001: /*
002: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003: *
004: * Copyright 1997-2007 Sun Microsystems, Inc. All rights reserved.
005: *
006: * The contents of this file are subject to the terms of either the GNU
007: * General Public License Version 2 only ("GPL") or the Common Development
008: * and Distribution License("CDDL") (collectively, the "License"). You
009: * may not use this file except in compliance with the License. You can obtain
010: * a copy of the License at https://glassfish.dev.java.net/public/CDDL+GPL.html
011: * or glassfish/bootstrap/legal/LICENSE.txt. See the License for the specific
012: * language governing permissions and limitations under the License.
013: *
014: * When distributing the software, include this License Header Notice in each
015: * file and include the License file at glassfish/bootstrap/legal/LICENSE.txt.
016: * Sun designates this particular file as subject to the "Classpath" exception
017: * as provided by Sun in the GPL Version 2 section of the License file that
018: * accompanied this code. If applicable, add the following below the License
019: * Header, with the fields enclosed by brackets [] replaced by your own
020: * identifying information: "Portions Copyrighted [year]
021: * [name of copyright owner]"
022: *
023: * Contributor(s):
024: *
025: * If you wish your version of this file to be governed by only the CDDL or
026: * only the GPL Version 2, indicate your decision by adding "[Contributor]
027: * elects to include this software in this distribution under the [CDDL or GPL
028: * Version 2] license." If you don't indicate a single choice of license, a
029: * recipient has the option to distribute your version of this file under
030: * either the CDDL, the GPL Version 2 or to extend the choice of license to
031: * its licensees as provided above. However, if you add GPL Version 2 code
032: * and therefore, elected the GPL Version 2 license, then the option applies
033: * only if the new code is made subject to such option by the copyright
034: * holder.
035: */
036: /*
037: * SignatureConfirmationTest.java
038: *
039: * Created on April 4, 2006, 6:06 PM
040: *
041: * To change this template, choose Tools | Template Manager
042: * and open the template in the editor.
043: */
044:
045: package com.sun.xml.wss.impl;
046:
047: import junit.framework.Test;
048: import junit.framework.TestCase;
049: import junit.framework.TestSuite;
050:
051: import com.sun.xml.wss.callback.PolicyCallbackHandler1;
052: import com.sun.xml.ws.security.impl.policy.*;
053: import com.sun.xml.ws.security.policy.AlgorithmSuiteValue;
054: import com.sun.xml.wss.impl.policy.mls.*;
055: import com.sun.xml.wss.impl.*;
056: import com.sun.xml.wss.*;
057: import com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl;
058: import com.sun.xml.wss.impl.filter.*;
059: import com.sun.xml.wss.impl.WSSAssertion;
060: import com.sun.xml.wss.impl.util.PolicyResourceLoader;
061: import com.sun.xml.wss.impl.util.TestUtil;
062:
063: import com.sun.xml.ws.policy.Policy;
064: import com.sun.xml.ws.policy.PolicyAssertion;
065: import com.sun.xml.ws.policy.AssertionSet;
066:
067: import javax.security.auth.callback.CallbackHandler;
068: import javax.xml.crypto.dsig.DigestMethod;
069: import javax.xml.namespace.QName;
070: import javax.xml.soap.*;
071:
072: import java.util.*;
073: import java.io.*;
074:
075: /**
076: *
077: * @author ashutosh.shahi@sun.com
078: */
079: public class SignatureConfirmationTest extends TestCase {
080:
081: private static Hashtable client = new Hashtable();
082: private static Hashtable server = new Hashtable();
083: private static AlgorithmSuite alg = null;
084:
085: /** Creates a new instance of SignatureConfirmationTest */
086: public SignatureConfirmationTest(String testName) {
087: super (testName);
088: }
089:
090: protected void setUp() throws Exception {
091:
092: }
093:
094: protected void tearDown() throws Exception {
095: }
096:
097: public static Test suite() {
098: TestSuite suite = new TestSuite(SymmetricDktTest.class);
099: return suite;
100: }
101:
102: public static void testSignatureConfirmationTest() throws Exception {
103: //alg.setType(AlgorithmSuiteValue.Basic128);
104: alg = new AlgorithmSuite(AlgorithmSuiteValue.Basic128
105: .getDigAlgorithm(), AlgorithmSuiteValue.Basic128
106: .getEncAlgorithm(), AlgorithmSuiteValue.Basic128
107: .getSymKWAlgorithm(), AlgorithmSuiteValue.Basic128
108: .getAsymKWAlgorithm());
109: SignaturePolicy signaturePolicy = new SignaturePolicy();
110: SignatureTarget st = new SignatureTarget();
111: st.setType("qname");
112: st.setDigestAlgorithm(DigestMethod.SHA1);
113: ((SignaturePolicy.FeatureBinding) signaturePolicy
114: .getFeatureBinding()).addTargetBinding(st);
115: ((SignaturePolicy.FeatureBinding) signaturePolicy
116: .getFeatureBinding())
117: .setCanonicalizationAlgorithm(MessageConstants.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
118:
119: QName name = new QName("X509Certificate");
120: Token tok = new Token(name);
121:
122: SymmetricKeyBinding sigKb = (SymmetricKeyBinding) signaturePolicy
123: .newSymmetricKeyBinding();
124: AuthenticationTokenPolicy.X509CertificateBinding x509bind = (AuthenticationTokenPolicy.X509CertificateBinding) sigKb
125: .newX509CertificateKeyBinding();
126: x509bind.setReferenceType(MessageConstants.THUMB_PRINT_TYPE);
127: //x509bind.setPolicyToken(tok);
128: x509bind.setUUID(new String("1018"));
129:
130: SOAPMessage msg = MessageFactory.newInstance().createMessage();
131: SOAPBody body = msg.getSOAPBody();
132: SOAPBodyElement sbe = body.addBodyElement(SOAPFactory
133: .newInstance().createName("StockSymbol", "tru",
134: "http://fabrikam123.com/payloads"));
135: sbe.addTextNode("QQQ");
136:
137: //Create processing context and set the soap
138: //message to be processed.
