New upstream version 2.0.10
Emmanuel Bourg
5 years ago
| 0 | 0 | Apache Santuario - XML Security for Java |
| 1 | Copyright 1999-2017 The Apache Software Foundation | |
| 1 | Copyright 1999-2018 The Apache Software Foundation | |
| 2 | 2 | |
| 3 | 3 | This product includes software developed at |
| 4 | 4 | The Apache Software Foundation (http://www.apache.org/). |
| 21 | 21 | <artifactId>xmlsec</artifactId> |
| 22 | 22 | <packaging>bundle</packaging> |
| 23 | 23 | <name>Apache XML Security for Java</name> |
| 24 | <version>2.0.9</version> | |
| 24 | <version>2.0.10</version> | |
| 25 | 25 | <description> |
| 26 | 26 | Apache XML Security for Java supports XML-Signature Syntax and Processing, |
| 27 | 27 | W3C Recommendation 12 February 2002, and XML Encryption Syntax and |
| 56 | 56 | </licenses> |
| 57 | 57 | <scm> |
| 58 | 58 | <connection> |
| 59 | scm:svn:http://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.9 | |
| 59 | scm:svn:http://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.10 | |
| 60 | 60 | </connection> |
| 61 | 61 | <developerConnection> |
| 62 | scm:svn:https://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.9 | |
| 62 | scm:svn:https://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.10 | |
| 63 | 63 | </developerConnection> |
| 64 | <url>http://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.9</url> | |
| 64 | <url>http://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.10</url> | |
| 65 | 65 | </scm> |
| 66 | 66 | <organization> |
| 67 | 67 | <name>The Apache Software Foundation</name> |
| 136 | 136 | <plugin> |
| 137 | 137 | <groupId>org.apache.maven.plugins</groupId> |
| 138 | 138 | <artifactId>maven-compiler-plugin</artifactId> |
| 139 | <version>3.6.0</version> | |
| 139 | <version>3.6.2</version> | |
| 140 | 140 | <configuration> |
| 141 | 141 | <source>${targetJdk}</source> |
| 142 | 142 | <target>${targetJdk}</target> |
| 345 | 345 | <plugin> |
| 346 | 346 | <groupId>org.apache.maven.plugins</groupId> |
| 347 | 347 | <artifactId>maven-surefire-plugin</artifactId> |
| 348 | <version>2.19.1</version> | |
| 348 | <version>2.20.1</version> | |
| 349 | 349 | <configuration> |
| 350 | 350 | <reportFormat>brief</reportFormat> |
| 351 | 351 | <useFile>false</useFile> |
| 471 | 471 | <properties> |
| 472 | 472 | <xml.apis.version>1.4.01</xml.apis.version> |
| 473 | 473 | <oldxmlsec.version>1.5.8</oldxmlsec.version> |
| 474 | <slf4j.version>1.7.22</slf4j.version> | |
| 474 | <slf4j.version>1.7.25</slf4j.version> | |
| 475 | 475 | <xalan.version>2.7.2</xalan.version> |
| 476 | 476 | <xerces.version>2.11.0</xerces.version> |
| 477 | 477 | <junit.version>4.12</junit.version> |
| 478 | 478 | <log4j.version>1.2.17</log4j.version> |
| 479 | <bcprov.version>1.57</bcprov.version> | |
| 479 | <bcprov.version>1.59</bcprov.version> | |
| 480 | 480 | <xmlunit.version>1.6</xmlunit.version> |
| 481 | <commons.codec.version>1.10</commons.codec.version> | |
| 482 | <woodstox.core.asl.version>4.4.1</woodstox.core.asl.version> | |
| 481 | <commons.codec.version>1.11</commons.codec.version> | |
| 482 | <woodstox.core.version>5.0.3</woodstox.core.version> | |
| 483 | 483 | <jetty.version>8.1.22.v20160922</jetty.version> |
| 484 | 484 | <xmlsec.jaxb.context.class /> |
| 485 | 485 | <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> |
| 498 | 498 | <scope>compile</scope> |
| 499 | 499 | </dependency> |
| 500 | 500 | <dependency> |
| 501 | <groupId>org.codehaus.woodstox</groupId> | |
| 502 | <artifactId>woodstox-core-asl</artifactId> | |
| 503 | <version>${woodstox.core.asl.version}</version> | |
| 501 | <groupId>com.fasterxml.woodstox</groupId> | |
| 502 | <artifactId>woodstox-core</artifactId> | |
| 503 | <version>${woodstox.core.version}</version> | |
| 504 | 504 | <scope>compile</scope> |
| 505 | 505 | </dependency> |
| 506 | 506 | <dependency> |
| 26 | 26 | * Portions copyright 2005 Sun Microsystems, Inc. All rights reserved. |
| 27 | 27 | */ |
| 28 | 28 | /* |
| 29 | * $Id: XMLDSigRI.java 1772201 2016-12-01 13:37:09Z coheigea $ | |
| 29 | * $Id: XMLDSigRI.java 1804980 2017-08-14 11:05:09Z coheigea $ | |
| 30 | 30 | */ |
| 31 | 31 | package org.apache.jcp.xml.dsig.internal.dom; |
| 32 | 32 | |
| 56 | 56 | |
| 57 | 57 | public XMLDSigRI() { |
| 58 | 58 | /* We are the ApacheXMLDSig provider */ |
| 59 | super("ApacheXMLDSig", 2.09, INFO); | |
| 59 | super("ApacheXMLDSig", 2.010, INFO); | |
| 60 | 60 | |
| 61 | 61 | final Map<Object, Object> map = new HashMap<Object, Object>(); |
| 62 | 62 | map.put("XMLSignatureFactory.DOM", |
| 163 | 163 | new Algorithm("RSA", "SHA512withRSAandMGF1", "Signature") |
| 164 | 164 | ); |
| 165 | 165 | algorithmsMap.put( |
| 166 | XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_224_MGF1, | |
| 167 | new Algorithm("RSA", "SHA3-224withRSAandMGF1", "Signature") | |
| 168 | ); | |
| 169 | algorithmsMap.put( | |
| 170 | XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1, | |
| 171 | new Algorithm("RSA", "SHA3-256withRSAandMGF1", "Signature") | |
| 172 | ); | |
| 173 | algorithmsMap.put( | |
| 174 | XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_384_MGF1, | |
| 175 | new Algorithm("RSA", "SHA3-384withRSAandMGF1", "Signature") | |
| 176 | ); | |
| 177 | algorithmsMap.put( | |
| 178 | XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1, | |
| 179 | new Algorithm("RSA", "SHA3-512withRSAandMGF1", "Signature") | |
| 180 | ); | |
| 181 | algorithmsMap.put( | |
| 166 | 182 | XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1, |
| 167 | 183 | new Algorithm("EC", "SHA1withECDSA", "Signature") |
| 168 | 184 | ); |
| 147 | 147 | log.debug("Create URI \"" + algorithmURI + "\" class \"" |
| 148 | 148 | + implementingClass + "\""); |
| 149 | 149 | } |
| 150 | if (implementingClass == null) { | |
| 151 | Object exArgs[] = { algorithmURI }; | |
| 152 | throw new XMLSignatureException("algorithms.NoSuchAlgorithmNoEx", exArgs); | |
| 153 | } | |
| 150 | 154 | return implementingClass.newInstance(); |
| 151 | 155 | } catch (IllegalAccessException ex) { |
| 152 | 156 | Object exArgs[] = { algorithmURI, ex.getMessage() }; |
| 153 | 157 | throw new XMLSignatureException(ex, "algorithms.NoSuchAlgorithm", exArgs); |
| 154 | } catch (InstantiationException ex) { | |
| 158 | } catch (InstantiationException ex) { | |
| 155 | 159 | Object exArgs[] = { algorithmURI, ex.getMessage() }; |
| 156 | 160 | throw new XMLSignatureException(ex, "algorithms.NoSuchAlgorithm", exArgs); |
| 157 | } catch (NullPointerException ex) { | |
| 161 | } catch (NullPointerException ex) { | |
| 158 | 162 | Object exArgs[] = { algorithmURI, ex.getMessage() }; |
| 159 | 163 | throw new XMLSignatureException(ex, "algorithms.NoSuchAlgorithm", exArgs); |
| 160 | 164 | } |
