Modified: webservices/wss4j/site/xref-test/allclasses-frame.html URL: http://svn.apache.org/viewvc/webservices/wss4j/site/xref-test/allclasses-frame.html?rev=1210847&r1=1210846&r2=1210847&view=diff ============================================================================== --- webservices/wss4j/site/xref-test/allclasses-frame.html (original) +++ webservices/wss4j/site/xref-test/allclasses-frame.html Tue Dec 6 10:23:54 2011 @@ -75,6 +75,9 @@ <a href="org/apache/ws/security/processor/EncryptedKeyDataRefTest.html" target="classFrame">EncryptedKeyDataRefTest</a> </li> <li> + <a href="org/apache/ws/security/message/EncryptionGCMTest.html" target="classFrame">EncryptionGCMTest</a> + </li> + <li> <a href="org/apache/ws/security/message/EncryptionPartsTest.html" target="classFrame">EncryptionPartsTest</a> </li> <li> @@ -129,6 +132,9 @@ <a href="org/apache/ws/security/common/SAML2CallbackHandler.html" target="classFrame">SAML2CallbackHandler</a> </li> <li> + <a href="org/apache/ws/security/common/SAMLElementCallbackHandler.html" target="classFrame">SAMLElementCallbackHandler</a> + </li> + <li> <a href="org/apache/ws/security/message/SKISignatureTest.html" target="classFrame">SKISignatureTest</a> </li> <li>
Modified: webservices/wss4j/site/xref-test/index.html URL: http://svn.apache.org/viewvc/webservices/wss4j/site/xref-test/index.html?rev=1210847&r1=1210846&r2=1210847&view=diff ============================================================================== --- webservices/wss4j/site/xref-test/index.html (original) +++ webservices/wss4j/site/xref-test/index.html Tue Dec 6 10:23:54 2011 @@ -3,7 +3,7 @@ <html xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" /> - <title>WSS4J 1.6.3 Reference</title> + <title>WSS4J 1.6.4 Reference</title> </head> <frameset cols="20%,80%"> <frameset rows="30%,70%"> Modified: webservices/wss4j/site/xref-test/org/apache/ws/security/common/package-frame.html URL: http://svn.apache.org/viewvc/webservices/wss4j/site/xref-test/org/apache/ws/security/common/package-frame.html?rev=1210847&r1=1210846&r2=1210847&view=diff ============================================================================== --- webservices/wss4j/site/xref-test/org/apache/ws/security/common/package-frame.html (original) +++ webservices/wss4j/site/xref-test/org/apache/ws/security/common/package-frame.html Tue Dec 6 10:23:54 2011 @@ -3,7 +3,7 @@ <html xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" /> - <title>WSS4J 1.6.3 Reference Package org.apache.ws.security.common</title> + <title>WSS4J 1.6.4 Reference Package org.apache.ws.security.common</title> <link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" /> </head> <body> @@ -49,6 +49,9 @@ <a href="SAML2CallbackHandler.html" target="classFrame">SAML2CallbackHandler</a> </li> <li> + <a href="SAMLElementCallbackHandler.html" target="classFrame">SAMLElementCallbackHandler</a> + </li> + <li> <a href="SOAPUtil.html" target="classFrame">SOAPUtil</a> </li> <li> Modified: webservices/wss4j/site/xref-test/org/apache/ws/security/common/package-summary.html URL: http://svn.apache.org/viewvc/webservices/wss4j/site/xref-test/org/apache/ws/security/common/package-summary.html?rev=1210847&r1=1210846&r2=1210847&view=diff ============================================================================== --- webservices/wss4j/site/xref-test/org/apache/ws/security/common/package-summary.html (original) +++ webservices/wss4j/site/xref-test/org/apache/ws/security/common/package-summary.html Tue Dec 6 10:23:54 2011 @@ -3,7 +3,7 @@ <html xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" /> - <title>WSS4J 1.6.3 Reference Package org.apache.ws.security.common</title> + <title>WSS4J 1.6.4 Reference Package org.apache.ws.security.common</title> <link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" /> </head> <body> @@ -92,6 +92,11 @@ </tr> <tr> <td> + <a href="SAMLElementCallbackHandler.html" target="classFrame">SAMLElementCallbackHandler</a> + </td> + </tr> + <tr> + <td> <a href="SOAPUtil.html" target="classFrame">SOAPUtil</a> </td> </tr> Modified: webservices/wss4j/site/xref-test/org/apache/ws/security/components/crypto/package-frame.html URL: http://svn.apache.org/viewvc/webservices/wss4j/site/xref-test/org/apache/ws/security/components/crypto/package-frame.html?rev=1210847&r1=1210846&r2=1210847&view=diff ============================================================================== --- webservices/wss4j/site/xref-test/org/apache/ws/security/components/crypto/package-frame.html (original) +++ webservices/wss4j/site/xref-test/org/apache/ws/security/components/crypto/package-frame.html Tue Dec 6 10:23:54 2011 @@ -3,7 +3,7 @@ <html xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" /> - <title>WSS4J 1.6.3 Reference Package org.apache.ws.security.components.crypto</title> + <title>WSS4J 1.6.4 Reference Package org.apache.ws.security.components.crypto</title> <link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="style" /> </head> <body> Modified: webservices/wss4j/site/xref-test/org/apache/ws/security/components/crypto/package-summary.html URL: http://svn.apache.org/viewvc/webservices/wss4j/site/xref-test/org/apache/ws/security/components/crypto/package-summary.html?rev=1210847&r1=1210846&r2=1210847&view=diff ============================================================================== --- webservices/wss4j/site/xref-test/org/apache/ws/security/components/crypto/package-summary.html (original) +++ webservices/wss4j/site/xref-test/org/apache/ws/security/components/crypto/package-summary.html Tue Dec 6 10:23:54 2011 @@ -3,7 +3,7 @@ <html xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" /> - <title>WSS4J 1.6.3 Reference Package org.apache.ws.security.components.crypto</title> + <title>WSS4J 1.6.4 Reference Package org.apache.ws.security.components.crypto</title> <link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="style" /> </head> <body> Modified: webservices/wss4j/site/xref-test/org/apache/ws/security/handler/package-frame.html URL: http://svn.apache.org/viewvc/webservices/wss4j/site/xref-test/org/apache/ws/security/handler/package-frame.html?rev=1210847&r1=1210846&r2=1210847&view=diff ============================================================================== --- webservices/wss4j/site/xref-test/org/apache/ws/security/handler/package-frame.html (original) +++ webservices/wss4j/site/xref-test/org/apache/ws/security/handler/package-frame.html Tue Dec 6 10:23:54 2011 @@ -3,7 +3,7 @@ <html xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" /> - <title>WSS4J 1.6.3 Reference Package