You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by ni...@apache.org on 2013/08/27 15:52:30 UTC
[2/6] CAMEL-6339 Applied the patch with thanks to Franz
http://git-wip-us.apache.org/repos/asf/camel/blob/a8265a2c/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/SpringXmlSignatureTests.xml
----------------------------------------------------------------------
diff --git a/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/SpringXmlSignatureTests.xml b/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/SpringXmlSignatureTests.xml
new file mode 100644
index 0000000..bc0a6d1
--- /dev/null
+++ b/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/SpringXmlSignatureTests.xml
@@ -0,0 +1,389 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
+ ">
+
+ <camelContext id="camel" xmlns="http://camel.apache.org/schema/spring">
+ <onException>
+ <exception>org.apache.camel.component.xmlsecurity.api.XmlSignatureException
+ </exception>
+ <handled>
+ <constant>false</constant>
+ </handled>
+ <to uri="mock:exception" />
+ </onException>
+
+ <!-- START SNIPPET: enveloping XML signature -->
+ <route>
+ <from uri="direct:enveloping" />
+ <to uri="xmlsecurity:sign://enveloping?keyAccessor=#accessorRsa" />
+ <to uri="xmlsecurity:verify://enveloping?keySelector=#selectorRsa" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: enveloping XML signature -->
+
+ <!-- START SNIPPET: enveloping XML signature with plain text -->
+ <route>
+ <from uri="direct:plaintext" />
+ <to
+ uri="xmlsecurity:sign://plaintext?keyAccessor=#accessorRsa&plainText=true&plainTextEncoding=UTF-8" />
+ <to uri="xmlsecurity:verify://plaintext?keySelector=#selectorRsa" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: enveloping XML signature with plain text -->
+
+ <!-- START SNIPPET: enveloped XML signature -->
+ <route>
+ <from uri="direct:enveloped" />
+ <to
+ uri="xmlsecurity:sign://enveloped?keyAccessor=#accessorRsa&parentLocalName=root&parentNamespace=http://test/test" />
+ <to uri="xmlsecurity:verify://enveloped?keySelector=#selectorRsa" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: enveloped XML signature -->
+
+ <!-- START SNIPPET: canonicalization -->
+ <route>
+ <from uri="direct:canonicalization" />
+ <to
+ uri="xmlsecurity:sign://canonicalization?keyAccessor=#accessorRsa&canonicalizationMethod=#canonicalizationMethod1" />
+ <to uri="xmlsecurity:verify://canonicalization?keySelector=#selectorRsa" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: canonicalization -->
+
+ <!-- START SNIPPET: digest and signature algorithm -->
+ <route>
+ <from uri="direct:signaturedigestalgorithm" />
+ <to
+ uri="xmlsecurity:sign://signaturedigestalgorithm?keyAccessor=#accessorRsa&signatureAlgorithm=http://www.w3.org/2001/04/xmldsig-more#rsa-sha384&digestAlgorithm=http://www.w3.org/2001/04/xmlenc#sha256" />
+ <to
+ uri="xmlsecurity:verify://signaturedigestalgorithm?keySelector=#selectorRsa" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: digest and signature algorithm -->
+
+ <!-- START SNIPPET: transforms XPath2 -->
+ <route>
+ <from uri="direct:transformsXPath2" />
+ <to
+ uri="xmlsecurity:sign://transformsXPath2?keyAccessor=#accessorRsa&transformMethods=#transformsXPath2" />
+ <to uri="xmlsecurity:verify://transformsXPath2?keySelector=#selectorRsa" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: transforms XPath2 -->
+
+ <!-- START SNIPPET: transforms XSLT, XPath -->
+ <route>
+ <from uri="direct:transformsXsltXPath" />
+ <to
+ uri="xmlsecurity:sign://transformsXsltXPath?keyAccessor=#accessorRsa&transformMethods=#transformsXsltXPath" />
+ <to
+ uri="xmlsecurity:verify://transformsXsltXPath?keySelector=#selectorRsa" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: transforms XSLT, XPath -->
+
+ <!-- START SNIPPET: transforms XSLT, XPath - secure Validation disabled -->
+ <route>
+ <from uri="direct:transformsXsltXPathSecureValDisabled" />
+ <to
+ uri="xmlsecurity:sign://transformsXsltXPathSecureValDisabled?keyAccessor=#accessorRsa&transformMethods=#transformsXsltXPath" />
+ <to
+ uri="xmlsecurity:verify://transformsXsltXPathSecureValDisabled?keySelector=#selectorRsa&secureValidation=false" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: transforms XSLT, XPath - secure Validation disabled -->
