You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2012/07/03 19:20:15 UTC
svn commit: r1356840 - in /santuario/xml-security-java/trunk/src:
main/java/org/apache/xml/security/stax/impl/processor/input/
test/java/org/apache/xml/security/test/stax/signature/
Author: coheigea
Date: Tue Jul 3 17:20:14 2012
New Revision: 1356840
URL: http://svn.apache.org/viewvc?rev=1356840&view=rev
Log:
Added some more streaming tests
Added:
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/BaltimoreTest.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/UnknownAlgoSignatureTest.java
Modified:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/XMLSignatureInputHandler.java
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/XMLSignatureInputHandler.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/XMLSignatureInputHandler.java?rev=1356840&r1=1356839&r2=1356840&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/XMLSignatureInputHandler.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/input/XMLSignatureInputHandler.java Tue Jul 3 17:20:14 2012
@@ -58,9 +58,11 @@ public class XMLSignatureInputHandler ex
if (signatureType.getSignatureValue() == null) {
throw new XMLSecurityException(XMLSecurityException.ErrorCode.INVALID_SECURITY);
}
+ /*
if (signatureType.getKeyInfo() == null) {
throw new XMLSecurityException(XMLSecurityException.ErrorCode.INVALID_SECURITY);
}
+ */
return new XMLSignatureVerifier(signatureType, inputProcessorChain.getSecurityContext(), securityProperties);
}
Added: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/BaltimoreTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/BaltimoreTest.java?rev=1356840&view=auto
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/BaltimoreTest.java (added)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/BaltimoreTest.java Tue Jul 3 17:20:14 2012
@@ -0,0 +1,105 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.xml.security.test.stax.signature;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.InputStream;
+
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.stream.XMLInputFactory;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+
+import org.apache.xml.security.stax.config.Init;
+import org.apache.xml.security.stax.ext.InboundXMLSec;
+import org.apache.xml.security.stax.ext.XMLSec;
+import org.apache.xml.security.stax.ext.XMLSecurityProperties;
+import org.apache.xml.security.test.stax.utils.StAX2DOM;
+import org.apache.xml.security.test.stax.utils.XMLSecEventAllocator;
+import org.junit.Before;
+import org.junit.Test;
+import org.w3c.dom.Document;
+
+/**
+ * This test is to ensure interoperability with the examples provided by Merlin Huges
+ * from Baltimore using KeyTools XML. These test vectors are located in the directory
+ * <CODE>data/ie/baltimore/merlin-examples/</CODE>.
+ */
+public class BaltimoreTest extends org.junit.Assert {
+
+ private XMLInputFactory xmlInputFactory;
+ private DocumentBuilderFactory documentBuilderFactory;
+ private TransformerFactory transformerFactory = TransformerFactory.newInstance();
+
+ @Before
+ public void setUp() throws Exception {
+ Init.init(BaltimoreTest.class.getClassLoader().getResource("security-config.xml").toURI());
+ org.apache.xml.security.Init.init();
+
+ xmlInputFactory = XMLInputFactory.newInstance();
+ xmlInputFactory.setEventAllocator(new XMLSecEventAllocator());
+
+ documentBuilderFactory = DocumentBuilderFactory.newInstance();
+ documentBuilderFactory.setNamespaceAware(true);
+ documentBuilderFactory.setIgnoringComments(false);
+ documentBuilderFactory.setCoalescing(false);
+ documentBuilderFactory.setIgnoringElementContentWhitespace(false);
+ }
+
+
+ @Test
+ public void test_fifteen_enveloping_hmac_sha1() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "ie/baltimore/merlin-examples/merlin-xmldsig-fifteen/signature-enveloping-hmac-sha1.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // Set up the Key
+ byte[] hmacKey = "secret".getBytes("ASCII");
+ SecretKey key = new SecretKeySpec(hmacKey, "http://www.w3.org/2000/09/xmldsig#hmac-sha1");
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ properties.setSignatureVerificationKey(key);
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader);
+
+ document = StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+
+ // XMLUtils.outputDOM(document, System.out);
+ }
+
+}
\ No newline at end of file
Added: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/UnknownAlgoSignatureTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/UnknownAlgoSignatureTest.java?rev=1356840&view=auto
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/UnknownAlgoSignatureTest.java (added)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/UnknownAlgoSignatureTest.java Tue Jul 3 17:20:14 2012
@@ -0,0 +1,239 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.xml.security.test.stax.signature;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.InputStream;
+import java.security.KeyStore;
+import java.security.cert.X509Certificate;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.stream.XMLInputFactory;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+
+import org.apache.xml.security.stax.config.Init;
+import org.apache.xml.security.stax.ext.InboundXMLSec;
+import org.apache.xml.security.stax.ext.XMLSec;
+import org.apache.xml.security.stax.ext.XMLSecurityProperties;
+import org.apache.xml.security.test.stax.utils.StAX2DOM;
+import org.apache.xml.security.test.stax.utils.XMLSecEventAllocator;
+import org.junit.Before;
+import org.junit.Test;
+import org.w3c.dom.Document;
+
+/**
+ * Tests cases where signature algorithms are unknown.
