Adding some enveloped + C14n11 tests

coheigea · coheigea · commit f62e311fe2b7 · 2020-05-12T16:51:11.000Z
git-svn-id: https://svn.apache.org/repos/asf/santuario/xml-security-java/trunk@1877666 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java b/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java
@@ -289,6 +289,70 @@ public void testEnvelopedSignatureCreation() throws Exception {
         verifyUsingDOM(document, cert, properties.getSignatureSecureParts());
     }
 
+    @Test
+    public void testEnvelopedSignatureCreationC14n11() throws Exception {
+        // Set up the Configuration
+        XMLSecurityProperties properties = new XMLSecurityProperties();
+        List<XMLSecurityConstants.Action> actions = new ArrayList<>();
+        actions.add(XMLSecurityConstants.SIGNATURE);
+        properties.setActions(actions);
+
+        // Set the key up
+        KeyStore keyStore = KeyStore.getInstance("jks");
+        keyStore.load(
+                this.getClass().getClassLoader().getResource("transmitter.jks").openStream(),
+                "default".toCharArray()
+        );
+        Key key = keyStore.getKey("transmitter", "default".toCharArray());
+        properties.setSignatureKey(key);
+        X509Certificate cert = (X509Certificate)keyStore.getCertificate("transmitter");
+        properties.setSignatureCerts(new X509Certificate[]{cert});
+
+        SecurePart securePart =
+                new SecurePart(
+                        new QName("urn:example:po", "PurchaseOrder"),
+                        SecurePart.Modifier.Content,
+                        new String[]{
+                                "http://www.w3.org/2000/09/xmldsig#enveloped-signature",
+                                "http://www.w3.org/2006/12/xml-c14n11"
+                        },
+                        "http://www.w3.org/2000/09/xmldsig#sha1"
+                );
+        properties.addSignaturePart(securePart);
+
+        OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
+        ByteArrayOutputStream baos = new ByteArrayOutputStream();
+        XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, StandardCharsets.UTF_8.name());
+
+        InputStream sourceDocument =
+                this.getClass().getClassLoader().getResourceAsStream(
+                        "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
+        XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(sourceDocument);
+
+        XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
+        xmlStreamWriter.close();
+
+        // System.out.println("Got:\n" + new String(baos.toByteArray(), StandardCharsets.UTF_8.name()));
+        Document document = null;
+        try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
+            document = XMLUtils.read(is, false);
+        }
+
+        //first child element must be the dsig:Signature @see SANTUARIO-324:
+        Node childNode = document.getDocumentElement().getFirstChild();
+        while (childNode != null) {
+            if (childNode.getNodeType() == Node.ELEMENT_NODE) {
+                Element element = (Element)childNode;
+                assertEquals(element.getLocalName(), "Signature");
+                break;
+            }
+            childNode = childNode.getNextSibling();
+        }
+
+        // Verify using DOM
+        verifyUsingDOM(document, cert, properties.getSignatureSecureParts());
+    }
+
     @Test
     public void testSignRootElementInRequest() throws Exception {
         // Set up the Configuration
diff --git a/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationTest.java b/src/test/java/org/apache/xml/security/test/stax/signature/SignatureVerificationTest.java
@@ -368,6 +368,67 @@ public void testEnvelopedSignatureVerification() throws Exception {
         StAX2DOM.readDoc(securityStreamReader);
     }
 
+    @Test
+    public void testEnvelopedSignatureVerificationC14n11() throws Exception {
+        // Read in plaintext document
+        InputStream sourceDocument =
+                this.getClass().getClassLoader().getResourceAsStream(
+                        "ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
+        Document document = XMLUtils.read(sourceDocument, false);
+
+        // Set up the Key
+        KeyStore keyStore = KeyStore.getInstance("jks");
+        keyStore.load(
+                this.getClass().getClassLoader().getResource("transmitter.jks").openStream(),
+                "default".toCharArray()
+        );
+        Key key = keyStore.getKey("transmitter", "default".toCharArray());
+        X509Certificate cert = (X509Certificate)keyStore.getCertificate("transmitter");
+
+        ReferenceInfo referenceInfo = new ReferenceInfo(
+                "",
+                new String[]{
+                        "http://www.w3.org/2000/09/xmldsig#enveloped-signature",
+                        "http://www.w3.org/2006/12/xml-c14n11"
+                },
+                "http://www.w3.org/2000/09/xmldsig#sha1",
+                false
+        );
+
+        List<ReferenceInfo> referenceInfos = new ArrayList<>();
+        referenceInfos.add(referenceInfo);
+
+        // Sign using DOM
+        List<String> localNames = new ArrayList<>();
+        localNames.add("PaymentInfo");
+        XMLSignature sig = signUsingDOM(
+                "http://www.w3.org/2000/09/xmldsig#rsa-sha1", document, localNames, key, referenceInfos
+        );
+
+        // Add KeyInfo
+        sig.addKeyInfo(cert);
+
+        // XMLUtils.outputDOM(document, System.out);
+
+        // Convert Document to a Stream Reader
+        javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
+        ByteArrayOutputStream baos = new ByteArrayOutputStream();
+        transformer.transform(new DOMSource(document), new StreamResult(baos));
+
+        XMLStreamReader xmlStreamReader = null;
+        try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
+            xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
+        }
+
+        // Verify signature
+        XMLSecurityProperties properties = new XMLSecurityProperties();
+        InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
+        TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
+        XMLStreamReader securityStreamReader =
+                inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
+
+        StAX2DOM.readDoc(securityStreamReader);
+    }
 
     @Test
     public void testHMACSignatureVerification() throws Exception {
