You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2020/02/25 17:48:56 UTC

svn commit: r1874521 - in /santuario/xml-security-java/branches/2.1.x-fixes: ./ src/test/java/javax/xml/crypto/test/dsig/HMACSignatureAlgorithmTest.java src/test/java/org/apache/xml/security/test/dom/signature/HMACOutputLengthTest.java

Author: coheigea
Date: Tue Feb 25 17:48:55 2020
New Revision: 1874521

URL: http://svn.apache.org/viewvc?rev=1874521&view=rev
Log:
Backporting tests

Modified:
    santuario/xml-security-java/branches/2.1.x-fixes/   (props changed)
    santuario/xml-security-java/branches/2.1.x-fixes/src/test/java/javax/xml/crypto/test/dsig/HMACSignatureAlgorithmTest.java
    santuario/xml-security-java/branches/2.1.x-fixes/src/test/java/org/apache/xml/security/test/dom/signature/HMACOutputLengthTest.java

Propchange: santuario/xml-security-java/branches/2.1.x-fixes/
------------------------------------------------------------------------------
  Merged /santuario/xml-security-java/trunk:r1874513

Modified: santuario/xml-security-java/branches/2.1.x-fixes/src/test/java/javax/xml/crypto/test/dsig/HMACSignatureAlgorithmTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/2.1.x-fixes/src/test/java/javax/xml/crypto/test/dsig/HMACSignatureAlgorithmTest.java?rev=1874521&r1=1874520&r2=1874521&view=diff
==============================================================================
--- santuario/xml-security-java/branches/2.1.x-fixes/src/test/java/javax/xml/crypto/test/dsig/HMACSignatureAlgorithmTest.java (original)
+++ santuario/xml-security-java/branches/2.1.x-fixes/src/test/java/javax/xml/crypto/test/dsig/HMACSignatureAlgorithmTest.java Tue Feb 25 17:48:55 2020
@@ -39,6 +39,7 @@ import javax.xml.crypto.dsig.dom.DOMSign
 import javax.xml.crypto.dsig.dom.DOMValidateContext;
 import javax.xml.crypto.dsig.keyinfo.KeyInfo;
 import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
+import javax.xml.crypto.dsig.spec.HMACParameterSpec;
 import javax.xml.crypto.test.KeySelectors;
 
 import org.apache.xml.security.utils.XMLUtils;
@@ -57,7 +58,7 @@ public class HMACSignatureAlgorithmTest
     private KeySelector sks;
     private CanonicalizationMethod withoutComments;
     private DigestMethod sha1;
-    private SignatureMethod hmacSha1, hmacSha224, hmacSha256, hmacSha384, hmacSha512, ripemd160;
+    private SignatureMethod hmacSha1, hmacSha224, hmacSha256, hmacSha384, hmacSha512, ripemd160, hmacSha256ParamSpec;
     private XMLSignatureFactory fac;
 
     static {
@@ -100,6 +101,8 @@ public class HMACSignatureAlgorithmTest
         hmacSha1 = fac.newSignatureMethod("http://www.w3.org/2000/09/xmldsig#hmac-sha1", null);
         hmacSha224 = fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#hmac-sha224", null);
         hmacSha256 = fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#hmac-sha256", null);
+        hmacSha256ParamSpec  = fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#hmac-sha256",
+                                                      new HMACParameterSpec(256));
         hmacSha384 = fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#hmac-sha384", null);
         hmacSha512 = fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#hmac-sha512", null);
         ripemd160 = fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160", null);
@@ -130,6 +133,12 @@ public class HMACSignatureAlgorithmTest
                                          TestUtils.getSecretKey("testkey".getBytes(StandardCharsets.US_ASCII)), sks);
     }
 
+    @org.junit.Test
+    public void testHMACSHA_256_ParamSpec() throws Exception {
+        test_create_signature_enveloping(hmacSha256ParamSpec, sha1, null,
+                                         TestUtils.getSecretKey("testkey".getBytes(StandardCharsets.US_ASCII)), sks);
+    }
+
     @org.junit.Test
     public void testHMACSHA_384() throws Exception {
         test_create_signature_enveloping(hmacSha384, sha1, null,

