You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2012/07/16 16:24:53 UTC
svn commit: r1362055 - in /santuario/xml-security-java/trunk/src:
main/java/org/apache/xml/security/stax/impl/securityToken/
test/java/org/apache/xml/security/test/stax/signature/
Author: coheigea
Date: Mon Jul 16 14:24:53 2012
New Revision: 1362055
URL: http://svn.apache.org/viewvc?rev=1362055&view=rev
Log:
Added some more interop tests
Added:
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/PhaosTest.java
Modified:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/securityToken/SecurityTokenFactoryImpl.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/RSASecurityTest.java
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/securityToken/SecurityTokenFactoryImpl.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/securityToken/SecurityTokenFactoryImpl.java?rev=1362055&r1=1362054&r2=1362055&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/securityToken/SecurityTokenFactoryImpl.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/securityToken/SecurityTokenFactoryImpl.java Mon Jul 16 14:24:53 2012
@@ -135,6 +135,26 @@ public class SecurityTokenFactoryImpl ex
XMLSecurityProperties securityProperties,
SecurityContext securityContext)
throws XMLSecurityException, Base64DecodingException {
+ // X509Certificate
+ byte[] certBytes =
+ XMLSecurityUtils.getQNameType(
+ x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName(),
+ XMLSecurityConstants.TAG_dsig_X509Certificate
+ );
+ if (certBytes != null) {
+ X509Certificate cert = getCertificateFromBytes(certBytes);
+ TokenType tokenType = XMLSecurityConstants.X509V3Token;
+ if (cert.getVersion() == 1) {
+ tokenType = XMLSecurityConstants.X509V1Token;
+ }
+ X509SecurityToken token =
+ new X509SecurityToken(tokenType, securityContext,
+ securityProperties.getCallbackHandler(), "",
+ XMLSecurityConstants.XMLKeyIdentifierType.X509_CERTIFICATE);
+ token.setX509Certificates(new X509Certificate[]{cert});
+ return token;
+ }
+
// Issuer Serial
final X509IssuerSerialType issuerSerialType =
XMLSecurityUtils.getQNameType(
@@ -170,26 +190,6 @@ public class SecurityTokenFactoryImpl ex
return token;
}
- // X509Certificate
- byte[] certBytes =
- XMLSecurityUtils.getQNameType(
- x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName(),
- XMLSecurityConstants.TAG_dsig_X509Certificate
- );
- if (certBytes != null) {
- X509Certificate cert = getCertificateFromBytes(certBytes);
- TokenType tokenType = XMLSecurityConstants.X509V3Token;
- if (cert.getVersion() == 1) {
- tokenType = XMLSecurityConstants.X509V1Token;
- }
- X509SecurityToken token =
- new X509SecurityToken(tokenType, securityContext,
- securityProperties.getCallbackHandler(), "",
- XMLSecurityConstants.XMLKeyIdentifierType.X509_CERTIFICATE);
- token.setX509Certificates(new X509Certificate[]{cert});
- return token;
- }
-
// Subject Name
String subjectName =
XMLSecurityUtils.getQNameType(
Added: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/PhaosTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/PhaosTest.java?rev=1362055&view=auto
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/PhaosTest.java (added)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/PhaosTest.java Mon Jul 16 14:24:53 2012
@@ -0,0 +1,379 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.xml.security.test.stax.signature;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.InputStream;
+
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.stream.XMLInputFactory;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+
+import org.apache.xml.security.stax.config.Init;
+import org.apache.xml.security.stax.ext.InboundXMLSec;
+import org.apache.xml.security.stax.ext.XMLSec;
+import org.apache.xml.security.stax.ext.XMLSecurityProperties;
+import org.apache.xml.security.test.stax.utils.StAX2DOM;
+import org.apache.xml.security.test.stax.utils.XMLSecEventAllocator;
+import org.junit.Before;
+import org.junit.Test;
+import org.w3c.dom.Document;
+
+/**
+ * This is a testcase to validate all "phaos-xmldsig-three"
+ * testcases from Phaos
+ */
+public class PhaosTest extends org.junit.Assert {
+
+ private XMLInputFactory xmlInputFactory;
+ private DocumentBuilderFactory documentBuilderFactory;
+ private TransformerFactory transformerFactory = TransformerFactory.newInstance();
+
+ @Before
+ public void setUp() throws Exception {
+ Init.init(PhaosTest.class.getClassLoader().getResource("security-config.xml").toURI());
+ org.apache.xml.security.Init.init();
+
+ xmlInputFactory = XMLInputFactory.newInstance();
+ xmlInputFactory.setEventAllocator(new XMLSecEventAllocator());
+
+ documentBuilderFactory = DocumentBuilderFactory.newInstance();
+ documentBuilderFactory.setNamespaceAware(true);
+ documentBuilderFactory.setIgnoringComments(false);
+ documentBuilderFactory.setCoalescing(false);
+ documentBuilderFactory.setIgnoringElementContentWhitespace(false);
+ }
+
+
+ @Test
+ public void test_signature_dsa_detached() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "com/phaos/phaos-xmldsig-three/signature-dsa-detached.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
+ XMLStreamReader securityStreamReader =
+ inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
+
+ StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+ }
+
+ // See Santuario-320
+ @Test
+ @org.junit.Ignore
+ public void test_signature_dsa_enveloped() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "com/phaos/phaos-xmldsig-three/signature-dsa-enveloped.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
+ XMLStreamReader securityStreamReader =
+ inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
+
+ StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+ }
+
+ @Test
+ public void test_signature_dsa_enveloping() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "com/phaos/phaos-xmldsig-three/signature-dsa-enveloping.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
+ XMLStreamReader securityStreamReader =
+ inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
+
+ StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+ }
+
+ @Test
+ public void test_signature_hmac_sha1_exclusive_c14n_comments_detached() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "com/phaos/phaos-xmldsig-three/signature-hmac-sha1-exclusive-c14n-comments-detached.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // Set up the key
+ byte[] hmacKey = "test".getBytes("ASCII");
+ SecretKey key = new SecretKeySpec(hmacKey, "http://www.w3.org/2000/09/xmldsig#hmac-sha1");
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ properties.setSignatureVerificationKey(key);
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
+ XMLStreamReader securityStreamReader =
+ inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
+
+ StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+ }
+
+ // See Santuario-320
+ @Test
+ @org.junit.Ignore
+ public void test_signature_hmac_sha1_exclusive_c14n_enveloped() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "com/phaos/phaos-xmldsig-three/signature-hmac-sha1-exclusive-c14n-enveloped.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // Set up the key
+ byte[] hmacKey = "test".getBytes("ASCII");
+ SecretKey key = new SecretKeySpec(hmacKey, "http://www.w3.org/2000/09/xmldsig#hmac-sha1");
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ properties.setSignatureVerificationKey(key);
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
+ XMLStreamReader securityStreamReader =
+ inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
+
+ StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+ }
+
+ // See Santuario-318
+ @Test
+ @org.junit.Ignore
+ public void test_signature_rsa_detached_b64_transform() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "com/phaos/phaos-xmldsig-three/signature-rsa-detached-b64-transform.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // Set up the key
+ byte[] hmacKey = "test".getBytes("ASCII");
+ SecretKey key = new SecretKeySpec(hmacKey, "http://www.w3.org/2000/09/xmldsig#hmac-sha1");
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ properties.setSignatureVerificationKey(key);
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
+ XMLStreamReader securityStreamReader =
+ inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
+
+ StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+ }
+
+ @Test
+ public void test_signature_rsa_detached() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "com/phaos/phaos-xmldsig-three/signature-rsa-detached.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
+ XMLStreamReader securityStreamReader =
+ inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
+
+ StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+ }
+
+ // See Santuario-320
+ @Test
+ @org.junit.Ignore
+ public void test_signature_rsa_enveloped_bad_digest_val() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "com/phaos/phaos-xmldsig-three/signature-rsa-enveloped-bad-digest-val.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
+ try {
+ inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
+ fail("Failure expected on a bad digest");
+ } catch (XMLStreamException ex) {
+ // expected
+ }
+ }
+
+ // See Santuario-320
+ @Test
+ @org.junit.Ignore
+ public void test_signature_rsa_enveloped() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "com/phaos/phaos-xmldsig-three/signature-rsa-enveloped.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
+ XMLStreamReader securityStreamReader =
+ inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
+
+ StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+ }
+
+ @Test
+ public void test_signature_rsa_enveloping() throws Exception {
+ // Read in plaintext document
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "com/phaos/phaos-xmldsig-three/signature-rsa-enveloping.xml");
+ DocumentBuilder builder = documentBuilderFactory.newDocumentBuilder();
+ Document document = builder.parse(sourceDocument);
+
+ // XMLUtils.outputDOM(document, System.out);
+
+ // Convert Document to a Stream Reader
+ javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ transformer.transform(new DOMSource(document), new StreamResult(baos));
+ final XMLStreamReader xmlStreamReader =
+ xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify signature
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+ TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
+ XMLStreamReader securityStreamReader =
+ inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
+
+ StAX2DOM.readDoc(documentBuilderFactory.newDocumentBuilder(), securityStreamReader);
+ }
+
+}
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/RSASecurityTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/RSASecurityTest.java?rev=1362055&r1=1362054&r2=1362055&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/RSASecurityTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/RSASecurityTest.java Mon Jul 16 14:24:53 2012
@@ -82,7 +82,7 @@ public class RSASecurityTest extends org
}
- // TODO - not working?
+ // TODO - not working? See SANTUARIO-328.
@Test
@org.junit.Ignore
public void test_enveloping() throws Exception {