001: /*
002: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003: *
004: * Copyright 1997-2007 Sun Microsystems, Inc. All rights reserved.
005: *
006: * The contents of this file are subject to the terms of either the GNU
007: * General Public License Version 2 only ("GPL") or the Common Development
008: * and Distribution License("CDDL") (collectively, the "License"). You
009: * may not use this file except in compliance with the License. You can obtain
010: * a copy of the License at https://glassfish.dev.java.net/public/CDDL+GPL.html
011: * or glassfish/bootstrap/legal/LICENSE.txt. See the License for the specific
012: * language governing permissions and limitations under the License.
013: *
014: * When distributing the software, include this License Header Notice in each
015: * file and include the License file at glassfish/bootstrap/legal/LICENSE.txt.
016: * Sun designates this particular file as subject to the "Classpath" exception
017: * as provided by Sun in the GPL Version 2 section of the License file that
018: * accompanied this code. If applicable, add the following below the License
019: * Header, with the fields enclosed by brackets [] replaced by your own
020: * identifying information: "Portions Copyrighted [year]
021: * [name of copyright owner]"
022: *
023: * Contributor(s):
024: *
025: * If you wish your version of this file to be governed by only the CDDL or
026: * only the GPL Version 2, indicate your decision by adding "[Contributor]
027: * elects to include this software in this distribution under the [CDDL or GPL
028: * Version 2] license." If you don't indicate a single choice of license, a
029: * recipient has the option to distribute your version of this file under
030: * either the CDDL, the GPL Version 2 or to extend the choice of license to
031: * its licensees as provided above. However, if you add GPL Version 2 code
032: * and therefore, elected the GPL Version 2 license, then the option applies
033: * only if the new code is made subject to such option by the copyright
034: * holder.
035: */
036: package com.sun.xml.wss.impl;
037:
038: import java.util.*;
039: import java.io.*;
040:
041: import com.sun.xml.wss.callback.PolicyCallbackHandler1;
042: import com.sun.xml.wss.*;
043:
044: import javax.xml.soap.*;
045: import com.sun.xml.wss.impl.policy.mls.*;
046: import com.sun.xml.wss.impl.filter.*;
047: import com.sun.xml.wss.ProcessingContext;
048: import com.sun.xml.ws.security.impl.*;
049: import com.sun.xml.wss.core.*;
050: import com.sun.xml.wss.impl.ProcessingContextImpl;
051: import com.sun.xml.ws.security.impl.policy.*;
052: import javax.xml.namespace.QName;
053: import java.security.SecureRandom;
054: import com.sun.xml.wss.impl.misc.*;
055: import javax.security.auth.callback.CallbackHandler;
056: import com.sun.xml.wss.impl.*;
057: import javax.xml.crypto.dsig.DigestMethod;
058: import com.sun.xml.ws.security.policy.AlgorithmSuiteValue;
059: import com.sun.xml.wss.impl.WSSAssertion;
060: import com.sun.xml.wss.impl.util.PolicyResourceLoader;
061: import com.sun.xml.wss.impl.util.TestUtil;
062:
063: import com.sun.xml.wss.impl.AlgorithmSuite;
064: import com.sun.xml.ws.policy.Policy;
065: import com.sun.xml.ws.policy.PolicyAssertion;
066: import com.sun.xml.ws.policy.AssertionSet;
067:
068: import junit.framework.Test;
069: import junit.framework.TestCase;
070: import junit.framework.TestSuite;
071:
072: public class SymmetricDktTest extends TestCase {
073:
074: private static Hashtable client = new Hashtable();
075: private static Hashtable server = new Hashtable();
076: private static AlgorithmSuite alg = null;
077:
078: public SymmetricDktTest(String testName) throws Exception {
079: super (testName);
080: }
081:
082: protected void setUp() throws Exception {
083:
084: }
085:
086: protected void tearDown() throws Exception {
087: }
088:
089: public static Test suite() {
090: TestSuite suite = new TestSuite(SymmetricDktTest.class);
091:
092: return suite;
093: }
094:
095: public static void testSymmetricDktTest() throws Exception {
096:
097: // alg.setType(AlgorithmSuiteValue.Basic128);
098: alg = new AlgorithmSuite(AlgorithmSuiteValue.Basic128
099: .getDigAlgorithm(), AlgorithmSuiteValue.Basic128
100: .getEncAlgorithm(), AlgorithmSuiteValue.Basic128
101: .getSymKWAlgorithm(), AlgorithmSuiteValue.Basic128
102: .getAsymKWAlgorithm());
103: SignaturePolicy signaturePolicy = new SignaturePolicy();
104: SignatureTarget st = new SignatureTarget();
105: st.setType("qname");
106: st.setDigestAlgorithm(DigestMethod.SHA1);
107: ((SignaturePolicy.FeatureBinding) signaturePolicy
108: .getFeatureBinding()).addTargetBinding(st);
109: ((SignaturePolicy.FeatureBinding) signaturePolicy
110: .getFeatureBinding())
