,'10.2.1.5','The crls field is omitted from the SignedData.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(280, NULL,'10.2.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(281, NULL,'10.2.1.7.1','SignerId uses ths IssuerAndSerialNumber choice','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(282, NULL,'10.2.1.7.2','Issuer and Serial in the signer info corresponds to the issuer and serial values in the signer certificate','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(283, NULL,'10.2.1.8','Verify Digest Algorithm in SignerInfo','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(284, NULL,'10.2.1.8.1','The digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP 800-78','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(285, NULL,'10.2.1.8.2','digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(286, NULL,'10.2.1.9','Message digest from signed attributes bag matches the digest over Fingerprint biometric data (excluding contents of digital signature field)','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(287, NULL,'10.2.1.10','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(288, NULL,'10.2.1.11','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(289, NULL,'10.2.1.12','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(290, NULL,'10.2.1.13','The content signing certificate contains id-piv-content-signing or directly-asserted id-fpki-pivi-content-signing (for PIV-I) EKU extension.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(291, NULL,'10.2.1.14','The signed attribute entryUUID matches GUID read from CHUID container.','CARDHOLDER_FINGERPRINTS_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(292, NULL,'10.3 Facial Image','Biometric Facial Image','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(293, NULL,'10.3.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(294, NULL,'10.3.1.1','CBEFF_SIGNATURE_BLOCK is present in the biometric CBEFF structure containing an asymmetric digital signature that is implemented as a SignedData type according to RFC 5652.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(295, NULL,'10.3.1.2','PKCS#7 version is set to 3','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(296, NULL,'10.3.1.3','digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP80078.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(297, NULL,'10.3.1.4','The eContent field has been omitted and the eContentType asserts id-piv-biometricObject in encapContentInfo.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(298, NULL,'10.3.1.5','The crls field is omitted from the SignedData.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(299, NULL,'10.3.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(300, NULL,'10.3.1.7.1','SignerId uses ths IssuerAndSerialNumber choice','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(301, NULL,'10.3.1.7.2','Issuer and Serial in the signer info corresponds to the issuer and serial values in the signer certificate','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(302, NULL,'10.3.1.8.1','Th digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP 800-78','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(303, NULL,'10.3.1.8.2','digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(304, NULL,'10.3.1.9','Message digest from signed attributes bag matches the digest over Facial Image biometric data (excluding contents of digital signature field)','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(305, NULL,'10.3.1.10','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(306, NULL,'10.3.1.11','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(307, NULL,'10.3.1.12','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(308, NULL,'10.3.1.13','The content signing certificate contains id-piv-content-signing or directly-asserted id-fpki-pivi-content-signing (for PIV-I) EKU extension.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(309, NULL,'10.3.1.14','The signed attribute entryUUID matches GUID read from CHUID container.','CARDHOLDER_FACIAL_IMAGE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(310, NULL,'10.4 Security Object','Security Object','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(311, NULL,'10.4.1','Data Integrity','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(312, NULL,'10.4.1.1','The actual hash of the data elements on the PIV card are identical to their corresponding hash values present in the security object.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(313, NULL,'10.4.2','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(314, NULL,'10.4.2.1','Verify that the asymmetric digital field contains a CMS signed data object','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(315, NULL,'10.4.2.2','Confirm that version of signed data structure is 1','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(316, NULL,'10.4.2.3','Verify that eContent contains a security object','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(317, NULL,'10.4.2.4','The eContent field contains a correctly formatted ldsSecurityobject and the eContentType asserts id-icao-ldsSecurityObject in encapContentInfo.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(318, NULL,'10.4.2.5','The certificates field is omitted from the SignedData.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(319, NULL,'10.4.2.6','digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP 800-78','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(320, NULL,'10.4.2.7','The signatureAlgorithm field specified in the SignerInfo field for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm shall be in accordance with Table 3-3 of SP80078.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(321, NULL,'10.4.2.8','The signature in the SignerInfo corresponds to the signed security object and that it is it signed with the certificate that is used to sign the CHUID.','SECURITY_OBJECT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(322, NULL,'10.5 Iris','Biometric Iris','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(323, NULL,'10.5.1','Signature Block Contents','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(324, NULL,'10.5.1.1','CBEFF_SIGNATURE_BLOCK is present in the biometric CBEFF structure containing an asymmetric digital signature that is implemented as a SignedData type according to RFC 5652.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(325, NULL,'10.5.1.2','PKCS#7 version is set to 3','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(326, NULL,'10.5.1.3','digestAlgorithms field value of the SignedData is in accordance with Table 3-2 of SP80078.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(327, NULL,'10.5.1.4','The eContent field has been omitted and the eContentType asserts id-piv-biometricObject in encapContentInfo.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(328, NULL,'10.5.1.5','The crls field is omitted from the SignedData.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(329, NULL,'10.5.1.6','The signerInfos field in the SignedData contains a single SignerInfo.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(330, NULL,'10.5.1.7','SignerId uses ths IssuerAndSerialNumber choice','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(331, NULL,'10.5.1.8','Issuer and Serial in the signer info corresponds to the issuer and serial values in the signer certificate','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(332, NULL,'10.5.1.9','Th digestAlgorithm field value of the SignerInfo is in accordance with Table 3-2 of SP 800-78','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(333, NULL,'10.5.1.10','digestAlgorithm field value of the SignerInfo matches the value present in the digestAlgorithms field of the SignedData.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(334, NULL,'10.5.1.11','Message digest from signed attributes bag matches the digest over Fingerprint biometric data (excluding contents of digital signature field)','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(335, NULL,'10.5.1.12','Value of the subject DN obtained from the certificate in the certificates field in the SignedData is identical to that obtained from the pivSigner-DN attribute of the signedAttrs of the SignerInfo.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(336, NULL,'10.5.1.13','Signature algorithm value for RSA with PKCS #1 v1.5 padding specifies the rsaEncryption OID (as per Section 3.2 of RFC 3370) and for ECDSA and RSA with PSS padding, the signatureAlgorithm is in accordance with Table 3-3 of SP80078.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(337, NULL,'10.5.1.14','Certificates field in the SignedData contains a single certificate that can be used to verify the digital signature in the SignerInfo. If the certificates field is omitted, then the certificates field of the SignedData for the CHUID contains the certificate that can be used to verify the digital signature.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(338, NULL,'10.5.1.15','The content signing certificate contains id-piv-content-signing or directly-asserted id-fpki-pivi-content-signing (for PIV-I) EKU extension.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(339, NULL,'10.5.1.16','The signed attribute entryUUID matches GUID read from CHUID container.','CARDHOLDER_IRIS_IMAGES_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(340, NULL,'11 X.509 Certificate Profiles','PKI Certificate Profile Test Assertions','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(341, NULL,'11.1','PIV Authentication Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(342, NULL,'11.1.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(343, NULL,'11.1.1.1','The signatureAlgorithm value is in accordance with Table 3-3 of SP80078. If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(344, NULL,'11.1.1.2','The PIV authentication key is generated using an allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(345, NULL,'11.1.1.3','The key size and types used are in accordance with Table 3-1 of SP 800-78-4.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(346, NULL,'11.1.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(347, NULL,'11.1.2.1.1','digitalSignature bit has been set','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(348, NULL,'11.1.2.1.2','Confirm no other keyUsage bits are set.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(349, NULL,'11.1.2.2.1','A certificate policies extension is present.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(350, NULL,'11.1.2.2.2','A policyIdentifier field in the certificatePolicies extension asserts id-fpki-common-authentication.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(351, NULL,'11.1.2.3','OCSP','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(352, NULL,'11.1.2.3.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(353, NULL,'11.1.2.3.2','An accessMethod containing id-ad-ocsp is present.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(354, NULL,'11.1.2.3.3','AIA uniformResourceIdentifier protocol is http','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(355, NULL,'11.1.2.5','Private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(356, NULL,'11.1.2.6','Subject Alternate Name','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(357, NULL,'11.1.2.6.2','GeneralName field exists that contain a URI asserting a Card UUID as specified by [RFC4122, Section 3] that matches the GUID value in the CHUID.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(358, NULL,'11.1.2.7','Expiration date of the PIV authentication certificate is not beyond the expiration date of the CHUID i.e. the PIV card.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(359, NULL,'11.1.2.8','Exponent of the RSA asymmetric key for PIV authentication is equal to 65,537.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(360, NULL,'11.1.2.9','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(361, NULL,'11.1.2.9.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(362, NULL,'11.1.2.9.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(363, NULL,'11.1.2.10','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(364, NULL,'11.1.2.10.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(365, NULL,'11.1.2.10.2','An accessMethod containing id-ad-caIssuers is present','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(366, NULL,'11.1.2.10.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(367, NULL,'11.1.2.10.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(368, NULL,'11.1.2.10.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_PIV_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(369, NULL,'11.2','Digital Signature Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(370, NULL,'11.2.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(371, NULL,'11.2.1.1','The signatureAlgorithm value is in accordance with Table 3-3 of SP80078. If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(372, NULL,'11.2.1.2','The digital signature key is generated using an allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(373, NULL,'11.2.1.3','The key size used is in accordance with Table 3-1 of SP80078.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(374, NULL,'11.2.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(375, NULL,'11.2.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(376, NULL,'11.2.2.1.1','Key Usage extension is present','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(377, NULL,'11.2.2.1.2','digitalSignature and nonRepudiation bits have been set.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(378, NULL,'11.2.2.2','Private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(379, NULL,'11.2.2.3','Expiration date of the digital signature certificate is not beyond the expiration date of the CHUID i.e. the PIV card.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(380, NULL,'11.2.2.4','Exponent of the RSA asymmetric key for digital signature is equal to 65,537.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(381, NULL,'11.2.2.5','policyIdentifier field in the certificatePolicies extension asserts one of the following: id-fpki-common-hardware or id-fpki-common-High.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(382, NULL,'11.2.2.6','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(383, NULL,'11.2.2.6.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(384, NULL,'11.2.2.6.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(385, NULL,'11.2.2.7','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(386, NULL,'11.2.2.7.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(387, NULL,'11.2.2.7.2','authorityInfoAccess field contains an id-ad-caIssuers','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(388, NULL,'11.2.2.7.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(389, NULL,'11.2.2.7.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(390, NULL,'11.2.2.7.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_DIGITAL_SIGNATURE_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(391, NULL,'11.3','Key Management Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(392, NULL,'11.3.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(393, NULL,'11.3.1.1','If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(394, NULL,'11.3.1.2','The key management key is generated using an allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(395, NULL,'11.3.1.3','The key sizes used are in accordance with Table 3-1 of SP80078.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(396, NULL,'11.3.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(397, NULL,'11.3.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(398, NULL,'11.3.2.1.1','If the public key algorithm is RSA, then the keyUsage extension asserts the keyEncipherment bit.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(399, NULL,'11.3.2.1.2','If the algorithm is Elliptic Curve key, then the keyUsage extension asserts the keyAgreement bit.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(400, NULL,'11.3.2.1.3','No other Key Usage bits are set.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(401, NULL,'11.3.2.2','The private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(402, NULL,'11.3.2.3','Exponent of the RSA asymmetric key for key management is equal to 65,537.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(403, NULL,'11.3.2.4','policyIdentifier field in the certificatePolicies extension asserts one of the following: id-fpki-common-hardware or id-fpki-common-High.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(404, NULL,'11.3.2.5','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(405, NULL,'11.3.2.5.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(406, NULL,'11.3.2.5.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(407, NULL,'11.3.2.6','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(408, NULL,'11.3.2.6.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(409, NULL,'11.3.2.6.2','authorityInfoAccess field contains an id-ad-caIssuers','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(410, NULL,'11.3.2.6.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(411, NULL,'11.3.2.6.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(412, NULL,'11.3.2.6.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_KEY_MANAGEMENT_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(413, NULL,'11.4','Card Authentication Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(414, NULL,'11.4.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(415, NULL,'11.4.1.1','If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(416, NULL,'11.4.1.2','The card authentication key is generated using the allowed asymmetric key algorithm.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(417, NULL,'11.4.1.3','The key sizes used are in accordance with Table 3-1 of SP80078.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(418, NULL,'11.4.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(419, NULL,'11.4.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(420, NULL,'11.4.2.1.1','Key Usage extension is present','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(421, NULL,'11.4.2.1.2','The digitalSignature bit has been set.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(422, NULL,'11.4.2.1.3','No other bits have been set.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(423, NULL,'11.4.2.2','policyIdentifier field in the certificatePolicies extension asserts id-fpki-common-cardAuth.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(424, NULL,'11.4.2.3','Extended Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(425, NULL,'11.4.2.3.1','Extended key usage (extKeyUsage) extension is present and maked critical','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(426, NULL,'11.4.2.3.2','Extended key usage (extKeyUsage) extension asserts id-PIV-cardAuth','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(427, NULL,'11.4.2.3.3','Extended key usage extension does not assert any other OIDs.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(428, NULL,'11.4.2.4','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(429, NULL,'11.4.2.4.1','authorityInformationAccess extension is present','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(430, NULL,'11.4.2.4.2','authorityInfoAccess field contains an id-ad-ocsp','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(431, NULL,'11.4.2.4.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(432, NULL,'11.4.2.4.4','URI scheme is http (not https)','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(433, NULL,'11.4.2.6','The private key corresponds to the public key contained in the certificate as the signature verification succeeds.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(434, NULL,'11.4.2.7','Subject Alternate Name','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(435, NULL,'11.4.2.7.2','GeneralName field exists that contain a URI asserting a Card UUID as specified by [RFC4122, Section 3] that matches the GUID value in the CHUID.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(436, NULL,'11.4.2.7.3','No other name forms appear in the subjectAltName extension.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(437, NULL,'11.4.2.8','Exponent of the RSA asymmetric key for key management is equal to 65,537.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(438, NULL,'11.4.2.9','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(439, NULL,'11.4.2.9.1','URI is present with the http scheme.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(440, NULL,'11.4.2.9.2','URI points only to files with .crl extensions.','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(441, NULL,'11.4.2.10','Authority Information Access (85B-4)','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(442, NULL,'11.4.2.10.5','File contains a CMS a certs-only CMS message (see RFC 3851).','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(443, NULL,'11.5','Secure Messaging Card Verifiable Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(444, NULL,'11.5.1','Secure Messaging CVC Profile Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(445, NULL,'11.5.2','Algorithm Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(446, NULL,'11.5.3','Data Integrity Checks','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(447, NULL,'11.6','Intermediate Card Verifiable Certificate','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(448, NULL,'11.6.1','Intermediate CVC Profile Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(449, NULL,'11.6.2','Algorithm Conformance','X509_CERTIFICATE_FOR_CARD_AUTHENTICATION_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(450, NULL,'11.7','X.509 Certificate for Content Signing','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(451, NULL,'11.7.1','Algorithm Conformance','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(452, NULL,'11.7.1.1','If the algorithm value is id-RSASSA-PSS, verify that the signature->parameters field is populated with SHA-256 (OID = 2.16.840.1.101.3.4.2.1). For the other RSA algorithms, the parameters field is populated with NULL. For ECDSA, the parameters field is absent.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(453, NULL,'11.7.1.2','The card authentication key is generated using the allowed asymmetric key algorithm.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(454, NULL,'11.7.1.3','The key sizes used are in accordance with Table 3-1 of SP80078.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(455, NULL,'11.7.2','Data Integrity Checks','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(456, NULL,'11.7.2.1','Key Usage','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(457, NULL,'11.7.2.1.1','digitalSignature and nonRepudiation bits have been set','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(458, NULL,'11.7.2.1.2','No other bits have been set.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(459, NULL,'11.7.2.2','X.509 Certificate for Content Signing is not expired.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(460, NULL,'11.7.2.3','Exponent of the RSA asymmetric key for the X.509 Certificate for Content Signing is equal to 65,537.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(461, NULL,'11.7.2.4','Certificate Policy and Extended Key Usage','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(462, NULL,'11.7.2.4.1','policyIdentifier field in the certificatePolicies extension asserts the id-fpki-common-piv-contentSigning policy of [COMMON] (OID = 2.16.840.1.101.3.2.1.3.39)','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(463, NULL,'11.7.2.4.2','extended key usage (extKeyUsage) asserts id-PIV-content-signing.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(464, NULL,'11.7.2.5','CRL Distribution Point','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(465, NULL,'11.7.2.5.1','URI is present with the http scheme.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(466, NULL,'11.7.2.5.2','URI points only to files with .crl extensions.','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(467, NULL,'11.7.2.6','Authority Information Access','',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(468, NULL,'11.7.2.6.1','authorityInformationAccess extension is present','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(469, NULL,'11.7.2.6.2','authorityInfoAccess field contains an id-ad-caIssuers','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(470, NULL,'11.7.2.6.3','The accessLocation for this AccessMethod is of type uniformResourceIdentifier','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(471, NULL,'11.7.2.6.4','URI scheme is http (not https)','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestCases" VALUES(472, NULL,'11.7.2.6.5','File contains a CMS a certs-only CMS message (see RFC 3851).','CARD_HOLDER_UNIQUE_IDENTIFIER_OID',NULL, 1, 1); -INSERT INTO "TestsToSteps" VALUES(1, 1,4,0,NULL); -INSERT INTO "TestsToSteps" VALUES(2, 2,5,0,NULL); -INSERT INTO "TestsToSteps" VALUES(3, 3,6,0,NULL); -INSERT INTO "TestsToSteps" VALUES(4, 4,7,0,NULL); -INSERT INTO "TestsToSteps" VALUES(5, 6,8,0,NULL); -INSERT INTO "TestsToSteps" VALUES(6, 7,9,0,NULL); -INSERT INTO "TestsToSteps" VALUES(7, 8,10,0,NULL); -INSERT INTO "TestsToSteps" VALUES(8, 9,11,0,NULL); -INSERT INTO "TestsToSteps" VALUES(9, 10,12,0,NULL); -INSERT INTO "TestsToSteps" VALUES(10, 28,13,0,NULL); -INSERT INTO "TestsToSteps" VALUES(11, 11,14,0,NULL); -INSERT INTO "TestsToSteps" VALUES(12, 1,17,0,NULL); -INSERT INTO "TestsToSteps" VALUES(13, 2,18,0,NULL); -INSERT INTO "TestsToSteps" VALUES(14, 3,19,0,NULL); -INSERT INTO "TestsToSteps" VALUES(15, 4,20,0,NULL); -INSERT INTO "TestsToSteps" VALUES(16, 13,21,0,NULL); -INSERT INTO "TestsToSteps" VALUES(17, 15,22,0,NULL); -INSERT INTO "TestsToSteps" VALUES(18, 47,23,0,NULL); -INSERT INTO "TestsToSteps" VALUES(19, 16,24,0,NULL); -INSERT INTO "TestsToSteps" VALUES(20, 48,25,0,NULL); -INSERT INTO "TestsToSteps" VALUES(21, 49,26,0,NULL); -INSERT INTO "TestsToSteps" VALUES(22, 50,27,0,NULL); -INSERT INTO "TestsToSteps" VALUES(23, 51,28,0,NULL); -INSERT INTO "TestsToSteps" VALUES(24, 18,29,0,NULL); -INSERT INTO "TestsToSteps" VALUES(25, 19,30,0,NULL); -INSERT INTO "TestsToSteps" VALUES(26, 52,31,0,NULL); -INSERT INTO "TestsToSteps" VALUES(27, 53,32,0,NULL); -INSERT INTO "TestsToSteps" VALUES(28, 54,33,0,NULL); -INSERT INTO "TestsToSteps" VALUES(29, 55,34,0,NULL); -INSERT INTO "TestsToSteps" VALUES(30, 14,35,0,NULL); -INSERT INTO "TestsToSteps" VALUES(31, 22,36,0,NULL); -INSERT INTO "TestsToSteps" VALUES(32, 20,37,0,NULL); -INSERT INTO "TestsToSteps" VALUES(33, 21,38,0,NULL); -INSERT INTO "TestsToSteps" VALUES(34, 18,39,0,NULL); -INSERT INTO "TestsToSteps" VALUES(35, 29,40,0,NULL); -INSERT INTO "TestsToSteps" VALUES(36, 28,41,0,NULL); -INSERT INTO "TestsToSteps" VALUES(37, 1,44,0,NULL); -INSERT INTO "TestsToSteps" VALUES(38, 2,45,0,NULL); -INSERT INTO "TestsToSteps" VALUES(39, 3,46,0,NULL); -INSERT INTO "TestsToSteps" VALUES(40, 4,47,0,NULL); -INSERT INTO "TestsToSteps" VALUES(41, 60,48,0,NULL); -INSERT INTO "TestsToSteps" VALUES(42, 24,49,0,NULL); -INSERT INTO "TestsToSteps" VALUES(43, 25,50,0,NULL); -INSERT INTO "TestsToSteps" VALUES(44, 26,51,0,NULL); -INSERT INTO "TestsToSteps" VALUES(45, 27,52,0,NULL); -INSERT INTO "TestsToSteps" VALUES(46, 28,53,0,NULL); -INSERT INTO "TestsToSteps" VALUES(47, 1,56,0,NULL); -INSERT INTO "TestsToSteps" VALUES(48, 2,57,0,NULL); -INSERT INTO "TestsToSteps" VALUES(49, 3,58,0,NULL); -INSERT INTO "TestsToSteps" VALUES(50, 4,59,0,NULL); -INSERT INTO "TestsToSteps" VALUES(51, 29,60,0,NULL); -INSERT INTO "TestsToSteps" VALUES(52, 86,61,0,NULL); -INSERT INTO "TestsToSteps" VALUES(53, 87,62,0,NULL); -INSERT INTO "TestsToSteps" VALUES(54, 84,63,0,NULL); -INSERT INTO "TestsToSteps" VALUES(55, 28,64,0,NULL); -INSERT INTO "TestsToSteps" VALUES(56, 1,67,0,NULL); -INSERT INTO "TestsToSteps" VALUES(57, 2,68,0,NULL); -INSERT INTO "TestsToSteps" VALUES(58, 3,69,0,NULL); -INSERT INTO "TestsToSteps" VALUES(59, 4,70,0,NULL); -INSERT INTO "TestsToSteps" VALUES(60, 32,71,0,NULL); -INSERT INTO "TestsToSteps" VALUES(61, 33,72,0,NULL); -INSERT INTO "TestsToSteps" VALUES(62, 56,73,0,NULL); -INSERT INTO "TestsToSteps" VALUES(63, 57,74,0,NULL); -INSERT INTO "TestsToSteps" VALUES(64, 34,75,0,NULL); -INSERT INTO "TestsToSteps" VALUES(65, 35,76,0,NULL); -INSERT INTO "TestsToSteps" VALUES(66, 36,77,0,NULL); -INSERT INTO "TestsToSteps" VALUES(67, 28,78,0,NULL); -INSERT INTO "TestsToSteps" VALUES(68, 1,81,0,NULL); -INSERT INTO "TestsToSteps" VALUES(69, 2,82,0,NULL); -INSERT INTO "TestsToSteps" VALUES(70, 3,83,0,NULL); -INSERT INTO "TestsToSteps" VALUES(71, 4,84,0,NULL); -INSERT INTO "TestsToSteps" VALUES(72, 37,85,0,NULL); -INSERT INTO "TestsToSteps" VALUES(73, 30,86,0,NULL); -INSERT INTO "TestsToSteps" VALUES(74, 31,87,0,NULL); -INSERT INTO "TestsToSteps" VALUES(75, 28,88,0,NULL); -INSERT INTO "TestsToSteps" VALUES(76, 1,91,0,NULL); -INSERT INTO "TestsToSteps" VALUES(77, 2,92,0,NULL); -INSERT INTO "TestsToSteps" VALUES(78, 3,93,0,NULL); -INSERT INTO "TestsToSteps" VALUES(79, 4,94,0,NULL); -INSERT INTO "TestsToSteps" VALUES(80, 60,95,0,NULL); -INSERT INTO "TestsToSteps" VALUES(81, 24,96,0,NULL); -INSERT INTO "TestsToSteps" VALUES(82, 25,97,0,NULL); -INSERT INTO "TestsToSteps" VALUES(83, 27,98,0,NULL); -INSERT INTO "TestsToSteps" VALUES(84, 26,99,0,NULL); -INSERT INTO "TestsToSteps" VALUES(85, 28,100,0,NULL); -INSERT INTO "TestsToSteps" VALUES(86, 1,103,0,NULL); -INSERT INTO "TestsToSteps" VALUES(87, 2,104,0,NULL); -INSERT INTO "TestsToSteps" VALUES(88, 3,105,0,NULL); -INSERT INTO "TestsToSteps" VALUES(89, 4,106,0,NULL); -INSERT INTO "TestsToSteps" VALUES(90, 60,107,0,NULL); -INSERT INTO "TestsToSteps" VALUES(91, 24,108,0,NULL); -INSERT INTO "TestsToSteps" VALUES(92, 25,109,0,NULL); -INSERT INTO "TestsToSteps" VALUES(93, 26,110,0,NULL); -INSERT INTO "TestsToSteps" VALUES(94, 27,111,0,NULL); -INSERT INTO "TestsToSteps" VALUES(95, 28,112,0,NULL); -INSERT INTO "TestsToSteps" VALUES(96, 1,115,0,NULL); -INSERT INTO "TestsToSteps" VALUES(97, 2,116,0,NULL); -INSERT INTO "TestsToSteps" VALUES(98, 3,117,0,NULL); -INSERT INTO "TestsToSteps" VALUES(99, 4,118,0,NULL); -INSERT INTO "TestsToSteps" VALUES(100, 60,119,0,NULL); -INSERT INTO "TestsToSteps" VALUES(101, 24,120,0,NULL); -INSERT INTO "TestsToSteps" VALUES(102, 25,121,0,NULL); -INSERT INTO "TestsToSteps" VALUES(103, 26,122,0,NULL); -INSERT INTO "TestsToSteps" VALUES(104, 27,123,0,NULL); -INSERT INTO "TestsToSteps" VALUES(105, 28,124,0,NULL); -INSERT INTO "TestsToSteps" VALUES(106, 1,127,0,NULL); -INSERT INTO "TestsToSteps" VALUES(107, 2,128,0,NULL); -INSERT INTO "TestsToSteps" VALUES(108, 3,129,0,NULL); -INSERT INTO "TestsToSteps" VALUES(109, 4,130,0,NULL); -INSERT INTO "TestsToSteps" VALUES(110, 38,131,0,NULL); -INSERT INTO "TestsToSteps" VALUES(111, 39,132,0,NULL); -INSERT INTO "TestsToSteps" VALUES(112, 58,133,0,NULL); -INSERT INTO "TestsToSteps" VALUES(113, 40,134,0,NULL); -INSERT INTO "TestsToSteps" VALUES(114, 41,135,0,NULL); -INSERT INTO "TestsToSteps" VALUES(115, 1,138,0,NULL); -INSERT INTO "TestsToSteps" VALUES(116, 2,139,0,NULL); -INSERT INTO "TestsToSteps" VALUES(117, 3,140,0,NULL); -INSERT INTO "TestsToSteps" VALUES(118, 4,141,0,NULL); -INSERT INTO "TestsToSteps" VALUES(119, 44,142,0,NULL); -INSERT INTO "TestsToSteps" VALUES(120, 45,143,0,NULL); -INSERT INTO "TestsToSteps" VALUES(121, 59,144,0,NULL); -INSERT INTO "TestsToSteps" VALUES(122, 170,145,0,NULL); -INSERT INTO "TestsToSteps" VALUES(123, 46,146,0,NULL); -INSERT INTO "TestsToSteps" VALUES(124, 43,147,0,NULL); -INSERT INTO "TestsToSteps" VALUES(125, 170,150,0,NULL); -INSERT INTO "TestsToSteps" VALUES(126, 170,151,0,NULL); -INSERT INTO "TestsToSteps" VALUES(127, 170,152,0,NULL); -INSERT INTO "TestsToSteps" VALUES(128, 61,159,0,NULL); -INSERT INTO "TestsToSteps" VALUES(129, 62,160,0,NULL); -INSERT INTO "TestsToSteps" VALUES(130, 63,161,0,NULL); -INSERT INTO "TestsToSteps" VALUES(131, 109,162,0,NULL); -INSERT INTO "TestsToSteps" VALUES(132, 64,163,0,NULL); -INSERT INTO "TestsToSteps" VALUES(133, 65,165,0,NULL); -INSERT INTO "TestsToSteps" VALUES(134, 66,166,0,NULL); -INSERT INTO "TestsToSteps" VALUES(135, 67,167,0,NULL); -INSERT INTO "TestsToSteps" VALUES(136, 99,168,0,NULL); -INSERT INTO "TestsToSteps" VALUES(137, 100,169,0,NULL); -INSERT INTO "TestsToSteps" VALUES(138, 64,170,0,NULL); -INSERT INTO "TestsToSteps" VALUES(139, 102,171,0,NULL); -INSERT INTO "TestsToSteps" VALUES(140, 103,172,0,NULL); -INSERT INTO "TestsToSteps" VALUES(141, 104,173,0,NULL); -INSERT INTO "TestsToSteps" VALUES(142, 105,174,0,NULL); -INSERT INTO "TestsToSteps" VALUES(143, 107,175,0,NULL); -INSERT INTO "TestsToSteps" VALUES(144, 61,178,0,NULL); -INSERT INTO "TestsToSteps" VALUES(145, 62,179,0,NULL); -INSERT INTO "TestsToSteps" VALUES(146, 63,180,0,NULL); -INSERT INTO "TestsToSteps" VALUES(147, 109,181,0,NULL); -INSERT INTO "TestsToSteps" VALUES(148, 65,183,0,NULL); -INSERT INTO "TestsToSteps" VALUES(149, 66,184,0,NULL); -INSERT INTO "TestsToSteps" VALUES(150, 67,185,0,NULL); -INSERT INTO "TestsToSteps" VALUES(151, 99,186,0,NULL); -INSERT INTO "TestsToSteps" VALUES(152, 100,187,0,NULL); -INSERT INTO "TestsToSteps" VALUES(153, 64,188,0,NULL); -INSERT INTO "TestsToSteps" VALUES(154, 102,189,0,NULL); -INSERT INTO "TestsToSteps" VALUES(155, 103,190,0,NULL); -INSERT INTO "TestsToSteps" VALUES(156, 104,191,0,NULL); -INSERT INTO "TestsToSteps" VALUES(157, 105,192,0,NULL); -INSERT INTO "TestsToSteps" VALUES(158, 107,193,0,NULL); -INSERT INTO "TestsToSteps" VALUES(159, 61,196,0,NULL); -INSERT INTO "TestsToSteps" VALUES(160, 62,197,0,NULL); -INSERT INTO "TestsToSteps" VALUES(161, 63,198,0,NULL); -INSERT INTO "TestsToSteps" VALUES(162, 109,199,0,NULL); -INSERT INTO "TestsToSteps" VALUES(163, 65,201,0,NULL); -INSERT INTO "TestsToSteps" VALUES(164, 66,202,0,NULL); -INSERT INTO "TestsToSteps" VALUES(165, 67,203,0,NULL); -INSERT INTO "TestsToSteps" VALUES(166, 99,204,0,NULL); -INSERT INTO "TestsToSteps" VALUES(167, 100,205,0,NULL); -INSERT INTO "TestsToSteps" VALUES(168, 64,206,0,NULL); -INSERT INTO "TestsToSteps" VALUES(169, 102,207,0,NULL); -INSERT INTO "TestsToSteps" VALUES(170, 103,208,0,NULL); -INSERT INTO "TestsToSteps" VALUES(171, 104,209,0,NULL); -INSERT INTO "TestsToSteps" VALUES(172, 105,210,0,NULL); -INSERT INTO "TestsToSteps" VALUES(173, 107,211,0,NULL); -INSERT INTO "TestsToSteps" VALUES(174, 69,214,0,NULL); -INSERT INTO "TestsToSteps" VALUES(175, 61,215,0,NULL); -INSERT INTO "TestsToSteps" VALUES(176, 71,216,0,NULL); -INSERT INTO "TestsToSteps" VALUES(177, 72,217,0,NULL); -INSERT INTO "TestsToSteps" VALUES(178, 72,218,0,NULL); -INSERT INTO "TestsToSteps" VALUES(179, 73,219,0,NULL); -INSERT INTO "TestsToSteps" VALUES(180, 74,220,0,NULL); -INSERT INTO "TestsToSteps" VALUES(181, 170,221,0,NULL); -INSERT INTO "TestsToSteps" VALUES(182, 170,222,0,NULL); -INSERT INTO "TestsToSteps" VALUES(183, 77,223,0,NULL); -INSERT INTO "TestsToSteps" VALUES(184, 78,224,0,NULL); -INSERT INTO "TestsToSteps" VALUES(185, 79,225,0,NULL); -INSERT INTO "TestsToSteps" VALUES(186, 80,227,0,NULL); -INSERT INTO "TestsToSteps" VALUES(187, 62,228,0,NULL); -INSERT INTO "TestsToSteps" VALUES(188, 82,229,0,NULL); -INSERT INTO "TestsToSteps" VALUES(189, 83,230,0,NULL); -INSERT INTO "TestsToSteps" VALUES(190, 108,231,0,NULL); -INSERT INTO "TestsToSteps" VALUES(191, 84,232,0,NULL); -INSERT INTO "TestsToSteps" VALUES(192, 85,233,0,NULL); -INSERT INTO "TestsToSteps" VALUES(193, 86,234,0,NULL); -INSERT INTO "TestsToSteps" VALUES(194, 87,235,0,NULL); -INSERT INTO "TestsToSteps" VALUES(195, 88,236,0,NULL); -INSERT INTO "TestsToSteps" VALUES(196, 89,237,0,NULL); -INSERT INTO "TestsToSteps" VALUES(197, 85,239,0,NULL); -INSERT INTO "TestsToSteps" VALUES(198, 89,240,0,NULL); -INSERT INTO "TestsToSteps" VALUES(199, 170,242,0,NULL); -INSERT INTO "TestsToSteps" VALUES(200, 90,245,0,NULL); -INSERT INTO "TestsToSteps" VALUES(201, 63,246,0,NULL); -INSERT INTO "TestsToSteps" VALUES(202, 92,247,0,NULL); -INSERT INTO "TestsToSteps" VALUES(203, 93,248,0,NULL); -INSERT INTO "TestsToSteps" VALUES(204, 170,250,0,NULL); -INSERT INTO "TestsToSteps" VALUES(205, 170,251,0,NULL); -INSERT INTO "TestsToSteps" VALUES(206, 170,252,0,NULL); -INSERT INTO "TestsToSteps" VALUES(207, 170,253,0,NULL); -INSERT INTO "TestsToSteps" VALUES(208, 170,255,0,NULL); -INSERT INTO "TestsToSteps" VALUES(209, 170,256,0,NULL); -INSERT INTO "TestsToSteps" VALUES(210, 110,260,0,NULL); -INSERT INTO "TestsToSteps" VALUES(211, 111,261,0,NULL); -INSERT INTO "TestsToSteps" VALUES(212, 112,262,0,NULL); -INSERT INTO "TestsToSteps" VALUES(213, 114,263,0,NULL); -INSERT INTO "TestsToSteps" VALUES(214, 115,264,0,NULL); -INSERT INTO "TestsToSteps" VALUES(215, 116,265,0,NULL); -INSERT INTO "TestsToSteps" VALUES(216, 117,266,0,NULL); -INSERT INTO "TestsToSteps" VALUES(217, 113,267,0,NULL); -INSERT INTO "TestsToSteps" VALUES(218, 133,268,0,NULL); -INSERT INTO "TestsToSteps" VALUES(219, 120,269,0,NULL); -INSERT INTO "TestsToSteps" VALUES(220, 121,270,0,NULL); -INSERT INTO "TestsToSteps" VALUES(221, 122,271,0,NULL); -INSERT INTO "TestsToSteps" VALUES(222, 123,272,0,NULL); -INSERT INTO "TestsToSteps" VALUES(223, 110,275,0,NULL); -INSERT INTO "TestsToSteps" VALUES(224, 111,276,0,NULL); -INSERT INTO "TestsToSteps" VALUES(225, 112,277,0,NULL); -INSERT INTO "TestsToSteps" VALUES(226, 114,278,0,NULL); -INSERT INTO "TestsToSteps" VALUES(227, 115,279,0,NULL); -INSERT INTO "TestsToSteps" VALUES(228, 116,280,0,NULL); -INSERT INTO "TestsToSteps" VALUES(229, 117,281,0,NULL); -INSERT INTO "TestsToSteps" VALUES(230, 118,282,0,NULL); -INSERT INTO "TestsToSteps" VALUES(231, 131,284,0,NULL); -INSERT INTO "TestsToSteps" VALUES(232, 133,285,0,NULL); -INSERT INTO "TestsToSteps" VALUES(233, 120,286,0,NULL); -INSERT INTO "TestsToSteps" VALUES(234, 121,287,0,NULL); -INSERT INTO "TestsToSteps" VALUES(235, 122,288,0,NULL); -INSERT INTO "TestsToSteps" VALUES(236, 123,289,0,NULL); -INSERT INTO "TestsToSteps" VALUES(237, 124,290,0,NULL); -INSERT INTO "TestsToSteps" VALUES(238, 125,291,0,NULL); -INSERT INTO "TestsToSteps" VALUES(239, 110,294,0,NULL); -INSERT INTO "TestsToSteps" VALUES(240, 111,295,0,NULL); -INSERT INTO "TestsToSteps" VALUES(241, 112,296,0,NULL); -INSERT INTO "TestsToSteps" VALUES(242, 114,297,0,NULL); -INSERT INTO "TestsToSteps" VALUES(243, 115,298,0,NULL); -INSERT INTO "TestsToSteps" VALUES(244, 116,299,0,NULL); -INSERT INTO "TestsToSteps" VALUES(245, 117,300,0,NULL); -INSERT INTO "TestsToSteps" VALUES(246, 118,301,0,NULL); -INSERT INTO "TestsToSteps" VALUES(247, 131,302,0,NULL); -INSERT INTO "TestsToSteps" VALUES(248, 133,303,0,NULL); -INSERT INTO "TestsToSteps" VALUES(249, 120,304,0,NULL); -INSERT INTO "TestsToSteps" VALUES(250, 121,305,0,NULL); -INSERT INTO "TestsToSteps" VALUES(251, 122,306,0,NULL); -INSERT INTO "TestsToSteps" VALUES(252, 123,307,0,NULL); -INSERT INTO "TestsToSteps" VALUES(253, 124,308,0,NULL); -INSERT INTO "TestsToSteps" VALUES(254, 138,309,0,NULL); -INSERT INTO "TestsToSteps" VALUES(255, 42,312,0,NULL); -INSERT INTO "TestsToSteps" VALUES(256, 119,314,0,NULL); -INSERT INTO "TestsToSteps" VALUES(257, 126,315,0,NULL); -INSERT INTO "TestsToSteps" VALUES(258, 127,316,0,NULL); -INSERT INTO "TestsToSteps" VALUES(259, 128,317,0,NULL); -INSERT INTO "TestsToSteps" VALUES(260, 129,318,0,NULL); -INSERT INTO "TestsToSteps" VALUES(261, 131,319,0,NULL); -INSERT INTO "TestsToSteps" VALUES(262, 122,320,0,NULL); -INSERT INTO "TestsToSteps" VALUES(263, 123,321,0,NULL); -INSERT INTO "TestsToSteps" VALUES(264, 110,324,0,NULL); -INSERT INTO "TestsToSteps" VALUES(265, 111,325,0,NULL); -INSERT INTO "TestsToSteps" VALUES(266, 113,326,0,NULL); -INSERT INTO "TestsToSteps" VALUES(267, 114,327,0,NULL); -INSERT INTO "TestsToSteps" VALUES(268, 115,328,0,NULL); -INSERT INTO "TestsToSteps" VALUES(269, 116,329,0,NULL); -INSERT INTO "TestsToSteps" VALUES(270, 117,330,0,NULL); -INSERT INTO "TestsToSteps" VALUES(271, 118,331,0,NULL); -INSERT INTO "TestsToSteps" VALUES(272, 131,332,0,NULL); -INSERT INTO "TestsToSteps" VALUES(273, 133,333,0,NULL); -INSERT INTO "TestsToSteps" VALUES(274, 120,334,0,NULL); -INSERT INTO "TestsToSteps" VALUES(275, 121,335,0,NULL); -INSERT INTO "TestsToSteps" VALUES(276, 122,336,0,NULL); -INSERT INTO "TestsToSteps" VALUES(277, 123,337,0,NULL); -INSERT INTO "TestsToSteps" VALUES(278, 124,338,0,NULL); -INSERT INTO "TestsToSteps" VALUES(279, 138,339,0,NULL); -INSERT INTO "TestsToSteps" VALUES(280, 141,343,0,NULL); -INSERT INTO "TestsToSteps" VALUES(281, 139,344,0,NULL); -INSERT INTO "TestsToSteps" VALUES(282, 139,345,0,NULL); -INSERT INTO "TestsToSteps" VALUES(283, 144,347,0,NULL); -INSERT INTO "TestsToSteps" VALUES(284, 145,348,0,NULL); -INSERT INTO "TestsToSteps" VALUES(285, 146,349,0,NULL); -INSERT INTO "TestsToSteps" VALUES(286, 147,350,0,NULL); -INSERT INTO "TestsToSteps" VALUES(287, 148,352,0,NULL); -INSERT INTO "TestsToSteps" VALUES(288, 149,353,0,NULL); -INSERT INTO "TestsToSteps" VALUES(289, 164,354,0,NULL); -INSERT INTO "TestsToSteps" VALUES(290, 152,355,0,NULL); -INSERT INTO "TestsToSteps" VALUES(291, 168,357,0,NULL); -INSERT INTO "TestsToSteps" VALUES(292, 154,358,0,NULL); -INSERT INTO "TestsToSteps" VALUES(293, 155,359,0,NULL); -INSERT INTO "TestsToSteps" VALUES(294, 150,361,0,NULL); -INSERT INTO "TestsToSteps" VALUES(295, 165,362,0,NULL); -INSERT INTO "TestsToSteps" VALUES(296, 148,364,0,NULL); -INSERT