You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2019/02/01 11:20:57 UTC
svn commit: r1852720 - in /webservices/wss4j/trunk/ws-security-dom/src:
main/java/org/apache/wss4j/dom/action/
test/java/org/apache/wss4j/dom/message/
Author: coheigea
Date: Fri Feb 1 11:20:57 2019
New Revision: 1852720
URL: http://svn.apache.org/viewvc?rev=1852720&view=rev
Log:
Adding some more derived key tests
Modified:
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionDerivedAction.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/DerivedKeyActionTest.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/DerivedKeyTest.java
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionDerivedAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionDerivedAction.java?rev=1852720&r1=1852719&r2=1852720&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionDerivedAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionDerivedAction.java Fri Feb 1 11:20:57 2019
@@ -92,7 +92,10 @@ public class EncryptionDerivedAction ext
if ("EncryptedKey".equals(derivedKeyTokenReference)) {
if (reqData.getSignatureToken() == null || reqData.getSignatureToken().getKey() == null
|| reqData.getSignatureToken().getKeyIdentifier() == null) {
- String symmetricKeyAlgorithm = WSConstants.AES_128;
+ String symmetricKeyAlgorithm = encryptionToken.getSymmetricAlgorithm();
+ if (symmetricKeyAlgorithm == null) {
+ symmetricKeyAlgorithm = WSConstants.AES_128;
+ }
KeyGenerator keyGen = KeyUtils.getKeyGenerator(symmetricKeyAlgorithm);
symmetricKey = keyGen.generateKey();
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/DerivedKeyActionTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/DerivedKeyActionTest.java?rev=1852720&r1=1852719&r2=1852720&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/DerivedKeyActionTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/DerivedKeyActionTest.java Fri Feb 1 11:20:57 2019
@@ -46,6 +46,7 @@ import org.apache.wss4j.dom.handler.WSHa
import org.apache.wss4j.dom.handler.WSHandlerResult;
import org.junit.Test;
+import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
/**
@@ -358,6 +359,42 @@ public class DerivedKeyActionTest {
if (LOG.isDebugEnabled()) {
LOG.debug(outputString);
}
+
+ verify(doc);
+ }
+
+ @Test
+ public void testEncryptionThumbprintAES256() throws Exception {
+ final WSSConfig cfg = WSSConfig.getNewInstance();
+ final RequestData reqData = new RequestData();
+ reqData.setWssConfig(cfg);
+ reqData.setUsername("wss40");
+
+ java.util.Map<String, Object> config = new java.util.TreeMap<>();
+ config.put(WSHandlerConstants.ENC_PROP_FILE, "wss40.properties");
+ config.put(WSHandlerConstants.PW_CALLBACK_REF, callbackHandler);
+ config.put(WSHandlerConstants.DERIVED_TOKEN_REFERENCE, "EncryptedKey");
+ config.put(WSHandlerConstants.DERIVED_TOKEN_KEY_ID, "Thumbprint");
+ config.put(WSHandlerConstants.ENC_SYM_ALGO, WSConstants.AES_256);
+ reqData.setMsgContext(config);
+
+ final Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+ CustomHandler handler = new CustomHandler();
+ HandlerAction action = new HandlerAction(WSConstants.DKT_ENCR);
+ handler.send(
+ doc,
+ reqData,
+ Collections.singletonList(action),
+ true
+ );
+ String outputString =
+ XMLUtils.prettyDocumentToString(doc);
+ assertTrue(outputString.contains(ConversationConstants.WSC_NS_05_12));
+ assertTrue(outputString.contains(WSConstants.AES_256));
+ assertFalse(outputString.contains(WSConstants.AES_128));
