You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by gi...@apache.org on 2012/09/17 21:32:09 UTC
svn commit: r1386786 [2/2] - in /santuario/xml-security-java/trunk/src:
main/java/org/apache/xml/security/stax/ext/
main/java/org/apache/xml/security/stax/impl/processor/input/
main/java/org/apache/xml/security/stax/impl/processor/output/
main/java/org...
Copied: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/encryption/XMLEncryption11Test.java (from r1385260, santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/encryption/XMLEncryption11Test.java)
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/encryption/XMLEncryption11Test.java?p2=santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/encryption/XMLEncryption11Test.java&p1=santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/encryption/XMLEncryption11Test.java&r1=1385260&r2=1386786&rev=1386786&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/encryption/XMLEncryption11Test.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/encryption/XMLEncryption11Test.java Mon Sep 17 19:32:08 2012
@@ -16,488 +16,291 @@
* specific language governing permissions and limitations
* under the License.
*/
-package org.apache.xml.security.test.dom.encryption;
+package org.apache.xml.security.test.stax.encryption;
-import java.io.File;
-import java.lang.reflect.Constructor;
-import java.security.Key;
-import java.security.KeyStore;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.Provider;
-import java.security.Security;
-import java.security.cert.Certificate;
-import java.security.cert.X509Certificate;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-import javax.crypto.NoSuchPaddingException;
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.xpath.XPath;
-import javax.xml.xpath.XPathConstants;
-import javax.xml.xpath.XPathExpressionException;
-import javax.xml.xpath.XPathFactory;
-
-import org.apache.xml.security.algorithms.JCEMapper;
import org.apache.xml.security.encryption.EncryptedData;
import org.apache.xml.security.encryption.EncryptedKey;
import org.apache.xml.security.encryption.XMLCipher;
import org.apache.xml.security.keys.KeyInfo;
-import org.apache.xml.security.keys.content.X509Data;
-import org.apache.xml.security.keys.content.x509.XMLX509Certificate;
+import org.apache.xml.security.stax.ext.*;
import org.apache.xml.security.test.dom.DSNamespaceContext;
+import org.apache.xml.security.test.stax.signature.TestSecurityEventListener;
+import org.apache.xml.security.test.stax.utils.StAX2DOM;
+import org.apache.xml.security.test.stax.utils.XMLSecEventAllocator;
+import org.apache.xml.security.test.stax.utils.XmlReaderToWriter;
import org.apache.xml.security.utils.Base64;
-import org.apache.xml.security.utils.EncryptionConstants;
-// import org.apache.xml.security.utils.XMLUtils;
+import org.apache.xml.security.utils.XMLUtils;
+import org.junit.Assert;
+import org.junit.Before;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+import javax.xml.namespace.QName;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.stream.XMLInputFactory;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.xpath.XPath;
+import javax.xml.xpath.XPathConstants;
+import javax.xml.xpath.XPathExpressionException;
+import javax.xml.xpath.XPathFactory;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.InputStream;
+import java.security.*;
+import java.security.cert.Certificate;
+import java.security.cert.X509Certificate;
+import java.util.HashMap;
+import java.util.Map;
/**
- * This is a set of tests that use the test vectors associated with the W3C XML Encryption 1.1 specification:
- *
- * http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/test-cases/
- *
- * Note: I had to convert the given .p12 file into a .jks as it could not be loaded with KeyStore.
- *
- * TODO As of now all of the KeyWrapping tests are supported, but none of the KeyAgreement tests.
+ * @author $Author: $
+ * @version $Revision: $ $Date: $
*/
public class XMLEncryption11Test extends org.junit.Assert {
- private static String cardNumber;
- private static int nodeCount = 0;
- private boolean haveISOPadding;
-
- /** {@link org.apache.commons.logging} logging facility */
- static org.apache.commons.logging.Log log =
- org.apache.commons.logging.LogFactory.getLog(XMLEncryption11Test.class.getName());
-
- /**
- * Constructor XMLEncryption11Test
- */
- public XMLEncryption11Test() throws Exception {
- //
- // If the BouncyCastle provider is not installed, then try to load it
- // via reflection. If it is not available, then skip this test as it is
- // required for GCM algorithm support
- //
- if (Security.getProvider("BC") == null) {
- Constructor<?> cons = null;
- try {
- Class<?> c = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider");
- cons = c.getConstructor(new Class[] {});
- } catch (Exception e) {
- //ignore
- }
- if (cons == null) {
- // BouncyCastle is not available so just return
- return;
- } else {
- Provider provider = (java.security.Provider)cons.newInstance(new Object[]{});
- Security.insertProviderAt(provider, 2);
- }
- }
-
- // Create the comparison strings
