Ejemplo n.º 1
0
  /**
   * Test that signs (twice) and verifies a WS-Security envelope. The test uses the ThumbprintSHA1
   * key identifier type.
   *
   * <p>
   *
   * @throws java.lang.Exception Thrown when there is any problem in signing or verification
   */
  public void testDoubleX509SignatureThumb() throws Exception {
    WSSecSignature builder = new WSSecSignature();
    builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
    // builder.setUserInfo("john", "keypass");
    builder.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
    Document doc = unsignedEnvelope.getAsDocument();

    WSSecHeader secHeader = new WSSecHeader();
    secHeader.insertSecurityHeader(doc);

    Document signedDoc = builder.build(doc, crypto, secHeader);
    Document signedDoc1 = builder.build(signedDoc, crypto, secHeader);
    verify(signedDoc1);
  }
Ejemplo n.º 2
0
  /**
   * Test that first signs, then encrypts a WS-Security envelope.
   *
   * <p>
   *
   * @throws Exception Thrown when there is any problem in signing, encryption, decryption, or
   *     verification
   */
  public void testEncryptedKeySignature() throws Exception {

    SOAPEnvelope unsignedEnvelope = message.getSOAPEnvelope();
    LOG.info("Before Sign/Encryption....");
    Document doc = unsignedEnvelope.getAsDocument();

    WSSecHeader secHeader = new WSSecHeader();
    secHeader.insertSecurityHeader(doc);

    WSSecEncryptedKey encrKey = new WSSecEncryptedKey();
    encrKey.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
    encrKey.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
    encrKey.setKeySize(192);
    encrKey.prepare(doc, crypto);

    WSSecEncrypt encrypt = new WSSecEncrypt();
    encrypt.setEncKeyId(encrKey.getId());
    encrypt.setEphemeralKey(encrKey.getEphemeralKey());
    encrypt.setSymmetricEncAlgorithm(WSConstants.TRIPLE_DES);
    encrypt.setEncryptSymmKey(false);
    encrypt.setEncryptedKeyElement(encrKey.getEncryptedKeyElement());

    WSSecSignature sign = new WSSecSignature();
    sign.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
    sign.setCustomTokenId(encrKey.getId());
    sign.setSecretKey(encrKey.getEphemeralKey());
    sign.setSignatureAlgorithm(SignatureMethod.HMAC_SHA1);

    Document signedDoc = sign.build(doc, crypto, secHeader);
    Document encryptedSignedDoc = encrypt.build(signedDoc, crypto, secHeader);

    if (LOG.isDebugEnabled()) {
      LOG.debug("Signed and encrypted message with IssuerSerial key identifier (both), 3DES:");
      String outputString =
          org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedSignedDoc);
      LOG.debug(outputString);
    }

    LOG.info("After Sign/Encryption....");
    verify(encryptedSignedDoc);
  }
Ejemplo n.º 3
0
  /**
   * Test that encrypts and decrypts a WS-Security envelope. The test uses the ThumbprintSHA1 key
   * identifier type.
   *
   * <p>
   *
   * @throws java.lang.Exception Thrown when there is any problem in encryption or decryption
   */
  public void testX509EncryptionThumb() throws Exception {
    WSSecEncrypt builder = new WSSecEncrypt();
    builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
    builder.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);

    LOG.info("Before Encrypting ThumbprintSHA1....");
    Document doc = unsignedEnvelope.getAsDocument();
    WSSecHeader secHeader = new WSSecHeader();
    secHeader.insertSecurityHeader(doc);
    Document encryptedDoc = builder.build(doc, crypto, secHeader);

    String outputString = org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc);
    if (LOG.isDebugEnabled()) {
      LOG.debug("Encrypted message with THUMBPRINT_IDENTIFIER:");
      LOG.debug(outputString);
    }
    assertTrue(outputString.indexOf("#ThumbprintSHA1") != -1);

    LOG.info("After Encrypting ThumbprintSHA1....");
    verify(encryptedDoc);
  }
Ejemplo n.º 4
0
  /**
   * Test that signs and verifies a WS-Security envelope. The test uses the ThumbprintSHA1 key
   * identifier type.
   *
   * <p>
   *
   * @throws java.lang.Exception Thrown when there is any problem in signing or verification
   */
  public void testX509SignatureThumb() throws Exception {
    WSSecSignature builder = new WSSecSignature();
    builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
    builder.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
    // builder.setUserInfo("john", "keypass");
    LOG.info("Before Signing ThumbprintSHA1....");
    Document doc = unsignedEnvelope.getAsDocument();

    WSSecHeader secHeader = new WSSecHeader();
    secHeader.insertSecurityHeader(doc);

    Document signedDoc = builder.build(doc, crypto, secHeader);

    if (LOG.isDebugEnabled()) {
      LOG.debug("Signed message with ThumbprintSHA1 key identifier:");
      String outputString = org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
      LOG.debug(outputString);
    }
    LOG.info("After Signing ThumbprintSHA1....");
    verify(signedDoc);
  }
Ejemplo n.º 5
0
  /**
   * Test that encrypts using EncryptedKeySHA1, where it uses a symmetric key (bytes), rather than a
   * generated session key which is then encrypted using a public key.
   *
   * @throws java.lang.Exception Thrown when there is any problem in encryption or decryption
   */
  public void testEncryptionSHA1SymmetricBytes() throws Exception {
    WSSecEncrypt builder = new WSSecEncrypt();
    builder.setKeyIdentifierType(WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER);
    builder.setEphemeralKey(keyData);
    builder.setEncryptSymmKey(false);
    builder.setUseKeyIdentifier(true);

    LOG.info("Before Encrypting EncryptedKeySHA1....");
    Document doc = unsignedEnvelope.getAsDocument();
    WSSecHeader secHeader = new WSSecHeader();
    secHeader.insertSecurityHeader(doc);
    Document encryptedDoc = builder.build(doc, crypto, secHeader);

    String outputString = org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc);
    if (LOG.isDebugEnabled()) {
      LOG.debug("Encrypted message with ENCRYPTED_KEY_SHA1_IDENTIFIER:");
      LOG.debug(outputString);
    }
    assertTrue(outputString.indexOf("#EncryptedKeySHA1") != -1);

    LOG.info("After Encrypting EncryptedKeySHA1....");
    verify(encryptedDoc);
  }
Ejemplo n.º 6
0
  @Before
  public void setUp() throws Exception {
    MockitoAnnotations.initMocks(this);

    initXpath();

    doc = XmlUtils.parseXml(TestUtils.SAMPLE_SOAP_MESSAGE);

    secHeader = new WSSecHeader();
    secHeader.insertSecurityHeader(doc);

    manualSAMLentry = new ManualSAMLEntry();

    manualSAMLentry.init(wssEntryConfigMock, outgoingWssMock);

    when(wssEntryConfigMock.getConfiguration()).thenReturn(xmlObjectMock);
    when(contextMock.expand(TestUtils.SAMPLE_SAML_1_ASSERTION))
        .thenReturn(TestUtils.SAMPLE_SAML_1_ASSERTION);
  }