You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2014/06/12 11:32:08 UTC
svn commit: r1602106 - in /santuario/xml-security-java/trunk/src:
main/java/org/apache/xml/security/algorithms/
main/java/org/apache/xml/security/encryption/
main/java/org/apache/xml/security/resource/
main/java/org/apache/xml/security/utils/ main/reso...
Author: coheigea
Date: Thu Jun 12 09:32:07 2014
New Revision: 1602106
URL: http://svn.apache.org/r1602106
Log:
Adding support for SEED KW algorithm.
Modified:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/JCEMapper.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/config.xml
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/utils/EncryptionConstants.java
santuario/xml-security-java/trunk/src/main/resources/security-config.xml
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/algorithms/KeyWrapEncryptionAlgorithmTest.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/encryption/KeyWrapEncryptionCreationTest.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/encryption/KeyWrapEncryptionVerificationTest.java
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/JCEMapper.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/JCEMapper.java?rev=1602106&r1=1602105&r2=1602106&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/JCEMapper.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/JCEMapper.java Thu Jun 12 09:32:07 2014
@@ -300,6 +300,10 @@ public class JCEMapper {
XMLCipher.CAMELLIA_256_KeyWrap,
new Algorithm("Camellia", "CamelliaWrap", "SymmetricKeyWrap", 256, 0)
);
+ algorithmsMap.put(
+ XMLCipher.SEED_128_KeyWrap,
+ new Algorithm("SEED", "SEEDWrap", "SymmetricKeyWrap", 128, 0)
+ );
}
/**
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java?rev=1602106&r1=1602105&r2=1602106&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java Thu Jun 12 09:32:07 2014
@@ -183,6 +183,10 @@ public class XMLCipher {
public static final String CAMELLIA_256_KeyWrap =
EncryptionConstants.ALGO_ID_KEYWRAP_CAMELLIA256;
+ /** SEED 128 Cipher KeyWrap */
+ public static final String SEED_128_KeyWrap =
+ EncryptionConstants.ALGO_ID_KEYWRAP_SEED128;
+
/** SHA1 Cipher */
public static final String SHA1 =
Constants.ALGO_ID_DIGEST_SHA1;
@@ -245,7 +249,8 @@ public class XMLCipher {
AES_128_KeyWrap + "\n" + AES_256_KeyWrap + "\n" + AES_192_KeyWrap + "\n" +
AES_128_GCM + "\n" + AES_192_GCM + "\n" + AES_256_GCM + "\n" + SEED_128 + "\n" +
CAMELLIA_128 + "\n" + CAMELLIA_192 + "\n" + CAMELLIA_256 + "\n" +
- CAMELLIA_128_KeyWrap + "\n" + CAMELLIA_192_KeyWrap + "\n" + CAMELLIA_256_KeyWrap + "\n";
+ CAMELLIA_128_KeyWrap + "\n" + CAMELLIA_192_KeyWrap + "\n" + CAMELLIA_256_KeyWrap + "\n" +
+ SEED_128_KeyWrap + "\n";
/** Cipher created during initialisation that is used for encryption */
private Cipher contextCipher;
@@ -390,7 +395,8 @@ public class XMLCipher {
algorithm.equals(AES_192_KeyWrap) ||
algorithm.equals(CAMELLIA_128_KeyWrap) ||
algorithm.equals(CAMELLIA_192_KeyWrap) ||
- algorithm.equals(CAMELLIA_256_KeyWrap);
+ algorithm.equals(CAMELLIA_256_KeyWrap) ||
+ algorithm.equals(SEED_128_KeyWrap);
}
/**
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/config.xml
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/config.xml?rev=1602106&r1=1602105&r2=1602106&view=diff
==============================================================================
Binary files - no diff available.
