New upstream version 2.0.2
Emmanuel Bourg
5 years ago
21 | 21 | <artifactId>xmlsec</artifactId> |
22 | 22 | <packaging>bundle</packaging> |
23 | 23 | <name>Apache XML Security for Java</name> |
24 | <version>2.0.1</version> | |
24 | <version>2.0.2</version> | |
25 | 25 | <description> |
26 | 26 | Apache XML Security for Java supports XML-Signature Syntax and Processing, |
27 | 27 | W3C Recommendation 12 February 2002, and XML Encryption Syntax and |
56 | 56 | </licenses> |
57 | 57 | <scm> |
58 | 58 | <connection> |
59 | scm:svn:http://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.1 | |
59 | scm:svn:http://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.2 | |
60 | 60 | </connection> |
61 | 61 | <developerConnection> |
62 | scm:svn:https://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.1 | |
62 | scm:svn:https://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.2 | |
63 | 63 | </developerConnection> |
64 | <url>http://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.1</url> | |
64 | <url>http://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.2</url> | |
65 | 65 | </scm> |
66 | 66 | <organization> |
67 | 67 | <name>The Apache Software Foundation</name> |
142 | 142 | <plugin> |
143 | 143 | <groupId>org.apache.maven.plugins</groupId> |
144 | 144 | <artifactId>maven-jar-plugin</artifactId> |
145 | <version>2.4</version> | |
145 | <version>2.5</version> | |
146 | 146 | <executions> |
147 | 147 | <execution> |
148 | 148 | <phase>test-compile</phase> |
252 | 252 | <plugin> |
253 | 253 | <groupId>org.apache.maven.plugins</groupId> |
254 | 254 | <artifactId>maven-source-plugin</artifactId> |
255 | <version>2.2.1</version> | |
255 | <version>2.3</version> | |
256 | 256 | <executions> |
257 | 257 | <execution> |
258 | 258 | <goals> |
407 | 407 | <xml.apis.version>1.4.01</xml.apis.version> |
408 | 408 | <oldxmlsec.version>1.5.6</oldxmlsec.version> |
409 | 409 | <slf4j.version>1.7.7</slf4j.version> |
410 | <xalan.version>2.7.1</xalan.version> | |
410 | <xalan.version>2.7.2</xalan.version> | |
411 | 411 | <xerces.version>2.11.0</xerces.version> |
412 | 412 | <junit.version>4.11</junit.version> |
413 | 413 | <log4j.version>1.2.17</log4j.version> |
414 | <bcprov.version>1.50</bcprov.version> | |
414 | <bcprov.version>1.51</bcprov.version> | |
415 | 415 | <xmlunit.version>1.5</xmlunit.version> |
416 | 416 | <commons.codec.version>1.9</commons.codec.version> |
417 | <woodstox.core.asl.version>4.4.0</woodstox.core.asl.version> | |
417 | <woodstox.core.asl.version>4.4.1</woodstox.core.asl.version> | |
418 | 418 | <jetty.version>8.1.4.v20120524</jetty.version> |
419 | 419 | <xmlsec.jaxb.context.class /> |
420 | 420 | </properties> |
26 | 26 | * Portions copyright 2005 Sun Microsystems, Inc. All rights reserved. |
27 | 27 | */ |
28 | 28 | /* |
29 | * $Id: XMLDSigRI.java 1590588 2014-04-28 10:29:52Z coheigea $ | |
29 | * $Id: XMLDSigRI.java 1626703 2014-09-22 09:05:28Z coheigea $ | |
30 | 30 | */ |
31 | 31 | package org.apache.jcp.xml.dsig.internal.dom; |
32 | 32 | |
56 | 56 | |
57 | 57 | public XMLDSigRI() { |
58 | 58 | /* We are the ApacheXMLDSig provider */ |
59 | super("ApacheXMLDSig", 2.01, INFO); | |
59 | super("ApacheXMLDSig", 2.02, INFO); | |
60 | 60 | |
61 | 61 | final Map<Object, Object> map = new HashMap<Object, Object>(); |
62 | 62 | map.put("XMLSignatureFactory.DOM", |
78 | 78 | public void writeStartElement(String prefix, String localName, String namespaceURI) { |
79 | 79 | Element newElem = m_factory.createElementNS(namespaceURI, DOMUtils.getQNameString(prefix, localName)); |
