New upstream version 2.0.2
Emmanuel Bourg
5 years ago
| 21 | 21 | <artifactId>xmlsec</artifactId> |
| 22 | 22 | <packaging>bundle</packaging> |
| 23 | 23 | <name>Apache XML Security for Java</name> |
| 24 | <version>2.0.1</version> | |
| 24 | <version>2.0.2</version> | |
| 25 | 25 | <description> |
| 26 | 26 | Apache XML Security for Java supports XML-Signature Syntax and Processing, |
| 27 | 27 | W3C Recommendation 12 February 2002, and XML Encryption Syntax and |
| 56 | 56 | </licenses> |
| 57 | 57 | <scm> |
| 58 | 58 | <connection> |
| 59 | scm:svn:http://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.1 | |
| 59 | scm:svn:http://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.2 | |
| 60 | 60 | </connection> |
| 61 | 61 | <developerConnection> |
| 62 | scm:svn:https://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.1 | |
| 62 | scm:svn:https://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.2 | |
| 63 | 63 | </developerConnection> |
| 64 | <url>http://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.1</url> | |
| 64 | <url>http://svn.apache.org/repos/asf/santuario/xml-security-java/tags/xmlsec-2.0.2</url> | |
| 65 | 65 | </scm> |
| 66 | 66 | <organization> |
| 67 | 67 | <name>The Apache Software Foundation</name> |
| 142 | 142 | <plugin> |
| 143 | 143 | <groupId>org.apache.maven.plugins</groupId> |
| 144 | 144 | <artifactId>maven-jar-plugin</artifactId> |
| 145 | <version>2.4</version> | |
| 145 | <version>2.5</version> | |
| 146 | 146 | <executions> |
| 147 | 147 | <execution> |
| 148 | 148 | <phase>test-compile</phase> |
| 252 | 252 | <plugin> |
| 253 | 253 | <groupId>org.apache.maven.plugins</groupId> |
| 254 | 254 | <artifactId>maven-source-plugin</artifactId> |
| 255 | <version>2.2.1</version> | |
| 255 | <version>2.3</version> | |
| 256 | 256 | <executions> |
| 257 | 257 | <execution> |
| 258 | 258 | <goals> |
| 407 | 407 | <xml.apis.version>1.4.01</xml.apis.version> |
| 408 | 408 | <oldxmlsec.version>1.5.6</oldxmlsec.version> |
| 409 | 409 | <slf4j.version>1.7.7</slf4j.version> |
| 410 | <xalan.version>2.7.1</xalan.version> | |
| 410 | <xalan.version>2.7.2</xalan.version> | |
| 411 | 411 | <xerces.version>2.11.0</xerces.version> |
| 412 | 412 | <junit.version>4.11</junit.version> |
| 413 | 413 | <log4j.version>1.2.17</log4j.version> |
| 414 | <bcprov.version>1.50</bcprov.version> | |
| 414 | <bcprov.version>1.51</bcprov.version> | |
| 415 | 415 | <xmlunit.version>1.5</xmlunit.version> |
| 416 | 416 | <commons.codec.version>1.9</commons.codec.version> |
| 417 | <woodstox.core.asl.version>4.4.0</woodstox.core.asl.version> | |
| 417 | <woodstox.core.asl.version>4.4.1</woodstox.core.asl.version> | |
| 418 | 418 | <jetty.version>8.1.4.v20120524</jetty.version> |
| 419 | 419 | <xmlsec.jaxb.context.class /> |
| 420 | 420 | </properties> |
| 26 | 26 | * Portions copyright 2005 Sun Microsystems, Inc. All rights reserved. |
| 27 | 27 | */ |
| 28 | 28 | /* |
| 29 | * $Id: XMLDSigRI.java 1590588 2014-04-28 10:29:52Z coheigea $ | |
| 29 | * $Id: XMLDSigRI.java 1626703 2014-09-22 09:05:28Z coheigea $ | |
| 30 | 30 | */ |
| 31 | 31 | package org.apache.jcp.xml.dsig.internal.dom; |
| 32 | 32 | |
| 56 | 56 | |
| 57 | 57 | public XMLDSigRI() { |
| 58 | 58 | /* We are the ApacheXMLDSig provider */ |
| 59 | super("ApacheXMLDSig", 2.01, INFO); | |
| 59 | super("ApacheXMLDSig", 2.02, INFO); | |
| 60 | 60 | |
| 61 | 61 | final Map<Object, Object> map = new HashMap<Object, Object>(); |
| 62 | 62 | map.put("XMLSignatureFactory.DOM", |
| 78 | 78 | public void writeStartElement(String prefix, String localName, String namespaceURI) { |
| 79 | 79 | Element newElem = m_factory.createElementNS(namespaceURI, DOMUtils.getQNameString(prefix, localName)); |