org.apache.ws.security.handler</title> + <title>WSS4J 1.6.4 Reference Package org.apache.ws.security.handler</title> <link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" /> </head> <body> Modified: webservices/wss4j/site/xref-test/org/apache/ws/security/handler/package-summary.html URL: http://svn.apache.org/viewvc/webservices/wss4j/site/xref-test/org/apache/ws/security/handler/package-summary.html?rev=1210847&r1=1210846&r2=1210847&view=diff ============================================================================== --- webservices/wss4j/site/xref-test/org/apache/ws/security/handler/package-summary.html (original) +++ webservices/wss4j/site/xref-test/org/apache/ws/security/handler/package-summary.html Tue Dec 6 10:23:54 2011 @@ -3,7 +3,7 @@ <html xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" /> - <title>WSS4J 1.6.3 Reference Package org.apache.ws.security.handler</title> + <title>WSS4J 1.6.4 Reference Package org.apache.ws.security.handler</title> <link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" /> </head> <body> Modified: webservices/wss4j/site/xref-test/org/apache/ws/security/message/ModifiedRequestTest.html URL: http://svn.apache.org/viewvc/webservices/wss4j/site/xref-test/org/apache/ws/security/message/ModifiedRequestTest.html?rev=1210847&r1=1210846&r2=1210847&view=diff ============================================================================== --- webservices/wss4j/site/xref-test/org/apache/ws/security/message/ModifiedRequestTest.html (original) +++ webservices/wss4j/site/xref-test/org/apache/ws/security/message/ModifiedRequestTest.html Tue Dec 6 10:23:54 2011 @@ -326,260 +326,263 @@ <a name="316" href="#316">316</a> <a name="317" href="#317">317</a> <em class="jxr_javadoccomment">/**</em> <a name="318" href="#318">318</a> <em class="jxr_javadoccomment"> * Test for when an EncryptedData structure is modified</em> -<a name="319" href="#319">319</a> <em class="jxr_javadoccomment"> */</em> -<a name="320" href="#320">320</a> @org.junit.Test -<a name="321" href="#321">321</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testModifiedEncryptedDataStructure() <strong class="jxr_keyword">throws</strong> Exception { -<a name="322" href="#322">322</a> WSSecEncrypt builder = <strong class="jxr_keyword">new</strong> WSSecEncrypt(); -<a name="323" href="#323">323</a> builder.setUserInfo(<span class="jxr_string">"wss40"</span>); -<a name="324" href="#324">324</a> builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE); -<a name="325" href="#325">325</a> builder.setSymmetricEncAlgorithm(WSConstants.TRIPLE_DES); -<a name="326" href="#326">326</a> Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG); -<a name="327" href="#327">327</a> WSSecHeader secHeader = <strong class="jxr_keyword">new</strong> WSSecHeader(); -<a name="328" href="#328">328</a> secHeader.insertSecurityHeader(doc); -<a name="329" href="#329">329</a> Crypto wssCrypto = CryptoFactory.getInstance(<span class="jxr_string">"wss40.properties"</span>); -<a name="330" href="#330">330</a> Document encryptedDoc = builder.build(doc, wssCrypto, secHeader); -<a name="331" href="#331">331</a> -<a name="332" href="#332">332</a> Element body = WSSecurityUtil.findBodyElement(doc); -<a name="333" href="#333">333</a> ((Element)body.getFirstChild()).setAttributeNS(<strong class="jxr_keyword">null</strong>, <span class="jxr_string">"Type"</span>, <span class="jxr_string">"SomeType"</span>); -<a name="334" href="#334">334</a> -<a name="335" href="#335">335</a> String outputString = -<a name="336" href="#336">336</a> org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc); -<a name="337" href="#337">337</a> <strong class="jxr_keyword">if</strong> (LOG.isDebugEnabled()) { -<a name="338" href="#338">338</a> LOG.debug(outputString); -<a name="339" href="#339">339</a> } -<a name="340" href="#340">340</a> -<a name="341" href="#341">341</a> WSSecurityEngine newEngine = <strong class="jxr_keyword">new</strong> WSSecurityEngine(); -<a name="342" href="#342">342</a> <strong class="jxr_keyword">try</strong> { -<a name="343" href="#343">343</a> newEngine.processSecurityHeader(doc, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/common/KeystoreCallbackHandler.html">KeystoreCallbackHandler</a>(), wssCrypto); -<a name="344" href="#344">344</a> fail(<span class="jxr_string">"Failure expected on a modified EncryptedData structure"</span>); -<a name="345" href="#345">345</a> } <strong class="jxr_keyword">catch</strong> (WSSecurityException ex) { -<a name="346" href="#346">346</a> assertTrue(ex.getErrorCode() == 6); -<a name="347" href="#347">347</a> assertTrue(ex.getMessage().startsWith(<span class="jxr_string">"The signature or decryption was invalid"</span>)); -<a name="348" href="#348">348</a> } -<a name="349" href="#349">349</a> } -<a name="350" href="#350">350</a> -<a name="351" href="#351">351</a> <em class="jxr_javadoccomment">/**</em> -<a name="352" href="#352">352</a> <em class="jxr_javadoccomment"> * Test for when some EncryptedData CipherValue data is modified.</em> -<a name="353" href="#353">353</a> <em class="jxr_javadoccomment"> */</em> -<a name="354" href="#354">354</a> @org.junit.Test -<a name="355" href="#355">355</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testModifiedEncryptedDataCipherValue() <strong class="jxr_keyword">throws</strong> Exception { -<a name="356" href="#356">356</a> WSSecEncrypt builder = <strong class="jxr_keyword">new</strong> WSSecEncrypt(); -<a name="357" href="#357">357</a> builder.setUserInfo(<span class="jxr_string">"wss40"</span>); -<a name="358" href="#358">358</a> builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE); -<a name="359" href="#359">359</a> builder.setSymmetricEncAlgorithm(WSConstants.TRIPLE_DES); -<a name="360" href="#360">360</a> Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG); -<a name="361" href="#361">361</a> WSSecHeader secHeader = <strong class="jxr_keyword">new</strong> WSSecHeader(); -<a name="362" href="#362">362</a> secHeader.insertSecurityHeader(doc); -<a name="363" href="#363">363</a> Crypto wssCrypto = CryptoFactory.getInstance(<span class="jxr_string">"wss40.properties"</span>); -<a name="364" href="#364">364</a> Document encryptedDoc = builder.build(doc, wssCrypto, secHeader); -<a name="365" href="#365">365</a> -<a name="366" href="#366">366</a> Element body = WSSecurityUtil.findBodyElement(doc); -<a name="367" href="#367">367</a> Element cipherValue = -<a name="368" href="#368">368</a> WSSecurityUtil.findElement(body, <span class="jxr_string">"CipherValue"</span>, WSConstants.ENC_NS); -<a