You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2012/01/11 17:58:59 UTC
svn commit: r1230150 - in /santuario/xml-security-java/trunk: ./
src/main/java/org/apache/xml/security/algorithms/
src/main/java/org/apache/xml/security/encryption/
src/main/java/org/apache/xml/security/resource/
src/main/java/org/apache/xml/security/u...
Author: coheigea
Date: Wed Jan 11 16:58:58 2012
New Revision: 1230150
URL: http://svn.apache.org/viewvc?rev=1230150&view=rev
Log:
[SANTUARIO-293,SANTUARIO-282] - Support XML Encryption 1.1 Key Wrapping test-cases
- All of the Key Wrapping XML Encryption 1.1 test cases are now working (decryption)
- Added support for EncryptionMethod/ds:DigestAlgorithm and xenc11:MGF
Added:
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/encryption/XMLEncryption11Test.java
santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/
santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-2048_SHA256WithRSA.jks
santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-2048_SHA256WithRSA.p12
santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.jks
santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.p12
santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-4096_SHA256WithRSA.jks
santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-4096_SHA256WithRSA.p12
santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-2048__aes128-gcm__rsa-oaep-mgf1p.xml
santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-3072__aes192-gcm__rsa-oaep-mgf1p__Sha256.xml
santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-3072__aes256-gcm__rsa-oaep__Sha384-MGF_Sha1.xml
santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-4096__aes256-gcm__rsa-oaep__Sha512-MGF_Sha1_PSource.xml
santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/plaintext.xml
Modified:
santuario/xml-security-java/trunk/CHANGELOG.txt
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/JCEMapper.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/EncryptionMethod.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/config.xml
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/utils/EncryptionConstants.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/encryption/BaltimoreEncTest.java
Modified: santuario/xml-security-java/trunk/CHANGELOG.txt
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/CHANGELOG.txt?rev=1230150&r1=1230149&r2=1230150&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/CHANGELOG.txt (original)
+++ santuario/xml-security-java/trunk/CHANGELOG.txt Wed Jan 11 16:58:58 2012
@@ -1,6 +1,7 @@
Changelog for "Apache xml-security" <http://santuario.apache.org/>
New in v1.5.0-SNAPSHOT
+ Fixed SANTUARIO-293: Support XML Encryption 1.1 Key Wrapping test-cases.
Fixed SANTUARIO-292: Add the ability to access the dereferenced Elements after signature validation in the non-JSR-105 API.
Fixed SANTUARIO-290: Add a secure validation switch for signature processing
Fixed SANTUARIO-255: Port JSR 105 code to JDK 1.5.
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/JCEMapper.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/JCEMapper.java?rev=1230150&r1=1230149&r2=1230150&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/JCEMapper.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/algorithms/JCEMapper.java Wed Jan 11 16:58:58 2012
@@ -167,6 +167,10 @@ public class JCEMapper {
new Algorithm("AES", "AES/GCM/NoPadding", "BlockEncryption", 128)
);
algorithmsMap.put(
+ XMLCipher.AES_192_GCM,
+ new Algorithm("AES", "AES/GCM/NoPadding", "BlockEncryption", 192)
+ );
+ algorithmsMap.put(
XMLCipher.AES_256_GCM,
new Algorithm("AES", "AES/GCM/NoPadding", "BlockEncryption", 256)
);
@@ -176,7 +180,11 @@ public class JCEMapper {
);
algorithmsMap.put(
XMLCipher.RSA_OAEP,
- new Algorithm("RSA", "RSA/ECB/OAEPWithSHA1AndMGF1Padding", "KeyTransport")
+ new Algorithm("RSA", "RSA/ECB/OAEPPadding", "KeyTransport")
+ );
+ algorithmsMap.put(
+ XMLCipher.RSA_OAEP_11,
+ new Algorithm("RSA", "RSA/ECB/OAEPPadding", "KeyTransport")
);
algorithmsMap.put(
XMLCipher.DIFFIE_HELLMAN,
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/EncryptionMethod.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/EncryptionMethod.java?rev=1230150&r1=1230149&r2=1230150&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/EncryptionMethod.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/EncryptionMethod.java Wed Jan 11 16:58:58 2012
@@ -77,6 +77,30 @@ public interface EncryptionMethod {
* @param parameters the OAEP parameters.
*/
void setOAEPparams(byte[] parameters);
+
+ /**
+ * Set the Digest Algorithm to use
+ * @param digestAlgorithm the Digest Algorithm to use
+ */
+ void setDigestAlgorithm(String digestAlgorithm);
+
+ /**
+ * Get the Digest Algorithm to use
+ * @return the Digest Algorithm to use
+ */
+ String getDigestAlgorithm();
+
+ /**
+ * Set the MGF Algorithm to use
+ * @param mgfAlgorithm the MGF Algorithm to use
+ */
+ void setMGFAlgorithm(String mgfAlgorithm);
+
+ /**
+ * Get the MGF Algorithm to use
+ * @return the MGF Algorithm to use
+ */
+ String getMGFAlgorithm();
/**
* Returns an iterator over all the additional elements contained in the
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java?rev=1230150&r1=1230149&r2=1230150&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/encryption/XMLCipher.java Wed Jan 11 16:58:58 2012
@@ -29,6 +29,7 @@ import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
+import java.security.spec.MGF1ParameterSpec;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
@@ -40,11 +41,14 @@ import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.OAEPParameterSpec;
+import javax.crypto.spec.PSource;
import org.apache.xml.security.algorithms.JCEMapper;
import org.apache.xml.security.algorithms.MessageDigestAlgorithm;
import org.apache.xml.security.c14n.Canonicalizer;
import org.apache.xml.security.c14n.InvalidCanonicalizerException;
+import org.apache.xml.security.exceptions.Base64DecodingException;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.keys.KeyInfo;
import org.apache.xml.security.keys.keyresolver.KeyResolverException;
@@ -97,6 +101,10 @@ public class XMLCipher {
public static final String AES_128_GCM =
EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128_GCM;
+ /** AES 192 GCM Cipher */
+ public static final String AES_192_GCM =
+ EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES192_GCM;
+
/** AES 256 GCM Cipher */
public static final String AES_256_GCM =
EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256_GCM;
@@ -109,6 +117,10 @@ public class XMLCipher {
public static final String RSA_OAEP =
EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP;
+ /** RSA OAEP Cipher */
+ public static final String RSA_OAEP_11 =
+ EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP_11;
+
/** DIFFIE_HELLMAN Cipher */
public static final String DIFFIE_HELLMAN =
EncryptionConstants.ALGO_ID_KEYAGREEMENT_DH;
@@ -183,9 +195,9 @@ public class XMLCipher {
private static final String ENC_ALGORITHMS = TRIPLEDES + "\n" +
AES_128 + "\n" + AES_256 + "\n" + AES_192 + "\n" + RSA_v1dot5 + "\n" +
- RSA_OAEP + "\n" + TRIPLEDES_KeyWrap + "\n" + AES_128_KeyWrap + "\n" +
- AES_256_KeyWrap + "\n" + AES_192_KeyWrap + "\n" +
- AES_128_GCM + "\n" + AES_256_GCM + "\n";
+ RSA_OAEP + "\n" + RSA_OAEP_11 + "\n" + TRIPLEDES_KeyWrap + "\n" +
+ AES_128_KeyWrap + "\n" + AES_256_KeyWrap + "\n" + AES_192_KeyWrap + "\n" +
+ AES_128_GCM + "\n" + AES_192_GCM + "\n" + AES_256_GCM + "\n";
/** Cipher created during initialisation that is used for encryption */
private Cipher contextCipher;
@@ -329,9 +341,11 @@ public class XMLCipher {
algorithm.equals(AES_256) ||
algorithm.equals(AES_192) ||
algorithm.equals(AES_128_GCM) ||