80 | 80 | if (m_nextSibling != null) { |
81 | m_nextSibling.getParentNode().insertBefore(newElem, m_nextSibling); | |
81 | newElem = (Element)m_nextSibling.getParentNode().insertBefore(newElem, m_nextSibling); | |
82 | 82 | } |
83 | 83 | else { |
84 | m_currentNode.appendChild(newElem); | |
84 | newElem = (Element)m_currentNode.appendChild(newElem); | |
85 | 85 | } |
86 | 86 | m_nextSibling = null; |
87 | 87 | m_currentNode = newElem; |
+14
-16
133 | 133 | */ |
134 | 134 | protected void engineInitVerify(Key secretKey) throws XMLSignatureException { |
135 | 135 | if (!(secretKey instanceof SecretKey)) { |
136 | String supplied = secretKey.getClass().getName(); | |
136 | String supplied = null; | |
137 | if (secretKey != null) { | |
138 | supplied = secretKey.getClass().getName(); | |
139 | } | |
137 | 140 | String needed = SecretKey.class.getName(); |
138 | 141 | Object exArgs[] = { supplied, needed }; |
139 | 142 | |
189 | 192 | * @throws XMLSignatureException |
190 | 193 | */ |
191 | 194 | protected void engineInitSign(Key secretKey) throws XMLSignatureException { |
192 | if (!(secretKey instanceof SecretKey)) { | |
193 | String supplied = secretKey.getClass().getName(); | |
194 | String needed = SecretKey.class.getName(); | |
195 | Object exArgs[] = { supplied, needed }; | |
196 | ||
197 | throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs); | |
198 | } | |
199 | ||
200 | try { | |
201 | this.macAlgorithm.init(secretKey); | |
202 | } catch (InvalidKeyException ex) { | |
203 | throw new XMLSignatureException("empty", ex); | |
204 | } | |
195 | engineInitSign(secretKey, (AlgorithmParameterSpec)null); | |
205 | 196 | } |
206 | 197 | |
207 | 198 | /** |
215 | 206 | Key secretKey, AlgorithmParameterSpec algorithmParameterSpec |
216 | 207 | ) throws XMLSignatureException { |
217 | 208 | if (!(secretKey instanceof SecretKey)) { |
218 | String supplied = secretKey.getClass().getName(); | |
209 | String supplied = null; | |
210 | if (secretKey != null) { | |
211 | supplied = secretKey.getClass().getName(); | |
212 | } | |
219 | 213 | String needed = SecretKey.class.getName(); |
220 | 214 | Object exArgs[] = { supplied, needed }; |
221 | 215 | |
223 | 217 | } |
224 | 218 | |
225 | 219 | try { |
226 | this.macAlgorithm.init(secretKey, algorithmParameterSpec); | |
220 | if (algorithmParameterSpec == null) { | |
221 | this.macAlgorithm.init(secretKey); | |
222 | } else { | |
223 | this.macAlgorithm.init(secretKey, algorithmParameterSpec); | |
224 | } | |
227 | 225 | } catch (InvalidKeyException ex) { |
228 | 226 | throw new XMLSignatureException("empty", ex); |
229 | 227 | } catch (InvalidAlgorithmParameterException ex) { |
+14
-16
95 | 95 | /** @inheritDoc */ |
96 | 96 | protected void engineInitVerify(Key publicKey) throws XMLSignatureException { |
97 | 97 | if (!(publicKey instanceof PublicKey)) { |
98 | String supplied = publicKey.getClass().getName(); | |
98 | String supplied = null; | |
99 | if (publicKey != null) { | |
100 | supplied = publicKey.getClass().getName(); | |
101 | } | |
99 | 102 | String needed = PublicKey.class.getName(); |
100 | 103 | Object exArgs[] = { supplied, needed }; |
101 | 104 | |
135 | 138 | protected void engineInitSign(Key privateKey, SecureRandom secureRandom) |
136 | 139 | throws XMLSignatureException { |
137 | 140 | if (!(privateKey instanceof PrivateKey)) { |
138 | String supplied = privateKey.getClass().getName(); | |
141 | String supplied = null; | |
142 | if (privateKey != null) { | |
143 | supplied = privateKey.getClass().getName(); | |
144 | } | |
139 | 145 | String needed = PrivateKey.class.getName(); |