name="369" href="#369">369</a> String cipherText = cipherValue.getTextContent(); -<a name="370" href="#370">370</a> -<a name="371" href="#371">371</a> StringBuilder stringBuilder = <strong class="jxr_keyword">new</strong> StringBuilder(cipherText); -<a name="372" href="#372">372</a> <strong class="jxr_keyword">int</strong> index = stringBuilder.length() / 2; -<a name="373" href="#373">373</a> <strong class="jxr_keyword">char</strong> ch = stringBuilder.charAt(index); -<a name="374" href="#374">374</a> <strong class="jxr_keyword">if</strong> (ch != 'A') { -<a name="375" href="#375">375</a> ch = 'A'; -<a name="376" href="#376">376</a> } <strong class="jxr_keyword">else</strong> { -<a name="377" href="#377">377</a> ch = 'B'; -<a name="378" href="#378">378</a> } -<a name="379" href="#379">379</a> stringBuilder.setCharAt(index, ch); -<a name="380" href="#380">380</a> cipherValue.setTextContent(stringBuilder.toString()); -<a name="381" href="#381">381</a> -<a name="382" href="#382">382</a> String outputString = -<a name="383" href="#383">383</a> org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc); -<a name="384" href="#384">384</a> <strong class="jxr_keyword">if</strong> (LOG.isDebugEnabled()) { -<a name="385" href="#385">385</a> LOG.debug(outputString); -<a name="386" href="#386">386</a> } -<a name="387" href="#387">387</a> -<a name="388" href="#388">388</a> WSSecurityEngine newEngine = <strong class="jxr_keyword">new</strong> WSSecurityEngine(); -<a name="389" href="#389">389</a> <strong class="jxr_keyword">try</strong> { -<a name="390" href="#390">390</a> newEngine.processSecurityHeader(doc, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/common/KeystoreCallbackHandler.html">KeystoreCallbackHandler</a>(), wssCrypto); -<a name="391" href="#391">391</a> fail(<span class="jxr_string">"Failure expected on a modified EncryptedData CipherValue"</span>); -<a name="392" href="#392">392</a> } <strong class="jxr_keyword">catch</strong> (WSSecurityException ex) { -<a name="393" href="#393">393</a> assertTrue(ex.getErrorCode() == 6); -<a name="394" href="#394">394</a> assertTrue(ex.getMessage().startsWith(<span class="jxr_string">"The signature or decryption was invalid"</span>)); -<a name="395" href="#395">395</a> } -<a name="396" href="#396">396</a> } -<a name="397" href="#397">397</a> -<a name="398" href="#398">398</a> <em class="jxr_javadoccomment">/**</em> -<a name="399" href="#399">399</a> <em class="jxr_javadoccomment"> * Test for when some EncryptedKey CipherValue data is modified.</em> -<a name="400" href="#400">400</a> <em class="jxr_javadoccomment"> */</em> -<a name="401" href="#401">401</a> @org.junit.Test -<a name="402" href="#402">402</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testModifiedEncryptedKeyCipherValue() <strong class="jxr_keyword">throws</strong> Exception { -<a name="403" href="#403">403</a> WSSecEncrypt builder = <strong class="jxr_keyword">new</strong> WSSecEncrypt(); -<a name="404" href="#404">404</a> builder.setUserInfo(<span class="jxr_string">"wss40"</span>); -<a name="405" href="#405">405</a> builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE); -<a name="406" href="#406">406</a> builder.setSymmetricEncAlgorithm(WSConstants.TRIPLE_DES); -<a name="407" href="#407">407</a> Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG); -<a name="408" href="#408">408</a> WSSecHeader secHeader = <strong class="jxr_keyword">new</strong> WSSecHeader(); -<a name="409" href="#409">409</a> secHeader.insertSecurityHeader(doc); -<a name="410" href="#410">410</a> Crypto wssCrypto = CryptoFactory.getInstance(<span class="jxr_string">"wss40.properties"</span>); -<a name="411" href="#411">411</a> Document encryptedDoc = builder.build(doc, wssCrypto, secHeader); -<a name="412" href="#412">412</a> -<a name="413" href="#413">413</a> Element encryptedKey = -<a name="414" href="#414">414</a> WSSecurityUtil.findElement(doc.getDocumentElement(), <span class="jxr_string">"EncryptedKey"</span>, WSConstants.ENC_NS); -<a name="415" href="#415">415</a> Element cipherValue = -<a name="416" href="#416">416</a> WSSecurityUtil.findElement(encryptedKey, <span class="jxr_string">"CipherValue"</span>, WSConstants.ENC_NS); -<a name="417" href="#417">417</a> String cipherText = cipherValue.getTextContent(); -<a name="418" href="#418">418</a> -<a name="419" href="#419">419</a> StringBuilder stringBuilder = <strong class="jxr_keyword">new</strong> StringBuilder(cipherText); -<a name="420" href="#420">420</a> <strong class="jxr_keyword">int</strong> index = stringBuilder.length() / 2; -<a name="421" href="#421">421</a> <strong class="jxr_keyword">char</strong> ch = stringBuilder.charAt(index); -<a name="422" href="#422">422</a> <strong class="jxr_keyword">if</strong> (ch != 'A') { -<a name="423" href="#423">423</a> ch = 'A'; -<a name="424" href="#424">424</a> } <strong class="jxr_keyword">else</strong> { -<a name="425" href="#425">425</a> ch = 'B'; -<a name="426" href="#426">426</a> } -<a name="427" href="#427">427</a> stringBuilder.setCharAt(index, ch); -<a name="428" href="#428">428</a> cipherValue.setTextContent(stringBuilder.toString()); -<a name="429" href="#429">429</a> -<a name="430" href="#430">430</a> String outputString = -<a name="431" href="#431">431</a> org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc); -<a name="432" href="#432">432</a> <strong class="jxr_keyword">if</strong> (LOG.isDebugEnabled()) { -<a name="433" href="#433">433</a> LOG.debug(outputString); -<a name="434" href="#434">434</a> } -<a name="435" href="#435">435</a> -<a name="436" href="#436">436</a> WSSecurityEngine newEngine = <strong class="jxr_keyword">new</strong> WSSecurityEngine(); -<a name="437" href="#437">437</a> <strong class="jxr_keyword">try</strong> { -<a name="438" href="#438">438</a> newEngine.processSecurityHeader(doc, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/common/KeystoreCallbackHandler.html">KeystoreCallbackHandler</a>(), wssCrypto); -<a name="439" href="#439">439</a> fail(<span class="jxr_string">"Failure expected on a modified EncryptedData CipherValue"</span>); -<a name="440" href="#440">440</a> } <strong class="jxr_keyword">catch</strong> (WSSecurityException ex) { -<a name="441" href="#441">441</a> assertTrue(ex.getErrorCode() == 6); -<a name="442" href="#442">442</a> assertTrue(ex.getMessage().startsWith(<span class="jxr_string">"The signature or decryption was invalid"</span>)); -<a name="443" href="#443">443</a> } -<a name="444" href="#444">444</a> } -<a name="445" href="#445">445</a> -<a name="446" href="#446">446</a> -<a