001: /*
002: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003: *
004: * Copyright 1997-2007 Sun Microsystems, Inc. All rights reserved.
005: *
006: * The contents of this file are subject to the terms of either the GNU
007: * General Public License Version 2 only ("GPL") or the Common Development
008: * and Distribution License("CDDL") (collectively, the "License"). You
009: * may not use this file except in compliance with the License. You can obtain
010: * a copy of the License at https://glassfish.dev.java.net/public/CDDL+GPL.html
011: * or glassfish/bootstrap/legal/LICENSE.txt. See the License for the specific
012: * language governing permissions and limitations under the License.
013: *
014: * When distributing the software, include this License Header Notice in each
015: * file and include the License file at glassfish/bootstrap/legal/LICENSE.txt.
016: * Sun designates this particular file as subject to the "Classpath" exception
017: * as provided by Sun in the GPL Version 2 section of the License file that
018: * accompanied this code. If applicable, add the following below the License
019: * Header, with the fields enclosed by brackets [] replaced by your own
020: * identifying information: "Portions Copyrighted [year]
021: * [name of copyright owner]"
022: *
023: * Contributor(s):
024: *
025: * If you wish your version of this file to be governed by only the CDDL or
026: * only the GPL Version 2, indicate your decision by adding "[Contributor]
027: * elects to include this software in this distribution under the [CDDL or GPL
028: * Version 2] license." If you don't indicate a single choice of license, a
029: * recipient has the option to distribute your version of this file under
030: * either the CDDL, the GPL Version 2 or to extend the choice of license to
031: * its licensees as provided above. However, if you add GPL Version 2 code
032: * and therefore, elected the GPL Version 2 license, then the option applies
033: * only if the new code is made subject to such option by the copyright
034: * holder.
035: */
036: package com.sun.xml.wss.impl;
037:
038: import java.util.*;
039: import java.io.*;
040:
041: import com.sun.xml.wss.callback.PolicyCallbackHandler1;
042: import com.sun.xml.wss.*;
043:
044: import javax.xml.soap.*;
045: import com.sun.xml.wss.impl.policy.mls.*;
046: import com.sun.xml.wss.impl.filter.*;
047: import com.sun.xml.wss.ProcessingContext;
048: import com.sun.xml.ws.security.impl.*;
049: import com.sun.xml.wss.core.*;
050: import com.sun.xml.wss.impl.ProcessingContextImpl; //import com.sun.xml.ws.security.policy.*;
051: import com.sun.xml.ws.security.impl.policy.*;
052: import javax.xml.namespace.QName;
053: import java.security.SecureRandom;
054: import com.sun.xml.wss.impl.misc.*;
055: import javax.security.auth.callback.CallbackHandler;
056: import com.sun.xml.wss.impl.*;
057: import javax.xml.crypto.dsig.DigestMethod;
058: import com.sun.xml.ws.security.policy.AlgorithmSuiteValue;
059: import com.sun.xml.wss.impl.util.PolicyResourceLoader;
060: import com.sun.xml.wss.impl.util.TestUtil;
061:
062: import com.sun.xml.wss.impl.AlgorithmSuite;
063: import com.sun.xml.ws.policy.Policy;
064: import com.sun.xml.ws.policy.PolicyAssertion;
065: import com.sun.xml.ws.policy.AssertionSet;
066:
067: import junit.framework.Test;
068: import junit.framework.TestCase;
069: import junit.framework.TestSuite;
070:
071: public class SymmetricBindingTest extends TestCase {
072:
073: private static HashMap client = new HashMap();
074: private static HashMap server = new HashMap();
075: private static AlgorithmSuite alg = null;
076:
077: public SymmetricBindingTest(String testName) throws Exception {
078: super (testName);
079: }
080:
081: protected void setUp() throws Exception {
082:
083: }
084:
085: protected void tearDown() throws Exception {
086: }
087:
088: public static Test suite() {
089: TestSuite suite = new TestSuite(SymmetricBindingTest.class);
090: return suite;
091: }
092:
093: public static void testSymmetricBindingTest() throws Exception {
094:
095: //alg.setType(AlgorithmSuiteValue.Basic128);
096: alg = new AlgorithmSuite(AlgorithmSuiteValue.Basic128
097: .getDigAlgorithm(), AlgorithmSuiteValue.Basic128
098: .getEncAlgorithm(), AlgorithmSuiteValue.Basic128
099: .getSymKWAlgorithm(), AlgorithmSuiteValue.Basic128
100: .getAsymKWAlgorithm());
101: SignaturePolicy signaturePolicy = new SignaturePolicy();
102: SignatureTarget st = new SignatureTarget();
103: st.setType("qname");
104: st.setDigestAlgorithm(DigestMethod.SHA1);
