Example 1 with EncryptedElementSecurityEvent
use of org.apache.xml.security.stax.securityEvent.EncryptedElementSecurityEvent in project santuario-java by apache.
the class DecryptionTest method checkMultipleEncryptedElementSecurityEvents.
protected void checkMultipleEncryptedElementSecurityEvents(TestSecurityEventListener securityEventListener) {
List<SecurityEvent> encryptedElements = securityEventListener.getSecurityEvents(SecurityEventConstants.EncryptedElement);
assertTrue(encryptedElements.size() == 2);
EncryptedElementSecurityEvent encryptedElementEvent = (EncryptedElementSecurityEvent) encryptedElements.get(0);
assertNotNull(encryptedElementEvent);
assertEquals(encryptedElementEvent.getElementPath().size(), 2);
assertEquals("{urn:example:po}PurchaseOrder", encryptedElementEvent.getElementPath().get(0).toString());
assertEquals("{urn:example:po}ShippingAddress", encryptedElementEvent.getElementPath().get(1).toString());
assertTrue(encryptedElementEvent.isEncrypted());
encryptedElementEvent = (EncryptedElementSecurityEvent) encryptedElements.get(1);
assertNotNull(encryptedElementEvent);
assertEquals(encryptedElementEvent.getElementPath().size(), 2);
assertEquals("{urn:example:po}PurchaseOrder", encryptedElementEvent.getElementPath().get(0).toString());
assertEquals("{urn:example:po}PaymentInfo", encryptedElementEvent.getElementPath().get(1).toString());
assertTrue(encryptedElementEvent.isEncrypted());
}
Also used :
AlgorithmSuiteSecurityEvent(org.apache.xml.security.stax.securityEvent.AlgorithmSuiteSecurityEvent)
EncryptedElementSecurityEvent(org.apache.xml.security.stax.securityEvent.EncryptedElementSecurityEvent)
ContentEncryptedElementSecurityEvent(org.apache.xml.security.stax.securityEvent.ContentEncryptedElementSecurityEvent)
EncryptedKeyTokenSecurityEvent(org.apache.xml.security.stax.securityEvent.EncryptedKeyTokenSecurityEvent)
DefaultTokenSecurityEvent(org.apache.xml.security.stax.securityEvent.DefaultTokenSecurityEvent)
SecurityEvent(org.apache.xml.security.stax.securityEvent.SecurityEvent)
EncryptedElementSecurityEvent(org.apache.xml.security.stax.securityEvent.EncryptedElementSecurityEvent)
ContentEncryptedElementSecurityEvent(org.apache.xml.security.stax.securityEvent.ContentEncryptedElementSecurityEvent)
Example 2 with EncryptedElementSecurityEvent
use of org.apache.xml.security.stax.securityEvent.EncryptedElementSecurityEvent in project santuario-java by apache.
the class DecryptionTest method testDecryptWholeDocumentInDecryptOnlyMode.
@Test
public void testDecryptWholeDocumentInDecryptOnlyMode() throws Exception {
// Read in plaintext document
InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
Document document = builder.parse(sourceDocument);
// Set up the Key
SecretKey secretKey = generateSecretKey();
// Encrypt using DOM
List<String> localNames = new ArrayList<>();
localNames.add("PurchaseOrder");
encryptUsingDOM("http://www.w3.org/2001/04/xmlenc#tripledes-cbc", secretKey, null, null, document, localNames, false);
// Check the CreditCard encrypted ok
NodeList nodeList = document.getElementsByTagNameNS("urn:example:po", "PurchaseOrder");
Assert.assertEquals(nodeList.getLength(), 0);
// XMLUtils.outputDOM(document, System.out);
// Convert Document to a Stream Reader
javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
transformer.transform(new DOMSource(document), new StreamResult(baos));
XMLStreamReader xmlStreamReader = null;
try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
}
// Decrypt
XMLSecurityProperties properties = new XMLSecurityProperties();
properties.setDecryptionKey(secretKey);
properties.addAction(XMLSecurityConstants.ENCRYPT);
InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
document = StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
// Check the CreditCard decrypted ok
nodeList = document.getElementsByTagNameNS("urn:example:po", "PurchaseOrder");
Assert.assertEquals(nodeList.getLength(), 1);
// Check the SecurityEvents
EncryptedElementSecurityEvent encryptedElementEvent = (EncryptedElementSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.EncryptedElement);
assertNotNull(encryptedElementEvent);
assertEquals(encryptedElementEvent.getElementPath().size(), 1);
assertEquals("{urn:example:po}PurchaseOrder", encryptedElementEvent.getElementPath().get(0).toString());
assertTrue(encryptedElementEvent.isEncrypted());
checkEncryptionToken(securityEventListener, null, secretKey, SecurityTokenConstants.KeyIdentifier_NoKeyInfo, "");
checkEncryptionMethod(securityEventListener, "http://www.w3.org/2001/04/xmlenc#tripledes-cbc", null);
}
Also used :
DOMSource(javax.xml.transform.dom.DOMSource)
XMLStreamReader(javax.xml.stream.XMLStreamReader)
StreamResult(javax.xml.transform.stream.StreamResult)
EncryptedElementSecurityEvent(org.apache.xml.security.stax.securityEvent.EncryptedElementSecurityEvent)
ContentEncryptedElementSecurityEvent(org.apache.xml.security.stax.securityEvent.ContentEncryptedElementSecurityEvent)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
ArrayList(java.util.ArrayList)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
InboundXMLSec(org.apache.xml.security.stax.ext.InboundXMLSec)
SecretKey(javax.crypto.SecretKey)
DocumentBuilder(javax.xml.parsers.DocumentBuilder)
ByteArrayInputStream(java.io.ByteArrayInputStream)
XMLSecurityProperties(org.apache.xml.security.stax.ext.XMLSecurityProperties)
TestSecurityEventListener(org.apache.xml.security.test.stax.signature.TestSecurityEventListener)
Test(org.junit.Test)
Example 3 with EncryptedElementSecurityEvent
use of org.apache.xml.security.stax.securityEvent.EncryptedElementSecurityEvent in project santuario-java by apache.