111: .setCanonicalizationAlgorithm(MessageConstants.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
112:
113: QName name = new QName("X509Certificate");
114: Token tok = new Token(name);
115:
116: SymmetricKeyBinding sigKb = (SymmetricKeyBinding) signaturePolicy
117: .newSymmetricKeyBinding();
118: AuthenticationTokenPolicy.X509CertificateBinding x509bind = (AuthenticationTokenPolicy.X509CertificateBinding) sigKb
119: .newX509CertificateKeyBinding();
120: x509bind.setReferenceType(MessageConstants.THUMB_PRINT_TYPE);
121: //x509bind.setPolicyToken(tok);
122: x509bind.setUUID(new String("1017"));
123:
124: DerivedTokenKeyBinding dktSigKB = (DerivedTokenKeyBinding) signaturePolicy
125: .newDerivedTokenKeyBinding();
126: dktSigKB.setOriginalKeyBinding(sigKb);
127:
128: EncryptionPolicy encryptPolicy = new EncryptionPolicy();
129: EncryptionTarget et = new EncryptionTarget();
130: et.setType("qname");
131: ((EncryptionPolicy.FeatureBinding) encryptPolicy
132: .getFeatureBinding()).addTargetBinding(st);
133:
134: SymmetricKeyBinding encKb = (SymmetricKeyBinding) encryptPolicy
135: .newSymmetricKeyBinding();
136: encKb.newX509CertificateKeyBinding();
137: x509bind = (AuthenticationTokenPolicy.X509CertificateBinding) encKb
138: .newX509CertificateKeyBinding();
139: x509bind.setReferenceType(MessageConstants.THUMB_PRINT_TYPE);
140: //x509bind.setPolicyToken(tok);
141: x509bind.setUUID(new String("1017"));
142:
143: DerivedTokenKeyBinding dktEncKB = (DerivedTokenKeyBinding) encryptPolicy
144: .newDerivedTokenKeyBinding();
145: dktEncKB.setOriginalKeyBinding(encKb);
146:
147: SOAPMessage msg = MessageFactory.newInstance().createMessage();
148: SOAPBody body = msg.getSOAPBody();
149: SOAPBodyElement sbe = body.addBodyElement(SOAPFactory
150: .newInstance().createName("StockSymbol", "tru",
151: "http://fabrikam123.com/payloads"));
152: sbe.addTextNode("QQQ");
153:
154: //Create processing context and set the soap
155: //message to be processed.
156: ProcessingContextImpl context = new ProcessingContextImpl(
157: client);
158: context.setSOAPMessage(msg);
159:
160: com.sun.xml.ws.security.policy.WSSAssertion wssAssertionws = null;
161: WSSAssertion wssAssertion = null;
162: AssertionSet as = null;
163: Policy wssPolicy = new PolicyResourceLoader()
164: .loadPolicy("security/policy-binding2.xml");
165: Iterator<AssertionSet> i = wssPolicy.iterator();
166: if (i.hasNext())
167: as = i.next();
168:
169: for (PolicyAssertion assertion : as) {
170: if (assertion instanceof com.sun.xml.ws.security.policy.WSSAssertion) {
171: wssAssertionws = (com.sun.xml.ws.security.policy.WSSAssertion) assertion;
172: }
173: }
174: //wssAssertion.addRequiredProperty("RequireSignatureConfirmation");
175: wssAssertion = new WSSAssertion(wssAssertionws
176: .getRequiredProperties(), "1.0");
177: MessagePolicy pol = new MessagePolicy();
178: pol.append(signaturePolicy);
179: pol.append(encryptPolicy);
180: pol.setWSSAssertion(wssAssertion);
181:
182: context.setAlgorithmSuite(alg);
183: context.setSecurityPolicy(pol);
184: CallbackHandler handler = new PolicyCallbackHandler1("client");
185: SecurityEnvironment env = new DefaultSecurityEnvironmentImpl(
186: handler);
187: context.setSecurityEnvironment(env);
188:
189: SecurityAnnotator.secureMessage(context);
190:
191: SOAPMessage secMsg = context.getSOAPMessage();
192: //DumpFilter.process(context);
193:
194: // now persist the message and read-back
195: FileOutputStream sentFile = new FileOutputStream("golden.msg");
196: secMsg.saveChanges();
197: TestUtil.saveMimeHeaders(secMsg, "golden.mh");
198: msg.writeTo(sentFile);
199: sentFile.close();
200:
201: // now create the message
202: SOAPMessage recMsg = TestUtil.constructMessage("golden.mh",
203: "golden.msg");
204:
205: // verify
206: ProcessingContextImpl context1 = verify(recMsg, null, null);
207:
208: //Send the response
209: context1.setAlgorithmSuite(alg);
210: context1.setSecurityPolicy(pol);
211: SecurityAnnotator.secureMessage(context1);
212: secMsg = context1.getSOAPMessage();
213: //DumpFilter.process(context1);
214:
215: // now persist the message and read-back
216: FileOutputStream recvdFile = new FileOutputStream("recvd.msg");
217: secMsg.saveChanges();
218: TestUtil.saveMimeHeaders(secMsg, "recvd.mh");
219: secMsg.writeTo(recvdFile);
220: recvdFile.close();
221:
222: // now create the message
223: SOAPMessage clientRecMsg = TestUtil.constructMessage(
224: "recvd.mh", "recvd.msg");
225: verifyClientRecMsg(clientRecMsg, null, client);
226: }
227:
228: public static ProcessingContextImpl verify(SOAPMessage msg,
229: byte[] proofKey, Map map) throws Exception {
230: //Create processing context and set the soap
231: //message to be processed.