+ algorithm.equals(AES_192_GCM) ||
algorithm.equals(AES_256_GCM) ||
algorithm.equals(RSA_v1dot5) ||
algorithm.equals(RSA_OAEP) ||
+ algorithm.equals(RSA_OAEP_11) ||
algorithm.equals(TRIPLEDES_KeyWrap) ||
algorithm.equals(AES_128_KeyWrap) ||
algorithm.equals(AES_256_KeyWrap) ||
@@ -1046,7 +1060,8 @@ public class XMLCipher {
try {
// The Spec mandates a 96-bit IV for GCM algorithms
- if (AES_128_GCM.equals(algorithm) || AES_256_GCM.equals(algorithm)) {
+ if (AES_128_GCM.equals(algorithm) || AES_192_GCM.equals(algorithm)
+ || AES_256_GCM.equals(algorithm)) {
if (random == null) {
random = SecureRandom.getInstance("SHA1PRNG");
}
@@ -1233,6 +1248,7 @@ public class XMLCipher {
byte[] encryptedBytes = null;
Cipher c;
+ OAEPParameterSpec oaepParameters = null;
if (contextCipher == null) {
// Now create the working cipher
@@ -1254,6 +1270,11 @@ public class XMLCipher {
} catch (NoSuchPaddingException nspae) {
throw new XMLEncryptionException("empty", nspae);
}
+
+ if (XMLCipher.RSA_OAEP.equals(algorithm)) {
+ oaepParameters =
+ new OAEPParameterSpec("SHA-1", "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT);
+ }
} else {
c = contextCipher;
}
@@ -1262,12 +1283,18 @@ public class XMLCipher {
try {
// Should internally generate an IV
// todo - allow user to set an IV
- c.init(Cipher.WRAP_MODE, this.key);
+ if (oaepParameters == null) {
+ c.init(Cipher.WRAP_MODE, this.key);
+ } else {
+ c.init(Cipher.WRAP_MODE, this.key, oaepParameters);
+ }
encryptedBytes = c.wrap(key);
} catch (InvalidKeyException ike) {
throw new XMLEncryptionException("empty", ike);
} catch (IllegalBlockSizeException ibse) {
throw new XMLEncryptionException("empty", ibse);
+ } catch (InvalidAlgorithmParameterException e) {
+ throw new XMLEncryptionException("empty", e);
}
String base64EncodedEncryptedOctets = Base64.encode(encryptedBytes);
@@ -1343,7 +1370,7 @@ public class XMLCipher {
// Obtain the encrypted octets
XMLCipherInput cipherInput = new XMLCipherInput(encryptedKey);
cipherInput.setSecureValidation(secureValidation);
- byte [] encryptedBytes = cipherInput.getBytes();
+ byte[] encryptedBytes = cipherInput.getBytes();
String jceKeyAlgorithm = JCEMapper.getJCEKeyAlgorithmFromURI(algorithm);
if (log.isDebugEnabled()) {
@@ -1351,6 +1378,7 @@ public class XMLCipher {
}
Cipher c;
+ OAEPParameterSpec oaepParameters = null;
if (contextCipher == null) {
// Now create the working cipher
@@ -1367,25 +1395,50 @@ public class XMLCipher {
c = Cipher.getInstance(jceAlgorithm, requestedJCEProvider);
}
} catch (NoSuchAlgorithmException nsae) {
- throw new XMLEncryptionException("empty", nsae);
+ // Check to see if an RSA OAEP MGF-1 with SHA-1 algorithm was requested
+ // Some JDKs don't support RSA/ECB/OAEPPadding
+ String digestMethod = encryptedKey.getEncryptionMethod().getDigestAlgorithm();
+ if (XMLCipher.RSA_OAEP.equals(encryptedKey.getEncryptionMethod().getAlgorithm())
+ && (digestMethod == null
+ || MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1.equals(digestMethod))) {
+ try {
+ if (requestedJCEProvider == null) {
+ c = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding");
+ } else {
+ c = Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding", requestedJCEProvider);
+ }
+ } catch (Exception ex) {
+ throw new XMLEncryptionException("empty", ex);
+ }
+ } else {
+ throw new XMLEncryptionException("empty", nsae);
+ }
} catch (NoSuchProviderException nspre) {
throw new XMLEncryptionException("empty", nspre);
} catch (NoSuchPaddingException nspae) {
throw new XMLEncryptionException("empty", nspae);
}
+
+ oaepParameters = constructOAEPParameters(encryptedKey.getEncryptionMethod());
} else {
c = contextCipher;
}
Key ret;
-
- try {
- c.init(Cipher.UNWRAP_MODE, key);
+
+ try {
+ if (oaepParameters == null) {
+ c.init(Cipher.UNWRAP_MODE, key);
+ } else {
+ c.init(Cipher.UNWRAP_MODE, key, oaepParameters);
+ }
ret = c.unwrap(encryptedBytes, jceKeyAlgorithm, Cipher.SECRET_KEY);
} catch (InvalidKeyException ike) {
throw new XMLEncryptionException("empty", ike);
} catch (NoSuchAlgorithmException nsae) {
throw new XMLEncryptionException("empty", nsae);
+ } catch (InvalidAlgorithmParameterException e) {
+ throw new XMLEncryptionException("empty", e);
}
if (log.isDebugEnabled()) {
log.debug("Decryption of key type " + algorithm + " OK");
@@ -1393,6 +1446,44 @@ public class XMLCipher {
return ret;
}
+
+ /**
+ * Construt an OAEPParameterSpec object from an EncryptionMethod
+ */
+ private OAEPParameterSpec constructOAEPParameters(
+ EncryptionMethod encryptionMethod
+ ) {
+ if (XMLCipher.RSA_OAEP.equals(encryptionMethod.getAlgorithm())
+ || XMLCipher.RSA_OAEP_11.equals(encryptionMethod.getAlgorithm())) {
+
+ String digestAlgorithm = encryptionMethod.getDigestAlgorithm();
+ String jceDigestAlgorithm = "SHA-1";
+ if (digestAlgorithm != null) {
+ jceDigestAlgorithm = JCEMapper.translateURItoJCEID(digestAlgorithm);
+ }
+
+ PSource.PSpecified pSource = PSource.PSpecified.DEFAULT;
+ if (encryptionMethod.getOAEPparams() != null) {
+ pSource = new PSource.PSpecified(encryptionMethod.getOAEPparams());
+ }
+
+ MGF1ParameterSpec mgfParameterSpec = new MGF1ParameterSpec("SHA-1");
+ if (XMLCipher.RSA_OAEP_11.equals(encryptionMethod.getAlgorithm())) {
+ String mgfAlgorithm = encryptionMethod.getMGFAlgorithm();
+ if (EncryptionConstants.MGF1_SHA256.equals(mgfAlgorithm)) {
+ mgfParameterSpec = new MGF1ParameterSpec("SHA-256");
+ } else if (EncryptionConstants.MGF1_SHA384.equals(mgfAlgorithm)) {
+ mgfParameterSpec = new MGF1ParameterSpec("SHA-384");
+ } else if (EncryptionConstants.MGF1_SHA512.equals(mgfAlgorithm)) {
+ mgfParameterSpec = new MGF1ParameterSpec("SHA-512");
+ }
+ }
+
+ return new OAEPParameterSpec(jceDigestAlgorithm, "MGF1", mgfParameterSpec, pSource);
+ }
+
+ return null;
+ }
/**
* Decrypt a key from a passed in EncryptedKey structure. This version
@@ -1567,7 +1658,7 @@ public class XMLCipher {
int ivLen = c.getBlockSize();
String alg = encryptedData.getEncryptionMethod().getAlgorithm();
- if (AES_128_GCM.equals(alg) || AES_256_GCM.equals(alg)) {
+ if (AES_128_GCM.equals(alg) || AES_192_GCM.equals(alg) || AES_256_GCM.equals(alg)) {
ivLen = 12;
}
byte[] ivBytes = new byte[ivLen];
@@ -2166,12 +2257,30 @@ public class XMLCipher {
EncryptionConstants._TAG_OAEPPARAMS).item(0);
if (null != oaepParamsElement) {
try {
- result.setOAEPparams(
- oaepParamsElement.getNodeValue().getBytes("UTF-8"));
+ String oaepParams = oaepParamsElement.getFirstChild().getNodeValue();
+ result.setOAEPparams(Base64.decode(oaepParams.getBytes("UTF-8")));
} catch(UnsupportedEncodingException e) {
throw new RuntimeException("UTF-8 not supported", e);
+ } catch (Base64DecodingException e) {
+ throw new RuntimeException("BASE-64 decoding error", e);
}
}
+
+ Element digestElement =
+ (Element) element.getElementsByTagNameNS(
+ Constants.SignatureSpecNS, Constants._TAG_DIGESTMETHOD).item(0);
+ if (digestElement != null) {
+ String digestAlgorithm = digestElement.getAttributeNS(null, "Algorithm");
+ result.setDigestAlgorithm(digestAlgorithm);
+ }
+
+ Element mgfElement =
+ (Element) element.getElementsByTagNameNS(
+ EncryptionConstants.EncryptionSpec11NS, EncryptionConstants._TAG_MGF).item(0);
+ if (mgfElement != null && !XMLCipher.RSA_OAEP.equals(algorithm)) {
+ String mgfAlgorithm = mgfElement.getAttributeNS(null, "Algorithm");
+ result.setMGFAlgorithm(mgfAlgorithm);
+ }
// TODO: Make this mess work
// <any namespace='##other' minOccurs='0' maxOccurs='unbounded'/>
@@ -2824,6 +2933,8 @@ public class XMLCipher {
private int keySize = Integer.MIN_VALUE;
private byte[] oaepParams = null;
private List<Element> encryptionMethodInformation = null;
+ private String digestAlgorithm = null;
+ private String mgfAlgorithm = null;
/**
* Constructor.