INTO "TestsToSteps" VALUES(297, 163,365,0,NULL); -INSERT INTO "TestsToSteps" VALUES(298, 150,366,0,NULL); -INSERT INTO "TestsToSteps" VALUES(299, 164,367,0,NULL); -INSERT INTO "TestsToSteps" VALUES(300, 166,368,0,NULL); -INSERT INTO "TestsToSteps" VALUES(301, 141,371,0,NULL); -INSERT INTO "TestsToSteps" VALUES(302, 139,372,0,NULL); -INSERT INTO "TestsToSteps" VALUES(303, 139,373,0,NULL); -INSERT INTO "TestsToSteps" VALUES(304, 143,376,0,NULL); -INSERT INTO "TestsToSteps" VALUES(305, 156,377,0,NULL); -INSERT INTO "TestsToSteps" VALUES(306, 152,378,0,NULL); -INSERT INTO "TestsToSteps" VALUES(307, 154,379,0,NULL); -INSERT INTO "TestsToSteps" VALUES(308, 155,380,0,NULL); -INSERT INTO "TestsToSteps" VALUES(309, 147,381,0,NULL); -INSERT INTO "TestsToSteps" VALUES(310, 150,383,0,NULL); -INSERT INTO "TestsToSteps" VALUES(311, 165,384,0,NULL); -INSERT INTO "TestsToSteps" VALUES(312, 148,386,0,NULL); -INSERT INTO "TestsToSteps" VALUES(313, 163,387,0,NULL); -INSERT INTO "TestsToSteps" VALUES(314, 150,388,0,NULL); -INSERT INTO "TestsToSteps" VALUES(315, 164,389,0,NULL); -INSERT INTO "TestsToSteps" VALUES(316, 166,390,0,NULL); -INSERT INTO "TestsToSteps" VALUES(317, 141,393,0,NULL); -INSERT INTO "TestsToSteps" VALUES(318, 139,394,0,NULL); -INSERT INTO "TestsToSteps" VALUES(319, 139,395,0,NULL); -INSERT INTO "TestsToSteps" VALUES(320, 157,398,0,NULL); -INSERT INTO "TestsToSteps" VALUES(321, 158,399,0,NULL); -INSERT INTO "TestsToSteps" VALUES(322, 145,400,0,NULL); -INSERT INTO "TestsToSteps" VALUES(323, 152,401,0,NULL); -INSERT INTO "TestsToSteps" VALUES(324, 155,402,0,NULL); -INSERT INTO "TestsToSteps" VALUES(325, 147,403,0,NULL); -INSERT INTO "TestsToSteps" VALUES(326, 150,405,0,NULL); -INSERT INTO "TestsToSteps" VALUES(327, 165,406,0,NULL); -INSERT INTO "TestsToSteps" VALUES(328, 148,408,0,NULL); -INSERT INTO "TestsToSteps" VALUES(329, 163,409,0,NULL); -INSERT INTO "TestsToSteps" VALUES(330, 150,410,0,NULL); -INSERT INTO "TestsToSteps" VALUES(331, 164,411,0,NULL); -INSERT INTO "TestsToSteps" VALUES(332, 166,412,0,NULL); -INSERT INTO "TestsToSteps" VALUES(333, 141,415,0,NULL); -INSERT INTO "TestsToSteps" VALUES(334, 139,416,0,NULL); -INSERT INTO "TestsToSteps" VALUES(335, 139,417,0,NULL); -INSERT INTO "TestsToSteps" VALUES(336, 143,420,0,NULL); -INSERT INTO "TestsToSteps" VALUES(337, 144,421,0,NULL); -INSERT INTO "TestsToSteps" VALUES(338, 145,422,0,NULL); -INSERT INTO "TestsToSteps" VALUES(339, 147,423,0,NULL); -INSERT INTO "TestsToSteps" VALUES(340, 160,425,0,NULL); -INSERT INTO "TestsToSteps" VALUES(341, 161,426,0,NULL); -INSERT INTO "TestsToSteps" VALUES(342, 161,427,0,NULL); -INSERT INTO "TestsToSteps" VALUES(343, 148,429,0,NULL); -INSERT INTO "TestsToSteps" VALUES(344, 149,430,0,NULL); -INSERT INTO "TestsToSteps" VALUES(345, 150,431,0,NULL); -INSERT INTO "TestsToSteps" VALUES(346, 150,432,0,NULL); -INSERT INTO "TestsToSteps" VALUES(347, 152,433,0,NULL); -INSERT INTO "TestsToSteps" VALUES(348, 168,435,0,NULL); -INSERT INTO "TestsToSteps" VALUES(349, 169,436,0,NULL); -INSERT INTO "TestsToSteps" VALUES(350, 155,437,0,NULL); -INSERT INTO "TestsToSteps" VALUES(351, 150,439,0,NULL); -INSERT INTO "TestsToSteps" VALUES(352, 165,440,0,NULL); -INSERT INTO "TestsToSteps" VALUES(353, 166,442,0,NULL); -INSERT INTO "TestsToSteps" VALUES(354, 141,452,0,NULL); -INSERT INTO "TestsToSteps" VALUES(355, 139,453,0,NULL); -INSERT INTO "TestsToSteps" VALUES(356, 139,454,0,NULL); -INSERT INTO "TestsToSteps" VALUES(357, 144,457,0,NULL); -INSERT INTO "TestsToSteps" VALUES(358, 145,458,0,NULL); -INSERT INTO "TestsToSteps" VALUES(359, 167,459,0,NULL); -INSERT INTO "TestsToSteps" VALUES(360, 155,460,0,NULL); -INSERT INTO "TestsToSteps" VALUES(361, 147,462,0,NULL); -INSERT INTO "TestsToSteps" VALUES(362, 161,463,0,NULL); -INSERT INTO "TestsToSteps" VALUES(363, 150,465,0,NULL); -INSERT INTO "TestsToSteps" VALUES(364, 165,466,0,NULL); -INSERT INTO "TestsToSteps" VALUES(365, 148,468,0,NULL); -INSERT INTO "TestsToSteps" VALUES(366, 149,469,0,NULL); -INSERT INTO "TestsToSteps" VALUES(367, 150,470,0,NULL); -INSERT INTO "TestsToSteps" VALUES(368, 164,471,0,NULL); -INSERT INTO "TestsToSteps" VALUES(369, 166,472,0,NULL); diff --git a/conformancelib/testdata/PIV-I_XTec_First_Data_Cards.xlsx b/conformancelib/testdata/PIV-I_XTec_First_Data_Cards.xlsx deleted file mode 100644 index 36fec4ce..00000000 Binary files a/conformancelib/testdata/PIV-I_XTec_First_Data_Cards.xlsx and /dev/null differ diff --git a/conformancelib/testdata/PIV_ICAM_Test_Cards.db b/conformancelib/testdata/PIV_ICAM_Test_Cards.db index e26ca9c4..f5a3ac3d 100644 Binary files a/conformancelib/testdata/PIV_ICAM_Test_Cards.db and b/conformancelib/testdata/PIV_ICAM_Test_Cards.db differ diff --git a/conformancelib/testdata/PIV_ICAM_Test_Cards.sql b/conformancelib/testdata/PIV_ICAM_Test_Cards.sql index 1c8c6a00..7e606b89 100644 --- a/conformancelib/testdata/PIV_ICAM_Test_Cards.sql +++ b/conformancelib/testdata/PIV_ICAM_Test_Cards.sql @@ -62,178 +62,178 @@ CREATE TABLE IF NOT EXISTS "SystemSettings" ( `GPMasterKey` TEXT ); -INSERT INTO "TestSteps" VALUES(1,'BERTLV.1','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(2,'BERTLV.2','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(3,'BERTLV.3','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(4,'BERTLV.4','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(5,'BERTLV.5','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(6,'73-4.1','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(7,'73-4.2','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(8,'73-4.3','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(9,'73-4.4','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(10,'73-4.5','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(11,'73-4.6','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(12,'73-4.7','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(13,'73-4.8','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(14,'73-4.9','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(15,'73-4.10','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(16,'73-4.11','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(17,'73-4.12','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(18,'73-4.13','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(19,'73-4.14','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(20,'73-4.15','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(21,'73-4.16','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(22,'73-4.17','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(23,'73-4.18','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(24,'73-4.19','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(25,'73-4.20','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(26,'73-4.21','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(27,'73-4.22','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(28,'73-4.23','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(29,'73-4.24','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(30,'73-4.25','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(31,'73-4.26','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(32,'73-4.27','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(33,'73-4.28','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(34,'73-4.29','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_29',NULL); -INSERT INTO "TestSteps" VALUES(35,'73-4.30','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_30',NULL); -INSERT INTO "TestSteps" VALUES(36,'73-4.31','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_31',NULL); -INSERT INTO "TestSteps" VALUES(37,'73-4.32','gov.gsa.conformancelib.tests.SP800_73_4FacialImageTests','sp800_73_4_Test_32',NULL); -INSERT INTO "TestSteps" VALUES(38,'73-4.33','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_33',NULL); -INSERT INTO "TestSteps" VALUES(39,'73-4.34','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_34',NULL); -INSERT INTO "TestSteps" VALUES(40,'73-4.35','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_35',NULL); -INSERT INTO "TestSteps" VALUES(41,'73-4.36','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_36',NULL); -INSERT INTO "TestSteps" VALUES(42,'73-4.37','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_37',NULL); -INSERT INTO "TestSteps" VALUES(43,'73-4.38','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_38',NULL); -INSERT INTO "TestSteps" VALUES(44,'73-4.40','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_40',NULL); -INSERT INTO "TestSteps" VALUES(45,'73-4.41','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_41',NULL); -INSERT INTO "TestSteps" VALUES(46,'73-4.42','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_42',NULL); -INSERT INTO "TestSteps" VALUES(47,'73-4.43','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_43',NULL); -INSERT INTO "TestSteps" VALUES(48,'73-4.44','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_44',NULL); -INSERT INTO "TestSteps" VALUES(49,'73-4.45','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_45',NULL); -INSERT INTO "TestSteps" VALUES(50,'73-4.46','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_46',NULL); -INSERT INTO "TestSteps" VALUES(51,'73-4.47','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_47',NULL); -INSERT INTO "TestSteps" VALUES(52,'73-4.48','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_48',NULL); -INSERT INTO "TestSteps" VALUES(53,'73-4.49','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_49',NULL); -INSERT INTO "TestSteps" VALUES(54,'73-4.50','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_50',NULL); -INSERT INTO "TestSteps" VALUES(55,'73-4.51','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_51',NULL); -INSERT INTO "TestSteps" VALUES(56,'73-4.52','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_52',NULL); -INSERT INTO "TestSteps" VALUES(57,'73-4.53','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_53',NULL); -INSERT INTO "TestSteps" VALUES(58,'73-4.54','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_54',NULL); -INSERT INTO "TestSteps" VALUES(59,'73-4.55','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_55',NULL); -INSERT INTO "TestSteps" VALUES(60,'73-4.56','gov.gsa.conformancelib.tests.SP800_73_4CommmonObjectTests','sp800_73_4_Test_56',NULL); -INSERT INTO "TestSteps" VALUES(61,'76.1','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_1',NULL); -INSERT INTO "TestSteps" VALUES(62,'76.2','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_2',NULL); -INSERT INTO "TestSteps" VALUES(63,'76.3','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_3',NULL); -INSERT INTO "TestSteps" VALUES(64,'76.4','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_4',NULL); -INSERT INTO "TestSteps" VALUES(65,'76.5','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_5',NULL); -INSERT INTO "TestSteps" VALUES(66,'76.6','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_6',NULL); -INSERT INTO "TestSteps" VALUES(67,'76.7','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_7',NULL); -INSERT INTO "TestSteps" VALUES(68,'76.8','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_8',NULL); -INSERT INTO "TestSteps" VALUES(69,'76.9','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_9',NULL); -INSERT INTO "TestSteps" VALUES(70,'76.10','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_10',NULL); -INSERT INTO "TestSteps" VALUES(71,'76.11','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_11',NULL); -INSERT INTO "TestSteps" VALUES(72,'76.12','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_12',NULL); -INSERT INTO "TestSteps" VALUES(73,'76.13','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_13',NULL); -INSERT INTO "TestSteps" VALUES(74,'76.14','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_14',NULL); -INSERT INTO "TestSteps" VALUES(75,'76.15a','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_15a',NULL); -INSERT INTO "TestSteps" VALUES(76,'76.15b','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_15b',NULL); -INSERT INTO "TestSteps" VALUES(77,'76.16','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_16',NULL); -INSERT INTO "TestSteps" VALUES(78,'76.17','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_17',NULL); -INSERT INTO "TestSteps" VALUES(79,'76.18','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_18',NULL); -INSERT INTO "TestSteps" VALUES(80,'76.19','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_19',NULL); -INSERT INTO "TestSteps" VALUES(81,'76.20','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_20',NULL); -INSERT INTO "TestSteps" VALUES(82,'76.21','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_21',NULL); -INSERT INTO "TestSteps" VALUES(83,'76.22','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_22',NULL); -INSERT INTO "TestSteps" VALUES(84,'76.23','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_23',NULL); -INSERT INTO "TestSteps" VALUES(85,'76.24','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_24',NULL); -INSERT INTO "TestSteps" VALUES(86,'76.25','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_25',NULL); -INSERT INTO "TestSteps" VALUES(87,'76.26','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_26',NULL); -INSERT INTO "TestSteps" VALUES(88,'76.27','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_27',NULL); -INSERT INTO "TestSteps" VALUES(89,'76.28','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_28',NULL); -INSERT INTO "TestSteps" VALUES(90,'76.29','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_29',NULL); -INSERT INTO "TestSteps" VALUES(91,'76.30','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_30',NULL); -INSERT INTO "TestSteps" VALUES(92,'76.31','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_31',NULL); -INSERT INTO "TestSteps" VALUES(93,'76.32','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_32',NULL); -INSERT INTO "TestSteps" VALUES(94,'76.33','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_33',NULL); -INSERT INTO "TestSteps" VALUES(95,'76.34','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_34',NULL); -INSERT INTO "TestSteps" VALUES(96,'76.35','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_35',NULL); -INSERT INTO "TestSteps" VALUES(97,'76.36','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_36',NULL); -INSERT INTO "TestSteps" VALUES(98,'76.37','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_37',NULL); -INSERT INTO "TestSteps" VALUES(99,'76.38','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_38',NULL); -INSERT INTO "TestSteps" VALUES(100,'76.39','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_39',NULL); -INSERT INTO "TestSteps" VALUES(101,'76.40','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_40',NULL); -INSERT INTO "TestSteps" VALUES(102,'76.41','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_41',NULL); -INSERT INTO "TestSteps" VALUES(103,'76.42','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_42',NULL); -INSERT INTO "TestSteps" VALUES(104,'76.43','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_43',NULL); -INSERT INTO "TestSteps" VALUES(105,'76.44','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_44',NULL); -INSERT INTO "TestSteps" VALUES(106,'76.45','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_45',NULL); -INSERT INTO "TestSteps" VALUES(107,'76.46','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_46',NULL); -INSERT INTO "TestSteps" VALUES(108,'76.47','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_47',NULL); -INSERT INTO "TestSteps" VALUES(109,'76.48','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_48',NULL); -INSERT INTO "TestSteps" VALUES(110,'CMS.1','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(111,'CMS.2','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(112,'CMS.3','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(113,'CMS.4','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(114,'CMS.5','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(115,'CMS.6','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(116,'CMS.7','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(117,'CMS.8','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(118,'CMS.9','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(119,'CMS.10','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(120,'CMS.11','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(121,'CMS.12','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(122,'CMS.13','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(123,'CMS.14','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(124,'CMS.15','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(125,'CMS.17','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(126,'CMS.18','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(127,'CMS.19','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(128,'CMS.20','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(129,'CMS.21','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(130,'CMS.22','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(131,'CMS.23','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(132,'CMS.24','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(133,'CMS.25','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(134,'CMS.26','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(135,'CMS.27','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(136,'CMS.28','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(137,'CMS.29','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_29',NULL); -INSERT INTO "TestSteps" VALUES(138,'CMS.30','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_30',NULL); -INSERT INTO "TestSteps" VALUES(139,'78.1','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(140,'78.2','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(141,'78.3','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(142,'PKIX.1','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(143,'PKIX.2','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(144,'PKIX.3','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(145,'PKIX.4','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(146,'PKIX.5','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(147,'PKIX.6','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(148,'PKIX.7','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(149,'PKIX.8','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(150,'PKIX.9','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(151,'PKIX.10','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(152,'PKIX.11','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(153,'PKIX.12','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(154,'PKIX.13','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(155,'PKIX.14','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(156,'PKIX.15','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(157,'PKIX.16','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(158,'PKIX.17','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(159,'PKIX.18','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(160,'PKIX.19','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(161,'PKIX.20','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(162,'PKIX.21','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(163,'PKIX.22','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(164,'PKIX.23','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(165,'PKIX.24','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(166,'PKIX.25','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(167,'PKIX.26','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(168,'PKIX.27','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(169,'PKIX.28','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(170,'PlaceholderTest.1','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_1',NULL); -INSERT INTO "TestSteps" VALUES(171,'PlaceholderTest.2','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_2',NULL); -INSERT INTO "TestSteps" VALUES(172,'PlaceholderTest.3','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_3',NULL); +INSERT INTO "TestSteps" VALUES(1,'BERTLV.1','gov.gsa.pivconformance.conformancelib.tests.BER_TLVTests','berTLV_Test_1',NULL); +INSERT INTO "TestSteps" VALUES(2,'BERTLV.2','gov.gsa.pivconformance.conformancelib.tests.BER_TLVTests','berTLV_Test_2',NULL); +INSERT INTO "TestSteps" VALUES(3,'BERTLV.3','gov.gsa.pivconformance.conformancelib.tests.BER_TLVTests','berTLV_Test_3',NULL); +INSERT INTO "TestSteps" VALUES(4,'BERTLV.4','gov.gsa.pivconformance.conformancelib.tests.BER_TLVTests','berTLV_Test_4',NULL); +INSERT INTO "TestSteps" VALUES(5,'BERTLV.5','gov.gsa.pivconformance.conformancelib.tests.BER_TLVTests','berTLV_Test_5',NULL); +INSERT INTO "TestSteps" VALUES(6,'73-4.1','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_1',NULL); +INSERT INTO "TestSteps" VALUES(7,'73-4.2','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_2',NULL); +INSERT INTO "TestSteps" VALUES(8,'73-4.3','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_3',NULL); +INSERT INTO "TestSteps" VALUES(9,'73-4.4','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_4',NULL); +INSERT INTO "TestSteps" VALUES(10,'73-4.5','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_5',NULL); +INSERT INTO "TestSteps" VALUES(11,'73-4.6','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_6',NULL); +INSERT INTO "TestSteps" VALUES(12,'73-4.7','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_7',NULL); +INSERT INTO "TestSteps" VALUES(13,'73-4.8','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_8',NULL); +INSERT INTO "TestSteps" VALUES(14,'73-4.9','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_9',NULL); +INSERT INTO "TestSteps" VALUES(15,'73-4.10','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_10',NULL); +INSERT INTO "TestSteps" VALUES(16,'73-4.11','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_11',NULL); +INSERT INTO "TestSteps" VALUES(17,'73-4.12','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_12',NULL); +INSERT INTO "TestSteps" VALUES(18,'73-4.13','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_13',NULL); +INSERT INTO "TestSteps" VALUES(19,'73-4.14','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_14',NULL); +INSERT INTO "TestSteps" VALUES(20,'73-4.15','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_15',NULL); +INSERT INTO "TestSteps" VALUES(21,'73-4.16','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_16',NULL); +INSERT INTO "TestSteps" VALUES(22,'73-4.17','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_17',NULL); +INSERT INTO "TestSteps" VALUES(23,'73-4.18','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_18',NULL); +INSERT INTO "TestSteps" VALUES(24,'73-4.19','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_19',NULL); +INSERT INTO "TestSteps" VALUES(25,'73-4.20','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_20',NULL); +INSERT INTO "TestSteps" VALUES(26,'73-4.21','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_21',NULL); +INSERT INTO "TestSteps" VALUES(27,'73-4.22','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_22',NULL); +INSERT INTO "TestSteps" VALUES(28,'73-4.23','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_23',NULL); +INSERT INTO "TestSteps" VALUES(29,'73-4.24','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_24',NULL); +INSERT INTO "TestSteps" VALUES(30,'73-4.25','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_25',NULL); +INSERT INTO "TestSteps" VALUES(31,'73-4.26','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_26',NULL); +INSERT INTO "TestSteps" VALUES(32,'73-4.27','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_27',NULL); +INSERT INTO "TestSteps" VALUES(33,'73-4.28','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_28',NULL); +INSERT INTO "TestSteps" VALUES(34,'73-4.29','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_29',NULL); +INSERT INTO "TestSteps" VALUES(35,'73-4.30','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_30',NULL); +INSERT INTO "TestSteps" VALUES(36,'73-4.31','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_31',NULL); +INSERT INTO "TestSteps" VALUES(37,'73-4.32','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4FacialImageTests','sp800_73_4_Test_32',NULL); +INSERT INTO "TestSteps" VALUES(38,'73-4.33','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_33',NULL); +INSERT INTO "TestSteps" VALUES(39,'73-4.34','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_34',NULL); +INSERT INTO "TestSteps" VALUES(40,'73-4.35','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_35',NULL); +INSERT INTO "TestSteps" VALUES(41,'73-4.36','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_36',NULL); +INSERT INTO "TestSteps" VALUES(42,'73-4.37','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_37',NULL); +INSERT INTO "TestSteps" VALUES(43,'73-4.38','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_38',NULL); +INSERT INTO "TestSteps" VALUES(44,'73-4.40','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_40',NULL); +INSERT INTO "TestSteps" VALUES(45,'73-4.41','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_41',NULL); +INSERT INTO "TestSteps" VALUES(46,'73-4.42','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_42',NULL); +INSERT INTO "TestSteps" VALUES(47,'73-4.43','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_43',NULL); +INSERT INTO "TestSteps" VALUES(48,'73-4.44','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_44',NULL); +INSERT INTO "TestSteps" VALUES(49,'73-4.45','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_45',NULL); +INSERT INTO "TestSteps" VALUES(50,'73-4.46','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_46',NULL); +INSERT INTO "TestSteps" VALUES(51,'73-4.47','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_47',NULL); +INSERT INTO "TestSteps" VALUES(52,'73-4.48','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_48',NULL); +INSERT INTO "TestSteps" VALUES(53,'73-4.49','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_49',NULL); +INSERT INTO "TestSteps" VALUES(54,'73-4.50','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_50',NULL); +INSERT INTO "TestSteps" VALUES(55,'73-4.51','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_51',NULL); +INSERT INTO "TestSteps" VALUES(56,'73-4.52','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_52',NULL); +INSERT INTO "TestSteps" VALUES(57,'73-4.53','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_53',NULL); +INSERT INTO "TestSteps" VALUES(58,'73-4.54','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_54',NULL); +INSERT INTO "TestSteps" VALUES(59,'73-4.55','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_55',NULL); +INSERT INTO "TestSteps" VALUES(60,'73-4.56','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CommmonObjectTests','sp800_73_4_Test_56',NULL); +INSERT INTO "TestSteps" VALUES(61,'76.1','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_1',NULL); +INSERT INTO "TestSteps" VALUES(62,'76.2','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_2',NULL); +INSERT INTO "TestSteps" VALUES(63,'76.3','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_3',NULL); +INSERT INTO "TestSteps" VALUES(64,'76.4','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_4',NULL); +INSERT INTO "TestSteps" VALUES(65,'76.5','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_5',NULL); +INSERT INTO "TestSteps" VALUES(66,'76.6','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_6',NULL); +INSERT INTO "TestSteps" VALUES(67,'76.7','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_7',NULL); +INSERT INTO "TestSteps" VALUES(68,'76.8','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_8',NULL); +INSERT INTO "TestSteps" VALUES(69,'76.9','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_9',NULL); +INSERT INTO "TestSteps" VALUES(70,'76.10','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_10',NULL); +INSERT INTO "TestSteps" VALUES(71,'76.11','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_11',NULL); +INSERT INTO "TestSteps" VALUES(72,'76.12','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_12',NULL); +INSERT INTO "TestSteps" VALUES(73,'76.13','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_13',NULL); +INSERT INTO "TestSteps" VALUES(74,'76.14','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_14',NULL); +INSERT INTO "TestSteps" VALUES(75,'76.15a','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_15a',NULL); +INSERT INTO "TestSteps" VALUES(76,'76.15b','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_15b',NULL); +INSERT INTO "TestSteps" VALUES(77,'76.16','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_16',NULL); +INSERT INTO "TestSteps" VALUES(78,'76.17','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_17',NULL); +INSERT INTO "TestSteps" VALUES(79,'76.18','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_18',NULL); +INSERT INTO "TestSteps" VALUES(80,'76.19','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_19',NULL); +INSERT INTO "TestSteps" VALUES(81,'76.20','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_20',NULL); +INSERT INTO "TestSteps" VALUES(82,'76.21','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_21',NULL); +INSERT INTO "TestSteps" VALUES(83,'76.22','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_22',NULL); +INSERT INTO "TestSteps" VALUES(84,'76.23','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_23',NULL); +INSERT INTO "TestSteps" VALUES(85,'76.24','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_24',NULL); +INSERT INTO "TestSteps" VALUES(86,'76.25','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_25',NULL); +INSERT INTO "TestSteps" VALUES(87,'76.26','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_26',NULL); +INSERT INTO "TestSteps" VALUES(88,'76.27','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_27',NULL); +INSERT INTO "TestSteps" VALUES(89,'76.28','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_28',NULL); +INSERT INTO "TestSteps" VALUES(90,'76.29','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_29',NULL); +INSERT INTO "TestSteps" VALUES(91,'76.30','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_30',NULL); +INSERT INTO "TestSteps" VALUES(92,'76.31','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_31',NULL); +INSERT INTO "TestSteps" VALUES(93,'76.32','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_32',NULL); +INSERT INTO "TestSteps" VALUES(94,'76.33','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_33',NULL); +INSERT INTO "TestSteps" VALUES(95,'76.34','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_34',NULL); +INSERT INTO "TestSteps" VALUES(96,'76.35','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_35',NULL); +INSERT INTO "TestSteps" VALUES(97,'76.36','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_36',NULL); +INSERT INTO "TestSteps" VALUES(98,'76.37','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_37',NULL); +INSERT INTO "TestSteps" VALUES(99,'76.38','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_38',NULL); +INSERT INTO "TestSteps" VALUES(100,'76.39','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_39',NULL); +INSERT INTO "TestSteps" VALUES(101,'76.40','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_40',NULL); +INSERT INTO "TestSteps" VALUES(102,'76.41','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_41',NULL); +INSERT INTO "TestSteps" VALUES(103,'76.42','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_42',NULL); +INSERT INTO "TestSteps" VALUES(104,'76.43','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_43',NULL); +INSERT INTO "TestSteps" VALUES(105,'76.44','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_44',NULL); +INSERT INTO "TestSteps" VALUES(106,'76.45','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_45',NULL); +INSERT INTO "TestSteps" VALUES(107,'76.46','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_46',NULL); +INSERT INTO "TestSteps" VALUES(108,'76.47','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_47',NULL); +INSERT INTO "TestSteps" VALUES(109,'76.48','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_48',NULL); +INSERT INTO "TestSteps" VALUES(110,'CMS.1','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_1',NULL); +INSERT INTO "TestSteps" VALUES(111,'CMS.2','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_2',NULL); +INSERT INTO "TestSteps" VALUES(112,'CMS.3','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_3',NULL); +INSERT INTO "TestSteps" VALUES(113,'CMS.4','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_4',NULL); +INSERT INTO "TestSteps" VALUES(114,'CMS.5','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_5',NULL); +INSERT INTO "TestSteps" VALUES(115,'CMS.6','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_6',NULL); +INSERT INTO "TestSteps" VALUES(116,'CMS.7','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_7',NULL); +INSERT INTO "TestSteps" VALUES(117,'CMS.8','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_8',NULL); +INSERT INTO "TestSteps" VALUES(118,'CMS.9','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_9',NULL); +INSERT INTO "TestSteps" VALUES(119,'CMS.10','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_10',NULL); +INSERT INTO "TestSteps" VALUES(120,'CMS.11','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_11',NULL); +INSERT INTO "TestSteps" VALUES(121,'CMS.12','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_12',NULL); +INSERT INTO "TestSteps" VALUES(122,'CMS.13','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_13',NULL); +INSERT INTO "TestSteps" VALUES(123,'CMS.14','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_14',NULL); +INSERT INTO "TestSteps" VALUES(124,'CMS.15','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_15',NULL); +INSERT INTO "TestSteps" VALUES(125,'CMS.17','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_17',NULL); +INSERT INTO "TestSteps" VALUES(126,'CMS.18','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_18',NULL); +INSERT INTO "TestSteps" VALUES(127,'CMS.19','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_19',NULL); +INSERT INTO "TestSteps" VALUES(128,'CMS.20','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_20',NULL); +INSERT INTO "TestSteps" VALUES(129,'CMS.21','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_21',NULL); +INSERT INTO "TestSteps" VALUES(130,'CMS.22','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_22',NULL); +INSERT INTO "TestSteps" VALUES(131,'CMS.23','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_23',NULL); +INSERT INTO "TestSteps" VALUES(132,'CMS.24','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_24',NULL); +INSERT INTO "TestSteps" VALUES(133,'CMS.25','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_25',NULL); +INSERT INTO "TestSteps" VALUES(134,'CMS.26','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_26',NULL); +INSERT INTO "TestSteps" VALUES(135,'CMS.27','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_27',NULL); +INSERT INTO "TestSteps" VALUES(136,'CMS.28','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_28',NULL); +INSERT INTO "TestSteps" VALUES(137,'CMS.29','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_29',NULL); +INSERT INTO "TestSteps" VALUES(138,'CMS.30','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_30',NULL); +INSERT INTO "TestSteps" VALUES(139,'78.1','gov.gsa.pivconformance.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_1',NULL); +INSERT INTO "TestSteps" VALUES(140,'78.2','gov.gsa.pivconformance.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_2',NULL); +INSERT INTO "TestSteps" VALUES(141,'78.3','gov.gsa.pivconformance.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_3',NULL); +INSERT INTO "TestSteps" VALUES(142,'PKIX.1','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_1',NULL); +INSERT INTO "TestSteps" VALUES(143,'PKIX.2','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_2',NULL); +INSERT INTO "TestSteps" VALUES(144,'PKIX.3','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_3',NULL); +INSERT INTO "TestSteps" VALUES(145,'PKIX.4','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_4',NULL); +INSERT INTO "TestSteps" VALUES(146,'PKIX.5','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_5',NULL); +INSERT INTO "TestSteps" VALUES(147,'PKIX.6','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_6',NULL); +INSERT INTO "TestSteps" VALUES(148,'PKIX.7','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_7',NULL); +INSERT INTO "TestSteps" VALUES(149,'PKIX.8','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_8',NULL); +INSERT INTO "TestSteps" VALUES(150,'PKIX.9','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_9',NULL); +INSERT INTO "TestSteps" VALUES(151,'PKIX.10','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_10',NULL); +INSERT INTO "TestSteps" VALUES(152,'PKIX.11','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_11',NULL); +INSERT INTO "TestSteps" VALUES(153,'PKIX.12','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_12',NULL); +INSERT INTO "TestSteps" VALUES(154,'PKIX.13','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_13',NULL); +INSERT INTO "TestSteps" VALUES(155,'PKIX.14','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_14',NULL); +INSERT INTO "TestSteps" VALUES(156,'PKIX.15','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_15',NULL); +INSERT INTO "TestSteps" VALUES(157,'PKIX.16','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_16',NULL); +INSERT INTO "TestSteps" VALUES(158,'PKIX.17','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_17',NULL); +INSERT INTO "TestSteps" VALUES(159,'PKIX.18','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_18',NULL); +INSERT INTO "TestSteps" VALUES(160,'PKIX.19','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_19',NULL); +INSERT INTO "TestSteps" VALUES(161,'PKIX.20','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_20',NULL); +INSERT INTO "TestSteps" VALUES(162,'PKIX.21','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_21',NULL); +INSERT INTO "TestSteps" VALUES(163,'PKIX.22','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_22',NULL); +INSERT INTO "TestSteps" VALUES(164,'PKIX.23','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_23',NULL); +INSERT INTO "TestSteps" VALUES(165,'PKIX.24','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_24',NULL); +INSERT INTO "TestSteps" VALUES(166,'PKIX.25','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_25',NULL); +INSERT INTO "TestSteps" VALUES(167,'PKIX.26','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_26',NULL); +INSERT INTO "TestSteps" VALUES(168,'PKIX.27','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_27',NULL); +INSERT INTO "TestSteps" VALUES(169,'PKIX.28','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_28',NULL); +INSERT INTO "TestSteps" VALUES(170,'PlaceholderTest.1','gov.gsa.pivconformance.conformancelib.tests.PlaceholderTests','PlaceholderTest_1',NULL); +INSERT INTO "TestSteps" VALUES(171,'PlaceholderTest.2','gov.gsa.pivconformance.conformancelib.tests.PlaceholderTests','PlaceholderTest_2',NULL); +INSERT INTO "TestSteps" VALUES(172,'PlaceholderTest.3','gov.gsa.pivconformance.conformancelib.tests.PlaceholderTests','PlaceholderTest_3',NULL); INSERT INTO "TestStepParameters" VALUES(1, 21,NULL,'15',0); INSERT INTO "TestStepParameters" VALUES(2, 99,NULL,'CARDHOLDER_FINGERPRINTS_OID:513',0); INSERT INTO "TestStepParameters" VALUES(3, 99,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:1281',1); diff --git a/conformancelib/testdata/PIV_ICAM_Test_Cards.xlsx b/conformancelib/testdata/PIV_ICAM_Test_Cards.xlsx index c198f640..d4b2cdfc 100644 Binary files a/conformancelib/testdata/PIV_ICAM_Test_Cards.xlsx and b/conformancelib/testdata/PIV_ICAM_Test_Cards.xlsx differ diff --git a/conformancelib/testdata/PIV_Production_Cards.db b/conformancelib/testdata/PIV_Production_Cards.db index 19a0e753..f1cc6d3c 100644 Binary files a/conformancelib/testdata/PIV_Production_Cards.db and b/conformancelib/testdata/PIV_Production_Cards.db differ diff --git a/conformancelib/testdata/PIV_Production_Cards.sql b/conformancelib/testdata/PIV_Production_Cards.sql index 22de3ac4..7582c4d2 100644 --- a/conformancelib/testdata/PIV_Production_Cards.sql +++ b/conformancelib/testdata/PIV_Production_Cards.sql @@ -62,178 +62,178 @@ CREATE TABLE IF NOT EXISTS "SystemSettings" ( `GPMasterKey` TEXT ); -INSERT INTO "TestSteps" VALUES(1,'BERTLV.1','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(2,'BERTLV.2','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(3,'BERTLV.3','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(4,'BERTLV.4','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(5,'BERTLV.5','gov.gsa.conformancelib.tests.BER_TLVTests','berTLV_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(6,'73-4.1','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(7,'73-4.2','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(8,'73-4.3','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(9,'73-4.4','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(10,'73-4.5','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(11,'73-4.6','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(12,'73-4.7','gov.gsa.