name="447" href="#447">447</a> -<a name="448" href="#448">448</a> <em class="jxr_javadoccomment">/**</em> -<a name="449" href="#449">449</a> <em class="jxr_javadoccomment"> * Test for when an element that a Signature Reference points to is modified</em> -<a name="450" href="#450">450</a> <em class="jxr_javadoccomment"> */</em> -<a name="451" href="#451">451</a> @org.junit.Test -<a name="452" href="#452">452</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testModifiedSignatureReference() <strong class="jxr_keyword">throws</strong> Exception { -<a name="453" href="#453">453</a> WSSecSignature builder = <strong class="jxr_keyword">new</strong> WSSecSignature(); -<a name="454" href="#454">454</a> builder.setUserInfo(<span class="jxr_string">"16c73ab6-b892-458f-abf5-2f875f74882e"</span>, <span class="jxr_string">"security"</span>); -<a name="455" href="#455">455</a> Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG); -<a name="456" href="#456">456</a> WSSecHeader secHeader = <strong class="jxr_keyword">new</strong> WSSecHeader(); -<a name="457" href="#457">457</a> secHeader.insertSecurityHeader(doc); -<a name="458" href="#458">458</a> -<a name="459" href="#459">459</a> WSSecTimestamp timestamp = <strong class="jxr_keyword">new</strong> WSSecTimestamp(); -<a name="460" href="#460">460</a> timestamp.setTimeToLive(300); -<a name="461" href="#461">461</a> Document createdDoc = timestamp.build(doc, secHeader); -<a name="462" href="#462">462</a> -<a name="463" href="#463">463</a> List<WSEncryptionPart> parts = <strong class="jxr_keyword">new</strong> ArrayList<WSEncryptionPart>(); -<a name="464" href="#464">464</a> WSEncryptionPart encP = -<a name="465" href="#465">465</a> <strong class="jxr_keyword">new</strong> WSEncryptionPart( -<a name="466" href="#466">466</a> <span class="jxr_string">"Timestamp"</span>, -<a name="467" href="#467">467</a> WSConstants.WSU_NS, -<a name="468" href="#468">468</a> <span class="jxr_string">""</span>); -<a name="469" href="#469">469</a> parts.add(encP); -<a name="470" href="#470">470</a> builder.setParts(parts); -<a name="471" href="#471">471</a> -<a name="472" href="#472">472</a> Document signedDoc = builder.build(createdDoc, crypto, secHeader); -<a name="473" href="#473">473</a> -<a name="474" href="#474">474</a> <em class="jxr_comment">// Modify the Created text of the Timestamp element</em> -<a name="475" href="#475">475</a> Element timestampElement = timestamp.getElement(); -<a name="476" href="#476">476</a> Element createdValue = -<a name="477" href="#477">477</a> WSSecurityUtil.findElement(timestampElement, <span class="jxr_string">"Created"</span>, WSConstants.WSU_NS); -<a name="478" href="#478">478</a> DateFormat zulu = <strong class="jxr_keyword">new</strong> XmlSchemaDateFormat(); -<a name="479" href="#479">479</a> createdValue.setTextContent(zulu.format(<strong class="jxr_keyword">new</strong> Date())); -<a name="480" href="#480">480</a> -<a name="481" href="#481">481</a> <strong class="jxr_keyword">if</strong> (LOG.isDebugEnabled()) { -<a name="482" href="#482">482</a> String outputString = -<a name="483" href="#483">483</a> org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc); -<a name="484" href="#484">484</a> LOG.debug(outputString); -<a name="485" href="#485">485</a> } -<a name="486" href="#486">486</a> -<a name="487" href="#487">487</a> <strong class="jxr_keyword">try</strong> { -<a name="488" href="#488">488</a> verify(signedDoc); -<a name="489" href="#489">489</a> fail(<span class="jxr_string">"Failure expected on a modified Signature Reference"</span>); -<a name="490" href="#490">490</a> } <strong class="jxr_keyword">catch</strong> (WSSecurityException ex) { -<a name="491" href="#491">491</a> assertTrue(ex.getErrorCode() == 6); -<a name="492" href="#492">492</a> assertTrue(ex.getMessage().startsWith(<span class="jxr_string">"The signature or decryption was invalid"</span>)); -<a name="493" href="#493">493</a> } -<a name="494" href="#494">494</a> } -<a name="495" href="#495">495</a> -<a name="496" href="#496">496</a> <em class="jxr_javadoccomment">/**</em> -<a name="497" href="#497">497</a> <em class="jxr_javadoccomment"> * Test for when a Signature is received with a certificate that is not trusted</em> -<a name="498" href="#498">498</a> <em class="jxr_javadoccomment"> */</em> -<a name="499" href="#499">499</a> @org.junit.Test -<a name="500" href="#500">500</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testUntrustedSignature() <strong class="jxr_keyword">throws</strong> Exception { -<a name="501" href="#501">501</a> WSSecSignature builder = <strong class="jxr_keyword">new</strong> WSSecSignature(); -<a name="502" href="#502">502</a> builder.setUserInfo(<span class="jxr_string">"wss40"</span>, <span class="jxr_string">"security"</span>); -<a name="503" href="#503">503</a> Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG); -<a name="504" href="#504">504</a> WSSecHeader secHeader = <strong class="jxr_keyword">new</strong> WSSecHeader(); -<a name="505" href="#505">505</a> secHeader.insertSecurityHeader(doc); -<a name="506" href="#506">506</a> -<a name="507" href="#507">507</a> Crypto wss40Crypto = CryptoFactory.getInstance(<span class="jxr_string">"wss40.properties"</span>); -<a name="508" href="#508">508</a> Document signedDoc = builder.build(doc, wss40Crypto, secHeader); +<a name="319" href="#319">319</a> <em class="jxr_javadoccomment"> * TODO Re-enable this test once Santuario 1.4.6 is released.</em> +<a name="320" href="#320">320</a> <em class="jxr_javadoccomment"> */</em> +<a name="321" href="#321">321</a> @org.junit.Test +<a name="322" href="#322">322</a> @org.junit.Ignore +<a name="323" href="#323">323</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testModifiedEncryptedDataStructure() <strong class="jxr_keyword">throws</strong> Exception { +<a name="324" href="#324">324</a> WSSecEncrypt builder = <strong class="jxr_keyword">new</strong> WSSecEncrypt(); +<a name="325" href="#325">325</a> builder.setUserInfo(<span class="jxr_string">"wss40"</span>); +<a name="326" href="#326">326</a> builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE); +<a name="327" href="#327">327</a> builder.setSymmetricEncAlgorithm(WSConstants.TRIPLE_DES); +<a name="328" href="#328">328</a> Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG); +<a name="329" href="#329">329</a> WSSecHeader secHeader = <strong class="jxr_keyword">new</strong> WSSecHeader(); +<a name="330" href="#330">330</a> secHeader.insertSecurityHeader(doc); +<a name="331" href="#331">331</a> Crypto wssCrypto = CryptoFactory.getInstance(<span