Package org.apache.wss4j.stax.test
Class VulnerabliltyVectorsTest
- java.lang.Object
-
- org.apache.wss4j.stax.test.AbstractTestBase
-
- org.apache.wss4j.stax.test.VulnerabliltyVectorsTest
-
public class VulnerabliltyVectorsTest extends AbstractTestBase
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class org.apache.wss4j.stax.test.AbstractTestBase
AbstractTestBase.TestSecurityEventListener
-
-
Field Summary
-
Fields inherited from class org.apache.wss4j.stax.test.AbstractTestBase
documentBuilderFactory, SECURED_DOCUMENT, TRANSFORMER_FACTORY, xmlInputFactory
-
-
Constructor Summary
Constructors Constructor Description VulnerabliltyVectorsTest()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
test_publicURIReferenceDOS()
Since we don't support (yet) external URI refs this shouldn't be a problem.void
testDisallowMD5Algorithm()
void
testDisallowRSA15Algorithm()
Test if the RSA 1.5 key transport algorithm will be rejected by default.void
testMaximumAllowedReferencesPerManifest()
void
testModifiedEncryptedKeyCipherValue()
void
testRecursiveKeyReferencesDOS()
Tests if the framework is vulnerable to recursive key referencesvoid
testTransformationCodeInjection()
-
Methods inherited from class org.apache.wss4j.stax.test.AbstractTestBase
doInboundSecurity, doInboundSecurity, doInboundSecurity, doInboundSecurity, doInboundSecurity, doInboundSecurity, doInboundSecurityWithWSS4J, doInboundSecurityWithWSS4J_1, doInboundSecurityWithWSS4J_1, doOutboundSecurity, doOutboundSecurity, doOutboundSecurityWithWSS4J, doOutboundSecurityWithWSS4J_1, getJavaSpecificationVersion, getMessageContext, getXPath
-
-
-
-
Method Detail
-
testRecursiveKeyReferencesDOS
@Test public void testRecursiveKeyReferencesDOS() throws Exception
Tests if the framework is vulnerable to recursive key references- Throws:
Exception
-
test_publicURIReferenceDOS
@Test public void test_publicURIReferenceDOS() throws Exception
Since we don't support (yet) external URI refs this shouldn't be a problem.- Throws:
Exception
-
testTransformationCodeInjection
@Test public void testTransformationCodeInjection() throws Exception
- Throws:
Exception
-
testMaximumAllowedReferencesPerManifest
@Test public void testMaximumAllowedReferencesPerManifest() throws Exception
- Throws:
Exception
-
testDisallowMD5Algorithm
@Test public void testDisallowMD5Algorithm() throws Exception
- Throws:
Exception
-
testModifiedEncryptedKeyCipherValue
@Test public void testModifiedEncryptedKeyCipherValue() throws Exception
- Throws:
Exception
-
-