Adding Saml ECDSA SHA1 test
diff --git a/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlAlgorithmSuiteTest.java b/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlAlgorithmSuiteTest.java
index f2a1ca8..d6bdc7e 100644
--- a/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlAlgorithmSuiteTest.java
+++ b/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlAlgorithmSuiteTest.java
@@ -197,7 +197,7 @@
}
@Test
- public void signWithEcdsaAlgorithm() throws Exception {
+ public void signWithEcdsaAlgorithmSHA1() throws Exception {
crypto = CryptoFactory.getInstance("wss40.properties");
SAML1CallbackHandler callbackHandler = new SAML1CallbackHandler();
callbackHandler.setStatement(SAML1CallbackHandler.Statement.AUTHN);
@@ -210,7 +210,7 @@
samlAssertion.signAssertion(
"wss40ec", "security", crypto, false,
- CanonicalizationMethod.EXCLUSIVE, WSConstants.ECDSA_SHA256);
+ CanonicalizationMethod.EXCLUSIVE, WSConstants.ECDSA_SHA1);
Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
@@ -237,6 +237,52 @@
assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
}
+ algorithmSuite.addSignatureMethod(WSConstants.ECDSA_SHA1);
+
+ verify(securityHeader, algorithmSuite, crypto);
+ }
+
+ @Test
+ public void signWithEcdsaAlgorithmSHA256() throws Exception {
+ crypto = CryptoFactory.getInstance("wss40.properties");
+ SAML1CallbackHandler callbackHandler = new SAML1CallbackHandler();
+ callbackHandler.setStatement(SAML1CallbackHandler.Statement.AUTHN);
+ callbackHandler.setConfirmationMethod(SAML1Constants.CONF_HOLDER_KEY);
+ callbackHandler.setIssuer("www.example.com");
+
+ SAMLCallback samlCallback = new SAMLCallback();
+ SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
+ SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
+
+ samlAssertion.signAssertion(
+ "wss40ec", "security", crypto, false,
+ CanonicalizationMethod.EXCLUSIVE, WSConstants.ECDSA_SHA256);
+
+
+ Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+ WSSecHeader secHeader = new WSSecHeader(doc);
+ secHeader.insertSecurityHeader();
+
+ WSSecSAMLToken wsSign = new WSSecSAMLToken(secHeader);
+
+ Document signedDoc = wsSign.build(samlAssertion);
+
+ if (LOG.isDebugEnabled()) {
+ String outputString =
+ XMLUtils.prettyDocumentToString(signedDoc);
+ LOG.debug(outputString);
+ }
+
+ Element securityHeader = WSSecurityUtil.getSecurityHeader(signedDoc, null);
+ AlgorithmSuite algorithmSuite = createAlgorithmSuite();
+
+ try {
+ verify(securityHeader, algorithmSuite, crypto);
+ fail("Expected failure as C14n algorithm is not allowed");
+ } catch (WSSecurityException ex) {
+ assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
+ }
+
algorithmSuite.addSignatureMethod(WSConstants.ECDSA_SHA256);
verify(securityHeader, algorithmSuite, crypto);