class="jxr_string">"wss40.properties"</span>); +<a name="332" href="#332">332</a> Document encryptedDoc = builder.build(doc, wssCrypto, secHeader); +<a name="333" href="#333">333</a> +<a name="334" href="#334">334</a> Element body = WSSecurityUtil.findBodyElement(doc); +<a name="335" href="#335">335</a> Element encryptionMethod = +<a name="336" href="#336">336</a> WSSecurityUtil.findElement(body, <span class="jxr_string">"EncryptionMethod"</span>, WSConstants.ENC_NS); +<a name="337" href="#337">337</a> encryptionMethod.setAttribute(<span class="jxr_string">"Algorithm"</span>, <span class="jxr_string">"http://new-algorithm";</span>); +<a name="338" href="#338">338</a> +<a name="339" href="#339">339</a> String outputString = +<a name="340" href="#340">340</a> org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc); +<a name="341" href="#341">341</a> <strong class="jxr_keyword">if</strong> (LOG.isDebugEnabled()) { +<a name="342" href="#342">342</a> LOG.debug(outputString); +<a name="343" href="#343">343</a> } +<a name="344" href="#344">344</a> +<a name="345" href="#345">345</a> WSSecurityEngine newEngine = <strong class="jxr_keyword">new</strong> WSSecurityEngine(); +<a name="346" href="#346">346</a> <strong class="jxr_keyword">try</strong> { +<a name="347" href="#347">347</a> newEngine.processSecurityHeader(doc, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/common/KeystoreCallbackHandler.html">KeystoreCallbackHandler</a>(), wssCrypto); +<a name="348" href="#348">348</a> fail(<span class="jxr_string">"Failure expected on a modified EncryptedData structure"</span>); +<a name="349" href="#349">349</a> } <strong class="jxr_keyword">catch</strong> (WSSecurityException ex) { +<a name="350" href="#350">350</a> <em class="jxr_comment">// expected</em> +<a name="351" href="#351">351</a> } +<a name="352" href="#352">352</a> } +<a name="353" href="#353">353</a> +<a name="354" href="#354">354</a> <em class="jxr_javadoccomment">/**</em> +<a name="355" href="#355">355</a> <em class="jxr_javadoccomment"> * Test for when some EncryptedData CipherValue data is modified.</em> +<a name="356" href="#356">356</a> <em class="jxr_javadoccomment"> */</em> +<a name="357" href="#357">357</a> @org.junit.Test +<a name="358" href="#358">358</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testModifiedEncryptedDataCipherValue() <strong class="jxr_keyword">throws</strong> Exception { +<a name="359" href="#359">359</a> WSSecEncrypt builder = <strong class="jxr_keyword">new</strong> WSSecEncrypt(); +<a name="360" href="#360">360</a> builder.setUserInfo(<span class="jxr_string">"wss40"</span>); +<a name="361" href="#361">361</a> builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE); +<a name="362" href="#362">362</a> builder.setSymmetricEncAlgorithm(WSConstants.TRIPLE_DES); +<a name="363" href="#363">363</a> Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG); +<a name="364" href="#364">364</a> WSSecHeader secHeader = <strong class="jxr_keyword">new</strong> WSSecHeader(); +<a name="365" href="#365">365</a> secHeader.insertSecurityHeader(doc); +<a name="366" href="#366">366</a> Crypto wssCrypto = CryptoFactory.getInstance(<span class="jxr_string">"wss40.properties"</span>); +<a name="367" href="#367">367</a> Document encryptedDoc = builder.build(doc, wssCrypto, secHeader); +<a name="368" href="#368">368</a> +<a name="369" href="#369">369</a> Element body = WSSecurityUtil.findBodyElement(doc); +<a name="370" href="#370">370</a> Element cipherValue = +<a name="371" href="#371">371</a> WSSecurityUtil.findElement(body, <span class="jxr_string">"CipherValue"</span>, WSConstants.ENC_NS); +<a name="372" href="#372">372</a> String cipherText = cipherValue.getTextContent(); +<a name="373" href="#373">373</a> +<a name="374" href="#374">374</a> StringBuilder stringBuilder = <strong class="jxr_keyword">new</strong> StringBuilder(cipherText); +<a name="375" href="#375">375</a> <strong class="jxr_keyword">int</strong> index = stringBuilder.length() / 2; +<a name="376" href="#376">376</a> <strong class="jxr_keyword">char</strong> ch = stringBuilder.charAt(index); +<a name="377" href="#377">377</a> <strong class="jxr_keyword">if</strong> (ch != 'A') { +<a name="378" href="#378">378</a> ch = 'A'; +<a name="379" href="#379">379</a> } <strong class="jxr_keyword">else</strong> { +<a name="380" href="#380">380</a> ch = 'B'; +<a name="381" href="#381">381</a> } +<a name="382" href="#382">382</a> stringBuilder.setCharAt(index, ch); +<a name="383" href="#383">383</a> cipherValue.setTextContent(stringBuilder.toString()); +<a name="384" href="#384">384</a> +<a name="385" href="#385">385</a> String outputString = +<a name="386" href="#386">386</a> org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc); +<a name="387" href="#387">387</a> <strong class="jxr_keyword">if</strong> (LOG.isDebugEnabled()) { +<a name="388" href="#388">388</a> LOG.debug(outputString); +<a name="389" href="#389">389</a> } +<a name="390" href="#390">390</a> +<a name="391" href="#391">391</a> WSSecurityEngine newEngine = <strong class="jxr_keyword">new</strong> WSSecurityEngine(); +<a name="392" href="#392">392</a> <strong class="jxr_keyword">try</strong> { +<a name="393" href="#393">393</a> newEngine.processSecurityHeader(doc, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/common/KeystoreCallbackHandler.html">KeystoreCallbackHandler</a>(), wssCrypto); +<a name="394" href="#394">394</a> fail(<span class="jxr_string">"Failure expected on a modified EncryptedData CipherValue"</span>); +<a name="395" href="#395">395</a> } <strong class="jxr_keyword">catch</strong> (WSSecurityException ex) { +<a name="396" href="#396">396</a> assertTrue(ex.getErrorCode() == 6); +<a name="397" href="#397">397</a> assertTrue(ex.getMessage().startsWith(<span class="jxr_string">"The signature or decryption was invalid"</span>)); +<a name="398" href="#398">398</a> } +<a name="399" href="#399">399</a> } +<a name="400" href="#400">400</a> +<a name="401" href="#401">401</a> <em class="jxr_javadoccomment">/**</em> +<a name="402" href="#402">402</a> <em class="jxr_javadoccomment"> * Test for when some EncryptedKey CipherValue data is modified.