src_unitTests/javax/xml/crypto/test/dsig/CreateInteropXFilter2Test.java - santuario-xml-security-java - Git at Google

 /*
  * Copyright 2006 The Apache Software Foundation.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
  *  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  *  Unless required by applicable law or agreed to in writing, software
  *  distributed under the License is distributed on an "AS IS" BASIS,
  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  *
  */
 /*
  * Copyright 2005 Sun Microsystems, Inc. All rights reserved.
  */
 package javax.xml.crypto.test.dsig;

 import java.io.*;
 import java.security.*;
 import java.security.cert.Certificate;
 import java.util.*;
 import javax.xml.crypto.dsig.*;
 import javax.xml.crypto.dsig.dom.*;
 import javax.xml.crypto.dsig.keyinfo.*;
 import javax.xml.crypto.dsig.spec.*;
 import javax.xml.parsers.*;
 import javax.xml.transform.*;
 import javax.xml.transform.dom.*;
 import javax.xml.transform.stream.*;
 import org.w3c.dom.*;

 import junit.framework.*;

 import javax.xml.crypto.test.KeySelectors;

 /**
  * Test that recreates merlin-xpath-filter2-three test vectors
  * but with different keys and X.509 data.
  *
  * @author Sean Mullan
  */
 public class CreateInteropXFilter2Test extends TestCase {

     private XMLSignatureFactory fac;
     private KeyInfoFactory kifac;
     private DocumentBuilder db;
     private KeyStore ks;
     private Key signingKey;
     private PublicKey validatingKey;
     private Certificate signingCert;

     static {
         Security.insertProviderAt
             (new org.jcp.xml.dsig.internal.dom.XMLDSigRI(), 1);
     }

     public CreateInteropXFilter2Test(String name) {
         super(name);
     }

     public void setUp() throws Exception {
         fac = XMLSignatureFactory.getInstance
             ("DOM", new org.jcp.xml.dsig.internal.dom.XMLDSigRI());
         kifac = fac.getKeyInfoFactory();
         DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
         dbf.setNamespaceAware(true);
         db = dbf.newDocumentBuilder();

         // get key & self-signed certificate from keystore
 	String fs = System.getProperty("file.separator");
         FileInputStream fis = new FileInputStream
             (System.getProperty("basedir") + fs + "data" + fs + "test.jks");
         ks = KeyStore.getInstance("JKS");
         ks.load(fis, "changeit".toCharArray());
         signingKey = ks.getKey("mullan", "changeit".toCharArray());
         signingCert = ks.getCertificate("mullan");
         validatingKey = signingCert.getPublicKey();
     }

     public void test_create_sign_spec() throws Exception {
 	List refs = new ArrayList(2);

 	// create reference 1
 	List types = new ArrayList(3);
 	types.add(new XPathType(" //ToBeSigned ", XPathType.Filter.INTERSECT));
 	types.add(new XPathType(" //NotToBeSigned ", XPathType.Filter.SUBTRACT));
 	types.add(new XPathType(" //ReallyToBeSigned ", XPathType.Filter.UNION));
 	XPathFilter2ParameterSpec xp1 = new XPathFilter2ParameterSpec(types);
 	refs.add(fac.newReference
 	    ("", fac.newDigestMethod(DigestMethod.SHA1, null),
 	     Collections.singletonList(fac.newTransform(Transform.XPATH2, xp1)),
 	     null, null));

 	// create reference 2
 	List trans2 = new ArrayList(2);
 	trans2.add(fac.newTransform(Transform.ENVELOPED,
 	    (TransformParameterSpec) null));
 	XPathFilter2ParameterSpec xp2 = new XPathFilter2ParameterSpec
 	    (Collections.singletonList
 		(new XPathType(" / ", XPathType.Filter.UNION)));
 	trans2.add(fac.newTransform(Transform.XPATH2, xp2));
 	refs.add(fac.newReference("#signature-value",
 	    fac.newDigestMethod(DigestMethod.SHA1, null), trans2, null, null));

         // create SignedInfo
         SignedInfo si = fac.newSignedInfo(
 	    fac.newCanonicalizationMethod
 	        (CanonicalizationMethod.INCLUSIVE,
 		 (C14NMethodParameterSpec) null),
 	    fac.newSignatureMethod(SignatureMethod.DSA_SHA1, null), refs);

 	// create KeyInfo
 	List kits = new ArrayList(2);
 	kits.add(kifac.newKeyValue(validatingKey));
 	List xds = new ArrayList(2);
 	xds.add("CN=Sean Mullan, DC=sun, DC=com");
 	xds.add(signingCert);
 	kits.add(kifac.newX509Data(xds));
 	KeyInfo ki = kifac.newKeyInfo(kits);

