Search in sources :

Example 46 with InboundXMLSec

use of org.apache.xml.security.stax.ext.InboundXMLSec in project santuario-java by apache.

the class BaltimoreTest method test_signature_x509_sn_18.

// See SANTUARIO-319
@Test
public void test_signature_x509_sn_18() throws Exception {
    Proxy proxy = HttpRequestRedirectorProxy.startHttpEngine();
    try {
        ResolverHttp.setProxy(proxy);
        ResolverDirectHTTP resolverDirectHTTP = new ResolverDirectHTTP();
        resolverDirectHTTP.engineSetProperty("http.proxy.host", ((InetSocketAddress) proxy.address()).getAddress().getHostAddress());
        resolverDirectHTTP.engineSetProperty("http.proxy.port", "" + ((InetSocketAddress) proxy.address()).getPort());
        TestUtils.switchAllowNotSameDocumentReferences(true);
        // Read in plaintext document
        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmldsig-eighteen/signature-x509-sn.xml");
        DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
        Document document = builder.parse(sourceDocument);
        // XMLUtils.outputDOM(document, System.out);
        // Set up the Key
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        InputStream sourceCert = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmldsig-eighteen/certs/badb.crt");
        Certificate cert = cf.generateCertificate(sourceCert);
        // Convert Document to a Stream Reader
        javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        transformer.transform(new DOMSource(document), new StreamResult(baos));
        XMLStreamReader xmlStreamReader = null;
        try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
            xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
        }
        // Verify signature
        XMLSecurityProperties properties = new XMLSecurityProperties();
        properties.setSignatureVerificationKey(cert.getPublicKey());
        InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
        TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
        XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
        StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
        // Check the SecurityEvents
        checkSignatureToken(securityEventListener, cert.getPublicKey(), SecurityTokenConstants.KeyIdentifier_X509SubjectName);
    } finally {
        TestUtils.switchAllowNotSameDocumentReferences(false);
        HttpRequestRedirectorProxy.stopHttpEngine();
    }
}
Also used : DOMSource(javax.xml.transform.dom.DOMSource) XMLStreamReader(javax.xml.stream.XMLStreamReader) StreamResult(javax.xml.transform.stream.StreamResult) InetSocketAddress(java.net.InetSocketAddress) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) ResolverDirectHTTP(org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP) ByteArrayOutputStream(java.io.ByteArrayOutputStream) InboundXMLSec(org.apache.xml.security.stax.ext.InboundXMLSec) Document(org.w3c.dom.Document) CertificateFactory(java.security.cert.CertificateFactory) Proxy(java.net.Proxy) HttpRequestRedirectorProxy(org.apache.xml.security.test.stax.utils.HttpRequestRedirectorProxy) DocumentBuilder(javax.xml.parsers.DocumentBuilder) ByteArrayInputStream(java.io.ByteArrayInputStream) XMLSecurityProperties(org.apache.xml.security.stax.ext.XMLSecurityProperties) Certificate(java.security.cert.Certificate) Test(org.junit.Test)

Example 47 with InboundXMLSec

use of org.apache.xml.security.stax.ext.InboundXMLSec in project santuario-java by apache.

the class BaltimoreTest method test_twenty_three_enveloping_dsa.

@Test
public void test_twenty_three_enveloping_dsa() throws Exception {
    // Read in plaintext document
    InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/signature-enveloping-dsa.xml");
    DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
    Document document = builder.parse(sourceDocument);
    // XMLUtils.outputDOM(document, System.out);
    // Convert Document to a Stream Reader
    javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    transformer.transform(new DOMSource(document), new StreamResult(baos));
    XMLStreamReader xmlStreamReader = null;
    try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
        xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
    }
    // Verify signature
    XMLSecurityProperties properties = new XMLSecurityProperties();
    InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
    TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
    XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
    StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
    // Check the SecurityEvents
    checkSignatureToken(securityEventListener, getPublicKey("DSA", 23), SecurityTokenConstants.KeyIdentifier_KeyValue);
}
Also used : DOMSource(javax.xml.transform.dom.DOMSource) XMLStreamReader(javax.xml.stream.XMLStreamReader) StreamResult(javax.xml.transform.stream.StreamResult) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) ByteArrayOutputStream(java.io.ByteArrayOutputStream) InboundXMLSec(org.apache.xml.security.stax.ext.InboundXMLSec) Document(org.w3c.dom.Document) DocumentBuilder(javax.xml.parsers.DocumentBuilder) ByteArrayInputStream(java.io.ByteArrayInputStream) XMLSecurityProperties(org.apache.xml.security.stax.ext.XMLSecurityProperties) Test(org.junit.Test)

