Пример #1
0
  /**
   * Test that encrypts using EncryptedKeySHA1, where it uses a symmetric key, rather than a
   * generated session key which is then encrypted using a public key. The request is generated
   * using WSHandler, instead of coding it.
   *
   * @throws java.lang.Exception Thrown when there is any problem in encryption or decryption
   */
  public void testEncryptionSHA1SymmetricBytesHandler() throws Exception {
    final WSSConfig cfg = WSSConfig.getNewInstance();
    final RequestData reqData = new RequestData();
    reqData.setWssConfig(cfg);
    java.util.Map messageContext = new java.util.TreeMap();
    messageContext.put(WSHandlerConstants.ENC_SYM_ENC_KEY, "false");
    messageContext.put(WSHandlerConstants.ENC_KEY_ID, "EncryptedKeySHA1");
    messageContext.put(WSHandlerConstants.PW_CALLBACK_REF, this);
    reqData.setMsgContext(messageContext);
    reqData.setUsername("");

    final java.util.Vector actions = new java.util.Vector();
    actions.add(new Integer(WSConstants.ENCR));

    Document doc = unsignedEnvelope.getAsDocument();
    MyHandler handler = new MyHandler();
    handler.send(WSConstants.ENCR, doc, reqData, actions, true);

    String outputString = org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
    if (LOG.isDebugEnabled()) {
      LOG.debug(outputString);
    }

    verify(doc);
  }
Пример #2
0
 /**
  * Verifies the soap envelope
  *
  * <p>
  *
  * @param doc
  * @throws Exception Thrown when there is a problem in verification
  */
 private void verify(Document doc) throws Exception {
   secEngine.processSecurityHeader(doc, null, this, crypto);
   if (LOG.isDebugEnabled()) {
     LOG.debug("Verfied and decrypted message:");
     String outputString = org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
     LOG.debug(outputString);
   }
 }
Пример #3
0
  /**
   * Test that first signs, then encrypts a WS-Security envelope.
   *
   * <p>
   *
   * @throws Exception Thrown when there is any problem in signing, encryption, decryption, or
   *     verification
   */
  public void testEncryptedKeySignature() throws Exception {

    SOAPEnvelope unsignedEnvelope = message.getSOAPEnvelope();
    LOG.info("Before Sign/Encryption....");
    Document doc = unsignedEnvelope.getAsDocument();

    WSSecHeader secHeader = new WSSecHeader();
    secHeader.insertSecurityHeader(doc);

    WSSecEncryptedKey encrKey = new WSSecEncryptedKey();
    encrKey.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
    encrKey.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
    encrKey.setKeySize(192);
    encrKey.prepare(doc, crypto);

    WSSecEncrypt encrypt = new WSSecEncrypt();
    encrypt.setEncKeyId(encrKey.getId());
    encrypt.setEphemeralKey(encrKey.getEphemeralKey());
    encrypt.setSymmetricEncAlgorithm(WSConstants.TRIPLE_DES);
    encrypt.setEncryptSymmKey(false);
    encrypt.setEncryptedKeyElement(encrKey.getEncryptedKeyElement());

    WSSecSignature sign = new WSSecSignature();
    sign.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
    sign.setCustomTokenId(encrKey.getId());
    sign.setSecretKey(encrKey.getEphemeralKey());
    sign.setSignatureAlgorithm(SignatureMethod.HMAC_SHA1);

    Document signedDoc = sign.build(doc, crypto, secHeader);
    Document encryptedSignedDoc = encrypt.build(signedDoc, crypto, secHeader);

    if (LOG.isDebugEnabled()) {
      LOG.debug("Signed and encrypted message with IssuerSerial key identifier (both), 3DES:");
      String outputString =
          org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedSignedDoc);
      LOG.debug(outputString);
    }

    LOG.info("After Sign/Encryption....");
    verify(encryptedSignedDoc);
  }
Пример #4
0
  /**
   * Test that encrypts and decrypts a WS-Security envelope. The test uses the ThumbprintSHA1 key
   * identifier type.
   *
   * <p>
   *
   * @throws java.lang.Exception Thrown when there is any problem in encryption or decryption
   */
  public void testX509EncryptionThumb() throws Exception {
    WSSecEncrypt builder = new WSSecEncrypt();
    builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
    builder.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);

    LOG.info("Before Encrypting ThumbprintSHA1....");
    Document doc = unsignedEnvelope.getAsDocument();
    WSSecHeader secHeader = new WSSecHeader();
    secHeader.insertSecurityHeader(doc);
    Document encryptedDoc = builder.build(doc, crypto, secHeader);

    String outputString = org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc);
    if (LOG.isDebugEnabled()) {
      LOG.debug("Encrypted message with THUMBPRINT_IDENTIFIER:");
      LOG.debug(outputString);
    }
    assertTrue(outputString.indexOf("#ThumbprintSHA1") != -1);

    LOG.info("After Encrypting ThumbprintSHA1....");
    verify(encryptedDoc);
  }
Пример #5
0
  /**
   * Test that signs and verifies a WS-Security envelope. The test uses the ThumbprintSHA1 key
   * identifier type.
   *
   * <p>
   *
   * @throws java.lang.Exception Thrown when there is any problem in signing or verification
   */
  public void testX509SignatureThumb() throws Exception {
    WSSecSignature builder = new WSSecSignature();
    builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
    builder.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
    // builder.setUserInfo("john", "keypass");
    LOG.info("Before Signing ThumbprintSHA1....");
    Document doc = unsignedEnvelope.getAsDocument();

    WSSecHeader secHeader = new WSSecHeader();
    secHeader.insertSecurityHeader(doc);

    Document signedDoc = builder.build(doc, crypto, secHeader);

    if (LOG.isDebugEnabled()) {
      LOG.debug("Signed message with ThumbprintSHA1 key identifier:");
      String outputString = org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
      LOG.debug(outputString);
    }
    LOG.info("After Signing ThumbprintSHA1....");
    verify(signedDoc);
  }
Пример #6
0
  /**
   * Test that encrypts using EncryptedKeySHA1, where it uses a symmetric key (bytes), rather than a
   * generated session key which is then encrypted using a public key.
   *
   * @throws java.lang.Exception Thrown when there is any problem in encryption or decryption
   */
  public void testEncryptionSHA1SymmetricBytes() throws Exception {
    WSSecEncrypt builder = new WSSecEncrypt();
    builder.setKeyIdentifierType(WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER);
    builder.setEphemeralKey(keyData);
    builder.setEncryptSymmKey(false);
    builder.setUseKeyIdentifier(true);

    LOG.info("Before Encrypting EncryptedKeySHA1....");
    Document doc = unsignedEnvelope.getAsDocument();
    WSSecHeader secHeader = new WSSecHeader();
    secHeader.insertSecurityHeader(doc);
    Document encryptedDoc = builder.build(doc, crypto, secHeader);

    String outputString = org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc);
    if (LOG.isDebugEnabled()) {
      LOG.debug("Encrypted message with ENCRYPTED_KEY_SHA1_IDENTIFIER:");
      LOG.debug(outputString);
    }
    assertTrue(outputString.indexOf("#EncryptedKeySHA1") != -1);

    LOG.info("After Encrypting EncryptedKeySHA1....");
    verify(encryptedDoc);
  }