1 /**
2  * Licensed to the Apache Software Foundation (ASF) under one
3  * or more contributor license agreements. See the NOTICE file
4  * distributed with this work for additional information
5  * regarding copyright ownership. The ASF licenses this file
6  * to you under the Apache License, Version 2.0 (the
7  * "License"); you may not use this file except in compliance
8  * with the License. You may obtain a copy of the License at
9  *
10  * http://www.apache.org/licenses/LICENSE-2.0
11  *
12  * Unless required by applicable law or agreed to in writing,
13  * software distributed under the License is distributed on an
14  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15  * KIND, either express or implied. See the License for the
16  * specific language governing permissions and limitations
17  * under the License.
18  */
19 package org.apache.xml.security.test.signature;
20 
21 import java.io.File;
22 import java.io.FileInputStream;
23 import java.io.IOException;
24 import java.security.KeyStore;
25 import java.security.KeyStoreException;
26 import java.security.NoSuchAlgorithmException;
27 import java.security.PublicKey;
28 import java.security.cert.CertificateException;
29 import java.security.cert.X509Certificate;
30 
31 import javax.xml.parsers.DocumentBuilder;
32 import javax.xml.parsers.DocumentBuilderFactory;
33 import javax.xml.parsers.ParserConfigurationException;
34 import javax.xml.transform.TransformerException;
35 import javax.xml.xpath.XPath;
36 import javax.xml.xpath.XPathConstants;
37 import javax.xml.xpath.XPathExpressionException;
38 import javax.xml.xpath.XPathFactory;
39 
40 import org.apache.xml.security.Init;
41 import org.apache.xml.security.c14n.InvalidCanonicalizerException;
42 import org.apache.xml.security.exceptions.XMLSecurityException;
43 import org.apache.xml.security.signature.XMLSignature;
44 import org.apache.xml.security.signature.XMLSignatureException;
45 import org.apache.xml.security.test.DSNamespaceContext;
46 import org.w3c.dom.Document;
47 import org.w3c.dom.Element;
48 import org.xml.sax.SAXException;
49 
50 /**
51  * Tests cases where signature algorithms are unknown.
52  * <p>
53  * The source documents are based on that created by the class <code>
54  * org.apache.xml.security.samples.signature.CreateEnvelopingSignature</code>
55  * </p>
56  */
57 public class UnknownAlgoSignatureTest extends org.junit.Assert {
58 
59     private static final String BASEDIR = System.getProperty("basedir");
60     private static final String SEP = System.getProperty("file.separator");
61 
62     protected static final String KEYSTORE_TYPE = "JKS";
63 
64     protected static final String KEYSTORE_FILE =
65         "src/test/resources/org/apache/xml/security/samples/input/keystore.jks";
66 
67     protected static final String CERT_ALIAS = "test";
68 
69     protected static final String SIGNATURE_SOURCE_PATH =
70         "src/test/resources/org/apache/xml/security/temp/signature";
71 
72     protected PublicKey publicKey;
73 
74     static {
Init.init()75         Init.init();
76     }
77 
UnknownAlgoSignatureTest()78     public UnknownAlgoSignatureTest() throws KeyStoreException, NoSuchAlgorithmException,
79         CertificateException, IOException {
80         FileInputStream fis = null;
81         if (BASEDIR != null && !"".equals(BASEDIR)) {
82             fis = new FileInputStream(BASEDIR + SEP + KEYSTORE_FILE);
83         } else {
84             fis = new FileInputStream(KEYSTORE_FILE);
85         }
86         KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
87         keyStore.load(fis, null);
88         X509Certificate cert = (X509Certificate) keyStore.getCertificate(CERT_ALIAS);
89         publicKey = cert.getPublicKey();
90     }
91 
92     @org.junit.Test
testGood()93     public void testGood() throws ParserConfigurationException, SAXException,
94         IOException, TransformerException, XMLSignatureException, XMLSecurityException, XPathExpressionException {
95         assertTrue(checkSignature("signature-good.xml"));
96     }
97 
98     @org.junit.Test
testBadC14NAlgo()99     public void testBadC14NAlgo() throws ParserConfigurationException,
100         SAXException, IOException, TransformerException, XMLSecurityException, XPathExpressionException {
101         try {
102             assertTrue(checkSignature("signature-bad-c14n-algo.xml"));
103             fail("Exception not caught");
104         } catch (InvalidCanonicalizerException e) {
105             // succeed
106         }
107     }
108 
109     @org.junit.Test
testBadSigAlgo()110     public void testBadSigAlgo() throws ParserConfigurationException,
111         SAXException, IOException, TransformerException, XMLSecurityException, XPathExpressionException {
112         try {
113             assertTrue(checkSignature("signature-bad-sig-algo.xml"));
114             fail("Exception not caught");
115         } catch (XMLSignatureException e) {
116             // succeed
117         }
118     }
119 
120     @org.junit.Test
testBadTransformAlgo()121     public void testBadTransformAlgo() throws ParserConfigurationException,
122         SAXException, IOException, TransformerException, XMLSecurityException, XPathExpressionException {
123         try {
124             assertTrue(checkReferences("signature-bad-transform-algo.xml"));
125             fail("Exception not caught");
126         } catch (XMLSignatureException e) {
127             // succeed
128         }
129     }
130 
checkSignature(String fileName)131     protected boolean checkSignature(String fileName)
132         throws ParserConfigurationException, SAXException, IOException,
133         TransformerException, XMLSecurityException, XPathExpressionException {
134         XMLSignature signature = unmarshalXMLSignature(fileName);
135         return signature.checkSignatureValue(publicKey);
136     }
137 
checkReferences(String fileName)138     protected boolean checkReferences(String fileName)
139         throws ParserConfigurationException, SAXException, IOException,
140         TransformerException, XMLSecurityException, XPathExpressionException {
141         XMLSignature signature = unmarshalXMLSignature(fileName);
142         return signature.getSignedInfo().verify(false);
143     }
144 
unmarshalXMLSignature(String fileName)145     private XMLSignature unmarshalXMLSignature(String fileName)
146         throws ParserConfigurationException, SAXException, IOException,
147         TransformerException, XMLSecurityException, XPathExpressionException {
148         File file = null;
149         if (BASEDIR != null && !"".equals(BASEDIR)) {
150             file = new File(BASEDIR + SEP + SIGNATURE_SOURCE_PATH, fileName);
151         } else {
152             file = new File(SIGNATURE_SOURCE_PATH, fileName);
153         }
154         Document doc = getDocument(file);
155 
156         XPathFactory xpf = XPathFactory.newInstance();
157         XPath xpath = xpf.newXPath();
158         xpath.setNamespaceContext(new DSNamespaceContext());
159 
160         String expression = "//ds:Signature[1]";
161         Element sigElement =
162             (Element) xpath.evaluate(expression, doc, XPathConstants.NODE);
163         return new XMLSignature(sigElement, file.toURI().toURL().toString());
164     }
165 
getDocument(File file)166     public static Document getDocument(File file)
167         throws ParserConfigurationException, SAXException, IOException {
168         DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
169         dbf.setNamespaceAware(true);
170         DocumentBuilder db = dbf.newDocumentBuilder();
171         Document doc = db.parse(new FileInputStream(file));
172         return doc;
173     }
174 
175 }
176