+ if (LOG.isDebugEnabled()) {
+ LOG.debug(outputString);
+ }
verify(doc);
}
Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/DerivedKeyTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/DerivedKeyTest.java?rev=1852720&r1=1852719&r2=1852720&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/DerivedKeyTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/DerivedKeyTest.java Fri Feb 1 11:20:57 2019
@@ -82,7 +82,7 @@ public class DerivedKeyTest {
encrKeyBuilder.setUserInfo("wss40");
encrKeyBuilder.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
- KeyGenerator keyGen = KeyUtils.getKeyGenerator(WSConstants.AES_128);
+ KeyGenerator keyGen = KeyUtils.getKeyGenerator(WSConstants.TRIPLE_DES);
SecretKey symmetricKey = keyGen.generateKey();
encrKeyBuilder.prepare(crypto, symmetricKey);
@@ -92,19 +92,20 @@ public class DerivedKeyTest {
//Derived key encryption
WSSecDKEncrypt encrBuilder = new WSSecDKEncrypt(secHeader);
- encrBuilder.setSymmetricEncAlgorithm(WSConstants.AES_128);
+ encrBuilder.setSymmetricEncAlgorithm(WSConstants.TRIPLE_DES);
encrBuilder.setTokenIdentifier(tokenIdentifier);
Document encryptedDoc = encrBuilder.build(ek);
encrKeyBuilder.prependToHeader();
encrKeyBuilder.prependBSTElementToHeader();
+ String outputString =
+ XMLUtils.prettyDocumentToString(encryptedDoc);
if (LOG.isDebugEnabled()) {
LOG.debug("Encrypted message: 3DES + DerivedKeys");
- String outputString =
- XMLUtils.prettyDocumentToString(encryptedDoc);
LOG.debug(outputString);
}
+ assertTrue(outputString.contains(WSConstants.TRIPLE_DES));
verify(doc);
}
@@ -140,12 +141,51 @@ public class DerivedKeyTest {
encrKeyBuilder.prependToHeader();
encrKeyBuilder.prependBSTElementToHeader();
+ String outputString =
+ XMLUtils.prettyDocumentToString(encryptedDoc);
if (LOG.isDebugEnabled()) {
- LOG.debug("Encrypted message: 3DES + DerivedKeys");
- String outputString =
- XMLUtils.prettyDocumentToString(encryptedDoc);
+ LOG.debug("Encrypted message: AES + DerivedKeys");
+ LOG.debug(outputString);
+ }
+ assertTrue(outputString.contains(WSConstants.AES_128));
+ verify(doc);
+ }
+
+ @Test
+ public void testEncryptionDecryptionAES256() throws Exception {
+ Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+ WSSecHeader secHeader = new WSSecHeader(doc);
+ secHeader.insertSecurityHeader();
+
+ //EncryptedKey
+ WSSecEncryptedKey encrKeyBuilder = new WSSecEncryptedKey(secHeader);
+ encrKeyBuilder.setUserInfo("wss40");
+ encrKeyBuilder.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
+
+ KeyGenerator keyGen = KeyUtils.getKeyGenerator(WSConstants.AES_256);
+ SecretKey symmetricKey = keyGen.generateKey();
+ encrKeyBuilder.prepare(crypto, symmetricKey);
+
+ //Key information from the EncryptedKey
+ byte[] ek = symmetricKey.getEncoded();
+ String tokenIdentifier = encrKeyBuilder.getId();
+
+ //Derived key encryption
+ WSSecDKEncrypt encrBuilder = new WSSecDKEncrypt(secHeader);
+ encrBuilder.setSymmetricEncAlgorithm(WSConstants.AES_256);
+ encrBuilder.setTokenIdentifier(tokenIdentifier);
+ Document encryptedDoc = encrBuilder.build(ek);
+
+ encrKeyBuilder.prependToHeader();
+ encrKeyBuilder.prependBSTElementToHeader();
+
+ String outputString =
+ XMLUtils.prettyDocumentToString(encryptedDoc);
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Encrypted message: AES + DerivedKeys");
LOG.debug(outputString);
}
+ assertTrue(outputString.contains(WSConstants.AES_256));
verify(doc);
}