+ * <p>
+ * The source documents are based on that created by the class <code>
+ * org.apache.xml.security.samples.signature.CreateEnvelopingSignature</code>
+ * </p>
+ */
+public class UnknownAlgoSignatureTest extends org.junit.Assert {
+
+ private XMLInputFactory xmlInputFactory;
+ private DocumentBuilderFactory documentBuilderFactory;
+ private TransformerFactory transformerFactory = TransformerFactory.newInstance();
+
+ @Before
+ public void setUp() throws Exception {
+ Init.init(UnknownAlgoSignatureTest.class.getClassLoader().getResource("security-config.xml").toURI());
+ org.apache.xml.security.Init.init();
+
+ xmlInputFactory = XMLInputFactory.newInstance();
+ xmlInputFactory.setEventAllocator(new XMLSecEventAllocator());
+
+ documentBuilderFactory = DocumentBuilderFactory.newInstance();
+ documentBuilderFactory.setNamespaceAware(true);
+ documentBuilderFactory.setIgnoringComments(false);
+ documentBuilderFactory.setCoalescing(false);
+ documentBuilderFactory.setIgnoringElementContentWhitespace(false);
+ }
+
+
+ @Test
+ public void testGood() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "org/apache/xml/security/temp/signature/signature-good.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // Set up the Key
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(
+ this.getClass().getClassLoader().getResource(
+ "org/apache/xml/security/samples/input/keystore.jks").openStream(), null
+ );
+ X509Certificate cert = (X509Certificate)keyStore.getCertificate("test");
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ properties.setSignatureVerificationKey(cert.getPublicKey());
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader);
+
+ document = StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+
+ // XMLUtils.outputDOM(document, System.out);
+ }
+
+ @Test
+ public void testBadC14nAlgo() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "org/apache/xml/security/temp/signature/signature-bad-c14n-algo.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // Set up the Key
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(
+ this.getClass().getClassLoader().getResource(
+ "org/apache/xml/security/samples/input/keystore.jks").openStream(), null
+ );
+ X509Certificate cert = (X509Certificate)keyStore.getCertificate("test");
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ properties.setSignatureVerificationKey(cert.getPublicKey());
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader);
+
+ try {
+ StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+ fail("Failure expected on a bad c14n algorithm");
+ } catch (XMLStreamException ex) {
+ // expected
+ }
+
+ // XMLUtils.outputDOM(document, System.out);
+ }
+
+ @Test
+ public void testBadSigAlgo() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "org/apache/xml/security/temp/signature/signature-bad-sig-algo.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // Set up the Key
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(
+ this.getClass().getClassLoader().getResource(
+ "org/apache/xml/security/samples/input/keystore.jks").openStream(), null
+ );
+ X509Certificate cert = (X509Certificate)keyStore.getCertificate("test");
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ properties.setSignatureVerificationKey(cert.getPublicKey());
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader);
+
+ try {
+ StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+ fail("Failure expected on a bad signature algorithm");
+ } catch (XMLStreamException ex) {
+ // expected
+ }
+
+ // XMLUtils.outputDOM(document, System.out);
+ }
+
+ @Test
+ public void testBadTransformAlgo() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "org/apache/xml/security/temp/signature/signature-bad-transform-algo.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // Set up the Key
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(
+ this.getClass().getClassLoader().getResource(
+ "org/apache/xml/security/samples/input/keystore.jks").openStream(), null
+ );
+ X509Certificate cert = (X509Certificate)keyStore.getCertificate("test");
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ properties.setSignatureVerificationKey(cert.getPublicKey());
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader);
+
+ try {
+ StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+ fail("Failure expected on a bad transform algorithm");
+ } catch (XMLStreamException ex) {
+ // expected
+ }
+
+ // XMLUtils.outputDOM(document, System.out);
+ }
+
+
+}
\ No newline at end of file