Google Git
Sign in
apache / santuario-java / 55afda3c7e733f69ada8dfb70a7061159dafaa9c / . / src / test / java / org / apache / xml / security / test / dom / keys / keyresolver / KeyInfoReferenceResolverTest.java
blob: fad83c7eda4a1fede51774d369c3006da90769fa [file] [log] [blame]
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.xml.security.test.dom.keys.keyresolver;
import java.io.FileInputStream;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.X509EncodedKeySpec;
import org.apache.xml.security.Init;
import org.apache.xml.security.keys.KeyInfo;
import org.apache.xml.security.utils.Constants;
import org.apache.xml.security.utils.JavaUtils;
import org.apache.xml.security.utils.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
public class KeyInfoReferenceResolverTest {
private static final String BASEDIR = System.getProperty("basedir") == null ? "./": System.getProperty("basedir");
private static final String SEP = System.getProperty("file.separator");
public KeyInfoReferenceResolverTest() throws Exception {
if (!Init.isInitialized()) {
Init.init();
}
}
@org.junit.Test
public void testRSAPublicKey() throws Exception {
PublicKey rsaKeyControl = loadPublicKey("rsa-KeyInfoReference.key", "RSA");
Document doc = loadXML("KeyInfoReference-RSA.xml");
markKeyInfoIdAttrs(doc);
Element referenceElement = doc.getElementById("theReference");
assertNotNull(referenceElement);
KeyInfo keyInfo = new KeyInfo(referenceElement, "");
assertEquals(rsaKeyControl, keyInfo.getPublicKey());
}
@org.junit.Test
public void testX509Certificate() throws Exception {
X509Certificate certControl = loadCertificate("cert-KeyInfoReference.crt");
Document doc = loadXML("KeyInfoReference-X509Certificate.xml");
markKeyInfoIdAttrs(doc);
Element referenceElement = doc.getElementById("theReference");
assertNotNull(referenceElement);
KeyInfo keyInfo = new KeyInfo(referenceElement, "");
assertEquals(certControl, keyInfo.getX509Certificate());
assertEquals(certControl.getPublicKey(), keyInfo.getPublicKey());
}
@org.junit.Test
public void testWrongReferentType() throws Exception {
Document doc = loadXML("KeyInfoReference-WrongReferentType.xml");
markKeyInfoIdAttrs(doc);
// Mark the ID-ness of the bogus element so can be resolved
NodeList nl = doc.getElementsByTagNameNS("http://www.example.org/test", "KeyInfo");
for (int i = 0; i < nl.getLength(); i++) {
Element keyInfoElement = (Element) nl.item(i);
keyInfoElement.setIdAttributeNS(null, Constants._ATT_ID, true);
}
Element referenceElement = doc.getElementById("theReference");
assertNotNull(referenceElement);
KeyInfo keyInfo = new KeyInfo(referenceElement, "");
assertNull(keyInfo.getPublicKey());
}
@org.junit.Test
public void testSameDocumentReferenceChain() throws Exception {
Document doc = loadXML("KeyInfoReference-ReferenceChain.xml");
markKeyInfoIdAttrs(doc);
Element referenceElement = doc.getElementById("theReference");
assertNotNull(referenceElement);
KeyInfo keyInfo = new KeyInfo(referenceElement, "");
// Chains of references are not supported at this time
assertNull(keyInfo.getPublicKey());
}
@org.junit.Test
public void testSameDocumentReferenceChainWithSecureValidation() throws Exception {
Document doc = loadXML("KeyInfoReference-ReferenceChain.xml");
markKeyInfoIdAttrs(doc);
Element referenceElement = doc.getElementById("theReference");
assertNotNull(referenceElement);
KeyInfo keyInfo = new KeyInfo(referenceElement, "");
keyInfo.setSecureValidation(true);
// Chains of references are not supported at this time
assertNull(keyInfo.getPublicKey());
}
// Utility methods
private String getControlFilePath(String fileName) {
return BASEDIR + SEP + "src" + SEP + "test" + SEP + "resources" +
SEP + "org" + SEP + "apache" + SEP + "xml" + SEP + "security" +
SEP + "keyresolver" +
SEP + fileName;
}
private Document loadXML(String fileName) throws Exception {
return XMLUtils.read(new FileInputStream(getControlFilePath(fileName)), false);
}
private PublicKey loadPublicKey(String filePath, String algorithm) throws Exception {
String fileData = new String(JavaUtils.getBytesFromFile(getControlFilePath(filePath)));
byte[] keyBytes = XMLUtils.decode(fileData);
KeyFactory kf = KeyFactory.getInstance(algorithm);
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
return kf.generatePublic(keySpec);
}
private X509Certificate loadCertificate(String fileName) throws Exception {
FileInputStream fis = new FileInputStream(getControlFilePath(fileName));
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
return (X509Certificate) certFactory.generateCertificate(fis);
}
private void markKeyInfoIdAttrs(Document doc) {
NodeList nl = doc.getElementsByTagNameNS(Constants.SignatureSpecNS, Constants._TAG_KEYINFO);
for (int i = 0; i < nl.getLength(); i++) {
Element keyInfoElement = (Element) nl.item(i);
keyInfoElement.setIdAttributeNS(null, Constants._ATT_ID, true);
}
}
}