Example 48 with InboundXMLSec

use of org.apache.xml.security.stax.ext.InboundXMLSec in project santuario-java by apache.

the class BaltimoreTest method test_signature_x509_crt_crl_18.

// See SANTUARIO-319
@Test
public void test_signature_x509_crt_crl_18() throws Exception {
    Proxy proxy = HttpRequestRedirectorProxy.startHttpEngine();
    try {
        ResolverHttp.setProxy(proxy);
        ResolverDirectHTTP resolverDirectHTTP = new ResolverDirectHTTP();
        resolverDirectHTTP.engineSetProperty("http.proxy.host", ((InetSocketAddress) proxy.address()).getAddress().getHostAddress());
        resolverDirectHTTP.engineSetProperty("http.proxy.port", "" + ((InetSocketAddress) proxy.address()).getPort());
        TestUtils.switchAllowNotSameDocumentReferences(true);
        // Read in plaintext document
        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmldsig-eighteen/signature-x509-crt-crl.xml");
        DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
        Document document = builder.parse(sourceDocument);
        // XMLUtils.outputDOM(document, System.out);
        // Convert Document to a Stream Reader
        javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        transformer.transform(new DOMSource(document), new StreamResult(baos));
        XMLStreamReader xmlStreamReader = null;
        try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
            xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
        }
        // Verify signature
        XMLSecurityProperties properties = new XMLSecurityProperties();
        InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
        XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader);
        StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
    } finally {
        TestUtils.switchAllowNotSameDocumentReferences(false);
        HttpRequestRedirectorProxy.stopHttpEngine();
    }
}
Also used : DOMSource(javax.xml.transform.dom.DOMSource) XMLStreamReader(javax.xml.stream.XMLStreamReader) StreamResult(javax.xml.transform.stream.StreamResult) InetSocketAddress(java.net.InetSocketAddress) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) ResolverDirectHTTP(org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP) ByteArrayOutputStream(java.io.ByteArrayOutputStream) InboundXMLSec(org.apache.xml.security.stax.ext.InboundXMLSec) Document(org.w3c.dom.Document) Proxy(java.net.Proxy) HttpRequestRedirectorProxy(org.apache.xml.security.test.stax.utils.HttpRequestRedirectorProxy) DocumentBuilder(javax.xml.parsers.DocumentBuilder) ByteArrayInputStream(java.io.ByteArrayInputStream) XMLSecurityProperties(org.apache.xml.security.stax.ext.XMLSecurityProperties) Test(org.junit.Test)

Example 49 with InboundXMLSec

use of org.apache.xml.security.stax.ext.InboundXMLSec in project santuario-java by apache.

the class BaltimoreTest method test_fifteen_enveloping_rsa.

@Test
public void test_fifteen_enveloping_rsa() throws Exception {
    // Read in plaintext document
    InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmldsig-fifteen/signature-enveloping-rsa.xml");
    DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
    Document document = builder.parse(sourceDocument);
    // XMLUtils.outputDOM(document, System.out);
    // Convert Document to a Stream Reader
    javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    transformer.transform(new DOMSource(document), new StreamResult(baos));
    XMLStreamReader xmlStreamReader = null;
    try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
        xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
    }
    // Verify signature
    XMLSecurityProperties properties = new XMLSecurityProperties();
    InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
    TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
    XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
    StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
    // Check the SecurityEvents
    checkSignatureToken(securityEventListener, getPublicKey("RSA", 15), SecurityTokenConstants.KeyIdentifier_KeyValue);
}
Also used : DOMSource(javax.xml.transform.dom.DOMSource) XMLStreamReader(javax.xml.stream.XMLStreamReader) StreamResult(javax.xml.transform.stream.StreamResult) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) ByteArrayOutputStream(java.io.ByteArrayOutputStream) InboundXMLSec(org.apache.xml.security.stax.ext.InboundXMLSec) Document(org.w3c.dom.Document) DocumentBuilder(javax.xml.parsers.DocumentBuilder) ByteArrayInputStream(java.io.ByteArrayInputStream) XMLSecurityProperties(org.apache.xml.security.stax.ext.XMLSecurityProperties) Test(org.junit.Test)