105: ((SignaturePolicy.FeatureBinding) signaturePolicy
106: .getFeatureBinding()).addTargetBinding(st);
107: ((SignaturePolicy.FeatureBinding) signaturePolicy
108: .getFeatureBinding())
109: .setCanonicalizationAlgorithm(MessageConstants.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
110:
111: QName name = new QName("X509Certificate");
112: Token tok = new Token(name);
113:
114: SymmetricKeyBinding sigKb = (SymmetricKeyBinding) signaturePolicy
115: .newSymmetricKeyBinding();
116: AuthenticationTokenPolicy.X509CertificateBinding x509bind = (AuthenticationTokenPolicy.X509CertificateBinding) sigKb
117: .newX509CertificateKeyBinding();
118: x509bind.setReferenceType(MessageConstants.THUMB_PRINT_TYPE);
119: //x509bind.setPolicyToken(tok);
120: x509bind.setUUID(new String("1005"));
121:
122: EncryptionPolicy encryptPolicy = new EncryptionPolicy();
123: EncryptionTarget et = new EncryptionTarget();
124: et.setType("qname");
125: ((EncryptionPolicy.FeatureBinding) encryptPolicy
126: .getFeatureBinding()).addTargetBinding(st);
127:
128: SymmetricKeyBinding encKb = (SymmetricKeyBinding) encryptPolicy
129: .newSymmetricKeyBinding();
130: encKb.newX509CertificateKeyBinding();
131: x509bind = (AuthenticationTokenPolicy.X509CertificateBinding) encKb
132: .newX509CertificateKeyBinding();
133: x509bind.setReferenceType(MessageConstants.THUMB_PRINT_TYPE);
134: //x509bind.setPolicyToken(tok);
135: x509bind.setUUID(new String("1005"));
136:
137: SOAPMessage msg = MessageFactory.newInstance().createMessage();
138: SOAPBody body = msg.getSOAPBody();
139: SOAPBodyElement sbe = body.addBodyElement(SOAPFactory
140: .newInstance().createName("StockSymbol", "tru",
141: "http://fabrikam123.com/payloads"));
142: sbe.addTextNode("QQQ");
143:
144: //Create processing context and set the soap
145: //message to be processed.
146: ProcessingContextImpl context = new ProcessingContextImpl(
147: client);
148: context.setSOAPMessage(msg);
149:
150: com.sun.xml.ws.security.policy.WSSAssertion wssAssertionws = null;
151: WSSAssertion wssAssertion = null;
152: AssertionSet as = null;
153: Policy wssPolicy = new PolicyResourceLoader()
154: .loadPolicy("security/policy-binding2.xml");
155: Iterator<AssertionSet> i = wssPolicy.iterator();
156: if (i.hasNext())
157: as = i.next();
158:
159: for (PolicyAssertion assertion : as) {
160: if (assertion instanceof com.sun.xml.ws.security.policy.WSSAssertion) {
161: wssAssertionws = (com.sun.xml.ws.security.policy.WSSAssertion) assertion;
162: }
163: }
164: //wssAssertion.addRequiredProperty("RequireSignatureConfirmation");
165: wssAssertion = new WSSAssertion(wssAssertionws
166: .getRequiredProperties(), "1.0");
167: MessagePolicy pol = new MessagePolicy();
168: pol.append(signaturePolicy);
169: pol.append(encryptPolicy);
170: pol.setWSSAssertion(wssAssertion);
171:
172: context.setAlgorithmSuite(alg);
173:
174: context.setSecurityPolicy(pol);
175: CallbackHandler handler = new PolicyCallbackHandler1("client");
176: SecurityEnvironment env = new DefaultSecurityEnvironmentImpl(
177: handler);
178: context.setSecurityEnvironment(env);
179:
180: SecurityAnnotator.secureMessage(context);
181:
182: SOAPMessage secMsg = context.getSOAPMessage();
183: //DumpFilter.process(context);
184:
185: // now persist the message and read-back
186: FileOutputStream sentFile = new FileOutputStream("golden.msg");
187: secMsg.saveChanges();
188: TestUtil.saveMimeHeaders(secMsg, "golden.mh");
189: secMsg.writeTo(sentFile);
190: sentFile.close();
191:
192: // now create the message
193: SOAPMessage recMsg = TestUtil.constructMessage("golden.mh",
194: "golden.msg");
195:
196: // verify
197: ProcessingContextImpl context1 = verify(recMsg, null, null);
198:
199: //Send the response
200: context1.setAlgorithmSuite(alg);
201: context1.setSecurityPolicy(pol);
202: SecurityAnnotator.secureMessage(context1);
203: secMsg = context1.getSOAPMessage();
204: //DumpFilter.process(context1);
205:
206: // now persist the message and read-back
207: FileOutputStream recvdFile = new FileOutputStream("recvd.msg");
208: secMsg.saveChanges();
209: TestUtil.saveMimeHeaders(secMsg, "recvd.mh");
210: secMsg.writeTo(recvdFile);
211: recvdFile.close();
212:
213: // now create the message
214: SOAPMessage clientRecMsg = TestUtil.constructMessage(
215: "recvd.mh", "recvd.msg");
216: verifyClientRecMsg(clientRecMsg, null, client);
217: }
218:
219: public static ProcessingContextImpl verify(SOAPMessage msg,
220: byte[] proofKey, Map map) throws Exception {
221: //Create processing context and set the soap
222: //message to be processed.