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(13,'73-4.8','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(14,'73-4.9','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(15,'73-4.10','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(16,'73-4.11','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(17,'73-4.12','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(18,'73-4.13','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(19,'73-4.14','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(20,'73-4.15','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(21,'73-4.16','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(22,'73-4.17','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(23,'73-4.18','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(24,'73-4.19','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(25,'73-4.20','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(26,'73-4.21','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(27,'73-4.22','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(28,'73-4.23','gov.gsa.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(29,'73-4.24','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(30,'73-4.25','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(31,'73-4.26','gov.gsa.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(32,'73-4.27','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(33,'73-4.28','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(34,'73-4.29','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_29',NULL); -INSERT INTO "TestSteps" VALUES(35,'73-4.30','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_30',NULL); -INSERT INTO "TestSteps" VALUES(36,'73-4.31','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_31',NULL); -INSERT INTO "TestSteps" VALUES(37,'73-4.32','gov.gsa.conformancelib.tests.SP800_73_4FacialImageTests','sp800_73_4_Test_32',NULL); -INSERT INTO "TestSteps" VALUES(38,'73-4.33','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_33',NULL); -INSERT INTO "TestSteps" VALUES(39,'73-4.34','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_34',NULL); -INSERT INTO "TestSteps" VALUES(40,'73-4.35','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_35',NULL); -INSERT INTO "TestSteps" VALUES(41,'73-4.36','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_36',NULL); -INSERT INTO "TestSteps" VALUES(42,'73-4.37','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_37',NULL); -INSERT INTO "TestSteps" VALUES(43,'73-4.38','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_38',NULL); -INSERT INTO "TestSteps" VALUES(44,'73-4.40','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_40',NULL); -INSERT INTO "TestSteps" VALUES(45,'73-4.41','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_41',NULL); -INSERT INTO "TestSteps" VALUES(46,'73-4.42','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_42',NULL); -INSERT INTO "TestSteps" VALUES(47,'73-4.43','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_43',NULL); -INSERT INTO "TestSteps" VALUES(48,'73-4.44','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_44',NULL); -INSERT INTO "TestSteps" VALUES(49,'73-4.45','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_45',NULL); -INSERT INTO "TestSteps" VALUES(50,'73-4.46','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_46',NULL); -INSERT INTO "TestSteps" VALUES(51,'73-4.47','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_47',NULL); -INSERT INTO "TestSteps" VALUES(52,'73-4.48','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_48',NULL); -INSERT INTO "TestSteps" VALUES(53,'73-4.49','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_49',NULL); -INSERT INTO "TestSteps" VALUES(54,'73-4.50','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_50',NULL); -INSERT INTO "TestSteps" VALUES(55,'73-4.51','gov.gsa.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_51',NULL); -INSERT INTO "TestSteps" VALUES(56,'73-4.52','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_52',NULL); -INSERT INTO "TestSteps" VALUES(57,'73-4.53','gov.gsa.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_53',NULL); -INSERT INTO "TestSteps" VALUES(58,'73-4.54','gov.gsa.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_54',NULL); -INSERT INTO "TestSteps" VALUES(59,'73-4.55','gov.gsa.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_55',NULL); -INSERT INTO "TestSteps" VALUES(60,'73-4.56','gov.gsa.conformancelib.tests.SP800_73_4CommmonObjectTests','sp800_73_4_Test_56',NULL); -INSERT INTO "TestSteps" VALUES(61,'76.1','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_1',NULL); -INSERT INTO "TestSteps" VALUES(62,'76.2','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_2',NULL); -INSERT INTO "TestSteps" VALUES(63,'76.3','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_3',NULL); -INSERT INTO "TestSteps" VALUES(64,'76.4','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_4',NULL); -INSERT INTO "TestSteps" VALUES(65,'76.5','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_5',NULL); -INSERT INTO "TestSteps" VALUES(66,'76.6','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_6',NULL); -INSERT INTO "TestSteps" VALUES(67,'76.7','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_7',NULL); -INSERT INTO "TestSteps" VALUES(68,'76.8','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_8',NULL); -INSERT INTO "TestSteps" VALUES(69,'76.9','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_9',NULL); -INSERT INTO "TestSteps" VALUES(70,'76.10','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_10',NULL); -INSERT INTO "TestSteps" VALUES(71,'76.11','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_11',NULL); -INSERT INTO "TestSteps" VALUES(72,'76.12','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_12',NULL); -INSERT INTO "TestSteps" VALUES(73,'76.13','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_13',NULL); -INSERT INTO "TestSteps" VALUES(74,'76.14','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_14',NULL); -INSERT INTO "TestSteps" VALUES(75,'76.15a','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_15a',NULL); -INSERT INTO "TestSteps" VALUES(76,'76.15b','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_15b',NULL); -INSERT INTO "TestSteps" VALUES(77,'76.16','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_16',NULL); -INSERT INTO "TestSteps" VALUES(78,'76.17','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_17',NULL); -INSERT INTO "TestSteps" VALUES(79,'76.18','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_18',NULL); -INSERT INTO "TestSteps" VALUES(80,'76.19','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_19',NULL); -INSERT INTO "TestSteps" VALUES(81,'76.20','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_20',NULL); -INSERT INTO "TestSteps" VALUES(82,'76.21','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_21',NULL); -INSERT INTO "TestSteps" VALUES(83,'76.22','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_22',NULL); -INSERT INTO "TestSteps" VALUES(84,'76.23','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_23',NULL); -INSERT INTO "TestSteps" VALUES(85,'76.24','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_24',NULL); -INSERT INTO "TestSteps" VALUES(86,'76.25','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_25',NULL); -INSERT INTO "TestSteps" VALUES(87,'76.26','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_26',NULL); -INSERT INTO "TestSteps" VALUES(88,'76.27','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_27',NULL); -INSERT INTO "TestSteps" VALUES(89,'76.28','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_28',NULL); -INSERT INTO "TestSteps" VALUES(90,'76.29','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_29',NULL); -INSERT INTO "TestSteps" VALUES(91,'76.30','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_30',NULL); -INSERT INTO "TestSteps" VALUES(92,'76.31','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_31',NULL); -INSERT INTO "TestSteps" VALUES(93,'76.32','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_32',NULL); -INSERT INTO "TestSteps" VALUES(94,'76.33','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_33',NULL); -INSERT INTO "TestSteps" VALUES(95,'76.34','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_34',NULL); -INSERT INTO "TestSteps" VALUES(96,'76.35','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_35',NULL); -INSERT INTO "TestSteps" VALUES(97,'76.36','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_36',NULL); -INSERT INTO "TestSteps" VALUES(98,'76.37','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_37',NULL); -INSERT INTO "TestSteps" VALUES(99,'76.38','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_38',NULL); -INSERT INTO "TestSteps" VALUES(100,'76.39','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_39',NULL); -INSERT INTO "TestSteps" VALUES(101,'76.40','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_40',NULL); -INSERT INTO "TestSteps" VALUES(102,'76.41','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_41',NULL); -INSERT INTO "TestSteps" VALUES(103,'76.42','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_42',NULL); -INSERT INTO "TestSteps" VALUES(104,'76.43','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_43',NULL); -INSERT INTO "TestSteps" VALUES(105,'76.44','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_44',NULL); -INSERT INTO "TestSteps" VALUES(106,'76.45','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_45',NULL); -INSERT INTO "TestSteps" VALUES(107,'76.46','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_46',NULL); -INSERT INTO "TestSteps" VALUES(108,'76.47','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_47',NULL); -INSERT INTO "TestSteps" VALUES(109,'76.48','gov.gsa.conformancelib.tests.SP800_76_Tests','sp800_76Test_48',NULL); -INSERT INTO "TestSteps" VALUES(110,'CMS.1','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(111,'CMS.2','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(112,'CMS.3','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(113,'CMS.4','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(114,'CMS.5','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(115,'CMS.6','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(116,'CMS.7','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(117,'CMS.8','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(118,'CMS.9','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(119,'CMS.10','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(120,'CMS.11','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(121,'CMS.12','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(122,'CMS.13','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(123,'CMS.14','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(124,'CMS.15','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(125,'CMS.17','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(126,'CMS.18','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(127,'CMS.19','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(128,'CMS.20','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(129,'CMS.21','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(130,'CMS.22','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(131,'CMS.23','gov.gsa.conformancelib.tests.CMSTests','CMS_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(132,'CMS.24','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(133,'CMS.25','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(134,'CMS.26','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(135,'CMS.27','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(136,'CMS.28','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(137,'CMS.29','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_29',NULL); -INSERT INTO "TestSteps" VALUES(138,'CMS.30','gov.gsa.conformanceLib.tests.CMSTests','CMS_Test_30',NULL); -INSERT INTO "TestSteps" VALUES(139,'78.1','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(140,'78.2','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(141,'78.3','gov.gsa.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(142,'PKIX.1','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_1',NULL); -INSERT INTO "TestSteps" VALUES(143,'PKIX.2','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_2',NULL); -INSERT INTO "TestSteps" VALUES(144,'PKIX.3','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_3',NULL); -INSERT INTO "TestSteps" VALUES(145,'PKIX.4','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_4',NULL); -INSERT INTO "TestSteps" VALUES(146,'PKIX.5','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_5',NULL); -INSERT INTO "TestSteps" VALUES(147,'PKIX.6','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_6',NULL); -INSERT INTO "TestSteps" VALUES(148,'PKIX.7','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_7',NULL); -INSERT INTO "TestSteps" VALUES(149,'PKIX.8','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_8',NULL); -INSERT INTO "TestSteps" VALUES(150,'PKIX.9','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_9',NULL); -INSERT INTO "TestSteps" VALUES(151,'PKIX.10','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_10',NULL); -INSERT INTO "TestSteps" VALUES(152,'PKIX.11','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_11',NULL); -INSERT INTO "TestSteps" VALUES(153,'PKIX.12','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_12',NULL); -INSERT INTO "TestSteps" VALUES(154,'PKIX.13','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_13',NULL); -INSERT INTO "TestSteps" VALUES(155,'PKIX.14','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_14',NULL); -INSERT INTO "TestSteps" VALUES(156,'PKIX.15','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_15',NULL); -INSERT INTO "TestSteps" VALUES(157,'PKIX.16','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_16',NULL); -INSERT INTO "TestSteps" VALUES(158,'PKIX.17','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_17',NULL); -INSERT INTO "TestSteps" VALUES(159,'PKIX.18','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_18',NULL); -INSERT INTO "TestSteps" VALUES(160,'PKIX.19','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_19',NULL); -INSERT INTO "TestSteps" VALUES(161,'PKIX.20','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_20',NULL); -INSERT INTO "TestSteps" VALUES(162,'PKIX.21','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_21',NULL); -INSERT INTO "TestSteps" VALUES(163,'PKIX.22','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_22',NULL); -INSERT INTO "TestSteps" VALUES(164,'PKIX.23','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_23',NULL); -INSERT INTO "TestSteps" VALUES(165,'PKIX.24','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_24',NULL); -INSERT INTO "TestSteps" VALUES(166,'PKIX.25','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_25',NULL); -INSERT INTO "TestSteps" VALUES(167,'PKIX.26','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_26',NULL); -INSERT INTO "TestSteps" VALUES(168,'PKIX.27','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_27',NULL); -INSERT INTO "TestSteps" VALUES(169,'PKIX.28','gov.gsa.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_28',NULL); -INSERT INTO "TestSteps" VALUES(170,'PlaceholderTest.1','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_1',NULL); -INSERT INTO "TestSteps" VALUES(171,'PlaceholderTest.2','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_2',NULL); -INSERT INTO "TestSteps" VALUES(172,'PlaceholderTest.3','gov.gsa.conformancelib.tests.PlaceholderTests','PlaceholderTest_3',NULL); +INSERT INTO "TestSteps" VALUES(1,'BERTLV.1','gov.gsa.pivconformance.conformancelib.tests.BER_TLVTests','berTLV_Test_1',NULL); +INSERT INTO "TestSteps" VALUES(2,'BERTLV.2','gov.gsa.pivconformance.conformancelib.tests.BER_TLVTests','berTLV_Test_2',NULL); +INSERT INTO "TestSteps" VALUES(3,'BERTLV.3','gov.gsa.pivconformance.conformancelib.tests.BER_TLVTests','berTLV_Test_3',NULL); +INSERT INTO "TestSteps" VALUES(4,'BERTLV.4','gov.gsa.pivconformance.conformancelib.tests.BER_TLVTests','berTLV_Test_4',NULL); +INSERT INTO "TestSteps" VALUES(5,'BERTLV.5','gov.gsa.pivconformance.conformancelib.tests.BER_TLVTests','berTLV_Test_5',NULL); +INSERT INTO "TestSteps" VALUES(6,'73-4.1','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_1',NULL); +INSERT INTO "TestSteps" VALUES(7,'73-4.2','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_2',NULL); +INSERT INTO "TestSteps" VALUES(8,'73-4.3','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_3',NULL); +INSERT INTO "TestSteps" VALUES(9,'73-4.4','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_4',NULL); +INSERT INTO "TestSteps" VALUES(10,'73-4.5','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_5',NULL); +INSERT INTO "TestSteps" VALUES(11,'73-4.6','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_6',NULL); +INSERT INTO "TestSteps" VALUES(12,'73-4.7','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CCCTests','sp800_73_4_Test_7',NULL); +INSERT INTO "TestSteps" VALUES(13,'73-4.8','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_8',NULL); +INSERT INTO "TestSteps" VALUES(14,'73-4.9','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_9',NULL); +INSERT INTO "TestSteps" VALUES(15,'73-4.10','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_10',NULL); +INSERT INTO "TestSteps" VALUES(16,'73-4.11','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_11',NULL); +INSERT INTO "TestSteps" VALUES(17,'73-4.12','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_12',NULL); +INSERT INTO "TestSteps" VALUES(18,'73-4.13','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_13',NULL); +INSERT INTO "TestSteps" VALUES(19,'73-4.14','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_14',NULL); +INSERT INTO "TestSteps" VALUES(20,'73-4.15','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_15',NULL); +INSERT INTO "TestSteps" VALUES(21,'73-4.16','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_16',NULL); +INSERT INTO "TestSteps" VALUES(22,'73-4.17','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_17',NULL); +INSERT INTO "TestSteps" VALUES(23,'73-4.18','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_18',NULL); +INSERT INTO "TestSteps" VALUES(24,'73-4.19','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_19',NULL); +INSERT INTO "TestSteps" VALUES(25,'73-4.20','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_20',NULL); +INSERT INTO "TestSteps" VALUES(26,'73-4.21','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_21',NULL); +INSERT INTO "TestSteps" VALUES(27,'73-4.22','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_22',NULL); +INSERT INTO "TestSteps" VALUES(28,'73-4.23','gov.gsa.pivconformance.conformancelib.tests.X509DataObjectTests','sp800_73_4_Test_23',NULL); +INSERT INTO "TestSteps" VALUES(29,'73-4.24','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_24',NULL); +INSERT INTO "TestSteps" VALUES(30,'73-4.25','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_25',NULL); +INSERT INTO "TestSteps" VALUES(31,'73-4.26','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4FingerprintsTests','sp800_73_4_Test_26',NULL); +INSERT INTO "TestSteps" VALUES(32,'73-4.27','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_27',NULL); +INSERT INTO "TestSteps" VALUES(33,'73-4.28','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_28',NULL); +INSERT INTO "TestSteps" VALUES(34,'73-4.29','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_29',NULL); +INSERT INTO "TestSteps" VALUES(35,'73-4.30','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_30',NULL); +INSERT INTO "TestSteps" VALUES(36,'73-4.31','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_31',NULL); +INSERT INTO "TestSteps" VALUES(37,'73-4.32','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4FacialImageTests','sp800_73_4_Test_32',NULL); +INSERT INTO "TestSteps" VALUES(38,'73-4.33','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_33',NULL); +INSERT INTO "TestSteps" VALUES(39,'73-4.34','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_34',NULL); +INSERT INTO "TestSteps" VALUES(40,'73-4.35','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_35',NULL); +INSERT INTO "TestSteps" VALUES(41,'73-4.36','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_36',NULL); +INSERT INTO "TestSteps" VALUES(42,'73-4.37','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_37',NULL); +INSERT INTO "TestSteps" VALUES(43,'73-4.38','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_38',NULL); +INSERT INTO "TestSteps" VALUES(44,'73-4.40','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_40',NULL); +INSERT INTO "TestSteps" VALUES(45,'73-4.41','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_41',NULL); +INSERT INTO "TestSteps" VALUES(46,'73-4.42','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_42',NULL); +INSERT INTO "TestSteps" VALUES(47,'73-4.43','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_43',NULL); +INSERT INTO "TestSteps" VALUES(48,'73-4.44','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_44',NULL); +INSERT INTO "TestSteps" VALUES(49,'73-4.45','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_45',NULL); +INSERT INTO "TestSteps" VALUES(50,'73-4.46','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_46',NULL); +INSERT INTO "TestSteps" VALUES(51,'73-4.47','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_47',NULL); +INSERT INTO "TestSteps" VALUES(52,'73-4.48','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_48',NULL); +INSERT INTO "TestSteps" VALUES(53,'73-4.49','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_49',NULL); +INSERT INTO "TestSteps" VALUES(54,'73-4.50','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_50',NULL); +INSERT INTO "TestSteps" VALUES(55,'73-4.51','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CHUIDTests','sp800_73_4_Test_51',NULL); +INSERT INTO "TestSteps" VALUES(56,'73-4.52','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_52',NULL); +INSERT INTO "TestSteps" VALUES(57,'73-4.53','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4PrintedInfoTests','sp800_73_4_Test_53',NULL); +INSERT INTO "TestSteps" VALUES(58,'73-4.54','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4SecurityObjectTests','sp800_73_4_Test_54',NULL); +INSERT INTO "TestSteps" VALUES(59,'73-4.55','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4DiscoveryObjectTests','sp800_73_4_Test_55',NULL); +INSERT INTO "TestSteps" VALUES(60,'73-4.56','gov.gsa.pivconformance.conformancelib.tests.SP800_73_4CommmonObjectTests','sp800_73_4_Test_56',NULL); +INSERT INTO "TestSteps" VALUES(61,'76.1','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_1',NULL); +INSERT INTO "TestSteps" VALUES(62,'76.2','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_2',NULL); +INSERT INTO "TestSteps" VALUES(63,'76.3','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_3',NULL); +INSERT INTO "TestSteps" VALUES(64,'76.4','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_4',NULL); +INSERT INTO "TestSteps" VALUES(65,'76.5','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_5',NULL); +INSERT INTO "TestSteps" VALUES(66,'76.6','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_6',NULL); +INSERT INTO "TestSteps" VALUES(67,'76.7','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_7',NULL); +INSERT INTO "TestSteps" VALUES(68,'76.8','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_8',NULL); +INSERT INTO "TestSteps" VALUES(69,'76.9','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_9',NULL); +INSERT INTO "TestSteps" VALUES(70,'76.10','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_10',NULL); +INSERT INTO "TestSteps" VALUES(71,'76.11','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_11',NULL); +INSERT INTO "TestSteps" VALUES(72,'76.12','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_12',NULL); +INSERT INTO "TestSteps" VALUES(73,'76.13','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_13',NULL); +INSERT INTO "TestSteps" VALUES(74,'76.14','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_14',NULL); +INSERT INTO "TestSteps" VALUES(75,'76.15a','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_15a',NULL); +INSERT INTO "TestSteps" VALUES(76,'76.15b','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_15b',NULL); +INSERT INTO "TestSteps" VALUES(77,'76.16','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_16',NULL); +INSERT INTO "TestSteps" VALUES(78,'76.17','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_17',NULL); +INSERT INTO "TestSteps" VALUES(79,'76.18','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_18',NULL); +INSERT INTO "TestSteps" VALUES(80,'76.19','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_19',NULL); +INSERT INTO "TestSteps" VALUES(81,'76.20','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_20',NULL); +INSERT INTO "TestSteps" VALUES(82,'76.21','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_21',NULL); +INSERT INTO "TestSteps" VALUES(83,'76.22','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_22',NULL); +INSERT INTO "TestSteps" VALUES(84,'76.23','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_23',NULL); +INSERT INTO "TestSteps" VALUES(85,'76.24','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_24',NULL); +INSERT INTO "TestSteps" VALUES(86,'76.25','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_25',NULL); +INSERT INTO "TestSteps" VALUES(87,'76.26','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_26',NULL); +INSERT INTO "TestSteps" VALUES(88,'76.27','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_27',NULL); +INSERT INTO "TestSteps" VALUES(89,'76.28','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_28',NULL); +INSERT INTO "TestSteps" VALUES(90,'76.29','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_29',NULL); +INSERT INTO "TestSteps" VALUES(91,'76.30','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_30',NULL); +INSERT INTO "TestSteps" VALUES(92,'76.31','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_31',NULL); +INSERT INTO "TestSteps" VALUES(93,'76.32','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_32',NULL); +INSERT INTO "TestSteps" VALUES(94,'76.33','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_33',NULL); +INSERT INTO "TestSteps" VALUES(95,'76.34','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_34',NULL); +INSERT INTO "TestSteps" VALUES(96,'76.35','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_35',NULL); +INSERT INTO "TestSteps" VALUES(97,'76.36','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_36',NULL); +INSERT INTO "TestSteps" VALUES(98,'76.37','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_37',NULL); +INSERT INTO "TestSteps" VALUES(99,'76.38','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_38',NULL); +INSERT INTO "TestSteps" VALUES(100,'76.39','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_39',NULL); +INSERT INTO "TestSteps" VALUES(101,'76.40','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_40',NULL); +INSERT INTO "TestSteps" VALUES(102,'76.41','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_41',NULL); +INSERT INTO "TestSteps" VALUES(103,'76.42','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_42',NULL); +INSERT INTO "TestSteps" VALUES(104,'76.43','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_43',NULL); +INSERT INTO "TestSteps" VALUES(105,'76.44','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_44',NULL); +INSERT INTO "TestSteps" VALUES(106,'76.45','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_45',NULL); +INSERT INTO "TestSteps" VALUES(107,'76.46','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_46',NULL); +INSERT INTO "TestSteps" VALUES(108,'76.47','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_47',NULL); +INSERT INTO "TestSteps" VALUES(109,'76.48','gov.gsa.pivconformance.conformancelib.tests.SP800_76_Tests','sp800_76Test_48',NULL); +INSERT INTO "TestSteps" VALUES(110,'CMS.1','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_1',NULL); +INSERT INTO "TestSteps" VALUES(111,'CMS.2','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_2',NULL); +INSERT INTO "TestSteps" VALUES(112,'CMS.3','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_3',NULL); +INSERT INTO "TestSteps" VALUES(113,'CMS.4','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_4',NULL); +INSERT INTO "TestSteps" VALUES(114,'CMS.5','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_5',NULL); +INSERT INTO "TestSteps" VALUES(115,'CMS.6','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_6',NULL); +INSERT INTO "TestSteps" VALUES(116,'CMS.7','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_7',NULL); +INSERT INTO "TestSteps" VALUES(117,'CMS.8','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_8',NULL); +INSERT INTO "TestSteps" VALUES(118,'CMS.9','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_9',NULL); +INSERT INTO "TestSteps" VALUES(119,'CMS.10','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_10',NULL); +INSERT INTO "TestSteps" VALUES(120,'CMS.11','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_11',NULL); +INSERT INTO "TestSteps" VALUES(121,'CMS.12','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_12',NULL); +INSERT INTO "TestSteps" VALUES(122,'CMS.13','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_13',NULL); +INSERT INTO "TestSteps" VALUES(123,'CMS.14','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_14',NULL); +INSERT INTO "TestSteps" VALUES(124,'CMS.15','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_15',NULL); +INSERT INTO "TestSteps" VALUES(125,'CMS.17','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_17',NULL); +INSERT INTO "TestSteps" VALUES(126,'CMS.18','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_18',NULL); +INSERT INTO "TestSteps" VALUES(127,'CMS.19','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_19',NULL); +INSERT INTO "TestSteps" VALUES(128,'CMS.20','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_20',NULL); +INSERT INTO "TestSteps" VALUES(129,'CMS.21','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_21',NULL); +INSERT INTO "TestSteps" VALUES(130,'CMS.22','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_22',NULL); +INSERT INTO "TestSteps" VALUES(131,'CMS.23','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_23',NULL); +INSERT INTO "TestSteps" VALUES(132,'CMS.24','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_24',NULL); +INSERT INTO "TestSteps" VALUES(133,'CMS.25','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_25',NULL); +INSERT INTO "TestSteps" VALUES(134,'CMS.26','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_26',NULL); +INSERT INTO "TestSteps" VALUES(135,'CMS.27','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_27',NULL); +INSERT INTO "TestSteps" VALUES(136,'CMS.28','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_28',NULL); +INSERT INTO "TestSteps" VALUES(137,'CMS.29','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_29',NULL); +INSERT INTO "TestSteps" VALUES(138,'CMS.30','gov.gsa.pivconformance.conformancelib.tests.CMSTests','CMS_Test_30',NULL); +INSERT INTO "TestSteps" VALUES(139,'78.1','gov.gsa.pivconformance.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_1',NULL); +INSERT INTO "TestSteps" VALUES(140,'78.2','gov.gsa.pivconformance.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_2',NULL); +INSERT INTO "TestSteps" VALUES(141,'78.3','gov.gsa.pivconformance.conformancelib.tests.SP800_78_X509DataObjectTests','sp800_78_Test_3',NULL); +INSERT INTO "TestSteps" VALUES(142,'PKIX.1','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_1',NULL); +INSERT INTO "TestSteps" VALUES(143,'PKIX.2','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_2',NULL); +INSERT INTO "TestSteps" VALUES(144,'PKIX.3','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_3',NULL); +INSERT INTO "TestSteps" VALUES(145,'PKIX.4','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_4',NULL); +INSERT INTO "TestSteps" VALUES(146,'PKIX.5','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_5',NULL); +INSERT INTO "TestSteps" VALUES(147,'PKIX.6','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_6',NULL); +INSERT INTO "TestSteps" VALUES(148,'PKIX.7','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_7',NULL); +INSERT INTO "TestSteps" VALUES(149,'PKIX.8','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_8',NULL); +INSERT INTO "TestSteps" VALUES(150,'PKIX.9','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_9',NULL); +INSERT INTO "TestSteps" VALUES(151,'PKIX.10','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_10',NULL); +INSERT INTO "TestSteps" VALUES(152,'PKIX.11','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_11',NULL); +INSERT INTO "TestSteps" VALUES(153,'PKIX.12','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_12',NULL); +INSERT INTO "TestSteps" VALUES(154,'PKIX.13','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_13',NULL); +INSERT INTO "TestSteps" VALUES(155,'PKIX.14','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_14',NULL); +INSERT INTO "TestSteps" VALUES(156,'PKIX.15','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_15',NULL); +INSERT INTO "TestSteps" VALUES(157,'PKIX.16','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_16',NULL); +INSERT INTO "TestSteps" VALUES(158,'PKIX.17','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_17',NULL); +INSERT INTO "TestSteps" VALUES(159,'PKIX.18','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_18',NULL); +INSERT INTO "TestSteps" VALUES(160,'PKIX.19','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_19',NULL); +INSERT INTO "TestSteps" VALUES(161,'PKIX.20','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_20',NULL); +INSERT INTO "TestSteps" VALUES(162,'PKIX.21','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_21',NULL); +INSERT INTO "TestSteps" VALUES(163,'PKIX.22','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_22',NULL); +INSERT INTO "TestSteps" VALUES(164,'PKIX.23','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_23',NULL); +INSERT INTO "TestSteps" VALUES(165,'PKIX.24','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_24',NULL); +INSERT INTO "TestSteps" VALUES(166,'PKIX.25','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_25',NULL); +INSERT INTO "TestSteps" VALUES(167,'PKIX.26','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_26',NULL); +INSERT INTO "TestSteps" VALUES(168,'PKIX.27','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_27',NULL); +INSERT INTO "TestSteps" VALUES(169,'PKIX.28','gov.gsa.pivconformance.conformancelib.tests.PKIX_X509DataObjectTests','PKIX_Test_28',NULL); +INSERT INTO "TestSteps" VALUES(170,'PlaceholderTest.1','gov.gsa.pivconformance.conformancelib.tests.PlaceholderTests','PlaceholderTest_1',NULL); +INSERT INTO "TestSteps" VALUES(171,'PlaceholderTest.2','gov.gsa.pivconformance.conformancelib.tests.PlaceholderTests','PlaceholderTest_2',NULL); +INSERT INTO "TestSteps" VALUES(172,'PlaceholderTest.3','gov.gsa.pivconformance.conformancelib.tests.PlaceholderTests','PlaceholderTest_3',NULL); INSERT INTO "TestStepParameters" VALUES(1, 21,NULL,'6',0); INSERT INTO "TestStepParameters" VALUES(2, 99,NULL,'CARDHOLDER_FINGERPRINTS_OID:513',0); INSERT INTO "TestStepParameters" VALUES(3, 99,NULL,'CARDHOLDER_FACIAL_IMAGE_OID:1281',1); diff --git a/conformancelib/testdata/PIV_Production_Cards.xlsx b/conformancelib/testdata/PIV_Production_Cards.xlsx index 48bbccd7..e37d70ea 100644 Binary files a/conformancelib/testdata/PIV_Production_Cards.xlsx and b/conformancelib/testdata/PIV_Production_Cards.xlsx differ diff --git a/conformancelib/testdata/README.md b/conformancelib/testdata/README.md index a66db2c4..b78d3a8c 100644 --- a/conformancelib/testdata/README.md +++ b/conformancelib/testdata/README.md @@ -1,19 +1,19 @@ -### Test Data -This directory contains the 85B requirements expressed in a MS Excel workbook for each of the four profiles. The .xlsx files are converted via a Python script to a .sql file that can be imported to a database. This implementation uses sqlite3. - -Create a directory, for instance, python_den, and change to it. - -Run `sh ../setup-venv.sh` - -This creates a "virtual" Python environment in which all of the classes need to perform the Excel to SQL conversion. - -Copy the .py file from the directory above. - -Run: -``` -python36 CctDatabasePopulator.py -i filename.xlsx -o filename.sql -sqlite3 filename.db < filename.sql -``` - -That will produce the .sql and .db files for the profile *filename*. - +### Test Data +This directory contains the 85B requirements expressed in a MS Excel workbook for each of the four profiles. The .xlsx files are converted via a Python script to a .sql file that can be imported to a database. This implementation uses sqlite3. + +Create a directory, for instance, python_den, and change to it. + +Run `sh ../setup-venv.sh` + +This creates a "virtual" Python environment in which all of the classes need to perform the Excel to SQL conversion. + +Copy the .py file from the directory above. + +Run: +``` +python36 CctDatabasePopulator.py -i filename.xlsx -o filename.sql +sqlite3 filename.db < filename.sql +``` + +That will produce the .sql and .db files for the profile *filename*. + diff --git a/conformancelib/testdata/cli_runner.launch b/conformancelib/testdata/cli_runner.launch index ee448527..da43829a 100644 --- a/conformancelib/testdata/cli_runner.launch +++ b/conformancelib/testdata/cli_runner.launch @@ -1,15 +1,15 @@ - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + diff --git a/conformancelib/testdata/mk_db.bat b/conformancelib/testdata/mk_db.bat index 08d300e0..f99fa34c 100644 --- a/conformancelib/testdata/mk_db.bat +++ b/conformancelib/testdata/mk_db.bat @@ -1,58 +1,58 @@ -@ECHO OFF -REM -REM This Windows batch file sets up a Python environment and -REM converts the spreadsheets to .db files. Use a Windows CMD -REM window to run this. Do not use Cygwin with "CMD /c." -REM -REM If this utility runs correctly there will be 4 total files -REM copied to the .\tools\85b-swing-gui directory for testing. -REM - -IF "%PYTHONPATH%"=="" ( -ECHO PYTHONPATH is NOT defined -EXIT -) - -IF "%1"=="-f" ( - PYTHON -mvenv venv-xlrd - CMD /C .\venv-xlrd\Scripts\activate - .\venv-xlrd\Scripts\easy_install xlwt - .\venv-xlrd\Scripts\PIP install --upgrade pip - .\venv-xlrd\Scripts\PIP install xlrd - .\venv-xlrd\Scripts\PIP install xlwt - .\venv-xlrd\Scripts\PIP install xlsxwriter -) - - -COPY conformance-schema.sql venv-xlrd -COPY *.xlsx venv-xlrd -COPY *.py venv-xlrd - -CD venv-xlrd -CMD /C Scripts\Activate - -FOR %%x IN ( - PIV_ICAM_Test_Cards - PIV-I_ICAM_Test_Cards - PIV_Production_Cards - PIV-I_Production_Cards - PIV-I_Carillon_Cards - PIV-I_IdenTrust_Cards -) do ( - ECHO "Processing %%x.xlsx" - IF EXIST %%x.db DEL %%x.db - IF EXIST %%x.sql DEL %%x.sql - IF EXIST %%x.xlsx ( - PYTHON CctDatabasePopulator.py -i %%x.xlsx -o %%x.sql - TYPE %%x.sql | sqlite3 %%x.db - COPY %%x.sql .. - COPY %%x.db .. - ) ELSE ( - ECHO %%x.xlsx is missing - ) -) -CD .. -COPY *.db ..\..\tools\85b-swing-gui\ - -REM Remove this when we are in maintenance mode - +@ECHO OFF +REM +REM This Windows batch file sets up a Python environment and +REM converts the spreadsheets to .db files. Use a Windows CMD +REM window to run this. Do not use Cygwin with "CMD /c." +REM +REM If this utility runs correctly there will be 4 total files +REM copied to the .\tools\85b-swing-gui directory for testing. +REM + +IF "%PYTHONPATH%"=="" ( +ECHO PYTHONPATH is NOT defined +EXIT +) + +IF "%1"=="-f" ( + PYTHON -mvenv venv-xlrd + CMD /C .\venv-xlrd\Scripts\activate + .\venv-xlrd\Scripts\easy_install xlwt + .\venv-xlrd\Scripts\PIP install --upgrade pip + .\venv-xlrd\Scripts\PIP install xlrd + .\venv-xlrd\Scripts\PIP install xlwt + .\venv-xlrd\Scripts\PIP install xlsxwriter +) + + +COPY conformance-schema.sql venv-xlrd +COPY *.xlsx venv-xlrd +COPY *.py venv-xlrd + +CD venv-xlrd +CMD /C Scripts\Activate + +FOR %%x IN ( + PIV_ICAM_Test_Cards + PIV-I_ICAM_Test_Cards + PIV_Production_Cards + PIV-I_Production_Cards + PIV-I_Carillon_Cards + PIV-I_IdenTrust_Cards +) do ( + ECHO "Processing %%x.xlsx" + IF EXIST %%x.db DEL %%x.db + IF EXIST %%x.sql DEL %%x.sql + IF EXIST %%x.xlsx ( + PYTHON CctDatabasePopulator.py -i %%x.xlsx -o %%x.sql + TYPE %%x.sql | sqlite3 %%x.db + COPY %%x.sql .. + COPY %%x.db .. + ) ELSE ( + ECHO %%x.xlsx is missing + ) +) +CD .. +COPY *.db ..\..\tools\85b-swing-gui\ + +REM Remove this when we are in maintenance mode + diff --git a/conformancelib/testdata/mk_db.sh b/conformancelib/testdata/mk_db.sh index cb067fc0..6dc2669b 100644 --- a/conformancelib/testdata/mk_db.sh +++ b/conformancelib/testdata/mk_db.sh @@ -31,7 +31,7 @@ pip install xlwt pip install xlsxwriter source ./venv-xlrd/bin/activate -for F in $(ls *_Cards.xlsx) +for F in PIV_Production_Cards.xlsx PIV-I_Production_Cards.xlsx PIV_ICAM_Test_Cards.xlsx PIV-I_ICAM_Test_Cards.xlsx do BASE=$(basename $F .xlsx) echo "Processing $F..." diff --git a/doit.sh b/doit.sh index 6a3c1a6f..3a5715cd 100755 --- a/doit.sh +++ b/doit.sh @@ -1,22 +1,41 @@ #!