140 | 146 | Object exArgs[] = { supplied, needed }; |
141 | 147 | |
143 | 149 | } |
144 | 150 | |
145 | 151 | try { |
146 | this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom); | |
152 | if (secureRandom == null) { | |
153 | this.signatureAlgorithm.initSign((PrivateKey) privateKey); | |
154 | } else { | |
155 | this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom); | |
156 | } | |
147 | 157 | } catch (InvalidKeyException ex) { |
148 | 158 | throw new XMLSignatureException("empty", ex); |
149 | 159 | } |
151 | 161 | |
152 | 162 | /** @inheritDoc */ |
153 | 163 | protected void engineInitSign(Key privateKey) throws XMLSignatureException { |
154 | if (!(privateKey instanceof PrivateKey)) { | |
155 | String supplied = privateKey.getClass().getName(); | |
156 | String needed = PrivateKey.class.getName(); | |
157 | Object exArgs[] = { supplied, needed }; | |
158 | ||
159 | throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs); | |
160 | } | |
161 | ||
162 | try { | |
163 | this.signatureAlgorithm.initSign((PrivateKey) privateKey); | |
164 | } catch (InvalidKeyException ex) { | |
165 | throw new XMLSignatureException("empty", ex); | |
166 | } | |
164 | engineInitSign(privateKey, (SecureRandom)null); | |
167 | 165 | } |
168 | 166 | |
169 | 167 | /** @inheritDoc */ |
+14
-17
122 | 122 | */ |
123 | 123 | protected void engineInitVerify(Key publicKey) throws XMLSignatureException { |
124 | 124 | if (!(publicKey instanceof PublicKey)) { |
125 | String supplied = publicKey.getClass().getName(); | |
125 | String supplied = null; | |
126 | if (publicKey != null) { | |
127 | supplied = publicKey.getClass().getName(); | |
128 | } | |
126 | 129 | String needed = PublicKey.class.getName(); |
127 | 130 | Object exArgs[] = { supplied, needed }; |
128 | 131 | |
171 | 174 | protected void engineInitSign(Key privateKey, SecureRandom secureRandom) |
172 | 175 | throws XMLSignatureException { |
173 | 176 | if (!(privateKey instanceof PrivateKey)) { |
174 | String supplied = privateKey.getClass().getName(); | |
177 | String supplied = null; | |
178 | if (privateKey != null) { | |
179 | supplied = privateKey.getClass().getName(); | |
180 | } | |
175 | 181 | String needed = PrivateKey.class.getName(); |
176 | 182 | Object exArgs[] = { supplied, needed }; |
177 | 183 | |
179 | 185 | } |
180 | 186 | |
181 | 187 | try { |
182 | this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom); | |
188 | if (secureRandom == null) { | |
189 | this.signatureAlgorithm.initSign((PrivateKey) privateKey); | |
190 | } else { | |
191 | this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom); | |
192 | } | |
183 | 193 | } catch (InvalidKeyException ex) { |
184 | 194 | throw new XMLSignatureException("empty", ex); |
185 | 195 | } |
190 | 200 | * @inheritDoc |
191 | 201 | */ |
192 | 202 | protected void engineInitSign(Key privateKey) throws XMLSignatureException { |
193 | if (!(privateKey instanceof PrivateKey)) { | |
194 | String supplied = privateKey.getClass().getName(); | |
195 | String needed = PrivateKey.class.getName(); | |
196 | Object exArgs[] = { supplied, needed }; | |
197 | ||
198 | throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs); | |
199 | } | |
200 | ||
201 | try { | |
202 | this.signatureAlgorithm.initSign((PrivateKey) privateKey); | |
203 | } catch (InvalidKeyException ex) { | |
204 | throw new XMLSignatureException("empty", ex); | |
205 | } | |
206 | size = ((DSAKey)privateKey).getParams().getQ().bitLength(); | |
203 | engineInitSign(privateKey, (SecureRandom)null); | |
207 | 204 | } |
