Search in sources :

Example 1 with X509SecurityToken

use of org.apache.xml.security.stax.impl.securityToken.X509SecurityToken in project testcases by coheigea.

the class SignatureUtils method verifyUsingStAX.

/**
 * Verify the document using the StAX API of Apache Santuario - XML Security for Java.
 */
public static void verifyUsingStAX(InputStream inputStream, List<QName> namesToSign, X509Certificate cert) throws Exception {
    // Set up the Configuration
    XMLSecurityProperties properties = new XMLSecurityProperties();
    List<XMLSecurityConstants.Action> actions = new ArrayList<XMLSecurityConstants.Action>();
    actions.add(XMLSecurityConstants.SIGNATURE);
    properties.setActions(actions);
    properties.setSignatureVerificationKey(cert.getPublicKey());
    InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
    XMLInputFactory xmlInputFactory = XMLInputFactory.newInstance();
    final XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(inputStream);
    TestSecurityEventListener eventListener = new TestSecurityEventListener();
    XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, eventListener);
    while (securityStreamReader.hasNext()) {
        securityStreamReader.next();
    }
    xmlStreamReader.close();
    inputStream.close();
    // Check that what we were expecting to be signed was actually signed
    List<SignedElementSecurityEvent> signedElementEvents = eventListener.getSecurityEvents(SecurityEventConstants.SignedElement);
    Assert.assertNotNull(signedElementEvents);
    for (QName nameToSign : namesToSign) {
        boolean found = false;
        for (SignedElementSecurityEvent signedElement : signedElementEvents) {
            if (signedElement.isSigned() && nameToSign.equals(getSignedQName(signedElement.getElementPath()))) {
                found = true;
                break;
            }
        }
        Assert.assertTrue(found);
    }
    // Check Signing cert
    X509TokenSecurityEvent tokenEvent = (X509TokenSecurityEvent) eventListener.getSecurityEvent(SecurityEventConstants.X509Token);
    Assert.assertNotNull(tokenEvent);
    Assert.assertTrue(tokenEvent.getSecurityToken() instanceof X509SecurityToken);
    X509SecurityToken x509SecurityToken = (X509SecurityToken) tokenEvent.getSecurityToken();
    Assert.assertEquals(x509SecurityToken.getX509Certificates()[0], cert);
}
Also used : XMLSecurityConstants(org.apache.xml.security.stax.ext.XMLSecurityConstants) XMLStreamReader(javax.xml.stream.XMLStreamReader) QName(javax.xml.namespace.QName) ArrayList(java.util.ArrayList) InboundXMLSec(org.apache.xml.security.stax.ext.InboundXMLSec) X509SecurityToken(org.apache.xml.security.stax.impl.securityToken.X509SecurityToken) X509TokenSecurityEvent(org.apache.xml.security.stax.securityEvent.X509TokenSecurityEvent) XMLSecurityProperties(org.apache.xml.security.stax.ext.XMLSecurityProperties) SignedElementSecurityEvent(org.apache.xml.security.stax.securityEvent.SignedElementSecurityEvent) XMLInputFactory(javax.xml.stream.XMLInputFactory)

Example 2 with X509SecurityToken

use of org.apache.xml.security.stax.impl.securityToken.X509SecurityToken in project santuario-java by apache.

the class AbstractSignatureVerificationTest method checkSignatureToken.

protected void checkSignatureToken(TestSecurityEventListener securityEventListener, X509Certificate cert, Key key, SecurityTokenConstants.KeyIdentifier keyIdentifier) throws XMLSecurityException {
    if (SecurityTokenConstants.KeyIdentifier_KeyValue.equals(keyIdentifier)) {
        KeyValueTokenSecurityEvent tokenEvent = (KeyValueTokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.KeyValueToken);
        assertNotNull(tokenEvent);
    } else if (SecurityTokenConstants.KeyIdentifier_NoKeyInfo.equals(keyIdentifier)) {
        DefaultTokenSecurityEvent tokenEvent = (DefaultTokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.DefaultToken);
        assertNotNull(tokenEvent);
        Key processedKey = tokenEvent.getSecurityToken().getSecretKey().values().iterator().next();
        assertEquals(processedKey, key);
    } else if (SecurityTokenConstants.KeyIdentifier_KeyName.equals(keyIdentifier)) {
        KeyNameTokenSecurityEvent tokenEvent = (KeyNameTokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.KeyNameToken);
        assertNotNull(tokenEvent);
        Key processedKey = tokenEvent.getSecurityToken().getSecretKey().values().iterator().next();
        assertEquals(processedKey, key);
        assertNotNull(((KeyNameSecurityToken) tokenEvent.getSecurityToken()).getKeyName());
    } else {
        X509TokenSecurityEvent tokenEvent = (X509TokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.X509Token);
        assertNotNull(tokenEvent);
        X509SecurityToken x509SecurityToken = (X509SecurityToken) tokenEvent.getSecurityToken();
        assertNotNull(x509SecurityToken);
        if (SecurityTokenConstants.KeyIdentifier_X509KeyIdentifier.equals(keyIdentifier)) {
            assertEquals(cert, x509SecurityToken.getX509Certificates()[0]);
        } else if (SecurityTokenConstants.KeyIdentifier_X509SubjectName.equals(keyIdentifier)) {
            Key processedKey = x509SecurityToken.getPublicKey();
            assertEquals(processedKey, cert.getPublicKey());
            assertNotNull(((X509SubjectNameSecurityToken) x509SecurityToken).getSubjectName());
        } else if (SecurityTokenConstants.KeyIdentifier_IssuerSerial.equals(keyIdentifier)) {
            Key processedKey = x509SecurityToken.getPublicKey();
            assertEquals(processedKey, cert.getPublicKey());
            assertNotNull(((X509IssuerSerialSecurityToken) x509SecurityToken).getIssuerName());
            assertNotNull(((X509IssuerSerialSecurityToken) x509SecurityToken).getSerialNumber());
        }
    }
}
Also used : X509SubjectNameSecurityToken(org.apache.xml.security.stax.impl.securityToken.X509SubjectNameSecurityToken) X509SecurityToken(org.apache.xml.security.stax.impl.securityToken.X509SecurityToken) Key(java.security.Key)