232: ProcessingContextImpl context = new ProcessingContextImpl(map);
233: context.setSOAPMessage(msg);
234:
235: com.sun.xml.ws.security.policy.WSSAssertion wssAssertionws = null;
236: WSSAssertion wssAssertion = null;
237: AssertionSet as = null;
238: Policy wssPolicy = new PolicyResourceLoader()
239: .loadPolicy("security/policy-binding2.xml");
240: Iterator<AssertionSet> i = wssPolicy.iterator();
241: if (i.hasNext())
242: as = i.next();
243:
244: for (PolicyAssertion assertion : as) {
245: if (assertion instanceof com.sun.xml.ws.security.policy.WSSAssertion) {
246: wssAssertionws = (com.sun.xml.ws.security.policy.WSSAssertion) assertion;
247: }
248: }
249: //wssAssertion.addRequiredProperty("RequireSignatureConfirmation");
250: wssAssertion = new WSSAssertion(wssAssertionws
251: .getRequiredProperties(), "1.0");
252: MessagePolicy pol = new MessagePolicy();
253: context.setAlgorithmSuite(alg);
254: pol.setWSSAssertion(wssAssertion);
255:
256: context.setSecurityPolicy(pol);
257: CallbackHandler handler = new PolicyCallbackHandler1("server");
258: SecurityEnvironment env = new DefaultSecurityEnvironmentImpl(
259: handler);
260: context.setSecurityEnvironment(env);
261:
262: SecurityRecipient.validateMessage(context);
263:
264: //System.out.println("Verfied Message");
265: //DumpFilter.process(context);
266:
267: return context;
268: }
269:
270: public static ProcessingContextImpl verifyClientRecMsg(
271: SOAPMessage msg, byte[] proofKey, Map map) throws Exception {
272: //Create processing context and set the soap
273: //message to be processed.
274: ProcessingContextImpl context = new ProcessingContextImpl(map);
275: context.setSOAPMessage(msg);
276:
277: com.sun.xml.ws.security.policy.WSSAssertion wssAssertionws = null;
278: WSSAssertion wssAssertion = null;
279: AssertionSet as = null;
280: Policy wssPolicy = new PolicyResourceLoader()
281: .loadPolicy("security/policy-binding2.xml");
282: Iterator<AssertionSet> i = wssPolicy.iterator();
283: if (i.hasNext())
284: as = i.next();
285:
286: for (PolicyAssertion assertion : as) {
287: if (assertion instanceof com.sun.xml.ws.security.policy.WSSAssertion) {
288: wssAssertionws = (com.sun.xml.ws.security.policy.WSSAssertion) assertion;
289: }
290: }
291: //wssAssertion.addRequiredProperty("RequireSignatureConfirmation");
292: wssAssertion = new WSSAssertion(wssAssertionws
293: .getRequiredProperties(), "1.0");
294: MessagePolicy pol = new MessagePolicy();
295: context.setAlgorithmSuite(alg);
296: pol.setWSSAssertion(wssAssertion);
297:
298: context.setSecurityPolicy(pol);
299: CallbackHandler handler = new PolicyCallbackHandler1("client");
300: SecurityEnvironment env = new DefaultSecurityEnvironmentImpl(
301: handler);
302: context.setSecurityEnvironment(env);
303:
304: SecurityRecipient.validateMessage(context);
305:
306: //System.out.println("Verfied Message");
307: //DumpFilter.process(context);
308:
309: return context;
310: }
311:
312: // public static void main(String[] args) throws Exception{
313: // testSymmetricDktTest();
314: // }
315: }
|