208 | 205 | |
209 | 206 | /** |
+14
-16
235 | 235 | protected void engineInitVerify(Key publicKey) throws XMLSignatureException { |
236 | 236 | |
237 | 237 | if (!(publicKey instanceof PublicKey)) { |
238 | String supplied = publicKey.getClass().getName(); | |
238 | String supplied = null; | |
239 | if (publicKey != null) { | |
240 | supplied = publicKey.getClass().getName(); | |
241 | } | |
239 | 242 | String needed = PublicKey.class.getName(); |
240 | 243 | Object exArgs[] = { supplied, needed }; |
241 | 244 | |
279 | 282 | protected void engineInitSign(Key privateKey, SecureRandom secureRandom) |
280 | 283 | throws XMLSignatureException { |
281 | 284 | if (!(privateKey instanceof PrivateKey)) { |
282 | String supplied = privateKey.getClass().getName(); | |
285 | String supplied = null; | |
286 | if (privateKey != null) { | |
287 | supplied = privateKey.getClass().getName(); | |
288 | } | |
283 | 289 | String needed = PrivateKey.class.getName(); |
284 | 290 | Object exArgs[] = { supplied, needed }; |
285 | 291 | |
287 | 293 | } |
288 | 294 | |
289 | 295 | try { |
290 | this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom); | |
296 | if (secureRandom == null) { | |
297 | this.signatureAlgorithm.initSign((PrivateKey) privateKey); | |
298 | } else { | |
299 | this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom); | |
300 | } | |
291 | 301 | } catch (InvalidKeyException ex) { |
292 | 302 | throw new XMLSignatureException("empty", ex); |
293 | 303 | } |
295 | 305 | |
296 | 306 | /** @inheritDoc */ |
297 | 307 | protected void engineInitSign(Key privateKey) throws XMLSignatureException { |
298 | if (!(privateKey instanceof PrivateKey)) { | |
299 | String supplied = privateKey.getClass().getName(); | |
300 | String needed = PrivateKey.class.getName(); | |
301 | Object exArgs[] = { supplied, needed }; | |
302 | ||
303 | throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs); | |
304 | } | |
305 | ||
306 | try { | |
307 | this.signatureAlgorithm.initSign((PrivateKey) privateKey); | |
308 | } catch (InvalidKeyException ex) { | |
309 | throw new XMLSignatureException("empty", ex); | |
310 | } | |
308 | engineInitSign(privateKey, (SecureRandom)null); | |
311 | 309 | } |
312 | 310 | |
313 | 311 | /** @inheritDoc */ |
3217 | 3217 | Element digestElement = |
3218 | 3218 | XMLUtils.createElementInSignatureSpace(contextDocument, Constants._TAG_DIGESTMETHOD); |
3219 | 3219 | digestElement.setAttributeNS(null, "Algorithm", digestAlgorithm); |
3220 | digestElement.setAttributeNS( | |
3221 | Constants.NamespaceSpecNS, | |
3222 | "xmlns:" + ElementProxy.getDefaultPrefix(Constants.SignatureSpecNS), | |
3223 | Constants.SignatureSpecNS | |
3224 | ); | |
3220 | 3225 | result.appendChild(digestElement); |
3221 | 3226 | } |
3222 | 3227 | if (mgfAlgorithm != null) { |
270 | 270 | Canonicalizer.getInstance(this.getCanonicalizationMethodURI()); |
271 | 271 | c14nizer.setSecureValidation(isSecureValidation()); |
272 | 272 | |
273 | this.c14nizedBytes = | |
274 | c14nizer.canonicalizeSubtree(getElement()); | |
273 | String inclusiveNamespaces = this.getInclusiveNamespaces(); | |
274 | if (inclusiveNamespaces == null) { | |
275 | this.c14nizedBytes = c14nizer.canonicalizeSubtree(getElement()); | |
276 | } else { | |
277 | this.c14nizedBytes = c14nizer.canonicalizeSubtree(getElement(), inclusiveNamespaces); | |
278 | } | |
275 | 279 | } |
276 | 280 | |
277 | 281 | // make defensive copy |
352 | 356 | return new SecretKeySpec(secretKeyBytes, this.signatureAlgorithm.getJCEAlgorithmString()); |
353 | 357 | } |
354 | 358 | |