| 430 | 434 | XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512_MGF1, SignatureBaseRSA.SignatureRSASHA512MGF1.class |
| 431 | 435 | ); |
| 432 | 436 | algorithmHash.put( |
| 437 | XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_224_MGF1, SignatureBaseRSA.SignatureRSASHA3_224MGF1.class | |
| 438 | ); | |
| 439 | algorithmHash.put( | |
| 440 | XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1, SignatureBaseRSA.SignatureRSASHA3_256MGF1.class | |
| 441 | ); | |
| 442 | algorithmHash.put( | |
| 443 | XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_384_MGF1, SignatureBaseRSA.SignatureRSASHA3_384MGF1.class | |
| 444 | ); | |
| 445 | algorithmHash.put( | |
| 446 | XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1, SignatureBaseRSA.SignatureRSASHA3_512MGF1.class | |
| 447 | ); | |
| 448 | algorithmHash.put( | |
| 433 | 449 | XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1, SignatureECDSA.SignatureECDSASHA1.class |
| 434 | 450 | ); |
| 435 | 451 | algorithmHash.put( |
+80
-0
| 453 | 453 | return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512_MGF1; |
| 454 | 454 | } |
| 455 | 455 | } |
| 456 | ||
| 457 | /** | |
| 458 | * Class SignatureRSA3_SHA224MGF1 | |
| 459 | */ | |
| 460 | public static class SignatureRSASHA3_224MGF1 extends SignatureBaseRSA { | |
| 461 | ||
| 462 | /** | |
| 463 | * Constructor SignatureRSASHA3_224MGF1 | |
| 464 | * | |
| 465 | * @throws XMLSignatureException | |
| 466 | */ | |
| 467 | public SignatureRSASHA3_224MGF1() throws XMLSignatureException { | |
| 468 | super(); | |
| 469 | } | |
| 470 | ||
| 471 | /** {@inheritDoc} */ | |
| 472 | public String engineGetURI() { | |
| 473 | return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_224_MGF1; | |
| 474 | } | |
| 475 | } | |
| 476 | ||
| 477 | /** | |
| 478 | * Class SignatureRSA3_SHA256MGF1 | |
| 479 | */ | |
| 480 | public static class SignatureRSASHA3_256MGF1 extends SignatureBaseRSA { | |
| 481 | ||
| 482 | /** | |
| 483 | * Constructor SignatureRSASHA3_256MGF1 | |
| 484 | * | |
| 485 | * @throws XMLSignatureException | |
| 486 | */ | |
| 487 | public SignatureRSASHA3_256MGF1() throws XMLSignatureException { | |
| 488 | super(); | |
| 489 | } | |
| 490 | ||
| 491 | /** {@inheritDoc} */ | |
| 492 | public String engineGetURI() { | |
| 493 | return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1; | |
| 494 | } | |
| 495 | } | |
| 496 | ||
| 497 | /** | |
| 498 | * Class SignatureRSA3_SHA384MGF1 | |
| 499 | */ | |
| 500 | public static class SignatureRSASHA3_384MGF1 extends SignatureBaseRSA { | |
| 501 | ||
| 502 | /** | |
| 503 | * Constructor SignatureRSASHA3_384MGF1 | |
| 504 | * | |
| 505 | * @throws XMLSignatureException | |
| 506 | */ | |
| 507 | public SignatureRSASHA3_384MGF1() throws XMLSignatureException { | |
| 508 | super(); | |
| 509 | } | |
| 510 | ||
| 511 | /** {@inheritDoc} */ | |
| 512 | public String engineGetURI() { | |
| 513 | return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_384_MGF1; | |
| 514 | } | |
| 515 | } | |
| 516 | ||
| 517 | /** | |
| 518 | * Class SignatureRSASHA3_512MGF1 | |
| 519 | */ | |
| 520 | public static class SignatureRSASHA3_512MGF1 extends SignatureBaseRSA { | |
| 521 | ||
| 522 | /** | |
| 523 | * Constructor SignatureRSASHA3_512MGF1 | |
| 524 | * | |
| 525 | * @throws XMLSignatureException | |
| 526 | */ | |
| 527 | public SignatureRSASHA3_512MGF1() throws XMLSignatureException { | |
| 528 | super(); | |
| 529 | } | |
| 530 | ||
| 531 | /** {@inheritDoc} */ | |
| 532 | public String engineGetURI() { | |
| 533 | return XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1; | |
| 534 | } | |
| 535 | } | |
| 456 | 536 | } |
| 107 | 107 | JAVACLASS="org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA384MGF1" /> |
| 108 | 108 | <SignatureAlgorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha512-rsa-MGF1" |
| 109 | 109 | JAVACLASS="org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA512MGF1" /> |
| 110 | ||
| 111 | <SignatureAlgorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha3-224-rsa-MGF1" | |
| 112 | JAVACLASS="org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA3_224MGF1" /> | |
| 113 | <SignatureAlgorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha3-256-rsa-MGF1" | |
| 114 | JAVACLASS="org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA3_256MGF1" /> | |
| 115 | <SignatureAlgorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha3-384-rsa-MGF1" | |
| 116 | JAVACLASS="org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA3_384MGF1" /> | |
| 117 | <SignatureAlgorithm URI="http://www.w3.org/2007/05/xmldsig-more#sha3-512-rsa-MGF1" | |
| 118 | JAVACLASS="org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA3_512MGF1" /> | |
| 110 | 119 | |
| 111 | 120 | <SignatureAlgorithm URI="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1" |
| 112 | 121 | JAVACLASS="org.apache.xml.security.algorithms.implementations.SignatureECDSA$SignatureECDSASHA1" /> |
| 27 | 27 | algorithms.CannotUseSecureRandomOnMAC = SecureRandom kann nicht f\u00fcr MAC's angewandt werden. |
| 28 | 28 | algorithms.HMACOutputLengthMin = HMACOutputLength darf nicht kleiner als {0} sein |
| 29 | 29 | algorithms.HMACOutputLengthOnlyForHMAC = Die HMACOutputLength kann nur bei HMAC integrit\u00e4ts Algorithmen angegeben werden |
| 30 | algorithms.NoSuchAlgorithm = Der Algorithmus {0} ist nicht verf\u00fcgbar. | |
| 30 | 31 | algorithms.NoSuchAlgorithm = Der Algorithmus {0} ist nicht verf\u00fcgbar. Original Nachricht war\: {1} |
| 31 | 32 | algorithms.NoSuchMap = Algorithmus URI "{0}" konnte auf keinen JCE Algorithmus gemappt werden |
| 32 | 33 | algorithms.NoSuchProvider = Der angegebene Provider {0} existiert nicht. Original Nachricht war\: {1} |
| 27 | 27 | algorithms.CannotUseSecureRandomOnMAC = Sorry, but you cannot use a SecureRandom object for creating MACs. |
| 28 | 28 | algorithms.HMACOutputLengthMin = HMACOutputLength must not be less than {0} |
| 29 | 29 | algorithms.HMACOutputLengthOnlyForHMAC = A HMACOutputLength can only be specified for HMAC integrity algorithms |
| 30 | algorithms.NoSuchAlgorithmNoEx = The requested algorithm {0} does not exist. | |
| 30 | 31 | algorithms.NoSuchAlgorithm = The requested algorithm {0} does not exist. Original Message was: {1} |
| 31 | 32 | algorithms.NoSuchMap = The algorithm URI "{0}" could not be mapped to a JCE algorithm |
| 32 | 33 | algorithms.NoSuchProvider = The specified Provider {0} does not exist. Original Message was: {1} |
| 135 | 135 | public static final String ALGO_ID_SIGNATURE_RSA_SHA512_MGF1 = |
| 136 | 136 | Constants.XML_DSIG_NS_MORE_07_05 + "sha512-rsa-MGF1"; |
| 137 | 137 | |
| 138 | /** Signature - Optional RSAwithSHA3_224andMGF1 */ | |
| 139 | public static final String ALGO_ID_SIGNATURE_RSA_SHA3_224_MGF1 = | |