/bin/bash -. ./tools/85b-swing-gui/ensuredeps.sh + +# Default to always test with Gradle + +TESTOPT=1 +if [ "$1" == "-notest" ]; then + TESTOPT=0 +fi pushd cardlib >/dev/null 2>&1 - ./gradlew --warning-mode=all clean - ./gradlew --warning-mode=all eclipse - ./gradlew --warning-mode=all installSource - ./gradlew --warning-mode=all install + if [ $TESTOPT -eq 1 ]; then + ./gradlew clean build install + else + ./gradlew -x junitPlatformTest -x generateHtmlTestReports clean build install + fi + popd >/dev/null 2>&1 pushd conformancelib >/dev/null 2>&1 - ./gradlew --warning-mode=all clean - ./gradlew --warning-mode=all eclipse - ./gradlew --warning-mode=all shadowJar + if [ $TESTOPT -eq 1 ]; then + ./gradlew clean build install + else + ./gradlew -x test clean build install + fi popd >/dev/null 2>&1 pushd tools/85b-swing-gui 2>&1 - ./ensuredeps.sh - ./gradlew --warning-mode=all clean - ./gradlew --warning-mode=all eclipse - ./gradlew --warning-mode=all shadowJar + ./gradlew -x test clean build + cp build/libs/*shadow* ../../libs popd >/dev/null 2>&1 + +VERSION=$(cat ./tools/85b-swing-gui/build/resources/main/build.version) +rm -rf fips201-card-conformance-tool-$VERSION +mkdir -p fips201-card-conformance-tool-$VERSION +pushd fips201-card-conformance-tool-$VERSION >/dev/null 2>&1 + cp -p ../conformancelib/testdata/*.db . + cp -p ../tools/85b-swing-gui/build/resources/main/user_log_config.xml . + cp -p ../tools/85b-swing-gui/build/resources/main/build.version . + tar xvf ../tools/85b-swing-gui/build/distributions/gov.gsa.pivconformance.gui-shadow-$VERSION.tar + mv gov.gsa.pivconformance.gui-shadow-$VERSION/lib/gov.gsa.pivconformance.gui-$VERSION-shadow.jar . +popd diff --git a/tools/85b-swing-gui/.gitignore b/tools/85b-swing-gui/.gitignore new file mode 100644 index 00000000..e69de29b diff --git a/tools/85b-swing-gui/.project b/tools/85b-swing-gui/.project index 74907cab..eed01be3 100644 --- a/tools/85b-swing-gui/.project +++ b/tools/85b-swing-gui/.project @@ -1,22 +1,25 @@ - - - FIPS-201-Card-Conformance-Tool - - - - org.eclipse.jdt.core.javanature - org.eclipse.buildship.core.gradleprojectnature - - - - org.eclipse.jdt.core.javabuilder - - - - org.eclipse.buildship.core.gradleprojectbuilder - - - - - - + + + gov.gsa.pivconformance.gui + + + gov.gsa.pivconformance.cardlib + gov.gsa.pivconformance.conformancelib + + + + org.eclipse.jdt.core.javabuilder + + + + + org.eclipse.buildship.core.gradleprojectbuilder + + + + + + org.eclipse.buildship.core.gradleprojectnature + org.eclipse.jdt.core.javanature + + diff --git a/tools/85b-swing-gui/.settings/.gitignore b/tools/85b-swing-gui/.settings/.gitignore index 3b1537c2..e69de29b 100644 --- a/tools/85b-swing-gui/.settings/.gitignore +++ b/tools/85b-swing-gui/.settings/.gitignore @@ -1 +0,0 @@ -/org.eclipse.jdt.core.prefs diff --git a/tools/85b-swing-gui/build.gradle b/tools/85b-swing-gui/build.gradle index 5e840a2e..de77a803 100644 --- a/tools/85b-swing-gui/build.gradle +++ b/tools/85b-swing-gui/build.gradle @@ -1,107 +1,196 @@ -// set up junit 5 support for gradle -buildscript { - repositories { - mavenCentral() - } -} - -plugins { - id 'org.ajoberstar.grgit' version '2.1.0' - //id 'com.zyxist.chainsaw' version '0.1.3' - id 'com.github.johnrengelman.shadow' version '2.0.2' -} - -apply plugin: 'java' -apply plugin: 'application' -apply plugin: 'com.github.johnrengelman.shadow' -apply plugin: 'eclipse' - -//javaModule.name = 'gov.gsa.pivconformancegui' - -repositories { - jcenter() - maven { url 'https://repository.apache.org/snapshots' } -} - -dependencies { - compile 'org.bouncycastle:bcprov-jdk15on:1.64+' - compile 'org.bouncycastle:bcprov-ext-jdk15on:1.64+' - compile 'org.bouncycastle:bcpkix-jdk15on:1.64+' - - compile 'commons-cli:commons-cli:1.4' - compile 'commons-codec:commons-codec:1.11' - - compile group: 'org.apache.commons', name: 'commons-csv', version: '1.6' - - compile 'com.payneteasy:ber-tlv:1.0-8' - compile 'org.slf4j:slf4j-api:1.8+' - compile 'ch.qos.logback:logback-classic:1.3+' - compile group: 'org.xerial', name: 'sqlite-jdbc', version: '3.21.0.1' - compile group: 'com.jgoodies', name: 'jgoodies-forms', version: '1.6.0' - - compile files('lib/cardlib.jar') - compile files('lib/conformancelib.jar') - - compile 'org.junit.jupiter:junit-jupiter-api:5.1.0' - compile 'org.junit.jupiter:junit-jupiter-params:5.1.0' - compile 'org.junit.platform:junit-platform-launcher:1.0.0' - runtime 'org.junit.jupiter:junit-jupiter-engine:5.1.0' - runtime 'org.junit.jupiter:junit-jupiter-params:5.1.0' - - shadow 'org.bouncycastle:bcprov-jdk15on:1.64+' - shadow 'org.bouncycastle:bcprov-ext-jdk15on:1.64+' -} - -sourceSets { - main { - java { - if(targetCompatibility != JavaVersion.VERSION_11) - exclude '**/module-info.java' - } - } -} - -import org.gradle.plugins.ide.eclipse.model.AccessRule - -eclipse { - classpath { - file { - whenMerged { - def jre = entries.find { it.path.contains 'org.eclipse.jdt.launching.JRE_CONTAINER' } - jre.accessRules.add(new AccessRule('0', 'javax/smartcardio/**')) - def cardlib = entries.find { it.path.contains 'cardlib.jar' } - cardlib.sourcePath = fileReference(file('lib/cardlib-sources.jar')) - def conformancelib = entries.find { it.path.contains 'conformancelib.jar' } - conformancelib.sourcePath = fileReference(file('lib/conformancelib-sources.jar')) - } - } - } -} - -// Define the main class for the application jar that will be produced -mainClassName = 'gov.gsa.pivconformancegui.GuiRunnerApplication' - -jar { - dependsOn(shadowJar { classifier = null }) - manifest { - attributes 'Main-Class': mainClassName - } -} - -run { - if (project.hasProperty("appArgs")) { - args Eval.me(appArgs) - } -} - -// use junit platform for tests -test { - useJUnitPlatform() - testLogging { - events "passed", "skipped", "failed" - } -} - -compileJava { - options.debugOptions.debugLevel = "source,lines,vars" -} +// 85b-swing-gui/build.gradle + +buildscript { + repositories { + mavenCentral() + } +} + +plugins { + id 'java-library' + id 'org.ajoberstar.grgit' version '2.1.0' + id 'com.github.johnrengelman.shadow' version '4.0.4' + id 'de.jjohannes.extra-java-module-info' version '0.1' + +} + +java { + modularity.inferModulePath.set(true) +} + +apply plugin: 'java-library' +apply plugin: 'application' +apply plugin: 'com.github.johnrengelman.shadow' +apply plugin: 'eclipse' + +repositories { + jcenter() + maven { url 'https://repository.apache.org/snapshots' } + flatDir { + dirs '../../libs', '../../cardlib/build/libs', '../../conformancelib/build/libs' + } +} + +def getVersion = { -> + File resourcesDir = new File(project.getProjectDir(), 'src/main/resources/') + File versionFile = new File(resourcesDir, 'build.version') + if(!versionFile.exists()) { + resourcesDir.mkdirs() + versionFile.createNewFile() + println 'Initializing build.version file...' + versionFile.text = '0.0-changeme' + } + String version = versionFile.text.replaceAll("[\\n\\r\\t ]", "") +} + +dependencies { + implementation 'commons-cli:commons-cli:1.4' + implementation 'commons-codec:commons-codec:1.15' + implementation 'org.apache.commons:commons-csv:1.8' + implementation 'org.slf4j:slf4j-api:2.0.0-alpha1' + implementation 'ch.qos.logback:logback-classic:1.3.0-alpha5' + implementation 'ch.qos.logback:logback-core:1.3.0-alpha5' + implementation 'com.jgoodies:jgoodies-common:1.4.0' + implementation 'com.jgoodies:jgoodies-forms:1.6.0' + implementation 'gov.gsa.pivconformance.cardlib:gov.gsa.pivconformance.cardlib:' + getVersion() + implementation 'gov.gsa.pivconformance.conformancelib:gov.gsa.pivconformance.conformancelib:' + getVersion() + implementation 'org.junit.jupiter:junit-jupiter-api:5.7.0' + implementation 'org.junit.platform:junit-platform-launcher:1.7.0' + implementation 'edu.washington.cs.types.checker:checker-framework:1.7.0' +} + +extraJavaModuleInfo { + module("hamcrest-core-1.3.jar", "org.hamcrest", "1.3") { + exports("hamcrest.core") + } + module("slf4j-api-2.0.0-alpha1.jar", "org.slf4j", "1.4") { + exports("slf4j.api") + } + module("sqlite-jdbc-3.32.3.2.jar", "org.xerial.sqlite", "3.32.3.2") { + exports("org.sqlite") + } + module("commons-cli-1.4.jar", "org.apache.commons.cli", "1.4") { + exports("org.apache.commons.cli") + } + module("commons-csv-1.8.jar", "org.apache.commons.csv", "1.8") { + exports("org.apache.commons.csv") + } + module("commons-codec-1.15.jar", "org.apache.commons.codec", "1.15") { + exports("org.apache.commons.codec") + exports("org.apache.commons.codec.binary") + } + module("logback-classic-1.3.0-alpha5.jar", "ch.qos.logback", "1.3.0-alpha5") { + exports("logback.classic") + } + module("logback-core-1.3.0-alpha5.jar", "ch.qos.logback", "1.3.0-alpha5") { + exports("logback.core") + exports("logback.core.rolling") + } + automaticModule("activation-1.1.jar","javax.activation") + automaticModule("checker-framework-1.7.0.jar","edu.washington.cs.types.checker") + automaticModule("ibatis-core-3.0.jar", "org.apache.ibatis") + automaticModule("jgoodies-forms-1.6.0.jar", "com.jgoodies.forms") + automaticModule("jgoodies-common-1.4.0.jar", "com.jgoodies.common") +} + +sourceSets { + main { + java { + if(targetCompatibility != JavaVersion.VERSION_11) + exclude '**/module-info.java' + } + } +} + +import org.gradle.plugins.ide.eclipse.model.AccessRule + +eclipse { + classpath { + file { + whenMerged { + def jre = entries.find { it.path.contains 'org.eclipse.jdt.launching.JRE_CONTAINER' } + jre.accessRules.add(new AccessRule('0', 'javax/smartcardio/**')) + + //def cardlib = entries.find { it.path.contains 'cardlib' } + //cardlib.sourcePath = fileReference(file('../../libs/' + 'gov.gsa.pivconformance.cardlib' + '-' + getVersion() + '.jar')) + //def conformancelib = entries.find { it.path.contains 'fips' } + //conformancelib.sourcePath = fileReference(file('../../libs/gov.gsa.pivconformance.cardlib' + '-' + getVersion() + '.jar')) + } + } + } +} + +task copyResources(type: Copy) { + from "${buildDir}/resources", "$projectDir/tools/85b-swing-gui/user_log_config.xml", "${projectDir}/conformancelib/testdata/*.db" + into "${buildDir}/distributions" +} + +shadowJar { + classifier = '' +} + +// Define the main class for the application jar that will be produced +mainClassName = 'gov.gsa.pivconformance.gui.GuiRunnerApplication' + +jar { + version = getVersion() + dependsOn(copyResources) + dependsOn(shadowJar { classifier = null }) + manifest { + attributes 'Main-Class': mainClassName + } + doLast { + println 'archiveName: ' + archiveName + configurations.runtime.each { println it } + } +} + +run { + if (project.hasProperty("appArgs")) { + args Eval.me(appArgs) + } +} + +// use junit platform for tests +test { + useJUnitPlatform() + testLogging { + events "passed", "skipped", "failed" + } +} + +compileJava { + options.debugOptions.debugLevel = "source,lines,vars" +} + +task sourceJar(type: Jar, dependsOn: classes) { + classifier 'sources' + from sourceSets.main.allSource +} + +task copyShadowLibs(type: Copy) { + from configurations.shadow + into '../../libs' +} + +shadowJar.dependsOn copyShadowLibs + +shadowJar.doFirst { + archiveName = 'gov.gsa.pivconformance.gui' + '-' + getVersion() + '-shadow.jar' + println 'shadowJar.doFirst.archveName: ' + archiveName +} + +task installSource(type: Copy) { + version = getVersion() + dependsOn copyShadowLibs + dependsOn sourceJar + from sourceJar + into '../../libs' +} + +task install(type: Copy) { + version = getVersion() + dependsOn jar + from shadowJar + into '../../libs' +} diff --git a/tools/85b-swing-gui/ensuredeps.sh b/tools/85b-swing-gui/ensuredeps.sh old mode 100755 new mode 100644 diff --git a/tools/85b-swing-gui/gradle/wrapper/gradle-wrapper.jar b/tools/85b-swing-gui/gradle/wrapper/gradle-wrapper.jar index 94336fca..e708b1c0 100644 Binary files a/tools/85b-swing-gui/gradle/wrapper/gradle-wrapper.jar and b/tools/85b-swing-gui/gradle/wrapper/gradle-wrapper.jar differ diff --git a/tools/85b-swing-gui/gradle/wrapper/gradle-wrapper.properties b/tools/85b-swing-gui/gradle/wrapper/gradle-wrapper.properties index 290541c7..12d38de6 100644 --- a/tools/85b-swing-gui/gradle/wrapper/gradle-wrapper.properties +++ b/tools/85b-swing-gui/gradle/wrapper/gradle-wrapper.properties @@ -1,5 +1,5 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-4.10.3-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-6.6.1-bin.zip zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists diff --git a/tools/85b-swing-gui/gradlew b/tools/85b-swing-gui/gradlew index cccdd3d5..4f906e0c 100755 --- a/tools/85b-swing-gui/gradlew +++ b/tools/85b-swing-gui/gradlew @@ -1,5 +1,21 @@ #!/usr/bin/env sh +# +# Copyright 2015 the original author or authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + ############################################################################## ## ## Gradle start up script for UN*X @@ -28,7 +44,7 @@ APP_NAME="Gradle" APP_BASE_NAME=`basename "$0"` # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -DEFAULT_JVM_OPTS="" +DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' # Use the maximum available, or set MAX_FD != -1 to use that value. MAX_FD="maximum" @@ -66,6 +82,7 @@ esac CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar + # Determine the Java command to use to start the JVM. if [ -n "$JAVA_HOME" ] ; then if [ -x "$JAVA_HOME/jre/sh/java" ] ; then @@ -109,10 +126,11 @@ if $darwin; then GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" fi -# For Cygwin, switch paths to Windows format before running java -if $cygwin ; then +# For Cygwin or MSYS, switch paths to Windows format before running java +if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then APP_HOME=`cygpath --path --mixed "$APP_HOME"` CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` + JAVACMD=`cygpath --unix "$JAVACMD"` # We build the pattern for arguments to be converted via cygpath @@ -138,19 +156,19 @@ if $cygwin ; then else eval `echo args$i`="\"$arg\"" fi - i=$((i+1)) + i=`expr $i + 1` done case $i in - (0) set -- ;; - (1) set -- "$args0" ;; - (2) set -- "$args0" "$args1" ;; - (3) set -- "$args0" "$args1" "$args2" ;; - (4) set -- "$args0" "$args1" "$args2" "$args3" ;; - (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; - (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; - (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; - (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; - (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; + 0) set -- ;; + 1) set -- "$args0" ;; + 2) set -- "$args0" "$args1" ;; + 3) set -- "$args0" "$args1" "$args2" ;; + 4) set -- "$args0" "$args1" "$args2" "$args3" ;; + 5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; + 6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; + 7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; + 8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; + 9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; esac fi @@ -159,14 +177,9 @@ save () { for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done echo " " } -APP_ARGS=$(save "$@") +APP_ARGS=`save "$@"` # Collect all arguments for the java command, following the shell quoting and substitution rules eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" -# by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong -if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then - cd "$(dirname "$0")" -fi - exec "$JAVACMD" "$@" diff --git a/tools/85b-swing-gui/gradlew.bat b/tools/85b-swing-gui/gradlew.bat index e95643d6..107acd32 100644 --- a/tools/85b-swing-gui/gradlew.bat +++ b/tools/85b-swing-gui/gradlew.bat @@ -1,84 +1,89 @@ -@if "%DEBUG%" == "" @echo off -@rem ########################################################################## -@rem -@rem Gradle startup script for Windows -@rem -@rem ########################################################################## - -@rem Set local scope for the variables with windows NT shell -if "%OS%"=="Windows_NT" setlocal - -set DIRNAME=%~dp0 -if "%DIRNAME%" == "" set DIRNAME=. -set APP_BASE_NAME=%~n0 -set APP_HOME=%DIRNAME% - -@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -set DEFAULT_JVM_OPTS= - -@rem Find java.exe -if defined JAVA_HOME goto findJavaFromJavaHome - -set JAVA_EXE=java.exe -%JAVA_EXE% -version >NUL 2>&1 -if "%ERRORLEVEL%" == "0" goto init - -echo. -echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. -echo. -echo Please set the JAVA_HOME variable in your environment to match the -echo location of your Java installation. - -goto fail - -:findJavaFromJavaHome -set JAVA_HOME=%JAVA_HOME:"=% -set JAVA_EXE=%JAVA_HOME%/bin/java.exe - -if exist "%JAVA_EXE%" goto init - -echo. -echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% -echo. -echo Please set the JAVA_HOME variable in your environment to match the -echo location of your Java installation. - -goto fail - -:init -@rem Get command-line arguments, handling Windows variants - -if not "%OS%" == "Windows_NT" goto win9xME_args - -:win9xME_args -@rem Slurp the command line arguments. -set CMD_LINE_ARGS= -set _SKIP=2 - -:win9xME_args_slurp -if "x%~1" == "x" goto execute - -set CMD_LINE_ARGS=%* - -:execute -@rem Setup the command line - -set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar - -@rem Execute Gradle -"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% - -:end -@rem End local scope for the variables with windows NT shell -if "%ERRORLEVEL%"=="0" goto mainEnd - -:fail -rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of -rem the _cmd.exe /c_ return code! -if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 -exit /b 1 - -:mainEnd -if "%OS%"=="Windows_NT" endlocal - -:omega +@rem +@rem Copyright 2015 the original author or authors. +@rem +@rem Licensed under the Apache License, Version 2.0 (the "License"); +@rem you may not use this file except in compliance with the License. +@rem You may obtain a copy of the License at +@rem +@rem https://www.apache.org/licenses/LICENSE-2.0 +@rem +@rem Unless required by applicable law or agreed to in writing, software +@rem distributed under the License is distributed on an "AS IS" BASIS, +@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +@rem See the License for the specific language governing permissions and +@rem limitations under the License. +@rem + +@if "%DEBUG%" == "" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%" == "" set DIRNAME=. +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Resolve any "." and ".." in APP_HOME to make it shorter. +for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if "%ERRORLEVEL%" == "0" goto execute + +echo. +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto execute + +echo. +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %* + +:end +@rem End local scope for the variables with windows NT shell +if "%ERRORLEVEL%"=="0" goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 +exit /b 1 + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/tools/85b-swing-gui/gui_runner.launch b/tools/85b-swing-gui/gui_runner.launch index a18b7eb2..de805bc7 100644 --- a/tools/85b-swing-gui/gui_runner.launch +++ b/tools/85b-swing-gui/gui_runner.launch @@ -1,18 +1,18 @@ - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + diff --git a/tools/85b-swing-gui/lib/.gitignore b/tools/85b-swing-gui/lib/.gitignore index 800bb662..e69de29b 100644 --- a/tools/85b-swing-gui/lib/.gitignore +++ b/tools/85b-swing-gui/lib/.gitignore @@ -1,4 +0,0 @@ -/conformancelib-sources.jar -/conformancelib.jar -/cardlib-sources.jar -/cardlib.jar diff --git a/tools/85b-swing-gui/logs/debug/load.bat b/tools/85b-swing-gui/logs/debug/load.bat new file mode 100644 index 00000000..4db88831 --- /dev/null +++ b/tools/85b-swing-gui/logs/debug/load.bat @@ -0,0 +1,88 @@ + +@ECHO off +:: Script to import and trust CACERTS entries into the JSSECACERTS file +:: run this file from a Java servers home directory with no arguments +::------ +SETLOCAL EnableDelayedExpansion +SET fileobject=jars\myServer.jar +if defined J_HOME ( + GOTO JREHOMESET +) +SET "dir=%~f0" +:LOOP +CALL :GETDIR "%dir%" +IF EXIST "%dir%\%fileobject%" ( + ECHO Found J_HOME at %dir%\ + GOTO :HOMESET +) +IF "%dir:~-1%" == ":" ( + ECHO Reached root and directory containing "%fileobject%" not found. + GOTO :end +) +GOTO :LOOP +:HOMESET +SET J_HOME=%dir%\ +:JREHOMESET +if not defined JAVA_HOME ( + SET JAVA_HOME=!J_HOME!Javasoft\jre +) +echo Set JAVA_HOME to %JAVA_HOME% +::------ +:: trust any self signed public keys that are contained in keystores located in cacerts directory +if exist cacerts ( + for /F "tokens=1 delims=." %%i in ('dir /b cacerts') do ( + %JAVA_HOME%\bin\keytool.exe -importkeystore -destkeystore jssecacerts -deststoretype jks -srcstorepass changeit -deststorepass changeit -v -srcalias tomcat -noprompt -destalias %%i -srckeystore cacerts\%%i.keystore + ) +) +::------ +:: then, trust some of the CA certs from the JRE default cacerts file +%JAVA_HOME%\bin\keytool.exe -importkeystore -destkeystore jssecacerts -deststoretype jks -srcstorepass changeit -deststorepass changeit -v -noprompt -srckeystore %JAVA_HOME%\lib\security\cacerts +ECHO. +::------ +:: create the file trustedJSSEcerts.txt +ECHO Determine trusted CAs of the candidate jssecacerts for the JRE +%JAVA_HOME%\bin\keytool.exe -list -keystore jssecacerts -storepass changeit >> trustedCAsTEMP.txt +ECHO. 2>trustedJSSEcacerts.txt +FOR /F "tokens=2,4*" %%i IN (trustedCAsTEMP.txt) DO ( + IF "%%i" == "fingerprint" ( + ECHO %%j >> trustedJSSEcacerts.txt + ) +) +SORT trustedJSSEcacerts.txt /OUTPUT trustedJSSEcerts.txt +DEL /Q trustedCAsTEMP.txt +:: the file trustedJSSEcacerts.txt is a unsorted temp file that can also be deleted +DEL /Q trustedJSSEcacerts.txt +::------ +:testexist +if exist %JAVA_HOME%\lib\security\trustedJSSEcerts.txt ( + ECHO The file %JAVA_HOME%\lib\security\trustedJSSEcerts.txt already exists. + GOTO compare +) else ( + XCOPY trustedJSSEcerts.txt %JAVA_HOME%\lib\security\ /y /d >nul + ECHO Copied a new trustedJSSEcerts.txt into %JAVA_HOME%\lib\security for first time. + GOTO nodiff +) +:compare +if exist %JAVA_HOME%\lib\security\trustedJSSEcerts.txt ( + ECHO Comparing candidate keystore signatures with JRE jssecacerts keystore + fc trustedJSSEcerts.txt %JAVA_HOME%\lib\security\trustedJSSEcerts.txt > nul + if errorlevel 1 GOTO nodiff +) +ECHO. +::------ +GOTO diff +:GETDIR +SET "dir=%~dp1" +SET "dir=%dir:~0,-1%" +EXIT /B 0 +::------- +:diff +ECHO File compare detected no differences. Since certs are not new, will not update jssecacerts in JRE. +GOTO end +::------ +:nodiff +XCOPY jssecacerts %JAVA_HOME%\lib\security\ /y /d >nul +ECHO Copied updated jssecacerts into JRE because file was newer than the previous version. +::------ +:end +pause \ No newline at end of file diff --git a/tools/85b-swing-gui/settings.gradle b/tools/85b-swing-gui/settings.gradle index 255fd0ff..53598848 100644 --- a/tools/85b-swing-gui/settings.gradle +++ b/tools/85b-swing-gui/settings.gradle @@ -1 +1,10 @@ -rootProject.name = 'FIPS-201-Card-Conformance-Tool' \ No newline at end of file +/* + * This file was generated by the Gradle 'init' task. + * + * The settings file is used to specify which projects to include in your build. + * + * Detailed information about configuring a multi-project build in Gradle can be found + * in the user manual at https://docs.gradle.org/6.6.1/userguide/multi_project_builds.html + */ + +rootProject.name = 'gov.gsa.pivconformance.gui' diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/ColorChangingProgressBar.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/ColorChangingProgressBar.java similarity index 95% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/ColorChangingProgressBar.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/ColorChangingProgressBar.java index 2f06e0fc..31140b12 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/ColorChangingProgressBar.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/ColorChangingProgressBar.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import java.awt.Color; diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/DebugWindow.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/DebugWindow.java similarity index 88% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/DebugWindow.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/DebugWindow.java index cfa55baa..1744153f 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/DebugWindow.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/DebugWindow.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import java.awt.HeadlessException; @@ -14,7 +14,7 @@ public class DebugWindow extends JFrame { * */ private static final long serialVersionUID = 1L; - RawLogPanel m_logPane; + GuiRawLogPanel m_logPane; public DebugWindow() throws HeadlessException { this(""); @@ -23,7 +23,7 @@ public DebugWindow() throws HeadlessException { public DebugWindow(String title) throws HeadlessException { JTabbedPane tabbedPane = new JTabbedPane(SwingConstants.TOP); getContentPane().add(tabbedPane, BorderLayout.CENTER); - m_logPane = new RawLogPanel(); + m_logPane = new GuiRawLogPanel(); tabbedPane.addTab("Log View", m_logPane); UtilitiesPane up = new UtilitiesPane(); tabbedPane.addTab("Utilities", up); diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiDebugAppender.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiDebugAppender.java similarity index 95% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiDebugAppender.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiDebugAppender.java index 07934cfe..e8ed26b1 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiDebugAppender.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiDebugAppender.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import java.awt.Color; @@ -11,6 +11,7 @@ import ch.qos.logback.classic.Level; import ch.qos.logback.classic.PatternLayout; import ch.qos.logback.classic.spi.ILoggingEvent; +import gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender; public class GuiDebugAppender extends TimeStampedFileAppender { diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/DisplayAboutDialogAction.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiDisplayAboutDialogAction.java similarity index 66% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/DisplayAboutDialogAction.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiDisplayAboutDialogAction.java index 62c9d2c0..48f548c3 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/DisplayAboutDialogAction.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiDisplayAboutDialogAction.java @@ -1,18 +1,18 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import java.awt.event.ActionEvent; import javax.swing.AbstractAction; import javax.swing.Icon; -public class DisplayAboutDialogAction extends AbstractAction{ +public class GuiDisplayAboutDialogAction extends AbstractAction{ /** * */ private static final long serialVersionUID = 1L; - public DisplayAboutDialogAction(String name, Icon icon, String toolTip) { + public GuiDisplayAboutDialogAction(String name, Icon icon, String toolTip) { super(name, icon); putValue(SHORT_DESCRIPTION, toolTip); } diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/DisplayTestReportAction.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiDisplayTestReportAction.java similarity index 81% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/DisplayTestReportAction.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiDisplayTestReportAction.java index 1d264b70..365d3ad3 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/DisplayTestReportAction.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiDisplayTestReportAction.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import java.awt.Desktop; import java.awt.event.ActionEvent; @@ -18,16 +18,18 @@ import org.slf4j.LoggerFactory; import ch.qos.logback.classic.Logger; -import gov.gsa.conformancelib.utilities.Csv2Html; +import gov.gsa.pivconformance.conformancelib.utilities.TestRunLogController; +import gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender; +import gov.gsa.pivconformance.conformancelib.utilities.Csv2Html; -public class DisplayTestReportAction extends AbstractAction { - private static final Logger s_logger = (Logger) LoggerFactory.getLogger(DisplayTestReportAction.class); +public class GuiDisplayTestReportAction extends AbstractAction { + private static final Logger s_logger = (Logger) LoggerFactory.getLogger(GuiDisplayTestReportAction.class); /** * */ private static final long serialVersionUID = 1L; - public DisplayTestReportAction(String name, Icon icon, String toolTip) { + public GuiDisplayTestReportAction(String name, Icon icon, String toolTip) { super(name, icon); putValue(SHORT_DESCRIPTION, toolTip); } @@ -35,7 +37,7 @@ public DisplayTestReportAction(String name, Icon icon, String toolTip) { @Override public void actionPerformed(ActionEvent e) { String errorMessage = null; - TestRunLogController lg = TestExecutionController.getInstance().getTestRunLogController(); + TestRunLogController lg = GuiTestExecutionController.getInstance().getTestRunLogController(); if (lg != null) { TimeStampedFileAppender csvAppender = lg.getAppender("CONFORMANCELOG"); String htmlPathName = null; @@ -98,9 +100,9 @@ private String fetchFromLastLog(String name) { try (BufferedReader br = new BufferedReader(new FileReader(name))) { fileName = br.readLine(); } catch (Exception e) { - String s = TestRunLogController.getCwd("gov.gsa.pivconformancegui.GuiRunnerApplication"); + String s = TestRunLogController.getCwd("gov.gsa.pivconformance.gui.GuiRunnerApplication"); s_logger.error("Can't open {}", - TestRunLogController.getCwd("gov.gsa.pivconformancegui.GuiRunnerApplication") + "/" + name); + TestRunLogController.getCwd("gov.gsa.pivconformance.gui.GuiRunnerApplication") + "/" + name); } return fileName; } diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/RawLogPanel.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiRawLogPanel.java similarity index 91% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/RawLogPanel.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiRawLogPanel.java index 42042334..eab42498 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/RawLogPanel.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiRawLogPanel.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import javax.swing.JPanel; import javax.swing.JScrollPane; @@ -10,12 +10,12 @@ import java.awt.event.ActionListener; import java.awt.event.ActionEvent; -public class RawLogPanel extends JPanel { +public class GuiRawLogPanel extends JPanel { private static final long serialVersionUID = -91080473504561866L; private JTextPane m_debugTextPane; - public RawLogPanel() { + public GuiRawLogPanel() { super(); this.setLayout(new BoxLayout(this, BoxLayout.Y_AXIS)); m_debugTextPane = new JTextPane(); diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/RunAllTestsAction.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiRunAllTestsAction.java similarity index 63% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/RunAllTestsAction.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiRunAllTestsAction.java index 8889c4da..445089d4 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/RunAllTestsAction.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiRunAllTestsAction.java @@ -1,22 +1,22 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import java.awt.event.ActionEvent; import javax.swing.AbstractAction; import javax.swing.ImageIcon; -public class RunAllTestsAction extends AbstractAction { +public class GuiRunAllTestsAction extends AbstractAction { /** * */ private static final long serialVersionUID = 1L; - public RunAllTestsAction(String name) { + public GuiRunAllTestsAction(String name) { super(name); } - public RunAllTestsAction(String name, ImageIcon icon, String toolTip) { + public GuiRunAllTestsAction(String name, ImageIcon icon, String toolTip) { super(name, icon); putValue(SHORT_DESCRIPTION, toolTip); } diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiRunnerAppController.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiRunnerAppController.java similarity index 89% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiRunnerAppController.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiRunnerAppController.java index 6bb12153..f9f07540 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiRunnerAppController.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiRunnerAppController.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import java.awt.Font; import java.awt.Window; @@ -10,7 +10,6 @@ import javax.swing.JTextArea; import javax.swing.JTextField; import javax.swing.UIManager; -import javax.swing.WindowConstants; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -20,8 +19,8 @@ import com.jgoodies.forms.layout.FormSpecs; import com.jgoodies.forms.layout.RowSpec; -import gov.gsa.conformancelib.configuration.ConfigurationException; -import gov.gsa.conformancelib.configuration.ConformanceTestDatabase; +import gov.gsa.pivconformance.conformancelib.configuration.ConfigurationException; +import gov.gsa.pivconformance.conformancelib.configuration.ConformanceTestDatabase; import java.awt.event.ActionListener; import java.awt.event.ActionEvent; @@ -35,13 +34,13 @@ public class GuiRunnerAppController { private GuiRunnerApplication m_app; private OpenDatabaseAction m_openDatabaseAction; private ShowDebugWindowAction m_showDebugWindowAction; - private RunAllTestsAction m_runAllTestsAction; - private ToggleTestTreeAction m_toggleTreeAction; - private DisplayAboutDialogAction m_displayAboutDialogAction; - private DisplayTestReportAction m_displayTestReportAction; + private GuiRunAllTestsAction m_runAllTestsAction; + private GuiToggleTestTreeAction m_toggleTreeAction; + private GuiDisplayAboutDialogAction m_displayAboutDialogAction; + private GuiDisplayTestReportAction m_displayTestReportAction; private OpenDefaultPIVDatabaseAction m_openDefaultPIVDatabaseAction; private OpenDefaultPIVIDatabaseAction m_openDefaultPIVIDatabaseAction; - private TestExecutionController m_tec; + private GuiTestExecutionController m_tec; private String m_cctVersion; private JTextField pivAuthOverrideTextField; @@ -93,11 +92,11 @@ public void setApp(GuiRunnerApplication app) { m_app = app; } - void setTestRunLogController (TestExecutionController trlc) { + void setTestRunLogController (GuiTestExecutionController trlc) { m_tec = trlc; } - public TestExecutionController getTestExecutionController() { + public GuiTestExecutionController getTestExecutionController() { return m_tec; } @@ -129,19 +128,19 @@ public ShowDebugWindowAction getShowDebugWindowAction() { return m_showDebugWindowAction; } - public RunAllTestsAction getRunAllTestsAction() { + public GuiRunAllTestsAction getRunAllTestsAction() { return m_runAllTestsAction; } - public DisplayAboutDialogAction getDisplayAboutDialogAction() { + public GuiDisplayAboutDialogAction getDisplayAboutDialogAction() { return m_displayAboutDialogAction; } - public ToggleTestTreeAction getToggleTestTreeAction() { + public GuiToggleTestTreeAction getToggleTestTreeAction() { return m_toggleTreeAction; } - public DisplayTestReportAction getDisplayTestReportAction() { + public GuiDisplayTestReportAction getDisplayTestReportAction() { return m_displayTestReportAction; } @@ -162,7 +161,7 @@ public void showOidDialog(Window win) { JFrame frame = new JFrame(); frame.getContentPane().setBackground(UIManager.getColor("Button.background")); frame.setAlwaysOnTop(true); - frame.setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE); + frame.setDefaultCloseOperation(JFrame.DISPOSE_ON_CLOSE); frame.setSize(619,287); frame.setTitle("Certificate Policy OID Overrides"); frame.getContentPane().setLayout(new FormLayout(new ColumnSpec[] { @@ -244,8 +243,7 @@ public void showOidDialog(Window win) { JButton cancelButton = new JButton("Cancel"); cancelButton.addActionListener(new ActionListener() { - @Override - public void actionPerformed(ActionEvent e) { + public void actionPerformed(ActionEvent e) { } }); @@ -286,7 +284,7 @@ public void showAboutDialog() { } public void reloadTree() { - TestTreePanel tree = m_app.getTreePanel(); + GuiTestTreePanel tree = m_app.getTreePanel(); tree.refresh(); } /* @@ -319,15 +317,15 @@ protected void createActions() { ImageIcon openIcon = getActionIcon("folder", "Open"); m_openDatabaseAction = new OpenDatabaseAction("Open Database", openIcon, "Open a conformance test database"); ImageIcon runIcon = getActionIcon("building_go", "Run"); - m_runAllTestsAction = new RunAllTestsAction("Run all tests", runIcon, "Run all available tests in database"); + m_runAllTestsAction = new GuiRunAllTestsAction("Run all tests", runIcon, "Run all available tests in database"); ImageIcon debugIcon = getActionIcon("application_xp_terminal", "Debug"); m_showDebugWindowAction = new ShowDebugWindowAction("Show Debugging tools", debugIcon, "Show detailed log and debugging tools"); //ImageIcon oidIcon = getActionIcon("application_view_list", "Override OIDs"); //m_showOidDialogAction = new ShowOidDialogAction("Override test OIDs...", oidIcon, "Use alternative certificate policy OIDs"); ImageIcon toggleIcon = getActionIcon("application_side_tree", "Toggle Tree"); - m_toggleTreeAction = new ToggleTestTreeAction("Toggle test tree view", toggleIcon, "Show or hide the test tree"); + m_toggleTreeAction = new GuiToggleTestTreeAction("Toggle test tree view", toggleIcon, "Show or hide the test tree"); ImageIcon displayReportIcon = getActionIcon("html", "Display HTML report"); - m_displayTestReportAction = new DisplayTestReportAction("Display Test Report", displayReportIcon, "Display test report for current log"); + m_displayTestReportAction = new GuiDisplayTestReportAction("Display Test Report", displayReportIcon, "Display test report for current log"); ImageIcon savingIcon = getActionIcon("folder", "Saving"); ImageIcon pivIcon = getActionIcon("PIV", "Open"); diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiRunnerApplication.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiRunnerApplication.java similarity index 65% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiRunnerApplication.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiRunnerApplication.java index 948c0e81..3e375e3c 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiRunnerApplication.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiRunnerApplication.java @@ -1,33 +1,33 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; -import java.awt.BorderLayout; -import java.awt.EventQueue; +import ch.qos.logback.classic.Logger; +import ch.qos.logback.classic.LoggerContext; +import gov.gsa.pivconformance.cardlib.utils.PCSCUtils; +import gov.gsa.pivconformance.conformancelib.configuration.ConformanceTestDatabase; +import gov.gsa.pivconformance.conformancelib.utilities.TestRunLogController; +import org.slf4j.LoggerFactory; + +import javax.swing.*; +import javax.swing.text.DefaultEditorKit; +import java.awt.