355 | protected SignatureAlgorithm getSignatureAlgorithm() { | |
359 | public SignatureAlgorithm getSignatureAlgorithm() { | |
356 | 360 | return signatureAlgorithm; |
357 | 361 | } |
358 | 362 |
+1
-4
139 | 139 | createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_dsig_KeyInfo, true, null); |
140 | 140 | |
141 | 141 | List<XMLSecAttribute> attributes = new ArrayList<XMLSecAttribute>(1); |
142 | String keyId = getEncryptionPartDef().getKeyId(); | |
143 | if (keyId == null) { | |
144 | keyId = IDGenerator.generateID("EK"); | |
145 | } | |
142 | String keyId = IDGenerator.generateID("EK"); | |
146 | 143 | attributes.add(createAttribute(XMLSecurityConstants.ATT_NULL_Id, keyId)); |
147 | 144 | createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc_EncryptedKey, true, attributes); |
148 | 145 |
133 | 133 | |
134 | 134 | kvks = new KeySelectors.KeyValueKeySelector(); |
135 | 135 | |
136 | rsaKeyPair = KeyPairGenerator.getInstance("RSA").genKeyPair(); | |
136 | KeyPairGenerator rsaKpg = KeyPairGenerator.getInstance("RSA"); | |
137 | rsaKpg.initialize(2048); | |
138 | rsaKeyPair = rsaKpg.genKeyPair(); | |
139 | ||
137 | 140 | ecKeyPair = KeyPairGenerator.getInstance("EC").genKeyPair(); |
138 | 141 | |
139 | 142 | KeyInfoFactory kifac = fac.getKeyInfoFactory(); |
+4
-1
75 | 75 | } |
76 | 76 | } |
77 | 77 | |
78 | rsaKeyPair = KeyPairGenerator.getInstance("RSA").genKeyPair(); | |
78 | KeyPairGenerator rsaKpg = KeyPairGenerator.getInstance("RSA"); | |
79 | rsaKpg.initialize(2048); | |
80 | rsaKeyPair = rsaKpg.genKeyPair(); | |
81 | ||
79 | 82 | ecKeyPair = KeyPairGenerator.getInstance("EC").genKeyPair(); |
80 | 83 | } |
81 | 84 |
35 | 35 | import org.apache.xml.security.c14n.Canonicalizer; |
36 | 36 | import org.apache.xml.security.keys.KeyInfo; |
37 | 37 | import org.apache.xml.security.signature.ObjectContainer; |
38 | import org.apache.xml.security.signature.SignedInfo; | |
39 | import org.apache.xml.security.signature.XMLSignature; | |
38 | 40 | import org.apache.xml.security.test.dom.DSNamespaceContext; |
39 | 41 | import org.apache.xml.security.transforms.Transforms; |
40 | 42 | import org.apache.xml.security.transforms.params.XPath2FilterContainer; |
41 | 43 | import org.apache.xml.security.transforms.params.XPathContainer; |
42 | import org.apache.xml.security.signature.XMLSignature; | |
43 | 44 | import org.apache.xml.security.utils.Constants; |
44 | 45 | import org.apache.xml.security.utils.ElementProxy; |
45 | 46 | import org.apache.xml.security.utils.XMLUtils; |
204 | 205 | XMLSignature signature = new XMLSignature(sigElement, ""); |
205 | 206 | assertTrue(signature.checkSignatureValue(ks.getCertificate("test").getPublicKey())); |
206 | 207 | } |
208 | ||
209 | @org.junit.Test | |
210 | public void testCanonicalizedOctetStream() throws Exception { | |
211 | String signedXML = doSign(); | |
212 | ||
213 | org.w3c.dom.Document doc = db.parse(new ByteArrayInputStream(signedXML.getBytes())); | |
214 | ||
215 | XPathFactory xpf = XPathFactory.newInstance(); | |
216 | XPath xpath = xpf.newXPath(); | |
217 | xpath.setNamespaceContext(new DSNamespaceContext()); | |
218 | ||
219 | String expression = "//ds:Signature[1]"; | |
220 | Element sigElement = | |
221 | (Element) xpath.evaluate(expression, doc, XPathConstants.NODE); | |
222 | ||
223 | XMLSignature signature = new XMLSignature(sigElement, ""); | |
224 | KeyInfo ki = signature.getKeyInfo(); | |
225 | ||
226 | if (ki == null) { | |
227 | throw new RuntimeException("No keyinfo"); | |
228 | } | |
229 | PublicKey pk = signature.getKeyInfo().getPublicKey(); | |