@@ -2867,6 +2978,26 @@ public class XMLCipher {
}
/** @inheritDoc */
+ public void setDigestAlgorithm(String digestAlgorithm) {
+ this.digestAlgorithm = digestAlgorithm;
+ }
+
+ /** @inheritDoc */
+ public String getDigestAlgorithm() {
+ return digestAlgorithm;
+ }
+
+ /** @inheritDoc */
+ public void setMGFAlgorithm(String mgfAlgorithm) {
+ this.mgfAlgorithm = mgfAlgorithm;
+ }
+
+ /** @inheritDoc */
+ public String getMGFAlgorithm() {
+ return mgfAlgorithm;
+ }
+
+ /** @inheritDoc */
public Iterator<Element> getEncryptionMethodInformation() {
return encryptionMethodInformation.iterator();
}
@@ -2905,6 +3036,12 @@ public class XMLCipher {
throw new RuntimeException("UTF-8 not supported", e);
}
}
+ if (digestAlgorithm != null) {
+ Element digestElement =
+ XMLUtils.createElementInSignatureSpace(contextDocument, Constants._TAG_DIGESTMETHOD);
+ digestElement.setAttributeNS(null, "Algorithm", digestAlgorithm);
+ result.appendChild(digestElement);
+ }
Iterator<Element> itr = encryptionMethodInformation.iterator();
while (itr.hasNext()) {
result.appendChild(itr.next());
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/config.xml
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/resource/config.xml?rev=1230150&r1=1230149&r2=1230150&view=diff
==============================================================================
Binary files - no diff available.
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/utils/EncryptionConstants.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/utils/EncryptionConstants.java?rev=1230150&r1=1230149&r2=1230150&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/utils/EncryptionConstants.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/utils/EncryptionConstants.java Wed Jan 11 16:58:58 2012
@@ -84,6 +84,9 @@ public class EncryptionConstants {
/** Tag of Element OAEPparams **/
public static final String _TAG_OAEPPARAMS = "OAEPparams";
+ /** Tag of Element MGF **/
+ public static final String _TAG_MGF = "MGF";
+
/** Tag of Element ReferenceList **/
public static final String _TAG_REFERENCELIST = "ReferenceList";
@@ -111,6 +114,12 @@ public class EncryptionConstants {
* XML Encryption Syntax and Processing</A> */
public static final String EncryptionSpecNS =
"http://www.w3.org/2001/04/xmlenc#";
+
+ /**
+ * The namespace of the XML Encryption 1.1 specification
+ */
+ public static final String EncryptionSpec11NS =
+ "http://www.w3.org/2009/xmlenc11#";
/** URI for content*/
public static final String TYPE_CONTENT = EncryptionSpecNS + "Content";
@@ -142,6 +151,10 @@ public class EncryptionConstants {
public static final String ALGO_ID_BLOCKCIPHER_AES128_GCM =
"http://www.w3.org/2009/xmlenc11#aes128-gcm";
+ /** Block Encryption - OPTIONAL AES-192-GCM */
+ public static final String ALGO_ID_BLOCKCIPHER_AES192_GCM =
+ "http://www.w3.org/2009/xmlenc11#aes192-gcm";
+
/** Block Encryption - OPTIONAL AES-256-GCM */
public static final String ALGO_ID_BLOCKCIPHER_AES256_GCM =
"http://www.w3.org/2009/xmlenc11#aes256-gcm";
@@ -153,6 +166,10 @@ public class EncryptionConstants {
/** Key Transport - REQUIRED RSA-OAEP */
public static final String ALGO_ID_KEYTRANSPORT_RSAOAEP =
EncryptionConstants.EncryptionSpecNS + "rsa-oaep-mgf1p";
+
+ /** Key Transport - OPTIONAL RSA-OAEP_11 */
+ public static final String ALGO_ID_KEYTRANSPORT_RSAOAEP_11 =
+ EncryptionConstants.EncryptionSpec11NS + "rsa-oaep";
/** Key Agreement - OPTIONAL Diffie-Hellman */
public static final String ALGO_ID_KEYAGREEMENT_DH =
@@ -189,6 +206,27 @@ public class EncryptionConstants {
/** Encoding - REQUIRED base64 */
public static final String ALGO_ID_ENCODING_BASE64 =
"http://www.w3.org/2000/09/xmldsig#base64";
+
+ /** MGF1 with SHA-1 */
+ public static final String MGF1_SHA1 =
+ EncryptionConstants.EncryptionSpec11NS + "mgf1sha1";
+
+ /** MGF1 with SHA-224 */
+ public static final String MGF1_SHA224 =
+ EncryptionConstants.EncryptionSpec11NS + "mgf1sha224";
+
+ /** MGF1 with SHA-256 */
+ public static final String MGF1_SHA256 =
+ EncryptionConstants.EncryptionSpec11NS + "mgf1sha256";
+
+ /** MGF1 with SHA-384 */
+ public static final String MGF1_SHA384 =
+ EncryptionConstants.EncryptionSpec11NS + "mgf1sha384";
+
+ /** MGF1 with SHA-512 */
+ public static final String MGF1_SHA512 =
+ EncryptionConstants.EncryptionSpec11NS + "mgf1sha512";
+
private EncryptionConstants() {
// we don't allow instantiation
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/encryption/BaltimoreEncTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/encryption/BaltimoreEncTest.java?rev=1230150&r1=1230149&r2=1230150&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/encryption/BaltimoreEncTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/encryption/BaltimoreEncTest.java Wed Jan 11 16:58:58 2012
@@ -363,12 +363,6 @@ public class BaltimoreEncTest extends or
*/
@org.junit.Test
public void test_five_data_3des_cbc_rsa_oaep() throws Exception {
- // Work-around for the fact that BC currently doesn't support
- // the standard JCE name for oaep padding
- java.security.Provider bc = java.security.Security.getProvider("BC");
- if (bc != null)
- bc.put("Alg.Alias.Cipher.RSA/ECB/OAEPWithSHA1AndMGF1Padding","RSA/OAEP");
-
if (haveISOPadding) {
String filename =
"src/test/resources/ie/baltimore/merlin-examples/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.xml";
Added: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/encryption/XMLEncryption11Test.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/encryption/XMLEncryption11Test.java?rev=1230150&view=auto
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/encryption/XMLEncryption11Test.java (added)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/encryption/XMLEncryption11Test.java Wed Jan 11 16:58:58 2012
@@ -0,0 +1,429 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.xml.security.test.encryption;
+
+import java.io.File;
+import java.lang.reflect.Constructor;
+import java.security.Key;
+import java.security.KeyStore;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.Provider;
+import java.security.Security;
+import java.security.cert.Certificate;
+import java.security.cert.X509Certificate;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.crypto.Cipher;
+import javax.crypto.NoSuchPaddingException;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.xpath.XPath;
+import javax.xml.xpath.XPathConstants;
+import javax.xml.xpath.XPathExpressionException;
+import javax.xml.xpath.XPathFactory;
+
+import org.apache.xml.security.algorithms.JCEMapper;
+import org.apache.xml.security.encryption.EncryptedData;
+import org.apache.xml.security.encryption.EncryptedKey;
+import org.apache.xml.security.encryption.XMLCipher;
+import org.apache.xml.security.keys.KeyInfo;
+import org.apache.xml.security.keys.content.X509Data;
+import org.apache.xml.security.keys.content.x509.XMLX509Certificate;
+import org.apache.xml.security.test.DSNamespaceContext;
+import org.apache.xml.security.utils.EncryptionConstants;
+// import org.apache.xml.security.utils.XMLUtils;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
+/**
+ * This is a set of tests that use the test vectors associated with the W3C XML Encryption 1.1 specification:
+ *
+ * http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/test-cases/
+ *
+ * Note: I had to convert the given .p12 file into a .jks as it could not be loaded with KeyStore.
+ *
+ * TODO As of now all of the KeyWrapping tests are supported, but none of the KeyAgreement tests.