+
+
+ <!-- START SNIPPET: invalid key exception -->
+ <route>
+ <from uri="direct:signexceptioninvalidkey" />
+ <to
+ uri="xmlsecurity:sign://signexceptioninvalidkey?keyAccessor=#accessorDsa" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: invalid key exception -->
+
+ <!-- START SNIPPET: sign exceptions -->
+ <route>
+ <from uri="direct:signexceptions" />
+ <to
+ uri="xmlsecurity:sign://signexceptioninvalidkey?keyAccessor=#accessorRsa" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: sign exceptions -->
+
+ <!-- START SNIPPET: noSuchAlgorithmException -->
+ <route>
+ <from uri="direct:noSuchAlgorithmException" />
+ <to
+ uri="xmlsecurity:sign://noSuchAlgorithmException?keyAccessor=#accessorRsa&signatureAlgorithm=wrongalgorithm&digestAlgorithm=http://www.w3.org/2001/04/xmlenc#sha512" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: noSuchAlgorithmException -->
+
+ <!-- START SNIPPET: verify exceptions -->
+ <route>
+ <from uri="direct:verifyexceptions" />
+ <to uri="xmlsecurity:verify://verifyexceptions?keySelector=#selectorDsa" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: verify exceptions -->
+
+ <!-- START SNIPPET: verifier InvalidHashException -->
+ <route>
+ <from uri="direct:invalidhash" />
+ <to
+ uri="xmlsecurity:verify://invalidhash?keySelector=#selectorKeyValue&baseUri=#baseUri&secureValidation=false" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: verifier InvalidHashException -->
+
+ <!-- START SNIPPET: cryptoContextProperties -->
+ <route>
+ <from uri="direct:cryptocontextprops" />
+ <to
+ uri="xmlsecurity:verify://cryptocontextprops?keySelector=#selectorKeyValue&cryptoContextProperties=#cryptoContextProperties" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: cryptoContextProperties -->
+
+ <!-- START SNIPPET: verify InvalidKeyException -->
+ <route>
+ <from uri="direct:verifyInvalidKeyException" />
+ <to
+ uri="xmlsecurity:verify://verifyInvalidKeyException?keySelector=#selectorRsa" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: verify InvalidKeyException -->
+
+
+ <!-- START SNIPPET: uridereferencer -->
+ <route>
+ <from uri="direct:uridereferencer" />
+ <to
+ uri="xmlsecurity:sign://uridereferencer?keyAccessor=#accessorRsa&uriDereferencer=#uriDereferencer" />
+ <to
+ uri="xmlsecurity:verify://uridereferencer?keySelector=#selectorRsa&uriDereferencer=#uriDereferencer" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: uridereferencer -->
+
+ <!-- START SNIPPET: keyAccessorKeySelectorDefault -->
+ <route>
+ <from uri="direct:keyAccessorKeySelectorDefault" />
+ <to
+ uri="xmlsecurity:sign://keyAccessorKeySelectorDefault?keyAccessor=#keyAccessorDefault" />
+ <to
+ uri="xmlsecurity:verify://keyAccessorKeySelectorDefault?keySelector=#keySelectorDefault" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: keyAccessorKeySelectorDefault -->
+
+ <!-- START SNIPPET: xmlSignatureChecker -->
+ <route>
+ <from uri="direct:xmlSignatureChecker" />
+ <to
+ uri="xmlsecurity:verify://keyAccessorKeySelectorDefault?keySelector=#selectorKeyValue&xmlSignatureChecker=#envelopingSignatureChecker" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: xmlSignatureChecker -->
+
+ <!-- START SNIPPET: properties -->
+ <route>
+ <from uri="direct:props" />
+ <to
+ uri="xmlsecurity:sign://properties?keyAccessor=#accessorRsa&properties=#signatureProperties" />
+ <to
+ uri="xmlsecurity:verify://properties?keySelector=#selectorRsa&xmlSignature2Message=#xmlSignature2MessageWithTimestampPropertyy" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: properties -->
+
+ <!-- START SNIPPET: verify output node search element name -->
+ <route>
+ <from uri="direct:outputnodesearchelementname" />
+ <to
+ uri="xmlsecurity:verify://outputnodesearchelementname?keySelector=#selectorKeyValue&outputNodeSearchType=ElementName&outputNodeSearch={http://test/test}root&removeSignatureElements=true" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: verify output node search element name -->
+
+ <!-- START SNIPPET: verify output node search xpath -->
+ <route>
+ <from uri="direct:outputnodesearchxpath" />