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/utils/EncryptionConstants.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/utils/EncryptionConstants.java?rev=1602106&r1=1602105&r2=1602106&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/utils/EncryptionConstants.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/utils/EncryptionConstants.java Thu Jun 12 09:32:07 2014
@@ -219,6 +219,10 @@ public final class EncryptionConstants {
public static final String ALGO_ID_KEYWRAP_CAMELLIA256 =
"http://www.w3.org/2001/04/xmldsig-more#kw-camellia256";
+ /** Symmetric Key Wrap - OPTIONAL SEED-128 KeyWrap */
+ public static final String ALGO_ID_KEYWRAP_SEED128 =
+ "http://www.w3.org/2007/05/xmldsig-more#kw-seed128";
+
/** Message Authentication - RECOMMENDED XML Digital Signature */
public static final String ALGO_ID_AUTHENTICATION_XMLSIGNATURE =
"http://www.w3.org/TR/2001/CR-xmldsig-core-20010419/";
Modified: santuario/xml-security-java/trunk/src/main/resources/security-config.xml
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/resources/security-config.xml?rev=1602106&r1=1602105&r2=1602106&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/resources/security-config.xml (original)
+++ santuario/xml-security-java/trunk/src/main/resources/security-config.xml Thu Jun 12 09:32:07 2014
@@ -570,6 +570,14 @@
KeyLength="256"
RequiredKey="Camellia"
JCEName="CamelliaWrap"/>
+
+ <Algorithm URI="http://www.w3.org/2007/05/xmldsig-more#kw-seed128"
+ Description="Symmetric Key Wrap using SEED with a key length of 128 bit"
+ AlgorithmClass="SymmetricKeyWrap"
+ RequirementLevel="OPTIONAL"
+ KeyLength="128"
+ RequiredKey="SEED"
+ JCEName="SEEDWrap"/>
</JCEAlgorithmMappings>
<ResourceResolvers>
<Resolver JAVACLASS="org.apache.xml.security.stax.impl.resourceResolvers.ResolverSameDocument"
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/algorithms/KeyWrapEncryptionAlgorithmTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/algorithms/KeyWrapEncryptionAlgorithmTest.java?rev=1602106&r1=1602105&r2=1602106&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/algorithms/KeyWrapEncryptionAlgorithmTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/algorithms/KeyWrapEncryptionAlgorithmTest.java Thu Jun 12 09:32:07 2014
@@ -484,6 +484,47 @@ public class KeyWrapEncryptionAlgorithmT
Assert.assertEquals(nodeList.getLength(), 1);
}
+ @org.junit.Test
+ public void testSEED128KW() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
+ DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
+ Document document = builder.parse(sourceDocument);
+
+ // Set up the Key
+ KeyGenerator keygen = KeyGenerator.getInstance("SEED");
+ keygen.init(128);
+ SecretKey key = keygen.generateKey();
+
+ // Set up the Key Wrapping Key
+ XMLCipher cipher = XMLCipher.getInstance(XMLCipher.SEED_128_KeyWrap);
+ keygen = KeyGenerator.getInstance("SEED");
+ keygen.init(128);
+ SecretKey keyWrappingKey = keygen.generateKey();
+ cipher.init(XMLCipher.WRAP_MODE, keyWrappingKey);
+ EncryptedKey encryptedKey = cipher.encryptKey(document, key);
+
+ List<String> localNames = new ArrayList<String>();
+ localNames.add("PaymentInfo");
+
+ String encryptionAlgorithm = XMLCipher.SEED_128;
+
+ encrypt(encryptedKey, encryptionAlgorithm, document, localNames, key);
+
+ // Check the CreditCard encrypted ok
+ NodeList nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
+ Assert.assertEquals(nodeList.getLength(), 0);
+
+ // XMLUtils.outputDOM(document, System.out);
+ document = decrypt(document, keyWrappingKey);
+
+ // Check the CreditCard decrypted ok
+ nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
+ Assert.assertEquals(nodeList.getLength(), 1);
+ }
+
private void encrypt(
EncryptedKey encryptedKey,
String algorithm,
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/encryption/KeyWrapEncryptionCreationTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/encryption/KeyWrapEncryptionCreationTest.java?rev=1602106&r1=1602105&r2=1602106&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/encryption/KeyWrapEncryptionCreationTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/encryption/KeyWrapEncryptionCreationTest.java Thu Jun 12 09:32:07 2014
@@ -749,6 +749,72 @@ public class KeyWrapEncryptionCreationTe
Assert.assertEquals(nodeList.getLength(), 1);
}
+ @Test
+ public void testSEED128KW() throws Exception {
+ // Set up the Configuration
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ List<XMLSecurityConstants.Action> actions = new ArrayList<XMLSecurityConstants.Action>();