+ */
+public class XMLEncryption11Test extends org.junit.Assert {
+
+ private static String cardNumber;
+ private static int nodeCount = 0;
+ private boolean haveISOPadding;
+
+ /** {@link org.apache.commons.logging} logging facility */
+ static org.apache.commons.logging.Log log =
+ org.apache.commons.logging.LogFactory.getLog(XMLEncryption11Test.class.getName());
+
+ /**
+ * Constructor XMLEncryption11Test
+ */
+ public XMLEncryption11Test() throws Exception {
+ //
+ // If the BouncyCastle provider is not installed, then try to load it
+ // via reflection. If it is not available, then skip this test as it is
+ // required for GCM algorithm support
+ //
+ if (Security.getProvider("BC") == null) {
+ Constructor<?> cons = null;
+ try {
+ Class<?> c = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider");
+ cons = c.getConstructor(new Class[] {});
+ } catch (Exception e) {
+ //ignore
+ }
+ if (cons == null) {
+ // BouncyCastle is not available so just return
+ return;
+ } else {
+ Provider provider = (java.security.Provider)cons.newInstance(new Object[]{});
+ Security.insertProviderAt(provider, 2);
+ }
+ }
+
+ // Create the comparison strings
+ DocumentBuilderFactory dbf =
+ DocumentBuilderFactory.newInstance();
+ dbf.setNamespaceAware(true);
+ dbf.setAttribute("http://xml.org/sax/features/namespaces", Boolean.TRUE);
+
+ String filename =
+ "src/test/resources/org/w3c/www/interop/xmlenc-core-11/plaintext.xml";
+ String basedir = System.getProperty("basedir");
+ if (basedir != null && !"".equals(basedir)) {
+ filename = basedir + "/" + filename;
+ }
+ File f = new File(filename);
+
+ DocumentBuilder db = dbf.newDocumentBuilder();
+ Document doc = db.parse(new java.io.FileInputStream(f));
+
+ cardNumber = retrieveCCNumber(doc);
+
+ // Count the nodes in the document as a secondary test
+ nodeCount = countNodes(doc);
+
+ // Initialise the library
+ org.apache.xml.security.Init.init();
+
+ // Check what algorithms are available
+
+ haveISOPadding = false;
+ String algorithmId =
+ JCEMapper.translateURItoJCEID(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128);
+
+ if (algorithmId != null) {
+ try {
+ if (Cipher.getInstance(algorithmId) != null) {
+ haveISOPadding = true;
+ }
+ } catch (NoSuchAlgorithmException nsae) {
+ //
+ } catch (NoSuchPaddingException nspe) {
+ //
+ }
+ }
+ }
+
+ /**
+ * rsa-oaep-mgf1p, Digest:SHA256, MGF:SHA1, PSource: None
+ */
+ @org.junit.Test
+ public void testKeyWrappingRSA2048() throws Exception {
+ if (haveISOPadding) {
+ String keystore =
+ "src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-2048_SHA256WithRSA.jks";
+ String basedir = System.getProperty("basedir");
+ if (basedir != null && !"".equals(basedir)) {
+ keystore = basedir + "/" + keystore;
+ }
+
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(new java.io.FileInputStream(keystore), "passwd".toCharArray());
+
+ Certificate cert = keyStore.getCertificate("importkey");
+
+ KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
+ keyStore.getEntry("importkey", new KeyStore.PasswordProtection("passwd".toCharArray()));
+ PrivateKey rsaKey = pkEntry.getPrivateKey();
+
+ String filename =
+ "src/test/resources/org/w3c/www/interop/xmlenc-core-11/"
+ + "cipherText__RSA-2048__aes128-gcm__rsa-oaep-mgf1p.xml";
+
+ Document dd = decryptElement(filename, rsaKey, (X509Certificate)cert);
+ // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
+ checkDecryptedDoc(dd, true);
+ } else {
+ log.warn(
+ "Skipping testRSA2048 as necessary "
+ + "crypto algorithms are not available"
+ );
+ }
+ }
+
+ /**
+ * rsa-oaep-mgf1p, Digest:SHA256, MGF:SHA1, PSource: None
+ */
+ @org.junit.Test
+ public void testKeyWrappingRSA3072() throws Exception {
+ if (haveISOPadding) {
+ String keystore =
+ "src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.jks";
+ String basedir = System.getProperty("basedir");
+ if (basedir != null && !"".equals(basedir)) {
+ keystore = basedir + "/" + keystore;
+ }
+
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(new java.io.FileInputStream(keystore), "passwd".toCharArray());
+
+ Certificate cert = keyStore.getCertificate("importkey");
+
+ KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
+ keyStore.getEntry("importkey", new KeyStore.PasswordProtection("passwd".toCharArray()));
+ PrivateKey rsaKey = pkEntry.getPrivateKey();
+
+ String filename =
+ "src/test/resources/org/w3c/www/interop/xmlenc-core-11/"
+ + "cipherText__RSA-3072__aes192-gcm__rsa-oaep-mgf1p__Sha256.xml";
+
+ Document dd = decryptElement(filename, rsaKey, (X509Certificate)cert);
+ // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
+ checkDecryptedDoc(dd, true);
+ } else {
+ log.warn(
+ "Skipping testRSA3072 as necessary "
+ + "crypto algorithms are not available"
+ );
+ }
+ }
+
+ /**
+ * rsa-oaep, Digest:SHA384, MGF:SHA1, PSource: None
+ */
+ @org.junit.Test
+ public void testKeyWrappingRSA3072OAEP() throws Exception {
+ if (haveISOPadding) {
+ String keystore =
+ "src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.jks";
+ String basedir = System.getProperty("basedir");
+ if (basedir != null && !"".equals(basedir)) {
+ keystore = basedir + "/" + keystore;
+ }
+
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(new java.io.FileInputStream(keystore), "passwd".toCharArray());
+
+ Certificate cert = keyStore.getCertificate("importkey");
+
+ KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
+ keyStore.getEntry("importkey", new KeyStore.PasswordProtection("passwd".toCharArray()));
+ PrivateKey rsaKey = pkEntry.getPrivateKey();
+
+ String filename =
+ "src/test/resources/org/w3c/www/interop/xmlenc-core-11/"
+ + "cipherText__RSA-3072__aes256-gcm__rsa-oaep__Sha384-MGF_Sha1.xml";
+
+ Document dd = decryptElement(filename, rsaKey, (X509Certificate)cert);
+ // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
+ checkDecryptedDoc(dd, true);
+ } else {
+ log.warn(
+ "Skipping testRSA307OAEP as necessary "
+ + "crypto algorithms are not available"
+ );
+ }
+ }
+
+ /**
+ * rsa-oaep, Digest:SHA512, MGF:SHA1, PSource: Specified 8 bytes
+ */
+ @org.junit.Test
+ public void testKeyWrappingRSA4096() throws Exception {
+ if (haveISOPadding) {
+ String keystore =
+ "src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-4096_SHA256WithRSA.jks";
+ String basedir = System.getProperty("basedir");
+ if (basedir != null && !"".equals(basedir)) {