+ <to
+ uri="xmlsecurity:verify://outputnodesearchxpath?keySelector=#selectorKeyValue&outputNodeSearchType=XPath&outputNodeSearch=#nodesearchxpath&removeSignatureElements=true" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: verify output node search xpath -->
+
+ <!-- START SNIPPET: validationFailedHandler -->
+ <route>
+ <from uri="direct:validationFailedHandler" />
+ <to
+ uri="xmlsecurity:verify://validationFailedHandler?keySelector=#selectorKeyValue&validationFailedHandler=validationFailedHandlerIgnoreManifestFailures" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: validationFailedHandler -->
+
+ <!-- START SNIPPET: further parameters -->
+ <route>
+ <from uri="direct:furtherparams" />
+ <to
+ uri="xmlsecurity:sign://furtherparams?keyAccessor=#accessorRsa&prefixForXmlSignatureNamespace=digsig&disallowDoctypeDecl=false" />
+ <to
+ uri="xmlsecurity:verify://furtherparams?keySelector=#selectorRsa&disallowDoctypeDecl=false" />
+ <to uri="mock:result" />
+ </route>
+ <!-- END SNIPPET: further parameters -->
+
+
+ </camelContext>
+
+ <bean id="accessorDsa"
+ class="org.apache.camel.component.xmlsecurity.SpringXmlSignatureTest"
+ factory-method="getDsaKeyAccessor" />
+ <bean id="accessorRsa"
+ class="org.apache.camel.component.xmlsecurity.SpringXmlSignatureTest"
+ factory-method="getRsaKeyAccessor" />
+ <bean id="selectorDsa"
+ class="org.apache.camel.component.xmlsecurity.SpringXmlSignatureTest"
+ factory-method="getDsaKeySelector" />
+ <bean id="selectorRsa"
+ class="org.apache.camel.component.xmlsecurity.SpringXmlSignatureTest"
+ factory-method="getRsaKeySelector" />
+
+ <bean id="keyAccessorDefault"
+ class="org.apache.camel.component.xmlsecurity.SpringXmlSignatureTest"
+ factory-method="getDefaultKeyAccessor" />
+ <bean id="keySelectorDefault"
+ class="org.apache.camel.component.xmlsecurity.SpringXmlSignatureTest"
+ factory-method="getDefaultKeySelector" />
+
+ <bean id="baseUri"
+ class="org.apache.camel.component.xmlsecurity.SpringXmlSignatureTest"
+ factory-method="getBaseUri" />
+
+ <bean id="selectorKeyValue"
+ class="org.apache.camel.component.xmlsecurity.SpringXmlSignatureTest"
+ factory-method="getKeyValueKeySelector" />
+
+ <bean id="cryptoContextProperties"
+ class="org.apache.camel.component.xmlsecurity.SpringXmlSignatureTest"
+ factory-method="getCrytoContextProperties" />
+
+ <bean id="canonicalizationMethod1"
+ class="org.apache.camel.component.xmlsecurity.api.XmlSignatureHelper"
+ factory-method="getCanonicalizationMethod">
+ <constructor-arg type="java.lang.String"
+ value="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ </bean>
+
+ <bean id="transformsXsltXPath"
+ class="org.apache.camel.component.xmlsecurity.api.XmlSignatureHelper"
+ factory-method="getTransforms">
+ <constructor-arg type="java.util.List">
+ <list>
+ <bean
+ class="org.apache.camel.component.xmlsecurity.api.XmlSignatureHelper"
+ factory-method="getCanonicalizationMethod">
+ <constructor-arg type="java.lang.String"
+ value="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ </bean>
+ <bean
+ class="org.apache.camel.component.xmlsecurity.api.XmlSignatureHelper"
+ factory-method="getXslTransform">
+ <constructor-arg type="java.lang.String"
+ value="/org/apache/camel/component/xmlsecurity/xslt_test.xsl" />
+ </bean>
+ <bean
+ class="org.apache.camel.component.xmlsecurity.api.XmlSignatureHelper"
+ factory-method="getXPathTransform">
+ <constructor-arg type="java.lang.String" value="//n0:XMLSecurity/n0:Content" />
+ <constructor-arg type="java.util.Map">
+ <map>
+ <entry key="n0" value="https://org.apache/camel/xmlsecurity/test" />
+ </map>
+ </constructor-arg>
+ </bean>
+ <!-- I removed base 64 transform because the JDK provider does not support
+ correctly this transform <bean class="org.apache.camel.component.xmlsecurity.api.XmlSignatureHelper"
+ factory-method="getBase64Transform" /> -->
+ </list>
+ </constructor-arg>
+ </bean>
+
+
+ <bean id="transformsXPath2"
+ class="org.apache.camel.component.xmlsecurity.api.XmlSignatureHelper"
+ factory-method="getTransforms">
+ <constructor-arg type="java.util.List">
+ <list>
+ <bean
+ class="org.apache.camel.component.xmlsecurity.api.XmlSignatureHelper"
