You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2012/07/05 11:13:00 UTC
svn commit: r1357505 -
/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/RSASecurityTest.java
Author: coheigea
Date: Thu Jul 5 09:13:00 2012
New Revision: 1357505
URL: http://svn.apache.org/viewvc?rev=1357505&view=rev
Log:
Another interop test
Added:
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/RSASecurityTest.java
Added: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/RSASecurityTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/RSASecurityTest.java?rev=1357505&view=auto
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/RSASecurityTest.java (added)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/RSASecurityTest.java Thu Jul 5 09:13:00 2012
@@ -0,0 +1,158 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.xml.security.test.stax.signature;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.InputStream;
+import java.math.BigInteger;
+import java.security.Key;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.PublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+import java.security.spec.RSAPublicKeySpec;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.stream.XMLInputFactory;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+
+import org.apache.xml.security.stax.config.Init;
+import org.apache.xml.security.stax.ext.InboundXMLSec;
+import org.apache.xml.security.stax.ext.XMLSec;
+import org.apache.xml.security.stax.ext.XMLSecurityProperties;
+import org.apache.xml.security.test.stax.utils.StAX2DOM;
+import org.apache.xml.security.test.stax.utils.XMLSecEventAllocator;
+import org.junit.Before;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.w3c.dom.Document;
+
+/**
+ * This test is to ensure interoperability with the examples provided by Blake Dournaee
+ * from RSA Security using Cert-J 2.01. These test vectors are located in the directory
+ * <CODE>data/com/rsasecurity/bdournaee/</CODE>.
+ */
+public class RSASecurityTest extends org.junit.Assert {
+
+ // Define the Keys
+ private static final String RSA_MOD =
+ "9661680572529043443849950482212724320718124640414882147275313836986288409918106491052525494831498427659036889326389109401815873387955487016402407137565137";
+ private static final String RSA_PUB =
+ "17";
+
+ private XMLInputFactory xmlInputFactory;
+ private DocumentBuilderFactory documentBuilderFactory;
+ private TransformerFactory transformerFactory = TransformerFactory.newInstance();
+
+ @Before
+ public void setUp() throws Exception {
+ Init.init(RSASecurityTest.class.getClassLoader().getResource("security-config.xml").toURI());
+ org.apache.xml.security.Init.init();
+
+ xmlInputFactory = XMLInputFactory.newInstance();
+ xmlInputFactory.setEventAllocator(new XMLSecEventAllocator());
+
+ documentBuilderFactory = DocumentBuilderFactory.newInstance();
+ documentBuilderFactory.setNamespaceAware(true);
+ documentBuilderFactory.setIgnoringComments(false);
+ documentBuilderFactory.setCoalescing(false);
+ documentBuilderFactory.setIgnoringElementContentWhitespace(false);
+ }
+
+
+ // TODO - not working?
+ @Test
+ @org.junit.Ignore
+ public void test_enveloping() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "com/rsasecurity/bdournaee/certj201_enveloping.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // Set up the Key
+ Key publicKey = getPublicKey();
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ properties.setSignatureVerificationKey(publicKey);
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader);
+
+ StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+ }
+
+ // See SANTUARIO-320
+ @Test
+ @Ignore
+ public void test_enveloped() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "com/rsasecurity/bdournaee/certj201_enveloped.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // Set up the Key
+ Key publicKey = getPublicKey();
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ properties.setSignatureVerificationKey(publicKey);
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader);
+
+ StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+ }
+
+
+ private static PublicKey getPublicKey()
+ throws InvalidKeySpecException, NoSuchAlgorithmException {
+ KeyFactory kf = KeyFactory.getInstance("RSA");
+ KeySpec kspec = new RSAPublicKeySpec(new BigInteger(RSA_MOD), new BigInteger(RSA_PUB));
+
+ return kf.generatePublic(kspec);
+ }
+
+}