- DocumentBuilderFactory dbf =
- DocumentBuilderFactory.newInstance();
- dbf.setNamespaceAware(true);
- dbf.setAttribute("http://xml.org/sax/features/namespaces", Boolean.TRUE);
-
- String filename =
- "src/test/resources/org/w3c/www/interop/xmlenc-core-11/plaintext.xml";
- String basedir = System.getProperty("basedir");
- if (basedir != null && !"".equals(basedir)) {
- filename = basedir + "/" + filename;
- }
- File f = new File(filename);
+ private String cardNumber;
+ private int nodeCount = 0;
- DocumentBuilder db = dbf.newDocumentBuilder();
- Document doc = db.parse(new java.io.FileInputStream(f));
+ private XMLInputFactory xmlInputFactory;
+ private DocumentBuilderFactory documentBuilderFactory;
- cardNumber = retrieveCCNumber(doc);
+ @Before
+ public void setUp() throws Exception {
- // Count the nodes in the document as a secondary test
- nodeCount = countNodes(doc);
+ Class<?> c = this.getClass().getClassLoader().loadClass("org.bouncycastle.jce.provider.BouncyCastleProvider");
+ if (null == Security.getProvider("BC")) {
+ Security.addProvider((Provider) c.newInstance());
+ }
- // Initialise the library
org.apache.xml.security.Init.init();
- // Check what algorithms are available
+ xmlInputFactory = XMLInputFactory.newInstance();
+ xmlInputFactory.setEventAllocator(new XMLSecEventAllocator());
- haveISOPadding = false;
- String algorithmId =
- JCEMapper.translateURItoJCEID(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128);
-
- if (algorithmId != null) {
- try {
- if (Cipher.getInstance(algorithmId) != null) {
- haveISOPadding = true;
- }
- } catch (NoSuchAlgorithmException nsae) {
- //
- } catch (NoSuchPaddingException nspe) {
- //
- }
- }
+ documentBuilderFactory = DocumentBuilderFactory.newInstance();
+ documentBuilderFactory.setNamespaceAware(true);
+ documentBuilderFactory.setIgnoringComments(false);
+ documentBuilderFactory.setCoalescing(false);
+ documentBuilderFactory.setIgnoringElementContentWhitespace(false);
+
+ String filename = "org/w3c/www/interop/xmlenc-core-11/plaintext.xml";
+ DocumentBuilder db = documentBuilderFactory.newDocumentBuilder();
+ Document doc = db.parse(this.getClass().getClassLoader().getResourceAsStream(filename));
+
+ cardNumber = retrieveCCNumber(doc);
+ nodeCount = countNodes(doc);
}
/**
* rsa-oaep-mgf1p, Digest:SHA256, MGF:SHA1, PSource: None
*/
@org.junit.Test
- public void testKeyWrappingRSA2048() throws Exception {
- if (haveISOPadding) {
- String keystore =
- "src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-2048_SHA256WithRSA.jks";
- String basedir = System.getProperty("basedir");
- if (basedir != null && !"".equals(basedir)) {
- keystore = basedir + "/" + keystore;
- }
-
- KeyStore keyStore = KeyStore.getInstance("jks");
- keyStore.load(new java.io.FileInputStream(keystore), "passwd".toCharArray());
-
- Certificate cert = keyStore.getCertificate("importkey");
+ public void testKeyWrappingRSA2048Outbound() throws Exception {
+ String keystore = "org/w3c/www/interop/xmlenc-core-11/RSA-2048_SHA256WithRSA.jks";
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(this.getClass().getClassLoader().getResourceAsStream(keystore), "passwd".toCharArray());
- KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
+ Certificate cert = keyStore.getCertificate("importkey");
+
+ KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
keyStore.getEntry("importkey", new KeyStore.PasswordProtection("passwd".toCharArray()));
- PrivateKey rsaKey = pkEntry.getPrivateKey();
-
- String filename =
- "src/test/resources/org/w3c/www/interop/xmlenc-core-11/"
- + "cipherText__RSA-2048__aes128-gcm__rsa-oaep-mgf1p.xml";
-
- Document dd = decryptElement(filename, rsaKey, (X509Certificate)cert);
- // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
- checkDecryptedDoc(dd, true);
- } else {
- log.warn(
- "Skipping testRSA2048 as necessary "
- + "crypto algorithms are not available"
- );
- }
+ PrivateKey rsaKey = pkEntry.getPrivateKey();
+
+ String filename = "org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-2048__aes128-gcm__rsa-oaep-mgf1p.xml";
+
+ Document dd = decryptElement(filename, rsaKey, (X509Certificate) cert);
+ checkDecryptedDoc(dd, true);
}
-
+
/**
* rsa-oaep-mgf1p, Digest:SHA256, MGF:SHA1, PSource: None
*/
@org.junit.Test
public void testKeyWrappingRSA2048EncryptDecrypt() throws Exception {
- if (haveISOPadding) {
- String keystore =
- "src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-2048_SHA256WithRSA.jks";
- String basedir = System.getProperty("basedir");
- if (basedir != null && !"".equals(basedir)) {
- keystore = basedir + "/" + keystore;
- }
-
- KeyStore keyStore = KeyStore.getInstance("jks");
- keyStore.load(new java.io.FileInputStream(keystore), "passwd".toCharArray());
-
- Certificate cert = keyStore.getCertificate("importkey");
-
- KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
+ String keystore = "org/w3c/www/interop/xmlenc-core-11/RSA-2048_SHA256WithRSA.jks";
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(this.getClass().getClassLoader().getResourceAsStream(keystore), "passwd".toCharArray());
+