+ factory-method="getCanonicalizationMethod">
+ <constructor-arg type="java.lang.String"
+ value="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
+ </bean>
+ <bean
+ class="org.apache.camel.component.xmlsecurity.api.XmlSignatureHelper"
+ factory-method="getXPath2Transform">
+ <constructor-arg type="java.util.List">
+ <list>
+ <bean
+ class="org.apache.camel.component.xmlsecurity.api.XmlSignatureHelper.XPathAndFilter">
+ <property name="xpath" value="//n0:ToBeSigned" />
+ <property name="filter" value="intersect" />
+ </bean>
+ <bean
+ class="org.apache.camel.component.xmlsecurity.api.XmlSignatureHelper.XPathAndFilter">
+ <property name="xpath" value="//n0:NotToBeSigned" />
+ <property name="filter" value="subtract" />
+ </bean>
+ <bean
+ class="org.apache.camel.component.xmlsecurity.api.XmlSignatureHelper.XPathAndFilter">
+ <property name="xpath" value="//n0:ReallyToBeSigned" />
+ <property name="filter" value="union" />
+ </bean>
+ </list>
+ </constructor-arg>
+ <constructor-arg type="java.util.Map">
+ <map>
+ <entry key="n0" value="http://test/test" />
+ </map>
+ </constructor-arg>
+ </bean>
+ </list>
+ </constructor-arg>
+ </bean>
+
+ <bean id="uriDereferencer"
+ class="org.apache.camel.component.xmlsecurity.SpringXmlSignatureTest"
+ factory-method="getSameDocumentUriDereferencer" />
+
+ <bean id="envelopingSignatureChecker"
+ class="org.apache.camel.component.xmlsecurity.SpringXmlSignatureTest"
+ factory-method="getEnvelopingXmlSignatureChecker" />
+
+ <bean id="xmlSignature2MessageWithTimestampPropertyy"
+ class="org.apache.camel.component.xmlsecurity.SpringXmlSignatureTest"
+ factory-method="getXmlSignature2MessageWithTimestampdProperty" />
+
+ <bean id="signatureProperties"
+ class="org.apache.camel.component.xmlsecurity.SpringXmlSignatureTest"
+ factory-method="getSignatureProperties" />
+
+ <bean id="validationFailedHandlerIgnoreManifestFailures"
+ class="org.apache.camel.component.xmlsecurity.SpringXmlSignatureTest"
+ factory-method="getValidationFailedHandlerIgnoreManifestFailures" />
+
+ <bean id="nodesearchxpath"
+ class="org.apache.camel.component.xmlsecurity.SpringXmlSignatureTest"
+ factory-method="getNodeSerachXPath" />
+
+</beans>
http://git-wip-us.apache.org/repos/asf/camel/blob/a8265a2c/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/keystore.jks
----------------------------------------------------------------------
diff --git a/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/keystore.jks b/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/keystore.jks
new file mode 100644
index 0000000..de80bc0
Binary files /dev/null and b/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/keystore.jks differ
http://git-wip-us.apache.org/repos/asf/camel/blob/a8265a2c/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/testFile.txt
----------------------------------------------------------------------
diff --git a/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/testFile.txt b/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/testFile.txt
new file mode 100644
index 0000000..3214841
--- /dev/null
+++ b/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/testFile.txt
@@ -0,0 +1 @@
+<root>Test Message Tampered</root>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/camel/blob/a8265a2c/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/xmldsig-core-schema.dtd
----------------------------------------------------------------------
diff --git a/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/xmldsig-core-schema.dtd b/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/xmldsig-core-schema.dtd
new file mode 100644
index 0000000..969dbb1
--- /dev/null
+++ b/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/xmldsig-core-schema.dtd
@@ -0,0 +1,171 @@
+<!-- DTD for XML Signatures
+ http://www.w3.org/2000/09/xmldsig#
+ Joseph Reagle $last changed 20001215$
+
+ http://www.w3.org/2000/09/xmldsig#
+ $Revision: 1.1 $ on $Date: 2002/02/08 20:32:26 $ by $Author: reagle $
+
+ Copyright 2001 The Internet Society and W3C (Massachusetts Institute
+ of Technology, Institut National de Recherche en Informatique et en
+ Automatique, Keio University). All Rights Reserved.
