Google Git
Sign in
apache / santuario-java / 911cc6d2b6b20cea6c4d138ba3f576bd6328c361 / . / src / test / java / org / apache / xml / security / test / dom / algorithms / SignatureAlgorithmTest.java
blob: 49254b6998ff4a85e0d13829aff795e696f6261a [file] [log] [blame]
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.xml.security.test.dom.algorithms;
import java.lang.reflect.Field;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.PSSParameterSpec;
import java.util.Arrays;
import java.util.Map;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import org.apache.xml.security.algorithms.SignatureAlgorithm;
import org.apache.xml.security.algorithms.implementations.SignatureBaseRSA;
import org.apache.xml.security.exceptions.AlgorithmAlreadyRegisteredException;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.signature.XMLSignatureException;
import org.apache.xml.security.test.dom.TestUtils;
import org.w3c.dom.Document;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertThrows;
public class SignatureAlgorithmTest {
static org.slf4j.Logger LOG =
org.slf4j.LoggerFactory.getLogger(SignatureAlgorithmTest.class);
static {
org.apache.xml.security.Init.init();
}
private final SecretKey secretKey;
private final KeyPair keyPair;
public SignatureAlgorithmTest() throws NoSuchAlgorithmException {
KeyGenerator keygen = KeyGenerator.getInstance("AES");
keygen.init(256);
secretKey = keygen.generateKey();
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPair = keyPairGenerator.generateKeyPair();
}
@org.junit.jupiter.api.Test
public void testSameKeySeveralAlgorithmSigning() throws Exception {
Document doc = TestUtils.newDocument();
SignatureAlgorithm signatureAlgorithm =
new SignatureAlgorithm(doc, XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1);
PrivateKey pk = keyPair.getPrivate();
signatureAlgorithm.initSign(pk);
signatureAlgorithm.update((byte)2);
signatureAlgorithm.sign();
SignatureAlgorithm otherSignatureAlgorithm =
new SignatureAlgorithm(doc, XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256);
try {
otherSignatureAlgorithm.initSign(pk);
} catch (XMLSecurityException ex) {
LOG.warn(
"Test testSameKeySeveralAlgorithmSigning skipped as necessary algorithms "
+ "not available"
);
return;
}
otherSignatureAlgorithm.update((byte)2);
otherSignatureAlgorithm.sign();
}
@org.junit.jupiter.api.Test
public void testConstructionWithProvider() throws Exception {
Field algorithmHashField = SignatureAlgorithm.class.getDeclaredField("algorithmHash");
algorithmHashField.setAccessible(true);
@SuppressWarnings("unchecked")
Map<String, Class<?>> algorithmHash = (Map<String, Class<?>>)algorithmHashField.get(null);
assertFalse(algorithmHash.isEmpty());
Document doc = TestUtils.newDocument();
Provider provider = new org.bouncycastle.jce.provider.BouncyCastleProvider();
for (String algorithmURI : algorithmHash.keySet()) {
try {
AlgorithmParameterSpec spec = algorithmURI.equals(XMLSignature.ALGO_ID_SIGNATURE_RSA_PSS)
? new PSSParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, 32, 1)
: null;
SignatureAlgorithm signatureAlgorithm = new SignatureAlgorithm(doc, algorithmURI, provider, spec);
assertEquals(provider.getName(), signatureAlgorithm.getJCEProviderName());
} catch (XMLSecurityException e) {
assertEquals("", Arrays.asList(e.getStackTrace()).toString());
}
}
}
@org.junit.jupiter.api.Test
public void testRSASigningKeyIsPrivateKey() throws Exception {
Document doc = TestUtils.newDocument();
SignatureAlgorithm signatureAlgorithm =
new SignatureAlgorithm(doc, XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1);
assertThrows(XMLSignatureException.class, () ->
signatureAlgorithm.initSign(secretKey));
}
@org.junit.jupiter.api.Test
public void testDSASigningKeyIsPrivateKey() throws Exception {
Document doc = TestUtils.newDocument();
SignatureAlgorithm signatureAlgorithm =
new SignatureAlgorithm(doc, XMLSignature.ALGO_ID_SIGNATURE_DSA);
assertThrows(XMLSignatureException.class, () ->
signatureAlgorithm.initSign(secretKey));
}
@org.junit.jupiter.api.Test
public void testECDSASigningKeyIsPrivateKey() throws Exception {
Document doc = TestUtils.newDocument();
SignatureAlgorithm signatureAlgorithm =
new SignatureAlgorithm(doc, XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1);
assertThrows(XMLSignatureException.class, () ->
signatureAlgorithm.initSign(secretKey));
}
@org.junit.jupiter.api.Test
public void testRSAVerifyingKeyIsPublicKey() throws Exception {
Document doc = TestUtils.newDocument();
SignatureAlgorithm signatureAlgorithm =
new SignatureAlgorithm(doc, XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1);
assertThrows(XMLSignatureException.class, () ->
signatureAlgorithm.initVerify(secretKey));
}
@org.junit.jupiter.api.Test
public void testDSAVerifyingKeyIsPublicKey() throws Exception {
Document doc = TestUtils.newDocument();
SignatureAlgorithm signatureAlgorithm =
new SignatureAlgorithm(doc, XMLSignature.ALGO_ID_SIGNATURE_DSA);
assertThrows(XMLSignatureException.class, () ->
signatureAlgorithm.initVerify(secretKey));
}
@org.junit.jupiter.api.Test
public void testECDSAVerifyingKeyIsPublicKey() throws Exception {
Document doc = TestUtils.newDocument();
SignatureAlgorithm signatureAlgorithm =
new SignatureAlgorithm(doc, XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1);
assertThrows(XMLSignatureException.class, () ->
signatureAlgorithm.initVerify(secretKey));
}
@org.junit.jupiter.api.Test
public void testHMACSigningKeyIsSecretKey() throws Exception {
Document doc = TestUtils.newDocument();
SignatureAlgorithm signatureAlgorithm =
new SignatureAlgorithm(doc, XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
assertThrows(XMLSignatureException.class, () ->
signatureAlgorithm.initSign(keyPair.getPrivate()));
}
@org.junit.jupiter.api.Test
public void testHMACVerifyingKeyIsSecretKey() throws Exception {
Document doc = TestUtils.newDocument();
SignatureAlgorithm signatureAlgorithm =
new SignatureAlgorithm(doc, XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
assertThrows(XMLSignatureException.class, () ->
signatureAlgorithm.initVerify(keyPair.getPublic()));
}
@org.junit.jupiter.api.Test
public void testAlreadyRegisteredException() throws Exception {
assertThrows(AlgorithmAlreadyRegisteredException.class, () ->
SignatureAlgorithm.register(XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256,
SignatureBaseRSA.SignatureRSASHA256.class)
);
}
@org.junit.jupiter.api.Test
public void testAlreadyRegisteredExceptionFromString() throws Exception {
assertThrows(AlgorithmAlreadyRegisteredException.class, () ->
SignatureAlgorithm.register(XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256,
SignatureBaseRSA.SignatureRSASHA256.class.getName())
);
}
}