+ keystore = basedir + "/" + keystore;
+ }
+
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(new java.io.FileInputStream(keystore), "passwd".toCharArray());
+
+ Certificate cert = keyStore.getCertificate("importkey");
+
+ KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry)
+ keyStore.getEntry("importkey", new KeyStore.PasswordProtection("passwd".toCharArray()));
+ PrivateKey rsaKey = pkEntry.getPrivateKey();
+
+ String filename =
+ "src/test/resources/org/w3c/www/interop/xmlenc-core-11/"
+ + "cipherText__RSA-4096__aes256-gcm__rsa-oaep__Sha512-MGF_Sha1_PSource.xml";
+
+ Document dd = decryptElement(filename, rsaKey, (X509Certificate)cert);
+ // XMLUtils.outputDOM(dd.getFirstChild(), System.out);
+ checkDecryptedDoc(dd, true);
+ } else {
+ log.warn(
+ "Skipping testRSA4096 as necessary "
+ + "crypto algorithms are not available"
+ );
+ }
+ }
+
+ /**
+ * Method decryptElement
+ *
+ * Take a key, encryption type and a file, find an encrypted element
+ * decrypt it and return the resulting document
+ *
+ * @param filename File to decrypt from
+ * @param key The Key to use for decryption
+ */
+ private Document decryptElement(String filename, Key rsaKey, X509Certificate rsaCert) throws Exception {
+ XMLCipher cipher;
+
+ // Parse the document in question
+
+ javax.xml.parsers.DocumentBuilderFactory dbf =
+ javax.xml.parsers.DocumentBuilderFactory.newInstance();
+ dbf.setNamespaceAware(true);
+ dbf.setAttribute("http://xml.org/sax/features/namespaces", Boolean.TRUE);
+ String basedir = System.getProperty("basedir");
+ if (basedir != null && !"".equals(basedir)) {
+ filename = basedir + "/" + filename;
+ }
+ File f = new File(filename);
+
+ DocumentBuilder db = dbf.newDocumentBuilder();
+ Document doc = db.parse(new java.io.FileInputStream(f));
+
+ // Create the XMLCipher element
+ cipher = XMLCipher.getInstance();
+
+ // Need to pre-load the Encrypted Data so we can get the key info
+ Element ee =
+ (Element) doc.getElementsByTagNameNS(
+ "http://www.w3.org/2001/04/xmlenc#", "EncryptedData"
+ ).item(0);
+ cipher.init(XMLCipher.DECRYPT_MODE, null);
+ EncryptedData encryptedData = cipher.loadEncryptedData(doc, ee);
+
+ KeyInfo ki = encryptedData.getKeyInfo();
+ EncryptedKey encryptedKey = ki.itemEncryptedKey(0);
+ KeyInfo kiek = encryptedKey.getKeyInfo();
+ X509Data certData = kiek.itemX509Data(0);
+ XMLX509Certificate xcert = certData.itemCertificate(0);
+ X509Certificate cert = xcert.getX509Certificate();
+ assertTrue(rsaCert.equals(cert));
+
+ XMLCipher cipher2 = XMLCipher.getInstance();
+ cipher2.init(XMLCipher.UNWRAP_MODE, rsaKey);
+ Key key =
+ cipher2.decryptKey(
+ encryptedKey, encryptedData.getEncryptionMethod().getAlgorithm()
+ );
+
+ cipher.init(XMLCipher.DECRYPT_MODE, key);
+ Document dd = cipher.doFinal(doc, ee);
+
+ return dd;
+ }
+
+ /**
+ * Method countNodes
+ *
+ * Recursively count the number of nodes in the document
+ *
+ * @param n Node to count beneath
+ */
+ private static int countNodes(Node n) {
+
+ if (n == null) {
+ return 0; // Paranoia
+ }
+
+ int count = 1; // Always count myself
+ Node c = n.getFirstChild();
+
+ while (c != null) {
+ count += countNodes(c);
+ c = c.getNextSibling();
+ }
+
+ return count;
+ }
+
+ /**
+ * Method retrieveCCNumber
+ *
+ * Retrieve the credit card number from the payment info document
+ *
+ * @param doc The document to retrieve the card number from
+ * @return The retrieved credit card number
+ * @throws XPathExpressionException
+ */
+ private static String retrieveCCNumber(Document doc)
+ throws javax.xml.transform.TransformerException,
+ XPathExpressionException {
+
+ XPathFactory xpf = XPathFactory.newInstance();
+ XPath xpath = xpf.newXPath();
+ Map<String, String> namespace = new HashMap<String, String>();
+ namespace.put("x", "urn:example:po");
+ DSNamespaceContext context = new DSNamespaceContext(namespace);
+ xpath.setNamespaceContext(context);
+
+ String expression = "//x:Number/text()";
+ Node ccnumElt =
+ (Node) xpath.evaluate(expression, doc, XPathConstants.NODE);
+
+ if (ccnumElt != null) {
+ return ccnumElt.getNodeValue();
+ }
+
+ return null;
+ }
+
+ /*
+ * Check we have retrieved a Credit Card number and that it is OK
+ * Check that the document has the correct number of nodes
+ */
+ private void checkDecryptedDoc(Document d, boolean doNodeCheck) throws Exception {
+
+ String cc = retrieveCCNumber(d);
+ log.debug("Retrieved Credit Card : " + cc);
+ assertTrue(cc, ((cc!= null) && (cc.equals(cardNumber))));
+
+ // Test cc numbers
+ if (doNodeCheck) {
+ int myNodeCount = countNodes(d);
+
+ assertTrue(
+ "Node count mismatches",
+ ((myNodeCount > 0) && myNodeCount == nodeCount)
+ );
+ }
+ }
+
+}
Added: santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-2048_SHA256WithRSA.jks
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-2048_SHA256WithRSA.jks?rev=1230150&view=auto
==============================================================================
Files santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-2048_SHA256WithRSA.jks (added) and santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-2048_SHA256WithRSA.jks Wed Jan 11 16:58:58 2012 differ
Added: santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-2048_SHA256WithRSA.p12
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-2048_SHA256WithRSA.p12?rev=1230150&view=auto
==============================================================================
Files santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-2048_SHA256WithRSA.p12 (added) and santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-2048_SHA256WithRSA.p12 Wed Jan 11 16:58:58 2012 differ
Added: santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.jks
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.jks?rev=1230150&view=auto
==============================================================================
Files santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.jks (added) and santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.jks Wed Jan 11 16:58:58 2012 differ
Added: santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.p12
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.p12?rev=1230150&view=auto
==============================================================================
Files santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.p12 (added) and santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-3072_SHA256WithRSA.p12 Wed Jan 11 16:58:58 2012 differ