| 140 | Constants.XML_DSIG_NS_MORE_07_05 + "sha3-224-rsa-MGF1"; | |
| 141 | ||
| 142 | /** Signature - Optional RSAwithSHA3_256andMGF1 */ | |
| 143 | public static final String ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1 = | |
| 144 | Constants.XML_DSIG_NS_MORE_07_05 + "sha3-256-rsa-MGF1"; | |
| 145 | ||
| 146 | /** Signature - Optional RSAwithSHA3_384andMGF1 */ | |
| 147 | public static final String ALGO_ID_SIGNATURE_RSA_SHA3_384_MGF1 = | |
| 148 | Constants.XML_DSIG_NS_MORE_07_05 + "sha3-384-rsa-MGF1"; | |
| 149 | ||
| 150 | /** Signature - Optional RSAwithSHA3_512andMGF1 */ | |
| 151 | public static final String ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1 = | |
| 152 | Constants.XML_DSIG_NS_MORE_07_05 + "sha3-512-rsa-MGF1"; | |
| 153 | ||
| 138 | 154 | /** HMAC - NOT Recommended HMAC-MD5 */ |
| 139 | 155 | public static final String ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5 = |
| 140 | 156 | Constants.MoreAlgorithmsSpecNS + "hmac-md5"; |
| 31 | 31 | * This class is subject to change in the future. |
| 32 | 32 | * |
| 33 | 33 | * @author $Author: coheigea $ |
| 34 | * @version $Revision: 1779473 $ $Date: 2017-01-19 15:54:13 +0100 (Thu, 19 Jan 2017) $ | |
| 34 | * @version $Revision: 1817216 $ $Date: 2017-12-05 17:54:49 +0100 (Tue, 05 Dec 2017) $ | |
| 35 | 35 | */ |
| 36 | 36 | public class XMLSecurityProperties { |
| 37 | 37 | |
| 76 | 76 | |
| 77 | 77 | private boolean signatureGenerateIds = true; |
| 78 | 78 | private boolean signatureIncludeDigestTransform = true; |
| 79 | ||
| 79 | ||
| 80 | private QName signaturePositionQName; | |
| 81 | private boolean signaturePositionStart = false; | |
| 82 | ||
| 80 | 83 | public XMLSecurityProperties() { |
| 81 | 84 | } |
| 82 | 85 | |
| 113 | 116 | this.keyNameMap.putAll(xmlSecurityProperties.keyNameMap); |
| 114 | 117 | this.signatureGenerateIds = xmlSecurityProperties.signatureGenerateIds; |
| 115 | 118 | this.signatureIncludeDigestTransform = xmlSecurityProperties.signatureIncludeDigestTransform; |
| 119 | this.signaturePositionQName = xmlSecurityProperties.signaturePositionQName; | |
| 120 | this.signaturePositionStart = xmlSecurityProperties.signaturePositionStart; | |
| 121 | } | |
| 122 | ||
| 123 | public boolean isSignaturePositionStart() { | |
| 124 | return signaturePositionStart; | |
| 125 | } | |
| 126 | ||
| 127 | public void setSignaturePositionStart(boolean signaturePositionStart) { | |
| 128 | this.signaturePositionStart = signaturePositionStart; | |
| 116 | 129 | } |
| 117 | 130 | |
| 118 | 131 | public SecurityTokenConstants.KeyIdentifier getSignatureKeyIdentifier() { |
| 494 | 507 | public void setSignatureIncludeDigestTransform(boolean signatureIncludeDigestTransform) { |
| 495 | 508 | this.signatureIncludeDigestTransform = signatureIncludeDigestTransform; |
| 496 | 509 | } |
| 510 | ||
| 511 | public QName getSignaturePositionQName() { | |
| 512 | return signaturePositionQName; | |
| 513 | } | |
| 514 | ||
| 515 | public void setSignaturePositionQName(QName signaturePositionQName) { | |
| 516 | this.signaturePositionQName = signaturePositionQName; | |
| 517 | } | |
| 497 | 518 | } |
+52
-28
| 22 | 22 | import java.util.Deque; |
| 23 | 23 | import java.util.List; |
| 24 | 24 | |
| 25 | import javax.xml.namespace.QName; | |
| 25 | 26 | import javax.xml.stream.XMLStreamException; |
| 26 | 27 | |
| 27 | 28 | import org.apache.xml.security.exceptions.XMLSecurityException; |
| 77 | 78 | OutputProcessorChain outputProcessorChain, Deque<XMLSecEvent> xmlSecEventDeque) |
| 78 | 79 | throws XMLStreamException, XMLSecurityException { |
| 79 | 80 | |
| 80 | // @see SANTUARIO-405 | |
| 81 | // Enhances SANTUARIO-324 | |
| 82 | // Output the signature at a specific position. | |
| 83 | // By default, this is just after the root element | |
| 84 | int signaturePosition = getSecurityProperties().getSignaturePosition(); | |
| 85 | if (signaturePosition < 0) { | |
| 86 | signaturePosition = 0; | |
| 87 | } | |
| 88 | ||
| 89 | 81 | // forward to the root element and output it |
| 90 | 82 | XMLSecEvent xmlSecEvent = xmlSecEventDeque.pop(); |
| 91 | 83 | while (!xmlSecEvent.isStartElement()) { |
| 98 | 90 | |
| 99 | 91 | // search the specified position |
| 100 | 92 | int depth = 0; |
| 101 | int position = 0; | |
| 102 | while (position != signaturePosition) { | |
| 103 | xmlSecEvent = xmlSecEventDeque.pop(); | |
| 104 | ||
| 105 | if (xmlSecEvent.isStartElement()) { | |
| 106 | depth++; | |
| 107 | } else if (xmlSecEvent.isEndElement()) { | |
| 108 | depth--; | |
| 109 | if (depth == 0) { | |
| 110 | position++; | |
| 111 | } else if (depth < 0) { | |
| 112 | // root-end-element reached | |
| 113 | xmlSecEventDeque.push(xmlSecEvent); | |
| 114 | break; | |
| 115 | } | |
| 116 | } | |
| 117 | ||
| 118 | outputProcessorChain.reset(); | |
| 119 | outputProcessorChain.processEvent(xmlSecEvent); | |
| 93 | QName signaturePositionQName = getSecurityProperties().getSignaturePositionQName(); | |
| 94 | boolean start = getSecurityProperties().isSignaturePositionStart(); | |
| 95 | if (signaturePositionQName != null) { | |
| 96 | while (!xmlSecEventDeque.isEmpty() | |
| 97 | && !(start && xmlSecEvent.isStartElement() && xmlSecEvent.asStartElement().getName().equals(signaturePositionQName) | |
| 98 | || !start && xmlSecEvent.isEndElement() && xmlSecEvent.asEndElement().getName().equals(signaturePositionQName))) { | |
| 99 | xmlSecEvent = xmlSecEventDeque.pop(); | |
| 100 | ||
| 101 | if (xmlSecEvent.isStartElement()) { | |
| 102 | depth++; | |
| 103 | } else if (xmlSecEvent.isEndElement()) { | |
| 104 | depth--; | |
| 105 | if (depth < 0) { | |
| 106 | // root-end-element reached | |
| 107 | xmlSecEventDeque.push(xmlSecEvent); | |
| 108 | break; | |
| 109 | } | |
| 110 | } | |
| 111 | ||
| 112 | outputProcessorChain.reset(); | |
| 113 | outputProcessorChain.processEvent(xmlSecEvent); | |
| 114 | } | |
| 115 | } else { | |
| 116 | // @see SANTUARIO-405 | |
| 117 | // Enhances SANTUARIO-324 | |
| 118 | // Output the signature at a specific position. | |
| 119 | // By default, this is just after the root element | |
| 120 | int signaturePosition = getSecurityProperties().getSignaturePosition(); | |
| 121 | if (signaturePosition < 0) { | |
| 122 | signaturePosition = 0; | |
| 123 | } | |
| 124 | int position = 0; | |
| 125 | while (position != signaturePosition) { | |
| 126 | xmlSecEvent = xmlSecEventDeque.pop(); | |
| 127 | ||
| 128 | if (xmlSecEvent.isStartElement()) { | |
| 129 | depth++; | |
| 130 | } else if (xmlSecEvent.isEndElement()) { | |
| 131 | depth--; | |
| 132 | if (depth == 0) { | |
| 133 | position++; | |
| 134 | } else if (depth < 0) { | |
| 135 | // root-end-element reached | |
| 136 | xmlSecEventDeque.push(xmlSecEvent); | |
| 137 | break; | |
| 138 | } | |
