1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.wss4j.dom.processor;
21
22 import java.util.List;
23
24 import javax.crypto.KeyGenerator;
25 import javax.crypto.SecretKey;
26 import javax.security.auth.callback.CallbackHandler;
27
28 import org.apache.wss4j.common.util.SOAPUtil;
29 import org.apache.wss4j.dom.WSConstants;
30 import org.apache.wss4j.dom.WSDataRef;
31 import org.apache.wss4j.dom.common.KeystoreCallbackHandler;
32
33 import org.apache.wss4j.dom.engine.WSSConfig;
34 import org.apache.wss4j.dom.engine.WSSecurityEngine;
35 import org.apache.wss4j.dom.engine.WSSecurityEngineResult;
36 import org.apache.wss4j.dom.handler.WSHandlerResult;
37 import org.apache.wss4j.common.WSEncryptionPart;
38 import org.apache.wss4j.common.crypto.Crypto;
39 import org.apache.wss4j.common.crypto.CryptoFactory;
40 import org.apache.wss4j.common.util.KeyUtils;
41 import org.apache.wss4j.dom.message.WSSecEncrypt;
42 import org.apache.wss4j.dom.message.WSSecHeader;
43
44 import org.junit.jupiter.api.Test;
45 import org.w3c.dom.Document;
46 import org.w3c.dom.Element;
47
48 import static org.junit.jupiter.api.Assertions.assertEquals;
49 import static org.junit.jupiter.api.Assertions.assertNotNull;
50 import static org.junit.jupiter.api.Assertions.assertTrue;
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65 public class EncryptedKeyDataRefTest {
66 private static final org.slf4j.Logger LOG =
67 org.slf4j.LoggerFactory.getLogger(EncryptedKeyDataRefTest.class);
68 private WSSecurityEngine secEngine = new WSSecurityEngine();
69 private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
70 private Crypto crypto;
71
72 public EncryptedKeyDataRefTest() throws Exception {
73 crypto = CryptoFactory.getInstance("wss40.properties");
74 WSSConfig.init();
75 }
76
77
78
79
80
81
82
83
84 @Test
85 public void testDataRefEncryptedKeyProcessor() throws Exception {
86 Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
87 WSSecHeader secHeader = new WSSecHeader(doc);
88 secHeader.insertSecurityHeader();
89
90 WSSecEncrypt builder = new WSSecEncrypt(secHeader);
91 builder.setUserInfo("wss40");
92 builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
93 builder.setSymmetricEncAlgorithm(WSConstants.TRIPLE_DES);
94 LOG.info("Before Encryption Triple DES....");
95
96 KeyGenerator keyGen = KeyUtils.getKeyGenerator(WSConstants.TRIPLE_DES);
97 SecretKey symmetricKey = keyGen.generateKey();
98
99
100
101
102 builder.prepare(crypto, symmetricKey);
103
104
105
106
107 WSEncryptionPart encP =
108 new WSEncryptionPart(
109 "add", "http://ws.apache.org/counter/counter_port_type", "Element"
110 );
111 builder.getParts().add(encP);
112
113
114
115
116
117
118 Element refs = builder.encrypt(symmetricKey);
119
120
121
122
123
124 builder.addInternalRefElement(refs);
125
126
127
128
129
130 builder.prependToHeader();
131
132 builder.prependBSTElementToHeader();
133
134 Document encryptedDoc = doc;
135 LOG.info("After Encryption Triple DES....");
136
137 checkDataRef(encryptedDoc);
138 }
139
140
141
142
143
144
145
146
147 @SuppressWarnings("unchecked")
148 private void checkDataRef(Document doc) throws Exception {
149
150
151 WSHandlerResult wsResults =
152 secEngine.processSecurityHeader(doc, null, callbackHandler, crypto);
153 boolean found = false;
154
155 for (WSSecurityEngineResult wsSecEngineResult : wsResults.getResults()) {
156 int action = (Integer)
157 wsSecEngineResult.get(WSSecurityEngineResult.TAG_ACTION);
158
159
160 if (action != WSConstants.ENCR) {
161 continue;
162 }
163 List<WSDataRef> dataRefs = (List<WSDataRef>)wsSecEngineResult
164 .get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
165
166
167 if (dataRefs != null && !dataRefs.isEmpty()) {
168 for (Object obj : dataRefs) {
169
170
171 assertTrue(obj instanceof WSDataRef);
172
173 WSDataRef dataRef = (WSDataRef) obj;
174
175
176 assertEquals("add", dataRef.getName().getLocalPart());
177 assertEquals(
178 "http://ws.apache.org/counter/counter_port_type",
179 dataRef.getName().getNamespaceURI()
180 );
181
182
183 assertNotNull(dataRef.getWsuId());
184
185
186 assertEquals(WSConstants.TRIPLE_DES, dataRef.getAlgorithm());
187
188
189 found = true;
190
191 }
192 }
193 }
194
195
196 assertTrue(found);
197
198 }
199
200 }