| 80 | 80 | if (m_nextSibling != null) { |
| 81 | m_nextSibling.getParentNode().insertBefore(newElem, m_nextSibling); | |
| 81 | newElem = (Element)m_nextSibling.getParentNode().insertBefore(newElem, m_nextSibling); | |
| 82 | 82 | } |
| 83 | 83 | else { |
| 84 | m_currentNode.appendChild(newElem); | |
| 84 | newElem = (Element)m_currentNode.appendChild(newElem); | |
| 85 | 85 | } |
| 86 | 86 | m_nextSibling = null; |
| 87 | 87 | m_currentNode = newElem; |
+14
-16
| 133 | 133 | */ |
| 134 | 134 | protected void engineInitVerify(Key secretKey) throws XMLSignatureException { |
| 135 | 135 | if (!(secretKey instanceof SecretKey)) { |
| 136 | String supplied = secretKey.getClass().getName(); | |
| 136 | String supplied = null; | |
| 137 | if (secretKey != null) { | |
| 138 | supplied = secretKey.getClass().getName(); | |
| 139 | } | |
| 137 | 140 | String needed = SecretKey.class.getName(); |
| 138 | 141 | Object exArgs[] = { supplied, needed }; |
| 139 | 142 | |
| 189 | 192 | * @throws XMLSignatureException |
| 190 | 193 | */ |
| 191 | 194 | protected void engineInitSign(Key secretKey) throws XMLSignatureException { |
| 192 | if (!(secretKey instanceof SecretKey)) { | |
| 193 | String supplied = secretKey.getClass().getName(); | |
| 194 | String needed = SecretKey.class.getName(); | |
| 195 | Object exArgs[] = { supplied, needed }; | |
| 196 | ||
| 197 | throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs); | |
| 198 | } | |
| 199 | ||
| 200 | try { | |
| 201 | this.macAlgorithm.init(secretKey); | |
| 202 | } catch (InvalidKeyException ex) { | |
| 203 | throw new XMLSignatureException("empty", ex); | |
| 204 | } | |
| 195 | engineInitSign(secretKey, (AlgorithmParameterSpec)null); | |
| 205 | 196 | } |
| 206 | 197 | |
| 207 | 198 | /** |
| 215 | 206 | Key secretKey, AlgorithmParameterSpec algorithmParameterSpec |
| 216 | 207 | ) throws XMLSignatureException { |
| 217 | 208 | if (!(secretKey instanceof SecretKey)) { |
| 218 | String supplied = secretKey.getClass().getName(); | |
| 209 | String supplied = null; | |
| 210 | if (secretKey != null) { | |
| 211 | supplied = secretKey.getClass().getName(); | |
| 212 | } | |
| 219 | 213 | String needed = SecretKey.class.getName(); |
| 220 | 214 | Object exArgs[] = { supplied, needed }; |
| 221 | 215 | |
| 223 | 217 | } |
| 224 | 218 | |
| 225 | 219 | try { |
| 226 | this.macAlgorithm.init(secretKey, algorithmParameterSpec); | |
| 220 | if (algorithmParameterSpec == null) { | |
| 221 | this.macAlgorithm.init(secretKey); | |
| 222 | } else { | |
| 223 | this.macAlgorithm.init(secretKey, algorithmParameterSpec); | |
| 224 | } | |
| 227 | 225 | } catch (InvalidKeyException ex) { |
| 228 | 226 | throw new XMLSignatureException("empty", ex); |
| 229 | 227 | } catch (InvalidAlgorithmParameterException ex) { |
+14
-16
| 95 | 95 | /** @inheritDoc */ |
| 96 | 96 | protected void engineInitVerify(Key publicKey) throws XMLSignatureException { |
| 97 | 97 | if (!(publicKey instanceof PublicKey)) { |
| 98 | String supplied = publicKey.getClass().getName(); | |
| 98 | String supplied = null; | |
| 99 | if (publicKey != null) { | |
| 100 | supplied = publicKey.getClass().getName(); | |
| 101 | } | |
| 99 | 102 | String needed = PublicKey.class.getName(); |
| 100 | 103 | Object exArgs[] = { supplied, needed }; |
| 101 | 104 | |
| 135 | 138 | protected void engineInitSign(Key privateKey, SecureRandom secureRandom) |
| 136 | 139 | throws XMLSignatureException { |
| 137 | 140 | if (!(privateKey instanceof PrivateKey)) { |
| 138 | String supplied = privateKey.getClass().getName(); | |
| 141 | String supplied = null; | |
| 142 | if (privateKey != null) { | |
| 143 | supplied = privateKey.getClass().getName(); | |
| 144 | } | |
| 139 | 145 | String needed = PrivateKey.class.getName(); |