+ Certificate cert = keyStore.getCertificate("importkey");
+
+ KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
keyStore.getEntry("importkey", new KeyStore.PasswordProtection("passwd".toCharArray()));
- PrivateKey rsaKey = pkEntry.getPrivateKey();
+ PrivateKey rsaKey = pkEntry.getPrivateKey();
+ X509Certificate x509Certificate = (X509Certificate) pkEntry.getCertificate();
- // Perform encryption
- String filename = "src/test/resources/org/w3c/www/interop/xmlenc-core-11/plaintext.xml";
- javax.xml.parsers.DocumentBuilderFactory dbf =
- javax.xml.parsers.DocumentBuilderFactory.newInstance();
- dbf.setNamespaceAware(true);
- dbf.setAttribute("http://xml.org/sax/features/namespaces", Boolean.TRUE);
- if (basedir != null && !"".equals(basedir)) {
- filename = basedir + "/" + filename;
- }
- File f = new File(filename);
-
- DocumentBuilder db = dbf.newDocumentBuilder();
- Document doc = db.parse(new java.io.FileInputStream(f));
-
- Key sessionKey = getSessionKey("http://www.w3.org/2009/xmlenc11#aes128-gcm");
- EncryptedKey encryptedKey =
- createEncryptedKey(
- doc,
- (X509Certificate)cert,
- sessionKey,
- "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p",
- "http://www.w3.org/2000/09/xmldsig#sha1",
- null,
- null
- );
-
- doc =
- encryptDocument(
- doc,
- encryptedKey,
- sessionKey,
- "http://www.w3.org/2009/xmlenc11#aes128-gcm"
- );
- // XMLUtils.outputDOM(doc.getFirstChild(), System.out);
-
- // Perform decryption
- Document dd = decryptElement(doc, rsaKey, (X509Certificate)cert);
- // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
- checkDecryptedDoc(dd, true);
- } else {
- log.warn(
- "Skipping testRSA2048 as necessary "
- + "crypto algorithms are not available"
- );
- }
+ // Perform encryption
+ String filename = "org/w3c/www/interop/xmlenc-core-11/plaintext.xml";
+
+ KeyGenerator keygen = KeyGenerator.getInstance("AES");
+ keygen.init(256);
+ SecretKey sessionKey = keygen.generateKey();
+
+ SecurePart securePart =
+ new SecurePart(new QName("urn:example:po", "PurchaseOrder"), SecurePart.Modifier.Element);
+
+ Document ed = encryptDocument(filename, securePart, x509Certificate.getPublicKey(),
+ "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p", null, null,
+ sessionKey, "http://www.w3.org/2009/xmlenc11#aes128-gcm",
+ null);
+ // XMLUtils.outputDOM(ed.getFirstChild(), System.out);
+
+ // Perform decryption
+ Document dd = decryptElement(ed, rsaKey, (X509Certificate) cert);
+ // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
+ checkDecryptedDoc(dd, true);
}
-
+
/**
* rsa-oaep-mgf1p, Digest:SHA256, MGF:SHA1, PSource: None
*/
@org.junit.Test
public void testKeyWrappingRSA3072() throws Exception {
- if (haveISOPadding) {
- String keystore =
- "src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.jks";
- String basedir = System.getProperty("basedir");
- if (basedir != null && !"".equals(basedir)) {
- keystore = basedir + "/" + keystore;
- }
-
- KeyStore keyStore = KeyStore.getInstance("jks");
- keyStore.load(new java.io.FileInputStream(keystore), "passwd".toCharArray());
-
- Certificate cert = keyStore.getCertificate("importkey");
+ String keystore = "org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.jks";
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(this.getClass().getClassLoader().getResourceAsStream(keystore), "passwd".toCharArray());
- KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
+ Certificate cert = keyStore.getCertificate("importkey");
+
+ KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
keyStore.getEntry("importkey", new KeyStore.PasswordProtection("passwd".toCharArray()));
- PrivateKey rsaKey = pkEntry.getPrivateKey();
-
- String filename =
- "src/test/resources/org/w3c/www/interop/xmlenc-core-11/"
- + "cipherText__RSA-3072__aes192-gcm__rsa-oaep-mgf1p__Sha256.xml";
-
- Document dd = decryptElement(filename, rsaKey, (X509Certificate)cert);
- // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
- checkDecryptedDoc(dd, true);
- } else {
- log.warn(
- "Skipping testRSA3072 as necessary "
- + "crypto algorithms are not available"
- );
- }
+ PrivateKey rsaKey = pkEntry.getPrivateKey();
+
+ // Perform encryption
+ String filename = "org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-3072__aes192-gcm__rsa-oaep-mgf1p__Sha256.xml";
+
+ Document dd = decryptElement(filename, rsaKey, (X509Certificate) cert);
+ checkDecryptedDoc(dd, true);
}
-
+
/**
* rsa-oaep-mgf1p, Digest:SHA256, MGF:SHA1, PSource: None
*/
@org.junit.Test
public void testKeyWrappingRSA3072EncryptDecrypt() throws Exception {
- if (haveISOPadding) {
- String keystore =
- "src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.jks";
- String basedir = System.getProperty("basedir");
- if (basedir != null && !"".equals(basedir)) {
- keystore = basedir + "/" + keystore;
- }
-
- KeyStore keyStore = KeyStore.getInstance("jks");
- keyStore.load(new java.io.FileInputStream(keystore), "passwd".toCharArray());
-
- Certificate cert = keyStore.getCertificate("importkey");
-
- KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
+ String keystore = "org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.jks";
