You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2020/02/25 16:35:51 UTC
svn commit: r1874513 - in /santuario/xml-security-java/trunk/src/test/java:
javax/xml/crypto/test/dsig/HMACSignatureAlgorithmTest.java
org/apache/xml/security/test/dom/signature/HMACOutputLengthTest.java
Author: coheigea
Date: Tue Feb 25 16:35:50 2020
New Revision: 1874513
URL: http://svn.apache.org/viewvc?rev=1874513&view=rev
Log:
Adding some HMAC tests
Modified:
santuario/xml-security-java/trunk/src/test/java/javax/xml/crypto/test/dsig/HMACSignatureAlgorithmTest.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/signature/HMACOutputLengthTest.java
Modified: santuario/xml-security-java/trunk/src/test/java/javax/xml/crypto/test/dsig/HMACSignatureAlgorithmTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/javax/xml/crypto/test/dsig/HMACSignatureAlgorithmTest.java?rev=1874513&r1=1874512&r2=1874513&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/javax/xml/crypto/test/dsig/HMACSignatureAlgorithmTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/javax/xml/crypto/test/dsig/HMACSignatureAlgorithmTest.java Tue Feb 25 16:35:50 2020
@@ -39,6 +39,7 @@ import javax.xml.crypto.dsig.dom.DOMSign
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
+import javax.xml.crypto.dsig.spec.HMACParameterSpec;
import javax.xml.crypto.test.KeySelectors;
import org.junit.jupiter.api.Assumptions;
@@ -59,7 +60,7 @@ public class HMACSignatureAlgorithmTest
private KeySelector sks;
private CanonicalizationMethod withoutComments;
private DigestMethod sha1;
- private SignatureMethod hmacSha1, hmacSha224, hmacSha256, hmacSha384, hmacSha512, ripemd160;
+ private SignatureMethod hmacSha1, hmacSha224, hmacSha256, hmacSha384, hmacSha512, ripemd160, hmacSha256ParamSpec;
private XMLSignatureFactory fac;
static {
@@ -102,6 +103,8 @@ public class HMACSignatureAlgorithmTest
hmacSha1 = fac.newSignatureMethod("http://www.w3.org/2000/09/xmldsig#hmac-sha1", null);
hmacSha224 = fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#hmac-sha224", null);
hmacSha256 = fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#hmac-sha256", null);
+ hmacSha256ParamSpec = fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#hmac-sha256",
+ new HMACParameterSpec(256));
hmacSha384 = fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#hmac-sha384", null);
hmacSha512 = fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#hmac-sha512", null);
ripemd160 = fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160", null);
@@ -132,6 +135,12 @@ public class HMACSignatureAlgorithmTest
TestUtils.getSecretKey("testkey".getBytes(StandardCharsets.US_ASCII)), sks);
}
+ @org.junit.jupiter.api.Test
+ public void testHMACSHA_256_ParamSpec() throws Exception {
+ test_create_signature_enveloping(hmacSha256ParamSpec, sha1, null,
+ TestUtils.getSecretKey("testkey".getBytes(StandardCharsets.US_ASCII)), sks);
+ }
+
@org.junit.jupiter.api.Test
public void testHMACSHA_384() throws Exception {
test_create_signature_enveloping(hmacSha384, sha1, null,
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/signature/HMACOutputLengthTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/signature/HMACOutputLengthTest.java?rev=1874513&r1=1874512&r2=1874513&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/signature/HMACOutputLengthTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/signature/HMACOutputLengthTest.java Tue Feb 25 16:35:50 2020
@@ -19,6 +19,7 @@
package org.apache.xml.security.test.dom.signature;
+import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.nio.charset.StandardCharsets;
@@ -29,13 +30,16 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.apache.xml.security.Init;
+import org.apache.xml.security.algorithms.MessageDigestAlgorithm;
import org.apache.xml.security.c14n.Canonicalizer;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.signature.XMLSignatureException;
import org.apache.xml.security.test.dom.TestUtils;
+import org.apache.xml.security.transforms.Transforms;
import org.apache.xml.security.utils.Constants;
import org.apache.xml.security.utils.XMLUtils;
+import static org.junit.jupiter.api.Assertions.assertTrue;
import static org.junit.jupiter.api.Assertions.fail;
public class HMACOutputLengthTest {
@@ -94,6 +98,53 @@ public class HMACOutputLengthTest {
}
}
+ @org.junit.jupiter.api.Test
+ public void testValidHMACOutputLength() throws Exception {
+ Document doc = TestUtils.newDocument();
+
+ doc.appendChild(doc.createComment(" Comment before "));
+ Element root = doc.createElementNS("", "RootElement");
+
+ doc.appendChild(root);
+ root.appendChild(doc.createTextNode("Some simple text\n"));
+
+ Element canonElem =
+ XMLUtils.createElementInSignatureSpace(doc, Constants._TAG_CANONICALIZATIONMETHOD);
+ canonElem.setAttributeNS(
+ null, Constants._ATT_ALGORITHM, Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS
+ );
+
+ XMLSignature sig =
+ new XMLSignature(doc, null, XMLSignature.ALGO_ID_MAC_HMAC_SHA1, 160);
+
+ root.appendChild(sig.getElement());
+ doc.appendChild(doc.createComment(" Comment after "));
+ Transforms transforms = new Transforms(doc);
+ transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
+ transforms.addTransform(Transforms.TRANSFORM_C14N_WITH_COMMENTS);
+ sig.addDocument("", transforms, MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA256);
+
+ SecretKey sk = sig.createSecretKey("secret".getBytes(StandardCharsets.US_ASCII));
+ sig.sign(sk);
+
+ ByteArrayOutputStream bos = new ByteArrayOutputStream();
+
+ XMLUtils.outputDOMc14nWithComments(doc, bos);
+ String signedContent = new String(bos.toByteArray());
+
+ assertTrue(signedContent.contains("ds:HMACOutputLength>160</ds:HMACOutputLength>"));
+
+ // Verify
+ NodeList nl =
+ doc.getElementsByTagNameNS(Constants.SignatureSpecNS, "Signature");
+ if (nl.getLength() == 0) {
+ throw new Exception("Couldn't find signature Element");
+ }
+ Element sigElement = (Element) nl.item(0);
+ XMLSignature signature = new XMLSignature(sigElement, null);
+ assertTrue(signature.checkSignatureValue(sk));
+ }
+
private boolean validate(String data) throws Exception {
File file =
new File(BASEDIR + SEP + "src/test/resources" + SEP + "javax" + SEP + "xml"