| 140 | 146 | Object exArgs[] = { supplied, needed }; |
| 141 | 147 | |
| 143 | 149 | } |
| 144 | 150 | |
| 145 | 151 | try { |
| 146 | this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom); | |
| 152 | if (secureRandom == null) { | |
| 153 | this.signatureAlgorithm.initSign((PrivateKey) privateKey); | |
| 154 | } else { | |
| 155 | this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom); | |
| 156 | } | |
| 147 | 157 | } catch (InvalidKeyException ex) { |
| 148 | 158 | throw new XMLSignatureException("empty", ex); |
| 149 | 159 | } |
| 151 | 161 | |
| 152 | 162 | /** @inheritDoc */ |
| 153 | 163 | protected void engineInitSign(Key privateKey) throws XMLSignatureException { |
| 154 | if (!(privateKey instanceof PrivateKey)) { | |
| 155 | String supplied = privateKey.getClass().getName(); | |
| 156 | String needed = PrivateKey.class.getName(); | |
| 157 | Object exArgs[] = { supplied, needed }; | |
| 158 | ||
| 159 | throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs); | |
| 160 | } | |
| 161 | ||
| 162 | try { | |
| 163 | this.signatureAlgorithm.initSign((PrivateKey) privateKey); | |
| 164 | } catch (InvalidKeyException ex) { | |
| 165 | throw new XMLSignatureException("empty", ex); | |
| 166 | } | |
| 164 | engineInitSign(privateKey, (SecureRandom)null); | |
| 167 | 165 | } |
| 168 | 166 | |
| 169 | 167 | /** @inheritDoc */ |
+14
-17
| 122 | 122 | */ |
| 123 | 123 | protected void engineInitVerify(Key publicKey) throws XMLSignatureException { |
| 124 | 124 | if (!(publicKey instanceof PublicKey)) { |
| 125 | String supplied = publicKey.getClass().getName(); | |
| 125 | String supplied = null; | |
| 126 | if (publicKey != null) { | |
| 127 | supplied = publicKey.getClass().getName(); | |
| 128 | } | |
| 126 | 129 | String needed = PublicKey.class.getName(); |
| 127 | 130 | Object exArgs[] = { supplied, needed }; |
| 128 | 131 | |
| 171 | 174 | protected void engineInitSign(Key privateKey, SecureRandom secureRandom) |
| 172 | 175 | throws XMLSignatureException { |
| 173 | 176 | if (!(privateKey instanceof PrivateKey)) { |
| 174 | String supplied = privateKey.getClass().getName(); | |
| 177 | String supplied = null; | |
| 178 | if (privateKey != null) { | |
| 179 | supplied = privateKey.getClass().getName(); | |
| 180 | } | |
| 175 | 181 | String needed = PrivateKey.class.getName(); |
| 176 | 182 | Object exArgs[] = { supplied, needed }; |
| 177 | 183 | |
| 179 | 185 | } |
| 180 | 186 | |
| 181 | 187 | try { |
| 182 | this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom); | |
| 188 | if (secureRandom == null) { | |
| 189 | this.signatureAlgorithm.initSign((PrivateKey) privateKey); | |
| 190 | } else { | |
| 191 | this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom); | |
| 192 | } | |
| 183 | 193 | } catch (InvalidKeyException ex) { |
| 184 | 194 | throw new XMLSignatureException("empty", ex); |
| 185 | 195 | } |
| 190 | 200 | * @inheritDoc |
| 191 | 201 | */ |
| 192 | 202 | protected void engineInitSign(Key privateKey) throws XMLSignatureException { |
| 193 | if (!(privateKey instanceof PrivateKey)) { | |
| 194 | String supplied = privateKey.getClass().getName(); | |
| 195 | String needed = PrivateKey.class.getName(); | |
| 196 | Object exArgs[] = { supplied, needed }; | |
| 197 | ||
| 198 | throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs); | |
| 199 | } | |
| 200 | ||
| 201 | try { | |
| 202 | this.signatureAlgorithm.initSign((PrivateKey) privateKey); | |
| 203 | } catch (InvalidKeyException ex) { | |
| 204 | throw new XMLSignatureException("empty", ex); | |
| 205 | } | |
| 206 | size = ((DSAKey)privateKey).getParams().getQ().bitLength(); | |
| 203 | engineInitSign(privateKey, (SecureRandom)null); | |
| 207 | 204 | } |
