1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.wss4j.dom.message;
21
22 import java.util.Collections;
23 import java.util.Properties;
24
25 import javax.crypto.KeyGenerator;
26 import javax.crypto.SecretKey;
27 import javax.security.auth.callback.CallbackHandler;
28
29 import org.apache.wss4j.common.crypto.Crypto;
30 import org.apache.wss4j.common.crypto.CryptoFactory;
31 import org.apache.wss4j.common.crypto.JasyptPasswordEncryptor;
32 import org.apache.wss4j.common.crypto.PasswordEncryptor;
33 import org.apache.wss4j.common.util.KeyUtils;
34 import org.apache.wss4j.common.util.Loader;
35 import org.apache.wss4j.common.util.SOAPUtil;
36 import org.apache.wss4j.common.util.XMLUtils;
37 import org.apache.wss4j.dom.WSConstants;
38 import org.apache.wss4j.dom.common.CustomHandler;
39 import org.apache.wss4j.dom.common.KeystoreCallbackHandler;
40
41 import org.apache.wss4j.dom.engine.WSSConfig;
42 import org.apache.wss4j.dom.engine.WSSecurityEngine;
43 import org.apache.wss4j.dom.handler.HandlerAction;
44 import org.apache.wss4j.dom.handler.RequestData;
45 import org.apache.wss4j.dom.handler.WSHandlerConstants;
46 import org.apache.wss4j.dom.handler.WSHandlerResult;
47
48 import org.junit.jupiter.api.Test;
49 import org.w3c.dom.Document;
50
51 import static org.junit.jupiter.api.Assertions.assertNotNull;
52
53
54
55
56
57
58 public class PasswordEncryptorTest {
59 private static final org.slf4j.Logger LOG =
60 org.slf4j.LoggerFactory.getLogger(PasswordEncryptorTest.class);
61
62 private WSSecurityEngine secEngine = new WSSecurityEngine();
63 private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
64 private PasswordEncryptor passwordEncryptor =
65 new JasyptPasswordEncryptor("this-is-a-secret");
66 private Crypto crypto;
67
68 public PasswordEncryptorTest() throws Exception {
69 WSSConfig.init();
70 Properties properties =
71 CryptoFactory.getProperties("crypto_enc.properties",
72 Loader.getClassLoader(CryptoFactory.class));
73 crypto =
74 CryptoFactory.getInstance(properties,
75 Loader.getClassLoader(CryptoFactory.class),
76 passwordEncryptor);
77 }
78
79 @Test
80 public void testEncryptedPassword() throws Exception {
81 String encryptedPassword = passwordEncryptor.encrypt("security");
82
83 assertNotNull(encryptedPassword);
84 }
85
86 @Test
87 public void testSignature() throws Exception {
88 Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
89 WSSecHeader secHeader = new WSSecHeader(doc);
90 secHeader.insertSecurityHeader();
91
92 WSSecSignature builder = new WSSecSignature(secHeader);
93 builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
94 builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
95
96 Document signedDoc = builder.build(crypto);
97
98 if (LOG.isDebugEnabled()) {
99 String outputString =
100 XMLUtils.prettyDocumentToString(signedDoc);
101 LOG.debug(outputString);
102 }
103 verify(signedDoc);
104 }
105
106 @Test
107 public void testSignatureWSHandler() throws Exception {
108 final WSSConfig cfg = WSSConfig.getNewInstance();
109 final RequestData reqData = new RequestData();
110 reqData.setWssConfig(cfg);
111 reqData.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");
112 java.util.Map<String, Object> config = new java.util.TreeMap<>();
113 config.put(WSHandlerConstants.SIG_PROP_FILE, "crypto_enc.properties");
114 config.put(WSHandlerConstants.PW_CALLBACK_REF, callbackHandler);
115 reqData.setMsgContext(config);
116
117 final Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
118 CustomHandler handler = new CustomHandler();
119 HandlerAction action = new HandlerAction(WSConstants.SIGN);
120 handler.send(
121 doc,
122 reqData,
123 Collections.singletonList(action),
124 true
125 );
126
127 String outputString =
128 XMLUtils.prettyDocumentToString(doc);
129 if (LOG.isDebugEnabled()) {
130 LOG.debug(outputString);
131 }
132
133 verify(doc);
134 }
135
136 @Test
137 public void testDecryption() throws Exception {
138 Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
139 WSSecHeader secHeader = new WSSecHeader(doc);
140 secHeader.insertSecurityHeader();
141
142 WSSecEncrypt builder = new WSSecEncrypt(secHeader);
143 builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
144 builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
145 builder.setKeyEncAlgo(WSConstants.KEYTRANSPORT_RSAOAEP);
146
147 KeyGenerator keyGen = KeyUtils.getKeyGenerator(WSConstants.AES_128);
148 SecretKey symmetricKey = keyGen.generateKey();
149 Document encryptedDoc = builder.build(crypto, symmetricKey);
150
151 String outputString =
152 XMLUtils.prettyDocumentToString(encryptedDoc);
153 if (LOG.isDebugEnabled()) {
154 LOG.debug(outputString);
155 }
156
157 verify(encryptedDoc);
158 }
159
160 @Test
161 public void testDecryptionWSHandler() throws Exception {
162 final WSSConfig cfg = WSSConfig.getNewInstance();
163 final RequestData reqData = new RequestData();
164 reqData.setWssConfig(cfg);
165 reqData.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");
166 java.util.Map<String, Object> config = new java.util.TreeMap<>();
167 config.put(WSHandlerConstants.ENC_PROP_FILE, "crypto_enc.properties");
168 config.put(WSHandlerConstants.PW_CALLBACK_REF, callbackHandler);
169 reqData.setMsgContext(config);
170
171 final Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
172 CustomHandler handler = new CustomHandler();
173 HandlerAction action = new HandlerAction(WSConstants.ENCR);
174 handler.send(
175 doc,
176 reqData,
177 Collections.singletonList(action),
178 true
179 );
180
181 String outputString =
182 XMLUtils.prettyDocumentToString(doc);
183 if (LOG.isDebugEnabled()) {
184 LOG.debug(outputString);
185 }
186
187 verify(doc);
188 }
189
190
191
192
193
194
195
196
197 private WSHandlerResult verify(Document doc) throws Exception {
198 return secEngine.processSecurityHeader(doc, null, callbackHandler, crypto);
199 }
200
201 }