use of org.apache.xml.security.test.stax.signature.TestSecurityEventListener in project santuario-java by apache.
the class DecryptionTest method testPhysicalRepresentation2.
@Test
public void testPhysicalRepresentation2() throws Exception {
final String DATA1 = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><ns:root xmlns=\"defns.com\" xmlns:ns=\"ns.com\"><elem xmlns=\"\">11</elem></ns:root>";
DocumentBuilder db = XMLUtils.createDocumentBuilder(false);
Document document = null;
try (InputStream is = new ByteArrayInputStream(DATA1.getBytes(StandardCharsets.UTF_8))) {
document = db.parse(is);
}
// Set up the Key
byte[] bits192 = "abcdefghijklmnopqrstuvwx".getBytes();
DESedeKeySpec keySpec = new DESedeKeySpec(bits192);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DESede");
SecretKey secretKey = keyFactory.generateSecret(keySpec);
// Encrypt using DOM
List<String> localNames = new ArrayList<>();
localNames.add("elem");
encryptUsingDOM("http://www.w3.org/2001/04/xmlenc#tripledes-cbc", secretKey, "", null, document, localNames, false);
// Check the element encrypted ok
NodeList nodeList = document.getElementsByTagNameNS("", "elem");
Assert.assertEquals(nodeList.getLength(), 0);
// XMLUtils.outputDOM(document, System.out);
// Convert Document to a Stream Reader
javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
transformer.transform(new DOMSource(document), new StreamResult(baos));
XMLStreamReader xmlStreamReader = null;
try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
}
// Decrypt
XMLSecurityProperties properties = new XMLSecurityProperties();
properties.setDecryptionKey(secretKey);
InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
document = StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
// Check the element decrypted ok
nodeList = document.getElementsByTagNameNS("", "elem");
Assert.assertEquals(nodeList.getLength(), 1);
Element decrElem = (Element) document.getDocumentElement().getFirstChild();
assertEquals("elem", decrElem.getNodeName());
assertNull(decrElem.getNamespaceURI());
assertEquals(1, decrElem.getAttributes().getLength());
Attr attr = (Attr) decrElem.getAttributes().item(0);
assertEquals("xmlns", attr.getName());
assertEquals("", attr.getValue());
// Check the SecurityEvents
checkEncryptionToken(securityEventListener, null, secretKey, SecurityTokenConstants.KeyIdentifier_NoKeyInfo, "");
checkEncryptionMethod(securityEventListener, "http://www.w3.org/2001/04/xmlenc#tripledes-cbc", "");
}
use of org.apache.xml.security.test.stax.signature.TestSecurityEventListener in project santuario-java by apache.
the class DecryptionTest method testSKI.
@Test
public void testSKI() throws Exception {
//
if ("IBM Corporation".equals(System.getProperty("java.vendor"))) {
return;
}
// Read in plaintext document
InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
Document document = builder.parse(sourceDocument);
// Set up the Key
KeyGenerator keygen = KeyGenerator.getInstance("AES");
keygen.init(128);
SecretKey key = keygen.generateKey();
// Set the key up
KeyStore keyStore = KeyStore.getInstance("JCEKS");
keyStore.load(this.getClass().getClassLoader().getResource("test.jceks").openStream(), "secret".toCharArray());
PrivateKey priv = (PrivateKey) keyStore.getKey("rsakey", "secret".toCharArray());
X509Certificate cert = (X509Certificate) keyStore.getCertificate("rsakey");
// Encrypt using DOM
List<String> localNames = new ArrayList<>();
localNames.add("PaymentInfo");
KeyInfo encryptedKeyKeyInfo = new KeyInfo(document);
encryptedKeyKeyInfo = new KeyInfo(document);
encryptedKeyKeyInfo.getElement().setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:dsig", "http://www.w3.org/2000/09/xmldsig#");
X509Data x509Data = new X509Data(document);
x509Data.addSKI(cert);
encryptedKeyKeyInfo.add(x509Data);
encryptUsingDOM(XMLCipher.AES_128, key, XMLCipher.RSA_OAEP, cert.getPublicKey(), encryptedKeyKeyInfo, document, localNames, true);
// Check the CreditCard encrypted ok
NodeList nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
Assert.assertEquals(nodeList.getLength(), 0);
// XMLUtils.outputDOM(document, System.out);
// Convert Document to a Stream Reader
javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
transformer.transform(new DOMSource(document), new StreamResult(baos));
XMLStreamReader xmlStreamReader = null;
try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
}
// Decrypt
XMLSecurityProperties properties = new XMLSecurityProperties();
properties.setDecryptionKey(priv);
InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
document = StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
// Check the CreditCard decrypted ok
nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
Assert.assertEquals(nodeList.getLength(), 1);
}
use of org.apache.xml.security.test.stax.signature.TestSecurityEventListener in project santuario-java by apache.
the class DecryptionTest method testAES256ElementRSAKWCipherUsingKEKInboundIncludeEKKeyInfo.