| 208 | 205 | |
| 209 | 206 | /** |
+14
-16
| 235 | 235 | protected void engineInitVerify(Key publicKey) throws XMLSignatureException { |
| 236 | 236 | |
| 237 | 237 | if (!(publicKey instanceof PublicKey)) { |
| 238 | String supplied = publicKey.getClass().getName(); | |
| 238 | String supplied = null; | |
| 239 | if (publicKey != null) { | |
| 240 | supplied = publicKey.getClass().getName(); | |
| 241 | } | |
| 239 | 242 | String needed = PublicKey.class.getName(); |
| 240 | 243 | Object exArgs[] = { supplied, needed }; |
| 241 | 244 | |
| 279 | 282 | protected void engineInitSign(Key privateKey, SecureRandom secureRandom) |
| 280 | 283 | throws XMLSignatureException { |
| 281 | 284 | if (!(privateKey instanceof PrivateKey)) { |
| 282 | String supplied = privateKey.getClass().getName(); | |
| 285 | String supplied = null; | |
| 286 | if (privateKey != null) { | |
| 287 | supplied = privateKey.getClass().getName(); | |
| 288 | } | |
| 283 | 289 | String needed = PrivateKey.class.getName(); |
| 284 | 290 | Object exArgs[] = { supplied, needed }; |
| 285 | 291 | |
| 287 | 293 | } |
| 288 | 294 | |
| 289 | 295 | try { |
| 290 | this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom); | |
| 296 | if (secureRandom == null) { | |
| 297 | this.signatureAlgorithm.initSign((PrivateKey) privateKey); | |
| 298 | } else { | |
| 299 | this.signatureAlgorithm.initSign((PrivateKey) privateKey, secureRandom); | |
| 300 | } | |
| 291 | 301 | } catch (InvalidKeyException ex) { |
| 292 | 302 | throw new XMLSignatureException("empty", ex); |
| 293 | 303 | } |
| 295 | 305 | |
| 296 | 306 | /** @inheritDoc */ |
| 297 | 307 | protected void engineInitSign(Key privateKey) throws XMLSignatureException { |
| 298 | if (!(privateKey instanceof PrivateKey)) { | |
| 299 | String supplied = privateKey.getClass().getName(); | |
| 300 | String needed = PrivateKey.class.getName(); | |
| 301 | Object exArgs[] = { supplied, needed }; | |
| 302 | ||
| 303 | throw new XMLSignatureException("algorithms.WrongKeyForThisOperation", exArgs); | |
| 304 | } | |
| 305 | ||
| 306 | try { | |
| 307 | this.signatureAlgorithm.initSign((PrivateKey) privateKey); | |
| 308 | } catch (InvalidKeyException ex) { | |
| 309 | throw new XMLSignatureException("empty", ex); | |
| 310 | } | |
| 308 | engineInitSign(privateKey, (SecureRandom)null); | |
| 311 | 309 | } |
| 312 | 310 | |
| 313 | 311 | /** @inheritDoc */ |
| 3217 | 3217 | Element digestElement = |
| 3218 | 3218 | XMLUtils.createElementInSignatureSpace(contextDocument, Constants._TAG_DIGESTMETHOD); |
| 3219 | 3219 | digestElement.setAttributeNS(null, "Algorithm", digestAlgorithm); |
| 3220 | digestElement.setAttributeNS( | |
| 3221 | Constants.NamespaceSpecNS, | |
| 3222 | "xmlns:" + ElementProxy.getDefaultPrefix(Constants.SignatureSpecNS), | |
| 3223 | Constants.SignatureSpecNS | |
| 3224 | ); | |
| 3220 | 3225 | result.appendChild(digestElement); |
| 3221 | 3226 | } |
| 3222 | 3227 | if (mgfAlgorithm != null) { |
| 270 | 270 | Canonicalizer.getInstance(this.getCanonicalizationMethodURI()); |
| 271 | 271 | c14nizer.setSecureValidation(isSecureValidation()); |
| 272 | 272 | |
| 273 | this.c14nizedBytes = | |
| 274 | c14nizer.canonicalizeSubtree(getElement()); | |
| 273 | String inclusiveNamespaces = this.getInclusiveNamespaces(); | |
| 274 | if (inclusiveNamespaces == null) { | |
| 275 | this.c14nizedBytes = c14nizer.canonicalizeSubtree(getElement()); | |
| 276 | } else { | |
| 277 | this.c14nizedBytes = c14nizer.canonicalizeSubtree(getElement(), inclusiveNamespaces); | |
| 278 | } | |
| 275 | 279 | } |
| 276 | 280 | |
| 277 | 281 | // make defensive copy |
| 352 | 356 | return new SecretKeySpec(secretKeyBytes, this.signatureAlgorithm.getJCEAlgorithmString()); |
| 353 | 357 | } |
