ws-security-dom/src/test/java/org/apache/wss4j/dom/message/PasswordEncryptorTest.java - ws-wss4j - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements. See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership. The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License. You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied. See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */

 package org.apache.wss4j.dom.message;

 import java.util.Collections;
 import java.util.Properties;

 import javax.crypto.KeyGenerator;
 import javax.crypto.SecretKey;
 import javax.security.auth.callback.CallbackHandler;

 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
 import org.apache.wss4j.common.crypto.JasyptPasswordEncryptor;
 import org.apache.wss4j.common.crypto.PasswordEncryptor;
 import org.apache.wss4j.common.util.KeyUtils;
 import org.apache.wss4j.common.util.Loader;
 import org.apache.wss4j.common.util.XMLUtils;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.common.CustomHandler;
 import org.apache.wss4j.dom.common.KeystoreCallbackHandler;
 import org.apache.wss4j.dom.common.SOAPUtil;

 import org.apache.wss4j.dom.engine.WSSConfig;
 import org.apache.wss4j.dom.engine.WSSecurityEngine;
 import org.apache.wss4j.dom.handler.HandlerAction;
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.handler.WSHandlerConstants;
 import org.apache.wss4j.dom.handler.WSHandlerResult;

 import org.junit.jupiter.api.Test;
 import org.w3c.dom.Document;

 import static org.junit.jupiter.api.Assertions.assertNotNull;


 /**
  * This is a test for signing and encrypting using a Crypto properties file with an encrypted
  * password
  */
 public class PasswordEncryptorTest {
     private static final org.slf4j.Logger LOG =
         org.slf4j.LoggerFactory.getLogger(PasswordEncryptorTest.class);

     private WSSecurityEngine secEngine = new WSSecurityEngine();
     private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
     private PasswordEncryptor passwordEncryptor =
         new JasyptPasswordEncryptor("this-is-a-secret");
     private Crypto crypto;

     public PasswordEncryptorTest() throws Exception {
         WSSConfig.init();
         Properties properties =
             CryptoFactory.getProperties("crypto_enc.properties",
                                         Loader.getClassLoader(CryptoFactory.class));
         crypto =
             CryptoFactory.getInstance(properties,
                                       Loader.getClassLoader(CryptoFactory.class),
                                       passwordEncryptor);
     }

     @Test
     public void testEncryptedPassword() throws Exception {
         String encryptedPassword = passwordEncryptor.encrypt("security");
         //System.out.println(encryptedPassword);
         assertNotNull(encryptedPassword);
     }

     @Test
     public void testSignature() throws Exception {
         Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
         WSSecHeader secHeader = new WSSecHeader(doc);
         secHeader.insertSecurityHeader();

         WSSecSignature builder = new WSSecSignature(secHeader);
         builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
         builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);

         Document signedDoc = builder.build(crypto);

         if (LOG.isDebugEnabled()) {
             String outputString =
                 XMLUtils.prettyDocumentToString(signedDoc);
             LOG.debug(outputString);
         }
         verify(signedDoc);
     }

     @Test
     public void testSignatureWSHandler() throws Exception {
         final WSSConfig cfg = WSSConfig.getNewInstance();
         final RequestData reqData = new RequestData();
         reqData.setWssConfig(cfg);
         reqData.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");
         java.util.Map<String, Object> config = new java.util.TreeMap<>();
         config.put(WSHandlerConstants.SIG_PROP_FILE, "crypto_enc.properties");
         config.put(WSHandlerConstants.PW_CALLBACK_REF, callbackHandler);
         reqData.setMsgContext(config);

         final Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
         CustomHandler handler = new CustomHandler();
         HandlerAction action = new HandlerAction(WSConstants.SIGN);
         handler.send(
             doc,
             reqData,
             Collections.singletonList(action),
             true
         );

         String outputString =
             XMLUtils.prettyDocumentToString(doc);
         if (LOG.isDebugEnabled()) {
             LOG.debug(outputString);
         }

         verify(doc);
     }

     @Test
     public void testDecryption() throws Exception {
         Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
         WSSecHeader secHeader = new WSSecHeader(doc);
         secHeader.insertSecurityHeader();