*; import java.awt.event.ActionEvent; import java.awt.event.ActionListener; import java.io.File; +import java.io.IOException; +import java.net.URISyntaxException; +import java.net.URL; +import java.nio.file.Files; +import java.nio.file.Path; import java.nio.file.Paths; -import javax.swing.ImageIcon; -import javax.swing.JFrame; -import javax.swing.JMenu; -import javax.swing.JMenuBar; -import javax.swing.JMenuItem; -import javax.swing.JToolBar; -import javax.swing.UIManager; -import javax.swing.text.DefaultEditorKit; - -import org.slf4j.LoggerFactory; - -import ch.qos.logback.classic.Logger; -import ch.qos.logback.classic.LoggerContext; - -import gov.gsa.conformancelib.configuration.ConformanceTestDatabase; -import gov.gsa.pivconformance.utils.PCSCUtils; - public class GuiRunnerApplication { private static final org.slf4j.Logger s_logger = LoggerFactory.getLogger(GuiRunnerApplication.class); - private static final String cctVersion = "v0.1.11-Beta"; + private static String cctVersion = null; // "v0.2.1-beta";//TODO: get from build.version + + static { + cctVersion = getVersion(); + } private JFrame m_mainFrame; private DebugWindow m_debugFrame; @@ -38,18 +38,20 @@ public class GuiRunnerApplication { * Launch the application. */ public static void main(String[] args) { - TestRunLogController trlc = TestRunLogController.getInstance(); - trlc.bootStrapLogging(); + try { + trlc.bootStrapLogging(getLogConfigFile()); + } catch (Exception e) { + System.err.println("Unable to form the path to user log config file"); + e.printStackTrace(); + } // Smart card essentials1 due to Java bug System.setProperty("sun.security.smartcardio.t0GetResponse", "false"); System.setProperty("sun.security.smartcardio.t1GetResponse", "false"); - + Runtime.getRuntime().addShutdownHook(new Thread(new Runnable() { - @Override - public void run() { - TestRunLogController trlc = TestRunLogController.getInstance(); + public void run() { trlc.cleanup(); } })); @@ -62,13 +64,11 @@ public void run() { UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); GuiRunnerApplication window = new GuiRunnerApplication(); GuiRunnerAppController c = GuiRunnerAppController.getInstance(); - String sep = File.separator; - String cctDirectory = Paths.get(".").toAbsolutePath().normalize().toString() + sep; c.setCctVersion(cctVersion); c.setApp(window); LoggerContext lc = (LoggerContext) LoggerFactory.getILoggerFactory(); GuiDebugAppender a = new GuiDebugAppender("%date %level [%thread] %logger{10} [%file:%line] %msg%n"); - + a.setContext(lc); a.start(); Logger logger = (Logger) LoggerFactory.getLogger(org.slf4j.Logger.ROOT_LOGGER_NAME); @@ -77,12 +77,12 @@ public void run() { s_logger.debug("FIPS 201 CCT " + cctVersion); s_logger.debug("----------------------------------------"); ConformanceTestDatabase db = new ConformanceTestDatabase(null); - + // The only action permitted is opening a database String dbFilename = ""; - + boolean opened = false; - + c.setTestDatabase(db); window.m_mainContent.getTestExecutionPanel().refreshDatabaseInfo(); @@ -90,11 +90,12 @@ public void run() { if(opened) { window.m_mainContent.getTestExecutionPanel().getDatabaseNameField().setText(dbFilename); } - TestExecutionController tc = TestExecutionController.getInstance(); - tc.setTestExecutionPanel(window.m_mainContent.getTestExecutionPanel()); - tc.setTestTreePanel(window.m_mainContent.getTreePanel()); - tc.setToolBar(window.m_toolBar); - + GuiTestExecutionController txc = GuiTestExecutionController.getInstance(); + txc.setTestRunLogController(trlc); + txc.setTestExecutionPanel(window.m_mainContent.getTestExecutionPanel()); + txc.setTestTreePanel(window.m_mainContent.getTreePanel()); + txc.setToolBar(window.m_toolBar); + } catch (Exception e) { e.printStackTrace(); } @@ -117,20 +118,20 @@ private void initialize() { m_mainFrame.setBounds(100, 100, 1024, 768); m_mainFrame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); m_mainFrame.setTitle("FIPS 201 Card Conformance Tool " + cctVersion); - - + + JMenuBar menuBar = new JMenuBar(); m_mainFrame.setJMenuBar(menuBar); - + JMenu mnFile = new JMenu("File"); menuBar.add(mnFile); - + GuiRunnerAppController c = GuiRunnerAppController.getInstance(); - + JMenuItem mntmOpen = new JMenuItem(c.getOpenDatabaseAction()); mntmOpen.setIcon(null); mnFile.add(mntmOpen); - + JMenuItem mntmExit = new JMenuItem("Exit"); mntmExit.addActionListener(new ActionListener() { @Override @@ -139,10 +140,10 @@ public void actionPerformed(ActionEvent e) { } }); mnFile.add(mntmExit); - + JMenu mnEdit = new JMenu("Edit"); menuBar.add(mnEdit); - + JMenuItem mntmCut = new JMenuItem(new DefaultEditorKit.CutAction()); mntmCut.setText("Cut"); mnEdit.add(mntmCut); @@ -204,7 +205,7 @@ public void setMainFrame(JFrame mainFrame) { m_mainFrame = mainFrame; } - public TestTreePanel getTreePanel() { + public GuiTestTreePanel getTreePanel() { return m_mainContent.getTreePanel(); } @@ -215,4 +216,48 @@ public boolean isDebugPaneVisible() { public MainWindowContentPane getMainContent() { return m_mainContent; } + + private static File getLogConfigFile() { + File logConfigFile = new File("user_log_config.xml"); + s_logger.debug("Looking for log config file " + logConfigFile.getAbsolutePath()); + if (logConfigFile.exists() && logConfigFile.canRead()) return logConfigFile; + + // Special handling for developer mode - when debugging from IDE + String currentDir = System.getProperty("user.dir"); + logConfigFile = new File(currentDir + "/user_log_config.xml"); + if (!logConfigFile.exists()) s_logger.error("Unable to locate user_log_config.xml"); + + return logConfigFile; + } + + /** + * Gets the version out of the build.version file + * @return version string or null if an exception is thrown + */ + private static String getVersion() { + String buildVersion = null; + File versionFile = new File("build.version"); + Path buildVersionPath = null; + s_logger.debug("Looking for build version file " + versionFile.getAbsolutePath()); + try { + if (versionFile.exists() && versionFile.canRead()) { + buildVersionPath = versionFile.toPath(); + } else { + // Special handling for developer mode - when debugging from IDE + String currentDir = System.getProperty("user.dir"); + versionFile = new File(currentDir + "/build.version"); + System.out.println("Looking for resource " + versionFile.getAbsolutePath()); + if (versionFile.exists() && versionFile.canRead()) { + buildVersionPath = versionFile.toPath(); + } else { + s_logger.error("Unable to locate build.version"); + } + } + buildVersion = Files.readAllLines(buildVersionPath).get(0); + + } catch (IOException e){ + + } + return buildVersion != null ? buildVersion : "*.*.*"; + } } diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiRunnerToolbar.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiRunnerToolbar.java similarity index 97% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiRunnerToolbar.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiRunnerToolbar.java index 4188ceb8..6c949fdc 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiRunnerToolbar.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiRunnerToolbar.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import java.net.URL; diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestCaseTreeNode.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiTestCaseTreeNode.java similarity index 64% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestCaseTreeNode.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiTestCaseTreeNode.java index 5d431ed7..d3e0ad4c 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestCaseTreeNode.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiTestCaseTreeNode.java @@ -1,10 +1,10 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import javax.swing.tree.DefaultMutableTreeNode; -import gov.gsa.conformancelib.configuration.TestCaseModel; +import gov.gsa.pivconformance.conformancelib.configuration.TestCaseModel; -public class TestCaseTreeNode extends DefaultMutableTreeNode { +public class GuiTestCaseTreeNode extends DefaultMutableTreeNode { /** * @@ -20,16 +20,16 @@ public void setTestCase(TestCaseModel testCase) { m_testCase = testCase; } - public TestCaseTreeNode() { + public GuiTestCaseTreeNode() { m_testCase = null; } - public TestCaseTreeNode(TestCaseModel testCase) { + public GuiTestCaseTreeNode(TestCaseModel testCase) { super(testCase); m_testCase = testCase; } - public TestCaseTreeNode(TestCaseModel testCase, boolean allowsChildren) { + public GuiTestCaseTreeNode(TestCaseModel testCase, boolean allowsChildren) { super(testCase, allowsChildren); m_testCase = testCase; } diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestExecutionController.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiTestExecutionController.java similarity index 79% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestExecutionController.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiTestExecutionController.java index 623e1311..aa26a1b1 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestExecutionController.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiTestExecutionController.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import static org.junit.platform.engine.discovery.DiscoverySelectors.selectMethod; @@ -12,6 +12,7 @@ import javax.swing.JProgressBar; import javax.swing.SwingUtilities; +import gov.gsa.pivconformance.conformancelib.configuration.TestStatus; import org.junit.platform.engine.DiscoverySelector; import org.junit.platform.launcher.Launcher; import org.junit.platform.launcher.LauncherDiscoveryRequest; @@ -22,33 +23,33 @@ import org.slf4j.LoggerFactory; import ch.qos.logback.classic.LoggerContext; -import gov.gsa.conformancelib.configuration.CardSettingsSingleton; -import gov.gsa.conformancelib.configuration.ConformanceTestDatabase; -import gov.gsa.conformancelib.configuration.ParameterProviderSingleton; -import gov.gsa.conformancelib.configuration.TestCaseModel; -import gov.gsa.conformancelib.configuration.TestStepModel; -import gov.gsa.pivconformance.utils.PCSCWrapper; -import gov.gsa.pivconformance.card.client.CachingDefaultPIVApplication; -import gov.gsa.pivconformance.card.client.DataModelSingleton; - -public class TestExecutionController { - private static final Logger s_logger = LoggerFactory.getLogger(TestExecutionController.class); - private static final TestExecutionController INSTANCE = new TestExecutionController(); - +import gov.gsa.pivconformance.conformancelib.configuration.CardSettingsSingleton; +import gov.gsa.pivconformance.conformancelib.configuration.ConformanceTestDatabase; +import gov.gsa.pivconformance.conformancelib.configuration.ParameterProviderSingleton; +import gov.gsa.pivconformance.conformancelib.configuration.TestCaseModel; +import gov.gsa.pivconformance.conformancelib.utilities.TestRunLogController; +import gov.gsa.pivconformance.conformancelib.configuration.TestStepModel; +import gov.gsa.pivconformance.cardlib.utils.PCSCWrapper; +import gov.gsa.pivconformance.cardlib.card.client.CachingDefaultPIVApplication; +import gov.gsa.pivconformance.cardlib.card.client.DataModelSingleton; + +public class GuiTestExecutionController { + private static final Logger s_logger = LoggerFactory.getLogger(GuiTestExecutionController.class); + private static final GuiTestExecutionController INSTANCE = new GuiTestExecutionController(); private static final String tag30TestId = "8.2.2.1"; // TODO: Fixme - TestTreePanel m_testTreePanel; - SimpleTestExecutionPanel m_testExecutionPanel; - GuiRunnerToolbar m_toolBar; - boolean m_running; - LoggerContext m_ctx; - TestRunLogController m_trlc; + private TestRunLogController m_trlc; + private GuiTestTreePanel m_testTreePanel; + private SimpleTestExecutionPanel m_testExecutionPanel; + private GuiRunnerToolbar m_toolBar; + private boolean m_running; + private LoggerContext m_ctx; - public static TestExecutionController getInstance() { + public static GuiTestExecutionController getInstance() { return INSTANCE; } - - private TestExecutionController() { + + private GuiTestExecutionController() { reset(); } @@ -57,14 +58,15 @@ private void reset() { m_testExecutionPanel = null; m_running = false; m_toolBar = null; - m_trlc = TestRunLogController.getInstance(); + m_trlc = TestRunLogController.getInstance();; + m_trlc.initialize(); } - public TestTreePanel getTestTreePanel() { + public GuiTestTreePanel getTestTreePanel() { return m_testTreePanel; } - public void setTestTreePanel(TestTreePanel testTreePanel) { + public void setTestTreePanel(GuiTestTreePanel testTreePanel) { m_testTreePanel = testTreePanel; } @@ -104,11 +106,11 @@ public void setLoggerContext(LoggerContext ctx) { m_ctx = ctx; } - void runAllTests(TestCaseTreeNode root) { + void runAllTests(GuiTestCaseTreeNode root) { m_trlc.setStartTimes(); - DisplayTestReportAction display = GuiRunnerAppController.getInstance().getDisplayTestReportAction(); + GuiDisplayTestReportAction display = GuiRunnerAppController.getInstance().getDisplayTestReportAction(); display.setEnabled(false); s_logger.debug("----------------------------------------"); @@ -133,7 +135,7 @@ void runAllTests(TestCaseTreeNode root) { m_testExecutionPanel.getRunButton().setEnabled(false); // TODO: Fix this or else m_toolBar.getComponents()[0].setEnabled(false); - progress.setMaximum(root.getChildCount()); + progress.setMaximum(db.getTestCaseCount()); progress.setValue(0); progress.setVisible(true); progress.setStringPainted(true); @@ -156,7 +158,7 @@ void runAllTests(TestCaseTreeNode root) { int passes = 0; do { - TestCaseTreeNode curr = (TestCaseTreeNode) root.getFirstChild(); + GuiTestCaseTreeNode curr = (GuiTestCaseTreeNode) root.getFirstChild(); while(curr != null) { TestCaseModel testCase = curr.getTestCase(); @@ -164,9 +166,13 @@ void runAllTests(TestCaseTreeNode root) { String id = testCase.getIdentifier(); if (passes % 2 == 1) { // TODO: Fixme runTest = true; - } else if (id.compareTo(TestExecutionController.tag30TestId) == 0) { + } else if (id.compareTo(GuiTestExecutionController.tag30TestId) == 0) { runTest = true; } + if (testCase.getTestStatus().equals(TestStatus.TESTCATEGORY)) { + // Test categories don't need to be processed + runTest = false; + } if (runTest) { LauncherDiscoveryRequestBuilder suiteBuilder = LauncherDiscoveryRequestBuilder.request(); List discoverySelectors = new ArrayList<>(); @@ -249,7 +255,7 @@ void runAllTests(TestCaseTreeNode root) { l.execute(ldr); } - curr = (TestCaseTreeNode) curr.getNextSibling(); + curr = (GuiTestCaseTreeNode) curr.getNextSibling(); } } while (++passes < 2); // End of CHUID priming workaround @@ -284,11 +290,11 @@ private void registerListeners(Launcher l, List listeners } } - void runOneTest(TestCaseTreeNode testCase) { + void runOneTest(GuiTestCaseTreeNode testCase) { } - void runSelectedTests(List testCases) { + void runSelectedTests(List testCases) { } } diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiTestListener.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiTestListener.java similarity index 81% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiTestListener.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiTestListener.java index 4976044e..8374a636 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiTestListener.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiTestListener.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import java.lang.reflect.InvocationTargetException; import java.util.LinkedHashMap; @@ -17,8 +17,8 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.TestCaseModel; -import gov.gsa.conformancelib.configuration.TestStatus; +import gov.gsa.pivconformance.conformancelib.configuration.TestCaseModel; +import gov.gsa.pivconformance.conformancelib.configuration.TestStatus; public class GuiTestListener implements TestExecutionListener { @@ -40,9 +40,9 @@ public class GuiTestListener implements TestExecutionListener { @Override public void testPlanExecutionStarted(TestPlan testPlan) { if (s_testProgressLogger == null) - s_testProgressLogger = LoggerFactory.getLogger("gov.gsa.conformancelib.testProgress"); + s_testProgressLogger = LoggerFactory.getLogger("gov.gsa.pivconformance.conformancelib.testProgress"); if (s_testResultLogger == null) - s_testResultLogger = LoggerFactory.getLogger("gov.gsa.conformancelib.testResult"); + s_testResultLogger = LoggerFactory.getLogger("gov.gsa.pivconformance.conformancelib.testResult"); TestExecutionListener.super.testPlanExecutionStarted(testPlan); m_atomAborted = false; m_atomFailed = false; @@ -59,15 +59,15 @@ public void testPlanExecutionStarted(TestPlan testPlan) { @Override public void testPlanExecutionFinished(TestPlan testPlan) { if (s_testProgressLogger == null) - s_testProgressLogger = LoggerFactory.getLogger("gov.gsa.conformancelib.testProgress"); + s_testProgressLogger = LoggerFactory.getLogger("gov.gsa.pivconformance.conformancelib.testProgress"); if (s_testResultLogger == null) - s_testResultLogger = LoggerFactory.getLogger("gov.gsa.conformancelib.testResult"); + s_testResultLogger = LoggerFactory.getLogger("gov.gsa.pivconformance.conformancelib.testResult"); TestExecutionListener.super.testPlanExecutionFinished(testPlan); s_testProgressLogger.info("Test plan finished for conformance test {}", m_testCaseIdentifier); s_testResultLogger.info("{},\"{}\",{},{}", m_testCaseIdentifier, m_testCaseDescription, m_testCaseExpectedResult ? "Pass" : "Fail", (m_atomAborted || m_atomFailed) ? "Fail" : "Pass"); - TestCaseTreeNode tcNode = GuiRunnerAppController.getInstance().getApp().getTreePanel().getNodeByName(m_testCaseIdentifier); + GuiTestCaseTreeNode tcNode = GuiRunnerAppController.getInstance().getApp().getTreePanel().getNodeByName(m_testCaseIdentifier); if(tcNode != null) { TestCaseModel tcModel = tcNode.getTestCase(); if(tcModel != null) { @@ -89,9 +89,9 @@ public void testPlanExecutionFinished(TestPlan testPlan) { @Override public void executionStarted(TestIdentifier testIdentifier) { if (s_testProgressLogger == null) - s_testProgressLogger = LoggerFactory.getLogger("gov.gsa.conformancelib.testProgress"); + s_testProgressLogger = LoggerFactory.getLogger("gov.gsa.pivconformance.conformancelib.testProgress"); if (s_testResultLogger == null) - s_testResultLogger = LoggerFactory.getLogger("gov.gsa.conformancelib.testResult"); + s_testResultLogger = LoggerFactory.getLogger("gov.gsa.pivconformance.conformancelib.testResult"); TestExecutionListener.super.executionStarted(testIdentifier); String displayName = testIdentifier.getDisplayName(); //if(!testIdentifier.isTest()) return; @@ -110,9 +110,9 @@ public void executionStarted(TestIdentifier testIdentifier) { @Override public void executionFinished(TestIdentifier testIdentifier, TestExecutionResult testExecutionResult) { if (s_testProgressLogger == null) - s_testProgressLogger = LoggerFactory.getLogger("gov.gsa.conformancelib.testProgress"); + s_testProgressLogger = LoggerFactory.getLogger("gov.gsa.pivconformance.conformancelib.testProgress"); if (s_testResultLogger == null) - s_testResultLogger = LoggerFactory.getLogger("gov.gsa.conformancelib.testResult"); + s_testResultLogger = LoggerFactory.getLogger("gov.gsa.pivconformance.conformancelib.testResult"); TestExecutionListener.super.executionFinished(testIdentifier, testExecutionResult); String displayName = testIdentifier.getDisplayName(); @@ -137,9 +137,9 @@ public void executionFinished(TestIdentifier testIdentifier, TestExecutionResult @Override public void reportingEntryPublished(TestIdentifier testIdentifier, ReportEntry entry) { if (s_testProgressLogger == null) - s_testProgressLogger = LoggerFactory.getLogger("gov.gsa.conformancelib.testProgress"); + s_testProgressLogger = LoggerFactory.getLogger("gov.gsa.pivconformance.conformancelib.testProgress"); if (s_testResultLogger == null) - s_testResultLogger = LoggerFactory.getLogger("gov.gsa.conformancelib.testResult"); + s_testResultLogger = LoggerFactory.getLogger("gov.gsa.pivconformance.conformancelib.testResult"); TestExecutionListener.super.reportingEntryPublished(testIdentifier, entry); s_testResultLogger.info("{}: {} {}", m_testCaseIdentifier, testIdentifier.getDisplayName(), "Placeholder" ); } diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestStepTreeNode.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiTestStepTreeNode.java similarity index 65% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestStepTreeNode.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiTestStepTreeNode.java index cf17a2b5..578be8bb 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestStepTreeNode.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiTestStepTreeNode.java @@ -1,10 +1,10 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import javax.swing.tree.DefaultMutableTreeNode; -import gov.gsa.conformancelib.configuration.TestStepModel; +import gov.gsa.pivconformance.conformancelib.configuration.TestStepModel; -public class TestStepTreeNode extends DefaultMutableTreeNode { +public class GuiTestStepTreeNode extends DefaultMutableTreeNode { /** * @@ -12,16 +12,16 @@ public class TestStepTreeNode extends DefaultMutableTreeNode { private static final long serialVersionUID = 1L; TestStepModel m_testStep; - public TestStepTreeNode() { + public GuiTestStepTreeNode() { m_testStep = null; } - public TestStepTreeNode(TestStepModel testStep) { + public GuiTestStepTreeNode(TestStepModel testStep) { super(testStep); m_testStep = testStep; } - public TestStepTreeNode(TestStepModel testStep, boolean allowsChildren) { + public GuiTestStepTreeNode(TestStepModel testStep, boolean allowsChildren) { super(testStep, allowsChildren); if(allowsChildren) throw new IllegalArgumentException("TestStepTreeNode may not allow children"); m_testStep = testStep; diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestTreePanel.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiTestTreePanel.java similarity index 65% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestTreePanel.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiTestTreePanel.java index 56926b00..0e4b8c78 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestTreePanel.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiTestTreePanel.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import java.awt.BorderLayout; import java.util.ArrayList; @@ -6,18 +6,16 @@ import java.util.List; import java.util.Map; -import javax.swing.JPanel; -import javax.swing.JScrollPane; -import javax.swing.JTree; +import javax.swing.*; import javax.swing.tree.DefaultMutableTreeNode; import javax.swing.tree.DefaultTreeModel; -import gov.gsa.conformancelib.configuration.ConfigurationException; -import gov.gsa.conformancelib.configuration.ConformanceTestDatabase; -import gov.gsa.conformancelib.configuration.TestCaseModel; -import gov.gsa.conformancelib.configuration.TestStepModel; +import gov.gsa.pivconformance.conformancelib.configuration.ConfigurationException; +import gov.gsa.pivconformance.conformancelib.configuration.ConformanceTestDatabase; +import gov.gsa.pivconformance.conformancelib.configuration.TestCaseModel; +import gov.gsa.pivconformance.conformancelib.configuration.TestStepModel; -public class TestTreePanel extends JPanel { +public class GuiTestTreePanel extends JPanel { // TODO: Look at tooltips here /** * @@ -25,7 +23,7 @@ public class TestTreePanel extends JPanel { private static final long serialVersionUID = 1L; List m_testCases; DefaultTreeModel m_treeModel; - Map m_testCaseDict; + Map m_testCaseDict; public List getTestCases() { return m_testCases; @@ -35,13 +33,14 @@ public void setTestCases(List testCases) { m_testCases = testCases; } - public TestTreePanel() { + public GuiTestTreePanel() { m_testCases = new ArrayList(); setLayout(new BorderLayout()); - TestCaseTreeNode root = new TestCaseTreeNode(null); + GuiTestCaseTreeNode root = new GuiTestCaseTreeNode(null); createNodes(root); m_treeModel = new DefaultTreeModel(root); JTree treeControl = new JTree(m_treeModel); + ToolTipManager.sharedInstance().registerComponent(treeControl); treeControl.setRootVisible(false); treeControl.setCellRenderer(new TestCaseTreeCellRenderer()); JScrollPane scrollPane = new JScrollPane(); @@ -50,13 +49,13 @@ public TestTreePanel() { } - TestCaseTreeNode getNodeByName(String name) { - TestCaseTreeNode rv = m_testCaseDict.get(name); + GuiTestCaseTreeNode getNodeByName(String name) { + GuiTestCaseTreeNode rv = m_testCaseDict.get(name); return rv; } - TestCaseTreeNode getRootNode() { - return (TestCaseTreeNode) m_treeModel.getRoot(); + GuiTestCaseTreeNode getRootNode() { + return (GuiTestCaseTreeNode) m_treeModel.getRoot(); } public void refresh() { @@ -71,11 +70,11 @@ public void refresh() { try { m_testCases = db.getTestCases(); - m_testCaseDict = new HashMap(); + m_testCaseDict = new HashMap(); }catch(ConfigurationException e) { m_testCases = null; } - TestCaseTreeNode root = (TestCaseTreeNode) m_treeModel.getRoot(); + GuiTestCaseTreeNode root = (GuiTestCaseTreeNode) m_treeModel.getRoot(); createNodes(root); m_treeModel.nodeStructureChanged(root); } @@ -94,11 +93,11 @@ private void createNodes(DefaultMutableTreeNode top) { return; } for(TestCaseModel tc : m_testCases) { - TestCaseTreeNode tcNode = new TestCaseTreeNode(tc); + GuiTestCaseTreeNode tcNode = new GuiTestCaseTreeNode(tc); m_testCaseDict.put(tc.getIdentifier(), tcNode); top.add(tcNode); for(TestStepModel ts : tc.getSteps()) { - TestStepTreeNode tsNode = new TestStepTreeNode(ts); + GuiTestStepTreeNode tsNode = new GuiTestStepTreeNode(ts); tcNode.add(tsNode); } } diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/ToggleTestTreeAction.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiToggleTestTreeAction.java similarity index 86% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/ToggleTestTreeAction.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiToggleTestTreeAction.java index 0c2ac2d4..ee41c1f6 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/ToggleTestTreeAction.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/GuiToggleTestTreeAction.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import java.awt.BorderLayout; import java.awt.event.ActionEvent; @@ -7,7 +7,7 @@ import javax.swing.Icon; import javax.swing.JSplitPane; -public class ToggleTestTreeAction extends AbstractAction { +public class GuiToggleTestTreeAction extends AbstractAction { /** * @@ -16,7 +16,7 @@ public class ToggleTestTreeAction extends AbstractAction { JSplitPane m_splitPane; SimpleTestExecutionPanel m_testPane; - public ToggleTestTreeAction(String name, Icon icon, String toolTip) { + public GuiToggleTestTreeAction(String name, Icon icon, String toolTip) { super(name, icon); putValue(SHORT_DESCRIPTION, toolTip); } diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/MainWindowContentPane.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/MainWindowContentPane.java similarity index 84% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/MainWindowContentPane.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/MainWindowContentPane.java index 4a0cec4f..4a209e80 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/MainWindowContentPane.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/MainWindowContentPane.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import java.awt.Dimension; @@ -14,7 +14,7 @@ public class MainWindowContentPane extends JPanel { private static final Logger s_logger = LoggerFactory.getLogger(MainWindowContentPane.class); - private TestTreePanel m_treePanel; + private GuiTestTreePanel m_treePanel; private JSplitPane m_splitPane; private SimpleTestExecutionPanel m_testExecutionPanel; @@ -23,7 +23,7 @@ public MainWindowContentPane() { } private void initialize() { - m_treePanel = new TestTreePanel(); + m_treePanel = new GuiTestTreePanel(); m_treePanel.setMinimumSize(new Dimension(300,400)); m_testExecutionPanel = new SimpleTestExecutionPanel(); m_testExecutionPanel.setMinimumSize(new Dimension(600,400)); @@ -31,11 +31,11 @@ private void initialize() { m_splitPane.setDividerLocation(150); } - public TestTreePanel getTreePanel() { + public GuiTestTreePanel getTreePanel() { return m_treePanel; } - public void setTreePanel(TestTreePanel treePanel) { + public void setTreePanel(GuiTestTreePanel treePanel) { m_treePanel = treePanel; } diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/OpenDatabaseAction.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/OpenDatabaseAction.java similarity index 90% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/OpenDatabaseAction.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/OpenDatabaseAction.java index 9386da2f..a862fe77 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/OpenDatabaseAction.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/OpenDatabaseAction.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import java.awt.event.ActionEvent; import java.io.File; @@ -13,8 +13,8 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.ConfigurationException; -import gov.gsa.conformancelib.configuration.ConformanceTestDatabase; +import gov.gsa.pivconformance.conformancelib.configuration.ConfigurationException; +import gov.gsa.pivconformance.conformancelib.configuration.ConformanceTestDatabase; public class OpenDatabaseAction extends AbstractAction { diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/OpenDefaultPIVDatabaseAction.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/OpenDefaultPIVDatabaseAction.java similarity index 87% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/OpenDefaultPIVDatabaseAction.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/OpenDefaultPIVDatabaseAction.java index 21f429c6..9eae3839 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/OpenDefaultPIVDatabaseAction.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/OpenDefaultPIVDatabaseAction.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import java.awt.event.ActionEvent; import javax.swing.AbstractAction; @@ -8,8 +8,8 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.ConfigurationException; -import gov.gsa.conformancelib.configuration.ConformanceTestDatabase; +import gov.gsa.pivconformance.conformancelib.configuration.ConfigurationException; +import gov.gsa.pivconformance.conformancelib.configuration.ConformanceTestDatabase; public class OpenDefaultPIVDatabaseAction extends AbstractAction { diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/OpenDefaultPIVIDatabaseAction.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/OpenDefaultPIVIDatabaseAction.java similarity index 87% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/OpenDefaultPIVIDatabaseAction.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/OpenDefaultPIVIDatabaseAction.java index d235f9c2..261c7f97 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/OpenDefaultPIVIDatabaseAction.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/OpenDefaultPIVIDatabaseAction.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import java.awt.event.ActionEvent; import javax.swing.AbstractAction; @@ -8,8 +8,8 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.ConfigurationException; -import gov.gsa.conformancelib.configuration.ConformanceTestDatabase; +import gov.gsa.pivconformance.conformancelib.configuration.ConfigurationException; +import gov.gsa.pivconformance.conformancelib.configuration.ConformanceTestDatabase; public class OpenDefaultPIVIDatabaseAction extends AbstractAction { diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/ShowDebugWindowAction.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/ShowDebugWindowAction.java similarity index 94% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/ShowDebugWindowAction.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/ShowDebugWindowAction.java index 067099fd..370bea66 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/ShowDebugWindowAction.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/ShowDebugWindowAction.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import java.awt.event.ActionEvent; diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/SimpleTestExecutionPanel.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/SimpleTestExecutionPanel.java similarity index 95% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/SimpleTestExecutionPanel.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/SimpleTestExecutionPanel.java index e14b7eb0..655eb222 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/SimpleTestExecutionPanel.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/SimpleTestExecutionPanel.java @@ -1,4 +1,4 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import javax.swing.JPanel; import javax.smartcardio.CardException; @@ -23,12 +23,12 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.CardInfoController; -import gov.gsa.conformancelib.configuration.CardSettingsSingleton; -import gov.gsa.conformancelib.configuration.ConformanceTestDatabase; -import gov.gsa.conformancelib.tests.ConformanceTestException; -import gov.gsa.conformancelib.utilities.CardUtils; -import gov.gsa.pivconformance.utils.PCSCUtils; +import gov.gsa.pivconformance.conformancelib.configuration.CardInfoController; +import gov.gsa.pivconformance.conformancelib.configuration.CardSettingsSingleton; +import gov.gsa.pivconformance.conformancelib.configuration.ConformanceTestDatabase; +import gov.gsa.pivconformance.conformancelib.tests.ConformanceTestException; +import gov.gsa.pivconformance.conformancelib.utilities.CardUtils; +import gov.gsa.pivconformance.cardlib.utils.PCSCUtils; import javax.swing.JTextField; import javax.swing.JPasswordField; @@ -191,8 +191,8 @@ public void actionPerformed(ActionEvent e) { dialog.setVisible(true); return; } - TestExecutionController tc = TestExecutionController.getInstance(); - TestCaseTreeNode root = GuiRunnerAppController.getInstance().getApp().getTreePanel().getRootNode(); + GuiTestExecutionController tc = GuiTestExecutionController.getInstance(); + GuiTestCaseTreeNode root = GuiRunnerAppController.getInstance().getApp().getTreePanel().getRootNode(); new Thread(() -> { tc.runAllTests(root); }).start(); @@ -402,9 +402,7 @@ public void refreshReaderStatus(CardSettingsSingleton css) { byte[] atr = CardInfoController.getATR(); if(atr != null) { String hexAtr = Hex.encodeHexString(atr); - status = "ATR: " + hexAtr; - s_logger.debug(status); - css.setAtr(hexAtr); + status = "Card present: " + hexAtr; } else { status = "Unable to connect to card"; } diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestCaseTreeCellRenderer.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/TestCaseTreeCellRenderer.java similarity index 73% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestCaseTreeCellRenderer.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/TestCaseTreeCellRenderer.java index 4445ef80..800ce092 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/TestCaseTreeCellRenderer.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/TestCaseTreeCellRenderer.java @@ -1,22 +1,22 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; -import java.awt.Component; +import java.awt.*; import java.awt.event.MouseEvent; import java.awt.event.MouseListener; import java.net.URL; import java.util.HashMap; import java.util.Map; -import javax.swing.ImageIcon; -import javax.swing.JTree; +import javax.swing.*; import javax.swing.tree.DefaultTreeCellRenderer; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.TestCaseModel; -import gov.gsa.conformancelib.configuration.TestStatus; -import gov.gsa.conformancelib.configuration.TestStepModel; +import gov.gsa.pivconformance.conformancelib.configuration.TestCaseModel; +import gov.gsa.pivconformance.conformancelib.configuration.TestStatus; +import gov.gsa.pivconformance.conformancelib.configuration.TestStepModel; +import org.w3c.dom.Node; public class TestCaseTreeCellRenderer extends DefaultTreeCellRenderer implements MouseListener { @@ -47,6 +47,12 @@ public class TestCaseTreeCellRenderer extends DefaultTreeCellRenderer implements s_statusIcons.put(s, icon); break; } + case TESTCATEGORY: + { + ImageIcon icon = getStatusIcon("folder_page"); + s_statusIcons.put(s, icon); + break; + } default: { ImageIcon icon = getStatusIcon("page"); @@ -65,18 +71,23 @@ public class TestCaseTreeCellRenderer extends DefaultTreeCellRenderer implements @Override public Component getTreeCellRendererComponent(JTree tree, Object value, boolean sel, boolean expanded, boolean leaf, int row, boolean hasFocus) { - super.getTreeCellRendererComponent(tree, value, sel, expanded, leaf, row, hasFocus); + Component cell = super.getTreeCellRendererComponent(tree, value, sel, expanded, leaf, row, hasFocus); TestStatus status = TestStatus.NONE; String description = ""; - if(value instanceof TestCaseTreeNode) { - TestCaseTreeNode node = (TestCaseTreeNode)value; + if(value instanceof GuiTestCaseTreeNode) { + GuiTestCaseTreeNode node = (GuiTestCaseTreeNode)value; TestCaseModel test = node.getTestCase(); if(test != null) { status = test.getTestStatus(); description = test.getDescription(); + if (status.equals(TestStatus.TESTCATEGORY)) { + setFont(new Font("Tahoma", Font.BOLD, 11)); + } else { + setFont(new Font("Tahoma", Font.PLAIN, 11)); + } } - } else if(value instanceof TestStepTreeNode) { - TestStepTreeNode node = (TestStepTreeNode)value; + } else if(value instanceof GuiTestStepTreeNode) { + GuiTestStepTreeNode node = (GuiTestStepTreeNode)value; TestStepModel step = node.getTestStep(); if(step != null) { status = step.getTestStatus(); @@ -84,7 +95,7 @@ public Component getTreeCellRendererComponent(JTree tree, Object value, boolean } } ImageIcon icon = s_statusIcons.get(status); - if(icon != null) { + if (icon != null) { if (description.length() != 0) { icon.setDescription(description); } @@ -93,6 +104,11 @@ public Component getTreeCellRendererComponent(JTree tree, Object value, boolean } else { s_logger.error("icon was null for tree node"); } + + if (cell instanceof JComponent) { + + ((JComponent) cell).setToolTipText(description); + } return this; } diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/UtilitiesPane.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/UtilitiesPane.java similarity index 63% rename from tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/UtilitiesPane.java rename to tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/UtilitiesPane.java index acb1380b..bb3bb6f1 100644 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/UtilitiesPane.java +++ b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformance/gui/UtilitiesPane.java @@ -1,7 +1,6 @@ -package gov.gsa.pivconformancegui; +package gov.gsa.pivconformance.gui; import javax.swing.JPanel; -import gov.gsa.pivconformance.card.client.*; import javax.swing.GroupLayout; import javax.swing.GroupLayout.Alignment; @@ -9,11 +8,19 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import gov.gsa.conformancelib.configuration.CardInfoController; -import gov.gsa.conformancelib.configuration.CardSettingsSingleton; -import gov.gsa.pivconformance.card.client.CardHandle; -import gov.gsa.pivconformance.card.client.ConnectionDescription; -import gov.gsa.pivconformance.card.client.MiddlewareStatus; +import gov.gsa.pivconformance.conformancelib.configuration.CardInfoController; +import gov.gsa.pivconformance.conformancelib.configuration.CardSettingsSingleton; +import gov.gsa.pivconformance.cardlib.card.client.APDUConstants; +import gov.gsa.pivconformance.cardlib.card.client.ApplicationAID; +import gov.gsa.pivconformance.cardlib.card.client.ApplicationProperties; +import gov.gsa.pivconformance.cardlib.card.client.CardHandle; +import gov.gsa.pivconformance.cardlib.card.client.ConnectionDescription; +import gov.gsa.pivconformance.cardlib.card.client.DefaultPIVApplication; +import gov.gsa.pivconformance.cardlib.card.client.MiddlewareStatus; +import gov.gsa.pivconformance.cardlib.card.client.PIVAuthenticators; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObject; +import gov.gsa.pivconformance.cardlib.card.client.PIVMiddleware; +import gov.gsa.pivconformance.cardlib.card.client.PIVDataObjectFactory; import javax.swing.JButton; import java.awt.event.ActionListener; @@ -36,7 +43,18 @@ public void actionPerformed(ActionEvent e) { byte[] atr = CardInfoController.getATR(); String atrString = Hex.encodeHexString(atr); s_logger.info("Card ATR: {}", atrString); - + //Security.insertProviderAt(new SmartcardioProvider(), 1); + /*Provider[] providers = Security.getProviders(); + for(Provider p : providers) { + s_logger.error("Provider: {}", p.getName()); + } + //Security.insertProviderAt(new SmartcardioProvider(), 1); + providers = Security.getProviders(); + for(Provider p : providers) { + s_logger.error("Provider: {}", p.getName()); + } + */ + //2.16.840.1.101.3.7.2.96.48 CardSettingsSingleton css = CardSettingsSingleton.getInstance(); ConnectionDescription cd = ConnectionDescription.createFromTerminal(css.getTerminal()); @@ -44,7 +62,7 @@ public void actionPerformed(ActionEvent e) { if(!css.getTerminal().isCardPresent()) { s_logger.error("No card is present in {}", css.getTerminal().getName()); } - } catch(Exception e2) { + }catch(Exception e2) { s_logger.error("caught exception", e2); } CardHandle ch = new CardHandle(); @@ -54,7 +72,8 @@ public void actionPerformed(ActionEvent e) { ApplicationProperties cardAppProperties = new ApplicationProperties(); result = piv.pivSelectCardApplication(ch, aid, cardAppProperties); PIVAuthenticators authenticators = new PIVAuthenticators(); - authenticators.addApplicationPin("00000000"); + //authenticators.addApplicationPin(css.getApplicationPin()); + authenticators.addApplicationPin("123456"); result = piv.pivLogIntoCardApplication(ch, authenticators.getBytes()); //2.16.840.1.101.3.7.2.96.48 PIVDataObject obj = diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiRunner.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiRunner.java deleted file mode 100644 index 131fac19..00000000 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/GuiRunner.java +++ /dev/null @@ -1,31 +0,0 @@ -package gov.gsa.pivconformancegui; - -import javax.swing.JFrame; -import javax.swing.JLabel; -import javax.swing.SwingUtilities; - -// this is just a temporary spot for testing individual controls before pulling them into the more complex -// window layout. it should go away. -public class GuiRunner { - private static void createAndShow() { - JFrame mainFrame = new JFrame("PIV Conformance Tester"); - mainFrame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); - - JLabel tempLabel = new JLabel("PIV Conformance Test Runner"); - mainFrame.getContentPane().add(tempLabel); - - mainFrame.pack(); - mainFrame.setVisible(true); - } - - public static void main(String[] args) { - SwingUtilities.invokeLater(new Runnable() { - @Override - public void run() { - createAndShow(); - } - } - ); - - } -} diff --git a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/ManualTriggeringPolicy.java b/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/ManualTriggeringPolicy.java deleted file mode 100644 index d840c403..00000000 --- a/tools/85b-swing-gui/src/main/java/gov/gsa/pivconformancegui/ManualTriggeringPolicy.java +++ /dev/null @@ -1,14 +0,0 @@ -package gov.gsa.pivconformancegui; - -import java.io.File; - -import ch.qos.logback.core.rolling.TriggeringPolicyBase; - -public class ManualTriggeringPolicy extends TriggeringPolicyBase { - - @Override - public boolean isTriggeringEvent(File activeFile, E event) { - return false; - } - -} diff --git a/tools/85b-swing-gui/src/main/resources/build.version b/tools/85b-swing-gui/src/main/resources/build.version new file mode 100644 index 00000000..b462b647 --- /dev/null +++ b/tools/85b-swing-gui/src/main/resources/build.version @@ -0,0 +1 @@ +0.2.1-beta diff --git a/tools/85b-swing-gui/src/main/resources/icons/readme.html b/tools/85b-swing-gui/src/main/resources/icons/readme.html index 3852c6dd..810b21b4 100644 --- a/tools/85b-swing-gui/src/main/resources/icons/readme.html +++ b/tools/85b-swing-gui/src/main/resources/icons/readme.html @@ -1,1495 +1,1495 @@ - - - - - - - famfamfam.com: Silk Icons - - - - - - - - - - - - - - - - - -
-
-
- -