139: ProcessingContextImpl context = new ProcessingContextImpl(
140: client);
141: context.setSOAPMessage(msg);
142:
143: com.sun.xml.ws.security.policy.WSSAssertion wssAssertionws = null;
144: WSSAssertion wssAssertion = null;
145: AssertionSet as = null;
146: Policy wssPolicy = new PolicyResourceLoader()
147: .loadPolicy("security/policy-binding2.xml");
148: Iterator<AssertionSet> i = wssPolicy.iterator();
149: if (i.hasNext())
150: as = i.next();
151:
152: for (PolicyAssertion assertion : as) {
153: if (assertion instanceof com.sun.xml.ws.security.policy.WSSAssertion) {
154: wssAssertionws = (com.sun.xml.ws.security.policy.WSSAssertion) assertion;
155: }
156: }
157: //wssAssertion.addRequiredProperty("RequireSignatureConfirmation");
158: wssAssertion = getWssAssertion(wssAssertionws);
159: MessagePolicy pol = new MessagePolicy();
160: pol.append(signaturePolicy);
161: pol.setWSSAssertion(wssAssertion);
162:
163: context.setAlgorithmSuite(alg);
164:
165: context.setSecurityPolicy(pol);
166: CallbackHandler handler = new PolicyCallbackHandler1("client");
167: SecurityEnvironment env = new DefaultSecurityEnvironmentImpl(
168: handler);
169: context.setSecurityEnvironment(env);
170:
171: SecurityAnnotator.secureMessage(context);
172:
173: SOAPMessage secMsg = context.getSOAPMessage();
174: //DumpFilter.process(context);
175:
176: // now persist the message and read-back
177: FileOutputStream sentFile = new FileOutputStream("golden.msg");
178: secMsg.saveChanges();
179: TestUtil.saveMimeHeaders(secMsg, "golden.mh");
180: secMsg.writeTo(sentFile);
181: sentFile.close();
182:
183: // now create the message
184: SOAPMessage recMsg = TestUtil.constructMessage("golden.mh",
185: "golden.msg");
186: // verify
187: ProcessingContextImpl context1 = verify(recMsg, null, null);
188:
189: //Send the response
190: context1.setAlgorithmSuite(alg);
191: context1.setSecurityPolicy(pol);
192: SecurityAnnotator.secureMessage(context1);
193: secMsg = context1.getSOAPMessage();
194: //DumpFilter.process(context1);
195:
196: // now persist the message and read-back
197: FileOutputStream recvdFile = new FileOutputStream("recvd.msg");
198: secMsg.saveChanges();
199: TestUtil.saveMimeHeaders(secMsg, "recvd.mh");
200: secMsg.writeTo(recvdFile);
201: recvdFile.close();
202:
203: // now create the message
204: SOAPMessage clientRecMsg = TestUtil.constructMessage(
205: "recvd.mh", "recvd.msg");
206: verify(clientRecMsg, null, client);
207:
208: }
209:
210: protected static WSSAssertion getWssAssertion(
211: com.sun.xml.ws.security.policy.WSSAssertion asser) {
212: com.sun.xml.wss.impl.WSSAssertion assertion = new com.sun.xml.wss.impl.WSSAssertion(
213: asser.getRequiredProperties(), asser.getType());
214: return assertion;
215: }
216:
217: public static ProcessingContextImpl verify(SOAPMessage msg,
218: byte[] proofKey, Map map) throws Exception {
219: //Create processing context and set the soap
220: //message to be processed.
221: ProcessingContextImpl context = new ProcessingContextImpl(map);
222: context.setSOAPMessage(msg);
223:
224: com.sun.xml.ws.security.policy.WSSAssertion wssAssertionws = null;
225: WSSAssertion wssAssertion = null;
226: AssertionSet as = null;
227: Policy wssPolicy = new PolicyResourceLoader()
228: .loadPolicy("security/policy-binding2.xml");
229: Iterator<AssertionSet> i = wssPolicy.iterator();
230: if (i.hasNext())
231: as = i.next();
232:
233: for (PolicyAssertion assertion : as) {
234: if (assertion instanceof com.sun.xml.ws.security.policy.WSSAssertion) {
235: wssAssertionws = (com.sun.xml.ws.security.policy.WSSAssertion) assertion;
236: }
237: }
238: //wssAssertion.addRequiredProperty("RequireSignatureConfirmation");
239: wssAssertion = getWssAssertion(wssAssertionws);
240: MessagePolicy pol = new MessagePolicy();
241: context.setAlgorithmSuite(alg);
242: pol.setWSSAssertion(wssAssertion);
243:
244: context.setSecurityPolicy(pol);
245: CallbackHandler handler = new PolicyCallbackHandler1("server");
246: SecurityEnvironment env = new DefaultSecurityEnvironmentImpl(
247: handler);
248: context.setSecurityEnvironment(env);
249:
250: SecurityRecipient.validateMessage(context);
251:
252: //System.out.println("Verfied Message");
253: //DumpFilter.process(context);
254:
255: return context;
256: }
257:
258: // public static void main(String[] args) throws Exception{
259: // testSignatureConfirmationTest();
260: // }
261:
262: }
|