use of org.apache.xml.security.stax.impl.securityToken.X509SecurityToken in project testcases by coheigea.
the class SignatureUtils method verifyUsingStAX.
/**
* Verify the document using the StAX API of Apache Santuario - XML Security for Java.
*/
public static void verifyUsingStAX(InputStream inputStream, List<QName> namesToSign, X509Certificate cert) throws Exception {
// Set up the Configuration
XMLSecurityProperties properties = new XMLSecurityProperties();
List<XMLSecurityConstants.Action> actions = new ArrayList<XMLSecurityConstants.Action>();
actions.add(XMLSecurityConstants.SIGNATURE);
properties.setActions(actions);
properties.setSignatureVerificationKey(cert.getPublicKey());
InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
XMLInputFactory xmlInputFactory = XMLInputFactory.newInstance();
final XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(inputStream);
TestSecurityEventListener eventListener = new TestSecurityEventListener();
XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, eventListener);
while (securityStreamReader.hasNext()) {
securityStreamReader.next();
}
xmlStreamReader.close();
inputStream.close();
// Check that what we were expecting to be signed was actually signed
List<SignedElementSecurityEvent> signedElementEvents = eventListener.getSecurityEvents(SecurityEventConstants.SignedElement);
Assert.assertNotNull(signedElementEvents);
for (QName nameToSign : namesToSign) {
boolean found = false;
for (SignedElementSecurityEvent signedElement : signedElementEvents) {
if (signedElement.isSigned() && nameToSign.equals(getSignedQName(signedElement.getElementPath()))) {
found = true;
break;
}
}
Assert.assertTrue(found);
}
// Check Signing cert
X509TokenSecurityEvent tokenEvent = (X509TokenSecurityEvent) eventListener.getSecurityEvent(SecurityEventConstants.X509Token);
Assert.assertNotNull(tokenEvent);
Assert.assertTrue(tokenEvent.getSecurityToken() instanceof X509SecurityToken);
X509SecurityToken x509SecurityToken = (X509SecurityToken) tokenEvent.getSecurityToken();
Assert.assertEquals(x509SecurityToken.getX509Certificates()[0], cert);
}
use of org.apache.xml.security.stax.impl.securityToken.X509SecurityToken in project santuario-java by apache.
the class AbstractSignatureVerificationTest method checkSignatureToken.
protected void checkSignatureToken(TestSecurityEventListener securityEventListener, X509Certificate cert, Key key, SecurityTokenConstants.KeyIdentifier keyIdentifier) throws XMLSecurityException {
if (SecurityTokenConstants.KeyIdentifier_KeyValue.equals(keyIdentifier)) {
KeyValueTokenSecurityEvent tokenEvent = (KeyValueTokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.KeyValueToken);
assertNotNull(tokenEvent);
} else if (SecurityTokenConstants.KeyIdentifier_NoKeyInfo.equals(keyIdentifier)) {
DefaultTokenSecurityEvent tokenEvent = (DefaultTokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.DefaultToken);
assertNotNull(tokenEvent);
Key processedKey = tokenEvent.getSecurityToken().getSecretKey().values().iterator().next();
assertEquals(processedKey, key);
} else if (SecurityTokenConstants.KeyIdentifier_KeyName.equals(keyIdentifier)) {
KeyNameTokenSecurityEvent tokenEvent = (KeyNameTokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.KeyNameToken);
assertNotNull(tokenEvent);
Key processedKey = tokenEvent.getSecurityToken().getSecretKey().values().iterator().next();
assertEquals(processedKey, key);
assertNotNull(((KeyNameSecurityToken) tokenEvent.getSecurityToken()).getKeyName());
} else {
X509TokenSecurityEvent tokenEvent = (X509TokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.X509Token);
assertNotNull(tokenEvent);
X509SecurityToken x509SecurityToken = (X509SecurityToken) tokenEvent.getSecurityToken();
assertNotNull(x509SecurityToken);
if (SecurityTokenConstants.KeyIdentifier_X509KeyIdentifier.equals(keyIdentifier)) {
assertEquals(cert, x509SecurityToken.getX509Certificates()[0]);
} else if (SecurityTokenConstants.KeyIdentifier_X509SubjectName.equals(keyIdentifier)) {
Key processedKey = x509SecurityToken.getPublicKey();
assertEquals(processedKey, cert.getPublicKey());
assertNotNull(((X509SubjectNameSecurityToken) x509SecurityToken).getSubjectName());
} else if (SecurityTokenConstants.KeyIdentifier_IssuerSerial.equals(keyIdentifier)) {
Key processedKey = x509SecurityToken.getPublicKey();
assertEquals(processedKey, cert.getPublicKey());
assertNotNull(((X509IssuerSerialSecurityToken) x509SecurityToken).getIssuerName());
assertNotNull(((X509IssuerSerialSecurityToken) x509SecurityToken).getSerialNumber());
}
}
}
use of org.apache.xml.security.stax.impl.securityToken.X509SecurityToken in project santuario-java by apache.