+ http://www.w3.org/Consortium/Legal/
+
+ This document is governed by the W3C Software License [1] as described
+ in the FAQ [2].
+
+ [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
+ [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
+-->
+
+
+<!--
+
+The following entity declarations enable external/flexible content in
+the Signature content model.
+
+#PCDATA emulates schema string; when combined with element types it
+emulates schema's mixed content type.
+
+%foo.ANY permits the user to include their own element types from
+other namespaces, for example:
+ <!ENTITY % KeyValue.ANY '| ecds:ECDSAKeyValue'>
+ ...
+ <!ELEMENT ecds:ECDSAKeyValue (#PCDATA) >
+
+-->
+
+<!ENTITY % Object.ANY ''>
+<!ENTITY % Method.ANY ''>
+<!ENTITY % Transform.ANY ''>
+<!ENTITY % SignatureProperty.ANY ''>
+<!ENTITY % KeyInfo.ANY ''>
+<!ENTITY % KeyValue.ANY ''>
+<!ENTITY % PGPData.ANY ''>
+<!ENTITY % X509Data.ANY ''>
+<!ENTITY % SPKIData.ANY ''>
+
+
+
+<!-- Start Core Signature declarations, these should NOT be altered -->
+
+<!ELEMENT Signature (SignedInfo, SignatureValue, KeyInfo?, Object*) >
+<!ATTLIST Signature
+ xmlns CDATA #FIXED 'http://www.w3.org/2000/09/xmldsig#'
+ Id ID #IMPLIED >
+
+<!ELEMENT SignatureValue (#PCDATA) >
+<!ATTLIST SignatureValue
+ Id ID #IMPLIED>
+
+<!ELEMENT SignedInfo (CanonicalizationMethod,
+ SignatureMethod, Reference+) >
+<!ATTLIST SignedInfo
+ Id ID #IMPLIED
+>
+
+<!ELEMENT CanonicalizationMethod (#PCDATA %Method.ANY;)* >
+<!ATTLIST CanonicalizationMethod
+ Algorithm CDATA #REQUIRED >
+
+<!ELEMENT SignatureMethod (#PCDATA|HMACOutputLength %Method.ANY;)* >
+<!ATTLIST SignatureMethod
+ Algorithm CDATA #REQUIRED >
+
+<!ELEMENT Reference (Transforms?, DigestMethod, DigestValue) >
+<!ATTLIST Reference
+ Id ID #IMPLIED
+ URI CDATA #IMPLIED
+ Type CDATA #IMPLIED>
+
+
+<!ELEMENT Transforms (Transform+)>
+
+<!ELEMENT Transform (#PCDATA|XPath %Transform.ANY;)* >
+<!ATTLIST Transform
+ Algorithm CDATA #REQUIRED >
+
+<!ELEMENT XPath (#PCDATA) >
+
+<!ELEMENT DigestMethod (#PCDATA %Method.ANY;)* >
+<!ATTLIST DigestMethod
+ Algorithm CDATA #REQUIRED >
+
+<!ELEMENT DigestValue (#PCDATA) >
+
+<!ELEMENT KeyInfo (#PCDATA|KeyName|KeyValue|RetrievalMethod|
+ X509Data|PGPData|SPKIData|MgmtData %KeyInfo.ANY;)* >
+<!ATTLIST KeyInfo
+ Id ID #IMPLIED >
+
+<!-- Key Information -->
+
+<!ELEMENT KeyName (#PCDATA) >
+<!ELEMENT KeyValue (#PCDATA|DSAKeyValue|RSAKeyValue %KeyValue.ANY;)* >
+<!ELEMENT MgmtData (#PCDATA) >
+
+<!ELEMENT RetrievalMethod (Transforms?) >
+<!ATTLIST RetrievalMethod
+ URI CDATA #REQUIRED
+ Type CDATA #IMPLIED >
+
+<!-- X.509 Data -->
+