230 | ||
231 | if (pk == null) { | |
232 | throw new RuntimeException("No public key"); | |
233 | } | |
234 | ||
235 | SignedInfo si = signature.getSignedInfo(); | |
236 | SignatureAlgorithm sa = si.getSignatureAlgorithm(); | |
237 | sa.initVerify(pk); | |
238 | ||
239 | byte[] sigBytes = signature.getSignatureValue(); | |
240 | ||
241 | byte[] canonicalizedBytes = si.getCanonicalizedOctetStream(); | |
242 | sa.update(canonicalizedBytes, 0, canonicalizedBytes.length); | |
243 | ||
244 | assertTrue(sa.verify(sigBytes)); | |
245 | assertTrue(si.verify(false)); | |
246 | } | |
247 | ||
207 | 248 | |
208 | 249 | private String doSign() throws Exception { |
209 | 250 | PrivateKey privateKey = kp.getPrivate(); |
+10
-3
17 | 17 | */ |
18 | 18 | package org.apache.xml.security.test.stax.c14n; |
19 | 19 | |
20 | import org.apache.xml.security.test.stax.utils.UnixInputStream; | |
20 | 21 | import org.junit.Test; |
21 | 22 | |
22 | 23 | import org.apache.xml.security.stax.ext.stax.XMLSecEvent; |
37 | 38 | |
38 | 39 | /** |
39 | 40 | * @author $Author: giger $ |
40 | * @version $Revision: 1399606 $ $Date: 2012-10-18 14:17:41 +0200 (Thu, 18 Oct 2012) $ | |
41 | * @version $Revision: 1612074 $ $Date: 2014-07-20 13:02:41 +0200 (Sun, 20 Jul 2014) $ | |
41 | 42 | */ |
42 | 43 | public class Canonicalizer20010315Test extends org.junit.Assert { |
43 | 44 | |
392 | 393 | |
393 | 394 | byte[] reference = |
394 | 395 | getBytesFromResource(this.getClass().getClassLoader().getResource( |
395 | "org/apache/xml/security/c14n/in/default_ns_redefinition_c14n.xml")); | |
396 | "org/apache/xml/security/c14n/in/default_ns_redefinition_c14n.xml"), true); | |
396 | 397 | boolean equals = java.security.MessageDigest.isEqual(reference, baos.toByteArray()); |
397 | 398 | |
398 | 399 | if (!equals) { |
717 | 718 | assertTrue(result); |
718 | 719 | } |
719 | 720 | |
720 | ||
721 | 721 | public static byte[] getBytesFromResource(URL resource) throws IOException { |
722 | return getBytesFromResource(resource, false); | |
723 | } | |
724 | ||
725 | public static byte[] getBytesFromResource(URL resource, boolean unix) throws IOException { | |
722 | 726 | |
723 | 727 | ByteArrayOutputStream baos = new ByteArrayOutputStream(); |
724 | 728 | InputStream inputStream = resource.openStream(); |
729 | if (unix) { | |
730 | inputStream = new UnixInputStream(inputStream); | |
731 | } | |
725 | 732 | try { |
726 | 733 | byte buf[] = new byte[1024]; |
727 | 734 | int len; |
+62
-0
587 | 587 | } |
588 | 588 | |
589 | 589 | @Test |
590 | public void testEncryptedKeyMultipleElements() throws Exception { | |
591 | // Set up the Configuration | |
592 | XMLSecurityProperties properties = new XMLSecurityProperties(); | |
593 | List<XMLSecurityConstants.Action> actions = new ArrayList<XMLSecurityConstants.Action>(); | |
594 | actions.add(XMLSecurityConstants.ENCRYPT); | |
595 | properties.setActions(actions); | |
596 | ||
597 | // Set the key up | |
598 | // Generate an RSA key | |
599 | KeyPairGenerator rsaKeygen = KeyPairGenerator.getInstance("RSA"); | |
600 | KeyPair kp = rsaKeygen.generateKeyPair(); | |
601 | PrivateKey priv = kp.getPrivate(); | |
602 | PublicKey pub = kp.getPublic(); | |
603 | properties.setEncryptionTransportKey(pub); | |
604 | properties.setEncryptionKeyTransportAlgorithm("http://www.w3.org/2001/04/xmlenc#rsa-1_5"); | |
605 | ||
606 | KeyGenerator keygen = KeyGenerator.getInstance("AES"); | |
607 | keygen.init(256); | |
608 | SecretKey key = keygen.generateKey(); | |
609 | properties.setEncryptionKey(key); | |