 	// create XMLSignature
 	XMLSignature sig = fac.newXMLSignature
 	    (si, ki, null, null, "signature-value");

         Document doc = db.newDocument();
         Element tbs1 = doc.createElementNS(null, "ToBeSigned");
 	Comment tbs1Com = doc.createComment(" comment ");
 	Element tbs1Data = doc.createElementNS(null, "Data");
 	Element tbs1ntbs = doc.createElementNS(null, "NotToBeSigned");
 	Element tbs1rtbs = doc.createElementNS(null, "ReallyToBeSigned");
 	Comment tbs1rtbsCom = doc.createComment(" comment ");
 	Element tbs1rtbsData = doc.createElementNS(null, "Data");
 	tbs1rtbs.appendChild(tbs1rtbsCom);
 	tbs1rtbs.appendChild(tbs1rtbsData);
 	tbs1ntbs.appendChild(tbs1rtbs);
 	tbs1.appendChild(tbs1Com);
 	tbs1.appendChild(tbs1Data);
 	tbs1.appendChild(tbs1ntbs);

         Element tbs2 = doc.createElementNS(null, "ToBeSigned");
 	Element tbs2Data = doc.createElementNS(null, "Data");
 	Element tbs2ntbs = doc.createElementNS(null, "NotToBeSigned");
 	Element tbs2ntbsData = doc.createElementNS(null, "Data");
 	tbs2ntbs.appendChild(tbs2ntbsData);
 	tbs2.appendChild(tbs2Data);
 	tbs2.appendChild(tbs2ntbs);

 	Element document = doc.createElementNS(null, "Document");
         document.appendChild(tbs1);
         document.appendChild(tbs2);
 	doc.appendChild(document);

         DOMSignContext dsc = new DOMSignContext(signingKey, document);

         sig.sign(dsc);

 //	dumpDocument(doc, new FileWriter("/tmp/foo.xml"));

         DOMValidateContext dvc = new DOMValidateContext
             (new KeySelectors.KeyValueKeySelector(), document.getLastChild());
         XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);

         assertTrue(sig.equals(sig2));

         assertTrue(sig2.validate(dvc));
     }

     private void dumpDocument(Document doc, Writer w) throws Exception {
         TransformerFactory tf = TransformerFactory.newInstance();
         Transformer trans = tf.newTransformer();
 //      trans.setOutputProperty(OutputKeys.INDENT, "yes");
         trans.transform(new DOMSource(doc), new StreamResult(w));
     }
 }
	/*
	* Copyright 2006 The Apache Software Foundation.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*
	*/
	/*
	* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
	*/
	package javax.xml.crypto.test.dsig;

	import java.io.*;
	import java.security.*;
	import java.security.cert.Certificate;
	import java.util.*;
	import javax.xml.crypto.dsig.*;
	import javax.xml.crypto.dsig.dom.*;
	import javax.xml.crypto.dsig.keyinfo.*;
	import javax.xml.crypto.dsig.spec.*;
	import javax.xml.parsers.*;
	import javax.xml.transform.*;
	import javax.xml.transform.dom.*;
	import javax.xml.transform.stream.*;
	import org.w3c.dom.*;

	import junit.framework.*;

	import javax.xml.crypto.test.KeySelectors;

	/**
	* Test that recreates merlin-xpath-filter2-three test vectors
	* but with different keys and X.509 data.
	*
	* @author Sean Mullan
	*/
	public class CreateInteropXFilter2Test extends TestCase {

	private XMLSignatureFactory fac;
	private KeyInfoFactory kifac;
	private DocumentBuilder db;
	private KeyStore ks;
	private Key signingKey;
	private PublicKey validatingKey;
	private Certificate signingCert;

	static {
	Security.insertProviderAt
	(new org.jcp.xml.dsig.internal.dom.XMLDSigRI(), 1);
	}

	public CreateInteropXFilter2Test(String name) {
	super(name);
	}

	public void setUp() throws Exception {
	fac = XMLSignatureFactory.getInstance
	("DOM", new org.jcp.xml.dsig.internal.dom.XMLDSigRI());
	kifac = fac.getKeyInfoFactory();
	DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
	dbf.setNamespaceAware(true);
	db = dbf.newDocumentBuilder();