223: ProcessingContextImpl context = new ProcessingContextImpl(map);
224: context.setSOAPMessage(msg);
225:
226: com.sun.xml.ws.security.policy.WSSAssertion wssAssertionws = null;
227: WSSAssertion wssAssertion = null;
228: AssertionSet as = null;
229: Policy wssPolicy = new PolicyResourceLoader()
230: .loadPolicy("security/policy-binding2.xml");
231: Iterator<AssertionSet> i = wssPolicy.iterator();
232: if (i.hasNext())
233: as = i.next();
234:
235: for (PolicyAssertion assertion : as) {
236: if (assertion instanceof com.sun.xml.ws.security.policy.WSSAssertion) {
237: wssAssertionws = (com.sun.xml.ws.security.policy.WSSAssertion) assertion;
238: }
239: }
240: wssAssertion = new WSSAssertion(wssAssertionws
241: .getRequiredProperties(), "1.0");
242: MessagePolicy pol = new MessagePolicy();
243: context.setAlgorithmSuite(alg);
244: pol.setWSSAssertion(wssAssertion);
245:
246: context.setSecurityPolicy(pol);
247: CallbackHandler handler = new PolicyCallbackHandler1("server");
248: SecurityEnvironment env = new DefaultSecurityEnvironmentImpl(
249: handler);
250: context.setSecurityEnvironment(env);
251:
252: SecurityRecipient.validateMessage(context);
253: //System.out.println("Verfied Message");
254: //DumpFilter.process(context);
255:
256: return context;
257:
258: }
259:
260: public static ProcessingContextImpl verifyClientRecMsg(
261: SOAPMessage msg, byte[] proofKey, Map map) throws Exception {
262: //Create processing context and set the soap
263: //message to be processed.
264: ProcessingContextImpl context = new ProcessingContextImpl(map);
265: context.setSOAPMessage(msg);
266:
267: com.sun.xml.ws.security.policy.WSSAssertion wssAssertionws = null;
268: WSSAssertion wssAssertion = null;
269: AssertionSet as = null;
270: Policy wssPolicy = new PolicyResourceLoader()
271: .loadPolicy("security/policy-binding2.xml");
272: Iterator<AssertionSet> i = wssPolicy.iterator();
273: if (i.hasNext())
274: as = i.next();
275:
276: for (PolicyAssertion assertion : as) {
277: if (assertion instanceof com.sun.xml.ws.security.policy.WSSAssertion) {
278: wssAssertionws = (com.sun.xml.ws.security.policy.WSSAssertion) assertion;
279: }
280: }
281: wssAssertion = new WSSAssertion(wssAssertionws
282: .getRequiredProperties(), "1.0");
283: MessagePolicy pol = new MessagePolicy();
284: context.setAlgorithmSuite(alg);
285: pol.setWSSAssertion(wssAssertion);
286:
287: context.setSecurityPolicy(pol);
288: CallbackHandler handler = new PolicyCallbackHandler1("client");
289: SecurityEnvironment env = new DefaultSecurityEnvironmentImpl(
290: handler);
291: context.setSecurityEnvironment(env);
292:
293: SecurityRecipient.validateMessage(context);
294: //System.out.println("Verfied Message");
295: //DumpFilter.process(context);
296:
297: return context;
298:
299: }
300:
301: // public static void main(String[] args) throws Exception{
302: // testSymmetricBindingTest();
303: // }
304: }
|