Examples with ResolverDirectHTTP org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP used on opensource projects

Example 21 with ResolverDirectHTTP

use of org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP in project santuario-java by apache.

the class BaltimoreTest method test_signature_keyname_18.

@Test
public void test_signature_keyname_18() throws Exception {
    Proxy proxy = HttpRequestRedirectorProxy.startHttpEngine();
    try {
        ResolverHttp.setProxy(proxy);
        ResolverDirectHTTP resolverDirectHTTP = new ResolverDirectHTTP();
        resolverDirectHTTP.engineSetProperty("http.proxy.host", ((InetSocketAddress) proxy.address()).getAddress().getHostAddress());
        resolverDirectHTTP.engineSetProperty("http.proxy.port", "" + ((InetSocketAddress) proxy.address()).getPort());
        TestUtils.switchAllowNotSameDocumentReferences(true);
        // Read in plaintext document
        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmldsig-eighteen/signature-keyname.xml");
        DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
        Document document = builder.parse(sourceDocument);
        // Set up the Key
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        InputStream sourceCert = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmldsig-eighteen/certs/lugh.crt");
        Certificate cert = cf.generateCertificate(sourceCert);
        // XMLUtils.outputDOM(document, System.out);
        // Convert Document to a Stream Reader
        javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        transformer.transform(new DOMSource(document), new StreamResult(baos));
        XMLStreamReader xmlStreamReader = null;
        try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
            xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
        }
        // Verify signature
        XMLSecurityProperties properties = new XMLSecurityProperties();
        properties.setSignatureVerificationKey(cert.getPublicKey());
        InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
        TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
        XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
        StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
        // Check the SecurityEvents
        checkSignatureToken(securityEventListener, cert.getPublicKey(), SecurityTokenConstants.KeyIdentifier_KeyName);
    } finally {
        TestUtils.switchAllowNotSameDocumentReferences(false);
        HttpRequestRedirectorProxy.stopHttpEngine();
    }
}

Example 22 with ResolverDirectHTTP

use of org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP in project santuario-java by apache.

the class BaltimoreTest method test_twenty_three_external_dsa.

// See SANTUARIO-319
@Test
public void test_twenty_three_external_dsa() throws Exception {
    Proxy proxy = HttpRequestRedirectorProxy.startHttpEngine();
    try {
        ResolverHttp.setProxy(proxy);
        ResolverDirectHTTP resolverDirectHTTP = new ResolverDirectHTTP();
        resolverDirectHTTP.engineSetProperty("http.proxy.host", ((InetSocketAddress) proxy.address()).getAddress().getHostAddress());
        resolverDirectHTTP.engineSetProperty("http.proxy.port", "" + ((InetSocketAddress) proxy.address()).getPort());
        TestUtils.switchAllowNotSameDocumentReferences(true);
        // Read in plaintext document
        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/signature-external-dsa.xml");
        DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
        Document document = builder.parse(sourceDocument);
        // Set up the Key
        Key publicKey = getPublicKey("DSA", 23);
        // XMLUtils.outputDOM(document, System.out);
        // Convert Document to a Stream Reader
        javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        transformer.transform(new DOMSource(document), new StreamResult(baos));
        XMLStreamReader xmlStreamReader = null;
        try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
            xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
        }
        // Verify signature
        XMLSecurityProperties properties = new XMLSecurityProperties();
        properties.setSignatureVerificationKey(publicKey);
        InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
        TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
        XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
        StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
        // Check the SecurityEvents
        checkSignatureToken(securityEventListener, getPublicKey("RSA", 23), SecurityTokenConstants.KeyIdentifier_KeyValue);
    } finally {
        TestUtils.switchAllowNotSameDocumentReferences(false);
        HttpRequestRedirectorProxy.stopHttpEngine();
    }
}

Example 23 with ResolverDirectHTTP

use of org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP in project santuario-java by apache.

the class BaltimoreTest method test_signature_retrievalmethod_rawx509crt.

// See SANTUARIO-319
@Test
public void test_signature_retrievalmethod_rawx509crt() throws Exception {
    Proxy proxy = HttpRequestRedirectorProxy.startHttpEngine();
    try {
        ResolverHttp.setProxy(proxy);
        ResolverDirectHTTP resolverDirectHTTP = new ResolverDirectHTTP();
        resolverDirectHTTP.engineSetProperty("http.proxy.host", ((InetSocketAddress) proxy.address()).getAddress().getHostAddress());
        resolverDirectHTTP.engineSetProperty("http.proxy.port", "" + ((InetSocketAddress) proxy.address()).getPort());
        TestUtils.switchAllowNotSameDocumentReferences(true);
        // Read in plaintext document
        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt.xml");
        DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
        Document document = builder.parse(sourceDocument);
        // Set up the Key
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        InputStream sourceCert = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/certs/balor.crt");
        Certificate cert = cf.generateCertificate(sourceCert);
        // XMLUtils.outputDOM(document, System.out);
        // Convert Document to a Stream Reader
        javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        transformer.transform(new DOMSource(document), new StreamResult(baos));
        XMLStreamReader xmlStreamReader = null;
        try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
            xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
        }
        // Verify signature
        XMLSecurityProperties properties = new XMLSecurityProperties();
        properties.setSignatureVerificationKey(cert.getPublicKey());
        InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
        XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader);
        StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
    } finally {
        TestUtils.switchAllowNotSameDocumentReferences(false);
        HttpRequestRedirectorProxy.stopHttpEngine();
    }
}