</em> +<a name="403" href="#403">403</a> <em class="jxr_javadoccomment"> */</em> +<a name="404" href="#404">404</a> @org.junit.Test +<a name="405" href="#405">405</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testModifiedEncryptedKeyCipherValue() <strong class="jxr_keyword">throws</strong> Exception { +<a name="406" href="#406">406</a> WSSecEncrypt builder = <strong class="jxr_keyword">new</strong> WSSecEncrypt(); +<a name="407" href="#407">407</a> builder.setUserInfo(<span class="jxr_string">"wss40"</span>); +<a name="408" href="#408">408</a> builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE); +<a name="409" href="#409">409</a> builder.setSymmetricEncAlgorithm(WSConstants.TRIPLE_DES); +<a name="410" href="#410">410</a> Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG); +<a name="411" href="#411">411</a> WSSecHeader secHeader = <strong class="jxr_keyword">new</strong> WSSecHeader(); +<a name="412" href="#412">412</a> secHeader.insertSecurityHeader(doc); +<a name="413" href="#413">413</a> Crypto wssCrypto = CryptoFactory.getInstance(<span class="jxr_string">"wss40.properties"</span>); +<a name="414" href="#414">414</a> Document encryptedDoc = builder.build(doc, wssCrypto, secHeader); +<a name="415" href="#415">415</a> +<a name="416" href="#416">416</a> Element encryptedKey = +<a name="417" href="#417">417</a> WSSecurityUtil.findElement(doc.getDocumentElement(), <span class="jxr_string">"EncryptedKey"</span>, WSConstants.ENC_NS); +<a name="418" href="#418">418</a> Element cipherValue = +<a name="419" href="#419">419</a> WSSecurityUtil.findElement(encryptedKey, <span class="jxr_string">"CipherValue"</span>, WSConstants.ENC_NS); +<a name="420" href="#420">420</a> String cipherText = cipherValue.getTextContent(); +<a name="421" href="#421">421</a> +<a name="422" href="#422">422</a> StringBuilder stringBuilder = <strong class="jxr_keyword">new</strong> StringBuilder(cipherText); +<a name="423" href="#423">423</a> <strong class="jxr_keyword">int</strong> index = stringBuilder.length() / 2; +<a name="424" href="#424">424</a> <strong class="jxr_keyword">char</strong> ch = stringBuilder.charAt(index); +<a name="425" href="#425">425</a> <strong class="jxr_keyword">if</strong> (ch != 'A') { +<a name="426" href="#426">426</a> ch = 'A'; +<a name="427" href="#427">427</a> } <strong class="jxr_keyword">else</strong> { +<a name="428" href="#428">428</a> ch = 'B'; +<a name="429" href="#429">429</a> } +<a name="430" href="#430">430</a> stringBuilder.setCharAt(index, ch); +<a name="431" href="#431">431</a> cipherValue.setTextContent(stringBuilder.toString()); +<a name="432" href="#432">432</a> +<a name="433" href="#433">433</a> String outputString = +<a name="434" href="#434">434</a> org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc); +<a name="435" href="#435">435</a> <strong class="jxr_keyword">if</strong> (LOG.isDebugEnabled()) { +<a name="436" href="#436">436</a> LOG.debug(outputString); +<a name="437" href="#437">437</a> } +<a name="438" href="#438">438</a> +<a name="439" href="#439">439</a> WSSecurityEngine newEngine = <strong class="jxr_keyword">new</strong> WSSecurityEngine(); +<a name="440" href="#440">440</a> <strong class="jxr_keyword">try</strong> { +<a name="441" href="#441">441</a> newEngine.processSecurityHeader(doc, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/common/KeystoreCallbackHandler.html">KeystoreCallbackHandler</a>(), wssCrypto); +<a name="442" href="#442">442</a> fail(<span class="jxr_string">"Failure expected on a modified EncryptedData CipherValue"</span>); +<a name="443" href="#443">443</a> } <strong class="jxr_keyword">catch</strong> (WSSecurityException ex) { +<a name="444" href="#444">444</a> assertTrue(ex.getErrorCode() == 6); +<a name="445" href="#445">445</a> assertTrue(ex.getMessage().startsWith(<span class="jxr_string">"The signature or decryption was invalid"</span>)); +<a name="446" href="#446">446</a> } +<a name="447" href="#447">447</a> } +<a name="448" href="#448">448</a> +<a name="449" href="#449">449</a> +<a name="450" href="#450">450</a> +<a name="451" href="#451">451</a> <em class="jxr_javadoccomment">/**</em> +<a name="452" href="#452">452</a> <em class="jxr_javadoccomment"> * Test for when an element that a Signature Reference points to is modified</em> +<a name="453" href="#453">453</a> <em class="jxr_javadoccomment"> */</em> +<a name="454" href="#454">454</a> @org.junit.Test +<a name="455" href="#455">455</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testModifiedSignatureReference() <strong class="jxr_keyword">throws</strong> Exception { +<a name="456" href="#456">456</a> WSSecSignature builder = <strong class="jxr_keyword">new</strong> WSSecSignature(); +<a name="457" href="#457">457</a> builder.setUserInfo(<span class="jxr_string">"16c73ab6-b892-458f-abf5-2f875f74882e"</span>, <span class="jxr_string">"security"</span>); +<a name="458" href="#458">458</a> Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG); +<a name="459" href="#459">459</a> WSSecHeader secHeader = <strong class="jxr_keyword">new</strong> WSSecHeader(); +<a name="460" href="#460">460</a> secHeader.insertSecurityHeader(doc); +<a name="461" href="#461">461</a> +<a name="462" href="#462">462</a> WSSecTimestamp timestamp = <strong class="jxr_keyword">new</strong> WSSecTimestamp(); +<a name="463" href="#463">463</a> timestamp.setTimeToLive(300); +<a name="464" href="#464">464</a> Document createdDoc = timestamp.build(doc, secHeader); +<a name="465" href="#465">465</a> +<a name="466" href="#466">466</a> List<WSEncryptionPart> parts = <strong class="jxr_keyword">new</strong> ArrayList<WSEncryptionPart>(); +<a name="467" href="#467">467</a> WSEncryptionPart encP = +<a name="468" href="#468">468</a> <strong class="jxr_keyword">new</strong> WSEncryptionPart( +<a name="469" href="#469">469</a> <span class="jxr_string">"Timestamp"</span>, +<a name="470" href="#470">470</a> WSConstants.WSU_NS, +<a name="471" href="#471">471</a> <span class="jxr_string">""</span>); +<a name="472" href="#472">472</a> parts.add(encP); +<a name="473" href="#473">473</a> builder.setParts(parts); +<a name="474" href="#474">474</a> +<a name="475" href="#475">475</a> Document signedDoc = builder.build(createdDoc, crypto, secHeader); +<a name="476" href="#476">476</a> +<a name="477" href="#477">477</a> <em class="jxr_comment">// Modify the Created text of the Timestamp element</em> +<a name="478" href="#478">478</a> Element timestampElement = timestamp.getElement(); +<a name="479" href="#479">479</a> Element createdValue = +<a name="480" href="#480">480</a> WSSecurityUtil.findElement(timestampElement, <span class="jxr_string">"Created"</span>, WSConstants.WSU_NS); +<a name="481" href="#481">481</a> DateFormat zulu = <strong class="jxr_keyword">new</strong> XmlSchemaDateFormat(); +<a name="482" href="#482">482</a> createdValue.setTextContent(zulu.format(<strong class="jxr_keyword">new</strong> Date())); +<a name="483" href="#483">483</a> +<a