Silk Icons

-

http://www.famfamfam.com/lab/icons/silk/

-

- “Silk” is a smooth icon set, containing 1000 16-by-16 pixel icons in - strokably-soft PNG format. Containing a large variety of icons, you're sure to find something - that tickles your fancy. And all for a low low price of $0.00. You can't say fairer than that. - -
-
- - - - Current version: 1.3

- -

License

-

- - I also love to hear of my work being used, feel encouraged to send an email - with a link or screenshot of the icons in their new home to - mjames  gmail  com. - This work is licensed under a Creative Commons Attribution 2.5 License. - This means you may use it for any purpose, and make any changes you like. - All I ask is that you include a link back to http://www.famfamfam.com/lab/icons/silk/ in your credits (contact me to discuss licencing further). - - - - -

- -

Sightings

- -

- Do you use this set? Contact me!. -

- - -

Icons

- - -

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
accept accept.pngadd add.pnganchor anchor.pngapplication application.pngapplication add application_add.pngapplication cascade application_cascade.pngapplication delete application_delete.pngapplication double application_double.pngapplication edit application_edit.pngapplication error application_error.pngapplication form application_form.pngapplication form add application_form_add.png
application form delete application_form_delete.pngapplication form edit application_form_edit.pngapplication form magnify application_form_magnify.pngapplication get application_get.pngapplication go application_go.pngapplication home application_home.pngapplication key application_key.pngapplication lightning application_lightning.pngapplication link application_link.pngapplication osx application_osx.pngapplication osx terminal application_osx_terminal.pngapplication put application_put.png
application side boxes application_side_boxes.pngapplication side contract application_side_contract.pngapplication side expand application_side_expand.pngapplication side list application_side_list.pngapplication side tree application_side_tree.pngapplication split application_split.pngapplication tile horizontal application_tile_horizontal.pngapplication tile vertical application_tile_vertical.pngapplication view columns application_view_columns.pngapplication view detail application_view_detail.pngapplication view gallery application_view_gallery.pngapplication view icons application_view_icons.png
application view list application_view_list.pngapplication view tile application_view_tile.pngapplication xp application_xp.pngapplication xp terminal application_xp_terminal.pngarrow branch arrow_branch.pngarrow divide arrow_divide.pngarrow down arrow_down.pngarrow in arrow_in.pngarrow inout arrow_inout.pngarrow join arrow_join.pngarrow left arrow_left.pngarrow merge arrow_merge.png
arrow out arrow_out.pngarrow redo arrow_redo.pngarrow refresh arrow_refresh.pngarrow refresh small arrow_refresh_small.pngarrow right arrow_right.pngarrow rotate anticlockwise arrow_rotate_anticlockwise.pngarrow rotate clockwise arrow_rotate_clockwise.pngarrow switch arrow_switch.pngarrow turn left arrow_turn_left.pngarrow turn right arrow_turn_right.pngarrow undo arrow_undo.pngarrow up arrow_up.png
asterisk orange asterisk_orange.pngasterisk yellow asterisk_yellow.pngattach attach.pngaward star add award_star_add.pngaward star bronze 1 award_star_bronze_1.pngaward star bronze 2 award_star_bronze_2.pngaward star bronze 3 award_star_bronze_3.pngaward star delete award_star_delete.pngaward star gold 1 award_star_gold_1.pngaward star gold 2 award_star_gold_2.pngaward star gold 3 award_star_gold_3.pngaward star silver 1 award_star_silver_1.png
award star silver 2 award_star_silver_2.pngaward star silver 3 award_star_silver_3.pngbasket basket.pngbasket add basket_add.pngbasket delete basket_delete.pngbasket edit basket_edit.pngbasket error basket_error.pngbasket go basket_go.pngbasket put basket_put.pngbasket remove basket_remove.pngbell bell.pngbell add bell_add.png
bell delete bell_delete.pngbell error bell_error.pngbell go bell_go.pngbell link bell_link.pngbin bin.pngbin closed bin_closed.pngbin empty bin_empty.pngbomb bomb.pngbook book.pngbook add book_add.pngbook addresses book_addresses.pngbook delete book_delete.png
book edit book_edit.pngbook error book_error.pngbook go book_go.pngbook key book_key.pngbook link book_link.pngbook next book_next.pngbook open book_open.pngbook previous book_previous.pngbox box.pngbrick brick.pngbrick add brick_add.pngbrick delete brick_delete.png
brick edit brick_edit.pngbrick error brick_error.pngbrick go brick_go.pngbrick link brick_link.pngbricks bricks.pngbriefcase briefcase.pngbug bug.pngbug add bug_add.pngbug delete bug_delete.pngbug edit bug_edit.pngbug error bug_error.pngbug go bug_go.png
bug link bug_link.pngbuilding building.pngbuilding add building_add.pngbuilding delete building_delete.pngbuilding edit building_edit.pngbuilding error building_error.pngbuilding go building_go.pngbuilding key building_key.pngbuilding link building_link.pngbullet add bullet_add.pngbullet arrow bottom bullet_arrow_bottom.pngbullet arrow down bullet_arrow_down.png
bullet arrow top bullet_arrow_top.pngbullet arrow up bullet_arrow_up.pngbullet black bullet_black.pngbullet blue bullet_blue.pngbullet delete bullet_delete.pngbullet disk bullet_disk.pngbullet error bullet_error.pngbullet feed bullet_feed.pngbullet go bullet_go.pngbullet green bullet_green.pngbullet key bullet_key.pngbullet orange bullet_orange.png
bullet picture bullet_picture.pngbullet pink bullet_pink.pngbullet purple bullet_purple.pngbullet red bullet_red.pngbullet star bullet_star.pngbullet toggle minus bullet_toggle_minus.pngbullet toggle plus bullet_toggle_plus.pngbullet white bullet_white.pngbullet wrench bullet_wrench.pngbullet yellow bullet_yellow.pngcake cake.pngcalculator calculator.png
calculator add calculator_add.pngcalculator delete calculator_delete.pngcalculator edit calculator_edit.pngcalculator error calculator_error.pngcalculator link calculator_link.pngcalendar calendar.pngcalendar add calendar_add.pngcalendar delete calendar_delete.pngcalendar edit calendar_edit.pngcalendar link calendar_link.pngcalendar view day calendar_view_day.pngcalendar view month calendar_view_month.png
calendar view week calendar_view_week.pngcamera camera.pngcamera add camera_add.pngcamera delete camera_delete.pngcamera edit camera_edit.pngcamera error camera_error.pngcamera go camera_go.pngcamera link camera_link.pngcamera small camera_small.pngcancel cancel.pngcar car.pngcar add car_add.png
car delete car_delete.pngcart cart.pngcart add cart_add.pngcart delete cart_delete.pngcart edit cart_edit.pngcart error cart_error.pngcart go cart_go.pngcart put cart_put.pngcart remove cart_remove.pngcd cd.pngcd add cd_add.pngcd burn cd_burn.png
cd delete cd_delete.pngcd edit cd_edit.pngcd eject cd_eject.pngcd go cd_go.pngchart bar chart_bar.pngchart bar add chart_bar_add.pngchart bar delete chart_bar_delete.pngchart bar edit chart_bar_edit.pngchart bar error chart_bar_error.pngchart bar link chart_bar_link.pngchart curve chart_curve.pngchart curve add chart_curve_add.png
chart curve delete chart_curve_delete.pngchart curve edit chart_curve_edit.pngchart curve error chart_curve_error.pngchart curve go chart_curve_go.pngchart curve link chart_curve_link.pngchart line chart_line.pngchart line add chart_line_add.pngchart line delete chart_line_delete.pngchart line edit chart_line_edit.pngchart line error chart_line_error.pngchart line link chart_line_link.pngchart organisation chart_organisation.png
chart organisation add chart_organisation_add.pngchart organisation delete chart_organisation_delete.pngchart pie chart_pie.pngchart pie add chart_pie_add.pngchart pie delete chart_pie_delete.pngchart pie edit chart_pie_edit.pngchart pie error chart_pie_error.pngchart pie link chart_pie_link.pngclock clock.pngclock add clock_add.pngclock delete clock_delete.pngclock edit clock_edit.png
clock error clock_error.pngclock go clock_go.pngclock link clock_link.pngclock pause clock_pause.pngclock play clock_play.pngclock red clock_red.pngclock stop clock_stop.pngcog cog.pngcog add cog_add.pngcog delete cog_delete.pngcog edit cog_edit.pngcog error cog_error.png
cog go cog_go.pngcoins coins.pngcoins add coins_add.pngcoins delete coins_delete.pngcolor swatch color_swatch.pngcolor wheel color_wheel.pngcomment comment.pngcomment add comment_add.pngcomment delete comment_delete.pngcomment edit comment_edit.pngcomments comments.pngcomments add comments_add.png
comments delete comments_delete.pngcompress compress.pngcomputer computer.pngcomputer add computer_add.pngcomputer delete computer_delete.pngcomputer edit computer_edit.pngcomputer error computer_error.pngcomputer go computer_go.pngcomputer key computer_key.pngcomputer link computer_link.pngconnect connect.pngcontrast contrast.png
contrast decrease contrast_decrease.pngcontrast high contrast_high.pngcontrast increase contrast_increase.pngcontrast low contrast_low.pngcontrol eject control_eject.pngcontrol eject blue control_eject_blue.pngcontrol end control_end.pngcontrol end blue control_end_blue.pngcontrol equalizer control_equalizer.pngcontrol equalizer blue control_equalizer_blue.pngcontrol fastforward control_fastforward.pngcontrol fastforward blue control_fastforward_blue.png
control pause control_pause.pngcontrol pause blue control_pause_blue.pngcontrol play control_play.pngcontrol play blue control_play_blue.pngcontrol repeat control_repeat.pngcontrol repeat blue control_repeat_blue.pngcontrol rewind control_rewind.pngcontrol rewind blue control_rewind_blue.pngcontrol start control_start.pngcontrol start blue control_start_blue.pngcontrol stop control_stop.pngcontrol stop blue control_stop_blue.png
controller controller.pngcontroller add controller_add.pngcontroller delete controller_delete.pngcontroller error controller_error.pngcreditcards creditcards.pngcross cross.pngcss css.pngcss add css_add.pngcss delete css_delete.pngcss go css_go.pngcss valid css_valid.pngcup cup.png
cup add cup_add.pngcup delete cup_delete.pngcup edit cup_edit.pngcup error cup_error.pngcup go cup_go.pngcup key cup_key.pngcup link cup_link.pngcursor cursor.pngcut cut.pngcut red cut_red.pngdatabase database.pngdatabase add database_add.png
database connect database_connect.pngdatabase delete database_delete.pngdatabase edit database_edit.pngdatabase error database_error.pngdatabase gear database_gear.pngdatabase go database_go.pngdatabase key database_key.pngdatabase lightning database_lightning.pngdatabase link database_link.pngdatabase refresh database_refresh.pngdatabase save database_save.pngdatabase table database_table.png
date date.pngdate add date_add.pngdate delete date_delete.pngdate edit date_edit.pngdate error date_error.pngdate go date_go.pngdate link date_link.pngdate magnify date_magnify.pngdate next date_next.pngdate previous date_previous.pngdelete delete.pngdisconnect disconnect.png
disk disk.pngdisk multiple disk_multiple.pngdoor door.pngdoor in door_in.pngdoor open door_open.pngdoor out door_out.pngdrink drink.pngdrink empty drink_empty.pngdrive drive.pngdrive add drive_add.pngdrive burn drive_burn.pngdrive cd drive_cd.png
drive cd empty drive_cd_empty.pngdrive delete drive_delete.pngdrive disk drive_disk.pngdrive edit drive_edit.pngdrive error drive_error.pngdrive go drive_go.pngdrive key drive_key.pngdrive link drive_link.pngdrive magnify drive_magnify.pngdrive network drive_network.pngdrive rename drive_rename.pngdrive user drive_user.png
drive web drive_web.pngdvd dvd.pngdvd add dvd_add.pngdvd delete dvd_delete.pngdvd edit dvd_edit.pngdvd error dvd_error.pngdvd go dvd_go.pngdvd key dvd_key.pngdvd link dvd_link.pngemail email.pngemail add email_add.pngemail attach email_attach.png
email delete email_delete.pngemail edit email_edit.pngemail error email_error.pngemail go email_go.pngemail link email_link.pngemail open email_open.pngemail open image email_open_image.pngemoticon evilgrin emoticon_evilgrin.pngemoticon grin emoticon_grin.pngemoticon happy emoticon_happy.pngemoticon smile emoticon_smile.pngemoticon surprised emoticon_surprised.png
emoticon tongue emoticon_tongue.pngemoticon unhappy emoticon_unhappy.pngemoticon waii emoticon_waii.pngemoticon wink emoticon_wink.pngerror error.pngerror add error_add.pngerror delete error_delete.pngerror go error_go.pngexclamation exclamation.pngeye eye.pngfeed feed.pngfeed add feed_add.png
feed delete feed_delete.pngfeed disk feed_disk.pngfeed edit feed_edit.pngfeed error feed_error.pngfeed go feed_go.pngfeed key feed_key.pngfeed link feed_link.pngfeed magnify feed_magnify.pngfemale female.pngfilm film.pngfilm add film_add.pngfilm delete film_delete.png
film edit film_edit.pngfilm error film_error.pngfilm go film_go.pngfilm key film_key.pngfilm link film_link.pngfilm save film_save.pngfind find.pngflag blue flag_blue.pngflag green flag_green.pngflag orange flag_orange.pngflag pink flag_pink.pngflag purple flag_purple.png
flag red flag_red.pngflag yellow flag_yellow.pngfolder folder.pngfolder add folder_add.pngfolder bell folder_bell.pngfolder brick folder_brick.pngfolder bug folder_bug.pngfolder camera folder_camera.pngfolder database folder_database.pngfolder delete folder_delete.pngfolder edit folder_edit.pngfolder error folder_error.png
folder explore folder_explore.pngfolder feed folder_feed.pngfolder find folder_find.pngfolder go folder_go.pngfolder heart folder_heart.pngfolder image folder_image.pngfolder key folder_key.pngfolder lightbulb folder_lightbulb.pngfolder link folder_link.pngfolder magnify folder_magnify.pngfolder page folder_page.pngfolder page white folder_page_white.png
folder palette folder_palette.pngfolder picture folder_picture.pngfolder star folder_star.pngfolder table folder_table.pngfolder user folder_user.pngfolder wrench folder_wrench.pngfont font.pngfont add font_add.pngfont delete font_delete.pngfont go font_go.pnggroup group.pnggroup add group_add.png
group delete group_delete.pnggroup edit group_edit.pnggroup error group_error.pnggroup gear group_gear.pnggroup go group_go.pnggroup key group_key.pnggroup link group_link.pngheart heart.pngheart add heart_add.pngheart delete heart_delete.pnghelp help.pnghourglass hourglass.png
hourglass add hourglass_add.pnghourglass delete hourglass_delete.pnghourglass go hourglass_go.pnghourglass link hourglass_link.pnghouse house.pnghouse go house_go.pnghouse link house_link.pnghtml html.pnghtml add html_add.pnghtml delete html_delete.pnghtml go html_go.pnghtml valid html_valid.png
image image.pngimage add image_add.pngimage delete image_delete.pngimage edit image_edit.pngimage link image_link.pngimages images.pnginformation information.pngipod ipod.pngipod cast ipod_cast.pngipod cast add ipod_cast_add.pngipod cast delete ipod_cast_delete.pngipod sound ipod_sound.png
joystick joystick.pngjoystick add joystick_add.pngjoystick delete joystick_delete.pngjoystick error joystick_error.pngkey key.pngkey add key_add.pngkey delete key_delete.pngkey go key_go.pngkeyboard keyboard.pngkeyboard add keyboard_add.pngkeyboard delete keyboard_delete.pngkeyboard magnify keyboard_magnify.png
layers layers.pnglayout layout.pnglayout add layout_add.pnglayout content layout_content.pnglayout delete layout_delete.pnglayout edit layout_edit.pnglayout error layout_error.pnglayout header layout_header.pnglayout link layout_link.pnglayout sidebar layout_sidebar.pnglightbulb lightbulb.pnglightbulb add lightbulb_add.png
lightbulb delete lightbulb_delete.pnglightbulb off lightbulb_off.pnglightning lightning.pnglightning add lightning_add.pnglightning delete lightning_delete.pnglightning go lightning_go.pnglink link.pnglink add link_add.pnglink break link_break.pnglink delete link_delete.pnglink edit link_edit.pnglink error link_error.png
link go link_go.pnglock lock.pnglock add lock_add.pnglock break lock_break.pnglock delete lock_delete.pnglock edit lock_edit.pnglock go lock_go.pnglock open lock_open.pnglorry lorry.pnglorry add lorry_add.pnglorry delete lorry_delete.pnglorry error lorry_error.png
lorry flatbed lorry_flatbed.pnglorry go lorry_go.pnglorry link lorry_link.pngmagifier zoom out magifier_zoom_out.pngmagnifier magnifier.pngmagnifier zoom in magnifier_zoom_in.pngmale male.pngmap map.pngmap add map_add.pngmap delete map_delete.pngmap edit map_edit.pngmap go map_go.png
map magnify map_magnify.pngmedal bronze 1 medal_bronze_1.pngmedal bronze 2 medal_bronze_2.pngmedal bronze 3 medal_bronze_3.pngmedal bronze add medal_bronze_add.pngmedal bronze delete medal_bronze_delete.pngmedal gold 1 medal_gold_1.pngmedal gold 2 medal_gold_2.pngmedal gold 3 medal_gold_3.pngmedal gold add medal_gold_add.pngmedal gold delete medal_gold_delete.pngmedal silver 1 medal_silver_1.png
medal silver 2 medal_silver_2.pngmedal silver 3 medal_silver_3.pngmedal silver add medal_silver_add.pngmedal silver delete medal_silver_delete.pngmoney money.pngmoney add money_add.pngmoney delete money_delete.pngmoney dollar money_dollar.pngmoney euro money_euro.pngmoney pound money_pound.pngmoney yen money_yen.pngmonitor monitor.png
monitor add monitor_add.pngmonitor delete monitor_delete.pngmonitor edit monitor_edit.pngmonitor error monitor_error.pngmonitor go monitor_go.pngmonitor lightning monitor_lightning.pngmonitor link monitor_link.pngmouse mouse.pngmouse add mouse_add.pngmouse delete mouse_delete.pngmouse error mouse_error.pngmusic music.png
new new.pngnewspaper newspaper.pngnewspaper add newspaper_add.pngnewspaper delete newspaper_delete.pngnewspaper go newspaper_go.pngnewspaper link newspaper_link.pngnote note.pngnote add note_add.pngnote delete note_delete.pngnote edit note_edit.pngnote error note_error.pngnote go note_go.png
overlays overlays.pngpackage package.pngpackage add package_add.pngpackage delete package_delete.pngpackage go package_go.pngpackage green package_green.pngpackage link package_link.pngpage page.pngpage add page_add.pngpage attach page_attach.pngpage code page_code.pngpage copy page_copy.png
page delete page_delete.pngpage edit page_edit.pngpage error page_error.pngpage excel page_excel.pngpage find page_find.pngpage gear page_gear.pngpage go page_go.pngpage green page_green.pngpage key page_key.pngpage lightning page_lightning.pngpage link page_link.pngpage paintbrush page_paintbrush.png
page paste page_paste.pngpage red page_red.pngpage refresh page_refresh.pngpage save page_save.pngpage white page_white.pngpage white acrobat page_white_acrobat.pngpage white actionscript page_white_actionscript.pngpage white add page_white_add.pngpage white c page_white_c.pngpage white camera page_white_camera.pngpage white cd page_white_cd.pngpage white code page_white_code.png
page white code red page_white_code_red.pngpage white coldfusion page_white_coldfusion.pngpage white compressed page_white_compressed.pngpage white copy page_white_copy.pngpage white cplusplus page_white_cplusplus.pngpage white csharp page_white_csharp.pngpage white cup page_white_cup.pngpage white database page_white_database.pngpage white delete page_white_delete.pngpage white dvd page_white_dvd.pngpage white edit page_white_edit.pngpage white error page_white_error.png
page white excel page_white_excel.pngpage white find page_white_find.pngpage white flash page_white_flash.pngpage white freehand page_white_freehand.pngpage white gear page_white_gear.pngpage white get page_white_get.pngpage white go page_white_go.pngpage white h page_white_h.pngpage white horizontal page_white_horizontal.pngpage white key page_white_key.pngpage white lightning page_white_lightning.pngpage white link page_white_link.png
page white magnify page_white_magnify.pngpage white medal page_white_medal.pngpage white office page_white_office.pngpage white paint page_white_paint.pngpage white paintbrush page_white_paintbrush.pngpage white paste page_white_paste.pngpage white php page_white_php.pngpage white picture page_white_picture.pngpage white powerpoint page_white_powerpoint.pngpage white put page_white_put.pngpage white ruby page_white_ruby.pngpage white stack page_white_stack.png
page white star page_white_star.pngpage white swoosh page_white_swoosh.pngpage white text page_white_text.pngpage white text width page_white_text_width.pngpage white tux page_white_tux.pngpage white vector page_white_vector.pngpage white visualstudio page_white_visualstudio.pngpage white width page_white_width.pngpage white word page_white_word.pngpage white world page_white_world.pngpage white wrench page_white_wrench.pngpage white zip page_white_zip.png
page word page_word.pngpage world page_world.pngpaintbrush paintbrush.pngpaintcan paintcan.pngpalette palette.pngpaste plain paste_plain.pngpaste word paste_word.pngpencil pencil.pngpencil add pencil_add.pngpencil delete pencil_delete.pngpencil go pencil_go.pngphone phone.png
phone add phone_add.pngphone delete phone_delete.pngphone sound phone_sound.pngphoto photo.pngphoto add photo_add.pngphoto delete photo_delete.pngphoto link photo_link.pngphotos photos.pngpicture picture.pngpicture add picture_add.pngpicture delete picture_delete.pngpicture edit picture_edit.png
picture empty picture_empty.pngpicture error picture_error.pngpicture go picture_go.pngpicture key picture_key.pngpicture link picture_link.pngpicture save picture_save.pngpictures pictures.pngpilcrow pilcrow.pngpill pill.pngpill add pill_add.pngpill delete pill_delete.pngpill go pill_go.png
plugin plugin.pngplugin add plugin_add.pngplugin delete plugin_delete.pngplugin disabled plugin_disabled.pngplugin edit plugin_edit.pngplugin error plugin_error.pngplugin go plugin_go.pngplugin link plugin_link.pngprinter printer.pngprinter add printer_add.pngprinter delete printer_delete.pngprinter empty printer_empty.png
printer error printer_error.pngrainbow rainbow.pngreport report.pngreport add report_add.pngreport delete report_delete.pngreport disk report_disk.pngreport edit report_edit.pngreport go report_go.pngreport key report_key.pngreport link report_link.pngreport magnify report_magnify.pngreport picture report_picture.png
report user report_user.pngreport word report_word.pngresultset first resultset_first.pngresultset last resultset_last.pngresultset next resultset_next.pngresultset previous resultset_previous.pngrosette rosette.pngrss rss.pngrss add rss_add.pngrss delete rss_delete.pngrss go rss_go.pngrss valid rss_valid.png
ruby ruby.pngruby add ruby_add.pngruby delete ruby_delete.pngruby gear ruby_gear.pngruby get ruby_get.pngruby go ruby_go.pngruby key ruby_key.pngruby link ruby_link.pngruby put ruby_put.pngscript script.pngscript add script_add.pngscript code script_code.png
script code red script_code_red.pngscript delete script_delete.pngscript edit script_edit.pngscript error script_error.pngscript gear script_gear.pngscript go script_go.pngscript key script_key.pngscript lightning script_lightning.pngscript link script_link.pngscript palette script_palette.pngscript save script_save.pngserver server.png
server add server_add.pngserver chart server_chart.pngserver compressed server_compressed.pngserver connect server_connect.pngserver database server_database.pngserver delete server_delete.pngserver edit server_edit.pngserver error server_error.pngserver go server_go.pngserver key server_key.pngserver lightning server_lightning.pngserver link server_link.png
server uncompressed server_uncompressed.pngshading shading.pngshape align bottom shape_align_bottom.pngshape align center shape_align_center.pngshape align left shape_align_left.pngshape align middle shape_align_middle.pngshape align right shape_align_right.pngshape align top shape_align_top.pngshape flip horizontal shape_flip_horizontal.pngshape flip vertical shape_flip_vertical.pngshape group shape_group.pngshape handles shape_handles.png
shape move back shape_move_back.pngshape move backwards shape_move_backwards.pngshape move forwards shape_move_forwards.pngshape move front shape_move_front.pngshape rotate anticlockwise shape_rotate_anticlockwise.pngshape rotate clockwise shape_rotate_clockwise.pngshape square shape_square.pngshape square add shape_square_add.pngshape square delete shape_square_delete.pngshape square edit shape_square_edit.pngshape square error shape_square_error.pngshape square go shape_square_go.png
shape square key shape_square_key.pngshape square link shape_square_link.pngshape ungroup shape_ungroup.pngshield shield.pngshield add shield_add.pngshield delete shield_delete.pngshield go shield_go.pngsitemap sitemap.pngsitemap color sitemap_color.pngsound sound.pngsound add sound_add.pngsound delete sound_delete.png
sound low sound_low.pngsound mute sound_mute.pngsound none sound_none.pngspellcheck spellcheck.pngsport 8ball sport_8ball.pngsport basketball sport_basketball.pngsport football sport_football.pngsport golf sport_golf.pngsport raquet sport_raquet.pngsport shuttlecock sport_shuttlecock.pngsport soccer sport_soccer.pngsport tennis sport_tennis.png
star star.pngstatus away status_away.pngstatus busy status_busy.pngstatus offline status_offline.pngstatus online status_online.pngstop stop.pngstyle style.pngstyle add style_add.pngstyle delete style_delete.pngstyle edit style_edit.pngstyle go style_go.pngsum sum.png
tab tab.pngtab add tab_add.pngtab delete tab_delete.pngtab edit tab_edit.pngtab go tab_go.pngtable table.pngtable add table_add.pngtable delete table_delete.pngtable edit table_edit.pngtable error table_error.pngtable gear table_gear.pngtable go table_go.png
table key table_key.pngtable lightning table_lightning.pngtable link table_link.pngtable multiple table_multiple.pngtable refresh table_refresh.pngtable relationship table_relationship.pngtable row delete table_row_delete.pngtable row insert table_row_insert.pngtable save table_save.pngtable sort table_sort.pngtag tag.pngtag blue tag_blue.png
tag blue add tag_blue_add.pngtag blue delete tag_blue_delete.pngtag blue edit tag_blue_edit.pngtag green tag_green.pngtag orange tag_orange.pngtag pink tag_pink.pngtag purple tag_purple.pngtag red tag_red.pngtag yellow tag_yellow.pngtelephone telephone.pngtelephone add telephone_add.pngtelephone delete telephone_delete.png
telephone edit telephone_edit.pngtelephone error telephone_error.pngtelephone go telephone_go.pngtelephone key telephone_key.pngtelephone link telephone_link.pngtelevision television.pngtelevision add television_add.pngtelevision delete television_delete.pngtext align center text_align_center.pngtext align justify text_align_justify.pngtext align left text_align_left.pngtext align right text_align_right.png
text allcaps text_allcaps.pngtext bold text_bold.pngtext columns text_columns.pngtext dropcaps text_dropcaps.pngtext heading 1 text_heading_1.pngtext heading 2 text_heading_2.pngtext heading 3 text_heading_3.pngtext heading 4 text_heading_4.pngtext heading 5 text_heading_5.pngtext heading 6 text_heading_6.pngtext horizontalrule text_horizontalrule.pngtext indent text_indent.png
text indent remove text_indent_remove.pngtext italic text_italic.pngtext kerning text_kerning.pngtext letter omega text_letter_omega.pngtext letterspacing text_letterspacing.pngtext linespacing text_linespacing.pngtext list bullets text_list_bullets.pngtext list numbers text_list_numbers.pngtext lowercase text_lowercase.pngtext padding bottom text_padding_bottom.pngtext padding left text_padding_left.pngtext padding right text_padding_right.png
text padding top text_padding_top.pngtext replace text_replace.pngtext signature text_signature.pngtext smallcaps text_smallcaps.pngtext strikethrough text_strikethrough.pngtext subscript text_subscript.pngtext superscript text_superscript.pngtext underline text_underline.pngtext uppercase text_uppercase.pngtextfield textfield.pngtextfield add textfield_add.pngtextfield delete textfield_delete.png
textfield key textfield_key.pngtextfield rename textfield_rename.pngthumb down thumb_down.pngthumb up thumb_up.pngtick tick.pngtime time.pngtime add time_add.pngtime delete time_delete.pngtime go time_go.pngtimeline marker timeline_marker.pngtransmit transmit.pngtransmit add transmit_add.png
transmit blue transmit_blue.pngtransmit delete transmit_delete.pngtransmit edit transmit_edit.pngtransmit error transmit_error.pngtransmit go transmit_go.pngtux tux.pnguser user.pnguser add user_add.pnguser comment user_comment.pnguser delete user_delete.pnguser edit user_edit.pnguser female user_female.png
user go user_go.pnguser gray user_gray.pnguser green user_green.pnguser orange user_orange.pnguser red user_red.pnguser suit user_suit.pngvcard vcard.pngvcard add vcard_add.pngvcard delete vcard_delete.pngvcard edit vcard_edit.pngvector vector.pngvector add vector_add.png
vector delete vector_delete.pngwand wand.pngweather clouds weather_clouds.pngweather cloudy weather_cloudy.pngweather lightning weather_lightning.pngweather rain weather_rain.pngweather snow weather_snow.pngweather sun weather_sun.pngwebcam webcam.pngwebcam add webcam_add.pngwebcam delete webcam_delete.pngwebcam error webcam_error.png
world world.pngworld add world_add.pngworld delete world_delete.pngworld edit world_edit.pngworld go world_go.pngworld link world_link.pngwrench wrench.pngwrench orange wrench_orange.pngxhtml xhtml.pngxhtml add xhtml_add.pngxhtml delete xhtml_delete.pngxhtml go xhtml_go.png
xhtml valid xhtml_valid.pngzoom zoom.pngzoom in zoom_in.pngzoom out zoom_out.png        
-

- -
- -
- -
- -