| 354 | 358 | |
| 355 | protected SignatureAlgorithm getSignatureAlgorithm() { | |
| 359 | public SignatureAlgorithm getSignatureAlgorithm() { | |
| 356 | 360 | return signatureAlgorithm; |
| 357 | 361 | } |
| 358 | 362 | |
+1
-4
| 139 | 139 | createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_dsig_KeyInfo, true, null); |
| 140 | 140 | |
| 141 | 141 | List<XMLSecAttribute> attributes = new ArrayList<XMLSecAttribute>(1); |
| 142 | String keyId = getEncryptionPartDef().getKeyId(); | |
| 143 | if (keyId == null) { | |
| 144 | keyId = IDGenerator.generateID("EK"); | |
| 145 | } | |
| 142 | String keyId = IDGenerator.generateID("EK"); | |
| 146 | 143 | attributes.add(createAttribute(XMLSecurityConstants.ATT_NULL_Id, keyId)); |
| 147 | 144 | createStartElementAndOutputAsEvent(outputProcessorChain, XMLSecurityConstants.TAG_xenc_EncryptedKey, true, attributes); |
| 148 | 145 |
| 133 | 133 | |
| 134 | 134 | kvks = new KeySelectors.KeyValueKeySelector(); |
| 135 | 135 | |
| 136 | rsaKeyPair = KeyPairGenerator.getInstance("RSA").genKeyPair(); | |
| 136 | KeyPairGenerator rsaKpg = KeyPairGenerator.getInstance("RSA"); | |
| 137 | rsaKpg.initialize(2048); | |
| 138 | rsaKeyPair = rsaKpg.genKeyPair(); | |
| 139 | ||
| 137 | 140 | ecKeyPair = KeyPairGenerator.getInstance("EC").genKeyPair(); |
| 138 | 141 | |
| 139 | 142 | KeyInfoFactory kifac = fac.getKeyInfoFactory(); |
+4
-1
| 75 | 75 | } |
| 76 | 76 | } |
| 77 | 77 | |
| 78 | rsaKeyPair = KeyPairGenerator.getInstance("RSA").genKeyPair(); | |
| 78 | KeyPairGenerator rsaKpg = KeyPairGenerator.getInstance("RSA"); | |
| 79 | rsaKpg.initialize(2048); | |
| 80 | rsaKeyPair = rsaKpg.genKeyPair(); | |
| 81 | ||
| 79 | 82 | ecKeyPair = KeyPairGenerator.getInstance("EC").genKeyPair(); |
| 80 | 83 | } |
| 81 | 84 |
| 35 | 35 | import org.apache.xml.security.c14n.Canonicalizer; |
| 36 | 36 | import org.apache.xml.security.keys.KeyInfo; |
| 37 | 37 | import org.apache.xml.security.signature.ObjectContainer; |
| 38 | import org.apache.xml.security.signature.SignedInfo; | |
| 39 | import org.apache.xml.security.signature.XMLSignature; | |
| 38 | 40 | import org.apache.xml.security.test.dom.DSNamespaceContext; |
| 39 | 41 | import org.apache.xml.security.transforms.Transforms; |
| 40 | 42 | import org.apache.xml.security.transforms.params.XPath2FilterContainer; |
| 41 | 43 | import org.apache.xml.security.transforms.params.XPathContainer; |
| 42 | import org.apache.xml.security.signature.XMLSignature; | |
| 43 | 44 | import org.apache.xml.security.utils.Constants; |
| 44 | 45 | import org.apache.xml.security.utils.ElementProxy; |
| 45 | 46 | import org.apache.xml.security.utils.XMLUtils; |
| 204 | 205 | XMLSignature signature = new XMLSignature(sigElement, ""); |
| 205 | 206 | assertTrue(signature.checkSignatureValue(ks.getCertificate("test").getPublicKey())); |
| 206 | 207 | } |
| 208 | ||
| 209 | @org.junit.Test | |
| 210 | public void testCanonicalizedOctetStream() throws Exception { | |
| 211 | String signedXML = doSign(); | |
| 212 | ||
| 213 | org.w3c.dom.Document doc = db.parse(new ByteArrayInputStream(signedXML.getBytes())); | |
| 214 | ||
| 215 | XPathFactory xpf = XPathFactory.newInstance(); | |
| 216 | XPath xpath = xpf.newXPath(); | |
| 217 | xpath.setNamespaceContext(new DSNamespaceContext()); | |
| 218 | ||
| 219 | String expression = "//ds:Signature[1]"; | |
| 220 | Element sigElement = | |
| 221 | (Element) xpath.evaluate(expression, doc, XPathConstants.NODE); | |
| 222 | ||
| 223 | XMLSignature signature = new XMLSignature(sigElement, ""); | |
| 224 | KeyInfo ki = signature.getKeyInfo(); | |
| 225 | ||
| 226 | if (ki == null) { | |
| 227 | throw new RuntimeException("No keyinfo"); | |
| 228 | } | |
