1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  
20  package org.apache.ws.security.components.crypto;
21  
22  import java.io.InputStream;
23  import java.security.KeyStore;
24  
25  import org.apache.ws.security.WSConstants;
26  import org.apache.ws.security.WSSConfig;
27  import org.apache.ws.security.WSSecurityEngine;
28  import org.apache.ws.security.WSSecurityException;
29  import org.apache.ws.security.common.CustomCrypto;
30  import org.apache.ws.security.common.SOAPUtil;
31  import org.apache.ws.security.message.WSSecHeader;
32  import org.apache.ws.security.message.WSSecSignature;
33  import org.apache.ws.security.util.Loader;
34  import org.w3c.dom.Document;
35  
36  public class CryptoTest extends org.junit.Assert {
37      
38      public CryptoTest() {
39          WSSConfig.init();
40      }
41      
42      @org.junit.Test
43      public void testCrypto() throws Exception {
44          Crypto crypto = CryptoFactory.getInstance();
45          assertTrue(crypto != null);
46      }
47  
48      @org.junit.Test
49      public void testMerlinWithNullProperties() 
50          throws Exception {
51          Crypto crypto = new NullPropertiesCrypto();
52          assertTrue(crypto != null);
53      }
54      
55      /**
56       * Ensure that we can load a custom crypto implementation using a Map
57       */
58      @org.junit.Test
59      public void testCustomCrypto() throws Exception {
60          java.util.Map<Object, Object> tmp = new java.util.TreeMap<Object, Object>();
61          Crypto crypto = CryptoFactory.getInstance(
62              org.apache.ws.security.common.CustomCrypto.class,
63              tmp
64          );
65          assertNotNull(crypto);
66          assertTrue(crypto instanceof CustomCrypto);
67          CustomCrypto custom = (CustomCrypto)crypto;
68          assertSame(tmp, custom.getConfig());
69      }
70      
71      /**
72       * Test for WSS-149 - "Merlin requires org.apache.ws.security.crypto.merlin.file
73       * to be set and point to an existing file"
74       */
75      @org.junit.Test
76      public void testNoKeyStoreFile() throws Exception {
77          Crypto crypto = CryptoFactory.getInstance(
78              "nofile.properties"
79          );
80          assertNotNull(crypto);
81      }
82      
83      /**
84       * Test that we can sign and verify a signature using dynamically loaded keystores/truststore
85       */
86      @org.junit.Test
87      public void testDynamicCrypto() throws Exception {
88          WSSecSignature builder = new WSSecSignature();
89          builder.setUserInfo("wss40", "security");
90          builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
91          
92          Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
93          WSSecHeader secHeader = new WSSecHeader();
94          secHeader.insertSecurityHeader(doc);
95          
96          // Load the keystore
97          Crypto crypto = new Merlin();
98          KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
99          ClassLoader loader = Loader.getClassLoader(CryptoTest.class);
100         InputStream input = Merlin.loadInputStream(loader, "keys/wss40.jks");
101         keyStore.load(input, "security".toCharArray());
102         ((Merlin)crypto).setKeyStore(keyStore);
103         Document signedDoc = builder.build(doc, crypto, secHeader);
104 
105         // Load the truststore
106         Crypto processCrypto = new Merlin();
107         KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
108         input = Merlin.loadInputStream(loader, "keys/wss40CA.jks");
109         trustStore.load(input, "security".toCharArray());
110         ((Merlin)processCrypto).setTrustStore(trustStore);
111         
112         WSSecurityEngine secEngine = new WSSecurityEngine();
113         secEngine.processSecurityHeader(signedDoc, null, null, processCrypto);
114         
115         // Load a (bad) truststore
116         processCrypto = new Merlin();
117         trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
118         input = Merlin.loadInputStream(loader, "keys/wss40badca.jks");
119         trustStore.load(input, "security".toCharArray());
120         ((Merlin)processCrypto).setTrustStore(trustStore);
121         
122         try {
123             secEngine.processSecurityHeader(signedDoc, null, null, processCrypto);
124             fail("Expected failure on a bad trust store");
125         } catch (WSSecurityException ex) {
126             // expected
127         }
128     }
129     
130     /**
131      * WSS-102 -- ensure Merlin will null properties
132      * can be instantiated
133      */
134     private static class NullPropertiesCrypto extends Merlin {
135         public NullPropertiesCrypto() 
136             throws Exception {
137             super((java.util.Properties) null);
138         }
139     }
140 }