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(this.getClass().getClassLoader().getResourceAsStream(keystore), "passwd".toCharArray());
+
+ Certificate cert = keyStore.getCertificate("importkey");
+
+ KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
keyStore.getEntry("importkey", new KeyStore.PasswordProtection("passwd".toCharArray()));
- PrivateKey rsaKey = pkEntry.getPrivateKey();
+ PrivateKey rsaKey = pkEntry.getPrivateKey();
+ X509Certificate x509Certificate = (X509Certificate) pkEntry.getCertificate();
- // Perform encryption
- String filename = "src/test/resources/org/w3c/www/interop/xmlenc-core-11/plaintext.xml";
- javax.xml.parsers.DocumentBuilderFactory dbf =
- javax.xml.parsers.DocumentBuilderFactory.newInstance();
- dbf.setNamespaceAware(true);
- dbf.setAttribute("http://xml.org/sax/features/namespaces", Boolean.TRUE);
- if (basedir != null && !"".equals(basedir)) {
- filename = basedir + "/" + filename;
- }
- File f = new File(filename);
-
- DocumentBuilder db = dbf.newDocumentBuilder();
- Document doc = db.parse(new java.io.FileInputStream(f));
-
- Key sessionKey = getSessionKey("http://www.w3.org/2009/xmlenc11#aes192-gcm");
- EncryptedKey encryptedKey =
- createEncryptedKey(
- doc,
- (X509Certificate)cert,
- sessionKey,
- "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p",
- "http://www.w3.org/2001/04/xmlenc#sha256",
- null,
- null
- );
-
- doc =
- encryptDocument(
- doc,
- encryptedKey,
- sessionKey,
- "http://www.w3.org/2009/xmlenc11#aes192-gcm"
- );
- // XMLUtils.outputDOM(doc.getFirstChild(), System.out);
-
- // Perform decryption
- Document dd = decryptElement(doc, rsaKey, (X509Certificate)cert);
- // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
- checkDecryptedDoc(dd, true);
- } else {
- log.warn(
- "Skipping testRSA3072 as necessary "
- + "crypto algorithms are not available"
- );
- }
+ // Perform encryption
+ String filename = "org/w3c/www/interop/xmlenc-core-11/plaintext.xml";
+
+ KeyGenerator keygen = KeyGenerator.getInstance("AES");
+ keygen.init(256);
+ SecretKey sessionKey = keygen.generateKey();
+
+ SecurePart securePart =
+ new SecurePart(new QName("urn:example:po", "PurchaseOrder"), SecurePart.Modifier.Element);
+
+ Document ed = encryptDocument(filename, securePart,
+ x509Certificate.getPublicKey(), "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p",
+ "http://www.w3.org/2001/04/xmlenc#sha256",
+ null,
+ sessionKey, "http://www.w3.org/2009/xmlenc11#aes192-gcm",
+ null);
+ // XMLUtils.outputDOM(ed.getFirstChild(), System.out);
+
+ // Perform decryption
+ Document dd = decryptElement(ed, rsaKey, (X509Certificate) cert);
+ // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
+ checkDecryptedDoc(dd, true);
}
-
+
/**
* rsa-oaep, Digest:SHA384, MGF:SHA1, PSource: None
*/
@org.junit.Test
public void testKeyWrappingRSA3072OAEP() throws Exception {
- if (haveISOPadding) {
- String keystore =
- "src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.jks";
- String basedir = System.getProperty("basedir");
- if (basedir != null && !"".equals(basedir)) {
- keystore = basedir + "/" + keystore;
- }
-
- KeyStore keyStore = KeyStore.getInstance("jks");
- keyStore.load(new java.io.FileInputStream(keystore), "passwd".toCharArray());
-
- Certificate cert = keyStore.getCertificate("importkey");
+ String keystore = "org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.jks";
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(this.getClass().getClassLoader().getResourceAsStream(keystore), "passwd".toCharArray());
+
+ Certificate cert = keyStore.getCertificate("importkey");
- KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
+ KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
keyStore.getEntry("importkey", new KeyStore.PasswordProtection("passwd".toCharArray()));
- PrivateKey rsaKey = pkEntry.getPrivateKey();
-
- String filename =
- "src/test/resources/org/w3c/www/interop/xmlenc-core-11/"
- + "cipherText__RSA-3072__aes256-gcm__rsa-oaep__Sha384-MGF_Sha1.xml";
-
- Document dd = decryptElement(filename, rsaKey, (X509Certificate)cert);
- // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
- checkDecryptedDoc(dd, true);
- } else {
- log.warn(
- "Skipping testRSA307OAEP as necessary "
- + "crypto algorithms are not available"
- );
- }
+ PrivateKey rsaKey = pkEntry.getPrivateKey();
+
+ String filename = "org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-3072__aes256-gcm__rsa-oaep__Sha384-MGF_Sha1.xml";
+
+ Document dd = decryptElement(filename, rsaKey, (X509Certificate) cert);
+ // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
+ checkDecryptedDoc(dd, true);
}
-
+
/**
* rsa-oaep, Digest:SHA384, MGF:SHA1, PSource: None
*/
@org.junit.Test
public void testKeyWrappingRSA3072OAEPEncryptDecrypt() throws Exception {
- if (haveISOPadding) {
- String keystore =
- "src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.jks";
- String basedir = System.getProperty("basedir");
- if (basedir != null && !"".equals(basedir)) {
- keystore = basedir + "/" + keystore;
- }
-
- KeyStore keyStore = KeyStore.getInstance("jks");
