You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2012/07/02 15:56:02 UTC
svn commit: r1356229 - in /santuario/xml-security-java/trunk/src:
main/java/org/apache/xml/security/stax/impl/processor/output/XMLSignatureOutputProcessor.java
test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java
Author: coheigea
Date: Mon Jul 2 13:56:01 2012
New Revision: 1356229
URL: http://svn.apache.org/viewvc?rev=1356229&view=rev
Log:
[SANTUARIO-316] - Fixed failing streaming signature creation test
Modified:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/XMLSignatureOutputProcessor.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/XMLSignatureOutputProcessor.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/XMLSignatureOutputProcessor.java?rev=1356229&r1=1356228&r2=1356229&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/XMLSignatureOutputProcessor.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/processor/output/XMLSignatureOutputProcessor.java Mon Jul 2 13:56:01 2012
@@ -85,17 +85,27 @@ public class XMLSignatureOutputProcessor
attributeList.add(createAttribute(XMLSecurityConstants.ATT_NULL_Id, signaturePartDef.getSigRefId()));
xmlSecEvent = addAttributes(xmlSecStartElement, attributeList);
}
- outputProcessorChain.getSecurityContext().put(
- XMLSecurityConstants.PROP_APPEND_SIGNATURE_ON_THIS_ID,
- signaturePartDef.getSigRefId()
- );
+ String signatureAppendId =
+ outputProcessorChain.getSecurityContext().get(
+ XMLSecurityConstants.PROP_APPEND_SIGNATURE_ON_THIS_ID);
+ if (signatureAppendId == null || "".equals(signatureAppendId)) {
+ outputProcessorChain.getSecurityContext().put(
+ XMLSecurityConstants.PROP_APPEND_SIGNATURE_ON_THIS_ID,
+ signaturePartDef.getSigRefId()
+ );
+ }
} else {
signaturePartDef.setSigRefId(securePart.getIdToSign());
signaturePartDef.setC14nAlgo(getSecurityProperties().getSignatureCanonicalizationAlgorithm());
- outputProcessorChain.getSecurityContext().put(
+ String signatureAppendId =
+ outputProcessorChain.getSecurityContext().get(
+ XMLSecurityConstants.PROP_APPEND_SIGNATURE_ON_THIS_ID);
+ if (signatureAppendId == null || "".equals(signatureAppendId)) {
+ outputProcessorChain.getSecurityContext().put(
XMLSecurityConstants.PROP_APPEND_SIGNATURE_ON_THIS_ID,
securePart.getIdToSign()
- );
+ );
+ }
}
getSignaturePartDefList().add(signaturePartDef);
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java?rev=1356229&r1=1356228&r2=1356229&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java Mon Jul 2 13:56:01 2012
@@ -26,6 +26,7 @@ import java.security.cert.X509Certificat
import java.util.List;
import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.stream.XMLInputFactory;
@@ -118,7 +119,7 @@ public class SignatureCreationTest exten
}
@Test
- public void testMultipleElementsSignatureCreation() throws Exception {
+ public void testMultipleElements() throws Exception {
// Set up the Configuration
XMLSecurityProperties properties = new XMLSecurityProperties();
XMLSecurityConstants.Action[] actions =
@@ -163,7 +164,7 @@ public class SignatureCreationTest exten
verifyUsingDOM(document, x509Certificates[0], properties.getSignatureSecureParts());
}
- // @Test
+ @Test
public void testHMACSignatureCreation() throws Exception {
// Set up the Configuration
XMLSecurityProperties properties = new XMLSecurityProperties();
@@ -179,10 +180,10 @@ public class SignatureCreationTest exten
SecurePart securePart =
new SecurePart(new QName("urn:example:po", "PaymentInfo"), SecurePart.Modifier.Content);
properties.addSignaturePart(securePart);
-
+
// Set the key up
byte[] hmacKey = "secret".getBytes("ASCII");
- SecretKey key = getHMACSecretKey(hmacKey);
+ SecretKey key = new SecretKeySpec(hmacKey, "http://www.w3.org/2000/09/xmldsig#hmac-sha1");
properties.setSignatureKey(key);
OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
@@ -197,7 +198,7 @@ public class SignatureCreationTest exten
XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
xmlStreamWriter.close();
- System.out.println("Got:\n" + new String(baos.toByteArray(), "UTF-8"));
+ // System.out.println("Got:\n" + new String(baos.toByteArray(), "UTF-8"));
Document document =
documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
@@ -342,6 +343,94 @@ public class SignatureCreationTest exten
verifyUsingDOM(document, x509Certificates[0], properties.getSignatureSecureParts());
}
+ @Test
+ public void testDifferentC14nMethod() throws Exception {
+ // Set up the Configuration
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ XMLSecurityConstants.Action[] actions =
+ new XMLSecurityConstants.Action[]{XMLSecurityConstants.SIGNATURE};
+ properties.setOutAction(actions);
+ properties.loadSignatureKeyStore(
+ this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray()
+ );
+ properties.setSignatureUser("transmitter");
+ properties.setSignatureCanonicalizationAlgorithm("http://www.w3.org/TR/2001/REC-xml-c14n-20010315");
+
+ SecurePart securePart =
+ new SecurePart(new QName("urn:example:po", "PaymentInfo"), SecurePart.Modifier.Content);
+ properties.addSignaturePart(securePart);
+
+ // Set the key up
+ Key key = properties.getSignatureCrypto().getPrivateKey("transmitter", "default");
+ properties.setSignatureKey(key);
+
+ OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, "UTF-8");
+
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
+ XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(sourceDocument);
+
+ XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
+ xmlStreamWriter.close();
+
+ // System.out.println("Got:\n" + new String(baos.toByteArray(), "UTF-8"));
+ Document document =
+ documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify using DOM
+ CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
+ cryptoType.setAlias(properties.getSignatureUser());
+ X509Certificate[] x509Certificates = properties.getSignatureCrypto().getX509Certificates(cryptoType);
+ verifyUsingDOM(document, x509Certificates[0], properties.getSignatureSecureParts());
+ }
+
+ @Test
+ public void testC14n11Method() throws Exception {
+ // Set up the Configuration
+ XMLSecurityProperties properties = new XMLSecurityProperties();
+ XMLSecurityConstants.Action[] actions =
+ new XMLSecurityConstants.Action[]{XMLSecurityConstants.SIGNATURE};
+ properties.setOutAction(actions);
+ properties.loadSignatureKeyStore(
+ this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray()
+ );
+ properties.setSignatureUser("transmitter");
+ properties.setSignatureCanonicalizationAlgorithm("http://www.w3.org/2006/12/xml-c14n11");
+
+ SecurePart securePart =
+ new SecurePart(new QName("urn:example:po", "PaymentInfo"), SecurePart.Modifier.Content);
+ properties.addSignaturePart(securePart);
+
+ // Set the key up
+ Key key = properties.getSignatureCrypto().getPrivateKey("transmitter", "default");
+ properties.setSignatureKey(key);
+
+ OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, "UTF-8");
+
+ InputStream sourceDocument =
+ this.getClass().getClassLoader().getResourceAsStream(
+ "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
+ XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(sourceDocument);
+
+ XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
+ xmlStreamWriter.close();
+
+ // System.out.println("Got:\n" + new String(baos.toByteArray(), "UTF-8"));
+ Document document =
+ documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
+
+ // Verify using DOM
+ CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
+ cryptoType.setAlias(properties.getSignatureUser());
+ X509Certificate[] x509Certificates = properties.getSignatureCrypto().getX509Certificates(cryptoType);
+ verifyUsingDOM(document, x509Certificates[0], properties.getSignatureSecureParts());
+ }
+
/**
* Verify the document using DOM
@@ -401,19 +490,7 @@ public class SignatureCreationTest exten
}
XMLSignature signature = new XMLSignature(sigElement, "");
- KeyInfo ki = signature.getKeyInfo();
- Assert.assertNotNull(ki);
-
Assert.assertTrue(signature.checkSignatureValue(secretKey));
}
- private SecretKey getHMACSecretKey(final byte[] secret) {
- return new SecretKey() {
- private static final long serialVersionUID = -6527915934685938837L;
- public String getFormat() { return "RAW"; }
- public byte[] getEncoded() { return secret; }
- public String getAlgorithm(){ return "SECRET"; }
- };
- }
-
}