+ actions.add(XMLSecurityConstants.ENCRYPT);
+ properties.setActions(actions);
+
+ // Set up the Key
+ KeyGenerator keygen = KeyGenerator.getInstance("SEED");
+ keygen.init(128);
+ SecretKey key = keygen.generateKey();
+ properties.setEncryptionKey(key);
+ String algorithm = "http://www.w3.org/2007/05/xmldsig-more#seed128-cbc";
+ properties.setEncryptionSymAlgorithm(algorithm);
+
+ // Set up the Key Wrapping Key
+ keygen = KeyGenerator.getInstance("SEED");
+ keygen.init(128);
+ SecretKey keyWrappingKey = keygen.generateKey();
+ String wrappingAlgorithm = "http://www.w3.org/2007/05/xmldsig-more#kw-seed128";
+ properties.setEncryptionKeyTransportAlgorithm(wrappingAlgorithm);
+ properties.setEncryptionTransportKey(keyWrappingKey);
+
+ SecurePart securePart =
+ new SecurePart(new QName("urn:example:po", "PaymentInfo"), SecurePart.Modifier.Element);
+ properties.addEncryptionPart(securePart);
+
+ OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, "UTF-8");
+
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
+ XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(sourceDocument);
+
+ XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
+ xmlStreamWriter.close();
+
+ // System.out.println("Got:\n" + new String(baos.toByteArray(), "UTF-8"));
+
+ Document document =
+ XMLUtils.createDocumentBuilder(false).parse(new ByteArrayInputStream(baos.toByteArray()));
+
+ NodeList nodeList = document.getElementsByTagNameNS("urn:example:po", "PaymentInfo");
+ Assert.assertEquals(nodeList.getLength(), 0);
+
+ // Check the CreditCard encrypted ok
+ nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
+ Assert.assertEquals(nodeList.getLength(), 0);
+
+ nodeList = document.getElementsByTagNameNS(
+ XMLSecurityConstants.TAG_xenc_EncryptedData.getNamespaceURI(),
+ XMLSecurityConstants.TAG_xenc_EncryptedData.getLocalPart()
+ );
+ Assert.assertEquals(nodeList.getLength(), 1);
+
+ // Decrypt using DOM API
+ Document doc = decryptUsingDOM(document, keyWrappingKey);
+
+ // Check the CreditCard decrypted ok
+ nodeList = doc.getElementsByTagNameNS("urn:example:po", "CreditCard");
+ Assert.assertEquals(nodeList.getLength(), 1);
+ }
+
private Document decryptUsingDOM(
Document document,
Key keyWrappingKey
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/encryption/KeyWrapEncryptionVerificationTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/encryption/KeyWrapEncryptionVerificationTest.java?rev=1602106&r1=1602105&r2=1602106&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/encryption/KeyWrapEncryptionVerificationTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/encryption/KeyWrapEncryptionVerificationTest.java Thu Jun 12 09:32:07 2014
@@ -666,6 +666,63 @@ public class KeyWrapEncryptionVerificati
Assert.assertEquals(nodeList.getLength(), 1);
}
+ @Test
+ public void testSEED128KW() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
+ DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
+ Document document = builder.parse(sourceDocument);
+
+ // Set up the Key
+ KeyGenerator keygen = KeyGenerator.getInstance("SEED");
+ keygen.init(128);
+ SecretKey key = keygen.generateKey();
+
+ // Set up the Key Wrapping Key
+ XMLCipher cipher = XMLCipher.getInstance(XMLCipher.SEED_128_KeyWrap);
+ keygen = KeyGenerator.getInstance("SEED");
+ keygen.init(128);
+ SecretKey keyWrappingKey = keygen.generateKey();
+ cipher.init(XMLCipher.WRAP_MODE, keyWrappingKey);
+ EncryptedKey encryptedKey = cipher.encryptKey(document, key);
+
+ // Encrypt using DOM
+ List<String> localNames = new ArrayList<String>();
+ localNames.add("PaymentInfo");
+
+ String encryptionAlgorithm = XMLCipher.SEED_128;
+ encrypt(encryptedKey, encryptionAlgorithm, document, localNames, key);
+
+ // Check the CreditCard encrypted ok
+ NodeList nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
+ Assert.assertEquals(nodeList.getLength(), 0);
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Decrypt
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ properties.setDecryptionKey(keyWrappingKey);
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
+ XMLStreamReader securityStreamReader =
+ inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
+
+ document = StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
+
+ // Check the CreditCard decrypted ok
+ nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
+ Assert.assertEquals(nodeList.getLength(), 1);
+ }
+
private void encrypt(
EncryptedKey encryptedKey,
String algorithm,