1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.wss4j.dom.message;
21
22 import static org.junit.jupiter.api.Assertions.assertNotNull;
23 import static org.junit.jupiter.api.Assertions.assertTrue;
24
25 import org.apache.wss4j.common.crypto.Crypto;
26 import org.apache.wss4j.common.crypto.CryptoFactory;
27 import org.apache.wss4j.common.util.SOAPUtil;
28 import org.apache.wss4j.common.util.XMLUtils;
29 import org.apache.wss4j.dom.WSConstants;
30 import org.apache.wss4j.dom.common.KeystoreCallbackHandler;
31
32 import org.apache.wss4j.dom.engine.WSSConfig;
33 import org.apache.wss4j.dom.engine.WSSecurityEngine;
34 import org.apache.wss4j.dom.engine.WSSecurityEngineResult;
35 import org.apache.wss4j.dom.handler.RequestData;
36 import org.apache.wss4j.dom.handler.WSHandlerResult;
37 import org.apache.wss4j.dom.str.STRParser.REFERENCE_TYPE;
38 import org.apache.wss4j.dom.util.WSSecurityUtil;
39 import org.bouncycastle.jce.provider.BouncyCastleProvider;
40
41 import org.junit.jupiter.api.Test;
42 import org.w3c.dom.Document;
43 import org.w3c.dom.Element;
44
45
46
47
48
49 public class SignatureProviderTest {
50 private static final org.slf4j.Logger LOG =
51 org.slf4j.LoggerFactory.getLogger(SignatureProviderTest.class);
52
53 private WSSecurityEngine secEngine = new WSSecurityEngine();
54
55 public SignatureProviderTest() throws Exception {
56 WSSConfig.init();
57 }
58
59 @Test
60 public void testBouncyCastleSignature() throws Exception {
61 Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
62 WSSecHeader secHeader = new WSSecHeader(doc);
63 secHeader.insertSecurityHeader();
64
65 WSSecSignature builder = new WSSecSignature(secHeader);
66 builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
67 builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
68 builder.setSignatureProvider(new BouncyCastleProvider());
69 LOG.info("Before Signing IS....");
70
71 Crypto crypto = CryptoFactory.getInstance();
72 Document signedDoc = builder.build(crypto);
73
74 if (LOG.isDebugEnabled()) {
75 LOG.debug("Signed message with IssuerSerial key identifier:");
76 String outputString =
77 XMLUtils.prettyDocumentToString(signedDoc);
78 LOG.debug(outputString);
79 }
80 LOG.info("After Signing IS....");
81 WSHandlerResult results = verify(signedDoc, crypto);
82
83 WSSecurityEngineResult actionResult =
84 results.getActionResults().get(WSConstants.SIGN).get(0);
85 assertNotNull(actionResult.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE));
86 assertNotNull(actionResult.get(WSSecurityEngineResult.TAG_X509_REFERENCE_TYPE));
87 REFERENCE_TYPE referenceType =
88 (REFERENCE_TYPE)actionResult.get(WSSecurityEngineResult.TAG_X509_REFERENCE_TYPE);
89 assertTrue(referenceType == REFERENCE_TYPE.ISSUER_SERIAL);
90 }
91
92 private WSHandlerResult verify(Document doc, Crypto crypto) throws Exception {
93 RequestData data = new RequestData();
94 data.setWssConfig(WSSConfig.getNewInstance());
95 data.setSigVerCrypto(crypto);
96 data.setDecCrypto(crypto);
97 data.setSignatureProvider(new BouncyCastleProvider());
98 data.setCallbackHandler(new KeystoreCallbackHandler());
99 Element securityHeader = WSSecurityUtil.getSecurityHeader(doc, null);
100 return secEngine.processSecurityHeader(securityHeader, data);
101 }
102
103 }