| 139 | } | |
| 140 | ||
| 141 | outputProcessorChain.reset(); | |
| 142 | outputProcessorChain.processEvent(xmlSecEvent); | |
| 143 | } | |
| 120 | 144 | } |
| 121 | 145 | |
| 122 | 146 | //...then call super to append the signature and flush the rest |
| 50 | 50 | */ |
| 51 | 51 | public class HMACSignatureAlgorithmTest extends org.junit.Assert { |
| 52 | 52 | |
| 53 | private static boolean bcInstalled; | |
| 53 | 54 | private KeySelector sks; |
| 54 | 55 | private CanonicalizationMethod withoutComments; |
| 55 | 56 | private DigestMethod sha1; |
| 56 | 57 | private SignatureMethod hmacSha1, hmacSha224, hmacSha256, hmacSha384, hmacSha512, ripemd160; |
| 57 | 58 | private XMLSignatureFactory fac; |
| 58 | 59 | private DocumentBuilder db; |
| 59 | private boolean bcInstalled; | |
| 60 | 60 | |
| 61 | 61 | static { |
| 62 | 62 | Security.insertProviderAt |
| 63 | 63 | (new org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI(), 1); |
| 64 | 64 | } |
| 65 | 65 | |
| 66 | public HMACSignatureAlgorithmTest() throws Exception { | |
| 66 | @org.junit.BeforeClass | |
| 67 | public static void setup() throws Exception { | |
| 67 | 68 | // |
| 68 | 69 | // If the BouncyCastle provider is not installed, then try to load it |
| 69 | 70 | // via reflection. |
| 82 | 83 | bcInstalled = true; |
| 83 | 84 | } |
| 84 | 85 | } |
| 86 | } | |
| 87 | ||
| 88 | public HMACSignatureAlgorithmTest() throws Exception { | |
| 85 | 89 | |
| 86 | 90 | db = XMLUtils.createDocumentBuilder(false); |
| 87 | 91 | // create common objects |
| 46 | 46 | import javax.xml.parsers.DocumentBuilder; |
| 47 | 47 | |
| 48 | 48 | import org.apache.xml.security.utils.XMLUtils; |
| 49 | import org.junit.BeforeClass; | |
| 49 | 50 | import org.w3c.dom.Document; |
| 50 | 51 | import org.w3c.dom.Element; |
| 51 | 52 | import org.w3c.dom.Text; |
| 66 | 67 | private KeyPair rsaKeyPair, ecKeyPair; |
| 67 | 68 | private KeyInfo rsaki, ecki; |
| 68 | 69 | private boolean ecAlgParamsSupport = true; |
| 69 | private boolean bcInstalled; | |
| 70 | private static boolean bcInstalled; | |
| 70 | 71 | |
| 71 | 72 | static { |
| 72 | 73 | Security.insertProviderAt |
| 73 | 74 | (new org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI(), 1); |
| 74 | 75 | } |
| 75 | 76 | |
| 76 | public PKSignatureAlgorithmTest() throws Exception { | |
| 77 | @BeforeClass | |
| 78 | public static void setup() throws Exception { | |
| 77 | 79 | // |
| 78 | 80 | // If the BouncyCastle provider is not installed, then try to load it |
| 79 | 81 | // via reflection. |
| 92 | 94 | bcInstalled = true; |
| 93 | 95 | } |
| 94 | 96 | } |
| 97 | } | |
| 98 | ||
| 99 | public PKSignatureAlgorithmTest() throws Exception { | |
| 95 | 100 | |
| 96 | 101 | // check if EC AlgorithmParameters is supported - this is needed |
| 97 | 102 | // for marshalling ECKeyValue elements |
| 32 | 32 | */ |
| 33 | 33 | public class DigestAlgorithmTest extends org.junit.Assert { |
| 34 | 34 | |
| 35 | private static boolean bcInstalled; | |
| 36 | ||
| 35 | 37 | static { |
| 36 | 38 | org.apache.xml.security.Init.init(); |
| 37 | 39 | } |
| 52 | 54 | if (cons != null) { |
| 53 | 55 | Provider provider = (Provider)cons.newInstance(); |
| 54 | 56 | Security.insertProviderAt(provider, 2); |
| 57 | bcInstalled = true; | |
| 55 | 58 | } |
| 56 | 59 | } |
| 57 | 60 | } |
| 171 | 174 | |
| 172 | 175 | @org.junit.Test |
| 173 | 176 | public void testRIPEMD160() throws Exception { |
| 174 | // This only works with BouncyCastle | |
| 175 | if (Security.getProvider("BC") == null) { | |
| 176 | return; | |
| 177 | } | |
| 177 | org.junit.Assume.assumeTrue(bcInstalled); | |
| 178 | 178 | Document doc = XMLUtils.createDocumentBuilder(false).newDocument(); |
| 179 | 179 | |
| 180 | 180 | MessageDigestAlgorithm digestAlgorithm = |
| 193 | 193 | |
| 194 | 194 | @org.junit.Test |
| 195 | 195 | public void testWhirlpool() throws Exception { |
| 196 | // This only works with BouncyCastle | |
| 197 | if (Security.getProvider("BC") == null) { | |
| 198 | return; | |
| 199 | } | |
| 196 | org.junit.Assume.assumeTrue(bcInstalled); | |
| 200 | 197 | Document doc = XMLUtils.createDocumentBuilder(false).newDocument(); |
| 201 | 198 | |
| 202 | 199 | MessageDigestAlgorithm digestAlgorithm = |
| 215 | 212 | |
| 216 | 213 | @org.junit.Test |
| 217 | 214 | public void testSHA3_224() throws Exception { |
| 218 | // This only works with BouncyCastle | |
| 219 | if (Security.getProvider("BC") == null) { | |
| 220 | return; | |
| 221 | } | |
| 215 | org.junit.Assume.assumeTrue(bcInstalled); | |
| 222 | 216 | Document doc = XMLUtils.createDocumentBuilder(false).newDocument(); |
| 223 | 217 | |
| 224 | 218 | MessageDigestAlgorithm digestAlgorithm = |
| 237 | 231 | |
| 238 | 232 | @org.junit.Test |
| 239 | 233 | public void testSHA3_256() throws Exception { |
| 240 | // This only works with BouncyCastle | |
| 241 | if (Security.getProvider("BC") == null) { | |
| 242 | return; | |
| 243 | } | |
| 234 | org.junit.Assume.assumeTrue(bcInstalled); | |
| 244 | 235 | Document doc = XMLUtils.createDocumentBuilder(false).newDocument(); |
| 245 | 236 | |
| 246 | 237 | MessageDigestAlgorithm digestAlgorithm = |
| 259 | 250 | |
| 260 | 251 | @org.junit.Test |
| 261 | 252 | public void testSHA3_384() throws Exception { |
| 262 | // This only works with BouncyCastle | |
| 263 | if (Security.getProvider("BC") == null) { | |
| 264 | return; | |
| 265 | } | |
| 253 | org.junit.Assume.assumeTrue(bcInstalled); | |
| 266 | 254 | Document doc = XMLUtils.createDocumentBuilder(false).newDocument(); |
| 267 | 255 | |
| 268 | 256 | MessageDigestAlgorithm digestAlgorithm = |
| 281 | 269 | |
| 282 | 270 | @org.junit.Test |
| 283 | 271 | public void testSHA3_512() throws Exception { |
| 284 | // This only works with BouncyCastle | |
| 285 | if (Security.getProvider("BC") == null) { | |
| 286 | return; | |
| 287 | } | |
| 272 | org.junit.Assume.assumeTrue(bcInstalled); | |
| 288 | 273 | Document doc = XMLUtils.createDocumentBuilder(false).newDocument(); |
| 289 | 274 | |
| 290 | 275 | MessageDigestAlgorithm digestAlgorithm = |
+5
-3
| 38 | 38 | import org.apache.xml.security.transforms.Transforms; |
| 39 | 39 | import org.apache.xml.security.utils.XMLUtils; |
| 40 | 40 | import org.junit.Assert; |
| 41 | import org.junit.BeforeClass; | |
| 41 | 42 | import org.w3c.dom.Document; |
| 42 | 43 | import org.w3c.dom.Element; |
| 43 | 44 | import org.w3c.dom.NodeList; |
| 51 | 52 | org.apache.xml.security.Init.init(); |
| 52 | 53 | } |
| 53 | 54 | |
| 54 | private boolean bcInstalled; | |
| 55 | ||
| 56 | public HMACSignatureAlgorithmTest() throws Exception { | |
| 55 | private static boolean bcInstalled; | |
| 56 | ||
| 57 | @BeforeClass | |
| 58 | public static void setup() throws Exception { | |
| 57 | 59 | // |
