You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2020/04/02 08:45:45 UTC
svn commit: r1876036 - in
/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax:
signature/SignatureVerificationTest.java utils/TestUtils.java
Author: coheigea
Date: Thu Apr 2 08:45:45 2020
New Revision: 1876036
URL: http://svn.apache.org/viewvc?rev=1876036&view=rev
Log:
SANTUARIO-529 - Removing tests that don't run with Java 8+
Modified:
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationTest.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/utils/TestUtils.java
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationTest.java?rev=1876036&r1=1876035&r2=1876036&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationTest.java Thu Apr 2 08:45:45 2020
@@ -1443,131 +1443,6 @@ public class SignatureVerificationTest e
}
@Test
- public void testAllowMD5Algorithm() throws Exception {
-
- String jsv = System.getProperty("java.specification.version");
- if (Double.parseDouble(jsv) > 1.7) {
- System.out.println("testAllowMD5Algorithm skipped");
- return;
- }
-
- // Read in plaintext document
- InputStream sourceDocument =
- this.getClass().getClassLoader().getResourceAsStream(
- "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
- Document document = XMLUtils.read(sourceDocument, false);
-
- // Set up the Key
- KeyStore keyStore = KeyStore.getInstance("jks");
- keyStore.load(
- this.getClass().getClassLoader().getResource("transmitter.jks").openStream(),
- "default".toCharArray()
- );
- Key key = keyStore.getKey("transmitter", "default".toCharArray());
- X509Certificate cert = (X509Certificate)keyStore.getCertificate("transmitter");
-
- // Sign using DOM
- List<String> localNames = new ArrayList<>();
- localNames.add("PaymentInfo");
- XMLSignature sig = signUsingDOM(
- "http://www.w3.org/2001/04/xmldsig-more#rsa-md5", document, localNames, key
- );
-
- // Add KeyInfo
- sig.addKeyInfo(cert);
-
- // Convert Document to a Stream Reader
- javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- transformer.transform(new DOMSource(document), new StreamResult(baos));
-
- XMLStreamReader xmlStreamReader = null;
- try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
- xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
- }
-
- // Verify signature
- XMLSecurityProperties properties = new XMLSecurityProperties();
- InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
- TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
- XMLStreamReader securityStreamReader =
- inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
-
- try {
- TestUtils.switchAllowMD5Algorithm(true);
- document = StAX2DOM.readDoc(securityStreamReader);
- } finally {
- TestUtils.switchAllowMD5Algorithm(false);
- }
- }
-
- @Test
- public void testMaximumAllowedXMLStructureDepth() throws Exception {
-
- String jsv = System.getProperty("java.specification.version");
- if (Double.parseDouble(jsv) > 1.7) {
- System.out.println("testMaximumAllowedXMLStructureDepth skipped");
- return;
- }
-
- // Read in plaintext document
- InputStream sourceDocument =
- this.getClass().getClassLoader().getResourceAsStream(
- "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
- Document document = XMLUtils.read(sourceDocument, false);
-
- // Set up the Key
- KeyStore keyStore = KeyStore.getInstance("jks");
- keyStore.load(
- this.getClass().getClassLoader().getResource("transmitter.jks").openStream(),
- "default".toCharArray()
- );
- Key key = keyStore.getKey("transmitter", "default".toCharArray());
- X509Certificate cert = (X509Certificate)keyStore.getCertificate("transmitter");
-
- // Sign using DOM
- List<String> localNames = new ArrayList<>();
- localNames.add("PaymentInfo");
- XMLSignature sig = signUsingDOM(
- "http://www.w3.org/2000/09/xmldsig#rsa-sha1", document, localNames, key
- );
-
- // Add KeyInfo
- sig.addKeyInfo(cert);
-
- // Convert Document to a Stream Reader
- javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- transformer.transform(new DOMSource(document), new StreamResult(baos));
-
- XMLStreamReader xmlStreamReader = null;
- try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
- xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
- }
-
- // Verify signature
- XMLSecurityProperties properties = new XMLSecurityProperties();
- InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
- TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
- XMLStreamReader securityStreamReader =
- inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
-
- int oldval = 0;
- try {
- oldval = TestUtils.changeValueOfMaximumAllowedXMLStructureDepth(5);
- document = StAX2DOM.readDoc(securityStreamReader);
- fail("Exception expected");
- } catch (XMLStreamException e) {
- assertTrue(e.getCause() instanceof XMLSecurityException);
- assertEquals("Maximum depth (5) of the XML structure reached. You can raise the maximum via the " +
- "\"MaximumAllowedXMLStructureDepth\" property in the configuration.",
- e.getCause().getMessage());
- } finally {
- TestUtils.changeValueOfMaximumAllowedXMLStructureDepth(oldval);
- }
- }
-
- @Test
public void testCustomC14nAlgo() throws Exception {
final String customC14N = "customC14N";
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/utils/TestUtils.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/utils/TestUtils.java?rev=1876036&r1=1876035&r2=1876036&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/utils/TestUtils.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/utils/TestUtils.java Thu Apr 2 08:45:45 2020
@@ -54,28 +54,5 @@ public class TestUtils {
field.set(null, value);
return oldval;
}
-
- public static void switchAllowMD5Algorithm(Boolean value) throws NoSuchFieldException, IllegalAccessException {
- Field field = InboundSecurityContextImpl.class.getDeclaredField("allowMD5Algorithm");
- field.setAccessible(true);
-
- Field modifiersField = Field.class.getDeclaredField("modifiers");
- modifiersField.setAccessible(true);
- modifiersField.setInt(field, field.getModifiers() & ~Modifier.FINAL);
-
- field.set(null, value);
- }
-
- public static int changeValueOfMaximumAllowedXMLStructureDepth(Integer value) throws NoSuchFieldException, IllegalAccessException {
- Field field = XMLEventReaderInputProcessor.class.getDeclaredField("maximumAllowedXMLStructureDepth");
- field.setAccessible(true);
-
- Field modifiersField = Field.class.getDeclaredField("modifiers");
- modifiersField.setAccessible(true);
- modifiersField.setInt(field, field.getModifiers() & ~Modifier.FINAL);
-
- Integer oldval = (Integer) field.get(null);
- field.set(null, value);
- return oldval;
- }
+
}