         WSSecEncrypt builder = new WSSecEncrypt(secHeader);
         builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
         builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
         builder.setKeyEncAlgo(WSConstants.KEYTRANSPORT_RSAOAEP);

         KeyGenerator keyGen = KeyUtils.getKeyGenerator(WSConstants.AES_128);
         SecretKey symmetricKey = keyGen.generateKey();
         Document encryptedDoc = builder.build(crypto, symmetricKey);

         String outputString =
             XMLUtils.prettyDocumentToString(encryptedDoc);
         if (LOG.isDebugEnabled()) {
             LOG.debug(outputString);
         }

         verify(encryptedDoc);
     }

     @Test
     public void testDecryptionWSHandler() throws Exception {
         final WSSConfig cfg = WSSConfig.getNewInstance();
         final RequestData reqData = new RequestData();
         reqData.setWssConfig(cfg);
         reqData.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");
         java.util.Map<String, Object> config = new java.util.TreeMap<>();
         config.put(WSHandlerConstants.ENC_PROP_FILE, "crypto_enc.properties");
         config.put(WSHandlerConstants.PW_CALLBACK_REF, callbackHandler);
         reqData.setMsgContext(config);

         final Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
         CustomHandler handler = new CustomHandler();
         HandlerAction action = new HandlerAction(WSConstants.ENCR);
         handler.send(
             doc,
             reqData,
             Collections.singletonList(action),
             true
         );

         String outputString =
             XMLUtils.prettyDocumentToString(doc);
         if (LOG.isDebugEnabled()) {
             LOG.debug(outputString);
         }

         verify(doc);
     }

     /**
      * Verifies the soap envelope.
      * This method verifies all the signature generated.
      *
      * @param env soap envelope
      * @throws java.lang.Exception Thrown when there is a problem in verification
      */
     private WSHandlerResult verify(Document doc) throws Exception {
         return secEngine.processSecurityHeader(doc, null, callbackHandler, crypto);
     }

 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/

	package org.apache.wss4j.dom.message;

	import java.util.Collections;
	import java.util.Properties;

	import javax.crypto.KeyGenerator;
	import javax.crypto.SecretKey;
	import javax.security.auth.callback.CallbackHandler;

	import org.apache.wss4j.common.crypto.Crypto;
	import org.apache.wss4j.common.crypto.CryptoFactory;
	import org.apache.wss4j.common.crypto.JasyptPasswordEncryptor;
	import org.apache.wss4j.common.crypto.PasswordEncryptor;
	import org.apache.wss4j.common.util.KeyUtils;
	import org.apache.wss4j.common.util.Loader;
	import org.apache.wss4j.common.util.XMLUtils;
	import org.apache.wss4j.dom.WSConstants;
	import org.apache.wss4j.dom.common.CustomHandler;
	import org.apache.wss4j.dom.common.KeystoreCallbackHandler;
	import org.apache.wss4j.dom.common.SOAPUtil;

	import org.apache.wss4j.dom.engine.WSSConfig;
	import org.apache.wss4j.dom.engine.WSSecurityEngine;
	import org.apache.wss4j.dom.handler.HandlerAction;
	import org.apache.wss4j.dom.handler.RequestData;
	import org.apache.wss4j.dom.handler.WSHandlerConstants;
	import org.apache.wss4j.dom.handler.WSHandlerResult;

	import org.junit.jupiter.api.Test;
	import org.w3c.dom.Document;

	import static org.junit.jupiter.api.Assertions.assertNotNull;


	/**
	* This is a test for signing and encrypting using a Crypto properties file with an encrypted
	* password
	*/
	public class PasswordEncryptorTest {
	private static final org.slf4j.Logger LOG =
	org.slf4j.LoggerFactory.getLogger(PasswordEncryptorTest.class);

	private WSSecurityEngine secEngine = new WSSecurityEngine();
	private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
	private PasswordEncryptor passwordEncryptor =
	new JasyptPasswordEncryptor("this-is-a-secret");
	private Crypto crypto;

	public PasswordEncryptorTest() throws Exception {
	WSSConfig.init();
	Properties properties =
	CryptoFactory.getProperties("crypto_enc.properties",
	Loader.getClassLoader(CryptoFactory.class));
	crypto =
	CryptoFactory.getInstance(properties,
	Loader.getClassLoader(CryptoFactory.class),
	passwordEncryptor);
	}