- keyStore.load(new java.io.FileInputStream(keystore), "passwd".toCharArray());
-
- Certificate cert = keyStore.getCertificate("importkey");
-
- KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
+ String keystore = "org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.jks";
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(this.getClass().getClassLoader().getResourceAsStream(keystore), "passwd".toCharArray());
+
+ Certificate cert = keyStore.getCertificate("importkey");
+
+ KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
keyStore.getEntry("importkey", new KeyStore.PasswordProtection("passwd".toCharArray()));
- PrivateKey rsaKey = pkEntry.getPrivateKey();
+ PrivateKey rsaKey = pkEntry.getPrivateKey();
+ X509Certificate x509Certificate = (X509Certificate) pkEntry.getCertificate();
- // Perform encryption
- String filename = "src/test/resources/org/w3c/www/interop/xmlenc-core-11/plaintext.xml";
- javax.xml.parsers.DocumentBuilderFactory dbf =
- javax.xml.parsers.DocumentBuilderFactory.newInstance();
- dbf.setNamespaceAware(true);
- dbf.setAttribute("http://xml.org/sax/features/namespaces", Boolean.TRUE);
- if (basedir != null && !"".equals(basedir)) {
- filename = basedir + "/" + filename;
- }
- File f = new File(filename);
-
- DocumentBuilder db = dbf.newDocumentBuilder();
- Document doc = db.parse(new java.io.FileInputStream(f));
-
- Key sessionKey = getSessionKey("http://www.w3.org/2009/xmlenc11#aes256-gcm");
- EncryptedKey encryptedKey =
- createEncryptedKey(
- doc,
- (X509Certificate)cert,
- sessionKey,
- "http://www.w3.org/2009/xmlenc11#rsa-oaep",
- "http://www.w3.org/2001/04/xmldsig-more#sha384",
- "http://www.w3.org/2009/xmlenc11#mgf1sha1",
- null
- );
-
- doc =
- encryptDocument(
- doc,
- encryptedKey,
- sessionKey,
- "http://www.w3.org/2009/xmlenc11#aes256-gcm"
- );
- // XMLUtils.outputDOM(doc.getFirstChild(), System.out);
-
- // Perform decryption
- Document dd = decryptElement(doc, rsaKey, (X509Certificate)cert);
- // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
- checkDecryptedDoc(dd, true);
- } else {
- log.warn(
- "Skipping testRSA2048 as necessary "
- + "crypto algorithms are not available"
- );
- }
+ // Perform encryption
+ String filename = "org/w3c/www/interop/xmlenc-core-11/plaintext.xml";
+
+ KeyGenerator keygen = KeyGenerator.getInstance("AES");
+ keygen.init(256);
+ SecretKey sessionKey = keygen.generateKey();
+
+ SecurePart securePart =
+ new SecurePart(new QName("urn:example:po", "PurchaseOrder"), SecurePart.Modifier.Element);
+
+ Document ed = encryptDocument(filename, securePart,
+ x509Certificate.getPublicKey(), "http://www.w3.org/2009/xmlenc11#rsa-oaep",
+ "http://www.w3.org/2001/04/xmldsig-more#sha384",
+ "http://www.w3.org/2009/xmlenc11#mgf1sha1",
+ sessionKey, "http://www.w3.org/2009/xmlenc11#aes256-gcm",
+ null);
+ // XMLUtils.outputDOM(ed.getFirstChild(), System.out);
+
+ // Perform decryption
+ Document dd = decryptElement(ed, rsaKey, (X509Certificate) cert);
+ // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
+ checkDecryptedDoc(dd, true);
}
-
+
/**
* rsa-oaep, Digest:SHA512, MGF:SHA1, PSource: Specified 8 bytes
*/
@org.junit.Test
public void testKeyWrappingRSA4096() throws Exception {
- if (haveISOPadding) {
- String keystore =
- "src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-4096_SHA256WithRSA.jks";
- String basedir = System.getProperty("basedir");
- if (basedir != null && !"".equals(basedir)) {
- keystore = basedir + "/" + keystore;
- }
-
- KeyStore keyStore = KeyStore.getInstance("jks");
- keyStore.load(new java.io.FileInputStream(keystore), "passwd".toCharArray());
-
- Certificate cert = keyStore.getCertificate("importkey");
+ String keystore = "org/w3c/www/interop/xmlenc-core-11/RSA-4096_SHA256WithRSA.jks";
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(this.getClass().getClassLoader().getResourceAsStream(keystore), "passwd".toCharArray());
+
+ Certificate cert = keyStore.getCertificate("importkey");
- KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
+ KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
keyStore.getEntry("importkey", new KeyStore.PasswordProtection("passwd".toCharArray()));
- PrivateKey rsaKey = pkEntry.getPrivateKey();
-
- String filename =
- "src/test/resources/org/w3c/www/interop/xmlenc-core-11/"
- + "cipherText__RSA-4096__aes256-gcm__rsa-oaep__Sha512-MGF_Sha1_PSource.xml";
-
- Document dd = decryptElement(filename, rsaKey, (X509Certificate)cert);
- // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
- checkDecryptedDoc(dd, true);
- } else {
- log.warn(
- "Skipping testRSA4096 as necessary "
- + "crypto algorithms are not available"
- );
- }
+ PrivateKey rsaKey = pkEntry.getPrivateKey();
+
+ String filename = "org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-4096__aes256-gcm__rsa-oaep__Sha512-MGF_Sha1_PSource.xml";
+
+ Document dd = decryptElement(filename, rsaKey, (X509Certificate) cert);
+ // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
+ checkDecryptedDoc(dd, true);
}
/**
@@ -505,132 +308,151 @@ public class XMLEncryption11Test extends
*/
@org.junit.Test