- - - - + + + + + + + famfamfam.com: Silk Icons + + + + + + + + + + + + + + + + + +
+
+
+ +

Silk Icons

+

http://www.famfamfam.com/lab/icons/silk/

+

+ “Silk” is a smooth icon set, containing 1000 16-by-16 pixel icons in + strokably-soft PNG format. Containing a large variety of icons, you're sure to find something + that tickles your fancy. And all for a low low price of $0.00. You can't say fairer than that. + +
+
+ + + + Current version: 1.3

+ +

License

+

+ + I also love to hear of my work being used, feel encouraged to send an email + with a link or screenshot of the icons in their new home to + mjames  gmail  com. + This work is licensed under a Creative Commons Attribution 2.5 License. + This means you may use it for any purpose, and make any changes you like. + All I ask is that you include a link back to http://www.famfamfam.com/lab/icons/silk/ in your credits (contact me to discuss licencing further). + + + + +

+ +

Sightings

+ +

+ Do you use this set? Contact me!. +

+ + +

Icons

+ + +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
accept accept.pngadd add.pnganchor anchor.pngapplication application.pngapplication add application_add.pngapplication cascade application_cascade.pngapplication delete application_delete.pngapplication double application_double.pngapplication edit application_edit.pngapplication error application_error.pngapplication form application_form.pngapplication form add application_form_add.png
application form delete application_form_delete.pngapplication form edit application_form_edit.pngapplication form magnify application_form_magnify.pngapplication get application_get.pngapplication go application_go.pngapplication home application_home.pngapplication key application_key.pngapplication lightning application_lightning.pngapplication link application_link.pngapplication osx application_osx.pngapplication osx terminal application_osx_terminal.pngapplication put application_put.png
application side boxes application_side_boxes.pngapplication side contract application_side_contract.pngapplication side expand application_side_expand.pngapplication side list application_side_list.pngapplication side tree application_side_tree.pngapplication split application_split.pngapplication tile horizontal application_tile_horizontal.pngapplication tile vertical application_tile_vertical.pngapplication view columns application_view_columns.pngapplication view detail application_view_detail.pngapplication view gallery application_view_gallery.pngapplication view icons application_view_icons.png
application view list application_view_list.pngapplication view tile application_view_tile.pngapplication xp application_xp.pngapplication xp terminal application_xp_terminal.pngarrow branch arrow_branch.pngarrow divide arrow_divide.pngarrow down arrow_down.pngarrow in arrow_in.pngarrow inout arrow_inout.pngarrow join arrow_join.pngarrow left arrow_left.pngarrow merge arrow_merge.png
arrow out arrow_out.pngarrow redo arrow_redo.pngarrow refresh arrow_refresh.pngarrow refresh small arrow_refresh_small.pngarrow right arrow_right.pngarrow rotate anticlockwise arrow_rotate_anticlockwise.pngarrow rotate clockwise arrow_rotate_clockwise.pngarrow switch arrow_switch.pngarrow turn left arrow_turn_left.pngarrow turn right arrow_turn_right.pngarrow undo arrow_undo.pngarrow up arrow_up.png
asterisk orange asterisk_orange.pngasterisk yellow asterisk_yellow.pngattach attach.pngaward star add award_star_add.pngaward star bronze 1 award_star_bronze_1.pngaward star bronze 2 award_star_bronze_2.pngaward star bronze 3 award_star_bronze_3.pngaward star delete award_star_delete.pngaward star gold 1 award_star_gold_1.pngaward star gold 2 award_star_gold_2.pngaward star gold 3 award_star_gold_3.pngaward star silver 1 award_star_silver_1.png
award star silver 2 award_star_silver_2.pngaward star silver 3 award_star_silver_3.pngbasket basket.pngbasket add basket_add.pngbasket delete basket_delete.pngbasket edit basket_edit.pngbasket error basket_error.pngbasket go basket_go.pngbasket put basket_put.pngbasket remove basket_remove.pngbell bell.pngbell add bell_add.png
bell delete bell_delete.pngbell error bell_error.pngbell go bell_go.pngbell link bell_link.pngbin bin.pngbin closed bin_closed.pngbin empty bin_empty.pngbomb bomb.pngbook book.pngbook add book_add.pngbook addresses book_addresses.pngbook delete book_delete.png
book edit book_edit.pngbook error book_error.pngbook go book_go.pngbook key book_key.pngbook link book_link.pngbook next book_next.pngbook open book_open.pngbook previous book_previous.pngbox box.pngbrick brick.pngbrick add brick_add.pngbrick delete brick_delete.png
brick edit brick_edit.pngbrick error brick_error.pngbrick go brick_go.pngbrick link brick_link.pngbricks bricks.pngbriefcase briefcase.pngbug bug.pngbug add bug_add.pngbug delete bug_delete.pngbug edit bug_edit.pngbug error bug_error.pngbug go bug_go.png
bug link bug_link.pngbuilding building.pngbuilding add building_add.pngbuilding delete building_delete.pngbuilding edit building_edit.pngbuilding error building_error.pngbuilding go building_go.pngbuilding key building_key.pngbuilding link building_link.pngbullet add bullet_add.pngbullet arrow bottom bullet_arrow_bottom.pngbullet arrow down bullet_arrow_down.png
bullet arrow top bullet_arrow_top.pngbullet arrow up bullet_arrow_up.pngbullet black bullet_black.pngbullet blue bullet_blue.pngbullet delete bullet_delete.pngbullet disk bullet_disk.pngbullet error bullet_error.pngbullet feed bullet_feed.pngbullet go bullet_go.pngbullet green bullet_green.pngbullet key bullet_key.pngbullet orange bullet_orange.png
bullet picture bullet_picture.pngbullet pink bullet_pink.pngbullet purple bullet_purple.pngbullet red bullet_red.pngbullet star bullet_star.pngbullet toggle minus bullet_toggle_minus.pngbullet toggle plus bullet_toggle_plus.pngbullet white bullet_white.pngbullet wrench bullet_wrench.pngbullet yellow bullet_yellow.pngcake cake.pngcalculator calculator.png
calculator add calculator_add.pngcalculator delete calculator_delete.pngcalculator edit calculator_edit.pngcalculator error calculator_error.pngcalculator link calculator_link.pngcalendar calendar.pngcalendar add calendar_add.pngcalendar delete calendar_delete.pngcalendar edit calendar_edit.pngcalendar link calendar_link.pngcalendar view day calendar_view_day.pngcalendar view month calendar_view_month.png
calendar view week calendar_view_week.pngcamera camera.pngcamera add camera_add.pngcamera delete camera_delete.pngcamera edit camera_edit.pngcamera error camera_error.pngcamera go camera_go.pngcamera link camera_link.pngcamera small camera_small.pngcancel cancel.pngcar car.pngcar add car_add.png
car delete car_delete.pngcart cart.pngcart add cart_add.pngcart delete cart_delete.pngcart edit cart_edit.pngcart error cart_error.pngcart go cart_go.pngcart put cart_put.pngcart remove cart_remove.pngcd cd.pngcd add cd_add.pngcd burn cd_burn.png
cd delete cd_delete.pngcd edit cd_edit.pngcd eject cd_eject.pngcd go cd_go.pngchart bar chart_bar.pngchart bar add chart_bar_add.pngchart bar delete chart_bar_delete.pngchart bar edit chart_bar_edit.pngchart bar error chart_bar_error.pngchart bar link chart_bar_link.pngchart curve chart_curve.pngchart curve add chart_curve_add.png
chart curve delete chart_curve_delete.pngchart curve edit chart_curve_edit.pngchart curve error chart_curve_error.pngchart curve go chart_curve_go.pngchart curve link chart_curve_link.pngchart line chart_line.pngchart line add chart_line_add.pngchart line delete chart_line_delete.pngchart line edit chart_line_edit.pngchart line error chart_line_error.pngchart line link chart_line_link.pngchart organisation chart_organisation.png
chart organisation add chart_organisation_add.pngchart organisation delete chart_organisation_delete.pngchart pie chart_pie.pngchart pie add chart_pie_add.pngchart pie delete chart_pie_delete.pngchart pie edit chart_pie_edit.pngchart pie error chart_pie_error.pngchart pie link chart_pie_link.pngclock clock.pngclock add clock_add.pngclock delete clock_delete.pngclock edit clock_edit.png
clock error clock_error.pngclock go clock_go.pngclock link clock_link.pngclock pause clock_pause.pngclock play clock_play.pngclock red clock_red.pngclock stop clock_stop.pngcog cog.pngcog add cog_add.pngcog delete cog_delete.pngcog edit cog_edit.pngcog error cog_error.png
cog go cog_go.pngcoins coins.pngcoins add coins_add.pngcoins delete coins_delete.pngcolor swatch color_swatch.pngcolor wheel color_wheel.pngcomment comment.pngcomment add comment_add.pngcomment delete comment_delete.pngcomment edit comment_edit.pngcomments comments.pngcomments add comments_add.png
comments delete comments_delete.pngcompress compress.pngcomputer computer.pngcomputer add computer_add.pngcomputer delete computer_delete.pngcomputer edit computer_edit.pngcomputer error computer_error.pngcomputer go computer_go.pngcomputer key computer_key.pngcomputer link computer_link.pngconnect connect.pngcontrast contrast.png
contrast decrease contrast_decrease.pngcontrast high contrast_high.pngcontrast increase contrast_increase.pngcontrast low contrast_low.pngcontrol eject control_eject.pngcontrol eject blue control_eject_blue.pngcontrol end control_end.pngcontrol end blue control_end_blue.pngcontrol equalizer control_equalizer.pngcontrol equalizer blue control_equalizer_blue.pngcontrol fastforward control_fastforward.pngcontrol fastforward blue control_fastforward_blue.png
control pause control_pause.pngcontrol pause blue control_pause_blue.pngcontrol play control_play.pngcontrol play blue control_play_blue.pngcontrol repeat control_repeat.pngcontrol repeat blue control_repeat_blue.pngcontrol rewind control_rewind.pngcontrol rewind blue control_rewind_blue.pngcontrol start control_start.pngcontrol start blue control_start_blue.pngcontrol stop control_stop.pngcontrol stop blue control_stop_blue.png
controller controller.pngcontroller add controller_add.pngcontroller delete controller_delete.pngcontroller error controller_error.pngcreditcards creditcards.pngcross cross.pngcss css.pngcss add css_add.pngcss delete css_delete.pngcss go css_go.pngcss valid css_valid.pngcup cup.png
cup add cup_add.pngcup delete cup_delete.pngcup edit cup_edit.pngcup error cup_error.pngcup go cup_go.pngcup key cup_key.pngcup link cup_link.pngcursor cursor.pngcut cut.pngcut red cut_red.pngdatabase database.pngdatabase add database_add.png
database connect database_connect.pngdatabase delete database_delete.pngdatabase edit database_edit.pngdatabase error database_error.pngdatabase gear database_gear.pngdatabase go database_go.pngdatabase key database_key.pngdatabase lightning database_lightning.pngdatabase link database_link.pngdatabase refresh database_refresh.pngdatabase save database_save.pngdatabase table database_table.png
date date.pngdate add date_add.pngdate delete date_delete.pngdate edit date_edit.pngdate error date_error.pngdate go date_go.pngdate link date_link.pngdate magnify date_magnify.pngdate next date_next.pngdate previous date_previous.pngdelete delete.pngdisconnect disconnect.png
disk disk.pngdisk multiple disk_multiple.pngdoor door.pngdoor in door_in.pngdoor open door_open.pngdoor out door_out.pngdrink drink.pngdrink empty drink_empty.pngdrive drive.pngdrive add drive_add.pngdrive burn drive_burn.pngdrive cd drive_cd.png
drive cd empty drive_cd_empty.pngdrive delete drive_delete.pngdrive disk drive_disk.pngdrive edit drive_edit.pngdrive error drive_error.pngdrive go drive_go.pngdrive key drive_key.pngdrive link drive_link.pngdrive magnify drive_magnify.pngdrive network drive_network.pngdrive rename drive_rename.pngdrive user drive_user.png
drive web drive_web.pngdvd dvd.pngdvd add dvd_add.pngdvd delete dvd_delete.pngdvd edit dvd_edit.pngdvd error dvd_error.pngdvd go dvd_go.pngdvd key dvd_key.pngdvd link dvd_link.pngemail email.pngemail add email_add.pngemail attach email_attach.png
email delete email_delete.pngemail edit email_edit.pngemail error email_error.pngemail go email_go.pngemail link email_link.pngemail open email_open.pngemail open image email_open_image.pngemoticon evilgrin emoticon_evilgrin.pngemoticon grin emoticon_grin.pngemoticon happy emoticon_happy.pngemoticon smile emoticon_smile.pngemoticon surprised emoticon_surprised.png
emoticon tongue emoticon_tongue.pngemoticon unhappy emoticon_unhappy.pngemoticon waii emoticon_waii.pngemoticon wink emoticon_wink.pngerror error.pngerror add error_add.pngerror delete error_delete.pngerror go error_go.pngexclamation exclamation.pngeye eye.pngfeed feed.pngfeed add feed_add.png
feed delete feed_delete.pngfeed disk feed_disk.pngfeed edit feed_edit.pngfeed error feed_error.pngfeed go feed_go.pngfeed key feed_key.pngfeed link feed_link.pngfeed magnify feed_magnify.pngfemale female.pngfilm film.pngfilm add film_add.pngfilm delete film_delete.png
film edit film_edit.pngfilm error film_error.pngfilm go film_go.pngfilm key film_key.pngfilm link film_link.pngfilm save film_save.pngfind find.pngflag blue flag_blue.pngflag green flag_green.pngflag orange flag_orange.pngflag pink flag_pink.pngflag purple flag_purple.png
flag red flag_red.pngflag yellow flag_yellow.pngfolder folder.pngfolder add folder_add.pngfolder bell folder_bell.pngfolder brick folder_brick.pngfolder bug folder_bug.pngfolder camera folder_camera.pngfolder database folder_database.pngfolder delete folder_delete.pngfolder edit folder_edit.pngfolder error folder_error.png
folder explore folder_explore.pngfolder feed folder_feed.pngfolder find folder_find.pngfolder go folder_go.pngfolder heart folder_heart.pngfolder image folder_image.pngfolder key folder_key.pngfolder lightbulb folder_lightbulb.pngfolder link folder_link.pngfolder magnify folder_magnify.pngfolder page folder_page.pngfolder page white folder_page_white.png
folder palette folder_palette.pngfolder picture folder_picture.pngfolder star folder_star.pngfolder table folder_table.pngfolder user folder_user.pngfolder wrench folder_wrench.pngfont font.pngfont add font_add.pngfont delete font_delete.pngfont go font_go.pnggroup group.pnggroup add group_add.png
group delete group_delete.pnggroup edit group_edit.pnggroup error group_error.pnggroup gear group_gear.pnggroup go group_go.pnggroup key group_key.pnggroup link group_link.pngheart heart.pngheart add heart_add.pngheart delete heart_delete.pnghelp help.pnghourglass hourglass.png
hourglass add hourglass_add.pnghourglass delete hourglass_delete.pnghourglass go hourglass_go.pnghourglass link hourglass_link.pnghouse house.pnghouse go house_go.pnghouse link house_link.pnghtml html.pnghtml add html_add.pnghtml delete html_delete.pnghtml go html_go.pnghtml valid html_valid.png
image image.pngimage add image_add.pngimage delete image_delete.pngimage edit image_edit.pngimage link image_link.pngimages images.pnginformation information.pngipod ipod.pngipod cast ipod_cast.pngipod cast add ipod_cast_add.pngipod cast delete ipod_cast_delete.pngipod sound ipod_sound.png
joystick joystick.pngjoystick add joystick_add.pngjoystick delete joystick_delete.pngjoystick error joystick_error.pngkey key.pngkey add key_add.pngkey delete key_delete.pngkey go key_go.pngkeyboard keyboard.pngkeyboard add keyboard_add.pngkeyboard delete keyboard_delete.pngkeyboard magnify keyboard_magnify.png
layers layers.pnglayout layout.pnglayout add layout_add.pnglayout content layout_content.pnglayout delete layout_delete.pnglayout edit layout_edit.pnglayout error layout_error.pnglayout header layout_header.pnglayout link layout_link.pnglayout sidebar layout_sidebar.pnglightbulb lightbulb.pnglightbulb add lightbulb_add.png
lightbulb delete lightbulb_delete.pnglightbulb off lightbulb_off.pnglightning lightning.pnglightning add lightning_add.pnglightning delete lightning_delete.pnglightning go lightning_go.pnglink link.pnglink add link_add.pnglink break link_break.pnglink delete link_delete.pnglink edit link_edit.pnglink error link_error.png
link go link_go.pnglock lock.pnglock add lock_add.pnglock break lock_break.pnglock delete lock_delete.pnglock edit lock_edit.pnglock go lock_go.pnglock open lock_open.pnglorry lorry.pnglorry add lorry_add.pnglorry delete lorry_delete.pnglorry error lorry_error.png
lorry flatbed lorry_flatbed.pnglorry go lorry_go.pnglorry link lorry_link.pngmagifier zoom out magifier_zoom_out.pngmagnifier magnifier.pngmagnifier zoom in magnifier_zoom_in.pngmale male.pngmap map.pngmap add map_add.pngmap delete map_delete.pngmap edit map_edit.pngmap go map_go.png
map magnify map_magnify.pngmedal bronze 1 medal_bronze_1.pngmedal bronze 2 medal_bronze_2.pngmedal bronze 3 medal_bronze_3.pngmedal bronze add medal_bronze_add.pngmedal bronze delete medal_bronze_delete.pngmedal gold 1 medal_gold_1.pngmedal gold 2 medal_gold_2.pngmedal gold 3 medal_gold_3.pngmedal gold add medal_gold_add.pngmedal gold delete medal_gold_delete.pngmedal silver 1 medal_silver_1.png
medal silver 2 medal_silver_2.pngmedal silver 3 medal_silver_3.pngmedal silver add medal_silver_add.pngmedal silver delete medal_silver_delete.pngmoney money.pngmoney add money_add.pngmoney delete money_delete.pngmoney dollar money_dollar.pngmoney euro money_euro.pngmoney pound money_pound.pngmoney yen money_yen.pngmonitor monitor.png
monitor add monitor_add.pngmonitor delete monitor_delete.pngmonitor edit monitor_edit.pngmonitor error monitor_error.pngmonitor go monitor_go.pngmonitor lightning monitor_lightning.pngmonitor link monitor_link.pngmouse mouse.pngmouse add mouse_add.pngmouse delete mouse_delete.pngmouse error mouse_error.pngmusic music.png
new new.pngnewspaper newspaper.pngnewspaper add newspaper_add.pngnewspaper delete newspaper_delete.pngnewspaper go newspaper_go.pngnewspaper link newspaper_link.pngnote note.pngnote add note_add.pngnote delete note_delete.pngnote edit note_edit.pngnote error note_error.pngnote go note_go.png
overlays overlays.pngpackage package.pngpackage add package_add.pngpackage delete package_delete.pngpackage go package_go.pngpackage green package_green.pngpackage link package_link.pngpage page.pngpage add page_add.pngpage attach page_attach.pngpage code page_code.pngpage copy page_copy.png
page delete page_delete.pngpage edit page_edit.pngpage error page_error.pngpage excel page_excel.pngpage find page_find.pngpage gear page_gear.pngpage go page_go.pngpage green page_green.pngpage key page_key.pngpage lightning page_lightning.pngpage link page_link.pngpage paintbrush page_paintbrush.png
page paste page_paste.pngpage red page_red.pngpage refresh page_refresh.pngpage save page_save.pngpage white page_white.pngpage white acrobat page_white_acrobat.pngpage white actionscript page_white_actionscript.pngpage white add page_white_add.pngpage white c page_white_c.pngpage white camera page_white_camera.pngpage white cd page_white_cd.pngpage white code page_white_code.png
page white code red page_white_code_red.pngpage white coldfusion page_white_coldfusion.pngpage white compressed page_white_compressed.pngpage white copy page_white_copy.pngpage white cplusplus page_white_cplusplus.pngpage white csharp page_white_csharp.pngpage white cup page_white_cup.pngpage white database page_white_database.pngpage white delete page_white_delete.pngpage white dvd page_white_dvd.pngpage white edit page_white_edit.pngpage white error page_white_error.png
page white excel page_white_excel.pngpage white find page_white_find.pngpage white flash page_white_flash.pngpage white freehand page_white_freehand.pngpage white gear page_white_gear.pngpage white get page_white_get.pngpage white go page_white_go.pngpage white h page_white_h.pngpage white horizontal page_white_horizontal.pngpage white key page_white_key.pngpage white lightning page_white_lightning.pngpage white link page_white_link.png
page white magnify page_white_magnify.pngpage white medal page_white_medal.pngpage white office page_white_office.pngpage white paint page_white_paint.pngpage white paintbrush page_white_paintbrush.pngpage white paste page_white_paste.pngpage white php page_white_php.pngpage white picture page_white_picture.pngpage white powerpoint page_white_powerpoint.pngpage white put page_white_put.pngpage white ruby page_white_ruby.pngpage white stack page_white_stack.png
page white star page_white_star.pngpage white swoosh page_white_swoosh.pngpage white text page_white_text.pngpage white text width page_white_text_width.pngpage white tux page_white_tux.pngpage white vector page_white_vector.pngpage white visualstudio page_white_visualstudio.pngpage white width page_white_width.pngpage white word page_white_word.pngpage white world page_white_world.pngpage white wrench page_white_wrench.pngpage white zip page_white_zip.png
page word page_word.pngpage world page_world.pngpaintbrush paintbrush.pngpaintcan paintcan.pngpalette palette.pngpaste plain paste_plain.pngpaste word paste_word.pngpencil pencil.pngpencil add pencil_add.pngpencil delete pencil_delete.pngpencil go pencil_go.pngphone phone.png
phone add phone_add.pngphone delete phone_delete.pngphone sound phone_sound.pngphoto photo.pngphoto add photo_add.pngphoto delete photo_delete.pngphoto link photo_link.pngphotos photos.pngpicture picture.pngpicture add picture_add.pngpicture delete picture_delete.pngpicture edit picture_edit.png
picture empty picture_empty.pngpicture error picture_error.pngpicture go picture_go.pngpicture key picture_key.pngpicture link picture_link.pngpicture save picture_save.pngpictures pictures.pngpilcrow pilcrow.pngpill pill.pngpill add pill_add.pngpill delete pill_delete.pngpill go pill_go.png
plugin plugin.pngplugin add plugin_add.pngplugin delete plugin_delete.pngplugin disabled plugin_disabled.pngplugin edit plugin_edit.pngplugin error plugin_error.pngplugin go plugin_go.pngplugin link plugin_link.pngprinter printer.pngprinter add printer_add.pngprinter delete printer_delete.pngprinter empty printer_empty.png
printer error printer_error.pngrainbow rainbow.pngreport report.pngreport add report_add.pngreport delete report_delete.pngreport disk report_disk.pngreport edit report_edit.pngreport go report_go.pngreport key report_key.pngreport link report_link.pngreport magnify report_magnify.pngreport picture report_picture.png
report user report_user.pngreport word report_word.pngresultset first resultset_first.pngresultset last resultset_last.pngresultset next resultset_next.pngresultset previous resultset_previous.pngrosette rosette.pngrss rss.pngrss add rss_add.pngrss delete rss_delete.pngrss go rss_go.pngrss valid rss_valid.png
ruby ruby.pngruby add ruby_add.pngruby delete ruby_delete.pngruby gear ruby_gear.pngruby get ruby_get.pngruby go ruby_go.pngruby key ruby_key.pngruby link ruby_link.pngruby put ruby_put.pngscript script.pngscript add script_add.pngscript code script_code.png
script code red script_code_red.pngscript delete script_delete.pngscript edit script_edit.pngscript error script_error.pngscript gear script_gear.pngscript go script_go.pngscript key script_key.pngscript lightning script_lightning.pngscript link script_link.pngscript palette script_palette.pngscript save script_save.pngserver server.png
server add server_add.pngserver chart server_chart.pngserver compressed server_compressed.pngserver connect server_connect.pngserver database server_database.pngserver delete server_delete.pngserver edit server_edit.pngserver error server_error.pngserver go server_go.pngserver key server_key.pngserver lightning server_lightning.pngserver link server_link.png
server uncompressed server_uncompressed.pngshading shading.pngshape align bottom shape_align_bottom.pngshape align center shape_align_center.pngshape align left shape_align_left.pngshape align middle shape_align_middle.pngshape align right shape_align_right.pngshape align top shape_align_top.pngshape flip horizontal shape_flip_horizontal.pngshape flip vertical shape_flip_vertical.pngshape group shape_group.pngshape handles shape_handles.png
shape move back shape_move_back.pngshape move backwards shape_move_backwards.pngshape move forwards shape_move_forwards.pngshape move front shape_move_front.pngshape rotate anticlockwise shape_rotate_anticlockwise.pngshape rotate clockwise shape_rotate_clockwise.pngshape square shape_square.pngshape square add shape_square_add.pngshape square delete shape_square_delete.pngshape square edit shape_square_edit.pngshape square error shape_square_error.pngshape square go shape_square_go.png
shape square key shape_square_key.pngshape square link shape_square_link.pngshape ungroup shape_ungroup.pngshield shield.pngshield add shield_add.pngshield delete shield_delete.pngshield go shield_go.pngsitemap sitemap.pngsitemap color sitemap_color.pngsound sound.pngsound add sound_add.pngsound delete sound_delete.png
sound low sound_low.pngsound mute sound_mute.pngsound none sound_none.pngspellcheck spellcheck.pngsport 8ball sport_8ball.pngsport basketball sport_basketball.pngsport football sport_football.pngsport golf sport_golf.pngsport raquet sport_raquet.pngsport shuttlecock sport_shuttlecock.pngsport soccer sport_soccer.pngsport tennis sport_tennis.png
star star.pngstatus away status_away.pngstatus busy status_busy.pngstatus offline status_offline.pngstatus online status_online.pngstop stop.pngstyle style.pngstyle add style_add.pngstyle delete style_delete.pngstyle edit style_edit.pngstyle go style_go.pngsum sum.png
tab tab.pngtab add tab_add.pngtab delete tab_delete.pngtab edit tab_edit.pngtab go tab_go.pngtable table.pngtable add table_add.pngtable delete table_delete.pngtable edit table_edit.pngtable error table_error.pngtable gear table_gear.pngtable go table_go.png
table key table_key.pngtable lightning table_lightning.pngtable link table_link.pngtable multiple table_multiple.pngtable refresh table_refresh.pngtable relationship table_relationship.pngtable row delete table_row_delete.pngtable row insert table_row_insert.pngtable save table_save.pngtable sort table_sort.pngtag tag.pngtag blue tag_blue.png
tag blue add tag_blue_add.pngtag blue delete tag_blue_delete.pngtag blue edit tag_blue_edit.pngtag green tag_green.pngtag orange tag_orange.pngtag pink tag_pink.pngtag purple tag_purple.pngtag red tag_red.pngtag yellow tag_yellow.pngtelephone telephone.pngtelephone add telephone_add.pngtelephone delete telephone_delete.png
telephone edit telephone_edit.pngtelephone error telephone_error.pngtelephone go telephone_go.pngtelephone key telephone_key.pngtelephone link telephone_link.pngtelevision television.pngtelevision add television_add.pngtelevision delete television_delete.pngtext align center text_align_center.pngtext align justify text_align_justify.pngtext align left text_align_left.pngtext align right text_align_right.png
text allcaps text_allcaps.pngtext bold text_bold.pngtext columns text_columns.pngtext dropcaps text_dropcaps.pngtext heading 1 text_heading_1.pngtext heading 2 text_heading_2.pngtext heading 3 text_heading_3.pngtext heading 4 text_heading_4.pngtext heading 5 text_heading_5.pngtext heading 6 text_heading_6.pngtext horizontalrule text_horizontalrule.pngtext indent text_indent.png
text indent remove text_indent_remove.pngtext italic text_italic.pngtext kerning text_kerning.pngtext letter omega text_letter_omega.pngtext letterspacing text_letterspacing.pngtext linespacing text_linespacing.pngtext list bullets text_list_bullets.pngtext list numbers text_list_numbers.pngtext lowercase text_lowercase.pngtext padding bottom text_padding_bottom.pngtext padding left text_padding_left.pngtext padding right text_padding_right.png
text padding top text_padding_top.pngtext replace text_replace.pngtext signature text_signature.pngtext smallcaps text_smallcaps.pngtext strikethrough text_strikethrough.pngtext subscript text_subscript.pngtext superscript text_superscript.pngtext underline text_underline.pngtext uppercase text_uppercase.pngtextfield textfield.pngtextfield add textfield_add.pngtextfield delete textfield_delete.png
textfield key textfield_key.pngtextfield rename textfield_rename.pngthumb down thumb_down.pngthumb up thumb_up.pngtick tick.pngtime time.pngtime add time_add.pngtime delete time_delete.pngtime go time_go.pngtimeline marker timeline_marker.pngtransmit transmit.pngtransmit add transmit_add.png
transmit blue transmit_blue.pngtransmit delete transmit_delete.pngtransmit edit transmit_edit.pngtransmit error transmit_error.pngtransmit go transmit_go.pngtux tux.pnguser user.pnguser add user_add.pnguser comment user_comment.pnguser delete user_delete.pnguser edit user_edit.pnguser female user_female.png
user go user_go.pnguser gray user_gray.pnguser green user_green.pnguser orange user_orange.pnguser red user_red.pnguser suit user_suit.pngvcard vcard.pngvcard add vcard_add.pngvcard delete vcard_delete.pngvcard edit vcard_edit.pngvector vector.pngvector add vector_add.png
vector delete vector_delete.pngwand wand.pngweather clouds weather_clouds.pngweather cloudy weather_cloudy.pngweather lightning weather_lightning.pngweather rain weather_rain.pngweather snow weather_snow.pngweather sun weather_sun.pngwebcam webcam.pngwebcam add webcam_add.pngwebcam delete webcam_delete.pngwebcam error webcam_error.png
world world.pngworld add world_add.pngworld delete world_delete.pngworld edit world_edit.pngworld go world_go.pngworld link world_link.pngwrench wrench.pngwrench orange wrench_orange.pngxhtml xhtml.pngxhtml add xhtml_add.pngxhtml delete xhtml_delete.pngxhtml go xhtml_go.png
xhtml valid xhtml_valid.pngzoom zoom.pngzoom in zoom_in.pngzoom out zoom_out.png        
+