Modified: santuario/xml-security-java/branches/2.1.x-fixes/src/test/java/org/apache/xml/security/test/dom/signature/HMACOutputLengthTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/2.1.x-fixes/src/test/java/org/apache/xml/security/test/dom/signature/HMACOutputLengthTest.java?rev=1874521&r1=1874520&r2=1874521&view=diff
==============================================================================
--- santuario/xml-security-java/branches/2.1.x-fixes/src/test/java/org/apache/xml/security/test/dom/signature/HMACOutputLengthTest.java (original)
+++ santuario/xml-security-java/branches/2.1.x-fixes/src/test/java/org/apache/xml/security/test/dom/signature/HMACOutputLengthTest.java Tue Feb 25 17:48:55 2020
@@ -18,8 +18,10 @@
  */
 package org.apache.xml.security.test.dom.signature;
 
+import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
+import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.FileInputStream;
 import java.nio.charset.StandardCharsets;
@@ -30,9 +32,11 @@ import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.NodeList;
 import org.apache.xml.security.Init;
+import org.apache.xml.security.algorithms.MessageDigestAlgorithm;
 import org.apache.xml.security.c14n.Canonicalizer;
 import org.apache.xml.security.signature.XMLSignature;
 import org.apache.xml.security.signature.XMLSignatureException;
+import org.apache.xml.security.transforms.Transforms;
 import org.apache.xml.security.utils.Constants;
 import org.apache.xml.security.utils.XMLUtils;
 
@@ -94,6 +98,53 @@ public class HMACOutputLengthTest {
         }
     }
 
+    @org.junit.Test
+    public void testValidHMACOutputLength() throws Exception {
+        Document doc = XMLUtils.newDocument();
+
+        doc.appendChild(doc.createComment(" Comment before "));
+        Element root = doc.createElementNS("", "RootElement");
+
+        doc.appendChild(root);
+        root.appendChild(doc.createTextNode("Some simple text\n"));
+
+        Element canonElem =
+            XMLUtils.createElementInSignatureSpace(doc, Constants._TAG_CANONICALIZATIONMETHOD);
+        canonElem.setAttributeNS(
+            null, Constants._ATT_ALGORITHM, Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS
+        );
+
+        XMLSignature sig =
+            new XMLSignature(doc, null, XMLSignature.ALGO_ID_MAC_HMAC_SHA1, 160);
+
+        root.appendChild(sig.getElement());
+        doc.appendChild(doc.createComment(" Comment after "));
+        Transforms transforms = new Transforms(doc);
+        transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
+        transforms.addTransform(Transforms.TRANSFORM_C14N_WITH_COMMENTS);
+        sig.addDocument("", transforms, MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA256);
+
+        SecretKey sk = sig.createSecretKey("secret".getBytes(StandardCharsets.US_ASCII));
+        sig.sign(sk);
+
+        ByteArrayOutputStream bos = new ByteArrayOutputStream();
+
+        XMLUtils.outputDOMc14nWithComments(doc, bos);
+        String signedContent = new String(bos.toByteArray());
+
+        assertTrue(signedContent.contains("ds:HMACOutputLength>160</ds:HMACOutputLength>"));
+
+        // Verify
+        NodeList nl =
+            doc.getElementsByTagNameNS(Constants.SignatureSpecNS, "Signature");
+        if (nl.getLength() == 0) {
+            throw new Exception("Couldn't find signature Element");
+        }
+        Element sigElement = (Element) nl.item(0);
+        XMLSignature signature = new XMLSignature(sigElement, null);
+        assertTrue(signature.checkSignatureValue(sk));
+    }
+
     private boolean validate(String data) throws Exception {
         File file =
             new File(BASEDIR + SEP + "src/test/resources" + SEP + "javax" + SEP + "xml"