Added: santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-4096_SHA256WithRSA.jks
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-4096_SHA256WithRSA.jks?rev=1230150&view=auto
==============================================================================
Files santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-4096_SHA256WithRSA.jks (added) and santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-4096_SHA256WithRSA.jks Wed Jan 11 16:58:58 2012 differ
Added: santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-4096_SHA256WithRSA.p12
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-4096_SHA256WithRSA.p12?rev=1230150&view=auto
==============================================================================
Files santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-4096_SHA256WithRSA.p12 (added) and santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/RSA-4096_SHA256WithRSA.p12 Wed Jan 11 16:58:58 2012 differ
Added: santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-2048__aes128-gcm__rsa-oaep-mgf1p.xml
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-2048__aes128-gcm__rsa-oaep-mgf1p.xml?rev=1230150&view=auto
==============================================================================
--- santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-2048__aes128-gcm__rsa-oaep-mgf1p.xml (added)
+++ santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-2048__aes128-gcm__rsa-oaep-mgf1p.xml Wed Jan 11 16:58:58 2012
@@ -0,0 +1 @@
+<xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"/></xenc:EncryptionMethod><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:X509Data><dsig:X509Certificate>MIIDIzCCAgugAwIBAgIINsFEFLHenAUwDQYJKoZIhvcNAQELBQAwNTESMBAGA1UECxMJeG1sZW5jcjExMR8wHQYDVQQDDBZSU0EtMjA0OF9TSEEyNTZXaXRoUlNBMCAXDTExMTExOTAwMzc1M1oYDzMwMTEwMzIxMjMzNzUzWjA1MRIwEAYDVQQLEwl4bWxlbmNyMTExHzAdBgNVBAMMFlJTQS0yMDQ4X1NIQTI1NldpdGhSU0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX0NwrIqgzFvyeddu3IzzpNp3ugZtJTJ8FfIAzIwoksrGhbu09FglIg7
YVETjLdhvy4CFWaY5oLNRnfgstXrIVVoJzBPtr6UGwLIMrd07I6uodvTNMiyaK8y7VSzab6KO2Iprjp9KZdExjlWdUKRoWe5uxPocA5m74ydPTxjJgl5GtLCu22NHJfTnCW6w7whIpDTYOe70LOPhiwOjMXRXznr9Qh88hxiW3LG8P8+awdhZsKk7dWpHuDNECLddB17FkLMDhtg8RlCRmhqcfVgDoq5N3jjNvS6mgnn0w8dEIw3NdVS7tTJNO/+3aqoavkHeE49DDZ7ALvjw269bUxAn3AgMBAAGjNTAzMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFDo0STlAFQQnjYbpwCZ6JSzoYCO6MA0GCSqGSIb3DQEBCwUAA4IBAQCsRLjUSMnPMyHkU5ynesTN3YJPfQWJ/Mmcfr8r/bJs3S63gpCloZ9Q4Gg5PvpTgVlUkBaBAm8M9DBCDNdn/9KHCm0oySBnGPdKYhUukNURoPlp9w+AN5Mp5QjEsNbtgAiKojW2f2U+RR7r54Ew4BXBMFlQIC6xd2vnQlzEUZniperi8HnMI+wy9yPGZ8nwnmS7zpzVd8NmPTQRHZUv+yG4shF2eB68ocLJ8dEN/UejCSkgep4qcQhjcfx2k5MNG/XE/SsVapAV8T8o4xTrA0b+4COm+Nd0zT1pEYaPt900NCuQ4ml0JXcVLDRUsQOpwUo/M87rYJ1y/reRuIvwIj+8</dsig:X509Certificate><dsig:X509IssuerSerial><dsig:X509IssuerName>CN=RSA-2048_SHA256WithRSA, OU=xmlencr11</dsig:X509IssuerName><dsig:X509SerialNumber>3945509604227456005</dsig:X509SerialNumber></dsig:X509IssuerSerial><dsig:X509SubjectName>CN=RSA-2048_SHA
256WithRSA, OU=xmlencr11</dsig:X509SubjectName><dsig:X509SKI>OjRJOUAVBCeNhunAJnolLOhgI7o=</dsig:X509SKI></dsig:X509Data></dsig:KeyInfo><xenc:CipherData><xenc:CipherValue>zkPlbASpiK8QO9HOQFK3HBwHgI63LE2DvklAzIgGGy/6YAMx//nRE2Wihm6icOFsApHsAlQW/iglNb9ZijCi/Vez2I6O8YtKxWxc1V2ibuBlK1SMw9pC+W6eBG9M4kNswJgBYsdf8wxaE+5uFKA5gfxAsDxghuQ+aGXaNNUki+O6ycGeiR3cg9DEmM6Iv6Cggxr/4xtJ7b6f0sakz+BnU6lW4irCP+w/uxcIysUKPpxmd3RbjmOqSHFavvCCWhME5WgaagSxeXjcqRrOaK1ufd/HLnByLpw5cTf8z3qbbJKunpXXtYo9LqM2NvlPBO2SBNUR/PzVo8iBaZqfIfI6Kg==</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo><xenc:CipherData><xenc:CipherValue>amntSk0OPlW2gAAB5U+wnuXSfGggPa+Cp4DnodY9qcmicVYhnzCRt0EDYdzDWwRniRFF/LLWr9FaEf2lNjmHJYOJY5fA/eFXNkMPjGioklAIKjoakVT8CPMCafIvXa/2sQ5oC4ee9d1UEMkhgUijQjDuI3GrDDBSL8AwMyJ8guT0bgOss2PCBxEL0PIA2KnxNumfQeahN3nfeXjdlCzASK7QtW/HrDwIi5MRmYjly/pn+5E0UW5gfrE9iF5l6xTCSZcUI1nV+6n/UJnI+pLOL61npIsrLdQu5Mqui3RqHf8EYS5STakws438fq/apl8y40GmnTrJfmI4CiFEC5jWdrnUhX5Czs5lbAbRd3uNgNd5SykO
xP6e1y2d6O/QaA4w7SRAnKEoOvZ20irpfkXxqAiNe+DomQ9Cvdus4NjghSiU1HHr/Axj6NQUJt+ApdIhS37YImQ+fVGEl1kRGu0kKEaYPX08xeorefi7+5MDyEh2hoJuhyj++i3LfoGD0yv6YEJp64hD4314OcwBo8H9CpkHT10VDiYTXqASkNiJxqkiAk26Vbd+X+2QhXCGq6LnannpY9EPJfTL0jvmxc2i9zz7iZTbb3PWmIH0CdaGDfqISwuvVGY1KvmdosR9gxGZqB0buqXWOoLrZ/bMi+JZnql2EcxsST08Tx0aeilRKjrJkt9A5/7FfmZ2XPIFGOy0Q4GD95ndZf8FAN/+yzPW+2HvkcoxMee5RVvUo+PHg9TVD/zn+Lf4bs/KtEssx5KyMokV0t9H4OUtNyxDSxDHP8KO0BQwRadRDrTuTLYdTGDmKKQ=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData>
\ No newline at end of file
Added: santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-3072__aes192-gcm__rsa-oaep-mgf1p__Sha256.xml
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-3072__aes192-gcm__rsa-oaep-mgf1p__Sha256.xml?rev=1230150&view=auto
==============================================================================
--- santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-3072__aes192-gcm__rsa-oaep-mgf1p__Sha256.xml (added)
+++ santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-3072__aes192-gcm__rsa-oaep-mgf1p__Sha256.xml Wed Jan 11 16:58:58 2012
@@ -0,0 +1 @@
+<xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"><dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"/></xenc:EncryptionMethod><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:X509Data><dsig:X509Certificate>MIIEIzCCAougAwIBAgIIbq7SbMmGOkwwDQYJKoZIhvcNAQELBQAwNTESMBAGA1UECxMJeG1sZW5jcjExMR8wHQYDVQQDDBZSU0EtMzA3Ml9TSEEyNTZXaXRoUlNBMCAXDTExMTIxMzE5MzYzMFoYDzMwMTEwNDE1MTgzNjMwWjA1MRIwEAYDVQQLEwl4bWxlbmNyMTExHzAdBgNVBAMMFlJTQS0zMDcyX1NIQTI1NldpdGhSU0EwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC0qPxdWwaPghF84aAMtb4ubNhGjqr4vhsgbvcqBFTcvI7nMV2DTj9bo
jdib9sJA1fhKJxfL883+ubEs7u1AyQ7xJuegZVwH6KKTV6N6RHPAQgtpA95s0lWr8euXrwCeZOF2N/Pz/ke4Ve+HHXcBsPxPF2JJX8oDET99RiYamrp9VjtbsUCmDD1P6XEDua4tId5HrKfskZtYFYsyAtog4ecA5kideirygwOk5sP9uo15MkYR2nIkn6RIxPoaPkfSnIXrJQC+Q0a+SL1mmdnEN0Ly8brewgiKZnc2swuinDe6boSCVt8CJGEJVQsjVurTV7dFsbrLdDN9j5fDjv0k8OFjB65Sb04QXts1HiUDUIDkb9K1BSlQA8Cwt2AQIitP/0f6drmlQgvLrgnf4VXTevOrhZ4Cmi1sAHXQKBAmATaUh9PNfI4Qwoh0IjriiBoBLXlvVOypEmbBRrHtlhlQrsWwtY48hceQB9ny18xPyfMEqiiSgCGSbxWjGvwJNfy3xcCAwEAAaM1MDMwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUJkY4RV69EfMztTxYScLXGEd9s6UwDQYJKoZIhvcNAQELBQADggGBAJKczn1A2Pi90DNZT8i5AEU0m6zPkxH2byNK7GBQ0s2RCR9m/P6k2ei5J74PbXOINT1Q6MDTpYqeKYMUXCrGcAxYIRmmZnywmHzbljwbbFScDi8nHmEX0DnNUa5FU8wS/LbuL4qJ9cT/tZvOAiTLN+cbJICbWdQxU1xOh4jpbfthX4TwwBz/eV9ncQfK8lR6MxpkIfuUaN426ZNFp63ZgCbPWYqTRcIeZWPlpNHkTHX8WT+nZqGnFoE1LSBular0RGpnn4nNmiAuZgGNCpguloeYFIShItZpTDfiQivoMYUI6UzLOJgizvN48oB82m942LKCGk3QBT9gLNHf3Lnw7lEb3u3Tg/8ULCbrHNafUSHdUqbnBwwT7sWKyRWX2dxEy6mGJpTn4mKNy9jYRE0y2QlSRBLYdaKlTNrbw3yvSV