name="484" href="#484">484</a> <strong class="jxr_keyword">if</strong> (LOG.isDebugEnabled()) { +<a name="485" href="#485">485</a> String outputString = +<a name="486" href="#486">486</a> org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc); +<a name="487" href="#487">487</a> LOG.debug(outputString); +<a name="488" href="#488">488</a> } +<a name="489" href="#489">489</a> +<a name="490" href="#490">490</a> <strong class="jxr_keyword">try</strong> { +<a name="491" href="#491">491</a> verify(signedDoc); +<a name="492" href="#492">492</a> fail(<span class="jxr_string">"Failure expected on a modified Signature Reference"</span>); +<a name="493" href="#493">493</a> } <strong class="jxr_keyword">catch</strong> (WSSecurityException ex) { +<a name="494" href="#494">494</a> assertTrue(ex.getErrorCode() == 6); +<a name="495" href="#495">495</a> assertTrue(ex.getMessage().startsWith(<span class="jxr_string">"The signature or decryption was invalid"</span>)); +<a name="496" href="#496">496</a> } +<a name="497" href="#497">497</a> } +<a name="498" href="#498">498</a> +<a name="499" href="#499">499</a> <em class="jxr_javadoccomment">/**</em> +<a name="500" href="#500">500</a> <em class="jxr_javadoccomment"> * Test for when a Signature is received with a certificate that is not trusted</em> +<a name="501" href="#501">501</a> <em class="jxr_javadoccomment"> */</em> +<a name="502" href="#502">502</a> @org.junit.Test +<a name="503" href="#503">503</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testUntrustedSignature() <strong class="jxr_keyword">throws</strong> Exception { +<a name="504" href="#504">504</a> WSSecSignature builder = <strong class="jxr_keyword">new</strong> WSSecSignature(); +<a name="505" href="#505">505</a> builder.setUserInfo(<span class="jxr_string">"wss40"</span>, <span class="jxr_string">"security"</span>); +<a name="506" href="#506">506</a> Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG); +<a name="507" href="#507">507</a> WSSecHeader secHeader = <strong class="jxr_keyword">new</strong> WSSecHeader(); +<a name="508" href="#508">508</a> secHeader.insertSecurityHeader(doc); <a name="509" href="#509">509</a> -<a name="510" href="#510">510</a> <strong class="jxr_keyword">if</strong> (LOG.isDebugEnabled()) { -<a name="511" href="#511">511</a> String outputString = -<a name="512" href="#512">512</a> org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc); -<a name="513" href="#513">513</a> LOG.debug(outputString); -<a name="514" href="#514">514</a> } -<a name="515" href="#515">515</a> -<a name="516" href="#516">516</a> <strong class="jxr_keyword">try</strong> { -<a name="517" href="#517">517</a> verify(signedDoc); -<a name="518" href="#518">518</a> fail(<span class="jxr_string">"Failure expected on an untrusted Certificate"</span>); -<a name="519" href="#519">519</a> } <strong class="jxr_keyword">catch</strong> (WSSecurityException ex) { -<a name="520" href="#520">520</a> assertTrue(ex.getErrorCode() == 6); -<a name="521" href="#521">521</a> assertTrue(ex.getMessage().startsWith(<span class="jxr_string">"The signature or decryption was invalid"</span>)); -<a name="522" href="#522">522</a> } -<a name="523" href="#523">523</a> } -<a name="524" href="#524">524</a> -<a name="525" href="#525">525</a> <em class="jxr_javadoccomment">/**</em> -<a name="526" href="#526">526</a> <em class="jxr_javadoccomment"> * Test for when the Signature element is modified</em> -<a name="527" href="#527">527</a> <em class="jxr_javadoccomment"> */</em> -<a name="528" href="#528">528</a> @org.junit.Test -<a name="529" href="#529">529</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testModifiedSignature() <strong class="jxr_keyword">throws</strong> Exception { -<a name="530" href="#530">530</a> WSSecSignature builder = <strong class="jxr_keyword">new</strong> WSSecSignature(); -<a name="531" href="#531">531</a> builder.setUserInfo(<span class="jxr_string">"16c73ab6-b892-458f-abf5-2f875f74882e"</span>, <span class="jxr_string">"security"</span>); -<a name="532" href="#532">532</a> Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG); -<a name="533" href="#533">533</a> WSSecHeader secHeader = <strong class="jxr_keyword">new</strong> WSSecHeader(); -<a name="534" href="#534">534</a> secHeader.insertSecurityHeader(doc); -<a name="535" href="#535">535</a> -<a name="536" href="#536">536</a> Document signedDoc = builder.build(doc, crypto, secHeader); -<a name="537" href="#537">537</a> -<a name="538" href="#538">538</a> <em class="jxr_comment">// Modify the Signature element</em> -<a name="539" href="#539">539</a> Element signatureElement = builder.getSignatureElement(); -<a name="540" href="#540">540</a> Node firstChild = signatureElement.getFirstChild(); -<a name="541" href="#541">541</a> <strong class="jxr_keyword">while</strong> (!(firstChild instanceof Element) && firstChild != <strong class="jxr_keyword">null</strong>) { -<a name="542" href="#542">542</a> firstChild = signatureElement.getNextSibling(); -<a name="543" href="#543">543</a> } -<a name="544" href="#544">544</a> ((Element)firstChild).setAttributeNS(<strong class="jxr_keyword">null</strong>, <span class="jxr_string">"Id"</span>, <span class="jxr_string">"xyz"</span>); -<a name="545" href="#545">545</a> -<a name="546" href="#546">546</a> <strong class="jxr_keyword">if</strong> (LOG.isDebugEnabled()) { -<a name="547" href="#547">547</a> String outputString = -<a name="548" href="#548">548</a> org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc); -<a name="549" href="#549">549</a> LOG.debug(outputString); -<a name="550" href="#550">550</a> } -<a name="551" href="#551">551</a> -<a name="552" href="#552">552</a> <strong class="jxr_keyword">try</strong> { -<a name="553" href="#553">553</a> verify(signedDoc); -<a name="554" href="#554">554</a> fail(<span class="jxr_string">"Failure expected on a modified Signature element"</span>); -<a name="555" href="#555">555</a> } <strong class="jxr_keyword">catch</strong> (WSSecurityException ex) { -<a name="556" href="#556">556</a> assertTrue(ex.getErrorCode() == 6); -<a name="557" href="#557">557</a> assertTrue(ex.getMessage().startsWith(<span class="jxr_string">"The signature or decryption was invalid"</span>)); -<a name="558" href="#558">558</a> } -<a name="559" href="#559">559</a> } -<a name="560" href="#560">560</a> -<a name="561" href="#561">561</a> <em class="jxr_javadoccomment">/**</em> -<a name="562" href="#562">562</a> <em class="jxr_javadoccomment"> * Verifies the soap envelope</em> -<a name="563" href="#563">563</a> <em