	@Test
	public void testEncryptedPassword() throws Exception {
	String encryptedPassword = passwordEncryptor.encrypt("security");
	//System.out.println(encryptedPassword);
	assertNotNull(encryptedPassword);
	}

	@Test
	public void testSignature() throws Exception {
	Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
	WSSecHeader secHeader = new WSSecHeader(doc);
	secHeader.insertSecurityHeader();

	WSSecSignature builder = new WSSecSignature(secHeader);
	builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
	builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);

	Document signedDoc = builder.build(crypto);

	if (LOG.isDebugEnabled()) {
	String outputString =
	XMLUtils.prettyDocumentToString(signedDoc);
	LOG.debug(outputString);
	}
	verify(signedDoc);
	}

	@Test
	public void testSignatureWSHandler() throws Exception {
	final WSSConfig cfg = WSSConfig.getNewInstance();
	final RequestData reqData = new RequestData();
	reqData.setWssConfig(cfg);
	reqData.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");
	java.util.Map<String, Object> config = new java.util.TreeMap<>();
	config.put(WSHandlerConstants.SIG_PROP_FILE, "crypto_enc.properties");
	config.put(WSHandlerConstants.PW_CALLBACK_REF, callbackHandler);
	reqData.setMsgContext(config);

	final Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
	CustomHandler handler = new CustomHandler();
	HandlerAction action = new HandlerAction(WSConstants.SIGN);
	handler.send(
	doc,
	reqData,
	Collections.singletonList(action),
	true
	);

	String outputString =
	XMLUtils.prettyDocumentToString(doc);
	if (LOG.isDebugEnabled()) {
	LOG.debug(outputString);
	}

	verify(doc);
	}

	@Test
	public void testDecryption() throws Exception {
	Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
	WSSecHeader secHeader = new WSSecHeader(doc);
	secHeader.insertSecurityHeader();

	WSSecEncrypt builder = new WSSecEncrypt(secHeader);
	builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
	builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
	builder.setKeyEncAlgo(WSConstants.KEYTRANSPORT_RSAOAEP);

	KeyGenerator keyGen = KeyUtils.getKeyGenerator(WSConstants.AES_128);
	SecretKey symmetricKey = keyGen.generateKey();
	Document encryptedDoc = builder.build(crypto, symmetricKey);

	String outputString =
	XMLUtils.prettyDocumentToString(encryptedDoc);
	if (LOG.isDebugEnabled()) {
	LOG.debug(outputString);
	}

	verify(encryptedDoc);
	}

	@Test
	public void testDecryptionWSHandler() throws Exception {
	final WSSConfig cfg = WSSConfig.getNewInstance();
	final RequestData reqData = new RequestData();
	reqData.setWssConfig(cfg);
	reqData.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");
	java.util.Map<String, Object> config = new java.util.TreeMap<>();
	config.put(WSHandlerConstants.ENC_PROP_FILE, "crypto_enc.properties");
	config.put(WSHandlerConstants.PW_CALLBACK_REF, callbackHandler);
	reqData.setMsgContext(config);

	final Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
	CustomHandler handler = new CustomHandler();
	HandlerAction action = new HandlerAction(WSConstants.ENCR);
	handler.send(
	doc,
	reqData,
	Collections.singletonList(action),
	true
	);

	String outputString =
	XMLUtils.prettyDocumentToString(doc);
	if (LOG.isDebugEnabled()) {
	LOG.debug(outputString);
	}

	verify(doc);
	}

	/**
	* Verifies the soap envelope.
	* This method verifies all the signature generated.
	*
	* @param env soap envelope
	* @throws java.lang.Exception Thrown when there is a problem in verification
	*/
	private WSHandlerResult verify(Document doc) throws Exception {
	return secEngine.processSecurityHeader(doc, null, callbackHandler, crypto);
	}

	}