Example 50 with InboundXMLSec

use of org.apache.xml.security.stax.ext.InboundXMLSec in project santuario-java by apache.

the class BaltimoreTest method test_fifteen_enveloping_hmac_sha1.

@Test
public void test_fifteen_enveloping_hmac_sha1() throws Exception {
    // Read in plaintext document
    InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmldsig-fifteen/signature-enveloping-hmac-sha1.xml");
    DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
    Document document = builder.parse(sourceDocument);
    // Set up the Key
    byte[] hmacKey = "secret".getBytes(StandardCharsets.US_ASCII);
    SecretKey key = new SecretKeySpec(hmacKey, "http://www.w3.org/2000/09/xmldsig#hmac-sha1");
    // XMLUtils.outputDOM(document, System.out);
    // Convert Document to a Stream Reader
    javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    transformer.transform(new DOMSource(document), new StreamResult(baos));
    XMLStreamReader xmlStreamReader = null;
    try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
        xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
    }
    // Verify signature
    XMLSecurityProperties properties = new XMLSecurityProperties();
    properties.setSignatureVerificationKey(key);
    InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
    TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
    XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
    document = StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
    // Check the SecurityEvents
    checkSignatureToken(securityEventListener, key, SecurityTokenConstants.KeyIdentifier_NoKeyInfo);
}
Also used : DOMSource(javax.xml.transform.dom.DOMSource) XMLStreamReader(javax.xml.stream.XMLStreamReader) StreamResult(javax.xml.transform.stream.StreamResult) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) ByteArrayOutputStream(java.io.ByteArrayOutputStream) InboundXMLSec(org.apache.xml.security.stax.ext.InboundXMLSec) Document(org.w3c.dom.Document) SecretKey(javax.crypto.SecretKey) DocumentBuilder(javax.xml.parsers.DocumentBuilder) ByteArrayInputStream(java.io.ByteArrayInputStream) SecretKeySpec(javax.crypto.spec.SecretKeySpec) XMLSecurityProperties(org.apache.xml.security.stax.ext.XMLSecurityProperties) Test(org.junit.Test)

Aggregations

XMLStreamReader (javax.xml.stream.XMLStreamReader)155 InboundXMLSec (org.apache.xml.security.stax.ext.InboundXMLSec)155 XMLSecurityProperties (org.apache.xml.security.stax.ext.XMLSecurityProperties)155 Test (org.junit.Test)151 InputStream (java.io.InputStream)150 DOMSource (javax.xml.transform.dom.DOMSource)150 ByteArrayInputStream (java.io.ByteArrayInputStream)149 ByteArrayOutputStream (java.io.ByteArrayOutputStream)149 DocumentBuilder (javax.xml.parsers.DocumentBuilder)149 StreamResult (javax.xml.transform.stream.StreamResult)149 Document (org.w3c.dom.Document)123 ArrayList (java.util.ArrayList)89 SecretKey (javax.crypto.SecretKey)79 TestSecurityEventListener (org.apache.xml.security.test.stax.signature.TestSecurityEventListener)58 KeyGenerator (javax.crypto.KeyGenerator)34 Key (java.security.Key)31 KeyStore (java.security.KeyStore)27 X509Certificate (java.security.cert.X509Certificate)27 SecretKeySpec (javax.crypto.spec.SecretKeySpec)26 InetSocketAddress (java.net.InetSocketAddress)22