| 58 | 60 | // If the BouncyCastle provider is not installed, then try to load it |
| 59 | 61 | // via reflection. |
+5
-3
| 42 | 42 | import org.apache.xml.security.test.dom.DSNamespaceContext; |
| 43 | 43 | import org.apache.xml.security.utils.XMLUtils; |
| 44 | 44 | import org.junit.Assert; |
| 45 | import org.junit.BeforeClass; | |
| 45 | 46 | import org.w3c.dom.Document; |
| 46 | 47 | import org.w3c.dom.Element; |
| 47 | 48 | import org.w3c.dom.NodeList; |
| 51 | 52 | */ |
| 52 | 53 | public class KeyWrapEncryptionAlgorithmTest extends Assert { |
| 53 | 54 | |
| 54 | private KeyPair rsaKeyPair; | |
| 55 | private boolean bcInstalled; | |
| 55 | private static KeyPair rsaKeyPair; | |
| 56 | private static boolean bcInstalled; | |
| 56 | 57 | |
| 57 | 58 | static { |
| 58 | 59 | org.apache.xml.security.Init.init(); |
| 59 | 60 | } |
| 60 | 61 | |
| 61 | public KeyWrapEncryptionAlgorithmTest() throws Exception { | |
| 62 | @BeforeClass | |
| 63 | public static void setup() throws Exception { | |
| 62 | 64 | // |
| 63 | 65 | // If the BouncyCastle provider is not installed, then try to load it |
| 64 | 66 | // via reflection. |
+81
-3
| 38 | 38 | import org.apache.xml.security.transforms.Transforms; |
| 39 | 39 | import org.apache.xml.security.utils.XMLUtils; |
| 40 | 40 | import org.junit.Assert; |
| 41 | import org.junit.BeforeClass; | |
| 41 | 42 | import org.w3c.dom.Document; |
| 42 | 43 | import org.w3c.dom.Element; |
| 43 | 44 | import org.w3c.dom.NodeList; |
| 47 | 48 | */ |
| 48 | 49 | public class PKSignatureAlgorithmTest extends Assert { |
| 49 | 50 | |
| 50 | private KeyPair rsaKeyPair, ecKeyPair; | |
| 51 | private boolean bcInstalled; | |
| 51 | private static KeyPair rsaKeyPair, ecKeyPair; | |
| 52 | private static boolean bcInstalled; | |
| 52 | 53 | |
| 53 | 54 | static { |
| 54 | 55 | org.apache.xml.security.Init.init(); |
| 55 | 56 | } |
| 56 | 57 | |
| 57 | public PKSignatureAlgorithmTest() throws Exception { | |
| 58 | @BeforeClass | |
| 59 | public static void setup() throws Exception { | |
| 58 | 60 | // |
| 59 | 61 | // If the BouncyCastle provider is not installed, then try to load it |
| 60 | 62 | // via reflection. |
| 309 | 311 | } |
| 310 | 312 | |
| 311 | 313 | @org.junit.Test |
| 314 | public void testRSA_SHA3_224_MGF1() throws Exception { | |
| 315 | org.junit.Assume.assumeTrue(bcInstalled); | |
| 316 | ||
| 317 | // Read in plaintext document | |
| 318 | InputStream sourceDocument = | |
| 319 | this.getClass().getClassLoader().getResourceAsStream( | |
| 320 | "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml"); | |
| 321 | DocumentBuilder builder = XMLUtils.createDocumentBuilder(false); | |
| 322 | Document document = builder.parse(sourceDocument); | |
| 323 | ||
| 324 | List<String> localNames = new ArrayList<String>(); | |
| 325 | localNames.add("PaymentInfo"); | |
| 326 | ||
| 327 | sign(XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_224_MGF1, document, localNames, rsaKeyPair.getPrivate()); | |
| 328 | // XMLUtils.outputDOM(document, System.out); | |
| 329 | verify(document, rsaKeyPair.getPublic(), localNames); | |
| 330 | } | |
| 331 | ||
| 332 | @org.junit.Test | |
| 333 | public void testRSA_SHA3_256_MGF1() throws Exception { | |
| 334 | org.junit.Assume.assumeTrue(bcInstalled); | |
| 335 | ||
| 336 | // Read in plaintext document | |
| 337 | InputStream sourceDocument = | |
| 338 | this.getClass().getClassLoader().getResourceAsStream( | |
| 339 | "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml"); | |
| 340 | DocumentBuilder builder = XMLUtils.createDocumentBuilder(false); | |
| 341 | Document document = builder.parse(sourceDocument); | |
| 342 | ||
| 343 | List<String> localNames = new ArrayList<String>(); | |
| 344 | localNames.add("PaymentInfo"); | |
| 345 | ||
| 346 | sign(XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1, document, localNames, rsaKeyPair.getPrivate()); | |
| 347 | // XMLUtils.outputDOM(document, System.out); | |
| 348 | verify(document, rsaKeyPair.getPublic(), localNames); | |
| 349 | } | |
| 350 | ||
| 351 | @org.junit.Test | |
| 352 | public void testRSA_SHA3_384_MGF1() throws Exception { | |
| 353 | org.junit.Assume.assumeTrue(bcInstalled); | |
| 354 | ||
| 355 | // Read in plaintext document | |
| 356 | InputStream sourceDocument = | |
| 357 | this.getClass().getClassLoader().getResourceAsStream( | |
| 358 | "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml"); | |
| 359 | DocumentBuilder builder = XMLUtils.createDocumentBuilder(false); | |
| 360 | Document document = builder.parse(sourceDocument); | |
| 361 | ||
| 362 | List<String> localNames = new ArrayList<String>(); | |
| 363 | localNames.add("PaymentInfo"); | |
| 364 | ||
| 365 | sign(XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_384_MGF1, document, localNames, rsaKeyPair.getPrivate()); | |
| 366 | // XMLUtils.outputDOM(document, System.out); | |
| 367 | verify(document, rsaKeyPair.getPublic(), localNames); | |
| 368 | } | |
| 369 | ||
| 370 | @org.junit.Test | |
| 371 | public void testRSA_SHA3_512_MGF1() throws Exception { | |
| 372 | org.junit.Assume.assumeTrue(bcInstalled); | |
| 373 | ||
| 374 | // Read in plaintext document | |
| 375 | InputStream sourceDocument = | |
| 376 | this.getClass().getClassLoader().getResourceAsStream( | |
| 377 | "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml"); | |
| 378 | DocumentBuilder builder = XMLUtils.createDocumentBuilder(false); | |
| 379 | Document document = builder.parse(sourceDocument); | |
| 380 | ||
| 381 | List<String> localNames = new ArrayList<String>(); | |
| 382 | localNames.add("PaymentInfo"); | |
| 383 | ||
| 384 | sign(XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1, document, localNames, rsaKeyPair.getPrivate()); | |
| 385 | // XMLUtils.outputDOM(document, System.out); | |
| 386 | verify(document, rsaKeyPair.getPublic(), localNames); | |
| 387 | } | |
| 388 | ||
| 389 | @org.junit.Test | |
| 312 | 390 | public void testECDSA_SHA1() throws Exception { |
| 313 | 391 | // Read in plaintext document |
| 314 | 392 | InputStream sourceDocument = |
+6
-3
| 37 | 37 | import org.apache.xml.security.test.dom.DSNamespaceContext; |
| 38 | 38 | import org.apache.xml.security.utils.XMLUtils; |
| 39 | 39 | import org.junit.Assert; |
| 40 | import org.junit.BeforeClass; | |
| 40 | 41 | import org.w3c.dom.Document; |
| 41 | 42 | import org.w3c.dom.Element; |
| 42 | 43 | import org.w3c.dom.NodeList; |
| 46 | 47 | */ |
| 47 | 48 | public class SymmetricEncryptionAlgorithmTest extends Assert { |
| 48 | 49 | |
| 49 | private boolean bcInstalled; | |
| 50 | private static boolean bcInstalled; | |
| 50 | 51 | |
| 51 | 52 | static { |
| 52 | 53 | org.apache.xml.security.Init.init(); |
| 53 | 54 | } |
| 54 | 55 | |