Example 3 with X509SecurityToken

use of org.apache.xml.security.stax.impl.securityToken.X509SecurityToken in project santuario-java by apache.

the class BaltimoreTest method checkSignatureToken.

private void checkSignatureToken(TestSecurityEventListener securityEventListener, Key key, SecurityTokenConstants.KeyIdentifier keyIdentifier) throws XMLSecurityException {
    if (SecurityTokenConstants.KeyIdentifier_KeyValue.equals(keyIdentifier)) {
    // NOPMD
    } else if (SecurityTokenConstants.KeyIdentifier_NoKeyInfo.equals(keyIdentifier)) {
        DefaultTokenSecurityEvent tokenEvent = (DefaultTokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.DefaultToken);
        assertNotNull(tokenEvent);
        Key processedKey = tokenEvent.getSecurityToken().getSecretKey().values().iterator().next();
        assertEquals(processedKey, key);
    } else if (SecurityTokenConstants.KeyIdentifier_KeyName.equals(keyIdentifier)) {
        KeyNameTokenSecurityEvent tokenEvent = (KeyNameTokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.KeyNameToken);
        assertNotNull(tokenEvent);
        if (key instanceof SecretKey) {
            Key processedKey = tokenEvent.getSecurityToken().getSecretKey().values().iterator().next();
            assertEquals(processedKey, key);
        } else {
            Key processedKey = tokenEvent.getSecurityToken().getPublicKey();
            assertEquals(processedKey, key);
        }
        assertNotNull(((KeyNameSecurityToken) tokenEvent.getSecurityToken()).getKeyName());
    } else {
        X509TokenSecurityEvent tokenEvent = (X509TokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.X509Token);
        assertNotNull(tokenEvent);
        X509SecurityToken x509SecurityToken = (X509SecurityToken) tokenEvent.getSecurityToken();
        assertNotNull(x509SecurityToken);
        if (SecurityTokenConstants.KeyIdentifier_X509SubjectName.equals(keyIdentifier)) {
            Key processedKey = x509SecurityToken.getPublicKey();
            assertEquals(processedKey, key);
            assertNotNull(((X509SubjectNameSecurityToken) x509SecurityToken).getSubjectName());
        } else if (SecurityTokenConstants.KeyIdentifier_IssuerSerial.equals(keyIdentifier)) {
            Key processedKey = x509SecurityToken.getPublicKey();
            assertEquals(processedKey, key);
            assertNotNull(((X509IssuerSerialSecurityToken) x509SecurityToken).getIssuerName());
            assertNotNull(((X509IssuerSerialSecurityToken) x509SecurityToken).getSerialNumber());
        }
    }
}
Also used : SecretKey(javax.crypto.SecretKey) DefaultTokenSecurityEvent(org.apache.xml.security.stax.securityEvent.DefaultTokenSecurityEvent) X509SecurityToken(org.apache.xml.security.stax.impl.securityToken.X509SecurityToken) KeyNameTokenSecurityEvent(org.apache.xml.security.stax.securityEvent.KeyNameTokenSecurityEvent) X509TokenSecurityEvent(org.apache.xml.security.stax.securityEvent.X509TokenSecurityEvent) X509IssuerSerialSecurityToken(org.apache.xml.security.stax.impl.securityToken.X509IssuerSerialSecurityToken) Key(java.security.Key) SecretKey(javax.crypto.SecretKey) PublicKey(java.security.PublicKey)