	// get key & self-signed certificate from keystore
	String fs = System.getProperty("file.separator");
	FileInputStream fis = new FileInputStream
	(System.getProperty("basedir") + fs + "data" + fs + "test.jks");
	ks = KeyStore.getInstance("JKS");
	ks.load(fis, "changeit".toCharArray());
	signingKey = ks.getKey("mullan", "changeit".toCharArray());
	signingCert = ks.getCertificate("mullan");
	validatingKey = signingCert.getPublicKey();
	}

	public void test_create_sign_spec() throws Exception {
	List refs = new ArrayList(2);

	// create reference 1
	List types = new ArrayList(3);
	types.add(new XPathType(" //ToBeSigned ", XPathType.Filter.INTERSECT));
	types.add(new XPathType(" //NotToBeSigned ", XPathType.Filter.SUBTRACT));
	types.add(new XPathType(" //ReallyToBeSigned ", XPathType.Filter.UNION));
	XPathFilter2ParameterSpec xp1 = new XPathFilter2ParameterSpec(types);
	refs.add(fac.newReference
	("", fac.newDigestMethod(DigestMethod.SHA1, null),
	Collections.singletonList(fac.newTransform(Transform.XPATH2, xp1)),
	null, null));

	// create reference 2
	List trans2 = new ArrayList(2);
	trans2.add(fac.newTransform(Transform.ENVELOPED,
	(TransformParameterSpec) null));
	XPathFilter2ParameterSpec xp2 = new XPathFilter2ParameterSpec
	(Collections.singletonList
	(new XPathType(" / ", XPathType.Filter.UNION)));
	trans2.add(fac.newTransform(Transform.XPATH2, xp2));
	refs.add(fac.newReference("#signature-value",
	fac.newDigestMethod(DigestMethod.SHA1, null), trans2, null, null));

	// create SignedInfo
	SignedInfo si = fac.newSignedInfo(
	fac.newCanonicalizationMethod
	(CanonicalizationMethod.INCLUSIVE,
	(C14NMethodParameterSpec) null),
	fac.newSignatureMethod(SignatureMethod.DSA_SHA1, null), refs);

	// create KeyInfo
	List kits = new ArrayList(2);
	kits.add(kifac.newKeyValue(validatingKey));
	List xds = new ArrayList(2);
	xds.add("CN=Sean Mullan, DC=sun, DC=com");
	xds.add(signingCert);
	kits.add(kifac.newX509Data(xds));
	KeyInfo ki = kifac.newKeyInfo(kits);

	// create XMLSignature
	XMLSignature sig = fac.newXMLSignature
	(si, ki, null, null, "signature-value");

	Document doc = db.newDocument();
	Element tbs1 = doc.createElementNS(null, "ToBeSigned");
	Comment tbs1Com = doc.createComment(" comment ");
	Element tbs1Data = doc.createElementNS(null, "Data");
	Element tbs1ntbs = doc.createElementNS(null, "NotToBeSigned");
	Element tbs1rtbs = doc.createElementNS(null, "ReallyToBeSigned");
	Comment tbs1rtbsCom = doc.createComment(" comment ");
	Element tbs1rtbsData = doc.createElementNS(null, "Data");
	tbs1rtbs.appendChild(tbs1rtbsCom);
	tbs1rtbs.appendChild(tbs1rtbsData);
	tbs1ntbs.appendChild(tbs1rtbs);
	tbs1.appendChild(tbs1Com);
	tbs1.appendChild(tbs1Data);
	tbs1.appendChild(tbs1ntbs);

	Element tbs2 = doc.createElementNS(null, "ToBeSigned");
	Element tbs2Data = doc.createElementNS(null, "Data");
	Element tbs2ntbs = doc.createElementNS(null, "NotToBeSigned");
	Element tbs2ntbsData = doc.createElementNS(null, "Data");
	tbs2ntbs.appendChild(tbs2ntbsData);
	tbs2.appendChild(tbs2Data);
	tbs2.appendChild(tbs2ntbs);

	Element document = doc.createElementNS(null, "Document");
	document.appendChild(tbs1);
	document.appendChild(tbs2);
	doc.appendChild(document);

	DOMSignContext dsc = new DOMSignContext(signingKey, document);

	sig.sign(dsc);

	// dumpDocument(doc, new FileWriter("/tmp/foo.xml"));

	DOMValidateContext dvc = new DOMValidateContext
	(new KeySelectors.KeyValueKeySelector(), document.getLastChild());
	XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);

	assertTrue(sig.equals(sig2));

	assertTrue(sig2.validate(dvc));
	}

	private void dumpDocument(Document doc, Writer w) throws Exception {
	TransformerFactory tf = TransformerFactory.newInstance();
	Transformer trans = tf.newTransformer();
	// trans.setOutputProperty(OutputKeys.INDENT, "yes");
	trans.transform(new DOMSource(doc), new StreamResult(w));
	}
	}