610 | properties.setEncryptionSymAlgorithm("http://www.w3.org/2001/04/xmlenc#aes256-cbc"); | |
611 | properties.setEncryptionKeyIdentifier(SecurityTokenConstants.KeyIdentifier_KeyValue); | |
612 | ||
613 | SecurePart securePart = | |
614 | new SecurePart(new QName("urn:example:po", "PaymentInfo"), SecurePart.Modifier.Content); | |
615 | properties.addEncryptionPart(securePart); | |
616 | securePart = | |
617 | new SecurePart(new QName("urn:example:po", "ShippingAddress"), SecurePart.Modifier.Content); | |
618 | properties.addEncryptionPart(securePart); | |
619 | ||
620 | OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties); | |
621 | ByteArrayOutputStream baos = new ByteArrayOutputStream(); | |
622 | XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, "UTF-8"); | |
623 | ||
624 | InputStream sourceDocument = | |
625 | this.getClass().getClassLoader().getResourceAsStream( | |
626 | "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml"); | |
627 | XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(sourceDocument); | |
628 | ||
629 | XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter); | |
630 | xmlStreamWriter.close(); | |
631 | ||
632 | // System.out.println("Got:\n" + new String(baos.toByteArray(), "UTF-8")); | |
633 | ||
634 | Document document = | |
635 | XMLUtils.createDocumentBuilder(false).parse(new ByteArrayInputStream(baos.toByteArray())); | |
636 | ||
637 | // Check the CreditCard encrypted ok | |
638 | NodeList nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard"); | |
639 | Assert.assertEquals(nodeList.getLength(), 0); | |
640 | ||
641 | nodeList = document.getElementsByTagNameNS( | |
642 | XMLSecurityConstants.TAG_xenc_EncryptedData.getNamespaceURI(), | |
643 | XMLSecurityConstants.TAG_xenc_EncryptedData.getLocalPart() | |
644 | ); | |
645 | Assert.assertEquals(nodeList.getLength(), 2); | |
646 | ||
647 | // Decrypt using DOM API | |
648 | decryptUsingDOM("http://www.w3.org/2001/04/xmlenc#tripledes-cbc", null, priv, document); | |
649 | } | |
650 | ||
651 | @Test | |
590 | 652 | public void testEncryptedKeyIssuerSerialReference() throws Exception { |
591 | 653 | // Set up the Configuration |
592 | 654 | XMLSecurityProperties properties = new XMLSecurityProperties(); |
+4
-1
72 | 72 | } |
73 | 73 | } |
74 | 74 | |
75 | rsaKeyPair = KeyPairGenerator.getInstance("RSA").genKeyPair(); | |
75 | KeyPairGenerator rsaKpg = KeyPairGenerator.getInstance("RSA"); | |
76 | rsaKpg.initialize(2048); | |
77 | rsaKeyPair = rsaKpg.genKeyPair(); | |
78 | ||
76 | 79 | ecKeyPair = KeyPairGenerator.getInstance("EC").genKeyPair(); |
77 | 80 | } |
78 | 81 |
+4
-1
85 | 85 | } |
86 | 86 | } |
87 | 87 | |
88 | rsaKeyPair = KeyPairGenerator.getInstance("RSA").genKeyPair(); | |
88 | KeyPairGenerator rsaKpg = KeyPairGenerator.getInstance("RSA"); | |
89 | rsaKpg.initialize(2048); | |
90 | rsaKeyPair = rsaKpg.genKeyPair(); | |
91 | ||
89 | 92 | ecKeyPair = KeyPairGenerator.getInstance("EC").genKeyPair(); |
90 | 93 | } |
91 | 94 |
+7
-6
24 | 24 | import org.apache.xml.security.stax.ext.XMLSecurityUtils; |
25 | 25 | import org.apache.xml.security.stax.ext.stax.XMLSecEvent; |
26 | 26 | import org.apache.xml.security.stax.impl.transformer.TransformIdentity; |
27 | import org.apache.xml.security.test.stax.utils.UnixInputStream; | |
27 | 28 | import org.apache.xml.security.test.stax.utils.XMLSecEventAllocator; |
28 | 29 | import org.junit.Assert; |
29 | 30 | import org.junit.Before; |
43 | 44 | import java.util.Map; |
44 | 45 | |
45 | 46 | /** |
46 | * @author $Author: coheigea $ | |
47 | * @version $Revision: 1584089 $ $Date: 2014-04-02 18:46:35 +0200 (Wed, 02 Apr 2014) $ | |