the class DecryptionTest method checkEncryptedElementSecurityEvents.
protected void checkEncryptedElementSecurityEvents(TestSecurityEventListener securityEventListener) {
EncryptedElementSecurityEvent encryptedElementEvent = (EncryptedElementSecurityEvent) securityEventListener.getSecurityEvent(SecurityEventConstants.EncryptedElement);
assertNotNull(encryptedElementEvent);
assertEquals(encryptedElementEvent.getElementPath().size(), 2);
assertEquals("{urn:example:po}PurchaseOrder", encryptedElementEvent.getElementPath().get(0).toString());
assertEquals("{urn:example:po}PaymentInfo", encryptedElementEvent.getElementPath().get(1).toString());
assertTrue(encryptedElementEvent.isEncrypted());
}
Also used :
EncryptedElementSecurityEvent(org.apache.xml.security.stax.securityEvent.EncryptedElementSecurityEvent)
ContentEncryptedElementSecurityEvent(org.apache.xml.security.stax.securityEvent.ContentEncryptedElementSecurityEvent)
Example 4 with EncryptedElementSecurityEvent
use of org.apache.xml.security.stax.securityEvent.EncryptedElementSecurityEvent in project testcases by coheigea.
the class EncryptionUtils method decryptUsingStAX.
/**
* Decrypt the document using the StAX API of Apache Santuario - XML Security for Java.
*/
public static void decryptUsingStAX(InputStream inputStream, List<QName> namesToEncrypt, Key privateKey) throws Exception {
// Set up the Configuration
XMLSecurityProperties properties = new XMLSecurityProperties();
List<XMLSecurityConstants.Action> actions = new ArrayList<XMLSecurityConstants.Action>();
actions.add(XMLSecurityConstants.ENCRYPT);
properties.setActions(actions);
properties.setDecryptionKey(privateKey);
InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
XMLInputFactory xmlInputFactory = XMLInputFactory.newInstance();
final XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(inputStream);
TestSecurityEventListener eventListener = new TestSecurityEventListener();
XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, eventListener);
while (securityStreamReader.hasNext()) {
securityStreamReader.next();
}
xmlStreamReader.close();
inputStream.close();
// Check that what we were expecting to be encrypted was actually encrypted
List<EncryptedElementSecurityEvent> encryptedElementEvents = eventListener.getSecurityEvents(SecurityEventConstants.EncryptedElement);
Assert.assertNotNull(encryptedElementEvents);
for (QName nameToEncrypt : namesToEncrypt) {
boolean found = false;
for (EncryptedElementSecurityEvent encryptedElement : encryptedElementEvents) {
if (encryptedElement.isEncrypted() && nameToEncrypt.equals(getEncryptedQName(encryptedElement.getElementPath()))) {
found = true;
break;
}
}
Assert.assertTrue(found);
}
}
Also used :
XMLSecurityConstants(org.apache.xml.security.stax.ext.XMLSecurityConstants)
XMLStreamReader(javax.xml.stream.XMLStreamReader)
EncryptedElementSecurityEvent(org.apache.xml.security.stax.securityEvent.EncryptedElementSecurityEvent)
QName(javax.xml.namespace.QName)
ArrayList(java.util.ArrayList)
InboundXMLSec(org.apache.xml.security.stax.ext.InboundXMLSec)
XMLSecurityProperties(org.apache.xml.security.stax.ext.XMLSecurityProperties)
XMLInputFactory(javax.xml.stream.XMLInputFactory)
Aggregations
EncryptedElementSecurityEvent (org.apache.xml.security.stax.securityEvent.EncryptedElementSecurityEvent)4
ContentEncryptedElementSecurityEvent (org.apache.xml.security.stax.securityEvent.ContentEncryptedElementSecurityEvent)3
ArrayList (java.util.ArrayList)2
XMLStreamReader (javax.xml.stream.XMLStreamReader)2
InboundXMLSec (org.apache.xml.security.stax.ext.InboundXMLSec)2
XMLSecurityProperties (org.apache.xml.security.stax.ext.XMLSecurityProperties)2
ByteArrayInputStream (java.io.ByteArrayInputStream)1
ByteArrayOutputStream (java.io.ByteArrayOutputStream)1
InputStream (java.io.InputStream)1
SecretKey (javax.crypto.SecretKey)1
QName (javax.xml.namespace.QName)1
DocumentBuilder (javax.xml.parsers.DocumentBuilder)1
XMLInputFactory (javax.xml.stream.XMLInputFactory)1
DOMSource (javax.xml.transform.dom.DOMSource)1
StreamResult (javax.xml.transform.stream.StreamResult)1
XMLSecurityConstants (org.apache.xml.security.stax.ext.XMLSecurityConstants)1
AlgorithmSuiteSecurityEvent (org.apache.xml.security.stax.securityEvent.AlgorithmSuiteSecurityEvent)1
DefaultTokenSecurityEvent (org.apache.xml.security.stax.securityEvent.DefaultTokenSecurityEvent)1
EncryptedKeyTokenSecurityEvent (org.apache.xml.security.stax.securityEvent.EncryptedKeyTokenSecurityEvent)1
SecurityEvent (org.apache.xml.security.stax.securityEvent.SecurityEvent)1
