Class VulnerabliltyVectorsTest

    • Constructor Detail

      • VulnerabliltyVectorsTest

        public VulnerabliltyVectorsTest()
    • Method Detail

      • testRecursiveKeyReferencesDOS

        @Test
        public void testRecursiveKeyReferencesDOS()
                                           throws Exception
        Tests if the framework is vulnerable to recursive key references
        Throws:
        Exception
      • test_publicURIReferenceDOS

        @Test
        public void test_publicURIReferenceDOS()
                                        throws Exception
        Since we don't support (yet) external URI refs this shouldn't be a problem.

        Throws:
        Exception
      • testTransformationCodeInjection

        @Test
        public void testTransformationCodeInjection()
                                             throws Exception
        Throws:
        Exception
      • testMaximumAllowedReferencesPerManifest

        @Test
        public void testMaximumAllowedReferencesPerManifest()
                                                     throws Exception
        Throws:
        Exception
      • testDisallowMD5Algorithm

        @Test
        public void testDisallowMD5Algorithm()
                                      throws Exception
        Throws:
        Exception
      • testModifiedEncryptedKeyCipherValue

        @Test
        public void testModifiedEncryptedKeyCipherValue()
                                                 throws Exception
        Throws:
        Exception
      • testDisallowRSA15Algorithm

        @Test
        public void testDisallowRSA15Algorithm()
                                        throws Exception
        Test if the RSA 1.5 key transport algorithm will be rejected by default. Standard key transport algorithm is RSA-OAEP
        Throws:
        Exception