vM/ZH/lIVaKv64h7lQYOQ7pOcBNmg4AHXS1NzWPYiGSHqhpP59xBHxN0CIW02LRhd5MU7Jem7zdWTsRl0n5etkwA==</dsig:X509Certificate><dsig:X509IssuerSerial><dsig:X509IssuerName>CN=RSA-3072_SHA256WithRSA, OU=xmlencr11</dsig:X509IssuerName><dsig:X509SerialNumber>7975543354799045196</dsig:X509SerialNumber></dsig:X509IssuerSerial><dsig:X509SubjectName>CN=RSA-3072_SHA256WithRSA, OU=xmlencr11</dsig:X509SubjectName><dsig:X509SKI>JkY4RV69EfMztTxYScLXGEd9s6U=</dsig:X509SKI></dsig:X509Data></dsig:KeyInfo><xenc:CipherData><xenc:CipherValue>ELFX9zkwbEwxq2sqmL+ketAuF8kTqCk+rJw2rXI9T3Kbv0d/1cIGtgSBiimVUouICR2yfnt5MaX5aomVDp9v4IRq4BSPbeyK+4VgdrnMe3RIQ0QetZVk+dLk10QXvQnXpxuXaBq2UoN/91Jx3wZxWKeMovLqss5u+NNiJp931JnS7egIqiv8HnEKogq1nKZltx3SHdko9UzxwOOKFaIhWCiLKyFzCLoMdmwVtyZdU+GVz8+F/AqavMT17VWtI4oxrYd6eLojetLp5UwFnWEroW8CTjhssRzLMV4J8bVa1Ll8eFcPfWackromHGJFsOI1HuY6yOQ8A7e3LLk8L1dXnTZi6TVodburUceZw+jy9nSb+SbIAEE7FLhgWi3bynENRVGOj1h+Rh+u1/Hg/ENailDz9lU9x7nP0IPeP5ACdnvQoArVCVDqMzcSh7EtDVd4Nj88BbI7NJZx02k6KG2ybYA5tv
3hji2ej+cDDhfgNURFtEp09brLvHG7Kc8eQdVE</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo><xenc:CipherData><xenc:CipherValue>amntSk0OPlW2gAAC7HOzZznBvo2f0Q4GVZ5Sh+gfFXeauxXHRZoCbdOEzK6zS6MihCUc8f+5IdqE9dzJqgDuecZfo8nTE8k86iLUrCTLkZmE9hDNeR+tD7RbJiBnAo1UAdILvndkj+3ekvc8NYNffqmOsUa+r86vvoNKmzLj6JoBMjesRHncLuepbeW5PknFrQATLnVuiKpLHDps6TggXNVl3m+O/8k1Zf9hXuMpiDyLChbakB+JM5UQ2+pC4iB5bfwO8XObH19MmKh2jdmE6MNqCq33VRZSpTFSeCj8A2qorx1XJnW/bIoZDDpIC6urWTT6LHLmafStdS/kxAnNe3+WM3JYFmiUpsElBvDYkBt7YUcqPhAr4jebsFuUIKhPC7qKCA/JBzEtBLULQ2EFJfmbK+fVLORgHxjFNysT6zEiRRRo0XkUsI1k4ewhI5fxB+/v4rDOwVmpKZ1KxFNG+eveJpClhKcFAWx1KNxkowhj2RHTRWfgzuUlWWc3ATcGbVim4CqPRTNSKeomE+bAyXcWjsZ1O0pEl0pnMaw2ZHw119n1+mORQRDmnmU0kNY+Aw9dhZlL3DAWk8SFSPAFnnCAeKikJffa71kEBmLHRW+uGvK2BX8PR2EY7DckyKxHs4q3PceK0EJw9idz/h6+LRnOQx3dphG7MnU+h0e9qCoEzUOJyGX9X7p1r3IpY0F6FvaoMULTpwAxqA/uOJDxA92MFCfERIEzDrdsIWg3p0yInz7/BpZrljljnO5PVwa4uXauiAJ1hUwzByZZ8itdalJNTh1I9zv37lJoChCCJBOLA74=</xenc:CipherValue></xenc:Ci
pherData></xenc:EncryptedData>
\ No newline at end of file
Added: santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-3072__aes256-gcm__rsa-oaep__Sha384-MGF_Sha1.xml
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-3072__aes256-gcm__rsa-oaep__Sha384-MGF_Sha1.xml?rev=1230150&view=auto
==============================================================================
--- santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-3072__aes256-gcm__rsa-oaep__Sha384-MGF_Sha1.xml (added)
+++ santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-3072__aes256-gcm__rsa-oaep__Sha384-MGF_Sha1.xml Wed Jan 11 16:58:58 2012
@@ -0,0 +1 @@
+<xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"><dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"/><xenc11:MGF Algorithm="http://www.w3.org/2009/xmlenc11#mgf1sha1" xmlns:xenc11="http://www.w3.org/2009/xmlenc11#"/></xenc:EncryptionMethod><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:X509Data><dsig:X509Certificate>MIIEIzCCAougAwIBAgIIbq7SbMmGOkwwDQYJKoZIhvcNAQELBQAwNTESMBAGA1UECxMJeG1sZW5jcjExMR8wHQYDVQQDDBZSU0EtMzA3Ml9TSEEyNTZXaXRoUlNBMCAXDTExMTIxMzE5MzYzMFoYDzMwMTEwNDE1MTgzNjMwWjA1MRIwEAYDVQQLEwl4bWxlbmNyMTExHzAdBgNVBAMMFlJTQS0zMDcyX1NI
QTI1NldpdGhSU0EwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC0qPxdWwaPghF84aAMtb4ubNhGjqr4vhsgbvcqBFTcvI7nMV2DTj9bojdib9sJA1fhKJxfL883+ubEs7u1AyQ7xJuegZVwH6KKTV6N6RHPAQgtpA95s0lWr8euXrwCeZOF2N/Pz/ke4Ve+HHXcBsPxPF2JJX8oDET99RiYamrp9VjtbsUCmDD1P6XEDua4tId5HrKfskZtYFYsyAtog4ecA5kideirygwOk5sP9uo15MkYR2nIkn6RIxPoaPkfSnIXrJQC+Q0a+SL1mmdnEN0Ly8brewgiKZnc2swuinDe6boSCVt8CJGEJVQsjVurTV7dFsbrLdDN9j5fDjv0k8OFjB65Sb04QXts1HiUDUIDkb9K1BSlQA8Cwt2AQIitP/0f6drmlQgvLrgnf4VXTevOrhZ4Cmi1sAHXQKBAmATaUh9PNfI4Qwoh0IjriiBoBLXlvVOypEmbBRrHtlhlQrsWwtY48hceQB9ny18xPyfMEqiiSgCGSbxWjGvwJNfy3xcCAwEAAaM1MDMwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUJkY4RV69EfMztTxYScLXGEd9s6UwDQYJKoZIhvcNAQELBQADggGBAJKczn1A2Pi90DNZT8i5AEU0m6zPkxH2byNK7GBQ0s2RCR9m/P6k2ei5J74PbXOINT1Q6MDTpYqeKYMUXCrGcAxYIRmmZnywmHzbljwbbFScDi8nHmEX0DnNUa5FU8wS/LbuL4qJ9cT/tZvOAiTLN+cbJICbWdQxU1xOh4jpbfthX4TwwBz/eV9ncQfK8lR6MxpkIfuUaN426ZNFp63ZgCbPWYqTRcIeZWPlpNHkTHX8WT+nZqGnFoE1LSBular0RGpnn4nNmiAuZgGNCpguloeYFIShItZpTDfiQivoMYUI6UzLOJgizvN48
oB82m942LKCGk3QBT9gLNHf3Lnw7lEb3u3Tg/8ULCbrHNafUSHdUqbnBwwT7sWKyRWX2dxEy6mGJpTn4mKNy9jYRE0y2QlSRBLYdaKlTNrbw3yvSVvM/ZH/lIVaKv64h7lQYOQ7pOcBNmg4AHXS1NzWPYiGSHqhpP59xBHxN0CIW02LRhd5MU7Jem7zdWTsRl0n5etkwA==</dsig:X509Certificate><dsig:X509IssuerSerial><dsig:X509IssuerName>CN=RSA-3072_SHA256WithRSA, OU=xmlencr11</dsig:X509IssuerName><dsig:X509SerialNumber>7975543354799045196</dsig:X509SerialNumber></dsig:X509IssuerSerial><dsig:X509SubjectName>CN=RSA-3072_SHA256WithRSA, OU=xmlencr11</dsig:X509SubjectName><dsig:X509SKI>JkY4RV69EfMztTxYScLXGEd9s6U=</dsig:X509SKI></dsig:X509Data></dsig:KeyInfo><xenc:CipherData><xenc:CipherValue>dy5kcPyIkFfTDOTwXmk18TUjIpQePXXFirX+GMSQmx3tKRCWCUcJBDdm5mu+vsKBNJzATTVOk+NujEpngX2c84TZG6zk0ldwTpsCPW+xdQDPcTn6jbdzWsnYvXZYG1HTrzxGLJRo8poxasmCGbEEzL8U0eP0aOt//ZWrqk1vI8i4A7R+rHCBBFp1PfR7WC0wG8Flh+ldTVtS2ThD2/xi4EwEjugEKvEem0BZtkQ9TI3iRir1NX6YRMnWBb4NEpz8V7moFFFfHAkouf6UJJ5nrgyqx0BjeLjGSA9NBqRhZstR0U35AVkMVDhdR47TQxeDwXfJAWOoe580YUxcZk/xxffCj9BWxqa0Bg7Bz/lUe
pHbP0TN3EcGVBQLPHARYbhbmpvR23aueFMC4I19Rt6y4v9r++Zy4rzbEWILnx6qBW8sOqNbm8t5wHdx88umgYwjm6YO/FSNxMurpiDuIgj3rXrqEobyFjpLLawegiZunLPyQCVSy6cB14MWPxb4buJu</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo><xenc:CipherData><xenc:CipherValue>amntSk0OPlW2gAAD4s6pjSB1/IUZ/J6Hpr6elth5MzhxE5EdNZ4JeoL+TrJh8U5qEVi7h1jZhW0klbYUZs0eT8k5YDSyNJrSp8k75UEuLTPgZ1Sm5tYtcDANWHjmVwO7zWgU3yoCtycVoMor9mkCuIU7TEbneK6Un9r4ivbqyyg8mqv3TGRLVRmc3UN8r77E4pKGIbq9rOmCgamjlH5zVYJ+kH7lBAGtBYHDsyXnrDhD2gfcfVTZ1hw6CfmDsV0ZukjTCDYsnbNzElM/lrf61t7VLfv2Ya2VXYnnHOjTASaQx+DorZUn4ICDJBW62HeRtHRuj3lRYBblK5hh4drjJps7BItqhMgMpgEWgFA8eXAKRiO64G6IhfXBYUV66pXrUkzTihrQzf7VmV0v+3kOz5VYiDkPQjxNQtnSCLi4VoJlSTcT9P43doES/J0pzmFnED6WCWQwjc7JwdMls+B5AxBSOQXY814Wr76XJoaOx8Od7Dk54K/t9XAonCy37OWYLd6UHfcsj8IQesyu9kjMDm3bGP+qp6RUk9rQQWU3KUPyhxfvbAiLnZ0gy9aGp1rv/gqCWQP3FimdlG6hXRnuXHalgasauBohDYUl1TfchnvRlyaIve1lPq6o4m5zujaWrtPPOrmimwXhwbNM7wf3COMMk9EJmfQqyg8sOzL02//UaC/IeHUsh0LNJi55wyLxOvMYkP7Uh2VEJk0R7iBF8hd50Rc
