svn commit: r1697004 - /santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/encryption/XMLCipherTest.java

[co...@apache.org]

Author: coheigea
Date: Fri Aug 21 14:25:09 2015
New Revision: 1697004

URL: http://svn.apache.org/r1697004
Log:
Test multiple recipients for the DOM encryption code

Modified:
    santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/encryption/XMLCipherTest.java

Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/encryption/XMLCipherTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/encryption/XMLCipherTest.java?rev=1697004&r1=1697003&r2=1697004&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/encryption/XMLCipherTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/encryption/XMLCipherTest.java Fri Aug 21 14:25:09 2015
@@ -917,6 +917,75 @@ public class XMLCipherTest extends org.j
 
         xmlCipher.decryptToByteArray(encryptedData);
     }
+    
+    @org.junit.Test
+    public void testMultipleKEKs() throws Exception {
+
+        Document d = document(); // source
+        Document ed = null;
+        Document dd = null;
+        Element e = (Element) d.getElementsByTagName(element()).item(index());
+        Element ee = null;
+
+        String source = null;
+        String target = null;
+
+        if (haveISOPadding && haveKeyWraps) {
+            source = toString(d);
+
+            // Set up Key Encryption Key no. 1
+            KeyGenerator keygen = KeyGenerator.getInstance("AES");
+            keygen.init(192);
+            Key kek1 = keygen.generateKey();
+            
+            // Set up Key Encryption Key no. 2
+            Key kek2 = keygen.generateKey();
+
+            // Generate a traffic key
+            keygen = KeyGenerator.getInstance("AES");
+            keygen.init(128);
+            Key key = keygen.generateKey();
+
+            cipher = XMLCipher.getInstance(XMLCipher.AES_192_KeyWrap);
+            cipher.init(XMLCipher.WRAP_MODE, kek1);
+            EncryptedKey encryptedKey1 = cipher.encryptKey(d, key);
+            
+            cipher.init(XMLCipher.WRAP_MODE, kek2);
+            EncryptedKey encryptedKey2 = cipher.encryptKey(d, key);
+
+            // encrypt
+            cipher = XMLCipher.getInstance(XMLCipher.AES_128);
+            cipher.init(XMLCipher.ENCRYPT_MODE, key);
+            EncryptedData builder = cipher.getEncryptedData();
+
+            KeyInfo builderKeyInfo = builder.getKeyInfo();
+            if (builderKeyInfo == null) {
+                builderKeyInfo = new KeyInfo(d);
+                builder.setKeyInfo(builderKeyInfo);
+            }
+
+            builderKeyInfo.add(encryptedKey1);
+            builderKeyInfo.add(encryptedKey2);
+
+            ed = cipher.doFinal(d, e);
+            
+            //decrypt
+            key = null;
+            ee = (Element) ed.getElementsByTagName("xenc:EncryptedData").item(0);
+            cipher = XMLCipher.getInstance(XMLCipher.AES_128);
+            cipher.init(XMLCipher.DECRYPT_MODE, null);
+            cipher.setKEK(kek2);
+            dd = cipher.doFinal(ed, ee);
+
+            target = toString(dd);
+            assertEquals(source, target);
+        } else {
+            log.warn(
+                "Test testAES128ElementAES192KWCipherUsingKEK skipped as "
+                + "necessary algorithms not available"
+            );
+        }
+    }
 
     private String toString (Node n) throws Exception {
         ByteArrayOutputStream baos = new ByteArrayOutputStream();