class="jxr_javadoccomment"> * <p/></em> -<a name="564" href="#564">564</a> <em class="jxr_javadoccomment"> * </em> -<a name="565" href="#565">565</a> <em class="jxr_javadoccomment"> * @param env soap envelope</em> -<a name="566" href="#566">566</a> <em class="jxr_javadoccomment"> * @throws java.lang.Exception Thrown when there is a problem in verification</em> -<a name="567" href="#567">567</a> <em class="jxr_javadoccomment"> */</em> -<a name="568" href="#568">568</a> <strong class="jxr_keyword">private</strong> List<WSSecurityEngineResult> verify(Document doc) <strong class="jxr_keyword">throws</strong> Exception { -<a name="569" href="#569">569</a> <strong class="jxr_keyword">return</strong> secEngine.processSecurityHeader(doc, <strong class="jxr_keyword">null</strong>, callbackHandler, crypto); -<a name="570" href="#570">570</a> } -<a name="571" href="#571">571</a> -<a name="572" href="#572">572</a> } +<a name="510" href="#510">510</a> Crypto wss40Crypto = CryptoFactory.getInstance(<span class="jxr_string">"wss40.properties"</span>); +<a name="511" href="#511">511</a> Document signedDoc = builder.build(doc, wss40Crypto, secHeader); +<a name="512" href="#512">512</a> +<a name="513" href="#513">513</a> <strong class="jxr_keyword">if</strong> (LOG.isDebugEnabled()) { +<a name="514" href="#514">514</a> String outputString = +<a name="515" href="#515">515</a> org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc); +<a name="516" href="#516">516</a> LOG.debug(outputString); +<a name="517" href="#517">517</a> } +<a name="518" href="#518">518</a> +<a name="519" href="#519">519</a> <strong class="jxr_keyword">try</strong> { +<a name="520" href="#520">520</a> verify(signedDoc); +<a name="521" href="#521">521</a> fail(<span class="jxr_string">"Failure expected on an untrusted Certificate"</span>); +<a name="522" href="#522">522</a> } <strong class="jxr_keyword">catch</strong> (WSSecurityException ex) { +<a name="523" href="#523">523</a> assertTrue(ex.getErrorCode() == 6); +<a name="524" href="#524">524</a> assertTrue(ex.getMessage().startsWith(<span class="jxr_string">"The signature or decryption was invalid"</span>)); +<a name="525" href="#525">525</a> } +<a name="526" href="#526">526</a> } +<a name="527" href="#527">527</a> +<a name="528" href="#528">528</a> <em class="jxr_javadoccomment">/**</em> +<a name="529" href="#529">529</a> <em class="jxr_javadoccomment"> * Test for when the Signature element is modified</em> +<a name="530" href="#530">530</a> <em class="jxr_javadoccomment"> */</em> +<a name="531" href="#531">531</a> @org.junit.Test +<a name="532" href="#532">532</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> testModifiedSignature() <strong class="jxr_keyword">throws</strong> Exception { +<a name="533" href="#533">533</a> WSSecSignature builder = <strong class="jxr_keyword">new</strong> WSSecSignature(); +<a name="534" href="#534">534</a> builder.setUserInfo(<span class="jxr_string">"16c73ab6-b892-458f-abf5-2f875f74882e"</span>, <span class="jxr_string">"security"</span>); +<a name="535" href="#535">535</a> Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG); +<a name="536" href="#536">536</a> WSSecHeader secHeader = <strong class="jxr_keyword">new</strong> WSSecHeader(); +<a name="537" href="#537">537</a> secHeader.insertSecurityHeader(doc); +<a name="538" href="#538">538</a> +<a name="539" href="#539">539</a> Document signedDoc = builder.build(doc, crypto, secHeader); +<a name="540" href="#540">540</a> +<a name="541" href="#541">541</a> <em class="jxr_comment">// Modify the Signature element</em> +<a name="542" href="#542">542</a> Element signatureElement = builder.getSignatureElement(); +<a name="543" href="#543">543</a> Node firstChild = signatureElement.getFirstChild(); +<a name="544" href="#544">544</a> <strong class="jxr_keyword">while</strong> (!(firstChild instanceof Element) && firstChild != <strong class="jxr_keyword">null</strong>) { +<a name="545" href="#545">545</a> firstChild = signatureElement.getNextSibling(); +<a name="546" href="#546">546</a> } +<a name="547" href="#547">547</a> ((Element)firstChild).setAttributeNS(<strong class="jxr_keyword">null</strong>, <span class="jxr_string">"Id"</span>, <span class="jxr_string">"xyz"</span>); +<a name="548" href="#548">548</a> +<a name="549" href="#549">549</a> <strong class="jxr_keyword">if</strong> (LOG.isDebugEnabled()) { +<a name="550" href="#550">550</a> String outputString = +<a name="551" href="#551">551</a> org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc); +<a name="552" href="#552">552</a> LOG.debug(outputString); +<a name="553" href="#553">553</a> } +<a name="554" href="#554">554</a> +<a name="555" href="#555">555</a> <strong class="jxr_keyword">try</strong> { +<a name="556" href="#556">556</a> verify(signedDoc); +<a name="557" href="#557">557</a> fail(<span class="jxr_string">"Failure expected on a modified Signature element"</span>); +<a name="558" href="#558">558</a> } <strong class="jxr_keyword">catch</strong> (WSSecurityException ex) { +<a name="559" href="#559">559</a> assertTrue(ex.getErrorCode() == 6); +<a name="560" href="#560">560</a> assertTrue(ex.getMessage().startsWith(<span class="jxr_string">"The signature or decryption was invalid"</span>)); +<a name="561" href="#561">561</a> } +<a name="562" href="#562">562</a> } +<a name="563" href="#563">563</a> +<a name="564" href="#564">564</a> <em class="jxr_javadoccomment">/**</em> +<a name="565" href="#565">565</a> <em class="jxr_javadoccomment"> * Verifies the soap envelope</em> +<a name="566" href="#566">566</a> <em class="jxr_javadoccomment"> * <p/></em> +<a name="567" href="#567">567</a> <em class="jxr_javadoccomment"> * </em> +<a name="568" href="#568">568</a> <em class="jxr_javadoccomment"> * @param env soap envelope</em> +<a name="569" href="#569">569</a> <em class="jxr_javadoccomment"> * @throws java.lang.Exception Thrown when there is a problem in verification</em> +<a name="570" href="#570">570</a> <em class="jxr_javadoccomment"> */</em> +<a name="571" href="#571">571</a> <strong class="jxr_keyword">private</strong> List<WSSecurityEngineResult> verify(Document doc) <strong class="jxr_keyword">throws</strong> Exception { +<a name="572" href="#572">572</a> <strong class="jxr_keyword">return</strong> secEngine.processSecurityHeader(doc, <strong class="jxr_keyword">null</strong>, callbackHandler, crypto); +<a name="573" href="#573">573</a> } +<a name="574" href="#574">574</a> +<a name="575" href="#575">575</a> } </pre> <hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/";>Maven</a></div></body> </html>
