You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2015/06/29 13:52:00 UTC
svn commit: r1688195 - in /webservices/wss4j/branches/2_0_x-fixes:
ws-security-common/src/test/resources/keys/wss40CADupl.jks
ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureAKITest.java
Author: coheigea
Date: Mon Jun 29 11:52:00 2015
New Revision: 1688195
URL: http://svn.apache.org/r1688195
Log:
[WSS-543] - Adding another test
Conflicts:
ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureAKITest.java
Added:
webservices/wss4j/branches/2_0_x-fixes/ws-security-common/src/test/resources/keys/wss40CADupl.jks
Modified:
webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureAKITest.java
Added: webservices/wss4j/branches/2_0_x-fixes/ws-security-common/src/test/resources/keys/wss40CADupl.jks
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_0_x-fixes/ws-security-common/src/test/resources/keys/wss40CADupl.jks?rev=1688195&view=auto
==============================================================================
Binary files webservices/wss4j/branches/2_0_x-fixes/ws-security-common/src/test/resources/keys/wss40CADupl.jks (added) and webservices/wss4j/branches/2_0_x-fixes/ws-security-common/src/test/resources/keys/wss40CADupl.jks Mon Jun 29 11:52:00 2015 differ
Modified: webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureAKITest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureAKITest.java?rev=1688195&r1=1688194&r2=1688195&view=diff
==============================================================================
--- webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureAKITest.java (original)
+++ webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureAKITest.java Mon Jun 29 11:52:00 2015
@@ -20,9 +20,14 @@
package org.apache.wss4j.dom.message;
import java.util.List;
+import java.io.InputStream;
+import java.security.KeyStore;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.common.crypto.Merlin;
+import org.apache.wss4j.common.crypto.MerlinAKI;
+import org.apache.wss4j.common.util.Loader;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.WSSConfig;
@@ -42,7 +47,6 @@ public class SignatureAKITest extends or
org.slf4j.LoggerFactory.getLogger(SignatureAKITest.class);
private WSSecurityEngine secEngine = new WSSecurityEngine();
- private Crypto crypto = null;
@org.junit.AfterClass
public static void cleanup() throws Exception {
@@ -51,7 +55,6 @@ public class SignatureAKITest extends or
public SignatureAKITest() throws Exception {
WSSConfig.init();
- crypto = CryptoFactory.getInstance("wss40CAAKI.properties");
}
@org.junit.Test
@@ -70,7 +73,41 @@ public class SignatureAKITest extends or
XMLUtils.PrettyDocumentToString(signedDoc);
LOG.debug(outputString);
}
- List<WSSecurityEngineResult> results = verify(signedDoc);
+
+ Crypto caCrypto = CryptoFactory.getInstance("wss40CAAKI.properties");
+ List<WSSecurityEngineResult> results = verify(signedDoc, caCrypto);
+
+ WSSecurityEngineResult actionResult =
+ WSSecurityUtil.fetchActionResult(results, WSConstants.SIGN);
+ assertNotNull(actionResult.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE));
+ assertNotNull(actionResult.get(WSSecurityEngineResult.TAG_X509_REFERENCE_TYPE));
+ }
+
+ // Here, the CA keystore contains two keys with the same Distinguished Name
+ @org.junit.Test
+ public void testSignatureAKIDuplicate() throws Exception {
+ WSSecSignature builder = new WSSecSignature();
+ builder.setUserInfo("wss40", "security");
+ builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
+ Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+ WSSecHeader secHeader = new WSSecHeader();
+ secHeader.insertSecurityHeader(doc);
+ Crypto signingCrypto = CryptoFactory.getInstance("wss40.properties");
+ Document signedDoc = builder.build(doc, signingCrypto, secHeader);
+
+ if (LOG.isDebugEnabled()) {
+ String outputString =
+ XMLUtils.PrettyDocumentToString(signedDoc);
+ LOG.debug(outputString);
+ }
+ MerlinAKI caCrypto = new MerlinAKI();
+ KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+ ClassLoader loader = Loader.getClassLoader(SignatureAKITest.class);
+ InputStream input = Merlin.loadInputStream(loader, "keys/wss40CADupl.jks");
+ keyStore.load(input, "security".toCharArray());
+ caCrypto.setKeyStore(keyStore);
+
+ List<WSSecurityEngineResult> results = verify(signedDoc, caCrypto);
WSSecurityEngineResult actionResult =
WSSecurityUtil.fetchActionResult(results, WSConstants.SIGN);
@@ -85,7 +122,7 @@ public class SignatureAKITest extends or
* @param env soap envelope
* @throws java.lang.Exception Thrown when there is a problem in verification
*/
- private List<WSSecurityEngineResult> verify(Document doc) throws Exception {
+ private List<WSSecurityEngineResult> verify(Document doc, Crypto crypto) throws Exception {
return secEngine.processSecurityHeader(doc, null, null, crypto);
}