| 229 | PublicKey pk = signature.getKeyInfo().getPublicKey(); | |
| 230 | ||
| 231 | if (pk == null) { | |
| 232 | throw new RuntimeException("No public key"); | |
| 233 | } | |
| 234 | ||
| 235 | SignedInfo si = signature.getSignedInfo(); | |
| 236 | SignatureAlgorithm sa = si.getSignatureAlgorithm(); | |
| 237 | sa.initVerify(pk); | |
| 238 | ||
| 239 | byte[] sigBytes = signature.getSignatureValue(); | |
| 240 | ||
| 241 | byte[] canonicalizedBytes = si.getCanonicalizedOctetStream(); | |
| 242 | sa.update(canonicalizedBytes, 0, canonicalizedBytes.length); | |
| 243 | ||
| 244 | assertTrue(sa.verify(sigBytes)); | |
| 245 | assertTrue(si.verify(false)); | |
| 246 | } | |
| 247 | ||
| 207 | 248 | |
| 208 | 249 | private String doSign() throws Exception { |
| 209 | 250 | PrivateKey privateKey = kp.getPrivate(); |
+10
-3
| 17 | 17 | */ |
| 18 | 18 | package org.apache.xml.security.test.stax.c14n; |
| 19 | 19 | |
| 20 | import org.apache.xml.security.test.stax.utils.UnixInputStream; | |
| 20 | 21 | import org.junit.Test; |
| 21 | 22 | |
| 22 | 23 | import org.apache.xml.security.stax.ext.stax.XMLSecEvent; |
| 37 | 38 | |
| 38 | 39 | /** |
| 39 | 40 | * @author $Author: giger $ |
| 40 | * @version $Revision: 1399606 $ $Date: 2012-10-18 14:17:41 +0200 (Thu, 18 Oct 2012) $ | |
| 41 | * @version $Revision: 1612074 $ $Date: 2014-07-20 13:02:41 +0200 (Sun, 20 Jul 2014) $ | |
| 41 | 42 | */ |
| 42 | 43 | public class Canonicalizer20010315Test extends org.junit.Assert { |
| 43 | 44 | |
| 392 | 393 | |
| 393 | 394 | byte[] reference = |
| 394 | 395 | getBytesFromResource(this.getClass().getClassLoader().getResource( |
| 395 | "org/apache/xml/security/c14n/in/default_ns_redefinition_c14n.xml")); | |
| 396 | "org/apache/xml/security/c14n/in/default_ns_redefinition_c14n.xml"), true); | |
| 396 | 397 | boolean equals = java.security.MessageDigest.isEqual(reference, baos.toByteArray()); |
| 397 | 398 | |
| 398 | 399 | if (!equals) { |
| 717 | 718 | assertTrue(result); |
| 718 | 719 | } |
| 719 | 720 | |
| 720 | ||
| 721 | 721 | public static byte[] getBytesFromResource(URL resource) throws IOException { |
| 722 | return getBytesFromResource(resource, false); | |
| 723 | } | |
| 724 | ||
| 725 | public static byte[] getBytesFromResource(URL resource, boolean unix) throws IOException { | |
| 722 | 726 | |
| 723 | 727 | ByteArrayOutputStream baos = new ByteArrayOutputStream(); |
| 724 | 728 | InputStream inputStream = resource.openStream(); |
| 729 | if (unix) { | |
| 730 | inputStream = new UnixInputStream(inputStream); | |
| 731 | } | |
| 725 | 732 | try { |
| 726 | 733 | byte buf[] = new byte[1024]; |
| 727 | 734 | int len; |
+62
-0
| 587 | 587 | } |
| 588 | 588 | |
| 589 | 589 | @Test |
| 590 | public void testEncryptedKeyMultipleElements() throws Exception { | |
| 591 | // Set up the Configuration | |
| 592 | XMLSecurityProperties properties = new XMLSecurityProperties(); | |
| 593 | List<XMLSecurityConstants.Action> actions = new ArrayList<XMLSecurityConstants.Action>(); | |
| 594 | actions.add(XMLSecurityConstants.ENCRYPT); | |
| 595 | properties.setActions(actions); | |
| 596 | ||
| 597 | // Set the key up | |
| 598 | // Generate an RSA key | |
| 599 | KeyPairGenerator rsaKeygen = KeyPairGenerator.getInstance("RSA"); | |
| 600 | KeyPair kp = rsaKeygen.generateKeyPair(); | |
| 601 | PrivateKey priv = kp.getPrivate(); | |
| 602 | PublicKey pub = kp.getPublic(); | |
| 603 | properties.setEncryptionTransportKey(pub); | |
| 604 | properties.setEncryptionKeyTransportAlgorithm("http://www.w3.org/2001/04/xmlenc#rsa-1_5"); | |
| 605 | ||
| 606 | KeyGenerator keygen = KeyGenerator.getInstance("AES"); | |
| 607 | keygen.init(256); | |
| 608 | SecretKey key = keygen.generateKey(); | |
| 609 | properties.setEncryptionKey(key); | |
