/** * Test that signs (twice) and verifies a WS-Security envelope. The test uses the ThumbprintSHA1 * key identifier type. * * <p> * * @throws java.lang.Exception Thrown when there is any problem in signing or verification */ public void testDoubleX509SignatureThumb() throws Exception { WSSecSignature builder = new WSSecSignature(); builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security"); // builder.setUserInfo("john", "keypass"); builder.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER); Document doc = unsignedEnvelope.getAsDocument(); WSSecHeader secHeader = new WSSecHeader(); secHeader.insertSecurityHeader(doc); Document signedDoc = builder.build(doc, crypto, secHeader); Document signedDoc1 = builder.build(signedDoc, crypto, secHeader); verify(signedDoc1); }
@Before public void setUp() throws Exception { MockitoAnnotations.initMocks(this); initXpath(); doc = XmlUtils.parseXml(TestUtils.SAMPLE_SOAP_MESSAGE); secHeader = new WSSecHeader(); secHeader.insertSecurityHeader(doc); manualSAMLentry = new ManualSAMLEntry(); manualSAMLentry.init(wssEntryConfigMock, outgoingWssMock); when(wssEntryConfigMock.getConfiguration()).thenReturn(xmlObjectMock); when(contextMock.expand(TestUtils.SAMPLE_SAML_1_ASSERTION)) .thenReturn(TestUtils.SAMPLE_SAML_1_ASSERTION); }
/** * Test that first signs, then encrypts a WS-Security envelope. * * <p> * * @throws Exception Thrown when there is any problem in signing, encryption, decryption, or * verification */ public void testEncryptedKeySignature() throws Exception { SOAPEnvelope unsignedEnvelope = message.getSOAPEnvelope(); LOG.info("Before Sign/Encryption...."); Document doc = unsignedEnvelope.getAsDocument(); WSSecHeader secHeader = new WSSecHeader(); secHeader.insertSecurityHeader(doc); WSSecEncryptedKey encrKey = new WSSecEncryptedKey(); encrKey.setKeyIdentifierType(WSConstants.ISSUER_SERIAL); encrKey.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security"); encrKey.setKeySize(192); encrKey.prepare(doc, crypto); WSSecEncrypt encrypt = new WSSecEncrypt(); encrypt.setEncKeyId(encrKey.getId()); encrypt.setEphemeralKey(encrKey.getEphemeralKey()); encrypt.setSymmetricEncAlgorithm(WSConstants.TRIPLE_DES); encrypt.setEncryptSymmKey(false); encrypt.setEncryptedKeyElement(encrKey.getEncryptedKeyElement()); WSSecSignature sign = new WSSecSignature(); sign.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING); sign.setCustomTokenId(encrKey.getId()); sign.setSecretKey(encrKey.getEphemeralKey()); sign.setSignatureAlgorithm(SignatureMethod.HMAC_SHA1); Document signedDoc = sign.build(doc, crypto, secHeader); Document encryptedSignedDoc = encrypt.build(signedDoc, crypto, secHeader); if (LOG.isDebugEnabled()) { LOG.debug("Signed and encrypted message with IssuerSerial key identifier (both), 3DES:"); String outputString = org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedSignedDoc); LOG.debug(outputString); } LOG.info("After Sign/Encryption...."); verify(encryptedSignedDoc); }
/** * Test that encrypts and decrypts a WS-Security envelope. The test uses the ThumbprintSHA1 key * identifier type. * * <p> * * @throws java.lang.Exception Thrown when there is any problem in encryption or decryption */ public void testX509EncryptionThumb() throws Exception { WSSecEncrypt builder = new WSSecEncrypt(); builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security"); builder.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER); LOG.info("Before Encrypting ThumbprintSHA1...."); Document doc = unsignedEnvelope.getAsDocument(); WSSecHeader secHeader = new WSSecHeader(); secHeader.insertSecurityHeader(doc); Document encryptedDoc = builder.build(doc, crypto, secHeader); String outputString = org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc); if (LOG.isDebugEnabled()) { LOG.debug("Encrypted message with THUMBPRINT_IDENTIFIER:"); LOG.debug(outputString); } assertTrue(outputString.indexOf("#ThumbprintSHA1") != -1); LOG.info("After Encrypting ThumbprintSHA1...."); verify(encryptedDoc); }
/** * Test that signs and verifies a WS-Security envelope. The test uses the ThumbprintSHA1 key * identifier type. * * <p> * * @throws java.lang.Exception Thrown when there is any problem in signing or verification */ public void testX509SignatureThumb() throws Exception { WSSecSignature builder = new WSSecSignature(); builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security"); builder.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER); // builder.setUserInfo("john", "keypass"); LOG.info("Before Signing ThumbprintSHA1...."); Document doc = unsignedEnvelope.getAsDocument(); WSSecHeader secHeader = new WSSecHeader(); secHeader.insertSecurityHeader(doc); Document signedDoc = builder.build(doc, crypto, secHeader); if (LOG.isDebugEnabled()) { LOG.debug("Signed message with ThumbprintSHA1 key identifier:"); String outputString = org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc); LOG.debug(outputString); } LOG.info("After Signing ThumbprintSHA1...."); verify(signedDoc); }
/** * Test that encrypts using EncryptedKeySHA1, where it uses a symmetric key (bytes), rather than a * generated session key which is then encrypted using a public key. * * @throws java.lang.Exception Thrown when there is any problem in encryption or decryption */ public void testEncryptionSHA1SymmetricBytes() throws Exception { WSSecEncrypt builder = new WSSecEncrypt(); builder.setKeyIdentifierType(WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER); builder.setEphemeralKey(keyData); builder.setEncryptSymmKey(false); builder.setUseKeyIdentifier(true); LOG.info("Before Encrypting EncryptedKeySHA1...."); Document doc = unsignedEnvelope.getAsDocument(); WSSecHeader secHeader = new WSSecHeader(); secHeader.insertSecurityHeader(doc); Document encryptedDoc = builder.build(doc, crypto, secHeader); String outputString = org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc); if (LOG.isDebugEnabled()) { LOG.debug("Encrypted message with ENCRYPTED_KEY_SHA1_IDENTIFIER:"); LOG.debug(outputString); } assertTrue(outputString.indexOf("#EncryptedKeySHA1") != -1); LOG.info("After Encrypting EncryptedKeySHA1...."); verify(encryptedDoc); }