| 55 | public SymmetricEncryptionAlgorithmTest() throws Exception { | |
| 56 | @BeforeClass | |
| 57 | public static void setup() throws Exception { | |
| 56 | 58 | // |
| 57 | 59 | // If the BouncyCastle provider is not installed, then try to load it |
| 58 | 60 | // via reflection. |
| 62 | 64 | try { |
| 63 | 65 | Class<?> c = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider"); |
| 64 | 66 | cons = c.getConstructor(new Class[] {}); |
| 65 | } catch (Exception e) { //NOPMD | |
| 67 | } catch (Exception e) { | |
| 66 | 68 | //ignore |
| 67 | 69 | } |
| 68 | 70 | if (cons != null) { |
| 69 | 71 | Provider provider = (Provider)cons.newInstance(); |
| 70 | 72 | Security.insertProviderAt(provider, 2); |
| 73 | bcInstalled = true; | |
| 71 | 74 | } |
| 72 | 75 | } |
| 73 | 76 | } |
+14
-12
| 49 | 49 | import org.apache.xml.security.test.stax.utils.XmlReaderToWriter; |
| 50 | 50 | import org.apache.xml.security.utils.XMLUtils; |
| 51 | 51 | import org.junit.Assert; |
| 52 | import org.junit.Before; | |
| 52 | import org.junit.BeforeClass; | |
| 53 | 53 | import org.junit.Test; |
| 54 | 54 | import org.w3c.dom.Document; |
| 55 | 55 | import org.w3c.dom.Element; |
| 60 | 60 | */ |
| 61 | 61 | public class KeyWrapEncryptionCreationTest extends Assert { |
| 62 | 62 | |
| 63 | private static KeyPair rsaKeyPair; | |
| 64 | private static boolean bcInstalled; | |
| 63 | 65 | private XMLInputFactory xmlInputFactory; |
| 64 | private KeyPair rsaKeyPair; | |
| 65 | private boolean bcInstalled; | |
| 66 | ||
| 67 | @Before | |
| 68 | public void setUp() throws Exception { | |
| 69 | org.apache.xml.security.Init.init(); | |
| 70 | ||
| 71 | xmlInputFactory = XMLInputFactory.newInstance(); | |
| 72 | xmlInputFactory.setEventAllocator(new XMLSecEventAllocator()); | |
| 73 | ||
| 66 | ||
| 67 | @BeforeClass | |
| 68 | public static void setup() throws Exception { | |
| 74 | 69 | // |
| 75 | 70 | // If the BouncyCastle provider is not installed, then try to load it |
| 76 | 71 | // via reflection. |
| 80 | 75 | try { |
| 81 | 76 | Class<?> c = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider"); |
| 82 | 77 | cons = c.getConstructor(new Class[] {}); |
| 83 | } catch (Exception e) { //NOPMD | |
| 78 | } catch (Exception e) { | |
| 84 | 79 | //ignore |
| 85 | 80 | } |
| 86 | 81 | if (cons != null) { |
| 93 | 88 | rsaKeyPair = KeyPairGenerator.getInstance("RSA").genKeyPair(); |
| 94 | 89 | } |
| 95 | 90 | |
| 91 | public KeyWrapEncryptionCreationTest() throws Exception { | |
| 92 | org.apache.xml.security.Init.init(); | |
| 93 | ||
| 94 | xmlInputFactory = XMLInputFactory.newInstance(); | |
| 95 | xmlInputFactory.setEventAllocator(new XMLSecEventAllocator()); | |
| 96 | } | |
| 97 | ||
| 96 | 98 | @org.junit.AfterClass |
| 97 | 99 | public static void cleanup() throws Exception { |
| 98 | 100 | Security.removeProvider("BC"); |
+14
-12
| 55 | 55 | import org.apache.xml.security.test.stax.utils.XMLSecEventAllocator; |
| 56 | 56 | import org.apache.xml.security.utils.XMLUtils; |
| 57 | 57 | import org.junit.Assert; |
| 58 | import org.junit.Before; | |
| 58 | import org.junit.BeforeClass; | |
| 59 | 59 | import org.junit.Test; |
| 60 | 60 | import org.w3c.dom.Document; |
| 61 | 61 | import org.w3c.dom.Element; |
| 66 | 66 | */ |
| 67 | 67 | public class KeyWrapEncryptionVerificationTest extends Assert { |
| 68 | 68 | |
| 69 | private boolean bcInstalled; | |
| 69 | private static boolean bcInstalled; | |
| 70 | private static KeyPair rsaKeyPair; | |
| 70 | 71 | private XMLInputFactory xmlInputFactory; |
| 71 | 72 | private TransformerFactory transformerFactory = TransformerFactory.newInstance(); |
| 72 | private KeyPair rsaKeyPair; | |
| 73 | ||
| 74 | @Before | |
| 75 | public void setUp() throws Exception { | |
| 76 | org.apache.xml.security.Init.init(); | |
| 77 | ||
| 78 | xmlInputFactory = XMLInputFactory.newInstance(); | |
| 79 | xmlInputFactory.setEventAllocator(new XMLSecEventAllocator()); | |
| 80 | ||
| 73 | ||
| 74 | @BeforeClass | |
| 75 | public static void setup() throws Exception { | |
| 81 | 76 | // |
| 82 | 77 | // If the BouncyCastle provider is not installed, then try to load it |
| 83 | 78 | // via reflection. |
| 87 | 82 | try { |
| 88 | 83 | Class<?> c = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider"); |
| 89 | 84 | cons = c.getConstructor(new Class[] {}); |
| 90 | } catch (Exception e) { //NOPMD | |
| 85 | } catch (Exception e) { | |
| 91 | 86 | //ignore |
| 92 | 87 | } |
| 93 | 88 | if (cons != null) { |
| 98 | 93 | } |
| 99 | 94 | |
| 100 | 95 | rsaKeyPair = KeyPairGenerator.getInstance("RSA").genKeyPair(); |
| 96 | } | |
| 97 | ||
| 98 | public KeyWrapEncryptionVerificationTest() throws Exception { | |
| 99 | org.apache.xml.security.Init.init(); | |
| 100 | ||
| 101 | xmlInputFactory = XMLInputFactory.newInstance(); | |
| 102 | xmlInputFactory.setEventAllocator(new XMLSecEventAllocator()); | |
| 101 | 103 | } |
| 102 | 104 | |
| 103 | 105 | @org.junit.AfterClass |
+13
-11
| 44 | 44 | import org.apache.xml.security.test.stax.utils.XmlReaderToWriter; |
| 45 | 45 | import org.apache.xml.security.utils.XMLUtils; |
| 46 | 46 | import org.junit.Assert; |
| 47 | import org.junit.Before; | |
| 47 | import org.junit.BeforeClass; | |
| 48 | 48 | import org.junit.Test; |
| 49 | 49 | import org.w3c.dom.Document; |
| 50 | 50 | import org.w3c.dom.Element; |
| 55 | 55 | */ |
| 56 | 56 | public class SymmetricEncryptionCreationTest extends Assert { |
| 57 | 57 | |
| 58 | private static boolean bcInstalled; | |
| 58 | 59 | private XMLInputFactory xmlInputFactory; |
| 59 | private boolean bcInstalled; | |
| 60 | ||
| 61 | @Before | |
| 62 | public void setUp() throws Exception { | |
| 63 | org.apache.xml.security.Init.init(); | |
| 64 | ||
| 65 | xmlInputFactory = XMLInputFactory.newInstance(); | |
| 66 | xmlInputFactory.setEventAllocator(new XMLSecEventAllocator()); | |
| 67 | ||
| 60 | ||
| 61 | @BeforeClass | |
| 62 | public static void setup() throws Exception { | |
| 68 | 63 | // |
| 69 | 64 | // If the BouncyCastle provider is not installed, then try to load it |
| 70 | 65 | // via reflection. |
| 74 | 69 | try { |
| 75 | 70 | Class<?> c = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider"); |
| 76 | 71 | cons = c.getConstructor(new Class[] {}); |
| 77 | } catch (Exception e) { //NOPMD | |
| 72 | } catch (Exception e) { | |
| 78 | 73 | //ignore |
| 79 | 74 | } |
| 80 | 75 | if (cons != null) { |
| 83 | 78 | bcInstalled = true; |
| 84 | 79 | } |
| 85 | 80 | } |
| 81 | } | |
| 82 | ||
| 83 | public SymmetricEncryptionCreationTest() throws Exception { | |
| 84 | org.apache.xml.security.Init.init(); | |
| 85 | ||
| 86 | xmlInputFactory = XMLInputFactory.newInstance(); | |
| 87 | xmlInputFactory.setEventAllocator(new XMLSecEventAllocator()); | |