| 610 | properties.setEncryptionSymAlgorithm("http://www.w3.org/2001/04/xmlenc#aes256-cbc"); | |
| 611 | properties.setEncryptionKeyIdentifier(SecurityTokenConstants.KeyIdentifier_KeyValue); | |
| 612 | ||
| 613 | SecurePart securePart = | |
| 614 | new SecurePart(new QName("urn:example:po", "PaymentInfo"), SecurePart.Modifier.Content); | |
| 615 | properties.addEncryptionPart(securePart); | |
| 616 | securePart = | |
| 617 | new SecurePart(new QName("urn:example:po", "ShippingAddress"), SecurePart.Modifier.Content); | |
| 618 | properties.addEncryptionPart(securePart); | |
| 619 | ||
| 620 | OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties); | |
| 621 | ByteArrayOutputStream baos = new ByteArrayOutputStream(); | |
| 622 | XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, "UTF-8"); | |
| 623 | ||
| 624 | InputStream sourceDocument = | |
| 625 | this.getClass().getClassLoader().getResourceAsStream( | |
| 626 | "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml"); | |
| 627 | XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(sourceDocument); | |
| 628 | ||
| 629 | XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter); | |
| 630 | xmlStreamWriter.close(); | |
| 631 | ||
| 632 | // System.out.println("Got:\n" + new String(baos.toByteArray(), "UTF-8")); | |
| 633 | ||
| 634 | Document document = | |
| 635 | XMLUtils.createDocumentBuilder(false).parse(new ByteArrayInputStream(baos.toByteArray())); | |
| 636 | ||
| 637 | // Check the CreditCard encrypted ok | |
| 638 | NodeList nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard"); | |
| 639 | Assert.assertEquals(nodeList.getLength(), 0); | |
| 640 | ||
| 641 | nodeList = document.getElementsByTagNameNS( | |
| 642 | XMLSecurityConstants.TAG_xenc_EncryptedData.getNamespaceURI(), | |
| 643 | XMLSecurityConstants.TAG_xenc_EncryptedData.getLocalPart() | |
| 644 | ); | |
| 645 | Assert.assertEquals(nodeList.getLength(), 2); | |
| 646 | ||
| 647 | // Decrypt using DOM API | |
| 648 | decryptUsingDOM("http://www.w3.org/2001/04/xmlenc#tripledes-cbc", null, priv, document); | |
| 649 | } | |
| 650 | ||
| 651 | @Test | |
| 590 | 652 | public void testEncryptedKeyIssuerSerialReference() throws Exception { |
| 591 | 653 | // Set up the Configuration |
| 592 | 654 | XMLSecurityProperties properties = new XMLSecurityProperties(); |
+4
-1
| 72 | 72 | } |
| 73 | 73 | } |
| 74 | 74 | |
| 75 | rsaKeyPair = KeyPairGenerator.getInstance("RSA").genKeyPair(); | |
| 75 | KeyPairGenerator rsaKpg = KeyPairGenerator.getInstance("RSA"); | |
| 76 | rsaKpg.initialize(2048); | |
| 77 | rsaKeyPair = rsaKpg.genKeyPair(); | |
| 78 | ||
| 76 | 79 | ecKeyPair = KeyPairGenerator.getInstance("EC").genKeyPair(); |
| 77 | 80 | } |
| 78 | 81 |
+4
-1
| 85 | 85 | } |
| 86 | 86 | } |
| 87 | 87 | |
| 88 | rsaKeyPair = KeyPairGenerator.getInstance("RSA").genKeyPair(); | |
| 88 | KeyPairGenerator rsaKpg = KeyPairGenerator.getInstance("RSA"); | |
| 89 | rsaKpg.initialize(2048); | |
| 90 | rsaKeyPair = rsaKpg.genKeyPair(); | |
| 91 | ||
| 89 | 92 | ecKeyPair = KeyPairGenerator.getInstance("EC").genKeyPair(); |
| 90 | 93 | } |
| 91 | 94 |
+7
-6
| 24 | 24 | import org.apache.xml.security.stax.ext.XMLSecurityUtils; |
| 25 | 25 | import org.apache.xml.security.stax.ext.stax.XMLSecEvent; |
| 26 | 26 | import org.apache.xml.security.stax.impl.transformer.TransformIdentity; |
| 27 | import org.apache.xml.security.test.stax.utils.UnixInputStream; | |
| 27 | 28 | import org.apache.xml.security.test.stax.utils.XMLSecEventAllocator; |
| 28 | 29 | import org.junit.Assert; |
| 29 | 30 | import org.junit.Before; |
| 43 | 44 | import java.util.Map; |
| 44 | 45 | |
| 45 | 46 | /** |
| 46 | * @author $Author: coheigea $ | |