Example 24 with ResolverDirectHTTP

use of org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP in project santuario-java by apache.

the class BaltimoreTest method test_signature_x509_crt_crl.

// See SANTUARIO-319
@Test
public void test_signature_x509_crt_crl() throws Exception {
    Proxy proxy = HttpRequestRedirectorProxy.startHttpEngine();
    try {
        ResolverHttp.setProxy(proxy);
        ResolverDirectHTTP resolverDirectHTTP = new ResolverDirectHTTP();
        resolverDirectHTTP.engineSetProperty("http.proxy.host", ((InetSocketAddress) proxy.address()).getAddress().getHostAddress());
        resolverDirectHTTP.engineSetProperty("http.proxy.port", "" + ((InetSocketAddress) proxy.address()).getPort());
        TestUtils.switchAllowNotSameDocumentReferences(true);
        // Read in plaintext document
        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/signature-x509-crt-crl.xml");
        DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
        Document document = builder.parse(sourceDocument);
        // XMLUtils.outputDOM(document, System.out);
        // Convert Document to a Stream Reader
        javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        transformer.transform(new DOMSource(document), new StreamResult(baos));
        XMLStreamReader xmlStreamReader = null;
        try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
            xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
        }
        // Verify signature
        XMLSecurityProperties properties = new XMLSecurityProperties();
        InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
        XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader);
        StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
    } finally {
        TestUtils.switchAllowNotSameDocumentReferences(false);
        HttpRequestRedirectorProxy.stopHttpEngine();
    }
}

Example 25 with ResolverDirectHTTP

use of org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP in project santuario-java by apache.

the class SignatureVerificationReferenceURIResolverTest method testSignatureVerificationWithExternalHttpReference.

@Test
public void testSignatureVerificationWithExternalHttpReference() throws Exception {
    Proxy proxy = HttpRequestRedirectorProxy.startHttpEngine();
    try {
        ResolverHttp.setProxy(proxy);
        ResolverDirectHTTP resolverDirectHTTP = new ResolverDirectHTTP();
        resolverDirectHTTP.engineSetProperty("http.proxy.host", ((InetSocketAddress) proxy.address()).getAddress().getHostAddress());
        resolverDirectHTTP.engineSetProperty("http.proxy.port", "" + ((InetSocketAddress) proxy.address()).getPort());
        TestUtils.switchAllowNotSameDocumentReferences(true);
        // Read in plaintext document
        InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
        DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
        Document document = builder.parse(sourceDocument);
        // Set up the Key
        KeyStore keyStore = KeyStore.getInstance("jks");
        keyStore.load(this.getClass().getClassLoader().getResource("transmitter.jks").openStream(), "default".toCharArray());
        Key key = keyStore.getKey("transmitter", "default".toCharArray());
        X509Certificate cert = (X509Certificate) keyStore.getCertificate("transmitter");
        // Sign using DOM
        List<String> localNames = new ArrayList<>();
        localNames.add("PaymentInfo");
        ReferenceInfo referenceInfo = new ReferenceInfo("http://www.w3.org/Signature/2002/04/xml-stylesheet.b64", null, "http://www.w3.org/2000/09/xmldsig#sha1", true);
        List<ReferenceInfo> referenceInfos = new ArrayList<>();
        referenceInfos.add(referenceInfo);
        XMLSignature sig = signUsingDOM("http://www.w3.org/2000/09/xmldsig#rsa-sha1", document, localNames, key, referenceInfos, resolverDirectHTTP);
        // Add KeyInfo
        sig.addKeyInfo(cert);
        // Convert Document to a Stream Reader
        javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        transformer.transform(new DOMSource(document), new StreamResult(baos));
        XMLStreamReader xmlStreamReader = null;
        try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
            xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
        }
        // Verify signature
        XMLSecurityProperties properties = new XMLSecurityProperties();
        properties.setSignatureVerificationKey(cert.getPublicKey());
        InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
        XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader);
        StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
    } finally {
        TestUtils.switchAllowNotSameDocumentReferences(false);
        HttpRequestRedirectorProxy.stopHttpEngine();
    }
}