@Test
public void testAES256ElementRSAKWCipherUsingKEKInboundIncludeEKKeyInfo() throws Exception {
// Read in plaintext document
InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
Document document = builder.parse(sourceDocument);
// Set up the Key
KeyPairGenerator rsaKeygen = KeyPairGenerator.getInstance("RSA");
KeyPair kp = rsaKeygen.generateKeyPair();
PrivateKey priv = kp.getPrivate();
PublicKey pub = kp.getPublic();
// Generate a traffic key
KeyGenerator keygen = KeyGenerator.getInstance("AES");
keygen.init(256);
SecretKey secretKey = keygen.generateKey();
// Encrypt using DOM
List<String> localNames = new ArrayList<>();
localNames.add("PaymentInfo");
encryptUsingDOM("http://www.w3.org/2001/04/xmlenc#aes256-cbc", secretKey, "http://www.w3.org/2001/04/xmlenc#rsa-1_5", pub, true, document, localNames, true);
// Check the CreditCard encrypted ok
NodeList nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
Assert.assertEquals(nodeList.getLength(), 0);
// XMLUtils.outputDOM(document, System.out);
// Convert Document to a Stream Reader
javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
transformer.transform(new DOMSource(document), new StreamResult(baos));
XMLStreamReader xmlStreamReader = null;
try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
}
// Decrypt
XMLSecurityProperties properties = new XMLSecurityProperties();
properties.setDecryptionKey(priv);
InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
document = StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
// Check the CreditCard decrypted ok
nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
Assert.assertEquals(1, nodeList.getLength());
// Check the SecurityEvents
checkEncryptedContentSecurityEvents(securityEventListener);
checkEncryptionToken(securityEventListener, null, secretKey, SecurityTokenConstants.KeyIdentifier_EncryptedKey, "http://www.w3.org/2001/04/xmlenc#aes256-cbc");
checkEncryptionMethod(securityEventListener, "http://www.w3.org/2001/04/xmlenc#aes256-cbc", "http://www.w3.org/2001/04/xmlenc#rsa-1_5");
}
use of org.apache.xml.security.test.stax.signature.TestSecurityEventListener in project santuario-java by apache.
the class DecryptionTest method testNoKeyInfo.
@Test
public void testNoKeyInfo() throws Exception {
// Read in plaintext document
InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
Document document = builder.parse(sourceDocument);
// Set up the Key
KeyGenerator keygen = KeyGenerator.getInstance("AES");
keygen.init(128);
SecretKey key = keygen.generateKey();
// Set the key up
KeyStore keyStore = KeyStore.getInstance("jks");
keyStore.load(this.getClass().getClassLoader().getResource("transmitter.jks").openStream(), "default".toCharArray());
PrivateKey priv = (PrivateKey) keyStore.getKey("transmitter", "default".toCharArray());
X509Certificate cert = (X509Certificate) keyStore.getCertificate("transmitter");
// Encrypt using DOM
List<String> localNames = new ArrayList<>();
localNames.add("PaymentInfo");
encryptUsingDOM(XMLCipher.AES_128, key, XMLCipher.RSA_OAEP, cert.getPublicKey(), false, document, localNames, true);
// Check the CreditCard encrypted ok
NodeList nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
Assert.assertEquals(nodeList.getLength(), 0);
// XMLUtils.outputDOM(document, System.out);
// Convert Document to a Stream Reader
javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
transformer.transform(new DOMSource(document), new StreamResult(baos));
XMLStreamReader xmlStreamReader = null;
try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
}
// Decrypt
XMLSecurityProperties properties = new XMLSecurityProperties();
properties.setDecryptionKey(priv);
InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
document = StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
// Check the CreditCard decrypted ok
nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
Assert.assertEquals(nodeList.getLength(), 1);
}
use of org.apache.xml.security.test.stax.signature.TestSecurityEventListener in project santuario-java by apache.
the class KeyWrapEncryptionVerificationTest method testRSAOAEPKW.
@Test
public void testRSAOAEPKW() throws Exception {
// Read in plaintext document
InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
Document document = builder.parse(sourceDocument);
// Set up the Key
KeyGenerator keygen = KeyGenerator.getInstance("DESede");
SecretKey key = keygen.generateKey();
// Set up the Key Wrapping Key
XMLCipher cipher = XMLCipher.getInstance(XMLCipher.RSA_OAEP);
Key keyWrappingKey = rsaKeyPair.getPublic();
cipher.init(XMLCipher.WRAP_MODE, keyWrappingKey);
EncryptedKey encryptedKey = cipher.encryptKey(document, key);
// Encrypt using DOM
List<String> localNames = new ArrayList<>();
localNames.add("PaymentInfo");
String encryptionAlgorithm = XMLCipher.TRIPLEDES;
encrypt(encryptedKey, encryptionAlgorithm, document, localNames, key);
// Check the CreditCard encrypted ok
NodeList nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
Assert.assertEquals(nodeList.getLength(), 0);
// XMLUtils.outputDOM(document, System.out);
// Convert Document to a Stream Reader
javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
transformer.transform(new DOMSource(document), new StreamResult(baos));
XMLStreamReader xmlStreamReader = null;
try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
}
// Decrypt
XMLSecurityProperties properties = new XMLSecurityProperties();
properties.setDecryptionKey(rsaKeyPair.getPrivate());
InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
document = StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
// Check the CreditCard decrypted ok
nodeList = document.getElementsByTagNameNS("urn:example:po", "CreditCard");
Assert.assertEquals(nodeList.getLength(), 1);
}
Aggregations