+ +
+ +
+ +
+ +
+ + + + \ No newline at end of file diff --git a/tools/85b-swing-gui/src/main/resources/icons/readme.txt b/tools/85b-swing-gui/src/main/resources/icons/readme.txt index 400a64d7..2cf67dca 100644 --- a/tools/85b-swing-gui/src/main/resources/icons/readme.txt +++ b/tools/85b-swing-gui/src/main/resources/icons/readme.txt @@ -1,22 +1,22 @@ -Silk icon set 1.3 - -_________________________________________ -Mark James -http://www.famfamfam.com/lab/icons/silk/ -_________________________________________ - -This work is licensed under a -Creative Commons Attribution 2.5 License. -[ http://creativecommons.org/licenses/by/2.5/ ] - -This means you may use it for any purpose, -and make any changes you like. -All I ask is that you include a link back -to this page in your credits. - -Are you using this icon set? Send me an email -(including a link or picture if available) to -mjames@gmail.com - -Any other questions about this icon set please +Silk icon set 1.3 + +_________________________________________ +Mark James +http://www.famfamfam.com/lab/icons/silk/ +_________________________________________ + +This work is licensed under a +Creative Commons Attribution 2.5 License. +[ http://creativecommons.org/licenses/by/2.5/ ] + +This means you may use it for any purpose, +and make any changes you like. +All I ask is that you include a link back +to this page in your credits. + +Are you using this icon set? Send me an email +(including a link or picture if available) to +mjames@gmail.com + +Any other questions about this icon set please contact mjames@gmail.com \ No newline at end of file diff --git a/tools/85b-swing-gui/user_log_config.xml b/tools/85b-swing-gui/src/main/resources/user_log_config.xml similarity index 69% rename from tools/85b-swing-gui/user_log_config.xml rename to tools/85b-swing-gui/src/main/resources/user_log_config.xml index c4f6feee..e361c5a8 100644 --- a/tools/85b-swing-gui/user_log_config.xml +++ b/tools/85b-swing-gui/src/main/resources/user_log_config.xml @@ -7,7 +7,7 @@ can be turned off as shown below. --> + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/debug/debug.log %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -16,7 +16,7 @@ + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/containers/BiometricInformationTemplatesGroupTemplate.log @@ -27,7 +27,7 @@ + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/containers/CardCapabilityContainer.log %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -37,7 +37,7 @@ + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/containers/CardHolderUniqueIdentifier.log %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -47,7 +47,7 @@ + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/containers/Fingerprints.log %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -57,7 +57,7 @@ + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/containers/ImageForVisualVerification.log %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -67,7 +67,7 @@ + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/containers/ImagesForIris.log %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -77,7 +77,7 @@ + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/containers/KeyHistoryObject.log %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -87,7 +87,7 @@ + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/containers/PairingCodeReferenceDataContainer.log %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -97,7 +97,7 @@ + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/containers/PrintedInformation.log %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -106,7 +106,7 @@ + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/containers/SecureMessagingCertificateSigner.log %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -116,7 +116,7 @@ + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/containers/SecurityObject.log %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -125,7 +125,7 @@ + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/containers/X509CertificateForPivAuthentication.log %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -133,7 +133,7 @@ + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/containers/X509CertificateForCardAuthentication.log %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -141,7 +141,7 @@ + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/containers/X509CertificateForDigitalSignature.log %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -149,7 +149,7 @@ + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/containers/X509CertificateForKeyManagement.log %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -157,7 +157,7 @@ + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/containers/X509CertificateForChuidSignature.log %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -168,7 +168,7 @@ omitted if there's no need to crack this stream out into a separate file. --> + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/testlog/test_progress.log %date{yyyy-MM-dd HH:mm:ss},%level,"%msg"%n @@ -179,7 +179,7 @@ order to get test reports, it **MUST** be called CONFORMANCELOG --> + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/conformancelog/conformance_results.csv + class="gov.gsa.conformancelib.configuration.ManualTriggeringPolicy" /> %date{yyyy-MM-dd HH:mm:ss},%msg%n @@ -198,7 +198,7 @@ traces, it **MUST** be called APDULOG --> + class="gov.gsa.pivconformance.conformancelib.utilities.TimeStampedFileAppender"> logs/apdu/apdu_transmission.log + class="gov.gsa.conformancelib.configuration.ManualTriggeringPolicy" /> %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -216,7 +216,7 @@ %date %level [%thread] %logger{10} [%file:%line] %msg%n @@ -237,103 +237,103 @@ to go through the logging apparatus --> + name="gov.gsa.pivconformance.cardlib.card.client.X509CertificateDataObject.TLVParser" /> - + - + - + + name="gov.gsa.pivconformance.cardlib.card.client.BiometricInformationTemplatesGroupTemplate"> + name="gov.gsa.pivconformance.cardlib.card.client.CardCapabilityContainer"> + name="gov.gsa.pivconformance.cardlib.card.client.CardHolderUniqueIdentifier"> + name="gov.gsa.pivconformance.cardlib.card.client.Fingerprints"> + name="gov.gsa.pivconformance.cardlib.card.client.ImageForVisualVerification"> + name="gov.gsa.pivconformance.cardlib.card.client.ImagesForIris"> + name="gov.gsa.pivconformance.cardlib.card.client.KeyHistoryObject"> + name="gov.gsa.pivconformance.cardlib.card.client.PairingCodeReferenceDataContainer"> + name="gov.gsa.pivconformance.cardlib.card.client.PrintedInformation"> + name="gov.gsa.pivconformance.cardlib.card.client.SecureMessagingCertificateSigner"> + name="gov.gsa.pivconformance.cardlib.card.client.SecurityObject"> + name="gov.gsa.pivconformance.cardlib.card.client.X509CertificateForPivAuthentication"> + name="gov.gsa.pivconformance.cardlib.card.client.X509CertificateForCardAuthentication"> + name="gov.gsa.pivconformance.cardlib.card.client.X509CertificateForDigitalSignature"> + name="gov.gsa.pivconformance.cardlib.card.client.X509CertificateForKeyManagement"> + name="gov.gsa.pivconformance.cardlib.card.client.X509CertificateForChuidSignature"> diff --git a/tools/cli-tools/build.gradle b/tools/cli-tools/build.gradle index 07d8b4d9..de59eacc 100644 --- a/tools/cli-tools/build.gradle +++ b/tools/cli-tools/build.gradle @@ -1,97 +1,255 @@ -// set up junit 5 support for gradle -buildscript { - repositories { - mavenCentral() - } -} - -plugins { - id 'org.ajoberstar.grgit' version '2.1.0' - id 'com.zyxist.chainsaw' version '0.1.3' - id 'com.github.johnrengelman.shadow' version '2.0.2' -} - -apply plugin: 'java' -apply plugin: 'application' -apply plugin: 'com.github.johnrengelman.shadow' - -javaModule.name = 'gov.gsa.pivconformancetools' - -repositories { - jcenter() - maven { url 'https://repository.apache.org/snapshots' } -} - -dependencies { - compile 'org.bouncycastle:bcprov-jdk15on:1.59+' - compile 'org.bouncycastle:bcpkix-jdk15on:1.59+' - compile 'commons-cli:commons-cli:1.4' - compile 'commons-codec:commons-codec:1.11' - compile 'com.payneteasy:ber-tlv:1.0-8' - compile 'org.slf4j:slf4j-api:1.8+' - compile 'ch.qos.logback:logback-classic:1.3+' - compile group: 'org.xerial', name: 'sqlite-jdbc', version: '3.21.0.1' - compile project(':cardlib') - compile project(':conformancelib') - compile 'org.junit.jupiter:junit-jupiter-api:5.1.0' - compile 'org.junit.jupiter:junit-jupiter-params:5.1.0' - compile 'org.junit.platform:junit-platform-launcher:1.0.0' - runtime 'org.junit.jupiter:junit-jupiter-engine:5.1.0' - runtime 'org.junit.jupiter:junit-jupiter-params:5.1.0' - - shadow 'org.bouncycastle:bcprov-jdk15on:1.59' - -} - -// Define the main class for the application jar that will be produced -mainClassName = 'gov.gsa.pivconformancetools.DumpDiagnosticInfo' - -jar { - manifest { - attributes 'Main-Class': mainClassName - } -} - -run { - if (project.hasProperty("appArgs")) { - args Eval.me(appArgs) - } -} - -// use junit platform for tests -test { - useJUnitPlatform() - testLogging { - events "passed", "skipped", "failed" - } -} - - -// when producing a jar that is suitable for distribution using the shadow plugin, -// this will enbed a version properties file. -/* -compileJava.doFirst { - //options.compilerArgs = ['--add-modules', 'java.smartcardio'] - def git = org.ajoberstar.grgit.Grgit.open(dir: '.') - def commit = git.head() - - def commitId = commit.abbreviatedId - def commitDate = commit.getDate() - def buildDate = new Date() - - File resourcesDir = new File(project.getProjectDir(), 'src/main/resources/gov/gsa/pivconformance/utils') - File propertiesFile = new File(resourcesDir, 'version.properties') - - // The project may not have any resources, so create the directories and file - if(!propertiesFile.exists()) { - resourcesDir.mkdirs() - propertiesFile.createNewFile() - } - Properties versionProperties = new Properties() - versionProperties.setProperty('git.commit.time', commitDate.format('dd.MM.yy HH.mm.ss')) - versionProperties.setProperty('build.time', buildDate.format('dd.MM.yy HH.mm.ss')) - versionProperties.setProperty('git.commit.id', commitId) - versionProperties.setProperty('build.version', version) - versionProperties.store(propertiesFile.newWriter(), null) -}*/ - + +buildscript { + repositories { + mavenCentral() + } +} + +plugins { + id 'java' + id 'application' + id 'org.ajoberstar.grgit' version '2.1.0' + id 'com.github.johnrengelman.shadow' version '4.0.4' + id 'de.jjohannes.extra-java-module-info' version '0.1' + +} + +application { + mainModule = 'gov.gsa.pivconformance.gui' // name defined in module-info.java + mainClass = 'org.gsa.pivconformance.gui.GuiRunnerApplication' +} + +java { + modularity.inferModulePath.set(true) +} + +apply plugin: 'java' +apply plugin: 'application' +apply plugin: 'com.github.johnrengelman.shadow' +apply plugin: 'eclipse' + +repositories { + jcenter() + maven { url 'https://repository.apache.org/snapshots' } + flatDir { + dirs '../../libs' + } +} + +def getVersion = { -> + File resourcesDir = new File(project.getProjectDir(), 'src/main/resources/') + File versionFile = new File(resourcesDir, 'build.version') + if(!versionFile.exists()) { + resourcesDir.mkdirs() + versionFile.createNewFile() + println 'Initializing build.version file...' + versionFile.text = '0.0-changeme' + } + String version = versionFile.text.replaceAll("[\\n\\r\\t ]", "") +} + +dependencies { + implementation 'org.bouncycastle:bcprov-jdk15on:1.66' + implementation 'org.bouncycastle:bcpkix-jdk15on:1.66' + implementation 'commons-cli:commons-cli:1.4' + implementation 'commons-codec:commons-codec:1.15' + implementation 'commons-csv:commons-csv:1.8' + implementation 'com.payneteasy:ber-tlv:1.0-8' + implementation 'org.slf4j:slf4j-api:2.0.0-alpha1' + implementation 'ch.qos.logback:logback-classic:1.3.0-alpha5' + implementation 'ch.qos.logback:logback-core:1.3.0-alpha5' + implementation 'com.jgoodies:jgoodies-common:1.4.0' + implementation 'com.jgoodies:jgoodies-forms:1.6.0' + implementation 'gov.gsa.pivconformance.cardlib:gov.gsa.pivconformance.cardlib:0.2.1-beta' + implementation 'gov.gsa.pivconformance.conformancelib:gov.gsa.pivconformance.conformancelib:0.2.1-beta' + implementation 'junit:junit:4.13' + implementation 'org.junit.jupiter:junit-jupiter-api:5.1.0' + implementation 'org.junit.jupiter:junit-jupiter-params:5.1.0' + implementation 'org.junit.platform:junit-platform-launcher:1.0.0' + implementation 'org.junit.jupiter:junit-jupiter-engine:5.1.0' + implementation 'org.junit.jupiter:junit-jupiter-params:5.1.0' + + shadow 'org.bouncycastle:bcprov-jdk15on:1.66' + shadow 'org.bouncycastle:bcprov-jdk15on:1.66' + shadow 'commons-cli:commons-cli:1.4' + shadow 'commons-codec:commons-codec:1.15' + shadow 'commons-csv:commons-csv:1.8' + shadow 'com.payneteasy:ber-tlv:1.0-8' + shadow 'org.slf4j:slf4j-api:2.0.0-alpha1' + shadow 'ch.qos.logback:logback-classic:1.3.0-alpha5' + shadow 'ch.qos.logback:logback-core:1.3.0-alpha5' + shadow 'com.jgoodies:jgoodies-common:1.4.0' + shadow 'com.jgoodies:jgoodies-forms:1.6.0' + shadow 'gov.gsa.pivconformance.cardlib:gov.gsa.pivconformance.cardlib:0.2.1-beta' + shadow 'gov.gsa.pivconformance.conformancelib:gov.gsa.pivconformance.conformancelib:0.2.1-beta' + shadow 'junit:junit:4.13' + shadow 'org.junit.jupiter:junit-jupiter-api:5.1.0' + shadow 'org.junit.jupiter:junit-jupiter-params:5.1.0' + shadow 'org.junit.platform:junit-platform-launcher:1.0.0' + shadow 'org.junit.jupiter:junit-jupiter-engine:5.1.0' + shadow 'org.junit.jupiter:junit-jupiter-params:5.1.0' +} +//--add-exports org.junit.platform.commons/org.junit.platform.commons.util=gov.gsa.pivconformance.conformancelib +extraJavaModuleInfo { + + module("bcprov-jdk15on-1.66.jar", "org.bouncycastle", "1.66") { + exports("bcprov.ext-jdk15on") + } + module("bcpkix-jdk15on-1.66.jar", "org.bouncycastle", "1.66") { + exports("bcpkix.jdk15on") + } + module("ber-tlv-1.0-8.jar", "com.payneteasy", "1.08") { + exports("ber.tlv") + } + module("hamcrest-core-1.3.jar", "org.hamcrest", "1.3") { + exports("hamcrest.core") + } + module("slf4j-api-2.0.0-alpha1.jar", "org.slf4j", "1.4") { + exports("slf4j.api") + } + module("sqlite-jdbc-3.32.3.2.jar", "org.xerial.sqlite", "3.32.3.2") { + exports("org.sqlite") + } + module("junit-4.11.jar", "org.junit.jupiter", "4.11") { + exports("org.junit") + exports("org.junit.runner") + exports("org.junit.internal") + } + module("junit-platform-launcher-5.7.0.jar", "org.junit.platform", "5.7.0") { + exports("org.junit.platform.launcher") + } + module("junit-platform-commons-5.7.0.jar", "org.junit.platform.commons", "5.7.0") { + exports("org.junit.platform.commons") + } + module("activation-1.1.jar", "javax.activation", "1.1") { + exports("activation") + } + module("checker-framework-1.7.0.jar", "edu.washington.cs.types.checker", "1.7.0") { + exports("checker.framework") + } + module("commons-cli-1.4.jar", "org.apache.commons.cli", "1.4") { + exports("org.apache.commons.cli") + } + module("commons-csv-1.8.jar", "org.apache.commons.csv", "1.8") { + exports("org.apache.commons.csv") + exports("commons.csv") + } + module("commons-codec-1.13.jar", "org.apache.commons.codec", "1.15") { + exports("org.apache.commons.codec") + exports("org.apache.commons.codec.binary") + } + module("logback-classic-1.3.0-alpha5.jar", "ch.qos.logback", "1.3.0-alpha5") { + exports("logback.classic") + } + module("logback-core-1.3.0-alpha5.jar", "ch.qos.logback", "1.3.0-alpha5") { + exports("logback.core") + exports("logback.core.rolling") + } + module("jgoodies-common-1.4.0", "com.jgoodies", "1.4.0") { + exports("common") + } + module("jgoodies-forms-1.6.0", "com.jgoodies", "1.6.0") { + exports("forms") + } + + + automaticModule("ibatis-core-3.0.jar", "org.apache.ibatis") + automaticModule("jgoodies-forms-1.6.0.jar", "com.jgoodies.forms") + automaticModule("jgoodies-common-1.4.0.jar", "com.jgoodies.common") +} + +sourceSets { + main { + java { + if(targetCompatibility != JavaVersion.VERSION_11) + exclude '**/module-info.java' + } + } +} + +import org.gradle.plugins.ide.eclipse.model.AccessRule + +eclipse { + classpath { + file { + whenMerged { + def jre = entries.find { it.path.contains 'org.eclipse.jdt.launching.JRE_CONTAINER' } + jre.accessRules.add(new AccessRule('0', 'javax/smartcardio/**')) + + //def cardlib = entries.find { it.path.contains 'cardlib' } + //cardlib.sourcePath = fileReference(file('../../libs/' + 'gov.gsa.pivconformance.cardlib' + '-' + getVersion() + '.jar')) + //def conformancelib = entries.find { it.path.contains 'fips' } + //conformancelib.sourcePath = fileReference(file('../../libs/gov.gsa.pivconformance.cardlib' + '-' + getVersion() + '.jar')) + } + } + } +} + +shadowJar { + classifier = '' +} + +// Define the main class for the application jar that will be produced +mainClassName = 'gov.gsa.pivconformance.gui.GuiRunnerApplication' + +jar { + version = getVersion() + dependsOn(shadowJar { classifier = null }) + manifest { + attributes 'Main-Class': mainClassName + } + doLast { + println 'archiveName: ' + archiveName + configurations.runtime.each { println it } + } +} + +run { + if (project.hasProperty("appArgs")) { + args Eval.me(appArgs) + } +} + +// use junit platform for tests +test { + useJUnitPlatform() + testLogging { + events "passed", "skipped", "failed" + } +} + +compileJava { + options.debugOptions.debugLevel = "source,lines,vars" +} + +task sourceJar(type: Jar, dependsOn: classes) { + classifier 'sources' + from sourceSets.main.allSource +} + +task copyShadowLibs(type: Copy) { + from configurations.shadow + into '../../libs' +} + +shadowJar.dependsOn copyShadowLibs + +shadowJar.doFirst { + archiveName = 'gov.gsa.pivconformance.gui' + '-' + getVersion() + '-shadow.jar' + println 'shadowJar.doFirst.archveName: ' + archiveName +} + +task installSource(type: Copy) { + version = getVersion() + dependsOn copyShadowLibs + dependsOn sourceJar + from sourceJar + into '../../libs' +} + +task install(type: Copy) { + version = getVersion() + dependsOn jar + from shadowJar + into '../../libs' +} diff --git a/tools/cli-tools/src/main/java/gov/gsa/pivconformancetools/junitconsole/Theme.java b/tools/cli-tools/src/main/java/gov/gsa/pivconformancetools/junitconsole/Theme.java index ea9df4b1..8cab3c36 100644 --- a/tools/cli-tools/src/main/java/gov/gsa/pivconformancetools/junitconsole/Theme.java +++ b/tools/cli-tools/src/main/java/gov/gsa/pivconformancetools/junitconsole/Theme.java @@ -39,7 +39,7 @@ public enum Theme { * | '-- test 11 [A] aborted * '-- container FINAL * +-- skipped [S] because - * '-- failing [X] BäMM + * '-- failing [X] B*MM * */ ASCII(".", "| ", "+--", "'--", "[OK]", "[A]", "[X]", "[S]"), @@ -59,7 +59,7 @@ public enum Theme { * │ └─ test 11 ■ aborted * └─ container FINAL ✔ * ├─ skipped ↷ because - * └─ failing ✘ BäMM + * └─ failing ✘ B*MM * */ UNICODE("╷", "│ ", "├─", "└─", "✔", "■", "✘", "↷");