1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.wss4j.dom.message;
21
22 import org.apache.wss4j.common.util.SOAPUtil;
23 import org.apache.wss4j.dom.WSConstants;
24
25 import org.apache.wss4j.dom.engine.WSSConfig;
26 import org.apache.wss4j.dom.engine.WSSecurityEngine;
27 import org.apache.wss4j.dom.engine.WSSecurityEngineResult;
28 import org.apache.wss4j.dom.handler.WSHandlerResult;
29 import org.apache.wss4j.common.crypto.Crypto;
30 import org.apache.wss4j.common.crypto.CryptoFactory;
31 import org.apache.wss4j.common.util.XMLUtils;
32 import org.apache.wss4j.dom.str.STRParser.REFERENCE_TYPE;
33
34 import org.junit.jupiter.api.Test;
35 import org.w3c.dom.Document;
36
37 import static org.junit.jupiter.api.Assertions.assertNotNull;
38 import static org.junit.jupiter.api.Assertions.assertTrue;
39
40
41
42
43 public class SKISignatureTest {
44 private static final org.slf4j.Logger LOG =
45 org.slf4j.LoggerFactory.getLogger(SKISignatureTest.class);
46 private WSSecurityEngine secEngine = new WSSecurityEngine();
47 private Crypto crypto;
48
49 public SKISignatureTest() throws Exception {
50 WSSConfig.init();
51 crypto = CryptoFactory.getInstance("wss40.properties");
52 }
53
54
55
56
57
58
59
60
61
62 @Test
63 public void testX509SignatureDSA_SKI() throws Exception {
64 Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
65 WSSecHeader secHeader = new WSSecHeader(doc);
66 secHeader.insertSecurityHeader();
67
68 WSSecSignature builder = new WSSecSignature(secHeader);
69 builder.setUserInfo("wss40DSA", "security");
70 builder.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
71 builder.setSignatureAlgorithm(WSConstants.DSA);
72
73 LOG.info("Before SigningDSA_SKIDirect....");
74
75 Document signedDoc = builder.build(crypto);
76
77 if (LOG.isDebugEnabled()) {
78 LOG.debug("Signed message with DSA_SKI key identifier:");
79 String outputString =
80 XMLUtils.prettyDocumentToString(signedDoc);
81 LOG.debug(outputString);
82 }
83
84 LOG.info("After SigningDSA_SKIDirect....");
85
86 WSHandlerResult results = verify(signedDoc);
87
88 WSSecurityEngineResult actionResult =
89 results.getActionResults().get(WSConstants.SIGN).get(0);
90 assertNotNull(actionResult.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE));
91 assertNotNull(actionResult.get(WSSecurityEngineResult.TAG_X509_REFERENCE_TYPE));
92 REFERENCE_TYPE referenceType =
93 (REFERENCE_TYPE)actionResult.get(WSSecurityEngineResult.TAG_X509_REFERENCE_TYPE);
94 assertTrue(referenceType == REFERENCE_TYPE.KEY_IDENTIFIER);
95 }
96
97
98
99
100
101
102
103
104
105
106 @Test
107 public void testX509SignatureDSA_Autodetect() throws Exception {
108 Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
109 WSSecHeader secHeader = new WSSecHeader(doc);
110 secHeader.insertSecurityHeader();
111
112 WSSecSignature builder = new WSSecSignature(secHeader);
113 builder.setUserInfo("wss40DSA", "security");
114 builder.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
115
116 LOG.info("Before SigningDSA_Autodetect....");
117
118 Document signedDoc = builder.build(crypto);
119
120 if (LOG.isDebugEnabled()) {
121 LOG.debug("Signed message with DSA_Autodetect:");
122 String outputString =
123 XMLUtils.prettyDocumentToString(signedDoc);
124 LOG.debug(outputString);
125 }
126
127 LOG.info("After SigningDSA_Autodetect....");
128 verify(signedDoc);
129 }
130
131
132
133
134
135
136
137
138
139
140 @Test
141 public void testX509SignatureRSA_Autodetect() throws Exception {
142 Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
143 WSSecHeader secHeader = new WSSecHeader(doc);
144 secHeader.insertSecurityHeader();
145
146 WSSecSignature builder = new WSSecSignature(secHeader);
147 builder.setUserInfo("wss40", "security");
148 builder.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
149
150 LOG.info("Before SigningRSA_Autodetect....");
151
152 Document signedDoc = builder.build(crypto);
153
154 if (LOG.isDebugEnabled()) {
155 LOG.debug("Signed message with RSA Autodetect:");
156 String outputString =
157 XMLUtils.prettyDocumentToString(signedDoc);
158 LOG.debug(outputString);
159 }
160
161 LOG.info("After SigningRSA_Autodetect....");
162 verify(signedDoc);
163 }
164
165
166
167
168
169
170
171 private WSHandlerResult verify(Document doc) throws Exception {
172 return secEngine.processSecurityHeader(doc, null, null, crypto);
173 }
174 }