the class BaltimoreTest method checkSignatureToken.
private void checkSignatureToken(TestSecurityEventListener securityEventListener, Key key, SecurityTokenConstants.KeyIdentifier keyIdentifier) throws XMLSecurityException {
if (SecurityTokenConstants.KeyIdentifier_KeyValue.equals(keyIdentifier)) {
// NOPMD
} else if (SecurityTokenConstants.KeyIdentifier_NoKeyInfo.equals(keyIdentifier)) {
DefaultTokenSecurityEvent tokenEvent = (DefaultTokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.DefaultToken);
assertNotNull(tokenEvent);
Key processedKey = tokenEvent.getSecurityToken().getSecretKey().values().iterator().next();
assertEquals(processedKey, key);
} else if (SecurityTokenConstants.KeyIdentifier_KeyName.equals(keyIdentifier)) {
KeyNameTokenSecurityEvent tokenEvent = (KeyNameTokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.KeyNameToken);
assertNotNull(tokenEvent);
if (key instanceof SecretKey) {
Key processedKey = tokenEvent.getSecurityToken().getSecretKey().values().iterator().next();
assertEquals(processedKey, key);
} else {
Key processedKey = tokenEvent.getSecurityToken().getPublicKey();
assertEquals(processedKey, key);
}
assertNotNull(((KeyNameSecurityToken) tokenEvent.getSecurityToken()).getKeyName());
} else {
X509TokenSecurityEvent tokenEvent = (X509TokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.X509Token);
assertNotNull(tokenEvent);
X509SecurityToken x509SecurityToken = (X509SecurityToken) tokenEvent.getSecurityToken();
assertNotNull(x509SecurityToken);
if (SecurityTokenConstants.KeyIdentifier_X509SubjectName.equals(keyIdentifier)) {
Key processedKey = x509SecurityToken.getPublicKey();
assertEquals(processedKey, key);
assertNotNull(((X509SubjectNameSecurityToken) x509SecurityToken).getSubjectName());
} else if (SecurityTokenConstants.KeyIdentifier_IssuerSerial.equals(keyIdentifier)) {
Key processedKey = x509SecurityToken.getPublicKey();
assertEquals(processedKey, key);
assertNotNull(((X509IssuerSerialSecurityToken) x509SecurityToken).getIssuerName());
assertNotNull(((X509IssuerSerialSecurityToken) x509SecurityToken).getSerialNumber());
}
}
}
use of org.apache.xml.security.stax.impl.securityToken.X509SecurityToken in project santuario-java by apache.
the class IAIKTest method checkSignatureToken.
private void checkSignatureToken(TestSecurityEventListener securityEventListener, Key key, SecurityTokenConstants.KeyIdentifier keyIdentifier) throws XMLSecurityException {
if (SecurityTokenConstants.KeyIdentifier_KeyValue.equals(keyIdentifier)) {
// NOPMD
} else if (SecurityTokenConstants.KeyIdentifier_NoKeyInfo.equals(keyIdentifier)) {
DefaultTokenSecurityEvent tokenEvent = (DefaultTokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.DefaultToken);
assertNotNull(tokenEvent);
Key processedKey = tokenEvent.getSecurityToken().getSecretKey().values().iterator().next();
assertEquals(processedKey, key);
} else if (SecurityTokenConstants.KeyIdentifier_KeyName.equals(keyIdentifier)) {
KeyNameTokenSecurityEvent tokenEvent = (KeyNameTokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.KeyNameToken);
assertNotNull(tokenEvent);
Key processedKey = tokenEvent.getSecurityToken().getSecretKey().values().iterator().next();
assertEquals(processedKey, key);
assertNotNull(((KeyNameSecurityToken) tokenEvent.getSecurityToken()).getKeyName());
} else {
X509TokenSecurityEvent tokenEvent = (X509TokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.X509Token);
assertNotNull(tokenEvent);
X509SecurityToken x509SecurityToken = (X509SecurityToken) tokenEvent.getSecurityToken();
assertNotNull(x509SecurityToken);
if (SecurityTokenConstants.KeyIdentifier_X509SubjectName.equals(keyIdentifier)) {
Key processedKey = x509SecurityToken.getPublicKey();
assertEquals(processedKey, key);
assertNotNull(((X509SubjectNameSecurityToken) x509SecurityToken).getSubjectName());
} else if (SecurityTokenConstants.KeyIdentifier_IssuerSerial.equals(keyIdentifier)) {
Key processedKey = x509SecurityToken.getPublicKey();
assertEquals(processedKey, key);
assertNotNull(((X509IssuerSerialSecurityToken) x509SecurityToken).getIssuerName());
assertNotNull(((X509IssuerSerialSecurityToken) x509SecurityToken).getSerialNumber());
}
}
}
Aggregations