47 | * @author $Author: giger $ | |
48 | * @version $Revision: 1612074 $ $Date: 2014-07-20 13:02:41 +0200 (Sun, 20 Jul 2014) $ | |
48 | 49 | */ |
49 | 50 | public class TransformIdentityTest extends org.junit.Assert { |
50 | 51 | |
230 | 231 | final ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(); |
231 | 232 | transformIdentity.setOutputStream(byteArrayOutputStream); |
232 | 233 | |
233 | transformIdentity.transform(this.getClass().getClassLoader().getResourceAsStream( | |
234 | "ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/xml-stylesheet.b64")); | |
234 | transformIdentity.transform(new UnixInputStream(this.getClass().getClassLoader().getResourceAsStream( | |
235 | "ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/xml-stylesheet.b64"))); | |
235 | 236 | |
236 | 237 | Assert.assertEquals(17786, byteArrayOutputStream.size()); |
237 | 238 | } |
276 | 277 | |
277 | 278 | transformIdentity.setTransformer(transformer); |
278 | 279 | |
279 | transformIdentity.transform(this.getClass().getClassLoader().getResourceAsStream( | |
280 | "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext-base64.xml")); | |
280 | transformIdentity.transform(new UnixInputStream(this.getClass().getClassLoader().getResourceAsStream( | |
281 | "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext-base64.xml"))); | |
281 | 282 | |
282 | 283 | transformIdentity.doFinal(); |
283 | 284 |
0 | /** | |
1 | * Licensed to the Apache Software Foundation (ASF) under one | |
2 | * or more contributor license agreements. See the NOTICE file | |
3 | * distributed with this work for additional information | |
4 | * regarding copyright ownership. The ASF licenses this file | |
5 | * to you under the Apache License, Version 2.0 (the | |
6 | * "License"); you may not use this file except in compliance | |
7 | * with the License. You may obtain a copy of the License at | |
8 | * | |
9 | * http://www.apache.org/licenses/LICENSE-2.0 | |
10 | * | |
11 | * Unless required by applicable law or agreed to in writing, | |
12 | * software distributed under the License is distributed on an | |
13 | * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |
14 | * KIND, either express or implied. See the License for the | |
15 | * specific language governing permissions and limitations | |
16 | * under the License. | |
17 | */ | |
18 | package org.apache.xml.security.test.stax.utils; | |
19 | ||
20 | import java.io.IOException; | |
21 | import java.io.InputStream; | |
22 | ||
23 | /** | |
24 | * Simple and stupid dos/windows to unix line ending converter. | |
25 | * It's used to convert testdata to unix style independent on the | |
26 | * platform running on. This is just a workaround for "svn:eol-style" set | |
27 | * to native | |
28 | * | |
29 | * It's inefficient and simply suppresses the output of '\r' which | |
30 | * is not correct in every case. So do not use it in productive code. | |
31 | * | |
32 | * @author $Author: giger $ | |
33 | * @version $Revision: 1612074 $ $Date: 2014-07-20 13:02:41 +0200 (Sun, 20 Jul 2014) $ | |
34 | */ | |
35 | public class UnixInputStream extends InputStream { | |
36 | ||
37 | private InputStream inputStream; | |
38 | ||
39 | public UnixInputStream(InputStream in) { | |
40 | super(); | |
41 | this.inputStream = in; | |
42 | } | |
43 | ||
44 | @Override | |
45 | public int read() throws IOException { | |
46 | int read = inputStream.read(); | |
47 | if (read == '\r') { | |
48 | return inputStream.read(); | |
49 | } | |
50 | return read; | |
51 | } | |
52 | } |