| 86 | 88 | } |
| 87 | 89 | |
| 88 | 90 | @org.junit.AfterClass |
+12
-10
| 54 | 54 | import org.apache.xml.security.test.stax.utils.XMLSecEventAllocator; |
| 55 | 55 | import org.apache.xml.security.utils.XMLUtils; |
| 56 | 56 | import org.junit.Assert; |
| 57 | import org.junit.Before; | |
| 57 | import org.junit.BeforeClass; | |
| 58 | 58 | import org.junit.Test; |
| 59 | 59 | import org.w3c.dom.Document; |
| 60 | 60 | import org.w3c.dom.Element; |
| 65 | 65 | */ |
| 66 | 66 | public class SymmetricEncryptionVerificationTest extends Assert { |
| 67 | 67 | |
| 68 | private boolean bcInstalled; | |
| 68 | private static boolean bcInstalled; | |
| 69 | 69 | private XMLInputFactory xmlInputFactory; |
| 70 | 70 | private TransformerFactory transformerFactory = TransformerFactory.newInstance(); |
| 71 | 71 | |
| 72 | @Before | |
| 73 | public void setUp() throws Exception { | |
| 74 | org.apache.xml.security.Init.init(); | |
| 75 | ||
| 76 | xmlInputFactory = XMLInputFactory.newInstance(); | |
| 77 | xmlInputFactory.setEventAllocator(new XMLSecEventAllocator()); | |
| 78 | ||
| 72 | @BeforeClass | |
| 73 | public static void setup() throws Exception { | |
| 79 | 74 | // |
| 80 | 75 | // If the BouncyCastle provider is not installed, then try to load it |
| 81 | 76 | // via reflection. |
| 85 | 80 | try { |
| 86 | 81 | Class<?> c = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider"); |
| 87 | 82 | cons = c.getConstructor(new Class[] {}); |
| 88 | } catch (Exception e) { //NOPMD | |
| 83 | } catch (Exception e) { | |
| 89 | 84 | //ignore |
| 90 | 85 | } |
| 91 | 86 | if (cons != null) { |
| 94 | 89 | bcInstalled = true; |
| 95 | 90 | } |
| 96 | 91 | } |
| 92 | } | |
| 93 | ||
| 94 | public SymmetricEncryptionVerificationTest() throws Exception { | |
| 95 | org.apache.xml.security.Init.init(); | |
| 96 | ||
| 97 | xmlInputFactory = XMLInputFactory.newInstance(); | |
| 98 | xmlInputFactory.setEventAllocator(new XMLSecEventAllocator()); | |
| 97 | 99 | } |
| 98 | 100 | |
| 99 | 101 | @org.junit.AfterClass |
+6
-4
| 40 | 40 | import org.apache.xml.security.stax.securityToken.SecurityTokenConstants; |
| 41 | 41 | import org.apache.xml.security.test.stax.utils.XmlReaderToWriter; |
| 42 | 42 | import org.apache.xml.security.utils.XMLUtils; |
| 43 | import org.junit.BeforeClass; | |
| 43 | 44 | import org.junit.Test; |
| 44 | 45 | import org.w3c.dom.Document; |
| 45 | 46 | |
| 48 | 49 | */ |
| 49 | 50 | public class PKSignatureCreationTest extends AbstractSignatureCreationTest { |
| 50 | 51 | |
| 51 | private boolean bcInstalled; | |
| 52 | private KeyPair rsaKeyPair, ecKeyPair; | |
| 53 | ||
| 54 | public PKSignatureCreationTest() throws Exception { | |
| 52 | private static boolean bcInstalled; | |
| 53 | private static KeyPair rsaKeyPair, ecKeyPair; | |
| 54 | ||
| 55 | @BeforeClass | |
| 56 | public static void setup() throws Exception { | |
| 55 | 57 | // |
| 56 | 58 | // If the BouncyCastle provider is not installed, then try to load it |
| 57 | 59 | // via reflection. |
+16
-15
| 42 | 42 | import org.apache.xml.security.test.stax.utils.StAX2DOM; |
| 43 | 43 | import org.apache.xml.security.test.stax.utils.XMLSecEventAllocator; |
| 44 | 44 | import org.apache.xml.security.utils.XMLUtils; |
| 45 | import org.junit.Before; | |
| 45 | import org.junit.BeforeClass; | |
| 46 | 46 | import org.junit.Test; |
| 47 | 47 | import org.w3c.dom.Document; |
| 48 | 48 | |
| 50 | 50 | * A set of test-cases for Signature verification with various PublicKey algorithms |
| 51 | 51 | */ |
| 52 | 52 | public class PKSignatureVerificationTest extends AbstractSignatureVerificationTest { |
| 53 | ||
| 54 | private boolean bcInstalled; | |
| 53 | private static KeyPair rsaKeyPair, ecKeyPair; | |
| 54 | private static boolean bcInstalled; | |
| 55 | 55 | private XMLInputFactory xmlInputFactory; |
| 56 | 56 | private TransformerFactory transformerFactory = TransformerFactory.newInstance(); |
| 57 | private KeyPair rsaKeyPair, ecKeyPair; | |
| 58 | ||
| 59 | @Before | |
| 60 | public void setUp() throws Exception { | |
| 61 | Init.init(PKSignatureVerificationTest.class.getClassLoader().getResource("security-config.xml").toURI(), | |
| 62 | this.getClass()); | |
| 63 | org.apache.xml.security.Init.init(); | |
| 64 | ||
| 65 | xmlInputFactory = XMLInputFactory.newInstance(); | |
| 66 | xmlInputFactory.setEventAllocator(new XMLSecEventAllocator()); | |
| 67 | ||
| 57 | ||
| 58 | @BeforeClass | |
| 59 | public static void setup() throws Exception { | |
| 68 | 60 | // |
| 69 | 61 | // If the BouncyCastle provider is not installed, then try to load it |
| 70 | 62 | // via reflection. |
| 74 | 66 | try { |
| 75 | 67 | Class<?> c = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider"); |
| 76 | 68 | cons = c.getConstructor(new Class[] {}); |
| 77 | } catch (Exception e) { //NOPMD | |
| 69 | } catch (Exception e) { | |
| 78 | 70 | //ignore |
| 79 | 71 | } |
| 80 | 72 | if (cons != null) { |
| 91 | 83 | ecKeyPair = KeyPairGenerator.getInstance("EC").genKeyPair(); |
| 92 | 84 | } |
| 93 | 85 | |
| 86 | public PKSignatureVerificationTest() throws Exception { | |
| 87 | Init.init(PKSignatureVerificationTest.class.getClassLoader().getResource("security-config.xml").toURI(), | |
| 88 | this.getClass()); | |
| 89 | org.apache.xml.security.Init.init(); | |
| 90 | ||
| 91 | xmlInputFactory = XMLInputFactory.newInstance(); | |
| 92 | xmlInputFactory.setEventAllocator(new XMLSecEventAllocator()); | |
| 93 | } | |
| 94 | ||
| 94 | 95 | @org.junit.AfterClass |
| 95 | 96 | public static void cleanup() throws Exception { |
| 96 | 97 | Security.removeProvider("BC"); |
+41
-9
| 288 | 288 | signAtSpecificPosition(999); |
| 289 | 289 | } |
| 290 | 290 | |
| 291 | @Test | |
| 292 | public void testSignAtSpecificPositionViaQName() throws Exception { | |
| 293 | signAtSpecificPosition(0, new QName("urn:example:po", "PurchaseOrder"), true); | |
| 294 | signAtSpecificPosition(0, new QName("urn:example:po", "Items"), true); | |
| 295 | signAtSpecificPosition(0, new QName("urn:example:po", "Items"), false); | |
| 296 | signAtSpecificPosition(0, new QName("urn:example:po", "ShippingAddress"), true); | |
| 297 | signAtSpecificPosition(0, new QName("urn:example:po", "ShippingAddress"), false); | |
| 298 | } | |
| 299 | ||
| 291 | 300 | private void signAtSpecificPosition(int position) throws Exception { |
| 301 | signAtSpecificPosition(position, null, false); | |
| 302 | } | |
| 303 | ||
| 304 | private void signAtSpecificPosition(int position, QName positionQName, boolean start) throws Exception { | |
| 292 | 305 | // Set up the Configuration |
| 293 | 306 | XMLSecurityProperties properties = new XMLSecurityProperties(); |
| 294 | 307 | List<XMLSecurityConstants.Action> actions = new ArrayList<XMLSecurityConstants.Action>(); |