public void testKeyWrappingRSA4096EncryptDecrypt() throws Exception {
- if (haveISOPadding) {
- String keystore =
- "src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-4096_SHA256WithRSA.jks";
- String basedir = System.getProperty("basedir");
- if (basedir != null && !"".equals(basedir)) {
- keystore = basedir + "/" + keystore;
- }
-
- KeyStore keyStore = KeyStore.getInstance("jks");
- keyStore.load(new java.io.FileInputStream(keystore), "passwd".toCharArray());
-
- Certificate cert = keyStore.getCertificate("importkey");
-
- KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
+ String keystore = "org/w3c/www/interop/xmlenc-core-11/RSA-4096_SHA256WithRSA.jks";
+
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(this.getClass().getClassLoader().getResourceAsStream(keystore), "passwd".toCharArray());
+
+ Certificate cert = keyStore.getCertificate("importkey");
+
+ KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
keyStore.getEntry("importkey", new KeyStore.PasswordProtection("passwd".toCharArray()));
- PrivateKey rsaKey = pkEntry.getPrivateKey();
+ PrivateKey rsaKey = pkEntry.getPrivateKey();
+ X509Certificate x509Certificate = (X509Certificate) pkEntry.getCertificate();
- // Perform encryption
- String filename = "src/test/resources/org/w3c/www/interop/xmlenc-core-11/plaintext.xml";
- javax.xml.parsers.DocumentBuilderFactory dbf =
- javax.xml.parsers.DocumentBuilderFactory.newInstance();
- dbf.setNamespaceAware(true);
- dbf.setAttribute("http://xml.org/sax/features/namespaces", Boolean.TRUE);
- if (basedir != null && !"".equals(basedir)) {
- filename = basedir + "/" + filename;
- }
- File f = new File(filename);
-
- DocumentBuilder db = dbf.newDocumentBuilder();
- Document doc = db.parse(new java.io.FileInputStream(f));
-
- Key sessionKey = getSessionKey("http://www.w3.org/2009/xmlenc11#aes256-gcm");
- EncryptedKey encryptedKey =
- createEncryptedKey(
- doc,
- (X509Certificate)cert,
- sessionKey,
- "http://www.w3.org/2009/xmlenc11#rsa-oaep",
- "http://www.w3.org/2001/04/xmlenc#sha512",
- "http://www.w3.org/2009/xmlenc11#mgf1sha1",
- Base64.decode("ZHVtbXkxMjM=".getBytes("UTF-8"))
- );
-
- doc =
- encryptDocument(
- doc,
- encryptedKey,
- sessionKey,
- "http://www.w3.org/2009/xmlenc11#aes256-gcm"
- );
- // XMLUtils.outputDOM(doc.getFirstChild(), System.out);
-
- // Perform decryption
- Document dd = decryptElement(doc, rsaKey, (X509Certificate)cert);
- // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
- checkDecryptedDoc(dd, true);
- } else {
- log.warn(
- "Skipping testRSA2048 as necessary "
- + "crypto algorithms are not available"
- );
- }
+ // Perform encryption
+ String filename = "org/w3c/www/interop/xmlenc-core-11/plaintext.xml";
+
+ KeyGenerator keygen = KeyGenerator.getInstance("AES");
+ keygen.init(256);
+ SecretKey sessionKey = keygen.generateKey();
+
+ SecurePart securePart =
+ new SecurePart(new QName("urn:example:po", "PurchaseOrder"), SecurePart.Modifier.Element);
+
+ Document ed = encryptDocument(filename, securePart,
+ x509Certificate.getPublicKey(), "http://www.w3.org/2009/xmlenc11#rsa-oaep",
+ "http://www.w3.org/2001/04/xmlenc#sha512",
+ "http://www.w3.org/2009/xmlenc11#mgf1sha1",
+ sessionKey, "http://www.w3.org/2009/xmlenc11#aes256-gcm",
+ Base64.decode("ZHVtbXkxMjM=".getBytes("UTF-8")));
+ // XMLUtils.outputDOM(ed.getFirstChild(), System.out);
+
+ // Perform decryption
+ Document dd = decryptElement(ed, rsaKey, (X509Certificate) cert);
+ // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
+ checkDecryptedDoc(dd, true);
+ }
+
+ /**
+ * rsa-oaep, Digest:SHA512, MGF:SHA512, PSource: Specified 8 bytes
+ */
+ @org.junit.Test
+ public void testKeyWrappingRSA4096MGFSHA512EncryptDecrypt() throws Exception {
+ String keystore = "org/w3c/www/interop/xmlenc-core-11/RSA-4096_SHA256WithRSA.jks";
+
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(this.getClass().getClassLoader().getResourceAsStream(keystore), "passwd".toCharArray());
+
+ Certificate cert = keyStore.getCertificate("importkey");
+
+ KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
+ keyStore.getEntry("importkey", new KeyStore.PasswordProtection("passwd".toCharArray()));
+ PrivateKey rsaKey = pkEntry.getPrivateKey();
+ X509Certificate x509Certificate = (X509Certificate) pkEntry.getCertificate();
+
+ // Perform encryption
+ String filename = "org/w3c/www/interop/xmlenc-core-11/plaintext.xml";
+
+ KeyGenerator keygen = KeyGenerator.getInstance("AES");
+ keygen.init(256);
+ SecretKey sessionKey = keygen.generateKey();
+
+ SecurePart securePart =
+ new SecurePart(new QName("urn:example:po", "PurchaseOrder"), SecurePart.Modifier.Element);
+
+ Document ed = encryptDocument(filename, securePart,
+ x509Certificate.getPublicKey(), "http://www.w3.org/2009/xmlenc11#rsa-oaep",
+ "http://www.w3.org/2001/04/xmlenc#sha512",
+ "http://www.w3.org/2009/xmlenc11#mgf1sha512",
+ sessionKey, "http://www.w3.org/2009/xmlenc11#aes256-gcm",
+ Base64.decode("ZHVtbXkxMjM=".getBytes("UTF-8")));
+ // XMLUtils.outputDOM(ed.getFirstChild(), System.out);
+
+ // Perform decryption
+ Document dd = decryptElement(ed, rsaKey, (X509Certificate) cert);
+ // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
+ checkDecryptedDoc(dd, true);
}
-
+
/**
* Method decryptElement
- *
+ * <p/>
* Take a key, encryption type and a file, find an encrypted element
* decrypt it and return the resulting document
- *
- * @param filename File to decrypt from
- * @param key The Key to use for decryption
*/
private Document decryptElement(String filename, Key rsaKey, X509Certificate rsaCert) throws Exception {
- // Parse the document in question
- javax.xml.parsers.DocumentBuilderFactory dbf =
- javax.xml.parsers.DocumentBuilderFactory.newInstance();
- dbf.setNamespaceAware(true);
- dbf.setAttribute("http://xml.org/sax/features/namespaces", Boolean.TRUE);
- String basedir = System.getProperty("basedir");
- if (basedir != null && !"".equals(basedir)) {
- filename = basedir + "/" + filename;
- }
- File f = new File(filename);
+ DocumentBuilder db = documentBuilderFactory.newDocumentBuilder();
+ Document doc = db.parse(this.getClass().getClassLoader().getResourceAsStream(filename));
- DocumentBuilder db = dbf.newDocumentBuilder();
- Document doc = db.parse(new java.io.FileInputStream(f));
-
return decryptElement(doc, rsaKey, rsaCert);
}
-
+
/**
* Method decryptElement
- *
+ * <p/>
* Take a key, encryption type and a document, find an encrypted element
* decrypt it and return the resulting document
- *
- * @param filename File to decrypt from
- * @param key The Key to use for decryption
*/
private Document decryptElement(Document doc, Key rsaKey, X509Certificate rsaCert) throws Exception {
+ Document clonedDocument = (Document) doc.cloneNode(true);
+ decryptElementDOM(doc, rsaKey, rsaCert);
+ return decryptElementStAX(clonedDocument, rsaKey, rsaCert);
+ }
+
+ /**
+ * Decrypt using StAX API
+ */
+ private Document decryptElementStAX(Document doc, Key rsaKey, X509Certificate rsaCert) throws Exception {
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ properties.setDecryptionKey(rsaKey);
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
+
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new DOMSource(doc));
+
+ XMLStreamReader securityStreamReader =
+ inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
+
+ return StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+ }
+
+ /**
+ * Decrypt using DOM API
+ */
+ private Document decryptElementDOM(Document doc, Key rsaKey, X509Certificate rsaCert) throws Exception {
+
// Create the XMLCipher element
XMLCipher cipher = XMLCipher.getInstance();
-
+
// Need to pre-load the Encrypted Data so we can get the key info
- Element ee =
- (Element) doc.getElementsByTagNameNS(
- "http://www.w3.org/2001/04/xmlenc#", "EncryptedData"
- ).item(0);
+ Element ee =
+ (Element) doc.getElementsByTagNameNS(
+ "http://www.w3.org/2001/04/xmlenc#", "EncryptedData"
+ ).item(0);
cipher.init(XMLCipher.DECRYPT_MODE, null);
EncryptedData encryptedData = cipher.loadEncryptedData(doc, ee);
-
+
KeyInfo ki = encryptedData.getKeyInfo();
EncryptedKey encryptedKey = ki.itemEncryptedKey(0);
- KeyInfo kiek = encryptedKey.getKeyInfo();
- X509Data certData = kiek.itemX509Data(0);
- XMLX509Certificate xcert = certData.itemCertificate(0);
- X509Certificate cert = xcert.getX509Certificate();
- assertTrue(rsaCert.equals(cert));
-
+
XMLCipher cipher2 = XMLCipher.getInstance();
cipher2.init(XMLCipher.UNWRAP_MODE, rsaKey);
- Key key =
- cipher2.decryptKey(
- encryptedKey, encryptedData.getEncryptionMethod().getAlgorithm()
- );
+ Key key =
+ cipher2.decryptKey(
+ encryptedKey, encryptedData.getEncryptionMethod().getAlgorithm()
+ );
cipher.init(XMLCipher.DECRYPT_MODE, key);
Document dd = cipher.doFinal(doc, ee);
@@ -639,82 +461,74 @@ public class XMLEncryption11Test extends
}
/**
- * Create an EncryptedKey object using the given parameters.
- */
- private EncryptedKey createEncryptedKey(
- Document doc,
- X509Certificate rsaCert,
- Key sessionKey,
- String encryptionMethod,
- String digestMethod,
- String mgfAlgorithm,
- byte[] oaepParams
- ) throws Exception {
- // Create the XMLCipher element
- XMLCipher cipher = XMLCipher.getInstance(encryptionMethod, null, digestMethod);
-
- cipher.init(XMLCipher.WRAP_MODE, rsaCert.getPublicKey());
- EncryptedKey encryptedKey = cipher.encryptKey(doc, sessionKey, mgfAlgorithm, oaepParams);
-
- KeyInfo builderKeyInfo = encryptedKey.getKeyInfo();
- if (builderKeyInfo == null) {
- builderKeyInfo = new KeyInfo(doc);
- encryptedKey.setKeyInfo(builderKeyInfo);
- }
-
- X509Data x509Data = new X509Data(doc);
- x509Data.addCertificate(rsaCert);
- builderKeyInfo.add(x509Data);
-
- return encryptedKey;
- }
-
- /**
- * Generate a session key using the given algorithm
- */
- private Key getSessionKey(String encryptionMethod) throws Exception {
- // Generate a session key
- KeyGenerator keyGen = KeyGenerator.getInstance("AES");
- if (encryptionMethod.contains("128")) {
- keyGen.init(128);
- } else if (encryptionMethod.contains("192")) {
- keyGen.init(192);
- } else if (encryptionMethod.contains("256")) {
- keyGen.init(256);
- }
- return keyGen.generateKey();
- }
-
- /**
* Encrypt a Document using the given parameters.