| 47 | * @version $Revision: 1584089 $ $Date: 2014-04-02 18:46:35 +0200 (Wed, 02 Apr 2014) $ | |
| 47 | * @author $Author: giger $ | |
| 48 | * @version $Revision: 1612074 $ $Date: 2014-07-20 13:02:41 +0200 (Sun, 20 Jul 2014) $ | |
| 48 | 49 | */ |
| 49 | 50 | public class TransformIdentityTest extends org.junit.Assert { |
| 50 | 51 | |
| 230 | 231 | final ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(); |
| 231 | 232 | transformIdentity.setOutputStream(byteArrayOutputStream); |
| 232 | 233 | |
| 233 | transformIdentity.transform(this.getClass().getClassLoader().getResourceAsStream( | |
| 234 | "ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/xml-stylesheet.b64")); | |
| 234 | transformIdentity.transform(new UnixInputStream(this.getClass().getClassLoader().getResourceAsStream( | |
| 235 | "ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/xml-stylesheet.b64"))); | |
| 235 | 236 | |
| 236 | 237 | Assert.assertEquals(17786, byteArrayOutputStream.size()); |
| 237 | 238 | } |
| 276 | 277 | |
| 277 | 278 | transformIdentity.setTransformer(transformer); |
| 278 | 279 | |
| 279 | transformIdentity.transform(this.getClass().getClassLoader().getResourceAsStream( | |
| 280 | "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext-base64.xml")); | |
| 280 | transformIdentity.transform(new UnixInputStream(this.getClass().getClassLoader().getResourceAsStream( | |
| 281 | "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext-base64.xml"))); | |
| 281 | 282 | |
| 282 | 283 | transformIdentity.doFinal(); |
| 283 | 284 | |
| 0 | /** | |
| 1 | * Licensed to the Apache Software Foundation (ASF) under one | |
| 2 | * or more contributor license agreements. See the NOTICE file | |
| 3 | * distributed with this work for additional information | |
| 4 | * regarding copyright ownership. The ASF licenses this file | |
| 5 | * to you under the Apache License, Version 2.0 (the | |
| 6 | * "License"); you may not use this file except in compliance | |
| 7 | * with the License. You may obtain a copy of the License at | |
| 8 | * | |
| 9 | * http://www.apache.org/licenses/LICENSE-2.0 | |
| 10 | * | |
| 11 | * Unless required by applicable law or agreed to in writing, | |
| 12 | * software distributed under the License is distributed on an | |
| 13 | * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |
| 14 | * KIND, either express or implied. See the License for the | |
| 15 | * specific language governing permissions and limitations | |
| 16 | * under the License. | |
| 17 | */ | |
| 18 | package org.apache.xml.security.test.stax.utils; | |
| 19 | ||
| 20 | import java.io.IOException; | |
| 21 | import java.io.InputStream; | |
| 22 | ||
| 23 | /** | |
| 24 | * Simple and stupid dos/windows to unix line ending converter. | |
| 25 | * It's used to convert testdata to unix style independent on the | |
| 26 | * platform running on. This is just a workaround for "svn:eol-style" set | |
| 27 | * to native | |
| 28 | * | |
| 29 | * It's inefficient and simply suppresses the output of '\r' which | |
| 30 | * is not correct in every case. So do not use it in productive code. | |
| 31 | * | |
| 32 | * @author $Author: giger $ | |
| 33 | * @version $Revision: 1612074 $ $Date: 2014-07-20 13:02:41 +0200 (Sun, 20 Jul 2014) $ | |
| 34 | */ | |
| 35 | public class UnixInputStream extends InputStream { | |
| 36 | ||
| 37 | private InputStream inputStream; | |
| 38 | ||
| 39 | public UnixInputStream(InputStream in) { | |
| 40 | super(); | |
| 41 | this.inputStream = in; | |
| 42 | } | |
| 43 | ||
| 44 | @Override | |
| 45 | public int read() throws IOException { | |
| 46 | int read = inputStream.read(); | |
| 47 | if (read == '\r') { | |
| 48 | return inputStream.read(); | |
| 49 | } | |
| 50 | return read; | |
| 51 | } | |
| 52 | } |