Y3SpPYz2D3AMCJmNRPRpt/c2z1+nrgNeD3RvFFCy6sdNttVck7lXsWYcqSG5pTSgsSyzTcg/Ymm3zQRsbtro=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData>
\ No newline at end of file
Added: santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-4096__aes256-gcm__rsa-oaep__Sha512-MGF_Sha1_PSource.xml
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-4096__aes256-gcm__rsa-oaep__Sha512-MGF_Sha1_PSource.xml?rev=1230150&view=auto
==============================================================================
--- santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-4096__aes256-gcm__rsa-oaep__Sha512-MGF_Sha1_PSource.xml (added)
+++ santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/cipherText__RSA-4096__aes256-gcm__rsa-oaep__Sha512-MGF_Sha1_PSource.xml Wed Jan 11 16:58:58 2012
@@ -0,0 +1 @@
+<xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"><xenc:OAEPparams>ZHVtbXkxMjM=</xenc:OAEPparams><dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"/><xenc11:MGF Algorithm="http://www.w3.org/2009/xmlenc11#mgf1sha1" xmlns:xenc11="http://www.w3.org/2009/xmlenc11#"/></xenc:EncryptionMethod><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:X509Data><dsig:X509Certificate>MIIFIzCCAwugAwIBAgIISRmDaVDMeMQwDQYJKoZIhvcNAQELBQAwNTESMBAGA1UECxMJeG1sZW5jcjExMR8wHQYDVQQDDBZSU0EtNDA5Nl9TSEEyNTZXaXRoUlNBMCAXDTExMTIxMzE5MzY0MloYDzMwMTEwNDE1MTgzNjQyWjA1MRIwEAYDVQQLEwl
4bWxlbmNyMTExHzAdBgNVBAMMFlJTQS00MDk2X1NIQTI1NldpdGhSU0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDdPuDARdPJDOcKv0pONsSipz+gKd+r2NXZyXzdFPHyja4u6NE0Elb0dvUBNqNHg4m20HAolDtoGGcPtPsu14OEmsIQkKYabKl2ILDS25f2fYr+0ycFDvSGo1vaybvLgwFh0sJTHOaOnVJdY47mvV6xJynTDD/FalYqJiT/gSclglzp/UArCwdddikrfL2owzJkYnK16igm17shzwz1VDXZEw2jAnkXb/6bv5k02Z2jKINmNUNyzemSupzBEns6ZRnVz0sjLayYq32a1NVk9bfQPRNZIQlQv1aUpCIo+gCZf8QpNvG1VSbApVjSIK0c3HAPASfBM5YxQgwNWtYtbZXOK5INLE4ygfan3RMq+xpkIvqORv0ZxM9Gm4oHMgGJAaKeenAqFe6/3+2EGiSIz9/ykkGp3b4Dssa8CWWJTIRykhRcanhZH2J8Ot4hg0NwjuSUXxoPPeB7OmvB/j6Rrnd/t/CDWj9T/RgLz8JESAThlfDj5+P8y40SvLzuABuGy7Oh+OaXSol7rU3JSvk1e1RBJNnrFvWXZnncJ/E4KIV4eq8SNu9NQkcC1tYAPJXRGGc70xsMSACMFIarfGLq0iw2g237D8brP2Yg4wqgG4w1TyVnof7RkiDNGge7D5wpzKR1riBmVl8Hcvbsk7+XDWtYH7J4iIgc5kx5oxF1vafbqwIDAQABozUwMzASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBTvlsjJCr66xvzlGie6jjFNNjpcCTANBgkqhkiG9w0BAQsFAAOCAgEArYIcRbgjbDKbJ23J62GkG1edRCb4G1gDyoVfK93lRDUovsCXPyQ9XzQde98/LnL5s1N5YhhzN4AwPQj4NfYFsrVh6RmNcFvlENON
K3g7kjuNs5oT7ppnGvDwDTGdpnZJLBnHOS2aAkJsNGQKxjkUCopo9PvthnkUkXgjWR3r+cx++s7gtyi4f/+ZWpcjW/K6VMYHz0fdFW1BvcP0CyBOisSWQ0FOHwyZCuapaGG5QQR0HGcS+Jp3R4N9L93UwqqWBi7LEFRI6P3iNkWD+dXfdg5whHKuYBuuc6VIICMQOWwHiE+pZSaudRiQcZDqp4iOWJBw82y4KERncyk4FoaNTbN0PqvVT+ZXiYnhM/pak7+ARpkraSfYzQ3Z5WbNoifxgKBzh3Ngw58HwEpKKl5y/sVvtTMBCi99gpE4MZzOJUvNUJWYhCxjgEMa06LU+bZlqjDYUTPqbGMl1cPyt9UgIeaKEz28Huf28FbyFr5B6sOLuE5AXxTrI784PO4/ZbmMy7gq5yBSo7a1xyMm1UzM2KhxFE7TkHJ2if8v4G3nR84fpf7Akn7EmcaHoEPZMH3j8DawNKMxiHGn7WCiti8AYdxeAeRQl6dCzqbTvpFf1ITeCbGe823pBd9fYM26kw2aVHBx7W1zq1RfSenbqlVWcGwQ07BkEBz4pGyAiRQen0o=</dsig:X509Certificate><dsig:X509IssuerSerial><dsig:X509IssuerName>CN=RSA-4096_SHA256WithRSA, OU=xmlencr11</dsig:X509IssuerName><dsig:X509SerialNumber>5267385727536888004</dsig:X509SerialNumber></dsig:X509IssuerSerial><dsig:X509SubjectName>CN=RSA-4096_SHA256WithRSA, OU=xmlencr11</dsig:X509SubjectName><dsig:X509SKI>75bIyQq+usb85Ronuo4xTTY6XAk=</dsig:X509SKI></dsig:X509Data></dsig:KeyInfo><xenc:CipherDat
a><xenc:CipherValue>qnOYp/1MOCq5eRd40aP/NNwQ/B7BmDlxrdsHtn73T2ydoVjQkmaG8REuTVJxJQ8KKKaIuwe67kdvt5S2rrjRrK9QzgNDF03+dXF7uM6OQt7qLEKTPXfhkilgR2hRvtiyzw83SVQIPe9txT91zP4hvOVqaR99gnvur4NXCVvqvePeDEz10R55TAw55KLjkMLGSb5B2LsX5Cp+FTFtztsgt4lbsFtR749d3UB7EbR4rnkSLqlU1x3MwY4kyu6vlKj53QBCXgLevQN0BwaGw2Ksh7rekdb0kZhmHo7zLGbSg888l62zvWq3Lul6NA4lXZnVaKfQFS9yd7tAfChtq5nqsMzoZZpftcanLv+pAEimGJy3fhR8mZJGh+aGy6nuSXGTKHLd4dWiOqgnT2PU2O19xHiMaOBKS4PNB7Lv5bWToDwlAZn/Cdn08EDfA3SKH8sjK3I3QBbPM/yOeeZNn/8hFDhWxelNu3JFMaa2i1vXTHF+qHJod1E7oJBIdToNogUQcCRP0vLo1F9kQVZ/mVa1VZgEE/YQkwY5nuMsLrbBKN8eO9Pw9VSddCVAFBUNHBSDo+THOb/+YH31dPslCSrE2HQIT8o3zsSmTEQxECALnnYvgPTc2RhbGCKrZNL3T4j8W7zBXMBhKMLC0OvRLDfHxcG3RZj4SD//PkEUR3hqwEw=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey></dsig:KeyInfo><xenc:CipherData><xenc:CipherValue>amntSk0OPlW2gAAEU8mTFewf23Pj34Ap22gbtgjeyMJ4DfIiiaIA5NnabFNmUYDF31vObS0x7JN/wc5ICFGjAbamirOLu++Bo0zr8N2EsN04cVxbfAYDOEfnr4hqGpql0om7629E/Z5k7BniXBWCwxNAACzuoJw643QjMl+K8JO9kZiy/J
JfKWghzrtX3ummLY9QHgGVKHW2FMfVTeNmOyy5Izj5cPqeDUT+P4hYJCoqMwDZouE7CyTRXgJ+WI7MOnsG9jYJBEl39YgDSr7nZ5dpV6WqtrKFcmvIaE0RVDyeQcDF2wa0kqQPnRJvdaa8QknAiAj3jT49l+uWEP0glQd7iwsH12Q4LkzEBWZA6aTmmfgQn1Q63GSMqOg8YKYc1dTRnaIATaADf6dXmtt1UYKRV2wPxFKrwmdQ6rxoeRNbT/rdCyoSAsfeT/Ej8SpCNRAcN1za03ciMVd6pWfWeUwjhAl7gIv4UeuOnOp1lqbUwjq81d6Ac/GEfKZxxExxGbQXmCen6jCHIk/k1lh1rQwetwUmyl51tP81Yn8S7l0vD33TdGaP/hIFAwKSmRdvB/amoSQb0ofOtZFbEYl0iENHz+L6fD5MKntd7Tq05FCOXQCDr2hcwAAAApgpMixhyE8AbywIJu5o1ta45TASopCQlyM1zxz9Uz9xawGCtDhuLjDo2StvFLSfvBb9nhFWWe/Mpm2NVUk7BTkdLul4k8vjvhVatGRGvuytwEW8LlhrgHWGvy3nJwE0IITteFhHVVc2C/QmLtCUMdwTmrQMonWAt1jlzIGpd+byi+fARtCgljw=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData>
\ No newline at end of file
Added: santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/plaintext.xml
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/plaintext.xml?rev=1230150&view=auto
==============================================================================
--- santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/plaintext.xml (added)
+++ santuario/xml-security-java/trunk/src/test/resources/org/w3c/www/interop/xmlenc-core-11/plaintext.xml Wed Jan 11 16:58:58 2012
@@ -0,0 +1,23 @@
+<PurchaseOrder xmlns="urn:example:po">
+ <Items>
+ <Item Code="001-001-001" Quantity="1">
+ spade
+ </Item>
+ <Item Code="001-001-002" Quantity="1">
+ shovel
+ </Item>
+ </Items>
+ <ShippingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </ShippingAddress>
+ <PaymentInfo>
+ <BillingAddress>
+ Dig PLC, 1 First Ave, Dublin 1, Ireland
+ </BillingAddress>
+ <CreditCard Type="Amex">
+ <Name>Foo B Baz</Name>
+ <Number>1234 567890 12345</Number>
+ <Expires Month="1" Year="2005"/>
+ </CreditCard>
+ </PaymentInfo>
+</PurchaseOrder>
\ No newline at end of file