+<!ELEMENT X509Data ((X509IssuerSerial | X509SKI | X509SubjectName |
+ X509Certificate | X509CRL )+ %X509Data.ANY;)>
+<!ELEMENT X509IssuerSerial (X509IssuerName, X509SerialNumber) >
+<!ELEMENT X509IssuerName (#PCDATA) >
+<!ELEMENT X509SubjectName (#PCDATA) >
+<!ELEMENT X509SerialNumber (#PCDATA) >
+<!ELEMENT X509SKI (#PCDATA) >
+<!ELEMENT X509Certificate (#PCDATA) >
+<!ELEMENT X509CRL (#PCDATA) >
+
+<!-- PGPData -->
+
+<!ELEMENT PGPData ((PGPKeyID, PGPKeyPacket?) | (PGPKeyPacket) %PGPData.ANY;) >
+<!ELEMENT PGPKeyPacket (#PCDATA) >
+<!ELEMENT PGPKeyID (#PCDATA) >
+
+<!-- SPKI Data -->
+
+<!ELEMENT SPKIData (SPKISexp %SPKIData.ANY;) >
+<!ELEMENT SPKISexp (#PCDATA) >
+
+<!-- Extensible Content -->
+
+<!ELEMENT Object (#PCDATA|Signature|SignatureProperties|Manifest %Object.ANY;)* >
+<!ATTLIST Object
+ Id ID #IMPLIED
+ MimeType CDATA #IMPLIED
+ Encoding CDATA #IMPLIED >
+
+<!ELEMENT Manifest (Reference+) >
+<!ATTLIST Manifest
+ Id ID #IMPLIED >
+
+<!ELEMENT SignatureProperties (SignatureProperty+) >
+<!ATTLIST SignatureProperties
+ Id ID #IMPLIED >
+
+<!ELEMENT SignatureProperty (#PCDATA %SignatureProperty.ANY;)* >
+<!ATTLIST SignatureProperty
+ Target CDATA #REQUIRED
+ Id ID #IMPLIED >
+
+<!-- Algorithm Parameters -->
+
+<!ELEMENT HMACOutputLength (#PCDATA) >
+
+<!ELEMENT DSAKeyValue ((P, Q)?, G?, Y, J?, (Seed, PgenCounter)?) >
+<!ELEMENT P (#PCDATA) >
+<!ELEMENT Q (#PCDATA) >
+<!ELEMENT G (#PCDATA) >
+<!ELEMENT Y (#PCDATA) >
+<!ELEMENT J (#PCDATA) >
+<!ELEMENT Seed (#PCDATA) >
+<!ELEMENT PgenCounter (#PCDATA) >
+
+<!ELEMENT RSAKeyValue (Modulus, Exponent) >
+<!ELEMENT Modulus (#PCDATA) >
+<!ELEMENT Exponent (#PCDATA) >
+
http://git-wip-us.apache.org/repos/asf/camel/blob/a8265a2c/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/xslt_test.xsl
----------------------------------------------------------------------
diff --git a/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/xslt_test.xsl b/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/xslt_test.xsl
new file mode 100644
index 0000000..6220480
--- /dev/null
+++ b/components/camel-xmlsecurity/src/test/resources/org/apache/camel/component/xmlsecurity/xslt_test.xsl
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsl:stylesheet version="1.0"
+ xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+ <xsl:template match="/">
+ <n0:XMLSecurity xmlns:n0="https://org.apache/camel/xmlsecurity/test"
+ xmlns:nn0="http://www.w3.org/2000/09/xmldsig#" xmlns:n1="http://test/test">
+ <n0:Content>
+ <!-- must start with the Object element! -->
+ <xsl:value-of select="//n1:root/n1:test" />
+ </n0:Content>
+ </n0:XMLSecurity>
+ </xsl:template>
+</xsl:stylesheet>