Example 4 with X509SecurityToken

use of org.apache.xml.security.stax.impl.securityToken.X509SecurityToken in project santuario-java by apache.

the class IAIKTest method checkSignatureToken.

private void checkSignatureToken(TestSecurityEventListener securityEventListener, Key key, SecurityTokenConstants.KeyIdentifier keyIdentifier) throws XMLSecurityException {
    if (SecurityTokenConstants.KeyIdentifier_KeyValue.equals(keyIdentifier)) {
    // NOPMD
    } else if (SecurityTokenConstants.KeyIdentifier_NoKeyInfo.equals(keyIdentifier)) {
        DefaultTokenSecurityEvent tokenEvent = (DefaultTokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.DefaultToken);
        assertNotNull(tokenEvent);
        Key processedKey = tokenEvent.getSecurityToken().getSecretKey().values().iterator().next();
        assertEquals(processedKey, key);
    } else if (SecurityTokenConstants.KeyIdentifier_KeyName.equals(keyIdentifier)) {
        KeyNameTokenSecurityEvent tokenEvent = (KeyNameTokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.KeyNameToken);
        assertNotNull(tokenEvent);
        Key processedKey = tokenEvent.getSecurityToken().getSecretKey().values().iterator().next();
        assertEquals(processedKey, key);
        assertNotNull(((KeyNameSecurityToken) tokenEvent.getSecurityToken()).getKeyName());
    } else {
        X509TokenSecurityEvent tokenEvent = (X509TokenSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.X509Token);
        assertNotNull(tokenEvent);
        X509SecurityToken x509SecurityToken = (X509SecurityToken) tokenEvent.getSecurityToken();
        assertNotNull(x509SecurityToken);
        if (SecurityTokenConstants.KeyIdentifier_X509SubjectName.equals(keyIdentifier)) {
            Key processedKey = x509SecurityToken.getPublicKey();
            assertEquals(processedKey, key);
            assertNotNull(((X509SubjectNameSecurityToken) x509SecurityToken).getSubjectName());
        } else if (SecurityTokenConstants.KeyIdentifier_IssuerSerial.equals(keyIdentifier)) {
            Key processedKey = x509SecurityToken.getPublicKey();
            assertEquals(processedKey, key);
            assertNotNull(((X509IssuerSerialSecurityToken) x509SecurityToken).getIssuerName());
            assertNotNull(((X509IssuerSerialSecurityToken) x509SecurityToken).getSerialNumber());
        }
    }
}
Also used : DefaultTokenSecurityEvent(org.apache.xml.security.stax.securityEvent.DefaultTokenSecurityEvent) X509SecurityToken(org.apache.xml.security.stax.impl.securityToken.X509SecurityToken) KeyNameTokenSecurityEvent(org.apache.xml.security.stax.securityEvent.KeyNameTokenSecurityEvent) X509TokenSecurityEvent(org.apache.xml.security.stax.securityEvent.X509TokenSecurityEvent) X509IssuerSerialSecurityToken(org.apache.xml.security.stax.impl.securityToken.X509IssuerSerialSecurityToken) PublicKey(java.security.PublicKey) Key(java.security.Key) SecretKey(javax.crypto.SecretKey)

Aggregations

X509SecurityToken (org.apache.xml.security.stax.impl.securityToken.X509SecurityToken)4 Key (java.security.Key)3 X509TokenSecurityEvent (org.apache.xml.security.stax.securityEvent.X509TokenSecurityEvent)3 PublicKey (java.security.PublicKey)2 SecretKey (javax.crypto.SecretKey)2 X509IssuerSerialSecurityToken (org.apache.xml.security.stax.impl.securityToken.X509IssuerSerialSecurityToken)2 DefaultTokenSecurityEvent (org.apache.xml.security.stax.securityEvent.DefaultTokenSecurityEvent)2 KeyNameTokenSecurityEvent (org.apache.xml.security.stax.securityEvent.KeyNameTokenSecurityEvent)2 ArrayList (java.util.ArrayList)1 QName (javax.xml.namespace.QName)1 XMLInputFactory (javax.xml.stream.XMLInputFactory)1 XMLStreamReader (javax.xml.stream.XMLStreamReader)1 InboundXMLSec (org.apache.xml.security.stax.ext.InboundXMLSec)1 XMLSecurityConstants (org.apache.xml.security.stax.ext.XMLSecurityConstants)1 XMLSecurityProperties (org.apache.xml.security.stax.ext.XMLSecurityProperties)1 X509SubjectNameSecurityToken (org.apache.xml.security.stax.impl.securityToken.X509SubjectNameSecurityToken)1 SignedElementSecurityEvent (org.apache.xml.security.stax.securityEvent.SignedElementSecurityEvent)1