*/
- private Document encryptDocument(
- Document doc,
- EncryptedKey encryptedKey,
- Key sessionKey,
- String encryptionMethod
- ) throws Exception {
- // Create the XMLCipher element
- XMLCipher cipher = XMLCipher.getInstance(encryptionMethod);
-
- cipher.init(XMLCipher.ENCRYPT_MODE, sessionKey);
- EncryptedData builder = cipher.getEncryptedData();
-
- KeyInfo builderKeyInfo = builder.getKeyInfo();
- if (builderKeyInfo == null) {
- builderKeyInfo = new KeyInfo(doc);
- builder.setKeyInfo(builderKeyInfo);
+ private Document encryptDocument(String filename, SecurePart securePart, Key encryptedKey, String encryptedKeyAlgo,
+ String digestMethodAlgo, String mgfAlgo, Key sessionKey, String encryptionMethodAlgo,
+ byte[] oaepParams)
+ throws Exception {
+
+ // Set up the Configuration
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ XMLSecurityConstants.Action[] actions =
+ new XMLSecurityConstants.Action[]{XMLSecurityConstants.ENCRYPT};
+ properties.setOutAction(actions);
+
+ properties.setEncryptionTransportKey(encryptedKey);
+ properties.setEncryptionKeyTransportAlgorithm(encryptedKeyAlgo);
+ properties.setEncryptionKeyTransportDigestAlgorithm(digestMethodAlgo);
+ properties.setEncryptionKeyTransportMGFAlgorithm(mgfAlgo);
+ properties.setEncryptionKeyTransportOAEPParams(oaepParams);
+
+ properties.setEncryptionKey(sessionKey);
+ properties.setEncryptionSymAlgorithm(encryptionMethodAlgo);
+
+ properties.addEncryptionPart(securePart);
+
+ OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, "UTF-8");
+
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(filename);
+ XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(sourceDocument);
+
+ XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
+ xmlStreamWriter.close();
+
+ Document document =
+ documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
+
+ NodeList nodeList = document.getElementsByTagNameNS("urn:example:po", "PaymentInfo");
+ Assert.assertEquals(nodeList.getLength(), 0);
+
+ NodeList encryptionMethodElements = document.getElementsByTagNameNS(XMLSecurityConstants.NS_XMLENC, "EncryptionMethod");
+ Assert.assertEquals(2, encryptionMethodElements.getLength());
+ Assert.assertEquals(encryptionMethodAlgo, ((Element) encryptionMethodElements.item(0)).getAttribute("Algorithm"));
+ Assert.assertEquals(encryptedKeyAlgo, ((Element) encryptionMethodElements.item(1)).getAttribute("Algorithm"));
+
+ if (digestMethodAlgo != null) {
+ NodeList digestMethodElements = document.getElementsByTagNameNS(XMLSecurityConstants.NS_DSIG, "DigestMethod");
+ Assert.assertEquals(1, digestMethodElements.getLength());
+ Assert.assertEquals(digestMethodAlgo, ((Element) digestMethodElements.item(0)).getAttribute("Algorithm"));
+ }
+ if (mgfAlgo != null) {
+ NodeList mfgElements = document.getElementsByTagNameNS(XMLSecurityConstants.NS_XMLENC11, "MGF");
+ Assert.assertEquals(1, mfgElements.getLength());
+ Assert.assertEquals(mgfAlgo, ((Element) mfgElements.item(0)).getAttribute("Algorithm"));
+ }
+ if (oaepParams != null) {
+ NodeList oaepParamsElements = document.getElementsByTagNameNS(XMLSecurityConstants.NS_XMLENC, "OAEPparams");
+ Assert.assertEquals(1, oaepParamsElements.getLength());
+ Assert.assertArrayEquals(oaepParams, Base64.decode((Element) oaepParamsElements.item(0)));
}
-
- builderKeyInfo.add(encryptedKey);
-
- return cipher.doFinal(doc, doc.getDocumentElement());
+ return document;
}
-
+
/**
* Method countNodes
- *
+ * <p/>
* Recursively count the number of nodes in the document
*
* @param n Node to count beneath
@@ -735,20 +549,21 @@ public class XMLEncryption11Test extends
return count;
}
-
+
/**
* Method retrieveCCNumber
- *
+ * <p/>
* Retrieve the credit card number from the payment info document
*
* @param doc The document to retrieve the card number from
* @return The retrieved credit card number
- * @throws XPathExpressionException
+ * @throws javax.xml.xpath.XPathExpressionException
+ *
*/
- private static String retrieveCCNumber(Document doc)
- throws javax.xml.transform.TransformerException,
- XPathExpressionException {
-
+ private static String retrieveCCNumber(Document doc)
+ throws javax.xml.transform.TransformerException,
+ XPathExpressionException {
+
XPathFactory xpf = XPathFactory.newInstance();
XPath xpath = xpf.newXPath();
Map<String, String> namespace = new HashMap<String, String>();
@@ -757,8 +572,8 @@ public class XMLEncryption11Test extends
xpath.setNamespaceContext(context);
String expression = "//x:Number/text()";
- Node ccnumElt =
- (Node) xpath.evaluate(expression, doc, XPathConstants.NODE);
+ Node ccnumElt =
+ (Node) xpath.evaluate(expression, doc, XPathConstants.NODE);
if (ccnumElt != null) {
return ccnumElt.getNodeValue();
@@ -774,18 +589,16 @@ public class XMLEncryption11Test extends
private void checkDecryptedDoc(Document d, boolean doNodeCheck) throws Exception {
String cc = retrieveCCNumber(d);
- log.debug("Retrieved Credit Card : " + cc);
- assertTrue(cc, ((cc!= null) && (cc.equals(cardNumber))));
+ assertTrue(cc, ((cc != null) && (cc.equals(cardNumber))));
// Test cc numbers
if (doNodeCheck) {
int myNodeCount = countNodes(d);
assertTrue(
- "Node count mismatches",
- ((myNodeCount > 0) && myNodeCount == nodeCount)
+ "Node count mismatches",
+ ((myNodeCount > 0) && myNodeCount == nodeCount)
);
}
}
-
}