| 297 | 310 | |
| 298 | 311 | // Specify the signature position |
| 299 | 312 | properties.setSignaturePosition(position); |
| 313 | properties.setSignaturePositionQName(positionQName); | |
| 314 | properties.setSignaturePositionStart(start); | |
| 300 | 315 | |
| 301 | 316 | // Set the key up |
| 302 | 317 | KeyStore keyStore = KeyStore.getInstance("jks"); |
| 340 | 355 | //find first child element: |
| 341 | 356 | Node childNode = XMLUtils.getNextElement(document.getDocumentElement().getFirstChild()); |
| 342 | 357 | |
| 343 | int expectedPosition = position < 0 ? 0 : position; | |
| 344 | int curPos = 0; | |
| 345 | while (curPos != expectedPosition) { | |
| 346 | Node node = XMLUtils.getNextElement(childNode.getNextSibling()); | |
| 347 | curPos++; | |
| 348 | if (node != null) { | |
| 349 | childNode = node; | |
| 350 | } else { | |
| 351 | break; | |
| 358 | if (positionQName != null) { | |
| 359 | // Find the Signature node inside the desired QName | |
| 360 | String localName = positionQName.getLocalPart(); | |
| 361 | if (!"PurchaseOrder".equals(localName)) { | |
| 362 | String namespace = positionQName.getNamespaceURI(); | |
| 363 | while (childNode != null && !(childNode.getLocalName().equals(localName) | |
| 364 | && childNode.getNamespaceURI().equals(namespace))) { | |
| 365 | childNode = XMLUtils.getNextElement(childNode.getNextSibling()); | |
| 366 | } | |
| 367 | if (start) { | |
| 368 | childNode = childNode.getFirstChild(); | |
| 369 | } else { | |
| 370 | childNode = childNode.getNextSibling(); | |
| 371 | } | |
| 372 | } | |
| 373 | } else { | |
| 374 | int expectedPosition = position < 0 ? 0 : position; | |
| 375 | int curPos = 0; | |
| 376 | while (curPos != expectedPosition) { | |
| 377 | Node node = XMLUtils.getNextElement(childNode.getNextSibling()); | |
| 378 | curPos++; | |
| 379 | if (node != null) { | |
| 380 | childNode = node; | |
| 381 | } else { | |
| 382 | break; | |
| 383 | } | |
| 352 | 384 | } |
| 353 | 385 | } |
| 354 | 386 | |
+6
-4
| 45 | 45 | import org.apache.xml.security.test.stax.utils.XmlReaderToWriter; |
| 46 | 46 | import org.apache.xml.security.utils.XMLUtils; |
| 47 | 47 | import org.junit.Assert; |
| 48 | import org.junit.BeforeClass; | |
| 48 | 49 | import org.junit.Test; |
| 49 | 50 | |
| 50 | 51 | /** |
| 51 | 52 | * A set of test-cases for Signature creation with various digest algorithms |
| 52 | 53 | */ |
| 53 | 54 | public class SignatureDigestCreationTest extends AbstractSignatureCreationTest { |
| 54 | private boolean bcInstalled; | |
| 55 | ||
| 56 | public SignatureDigestCreationTest() throws Exception { | |
| 55 | private static boolean bcInstalled; | |
| 56 | ||
| 57 | @BeforeClass | |
| 58 | public static void setup() throws Exception { | |
| 57 | 59 | // |
| 58 | 60 | // If the BouncyCastle provider is not installed, then try to load it |
| 59 | 61 | // via reflection. |
| 63 | 65 | try { |
| 64 | 66 | Class<?> c = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider"); |
| 65 | 67 | cons = c.getConstructor(new Class[] {}); |
| 66 | } catch (Exception e) { //NOPMD | |
| 68 | } catch (Exception e) { | |
| 67 | 69 | //ignore |
| 68 | 70 | } |
| 69 | 71 | if (cons != null) { |
+6
-4
| 39 | 39 | import org.apache.xml.security.stax.ext.XMLSecurityProperties; |
| 40 | 40 | import org.apache.xml.security.test.stax.utils.XmlReaderToWriter; |
| 41 | 41 | import org.apache.xml.security.utils.XMLUtils; |
| 42 | import org.junit.BeforeClass; | |
| 42 | 43 | import org.junit.Test; |
| 43 | 44 | import org.w3c.dom.Document; |
| 44 | 45 | |
| 47 | 48 | */ |
| 48 | 49 | public class SignatureHMACCreationTest extends AbstractSignatureCreationTest { |
| 49 | 50 | |
| 50 | private boolean bcInstalled; | |
| 51 | ||
| 52 | public SignatureHMACCreationTest() throws Exception { | |
| 51 | private static boolean bcInstalled; | |
| 52 | ||
| 53 | @BeforeClass | |
| 54 | public static void setup() throws Exception { | |
| 53 | 55 | // |
| 54 | 56 | // If the BouncyCastle provider is not installed, then try to load it |
| 55 | 57 | // via reflection. |
| 59 | 61 | try { |
| 60 | 62 | Class<?> c = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider"); |
| 61 | 63 | cons = c.getConstructor(new Class[] {}); |
| 62 | } catch (Exception e) { //NOPMD | |
| 64 | } catch (Exception e) { | |
| 63 | 65 | //ignore |
| 64 | 66 | } |
| 65 | 67 | if (cons != null) { |
+14
-12
| 42 | 42 | import org.apache.xml.security.test.stax.utils.StAX2DOM; |
| 43 | 43 | import org.apache.xml.security.test.stax.utils.XMLSecEventAllocator; |
| 44 | 44 | import org.apache.xml.security.utils.XMLUtils; |
| 45 | import org.junit.Before; | |
| 45 | import org.junit.BeforeClass; | |
| 46 | 46 | import org.junit.Test; |
| 47 | 47 | import org.w3c.dom.Document; |
| 48 | 48 | |
| 51 | 51 | */ |
| 52 | 52 | public class SignatureHMACVerificationTest extends AbstractSignatureVerificationTest { |
| 53 | 53 | |
| 54 | private boolean bcInstalled; | |
| 54 | private static boolean bcInstalled; | |
| 55 | 55 | private XMLInputFactory xmlInputFactory; |
| 56 | 56 | private TransformerFactory transformerFactory = TransformerFactory.newInstance(); |
| 57 | 57 | |
| 58 | @Before | |
| 59 | public void setUp() throws Exception { | |
| 60 | Init.init(SignatureHMACVerificationTest.class.getClassLoader().getResource("security-config.xml").toURI(), | |
| 61 | this.getClass()); | |
| 62 | org.apache.xml.security.Init.init(); | |
| 63 | ||
| 64 | xmlInputFactory = XMLInputFactory.newInstance(); | |
| 65 | xmlInputFactory.setEventAllocator(new XMLSecEventAllocator()); | |
| 66 | ||
| 58 | @BeforeClass | |
| 59 | public static void setup() throws Exception { | |
| 67 | 60 | // |
| 68 | 61 | // If the BouncyCastle provider is not installed, then try to load it |
| 69 | 62 | // via reflection. |
| 73 | 66 | try { |
| 74 | 67 | Class<?> c = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider"); |
| 75 | 68 | cons = c.getConstructor(new Class[] {}); |
| 76 | } catch (Exception e) { //NOPMD | |
| 69 | } catch (Exception e) { | |
| 77 | 70 | //ignore |
| 78 | 71 | } |
| 79 | 72 | if (cons != null) { |
| 84 | 77 | } |
| 85 | 78 | } |
| 86 | 79 | |
| 80 | public SignatureHMACVerificationTest() throws Exception { | |
| 81 | Init.init(SignatureHMACVerificationTest.class.getClassLoader().getResource("security-config.xml").toURI(), | |
| 82 | this.getClass()); | |
| 83 | org.apache.xml.security.Init.init(); | |
| 84 | ||
| 85 | xmlInputFactory = XMLInputFactory.newInstance(); | |
| 86 | xmlInputFactory.setEventAllocator(new XMLSecEventAllocator()); | |
| 87 | } | |
| 88 | ||
| 87 | 89 | @org.junit.AfterClass |
| 88 | 90 | public static void cleanup() throws Exception { |
| 89 | 91 | Security.removeProvider("BC"); |