View Javadoc
1   /**
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements. See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    *
10   * http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied. See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  
20  package org.apache.wss4j.dom.message;
21  
22  import java.util.List;
23  
24  import org.apache.wss4j.common.WSEncryptionPart;
25  import org.apache.wss4j.common.crypto.Crypto;
26  import org.apache.wss4j.common.crypto.CryptoFactory;
27  import org.apache.wss4j.common.util.SOAPUtil;
28  import org.apache.wss4j.common.util.XMLUtils;
29  import org.apache.wss4j.dom.WSConstants;
30  
31  import org.apache.wss4j.dom.engine.WSSConfig;
32  import org.apache.wss4j.dom.engine.WSSecurityEngine;
33  import org.apache.wss4j.dom.handler.WSHandlerResult;
34  
35  import org.junit.jupiter.api.Test;
36  import org.w3c.dom.Document;
37  
38  
39  /**
40   * Test signing with an existing wsu namespace defined with a different prefix to "wsu"
41   */
42  public class SignatureWSS651Test {
43      private static final org.slf4j.Logger LOG =
44          org.slf4j.LoggerFactory.getLogger(SignatureWSS651Test.class);
45  
46      private static final String SAMPLE_SOAP_MSG_WSU_NS =
47          "<?xml version=\"1.0\" encoding=\"UTF-8\"?>"
48          + "<SOAP-ENV:Envelope "
49          +   "xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" "
50          +   "xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" "
51          +   "xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" "
52          +   "xmlns:u=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\" "
53          +   ">"
54          +   "<SOAP-ENV:Body>"
55          +       "<add xmlns=\"http://ws.apache.org/counter/counter_port_type\">"
56          +           "<value xmlns=\"\">15</value>"
57          +       "</add>"
58          +   "</SOAP-ENV:Body>"
59          + "</SOAP-ENV:Envelope>";
60  
61      private WSSecurityEngine secEngine = new WSSecurityEngine();
62      private Crypto crypto;
63  
64      public SignatureWSS651Test() throws Exception {
65          WSSConfig.init();
66          crypto = CryptoFactory.getInstance();
67      }
68  
69      @Test
70      public void testSignedTimestamp() throws Exception {
71          Document doc = SOAPUtil.toSOAPPart(SAMPLE_SOAP_MSG_WSU_NS);
72          WSSecHeader secHeader = new WSSecHeader(doc);
73          secHeader.insertSecurityHeader();
74  
75          WSSecTimestamp timestamp = new WSSecTimestamp(secHeader);
76          timestamp.setTimeToLive(300);
77          timestamp.build();
78  
79          WSSecSignature builder = new WSSecSignature(secHeader);
80          builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
81  
82          // builder.setAddInclusivePrefixes(false);
83  
84          WSEncryptionPart encP =
85              new WSEncryptionPart(
86                  "Timestamp",
87                  WSConstants.WSU_NS,
88                  "");
89          builder.getParts().add(encP);
90  
91          builder.prepare(crypto);
92  
93          List<javax.xml.crypto.dsig.Reference> referenceList =
94              builder.addReferencesToSign(builder.getParts());
95  
96          builder.computeSignature(referenceList, false, null);
97  
98          String outputString = XMLUtils.prettyDocumentToString(doc);
99  
100         if (LOG.isDebugEnabled()) {
101             LOG.debug("After Signing....");
102             LOG.debug(outputString);
103         }
104 
105         verify(doc);
106 
107         Document doc2 = SOAPUtil.toSOAPPart(outputString);
108         verify(doc2);
109     }
110 
111     /**
112      * Verifies the soap envelope.
113      * This method verifies all the signature generated.
114      *
115      * @param doc soap document
116      * @throws Exception Thrown when there is a problem in verification
117      */
118     private WSHandlerResult verify(Document doc) throws Exception {
119         return secEngine.processSecurityHeader(doc, null, null, crypto);
120     }
121 
122 }